ML110910508
| ML110910508 | |
| Person / Time | |
|---|---|
| Site: | Harris  |
| Issue date: | 03/31/2011 |
| From: | NRC/NRR/DRA/AFPB |
| To: | |
| References | |
| FAQ 10-0059, Rev 0 | |
| Download: ML110910508 (10) | |
Text
NRC Staff Comments on FAQ 10-0059, Revision 0 [HTB] {April 2011}
DRAFT DRAFT FAQ Number 10-0059 FAQ Revision Rev. 0 FAQ Title NFPA 805 Monitoring Plant: Harris Nuclear Plant Date: February 17, 2011
Contact:
Joelle DeJoseph/ Phone: 919-546-6247 Dave Miskiewicz Email: joelle.dejoseph@pgnmail.com Distribution: (NEI Internal Use)
Purpose of FAQ:
The purpose of this FAQ is to clarify the following for the NFPA 805 monitoring program: screening criteria action levels definition of fire compartments in the fire PRA Is this Interpretation of guidance? Yes Proposed new guidance not in NEI 04-02? Yes Details: NEI 04-02 guidance needing interpretation (include section, paragraph, and line numbers as applicable):
Some clarification is required to help the user implement the monitoring program for NFPA 805.
The clarification stems from lessons learned while developing the monitoring program for the pilot plants.
There are three key points of clarification:
- 1. Analysis Unit - The monitoring analysis unit (fire compartment, fire area, fire zone, or ignition source) should be selected to optimize the monitoring scope such that high safety significant FP SSCs are identified and low safety significant FP SSCs can be monitored via existing programs/processes.
- 2. Screening - The screening of analysis units should generally be based on larger analysis units, such that SSCs are not screened such that combined impacts would cause a larger analysis unit to be included in the scope.
- 3. Action level threshold - When establishing the action level threshold for reliability, the action level should be consistent withat or below the fire PRA assumption. When applicable, a sensitivity study should be performed to determine the margin below the action level that still provides acceptable fire PRA results to help prioritize corrective actions if the action level is reached.
Circumstances requiring guidance interpretation or new guidance:
Lessons learned.
Detail contentious points if licensee and NRC have not reached consensus on the facts and circumstances:
None.
Potentially relevant existing FAQ numbers:
NRC Staff Comments on FAQ 10-0059, Revision 0 [HTB] {April 2011}
DRAFT DRAFT FAQ Number 10-0059 FAQ Revision Rev. 0 FAQ Title NFPA 805 Monitoring None.
Response Section:
Proposed resolution of FAQ and the basis for the proposal:
See specific revisions listed below.
If appropriate, provide proposed rewording of guidance for inclusion in the next Revision:
See revisions to NEI 04-02 Section 5.2.1, Section 5.2.3, and Appendix E below.
5.2 Monitoring Section 2.3 of NFPA 805 discusses assumptions used in performing engineering analyses to support a risk-informed, performance-based fire protection program. The following requirements are included:
2.3 Assumptions. The following assumptions are provided to perform a deterministic analysis of ensuring the nuclear safety performance criteria are met. [Performance-based information (i.e.,
equipment out of service, equipment failure unrelated to the fire, concurrent design basis events) are integral parts of a PSA and shall be considered when performance-based approaches are utilized.]
Section 2.4.2.1 of NFPA 805 discusses systems and equipment utilized to meet the nuclear safety performance criteria. One requirement cited for those systems and equipment relates to availability and reliability:
2.4.2.1 Nuclear Safety Capability Systems and Equipment Selection Availability and reliability of equipment selected shall be evaluated."
Section 2.4.3.3 of NFPA 805 discusses PSA analyses performed to support Fire Risk Evaluations:
2.4.3.3* The PSA approach, methods, and data shall be acceptable to the AHJ. They shall be appropriate for the nature and scope of the change being evaluated, be based on the as-built and as-operated and maintained plant, and reflect the operating experience at the plant.
Section 2.6 of NFPA 805 discusses monitoring requirements associated with a risk-informed, performance-based fire protection program. The following are the requirements from Section 2.6:
2-6* Monitoring. A monitoring program shall be established to ensure that the availability and reliability of the fire protection systems and features are maintained and to assess the performance of the fire protection program in meeting the performance criteria. Monitoring shall ensure that the assumptions in the engineering analysis remain valid.
