STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent...

21
Rev. 001 File# 2.01 E-Docs# 3235971 APPROVED FOR INTERNAL USE. STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement (EIS) For a New Nuclear Power Plant SRP-2.01-EIS-11NNNN-013.3 Rev. 001 Malevolent Acts and Vulnerability Engineering Directorate of Regulatory Improvement and Major Projects Management New Major Facilities Licensing Division

Transcript of STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent...

Page 1: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

Rev. 001 File# 2.01

E-Docs# 3235971 APPROVED FOR INTERNAL USE.

STAFF REVIEW PROCEDURE:

Proponent Environmental Impact Statement (EIS) For a New Nuclear Power Plant

SRP-2.01-EIS-11NNNN-013.3

Rev. 001

Malevolent Acts and Vulnerability Engineering

Directorate of Regulatory Improvement and Major Projects Management New Major Facilities Licensing Division

Page 2: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

Preface

Staff Review Procedures have been developed by the CNSC staff, as internal working documents, to be used by CNSC staff to assist them in the conduct of regulatory reviews of a potential licensee’s (proponent) Environmental Impact Statement (EIS), as part of its licence application and environmental assessment process for a new nuclear power plant in Canada. They are not regulatory documents, although their respective topics of assessment and criteria are based on regulations under the Canadian Environmental Assessment Act. The initiative to develop Staff Review Procedures was undertaken in order to ensure a consistent application of the internal processes for the review of an EIS for a new nuclear power plant, and to improve the efficiency and effectiveness of such reviews. Staff Review Procedures are considered by CNSC staff to be “living documents”, which will evolve based on the experience gained from EIS reviews.

Context Environmental assessments (EAs) are carried out to meet the requirements of the Canadian Environmental Assessment Act (CEAA). EAs identify whether a specific project is likely to cause significant environmental effects, and determine whether those effects can be mitigated. For new nuclear power plants, the Canadian Nuclear Safety Commission initiates the EA process when a proponent applies under the Nuclear Safety and Control Act (NSCA) for a Licence to Prepare Site (Section 24(2) of NSCA) and submits a complete Project Description (as per Section 5 of CEAA). Before any licensing decision can be made, the EA must be completed.

An Environmental Impact Statement (EIS) is prepared by a proponent as part of the EA process and submitted pursuant to CEAA to support the site preparation, construction, operation, decommissioning and abandonment of a new nuclear power plant. An EIS will be reviewed against the “EIS Staff Review Procedures. The procedures represent CNSC expectations and guidance supporting the assessment of an EIS by CNSC staff, and are intended to augment and support EA recommendations by staff to the Commission tribunal.

Page 3: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

Description of Revisions Made to Document Effective Date Rev.

# Section Changes Made

2008-10-24 000 All New Document issued under Document Change Package (DCP) 3309993

2009-07-07 001 All General final proof-reading and editing. All changes non-technical per DCP 3398555 and DCR 3335520.

Page 4: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

1. Area of Review 1.1. Topic and Area This review examines proponent submissions concerning malevolent acts, including the safety aspects of Vulnerability Engineering. While intentional malevolent acts are not accidents, the proponent is expected to compare the environmental effects resulting from malevolent acts with the effects identified for:

o Accidents and Malfunctions – Identification of All Nuclear Accidents and Malfunctions and their Consequences (EIS Staff Review Procedure SRG-2.01-EIS-11NNNN-013.1);

o Conventional Accidents and Malfunctions (EIS Staff Review Procedure SRG-2.01-EIS-11NNNN-013.2); and,

o Accidents and Malfunctions – Radiological Accidents and Malfunctions occurring outside the Reactor Core and out of Core Criticality Safety (EIS Staff Review Procedure SRG-2.01-EIS-11NNNN-013.4)

Submissions are expected to identify and describe postulated malevolent act event sequences and their consequences. Submissions may rely on bounding environmental effects from nuclear or conventional malevolent act event sequences described in other sections of the submissions, or where necessary, identify where the consequences of the malevolent act are greater. Submissions are expected to identify and describe the events associated with the project, their probability and potential adverse environmental effects of event sequence which result in hazardous substances or radiological releases over the life cycle of the project.

