managing deviations from the design target with the safety case iaea geosaf ii plenary 2014
TRANSCRIPT
Managing deviations from the Design Target with the Safety Case
IAEA GEOSAF II Plenary 2014
Content
Walk through of the safety case loop diagram• Role of safety case during construction and operation• Prerequisites for high quality operations (build and Operate)• Role of monitoring, QA/QC and qualification procedures • Assessment of deviations• Examples• Updating the Safety Case
Disposal facility life cycle
• At the time of disposal facility operational period the safety case has passed stepwise process on development (concept, siting, preliminary design, ...)
• After authorization the disposal facility will in many case be operated for several decades.
• The facility is also likely to be extended in several stages with concurrent activities (excavation, waste emplacement, partial closure)
• The continuous use of Safety Case and demonstrations that performed activities comply with safety envelope is fundamental for success.
Kuva tähän alkuun
Role of the Safety Case
• Discussed in earlier presentations• For disposal facility the important aspects of safety case is that it
integrates operational and post-closure safety • Safety case should define requirements that construction and operation
shall fulfill (fulfilled as-built initial state “assures” assessed long-term safety)
• These requirements define safety envelope which again gives provisions for design target.
Prerequisites for high quality operations
• Integrated management system– Systematic process for development and
management of requirements– Comprehensive project management
procedures– Design specifications and plans that
construction and operation must follow– Procedures for constructions and operation
activities– Monitoring of safety related key parameters– Demonstration of compliance within design
target (DT)
• Discussed for example in IAEA GS-R-3 and Safety Guide GS-G-3.4
Monitoring and demonstration of compliance
• Discussed in earlier presentation• Monitoring is discussed for example in IAEA draft
Safety guide (DS357)• Management system should include detailed
procedures for demonstration compliance with design target
• Monitoring should focus on parameters that are important for safety and also observable in real disposal facility
• Monitoring and QA/QC procedures are a tool for verifying that as-built state is acceptable
• Examples– Tolerances of disposal rooms– Waste package testing– Waste acceptance verification– Monitoring of favorable site properties– …
In compliance?
In case of deviation from DT (1)
• Most likely deviations are found during construction and operation – if not, the management system is not working properly
• Deviations should be addressed through predefined procedures– First step in deviation analysis is to assess it safety
significance– Analysis may focus on estimation of large enough safety
margin or call for more detailed analysis of the effect– Based on the analysis deviation can be approved,
documented and closed or it may require corrective actions or rejection product
• Deviation management process is discussed in further detail for example in IAEA GS-R-3 (non-conformances and corrective and preventive actions)
In case of deviation from DT (2)
• Possible, more safety case related, actions for the implementer based on monitoring results or in case of deviation :– Refine construction or operational procedures to reverse a
trend that if left unaddressed could cause the parameter eventually to fall outside of the DT (and potentially outside of the SE);
– Commission further research to understand the consequences of the deviation. This may have the effect of expanding the DT and consequently bringing the value into compliance;
– Review the safety case to determine whether additional safety features can be claimed thereby compensating for the design deviation. An updated safety envelope could be also envisioned at this stage.
– In extremis the deviation may be so severe, so far from the SE that the operator will need to consider whether it is still possible to achieve a satisfactory safety case.
Examples from “real life”
• Exceeding excavation damage zone (EDZ) tolerance – Maximum EDZ is given in tunnel technical specification– Depth of EDZ is examined with ground penetrating radar– Continuous EDZ might have effect on post-closure safety
as a potential transport route
• Possible actions:– In any case assessment of causes for exceeding
specification– Approval and documentation of exceeding, if only local– Cutting and plugging of continuous EDZ (engineering
solution)– Re-assessment and update of safety case, if continuous
EDZ can’t be avoided
Examples from “real life”
• Exceeding tunnel profile specification– Theoretical tunnel profile is given in tunnel
specification and in design drawings– As-built profile is examined with laser scanning and
other measurements– Over excavation has an effect on tunnel backfill
emplacement and possibly on post-closure performance
• Possible actions:– In any case assessment of causes for exceeding
specification– Approval and documentation of exceeding, if not
affecting DT when assessed together with backfill performance
– Redesign of tunnel backfill and assessment of performance if needed to meet DT
Examples from “real life”
• Waste package tested to have too large defects– Waste package specification includes acceptable
defect size and type– Larger defect can have an effect on corrosion
resistance or mechanical integrity in extreme loading cases (operational and post-closure)
– Waste container is a key safety barrier and deviations have always safety implication
• Possible actions:– More detailed re-evaluation of the defect size using
more accurate methods or detailed sizing of defect – rejection of waste container component or welding
that does not meet design specification
Examples from “real life”
• Water inflow to tunnel exceeds maximum limit used in safety case– In crystalline bedrock a key target is to maintain
favorable site properties– Large water inflow has an effect on hydrological
and geochemical features of the whole site (water table drawdown, up coning of deeper groundwater)
• Possible actions:– More detailed re-evaluation of the possible change
in the site properties– a long-lasting or irreversible change might recall for
large re-assessment, change of disposal design or even rejection of site
Updating the Safety Case
• Safety case should be updated during disposal facility operation• A comprehensive update will take place according to national approach,
but should be done for example in case of– stepwise facility authorization– other facility modification– periodic safety review– relicensing of facility (if for example required by national legislation)– Before closure of the facility
• New information from operational period should be integrated into the safety case– Assessment that operation has demonstration that operation (as-built state)
has been in compliance with design target and safety envelope– experience (more knowledge from construction, fabrication and emplacement)– Site characterization data– New safety related information (R&D, other facilities, …)
Kuva tähän alkuun