Presentation is loading. Please wait.

Presentation is loading. Please wait.

DOE-STD-1189-2008, I NTEGRATION OF S AFETY INTO THE D ESIGN P ROCESS Dr. Richard Englehart, Epsilon Systems Solutions Pranab Guha, HS-21 John Rice, Epsilon.

Similar presentations


Presentation on theme: "DOE-STD-1189-2008, I NTEGRATION OF S AFETY INTO THE D ESIGN P ROCESS Dr. Richard Englehart, Epsilon Systems Solutions Pranab Guha, HS-21 John Rice, Epsilon."— Presentation transcript:

1 DOE-STD , I NTEGRATION OF S AFETY INTO THE D ESIGN P ROCESS Dr. Richard Englehart, Epsilon Systems Solutions Pranab Guha, HS-21 John Rice, Epsilon Systems Solutions

2 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 E XPECTATIONS I expect safety to be fully integrated into design early in the project. Specifically, by the start of the preliminary design, I expect a hazard analysis of alternatives to be complete and the safety requirements for the design to be established. I expect both project management and safety directives to lead projects on the right path so that safety issues are identified and addressed adequately early in the project design. – Deputy Secretary of Energy, December 5,

3 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 P URPOSE  DOE Standard 1189 has been developed to show how project management, engineering design, and safety analyses can interact to successfully implement the Deputy Secretary’s expectations  This course provides the central ideas and themes of 1189 and conveys lessons learned from project implementation of the Standard 3

4 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 O VERVIEW OF C OURSE Safety-in-Design Concepts Applicability Project Integration and Planning Design Process Hazard and Accident Analyses and Inputs to the Design Process Appendices A – C Facility Modifications Lessons Learned Q & A Case Study 4

5 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 I NSTRUCTIONAL G OAL Upon successful completion of this lesson, students will be able to demonstrate a familiarity level knowledge of the background, philosophy, and contents of DOE-STD-1189, Integration of Safety into the Design Process 5

6 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L ESSON O BJECTIVES (S LIDE 1 OF 5) Lesson Objectives  Explain why DOE-STD-1189 was developed.  Identify the “drivers” that require the use of DOE- STD-1189 for integrating safety into design.  Identify and explain the key concepts introduced by DOE-STD  Identify and explain the guiding principles for integrating safety into design. 6

7 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L ESSON O BJECTIVES (S LIDE 2 OF 5)  Explain the purpose of the DOE Integrated Project Team.  Explain the purpose of the Contractor Integrated Project Team.  Explain the purpose of the Safety Design Integration Team.  Explain how the Safety Design Strategy is developed. Describe its scope, preparation, format, and approval process. 7

8 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L ESSON O BJECTIVES (S LIDE 3 OF 5)  Describe how the requirements and deliverables identified in DOE-STD-1189 relate to the Project Lifecycle as described in DOE Order 413.3A.  Explain how the Critical Decision Process can be tailored based on project type, risk, size, duration, complexity and selected acquisition strategy. 8

9 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L ESSON O BJECTIVES (S LIDE 4 OF 5)  Identify and explain the key safety-related activities in each of the phases of a project:  Discuss the purpose and content of the following documents: –Conceptual Safety Design Report. –Conceptual Safety Validation Report. –Preliminary Safety Design Report –Preliminary Documented Safety Analysis –DOE Safety Evaluation Report 9

10 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L ESSON O BJECTIVES (S LIDE 5 OF 5)  Identify common lessons learned from implementing DOE-STD  State the purpose of the following appendices in DOE-STD-1189 and explain how each is used in the design process: –Appendix A, Safety System Design Criteria –Appendix B, Chemical Hazard Evaluation –Appendix C, Facility Worker Hazard Evaluation –Describe the facility modification process using DOE-STD

11 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 STD-1189 R OADMAP (S LIDE 1 OF 6) For all audiences: – Preface, with the key concepts and guiding principles upon which the Standard was developed, – Chapter 1, Introduction (background, applicability, must and should) ; – Chapter 2, Project Integration and Planning; and – Chapter 3, Safety Considerations for the Design Process, which provides an overall perspective of the Safety-in-Design process through the Critical Decision stages. 11

12 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 STD-1189 R OADMAP (S LIDE 2 OF 6) Project safety personnel and DOE safety reviewers –Chapter 4, Hazard and Accident Analyses –Chapter 5, Nuclear Safety Design Criteria –Chapter 6, Safety Reports –Appendices A through D, –Appendix F, Safety-in Design Relationship with the Risk Management Plan –Appendix G, Hazards Analysis Table Development guides this basic safety-in-design input 12

13 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 STD-1189 R OADMAP (S LIDE 3 OF 6) Project management, both federal and contractor –Chapter 7, Safety Program and Other Important Project Interfaces –Appendix E, Safety Design Strategy –Appendix F, Safety-in-Design Relationship with the Risk Management Plan 13

14 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 STD-1189 R OADMAP (S LIDE 4 OF 6) Project design personnel –Chapter 5, Nuclear Safety Design Criteria –Chapter 7, Safety Program and Other Important Project Interfaces –Appendices A through D, which address safety design classifications for Safety Structures, Systems, and Components (Safety SSCs) 14

15 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 STD-1189 R OADMAP (S LIDE 5 OF 6) Safety Document Preparers and Reviewers –Appendices H and I provide format and content guidance for the preparation of the Conceptual Safety Design Report (CDSA), Preliminary Safety Design Report (PDSA), and Preliminary Documented Safety Analysis (PDSA) 15

16 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 STD-1189 R OADMAP (S LIDE 6 OF 6) Project teams for potential major modifications of existing facilities: –Chapter 8, Additional Safety Integration Considerations for Projects –Appendix J, Major Modification Determination Examples 16

17 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY - IN -D ESIGN B ASIC P RECEPTS Appropriate and reasonably conservative safety structures, systems, and components are selected early in project designs Project cost estimates include these structures, systems, and components Project risks associated with safety structures, systems, and component selections are specified for informed risk decision-making by the Project Approval Authorities 17

18 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 D EVELOPMENT OF STD-1189 (S LIDE 1 OF 2)  Designed to be guided by and consistent with the principles of ISM and the requirements and guidance of DOE O 413.3A  Correlates with the DOE O 413.3A Critical Decision stages and safety design requirements of DOE O 420.1B and associated guidance documents 18

19 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 D EVELOPMENT OF STD-1189 (S LIDE 2 OF 2) Specifically references 413.3A guidance on –Mission Need Statements –Integrated Project Teams –Project Execution Plans –Risk Management Plans 19

