EN ISO 7753:2025

SLOVENSKI STANDARD
01-december-2025
Jedrska varnost pred kritičnostjo - Uporaba alarmnih sistemov za obvladovanje
kritičnih nesreč pri obratovanju (ISO 7753:2023)
Nuclear criticality safety - Use of criticality accident alarm systems for operations (ISO
7753:2023)
Kritikalitätssicherheit - Einsatz von Kritikalitätsdetektions- und Alarmsystemen im Betrieb
(ISO 7753:2023)
Sûreté-criticité - Systèmes de détection et d’alarme de criticité dans le cadre de
l’exploitation (ISO 7753:2023)
Ta slovenski standard je istoveten z: EN ISO 7753:2025
ICS:
13.280 Varstvo pred sevanjem Radiation protection
13.320 Alarmni in opozorilni sistemi Alarm and warning systems
27.120.20 Jedrske elektrarne. Varnost Nuclear power plants. Safety
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EN ISO 7753
EUROPEAN STANDARD
NORME EUROPÉENNE
September 2025
EUROPÄISCHE NORM
ICS 27.120.20
English Version
Nuclear criticality safety - Use of criticality accident alarm
systems for operations (ISO 7753:2023)
Sûreté-criticité - Systèmes de détection et d'alarme de Kritikalitätssicherheit - Einsatz von
criticité dans le cadre de l'exploitation (ISO Kritikalitätsdetektions- und Alarmsystemen im Betrieb
7753:2023) (ISO 7753:2023)
This European Standard was approved by CEN on 22 September 2025.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this
European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references
concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN
member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management
Centre has the same status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2025 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN ISO 7753:2025 E
worldwide for CEN national Members.

Contents Page
European foreword . 3

European foreword
The text of ISO 7753:2023 has been prepared by Technical Committee ISO/TC 85 "Nuclear energy,
nuclear technologies, and radiological protection” of the International Organization for Standardization
(ISO) and has been taken over as EN ISO 7753:2025 by Technical Committee CEN/TC 430 “Nuclear
energy, nuclear technologies, and radiological protection” the secretariat of which is held by AFNOR.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by March 2026, and conflicting national standards shall
be withdrawn at the latest by March 2026.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national standards body.
A complete listing of these bodies can be found on the CEN website.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and the
United Kingdom.
Endorsement notice
The text of ISO 7753:2023 has been approved by CEN as EN ISO 7753:2025 without any modification.

INTERNATIONAL ISO
STANDARD 7753
Second edition
2023-09
Nuclear criticality safety — Use of
criticality accident alarm systems for
operations
Sûreté-criticité — Systèmes de détection et d’alarme de criticité dans
le cadre de l’exploitation
Reference number
ISO 7753:2023(E)
ISO 7753:2023(E)
© ISO 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
ISO 7753:2023(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 General design, detection principle . 2
4.1 CAAS functions. 2
4.1.1 Main function . 2
4.1.2 Additional functions (optional) . 3
4.2 Resilience . 3
4.3 Detection criterion . 3
5 Management of unavailability .4
6 System design . 4
6.1 General . 4
6.2 Alarm. 4
6.3 Connections . 5
6.4 Failure of detectors, false alarms, detection logic . 5
6.5 Obsolescence, replacement parts . 5
6.6 Supervising . 5
7 Criteria for positioning .6
7.1 General . 6
7.2 Positioning of detectors and detection zone . 6
7.3 Alarm signal . 6
7.4 Positioning of other CAAS components . 6
8 Testing. 6
9 Personnel familiarization . 7
Annex A (informative) Elements for the definition of the minimum accident of concern .8
Annex B (informative) Principles for CAAS detectors positioning .16
Annex C (informative) Examples of CAAS need considerations .24
Bibliography .28
iii
ISO 7753:2023(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 85 Nuclear energy, nuclear technologies,
and radiological protection, Subcommittee SC 5 Nuclear installations, processes and technologies.
This second edition cancels and replaces the first edition (ISO 7753:1987), which has been technically
revised.
