ML072830283
| ML072830283 | |
| Person / Time | |
|---|---|
| Site: | Oconee  |
| Issue date: | 08/07/2007 |
| From: | Goforth D Duke Energy Corp |
| To: | Office of Nuclear Reactor Regulation |
| Oudinot D | |
| Shared Package | |
| ML072830337 | List:
|
| References | |
| Download: ML072830283 (24) | |
Text
1 Non-Power Operation Transition August 7, 2007 Bethesda, MD
2 Duke Presenter David Goforth Duke Energy NFPA-805 Transition Technical Manager
3 Background
NFPA 805 requires the evaluation of the effects of a fire During any operational mode and plant configuration Concept introduced in NUREG 1449 Building on NUMARC 93-01 and 91-06
4 NEI 04-02 Methodology Detailed methodology provided in NEI 04-02, Appendix F:
Review existing plant outage processes to determine equipment relied upon to provide Key Safety Functions Compare list of SSCs required to maintain KSFs with those analyzed for Safe Shutdown at Power For those SSCs not already credited, perform circuit/cable/routing analysis to determine where these SSCs can be impacted by fire
5 NEI 04-02 Methodology Detailed methodology provided in NEI 04-02, Appendix F continued:
Identify locations where fire may impact shutdown safety Pinch Points where fire damage may prevent achieving KSFs Recovery actions credited for KSFs are performed Identify fire areas where a single fire may damage all the credited paths for a KSF.
May include fire modeling
6 NEI 04-02 Methodology
Focus on managing fire risk Qualitatively during High Risk Evolutions (HREs)
NEI 91-06 defines High Risk Evolutions as follows:
Outage activities, plant configurations or conditions during shutdown where the plant is more susceptible to an event causing the loss of a key safety function
For this effort the high risk evolution to be reviewed is when the plants operational state meets the following conditions, thus a high risk condition:
Fuel in the reactor, AND
Thermal margin is low with a time to core boil 40 minutes, OR
The plant is in a reduced inventory condition (i.e. water level reactor vessel flange)
7 Areas of Contention The NRC has endorsed NEI 04-02 without exception on non-power operational modes in RG 1.205.
NRC expressed concern over the definition of high risk evolution.
8 What will be do?
The industry has been challenged to propose a method for addressing fire-induced high risk evolutions (as opposed to addressing fire risk during high risk evolutions).
9 The Plan Incorporate Fire into the current Outage Defense in Depth method. (Actually the effects of a fire are already required to be addressed, we will implement a more exacting methodology).
Take the concept of High Risk Evolution used in NEI 04-02 and apply it to what is really required to protect Key Safety Functions.
10 Definitions Defense in Depth - For the purpose of managing risk during shutdown, DID is the concept of:
Providing SSCs to ensure backup to Key Safety Functions using redundant, alternate, or diverse methods Planning and scheduling outage activities in a manner that optimizes safety system availability.
Planning and scheduling outage activities to include redundant personnel reviews or approvals prior to work start.
Providing administrative controls that support and/or supplement the above elements. Administrative controls could be additional reviews, approval sequences or personnel involvement.
Providing the plans necessary to minimize the likelihood of losing a Key Safety Function.
11 Definitions (Continued)
Key Safety Functions - The functions that ensure the integrity of the reactor coolant pressure boundary, ensure the capability to shutdown and maintain the reactor in a safe shutdown condition, and ensure the capability to prevent or mitigate the consequences of accidents that could result in potentially significant offsite exposures. These key safety functions are:
Decay heat Removal Reactor Coolant Inventory Control Reactivity Control Containment Control Spent Fuel Cooling Power Availability
12 Definitions (Continued)
High Risk Evolutions - Outage activities, plant configurations or conditions during shutdown where the plant is more susceptible to an event causing the loss of a Key Safety Function. High Risk Evolutions include:
Draining to Reduced Inventory when the reactor coolant level is at or below the reactor vessel flange Reactor Coolant System at or below Reduced Inventory Midloop operation Any specific evolution determined by Station Management
13 What does the Industry do?
Use an outage risk assessment tool Look for places where Key Safety Systems may be compromised during outage planning and during an outage.
