For Susquehanna Steam Electric Station, Regarding Automatic Reactor Scrams Occur During Post-Modification Testing of the Digital Feedwater Integrated Control System

ML101800151
Person / Time
Site:	Susquehanna
Issue date:	06/21/2010
From:	Rausch T Susquehanna
To:	Document Control Desk, Office of Nuclear Reactor Regulation
References
PLA-6626 LER 10-002-00
Download: ML101800151 (8)
v • d • e

LER-2010-002, For Susquehanna Steam Electric Station, Regarding Automatic Reactor Scrams Occur During Post-Modification Testing of the Digital Feedwater Integrated Control System

Event date:
Report date:
Reporting criterion:	10 CFR 50.73(a)(2)(iv)(A), System Actuation 10 CFR 50.73(a)(2)(i) 10 CFR 50.73(a)(2)(vii), Common Cause Inoperability 10 CFR 50.73(a)(2)(viii)(A) 10 CFR 50.73(a)(2)(ii)(B), Unanalyzed Condition 10 CFR 50.73(a)(2)(viii)(B) 10 CFR 50.73(a)(2)(iii) 10 CFR 50.73(a)(2)(ix)(A) 10 CFR 50.73(a)(2)(x) 10 CFR 50.73(a)(2)(v)(A), Loss of Safety Function - Shutdown the Reactor 10 CFR 50.73(a)(2)(v)(B), Loss of Safety Function - Remove Residual Heat 10 CFR 50.73(a)(2)(i)(A), Completion of TS Shutdown 10 CFR 50.73(a)(2)(v), Loss of Safety Function 10 CFR 50.73(a)(2)(i)(B), Prohibited by Technical Specifications
3872010002R00 - NRC Website
v • d • e

text

Timothy S. Rausch PPL Susquehanna, LLC Sr. Vice President & Chief Nuclear Officer 769 Salem Boulevard a

I Berwick, PA 18603 V %

a i Tel. 570.542.3445 Fax570.542.1504

,11o tsrausch@pplweb.com I

Em-JUN 1.-

TM U. S. Nuclear Regulatory Commission Attn: Document Control Desk Mail Stop OP1-17 Washington, DC 20555 SUSQUEHANNA STEAM ELECTRIC STATION LICENSEE EVENT REPORT 50-387/2010-002-00 LICENSE NO. NPF-14 PLA-6626 Docket No 50-387 Attached is Licensee Event Report (LER) 50-387/2010-002-00. On April 22, 2010, and on May 14, 2010, Susquehanna Steam Electric Station Unit 1 experienced an automatic reactor scram during planned post-modification testing of a new digital feedwater Integrated Control System (ICS) that was installed during the Unit 1 refueling outage.

These events were determined to be reportable under 10 CFR 50.73(a)(2)(iv)(A) for an event that resulted in the manual or automatic actuation of the RPS and RCIC.

In accordance with NUREG-1022, Rev. 2, Section 2.3, "Reporting of Multiple Events,"

more than one failure or event may be reported in a single LER if; 1) the failures or events are related (i.e., they have the same general cause or consequences), and 2) they occurred during a single activity (e.g., a test program) over a reasonably short time (e.g.

60 days LER reporting). Since, both reactor scrams occurred during implementation of the ICS testing program and are related events, one LER is being submitted for both Unit 1 events.

Because the root cause analysis for these events is not yet complete, the causes and corrective actions documented in this LER are considered preliminary. Upon completion and approval of the root cause analysis, PPL will submit a supplement to the LER by August 1, 2010.

There were no actual consequences to the health and safety of the public as a result of these events.

