ML073060550
| ML073060550 | |
| Person / Time | |
|---|---|
| Site: | Oconee  |
| Issue date: | 09/07/2007 |
| From: | Duke Power Co |
| To: | Office of Nuclear Reactor Regulation |
| References | |
| FAQ 07-0040 | |
| Download: ML073060550 (17) | |
Text
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Plant: Oconee Nuclear Station Date: September 7, 2007
Contact:
David Goforth Phone: (704) 382-2659 Email: djgofort@duke-energy.com Distribution: (NEI Internal Use) 805 TF FPWG RATF RIRWG BWROG PWROG Purpose of FAQ:
Clarify the non-power plant operational states that correspond to configurations during which there is a high risk associated with the loss of a KSF. This takes into account the consequences of the loss of a KSF, not just the increased likelihood of the loss of a KSF.
Is this Interpretation of guidance? Yes / No Proposed new guidance not in NEI 04-02? Yes / No Details:
NEI 04-02 guidance needing interpretation (include section, paragraph, and line numbers as applicable):
NEI 04-02 Section 4.3.3 and Appendix F.
Circumstances requiring guidance interpretation or new guidance:
NEI 04-02, Revision 1, Section 4.3.3 states:
The nuclear safety goal of NFPA 805 requires evaluation of the effects of a fire during any operational mode and plant configuration.
Section NEI 04-02 Section 4.3.3 further goes on to provide a strategy that demonstrate[s] that the nuclear safety performance criteria are met for High Risk Evolutions (HREs as defined by NUMARC 91-06) during non-power operational modes The strategy as described was endorsed in Regulatory Guide 1.205. However, the use of the term High Risk Evolutions, as defined in NUMARC 91-06, may not be completely appropriate in this context, and appears to be causing regulatory concern. NUMARC 91-06 defines a High[er] Risk Evolution (HRE) as:
Page 1 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Outage activities, plant configurations or conditions during shutdown where the plant is more susceptible to an event causing the loss of a key safety function.
The point of the strategy should be to evaluate and manage the effects of a fire, but not necessarily when the plant is more susceptible to an event causing the loss of a key safety function (KSF). Rather, the strategy should address configurations during which there is a high risk associated with the loss of a KSF. This takes into account the consequences of the loss of a KSF, not just the increased likelihood of the loss of a KSF.
Therefore, the strategy defined in NEI 04-02 will be based on configurations or Plant Operating States (POS) during an outage where the risk is intrinsically high, and will utilize normal risk management controls, processes and procedures during low risk periods.
Detail contentious points if licensee and NRC have not reached consensus on the facts and circumstances:
Potentially relevant existing FAQ numbers:
Response Section:
Proposed resolution of FAQ and the basis for the proposal:
Many studies have been performed to characterize the risk associated with non-power states. Using Core Damage Frequency (CDF) as a risk metric, it is accepted that most outage configurations or POS are of relatively low risk and that only a few configurations or POS represent a risk near or greater than at-power operations.
NUREG/CR-6143 and NUREG/CR-6144 NUREG/CR-6143 and 6144 document Low Power and Shutdown (LPSD) risk studies performed in the early 1990s. NUREG/CR-6143 evaluated BWR risk using Grand Gulf Unit 1 as the study plant, while NUREG/CR-6144 evaluated PWR risk using Surry Unit 1.
In Phase 1 of the studies, a coarse screening analysis was performed to examine accidents initiated by internal events (including fire and flooding) for all POS. The objective of the Phase 1 study was to identify potentially vulnerable plant configurations, to characterize the potential core damage scenarios and to provide a foundation for a detailed phase 2 analysis.
Page 2 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Based on the results of the Phase 1 study, the Phase 2 analysis focused on POS 5 for BWRs, which covers approximately Cold Shutdown as defined by the Grand Gulf Tech Specs. For PWRs, mid-loop operation was selected as the plant configuration to be analyzed. Thus, it can be seen that these two plant configurations are clearly important with respect to risk during LPSD conditions.
NRC Public LPSD Workshop - 1999 The NRC sponsored a public LPSD workshop in 1999 to gather information regarding LPSD risk. A summary of the results of the workshop and presentations provided by the industry and NRC are contained in Sandia Report SAND99-1815.
Some excerpts are provided below:
Westinghouse Experience and Insights from Shutdown Risk Projects LPSD risk was dominated by events related to low reactor coolant system (RCS) inventory conditions and a few periods of high vulnerability.
