ML061570285

From kanterella
Jump to navigation Jump to search
DG-1145 Section C.II.1 - PRA
ML061570285
Person / Time
Issue date: 06/09/2006
From:
NRC/NRR/ADRA
To:
References
DG-1145
Download: ML061570285 (16)
v  d  e


Text

ML061570285 C.II.1 PROBABILISTIC RISK ASSESSMENT (PRA)

An application for a combined license under 10 CFR 52 needs to include a comprehensive risk evaluation1. The submitted information should provide complete and detailed documentation of the applicants risk evaluation sufficient to permit the NRC to conclude that it supports the objectives delineated in section C.II.1.2 of this guide and should include explanatory details and technical data supplemental to that appropriate for inclusion in Chapter 19 of the final safety analysis report (FSAR).

C.II.1.1 Regulatory Basis The Commission issued 10 CFR Part 52, "Early Site Permits; Standard Design Certifications; and Combined Licenses for Nuclear Power Plants," on April 18, 1989. This rule provides for issuing early site permits (ESPs), standard design certifications, and combined licenses (COLs) with conditions for nuclear power reactors. It states the review procedures and licensing requirements for applications for these new licenses and certifications and was intended to achieve the early resolution of licensing issues, as well as to enhance the safety and reliability of nuclear power plants. With regard to severe accidents, 10 CFR Part 52 codifies some parts of the guidance in the Severe Accident Policy Statement and the Standardization Policy Statement. Specifically, 10 CFR 52.47 requires the following for a COL application:

DRAFT

  • demonstrate compliance with any technically relevant portion of the TMI requirements set forth in 10 CFR 50.34(f)
  • propose technical resolutions of those Unresolved Safety Issues and medium-and high-priority Generic Safety Issues which are identified in the version of NUREG-0933, A Prioritization of Generic Safety Issues," current on the date 6 months prior to application and which are technically relevant to the design

The NRC has issued guidance for addressing severe accidents and PRA in the following documents:

  • NRC Policy Statement, Severe Reactor Accidents Regarding Future Designs and Existing Plants" (Volume 50, page 32138, of the Federal Register (50 FR 32138) dated August 8, 1985)
  • NRC Policy Statement, "Safety Goals for the Operations of Nuclear Power 1

The risk evaluation includes both the probabilistic risk assessment and alternative approaches for addressing contributors to risk as defined in section C.II.1.3 of this guide. For example, in lieu of a seismic PRA the applicant can choose to perform a risk-based seismic margins analysis (SMA) per SECY-93-087. The risk-based SMA is a method for estimating the margin above the safe shutdown earthquake (SSE) of the design which allows the identification of risk-important design and operational features, and associated requirements, to mitigate seismic events. In SECY-93-087, it is indicated that plants designed to withstand a specific ground acceleration SSE should have the capability to withstand beyond-design-basis earthquakes without resulting in core damage.

DRAFT WORK-IN-PROGRESS C.II.1-1 Date: 06/09/06

Plants" (51 FR 28044 dated August 4, 1986)

  • NRC Policy Statement, Nuclear Power Plant Standardization" (52 FR 34844 dated September 15,1987)
  • SECY-90-016, "Evolutionary Light-Water Reactor (LWR) Certification Issues and Their Relationship to Current Regulatory Requirements," issued January 12, 1990, and the corresponding staff requirements memorandum (SRM), issued June 26, 1990
  • SECY-93-087, 'Policy, Technical, and Licensing Issues Pertaining to Evolutionary and Advanced Light-Water Reactor Designs," issued April 2,1993, and the corresponding SRM, issued July 21, 1993
  • SECY-96-128, 'Policy and Key Technical Issues Pertaining to the Westinghouse AP600 Standardized Passive Reactor Design," issued June 12, 1996, and the corresponding SRM, issued January 15,1997
  • SECY-97-044, -Policy and Key Technical Issues Pertaining to the Westinghouse AP600 Standardized Passive Reactor Design," issued February 18, 1997, and the corresponding SRM, issued June 30, 1997 The first four documents provide guidance as to the appropriate course for addressing severe DRAFT accidents and the use of probabilistic risk assessment (PRA). The SRMs relating to SECY 016, SECY-93-087, SECY-96-128, and SECY-97-044 provide Commission-approved guidance for implementing features in new designs to prevent severe accidents and to mitigate their effects, should they occur. Summaries of these documents are provided in Appendix A.

