A design and operational philosophy with regard to nuclear facilities that calls for multiple layers of protection to prevent and mitigate accidents. It includes the use of controls, multiple physical barriers to prevent release of radiation, redundant and diverse key safety functions, and emergency response measures.