ML060060427

From kanterella
Jump to navigation Jump to search

Units 1, 2 and 3, Review Issues for Digital Upgrade of Rps/Esps
ML060060427
Person / Time
Site: Oconee  Duke Energy icon.png
Issue date: 01/11/2006
From: Catherine Haney
Plant Licensing Branch III-2
To: Brandi Hamilton
Duke Energy Corp
Olshan L N, NRR/DLPM, 415-1419
References
TAC MC5895, TAC MC5896, TAC MC5897
Download: ML060060427 (7)
v  d  e


Text

January 11, 2006 Mr. Bruce H. Hamilton Vice President, Oconee Site Duke Energy Corporation 7800 Rochester Highway Seneca, SC 29672

SUBJECT:

REVIEW ISSUES FOR DIGITAL UPGRADE OF RPS/ESPS FOR OCONEE NUCLEAR STATION, UNITS 1, 2, AND 3 (TAC NOS. MC5895, MC5896, AND MC5897)

Dear Mr. Hamilton:

This letter is to notify you of concerns about your February 14, 2005, license amendment request for a digital upgrade of the reactor protective system (RPS) and the engineered safeguards protective system (ESPS) for Oconee Nuclear Station, Units 1, 2, and 3. You have proposed to replace the current analog-based RPS/ESPS with a digital-based Framatome TELEPERM XS system that will perform all the functions that are now being performed by separate analog systems.

On July 27, 2005, the Nuclear Regulatory Commission (NRC) sent you a detailed letter containing a number of staff concerns on the design process and system architecture in which the staff stated that it was premature to assume that the concerns could be favorably resolved or that approval would be received by your need date. Although progress has been made on the issues identified in the July 27, 2005, letter, most of our concerns have not been completely resolved. Factors contributing to the delays in resolving these issues include (1) incomplete response to our September 6, 2005, request for additional information, (2) many documents we have requested have been provided in a preliminary form that are either draft, under revision, or have not received final approval, and (3) much of the preliminary information is un-docketed.

When we conducted our review at your vendors offices in November 2005, we found your development of the design was not complete. While this limited review did not identify any specific issues with software development, the NRC noted that many of your planning, requirements and specification documents were in either draft form or undergoing revision.

Consequently, additional review of the design and development processes is required.

The preliminary status of key documents has significantly delayed our ability to evaluate the adequacy of your design and quality assurance processes. As you know, our review is focusing on these processes to ensure development of a safe and high-quality system. It is important to note that digital instrumentation and control (I&C) systems are fundamentally different from analog I&C systems because (1) minor errors in design and implementation can cause these systems to exhibit unexpected behavior, (2) the performance of digital systems over the entire range of input conditions cannot generally be inferred from testing of a sample of input conditions, and (3) the use of inspections, type testing, and acceptance testing of digital systems and components does not alone accomplish design qualification at high confidence levels. With this in mind, the NRCs approach to the review of design qualification for digital

B. Hamilton systems, depends, to a large extent, on confirming that you employ a high-quality development process that incorporates disciplined specification and implementation of design requirements.

NRC also reviews the inspection and testing used to verify correct implementation and to validate desired functionality of the final product. However, confidence that isolated, discontinuous point failures will not occur is derived from the discipline of your development process. Therefore, our assessment that you have implemented a disciplined, high-quality development process will be an important aspect of our overall conclusion on this application.

At this point in our review, there are also unresolved technical issues. Some of the significant issues are the lack of isolation between safety and non-safety systems and interconnections between safety-related channels, both discussed in the July 27, 2005, letter. The NRC staff continues to evaluate the overall acceptability of the consolidation of all RPS and ESPS functions as previously discussed with you at numerous meetings. Further, our review of the preliminary documentation has identified possible specification and design errors. Additionally, there a number of new features associated with the design, such as lead/lag modules, emergency override functions, and unused time delays which are complicating the review.

The NRC is committed to the licensing of advanced designs including digital technology provided that they assure the necessary levels of safety delivered by current systems are maintained. We have identified issues that raise concerns regarding the completeness and adequacy of your design and of your verification and validation processes. These issues, in turn, raise concerns about the reliance on those processes to develop a high-quality product.