The main changes are as follows:
— clarification of the scope and title: this standard is intended for CAAS users;
— improved differentiation with IEC 60860, intended for CAAS designers, manufacturers, providers…;
— removal of CAAS need considerations from the normative part;
— more open definition of the MAC to reflect the variety of practices and possibilities;
— more developed clauses regarding management of unavailability, reliability, positioning of CAAS
components;
— addition of a “continuum of detection” concept;
— better integration with other existing ISO standards related to criticality-safety (ISO 1709,
ISO 11320, ISO 27467, ISO 14943, ISO 16117 and ISO 21391);
— rewriting and expansion of informative Annexes A and B:
— Elements for the definition of the minimum accident of concern;
— Principles for CAAS detectors positioning;
— creation of an informative Annex C: Examples of CAAS need considerations.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
iv
ISO 7753:2023(E)
Introduction
Nuclear criticality safety programs at facilities that might use or store significant quantities and
concentrations of fissile material are primarily directed at avoiding nuclear criticality accidents.
However, the possibility of such accidents exists and the consequences can be life-threatening. Nuclear
criticality accidents are complex events that can take various forms and without warning signs. For
facilities that are judged to have potential for a nuclear criticality accident, the defense-in-depth
principle requires limiting their radiological consequences.
Criticality accident alarm systems (CAAS) provide a means to detect nuclear criticality accidents and to
trigger an alarm to prompt the evacuation to a radiologically safe location.
This detection is very specific because of the various possible neutron kinetics and radiation fields
produced by a nuclear criticality accident comprising neutrons and photons (i.e. gamma radiation) with
a broad spectrum of energies. The primary purpose of CAAS is to prompt personnel to evacuate as
soon as possible during a nuclear criticality accident, thus limiting individual and collective radiological
doses. A CAAS cannot, and is not intended to, protect personnel from radiation from a nuclear criticality
accident prior to prompt evacuation or other protective actions.
Considerations about emergency preparedness and response, including the evacuation procedure
related to nuclear criticality accidents, are addressed in ISO 11320.
This document is supplemented by three informative annexes:
— Annex A outlines elements for the definition of the minimum accident of concern (MAC);
— Annex B provides examples of application of this document for the positioning of CAAS detectors;
— Annex C looks at the factors which are considered when assessing whether a CAAS is needed or not,
through examples.
v
INTERNATIONAL STANDARD ISO 7753:2023(E)
Nuclear criticality safety — Use of criticality accident
alarm systems for operations
1 Scope
This document provides requirements and guidance regarding the use of CAAS for operations of a
nuclear facility. Requirements and guidance on CAAS design are provided in the IEC 60860.
This document is applicable to operations with fissile materials outside nuclear reactors but within the
boundaries of nuclear establishments.
This document applies when a need for CAAS has been established. Information about the need for
CAAS is given in Annex C.
This document does not include details of administrative steps, which are considered to be activities of
a robust management system (ISO 14943 provides details of administrative steps).
Details of nuclear accident dosimetry and personnel exposure evaluations are not within the scope of
this document.
This document is concerned with gamma and neutron radiation rate-sensing systems. Specific detection
criteria can also be met with integrating systems; systems detecting either neutron or gamma radiation
can also be used. Equivalent considerations then apply.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 1709, Nuclear energy — Fissile materials — Principles of criticality safety in storing, handling and
processing
ISO 11320, Nuclear criticality safety — Emergency preparedness and response
IEC 60860:2014, Radiation protection instrumentation — Warning equipment for criticality accidents
3 Terms and definitions
For the purposes of this document, the terms and definitions of ISO 1709 and the following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
ISO 7753:2023(E)
3.1
criticality accident alarm system
CAAS
system dedicated to the detection of nuclear criticality accidents and to the warning of the personnel to
prompt their immediate evacuation
Note 1 to entry: A criticality accident alarm system is constituted of all components allowing it to ensure its main
function and its optional additional functions (see 4.1) if present; these components include, where applicable:
detectors, cabinet(s) (e.g. electronic processing/logic cabinet), alarm devices, device for the supervision of the
system status, monitoring device in case of alarm triggering, and interconnections, as well as the system power
supply(ies).
3.2
minimum accident of concern
MAC
“smallest” nuclear criticality accident that a criticality accident alarm system (3.1) is required to be able
to detect
Note 1 to entry: The minimum accident of concern is used to determine and verify the adequate positioning of the
CAAS detectors.
Note 2 to entry: The minimum accident of concern is usually expressed in terms of
— doses within a given time, or dose-rates at a given distance, or,
— fission yield within a given time, or fission yield rate, or,
— reactivity insertion, or,
— fission yield resulting in a given dose.
Note 3 to entry: Further information about the MAC is given in 4.3 and Annex A.
3.3
detection zone
area inside of which a nuclear criticality accident meeting the definition of the MAC would trigger the
CAAS alarm
3.4
false alarm
unintentional activation of the alarm signal in the absence of a nuclear criticality accident
Note 1 to entry: The cause of a false alarm could be a malfunction of a part or the whole of the system, as well as
the triggering due to an external cause (heat, high ambient dose, etc.) or a maintenance error.
