Defence in Depth
Defence in depth is a nuclear safety concept that aims to prevent and mitigate accidents through overlapping layers of protection, and it is applied to all operating nuclear facilities in Canada. With this layered approach, no matter how robust and complex any one layer of safety is, there are always subsequent layers of redundant protection in place.
Five layers of defence
Nuclear facilities in Canada operate with 5 independent and redundant layers of defence in depth.
Level 1 – Prevention of abnormal operation and failures
The first layer of defence encompasses items within the facility itself: design, construction, operation, and maintenance. This layer works to prevent incidents and equipment failures from occurring in the first place. It includes areas such as operating processes, material selection, comprehensive training and manuals, and protection against internal and external hazards.
Level 2 – Control of abnormal operation and detection of failures
The second layer of defence deals with detecting incidents and failures. Returning the plant to a state of normal operation as soon as possible can prevent events from escalating to an accident. Items such as diagnostic tools and equipment, along with regular quality and compliance control and inspections, are critical at this level.
Level 3 – Control of accidents within the design basis
The third layer aims to control and minimize the consequences of unlikely accidents by:
- triggering inherent safety features
- incorporating fail-safe design
- having additional equipment
- mitigating procedures to minimize damaged fuel and keep the reactor core intact
Operations at this level are meant to maintain barriers and containment through sophisticated safety systems at the facility level to ensure that any radiation releases are avoided.
Level 4 – Control of severe plant conditions
With the defence-in-depth approach, measures taken at the first 3 levels ensure the structural integrity of the core and limit severity of accidents. The fourth layer moves from prevention to mitigation: it delivers accident management processes and systems that aim to reduce consequences of severe core damage and to lower the risk of a radiological release that would require protective actions.
Level 5 – Mitigation of radiological consequences
The fifth layer aims to mitigate consequences of a radiological release, in the highly unlikely event of a severe accident not controlled through the preceding layers. Here, the focus is on comprehensive offsite emergency planning and response to address protective actions, interventions and coordination to protect the public and the environment. As with all onsite safety features of operating nuclear facilities in Canada, offsite emergency preparedness must also be exercised regularly. Stringent measures, controls and regulatory oversight are in place to ensure that there is a very low probability of approaching level 5.
Evaluating defence in depth
The overlapping safety measures of defence in depth must be periodically exercised, evaluated, and improved upon. The CNSC has inspectors onsite at every nuclear power plant operating in Canada with the sole purpose of verifying that plant operators demonstrate compliance with safety standards, including those outlined here. The inspectors monitor 14 safety and control areas pertaining to the people, the plant and the processes in operation.
Supporting regulatory information
- REGDOC-2.5.2, Design of Reactor Facilities: Nuclear Power Plants
- REGDOC-2.3.2, Accident Management
- REGDOC-2.4.1, Deterministic Safety Analysis
- REGDOC-2.4.2, Probabilistic Safety Assessment (PSA) for Reactor Facilities
Additional resources
- Safety at Pickering Nuclear - Defence in Depth - YouTube (Ontario Power Generation)
Page details
- Date modified: