ML13004A469
ML13004A469 | |
Person / Time | |
---|---|
Site: | Diablo Canyon |
Issue date: | 10/31/2012 |
From: | Altran Solutions Corp |
To: | Office of Nuclear Reactor Regulation, Pacific Gas & Electric Co |
Shared Package | |
ML130040687 | List: |
References | |
08-0015-SP-001, Rev 7 | |
Download: ML13004A469 (81) | |
Text
Attachments 8-13 to the Enclosure contain Proprietary Information - Withhold Under 10 CFR 2.390 Enclosure Attachment 1 PG&E Letter DCL-12-120 PG&E Document "Diablo Canyon Power Plant Units I & 2 Process Protection System (PPS) Replacement Functional Requirements Specification, Revision 7" (Non-Proprietary)
Attachments 8-13 to the Enclosure contain Proprietary Information When separated from Attachments 8-13 to the Enclosure, this document is decontrolled.
A
Functional Requirements Specification Documt No. 08-0015-SP-001 NucleaaftyRelated 3-LToRa,
~~OWN6 -, I - d DC 663195-44-6 PAGE 1 OF 80
Report Record a LT R a n Report No 08-0015-SP-001 Rev. No.: 7 Sheet No. 2 QA Status: IOCFR50 [, 21CFR820 -], ISO 9000 r-, Other n Total Pages: 80
Title:
Functional Requirements Specification Process Protection System (PPS) Replacement Client: Pacific Gas & Electric Co. Facility: Diablo Canyon Units I & 2 Revision
Description:
Revised per Revision History Sheet Computer runs are identified on a Computer File Index: Yes El N/A 0 Error reports are evaluated by: NA Date:
Computer use is affected by error notices. No Z, Yes L] (if yes, attach explanation)
Origi(ao(s) Date Verif r(s) Date Robert A. Li . eer Jo n W. Hefler, Pr;cipal Engineer No. E9995 Verification: Verification is performed in accordance with EOP 3.4 as indicated below 0 Design review asdocumented on the following sheet or Verification Report No. I I-2243-VR-009, Rev. 0 El Alternate calculation as documented in attachment or EL Qualification testing as documented in attachment or Approved for Release: ,
John Rengep , oj Manager Date UNIT 1 & 2 DC 663195-44-6 PAGE 2 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 3 of 80 REVISION HISTORY Revision Affected Reason for Revision Number Sections/Pages 1 All Initial Issue 1.3 Added/deleted acronyms 1.4 Revised Reference 1.4.1.1.10 to correct version; revised 2 References 1.4.1.2.3, 1.4.1.4.1, 1.4.1.5.8, & 1.4.3.6 to add applicability statement Deleted Reference 1.4.2.1; updated all References in Section 1.4.2.2 Added Reference 1.4.3.18 2.1 Editorial change in second paragraph 2.3 Changed "Channel Set Failure" to "PPS Failure" in Section 2.3.2.2 Section 3 Reformatted and rewritten to accommodate major update remarks.
Section 4 Reformatted and rewritten to accommodate major update remarks.
Section 2.2.2.2 Added "associated" for clarification.
Section 2.2.3.3 Added "associated" for clarification.
3 Sections 3.1.1.1.1.(c), Deleted "PPS processing instrumentation shall be located in racks 3.1.1.1.2(c), not occupied by the HSI equipment,"
3.1.1.1.3(c), and 3.1.1.1.4(c)
Section 3.1.1.6.1 Corrected typo.
Section 3.1.4.1 Revised EQ requirements for temperature and relative humidity.
Section 3.2.1.3.2 Revised requirement by adding "for energize to trip/actuate outputs."
Sections 3.2.1.3.4, Clarified requirements for Manual Trip Switches, Manual Bypass 3.2.1.3.5, 3.2.1.3.6, Switches, and Manual OOS Switches.
3.2.1.3.7 Section 3.2.1.5.3 Clarified requirements for Channel in Bypass alarm.
Section 3.2.1.5.4 Added "DTTA" for clarification.
Section 3.2.1.8.1 Revised tolerances for RCA, RTE, and RD.
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 3 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 4 of 80 Section 3.2.1.8.2 Revised accuracy requirements for time base.
Section 3.2.1.9.1 Revised for clarification.
3 (cont.) Section 3.2.1.13.2 Revised for clarification.
Section 3.2.1.14.3 Revised for clarification.
Section 3.2.1.15.5 Revised for clarification.
Section 3.2.1.16.5 Revised requirement for Containment Spray to fail "AS-IS" on detection of fatal diagnostic.
Section 3.2.3.7.1, Deleted associated Note; "The requirements of Section 3.2.1.3.2 3.2.3.7.2 do not apply."
Sections 3.2.4.5.1, Revised Section reference.
3.2.4.5.2 Sections 3.2.4.6.1, Revised to correct Protection Set associated with interlock 3.2.4.6.2 requirement.
Section 3.2.5.4.2(d) Revised for clarification.
Section 3.2.5.14.7 Added items gg) and hh).
Section 3.2 .8.4.1 Revised for clarification.
Section 3.2.8.6.1 Revised for clarification.
Section 3.2.11.14.3 Revised items b and d to show them as negative values.
Section 3.2.13.7.2 Revised to show exemption from Section 3.2.1.3.4 requirement.
Section 3.5.2.4 Added new requirement.
Section 3.7.1 Revised for clarification.
Section 4.1.3 Revised for clarification.
Section 4.1.5 Revised to correct reference.
Section 1.4.1.1.12 Replaces Section 1.4.1.2.3 Reference.
Section 1.4.1.2.3 Reference replaced by Section 1.4.1.1.12 Reference.
4 Section 1.5 Feedflow deleted from Parameter Listing.
Section 2.2.2.1 Added Section reference for clarification of requirement.
Section 3.2 Second paragraph: changed "Rod Control" to "Rod Speed and Direction".
Section 3.2.1.8.1 Revised accuracy requirement for subsection c),2),i.
Section 3.2.1.12.2 Revised input filter requirement.
Section 3.2.1.14.1 Revised wording.
Section 3.2.1.16.5 Revised requirement to include PZR Pressure High (PORV).
Section 3.2.2.9.3 Subsection a): Changed to reflect actual output scaling.
Section 3.2.3.6 Added explanation paraqraph.
aLTRan UNIT 1 & 2 DC 663195-44-6 PAGE 4 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 5 of 80 Section 3.2.5.13.1 Added Thot streaming factor calculated output Lag units.
Section 3.2.5.13.8 Revised section title to show "Algorithm" instead of "Assurance".
4 (cont.) Section 3.2.5.13.9 Revised section title to show "Algorithms" instead of "Assurance".
Section 3.2.5.14.7 Revised descriptions for tuning constants y, z, aa. bb, cc, dd, ee, ff.
Section 3.2.5.15.3 Added subsection I) to include Filtered Thot streaming factors Section 3.2.9.4.1 Added subsection d) to include PPC interface.
Section 3.2.9.4.2 Added subsection d) to include PPC interface.
Section 3.2.10.4.3 Added subsection c) to include PPC interface.
Section 3.2.10.4.4 Added subsection c) to include PPC interface.
Section 3.2.11.6.1 Changed "TS" to "TD" in subsections d, f, g, h, I so that description matches Transfer Function Srecification.
Section 1.5 Parameter Table: added Loop 4 to Wide Range Pressure for Protection Set IV; deleted extra comma from Steamflow, 5 Steamline Pressure for Protection Sets 1,11.
Section 3.1.6.2 Corrected typo: Regulatory Guide "1.1.80" to "1.180".