As applicable to the site, the review will focus on malevolent initiated event sequences that have a reasonable probability of occurring during the life of the project and: • involving radioactive or nuclear material both in and out of the core;

• involving quantities of hazardous substances with the potential to create significant

environmental impacts;

• involving the large release of energy with the potential to create significant environmental impacts; and,

• with the potential to result in significant impact to generation capacity.

Page 5: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

The review will also examine information submitted regarding: • the source, quantity, mechanism, rate, form and characteristics of contaminants and other

materials (physical, chemical and radioactive) likely to be released to the surrounding environment during the postulated event;

• the mitigation means and measures, including policy, procedures and plans to mitigate, prepare for, respond to, and recover from emergencies for malevolent act event sequences;

• the contingency, clean-up or restoration work in the surrounding environment that would be required during, or immediately following, the postulated malevolent initiated event sequence;

• measures and provisions, including safeguards, to protect against the postulated malevolent act event sequences;

• emergency response and preparedness policy and procedures, including plans to mitigate, prepare for, respond to, and recover from emergencies, including training and qualification for malevolent act event sequences;

• event or accident management policy and procedures for design basis events;

• beyond design basis malevolent initiated event sequences; and,

• supporting infrastructure external to the site (exclusion zone) Submission are expected to demonstrate that the safety goals and functional requirements are met via high-level safety analysis, supported by sufficient information to demonstrate that the behaviour of the various designs being proposed are understood such that their consequences can be predicted with sufficient confidence. Review of the supporting project description and postulated malevolent act event sequences in the EIS is not a comprehensive study of all aspects of conventional accidents, malfunctions, hazards or risks. Should the project proceed, detailed evaluations will be performed at each licensing stage as part of the CNSC licensing process. At the environmental assessment stage, CNSC staff is verifying that the proponent has made a credible demonstration of the NPP’s ability to meet CNSC requirements related to releases caused by accidents and malfunctions of malevolent origin. To this end, the proponent may rely on bounding assessments or accidents in their demonstration.

Page 6: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

1.2. Information Requirements It is expected that general information identified in Section 1.1 and Appendix A of this Staff Review Procedure will be provided by the proponent, were applicable, in support the EIS, subject to the following general conditions: • information is provided, where applicable, regarding the project, in consideration of the

hazards, risks and events for the events or event sequence under consideration, • the postulated event(s) or event sequence may be representative of bounding or limiting

credible accidents and malfunctions of malevolent origin, and • information requirements described in Appendix A are generic in nature and not all of the

identified elements may be required, depending on the postulated event(s) or event sequences postulated. However, in addition, topic specific information as identified in Appendix ‘A’ and ‘B’ may be required depending on the nature of the bounding events and project details. The information provided should be sufficient in quantity and detail to allow the reviewer to make recommendations on the acceptability of the submission.

The information requirements identified in Appendix A are intended to provide an overview of potential information which may be of assistance to CNSC staff during the review in consideration of the information in the submission and bounding event sequences and their consequences. Appendix A is expected to be used to identify topics and potential supporting information for CNSC staffs assessment of the EIS submission and not as a checklist of required documentation.

Page 7: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

2. Criteria and Objectives For malevolent acts under the scope of this procedure, the submission is expected to demonstrate that potential adverse environmental effects of proposed projects for all credible events and event sequences are identified, understood, include proposed measures to mitigate adverse effects, and predict whether there will be significant adverse environmental effects after mitigation measures are implemented. The submission should explicitly addresses beyond design basis events, identifying any proposed mitigation measures, strategies and consequences.