Senior Vice President - Chief Nuclear Officer Attachment Document Control Desk PLA-6626 Copy:

NRC Region I Mr. P. W. Finney, NRC Sr. Resident Inspector Mr. R. V. Guzman, NRC Sr. Project Manager Mr. R. R. Janati, DEP/BRP Document Control Desk PLA-6626 bc:

M. H. Crowthers D. R. D'Angelo J. M. Helsel P. A. Horn (SRC)

L. G. Oberrender B. W. O'Rourke R. D. Pagodin J. J. Petrilla III R. M. Rose R. R. Schechterly J. J. Scopelliti G. J. Treven T. G. Wales (DBD)

NRA File DCS GENPL4 NUCSB2 NUCSB3 NUCSB2 NUCLC NUCSA4 NUCSB3 NUCSA4 GENPL4 NUCSA3 SSO NUCSB2 GENPL5 GENPL4 GENPL4 Send Microsoft Word copy to: LEREvents@inpo.org

NRC FORM 366 U.S. NUCLEAR REGULATORY COMMISSION APPROVED BY OMB: NO. 3150-0104 EXPIRES: 08/31/2010

,9-2007)

, the NRC may digits/characters for each block) not conduct or sponsor, and a person is not required to respond to, the information collection.

13. PAGE Susquehanna Steam Electric Station Unit 1 050003871 1 OF 5

4. TITLE Automatic Reactor Scrams Occur during Post-Modification Testing of the Digital Feedwater Integrated Control System

5. EVENT DATE

6. LER NUMBER

7. REPORT DATE

8. OTHER FACILITIES INVOLVED MONTH DAY YEAR YEAR SEQUENTIAL REV MONTH DAY YEAR FACILITY NAME DOCKET NUMBER NUMBER NO.

05000 i

FACILIT NAME DOCKET NUMBER 04 22 2010 2010 - 002 -

00 06 21 2010 05000

9. OPERATING MODE

11. THIS REPORT IS SUBMITTED PURSUANT TO THE REQUIREMENTS OF 10 CFR§: (Check all that apply)

El 20.2201(b)

El 20.2203(a)(3)(i)

El 50.73(a)(2)(i)(C)

El 50.73(a)(2)(vii)

El 20.2201(d)

El 20.2203(a)(3)(ii)

[I 50.73(aX2)(ii)(A)

El 50.73(a)(2)(viii)(A)

El 20.2203(a)(1)

El 20.2203(a)(4)

El 50.73(a)(2)(ii)(B)

El 50.73(a)(2)(viii)(B)

El 20.2203(a)(2)(i)

[I 50.36(c)(1)(i)(A)

El 50.73(a)(2)(iii)

El 50.73(a)(2)(ix)(A)

10. POWER LEVEL [I 20.2203(a)(2)(ii)

El 50.36(c)(1)(ii)(A) 0 50.73(a)(2)(iv)(A)

El 50.73(a)(2)(x)

El 20.2203(a)(2)(iii)

El 50.36(c)(2)

El 50.73(a)(2)(v)(A)

El 73.71(a)(4)

[I 20.2203(a)(2)(iv)

El 50.46(a)(3)(ii)

El 50.73(a)(2)(v)(B)

El 73.71(a)(5) 32%

El 20.2203(a)(2)(v)

El 50.73(a)(2)(i)(A)

[E 50.73(a)(2)(v)(C)

El OTHER El 20.2203(a)(2)(vi)

El 50.73(a)(2)(i)(B)

El 50.73(a)(2)(v)(D)

Specify in Abstract below or in NRC Form 366A

12. LICENSEE CONTACT FOR THIS LER Facility Name Telephone Number (include Area Code)

Brenda W. O'Rourke, Senior Engineer - Nuclear Regulatory Affairs (570) 542-1791 USYSTEM MAN-REPORTABLE I

SYSTEM COMPONENT MANU-REPORTABLE

CAUSE

SYTMCOMPONENT FACTURER TO EPIX

CAUSE

SSE OPNN I

FACTURER TO EPIX

14. SUPPLEMENTAL REPORT EXPECTED

15. EXPECTED MONTH DAY YEAR SUBMISSION 10 YES (if yes, complete 15. EXPECTED SUBMISSION DATE)

El NO DATE 08 01 2010 ABSTRACT (Limit to 1400 spaces, i.e., approximately 15 single-spaced typewritten lines)

