ML090130150

From kanterella
Jump to navigation Jump to search
Maintenance Rule Guidance, NUMARC 93-01
ML090130150
Person / Time
Site: Nuclear Energy Institute
Issue date: 07/06/2006
From: Butler J
Nuclear Energy Institute
To:
NRC/CRGR, Nuclear Energy Institute
Shared Package
ML090130147 List:
References
Download: ML090130150 (8)
v  d  e


Text

NUCLEAR ENERGY INSTITUTE John C. Butler DIRECTOR, SAFETY FOCUSED REGULATION NUCLEAR GENERATION DIVISION July 6, 2006 To: NEI Administrative Points of Contact

Subject:

Maintenance Rule Guidance This letter provides an update of industry plans to revise NUMARC 93-01, the maintenance rule implementation guidance. Enclosure 1 is a draft revision to Appendix B of NUMARC 93-01 on the definition of unavailability. Enclosure 2 is draft guidance on the consideration of fire risk during the assessment and management of the plant configuration risk due to maintenance activities. These topics are further discussed below. Please forward this information to the personnel in your organization responsible for maintenance rule implementation.

Definition of Unavailability The industry began implementation of the mitigating systems performance index (MSPI) in April. One of the factors that drove the development of MSPI was a desire to consolidate data reporting for different applications through a common definition of unavailability. NEI 99-02, Revision 4, Regulatory Assessment Performance Indicator Guideline, establishes the desired definition of unavailability. Enclosure 1 provides the corresponding proposed revision to the definition of unavailability in Appendix B of NUMARC 93-01. This revision would provide for monitoring of unavailability during critical hours only, and would allow for short periods of unavailability without reporting.

The proposed revision to NUMARC 93-01 will be provided to NRC for endorsement through a regulatory guide. Until that endorsement, licensees should continue their existing maintenance rule program for monitoring unavailability. NRC may seek other revisions to the regulatory guide, e.g.,

clarification of the maintenance rule scoping criteria relative to emergency operating procedures. We will ensure that proposed revisions to the regulatory guide receive appropriate review by stakeholders.

1776 I STREET, NW SUITE 400 W ASHINGTON, DC 20006-3708 PHONE 202.739.8108 FAX 202.533.0113 jcb@nei.org

NEI Administrative Points of Contact July 6, 2006 Page 2 Consideration of Fire Risk In 1999, the NRC promulgated 10 CFR 50.65(a)(4), the requirement to assess and manage risk due to maintenance activities. Neither the rule nor its Statement of Considerations was explicit with regard to fire risk. Section 11 of NUMARC 93-01, Revision 3, provides guidance relative to paragraph (a)(4), and was endorsed by NRC Regulatory Guide 1.182 in May 2000. At that time, NRC did not state that consideration of fire risk was required. This was due to limitations in fire risk analysis methods, as well as the recognition that existing fire protection programs already contain compensatory measures to address increased fire risk due to work activities, as well as to compensate for non-functional fire detection, suppression, and barriers.

Over the past two years, NRC has begun to cite violations against some licensee programs for the failure to consider fire risk in (a)(4) assessments. We believe this enforcement action was inappropriate, and that NRC should follow established regulatory processes (i.e., complete a regulatory analysis to address value and impact) to justify inclusion of fire risk in (a)(4) assessments on a generic basis.

Nonetheless, we believe fire cannot generally be dismissed as an insignificant risk contributor, and that NRC will be able to justify inclusion of fire risk in (a)(4) assessments. Thus, we have developed draft guidance for consideration of fire risk in (a)(4) activities, which is provided as Enclosure 2 for your information. This guidance has been reviewed by industry PRA and fire protection personnel. It is relatively straightforward, qualitative guidance focused on the removal of safe shutdown equipment from service. While we recommend that you consider the draft guidance for incorporation into your current (a)(4) program, its use is optional. If and when NRC completes a regulatory analysis justifying the inclusion of fire risk in (a)(4) activities, our intent is to propose the draft guidance as a revision to Section 11 of NUMARC 93-01 for NRC endorsement.

If you have any questions or comments regarding our approach discussed above or on either of the enclosures, please contact me at (202) 739-8108, jcb@nei.org, or Biff Bradley at (202) 739-8083, reb@nei.org .

Sincerely, John C. Butler Enclosures DRAFT Draft Revision to Appendix B of NUMARC 93-01, R3, for consistency with MSPI Unavailability, SSC (for purposes of availability or reliability calculation):

Unavailability is defined as follows:

planned unavailable hours + unplanned unavailable hours reactor critical operational hours*

Note 1: Licensees should ensure that performance criteria associated with unavailability monitoring correctly reflect the exclusion of unavailability during reactor non-critical hours.