Submissions should also identify potentially significant malevolent acts and vulnerability engineering issues raised during previous assessments of the design by other national national nuclear safety regulators, including clear explanations of how the issue(s) will be addressed. Where submissions rely on codes, standards or methodologies which are not typically employed in Canada, (i.e., non-CSA standards, new or novel methodologies) the proponent should provide supporting information demonstrating: • similarities and differences between the approaches typically employed in Canada (i.e., a

code gap analysis / assessment), and,

• that their application are consistent with modern good practices. The objective of the review is to provide a meaningful conclusion on meeting the acceptance criteria (i.e., Safety Goals, functional requirements, probability targets, etc.) and a recommendation on the acceptability of the EIS submission. Section 5 of this Staff Review Procedure provides guidance on such concluding statements. The following general review criteria and objectives are expected to be utilized by the reviewer: • Confirm information is complete and at an acceptable level of detail for the description of

the project, technology, malfunctions and accidents postulated, general assumptions, and uncertainty. Level of completeness is determined by assessment against the information requirements and criteria outlined in the Section 1.1 & 1.2 of this Staff Review Procedure.

• Confirm submission information is complete for the type(s) and amount of analyses, as well as for the analysis data, assumptions and models. Level of completeness is determined by assessment against the information requirements outlined in the Section 1.1 & 1.2 of this Staff Review Procedure.

• Confirm the level of detail of the information is consistent with the provisions in the applicable EIS Guidelines for the project and in Section 1.1 & 1.2 of this Staff Review Procedure.

• Confirm the analysis approaches and methodologies are consistent with the provisions in

Page 8: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

RD-337 [Ref. 2], RD-346 [Ref. 3], RD-310 [Ref. 4] for safety analyses and S-294 [Ref. 13] for PSA analyses.

• Confirm computer codes, data, models, correlations, and assumptions used in analyses are technically sound and compatible with the specific characteristics of the proposed design.

2.1. Identification and Classification of Accidents Proponent submissions should provide clear assurances that sufficient event sequences leading to accidents or malfunctions have been identified through a systematic process so that the bounding environmental impact can be determined. Events may include acts which may result in: • conventional accidents and spills;

• fires and explosions;

• internally and externally generated missiles;

• human error;

• human manipulation of SSCs;

• equipment failure or malfunction;

• pipe whip, jet impingement and pressurization of structures following failure of

pressurized components;

• airplane crash;

• transportation initiated or related events;

• out of core criticality events; • nuclear accidents;

• release or dispersion of radioactive or nuclear material; and

• flooding, both internally and externally generated. CNSC staff will look for evidence that a systematic process has been used to identify and categorize events. Experience, both in Canada and internationally, of similar designs will provide supporting information.

Page 9: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

2.2. Identification of Limiting Credible Malevolent act event sequences resulting in

Accidents or Malfunctions

CNSC staff will compare the list of limiting accidents and malfunctions of malevolent origin with those derived for similar plants and those which, in staff’s experience, are likely to prove limiting for the proposed design(s). As a basis for the review, previous EA’s / EIS’s and existing safety analysis may be used to support staff’s assessment. 2.3. Consequences

Releases of hazardous substances or radioactive products are expected to be calculated for a limited number of events representative of bounding or limiting credible accidents and malfunctions of malevolent origin. Consequence analyses would be expected to be performed as part of demonstrating meeting the Safety Goals and functional acceptance criteria for the EIS. It is anticipated that the events identified in Nuclear, Conventional Accidents and Malfunctions or Out of Core Criticality and Spent Fuel Bay Staff Review Procedures will bound the consequences of all malevolent acts and therefore Staff Review Procedures SRG-2.01-EIS-11NNNN-013.1, 013.2 and 013.3 will be used extensively as supporting procedures. 2.4. Demonstration of Functional Acceptance Criteria and that Safety Goals Have Been

Met Credible demonstration that the safety goals are met will involve provision by the proponent of a high-level safety analysis supported by sufficient design information to demonstrate to CNSC staff that the accident behaviour of the various designs being proposed are understood, such that their consequences can be predicted with sufficient confidence. Functional acceptance criteria are the criteria the proponent’s staff utilizes in their evaluation to confirm the minimum high level attributes (such as the automatic starting of emergency power generators) required either by design or prescribed in applicable codes or standards will be provided for or achieved.