C.II.1.2 Purpose and Objectives The NRC intends to use the applicants risk evaluation to conclude the following objectives are met:

! Identify and address potential design and operational vulnerabilities (i.e., failures or combinations of failures which are large risk contributors that could drive the risk to unacceptable levels) at the design stage

! Determine how the risk associated with design relates to the Commission's goals of less than 1 E-4/yr for core damage frequency (CDF) and less than 1 E-6/yr for large release frequency (LRF).2

! Identify risk-informed safety insights based on systematic evaluations of risk associated with the design:

  • Develop an in-depth understanding of design robustness and tolerance of severe accidents initiated by either internal or external events
  • Develop a good appreciation of the risk significance of human errors associated with the design and characterize the key errors in preparation 2

Commission SRM dated June 26, 1990 in response to SECY-90-016. In addition, the Commission approved the use of a containment performance goal (CPG). The CPG includes (1) a deterministic goal that containment integrity be maintained for approximately 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> following the onset of core damage for the more likely severe accident challenges and (2) a probabilistic goal that the conditional containment failure probability (CCFP) be less than approximately 0.1 for the composite of all core damage sequences assessed in the PRA.

DRAFT WORK-IN-PROGRESS C.II.1-2 Date: 06/09/06

for better training and more refined procedures

! Identify and support design requirements, such as inspection, tests, analyses, and acceptance criteria (ITAACs), design reliability assurance program (D-RAP),

and technical specifications (TS), as well as COL and interface requirements

! Support the process used to determine whether regulatory treatment of non-safety systems (RTNSS) is necessary, if applicable

! Determine, in a quantitative manner, whether the design, including the site, represents a reduction in risk over existing plants.3

! Assess the balance of preventive and mitigative features of the design per 10 CFR 52.79 (a) (38) [71 FR 12782] including consistency with Commission guidance in SECY-93-087.

! Support, as a minimum, regulatory oversight processes (e.g., MSPI, SDP) and programs (e.g., Technical Specifications, reliability assurance, human factors, Maintenance Rule) that will be associated with plant operations The review objectives are drawn from 10 CFR Part 52, the Commission's Severe Reactor Accident Policy Statement regarding future designs and existing plants, the Commission's Safety Goals Policy Statement, the Commission-approved positions concerning severe accidents contained in SECY-93-087, and NRC interest in the use of PRA to help improve future reactor designs. In general, the PRA and the staff's review achieve these objectives.

DRAFT The PRA needs to be revised as the plant is constructed and subsequently operated to account for updated site-specific information, as-built (plant-specific) information refinements in the level of design detail, Technical Specifications, plant-specific emergency operating procedures, severe accident management guidelines, and design changes. The Commission believes that updated PRA insights, if properly evaluated and used, could strengthen programs and activities in areas such as training, emergency operating procedures development, reliability assurance, maintenance, and 10 CFR 50.59 evaluations.

PRA updates are the responsibility of the COL applicant. During the construction stage, the COL applicant is able to consider as-built information. As plant experience data accumulates, the COL holder is able to update failure rates (taken from generic databases) and human errors assumed in the design PRA and incorporate the information, as appropriate, into quality assurance and maintenance programs. Any changes in the licensing basis during the COL application, construction and operation stages (e.g., changes to address site-specific or plant-specific considerations or resulting from the resolution of COL action items, as-built plant information, and actual plant operational experience) should be evaluated to assess their risk impact. Such changes, including the associated risk impacts, need to be submitted for NRC review and approval and reflected in the updated PRA updates, as necessary.

C.II.1.3 Scope The applicants risk evaluation needs to be comprehensive in scope and include all applicable internal and external events and all plant operating modes. The scope should be sufficient to 3

Applicable for designs that have evolved from light water reactor (LWR) plant technology (contemporary with issuance of the Commissions Severe Accident Policy Statement on August 8, 1985) through the incorporation of features intended to enhance plant safety, availability, and operation.

