• Emergency core cooling/injection systems, based on gravity driven or compressed nitrogen driven fluid circulation, initiated by fail safe logic actuating battery powered electric or electro-pneumatic valves;

• Emergency core cooling systems, based on gravity driven flow of water, activated by valves which break open on demand (if a suitable qualification process of the actuators can be identified);

• Emergency reactor shutdown systems based on gravity driven, or static pressure driven control rods, activated by fail-safe trip logic.

Some non-conventional terms used in this report

(1) The wording ‘reactor line’ is used to denote the totality of known designs of reactors of a given type, e. g., the reactor lines considered in the present report are pressurized water reactors, pressurized light water cooled heavy water moderated reactors, high temperature gas cooled reactors, sodium cooled and lead cooled fast reactors, and non-conventional reactor designs.

(2) Several designers of SMRs addressed in this report use the wording ‘passive shutdown’ to denote bringing the reactor to a safe low-power state with balanced heat production and passive heat removal, with no failure to the barriers preventing radioactivity release to the environment; all relying on inherent and passive safety features only, with no operator intervention, no active safety systems involved, and no external power and water supplies necessary, and with an infinite grace period for practical purposes.

(3) The wording ‘reactor self-control’ is used by the designers of SMRs to refer to the capability of an reactor to self-adjust reactivity and power levels in a way that prevents the progression of a abnormal operation occurrence or a design basis accident into a more severe stage, without the operation of active safety systems or operator intervention.

(4) Descriptions of the passive safety design features of SMRs, contributed by Member States and given in Annexes I-X of this report, may occasionally include the following terms that are not accepted internationally but are in use in certain Member States:

• In India they may use the term ‘incident conditions’ instead of ‘accident conditions’ defined in NS-R-1 [2];

• In France they may use the term ‘intrinsic safety feature’ with a meaning corresponding to ‘inherent safety feature’ used by the IAEA [2];

• In the Russian Federation, the term ‘self-protection feature’ is sometimes used to denote a capability of a reactor to bring itself in safe state in a certain unprotected transient without human intervention. It is used to denote a combination of inherent and passive safety features and also includes passively actuated or permanently operating passive safety systems;

• Also in the Russian Federation, the term ‘self-defence principle’ is sometimes used in application to innovative reactors to define use of reactor inherent and passive safety features and passive safety systems to ensure ‘deterministic type’ protection from more important severe accidents;

• In the USA, within I-NERI and Generation IV programmes, the term ‘passive safety’ is used in a meaning very close to what IAEA-TECDOC-626 defines as inherent safety characteristic. Specifically, ‘passive safety’ includes such phenomena: the core is always covered with coolant, or elimination of a possibility to lose the flow of a primary system;

• The IRIS team led by Westinghouse (USA) uses the term ‘safety-by-design’ to characterize an inherent safety feature where postulated accidents by design: 1) are outright eliminated, or 2) have reduced probability of occurring, and/or 3) have reduced consequences;

• Regarding passive design options not related to safety, the term ‘passive load follow’ is used in the USA to denote self-adjustment of a reactor power due to reactivity feedbacks following changes of heat removal;

• In the USA, the term ‘pre-conceptual design’ is used to denote the early design stage, referred to as ’feasibility study’ in [7];

• Also in the USA, the term ‘to design-out certain events’ is used to denote essential suppression or elimination of certain events by design.

REFERENCES TO APPENDIX III

[1] INTERNATIONAL ATOMIC ENERGY AGENCY, Innovative Small and Medium Sized Reactors: Design Features, Safety Approaches and R&D Trends, IAEA-TECDOC-1451, IAEA Vienna (2005)

[2] INTERNATIONAL ATOMIC ENERGY AGENCY, Safety of Nuclear Power Plants: Design IAEA Safety Standards Series No. NS-R-1, IAEA, Vienna (2000)

[3] INTERNATIONAL ATOMIC ENERGY AGENCY, Safety Related Terms for Advanced Nuclear Plants, IAEA — TECDOC-626, IAEA, Vienna (1991).

[4] INTERNATIONAL NUCLEAR SAFETY ADVISORY GROUP, Defence in Depth in Nuclear Safety, INSAG-10, IAEA, Vienna (1996).

[5] INTERNATIONAL NUCLEAR SAFETY ADVISORY GROUP, Basic Safety Principles for Nuclear Power Plants: 75-INSAG-3 Rev. 1, INSAG-12, IAEA, Vienna (1999).

[6] INTERNATIONAL ATOMIC ENERGY AGENCY, Terms for Describing New, Advanced Nuclear Power plants, IAEA-TECDOC-936, IAEA, Vienna (1997).

[7] INTERNATIONAL ATOMIC ENERGY AGENCY, Status of Innovative Small and Medium Sized Reactor Designs 2005: Reactors with Conventional Refuelling Schemes, IAEA-TECDOC-1485, IAEA, Vienna (2006).