Section 3.2.1.5.3 Item b), 2): added "per part a)" to Section reference.
Item c), 2): clarified requirement.
Section 3.2.1.15.5 Corrected typo (extra comma).
Section 3.2.4.1.2 Added WR Pressure Loop 4 to text.
Section 3.2.4.6.2 Deleted "(see Section 3.2.4.6.1)".
Section 3.2.11.1.7 Deleted "PPS-RTS" from a), b), c), and d).
Section 4.1.13.2 Deleted "(reactor coolant loops 3 and 4)" from text.
Section 2.3.1.1 Revised to clarify "signal validation."
Section 3.2.1.5.2 Added subsection f).
Section 3.2.2.14.1 Changed "full flow" to "rated flow."
Section 3.2.5.5 Deleted Note.
Sections 3.2.5.5.1 and Changed wording to resolve discrepancy with other documents.
3.2.5.5.2 Section 3.2.5.5.3 Deleted to resolve discrepancy with other documents.
Section 3.2.5.14.7 Revised tuning constant names a) thru I) to agree with PLS; added tuning constant: ii) SCAL FLUX CALIB.
Section 3.2.9.14.1 Deleted items a) and b) - not tuning constants.
6 Section 3.1.1.6 Changed "shall be provided" to "will be provided" and deleted requirement 3.1.1.6.1.
aLTRan UNIT1 &2 DC 663195-44-6 PAGE 5 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 6 of 80 Section 3.1.7 Added new requirement for Time Synchronization.
6 (cont.) Section 3.2.1.3.7 Revised Section reference for OOS.
Section 3.2.1.5.2 Item f) revised to include OOR low alarm suppression
_requirements.
Section 3.2.1.5.3 Items a), c) revised to separate OOS requirements from Bypass requirements.
Section 3.2.1.5.4 Deleted "DTTA" from alarm title.
Section 3.2.1.5.5 Added new Section to address OOS Switch requirements.
Section 3.2.1.14.3 Revised a) and b) to provide range requirements.
Section 3.2.1.16.5 Revised requirement to provide clarification.
Section 3.2.1.16.6 Added new requirement for Energize to Trip comparators.
Sections 3.2.1.16.7 and Added new requirements to support Technical Specification 3.2.1.16.8 requirements.
Section 3.2.2.13.1 Revised Section reference to tuning constant ranges.
Section 3.2.2.14.2 Added Section to identify tuning constants and range requirements with specific requirements for Reactor Coolant Flow.
Section 3.2.3.16 Added new requirement 3.2.3.16.2 which required numbering the requirement for RTD failures (3.2.3.16.1).
Section 3.2.4.16.1 Added new requirement.
Section 3.2.7.16.1 Added new requirement.
Section 3.2.8.4.1 Revised c) to reflect that the PZR High Temp Alarm output will be provided from the PPS and not the PCS.
Section 3.2.8.5 Added requirement 3.2.8.5.1 which also required a revision to 3.2.8.5 descriptive information.
Section 3.2.8.7.1 Revised requirement to reflect that the PZR Temp High Alarm will be provided from the PPS and not the PCS.
Section 3.2.8.14.2 Added to provide range for PZR Temp High Alarm.
Section 3.2.11.9.2.b) Corrected typo Section 3.2.13.16.1 Added new requirement.
Section 3.2.1.15.1 Revised requirement to address test-in-trip and test-in-bypass.
7 Section 3.2.1.15.8 Added new requirement.
Section 3.2.5.13.10 Revised to include capability for manual setting of streaming factors to zero.
Section 3.2.11.15.2 Added new requirement.
aLTRan UNIT 1 & 2 DC 663195-44-6 PAGE 6 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 7 of 80 CONTENTS INTRO DUCTIO N ................................................................................................................................. 10 1.1 SYSTEM PURPOSE ..... *................................................................................................................... 10 1.2 SYSTEM SCOPE ............................................................................................................................ 10 1.3 DEFINITIONS, ABBREVIATIONS AND ACRONYMS ................................................................................ 11 1.3.1 Defin itio ns ........................................................................................................................................... 11 1 .3 .2 A c rony m s ........................................................................................................................................... 13 1.3 .3 A b bre viations ...................................................................................................................................... 14 1 .4 R E FE RE NC ES .................................................................................................................................. 14 1.4. 1 General References and Standards.......................................................................................... 14 1.4.2 Docum ents Provided by Others ................................................................................................. 16 1.4.3 Implem enting Documents (Use Latest Revision) .................................................................. 19 1.5 SYSTEM OVERVIEW ......................................................................................... ............................. 20 2 G ENERA L SYSTEM DESCRIPTION .............................................................................................. 22 2.1 SYSTEM CONTEXT .......................................................................................................................... 22 2.1.1 Reactor Coolant Flow Channels............................................................................................... 22 2.1.2 Wide Range Reactor Coolant Temperature Channels........................................................... 22 2.1.3 Wide Range Reactor CoolantPressure Channels................................................................ 22 2.1.4 Delta-TI Tavg (D TTA) Channels............................................................................................... 22 2.1.5 PressurizerLevel Channels....................................................................................................... 22 2.1.6 PressurizerPressure Channels................................................................................................. 23 2.1.7 PressurizerVapor Temperature Channel............................................................................... 23 2.1.8 Steamline Break Protection Channels.................................................................................... 23 2.1.9 Steam GeneratorNarrow Range Level Channels............................ 23 2.1.10 Turbine Impulse Chamber PressureChannels..................................................................... 24 2.1.11 Containment Pressure Channels............................................................................................... 24 2.2 SYSTEM MODES AND STATES .................................................................................................... 124 2.2. 1 OperatingModes.................................. ............................................................................................ 24 2.2.2 Manual Trip Switches ....................................................................................................................... 24 2.2.3 Manual Bypass Switches ........................................................................................................... 25 2.3 MAJOR SYSTEM CAPABILITIES ...................................................................................................... 25 2.3.1 Signal Validation................................................................................................................................ 25 2.3.2 System Level Diagnostics......................................................................................................... 25 aLTRan DC 663195-44-6 UNIT 1& 2 PAGE 7 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 8 of 80 2.3.3 Testabilityat Power.......................................................................................................................... 25 2.4 MAJOR SYSTEM CONDITIONS ............................................................... 25 2.5 MAJOR SYSTEM CONSTRAINTS ........................................................................................................ 26 2.6 USER CHARACTERISTICS ............................................................................................................. 26 2 .6 .1 Op erations .......................................................................................................................................... 26 2 .6 .2 I&C M ain ten ance ............................................................................................................................... 26 2.6.3 Engineering.................................................................................................................................... ..26 2.7 ASSUMPTIONS AND DEPENDENCIES ............................................................................................. 26 2.8 OPERATIONAL SCENARIOS ........................................................................................................... 26 3 SYSTEM CAPABILITIES, CONDITIONS, CONSTRAINTS ........................................................... 27 3 .1 P HYS ICAL ....................................................................................................................................... 27 3.1.1 Co ns truc tion ....................................................................................................................................... 27 3.1.2 Durability. ........................................................................................................................................... 28 3.1.3 A dap tability. ....................................................................................................................................... 28 3.1.4 Environmental Conditions......................................................................................................... 28 3.1.5 Seismic Requirements..................................................................................................................... 28 3.1.6 Electromagnetic Compatibility.................................................................................................... 29 3.1.7 Time Synchronization....................................................................................................................... 29 3.2 SYSTEM PERFORMANCE CHARACTERISTICS ..................................................................................... 29 3.2.1 RequirementsApplicable to All PPS Channels..................................................................... 