Radiochemistry Laboratory for a UK Nuclear Dockyard v2

Rationale: Reactor operations require timely coolant chemistry data to confirm fuel clad integrity and authorise continued power operation. A 4-hour turnaround enables the duty chemist to report results within the same watch period, supporting the submarine's operational programme. Delayed results could force precautionary reactor shutdown with significant fleet availability impact.

Rationale: ONR is the statutory nuclear safety regulator for UK defence nuclear sites. Non-compliance with licence conditions can result in enforcement action including improvement notices, prohibition notices, or prosecution. The laboratory safety case and its compliance arrangements must satisfy ONR inspectors during routine and reactive inspections.

Rationale: The laboratory generates liquid effluent (from sample preparation, washing, decontamination) and gaseous discharges (from fume cupboard and glovebox extracts). EA/SEPA discharge permits set annual limits on total alpha, total beta, tritium, and specific nuclides. Exceeding these limits is a criminal offence and risks permit revocation, which would shut down the laboratory.

Rationale: Laboratory staff handle open radioactive sources daily, creating external irradiation and internal contamination hazards. The 10 mSv/year constraint provides margin below the 20 mSv/year IRR17 legal limit. ALARP is a legal requirement under IRR17 Regulation 9 and is actively enforced by ONR. The 1 mSv/quarter investigation level ensures trends are caught early before approaching annual limits.

Rationale: As a defence nuclear site, the dockyard must account for all special nuclear material to IAEA safeguards-equivalent standards. The laboratory's mass spectrometric and radiometric assay results feed directly into the nuclear material balance. Measurement uncertainty must meet ITVs (e.g. 0.1% relative for U mass, 0.5% for Pu isotopic composition by IDMS) to avoid material unaccounted for (MUF) triggers.

Rationale: Nuclear site licence condition LC35 requires the licensee to make and implement adequate arrangements for decommissioning. ONR Safety Assessment Principles EKP.2 requires that design facilitates decommissioning from the outset. A radiochemistry laboratory handling open sources creates surface contamination that, if embedded in porous materials, would generate significant quantities of intermediate-level waste during decommissioning. Smooth sealed surfaces and modular services are established good practice (IAEA SSG-47) to minimise decommissioning waste volumes and worker dose.

Rationale: The dockyard is a defence nuclear site where nuclear material accountancy data (Pu/U assay results, isotopic compositions) and facility vulnerability information are classified under the government security classification policy. NISR 2003 requires approved security plans for nuclear premises. ONR Civil Nuclear Security division assesses cyber security under the NIS Regulations 2018. LIMS contains safeguards-sensitive data that must be protected from exfiltration or manipulation — loss of integrity in NMA results could mask material diversion.

Rationale: Reactor coolant Cs-137 and Co-60 are primary fuel clad failure indicators. The 0.5 Bq/L MDA at 1-hour count enables detection at levels well below operational action limits (~50 Bq/L for Cs-137) while keeping turnaround within the 4-hour window required by STK-REQ-001. The 30% relative efficiency is the minimum for achieving this MDA in a 1-hour count with typical background.

Rationale: The depression cascade is the primary engineered control preventing airborne contamination from spreading from higher-activity zones to lower-activity zones and occupied areas. The 15 Pa minimum per zone boundary is derived from HSE/ONR guidance for nuclear facility ventilation and ensures that transient events (door openings creating ~10 Pa perturbation) do not reverse flow direction. This directly supports ALARP for inhalation dose.

Rationale: EA/SEPA discharge authorisations require pre-discharge monitoring of every batch to prevent unauthorised releases. Detection limits are set at approximately 1/100th of typical batch concentration limits to ensure measurement uncertainty does not risk a non-compliant discharge being authorised. Batch-level recording enables retrospective audit of cumulative annual discharges against permit limits.

Rationale: Nuclear material accountancy for Pu requires quantification at environmental background levels to confirm there is no unaccounted material migration. The 0.5 mBq detection limit is consistent with IAEA requirements for environmental swipe analysis. 25 keV resolution is needed to resolve Pu-238 (5.499 MeV) from Am-241 (5.486 MeV) and Pu-239 (5.157 MeV) from Pu-240 (5.168 MeV) — failure to resolve these peaks invalidates isotopic ratios critical for material identification.

Rationale: LC25 requires the licensee to keep adequate records of operations. ISO 17025 clause 8.4 requires control of records including protection against unauthorised changes. The audit trail provides the evidential basis for demonstrating that analytical results are traceable, unaltered, and properly authorised — essential for both regulatory compliance and legal admissibility of results in nuclear safety cases.

Rationale: Airborne alpha contamination from Pu compounds is the highest-consequence hazard in the laboratory (committed effective dose per unit intake: 5×10⁻⁵ Sv/Bq for Pu-239 Type S). Detection at 1/10th DAC provides early warning before significant intake occurs. The 60-second detection time is constrained by the filter collection and counting statistics of continuous air monitors operating at 1-2 L/min flow rate. The 5-second alarm latency ensures personnel can respond (evacuate or don respiratory protection) before accumulating significant intake.

Rationale: Tc-99 is a long-lived beta emitter (t½ 2.13×10⁵ years) present in spent fuel and is specifically listed in EA discharge authorisations. LSC measurement of Tc-99 requires prior radiochemical separation, whereas ICP-MS provides faster direct determination at lower detection limits. The 0.05 Bq/L limit is 1/20th of typical batch discharge action levels and the 15% uncertainty at 10× LOD meets ISO 11929 requirements for regulatory reporting.

Rationale: HEPA filtration is the final barrier preventing airborne radioactive particulate discharge to atmosphere. Twin-bank configuration provides redundancy — if one bank fails or is being changed, the second maintains protection. The DF of 1000 per bank (combined DF of 10⁶) reduces stack discharge to negligible levels even during worst-case glove failure or spill events. In-situ DOP testing per BS EN 1822 confirms installed performance, as factory tests do not account for bypass leakage at frame seals.

Rationale: Nuclear site licence condition LC24 (fissile material) requires the licensee to ensure criticality cannot occur. The 50% margin provides conservative protection against accumulation errors and credible upset conditions. Two independent barriers (e.g. mass limit AND geometry control) ensure that no single failure leads to a critical configuration. This is particularly important during fuel element dissolution where fissile material is in solution form with higher reactivity than solid metal.

Rationale: Tritium is produced by neutron activation of boron in PWR coolant and Li in primary circuit materials. It is a key indicator of coolant chemistry status and fuel performance. The 1 Bq/L detection limit is well below the typical coolant concentration (~10⁴-10⁶ Bq/L) but is needed for environmental monitoring of non-active drainage and groundwater. The 120-minute counting time keeps turnaround within the 4-hour operational requirement. FOM > 400 requires Quantulus-class counters with active guard counting.

Rationale: LIMS stores safeguards-relevant nuclear material accountancy data whose integrity directly affects material balance reporting. ONR CNS guidance requires defence-in-depth for computer-based systems on nuclear sites. Network segmentation prevents lateral movement from compromised office networks to safety or safeguards systems. MFA prevents credential theft enabling unauthorised data modification. AES-256 encryption at rest protects against physical media theft from the site.

Rationale: LC35 requires decommissioning arrangements to be maintained throughout the facility lifetime. A radiochemistry laboratory accumulates activation and contamination records over decades of operation. Without systematic recording from day one, decommissioning characterisation requires expensive physical sampling of every surface. The database enables waste categorisation estimates and dose predictions essential for decommissioning safety case development.