On April 22, 2010, at 1051 hours0.0122 days <br />0.292 hours <br />0.00174 weeks <br />3.999055e-4 months <br />, Susquehanna Steam Electric Station Unit 1 experienced an automatic reactor scram, from 32%

power, on low reactor water level (ENS 45866). The low level condition occurred during planned testing of a new digital feedwater Integrated Control System (ICS), which included upgrades to the feedwater level control system, the reactor feed pump turbine speed controls, and the reactor recirculation speed controls. During testing at low power conditions, the second of three reactor feed pumps (RFP) was placed in automatic flow control mode for the first time with the goal of parallel automatic operation of two RFPs. A reactor water level transient occurred when the second RFP began feeding into the reactor. The resulting concurrent flow reduction of both RFPs quickly lowered water level to the low level scram setpoint. Corrective actions were taken to adjust the ICS speed controller gain and master feedwater level controller gain.

At approximately 2301 hours0.0266 days <br />0.639 hours <br />0.0038 weeks <br />8.755305e-4 months <br /> on May 14, 2010, Unit 1 automatically scrammed from 66% power due to a main turbine trip on high reactor water level (ENS 45930). The high level condition occurred during additional planned testing of the digital ICS, which involved the trip of one of the four condensate pumps. The high reactor water level transient was attributed to a large feedwater flow/steam flow mismatch caused by insufficient gain on the ICS master feedwater level control system master water level controller in response to large transient conditions. Corrective actions were taken to increase the system gains for large transients using "gap" control on the ICS level controller and flow controller.

On May 30, 2010, ICS testing of the condensate pump trip event was successfully completed.

The preliminary root cause for both events was due to less than adequate engineering rigor being applied during the development and implementation of the ICS gain factors. There were no actual adverse consequences to the health and safety of the public as a result of these events. The Reactor Protection System (RPS) responded as expected. All control rods fully inserted.

These events are being reported under 10 CFR 50.73(a)(2)(iv)(A) due to the actuation of the RPS and RCIC. Because the root cause analysis for these events is not yet complete, the causes and corrective actions documented in this LER are considered preliminary. Upon completion and approval of the root cause analysis, this LER will be supplemented by August 1, 2010.

NRC FORM 366 (9-2007)

CONDITION PRIOR TO THE EVENTS Event 1: April 22, 2010, Unit 1 - Mode 1, 32 percent Rated Thermal Power Event 2: May 14, 2010, Unit 1 - Mode 1, 94 percent Rated Thermal Power EVENT DESCRIPTIONS Event 1 -

On April 22, 2010, at 1051 hours0.0122 days <br />0.292 hours <br />0.00174 weeks <br />3.999055e-4 months <br />, Susquehanna Steam Electric Station (SSES) Unit 1 experienced an automatic reactor [EIIS Code: AC] scram on low reactor water level (+ 13 inches). This scram occurred while implementing planned testing of the new digital feedwater Integrated Control System (ICS) during power ascension following the Unit 1 refueling outage. During the outage, upgrades to the feedwater level control system, the reactor feed pump turbine speed controls, and the reactor recirculation speed controls were made by the installation of ICS. During testing at low power conditions (i.e., 32% power), the second of three (A, B and C) reactor feed pumps (RFP) [EIIS Code: SJ] was placed in automatic flow control mode for the first time with the goal of parallel automatic operation of two RFPs. A reactor water level transient occurred when the second RFP began feeding into the reactor. Reactor water level reached a maximum of approximately 12 inches above normal operating level. As a result, the control room operator placed the second RFP speed controller in manual mode and reduced the rate of feed into the reactor vessel in accordance with procedures. Concurrent with this action, the ICS responded to the high level condition by lowering the other operating RFP's speed. The resulting concurrent flow reduction of both RFPs quickly lowered water level to the low water level scram setpoint. A control room operator was in the process of taking the mode switch to shutdown when an automatic reactor scram signal initiated on low reactor water level.