30 3.2.2 Specific Requirements for Reactor Coolant Flow .................................................................. 36 3.2.3 Specific Requirements for Wide Range ReactorCoolant Temperature.............................. 38 3.2.4 Specific Requirements for Wide Range ReactorCoolant Pressure................................... 41 3.2.5 Specific Requirements for D TTA ............................................................................................... 44 3.2.6 Specific Requirements for PressurizerLevel .......................................................................... 52 3.2.7 Specific Requirements for PressurizerPressure................................................................... 54 3.2.8 Specific Requirements for PressurizerVapor Temperature................................................ 57 3.2.9 Specific Requirements for Steamflow ....................................................................................... 59 3.2.10 Specific Requirements for Steamline Break Protection....................................................... 61 3.2. 11 Specific Requirements for Steam GeneratorNarrow Range Level ..................................... 65 3.2.12 Specific Requirements for Turbine Impulse Chamber Pressure........................................... 71 3.2.13 Specific Requirements for ContainmentPressure.................................................................. 74 3.3 SYSTEM SECURITY .......................................................................................................................... 76 3 .3 .1 Phys ical S e c urity............................................................................................................................... 76 3.3.2 System Logon Protection............................................................................................................ 76 aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 8 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 9 of 80 3.3.3 Com m unications With External (Non-PPS)Systems ............................................................. 76 3.4 INFORMATION MANAGEMENT ............................................................... 76
- 3.5 SYSTEM OPERATIONS ................................................................................................................... 76 3.5.1 System Hum an Factors..................................................... ............................................................... 76 3.5.2 System Maintainability..................................................................................................................... 77 3.5.3 System Reliability.............................................................................................................................. 77 3.6 POLICY AND REGULATION ............................................................................................................. 77 3.7 SYSTEM LIFE CYCLE SUSTAINMENT ............................................................................................. 77 3.7. 1 PPS Software .................................................................................................................................. 77 4 SYSTEM INTERFACES ...................................................................................................................... 78 4.1 EXTERNAL INTERFACES ............................................................................................................... 78 4.1.1 Plant ProcessComputer (PPC)................................................................................................. 78 4.1.2 M ain Annunciator System (MAS) ............................................................................................... 78 4.1.3 Main Control Panels .......................................................................................................................... 78 4.1.4 Hot Shutdown Panel......................................................................................................................... 78 4.1.5 Solid State Protection System (SSPS) .................................................................................... 78 4.1.6 A MS A C ............................................................................................................................................... 78 4.1.7 Digital FeedwaterControl System (DFWCS).......................................................................... 79 4.1.8 Rod Speed and Direction............................................................................................................ 79 4.1.9 PressurizerPressureControl......................................... 79 4.1.10 PressurizerLevel Control .................................... *........................................................................... 79 4.1.11 Auxiliary Feedwater(AFW ) Control.......................................................................................... 79 4.1.12 Reactor Vessel Level IndicatingSystem (RVLIS) ......................................................................... 80 4.1.13 Low Temperature Overpressure Protection System (LTOPS) ............................................. 80 4.1.14 PressurizerPower Operated Relief Valve (PORV) ControI System .................................... 80 4.1.15 Residual Heat Rem oval (RHR) Interlocks ............................................................................... 80 4.2 HUMAN SYSTEM INTERFACE ......................................................................................................... 80 aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 9 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 10 of 80 1 Introduction 1.1 System Purpose The Process Protection System PPS is comprised of four separate protection sets which provide trip and actuation signals to the Solid State Protection System (SSPS) for use by the Reactor Trip System (RTS),
and Engineered Safety Features Actuation System (ESFAS). Output signals of PPS parameters are provided to the Main Control Room (MCR) for indication and recording, to the Plant Process Computer (PPC) for monitoring, and to the Main Annunciator System (MAS) for alarming.
The PPS also provides input sensor signals for use by various plant control systems. These signals are isolated from the PPS and are not processed by the PPS instrumentation (with the exception of Delta-T and Tavg (DTTA) channels).
1.2 System Scope The PPS processes physical plant parameters such as temperature, pressure, level, and flow into electrical signals for use by plant control and protection systems.
The PPS consists of sixteen (16) racks (per DCPP Unit) of instrumentation located in the Cable Spreading Rooms (Auxiliary Building, elevation 128). The sixteen racks are divided into four Protection Sets; five racks each for Protection Sets I and II, three racks each for Protection Sets III and IV. Each Protection Set must be physically separated and electrically isolated from the other sets.
Protection Set I is comprised of Racks 1 thru 5 (RNP1A, RNP1B, RNP1C, RNP1D, and RNP1E).
Protection Set II is comprised of Racks 6 thru 10 (RNP2A, RNP2B, RNP2C, RNP2D, and RNP2E).
Protection Set III is comprised of Racks 11 thru 13 (RNP3A, RNP3B, and RNP3C). Protection Set IV is comprised of Racks 14 thru 16 (RNP4A, RNP4B, and RNP4C).
PPS protection outputs provide ON/OFF (partial trip) signals to the two trains of the SSPS whenever measured parameters indicate that safety limits are being approached (a pre-established setpoint is exceeded). The SSPS will initiate a reactor trip or actuate engineered safety features systems when the requisite number of PPS channels have tripped (designed coincidence logic is satisfied). The various reactor trips and ESFAS actuations are shown on the DCPP Functional Logic Diagrams (FLDs)
[Reference 1.4.3.5] included in the DCPP Final Safety Analysis Report Update (FSARU) document
[Reference 1.4.3.2].
PPS output signals (isolated as required) are provided to the MCR, PPC, and the MAS for indication, recording, monitoring, and alarming purposes.
PPS input signals are isolated and provided for Use by various plant control systems and the Anticipated Transient Without Scram (ATWS) Mitigation System Actuation Circuitry (AMSAC) where required. With the exception of Delta-T and Tavg from the DTTA channels, these are raw signals that are not processed by the PPS to prevent interaction between control and protection systems as required by IEEE 279-1971
[Reference 1.4.1.1.2].
Inputs to the PPS consist of signals from the following sensor types:
o 4-20 mA pressure transmitters o 4-20 mA differential pressure transmitters o 200 ohm platinum 3-wire Resistance Temperature Detectors o 200 ohm platinum 4-wire Resistance Temperature Detectors o 0-10 VDC signals from the (power range)Nuclear Instrument System (NIS)
With the exception of the NIS inputs, all sensors are powered from the PPS.
aLTRan UNIT 1 & 2 DC 663195-44-6 PAGE 10 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 11 of 80 Outputs from the PPS for indication, recording, or external system monitoring are 4-20 mA. '
The PPS Functional Block Diagrams [Reference 1.4.2.2] provide a graphical depiction of all PPS channels showing inputs, outputs, external interfaces, instrumentation class, isolation requirements, and a simplified diagram of the processing logic requirements.
1.3 Definitions, Abbreviations and Acronyms 1.3.1 Definitions The following definitions apply for this document:
TERM DEFINITION.
Channel An arrangement of components, modules, and software as required to generate a single protective action signal when required by a generating station condition. A channel loses its identity where single action signals are combined.
Module Any assembly of interconnected components that constitutes an identifiable device; instrument, or piece of equipment. A module can be disconnected, removed as a unit, and replaced with a spare. It has definable performance characteristics that permit it to be tested as a unit. A module can be a card or other subassembly of a larger device, provided it meets the requirements of this definition.
Components Items from which the system is assembled (such as resistors, capacitors, wires, connectors, transistors, tubes, switches, and springs).
Fatal Diagnostic A detected inability of a protection set to perform its intended safety function.