20 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C ORRELATION TO ISM C ORE F UNCTIONS  Define the work: Mission Need; Alternatives Definition  Analyze the hazards: Conceptual Design and follow on stages, hazards analysis, and design basis accidents  Identify safety controls: Follows from HA and safety classification  Perform the work: Integrate safety in the design process  Feedback and Improvement: Iterative process between design and safety 20

21 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S UMMARY OF K EY S AFETY - IN -D ESIGN C ONCEPTS ( S LIDE 1 OF 4)  Establishment and early involvement of Integrated Project Teams (IPT) and their coordination  Federal and Contractor IPTs; Contractor Safety Design Integration Team (SDIT)  Defining the overall strategy for the project, including how safety integration is to be accomplished, and obtaining DOE approval of the strategy  Safety Design Strategy, derived from DOE safety expectations defined in the pre-conceptual phase, is formalized and approved during conceptual design phase 21

22 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S UMMARY OF K EY S AFETY - IN -D ESIGN C ONCEPTS (S LIDE 2 OF 4)  Identifying CD-1 as the key point in a project when major safety systems and design parameters should be defined  Focus on high potential cost safety implications: Hazard Category; building and major components seismic design categories; building confinement strategy; fire protection and power supply system classification  Establishing objective criteria for the designation and design of safety structures, systems, and components  STD-1189 Appendices A, B, and C (seismic design basis; collocated worker SSC safety classifications; in-facility worker safety classifications) 22

23 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S UMMARY OF K EY S AFETY - IN -D ESIGN C ONCEPTS (S LIDE 3 OF 4)  A conservative front-end approach to safety-in-design that is reflected by a “risk and opportunities” assessment  Conservative approach early-on based on assumptions and incomplete information: input to project risk management plan (Risk and Opportunities Assessment) and information for cost estimates  Identifying key project interfaces (physical and programmatic) that affect design decisions  Project Interfaces: e.g., site infrastructure, security, waste management, emergency preparedness, DNFSB 23

24 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S UMMARY OF K EY S AFETY - IN -D ESIGN C ONCEPTS (S LIDE 4 OF 4)  Ongoing involvement of DOE in safety-in-design decisions  Safety Design Strategy (SDS)  Conceptual and Preliminary Safety Design Reports (CSDR, PSDR)  Preliminary Documented Safety Design Analysis (PDSA)  Related DOE reviews and approvals 24

25 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 G UIDING P RINCIPLES (S LIDE 1 OF 3) Derived from DOE O 420.1B, DOE O 413.3A, and their associated Guides 1.Use of O 420.1B and clearly articulated strategies to satisfy requirements 2.Control selection strategy order of preference 3.Following the design codes and standards in O 420’s associated Guides 4.Use of risk and opportunities assessments 25

26 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 G UIDING P RINCIPLES (S LIDE 2 OF 3) 5.Conservative early project safety decisions input to cost/schedule 6.CD packages describe safety decisions 7.Project team includes appropriate expertise 8.Safety personnel involved from onset of project planning 26

27 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 G UIDING P RINCIPLES (S LIDE 3 OF 3) 9.Important safety functions addressed during conceptual design 10.SDIT invokes the safety-in-design process 11.All stakeholder issues identified early and addressed 12.Bases for safety related decisions are documented 27

28 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 A PPLICABILITY The Standard applies to the design and construction of: –New DOE hazard category (HC) 1, 2, and 3 nuclear facilities –Major modifications to DOE HC 1, 2, and 3 nuclear facilities (as defined by 10 CFR 830) –Other modifications to DOE HC 1, 2, and 3 nuclear facilities managed under the requirements of DOE O 413.3A 28

29 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY AND D ESIGN I NTEGRATION Project Integration and Planning 29

30 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 K EY C OMPONENTS OF P ROJECT I NTEGRATION AND P LANNING Federal Integrated Project Team Contractor Integrated Project Team Safety Design Integration Team Safety Design Strategy Risk and Opportunities Assessments DOE and Contractor Roles and Responsibilities Safety Design Project Management Interfaces 30

31 SAF-280 Integration of Safety into the Design Process, DOE-STD R ELATIONSHIPS OF M AJOR P ROJECT E NTITIES Acquisition Executive DOE SBAA/SBRT Contractor IPT Engineering Design Safety Analysis SDIT Contractor Project Manager DOE Program Manager Federal IPT Federal Project Director 31

32 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 F EDERAL I NTEGRATED P ROJECT T EAM (S LIDE 1 OF 3)  FPD leads an IPT with representation necessary for project success  FPD and IPTs must aggressively lead the project (not passively monitor and review)  IPT formally established at CD-1 (really needs to be established at the beginning of Conceptual design)  Roles, responsibilities, and functions of the Federal IPT are provided in DOE G , Integrated Project Teams Guide for Use with DOE O 413.3A 32

33 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 F EDERAL I NTEGRATED P ROJECT T EAM (S LIDE 2 OF 3) From DOE G :  The IPT is the primary tool for breaking down the walls that can exist between different organizations, different professions, and different levels within the different organizations’ command structures. A successful IPT brings these diverse elements together to form a unit that willingly shares information, balances conflicting priorities and ideologies, and jointly plans and executes the project mission. (¶ 2.2) 33

34 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 F EDERAL I NTEGRATED P ROJECT T EAM (S LIDE 3 OF 3) From DOE G (Continued):  The initial requirement imposed upon the IPT by DOE O 413.3A is to support the FPD by providing individual expertise to fill the voids in his or her knowledge base in the areas of planning and implementing the project… (¶ 2.4.1) 34

35 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 W HAT IS THE C ONTRACTOR I NTEGRATED P ROJECT T EAM ? Standard 1189 encourages the formation of the Contractor IPT; similar makeup to Federal IPT  Comprised of personnel who ensure integration of mission need, safety analysis, and design  Diversity of expertise is essential  Project process understanding very helpful  Strong upper management support to IPT members  Need consistency and longevity of team members  Team formed after approval of CD-0 35

36 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Typical Contractor IPT Representation  Facility Owner/Operator  Funding Organization  Project Management  Health, Safety, and Radiation Protection  Nuclear Safety  Engineering  Waste Management  Procurement  Safeguards and Security (as needed)  Quality Assurance  Computing, Communications and Networking  DOE Representative 36

