engineered and administrative safety systems for the
play

Engineered and Administrative Safety Systems for the Control of - PowerPoint PPT Presentation

Engineered and Administrative Safety Systems for the Control of Prompt Radiation Hazards at Accelerator Facilities James C. Liu (james@slac.stanford.edu) Stanford Linear Accelerator Center (SLAC) Vashek Vylet Thomas Jefferson National


  1. Engineered and Administrative Safety Systems for the Control of Prompt Radiation Hazards at Accelerator Facilities James C. Liu (james@slac.stanford.edu) Stanford Linear Accelerator Center (SLAC) Vashek Vylet Thomas Jefferson National Accelerator Facility (TJNAF) Lawrence S. Walker Los Alamos National Laboratory (LANL) 1

  2. Radiation Safety System (RSS) • RSS: Engineered and/or administrative safety systems to monitor, mitigate and control prompt radiation hazards. • RSS = ACS + RCS • ACS keeps people away from radiation – Ropes, signs, barrier and access controls • RCS keeps radiation away from people – Shielding, beam and radiation interlocks 2

  3. ANSI N43.1 Standard Draft • N43.1 Standard “Radiation safety for the design and operations of particle accelerators” American National Standards Institute (2008?) • Chapters 4, 5 and 6 of the N43.1 Standard draft, as well as some U.S. regulations and standards, are the main basis for this presentation. 3

  4. N43.1 Committee Reviewers • Ted de Castro (LBNL) • DOE • Roger Kloepping (LBNL) • NRC • Robert May (TJNAF) • states • Norman Rohrig (INEEL) • CAMD • Olin Van Dyck (LANL) • FNAL • Paula Trinoskey (LLNL) • CERN • John Drozdoff (TRIUMF, Canada) • KEK, JAPRC • Albert Evans (DOE) • PAL • Wesley Dunn (Texas DHS) • NSRRC, • Vashek Vylet (Duke University) AEC • Larry Larson (Sematech) 4

  5. Disclaimer • N43.1 Standard is not yet approved. Requirements (shall) and recommendations (should) in this chapter should not be quoted as official ANSI positions. • Authors take full responsibility for any errors of this chapter and any discrepancies with the N43.1 standard. • Contributions by N43.1 members and the reviewers are acknowledged. 5

  6. Goals of Presentation • Successful RSS needs a multidisciplinary team • Presented from a health physicist’s, not a system engineer’s, perspective • Health physicist roles for RSS – Analyze radiation hazards; develop policies, requirements and procedures for systems – For interlocked systems • Review and/or approve design, changes, use, and associated operating and testing procedures • Design, install and/or maintain the systems, if limited facility size 6

  7. Contents • U.S. regulations and standards • Radiation Safety System (RSS) • Access Control System (ACS) • Radiation Control System (RCS) • Examples of RSS policies and practices at some accelerator facilities 7

  8. U.S. Federal and State Regulations • 10CFR20 “Standards for protection against radiation” U.S. NRC (1991) • NUREG-1736 “Consolidated guidance for 10CFR20” U.S. NRC (2001) • CRCPD Suggested State Regulations (SSR) “Radiation safety requirements for particle accelerators” (1991) 8

  9. U.S. DOE Regulations • 10CFR835 “Occupational radiation protection” (1998, 2007) • DOE O 420.2B “Safety of accelerator facilities” (2004) • DOE G 420.2.1 “Implementation guide for DOE O 420.2B” (2005) • DOE G 441.5-5 “Radiation-generating devices guide for use with 10CFR835” (1999) 9

  10. Main U.S. Standards • NCRP-88 “Radiation alarms and access control systems” (1986) • ANSI N43.3 “American National Standard for general radiation safety - installations using non- medical X-ray and sealed gamma-ray sources, energies up to 10 MeV” (1993, in revision) • IEC-61508 “Functional safety of electrical, electronic, programmable electronic safety- related systems” (1998) • ANSI/ISA-84.01/IEC-61511 “Functional safety - Safety Instrumented Systems for the process industry sector” (1996, 2004) - does not cover nuclear power facilities 10

  11. Radiation Safety System (RSS) Systems that Protect People from Prompt Radiation Hazards 11

  12. Radiation Safety System (RSS) • RSS is defined as a combination of engineered (passive and active elements) and/or administrative safety systems to monitor, mitigate and control prompt radiation hazards in a graded approach. • Technical, operational and management aspects • RSS = ACS + RCS – ACS keeps people away from radiation – RCS keeps radiation away from people 12