Because of the issues identified to date, NRC will not complete its review by the October 2006 outage at Unit 1. This letter alerts you to this situation so you can make contingency plans.

Further, NRC has suspended its review of your application until such time as final information related to your application has been submitted and docketed. Enclosed with this letter is a list of the areas where final documentation is required to support the review. This information needs to be docketed by February 14, 2006, for NRC to be able to complete its review by February 2007. When the information is docketed, NRC will conduct an acceptance review and notify you of the results.

My staff is available, at your convenience, to discuss these issues and your plans for their resolution. If you have any questions, please contact Leonard N. Olshan at 301 415-1419.

Sincerely,

/RA/

Catherine Haney, Director Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation Docket Nos. 50-269, 50-270, and 50-287

Enclosure:

Documents Needed to Support Review of Digital RPS/ESPS cc w/encl: See next page

B. Hamilton systems, depends, to a large extent, on confirming that you employ a high-quality development process that incorporates disciplined specification and implementation of design requirements.

NRC also reviews the inspection and testing used to verify correct implementation and to validate desired functionality of the final product. However, confidence that isolated, discontinuous point failures will not occur is derived from the discipline of your development process. Therefore, our assessment that you have implemented a disciplined, high-quality development process will be an important aspect of our overall conclusion on this application.

At this point in our review, there are also unresolved technical issues. Some of the significant issues are the lack of isolation between safety and non-safety systems and interconnections between safety-related channels, both discussed in the July 27, 2005, letter. The NRC staff continues to evaluate the overall acceptability of the consolidation of all RPS and ESPS functions as previously discussed with you at numerous meetings. Further, our review of the preliminary documentation has identified possible specification and design errors. Additionally, there a number of new features associated with the design, such as lead/lag modules, emergency override functions, and unused time delays which are complicating the review.

The NRC is committed to the licensing of advanced designs including digital technology provided that they assure the necessary levels of safety delivered by current systems are maintained. We have identified issues that raise concerns regarding the completeness and adequacy of your design and of your verification and validation processes. These issues, in turn, raise concerns about the reliance on those processes to develop a high-quality product.

Because of the issues identified to date, NRC will not complete its review by the October 2006 outage at Unit 1. This letter alerts you to this situation so you can make contingency plans.

Further, NRC has suspended its review of your application until such time as final information related to your application has been submitted and docketed. Enclosed with this letter is a list of the areas where final documentation is required to support the review. This information needs to be docketed by February 14, 2006, for NRC to be able to complete its review by February 2007. When the information is docketed, NRC will conduct an acceptance review and notify you of the results.

My staff is available, at your convenience, to discuss these issues and your plans for their resolution. If you have any questions, please contact Leonard N. Olshan at 301 415-1419.

Sincerely,

/RA/

Catherine Haney, Director Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation Docket Nos. 50-269, 50-270, and 50-287

Enclosure:

Documents Needed to Support Review of Digital RPS/ESPS cc w/encl: See next page Distribution:

Public RidsNrrLAMOBrien(hard copy)(2)

BSingal,DORL DPR LPL2-1 r/f RidsOgcRp RidsNrrDorlLplc(EMarinos)

RidsAcrsAcnwMailCenter RidsNrrPMLOlshan(hard copy)

RidsRgn2MailCenter(MErnstes)

Accession Number: ML060060427 NRR-106 OFFICE NRR/LPL2-1/PM NRR/LPL2-1/LA NRR/LPL2-1/BC NRR/DORL/D NRR/DE/D NAME LOlshan:ckg MOBrien EHackett for EMarinos CHaney MMayfield DATE 1/11/06 1/11/06 1/11/06 1/11/06 1/11/06 OFFICIAL RECORD COPY

Enclosure, page 1 of 3 DOCUMENTS NEEDED TO SUPPORT REVIEW ISSUES FOR DIGITAL UPGRADE OF REACTOR PROTECTIVE SYSTEM/ENGINEERED SAFEGUARDS PROTECTIVE SYSTEM (RPS/ESPS) FOR OCONEE NUCLEAR STATION, UNITS 1, 2, AND 3 (OCONEE 1/2/3, ONS 1, 2, & 3)

