DOE Accelerator Safety Workshop (ASW2010)

Tuesday, 8/17/10 SesssionB (1:00 – 3:30 p.m.)

Facilitator: Ed Lessard

Key Discussion Topics:

  • Proposed Terminology Changes
  • Interface with DOE Rules, Orders and Guides
  • Other – topics from morning session or from the floor
  1. Parking Lot: Criticality; what do we do for additional controls for Category 2 materials?
  2. Terminology Discussion: accelerator vs. nuclear terms –will highlight what is important.
  3. Accelerator Facility: what it is bounded by physically. Ref. 10CFR830 – definition is in the draft, similar to what is in the Guide; was not in the old order.
  4. Two types of accel facilities; excludes various items – does not include accelerators & ops so we had to define them. NOT a non-reactor facility.
  5. Non-reactor & reactor facility – drew the line at “creating a radiological area.”
  6. “Nuclear” dates back to AE Act; Congress left leeway for further definition.
  7. “Operations” definition – could include accelerator operations. Not found in 830, whereas Accelerator Operations is.
  8. “Accelerator safety envelope”: like Technical Safety Requirements (which have actions, as opposed to just admin controls).
  9. Is authorization agreement equivalent? DOE approves the ASE – to operate within these parameters. Plus a letter from DOE after an ARR. (DOE doesn’t approve the SAD.)
  10. “Authorized Alternative”: used 3 times in the Guide but not defined there or in order. Lessard outlined his approach/definition, with examples. Been vetted through the ASE.
  11. “Limiting Condition for Operations” –perhaps needs to be defined in the Guide – may be applicable to ASEs.
  12. Justification for Continued Operation (JCO) labs – applicability? Conditions already pre-thought-out (therefore different from JCO) – already in your SAD. This was never pushed up into the definitions section of the Guide.
  13. K. Jobe: examples don’t reinforce the idea that safety docs are supposed to be crisp & streamlined. Lessard: not simply listed in the ASE; more efficient system. In SAD or other basis docs which might relate to something in our other mgmnt systems, it may be more detailed.
  14. “Commissioning” – most significant diff between us & nuclear facilities. Had a smaller def in the Guide – reviewed current version, with more explanation. You do commissioning in nuclear business to end up with a turn-key operation - finishing up entire project, e.g., systems documented & tested. In accelerator arena, we may create hazards during the commissioning process. Nuclear: energy source and hazard are the same. Accelerator: energy source goes away, hazard is not present.
  15. NOTE: Don’t get a clear definition of the commissioning process. Possible methods: conclusion of commissioning, ready for ARR – not clear it’s a 2-step process.
  16. Must have an ARR before you run beam. First bullet at end of sentence: “…following the completion of an ARR”.
  17. ACTION: Leave first sentence as is and put the rest in the Guide.
  18. “Credited Controls”: not in order, used 12 times in the Guide; not in def section though. Key word is “essential” – controls should be limited. Probably should go into the Guide rather than the order. Discussion –SNS addressed this about 5 years ago with an effective crosswalk (nuclear vs. accelerator terms)- LANL modeled theirs after SNS. Would leave first sentence in definition and put the rest in the Guide. (ACTION)
  19. SUGGESTION: EFCOG – element of the nuclear world with many subgroups – if we could develop something similar, we’d get more bang for our buck – working groups on an interim basis.
  20. “Hazard Controls”: includes many aspects.
  21. Able to change physical names of controls so long as I have them present (K. Jobe); when you say the ASE is going to “name” them – I’m stuck with a) it’s all taken care of; or b) here they are & give you 23 doc numbers with no possibility of revision. Don’t understand intent here.
  22. Lessard: different engineer controls you might want to change out – config control program that asks if change out changes the safety basis? If “yes” then a positive USI & DOE approval needed; otherwise, just document that you changed that particular device as part of config control process.
  23. Basically just saying “show me how you are going to maintain these.” Not going to define every aspect of your interlock system in your ASE, for example.
  24. Scott: needed to define certain terms in the order so we didn’t have to depend on the Guide.
  25. In CRD, say that SAD must have detailed description of engineered controls.
  26. “Administrative Controls” have to be essential for the safety of the public. Not in 830 but recent Guide helps you work on TSRs; similar definition re: violation of an ASE should be reported.
  27. “Specified” or “Special” Administrative Control – a term of art. SAC is often quantitatively defined – ACTION: look up this definition and see how this aligns with our goals/needs. This is more written like a safety management program. May be too high level and needs to be more specific. Need to fix it in the Guide. Or leave this one the way it is and develop additional one based on nuclear definition.