Page 10: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

3. Review Process CNSC staff is expected to verify that the information criteria has been met and the submissions have sufficiently identified project components likely to interact with the environment, and are sufficient to support the claims made in the EIS. CNSC staff will verify that supporting assumptions are clearly indicated, and that adequate supporting information has been provided. The review, documentation of assessment results and report approval will be conducted in accordance with the project-specific Assessment Plan. The Review Lead and contributors are identified in the project-specific Assessment Plan. Staff involved in assessing nuclear security should be consulted to confirm that the information is sufficient to support the assessment of both the Site Selection and Threat Risk Assessment (SSTRA) Report and the site preparation security program. Staff involved in assessing emergency management programs should be consulted to confirm that the information is sufficient to support the assessment of the applicant’s emergency programs with a particular focus on event response and site evacuation plans. Staff involved in environmental risk assessments should be consulted to confirm that effects of climate change on malevolent acts and vulnerabilities has been adequately addressed.

Page 11: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

Other government departments that may need to be consulted during the review include: • NRCan • Environment Canada • Transport Canada • Department of Fisheries and Oceans • Fisheries and Oceans Canada • Transport Canada • Expert Federal Authorities including Environment Canada, Health Canada, Natural

Resources Canada and Parks Canada Results of the review will be presented in a Review Report template that is included in the project-specific Assessment Plan. The report is to be approved by the appropriate signing authorities. The approved report will be assigned an E-DOCS number under File 2.01 for the appropriate facility. 4. Evaluation Conclusions and Recommendations 4.1. Conclusions 1) Adequacy of the project description and supporting information

The results of the evaluation of the EIS and its supporting information should lead Staff to one of the following conclusions:

i) The description and supporting information is considered generally accurate, adequate, complete and of sufficient detail to permit staff to conclude that the information provided in the submission is acceptable and forms a suitable basis for the EA determination; or,

ii) The description and supporting information is not considered acceptably accurate, adequate, and complete or of sufficient detail to permit staff to conclude that the information provided in the submission is acceptable and forms a suitable basis for the EA determination.

2) Adequacy of the proponent’s description of Malevolent Acts and Vulnerability

Engineering.

The evaluation of the EIS with respect to Malevolent Acts and Vulnerability Engineering should lead Staff to one of the following conclusions: • Information provided in the EIS should be sufficient to provide a credible

demonstration that limiting accidents have been identified, the releases from the limiting accidents are credible, and that the Safety Goals and functional attributes acceptance criteria can be met for the design or designs proposed for this project; or,

Page 12: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

• Information presented in the EIS is insufficient to provide a credible demonstration that:

o limiting accidents have been identified;

o the releases from the limiting accidents are credible;

o the Safety Goals and functional attributes acceptance criteria can be met for the design or designs proposed for this project.

4.2. Recommendations Recommendations, clearly identifying the outcome of the review conclusions will be in the form of a report prepared in accordance with the project-specific Assessment Plan. 5. References Document all technical and/or basis documents used in the reviews by all participating divisions. 1. RD-337 Design of New Nuclear Power Plants