The documents listed below are needed to support the review and prepare the Nuclear Regulatory Commission (NRC) staffs safety evaluation (SE). It will take at least 12 months to review and analyze these documents and to write the SE. In order to meet a February 2007 completion date, these documents need to be docketed in their final approved version no later than February 14, 2006. If you have previously submitted a document in the list, please indicate when, and how, that document was submitted to meet the requirements of Title 10 of the Code of Federal Regulations Part 50, Section 50.4.

This list represents the basic information needed to restart the review. During the course of the review, the documents below may reference documents which may also be required. NRC will initiate requests for additional information as appropriate. This list does not include the procedures and test reports for the factory acceptance tests and site acceptance tests. This information needs to be provided when it is available. However, submission after July 1, 2006, could delay the February 2007 completion date.

Document Title Doc. No.

Detailed System Architecture Unknown Oconee 1 RPS&ESFAS (Engineered Safety Features Activation System) Requirements Traceability Matrix RTM Teleperm XS Product Information on Release 3.0.7A of TXS Software 2005/26 Oconee Nuclear Station TXS RPS/ESPS Replacement System Cabinet Design: 1PPSCA0005 38-5069821 Oconee Nuclear Station TXS RPS/ESPS Replacement System Cabinet Design: 1PPSCA0006 38-5069822 ONS Units 1,2, & 3 RPS/ESFAS Controls Upgrade Failure Mode and Effects Analysis 51-5023886 ONS 1, 2, & 3 RPS/ESF Controls Upgrade, Design Specification for Key Locks and Key Switches*

51-5045379 Software Requirements Specification, ONS-1 RPS/ESF Software Requirements Specification (QA1) 51-5045380 Oconee Unit 1: RPS and ESFAS Replacement Project Open Item Form, "HW Typicals for CRD (Control Rod Drive) UV (under voltage) Test Jacks," Doc Step 3.12*

51-5052833 ONS 1, 2, & 3 RPS/ESF Controls Upgrade Hardware Design Solutions 51-5052833 ONS Unit 1 - RPS & ESFAS Configuration Management Plan 51-5055761 Oconee Nuclear Station, Units 1, 2, & 3 RPS/ESF Controls Upgrade ID Coding Concept*

51-5058134 ONS Units 1,2, & 3 RPS/ESFAS Controls Upgrade Verification and Validation Plan 51-5058661 ONS Unit 1 RPS/ESFAS Controls Upgrade Software Design Description 51-5065423

  • Document not requested in September RAI

Enclosure, page 2 of 3 Document Title Doc. No.

Oconee Nuclear Station, Unit 1 RPS/ESFAS Controls Upgrade Software Requirements Review Report 51-5066516 ONS Unit 1 - RPS & ESFAS Factory Acceptance Test Plan 51-9001334 Dedication Package for Absopulse Power Supply 51-9002116 ONS Units 1,2, & 3 RPS/ESFAS Controls Upgrade Software Safety Plan 51-9005043 ONS Units 1,2, & 3 RPS/ESFAS Controls Upgrade Software Installation Plan 51-9008803 TXS Supplemental EQ (Equipment Qualification) Summary Test Report 66-5015893 ONS RPS/ESFAS Replacement Project EQ Summary Test Report 66-5065212 TÜV Certificate on Communication Processor 968/K 110/02 TÜV Documentation on SCP2 Testing 968/K 110.01/02 TÜV Certificate on Processing Module 968/K 109/02 FANP (Framatome ANP) Report, "TELEPERM XS Simulation -

Concept of Validation and Verification,"*

NGLP/2004/en/0094 Configuration Management NSD 106 Software and Data Quality Assurance (SDQA Program NSD 800 Reactor Building Narrow Range Pressure Instrument Loop Accuracy Calculation (ESFAS)

OSC-2495 Setpoint Calculations - Wide Range RCS (Reactor Coolant System)