4 General design, detection principle
4.1 CAAS functions
4.1.1 Main function
The main function of a CAAS is to provide prompt warning to personnel, in order to limit the radiological
consequences due to a nuclear criticality accident. The goal of the alarm is to prompt nearby personnel
to evacuate as soon as possible and to deter access to the zones that are to remain evacuated. Estimation
of consequences of a potential nuclear criticality accident shall be prepared before implementing the
CAAS. Guidance for such estimation is provided in ISO 27467.
This main CAAS function should be maintained as long as a presence of a CAAS provides a net benefit.
Unavailability of the main CAAS function shall be identified and managed (see Clause 5).
ISO 7753:2023(E)
The alarm shall be designed to provide a prompt evacuation order to all personnel inside the boundaries
of the zones to be evacuated and to warn against access to those zones; these boundaries shall meet the
requirements of ISO 11320. The emergency arrangements for preparedness and response should be
fulfilled in accordance with ISO 11320 as appropriate.
4.1.2 Additional functions (optional)
A CAAS may provide additional functions, given its main function is not affected. These services might
be, for example,
— to provide remote monitoring of an ongoing or apparently stopped nuclear criticality accident in
order to plan the emergency response, or
— to record detectors’ signal for analysis during or after a nuclear criticality accident.
This remote monitoring and signal recording capability should be implemented outside of zones to be
evacuated.
Personnel required to operate this remote monitoring and signal recording capability shall be trained
in these tasks.
4.2 Resilience
The ability to perform the CAAS main function shall be able to withstand the high radiation emission
due to a nuclear criticality accident. The requirements of IEC 60860:2014, 6.6 shall apply for detectors
radiation resilience.
NOTE 1 Whenever possible, electronic cabinets and power supplies (Note 1 to entry 3.1) are placed outside of
areas where they might receive high radiation doses.
NOTE 2 IEC 60860 contains requirements and specifications regarding resilience of CAAS to environmental,
mechanical, and electromagnetic conditions.
If additional functions (4.1.2) are implemented, it should be ensured that repeated excursions would
not impair these features.
The CAAS shall be powered by an uninterruptible power supply, allowing continuous operation of the
system in the case of failure of external power.
The period during which the CAAS power supply is sustained should be such that, in the event of failure
of external power, the system stays in an alarm state long enough for all evacuations to be initiated
and for an access control to affected areas to be implemented. This period should also be sufficient to
ensure that a CAAS function is maintained during the instigation of alternate arrangements regarding
CAAS unavailability.
The sustaining of power supply is not required in situations of managed unavailability of the CAAS (see
Clause 5).
4.3 Detection criterion
A CAAS shall trigger its alarm for any nuclear criticality accident whose characteristic meets or exceeds
those of the MAC.
The MAC shall be justified and documented. Annex A provides elements for the definition of the MAC
and guidance that can be applied to determine it. Several MACs may be defined in a facility.
NOTE The minimum accident of concern assumed in the 1987 version of this International Standard delivers
“an absorbed neutron and gamma dose in free air of 0,2 Gy at a distance of 2 m from the reacting material within
60 s”.
ISO 7753:2023(E)
Predicting the location of a nuclear criticality accident and its neutron kinetics is a difficult topic.
Considering Annex A, this difficulty can result in a residual risk of nuclear criticality accident with
characteristics not meeting the MAC. If the response to such an accident would provide a net benefit to
personnel, its detection should be considered in order to constitute a continuum of detection below the
MAC. This detection may be performed with means complementary to the CAAS, such as non-dedicated
radiation sensing equipment, which are then not CAAS. In this case, adequate accident response
procedures shall be provisioned, in accordance with ISO 11320.
5 Management of unavailability
Provision shall be made to manage conditions where an unavailability of the CAAS is identified, unless
it can be justified that there is no need for the CAAS given the particular condition.
NOTE 1 Situations where a CAAS might be unavailable include malfunction or failure (unintentional events)
as well as maintenance and testing (intentional events).
Unavailability may be managed by
— ordering an evacuation of personnel from the zones which are no longer covered, or
— applying anticipated actions that would negate the need for a CAAS for the duration of this
unavailability (shutdown of operations, cessation of transfers, emptying of the process equipment
or facility from any fissile material, etc.), or
— maintaining the main CAAS function by other means.