2. RD-346 Site Evaluation for New Nuclear Power Plants

3. RD-310 Safety Analysis for Nuclear Power Plants”

4. DRAFT RD-311 Fire Protection for Nuclear Facilities

5. CSA N293 Fire Protection for CANDU Nuclear Power Plants

6. National Building Code of Canada

7. National Fire Code of Canada

8. NFPA 804 Standard for Fire Protection for Advanced Light Water Reactor Electric

Generating Plants

9. NFPA 805 Performance-Based Standard for Fire Protection for Light Water Reactor Electric Generating Plants

10. NFPA 806 Performance Based Standard for Fire Protection for Advanced Nuclear Reactor Electric Generating Plants

11. NFPA 101 Life Safety Code

Page 13: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

12. S-294 Probabilistic Safety Assessment (PSA) for Nuclear Power Plants

13. IAEA INFCIRC/225/Rec 4

14. IAEA Nuclear Security Series

15. IAEA Extreme External Events in the Design and Assessment of Nuclear Power Plants

16. IAEA-TECDOC-1341, IAEA, Vienna (2003)

17. CNSC Final Report Design-basis Threat (The most current DBT shall be considered concurrent with the SSTRA).

Page 14: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

APPENDIX A

Information and Criteria for Malevolent Acts and Vulnerability Engineering 1. General Information Requirements • The submission should include a description and details in general terms of the measures

proposed for security considerations and vulnerability engineering for the project, in addition to the general information requested in Section 1.1, 1.2 and Appendix A of this procedure. The submission should provide detailed information to enable an assessment of the acceptability of proposed security measures in the context of the EA process and the requirements of the EIS Guidelines.

The submission should address circumstances and vulnerabilities associated with the site and its location that, due to their complexities and number, have not been explicitly identified in this procedure, therefore, the conclusions reached by CNSC staff in determining: • the adequacy of the project description and supporting information, and,

• the adequacy of the submissions statement of environmental impact, as per Section 4.2 of

this procedure,

will depend in large degree to the professional opinion of subject matter experts and may require a process of expert elicitation.

Page 15: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

2. Specific Information Requirements Submissions should describe and provide an appropriate level of design related information and supporting analysis to identify major design provisions and physical protection features such as protection against Design Basis Threats (DBTs), in accordance with the requirements of the Nuclear Security Regulations. 2.1. Security Program Submissions should confirm the security program will be developed following a systematic approach with clear ties to elements of plant design processes that will mitigate against malevolent acts. Submissions should include the following elements for each licensing stage of development: • SSTRA (to the extent known at the stage of the EIS), including the identification of

assets, threats, risks, vulnerabilities, constraints (such as operational issues, culture) and resulting countermeasures, forming the basis of the SSTRA.

• The security policy defined to assess the SSTRA results.

• The proposed Security Program Requirements to the extent known at the EIS stage including a high level implementation plan. The program should address the ongoing process of ensuring that the effectiveness of the requirements does not deteriorate and those requirements are adjusted to meet the ever-changing nature of security needs due to “new” risks and vulnerabilities.

• Security program submissions in support of the EIS should consider criteria contained in CNSC Regulatory Guide G-274 “Security Programs for Category I or II Nuclear Materials or Certain Nuclear Facilities”

2.2. Physical Protection Submissions regarding Malevolent Acts and Vulnerability Engineering should demonstrate consideration of security measures relating to detection, delay and response to security events involving prescribed assets. Special consideration for prescribed information assets stored outside, even temporarily, should be provided particularly in regards to vandalism, theft or sabotage. Physical protection measures proposed should consider the results of developed based upon the SSTRA.(see Staff Review Procedure SRG-2.01-SP-11NNNN-025 Site Selection Threat and Risk Assessment (SSTRA) – Security Risks Presented by the Site Location.)