DRAFT WORK-IN-PROGRESS C.II.1-3 Date: 06/09/06

enable the NRC staff to meet the objectives identified in section C.II.1.2. The scope of the risk evaluation may need to be expanded if it supports other risk-informed applications. 4 C.II.1.4 Level of Detail The level of detail of the applicants risk evaluation needs to be commensurate with the Purpose and Objectives discussed in C.II.1.2 (i.e., sufficient to gain risk-informed insights and use such risk-insights, in conjunction with assumptions made in the PRA, to identify and support requirements important to the design and plant operation). The risk evaluation should realistically reflect the actual plant design, planned construction, anticipated operational practices, and relevant operational experience of the applicant and the industry. The burden is on the applicant to justify that the risk evaluation approach, methods, and data, as well as the requisite level of detail necessary for the NRC staff review and assessment, are appropriate for the COL application. Additional guidance on the level of detail that should be provided in the risk evaluation is in Regulatory Guide 1.200, An Approach For Determining The Technical Adequacy Of Probabilistic Risk Assessment Results For Risk-Informed Activities and Regulatory Guide 1.174, An Approach for Using Probabilistic Risk Assessment In Risk-Informed Decisions On Plant-Specific Changes To The Licensing Basis.

In cases where detailed design information (such as regarding cable and pipe routing) is not DRAFT available or when it can be shown that detailed modeling does not provide significant additional information, it is acceptable to make bounding-type assumptions consistent with RG 1.200 guidelines. However, the risk models should still be capable to be used to identify vulnerabilities as well as design and operational requirements, such as ITAAC and COL action items. In addition, the bounding assumptions should not mask any risk significant information about the design and its operation.

C.II.1.5 Technical Adequacy The quality of the applicants methodologies, processes, analyses, and personnel associated with the risk evaluation need to comply with the provisions for nuclear plant quality assurance (e.g., Appendix B to 10 CFR Part 50). To this end, the applicants risk evaluation submittal needs to meet the applicable ASME and ANS standards endorsed by the staff in Regulatory Guide 1.200 at the time of submittal. In addition, the risk evaluation should adhere to the recommendations provided in Regulatory Guides 1.200 and 1.174 pertaining to quality and technical adequacy. Such adherence will result in a more efficient and consistent NRC staff review process. Alternatively, the applicant should identify, and justify the acceptability of, alternative measures for addressing the risk evaluation quality and technical adequacy.

Special emphasis, as noted in RG 1.200, Appendix A (Table A-1, Element 1.1), should be placed on PRA modeling of novel and passive features in the design, as well as addressing issues related to these features, such as digital instrumentation and control, explosive (squib) 4 Risk-informed applications (e.g., implementation of 10 CFR 50.69 or NFPA-805) may involve a scope, level of detail, and/or technical adequacy for the affected areas that is greater than that needed for the COL application.

DRAFT WORK-IN-PROGRESS C.II.1-4 Date: 06/09/06

valves, and the issue of thermal hydraulic (T-H) uncertainties5.

C.II.1.6 Risk Insights The applicant, in addition to using the PRA models to assess risk and determine significant accident sequences and major contributors, needs to perform uncertainty, importance and sensitivity analyses. Such analyses provide important information about (1) areas where certain design features are the most effective in reducing risk with respect to operating reactor designs, (2) major contributors to risk, such as hardware failures and human errors, (3) major contributors to maintaining the built-in plant safety and ensuring that the risk does not increase unacceptably, (4) major contributors to the uncertainty associated with the risk estimates, and (5) sensitivity of risk estimates to uncertainties associated with failure data, to assumptions made in the PRA models, to lack of modeling details in certain areas, and to previously raised issues.

For designs that have evolved from current plant technology, through the incorporation of several features intended to make the plant safer, more available and easier to operate, the results of the risk evaluation should indicate that the design represents a reduction in risk over existing plants.3 For this purpose, a broad comparison of risks, by initiating event category, between the proposed design and operating plants (from which the proposed design evolved)

DRAFT can be helpful in the identification of the major design features that contribute to the reduced risk of the proposed design as compared to operating designs.(e.g., passive systems, less reliance on offsite and onsite power for accident mitigation, and divisional separation).

The impact of uncertainties in data on the risk estimates should be investigated. The uncertainty analysis should identify major contributors to the uncertainty associated with the estimated risks.

Risk importance studies should be performed at the system, train and component level. Such studies provide very useful insights about (1) the systems that contribute the most in achieving the low risk level assessed in the PRA, (2) events (e.g., component failures or human errors) that contribute the most to decreases in the built-in plant safety level, (3) events that contribute the most to the assessed risk.