The main CAAS function may temporarily be obtained by the use of portable devices or ambient radiation
monitoring equipment not dedicated to nuclear criticality accidents. Any temporary substitution shall
be evaluated to be able to perform as an adequate alternative to the existing permanent CAAS. In this
case, any performance shortfalls of the temporary system against the existing permanent CAAS should
be justified with regards of the unavailability duration.
NOTE 2 IEC 60860:2014 4.5 requires the failure of important CAAS components, including detectors, to be
revealed by visual and/or audible indication.
6 System design
6.1 General
This clause presents system design requirements as derived from the scope of this document, aimed at
CAAS users.
A CAAS is usually constituted of several components forming a whole. These components shall be
protected from failure by design, to ensure the system responds as intended.
Any unavailability or failure should be managed according to Clause 5.
IEC 60860 details additional requirements and specifications aimed at CAAS manufacturers, including
electronics, detectors and alarm.
A redundancy of components may be implemented in order to ensure continued operation of the CAAS.
The CAAS design should be reviewed as changes to the facility or operating conditions warrant.
6.2 Alarm
The CAAS shall trigger a prompt evacuation alarm inside the zones to be evacuated; this alarm shall
also warn against re-entry to these zones.
ISO 7753:2023(E)
The CAAS alarm shall primarily be an audible warning. Visual signals or other alarm means shall be
considered to supplement the sound signal to ensure a prompt response of personnel in circumstances
where a sound signal would be ineffective (high background noise level, hearing protections, outside
building, etc.).
The CAAS’ alarm signal shall be specific, so as to be distinct from other signals or alarms, which
requires a response different from that necessary in the event of a nuclear criticality accident.
The alarm shall be automatically and promptly actuated upon detection of a nuclear criticality accident
with characteristics meeting the MAC (IEC 60860:2014, 6.3). After actuation, the alarm shall be
maintained even if radiation level falls below the triggering threshold. The minimum alarm duration
shall be assessed to ensure that personnel, in the whole area to be evacuated, perceives the alarm and
initiates evacuation. This duration should be documented in the emergency procedures. Manual resets
should be provided outside the zones to be evacuated. Manual resets shall have limited access.
6.3 Connections
If several components of a CAAS are connected through a link, it should be ensured that this link is
protected from disruption, failure, or interference, for the system to maintain its function in situations
where the CAAS function is needed.
CAAS detectors and their connections should be implemented and maintained ensuring the
minimization of common-mode failure causes.
6.4 Failure of detectors, false alarms, detection logic
Occurrence of false alarms shall be minimized, as hazards associated with prompt evacuation can
be significant (injuries during evacuation, non-securing of processes, loss of containment, physical
security breaches, etc.) and the frequency of false criticality alarms can eventually lead personnel to
become complacent to prompt evacuation, and thus to an ineffective or incomplete evacuation.
Reduction of false alarms may be achieved by requiring several detectors to coincidentally detect
the nuclear criticality accident in order to trigger the alarm (e.g. a 2/n logic, where n is the number of
detectors assigned to the surveillance of a given zone), or by adjusting the trigger threshold or position
of the detectors according to the radiological level in the facility without prejudice to the detection of
the MAC.
6.5 Obsolescence, replacement parts
The availability for replacement of any CAAS components should be considered to define the life cycle of
installed systems. Components different from the original ones may be used, but the modified system
shall meet the requirements of this document.
6.6 Supervising
The system status shall be supervised to ensure its ability to detect a nuclear criticality accident.
Personnel who are required to interrogate the status of the system shall be trained for this task.
The provision of a remote system status supervisory station, outside of the zones needing to be
evacuated, should be considered.
NOTE 1 This system status supervision capability is distinct from the optional monitoring capability cited in
4.1.
NOTE 2 During an emergency response, information gathered by remote supervision can also help to safely
assess the situation, such as confirming the occurrence or termination of a nuclear criticality accident.
ISO 7753:2023(E)
7 Criteria for positioning
7.1 General
The positioning of the different components of a CAAS is an important step of the implementation of a
CAAS. There exist different requirements for each component, detailed thereafter.
7.2 Positioning of detectors and detection zone
Annex B provides principles for the positioning of CAAS detectors. The detection zone is mainly
determined by the positioning of CAAS detectors. Attenuation brought by building elements and
shielding shall be taken into account. Attenuation brought by equipment should be considered.
It shall be justified and documented that all locations where CAAS surveillance is needed are included
in a detection zone.
The potential failure of detectors should be considered when determining the detection zone.