37 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C ONTRACTOR IPT K EY P OINTS (S LIDE 1 OF 2)  Parallel management functions as the Federal IPT, but from the contractor’s perspective  Safety Design Integration Team (SDIT) directly supports the CIPT, and through it, the Federal IPT 37

38 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C ONTRACTOR IPT K EY P OINTS (S LIDE 2 OF 2) Lesson Learned:  Biggest challenge for the CIPT/SDIT is to assure active and effective communications between engineering design activities and safety analysis activities  Especially true when they are not collocated  Failure to support the iterative interactions between safety analysis and design is equivalent to failure to implement the processes of STD

39 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 W HAT IS THE S AFETY D ESIGN I NTEGRATION T EAM (SDIT)? Provides working-level integration of safety into design for the project Usually composed of subset of Contractor IPT plus other specialties as needed Core team –Safety –Design –Operations (including maintenance) Additional composition depends on the hazards, safety, and security issues Operations SafetyDesign 39

40 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 SDIT O BJECTIVES Ensure integration of safety in design by adherence to the key concepts and guiding principles of DOE-STD-1189 Document the bases for all safety in design decisions Maintain consistency of and configuration management between safety and design work Resolve initial uncertainties and assumptions for safety in design Achieve consensus and approvals for direction of safety in design progress 40

41 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 SDIT F UNCTIONS (S LIDE 1 OF 2)  Timely communications with and support to CIPT and IPT  Conduct Risk and Opportunities Assessment (input to RMP)  Draft safety documents (CSDR, PSDR, PDSA) 41

42 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 SDIT Functions (S LIDE 2 OF 2)  Ensure the iterative safety/engineering design process is effective and that the identified safety functions:  Lead to selection of controls that are adequate to serve the safety functions and are consistent with operational needs  Are classified appropriately  Are accommodated in project cost and schedule estimates 42

43 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 SDIT Best Practices  SDIT should have a charter –Define membership (core team and SMEs) –Designate lead –Define roles and responsibilities –Specify required training for members  SDIT should use formal processes 43

44 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY D ESIGN S TRATEGY (SDS) (S LIDE 1 OF 3) “…must be developed for all projects subject to this Standard.” (¶ 2.3) Developed from CD-0 definition of DOE expectations for execution of safety during design Prepared by SDIT; reviewed by DOE Safety Basis Review Team (SBRT); approved by Federal Project Director and Safety Basis Approval Authority (SBAA) 44

45 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY D ESIGN S TRATEGY (SDS) (S LIDE 2 OF 3) Is a living document, updated throughout the project stages as needed Provides the mechanism by which all elements of the project and approval authorities can agree on basic safety in design approaches Single source for project safety policies, philosophies, major safety requirements, and safety goals to maintain alignment of safety with the design basis during project evolution 45

46 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY D ESIGN S TRATEGY (S LIDE 3 OF 3) Addresses: –Guiding philosophies or assumptions to be used to develop the design –Safety-in-design and safety goal considerations for the project –Approach to developing the overall safety design basis for the project –Significant discipline interfaces affecting safety 46

47 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 SDS U PDATES  Focus is on those major safety decisions that influence project cost (e.g., seismic design criteria, confinement ventilation, safety functional classification, and strategy)  Provide a means by which all parties are kept informed of and agree with important changes due to safety in design evolution between Critical Decision points 47

48 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 SDS F ORMAT ( SEE A PPENDIX E) 1.Purpose 2.Description of the Project 3.Safety Strategy 3.1Safety guidance and requirements 3.2Hazard identification 3.3Key safety decisions 4.Risks to Project Decisions 5.Safety analysis approach and plans 6.SDIT – Interfaces and integration 48

49 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Risk Assessment  DOE O 413.3A CD-1 requirement: “Prepare a preliminary Project Execution Plan, including a Risk Management Plan (RMP) and Risk Assessment… “ (Table 2)  Risk management strategies must address -All technical uncertainties (including schedule and cost implications) -Establishment of design margins -Increased technical oversight requirements 49

50 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 R ISK AND O PPORTUNITIES A SSESSMENT (R & OA) (S LIDE 1 OF 2)  DOE-STD-1189 Risk and Opportunities Assessment is:  Required by the Order and the Standard and  Provides the safety-related input to the Project Risk Management Plan  Purpose is to recognize and manage risks of proceeding at early stages of design on the basis of incomplete knowledge or assumptions regarding safety issues 50

51 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 R ISK AND O PPORTUNITIES A SSESSMENT (R & OA) (S LIDE 2 OF 2)  SDIT prepares R & OA and updates it throughout the project phases  Reviewed by IPT and DOE Safety Basis Review Team and approved by the Federal Project Director  Discussed in DOE STD-1189 Appendix F 51

52 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 E XAMPLE R ISK A REAS (S LIDE 1 OF 2) Technical  Uncertain seismic requirements (seismic geotechnical investigation)  SSC classifications (safety and seismic)  Interfaces with site infrastructure and boundaries of safety SSCs with them  Undefined, incomplete, unclear safety functions and requirements  New or undecided technology 52

53 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 E XAMPLE R ISK A REAS (S LIDE 2 OF 2) Programmatic Level:  Interfaces with other facilities (inputs and outputs)  Coordination between design and safety organizations (if different)  Implications of less than optimum dedicated IPT support for FPD  Including ability to actively manage risks, including programmatic 53

54 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 R OLES AND R ESPONSIBILITIES (S LIDE 1 OF 2) Product/ Document Responsibility Interface with Other Documents/ Products PrepareReviewApprove SDSSDITIPT and SBRTFPD and SBAA DOE expectations in Mission Need Statement R&OASDITIPT and SBRTFPDInput to RMP CSDRSDITIPT and SBRTVia CSVRCDR CSVRSBRTIPTSBAA with FPD Concurrence CSDR and CDR PSDRSDITIPT and SBRTVia PSVR Preliminary Design 54

55 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 R OLES AND R ESPONSIBILITIES (S LIDE 2 OF 2) Product/ Document Responsibility Interface with Other Documents/Produ cts PrepareReviewApprove PSVRSBRTIPTSBAA with FPD Concurrence PSDR PDSASDIT IPT and SBRT Via SERFinal Design SERSBRTIPTSBAA with FPD Concurrence PDSA DSA and TSR SDIT and Operations Team IPT and SBRTVia SER PDSA TSR is based on the DSA. SER SBRTSBAADSA and TSR 55