Sensitivity studies should be performed to gain insights about the impact of uncertainties (and potential lack of detailed models) on the estimated risk. The sensitivity studies have the following objectives: (1) determine the sensitivity of the estimated risk to potential biases in numerical values, such as initiating event frequencies, failure probabilities, and equipment unavailabilities; (2) determine the impact of potential lack of modeling details on the estimated risk, and (3) determine the sensitivity of the estimated risk to previously raised issues (e.g.,

5 The issue of T-H uncertainties arises from the "passive" nature of safety-related systems used for accident mitigation. Passive safety systems rely on natural forces, such as gravity, to perform their functions. Such driving forces are small compared to those of pumped systems, and the uncertainty in their values, as predicted by a "best-estimate" T-H analysis, can be of comparable magnitude to the predicted values themselves. Therefore, some accident sequences with a frequency high enough to impact results, but which are not predicted to lead to core damage by a "best-estimate" T-H analysis, may actually lead to core damage when T-H uncertainties are considered in the PRA models.

DRAFT WORK-IN-PROGRESS C.II.1-5 Date: 06/09/06

MOV reliability). In addition, for designs using passive safety systems and active defense-in-depth systems, sensitivity studies can be performed to investigate the impact of uncertainties on PRA results under the assumption of plant operation without credit for the non-safety-related "defense-in-depth" systems. These studies provide additional insights about the risk importance of the "defense-in-depth" systems which are taken into account in selecting non-safety-related systems for regulatory oversight according to the regulatory treatment of non-safety-related systems (RTNSS) process.

The applicant needs to use the results of the risk evaluation, including those from the uncertainty and importance analyses and the sensitivity studies, in an integrated fashion, to perform the following:

! address weaknesses through specific design and/or operational changes

! identify and implement requirements to ensure that assumptions made in the risk evaluation (e.g., regarding design and operational features of a safety system, system interactions and human actions) will remain valid in a future plant referencing the proposed design and that uncertainties have been appropriately addressed. These are specific requirements for the design, construction, testing, inspection and operation of the plant (e.g., ITAAC, Technical Specifications, Reliability Assurance Program, RTNSS, and COL action items).

DRAFT The applicants submittal needs to include the results of the risk evaluation and a discussion of the corresponding insights. In addition, the submittal should address the application and implementation of the acquired risk insights.

C.II.1.7 Format and Content The applicant needs to provide an acceptable level of documentation to enable the NRC staff to conclude that the objectives identified in section C.II.1.2 were met and to reach a finding that the applicant has performed a sufficiently complete and scrutable analysis and that the results support the application for a COL. The submitted risk evaluation needs to include adequate information, in terms of both models (initiating events, fault and event trees, success criteria, data, important assumptions and calculations) and results (minimal cut sets, importance, sensitivity, and uncertainty analyses).

Consistent with practices for operating plants, the applicant does not need to provide all plant-specific, site-specific PRA information to the NRC; but, the applicant needs to maintain such information and make it available for NRC review. Documentation of the risk evaluation process and findings should be provided and, additionally, should include a description of the applicants provisions to ensure adequacy per Regulatory Guide 1.200.

To support the NRC staffs timely review and assessment of the documentation, applicants should adhere to the recommended format and content identified in Appendix B, Probabilistic Risk Assessment to Support a Combined License Application, Standard Format and Content.

In addition to submitted documentation, the applicant should maintain archival documentation to include a detailed description of engineering analyses conducted and results obtained, irrespective of whether they were quantitative or qualitative or whether the analyses made use of traditional engineering methods or probabilistic approaches. Such documentation should be DRAFT WORK-IN-PROGRESS C.II.1-6 Date: 06/09/06

maintained as part of the quality assurance program such that it is available for examination and maintained as lifetime quality records in accordance with Regulatory Guide 1.33.

C.II.1.8 PRA Maintenance and Upgrade The applicant should develop a PRA maintenance program based on RG 1.200 configuration control guidance.

DRAFT DRAFT WORK-IN-PROGRESS C.II.1-7 Date: 06/09/06

APPENDIX A NRC Regulatory Guidance on Severe Accidents The Commission expects that new designs will achieve a higher standard of severe accident safety performance than previous designs.3 In an effort to provide this additional level of safety in the design of advanced nuclear power plants, the NRC has developed guidance and goals to accommodate events that are beyond the design basis of the plant. Designers should strive to meet these goals.

