Home  /  PRODUCTION  /  Plant units  /  OL1 and OL2  /  Safety features

Safety features

Nuclear power plants observe defense-in-depth safety principles and deploy multiple release barriers. The diverse and redundant safety systems reduce the probability of accidents.

The OL1 and OL2 plant units have quadruple safety systems in place. Should one system fail, the other redundant systems are capable of executing the required safety functions. This means that operator errors or even multiple equipment failures cannot cause a severe accident. In addition to these, the safety systems have been implemented according to the defence-in-depth philosophy, which ensures that even simultaneous failures in active equipment will not have intolerable consequences.

TVO has implemented modifications in Olkiluoto to improve the safety of the plant throughout its operating life. New improvements in safety will be designed and implemented also in the future.

parallel_principle_EN.png


Control of three variables

The operation of the OL1 and OL2 plant units is based on the control of three variables in all situations. These interdependent variables are power, pressure, and primary circuit water level. Limits have been defined for each of these variables. If a limit is exceeded, protection functions are immediately launched to automatically return the plant unit to a safe state.

Protection systems

The starting point for the safety concept is that a user error or even a series of equipment failures cannot alone lead to a severe accident. Systems performing the most important safety functions must be able to carry out their functions even if any individual component in the system fails to operate and any component affecting the safety function is simultaneously inoperable due to repair or maintenance. The plant protection systems complement the plant’s safety features and will stop power production under any situation where the safety features alone are not enough to protect the plant. Such protection systems include the reactor trip systems, for example. When necessary, these systems will insert the rod cluster control assemblies into the reactor core within 3–4 seconds and shut down the reactor.


Securing emergency cooling

Power supply to the emergency cooling systems has been secured in many ways at the Olkiluoto nuclear power plant:

  • In normal operating conditions, power supply is arranged from the plant unit's own main generator.
  • If the main generator of the plant unit is not available, power is supplied from the national 400 kV or 110 kV networks. Special arrangements are also in place for connecting power supply directly from the Harjavalta hydropower plant or through the 20 kV network of Paneliankosken Voima.
  • Both plant units have four diesel generators which will start up automatically in case of loss of power supply. A connection between the OL1 and OL2 plant units also makes it possible to supply power from the diesel generators to the other plant unit. In addition, in so-called island operation any one of the power plants in Olkiluoto can transfer the energy produced at the plant to the other plant units through the 400 kV network.
  • Electricity generated by the emergency power plant (gas turbine plant) in Olkiluoto can be supplied to both of the plant units either via underground cabling or the 110 kV switchyard.
  • Uninterrupted operation is required of the instrumentation and control circuits of the safety systems and for this reason their power supply is backed up with batteries.

Various preventive measures are used to prepare the OL1 and OL2 plant units for plant malfunctions. Comprehensive multi-level protection and control systems and operating models have been prepared to cover potential accident situations. Through mitigation measures, radioactive substances will be isolated from the environment, thus preventing permanent damage due to exceptional and unlikely accidents.

Data is continuously gathered on all disturbances and failures that occur at the plant units to improve TVO’s operations and safety. All cases are analyzed and the underlying causes are revealed. Based on these, necessary changes are made to devices and operating routines. Minor near miss situations are also taken into consideration. A similar method is used to analyze and assess any operating incidents occurring at other nuclear power plants around the world. Information about these is received through international reporting systems, such as WANO and IAEA.