Note 2: This definition of unavailability is not intended for direct applicability to the configuration assessment required by 10 CFR 50.65(a)(4).

Unavailability is considered in two cases:

1) Maintenance activitiesSSCs that are tagged out Equipment SSCs out of service (e.g.that are tagged) out for corrective or preventive maintenance is are considered unavailable. Support system unavailability may be counted against either the support system, or the front line systems served by the support system. The treatment of support system unavailability for the maintenance rule should be consistent with its treatment in the plant PSA. Performance criteria should be established consistent with whichever treatment is chosen.
2) TestingSSCs that are not tagged out SSCs SSCs out of service for testing or preventive maintenance, but that are not tagged out, are are considered unavailable, unless the test plant configuration is automatically overridden by a valid starting signal, or the function can be promptly restored either by an operator in the control room or by a dedicated operator stationed locally for that purpose. Restoration actions must be contained in a written procedure, must be uncomplicated (a single action or a few simple actions), and must not require diagnosis or repair. Credit for a dedicated local operator can be taken only if (s)he is positioned at the proper location throughout the duration of the test for the purpose of restoration of the train should a valid demand occur. The intent of this paragraph is to allow licensees to take credit for restoration actions that are virtually certain to be successful (i.e., probability nearly equal to 1) during accident conditions.

1 DRAFT Unavailability, Short Duration Trains are considered to be available during periodic system or equipment realignments to swap components or flow paths as part of normal operations.

Evolutions or surveillance tests that result in less than 15 minutes of unavailable hours per train at a time need not be counted as unavailable hours. Licensees should compile a list of surveillances or evolutions that meet this criterion and have it available for inspector review. The intent is to minimize unnecessary burden of data collection, documentation and verification because these short durations have insignificant risk impact.

  • Required operational hours are the number of hours that the SSC serves a safety function. The safety function (and the need to count required hours), may be necessary at all times, or may be dependent on reactor mode, criticality, fuel in the reactor vessel, or other factors. The degree of redundancy for SSCs performing a safety function may vary based on factors as described above, and the determination of required operational hours may take this into account. However, determination of required operational hours should include consideration that an SSC may be used for establishment of backup success paths or compensatory measures. Required operational hours may include times beyond those for which SSC operability is required by Technical Specifications.

2 DRAFT Fire risk associated with maintenance activities during power operations

Purpose:

The purpose of this paper is to provide licensees with information on potential approaches to address fire risks associated with maintenance activities during power operations. This is not currently a requirement under 50.65 (a)(4),

but some licensees have requested information regarding potential approaches.

Fire risk impacts: Maintenance activities can impact fire risks. In particular, the following activities could have risk impacts:

1. Performance of maintenance activities with potential to cause a fire (e.g.,

welding, use of cutting and grinding tools, transient combustibles, etc)

2. Removal of fire detection or suppression equipment from service
3. Removal or impairment of fire barriers (e.g., opening of fire doors to facilitate maintenance, removal of protective barriers on cable trays or conduit, etc)
4. Removal of core damage mitigation equipment from service Each plant is required to maintain a fire protection program, pursuant to 10 CFR 50.48 or Part 50, Appendix R. The programs, as implemented through NRC guidance documents, directly address the risk management aspects of items 1 through 3 above. The compensatory measures for these activities usually involve fire watches or other administrative activities. Because of these existing controls, the scope of applicability of 10 CFR 50.65(a)(4), as described in Section 11.3.3 of NUMARC 93-01, Revision 3, does not include fire detection and suppression equipment, and no additional action is warranted under §50.65(a)(4) for these items, except for the following:

General Guidance: The plant personnel responsible for activities relative to fire protection and §50.65(a)(4) should communicate and maintain awareness of their respective risk management actions such that an integrated perspective of these activities is maintained. (See further discussion in risk management actions below).

With regard to item 4, removal of mitigation equipment from service, the

§50.65(a)(4) program should include consideration of these risks, as they are not covered by existing fire protection regulations and can cause a non-insignificant risk impact.

1 DRAFT Guidance: Include consideration of fire risks when removing equipment from service that is known from existing plant specific evaluations to have non-insignificant impact on mitigation of core damage due to fire initiators. This is generally a qualitative evaluation, but quantitative approaches may be opitionally used by plants that are capable of such evaluations (see below for further discussion of limitations on use of quantitative techniques).