2-6.1 Availability, Reliability, and Performance Levels. Acceptable levels of availability, reliability, and performance shall be established.
2-6.2 Monitoring Availability, Reliability, and Performance. Methods to monitor availability, reliability, and performance shall be established. The methods shall consider the plant operating experience and industry operating experience.
NRC Staff Comments on FAQ 10-0059, Revision 0 [HTB] {April 2011}
DRAFT DRAFT FAQ Number 10-0059 FAQ Revision Rev. 0 FAQ Title NFPA 805 Monitoring 2-6.3 Corrective Action. If the established levels of availability, reliability, or performance are not met, appropriate corrective actions to return to the established levels shall be implemented. Monitoring shall be continued to ensure that the corrective actions are effective.
As part of the transition review, the adequacy of the inspection and testing program to address FP systems and equipment within plant inspection and compensatory measures programs should be reviewed. In addition, the adequacy of the plant corrective action program in determining the causes of equipment and programmatic failures and minimizing their recurrence should also be reviewed as part of the transition to a risk-informed, performance-based licensing basis.
5.2.1 Existing Guidance and Programs The Maintenance Rule (10 CFR 50.65) and Regulatory Guide 1.174 are provided as examples in NFPA 805 Section A.2.6 of acceptable monitoring programs. However, the intent is not to require fire protection program equipment to be included into a maintenance rule program. Flexibility is provided to allow plant-specific processes to be established for monitoring.
NEI Document NUMARC 93-01, Industry Guideline for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants, provides an acceptable approach to meet the Maintenance Rule. It includes methods for selecting equipment, establishing and applying risk significance criteria and performance criteria, goal setting and monitoring, assessing and managing risk, performing periodic assessment of performance, and necessary documentation. Although not required, NUMARC 93-01 should be consulted for ideas in developing/updating a fire protection monitoring program. Due to the efforts expended in complying with the maintenance rule for plant safety systems, a plant may determine that the incremental effort associated with adding selected fire protection program systems and features to previously established programs may be less than establishing a new process or effort. NUMARC 93-01 is very flexible in recognizing the utilization of existing plant programs.
Plant/owner-operator specific initiatives have been undertaken to optimize fire protection surveillance and testing practices and frequencies based upon performance. This is allowed under traditional regulatory framework using a fire protection standard license condition and by ensuring that the program and its results were satisfactory to insurance representative. Therefore, there are established programs that could be used, enhanced, or modified in an effort to meet the monitoring requirements as discussed in NFPA 805. Other entities such as the Department of Defense and Department of Energy have participated in performance-based fire protection inspection and testing efforts. Therefore, there are a number of resources available to establish and maintain a risk-informed, performance-based program. Comment [H1]: While this paragraph may be true, the staff recommends that licensees that want Acceptable levels of availability, reliability, and performance must be established. This does not imply or this flexibility should describe how they intend to implement this flexibility in the LAR so that the staff require detailed statistical analysis of all fire protection systems, features, components, and sub-components. may approve that process. Otherwise, it will be up Instead, determining acceptable levels of availability, reliability, and performance should be commensurate to the licensee to justify that these changes do not with their risk significance and may be established at the structure, system, or component level, or aggregates of constitute the use of performance-based methods on attributes of the fundamental FP and design these, where appropriate. It is up to individual plants to establish goals and criteria for acceptable levels of elements required by NFPA 805 Chapter 3.
availability and reliability. This is consistent with Maintenance Rule implementation as outlined in NUMARC 93-01.
To demonstrate compliance with NFPA 805, the action level for the monitored SSCs, which may be grouped together functionally in pseudo-systems or performance monitoring groups, should be consistent with based on the Fire PRA assumptions. For example, if the Fire PRA assumes 95% reliability for a wet pipe sprinkler system, the monitoring program action level for that group of SSCs comprising the wet pipe sprinkler system should be set to at or above 95% since the requirement in NFPA 805 Section 2.6 is to ensure that the
NRC Staff Comments on FAQ 10-0059, Revision 0 [HTB] {April 2011}
DRAFT DRAFT FAQ Number 10-0059 FAQ Revision Rev. 0 FAQ Title NFPA 805 Monitoring assumptions in the engineering analysis remain valid. This means that corrective actions should be taken before the criteria is exceeded. Further evaluation such as a sensitivity study may be performed to determine the margin below the action level that still provides acceptable Fire PRA results. This will help prioritize corrective actions once the action level is reached.
5.2.2 Monitoring Program Development It is expected that a monitoring program for a risk-informed, performance-based fire protection program would be established in phases, with elements added as more of the program relies upon risk-informed, performance-based techniques. For example, during the transition to a new licensing basis, a plant may only truly employ risk-informed, performance-based techniques to address a few fire areas or fire protection features/elements. It is important to identify parts of the program that may require additional attention during the transition and change evaluation process. Likely candidates would include monitoring of nuclear safety equipment or other plant equipment that is not part of the traditional post-fire safe shutdown analysis and whose availability is an important component of limiting fire risk. Other attributes may include features that are integral to successful fire modeling in an area, but may not have been considered important in a compliance-based approach.
It is expected that a more refined monitoring program (availability, reliability, performance goals) would be established for the parts of the program where these techniques have been employed. For example, as risk-informed, performance-based techniques are used as part of the change process (i.e., fire modeling in a fire area, change in equipment in PRA model, change in equipment relied upon to achieve the nuclear safety criteria, change in surveillance frequencies of fire protection equipment), the scope and depth of monitoring program would need to be adjusted accordingly. See Appendix E of this document for additional guidance on establishing a monitoring program.
5.2.3 Monitoring Considerations Monitoring programs for fire protection systems are not a new concept being introduced as part of a risk-informed, performance-based fire protection program. Surveillance, testing, and maintenance of fire protection systems and features have always been part of a sound program. In addition, the system engineer functions at nuclear power plants have stressed system and equipment health, reliability, and availability.
Risk-informed, performance-based reactor oversight has also increased attention on plant systems and features (including fire protection) with the greatest contribution to risk. Adoption of a risk-informed fire protection licensing basis, however, may introduce some different considerations that may not have been present in a traditional fire protection program.
Calculations and analyses such as fire modeling, particularly a maximum expected and limiting fire scenario, rely on core key assumptions that help form the basis for acceptability of configurations and changes to those Comment [H2]: Too easy to confuse this with engineering analysis assumptions related to core configurations. These assumptions and input conditions may be different in content and form than previously physics.
analyzed.
For example, a fire scenario in a traditional program may have assessed fire hazards by monitoring the combustible loading represented by a BTU/square foot value in an area, which would be monitored by a plant combustible control program. Under a risk-informed, performance-based program, fire modeling, using more advanced and accurate predictions of fire behavior may rely on a certain quantity of oil spill from a pump motor or containment of spilled oil by a retaining berm. The factors that influence results of fire scenarios should be included within an administrative or design control/monitoring program.
Suppression systems relied upon specifically in a calculation for core damage frequency has an inherent
NRC Staff Comments on FAQ 10-0059, Revision 0 [HTB] {April 2011}
DRAFT DRAFT FAQ Number 10-0059 FAQ Revision Rev. 0 FAQ Title NFPA 805 Monitoring reliability and availability. Systems that are integral to prevention of risk-significant fire scenarios may require monitoring to meet numerical availability numbers in order to satisfy risk acceptance criteria.
Traditional safe shutdown analyses have relied upon safe shutdown equipment being in service at the start of a fire. A risk-informed, performance-based approach, particularly in a risk model that calculates core damage frequency, considers safe shutdown nuclear safety and fire detection, suppression and mitigation features and equipment unavailability. As more credit is taken for risk-informed, performance-based approaches, the need for monitoring this equipment availability, with direct consideration on fire risk, would be necessary.
The majority of equipment relied upon to ensure post-fire nuclear safety is equipment that is important for plant risk and mitigation of the consequences of design basis accidents. Therefore, most equipment important to fire risk has been subjected to inspection, testing, and performance monitoring as part of the nuclear plant processes.