  13. ACS and RCS • Access Control System (ACS) – Ropes and warning signs – Door or gate with locks – Interlocked access control – Beam inhibiting devices (BID) • Radiation Control System (RCS) – Passive systems: shielding, fence – Active systems: beam interlocks and radiation interlocks 13

  14. Facility Safety Assessment and Controls • Identify accelerator beam parameters, facility operation modes (normal and abnormal beam losses), and personnel occupancy • Analyze associated radiation hazards • Develop RSS requirements for risk mitigation and controls • Define Safety Envelope and Operation Envelope • Experience from peer labs 14

  15. 15

  16. RSS Interlock Functional Relationship INPUT OUTPUT INPUT Access Control Warnings Area Secure Operate System Logic Signal Permission Radiation Detectors Radiation Control Area Safe Signal Beam System Logic Inhibiting Operate Devices Permission 16

  17. RSS Interlock Design Considerations • ACS versus RCS (hazards and mitigation) • Both preventive and reactive system types • Develop system functional specification (what) • Develop system integrity specification (well) 17

  18. RSS Interlock Design Considerations • Reliable and high performance – No single-point failures (redundancy) – No common-mode failures (separation and diversification) – Sufficiently fast response time – Protection for harsh environment (radiation, humidity, temperature, vibration, power, etc) – Negligible false or nuisance trips 18

  19. RSS Interlock Design Considerations • Testability • Simple and modular design • Tamper resistance (e.g., concealed door microswitches, protected devices, cables and equipment, locked cabinets) • Ergonomic (easy to use and understand, prevent human error, interface) • Life-time cost and resource 19

  20. RSS Interlock Design Considerations • Interlocked-type ACS (and active RCS) are dormant systems, i.e., no response or action under normal conditions • Self-checking • Fail-safe 20

  21. Fail-safe Design • Definition: One in which the credible failure modes leave the system in a safe condition • Examples of failure: – Loss of AC or DC power – Loss of air pressure – Open or short circuit – Ground fault – Likely circuit element failure modes • Relay - coil burnout • PLC – software bug, uncertain 21

  22. Engineered RSS Operational Requirements and Guidance • Quality assurance (QA) program – Components, workmanship – Design, installation, testing, commissioning and operations • Configuration control (CC) program • Maintenance, repair and modification program • Periodic certification and check programs • Safety systems independent and separated from non-safety systems 22

  23. Engineered RSS Operational Requirements and Guidance • Trained, qualified and authorized individuals • System readiness review • Document and record management program (transferable and auditable) • Self assessment • Peer (internal and external) review 23

  24. RSS for Non-Beam Radiation • Radiation from dark current due to HV and/or RF fields (e.g., cavity, klystron) • Exposure from induced radioactivity in machine components (e.g., beam stops, collimators) • Shielding to reduce activation to air, soil, groundwater • Engineered controls for exposure to activated air 24

  25. RSS Interlock Bypass or Variance • Governed by policies and procedures • Justified • Alternative protection, e.g., radiation source inhibited, tight administrative controls • Written approval via authorized channels • Detailed documentation • Affected systems or areas posted • Involved parties communicated • Normal interlocks restored and verified ASAP 25

  26. RSS Accident 1982, A fatal exposure to Co-60 irradiator in Norway (due to a series of 5 failures!) • Conveyor belt jammed at night (failure #1) • Sources failed to automatically retract into the shielded position (failure #2). • First person arriving at work in the morning found a green indicator light (failure #3) and an unlocked interlocked door (failure #4). • A interlocked radiation monitor normally located in the maze was out for repair (failure #5). 26

  27. 27

  28. Access Control System (ACS) Control Personnel Occupancy in Areas with Prompt Radiation above the Acceptable Levels 28

  29. 29

  30. N43.1 Access Control System (ACS) • Entry and access control modules – Enclosures (ropes and/or barriers) – Personnel entry gates – Warnings and signs – Communication and monitoring features – Exclusion Area (> 10 mSv/h) needs Area Secure System – Emergency response features 30

  31. 31 ACS Entry Module

  32. N43.1 Access Control System (ACS) • Beam Inhibiting Devices (BID) – Power supply for gun or RF, beam safety shutter, electromagnet, etc – Normal access control function – Fault-response beam removal function 32

  33. 33 ACS Mechanical BID (Beam Shutters)

Recommend


More recommend