The Reactor Protection System (RPS) [EIIS Code: JC] response to the automatic scram was as expected and all control rods fully inserted. Following the reactor scram, reactor water level dropped to approximately -30 inches wide range. The Reactor Core Isolation Cooling (RCIC) [EIIS Code: BN] system automatically initiated as expected. The 'A' RFP and RCIC restored level to within normal limits. An Alternate Rod Insertion Div 2 signal was received during the transient and was subsequently reset. Primary containment integrity was maintained during the event. An ENS notification (# 45866) was made to the NRC in accordance with 10 CFR 50.72(b)(2)(iv)(B) for an event or condition that resulted in the actuation of the RPS when the reactor was critical, and 10 CFR 50.72(b)(3)(iv)(A) due to a valid actuation of the RPS and RCIC.

Event 2 -

On May 14, 2010, at 2301 hours0.0266 days <br />0.639 hours <br />0.0038 weeks <br />8.755305e-4 months <br />, SSES Unit 1 automatically scrammed from 66% power due to a main turbine trip on high reactor water level (+ 54 inches). As expected, all three RFPs tripped on high reactor water level. The high water level condition occurred during additional planned testing of the new digital ICS which involved a planned trip of one of the four condensate pumps. This test was performed as required by an Extended Power Uprate (EPU) license condition, to verify that a loss of all feedwater would not occur due to low feedwater pump suction pressure. As designed, this resulted in an automatic reactor recirculation [EllS Code: AD] pump run-back and a subsequent reactor water level transient. A larger than expected steam flow/feed flow mismatch developed due to insufficient gain on the master feedwater level controller (MFWLC), which resulted in steam flow dropping off at a much greater rate than feedwater flow. As a result, an aggregate vessel level rate of increase of 30 inches per minute was experienced.

When the reactor water level exceeded the expected upper response range of the test, the operator placed the mode switch in shutdown. An automatic reactor scram signal initiated on a turbine trip due to high reactor water level occurring nearly simultaneously as the control room operators placed the mode switch in shutdown.

The RPS response to the automatic scram was as expected and all control rods fully inserted. Following the scram, reactor water level lowered to -30 inches wide range. RCIC was manually initiated at -24 inches and injected for level control. In accordance with plant procedures, the control room operator restored the 'B' reactor feed pump and RCICU.S. NUCLEAR REGULATORY COMMISSION (9-2007)

LICENSEE EVENT REPORT (LER)

CONTINUATION SHEET

1. FACILITY NAME

2. DOCKET

6. LER NUMBER

3. PAGE YEAR SEQUENTIAL REVISION NUMBER NUMBER Susquehanna Steam Electric Station Unit 1 05000387 1

30F5 2010

- 002-00 was secured. Reactor water level was restored to within normal limits. Primary containment integrity was maintained during the event. An ENS notification,(# 45930) was made to the NRC in accordance with 10 CFR 50.72(b)(2)(iv)(B) for an event or condition that resulted in the actuation of the RPS when the reactor was critical, and 10 CFR 50.72(b)(3)(iv)(A) due to a valid actuation of the RPS and RCIC.

In accordance with NUREG-1022, Rev. 2, Section 2.3, Reporting of Multiple Events, more than one failure or event may be reported in a single Licensee Event Report (LER) if; 1) the failures or events are related (i.e., they have the same general cause or consequences), and 2) they occurred during a single activity (e.g., a test program) over a reasonably short time (e.g., 60 days LER reporting). Since, both reactor scrams occurred during implementation of the ICS testing program and the events are related, one LER is being submitted for both events in accordance with 10 CFR 50.73(a)(2)(iv)(A) for an event that resulted in the manual or automatic actuation of the RPS and RCIC.

Because the root cause analysis for these events is not yet complete, the causes and corrective actions documented in this LER are considered preliminary. Upon completion and approval of the root cause analysis, a supplement to this LER will be submitted by August 1, 2010.