In placing the minimum required detectors to cover the zone where CAAS surveillance is needed, their
placement may be optimized to extend the detection zone.
NOTE 1 Such an extension of the detection zone is supported by the feedback from past accidents which shows
that a nuclear criticality accident can occur in an unexpected location.
NOTE 2 Such an extension of the detection zone also allows covering zones where future activities of the
facility might stand.
NOTE 3 Adequate positioning of detectors relative to each other helps ensure that during in situ radioactive
source tests, only one detector is triggered at a time.
7.3 Alarm signal
The CAAS alarm devices shall be positioned so that they can be clearly perceived at all points of the
evacuation zone, and in order to deter access to these zones once an evacuation has been initiated.
NOTE IEC 60860 and EN 50849 give additional information regarding sound levels required for sound
systems for emergency purposes.
7.4 Positioning of other CAAS components
CAAS components should be positioned to be able to maintain the main CAAS function in the event of
a nuclear criticality accident, taking into account limitations due to their design characteristics. The
radiation levels can be determined using the principles in Annex B.
If the design of any CAAS component cannot guarantee the main CAAS function would be ensured in
case of a nuclear criticality accident, this component shall be protected against high radiation emissions.
8 Testing
The main CAAS function (whole system) shall be tested at commissioning and periodically; adequate
frequencies of these periodic tests shall be justified and documented, in accordance with the stipulations
of the manufacturer.
Instrument response to radiation shall be checked at commissioning and periodically to confirm
continuing instrument performance. In a system having redundant channels, the performance of each
channel shall be monitored. The test interval may be determined on the basis of experience; adequate
frequencies of these tests shall be justified and documented; for facilities having a large number of
detectors, a rolling programme of testing of detectors may be implemented. Records of the tests shall
be maintained.
ISO 7753:2023(E)
Periodic testing of the system should include periodic calibration of the CAAS detectors.
NOTE 1 The default frequency suggested for the periodic tests of instrument response to radiation is at least
once a month.
The entire alarm system shall be tested periodically. In the case of redundant channels, care should
be taken to ensure that a working channel does not mask a faulty channel. Hence, each path through
the system should be regularly tested; adequate frequencies of these tests shall be justified and
documented.
NOTE 2 The default frequency suggested for the periodic tests of the entire alarm system is at least once every
three months.
Field observations shall establish that the alarm is either audible above background noise, or visible,
throughout the zones to be evacuated as well as at all access ways to these zones. All individuals in
affected areas shall be notified in advance of a test.
Function of other CAAS components shall be tested at commissioning and periodically.
Where tests reveal inadequate performance, corrective actions shall be taken without undue delay.
Operations shall be adapted to this degraded performance until correction. Such an adaptation may be
graded to the nature and level of the inadequate performance.
Personnel performing the tests and the corrective actions shall be trained and have a specific
authorization to perform maintenance work on the CAAS.
Procedures should be formulated to minimize false alarms, which can be caused by testing, and to
return the system to normal operation immediately following the test.
The facility management shall be given advance notice of any periods during which the system will be
taken out of service.
9 Personnel familiarization
Instructions or signage regarding response to nuclear criticality accident alarm signals shall be set up
at locations within the zones to be evacuated as well as all access ways to these zones.
Personnel shall be familiar with the CAAS alarm signals (see 6.2). Familiarization of personnel to
procedures linked to CAAS alarm, including through drills and training, is documented in ISO 11320.
ISO 7753:2023(E)
Annex A
(informative)
Elements for the definition of the minimum accident of concern
A.1 General
A basic consideration in the positioning of criticality accident alarm system detectors in a facility is the
definition of the size of the “minimum accident of concern” (MAC).
A previous version of this document suggested the following definition for the MAC: “the minimum
accident of concern may be assumed to deliver an absorbed neutron and gamma dose in free air of 0,2 Gy
at a distance of 2 m from the reacting material within 60 s”. According to Reference [8], this definition
corresponds to a slow kinetic nuclear criticality accident for unshielded fissile solution systems. It
was decided to remove this definition from the normative part of this document because its origin, its
expression and its justification were not well documented and it may not apply in all circumstances.
This annex provides information to help specify a MAC, on the basis of known nuclear criticality accident
history and criticality experiments, supplemented by consideration of the mechanisms governing the
time evolution of the nuclear criticality accident.
