FUNCTIONAL CLASSIFICATION PROCESS
The use of the EG is only one element in a larger safety SSC functional classification
process that is intended to contribute to adequate safety. Other contributors are disciplined
conduct of operations, training, and safety management programs such as radiation
protection and emergency response. The functional classification process must recognize
competing interests for finite resources, and the need for optimization of the application of
resources for safety in a facility, as well as across a DOE site. Some principles that should
be incorporated in a functional classification process are:
Protection of the public is contributed to by all facets of safety in design,
including defense- in-depth, SC and SS SSCs, and in many cases in DOE, by
remote siting. The expectation is that SSCs will function as designed in accident
environments, resulting in public doses of small fractions of the EG.
Protection of the public is paramount in safety design, but protection of workers is
no less important. However, the degree of protection for facility workers
achievable by safety SSCs is limited. Major contributions to overall safety
assurance to the worker are institutional factors such as conduct of operations,
training, and the entirety of safety management pro grams.
Some considerations in the prioritization of facility safety issues include:
Hazardous material inventory should be minimized at all times.
Safety SSCs are preferred over administrative controls.
Passive SSCs are preferred over active SSCs.
Preventive controls are preferred over mitigative controls.
Controls closest to the hazard may provide protection to both workers
and the public.
Facility safety SSCs are preferred over personal protective equipment.
Controls that are effective for multiple hazards can be resource
Selection of the terminology "Evaluation Guideline" is deliberate. It distinguishes this
usage from `safety or risk acceptance criteria' or `siting criteria.' Such acceptance criteria
have traditionally been used in the design and siting stage of nuclear power reactors.
Acceptance criteria have been inextricably linked to accident scenarios that are prescribed
in some manner, i.e., deterministic DBAs. The results of quantitative probabilistic risk
assessments (PRA), principally those of nuclear power or production facilities, are
sometimes compared to another type of `risk acceptance criteria,' referred to as safety
goals. PRAs are fundamentally different analytical methods from deterministic safe ty
analyses and produce a different type of product. For example, in PRAs the failure of a
safety feature (hardware or human action) to perform an intended function is always
postulated, irrespective of the safety classification of the feature. So, in co ntrast to
assumptions employed in deterministic safety analyses, in PRAs even SC SSCs do not get