56 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 W HAT P ARTS OF THE S TANDARD ARE M ANDATORY ? (S LIDE 1 OF 2) Originating with STD-1189 –Safety Design Strategy –Risk and Opportunities Assessment –CSDR and PSDR (and DOE reviews) –Appendix A seismic design basis and collocated worker safety significant SSC criteria –Major Modification Determination (documented in SDS) –Key Concepts and Guiding Principles (for full implementation of STD-1189) 56

57 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 W HAT P ARTS OF THE S TANDARD ARE M ANDATORY ? (S LIDE 2 OF 2) Derivative  10 CFR : PDSA; design criteria of O 420.1B  DOE O 413.3A Chg. 1: requires implementation of STD-1189  DOE O 420.1B: nuclear safety, fire safety, criticality, NPH 57

58 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Safety and Design Integration DOE-STD Design Process by Project Phase 58

59 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 P ROJECT L IFECYCLE Pre-Project Planning Pre-Conceptual Conceptual Preliminary Design Final Design Construction Turnover/Acceptance Operations CD-0 CD-1CD-2CD-3 CD-4 59

60 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 P RE -C ONCEPTUAL P HASE Objective is to identify and assess a program gap and then to propose a project to close the mission related performance gap Analysis focus: –Special Safety Requirements –New facility or modification –Available technology –Process material inputs and outputs –Upper level facility functions –Results in the development of Mission Need which becomes a baseline document in the project if CD-0 is granted 60

61 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY -R ELATED A CTIVITIES IN P RE - CONCEPTUAL P HASE (S LIDE 1 OF 2)  Assign project safety lead (establishes continuity)  Initial assessment of project safety issues  Identify top level hazards (including process inputs and outputs)  Determine preliminary hazard categorization  Identify unique constraints affecting project safety approach  Develop DOE expectations for safety activities 61

62 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 D EVELOP DOE E XPECTATIONS FOR E XECUTION OF S AFETY A CTIVITIES (S LIDE 1 OF 2) Examples:  Anticipated safety issues/hazards and goal (if any) for hazard category  (Can affect process capacity through MAR limits; can affect issues regarding criticality hazards; could affect siting)  Potential need for improvements in site infrastructure to support facility safety systems (an interface issue that might expand scope of the project) 62

63 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 D EVELOP DOE E XPECTATIONS FOR E XECUTION OF S AFETY A CTIVITIES (S LIDE 2 OF 2)  Potential need for geotechnical studies  Expectations regarding confinement strategy  Project tailoring (e.g., PDSA only for a major mod)  Anticipated need for exceptions to O 420.1B and associated guides 63

64 SAF-280 Integration of Safety into the Design Process, DOE-STD P RE -C ONCEPTUAL P HASE

65 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Identify Important Project Interfaces  Criticality  Quality Assurance  Fire Protection  Emergency Management  Human Factors  Site Infrastructure  Worker Safety and Health (10 CFR 851)  Radiological Protection  Hazardous Waste Management  Safeguards and Security  Transportation  Environmental Protection  Coordination with the DOE SBRT 65

66 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C ONCEPTUAL D ESIGN P HASE  Goal for safety-in-design in this phase is to evaluate alternative design concepts, prepare the SDS, and provide a conservative design basis for the preferred concept  Perform sufficient analysis to make informed safety decisions for this phase  Document risks and opportunities for selections including cost and schedule range impacts  Begin considerations of quality requirements, Quality Assurance Program (QAP) established (This phase is the best opportunity for safety analysis to cost- effectively influence design) 66

67 67 C ONCEPTUAL D ESIGN P HASE

68 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 K EY S AFETY -R ELATED A CTIVITIES (S LIDE 1 OF 3)  Form Integrated Project Teams (both DOE and Contractor) and SDIT  Develop Preliminary Security Vulnerability Assessment  Develop Preliminary Fire Hazards Analysis  Develop Safety Design Strategy  Establish Configuration Management 68

69 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 K EY S AFETY -R ELATED A CTIVITIES (S LIDE 2 OF 3)  Evaluate alternatives and provide recommendations  Assess risks and opportunities as input to the Risk Management Plan  Develop preliminary hazard analysis (PHA) for recommended alternative –Define safety functions –Identify high-cost safety systems –Initiate hazard analysis data capture (Appendix G) 69

70 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 K EY S AFETY -R ELATED A CTIVITIES (S LIDE 3 OF 3)  Identify facility-level design basis accidents (DBAs) –Bounding consequences –Safety and seismic classification  Commit to nuclear safety design requirements (DOE O 420.1B) and place under design control  Develop Conceptual Safety Design Report (CSDR)  Maintain project interfaces focus (see Ch 7 of STD- 1189) 70

71 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C ONCEPTUAL S AFETY D ESIGN R EPORT (CSDR) (S LIDE 1 OF 2)  Document and establish a preliminary inventory of hazardous materials  Establish a preliminary hazard categorization  Identify and analyze facility-level DBAs  Assess the need for facility-level hazard controls (safety SSCs) 71

72 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C ONCEPTUAL S AFETY D ESIGN R EPORT (S LIDE 2 OF 2)  Preliminary assessment of appropriate seismic design bases (facility structure and SSCs)  Evaluate security hazards that can impact the safety design basis  Commitment to nuclear safety design criteria  Format and content of CSDR in Appendix H 72

73 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C ONCEPTUAL S AFETY V ALIDATION R EPORT (CSVR)  CSVR prepared to confirm an appropriately conservative basis to proceed to preliminary design, based on: –preliminary hazard categorization of the facility –preliminary identification of facility DBAs –assessment of the need for SC and SS facility-level hazard controls –preliminary assessment of the appropriate seismic design bases –position(s) taken with respect to compliance with the safety design criteria of DOE O 420.1B 73

74 74 P RELIMINARY D ESIGN P HASE

75 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 P RELIMINARY D ESIGN P HASE  Advance conceptual design toward final design  Evolve the Hazard Analysis (HA) to include process level HA  Develop design-specific solutions based on safety design requirements  Prepare for final design  Complete NEPA documentation by end of design phase 75

76 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY A CTIVITIES IN P RELIMINARY D ESIGN (S LIDE 1 OF 2)  Update Security Vulnerability Assessment  Update hazard analysis (HA) to address process level hazards based on the selected design  Evaluate and apply DOE O 420.1B and associated guides  Evolve system-level DBAs with appropriate added specificity based on selected design 76

77 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY A CTIVITIES IN P RELIMINARY D ESIGN (S LIDE 2 OF 2)  Update Risk and Opportunity Assessment  Update SDS reflecting design and safety evolution  Develop the Preliminary Safety Design Report (PSDR) 77