For advanced nuclear power plants, including both the evolutionary and passive designs, the NRC concluded that vendors should address severe accidents during the design stage.

Designers can take full advantage of the insights gained from such input as probabilistic safety assessments, operating experience, severe accident research, and accident analysis by designing features to reduce the likelihood that severe accidents will occur and, in the unlikely occurrence of a severe accident, to mitigate the consequences of such an accident.

Incorporating insights and design features during the design phase is much more cost effective than modifying existing plants.

Severe Accident Policy Statement. The Commission issued its policy statement entitled, DRAFT Severe Reactor Accidents Regarding Future Designs and Existing Plants," on August 8, 1985.

This policy statement was prompted by the NRC's judgment that severe accidents, which are beyond the traditional design-basis events, constitute the major remaining risk to the public associated with radioactive releases from nuclear power plant accidents. A fundamental objective of the Commission's severe accident policy is to take all reasonable steps to reduce the chances that a severe accident involving substantial damage to the reactor core will occur and to mitigate the consequences of such an accident, should one occur. This statement describes the policy that the Commission uses to resolve safety issues related to reactor accidents more severe than DBAs. The statement focuses on the guidance and procedures the Commission intends to use to certify new designs for nuclear power plants. Regarding the decision process for certifying a new standard plant design, an approach the Commission strongly encouraged for future plants, this policy statement affirms the Commission's belief that a new design for a nuclear power plant can be shown to adequately address severe accident concerns if it meets the following guidance:

  • demonstration of compliance with the requirements of current Commission regulations, including the TMI requirements for new plants, as reflected in 10 CFR 50.34(f)
  • demonstration of technical resolution of all applicable unresolved safety issues (USI) and the medium- and high-priority generic safety issues (GSI), including a special focus on assuring the reliability of decay heat removal (DHR) systems and the reliability of both alternating current (ac) and direct current (dc) electrical supply systems
  • completion of a PRA and consideration of the severe accident vulnerabilities exposed by the PRA, along with the insights that it may add to providing assurance of no undue risk to public health and safety
  • completion of a staff review of the design with a conclusion of safety acceptability using an approach that stresses deterministic engineering analyses and judgment, complemented by PRA DRAFT WORK-IN-PROGRESS C.II.1-8 Date: 06/09/06

At the time it issued the Severe Accident Policy Statement, the Commission believed that an adequate basis existed to establish appropriate guidance. This belief was supported by the current operating reactor experience, ongoing severe accident research, and insights from a variety of risk analyses. The Commission recognized the need to strike a balance between accident prevention and consequence mitigation,'and in doing so, expected vendors engaged in designing new standard plants to achieve a higher standard of severe accident safety performance than they achieved in previous designs.6 Safety Goals Policy Statement. The Commission issued its policy statement entitled, "Safety Goals for the Operation of Nuclear Power Plants," on August 4, 1986. This policy statement focused on the risks to the public from nuclear power plant operations with the objective of establishing goals that broadly define an acceptable level of radiological risk that might be imposed on the public as a result of nuclear power plant operation. These risks are associated with the release of radioactive material from the reactor to the environment during normal operations, as well as from accidents. The Commission established the following two qualitative safety goals:

(1) Individual members of the public should be provided a level of protection from the consequences of nuclear power plant operation such that individuals bear no significant additional risk to life and health.

(2) Societal risks to life and health from nuclear power plant operation should be DRAFT comparable to or less than the risks of generating electricity by viable competing technologies and should not be a significant addition to other societal risks.

These goals are supported by the following two quantitative objectives that determine achievement of the above safety goals:

(1) The risk to an average individual in the vicinity of a nuclear power plant of a prompt fatality that might result from reactor accidents should not exceed one-tenth of one percent (0.1 percent) of the sum of prompt fatality risks resulting from other accidents to which members of the U.S. population are generally exposed.