Page 16: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

2.3. Design Principles and Provisions The NPP and other on-site facilities with potential to release large amounts of radioactive material, energy or high consequence hazardous substance are expected to be protected against malevolent acts and assessed for the consequences of the postulated event sequences. Threats from credible malevolent acts are referred to as design basis threats (DBTs), and more severe but unlikely threats are referred to as beyond design basis threats (BDBTs). Both types of threats are considered in the project description, design and supporting analysis. Threats identified as DBTs have credible attributes and characteristics of a potential insider and/or external adversaries, who might attempt unauthorized removal of nuclear material or sabotage against which a physical protection system is designed and evaluated. BDBTs are threats unlikely to warrant incorporation into the design basis, but for which the consequences are considered assessed to establish means of mitigation to the extent practicable and to identify and understand the consequences and risks with such events. Examples of BDBTs include such acts as deliberate impact of a large aircraft, or remote delivery of an explosive device, etc. The submission should demonstrate that the design and mitigation measures will be consistent with the concept of defence-in-depth, incorporating multiple barriers for protection against DBTs including physical protection systems, engineering safety provisions, and measures for post-event management, as appropriate. The failure of a preceding barrier should not compromise the integrity and effectiveness of subsequent barriers. 2.4. Design Methods The methodology employed by the proponent for assessing the challenges imposed by DBTs and evaluating the capabilities for meeting these challenges (e.g., as identified in an initial threat and risk assessment) should be clearly described. The methodology should apply conservative design measures and sound engineering practices. The plant design should consider the role of structures, equipment, and instrumentation in providing detection, delay, and response to threats. The submission should describe and assess challenges associated with BDBTs and identify the assessment methodology. The methodology is expected to identify the margins available for shutdown and for containment of radioactivity. The degree of degradation of credited SSCs should be identified (i.e., elastic deformation, spalling of concrete, cycle or load reductions due to fatigue, etc.).

Page 17: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

2.5. General Acceptance Criteria and Objectives DBTS The submission should conclude for DBTs that all safety system functions and capabilities to prevent theft or sabotage of nuclear material will remain available. BDBTS For BDBTs fundamental safety functions are expected to remain available and the dose acceptance criteria goal is expected to be achieved. For some event sequences, the response should includes information about on-site and off-site emergency measures. RETENTION AND CONTROL OF RADIOACTIVE AND NUCLEAR MATERIAL For DBTs and BDBTs the submission should demonstrate sufficient plant design will ensure structural integrity to protect systems important to safety. The submission may rely on independent success paths or robustness of design provisions as appropriate. 2.6. Specific Criteria and Objectives 1. A set of DBTs and BDBTs, with corresponding structural performance objectives, are

expected to be identified based on the review and safety objectives defined in CNSC RD-337.

2. The design of the proposed NPP is expected to include mitigation strategies and barriers

to prevent the potential release of large amounts of radioactive material, hazardous substances or energy.

3. Consistent with the concept of defence-in-depth, the design should provide multiple

barriers for protection against malevolent acts, including physical protection systems, engineered safety provisions, and measures for post-event management and recovery, as appropriate. The failure of a preceding barrier will not compromise the integrity and effectiveness of subsequent barriers.

4. The design should account for a methodology for assessing the challenges imposed by

DBTs and BDBTs. This methodology is applied to determine the margins available to maintain the safety functions and safety goals. Significant degradation of material strength margins in the analysis (such as accounting for plastic deformation and energy absorption) or the application of single cycle loading limits may be permitted for extreme events.

5. The design should account for the role of structures, pathways, equipment, and

instrumentation in providing detection, delay, and response to DBTs.

Page 18: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

6. Vital areas should be considered and verified in the design. The design should allow enough delay time for effective intervention by the on-site or off-site response forces, taking detection, assessment, delay and response into account. These areas are expected to be protected from direct or inadvertent damage following mitigating measures including potential collateral damage.

7. The design is expected to consider appropriate means for access control and detection,

and for minimizing the number of access and egress points to protected areas including such points as storm sewers, culverts, service piping, and cable routing that could be used to gain access to the facility.

8. The design is expected to accounts for the placement of civil infrastructure and utilities to

minimize access points and requirements for such activities as repair and maintenance, in order to reduce threats to the protected area and vital areas.

