|
| DOE-STD -3009-94
designed to function during that accident and appropriate documentation of this fact exists.
The range of accident scenarios analyzed in a DSA should be such that a complete set of
bounding conditions to define the envelope of accident conditions to which the operation
could be subjected are evaluated and documented. This necessitates the consideration of
accidents other than DBAs for two cardinal reasons. First, even if DBAs exist, they may
not adequately cover "the range of accident scenarios" needed to establish the facility
safety basis. Secondly, DBAs may not cover a "complete set of bounding conditions."
Either of these conditions ma y arise for a number of reasons, such as the original design
not being related to bounding conditions, the criteria for determining facility safety basis
having significantly changed, operations or types of hazards having changed, or magnitude
of hazards having increased. Any one of these reasons may make the DBA inadequate for
determining a facility safety basis.
The most obvious and extreme reason for examining accidents other than DBAs for
existing facilities is a lack of design documentation. If appropriate design documentation
is not available, postulated accidents are not DBAs. The front-end purpose of a DBA (i.e.,
"to provide the design parameters") cannot be meaningfully addressed even if existing
design parameters are estimated and used to develo p an accident scenario. The
reconstructed accident would not determine design parameters. It would be determined by
them. The need to analyze a range of scenarios that bound conditions would not clearly
be met by such an exercise. This potential lack of relevance is one of the reasons that the
DSA is not the proper vehicle for formally filling gaps in existing design documentation.
Where DBAs do not exist, or do not adequately cover the range of scenarios or bounding
conditions, surrogate evaluation bases are needed. These derivative DBAs are used to
estimate the response of SSCs to "the range of accident scenarios" and stresses that
bound "the envelope of accident conditions to which the facility could be subjected" in
order to evaluate accident conseq uences. The derivative DBAs should take maximum
advantage of the pertinent existing design information (i.e., requirements and bases) that
is immediately available or can be retrieved through reasonable efforts. To the extent
necessary, this information can be supplemented by testing, extrapolation, and
engineering judgments.
Existing facilities, like all industrial facilities, were generally built with standard process
and utility SSCs with a high consideration for basic safety. For the majority of these
facilities, adequate facility design and process information exist that, while not of the
quality and detail expected for current conceptual design, is typical of many commercial
processing operations, which comprise the majority of industrial practices. This
information can be used in estimating SSC response to derivative DBAs whose
evaluation will satisfy the requirements of safety analysis.
For operational accidents, a derivative DBA is defined based on the physical possibility
of phenomena as defined in the hazard analysis. Use of a lower binning threshold such as
10-6/yr is generally appropriate, but should not be used as an absolute cutoff for
dismissing physically credible low probability operational accidents (e.g., red oil
explosions) without any evaluation of preventive and mitigative features in hazard
analysis. This distinction is made to prevent "pencil sharpening" at the expense of
objective evaluation of hazards. Examples of a candidate derivative DBA would be an
Page 13
|
Privacy Statement - Press Release - Copyright Information. - Contact Us |