(2) The risk to the population in the area near a nuclear power plant of cancer fatalities 6

Following the 1979 accident at the Three Mile Island (TMI) Nuclear Plant, Unit 2, it was recognized that severe accidents (i.e., those in which substantial damage is done to the reactor core, regardless of whether serious offsite consequences occur) needed further attention. The NRC evaluated, generically, the capability of existing plants to tolerate a severe accident. The NRC found that the design-basis approach contained significant safety margins for the analyzed events. These margins permitted operating plants to accommodate a large spectrum of severe accidents. Based on this information, the Commission, in the Severe Accident Policy Statement (50 FR 32138, August 8, 1985),

concluded that existing plants posed no undue risk to public health and safety and that no basis existed for immediate action on generic rulemaking or other regulatory changes affecting these plants because of the risk posed by a severe accident. To address this issue for operating plants in the long term, the NRC issued SECY-88-147, Integration Plan for Closure of Severe Accident Issues," in May 1988. This document identified the necessary elements for closure of severe accidents:

  • performance of an individual plant examination
  • assessment of generic containment performance improvements
  • improved plant operations
  • a severe accident research program
  • an external events program
  • an accident management program DRAFT WORK-IN-PROGRESS C.II.1-9 Date: 06/09/06

that might result from nuclear power plant operation should not exceed one-tenth of one percent (0.1 percent) of the sum of cancer fatality risks resulting from all other causes.

This statement of the NRC safety policy expresses the Commission's views on the level of risk to public health and safety that the industry should strive for in its nuclear power plants. The Commission recognizes the importance of mitigating the consequences of a core melt accident and continues to emphasize such features as the containment, siting in less populated areas, and emergency planning as integral parts of the defense-in-depth concept associated with its accident prevention and mitigation philosophy. The Commission approves the use of the qualitative safety goals, including use of the quantitative health effects objectives, in the regulatory decisionmaking process.

Standardization Policy Statement. The Commission issued its policy statement entitled, "Nuclear Power Plant Standardization," on September 15, 1987. This policy statement encourages the use of standard plant designs and contains information concerning the certification of plant designs that are essentially complete in terms of scope and level of detail.

The intent of these actions was to improve the licensing process and to reduce the complexity and uncertainty in the regulatory process for standardized plants. With respect to severe accidents, the NRC expects applicants to address the guidance for new plant designs provided in the Commission's Severe Accident Policy Statement.

DRAFT Use of PRA Methods in Nuclear Regulatory Activities Policy Statement. The Commission issued its policy statement entitled, Use of Nuclear Probabilistic Risk Assessment Methods in Nuclear Regulatory Activities," on August 16, 1995. This statement outlines the policy that the NRC will follow for using PRA methods in nuclear regulatory matters. The Commission established this policy so that the many potential applications of PRA could be implemented in a consistent and predictable manner to promote regulatory stability and efficiency. The Commission adopted the following policy statement regarding the expanded NRC use of PRA:

  • The use of PRA technology should be increased in all regulatory matters to the extent supported by the state-of-the-art in PRA methods and data and in a manner that complements the NRC's deterministic approach and supports the NRC's traditional defense-in-depth philosophy.
  • PRA and associated analyses (e.g., sensitivity studies, uncertainty analyses, and importance measures) should be used in regulatory matters, where practical within the bounds of the state-of-the-art, to reduce unnecessary conservatism associated with current regulatory requirements, regulatory guides, license commitments, and staff practices. Where appropriate, PRA should be used to support the proposal for additional regulatory requirements, in accordance with 10 CFR 50.109 (Backfit Rule). Appropriate procedures for including PRA in the process for changing regulatory requirements should be developed and followed.

It is, of course, understood that the intent of this policy is that existing rules and regulations shall be complied with unless such rules and regulations are revised.

  • PRA evaluations in support of regulatory decisions should be as realistic as practicable and appropriate supporting data should be publicly available for review.
  • The Commission's safety goals for nuclear power plants and subsidiary numerical objectives are to be used with appropriate consideration of uncertainties in making regulatory judgments on the need for proposing and DRAFT WORK-IN-PROGRESS C.II.1-10 Date: 06/09/06

backfitting new generic requirements on nuclear power plant licensees.

SECY-90-016. On January 12, 1990, the NRC staff issued SECY-90-016 which requested Commission approval for the staff's recommendations concerning proposed departures from current regulations for the evolutionary light-water reactors (LWR). The issues in SECY-90-016 were significant to reactor safety and fundamental to the NRC decision on the acceptability of evolutionary LWR designs. The positions in SECY-90-016 were developed as a result of the following activities:

  • NRC reviews of current-generation reactor designs and evolutionary LWRs
  • consideration of operating experience, including the TMI-2 accident
  • results of PRAs of current-generation reactor designs and the evolutionary LWRs
  • early efforts conducted in support of severe accident rulemaking
  • research to address previously identified safety issues The Commission approved some of the staff positions stated in SECY-90-016 and provided additional guidance regarding others in an SRM dated June 26, 1990.