  28. Scott: struggled with how to capture intent with a term – so that when we’re talking from facility to facility, it means the same thing.
  29. Which are credited admin controls and which are operational? (KJ)
  30. Example: certain level of staffing in MCC – would not run an accelerator without this expertise – therefore in the ASE (including level of operator training required).
  31. Scott: took certain things out of CRD (per Jim’s discussion); counting on discussion between facility and their site office.
  32. “Minimum operable equipment” – LCO land in nuclear space – certainly not administrative (LANL rep). ACTION: may need to clean this up for the Guide – risk of ambiguity.
  33. “Credited Engineered Controls”, “Safety Class Structures,…: necessary rather than particular safety function? Lessard: agreed.
  34. Where’s the line of what you include in ASE? Lessard: inside SAD – hazards not routinely covered in industry yet essential.
  35. Don’t draw distinction in accelerators (“significant”) like nuclear does. E.g., long and detailed list of systems (like for like exchanges/engineering equivalency). K. Jobe: SLAC’s Beam Authorization Sheet (BAS) is very detailed – specifically called out in ASE.
  36. We do this for essential safety equipment – follow a similar process with the rigor sufficient for our needs (internal rigor without mandated documentation).
  37. “Criticality” –on basis of configuration alone.
  38. “Hazard Analysis” – 413.3A Order; CD – 0, 1, 2, 3, & 4 process – need this term carefully defined. Nuclear is well-described – what they mean by Haz Analysis. Discussed his proposed definition. Has more in it than nuclear; needs to be developed at the CD-2 level – do we want this level of definition? Guide says “safety analysis” instead of “hazard analysis”.
  39. 413 is fairly new – do we want such a hefty haz analysis definition????
  40. Also understood in private industry for chem operations, etc. – generic. Not concerned that first def is overly-prescriptive. 413 requires a decision point, not to operate a facility. Lessard: don’t want to have to produce equiv of an SAD at CD-2 level before you have your $$.
  41. Lessard: recommends we tone down def of haz analysis to get through CD-2 process.
  42. Section 4 in Guidance doc is detailed. We want a document process to identify the hazards and measurements taken to minimize risks – otherwise see 14 pages in Guidance doc.Should not become too prescriptive.
  43. “Documented process with graded approach to identify hazards….”: keep it simple!
  44. Lessard: go back to the term used in the Guide, i.e., safety analysis – and then go to industry standard for hazard analysis.
  45. 2004 the term safety analysis was chosen – if we’re going to keep it in the order, change Hazard Analysis to Safety Analysis. (POSSIBLE ACTION)
  46. Scott: project haz analysis requirements – tell us what your safety mgmnt systems are to control these? When operating, it’s from a different vantage point, related to a given operation. It’s where you are sitting in time….cautions us that we have to see from where we are looking.
  47. Lessard: Could remove it, or use “safety” in place of the term “hazard” so not confused in describing the CD process. ACTION by Consensus: Re-name hazard analysis to safety analysis rather than remove.
  48. Discussion re: semantics – keep the term and base it on definition agreed upon. (SAD says it must contain a haz analysis but really means a safety analysis.)
  49. Incorporate S. El-Safwany’sdefinition of a hazard analysis: “a documented process to systematically identify the hazards of a given operation” (ACTION)
  50. “Maximum Credible Incident” –Keep whole section in Guide.
  51. “Documented Safety Analysis” – OK
  52. USI –well-planned process to keep the USI up to date.
  53. “Unreviewed Safety Issue” –change “as found” to “discovered” – less baggage.
  54. “Activities that exceed the bounds…” – oftentimes no re-start involved. Change to “as planned”. Ref this morning’s notes for related discussion.
  55. ARRs discussion: OK as is.Clarification: in fact, do have it defined in the order/definitions.
  56. Proposed change of name for accelerator terms (per Malosh request): general consensus is that the community doesn’t want to change these.
  57. Management Safety Assessment (MSA) – LANL-only? Yes.
  58. DOE Directives – NEW TOPIC: usually applied through the contracting process.
  59. PAAA applies to multiple orders. Can’t fine us because we’re accelerator facility. Therefore don’t belong under nuclear order.
  60. Clarification: You can be fined for an 835 violation.
  61. Lessard: clarification re: AEA, 10CFR835, etc. (Slide 21)
  62. Interface with DOE Directives: comparison between those unique to accelerators and those unique to nuclear.
  63. Correction: Rules/standards are not in DOE directives (instead, they are requirements documents).
  64. Accelerator vs. Nuclear Hazards: different requirements set.
  65. Accelerator Operations with a Potential Criticality Hazard: individual facilities can have certain requirements put upon them.
  66. Issues raised by having 2 kinds of authorization docs in same facility (nuclear & accelerator): deserve different points of focus.

1