ML081840534
| ML081840534 | |
| Person / Time | |
|---|---|
| Site: | Diablo Canyon  |
| Issue date: | 06/20/2008 |
| From: | Afzali A Pacific Gas & Electric Co |
| To: | Office of Nuclear Reactor Regulation |
| Shared Package | |
| ML081840360 | List: |
| References | |
| NFPA 805 | |
| Download: ML081840534 (15) | |
Text
11 NFPA 805 Public Workshop NFPA 805 Public Workshop Non Non--pilot Fire PRA Transition Experiences pilot Fire PRA Transition Experiences June 19 & 20 June 19 & 20 Bethesda, Maryland Bethesda, Maryland Risk Assessment Process in Support of Change Risk Assessment Process in Support of Change Evaluation Evaluation Amir Afzali Amir Afzali Diablo Canyon Power Plant Diablo Canyon Power Plant
22 Change Evaluation Risk Change Evaluation Risk Assessment Assessment Scope Scope To present a To present a process for the determination of process for the determination of delta risk (defined in terms of CDF and LERF) delta risk (defined in terms of CDF and LERF) in support of change evaluation.
in support of change evaluation.
Contributors:
Contributors:
Diablo Canyon Power Plant (Amir Afzali, John Diablo Canyon Power Plant (Amir Afzali, John Pyo Pyo, Nathan Barber)
, Nathan Barber)
Scientech Scientech EPM EPM
33 Definitions Definitions
Risk Informed/Performance Based (RIPB)
Risk Informed/Performance Based (RIPB)
Compliance Strategy Compliance Strategy-- Includes non Includes non--approved approved strategies/features in the CLB and/or non strategies/features in the CLB and/or non--deterministic criteria deterministic criteria that can be demonstrated to provide adequate protection under that can be demonstrated to provide adequate protection under the NFPA 805 licensing basis using performance the NFPA 805 licensing basis using performance--based/risk based/risk--
informed methods informed methods-- e.g e.g,,
An AFW pump power cable associated with decay heat removal An AFW pump power cable associated with decay heat removal which has only a 1 hr wrap but no automatic fire suppression which has only a 1 hr wrap but no automatic fire suppression protection protection
A charging injection motor operated valve associated with the A charging injection motor operated valve associated with the inventory control safety function which may spuriously close a inventory control safety function which may spuriously close and has nd has been resolved by a non been resolved by a non--approved manual recovery action approved manual recovery action
44 Definitions Definitions (Cont.)
(Cont.)
A A RIPB Compliance Set RIPB Compliance Set-- Represents a group of safe Represents a group of safe shutdown strategy features which are to be addressed within a shutdown strategy features which are to be addressed within a single change evaluation.
single change evaluation.
A A Post Post--Transition Safe Shutdown Strategy Transition Safe Shutdown Strategy-- Represents the Represents the plant configuration together with those credited manual actions plant configuration together with those credited manual actions which can be demonstrated to provide adequate protection which can be demonstrated to provide adequate protection under the NFPA 805 licensing basis through compliance with under the NFPA 805 licensing basis through compliance with the required deterministic or risk the required deterministic or risk--informed/performance informed/performance--based based criteria.
criteria.
A A Virtual Deterministic Virtual Deterministic Compliance Strategy Compliance Strategy-- represents a represents a virtual plant configuration where, together with approved or virtual plant configuration where, together with approved or allowed manual actions and all approved exemptions or allowed manual actions and all approved exemptions or deviations, would meet a NFPA deviations, would meet a NFPA--805 prescriptive compliance 805 prescriptive compliance criteria for a particular safety function within a given fire ar criteria for a particular safety function within a given fire area.
ea.
55 Risk Assessment Steps Risk Assessment Steps
Step 1. Develop a Preliminary Post Transition Fire Risk Step 1. Develop a Preliminary Post Transition Fire Risk Model and Quantify the Risk for Each Fire Area Model and Quantify the Risk for Each Fire Area 1.1 1.1 For each fire area, analyze the safe shutdown compliance strateg For each fire area, analyze the safe shutdown compliance strategies based on ies based on the prescriptive requirements of the NFPA the prescriptive requirements of the NFPA--805 standard, including multiple 805 standard, including multiple spurious actuation requirements, identifying functions that do n spurious actuation requirements, identifying functions that do not meet the ot meet the prescriptive requirements.
prescriptive requirements.