In addition, equipment important to the IPE risk model has been identified as part of the Maintenance Rule process and subjected to a variety of plant controls and processes. However, all equipment important to fire risk may not be part of an existing monitoring program. Outliers must be identified and incorporated as necessary into a monitoring program.
Most of these fire protection features and systems are already being included in the existing fire protection inspection and test program and system/program health programs. The existing fire protection surveillance program is adequate for routine monitoring of the FP Systems and features required by the fundamental program of Chapter 3 or that is not high safety significant for Ch 4. The process suggested here is to determine those higher risk significant fire protection and nuclear safety systems and features that may require additional monitoring beyond normal surveillance activities.
Because a fire risk assessment may rely on different equipment than a traditional safe shutdown analysis, the availability of this equipment may be important to fire risk. For example, the availability of offsite power or non-safety feedwater sources may be an integral part of a risk model. The need for monitoring these features under the Maintenance Rule or the NFPA 805 monitoring program should be determined.
Due to different success criteria that are evaluated in a risk-informed, performance-based program, other fire protection features may require monitoring.
Special attention is required when selecting the monitoring analysis units (i.e. plant area subdivision or compartment see example in Appendix section under Phase 2 screening using risk criteria). Selecting too large of an analysis unit can expand the monitoring to unnecessarily include low-risk significant fire SSCs, while selecting too small of a unit can cause the program to screen equipment whose combined impacts may be significant. In general, the selection process should move from large to small such that the monitoring can be focused on the locations and the SSCs within them that provide significant contributions to the risk of the unscreened larger analysis units.
Screening and analysis unit selection processes should also include considerations for design/operation/maintenance limitations. For instance, fire detection should not subdivide systems beyond the system/train/channel level used in normal operation/maintenance.
NRC Staff Comments on FAQ 10-0059, Revision 0 [HTB] {April 2011}
DRAFT DRAFT FAQ Number 10-0059 FAQ Revision Rev. 0 FAQ Title NFPA 805 Monitoring FAQ Title NFPA 805 Monitoring E. MONITORING The monitoring process consists of four major phases:
Phase 1 - Scoping Phase 2 - Screening Using Risk Criteria Phase 3 - Risk Target Value Determination Phase 4 - Monitoring Implementation An expert panel or a documented evaluation is used to:
Determine the scope of Fire Protection and Nuclear Safety SSCs and programmatic elements to monitor.
Establish initial levels of availability, reliability, or other criteria for those elements that require monitoring.
A suggested methodology is outlined below:
Phase 1 - Scoping In order to meet the NFPA 805 requirements for monitoring, the following categories of SSCs and programmatic elements shall be included in the NFPA 805 monitoring program:
Fire Protectionand Nuclear Safety Structures, Systems, and Components
- Fire protection and Nuclear Safety systems and features required by the NSCA
- Fire protection and Nuclear Safety systems and features modeled in the Fire PRA
- Fire protection systems and features required by Chapter 3 of NFPA 805 Fire Protection Programmatic Elements Key Assumptions in Engineering Analyses(specifically the Fire PRA under NFPA 805 Section 4.2.4.2 or Fire Modeling under NFPA 805 Section 4.2.4.1)
As a minimum these fire protection features and systems will be included in the existing fire protection inspection and test program and system/program health programs. The existing fire protection surveillance program is adequate for routine monitoring of the FP Systems and features required by the fundamental program of Chapter 3. The following process is suggested to determine those fire protection and nuclear safety systems and features that may require additional monitoring beyond normal surveillance activities.
- 1. Fire Protection Structures, Systems, and Components Monitoring of SSCs that are required to demonstrate compliance with NFPA 805 is required. These SSCs may include Detection and Alarm Systems, Fire Suppression Systems, Water Supply, Hydrants, and Valves, Fire Pumps, Stand Pipes, Hose Stations, and Hoses, or Fire Barriers, among others. Only those fire protection and nuclear safety systems and features required by the NSCA or modeled in the Fire PRA would be considered in scope for the additional monitoring of the NFPA 805 program.
