Assurance of nuclear safety is based on general principles that have been formed by experience and research. According to these principles, safety is ensured by so-called defence in depth and multiple arrangements.
The aim is to prevent accidents using good design, high quality and careful operations. However, if a fault or an accident occurs, safety systems are used in order to gain control over it. If this also fails, the goal is to mitigate the environmental impact of the accident as effectively as possible. The design and dimensioning of safety systems are based on computational accident analyses and experimental data.
Defence-in-depth safety approach
Ensuring the safety in order to prevent reactor damage and harmful effects of radiation is done on several successive functional and structural levels that secure each other. This approach is called defence in depth. Ensuring safety can be separated into preventive, protective and mitigating levels.
The first, i.e. the preventive level
The aim is to prevent deviations from the normal operating state of the plant by means of a high level of design and operation. High quality standards and adequate safety margins are applied on the design, manufacture, installation and maintenance of important equipment. In addition, the design aim is to use inherently stable solutions that correct abnormal circumstances. In particular, the reactor is designed in such a way that the inherent feedback will seek to prevent an uncontrolled increase of reactor power. This is based on the fact that a power increase will lead to a rise in reactor temperature, which in turn reduces power.
The second, i.e. the protective level
Although high quality standards are set for the design and operation of facilities, accidents and operating problems may still occur. Because of this, nuclear power plants are equipped with systems to detect problems and prevent their development into serious accidents. These systems ensure in particular reactor shutdown, cooling of the reactor core and removal of residual heat.
The third, i.e. the mitigating level
If the progression of the accident cannot be prevented with actions on the first and second level, it is still possible to mitigate its consequences. In this case, the most important thing is to ensure that the containment building remains intact and that the containment building systems are operational.
Multiple barriers protect the environment
One of the key principles of nuclear safety is to have multiple barriers between radioactive substances and the environment.
The first barrier is the nuclear fuel itself. During normal operation, the majority of fission products are in a solid state and will remain as part of the ceramic fuel material. A small part of the gaseous fission products ooze out of the fuel material, but in any case remain inside the tight fuel rod cladding.
Cooling circuit wall
The second barrier for release is the cooling circuit wall. Fission products released from leaking fuel rods and radioactive corrosion products contained in the coolant remain in normal operation within a tight cooling circuit, from where they are removed in a controlled manner using a coolant cleaning system or a gas processing system and will be processed as nuclear waste later.
The third barrier for release is formed by the pressure-resistant and gas-tight containment building surrounding the reactor. Its task is to contain radioactive materials released if the cooling circuit is damaged.
Outer containment building
The fourth barrier is usually formed by another building on the outside of the actual containment building, the outer containment or reactor building. Small amounts of gas that may be leaking from the actual containment building are collected from the outer containment building and discharged through filters into the outside air. Most of the radioactive materials with the exception of inert gases are captured in the filters.