1.2 1.2 For each safety function in an area, identify potential RIPB str For each safety function in an area, identify potential RIPB strategy that could ategy that could be/is credited to address the non be/is credited to address the non--compliance issue for the function. These may compliance issue for the function. These may include newly identified strategies (e.g., non include newly identified strategies (e.g., non--approved operator action that may approved operator action that may be credited to respond to a potential MSO) or an existing one (e be credited to respond to a potential MSO) or an existing one (e.g., an existing
.g., an existing non non--approved operator action).
approved operator action).
1.3 1.3 Develop a preliminary transition fire risk model. This risk mode Develop a preliminary transition fire risk model. This risk model represents all l represents all passive and active safe shutdown strategies and features that ar passive and active safe shutdown strategies and features that are credited in e credited in the pre the pre--transition program plus any required enhancements that may have transition program plus any required enhancements that may have been been identified to address safe shutdown issues following completion identified to address safe shutdown issues following completion of Step 1.2.
of Step 1.2.
1.4 1.4 Quantify and assess the preliminary post transition model develo Quantify and assess the preliminary post transition model developed in Step 1.3 ped in Step 1.3 to identify those safe shutdown strategies/features that are of to identify those safe shutdown strategies/features that are of very low risk very low risk--
significance.
significance.
1.5.
1.5. Based on the results of Step 1.4, by eliminating low Based on the results of Step 1.4, by eliminating low--risk significant features, risk significant features, refine the preliminary post transition safe shutdown model and r refine the preliminary post transition safe shutdown model and ree--quantify. This quantify. This model will be used to evaluate the RIPB compliance risk for each model will be used to evaluate the RIPB compliance risk for each fire area.
fire area.
66 Risk Assessment Steps (Cont.)
Risk Assessment Steps (Cont.)
Step 2. Develop and Quantify the Virtual Step 2. Develop and Quantify the Virtual Deterministic Compliance Risk Model for Each Deterministic Compliance Risk Model for Each Fire Area and Safety Function Fire Area and Safety Function 2.1 For each fire area, using results of step 1.2, identify 2.1 For each fire area, using results of step 1.2, identify the changes which would be required to achieve a the changes which would be required to achieve a prescriptive compliance for each safety function prescriptive compliance for each safety function individually.
individually.
2.2 Treating each safety function separately, modify the 2.2 Treating each safety function separately, modify the preliminary post transition risk model developed in preliminary post transition risk model developed in Step 1.5, assuming the changes identified in Step Step 1.5, assuming the changes identified in Step 2.1 are in place and quantify the fire area risk in 2.1 are in place and quantify the fire area risk in terms of CDF and LERF.
77 Risk Assessment Steps Risk Assessment Steps (Cont.)
(Cont.)
Step 3. Determine the Change in Risk Step 3. Determine the Change in Risk 3.1 3.1 Calculate the change in risk for a safety function Calculate the change in risk for a safety function change set change set by subtracting the by subtracting the CDF/LERF estimate derived for the RIPB compliant strategy obtain CDF/LERF estimate derived for the RIPB compliant strategy obtained in Step ed in Step 1.5 from the fire area CDF/LERF estimates obtained from the virt 1.5 from the fire area CDF/LERF estimates obtained from the virtual ual deterministic compliant area derived in Step 2.2.
deterministic compliant area derived in Step 2.2.
3.2 3.2 Repeat Step 3.1` for each function in an area.
Repeat Step 3.1` for each function in an area.