Scientech Presentation on Shutdown Risk Monitoring LPSD CDF is less than, but comparable to full-power CDF. In some cases, instantaneous risk may be higher in LPSD than at-power, but only for very short durations. Most of the risk is associated with low inventory conditions early in the outage.
Shutdown Risk Assessment at Seabrook Station The mean CDF is numerically comparable to full-power CDF, although of higher uncertainty. However, estimates for health effects (i.e., Level 3) were negligible. It was recommended that high thermal margin configurations be considered for screening.
CDF from internal events is 88% of total LPSD CDF Loss of RHR with RCS at low level 71%
Loss of RHR with RCS filled 11%
LOCA (RCS Drain down event) 18%
Risk Perspective from EPRI Research and Applications For both BWR and PWR analyses, the LPSD risk is dominated by peak risk periods characterized by relatively high instantaneous risk over short periods of time early during the outage. The risk contribution of these peaks to the entire outage risk was greater than 80%, for both BWRs and PWRs. The dominant contributor to risk is human error (50%).
Page 3 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Example BWR Results Outage Average CDF 4.9E-6/yr Peak CDF 6.1E-5/yr Minimum CDF 4.4E-7/yr Ratio of Peak to Min ~140 Outage Core Damage Probability (cumulative risk) 6.5E-7 Peak Risk Core Damage Probability (CDP) 5.5E-7 Example PWR Results Outage Average CDF 1.8E-4/yr Peak CDF 1.0E-3/yr Minimum CDF 7.0E-7/yr Ratio of Peak to Min ~1400 Outage Core Damage Probability (cumulative risk) 2.2E-5 Peak Risk Core Damage Probability (CDP) 1.9E-5 NRC Shutdown SDP Process Inspection Manual IM0609, Appendix G, describes the NRC Shutdown SDP process. It acknowledges step increases in risk for PWRs when (1) the RCS boundary is breached and the steam generators cannot be used for DHR, and (2) during midloop conditions. For BWRs, it is recognized that a step increase occurs during cold shutdown.
The following simplified POS are defined in IM0609, Appendix G; they will be used to describe the recommended actions with respect to NFPA 805.
PWR [IM0609, Appendix G Attachment 2]
POS 1 - This POS starts when the RHR system is put into service. The RCS is closed such that a steam generator could be used for decay heat removal, if the secondary side of a steam generator is filled. The RCS may have a bubble in the pressurizer. This POS ends when the RCS is vented such that the steam generators cannot sustain core heat removal. This POS typically includes Mode 4 (hot shutdown) and portions of Mode 5 (cold shutdown).
POS 2 - This POS starts when the RCS is vented such that: (1) the steam generators cannot sustain core heat removal and (2) a sufficient vent path exists for feed and bleed. This POS includes portions of Mode 5 (cold shutdown) and Mode 6 Page 4 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications (refueling). Reduced inventory operations and midloop operations with a vented RCS are subsets of this POS.
POS 3 - This POS represents the shutdown condition when the refueling cavity water level is at or above the minimum level required for movement of irradiated fuel assemblies within containment as defined by Technical Specifications. This POS occurs during Mode 6.
BWR [IM0609, Appendix G Attachment 3]
POS 1 - This POS starts when the RHR system is put into service. The vessel head is on and the RCS is closed such that an extended loss of the DHR function without operator intervention could result in a RCS re-pressurization above the shutoff head for the RHR pumps.
POS 2 - This POS represents the shutdown condition when (1) the vessel head is removed and reactor pressure vessel water level is less than the minimum level required for movement of irradiated fuel assemblies within the reactor pressure vessel as defined by Technical Specifications OR (2) a sufficient RCS vent path exists for decay heat removal.
POS 3 - This POS represents the shutdown condition when the reactor pressure vessel water level is equal or greater than the minimum level required for movement of irradiated fuel assemblies within the reactor pressure vessel as define by Technical Specifications. This POS occurs during Mode 5.
Disposition of POS Based on the studies cited above and the understanding that LPSD risk is concentrated in only certain POS, the strategy described in Section 4.3.3 of NEI 04-02 be limited to those high risk POS or configurations. Beyond the high risk POS or configurations, additional analyses or controls are not warranted and normal controls, processes, procedures provide adequate protection.
The disposition of the POS with respect to NFPA 805 risk evaluations are provided in Tables 1 and 2. For other non-power conditions (e.g., PWR Mode 3, BWR Startup Mode 2), it is recommended that the at-power process be used, since it should generally be bounding.
