유럽형 APR1400 &C 심층방호및다양성 (D3) 설계 정기훈 (jku@kepco-enc.com)
발표순서. 참조문서. D3 개요. 국내원전 D3 설계 V. 유럽원전 D3 설계 V. 결론 - 1 -
. 참조문서 Safety of new NPP designs 1/2012, WENRA(Western European Nuclear Regulator s Association) RHW (Reactor Harmonization Working roup) 2012 NSA(nternational Nuclear Safety Advisory roup)-10, AEA 1996 European Utility Requirements for LWR NPP (Rev. D), 2012 Diversity and Defense-in-Depth for the APR1400 (APR1400-Z-J-EC-13002-P, Rev.0), 2013-2 -
. D3 개요 Defense-in-Depth & Diversity 심층방어 (Defense-in-Depth) 1970년대초원자력발전소안전분야에심층방어 (DiD) 개념소개됨 예상사고확률에기준한사고분류에따라구분한각심층방어단계를구분 사고예방의수단으로사고예방계통고장시잠재적영향을최소화하고, 사고가좀더심각한상황으로진행됨을예방함 안전기능 (Safety Function) 수행을확실히보장하기위해다중의방어단계로구현되고, 한단계보호기능고장시다음단계에서보호기능을수행함 초기 3단계 (Level 1~3) 에서 TM 사고 (1979), 체르노빌사고 (1986) 및후쿠시마사고 (2011) 의영향으로다중고장 (Multiple Failures) 및중대사고 (Severe Accidents) 에대한추가고려로 5단계 (Level 1~5) 로확대됨 - 3 -
. D3 개요 Defense-in-Depth & Diversity 심층방어 (Defense-in-Depth) 계속 심층방어단계 심층방어단계목적운전상황 Level 1 비정상운전및고장예방 Normal Operation Level 2 비정상운전및고장제어 Anticipated operational occurrences Level 3 3a 3b 방사능누출을제한하기위한사고제어 노심손상환경으로의진행예방 방사능누출을제한하기위한사고제어 노심손상환경으로의진행예방 Postulated single initiating events Postulated multiple failure events Level 4 초기또는대량방사능물질누출가능상황에대한실질적제거 외부누출제한을위한노심용융사고제어 Postulated core melt accidents (short and long term) Level 5 심각한방사능누출로인한결과완화 ( 외부비상대응 ) Severe Accidents - 4 -
. D3 개요 Defense-in-Depth & Diversity 심층방어 (Defense-in-Depth) 계속 심층방어단계별연계 Non-Safety Class Safety Class (low) Safety Class (High) Level 1 Normal Operation Requiring safety function activation upon failure Physical Barriers Level 2 Preventive function Failure Failure Level 3a Postulated nitiating Events (PE) Safety systems needed to initiate RPS and to lead to controlled state Safety systems needed to achieve safe shutdown state Essential for accident management according to EOPs Failure Level 3b Failure Diverse functions needed for safety systems failures (CCF) Level 4 Severe accidents Severe Accident Management - 5 -
. D3 개요 Defense-in-Depth & Diversity 다양성 (Diversity) 서로다른심층방어단계간독립성 (ndependence) 요건은심층방어 (DiD) 구현을위한가장기본적인요건임 독립성 (ndependence) 요건의구성, - 6 -
. D3 개요 Defense-in-Depth & Diversity 다양성 (Diversity) 계속 정의 : 서로다른다양한방법으로동일한기능을구현함 적용범위 : 설계, 제작, 시험, 운영등 설계적용사례 : - 안전, 비안전계통에서로다른 &C 플랫폼설계 - 소프트웨어기반원자로보호계통의공통원인고장 (CCF) 에대비한다양성보호계통설계 - 비상디젤발전기 (ED) 의 CCF에대비한대체교류전원 (AAC) 디젤발전기설계 - 7 -
. 국내원전 D3 설계 D3 설계요건 SECY-93-087,. Q, Defense against Common-Mode Failures in Digital nstrumentation and Control Systems BTP 7-19, uidance on Evaluation of D3 in Digital Computer Based &C Systems NURE/CR-6303, Method for Performing Diversity and Defense-in Depth Analyses of Reactor Protection Systems 국내원전의심층방어 (DiD) 요건은아래와같은방어단계의대처설비를요구함 - 정상운전 (Normal Operation) - 비정상운전 (Abnormal Operation, AOO) - 설계기준사고 (Design Base Event) - 설계기준초과사고 (Beyond DBE) 설계기준초과사고 (BDBE) 에대처하는설비는설계기준사고 (DBE) 와의다양성 (Diversity) 만 요구함 따라서, 정상운전및설계기준초과사고 (BDBE) 운전에비안전등급 DCS 플랫폼적용하고, 비정상운전및설계기준사고 (DBE) 운전에안전등급 PLC 플랫폼을적용함 - 8 -