- 2. Monitoring of Fire Protection Programmatic Elements Monitoring of programmatic elements is required in order to assess the performance of the fire protection program in meeting the performance criteria. Programmatic aspects include:
NRC Staff Comments on FAQ 10-0059, Revision 0 [HTB] {April 2011}
DRAFT DRAFT FAQ Number 10-0059 FAQ Revision Rev. 0 FAQ Title NFPA 805 Monitoring FAQ Title NFPA 805 Monitoring Transient Combustible Control; Transient Exclusion Zones Hot Work Control; Administrative Controls Fire Watch Programs; Program compliance and effectiveness Fire Brigade; Response Times Fire Protection Health Reports, Self-Assessments, regulator and insurance company reports provide inputs to the monitoring program. The monitoring of programmatic elements and program effectiveness may be performed as part of the management of engineering programs. This monitoring is more qualitative in nature since the programs do not lend themselves to the numerical methods of reliability and availability. These programs form the bases for many of the analytical assumptions used to evaluate compliance with NFPA 805 requirements
- 3. Monitoring of Key Assumptions in Engineering Analyses The assumptions of the Fire PRA are the primary drivers of the need for monitoring levels of reliability and availability of the SSCs utilized in the risk informed performance based program. These SSCs are generally broken down into two groups, the NSCA (and PRA Internal Events) SSCs and the fire protection systems and features SSCs. Other analytical assumptions from the NSCA, Non-Power Operations and Radioactive Release evaluations may also increase the scope of Fire Protection SSCs or programmatic elements to be reviewed. The NFPA 805 Monitoring program shall be used to monitor the performance of these Fire Protection SSCs at either the component or the functional level.
NSCA and PRA internal events equipment and systems are generally monitored by the Maintenance Rule. It is anticipated that in most cases, for the NSCA type components, the existing Maintenance Rule performance goals will be bounding. Any NSCA equipment and systems not considered under Maintenance Rule should be reviewed for inclusion in the Maintenance Rule. If the maintenance rule process (expert panel) does not elect to include these SSCs into the Maintenance Rule program, they shall be included in the NFPA 805 monitoring program. Comment [H3]: The point here is that this monitoring program should not allow there to be a hole in the coverage of risk-important SSCs. If this change is not made, I will recommend that any Phase 2 - Screening Using Risk Criteria high risk SSCs that are not covered by the monitoring program be assigned new TECHNICAL Phase 2 of the process is establishing the risk significant criteria and screening FP SSCs and programmatic SPECIFICATION requirements for operability (with a elements to be within the NFPA 805 monitoring scope and the High Safety Significant FP SSCs, programmatic shutdown action statement) and surveillance on a elements and /or functions. This may be accomplished at the component, programmatic element, and/or frequency that will ensure that the Fire PRA assumptions are met. See 10 CFR 50.36(c)(2)(ii)(D) functional level. Since risk is evaluated at the analysis unit level, criteria must be developed to determine those and 50.36(c)(3) analysis units for which the FP SSCs are considered risk significant. The Fire PRA is the primary tool used to establish risk significance criteria and performance bounding guidelines. The screening thresholds used to determine risk significant analysis units are those that meet the following example criteria:
Risk Achievement Worth (RAW) of the monitored parameter 2.0 (ANDOR) either
NRC Staff Comments on FAQ 10-0059, Revision 0 [HTB] {April 2011}
DRAFT DRAFT FAQ Number 10-0059 FAQ Revision Rev. 0 FAQ Title NFPA 805 Monitoring FAQ Title NFPA 805 Monitoring Core Damage Frequency (CDF) x (RAW) 1.0E-7 per year (OR)
Large Early Release Frequency (LERF) x (RAW) 1.0E-8 per year Formatted: Indent: First line: 0" High Safety Significant Fire Protection and Nuclear Safety SSCs are those that meet or exceed the risk significant analysis unit screening criteria, and all required FP/NS SSCs, programmatic elements and /or functions are included for each analysis unit. Low Safety Significant Fire Protection/Nuclear Safety SSCs are those that do not meet the risk significant analysis unit screening criteria and are monitored via existing programs/processes. Additionally, the Expert Panel or reviewer may include other analysis units (and required FP/NS SSCs, programmatic elements and /or functions) that are not risk significant (per the Fire PRA screening criteria) but are included based on plant specific history and/or operational considerations.