Single Failure Any single event that results in a loss of function of a component or components of a system. Multiple failures resulting from a single event shall be treated as a single failure.
Protective Action A protective action can be at the channel or the system level. A protective action at the channel level is the initiation of a signal by a single channel when the variable sensed exceeds a limit. A protective action at the system level is the initiation of the operation of a sufficient number of actuators to effect a protective function.
Protection Set A protection set is a physical grouping of process channels with the same Class-iE electrical channel designation (I, II, III, or IV). Each of the four redundant protection sets is provided with separate and independent power feeds and process instrumentation transmitters.
Thus, each of the four redundant protection sets is physically and electrically independent of the other sets.
Protective Function A protective function is the sensing of one or more variables associated with a particular generating station condition, signal processing, and the initiation and completion of the protective action at values established in aLTRan UNIT 1 & 2 DC 663195-44-6 PAGE 11 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 12 of 80 TERM DEFINITION the design bases.
Type Tests Tests made on one or more units to verify adequacy of design of that type of unit.
Degree of Redundancy The difference between the number of channels monitoring a variable and the number of channels that, when tripped, will cause an automatic system trip.
Minimum Degree of Redundancy The degree of redundancy below which operation is prohibited or otherwise restricted by the Technical Specifications [Reference 1.4.3.1].
Diversity and Defense-In-Depth Requirement imposed on the Protection System design to (D&D-in-D or D3) ensure that required protective actions will occur to protect against Anticipated Operational Occurrences and Design Basis Accidents (as described in the FSARU) concurrent with a common cause failure (usually assumed to be software) that disables one or more echelons of defense.
Phase A Containment Isolation Closure of all nonessential process lines that penetrate containment. Initiated by high containment pressure, pressurizer low pressure, low steamline pressure, or manual actuation.
Phase B Containment Isolation Closure of remaining process lines. Initiated by containment high-high pressure signal (process lines do not include engineered safety features lines) or manual actuation.
Trip Accuracy The tolerance band containing the highest expected value of the difference between (a) the desired trip point value of a process variable, and (b) the actual value at which a comparator trips (and thus actuates some desired result).
This is the tolerance band within which a comparator must trip. It includes comparator accuracy, channel accuracy for each input, and environmental effects on the rack-mounted electronics. It comprises all instrumentation errors; however, it does not include any process effects such as fluid stratification.
Channel Accuracy (An element of trip accuracy). Includes accuracy of the primary element, transmitter, and rack-mounted electronics, but does not include indication accuracy.
Actuation Accuracy Synonymous with trip accuracy, but used where the word "trip" may cause ambiguity.
Indication Accuracy The tolerance band containing the highest expected value of the difference between: (a) the value of a process variable read on an indicator or recorder, and (b) the actual value of that process variable. An indication must fall within this tolerance band. It includes channel accuracy, accuracy of readout devices, and rack environmental effects but not'process effects such as fluid stratification.
Reproducibility This term may be substituted for "accuracy" in the above definitions for those cases where a trip value or indicated value need not be referenced to an actual process aLTRan UNIT 1 & 2 DC 663195-44-6 PAGE 12 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 13 of 80 TERM DEFINITION.!
variable value, but rather to a previously established trip or indication value; this value is determined by test.
Instrument Class IA Class IA instruments and controls are those that initiate and maintain safe shutdown of the reactor, mitigate the consequences of an accident, or prevent exceeding 10 CFR 100 [Reference 1.4.1.3.4] off-site dose limits.
Instrument Class IB Class IB instruments and controls are those that are required for post-accident monitoring of Category 1 and 2 variables in accordance with Regulatory Guide 1.97, Revision 3 [Reference 1.4.1.5.5].
Instrument Class II Class II instruments and controls have nonsafety-related functions. However, certain Class II components are subjected to some graded quality assurance requirements.
1.3.2 Acronyms
'ACRONYM DEFINITION A/D Analog to Digital AFW Auxiliary Feedwater (Control System)
AMSAC ATWS Mitigation System Actuation Circuitry ANS American Nuclear Society ANSI American National Standards Institute ATWS Anticipated Transient Without Scram CFR Code of Federal Regulations D/A Digital to Analog DCM Design Criteria Memorandum DCPP Diablo Canyon Power Plant DFWCS Digital Feedwater Control System DNB Departure from Nucleate Boiling DTTA Delta-T / Tavg ERFDS Emergency Response Facility Data System ESFAS Engineered Safety Features Actuation System FLD Functional Logic Diagram FRS Functional Requirements Specification FSARU Final Safety Analysis Report Update GDC General Design Criteria HSI Human System Interface I&C Instrumentation and Controls IEC International Electro-Technical Commission IEEE Institute of Electrical and Electronic Engineers LTOPS Low Temperature Overpressure Protection System MAS Main Annunciator System MCR Main Control Room NIS Nuclear Instrument System NRC (USNRC) (United States) Nuclear Regulatory Commission aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 13 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 14 of 80 ACRONYM DEFINITION OOS Out-of-Service OPDT Overpower Delta-T OPTR Overpower Turbine Runback OTDT Overtemperature Delta-T OTTR Overtemperature Turbine Runback PG&E (PGE) Pacific Gas & Electric Company PORV Power Operated Relief Valve PLS Precautions, Limitations, and Setpoints (document)
PPC Plant Process Computer PPS Process Protection System PZR Pressurizer RCS Reactor Coolant System RHR Residual Heat Removal RNARA Rack Nuclear Auxiliary Relay A RNASA Rack Nuclear Auxiliary Safeguards A RNASB Rack Nuclear Auxiliary Safeguards B RNP Rack Nuclear Protection (pPS Racks)
RTD Resistance Temperature Detector RTS Reactor Trip System RVLIS Reactor Vessel Level Indication System RX Reactor S/G Steam Generator SI Safety Injection SQA2 Sensor Quality Algorithm 2-Input SQA3 Sensor Quality Algorithm 3-Input SSPS Solid State Protection System STP Surveillance Test Procedure TTD Trip Time Delay 1.3.3 Abbreviations ABBREVIATION,, DEFINITION Delta-T or AT Differential (Reactor) Coolant Temperature Reg Guide (RG) Regulatory Guide Tavg Average (Reactor) Coolant Temperature 1.4 References 1.4.1 General References and Standards The following codes, standards, and regulations referenced in this Section are totally or partially applicable to the activities covered by this Specification:
1.4.1.1 Institute of Electrical and Electronics Engineers (IEEE):
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 14 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 15 of 80 1.4.1.1.1 IEEE Standard 1233-1998, "Developing System Requirements Specifications" 1.4.1.1.2 IEEE Standard 279-1971, "Criteria for Protection Systems for Nuclear Power Generating Stations" 1.4.1.1.3 IEEE Standard 308-1971, "Criteria for Class 1E Electric Systems for Nuclear Power Generating Stations" 1.4.1.1.4 IEEE Standard 323-1974, "IEEE Standard for Qualifying Class 1E Equipment for Nuclear Power Generating Stations" 1.4.1.1.5 IEEE Standard 338-1977, "IEEE Standard Criteria for the Periodic Testing of Nuclear Power Generating Station Protection Systems" 1.4.1.1.6 IEEE Standard 344-1987, "Recommended Practices for Seismic Qualification of Class 1E Equipment for Nuclear Power Generating Stations" 1.4.1.1.7 IEEE Standard 379-1977, "IEEE Application of Single Failure Criterion to Nuclear Power Generating Station Class 1E Systems" 1.4.1.1.8 IEEE Standard 384-1981, "IEEE Trial-Use Standard Criteria for Separation of Class 1E Equipment and Circuits" 1.4.1.1.9 IEEE Standard 472-1974, "IEEE Guide for Surge Withstand Capability Tests" 1.4.1.1.10 IEEE Standard 603-1991, "IEEE Standard Criteria for Safety Systems for Nuclear Power Generating Stations" 1.4.1.1.11 IEEE Standard 1050-1996, "Guide for Instrumentation and Control Equipment Grounding in Generating Stations" 1.4.1.1.12 IEEE Standard 7-4.3.2 -2003, "Criteria for Digital Computers in Safety Systems of Nuclear Power Generating Stations" 1.4.1.2 American National Standards Institute (ANSI) 1.4.1.2.1 ANSI Standard N18.2-1973 and N18.2a-1975, "Nuclear Safety Criteria for the Design of Pressurized Water Reactors" 1.4.1.2.2 ANSI Standard N18.8-1973, "Criteria for Preparation of Design Bases for Systems that Perform Protective Functions in Nuclear Power Generating Stations" 1.4.1.3 DeletedCode of Federal Regulations (CFR) 1.4.1.3.1 Code of Federal Regulations (CFR), I OCFR50, Appendix A, General Design Criteria (GDC) 1.4.1.3.1.1 GDC 1, "Quality Standards and Records" 1.4.1.3.1.2 GDC 2, "Design Bases for Protection Against Natural Phenomena" 1.4.1.3.1.3 GDC 3, "Fire Protection" 1.4.1.3.1.4 GDC 4, "Environmental and Missile Design Bases" 1.4.1.3.1.5 GDC 10, "Reactor Design" 1.4.1.3.1.6 GDC 12, "Suppression of Reactor Power Oscillations" 1.4.1.3.1.7 GDC 13, "Instrumentation and Control" 1.4.1.3.1.8 GDC 15, "Reactor Coolant System Design" 1.4.1.3.1.9 GDC 17, "Electric Power Systems" 1.4.1.3.1.10 GDC 18, "Inspection and Testing of Electric Power Systems" aLTR fan UNIT l& 2 DC 663195-44-6 PAGE 15 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 16 of 80 1.4.1.3.1.11 GDC 19, "Control Room" 1.4.1.3.1.12 GDC 20, "Protection System Functions" 1.4.1.3.1.13 GDC 21, "Protection System Reliability and Testability" 1.4.1.3.1.14 GDC 22, "Protection System Independence" 1.4.1.3.1.15 GDC 23, "Protection System Failure Modes" 1.4.1.3.1.16 GDC 24, "Separation of Protection and Control Systems" 1.4.1.3.1.17 GDC 25, "Protection System Requirements for Reactivity Control Malfunctions" 1.4.1.3.1.18 GDC 27, "Combined Reactivity Control Systems Capability" 1.4.1.3.1.19 GDC 28, "Reactivity Limits" 1.4.1.3.1.20 GDC 29, "Protection Against Anticipated Operational Occurrences" 1.4.1.3.2 10CFR50, Appendix B, Quality Assurance Criteria for Nuclear Power Plants 1.4.1.3.3 10CFR50, Appendix R, Fire Protection Program for Nuclear Power Plants 1.4.1.3.4 10CFR100, Reactor Site Criteria 1.4.1.4 International Electro-Technical Commission (IEC):
1.4.1.4.1 61131-3, Programmable Controllers - Part 3: Programming Languages, Ed. 2.0, 21 Jan 2003 (as applicable) 1.4.1.5 United States Nuclear Regulatory Commission (USNRC) Regulatory Guides 1.4.1.5.1 Regulatory Guide 1.22 (Safety Guide 22), "Periodic Testing of Protection System Actuation Functions" 1.4.1.5.2 Regulatory Guide 1.47, "Bypassed and Inoperable Status Indication for Nuclear Power Plant Safety Systems" 1.4.1.5.3 Regulatory Guide 1.75, Rev. 2, "Physical Independence of Electric Systems" 1.4.1.5.4 Regulatory Guide 1.89, "Qualification of Class 1E equipment for Nuclear Power Plants" 1.4.1.5.5 Regulatory Guide 1.97, Rev. 3, "Instrumentation for Light-Water-Cooled Nuclear Power Plants to Assess Plant and Environs Conditions During and Following an Accident" 1.4.1.5.6 Regulatory Guide 1.100, Rev. 2 "Seismic Qualification of Electrical Equipment for Nuclear Power Plants" 1.4.1.5.7 Regulatory Guide 1.118, Rev. 2, "Periodic Testing of Electric Power and Protection Systems" 1.4.1.5.8 Regulatory Guide 1.152, "Criteria for Programmable Digital Computer System Software in Safety Related Systems in Nuclear Power Plants" (as applicable) 1.4.1.5.9 Regulatory Guide 1.153, "Criteria for Power, Instrumentation and Control Portions of Safety Systems" 1.4.1.5.10 Regulatory Guide 1.180, Rev. 1, "Guidelines for Evaluating Electromagnetic and Radio-Frequency Interference in Safety Related Instrumentation and Control Systems" 1.4.2 Documents Provided by Others 1.4.2.1 Deleted aLTRan UNIT 1&2 DC 663195-44-6 PAGE 16 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 17 of 80 1.4.2.2 PPS Functional Block Diagrams (Altran Solutions Documents) 1.4.2.2.1 08-0015-D-I-1, Protection Set I, Reactor Coolant Flow 1.4.2.2.2 08-0015-D-I-1A, Protection Set I, Reactor Coolant Flow 1.4.2.2.3 08-0015-D-1-2, Protection Set I, Wide Range Temperature 1.4.2.2.4 08-0015-D-I-3, Protection Set I, Delta-TiTavg 1.4.2.2.5 08-0015-D-I-3A, Protection Set I, Delta-T/Tavg 1.4.2.2.6 08-0015-D-1-4, Protection Set I, Pressurizer Level 1.4.2.2.7 08-0015-D-1-5, Protection Set I, Pressurizer Pressure 1.4.2.2.8 08-0015-D-I-5A, Protection Set I, Pressurizer Pressure 1.4.2.2.9 08-0015-D-I-6, Protection Set I, Steamflow (S/G 1) 1.4.2.2.10 08-0015-D-1-7, Protection Set I, Steamflow (S/G 2) 1.4.2.2.11 08-0015-D-1-8, Protection Set I, Steamflow (S/G 3) 1.4.2.2.12 08-0015-D-1-9, Protection Set 1, Steamflow (S/G 4) 1.4.2.2.13 08-0015-D-I-10, Protection Set I, Steamline Break Protection (S/G 1) 1.4.2.2.14 08-0015-D-1-11, Protection Set I, Steamline Break Protection (S/G 2) 1.4.2.2.15 08-001 5-D-1-1 2, Protection Set I, Steamline Break Protection (S/G 3) 1.4.2.2.16 08-0015-D-1-1 3, Protection Set I, Steamline Break Protection (S/G 4) 1.4.2.2.17 08-0015-D-1-14, Protection Set I, Steam Generator Level (S/Gs 2 & 3) 1.4.2.2.18 08-0015-D-1-1 5, Protection Set I, Turbine Impulse Chamber