Page 5 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Table 1 - PWR POS Disposition POS / Configuration Disposition Discussion POS 1 with SG Heat Screened In this POS, if SGs are available in addition to Removal Available RHR, significant redundancy and diversity exists for heat removal. Just having inventory in the SGs can provide substantial passive heat removal, providing additional time to recover other heat removal methods.
Inventory control is not generally challenged during this POS.
POS 1 with SG Heat Perform actions per Without SG Heat Removal capability, heat Removal Unavailable NEI 04-02, Section removal is limited to RHR and potentially bleed
[Consider limiting to 4.3.3 and feed. RCS pressurization on loss of heat configurations where removal could render RHR unavailable due to time to core damage is high pressure.
less than 2 hours2.314815e-5 days <br />5.555556e-4 hours <br />3.306878e-6 weeks <br />7.61e-7 months <br /> and/or Activities in this POS often involve changing RCS level is being RCS level. During RCS level changes, the changed] likelihood of loss of inventory control is higher, challenging the inventory control safety function.
POS 2 Perform actions per This is the generally the highest risk NEI 04-02, Section configuration/POS for a PWR. Due to low 4.3.3. inventory, times to core uncovery and damage are low, on the order 2 hours2.314815e-5 days <br />5.555556e-4 hours <br />3.306878e-6 weeks <br />7.61e-7 months <br /> or less.
POS 3 Evaluate potential During this POS, substantial inventory exists to RCS drain paths cope with an extended loss of active heat that could be removal. Times to core damage are often on affected by fire the order of 16 or more hours. However, fire induced RCS draindown events can reduce margins substantially.
Table 2 - BWR POS Disposition POS / Configuration Disposition Discussion POS 1 Perform actions per Inventory control is not generally challenged NEI 04-02. during this POS. However, loss of RHR could lead to a re-pressurized condition and there could be situations where the unavailability of high pressure injections systems from service could limit the mitigation capabilities.
POS 2 Perform actions per This is generally a period of relatively high risk in NEI 04-02. a BWR especially early in the outage when the decay heat is still relatively high.
Page 6 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Table 2 - BWR POS Disposition POS / Configuration Disposition Discussion POS 3 Evaluate potential During this POS, substantial inventory exists to RV drain paths that cope with an extended loss of active heat could be affected by removal. Times to core damage are often on the fire order of 16 or more hours. However, induced RV draindown events can reduce margins substantially.
If appropriate, provide proposed rewording of guidance for inclusion in the next Revision:
See revisions to NEI 04-02 Section 4.3.3 and Appendix F below.
Page 7 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications 4.3.3 Non-Power Operational Modes Transition Review The nuclear safety goal of NFPA 805 requires the evaluation of the effects of a fire during any operational mode and plant configuration. The concept of protection of equipment from the effects of fire during plant shutdown conditions is discussed in NUREG-1449. In general, the underlying concerns are the differences between the functional requirements (i.e. different (or additional) set of systems and components) and time dependencies on decay heat removal system operation during non-power operations and full power operations. The current industry approaches for evaluating risk during shutdown conditions involves both quantitative and qualitative assessments and is based on NEI 93-01 and NUMARC 91-06.
The strategy for additional controls/protection of equipment during non-power operations, for plants adopting NFPA 805, will be based on configurations or Plant Operating States (POS) during the outage where the risk is intrinsically high. The point of the strategy will be to evaluate and manage the risks of a fire, but not necessarily when the plant is more susceptible to an event causing the loss of a key safety function (KSF). Rather, the strategy should address configurations during which there is a high risk associated with the loss of a KSF. This takes into account the consequences of the loss of a KSF, not just the increased likelihood of the loss of a KSF. During periods of low risk normal risk management controls, processes and procedures will be utilized.
Many studies have been performed to characterize the risk associated with non-power states.
Using Core Damage Frequency (CDF) as a risk metric, it is accepted that most outage configurations or POS are of relatively low risk and that only a few configurations or POS represent a risk near or greater than at-power operations. Appendix F contains the evaluation various Plant Operational States and determines those that would require additional protection from the effects of fire during non-power states.
