Safety objective O4:
Independence of all levels of defence-in-depth
“WENRA expects new nuclear power plants to be designed, sited, constructed, commissioned and operated with the objectives of:
enhancing the effectiveness of the independence between all levels of defence- in-depth, in particular through diversity provisions (in addition to the strengthening of each of these levels separately as addressed in the previous three objectives), to provide as far as reasonably achievable an overall reinforcement of defence-in-depth.”86
It is the general objective of defence-in-depth to ensure that a single failure, at one level and even a combination of failures at more than one level of defence, should not propagate and jeopardize defence-in-depth at subsequent levels. “The independence of different levels of defence is a key element in meeting this objective.”87 This safety objective is fully applicable for operating plants. It is in principle a traditional part of the safety concepts of all operating nuclear power plants. The open question only lies in the degree of how consistently this objective is realised practically. Modern safety standards (“for example the “Safety Criteria for Nuclear Power Plant”) for operating plants require a consistent separation of all safety levels of the defence-indepth.88
To evaluate the compliance of a plant with this safety objective all safety functions must be proved whether they have duties at two or more levels of defence-in-depth. Components of safety systems of level 3 should not fulfil an operational task. All components of safety features of level 4 which are used at another level of defence-in-depth have to be identified. The result of such a check against current standards would reveal severe differences among the European plants and a big potential for safety improvement.
86 WENRA: Safety Objectives for New Power Reactors, November 2010. Note: The complete text of the safety objectives (including footnotes) is given in the Annex
87IAEA: Defence in depth in Nuclear Safety, INSAG 10, A report by the International Nuclear Safety Advisory Group, Vienna, 1996
88Module 1 “Safety Criteria for Nuclear Power Plants: Fundamental Safety Criteria”, Technical safety concept, defence-in-depth concept No. 2.1 (5 - 8), Technical criteria, No. 3.1 (10) Examples: No. 2.1 (5) On levels of defence 2 and 3, measures as well as installations are provided that are arranged in such a way that upon the failure of measures and installations on levels of defence 1 and 2, the measures and installations on the subsequent level re-establish the required safety-related condition independent of measures and installations of other levels of defence: No. 2.1 (6): It is ensured that a single technical failure or erroneous human action on one of the levels of defence 1 to 3 will not jeopardise the effectiveness of the measures and installations on the next level..