Pressure 1.4.2.2.19 08-0015-D-1-16, Protection Set I, Containment Pressure 1.4.2.2.20 08-0015-D-1-16A, Protection Set I, Containment Pressure 1.4.2.2.21 08-001 5-D-1-1 7, Protection Set I, System Alarms 1.4.2.2.22 08-0015-D-1-17A, Protection Set I, System Alarms 1.4.2.2.23 08-0015-D-I1-1, Protection Set II, Reactor Coolant Flow 1.4.2.2.24 08-0015-D-II-1A, Protection Set II, Reactor Coolant Flow 1.4.2.2.25 08-0015-D-II-2, Protection Set II, Wide Range Temperature 1.4.2.2.26 08-0015-D-I1-3, Protection Set II, Delta-T/Tavg 1.4.2.2.27 08-0015-D-II-3A, Protection Set II, Delta-TITavg 1.4.2.2.28 08-0015-D-II-4, Protection Set II, Pressurizer Level 1.4.2.2.29 08-0015-D-I1-5, Protection Set II, Pressurizer Pressure 1.4.2.2.30 08-0015-D-II-5A, Protection Set II, Pressurizer Pressure 1.4.2.2.31 08-0015-D-11-6, Protection Set II, Steamflow (S/G 1) 1.4.2.2.32 08-0015-D-11-7, Protection Set II, Steamflow (S/G 2) 1.4.2.2.33 08-0015-D-II-8, Protection Set II, Steamflow (S/G 3) 1.4.2.2.34 08-0015-D-11-9, Protection Set II, Steamflow (S/G 4) 1.4.2.2.35 08-0015-D-11-10, Protection Set II, Steamline Break Protection (S/G 1) aLTR 66 5UNIT & 2 DC 663195-44-6 PAGE 17 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 18 of 80 1.4.2.2.36 08-0015-D-I1-11, Protection Set II, Steamline Break Protection (S/G 2) 1.4.2.2.37 08-0015-D-I1-12, Protection Set II, Steamline Break Protection (S/G 3) 1.4.2.2.38 08-0015-D-I1-13, Protection Set II, Steamline Break Protection (S/G 4) 1.4.2.2.39 08-0015-D-11-14, Protection Set II, Steam Generator Level (S/Gs 1 & 4) 1.4.2.2.40 08-0015-D-I1-15, Protection Set II, Turbine Impulse Chamber Pressure 1.4.2.2.41 08-0015-D-11-16, Protection Set II, Containment Pressure 1.4.2.2.42 08-0015-D-lI-16A, Protection Set II, Containment Pressure 1.4.2.2.43 08-0015-D-I1-17, Protection Set II, System Alarms 1.4.2.2.44 08-0015-D-I I-1 7A, Protection Set II, System Alarms 1.4.2.2.45 08-0015-D-II1-1, Protection Set III, Reactor Coolant Flow 1.4.2.2.46 08-0015-D-III-1A, Protection Set Ill, Reactor Coolant Flow 1.4.2.2.47 08-0015-D-111-2, Protection Set Ill, Wide Range Pressure 1.4.2.2.48 08-0015-D-III-3, Protection Set Il1,Delta-T/Tavg 1.4.2.2.49 08-0015-D-III-3A, Protection Set III, Delta-T/Tavg 1.4.2.2.50 08-0015-D-111-4, Protection Set III, Pressurizer Level 1.4.2.2.51 08-0015-D-II1-5, Protection Set Ill, Pressurizer Pressure 1.4.2.2.52 08-0015-D-I1I-5,A, Protection Set III, Pressurizer Pressure 1.4.2.2.53 08-0015-D-I1I-6, Protection Set Ill, Steamline Break Protection (S/G 2) 1.4.2.2.54 08-0015-D-111-7, Protection Set III, Steamline Break Protection (S/G 3) 1.4.2.2.55 08-0015-D-III-8, Protection Set Ill, Steam Generator Level (S/Gs 1 thru 4) 1.4.2.2.56 08-0015-D-III-9, Protection Set III, Containment Pressure 1.4.2.2.57 08-0015-D-lII-9A, Protection Set III, Containment Pressure 1.4.2.2.58 08-0015-D-I11-10, Protection Set Ill, System Alarms 1.4.2.2.59 08-0015-D-III-10A, Protection Set Ill, System Alarms 1.4.2.2.60 08-0015-D- IV-i, Protection Set IV, Wide Range Pressure 1.4.2.2.61 08-0015-D- IV-2, Protection Set IV, Delta-T/Tavg 1.4.2.2.62 08-0015-D- IV-2A, Protection Set IV, Delta-T/Tavg 1.4.2.2.63 08-0015-D- IV-3, Protection Set IV, Pressurizer Pressure 1.4.2.2.64 08-0015-D- IV-3A, Protection Set IV, Pressurizer Pressure 1.4.2.2.65 08-0015-D- IV-4, Protection Set IV, Pressurizer Vapor Temperature 1.4.2.2.66 08-0015-D- IV-5, Protection Set IV, Steamline Break Protection (S/G 1) 1.4.2.2.67 08-0015-D- IV-6, Protection Set IV, Steamline Break Protection (S/G 4) 1.4.2.2.68 08-0015-D- IV-7, Protection Set IV, Steam Generator Level (S/Gs 1 thru 4) 1.4.2.2.69 08-0015-D- IV-8, Protection Set IV, Containment Pressure 1.4.2.2.70 08-0015-D- IV-8A, Protection Set IV, Containment Pressure 1.4.2.2.71 08-0015-D-IV -9, Protection Set IV, System Alarms aLTRan UNIT l& 2 DC 663195-44-6 PAGE 18 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 19 of 80 1.4.2.2.72 08-0015-D- IV-9A, Protection Set IV, System Alarms 1.4.3 Implementing Documents (Use Latest Revision) 1.4.3.1 Technical Specifications, DCPP Units 1 and 2, Appendix A to License Nos. DPR-80 and DPR-82, as amended 1.4.3.2 DCPP Final Safety Analysis Report Update (FSARU), latest revision 1.4.3.3 DC 663229 - 47, Precautions Limits and Setpoints Document (PLS), latest revision 1.4.3.4 Reactor Control & Protection Functional Requirements DC 663195-17 1.4.3.4.1 PGE/PEG - 300/3, Thermal Overpower and Overtemperature Protection 1.4.3.4.2 PGE/PEG - 300/4, Reactor Coolant System Pressure and Level Protection System 1.4.3.4.3 PGE/PEG - 300/5, Reactor Coolant System Low Flow Protection 1.4.3.4.4 PGE/PEG - 300/6. Safety Injection System Actuation 1.4.3.4.5 PGE/PEG - 300/7, Steam Generator Protection System 1.4.3.4.6 PGE/PEG - 300/8, Steam Break Protection 1.4.3.4.7 PGE/PEG - 300/9, Miscellaneous Protection Systems 1.4.3.4.8 PGE/PEG - 300/17, Turbine Control System 1.4.3.5 Functional Logic Diagrams (FLD):
1.4.3.5.1 DC 495842, FLD - Reactor Trip Signals 1.4.3.5.2 DC 495845, FLD - Primary Coolant System Trip Signals 1.4.3.5.3 DC 495846, FLD - Pressurizer Trip Signals 1.4.3.5.4 DC 495847, FLD - Steam Generator Trip Signals 1.4.3.5.5 DC 495848, FLD - Safeguards Actuation Signals 1.4.3.5.6 DC 495849, FLD - Rod Controls and Rod Blocks 1.4.3.5.7 DC 495850, FLD - Steam Dump Control 1.4.3.5.8 DC 495853, FLD - Feedwater Control and Isolation 1.4.3.5.9 DC 495855, FLD - Auxiliary Feedwater Pumps Startup 1.4.3.5.10 DC 495856, FLD - Turbine Trips, Runbacks and Other Signals 1.4.3.5.11 DC 495857, FLD - AMSAC Signals 1.4.3.6 PG&E IDAP CF2.1D9, Software Quality Assurance Plan, Software Development (as applicable) 1.4.3.7 Design Criteria Memorandum (DCM) C-17, Hosgri Response Spectra 1.4.3.8 DCM C-25, Design Earthquake Response Spectra for Structures, Systems, and Components 1.4.3.9 DCM C-28, Maximum Building Displacements aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 19 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 20 of 80 1.4.3.10 DCM C-30, Double Design Earthquake Response Spectra 1.4.3.11 DCM S-65, 120 VAC System 1.4.3.12 DCM S-38A, Plant Protection System 1.4.3.13 DCM T-10, Seismic Qualification of Equipment 1.4.3.14 DCM T-19, Electrical Separation and Isolation 1.4.3.15 DCM T-24, Design Criteria for DCPP Instrumentation and Controls 1.4.3.16 DCPP HSI Development Guidelines Document 1.4.3.17 Surveillance Test Procedure STP 1-33, Reactor Trip and ESF Response Time Test Program 1.4.3.18 10115-J-NPG, Process Protection System Controller Transfer Functions Design Input Specification 1.5 System Overview The PPS consists of four separate and isolated protection sets with adequate instrumentation to monitor the following reactor plant parameters and provide signals to the Solid State Protection System (SSPS) for use in determining when required Reactor Trip System (RTS) or Engineered Safeguards Features Actuation System (ESFAS) protective actions are required.