Put tools into place that allow Operations the ability to track and maintain a required level of safety with regard to Key Safety Functions at any time.
Provide the needed tools to ensure that Key Safety Functions are maintain at or above required levels at all times.
Provide contingency plans for whenever the required level of Key Safety Functions cannot be met.
14 What does this look like?
In order to best illustrate how this would be used and how we propose incorporating the NFPA-805 into the existing process, lets look at:
Nuclear Plant - USA (or NP-USA for short)
15 Nuclear Plant - USA
16 Outage Keys
RCS Inventory Addition paths
Forced Injection
Gravity Flow
RCS Vent Paths
Intact RCS
LTOP Vent Path
Large Vent Path
RCS Level
Loops Filled
Loops Not Filled
Reduced Inventory
Midloop
Decay Heat
High Decay Heat
Low Decay Heat
S/Gs
Power
Support Systems
17 Nuclear Plant - USA
18 Example 1 Outage Configuration - Mid-loop in High Decay Heat Condition Keys:
No large vent path established, thus forced injection required Draining below Loops Filled condition - S/Gs cannot be used High Decay Heat - short time for operators to respond to a loss of RHR Requirements:
2 trains of decay heat removal required and protected 2 trains of forced injection required and protected
Maintain 1 HPI pump on each train 2 trains of electrical power and support systems and protected Containment Closure required Minimum Control Room accessibility
19 Example 2 Outage Configuration - Draining the RCS to below the flange in High Decay Heat Condition Keys:
No large vent path established, thus forced injection required Draining below Loops Filled condition - S/Gs cannot be used High Decay Heat - short time for operators to respond to a loss of RHR Recognized risk because of limited venting while draining, instrument errors, OE on loss of RHR during evolution, etc.
Requirements:
2 trains of decay heat removal required and protected 2 trains of forced injection required and protected
Maintain 1 HPI pump on each train 2 trains of electrical power and support systems and protected Containment Closure required Minimum Control Room accessibility
20 What about fire?
Is there anywhere where a fire can cause the loss of all Key Safety Functions?
Keys:
Is there anywhere in the plant where all the KSF cables are routed together?
Is there anywhere where all the KSF equipment is located within a single fire area?
If a local operator actions is required, is there enough time prior to core damage for the operator to respond? Is the local operator action outside the fire area?
Is there any outage work ongoing in the at risk fire areas?
Will the operators be able to recognize a fire has happened in order to respond?
Establish contingency plans for loss of different levels of defense in depth
21 What about fire?
NFPA-805 and NEI 04-02 Requirements:
Ensure that the operators can recognize and properly respond in time to a fire to protect the core. Typically the riskier evolutions are during periods of low RCS inventory and high decay heat.
Know where plant cables and equipment are with respect to a given fire area Factor work in risk significant fire areas into outage planning Understand what defense in depth is required during the outage and will a single fire jeopardize the protection of the core Use administrative controls for outage activities that can potentially cause a fire If a local operator action is required, ensure adequate time and feasibility exist to carry out the action.
22 Nuclear Plant - USA
23 Possible Vulnerabilities and Solutions Examples RHR suction valves - turn off power to valves RHR flow diversion flow paths - turn off power to valves or use a manual valve to isolate Both trains of protected equipment are located in a single fire area - set a fire watch, do allow personnel near protected equipment, etc.
If Gravity flow path is an option -implement a local action, ensure containment closure possible, dedicate an operator, etc
24 Summary Fire will became a built in factor to existing outage risk methodology.
Fire vulnerabilities for higher risk areas and evolutions will be identified as a part of outage planning Fire risk will be addressed using defense in depth methodology Contingency plans will be made available to the operators for higher risk evolutions Operator timeline must be verified for defense in depth responses.