Pressure Uncertainty, (ESFAS HPI (High-Pressure Injection) &

LPI (Low-Pressure Injection) Setpoints)

OSC-2759 Setpoint Calculations - RPS Main Feedwater Pump Pressure Instrument Loop Accuracy Calculation OSC-3395 Setpoint Calculations - RPS Flux/Flow Ratio Uncertainty Evaluation OSC-3416 Setpoint Calculations - Reactor Building Pressure Instrument Loop Accuracy Calculation (ESFAS & RPS)

OSC-3446 Setpoint Calculations - RPS RCS Pressure & Temperature Trip Function Uncertainty Analysis and Variable Low Pressure Safety Limit OSC-4048 Setpoint Calculations - Power-Imbalance Safety Limits and Tech.

Spec. Setpoints Using Error-Adjusted Flux/Flow Ratio of 1.094 OSC-5604 Setpoint Calculations - RPS High Flux and Pump/Power Monitor Trip Function Uncertainty Analysis OSC-7237 ONS Unit 1 - RPS & ESFAS System Functional Description OSC-8623 Engineered Safeguard Feature Actuation System (ESFAS)

Replacement Project Specification OSS-0311.00-00-0012 Reactor Protection System (RPS) Replacement Project Specification OSS-0311.00-00-0013 Duke Power Company, Oconee Nuclear Station, "Nuclear Instrumentation RPS Removal from and Return to Service for Channels A, B, C and D, Rev. 031, ETQS No. RPS-Q-ENTRY"*

Procedure No.

IP/0/A/0305/015 Documentation of Software Requirements and SDQA for RPS/ESFAS System Replacement SDQA-10143-ONS

  • Document not requested in September RAI

Document Title Doc. No.

SIVAT LSELS Specifications, Job 4310002, Outputs: EFHV0037*

Test Case L010400A Teleperm XS Function Blocks, Version 2.60 FB-ADDON, Version 1.2*

TXS-1003-76-V10.0/01.04 SIVAT-TXS Simulation Based Validation Tool, Version 1.4.0*

TXS-1047-76-V2.0/01.04

  • Document not requested in September RAI Enclosure, page 3 of 3

Oconee Nuclear Station, Units 1, 2, and 3 cc:

Ms. Lisa F. Vaughn Duke Energy Corporation 526 South Church Street P. O. Box 1006 Mail Code = EC07H Charlotte, North Carolina 28201-1006 Manager, LIS NUS Corporation 2650 McCormick Dr., 3rd Floor Clearwater, FL 34619-1035 Senior Resident Inspector U.S. Nuclear Regulatory Commission 7812B Rochester Highway Seneca, SC 29672 Mr. Henry Porter, Director Division of Radioactive Waste Management Bureau of Land and Waste Management Dept. of Health and Env. Control 2600 Bull St.

Columbia, SC 29201-1708 Mr. Michael A. Schoppman Framatome ANP 1911 North Ft. Myer Dr.

Suite 705 Rosslyn, VA 22209 Mr. B. G. Davenport Regulatory Compliance Manager Oconee Nuclear Site Duke Energy Corporation ON03RC 7800 Rochester Highway Seneca, SC 29672 Ms. Karen E. Long Assistant Attorney General NC Department of Justice P.O. Box 629 Raleigh, NC 27602 Mr. R. L. Gill, Jr.

Manager - Nuclear Regulatory Issues and Industry Affairs Duke Energy Corporation 526 S. Church St.

Mail Stop EC05P Charlotte, NC 28202 Division of Radiation Protection NC Dept of Environment, Health, & Natural Resources 3825 Barrett Dr.

Raleigh, NC 27609-7721 Mr. Peter R. Harden, IV VP-Customer Relations and Sales Westinghouse Electric Company 6000 Fairview Road 12th Floor Charlotte, NC 28210 Mr. Henry Barron Group Vice President, Nuclear Generation and Chief Nuclear Officer P.O. Box 1006-EC07H Charlotte, NC 28201-1006

Retrieved from "https://kanterella.com/w/index.php?title=ML060060427&oldid=5371329"