Bookmark this page

Nuclear Power Plant Safety

Understanding the operations and safety of nuclear power plants

Please note: This video may take a few moments to load.
File size: 60MB Running time: (11:29)

Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player

Video Transcript

All nuclear power plants in Canada use CANDU reactors, a safe, reliable reactor design that has multiple safety systems to minimize the likelihood of an accident and, in the event that an accident occurs, minimize its consequences.

It’s important to understand that, however severe an accident, nuclear reactors in this country can safely shut down and contain radioactivity.

This video will explain how this works.


Nuclear power plants have several safety systems that act as backups to each other.

They perform three fundamental safety functions:

Controlling the reactor and shutting it down.

Cooling the reactor.

And containing radiation


But first let’s look at how a nuclear power plant works.

CANDU nuclear reactors produce heat by splitting atoms of natural uranium.

This produces heat to convert water into steam, which spins a turbine, or generator, to make electricity.


Once used, the uranium - or nuclear fuel - is kept in pools for about 6 to 10 years to keep it cool and provide shielding against radiation.

Unlike Fukushima, spent fuel pools at CANDU nuclear power plants are constructed in the ground.


To help you understand how the different safety systems work in an accident, let’s look at an accident scenario where there is a total station blackout.

This is what happened in Japan at the Fukushima Daiichi nuclear power plant after a 15-meter high tsunami flooded it in 2011.

A total station blackout means there are no longer any power sources available to the station.

It’s important to note that this type of accident would take several days to develop and is unlikely, given the safety systems in place.


When offsite or grid power is lost, the station itself produces enough electricity to maintain all of its systems.

At a multi-unit nuclear power plant, one reactor can provide enough power to maintain all of the other units.


If onsite power is also lost for some reason, shutdown systems are activated automatically, and the reactor stops within two to three seconds.

CANDU reactors have two independent, fast-acting shutdown systems that work without power or worker intervention.


Even though the reactor is shut down, the fuel inside the reactor continues to produce heat and needs to be cooled.

This heat is called decay heat and represents a small fraction of the heat produced during normal operation.


To reduce this heat, natural circulation takes over when the pumps that normally push the coolant through the heat transport system lose power and stop working.

For natural circulation to continue over time, the steam generators need to be filled with cool water.


Standby power generators operate pumps that provide this cool water to the steam generators.

A nuclear power plant needs one or two standby power generators depending on the size of the plant.

But as a precaution, all plants in Canada have three or four available.


If for some reason standby power generators stop working, emergency power generators are then used.

A nuclear power plant requires only one emergency power generator to provide enough electricity to power all of the important safety systems.

But again, as a precaution, all nuclear power plants have at least two emergency power generators onsite.


At this point, to maintain natural circulation, pressure relief valves on the steam generator system open automatically to remove heat.

The steam that is vented into the environment is clean and not radioactive.

Water continues to be added in the steam generators by pumps powered by the emergency power generators.

Together, the pressure relief valves and the added water maintain natural circulation to safely cool the reactor.


Though unlikely, let’s keep going and assume the emergency power generators stop working

We now have a total station blackout.

This means all power sources used to cool the reactor and spent fuel pool, including offsite power, onsite power and the standby and emergency power generators are all unavailable.

Batteries are now powering emergency lighting and essential instrumentation.


Water is now being added by a gravity-driven system connected to a reserve water storage tank.

This keeps enough water in the steam generator to maintain natural circulation.

This also allows time for emergency mitigation equipment to be put in place.


Emergency mitigation equipment includes portable pumps, portable power generators and fire trucks.

These can be used to add water directly into the plant’s systems and ensure vital monitoring equipment is available.

This is a new layer of protection that was added to Canadian nuclear power plants as part of Canada’s response to the accident in Japan.


In a total station blackout, the large amount of water in the spent fuel pools would slowly heat up.

Workers would manually add water as necessary to keep the spent fuel covered by water and cooled.


It is important to remember that up to this point, there have been no releases of radiation into the environment and no damage to the reactor.

With the situation under control, the reactor can return to normal operation, after a number of safety checks are performed.


Through extremely unlikely, let’s say all of these systems fail.

The emergency mitigation equipment stops working and the water in the steam generators evaporates.

The heavy water in the heat transport system starts to boil and radioactive steam is released and contained in the reactor building.

Once the water in that system boils away, there is limited fuel damage.


If nothing is done at this point, the 250,000 litres of heavy water inside the calandria starts to heat up.

The calandria is what holds the fuel.


Supplying water to the calandria, using emergency equipment such as fire trucks, would stop the accident.


Assuming the accident is not stopped, the reactor begins to overheat and the heavy water boils away.

Radioactive steam is released automatically into the reactor building.

The fuel continues to overheat and the reactor is significantly damaged.


At this point, internal pressure inside the reactor building must be lowered.

In a single-unit station, internal pressure is lowered by spraying water from the dousing tank.


In a multi-unit station, pressure is lowered by releasing steam and hot gases from the reactor building to the vacuum building.

The vacuum building is a structure specifically designed to quickly and safely lower pressure inside the reactor buildings.

Both systems work without power.


Again, supplying water to the calandria, using emergency equipment such as fire trucks, would stop the accident.


Assuming the accident is not stopped, all remaining heavy water evaporates.

The exposed fuel begins to melt and the reactor core starts to collapse inside the calandria.

The vault that holds the calandria also holds about 500,000 litres of additional water.

That water now starts to heat up.


When nuclear fuel melts, it creates hydrogen - an explosive gas.

You may remember this from the events in Japan.

In Canada, special devices that convert the hydrogen to water have been installed at nuclear power plants to reduce the risk of explosion.

These devices also work without power.


At this point, federal, provincial and municipal emergency plans have been activated.

To protect the public, health officials have evacuated the area to prepare for controlled venting of either the vacuum building or reactor building.

Controlled filtered venting lowers the internal pressure and reduces the amount of radiation being let out into the environment.


Once again, supplying water to the calandria and vault, using emergency equipment such as fire trucks, would stop the accident.


Assuming the accident is not stopped, all remaining water in the reactor vault would evaporate and the reactor fuel would melt onto a thick concrete slab.


In this unlikely but severe scenario, the reactor building would continue to isolate the reactor from the environment and contain radioactivity.

After the accident, recovery operations would begin to secure the site for its eventual cleanup and decontamination.


The Canadian Nuclear Safety Commission regulates the use of nuclear energy and materials in Canada, to protect the health and safety of Canadians and the environment.

We ensure every nuclear power plant meets rigorous safety and operations standards, to prevent accidents in the first place and, should one occur, minimize its consequences.