78 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 P RELIMINARY S AFETY D ESIGN R EPORT (PSDR)  Developed to demonstrate safety adequacy of the preliminary design effort  Limited to the extent that design information is also limited  Format and content guide in DOE STD 1189 Appendix I  DOE prepares Preliminary Safety Validation Report (PSVR) to approve PSDR, similar to (CSVR) in purpose and scope 78

79 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY A CTIVITIES IN F INAL D ESIGN  Update and finalize preliminary safety in design analyses, information and documentation  Update Risk and Opportunity Assessment (as needed)  Update SDS reflecting design and safety evolution (as needed)  Develop Preliminary Documented Safety Analysis  DOE prepares a Safety Evaluation Report 79

80 80 F INAL D ESIGN P HASE Pre-CD-3,Final Design S a f e t y D e s i g n B a s i s P r o j e c t E n g i n e e r i n g P r o g r a m a n d P r o j e c t M a n a g e m e n t CD-2Approval Initiate Final Design Update Security Vulnerability Analysis Update Risk Management Plan Baseline Management CD-3Final Design Package Validate Design vs.Desired Control Functions &Criteria 3.4 Develop Design Output Documents Design Reviews (Fed and/or Contractor,as appropriate) Update Hazards Analysis 4.4 Mitigated Accident Analysis 4.4 Update Safety SSC Functions and Classification 4.4 PDSA 4.4 Safety Evaluation Report DOE Authorizes Procurement, Construction, & Final Implementation Update Safety in Design Risk& Opportunities Assessment 3.4 Execution Readiness Independent Review Updated SDS,as needed 2.3 Update Project Risk Considerations CD-3Approval Construction, Transition, & Closeout 7.0

81 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 F INAL D ESIGN P HASE  Finalizes HA and DBAs (mitigated analysis)  Evolves the preliminary design to the point where –Specifications are developed –Security Vulnerability Assessment is finalized –Procurement and construction can be accomplished –Test, inspection, and commissioning requirements are developed and detailed –System Design Descriptions (SDD) and Facility Design Description (FDD) are completed 81

82 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 P RELIMINARY D OCUMENTED S AFETY A NALYSIS (PDSA)  Evolves from the PSDR  Completes the analysis of the design  Format and content covered in Appendix I –Based on DOE-STD-3009 format –Minimizes need to rewrite for DSA  Provides the basis for design adequacy with respect to safety  Change control of PDSA is established 82

83 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C ONSTRUCTION,T RANSITION, AND C LOSEOUT P HASE D ESIGN R ELATED I SSUES  Field Changes  Government Furnished Equipment (GFE) and other equipment not part of primary design  Revisions to PDSA  Changes to comply with readiness review issues  Input to Documented Safety Analysis (DSA) and Technical Safety Requirements (TSR) 83

84 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C RITERIA FOR D ETERMINING PDSA R EVISION (S LIDE 1 OF 2)  The change: -alters a safety function for a safety SSC identified in the current PDSA -results in a change in the functional classification, reliability, or rigor of the design standard for an SSC previously specified in the PDSA configuration baseline 84

85 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C RITERIA FOR D ETERMINING PDSA R EVISION (S LIDE 2 OF 2) requires implementation of new or changed safety SSC or proposed TSR controls significantly alters the process design or its bases, such as increased material at risk, changes to seismic spectra, major changes to process control software logic, new tanks, new piping, new pumps, or different process chemistry 85

86 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Safety and Design Interactions Hazard and Accident Analyses and Inputs to the Design Process 86

87 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Hazard and Accident Analysis: Initial Information Needed (S LIDE 1 OF 2)  Facility site/location  General arrangement drawings  MAR estimates or assumptions and material flow balances  Sizing of major process system containers, tanks, piping 87

88 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Hazard and Accident Analysis: Initial Information Needed (S LIDE 2 OF 2)  Process block flow diagrams for: –Ventilation –Electrical power –Special mechanical handling equipment (e.g., gloveboxes) –Instrumentation and control (I&C) system architecture  Summary process design description and sequence  Confinement strategy 88

89 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Hazard and Accident Analysis (S LIDE 1 OF 2)  At conceptual design stage (facility level analyses) -Building structure -Building and process confinement -Power systems, including Safety Class single failure criteria -Fire protection provisions -Special mechanical equipment (e.g., gloveboxes)  Initial focus on high-cost safety functions and design requirements 89

90 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Hazard and Accident Analysis (S LIDE 2 OF 2)  At preliminary and final design stages -Update and refine conceptual design analyses -Extend to process and activity level and safety functions and SSCs 90

91 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Hazard and Accident Analysis: Accident Types to Consider  Fires  Explosions  Loss of confinement/containment  Process upsets (starting in preliminary design)  Natural Phenomena Hazards  Design basis accidents (for the accident types)  Beyond design basis accidents (starting in preliminary design) 91

92 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Hazard and Accident Analysis: Outputs to Engineering Design  For Structures, Systems, and Components (SSCs), based on DOE O 420.1B safety design requirements -Performance Categories (wind, flood, etc.) -Seismic Design Basis -Safety Class functions -Safety Significant functions -Defense in depth /Important to Safety (ITS) safety functions  Design codes and standards from Guides associated with DOE O 420.1B 92

93 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 H AZARD A NALYSIS AND D ESIGN B ASIS A CCIDENTS (DBA S ) AT C ONCEPTUAL D ESIGN  Simple DBAs are postulated based on facility level upsets involving limiting quantities of MAR and facility layout  Unmitigated consequences are assessed to help establish both needed safety function and safety classification of that function  These accidents are analyzed for both collocated workers and public impact; they are to help define safety functional and design requirements  DBAs are refined and expanded upon in later stages of project 93

94 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 H AZARD A NALYSIS (HA) AT THE P ROCESS L EVEL  HA and design iteration –HA activities support identification of safety functions and selection of DBAs –Includes consideration of in-facility workers –DBAs and safety functions support design selection and associated design criteria –Design selection / criteria support development of a refined HA for the PSDR –Several iterations may be necessary as preliminary design progresses –Hazard Analysis table updated as necessary 94

95 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Design Basis Accidents in Preliminary Design  The Design Basis Accidents (DBAs): –Refined from Conceptual Design based on system design –Provide input for new or revised design criteria –Establish system-level safety classification  DBAs are selected based on safety function and magnitude of hazard –Consider public and collocated worker consequences 95