A.2 General considerations
1)
Even slow kinetic nuclear criticality accidents (ρ < β ) could lead to significant doses for personnel
eff
(in a relatively short time) if these excursions are not detected quickly. This fact, already mentioned in
previous articles (for example References [6] and [7]), leads to a paradox, according to the Reference [8],
2)
for personnel close to the nuclear criticality accident. Indeed, the MAC value has no impact on the
avoiding of dose for the first part of nuclear criticality accidents above prompt criticality (ρ > β ).
eff
Taking into account the fast kinetic of the accident, the CAAS cannot prevent doses resulting from the
first spike even if the detection is very early and quick: it is an “unavoidable” dose. On the contrary, the
MAC value has a great impact on the “avoidable” dose in case of slow kinetic accidents: the sooner this
kind of accident is detected, the lower will be the doses received due to the evacuation speed of workers
[6]
compared to the kinetic of this kind of accident . So, a lower value of the MAC:
— will have no impact on the dose that can be avoided for fast kinetic accidents (ρ > β ),
eff
— will save doses for personnel close to slow kinetic nuclear criticality accidents (ρ < β ),
eff
— will increase the number of detectors for a given detection zone, and thus the cost of the CAAS, or
could increase the risk of false alarm if the alarm threshold of the detectors is decreased to keep
constant the number of detectors for a given detection zone.
So, a fundamental step in the MAC definition is to define if a slow kinetic nuclear criticality accident
(ρ < β ) is a concern in the facility where the CAAS is installed or is going to be installed. In order
eff
to do that, the specification of the MAC will take into account the process conditions that could lead
3)
to the nuclear criticality accident and the environment (shielded cells for example) . In particular,
1) ρ is the inserted reactivity in excess of criticality and β is the effective delayed neutron fraction of the system
eff
2) The detection of the accident has nevertheless an interest for the avoiding of dose during the “second part” of
the nuclear criticality accident. But, taking into account the diversity of the phenomenology of nuclear criticality
accidents, the relative contribution of each of these two parts of the accident on the total number of fissions (so the
total doses) are very variable and very difficult to predict.
3) It implies that several MAC may be defined for one facility in order to take into account the specifics of each part
of the facility.
ISO 7753:2023(E)
the features of the first spike are sensitive to the addition rate of inserted reactivity, to the kinetic
of the fission chain reaction including reactivity feedbacks, and to the stochastic nature of the fission
chain reaction (i.e. even after the critical state is reached, an initiation waiting time may occur before
the first diverging fission chain reaction occurs). So, depending on the nature of the fissile material
(solution, metal, powder, etc.), the kind of process (laboratory, reprocessing, fuel fabrication, etc.) and
the associated faults/accident scenarios, the isotopic composition of the fissile material (HEU, LEU, civil
or weapon grade plutonium) and the presence of a high neutron source background (due, for example,
to spontaneous fissions or to (α,n) reactions), the MAC value could be adapted. This not only has an
impact on the kinetic of the nuclear criticality accident but also on the features of the radiation particles
leaving the equipment (leakage rate, energy spectrum and neutron/gamma ratio).
It should be kept in mind that the MAC definition is used for the positioning of the CAAS detectors
but it is not the only parameter needed. Because the nuclear criticality accident that could occur in a
facility is, by definition, not precisely predictable, an overall analysis of the assumptions made will be
performed in order to evaluate the margins present in the process of determining the best location of
the CAAS detectors.
The MAC is usually expressed in terms of
— doses within a given time, or dose-rates at a given distance, or
— fission yield within a given time, or fission yield rate, or
— reactivity insertion, or
— fission yield resulting in a given dose.
The third one is more linked to the neutron kinetic of the nuclear criticality accident and to the
accident scenario. The first one can be more directly helpful for CAAS detectors positioning. All these
parameters are linked. Given the variety of considered configurations, care should be given to the
interdependencies between these parameters which are not trivial.
A.3 Past nuclear criticality accidents
The spike yields of the 22 documented process nuclear criticality accidents from 1953 through
1999 that occurred in fuel processing facilities are shown in Table A.1. Accidents that have occurred
in reactors and remotely-operated critical facilities are not included, because the mechanisms or
reactivity addition are not representative of process facilities.
[9]
The lessons learned from past nuclear criticality accidents occurring in process facilities are quite
limited due to the low number of known events (22). All accidents except one occurred with solution
or slurry systems. This exception occurred with Pu metal ingots and the accident seems to be prompt
critical (ρ > β ). Reference [9] reports that, at least accidents labelled #9, #18, #19, #21 seem to be
eff
delayed critical and many of them (#5, #6, #9, #10, #13, #15, #18) have a specific number of fissions
within
...