PRELIMINARY CAUSE(S) OF THE EVENT Event 1 -

Performance characteristics of the mechanical equipment associated with the RFP turbine steam admission system were not well understood. As a result, the ICS system gains were inadequate for the low power and steam flow conditions that existed at the time of the test. In particular, there existed an unrecognized RFP turbine transition from low pressure (LP) to high pressure (HP) and HP to LP steam flow that decreases the response of the RFPs when operating at low power conditions with an increasing speed demand signal. It is believed that this non-responsiveness of the feewater pumps was due to the lack of significant change in steam flow (i.e., motive force) to the feedwater pump turbine while the governor control valve position was moving through this transition zone. Because of this, manual control of the RFP turbines during this water level transient was ineffective in preventing the low level condition. As such, the initial gain settings in ICS did not sufficiently account for system performance at low power conditions. While the transition zone still exists, the speed controller gain has been increased to make the speed control governor control valve open or close more (i.e., admit more steam or less steam) for a given demand within this transition zone.

In addition, the plant simulator, which was used to confirm these gain settings prior to performing the test, did not accurately model plant performance. As a result, the misunderstanding of the performance characteristics of the mechanical equipment was not identified prior to testing.

Event 2 -

The ICS MWLC was not originally configured with sufficient gain to handle a large transient such as the loss of a Condensate Pump. This conclusion is based on review of event data that showed that the MWLC demand to the 'A',

'B' and 'C' RFP turbine speed controllers did not decrease demand sufficiently to terminate the reactor vessel level increase following the condensate pump trip.

The MWLC demand did not decrease sufficiently to mitigate the transient because the original ICS gain parameters resulted in a relatively low flow gain. The original flow gain was selected during system tuning and implemented at lower power levels based on acceptable response for small flow upset events. The selection of these values did not anticipate the need for larger gains during transients that have larger flow and level impacts.U.S. NUCLEAR REGULATORY COMMISSION (9-2007)

LICENSEE EVENT REPORT (LER)

CONTINUATION SHEET

1. FACILITY NAME

2. DOCKET

6. LER NUMBER

3. PAGE YEAR SEQUENTIAL REVISION NUMBER NUMBER Susquehanna Steam Electric Station Unit 1 05000387 40F5 2010

- 002-00 The plant simulator was used prior to the condensate pump trip test to train the operators on expected plant response.

The simulator did not react as the plant did due to a software error in the ICS controller function. Therefore, pre-site acceptance testing on the simulator and training for the Operators did not reveal the issue prior to the actual performance of the Unit 1 condensate pump trip test.

Combined Root Cause for Events 1 and 2 The preliminary root cause for both the April 22, 2010 and May 14, 2010 Unit 1 scram events was due to less than adequate engineering rigor being applied during the development and implementation of the ICS gain factors.

Because the root cause analysis for these events is not yet complete, the causes documented in this LER are considered preliminary. Upon completion and approval of the root cause analysis, a supplement to this LER will be submitted by August 1, 2010.

ANALYSIS/SAFETY SIGNIFICANCE

The ICS is a digital Distributed Control System (DCS) that includes three major control systems that are integrated into a single DCS. architecture known as ICS. The ICS installation was deemed necessary to support plant operation at EPU power levels due to the need for additional condensate and feedwater flow and corresponding increased reliability of the overall feedwater system. At uprated conditions, the operators will be making more speed changes in order to maximize generation and address atmospheric impacts. The ICS system includes enhanced reactor recirculation system runbacks, feedwater margin (rundown) capability, eliminates single point failures, and provides the benefits of an integrated control system on a common platform. The ICS modifications included 1) the replacement of the obsolete RFP Turbine Speed Bailey Control system for all three RFP turbines, Feed Water Level Bailey Control system, and Reactor Recirculation Pump Speed Bailey Control system, and 2) the replacement of the manual control switches, indicators, and hard-wired controls on the control room panels with touch-screen digital controls and displays, for added system monitoring and stability, and enhanced user-interface and controls.