The selection of an appropriate or alternative sized analysis unit is critical and a basis needs to be established to ensure adequate monitoring is provided.
EXAMPLE: For a plant, the power block definition included the Turbine building. The Fire PRA had made the entire turbine building (four floors, open to the outside, approximately 52,800 square feet) one analysis unit. Values for CDF and LERF are greater than the threshold, so this analysis unit is screened into the monitoring program. There are four significant fire sources identified (for CDF and LERF) for this analysis unit. Two fire sources are located in the General Service Switchgear Room on the south side of the 261 elevation, one fire source is located on the northeast corner on the 261 elevation, and one fire source is in the Electrical Room on the south side of the 286 elevation. These four fire sources whole Turbine Building would contribute 350 detectors, 18 detector channels, 16 sprinkler valves, and ten manual pull stations into the scope of systems requiring additional monitoring. When just the impact from the four sources within the analysis unit is considered, the monitored equipment is 42 detectors, three detector channels, one sprinkler valve, and one manual pull station. This accounts for an almost 90% reduction in quantity of monitored equipment while still focusing on the important fire scenarios.
The more practical and realistic approach to this particular analysis unit would be to evaluate each of the four significant fire sources, determine exactly what equipment would mitigate the impact of the four significant fire sources, and to only include that equipment in the monitoring program (down to the system/train/channel level normally used for operation and maintenance).
Phase 3 - Risk Target Value Determination Phase 3 consists of utilizing the Fire PRA, or other processes as appropriate, to determine target values of reliability and availability for the High Safety Significant, FP/NS SSCs, programmatic elements and/
or functions established in Phase 2.
Failure Criteria are established by the Expert Panel or evaluation based on the required FP/NS SSCs, programmatic elements and /or functions assumed level of performance in the supporting analyses.
Action levels are established for the SSCs at the component level, program level, or functionally through the use of the pseudo system or Performance
NRC Staff Comments on FAQ 10-0059, Revision 0 [HTB] {April 2011}
DRAFT DRAFT FAQ Number 10-0059 FAQ Revision Rev. 0 FAQ Title NFPA 805 Monitoring FAQ Title NFPA 805 Monitoring Monitoring Group concept. The action level is determined based on the number of component, program or functional failures within a sufficiently bounding time period (~2-3 operating cycles). Adverse trends and unacceptable levels of availability, reliability, and performance will be reviewed against established action levels. Documentation of the Monitoring Program failure criteria and action level targets will be contained in the Expert Panel Meeting Minutes or other documented evaluation.
Phase 4 - Monitoring Implementation Phase 4 is the implementation of the monitoring program, once the monitoring scope and criteria are established. The corrective action process will be used to address performance of Fire Protection and Nuclear Safety SSCs that do not meet Performance Criteria.
For High Safety Significant Fire Protection and Nuclear Safety SSCs that are monitored, unacceptable levels of availability, reliability, and performance will be reviewed against the established action levels. If an action level is triggered, the Expert Panel or evaluator(s) approves the Corrective Action criteria and action level adjustment if more than usual monitoring is warranted.
A periodic assessment should be performed (e.g., at a frequency of approximately every two to three operating cycles), taking into account, where practical, industry wide operating experience. This may be conducted as part of other established assessment activities. Issues that should be addressed include:
Review Systems with Performance Criteria. Do performance criteria still effectively monitor the functions of the system? Do the criteria still monitor the effectiveness of the Fire Protection and Nuclear Safety System(s)?
Have the supporting analyses been revised such that the performance criteria are no longer applicable or new FP/NS SSCs, programmatic elements and/ or functions need to be in scope?
Based on the performance during the assessment period, are there any trends in system performance that should be addressed that are not being addressed?
Page 10 of 10
NRC Staff Comments on FAQ 10-0059, Revision 0 [HTB] {April 2011}
DRAFT DRAFT FAQ Number 10-0059 FAQ Revision Rev. 0 FAQ Title NFPA 805 Monitoring Formatted: Font: 11.5 pt This box should say:
Establish listing of High Safety Significant Fire or Nuclear Safety SSCs (for each PMG) based on Criteria