Supplemental Response to Request for Additional Information for License Amendment, Reactor Protective System/Engineered Safeguards Protective System Digital Upgrade, Technical Specification Change No. 2007-09, Supplement 14

ML090700120
Person / Time
Site:	Oconee
Issue date:	03/06/2009
From:	Baxter D Duke Energy Carolinas
To:	Document Control Desk, Office of Nuclear Reactor Regulation
References
Download: ML090700120 (4)
v • d • e

Text

Duke DAVE BAXTER Due Vice President Pow" Energy.

Oconee Nuclear Station Duke Energy Corporation ONO1 VP17800 Rochester Highway Seneca, SC 29672 864-885-4460 864-885-4208 fax dabaxter@dukeenergy.com March 6, 2009 U. S. Nuclear Regulatory Commission Washington, D. C. 20555 Attention: Document Control Desk

Subject:

Duke Energy Carolinas, LLC Oconee Nuclear Station, Units 1, 2, and 3 Docket Numbers 50-269, 50-270, and 50-287 Supplemental Request for Additional Information for License Amendment Request for Reactor Protective System/Engineered Safeguards Protective System Digital Upgrade, Technical Specification Change (TSC) Number 2007-09, Supplement 14 On January 31, 2008, Duke Energy Carolinas, LLC (Duke) submitted a License Amendment Request (LAR) to address replacement of the existing Oconee Nuclear Station (ONS) analog based Reactor Protective System (RPS) and Engineered Safeguards Protective System (ESPS) with a digital computer based RPS/ESPS. Duke responded to an August 20, 2008 NRC request for additional information by letter dated September 30, 2008.

10 CFR 50.55a(h)(2) requires that the Oconee design of protection systems be consistent with their licensing basis or comply with IEEE Std. 279, "Criteria for Protection Systems for Nuclear Power Generating Stations," or IEEE Standard (Std) 603-1991, "IEEE Standard Criteria for Safety Systems for Nuclear Power Generating Stations," and correction sheet dated January 30, 1995. In accordance with 10 CFR 50.55a(a)(3), Duke requests Nuclear Regulatory Commission approval of the use of IEEE Std 603-1998 as an alternative to satisfy the requirement of 10 CFR 50.55a(h)(2). As demonstrated below, IEEE Std 603-1998 meets or exceeds IEEE STD 603-1991 requirements and therefore provides an acceptable level of quality and safety as required by 10 CFR 50.55a(a)(3)(i).

Duke considers the 1998 revision to IEEE Std 603 as more appropriate for referencing in the RPS/ESPS LAR since it provides additional criteria and guidance with respect to the application of the standard to computer-based safety systems. The introduction to IEEE Std 603-1998 states that the purpose of the revision is to clarify the application of this standard to computer-based safety systems and to advanced nuclear power generating station designs.

The introduction goes on to state that the revision provides guidance for the treatment of electromagnetic interference (EMI) and radio-frequency interference (RFI), clarifies definitions (e.g.,"Class 1E"), and updates references. Reference is also made to IEEE Std 7-4.3.2-1993 as providing additional guidance on applying the safety system criterion specified by this standard for the use of computers as components in safety systems.

Regulatory Guide (RG) 1.152, "Criteria For Use Of Computers In Safety Systems Of Nuclear Power Plants," Rev. 2, refers to a later version of IEEE Std 7-4.3.2 (2003), "IEEE Standard www. duke-energy. corn A0ao/

U. S. Nuclear Regulatory Commission March 6, 2009 Page 2 Criteria for Digital Computer Systems in Safety Systems of Nuclear Power Generating Stations," as evolving from IEEE Std 7-4.3.2-1993 and states that it reflects advances in digital technology. the RG goes on to state that IEEE Std 7-4.3.2-2003 specifies computer-specific requirements to supplement the criteria and requirements of IEEE Std 603-1998.

Duke compared the requirements of the two versions of IEEE Std 603 and confirmed that the requirements of IEEE Std 603-1998 either meet or exceed the requirements of IEEE Std 603-1991. Most changes involve clarification or reference to later versions of standards. The following summarizes the primary changes:

Section 5.1, Single Failure, was revised to clarify that a single failure could occur prior to, or at any time during, the design basis event for which the safety system is required to function and adds reference to IEEE Std 7-4.3.2-1993, which addresses digital I&C applications. Note: RG 1.152 R2 now endorses IEEE Std 7-4.3.2-2003.

Section 5.3, Quality, was revised to update reference to quality assurance guidance (refers to ASME NQA-1-1994 in place of ASME NQA-1-1989 and added reference to IEEE Std 7-4.3.2).

Section 5.4, Equipment Qualification, revised to add reference to IEEE Std 7-4.3.2.

Section 5.5, System Integrity, revised to add reference to IEEE Std 7-4.3.2.

Section 5.6, Independence, revised to require that separation of Class 1 E equipment be in accordance with the requirements of IEEE Std 384-1992 versus the 1981 version.

Note: RG 1.75 R3 endorses IEEE Std 384-1992.

o Section 5.11, Identification, revised to require safety system equipment be distinctly identified for each redundant portion of a safety system in accordance with the requirements of IEEE Std 384-1992 (versus the 1981 version). Note: RG 1.75 R3 endorses IEEE Std 384-1992.

Section 5.11, Identification, revised to add a new requirement that versions of computer hardware, programs, and software be distinctly identified in accordance with IEEE Std 7-4.3.2.

Section 5.13, Multi-Unit Stations, revised to refer to later versions of IEEE Standards.

Note: Regulatory Guides now endorse even later versions of the IEEE Standards.

Section 5.15, Reliability, revised to indicate that guidance on the application of this criteria for safety system equipment employing digital computers and programs or firmware is found in IEEE Std 7-4.3.2.

Section 5.16, Common Cause Failure, added to require plant parameters to be maintained within acceptable limits established for each design basis event in the presence of a single common cause failure, Reference is also made to IEEE Std 7-4.3.2 as providing guidance on performing an engineering evaluation of software common cause failures, including use of manual action and non-safety-related systems, or components, or both, to provide means to accomplish the function that would otherwise be defeated by the common cause failure.

Section 6.8, Setpoints, revised to reference ANSI/ISA S67.04-1994 versus the 1987 version. Note RG 1.105 R3 endorses ANSI/ISA S67.04-1994.

Section 8.1, Electrical Power Sources, revised to reference IEEE Std 308-1991 versus the 1980 version. Note: RG 1.32 R3 now endorses IEEE Std 308-2001.

It U. S. Nuclear Regulatory Commission March 6, 2009 Page 3 The information above demonstrates that IEEE Std 603-1998 meets or exceeds IEEE Std. 603-1991 requirements and therefore provides an acceptable level of quality and safety as required by 10 CFR 50.55a(a)(3)(i).

I declare under penalty of perjury that the foregoing is true and correct. Executed on March 6, 2009.

Sincerely, D)ve Baxter, Vice President Oconee Nuclear Station

A U. S. Nuclear Regulatory Commission March 6, 2009 Page 4 cc:

Mr. J. F. Stang, Project Manager Office of Nuclear Reactor Regulation U. S. Nuclear Regulatory Commission Mail Stop 0-14 H25 Washington, D. C. 20555 Mr. L. A. Reyes, Regional Administrator U. S. Nuclear Regulatory Commission - Region II Atlanta Federal Center 61 Forsyth St., SW, Suite 23T85 Atlanta, Georgia 30303 Mr. G. A. Hutto Senior Resident Inspector Oconee Nuclear Station S. E. Jenkins, Manager Infectious and Radioactive Waste Management Section 2600 Bull Street Columbia, SC 29201