96 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY I NTERFACE WITH D ESIGN (S LIDE 1 OF 2)  Assist designers in understanding and addressing –Safety requirements from hazards and accident analyses –Safety implications associated with design alternatives and trade studies –Safety interpretation of DOE O 420.1B and DOE G requirements and recommendations 96

97 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY I NTERFACE WITH D ESIGN (S LIDE 2 OF 2)  Safety input into System Design Descriptions (SDD) –System boundaries –Safety functions and requirements –Supporting analyses (safety SSCs can provide safety function when called upon)  Project design reviews –Include safety design basis information and information included in design products (e.g., SDDs) 97

98 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 W HEN TO C OMMUNICATE B ETWEEN D ESIGN AND S AFETY FactorEngineering DesignSafety Potential Accident Scenarios Changes in facility or process layout Barriers to accident propagation established, changed, or removed (e.g., fire barriers, separation of hazardous materials) Introduction of new sources of energy or hazard (e.g., chemical, mechanical, kinetic, potential, flammable, explosive) Effect of any design factor where change: Introduces a new accident scenario alters a safety function for an SSC results in a change in safety functional classification, reliability, or design standards requires a new safety SSC or implies a new TSR control significantly alters process design or its basis Material at Risk (MAR) Tank Size Process details (e.g., inventory in gloveboxes) Total facility inventory, including all hazardous materials Damage Ratio (DR)Facility and/or process layout, including fire barriers Airborne Release FractionMAR material type and form (gaseous, powder, solid) Leakpath Factor (LPF) Physical barriers to release of hazardous materials Building seismic design basis (SDB: Seismic Design Category/Limit State (SDC/LS)) Chi over Q (X/Q) Location change Definition of site boundary 98

99 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Q UALITY A SSURANCE P ROGRAM A CTIVITIES FOR D ESIGN P ROCESS  Establish formal work processes (document control, verification processes, configuration management)  Training on standards, requirements, work processes  Periodic assessments of documentation  Independent design verifications, validations, assessments  Controlling documents and drawings and changes to them to approved processes  Identifying and controlling design interfaces 99

100 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY AND D ESIGN I NTEGRATION DOE-STD Appendix A – Safety System Design Criteria 100

101 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Purpose of Appendix A Provides objective criteria requirements for specification of the seismic design basis and for safety classifications of safety SSCs  Seismic design basis includes specification of seismic design category (SDC) and limit state (LS) for a safety SSC based on radiological hazards  Adds collocated worker Safety Significant radiological classification criterion along with Safety Class criterion for the public 101

102 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Seismic Design Basis Applies recently published national standards for seismic design of non-reactor nuclear facilities  ANSI/ANS , Categorization of Nuclear Facility Structures, Systems and Components for Seismic Design; and  ASCE/SEI 43-05, Seismic Design Criteria for Structures, Systems, and Components in Nuclear Facilities. 102

103 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Seismic Design Standards  ANSI/ANS 2.26 provides seismic design bases (SDC and LS) for safety SSCs based on unmitigated radiological dose (as modified by DOE) to collocated workers and to the public and on the safety function of the safety SSC.  ASCE/SEI provides the design criteria to use with the seismic design basis (SDB) 103

104 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Seismic Design Criteria *Using the safety classification methodology for public and collocated workers **If the public dose for SDC-3 is exceeded significantly for any project (between one and two orders of magnitude), then the possibility that SDC-4 should be invoked must be considered on a case-by-case basis. Unmitigated Consequence of SSC Failure from a Seismic Event CategoryCollocated Worker*Public* SDC-1Dose < 5 remNot applicable – Defaults to SDC-1 SDC-25 rem < dose < 100 rem5 rem < Dose < 25 rem SDC-3100 rem < dose25 rem < dose** 104

105 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L IMIT S TATES ( EXAMPLES F ROM ANS 2.26) SSC TypeLimit State ALimit State BLimit State CLimit State D Building structural components Substantial loss of SSC stiffness; some margin against collapse Some loss of SSC stiffness; substantial margin against collapse SSC retains nearly full stiffness and strength; passive components will perform normal and safety functions SSC damage is negligible Structures or vessels for containing hazardous material Low hazardous material; vessel not likely to be repairable Moderate hazardous liquids; cleanup and repair expeditious Low pressure vessels with worker hazard if contents released; damage minor Leak tightness must be assured; moderate to high hazard gases/liquids Other SSCs covered include: confinement barriers (glove boxes, ducts), equipment support structures, filter assemblies and housings, etc. 105

106 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C OMPARISON OF SDB TO P ERFORMANCE C ATEGORY 106

107 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S UPPLEMENTAL G UIDANCE FOR ANS 2.26 W HEN S ELECTING SDC S AND L IMIT S TATES (SDB)  Safety analyst, seismic design engineer and the equipment design engineer evaluate the functional requirements for the safety SSC and its subcomponents to determine the appropriate Seismic Design Basis (SDB).  If the safety functions of a safety SSC include confinement and leak tightness, a Limit State C or D must be selected.  Guidance is provided for an SDC-1 or SDC-2 SSC having safety functions requiring Limit States A, B, C or D. 107

108 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY C LASSIFICATION M ETHODOLOGY : P UBLIC P ROTECTION The guidance of DOE G and DOE-STD-3009, Appendix A, should be used in classifying SSCs as Safety Class (SC) for radiological protection –The words “challenging” or “in the rem range” in those documents should be interpreted as radiological doses equal to or greater than 5 rem, but less than 25 rem –In this range (5 to 25 rem), SC designation should be considered, and the rationale for the decision to classify an SSC as SC or not should be explained and justified 108

109 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY C LASSIFICATION M ETHODOLOGY : C OLLOCATED W ORKER P ROTECTION  Use unmitigated accident analysis source term guidance in DOE-STD-3009, Appendix A, Section A.3.2 and DOE G  Use dose of 100 REM TEDE at 100 m  Use ICRP 68 dose conversion factors  Apply X/Q value at 100 m of 3.5E-3 sec/m 3 for the dispersion calculation 109

110 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 B ACKFIT FOR M AJOR M ODIFICATIONS  For major modifications of existing facilities, Appendix A criteria are applicable  Backfit analyses should examine: –The need to upgrade interfacing structures, systems, and components in accordance with these criteria, and – Whether there should be relief for the modification from the design requirements that application of these criteria in design would imply 110

111 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 A DDITIONAL N OTES  ANS 2.27, Criteria for Investigations of Nuclear Facility Sites for Seismic Hazard Assessments, and ANS 2.29, Probabilistic Seismic Hazards Analysis, have been completed and approved  DOE plans to adopt them and to update DOE G (Natural Phenomena Hazard guide) 111