SECY-93-087. On April 2, 1993, the NRC staff issued SECY-93-087 which sought Commission approval for the staff's positions pertaining to evolutionary and passive LWR design certification DRAFT policy issues. This paper evolved from SECY-90-016. SECY-93-087 addresses the following preventive and mitigative feature issues relating to the AP 1000:

Preventive:

  • mid-loop operation
  • station blackout (SBO)
  • fire protection
  • inter-system loss-of-coolant accident (ISLOCA)

Mitigative:

  • core debris coolability
  • high-pressure core melt ejection
  • containment performance
  • dedicated containment vent penetration
  • equipment survivability
  • containment bypass potential resulting from steam generator tube ruptures The Commission approved some of the staff positions stated in SECY-93-087 and provided additional guidance regarding others in an SRM dated July 21, 1993.

SECY-96-1 28. On June 12, 1996, the NRC staff issued SECY-96-128 which sought Commission approval for the staff's position pertaining to the AP600 reactor design. The issues involving severe accidents include the following:

  • prevention and mitigation of severe accidents
  • external reactor vessel cooling (ERVC)

The Commission provided additional guidance concerning prevention and mitigation of severe DRAFT WORK-IN-PROGRESS C.II.1-11 Date: 06/09/06

accidents and approved the staff's position concerning ERVC in an SRM dated January 15, 1997.

SECY-97-044. On February 18,1997, the NRC staff issued SECY-97-044 which provided the Commission with additional information regarding prevention and mitigation of severe accidents. This paper responded to the Commission's SRM dated January 15, 1997, and provided additional information regarding the type of non-safety-related system that would achieve an appropriate balance between prevention and mitigation of severe accidents for the AP600 reactor design, which is also applicable to the AP1 000 design. The Commission approved the staff's position in an SRM dated June 30, 1997.

Severe Accident Resolution. The basis for resolving the severe accident issues associated with new reactor designs are the requirements of 10 CFR Part 52 and the guidance, as applicable, in SECY-93-087, SECY-96-128, SECY-97-044, and other SECY papers as approved by the Commission.

DRAFT DRAFT WORK-IN-PROGRESS C.II.1-12 Date: 06/09/06

APPENDIX B Probabilistic Risk Assessment to Support a Combined License Application Standard Format and Content

[Note: This standard format is consistent with the guidance provided in Regulatory Guide 1.200, An Approach For Determining The Technical Adequacy Of Probabilistic Risk Assessment Results For Risk-Informed Activities, and adapted to the specific uses of the PRA to support a COL application.

The content of the applicants submittal should include adequate information (e.g., in terms of models, results, and interpretation of results) to enable the NRC staff to conclude whether the objectives identified in C.II.1.2 are met. The requisite level of detail, technical adequacy, and risk insights to be included in the submittal are identified in sections C.II.1.4, C.II.1.5, and C.II.1.6, respectively.]

1.0 Introduction - General Overview 2.0 Core Damage Evaluation (includes internal and external events)

DRAFT 2.1 Methodology Overview 2.2 Internal Events (includes shutdown operation) 2.2.1 Initiating Events 2..2.2 Success Criteria 2.2.3 Accident Sequence 2.2.4 Systems Analyses 2.2.5 Parameter Estimation 2.2.6 Human Reliability Analysis 2.2.7 Quantification (including results) 2.2.8 Importance, Sensitivity, and Uncertainty Analyses 2.2.9 Internal Floods 2.2.9.1 Methodology and Approach 2.2.9.2 Flood Identification 2.2.9.3 Flood Evaluation 2.2.9.4 Quantification (including results) 2.2.9.5 Importance, Sensitivity, and Uncertainty Analyses 2.2.10 Internal Fires 2.2.10.1 Methodology and Approach 2.2.10.2 Screening Analysis 2.2.10.3 Fire Initiation 2.2.10.4 Fire Damage 2.2.10.5 Plant Response Analysis and Quantification 2.2.10.6 Quantification (including results) 2.2.10.7 Importance, Sensitivity, and Uncertainty Analyses DRAFT WORK-IN-PROGRESS C.II.1-13 Date: 06/09/06

2.3 External Events 2.3.1 Methodology and Approach 2.3.2 Screening and Bounding Analysis 2.3.3 Hazard Analysis 2.3.4 Fragility Analysis 2.3.5 Accident Sequence and System Model Modification 2.3.6 Quantification (including results) 2.3.7 Importance, Sensitivity, and Uncertainty Analyses 2.4 Conclusions and Insights related to Core Damage Evaluation 2.4.1 Significant Accident Sequences 2.4.2 Integrated Insights from the Importance, Sensitivity, and Uncertainty Analyses 2.4.3 Risk-significant Design Features and Operator Actions

[Note: Include a discussion of features that contribute significantly to the reduced risk, by initiating event category, as compared to operating plant designs, if applicable.]

