CHAPTER 4: Transition from prevention to mitigation

Transition from prevention to mitigation

Once core damage has occurred, the emphasis shifts from cooling the core to protection of fission product barriers and mitigation of releases. Therefore, EOPs need to contain clear criteria to indicate the need to transit to the SAMG domain, as described in the Module 1, Chapter 4.3.

Although transition criteria are used to determine when to transit from the EOP domain to the SAMG domain, decision making for the transition may also come from the ERO Emergency Director, upon his/her assessment of the plant status. The SAMG development team must, therefore, carefully select the transition method that is most suitable for their plant and ERO.

The transition point for prevention to mitigation does not only involve a different set of strategies, but also a change in focus and objective. The transition marks a clear change in the primary focus of the staff responsible for plant accident response from restoration of core cooling to efforts to terminate severe core damage and preserve containment integrity in order to limit associated radiological releases. As discussed before, plant instrumentation may no longer be reliable, needed equipment may have failed, and may need to be replaced by portable or mobile equipment, resources (water, AC and DC power, diesel fuel, lubricating oil, pneumatic air) may be limited or not available, and planned actions may have negative consequences, up to and including damage to equipment (e.g., an RCP restart at low pressure) or releases (e.g. venting the containment to prevent rupture due to overpressurization).

In order to cope with this higher level of complexity, often a support group is called upon to provide the necessary technical and logistic support, mostly referred to as the Technical Support Centre (TSC). Additionally, there is potential for a shift in the decision making responsibility from the control room to another level in the organizational hierarchy (further discussion of the TSC is in the next section).

The transition may include termination of the use of EOPs, but EOPs can also remain to be used. In the former case, it should be considered that EOP actions which are still useful in SAMG domain should be repeated in the SAMG. In the latter case, it should be clear what to do if there is a conflict between the EOPs and the SAMGs, for example when there are competing demands for resources (water, power).

Some plants decide to exit EOPs and transit to SAMG relatively early (i.e. before actual fuel damage is to be expected) because core damage can result in immediate challenges to fission product boundaries for which an early protection may be warranted (e.g. by hydrogen explosions). In such cases, a return to the EOP domain is sometimes considered possible.

Therefore, the development team should carefully consider the transition from the preventative to the mitigative domain, who is making the decision for the transition and whether a return to the preventive domain can be considered.

In considering the shift of responsibility to another authority, it should be recognised that there may be a delay in executing actions, as the new authority (e.g. the TSC just discussed) needs time to convene at the site, familiarise themselves with the details of the accident and prepare the next actions. The development team should make sure there is an appropriate guidance available to bridge the gap.

The possibility that the TSC and/or necessary ERO members assemble too late or potentially not at all should be considered, e.g. because of difficulty in reaching the plant (e.g. due to large site or infrastructure damage following a beyond design basis external event). Therefore, available plant staff will need to try to cope with the situation. Contingencies should be prepared for this situation, although this may also be considered as a next (future) step in the development and implementation of the SAMG program. - Some countries have developed specific guidance for the situation where large site damage occurs including loss of command and control, often referred to as 'Extensive Damage Mitigation Guidelines (EDMG)'. A description of such guidance is available in NEI 06-12, rev. 2 Read more.

The TSC should declare itself functional when it is ready to execute its obligations, but can only take over authority from the control room if it is ready to give its first recommendation for execution by the control room. This includes that the Decision Maker (see next section) is also ready to decide on upcoming actions. Until that time, the control room exerts full authority and applies the guidance that has been designed to cover the period from the EOP to SAMG transition until the moment it receives its first instructions from the Decision Maker.