. 국내원전 D3 설계 D3 설계현황 APR1400 &C System Overview Architecture (from NRC-DC 사업 ) DAS DS DS System Level Switches QAS-P QAS-N Mini- LDP DS QAS-P QAS-P QAS-N QAS-N QAS-N DMA CM OM DPS (N1,N2, N3,N4) DCN- Type A Variables Rx Trip RTSS OM SDN CPCS ESF Act. Setpoint Reset CPM PPS Operating Bypass Minimum nventory MTP ESF-CCS C SC ESCM CC ESF-CCS LC RO Other Channels TP QAS-P (A,B) LDP TO FPD ESCM EO MCR QAS-N Rx Trip RTSS MSS Act. PCS Setpoint Reset CPM Operat. Bypass PPS CC ESF-CCS C SODP FPD ESCM SDN P-CCS C/LC NPCS RSR ` PS Legend Common platform for Safety &C Common platform for Non-Safety &C Diverse platform for DAS Dedicated equipment for the System Display or Soft control device Safety System Data Network (SDN) Non-safety Network (DCN-) Serial Data Link (SDL) Ethernet Hardwired connection FDAS T/CS DCN- DMA Rx Trip RTSS (A1,B1,C1,D1, A2,B2,C2,D2) APC-S CM Safety Components (Sensors, Txs, Pumps, Valves, etc.) ENFMS Fission Chamber Safety-related - 9 - Non-Safety Non-safety Components (Sensors, Txs, Pumps, Valves, etc.) ncore Detector T/ Components
. 국내원전 D3 설계 D3 설계현황 PPS Vs. DPS (from NRC-DC 사업 ) Safety Sensors Safety Non-safety OM PS CPCS APC-S Non-safety Network SDL PPS DPS (N1,N2,N3,N4) Turbine Trip TCS RT ESFAS (incl. AFAS/SAS) Serial Data Link (SDL) RT (Under Voltage) A A1/A2 B B1/B2 C C1/C2 D D1/D2 ESFAS (AFAS/SAS) RT (Shunt Trip) N1 A1/A2 N2 B1/B2 N3 C1/C2 N4 D1/D2 Hardwired Connection ESF A ct. ESF-CCS C2 A2 B1 A1 N1 M RTSS-2 RTSS-1 M Set DM A CM D2 B2 D1 C1 N2 M ESF Components DRCS Reacor Trip (Under Voltage) - 10 -
. 국내원전 D3 설계 D3 설계현황 QAS Vs. DS (from NRC-DC 사업 ) AM & CC parameters EOP parameters AM & CC, EOP parameters QAS-P (A,B) QAS-N Mini LDP SODP FPD DS QAS-N Network Non-safety Network Safety System Data Network TP SDL B C D QAS-N QAS-N MTP PS SDL QAS-P (A,B) S CETs / HJTCs CETs / HJTCs Status Alarm (via P-CCS) Hardwired Connection DS Process variables APC-S S DS variables Safety Sensors - 11 - Safety Non-safety
V. 유럽원전 D3 설계 D3 설계요건 AEA NSA(nternational Nuclear Safety Advisory roup)-10, 1996 European Utility Requirements for LWR NPP, Rev. D, October 2012 유럽에서는후쿠시마사고이후심층방어 (DiD) 요건으로자연재해를포함한다중사고 ( 설계기준초과사고-DEC; Design Extension Condition) 및노심용융 (Core Melting) 사고에대한안전등급대처설비를요구함 또한, 서로다른심층방어 (DiD) 단계간의다양성 (Diversity) 설계를포함하는독립성 (ndependence) 요건을요구함 따라서, 설계기준초과사고 (DEC) 시비안전등급 DCS 플랫폼을사용하는기존의설계내용은다양성 (Diversity) 확보부족으로적용불가함 - 12 -
V. 유럽원전 D3 설계 D3 설계현황 유럽심층방어 (DiD) 요건에따라아래그림과같이심층방어단계별 4 플랫폼적용함 - 13 -
V. 결론 최신유럽기준심층방어 (DiD) 요건에따라개발된심층방어단계별 4 플랫폼을적용한유럽형 APR1400 &C 구조설계내용은다음과같은사유로기존원전의안전성을향상시길수있음 심층방어 (DiD) 단계별독립성증대 설계초과사고및중대사고에대한신규플랫폼적용으로다양성설계신뢰도향상 유럽형 APR1400 &C 구조설계내용은적용국가의인허가및사용자요건에따라 추가개발이요구되며, 안전해석분야의해당사고유형기준운전적합성평가분석이 우선적으로수행되어야함 - 14 -