9. Safety system functions and capabilities are expected to continue to be available for

DBTs. The design is expected to account for the ongoing availability of fundamental safety functions during BDBTs; these provisions will depend on the severity of the threat. For more severe events there should be a safe shutdown path that comprises of at least one means of: • reactor shutdown; • fuel cooling; and, • retention of radioactivity from the reactor. Sufficient structural integrity margin should remain to protect important systems. Two such success paths should be identified, where practical.

10. For extreme events, the design is expected to account for at least one means of reactor

shutdown and core cooling. Degradation of the containment barrier may allow the release of radioactive material; however, the degradation is limited to meet the dose acceptance criteria. In these events, the response may include on-site and off-site emergency measures.

11. For physical protection against malevolent act, the submissions are expected to

demonstrate consideration of national and international practices, available guides, standards and IAEA documents. In addition, submissions are expected to demonstrate consideration of standards and manuals related to blast and impact load definitions, structural analysis and design such as: • US Army Fundamentals of Protective Design for Conventional Weapons, US

Army Technical Manual, TM5-855-1; and,

• US Dept. of Army, Structures to Resist the Effects of Accidental Explosions, US Dept. of Army Technical Manual TM5-1300.

Page 19: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

12. Structural performance objectives should be compared as a function of threat

characterization, respective design features and safety objectives.

13. The analysis and design methodology should clearly demonstrate inclusion of the engineering aspects of physical protection against malevolent acts. The methodology should be described and supporting assumptions and input data should be detailed where finite element methods of analysis are employed, depending upon structural complexity and accuracy of required results. The criteria for structural modeling should be defined related to corresponding analysis methods.

14. A set of structural acceptance criteria are expected to be identified, using a graded approach, to achieve structural objectives with sufficient level of confidence. The structural acceptance criteria should be based on referenced test results or on recognized codes, standards and manuals. Criteria should be directly related to required structural performance objectives and in accordance with CNSC safety objectives defined in RD-337.

Page 20: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

3. References 1. Assessment Report - Information Guidelines on Licensing of New Nuclear Power Plants,

E-Docs# 3087683

2. RD-337 Design of New Nuclear Power Plants

3. RD-346 Site Evaluation for New Nuclear Power Plants

4. RD-310 Safety Analysis for Nuclear Power Plants

5. DRAFT RD-311 Fire Protection for Nuclear Facilities

6. CSA N293 Fire Protection for CANDU Nuclear Power Plants

7. National Building Code of Canada

8. National Fire Code of Canada

9. IAEA INFCIRC/225/Rec 4

10. IAEA Nuclear Security Series

11. IAEA Extreme External Events in the Design and Assessment of Nuclear Power Plants, IAEA-TECDOC-1341, IAEA, Vienna (2003).

12. CNSC Final Report Design-Basis Threat (The most current DBT shall be considered concurrent with the SSTRA).

Page 21: STAFF REVIEW PROCEDURE: Proponent Environmental Impact ... · STAFF REVIEW PROCEDURE: Proponent Environmental Impact Statement ... For a New Nuclear Power Plant . ... to allow the

APPENDIX B

Site Selection Threat and Risk Assessment (SSTRA) SSTRA Information Requirements As part of the Site Evaluation of the proposed site, the EIS should contain a submission containing a preliminary SSTRA to support the design basis threats, barriers and mitigation means relied upon in the EIS. The preliminary SSTRA is consentient in format, style and content as defined in CNSC Site Preparation Staff Review Procedure SRG-2.01-SP-11NNNN-025 Site Selection Threat and Risk Assessment (SSTRA) – Security Risks Presented by the Site Location and the following references: 1. IAEA INFCIRC/225/Rec 4 2. IAEA Nuclear Security Series

3. IAEA Extreme External Events in the Design and Assessment of Nuclear Power Plants,

IAEA-TECDOC-1341, IAEA, Vienna (2003)

4. CNSC Final Report Design-Basis Threat (The most current DBT shall be considered concurrent with the SSTRA).