To demonstrate that the nuclear safety performance criteria are met for the required POSs (HREs as defined by NUMARC 91-06) during non-power operational modes, the following strategy is recommended:
Review existing plant outage processes (outage management and outage risk assessments) to determine equipment relied upon to provide Key Safety Functions (KSF) including support functions during the required Plant Operational States (See Appendix F). Each outage evolution identifies the diverse methods of achieving the KSF. For example to achieve the Decay Heat Removal KSF a plant may credit DHR Train A, DHR Train B, HPI Train A, HPI Train B, and Gravity Feed and Chemical and Volume Control.
Compare the equipment credited for achieving these KSFs against the equipment credited for nuclear safety. Note the position/function for the component. For example, the traditional nuclear safety analysis (Appendix R analysis) may credit the valve in the closed position however; the valve may be required open for shutdown modes of operation.
For those components not already credited (or credited in a different way e.g., on versus off, open versus closed, etc.) analyze the circuits in accordance with the nuclear safety methodology.
Page 8 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Identify locations where 1) fires may cause damage to the equipment (and cabling) credited above, or 2) recovery actions credited for the KSF are performed (for those KSFs KFSs that are achieved solely by recovery action, i.e., alignment of gravity feed).
Identify fire areas where a single fire may damage all the credited paths for a KSF during the required plant operational state. This may include fire modeling to determine if a postulated fire (MEFS - LFS) would be expected to damage required equipment.
For those areas consider combinations of the following options to reduce fire risk depending upon the significance of the potential damage:
o Prohibition or limitation of hot work in fire areas during periods of increased vulnerability o Verification of operable detection and /or suppression in the vulnerable areas.
o Prohibition or limitation of combustible materials in fire areas during periods of increased vulnerability o Provision of additional fire patrols at periodic intervals or other appropriate compensatory measures (such as surveillance cameras) during increased vulnerability o Use of recovery actions to mitigate potential losses of key safety functions.
o Identification and monitoring insitu ignition sources for fire precursors (e.g., equipment temperatures).
NUMARC 91-06 discusses the development of outage plans and schedules. And that a key element of that process is to ensure the KFSs KSFs perform as needed during the various outage evolutions. The results of the fire area analysis of those components relied upon to maintain defense in depth should be factored into the plants existing outage planning process.
It is important to note that shutdown PRAs do not exist at this time.
Appendix F provides details of the evaluation of Plant Operational States and provides examples of this process and the documentation requirements anticipated.
=========================================================
F. Considerations for Non-Power Operational Modes F.1 Determination of Plant Operational States Requiring Additional Protection/Controls During Non-Power During an Outage To begin the process of assessing the fire protection requirements for non-power modes of operation discussions should be held between the Probabilistic Risk Assessment (PRA) Staff, the Fire Protection, and the Outage Management staff to determine the best way to integrate NFPA 805 fire protection aspects into existing Outage Management Processes.
The current industry approaches for evaluating risk during shutdown conditions involves both quantitative and qualitative assessments and is based on NEI 93-01 and NUMARC 91-06. The point of the strategy defined in NEI 04-02 will be to evaluate and manage the risk of a fire and not Page 9 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications necessarily identify when the plant is more susceptible to an event causing the loss of a key safety function (KSF). Rather, the strategy will address configurations during which there is a high risk associated with the loss of a KSF. This takes into account the consequences of the loss of a KSF, not just the increased likelihood of the loss of a KSF.
Therefore, the strategy defined in NEI 04-02 will be based on configurations or Plant Operating States (POS) during an outage where the risk is intrinsically high, and will utilize normal risk management controls, processes and procedures during low risk periods.
Many studies have been performed to characterize the risk associated with non-power states. Using Core Damage Frequency (CDF) as a risk metric, it is accepted that most outage configurations or POS are of relatively low risk and that only a few configurations or POS represent a risk near or greater than at-power operations.
NUREG/CR-6143 and NUREG/CR-6144 NUREG/CR-6143 and 6144 document Low Power and Shutdown (LPSD) risk studies performed in the early 1990s. NUREG/CR-6143 evaluated BWR risk using Grand Gulf Unit 1 as the study plant, while NUREG/CR-6144 evaluated PWR risk using Surry Unit 1.
In Phase 1 of the studies, a coarse screening analysis was performed to examine accidents initiated by internal events (including fire and flooding) for all POS. The objective of the Phase 1 study was to identify potentially vulnerable plant configurations, to characterize the potential core damage scenarios and to provide a foundation for a detailed phase 2 analysis.