3.0 Containment Performance & Radionuclide Release Assessment DRAFT 3.1 Severe accident treatment 3.1.1 Treatment of physical processes/phenomena (including evaluations in accordance with SECY-93-087) 3.1.2 Severe accident analysis methods/models 3.1.3 Severe accident progression for key core damage sequences 3.2 Containment event tree analysis 3.2.1 Interface with core damage evaluation 3.2.2 Containment event tree top events and success criteria 3.2.3 Release category definitions 3.3 Containment ultimate pressure capacity and conditional containment failure probability 3.4 Quantification of release frequency and source terms 3.5 Importance, sensitivity, and uncertainty analyses 3.6 Interpretation of results and insights (including comparisons with goals) 3.7 Conclusions and insights related to containment performance assessment 4.0 Offsite Consequence Evaluation

[Note: applicable if such information is included in applicants PRA]

4.1 Methodology Overview 4.2 Interface with Containment Performance Assessment DRAFT WORK-IN-PROGRESS C.II.1-14 Date: 06/09/06

4.3 Evaluation of Fission Product Source Terms 4.4 Dose Consequence Modeling 4.5 Quantification and Results 4.6 Importance, Sensitivity, and Uncertainty Analyses 4.7 Conclusions and Insights related to Offsite Consequences Evaluation 5.0 Use of PRA in the Design Process

[Note: Address how the PRA was used in the design process to achieve the following objectives (and provide examples): 1) identify vulnerabilities in operating reactor designs and introduce features and requirements to reduce or eliminate those vulnerabilities;

2) quantify the effect of new design features and operational strategies on plant risk.]

6.0 Risk Evaluation Conclusions

[Note: Address how the purpose and objectives are met.]

5.1 CDF, LERF, and offsite dose from internal, external, and low-power events DRAFT 5.2 Important features for reducing risk 5.3 PRA input to regulatory processes and programs (e.g., RAP, RTNSS, Tier 1, COL action items, man-machine-interface, EOPs, SAMG) 7.0 PRA Maintenance Program/Process DRAFT WORK-IN-PROGRESS C.II.1-15 Date: 06/09/06

4.3 Evaluation of Fission Product Source Terms 4.4 Dose Consequence Modeling 4.5 Quantification and Results 4.6 Importance, Sensitivity, and Uncertainty Analyses 4.7 Conclusions and Insights related to Offsite Consequences Evaluation 5.0 Use of PRA in the Design Process

[Note: Address how the PRA was used in the design process to achieve the following objectives (and provide examples): 1) identify vulnerabilities in operating reactor designs and introduce features and requirements to reduce or eliminate those vulnerabilities;

2) quantify the effect of new design features and operational strategies on plant risk.]

6.0 Risk Evaluation Conclusions

[Note: Address how the purpose and objectives are met.]

5.1 CDF, LERF, and offsite dose from internal, external, and low-power events DRAFT 5.2 Important features for reducing risk 5.3 PRA input to regulatory processes and programs (e.g., RAP, RTNSS, Tier 1, COL action items, man-machine-interface, EOPs, SAMG) 7.0 PRA Maintenance Program/Process ADAMS Accession Number: ML061570285 COG Project Manager: Tom Kevern, 415-0224 OFFICE TECH ED DNRL/NRR NGDB/DNRL BC: APLB/DRA BC: APLA/DRA NAME PGarrity PMagnanelli TKevern (PM) L. Mrowca M. Rubin (LA)

DATE OFFICE DD: DRA OGC NAME M. Tschiltz DATE OFFICIAL RECORD COPY DRAFT WORK-IN-PROGRESS C.II.1-15 Date: 06/09/06

Retrieved from "https://kanterella.com/w/index.php?title=ML061570285&oldid=2190809"