The identification of important equipment for mitigating core damage resulting from fire initiating events can come from two sources:

First, each plant is required by 10 CFR 50.48 or Appendix R to identify one train of safe shutdown capability free of fire damage, such that the plant can be safely shutdown in the event of a fire. The magnitude of the fire is based on analysis of combustible loadings in the areas of concern. Some plants maintain this requirement through adequate separation between redundant trains of safe shutdown equipment, such that a single fire could not render both trains incapable of performing their safe shutdown function. Other plants, lacking adequate train separation, need to protect one train of equipment through fire barriers. While fire protection regulations require compensatory measures for the temporary removal of these barriers, they do not address the removal from service of the protected equipment for maintenance activities.

Second, each plant has also performed either a screening analysis (e.g. Fire Induced Vulnerability Evaluation, or FIVE), or a fire PRA, to examine fire risks relative to the Individual Plant Examination for External Events (IPEEE). These analyses may identify additional equipment (beyond the safe shutdown path discussed above) that is useful for mitigating the risk of a fire, or may identify alternative safe shutdown pathways. There are a few plants that have fire PRAs (or integrated PRAs) such that fire risk can be quantified and addressed in the same manner as internal events risk. In general, however, the screening analyses and fire PRAs performed for the IPEEE will not provide quantitative fire risk information that can be directly compared to the internal events PRA model. Thus, it is recommended that these analyses be used in a qualitative, rather than quantitative sense, in assessing and managing risk for §50.65(a)(4).

2 DRAFT Guidance: Each plant should use the above sources of information to identify equipment within the existing (a)(4) scope that is found to be significant to core damage mitigation for fire initiators. This scope of equipment will be a subset of the overall (a)(4) scope, and fire risk need only be considered for equipment falling in this specific scope.

Since safe shutdown is oriented to assuring adequate core cooling, it is generally likely that equipment important to internal events core damage mitigation may also be important for fire risk.

Some fire scenarios have no success paths available. Examples may include some main control room (MCR) fires or severe fires in electrical equipment rooms. For these scenarios, there are essentially no impacts of removing equipment from service. These fire scenarios are almost always risk significant, but not impacted by on-line maintenance. It is recommended that these scenarios be screened from further consideration.

Guidance: For plants that meet §50.48/Appendix R by protecting one train of safe shutdown equipment through fire barriers, the overall risk significance (internal events plus fire) will be more significant for the protected train than for the redundant, non protected train of the same system. Thus, maintenance activities on the protected train should consider this greater risk, and take appropriate risk assessment and management actions.

For determination of the threshold for risk management actions, the following approaches may be considered:

1. Quantifying and integrating the fire risk and internal events risk for the purpose of calculating the ICDP (limited applicability - see above).
2. Establish an adjustment factor to the internal events ICDP (Section 11.3.7.2),

or raise the risk management action threshold by one level.

The appropriate adjustment factor can be determined by risk personnel using insights from screening evaluations or fire PRAs performed for the IPEEE. This adjustment factor should take into account the number of safe shutdown paths available.

3 DRAFT

3. Use the following table to determine the need for risk management actions specific to fire risk when fire risk mitigation equipment is taken out of service. This table is used in addition to the existing guidance in NUMARC 93-01 (i.e., this table is specific to fire risk and does not address other contributors). Background information on the development of this table may be found in EPRI Report 1012948, Methodology for Fire Configuration Risk Management Final Report, December 2005 Number of Core Damage Avoidance Success Paths Available 1 or More Success Paths Available No Success Paths Available Duration of Unavailability Duration of Unavailability

<3d 3-30d >30d <3d 3-30d >30d Normal Controls Risk Normal Risk Avoid Mgmt. Control Mgmt. Config.

If the above evaluation indicates risk management actions are appropriate, the following actions should be considered:

1. Primary action: Coordinate activities within the plant that could involve increased fire risk with those maintenance activities involving removal from service of mitigation equipment important for fire risk. This involves coordination of fire protection personnel with maintenance rule (a)(4) personnel. Based on this coordination, evaluate appropriate risk management actions as discussed in Section 11.3.7.3 of NUMARC 93-01, Revision 3.
2. Additional risk management actions specific to fire could include:
  • Re-scheduling activities that involve increased fire likelihood in fire areas where the out of service core damage mitigation equipment would be relied upon in the event of a fire
  • Increased fire watches in fire areas where the out of service core damage mitigation equipment would be relied upon in the event of a fire
  • Confirm the availability of an alternate success path for safe shutdown should it be needed. These could include alternative success paths excluded from design basis evaluations (e.g., Bleed & Feed Cooling (PWRs), Containment Venting (BWRs))

4

Retrieved from "https://kanterella.com/w/index.php?title=ML090130150&oldid=2247271"