Based on the results of the Phase 1 study, the Phase 2 analysis focused on POS 5 for BWRs, which covers approximately Cold Shutdown as defined by the Grand Gulf Tech Specs. For PWRs, mid-loop operation was selected as the plant configuration to be analyzed. Thus, it can be seen that these two plant configurations are clearly important with respect to risk during LPSD conditions.
NRC Public LPSD Workshop - 1999 The NRC sponsored a public LPSD workshop in 1999 to gather information regarding LPSD risk.
A summary of the results of the workshop and presentations provided by the industry and NRC are contained in Sandia Report SAND99-1815. Some excerpts are provided below:
Westinghouse Experience and Insights from Shutdown Risk Projects LPSD risk was dominated by events related to low reactor coolant system (RCS) inventory conditions and a few periods of high vulnerability.
Scientech Presentation on Shutdown Risk Monitoring LPSD CDF is less than, but comparable to full-power CDF. In some cases, instantaneous risk may be higher in LPSD than at-power, but only for very short durations. Most of the risk is associated with low inventory conditions early in the outage.
Page 10 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Shutdown Risk Assessment at Seabrook Station The mean CDF is numerically comparable to full-power CDF, although of higher uncertainty.
However, estimates for health effects (i.e., Level 3) were negligible. It was recommended that high thermal margin configurations be considered for screening.
CDF from internal events is 88% of total LPSD CDF Loss of RHR with RCS at low level 71%
Loss of RHR with RCS filled 11%
LOCA (RCS Drain down event) 18%
Risk Perspective from EPRI Research and Applications For both BWR and PWR analyses, the LPSD risk is dominated by peak risk periods characterized by relatively high instantaneous risk over short periods of time early during the outage. The risk contribution of these peaks to the entire outage risk was greater than 80%, for both BWRs and PWRs. The dominant contributor to risk is human error (50%).
Example BWR Results Outage Average CDF 4.9E-6/yr Peak CDF 6.1E-5/yr Minimum CDF 4.4E-7/yr Ratio of Peak to Min ~140 Outage Core Damage Probability (cumulative risk) 6.5E-7 Peak Risk Core Damage Probability (CDP) 5.5E-7 Example PWR Results Outage Average CDF 1.8E-4/yr Peak CDF 1.0E-3/yr Minimum CDF 7.0E-7/yr Ratio of Peak to Min ~1400 Outage Core Damage Probability (cumulative risk) 2.2E-5 Peak Risk Core Damage Probability (CDP) 1.9E-5 NRC Shutdown SDP Process Inspection Manual IM0609, Appendix G, describes the NRC Shutdown SDP process. It acknowledges step increases in risk for PWRs when (1) the RCS boundary is breached and the steam generators cannot be used for DHR, and (2) during midloop conditions. For BWRs, it is recognized that a step increase occurs during cold shutdown.
Page 11 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications The following simplified POS are defined in IM0609, Appendix G; they will be used to describe the recommended actions with respect to NFPA 805.
PWR [IM0609, Appendix G Attachment 2]
POS 1 - This POS starts when the RHR system is put into service. The RCS is closed such that a steam generator could be used for decay heat removal, if the secondary side of a steam generator is filled. The RCS may have a bubble in the pressurizer. This POS ends when the RCS is vented such that the steam generators cannot sustain core heat removal. This POS typically includes Mode 4 (hot shutdown) and portions of Mode 5 (cold shutdown).
POS 2 - This POS starts when the RCS is vented such that: (1) the steam generators cannot sustain core heat removal and (2) a sufficient vent path exists for feed and bleed. This POS includes portions of Mode 5 (cold shutdown) and Mode 6 (refueling). Reduced inventory operations and midloop operations with a vented RCS are subsets of this POS.
POS 3 - This POS represents the shutdown condition when the refueling cavity water level is at or above the minimum level required for movement of irradiated fuel assemblies within containment as defined by Technical Specifications. This POS occurs during Mode 6.
BWR [IM0609, Appendix G Attachment 3]
POS 1 - This POS starts when the RHR system is put into service. The vessel head is on and the RCS is closed such that an extended loss of the DHR function without operator intervention could result in a RCS re-pressurization above the shutoff head for the RHR pumps.
POS 2 - This POS represents the shutdown condition when (1) the vessel head is removed and reactor pressure vessel water level is less than the minimum level required for movement of irradiated fuel assemblies within the reactor pressure vessel as defined by Technical Specifications OR (2) a sufficient RCS vent path exists for decay heat removal.