3.3 Obtain the total change in risk for each fire area by sum 3.3 Obtain the total change in risk for each fire area by summing up the results ming up the results obtained for each safety function in Step 3.2. This is the chang obtained for each safety function in Step 3.2. This is the change evaluation e evaluation delta CDF and LERF result to be compared with the RG1.174 criter delta CDF and LERF result to be compared with the RG1.174 criteria ia 3.4 3.4 If the change in risk derived in step 3 is smaller than RG1.174 If the change in risk derived in step 3 is smaller than RG1.174 criteria then the criteria then the "RIPB strategies/features "RIPB strategies/features is (are) acceptable means of NFPA 805 compliance.
is (are) acceptable means of NFPA 805 compliance.
If the change is risk is not acceptable, then address in Step 4.
If the change is risk is not acceptable, then address in Step 4.
3.5 3.5 Repeat Steps 3.1 through 3.4 for each fire area and safety funct Repeat Steps 3.1 through 3.4 for each fire area and safety function and ion and identify all potential strategies/features that either meet the identify all potential strategies/features that either meet the prescriptive prescriptive requirements or the "non requirements or the "non--prescriptive" compliance requirements prescriptive" compliance requirements
88 Risk Assessment Steps (Cont.)
Risk Assessment Steps (Cont.)
Step 4. Re Step 4. Re--evaluate Deterministic evaluate Deterministic Compliance and Post Transition Risk Model Compliance and Post Transition Risk Model--
4.1 Propose enhancements to the preliminary 4.1 Propose enhancements to the preliminary transition strategy. If such enhancements transition strategy. If such enhancements would result in compliance with the NFPA would result in compliance with the NFPA deterministic criteria then no further action is deterministic criteria then no further action is required.
required.
4.2 If not then repeat steps 2.2, 3.1, 3.3, 3.4 4.2 If not then repeat steps 2.2, 3.1, 3.3, 3.4 and 4.1 until fire area is RIPB compliant.
and 4.1 until fire area is RIPB compliant.
99 Example Example
Unit 1 12 kV Switchgear Room Unit 1 12 kV Switchgear Room--
Step 1 Results:
Step 1 Results:
Affected Safety Function Affected Safety Function -- Electrical Support Electrical Support-- Potential unavailability of Potential unavailability of offsite power and all three offsite power and all three EDGs EDGs (due to fire (due to fire--induced cable damage).
induced cable damage).
Current Safe Shutdown Strategy Current Safe Shutdown Strategy-- Operator manual action to verify S/U Operator manual action to verify S/U feeder breaker is open and manually align two feeder breaker is open and manually align two EDGs EDGs..
Detailed fire modeling identified no credible fire scenario wher Detailed fire modeling identified no credible fire scenario where more than e more than one EDG would be inoperable (Since there is no exposed combustib one EDG would be inoperable (Since there is no exposed combustible in the le in the compartment none of the fires propagate outside of the switchgea compartment none of the fires propagate outside of the switchgear cabinets r cabinets although inter cabinet propagation is possible. Furthermore due although inter cabinet propagation is possible. Furthermore due to the size to the size of the room and large ventilation pathways, hot gas layer format of the room and large ventilation pathways, hot gas layer formation will not ion will not occur even in the event of multiple cabinets being affected).
occur even in the event of multiple cabinets being affected).
Current Safe Shutdown Operator action can potentially be elimina Current Safe Shutdown Operator action can potentially be eliminated.
ted.
CDF is calculated for the following scenarios:
CDF is calculated for the following scenarios:
Full area burn up Full area burn up-- Assuming non Assuming non--recoverable LOOP, loss of all EDG, and loss of recoverable LOOP, loss of all EDG, and loss of recovery action (HEP = 1.0), CDF = 7.6E recovery action (HEP = 1.0), CDF = 7.6E--3 per year 3 per year
Detailed area analysis Detailed area analysis-- Assuming non Assuming non--recoverable LOOP, loss of one EDG at a recoverable LOOP, loss of one EDG at a time (with no recovery of the lost EDG), CDF = 1.2E time (with no recovery of the lost EDG), CDF = 1.2E--5 per year 5 per year
10 10 Example Example Unit 1 12 kV Switchgear Room Unit 1 12 kV Switchgear Room--
Step 2 Results:
Step 2 Results:
Virtual deterministic compliance strategy was to exclude Virtual deterministic compliance strategy was to exclude cables which prevent EDG start and load.
cables which prevent EDG start and load.