The PPS provides signals (isolated where appropriate) to drive indicators and/or recorders in the MCR to provide operators with operating plant information and to satisfy the requirements of Regulatory Guide 1.97 [Reference 1.4.1.5.5] as described in Section 7.5 of the DCPP FSARU [Reference 1.4.3.2].
The PPS provides isolated signals to the PPC, the AMSAC system, and to various plant control systems such as the Digital Feedwater Control System (DFWCS) and the Rod Control System. With the exception of Delta-T and Tavg, these signals are derived from the PPS channel sensor input loops and are not processed by the PPS.
Refer to the PPS Functional Block Diagrams [Reference 1.4.2.2] for identification of PPS inputs and outputs.
The following table identifies the reactor plant parameters that are monitored by the PPS:
PARAMETER PROTECTION SET Rx Coolant Flow, Loops 1, 2, 3, 4 1,11,111 Wide Range Rx Coolant Temperature (hot and cold legs), Loops 1, 2 I Wide Range Rx Coolant Temperature (hot and cold legs), Loops 3, 4 II Wide Range Rx Coolant Pressure, Loops 3, 4 IV Wide Range Rx Coolant Pressure, Loop 4 III Narrow Range Rx Coolant Temperature (hot and cold legs), Loop 1 I Narrow Range Rx Coolant Temperature (hot and cold legs), Loop 2 II Narrow Range Rx Coolant Temperature (hot and cold legs), Loop 3 III Narrow Range Rx, Coolant Temperature (hot and cold legs), Loop 4 IV aLTRan UNIT 1 & 2 DC 663195-44-6 PAGE 20 OF 80
DCPP Units 1 & 2, Process Protection System 08--0015-SP-001, Revision: 7 Functional Requirements Specification Page 21 of 80 PARAMETER PROTECTION SET Neutron Flux (from Nuclear Instrument System) I,1I,1II, IV Pressurizer Level 1,11,111 Pressurizer Pressure 1,11,111, IV Pressurizer Vapor Temperature IV Steamflow, Steamline Pressure, S/Gs 1, 2, 3, 4 1,11 Steamline Pressure, S/Gs 2, 3 III Steamline Pressure, S/Gs 1, 4 IV S/G Narrow Range Level, S/Gs 1, 2, 3, 4 I11,IV S/G Narrow Range Level, S/Gs 2, 3 1 S/G Narrow Range Level, S/Gs 1, 4 11 Turbine Impulse Chamber Pressure I,'l Containment Pressure 1,11,111, IV aLTRan' UNIT 1& 2 DC 663195-44-6 PAGE 21 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 22 of 80 2 General System Description 2.1 System Context The PPS is designed to monitor plant parameters that are important to reactor safety during all plant conditions. The PPS provides partial trip/ESFAS actuation signals to the SSPS whenever pre-established setpoints are exceeded. The SSPS initiates a Reactor Trip or actuates safeguards functions as described below whenever the design coincidence logic for the required protective action is satisfied.
PPS channel protective functions are identified in the following sections. More detail is provided in Sections 3 and 4. Refer to the FLDs [Reference 1.4.3.5] for additional detail regarding these protective functions.
2.1.1 Reactor Coolant Flow Channels 2.1.1.1 Low Flow Reactor Trip Provides Departure from Nucleate Boiling (DNB) protection.
2.1.2 Wide Range Reactor Coolant Temperature Channels 2.1.2.1 Input to Low Temperature Overpressure Protection System (LTOPS)
Provides protection against overpressurization at low plant temperature.
2.1.3 Wide Range Reactor Coolant Pressure Channels 2.1.3.1 Input to LTOPS Provides protection against overpressurization at low plant temperature.
2.1.3.2 Input to Residual Heat Removal (RHR) valve interlock circuit Provides protection against improper operation of RHR isolation valves.
2.1.4 Delta-T / Tavg (DTTA) Channels 2.1.4.1 Overtemperature Delta-T (OTDT) Reactor Trip Provides DNB protection.
The setpoint for the OTDT reactor trip is continuously calculated by the PPS for each of the four reactor coolant loops.
2.1.4.2 Overpower Delta-T (OPDT) Reactor Trip Provides protection against excessive power (fuel rod rating protection).
The setpoint for the OPDT reactor trip is continuously calculated by the PPS for each of the four reactor coolant loops.
2.1.5 Pressurizer Level Channels 2.1.5.1 Pressurizer High Water Level Reactor Trip aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 22 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 23 of 80 Provides backup protection to the Pressurizer High Pressure Reactor Trip and prevents the pressurizer from becoming water solid during low worth and low power rod withdrawal accidents.
2.1.6 Pressurizer Pressure Channels 2.1.6.1 Pressurizer Low Pressure Reactor Trip Provides protection against low pressure that could lead to DNB, and limits the necessary range of protection afforded by the OTDT Reactor Trip.
2.1.6.2 Pressurizer High Pressure Reactor Trip Provides protection for the reactor coolant system against system overpressure.
2.1.6.3 Pressurizer Low-Low Pressure Safety Injection (SI)
Initiate the automatic starting of decay heat removal systems to provide protection against loss of primary or secondary coolant accidents.
This actuation signal may be manually blocked when pressurizer pressure is below the P-i 1 interlock setpoint (Pressurizer Pressure Not High) with the manual block automatically removed by an increasing pressurizer pressure above the P-1 1 setpoint.
2.1.7 Pressurizer Vapor Temperature Channel
.2.1.7.1 Pressurizer Vapor Space Temperature Low RHR valve V-8701 interlock circuit input.
2.1.8 Steamline Break Protection Channels 2.1.8.1 Steamline Pressure Low SI and Steamline Isolation Initiate the automatic starting of boron injection and decay heat removal systems and to provide protection against steamline break accidents.
2.1.8.2 Steamline Pressure High Negative Rate Steamline Isolation Provide protection in the case of a steamline break when Pressurizer Pressure is less than the P-1 1 setpoint and Low Steamline Pressure SI is blocked.
2.1.9 Steam Generator Narrow Range Level Channels 2.1.9.1 Steam Generator (S/G) High-High Level Turbine Trip and Feedwater Isolation (P-14, S/G High Level Permissive)
Provides protection against S/G overfill and damage to the main steamlines or main turbine.