POS 3 - This POS represents the shutdown condition when the reactor pressure vessel water level is equal or greater than the minimum level required for movement of irradiated fuel assemblies within the reactor pressure vessel as define by Technical Specifications. This POS occurs during Mode 5.
Disposition of POS Based on the studies cited above and the understanding that LPSD risk is concentrated in only certain POS, the strategy described in Section 4.3.3 of NEI 04-02 be limited to those high risk POS or configurations. Beyond the high risk POS or configurations, additional analyses or controls are not warranted and normal controls, processes, procedures provide adequate protection.
Page 12 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications The disposition of the POS with respect to NFPA 805 risk evaluations are provided in Tables 1 and 2. For other non-power conditions (e.g., PWR Mode 3, BWR Startup Mode 2), it is recommended that the normal risk management controls, processes and procedures be used.
Table 1 - PWR POS Disposition POS / Configuration Disposition Discussion POS 1 with SG Heat Screened In this POS, if SGs are available in addition to Removal Available RHR, significant redundancy and diversity exists for heat removal. Just having inventory in the SGs can provide substantial passive heat removal, providing additional time to recover other heat removal methods.
Inventory control is not generally challenged during this POS.
POS 1 with SG Heat Perform actions per Without SG Heat Removal capability, heat Removal Unavailable NEI 04-02, Section removal is limited to RHR and potentially bleed
[Consider limiting to 4.3.3 and feed. RCS pressurization on loss of heat configurations where removal could render RHR unavailable due to time to core damage is high pressure.
less than 2 hours2.314815e-5 days <br />5.555556e-4 hours <br />3.306878e-6 weeks <br />7.61e-7 months <br /> and/or Activities in this POS often involve changing RCS level is being RCS level. During RCS level changes, the changed] likelihood of loss of inventory control is higher, challenging the inventory control safety function.
POS 2 Perform actions per This is the generally the highest risk NEI 04-02, Section configuration/POS for a PWR. Due to low 4.3.3. inventory, times to core uncovery and damage are low, on the order 2 hours2.314815e-5 days <br />5.555556e-4 hours <br />3.306878e-6 weeks <br />7.61e-7 months <br /> or less.
POS 3 Evaluate potential During this POS, substantial inventory exists to RCS drain paths cope with an extended loss of active heat that could be removal. Times to core damage are often on affected by fire the order of 16 or more hours. However, fire induced RCS draindown events can reduce margins substantially.
Table 2 - BWR POS Disposition POS / Configuration Disposition Discussion POS 1 Perform actions per Inventory control is not generally challenged NEI 04-02. during this POS. However, loss of RHR could lead to a re-pressurized condition and there could be situations where the unavailability of high pressure injections systems from service could limit the mitigation capabilities.
POS 2 Perform actions per This is generally a period of relatively high risk in NEI 04-02. a BWR especially early in the outage when the decay heat is still relatively high.
Page 13 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Table 2 - BWR POS Disposition POS / Configuration Disposition Discussion POS 3 Evaluate potential During this POS, substantial inventory exists to RV drain paths that cope with an extended loss of active heat could be affected by removal. Times to core damage are often on the fire order of 16 or more hours. However, induced RV draindown events can reduce margins substantially.
F.1 Methodology To transition to the NFPA 805 Licensing Basis, the licensee must demonstrate that the nuclear safety performance criteria are met for the required POSs. To accomplish this objective the following tasks should be performed. These should be documented using Table F-1.
Review existing plant outage processes (outage management and outage risk assessments) to determine equipment relied upon to provide Key Safety Functions (KSF) including support functions during the required POSs. Each outage evolution identifies the diverse methods of achieving the KSF. For example to achieve the Decay Heat Removal KSF a plant may credit DHR Train A, DHR Train B, HPI Train A, HPI Train B, and Gravity Feed and Chemical and Volume Control.
Compare the equipment credited for achieving these KSFs against the equipment credited for nuclear safety. Note the position/function for the component. For example, the existing nuclear safety analysis (Appendix R analysis) may credit the valve in the closed position however; the valve may be required open for shutdown modes of operation.
For those components not already credited (or credited in a different way e.g., on versus off, open versus closed, etc.) analyze the circuits in accordance with the nuclear safety methodology.
Identify locations where 1) fires may cause damage to the equipment (and cabling) credited above, or 2) recovery actions credited for the KSF are performed (for those KFS KSFs that are achieved solely by recovery action, i.e., alignment of gravity feed).
