Safety of small sized heat and power plants with KLT-40S reactors is ensured by the incorporated defence in depth strategy. It includes a plan for accident prevention and mitigation, and envisages the use of a system of physical barriers on the possible pathways of propagation of the ionizing radiation and radioactive materials to the environment. The incorporated defence in depth strategy also provides for the use of a system of technical and organizational arrangements to protect the barriers and retain their effectiveness, and includes measures for protection of the personnel, population and environment.

The structure of the defence in depth system is based on the recommendations of IAEA [I-2, I-3], providing for the following levels:

Level 1 — Prevention of abnormal operation and failure;

Level 2 — Control of abnormal operation and detection of failure.;

Level 3 — Control of accidents within the design basis;

Level 4 — Control of severe plant conditions, including prevention of accident progression and mitigation of consequences of severe accidents;

Level 5 — Mitigation of radiological consequences of significant release of radioactive materials.

The role of inherent and passive safety features and of active and passive safety systems of the KLT-40S nuclear installation at certain levels of defence in depth is highlighted in brief below.

Level 1: Prevention of abnormal operation and failure

Inherent safety features contributing to this level are the following:

—Negative reactivity coefficients on fuel and coolant temperature and on specific volume of the coolant; negative reactivity coefficients on steam density and integral power in the whole range of reactor operation parameters;

—High thermal conductivity of fuel composition defining its relatively low temperature and, correspondingly, low stored non-nuclear energy;

—The use of compact modular design of the steam generating unit with short nozzles between the main equipment, and with no long or large diameter primary pipelines;

—The use of flow restriction devices to exclude large and medium break loss of coolant accidents (LOCAs), by design;

—Ultimately leaktight design of the primary circuit based on welded joints, packless canned pumps, and leaktight bellows sealed valves;

—Favourable conditions for the realization of a ‘leak before break’ concept in application to structures of the primary circuit, provided by design;

— The use of a gas pressurizer system that excludes failures of the electric pressurizer heaters;

—The use of a steam generator with lower pressure inside the tubes in normal operation mode, which reduces the probability of a steam generator tube rupture (SGTR) accident.

Level 2: Control of abnormal operation and detection of failure

The Level 2 contribution comes from active systems for the control, mitigation, protection and diagnostics used in the KLT-40S nuclear installation.

Level 3: Control of accidents within the design basis

The Level 3 contribution comes from the following inherent and passive safety features, provided by design:

—Limitation of an uncontrolled movement of the control rods (e. g., due to external impact loads or a break of the control and protection system (CPS) drive casing) by an overrunning clutch, or by movement limiters for an accident with the CPS drive bar break;

—The use of once-through steam generators, which limit the rate of heat removal via the secondary circuit in case of a steam line break accident.

—High heat capacity of the nuclear installation as a whole, resulting from high heat capacity of the primary coolant and metal structures, from the use of a ‘soft’ pressurizer system, and from a safety margin provided by design for the depressurization of the primary system under emergency pressure increase;

—Installation of restriction devices in the pipelines of the primary circuit systems and connection of these pipelines to the ‘hot’ part of the reactor.

Also for Level 3, the following passive safety systems of the KLT-40S provide a contribution:

—Insertion of scram control rods into the core by the force of accelerating springs;

—Insertion of shim control rods into the core by the force of gravity;

—The use of a passive emergency heat removal system (EHRS), using natural convection of coolant in all circuits and evaporation of water in the storage tanks;

—The level of natural convection flow in the primary circuit is adequate for core cooling in the case of all MCPs being switched off;

—The use of self-actuating devices in emergency reactor shutdown system and in the EHRS.

Level 4: Control of severe plant conditions, including prevention of accident progression and mitigation of consequences of severe accidents

The contribution for Level 4 comes from the following inherent and passive safety features, provided by design:

—The protective enclosure;

Also for Level 4, the following passive safety systems of the KLT-40S provide a contribution:

—The ESSC hydro-accumulators, which ensure a time margin for accident management in case of a failure of the active ECCS systems;

—Passive system of reactor vessel bottom cooling, which ensures in-vessel retention of core melt;

—Passive containment cooling system, provided to reduce containment pressure and limit radioactive release.

Level 5: Mitigation of radiological consequences of significant release of radioactive materials

The mitigation of radiological consequences in the case of a significant release of radioactive materials is assumed to be provided for mainly through administrative measures.