Actual Consequences Event 1 -

Following the reactor scram all control rods fully inserted. RPS performance was as expected. Reactor water level lowered to -30 inches wide range following the scram signal due to void collapse in the core. RCIC automatically initiated and injected. RCIC and the 'A' RFP restored level to within normal limits. RCIC response to the automatic initiation was as expected.

The balance of plant response was not typical due to loss of one of the two 13.8 kV auxiliary buses caused by planned maintenance on one of the offsite feeder breakers. Auxiliary Bus 1 1A automatically transferred to an offsite source as expected. However, the offsite source to Auxiliary Bus 11 B was unavailable and as a result this bus de-energized.

This resulted in the loss of several large loads, including the 'B' Condensate Pump, 'B' Reactor Recirculation Pump, 'B' Circulating Water Pump, and the 'B' Service Water Pump. Consequently, the 'C' and 'B' RFPs tripped due to low suction pressure. After the trip of the second RFP (i.e., 'B'), suction pressure recovered such that the 'A' RFP remained in operation.

Due to loss of Auxiliary Bus 11 B, six non-essential load centers lost power and were subsequently manually cross-tied to restore power to various load and motor control centers. Power to Auxiliary Bus 11 B was subsequently restored at 1217 hours0.0141 days <br />0.338 hours <br />0.00201 weeks <br />4.630685e-4 months <br />.

The main steam isolation valves (MSIVs) remained open during the transient and pressure was controlled via the main turbine bypass valves. No safety relief valve actuations occurred during this event. Primary containment integrity wasU.S. NUCLEAR REGULATORY COMMISSION (9-2007)

LICENSEE EVENT REPORT (LER)

CONTINUATION SHEET

1. FACILITY NAME

2. DOCKET

6. LER NUMBER

3. PAGE YEAR SEQUENTIAL REVISION INUMBER NUMBER Susquehanna Steam Electric Station Unit 1 05000387 j

50F5 2010

- 002-00 maintained throughout the event. There were no diesel generator starts. The event was bounded by transients analyzed in Chapter 15 of the SSES Final Safety Analysis Report.

Event 2 -

Following the reactor scram all control rods fully inserted. RPS performance was as expected. Reactor water level lowered to -30 inches wide range following the scram signal due to void collapse in the core. RCIC was manually initiated at -24 inches and injected for level control. The 'B' RFP was restored and RCIC was secured. Level was restored to within normal limits. The lowest reactor water level reached was approximately -30 inches on wide range.

The MSIVs remained open during the transient and pressure was controlled via the main turbine bypass valves.

There were no safety relief valve actuations during the event. Primary containment integrity was maintained throughout the event. There were no diesel generator starts. The event is bounded by transients analyzed in Chapter 15 of the SSES Final Safety Analysis Report.

Based upon the above discussion, the actual consequences of these events were minimal. There was no impact to the health and safety of the public.

Potential Consequences None.

CORRECTIVE ACTIONS

Completed Actions:

Event 1 -

Immediate corrective actions were taken to adjust the ICS speed controller gain and master feedwater level controller gain to compensate for the RFP non-responsiveness at low power conditions. The appropriate procedures were revised to reflect these changes.

Event 2 -

The ICS design incorporates Flow Control, Level control (e.g., feed forward / cascade control), adaptive tuning techniques (e.g., different gains at various power levels), and "gap" control (i.e., higher / lower gains within a defined band) as well as dynamic system features that are intended to maximize reactor water level control stability. The corrective actions taken as a result of this event provided increased system gains for large transients on the ICS Level Controller and the Flow Controller.

Adjustments were made that maintained the existing gains for small transients while increasing the gain for large transients. These changes provide a more aggressive control action response during large transients and keeps the current "as tuned" control response for smaller transients (i.e., normal expected operational occurrences).

Subsequent testing of ICS for both small and large transients, including the successful Unit 1 condensate pump trip test on May 30, 2010, indicated that the corrective actions were appropriate

Planned Corrective Actions

The final root cause analysis will identify the planned corrective actions, including actions to prevent recurrence. Upon completion and approval of the root cause analysis, a supplement to this LER will be submitted by August 1, 2010.