Identify fire areas where a single fire may damage all the credited paths for a KSF. This may include fire modeling to determine if a postulated fire (MEFS - LFS) would be expected to damage required equipment.
For those areas consider combinations of the following options to reduce fire risk depending upon the significance of the potential damage:
o Prohibition or limitation of hot work in fire areas during periods of increased vulnerability o Verification of operable detection and /or suppression in the vulnerable areas.
o Prohibition or limitation of combustible materials in fire areas during periods of increased vulnerability Page 14 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications o Provision of additional fire patrols at periodic intervals or other appropriate compensatory measures (such as surveillance cameras) during increased vulnerability o Use of recovery actions to mitigate potential losses of key safety functions.
o Identification and monitoring insitu ignition sources for fire precursors (e.g., equipment temperatures).
NUMARC 91-06 discusses the development of outage plans and schedules. And that a key element of that process is to ensure the KFS KSFs perform as needed during the various outage evolutions. The results of the fire area analysis of those components relied upon to maintain defense in depth should be factored into the plants existing outage planning process.
It is important to note the evaluation of the plant during non-operational modes is qualitatively risk-informed at this time pending the development of shutdown PRAs.
Page 15 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Table F-1 NFPA 805 - Non-Power Operational Guidance NFPA 805 Requirements Implementing Guidance Process and Results The nuclear safety goal is to provide reasonable Review existing plant outage processes List the KSFs and the systems / components assurance that a fire during any operational mode (outage management and outage risk required to support those function.
and plant configuration will not prevent the plant assessments) to determine equipment relied Identify those systems / components that from achieving and maintaining the fuel in a safe upon to provide Key Safety Functions (KSF) require additional analyses. For example, a and stable condition. including support functions during required KFSKSF may rely on instrumentation that is Plant Operational States. Each outage currently not part of the Safe Shutdown evolution identifies the diverse methods of Analysis, or a component may have been achieving the KSF. For example to achieve modeled in one position (closed, off, etc.) but to the Decay Heat Removal KSF a plant may support the KFSKSF it would need to be credit DHR Train A, DHR Train B, HPI Train evaluated in an additional positions (open, on, A, HPI Train B, and Gravity Feed and etc.)
Chemical and Volume Control. For those additional components, perform circuit analysis, location tasks described in Appendix B of NFPA 805. Document the results.
Identify locations where 1) fires may cause Evaluate on a fire area basis the loss of damage to the equipment (and cabling) KFSKSF s. Document those areas credited above, or 2) recovery actions credited for the KSF are performed (for those KFSKSFs that are achieved solely by recovery action i.e., alignment of gravity feed).
Identify fire areas where a single fire may For the areas identified above, determine if a damage all the credited paths for a KSF. This single fire in the area can cause a loss of all may include fire modeling to determine if a credited paths for a KFSKSF.
postulated fire (MEFS - LFS) would be Conservatively, assume the entire contents of a expected to damage equipment required. fire area are lost. If this does not result in the loss of all credited paths for a KFSKSF, document success.
If fire modeling is used to limit the damage in a fire area, document that fire modeling is credited and ensure the basis for acceptability of that model (location, type, and quantity of Page 16 of 17 faq 07-0040 non-power operations clarification rev 0.doc
FAQ Number 07-0040 FAQ Revision 0 FAQ Title Non-Power Operations Clarifications Table F-1 NFPA 805 - Non-Power Operational Guidance NFPA 805 Requirements Implementing Guidance Process and Results combustible, etc.) is documented. These critical design inputs are required to be maintained during outage modes. See next step below.
For those areas consider one or more of the Integrate the results of the analysis performed following options to mitigate potential fire above into the plants outage management damage depending upon the significance of process.
the potential damage: To the extent practical pre-plan the options for o Prohibition or limitation of hot work in achieving the KFSKSF. See list to the left.
fire areas during periods of increased vulnerability o Verification of operable detection and /or suppression in the vulnerable areas.
o Prohibition or limitation of combustible materials in fire areas during periods of increased vulnerability o Provision of additional fire patrols at periodic intervals or other appropriate compensatory measures (such as surveillance cameras) during increased vulnerability o Use of recovery actions to mitigate potential losses o Identification and monitoring insitu ignition sources for fire precursors (e.g., equipment temperatures).
Page 17 of 17 faq 07-0040 non-power operations clarification rev 0.doc