112 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 SAFETY AND DESIGN INTEGRATION DOE-STD Appendix B, Chemical Hazard Evaluation 112

113 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 P URPOSE OF A PPENDIX B  DOE is not invoking mandatory classification of safety SSCs or specifying nuclear design requirements based on chemical hazards alone, but the Standard does provide advisory chemical safety criteria.  The guidance provides a sense of scale as to what is meant by a “significant exposure” in the criterion for classifying SSCs as safety significant. Note: DNFSB has advised DOE to consider the need to effectively implement controls for chemical hazards, including guidance on the design of hazard controls (ref. letter dated 2/22/08, Dr. Eggenberger to Mr. Sell). 113

114 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C ONTENT OF A PPENDIX B Guidance for consideration of Safety Significant designation of SSCs for significant chemical exposures is based on a process of: –Screening chemicals (hazardous materials) to determine those that may have the potential to immediately threaten or endanger collocated workers or the public and –Evaluating the severity of potential exposures against advisory classification criteria for collocated workers and the public Note: Chemical exposure for facility workers is addressed in Appendix C. 114

115 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 A PPENDIX B M ETHODOLOGY Methods for estimating chemical exposures are detailed in Appendix B  Unmitigated chemical consequence analysis should use reasonably conservative values for the parameters related to material release, dispersal in the environment and health consequences  It is desirable to reduce any tendency toward over- conservatism to achieve the risk-informed balance in the design of the SSCs 115

116 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 A DVISORY C RITERIA FOR S AFETY S IGNIFICANT C LASSIFICATION  Public –Exposure > AEGL-2/ERPG-2/TEEL-2  (Potential for irreversible or serious long-lasting health effects)  Collocated Worker –Exposure > AEGL-3/ERPG-3/TEEL-3  (Potential for life threatening health effects or death)  Hierarchy –AEGL, ERPG, TEEL 116

117 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 A DDITIONAL N OTES  DNFSB issue on design guidance for Safety Significant SSCs is being addressed: –in a new draft DOE standard implementing ANSI/ISA (ISA-84), Functional Safety: Safety Instrumented Systems for the Process Industry Sector, –by a revision to DOE G  NNSA and EM each have issued guidance for Natural Phenomena Hazard (NPH) classification based on chemical hazard levels to the public and to workers 117

118 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 EM C HEMICAL H AZARD NPH G UIDANCE  Reference: 4/15/09 memo from Owendoff on Implementation of DOE-STD-1189, Integration of Safety into the Design Process for Environmental Management Activities –Note: also addresses non-seismic NPH –For chemical hazards, use Appendix A X/Q unless heavy gases or high wind/tornados are involved –Criteria of Appendix B will be applied for safety significant designation and PC-3 designation, subject to cost/benefit analysis and consultation with EM HQ  Consult the referenced document for details 118

119 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 NNSA CHEMICAL HAZARD NPH GUIDANCE (S LIDE 1 OF 2)  Reference: 7/9/2009 memo from D’Agostino to the Deputy Administrator for Defense Programs (and others), Guidance and Expectations for DOE-STD , Integration of Safety into the Design Process, Natural Phenomena Hazard Design Basis Criteria for Chemical Hazard Safety Structures and Components –Note: also addresses non seismic NPH –Guidance mandatory for projects not yet in preliminary design (July, 2009) 119

120 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 NNSA CHEMICAL HAZARD NPH GUIDANCE (S LIDE 2 OF 2) –Appendix B criteria suggested for use for safety significant classification and initial categorization of SDC-3 or PC-3 (rad and non-rad) SDC-2 or PC-2 may be justified based on technical or cost/benefit considerations with approval of Acquisition Executive –Similar guidance for in-facility worker protection (SDC-3 or PC-3) when it is necessary for them to remain in the facility after an accident for safety related purposes –Appendix C criteria suggested to be used for safety significant classification for in-facility workers  Consult the referenced document for details 120

121 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY AND D ESIGN I NTEGRATION DOE-STD Appendix C – Facility Worker Hazard Evaluation 121

122 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 H AZARD A NALYSIS A qualitative evaluation of unmitigated consequence to the facility worker (FW) considering: -energetic releases of radiological or toxic chemical materials where the FW would be unable to take self-protective actions; -deflagrations or explosions where serious injury or death to a FW may result; -chemical or thermal burns to a FW that could reasonably cover a significant portion of the FW’s body; and -leaks from process systems where asphyxiation of a FW normally present may result. 122

123 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S IGNIFICANT E XPOSURE  For radiological consequences, the suggested evaluation criterion is 100 rem TEDE.  For chemical exposure, the evaluation criterion is AEGL-3 or equivalent (e.g., ERPG-3, TEEL-3). 123

124 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Q UALITATIVE R ESULTS  By comparing the qualitatively derived FW radiological or chemical consequence to these evaluation criteria, an assessment can then be made about the need for SS preventive or mitigative controls.  Where the qualitative consequence assessment yields a result that is not clearly above or below the evaluation criteria, then the need for SS FW controls shall be more closely considered by the project. 124

125 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY AND D ESIGN I NTEGRATION DOE-STD Facility Modifications 125

126 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Facility Modifications The process for integration of safety into the design of facility modifications is similar to that for new facilities, but it is tailored to the scope, magnitude, and complexity of the modification. 126

127 127 F ACILITY M ODIFICATION P ROCESS

128 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 MAJOR MODIFICATION DEFINITION AND IMPLICATIONS  As defined by 10 CFR 830.3, major modifications are those that “substantially change the existing safety basis for the facility.”  A major modification requires the development of a Preliminary Documented Safety Analysis (PDSA) ( ) and approval of the PDSA by DOE ( ) prior to procurement or construction of the modification 128

129 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 E VALUATING M ODIFICATIONS (S LIDE 1 OF 2)  Simple modifications - existing hazard analysis is adequate for the modification; hazard controls adequately address the modification and associated activities; implementing the existing change control processes is adequate to support the proposed change. 129

130 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 E VALUATING M ODIFICATIONS (S LIDE 2 OF 2)  Note that a simple modification or a less-than-major modification might invoke DOE O 413.3A, and therefore STD-1189, under cost criteria. In those cases, a Safety Design Strategy (SDS) is required, wherein the bases for the modification classification must be described. The SDS also provides the mechanism for tailoring the application of STD