CDF is calculated a non CDF is calculated a non--recoverable LOOP, loss of one recoverable LOOP, loss of one EDG. CDF = 1.2 E EDG. CDF = 1.2 E--5 per year 5 per year (note that this is the same as (note that this is the same as the detailed analysis results) the detailed analysis results)
Step 3 Results:
Step 3 Results: CDF (between the virtual case CDF (between the virtual case and the detailed model case) = 0 and the detailed model case) = 0 Currently credited manual action is a candidate to be Currently credited manual action is a candidate to be eliminated from the Post Transition fire protection eliminated from the Post Transition fire protection program.
program.
11 11 An Actual Unit 1 12 kV Switchgear Room An Actual Unit 1 12 kV Switchgear Room Fire Fire-- LER 200 LER 200--004 004 On May 15, 2000, Diablo Canyon Unit 1 experienced an On May 15, 2000, Diablo Canyon Unit 1 experienced an electrical short and fire in a 12kV bus duct which resulted in a electrical short and fire in a 12kV bus duct which resulted in a turbine trip and a reactor trip.
turbine trip and a reactor trip.
The electrical fire damaged the class 2 4kV bus The electrical fire damaged the class 2 4kV bus ducts ducts and both and both sources of offsite power were unavailable to the sources of offsite power were unavailable to the vital vital 4kV system 4kV system in Unit 1.
in Unit 1.
The emergency diesel generators started and loaded properly, The emergency diesel generators started and loaded properly, supplying power to the vital 4kV buses and their associated supplying power to the vital 4kV buses and their associated equipment. All Unit 1 emergency equipment had power.
equipment. All Unit 1 emergency equipment had power.
Unit 1 buses were powered from the offsite power by Unit 1 buses were powered from the offsite power by backfeeding backfeeding from the 500kV system approximately 33 hours3.819444e-4 days <br />0.00917 hours <br />5.456349e-5 weeks <br />1.25565e-5 months <br /> from the 500kV system approximately 33 hours3.819444e-4 days <br />0.00917 hours <br />5.456349e-5 weeks <br />1.25565e-5 months <br /> later. However, DCPP had concluded that the offsite power to later. However, DCPP had concluded that the offsite power to the emergency buses could have been recovered in about 6 the emergency buses could have been recovered in about 6 hours6.944444e-5 days <br />0.00167 hours <br />9.920635e-6 weeks <br />2.283e-6 months <br />.
hours.
Unit 2 remained at 100% power throughout the event.
Unit 2 remained at 100% power throughout the event.
12 12 An Actual Unit 1 12 kV Switchgear Room An Actual Unit 1 12 kV Switchgear Room Fire Fire-- LER 200 LER 200--004 004
13 13 An Actual Unit 1 12 kV Switchgear Room An Actual Unit 1 12 kV Switchgear Room Fire Fire-- LER 200 LER 200--004 004
14 14 An Actual Unit 1 12 kV Switchgear Room An Actual Unit 1 12 kV Switchgear Room Fire Fire-- LER 200 LER 200--004 004
15 15 An Actual Unit 1 12 kV Switchgear Room Fire An Actual Unit 1 12 kV Switchgear Room Fire--
LER 200 LER 200--004 004
. Estimated
Turbine Trip = 1.834E Turbine Trip = 1.834E--05 05 LOSP Sensitivity = 7.17E LOSP Sensitivity = 7.17E--05 05 Translates to (at worst case) to about 5.5E Translates to (at worst case) to about 5.5E--7 per year 7 per year Differences between actual and postulated events Differences between actual and postulated events Turbine trip Initiating event Turbine trip Initiating event vs vs LOOP Initiating Event LOOP Initiating Event No damage to No damage to EDGs EDGs vs vs damage at least to one EDG damage at least to one EDG Recoverable consequential loss of power to emergency Recoverable consequential loss of power to emergency bosses bosses vs vs non recoverable one non recoverable one