131 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 D ETERMINING A M AJOR M ODIFICATION  It is important to determine the need for a Preliminary Documented Safety Analysis (PDSA) as early as feasible in planning for a modification.  In many situations, the need for a PDSA may be readily discernable with little or no detailed evaluation required.  The Standard establishes criteria for evaluating the need for a PDSA. If a PDSA is warranted, the facility modification is a Major Modification. 131

132 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 M AJOR M ODIFICATION C RITERIA (S LIDE 1 OF 2)  Add a new building or facility with a material inventory > HC 3 limits or increase the HC of an existing facility?  Change the footprint of an existing HC 1, 2 or 3 facility with the potential to adversely impact any SC or SS safety function or associated SSC?  Change an existing process or add a new process resulting in the need for a safety basis change requiring DOE approval? 132

133 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 M AJOR M ODIFICATION C RITERIA (S LIDE 1 OF 2)  Utilize new technology or Government Furnished Equipment (GFE) not currently in use or not previously formally reviewed and approved by DOE for the affected facility?  Create the need for new or revised Safety SSCs?  Involve a hazard not previously evaluated in the DSA? 133

134 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 Safety Design Strategy for Major Modification Where a major modification is found to exist, an SDS should be developed that addresses: -The need for a CSDR or PSDR (as well as the required PDSA) to support project phases -The graded content of the PDSA necessary to support the design and modification -The application of nuclear safety design criteria -The interface with the existing facility, its operations, and construction activities 134

135 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S UMMARY OF M AJOR M ODIFICATION D ETERMINATION P ROCESS  Determine whether the modification is a major modification  Determination involves qualitative evaluations of six criteria  No one criterion is determining  Process relies on judgment based on consideration of all the criteria evaluations, on balance  Process and criteria are described in Ch 8 of the Standard  Specific examples are in Appendix J of the Standard 135

136 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S AFETY AND D ESIGN I NTEGRATION DOE-STD Lessons Learned 136

137 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S OURCES OF L ESSONS L EARNED  DOE Project Reviews  DNFSB Project Reviews  Project Implementation Experience  Implementation Questions from Field  Questions During 1189 Training Sessions 137

138 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L ESSONS L EARNED (S LIDE 1 OF 5)  Need for detailed training on STD-1189 for FPDs, safety leads, engineering leads – Surface level review of the Standard; focus on products (SDS, CSDR, PSDR, etc. instead of understanding the integrating process approach) – Project management, safety, and engineering design personnel should have a level of familiarity with the requirements and guidance relevant to the other disciplines 138

139 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L ESSONS L EARNED (S LIDE 2 OF 5)  Issues missed in application: – Level of HA as function of design stage; – Nuclear criticality safety not included in HA/control identification; – Risk and Opportunity Assessments not carried into Project Risk Management Plan; – Security not included in SDIT 139

140 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L ESSONS L EARNED (S LIDE 3 OF 5)  Need for formality in establishment and activities of Safety Design Integration Team (SDIT)  Project management commitment; designation of an SDIT lead (forcing function for effective communication between safety, design, and engineering) 140

141 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L ESSONS L EARNED (S LIDE 4 OF 5)  Importance of a requirements management system (e.g., Dynamic Object Oriented Requirements System) – Need flowdown of functional requirements to design documentation [System Design Descriptions (SDDs)] – Need management of change – Don’t let development of SDDs get out of sync with safety input and documentation in CSDR, PSDR, PDSA  Need to assess/validate ability of safety SSCs to provide the safety function indicated by hazards analysis 141

142 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L ESSONS L EARNED (S LIDE 5 OF 5)  Role of the Safety Design Strategy (SDS) document –Tailoring of CD phases and safety documentation –Revising conservative safety assumptions with better information as design proceeds –Real time mechanism to achieve consensus on safety in design approaches (living document) 142

143 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 FAQs  Does commitment to O 420.1B criteria mean commitment to the associated guides as well? -Means for choosing/justifying alternative safety design criteria.  Level of detail of DOE review of safety design documents (CSDR/PSDR/PDSA) in meeting O 420.1B safety design requirements.  How to modify early conservative safety design assumptions/approaches. Considerations.  What is Code of Record? 143

144 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 C OMMITMENT T O DOE O 420.1B G UIDES  Does commitment to O 420.1B criteria mean commitment to the associated guides as well? –Guides are not requirements (unless committed to by contract) –DOE expectation is that guides will be followed  Considerations? –Cost –Schedule implications –Equivalent or better outcomes/demonstration thereof 144

145 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 L EVEL OF DOE R EVIEW OF S AFETY D ESIGN D OCUMENTS  What is the level of detail of DOE review of safety design documents (CSDR/PSDR and PDSA) in meeting O 420.1B safety design requirements? –A function of the stage of design –Sufficient to identify issues that need to be addressed in the next stage –Sufficient to determine acceptability of safety-in-design approaches 145

146 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 How to Modify Early Conservative Safety Design Assumptions/Approaches  Potentials for this should be identified in the Safety Design Strategy (SDS, Risk & OA, and the Project RMP)  Modify the SDS and get approval of the update  Considerations –Refined design inputs (process design, MAR, new information…) –Cost and schedule impacts of redesign (e.g., redesign of building structure for lower Seismic Design Category/Limit State (SDS/LC) 146

147 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 W HAT IS THE C ODE OF R ECORD ?  Set of design codes, standards, and other requirements that are the bases for design and operation  Originates at CD-2 (preliminary design approval) and is important to cost basis  Documented through design documents and PSDR/PDSA  Can be added to or modified throughout the life of a facility 147

148 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S UMMARY (T AKE A WAYS ) 1.The importance of the SDS as a consensus document for planning the path forward. 2.The importance of the SDIT and timely communications in the iterative nature of feedback and improvement between safety input and design outputs 3.The importance of the CDSR and PSDR and their approvals as timely communication documents to provide the safety-in-design basis for proceeding to the next design stage 148

149 SAF-280 Integration of Safety into the Design Process, DOE-STD-1189 S UMMARY (T AKE A WAYS ) (C ONTINUED ) 4.Management support and utilization of the 1189 process; utilization of the R &OA; conformance of the project to the Key Concepts and Guiding Principles of The importance of a proactive approach in identifying and addressing safety in design issues in a timely fashion 149


Download ppt "DOE-STD-1189-2008, I NTEGRATION OF S AFETY INTO THE D ESIGN P ROCESS Dr. Richard Englehart, Epsilon Systems Solutions Pranab Guha, HS-21 John Rice, Epsilon."

Similar presentations


Ads by Google