2.1.9.2 S/G Low-Low Level Reactor Trip and Auxiliary Feedwater (AFW) Pump Start Protects the reactor from loss of heat sink in the event of loss of feedwater to one or more S/Gs or a major feedwater line rupture.
The signals to actuate reactor trip and start AFW pumps are delayed through the use of a Trip Time Delay (TTD) for reactor power levels below 50% of rated thermal power. The use aLTRa n UNIT 1&2 DC 663195-44-6 PAGE 23 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 24 of 80 of the TTD allows added time for natural S/G level stabilization or operator intervention to avoid an inadvertent protection system actuation.
2.1.10 Turbine Impulse Chamber Pressure Channels 2.1.10.1 Turbine Impulse Chamber Pressure High to P-13 Interlock The purpose of the P-1 3 permissive is to provide an input to P-7 indicative of low turbine power when less than the setpoint.
The purpose of the P-7 permissive is to disable selected Reactor Trip signals while operating at low power levels.
2.1.10.2 Turbine Impulse Chamber Pressure Low Interlock C-5 Blocks control rod withdrawal.
The purpose of the C-5 interlock is to prevent automatic outward rod motion when power is less than the design limit for the Rod Control System.
2.1.11 Containment Pressure Channels 2.1.11.1 Containment Pressure High SI, Phase A Containment Isolation Initiates the automatic starting of safeguards equipment to provide protection against a high energy line break inside containment.
2.1.11.2 Containment Pressure High-High Phase B Containment Isolation, Containment Spray Actuation Purpose is to protect the containment integrity and limit fission product release by closing containment isolation valves and initiating containment cooling spray and chemical addition.
2.2 System Modes and States The PPS is required to be operational during all plant modes in accordance with the requirements of the Plant Technical Specification [Reference 1.4.3.1].
2.2.1 Operating Modes There are no special operating modes associated with the PPS. It is an instrumentation system that continuously monitors the plant parameters identified in Section 1.5 and provides status indication to the main control room and partial trip inputs to the SSPS whenever protection channel setpoints are exceeded.
2.2.2 Manual Trip Switches 2.2.2.1 Manual trip switches independent of the PPS instrumentation shall be provided for each PPS comparator reactor trip and safeguards actuation output to the SSPS in accordance with Section 3.2.1.3.4.
2.2.2.2 The manual trip switches shall be configured to match the TRIP/ACTUATE action (de-energize or energize to TRIP/ACTUATE) of the associated PPS comparator output.
2.2.2.3 The manual trip switches shall be functional at all times including when the channel is in a aLTRan UNIT l& 2 DC 663195-44-.6 PAGE 24 OF 80
DCPP Units 1 & 2, Process Protection System 08..0015-SP-001, Revision: 7 Functional Requirements Specification Page 25 of 80 bypass condition.
2.2.3 Manual Bypass Switches 2.2.3.1 Manual bypass switches independent of the PPS instrumentation shall be provided for each Containment High-High Pressure (Containment Spray) comparator output to facilitate on-line maintenance and testing.
2.2.3.2 Manual bypass switches independent of the PPS instrumentation shall be provided for each Turbine Impulse Pressure High (P-1 3) comparator output to facilitate on-line maintenance and testing.
2.2.3.3 The manual bypass switches shall be configured to maintain the normal non-tripped status (energized or de-energized) of the associated PPS comparator output.
2.3 Major System Capabilities The following system capabilities shall be provided:
2.3.1 Signal Validation 2.3.1.1 Signal validation is required for the DTTA channels as described in Sections 3.2.5.1.5 and 3.2.5.1.6. Signal validation other than range checking per Section 2.3.1.2 is not required for any other PPS channel.
2.3.1.2 Input signal range checking is required for all PPS channel input signals. Identification of Out-of-Range High or Out-of-Range Low input signals is required. Unless otherwise specified, Out-of-Range (OOR) setpoints shall be as follows:
2.3.1.2.1 OOR Low: -5% span 2.3.1.2.2 OOR High: 105% span 2.3.2 System Level Diagnostics 2.3.2.1 The PPS processing instrumentation shall be provided with sufficient diagnostic capability to isolate system faults to the card/module level.
2.3.2.2 MCR alarms and annunciators (PPS Failure and Trouble) shall be actuated by signals from the PPS when PPS diagnostics detect conditions that are indicative of degraded performance or failure of some system component. Conditions requiring alarming are identified in Section 3.2.1.5.
2.3.3 Testability at Power 2.3.3.1 The capability for testing while at power shall be provided for all PPS channels as required by 10CFR50, Appendix A, GDC 21 [Reference 1.4.1.3.1.13]. Refer to Section 3.2.1.15 for guidance.
2.4 Major System Conditions Refer to Section 2.2, "System Modes and States."
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 25 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 26 of 80 2.5 Major System Constraints Refer to Design Criteria Memorandum (DCM) S-38A, Plant Protection System [Reference 1.4.3.12].
2.6 User Characteristics 2.6.1 Operations The primary user of the PPS is Operations. Operations will require access to Human System Interface (HSI) displays with the exception of displays dedicated to system maintenance activities.
2.6.2 I&C Maintenance I&C Maintenance will require access to all displays and functions associated with the PPS HSI and processing instrumentation for purposes of performing Technical Specification
[Reference 1.4.3.1] mandated surveillance testing and for maintaining the system.
Maintenance display access will require security access measures for any maintenance function that has the capability of changing system configuration.
2.6.3 Engineering Engineering will require access to all displays and functions associated with the PPS HSI and processing instrumentation to facilitate configuration control of the system.
2.7 Assumptions and Dependencies Refer to DCM S-38A, Plant Protection System [Reference 1.4.3.12].
2.8 Operational Scenarios Refer to Section 2.2, "System Modes and States."
a LTRan UNIT 1 & 2 DC 663195-44-6 PAGE 26 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 27 of 80 3 System Capabilities, Conditions, Constraints 3.1 Physical
'3.1.1 Construction The PPS instrumentation will be installed within 16 equipment racks (per unit) located in the Cable Spreading Rooms at elevation 128 of the Auxiliary Building.
3.1.1.1 The PPS equipment racks are divided into four separate Protection Sets which are physically separated and electrically isolated from each other.
3.1.1.1.1 Protection Set I a) Protection Set I shall consist of five (5) racks.
b) One rack shall be dedicated to Class II PPS equipment.
c) Deleted 3.1.1.1.2 Protection Set II a) Protection Set II shall consist of five (5) racks.
b) One rack shall be dedicated to Class II PPS equipment.
c) Deleted 3.1.1.1.3 Protection Set III a) Protection Set III shall consist of three (3) racks.
b) One rack shall be dedicated to Class II PPS equipment.
c) Deleted 3.1.1.1.4 Protection Set IV a) Protection Set IV shall consist of three (3) racks.
b) One rack shall be dedicated to Class II PPS equipment.
c) Deleted 3.1.1.2 PPS instrumentation shall be accessible via full length front and rear cabinet doors.
3.1.1.3 Required physical separation shall be maintained between Class 1E and non-Class 1E circuits as required by Regulatory Guide 1.75 [Reference 1.4.1.5.3].
3.1.1.4 Each PPS Protection Set will be powered from a separate 120 VAC vital bus via a Class 1E uninterruptible power supply. Refer to DCM S-65 [Reference 1.4.3.11].
3.1.1.5 Each PPS Protection Set will be provided with a 120 VAC control grade (non-vital) utility power source.
3.1.1.6 Each PPS Protection Set will be provided with redundant loop power supplies capable of powering all 4-20 mA instrument loops associated with that Protection Set.
3.1.1.6.1 Deleted.
3.1.1.6.2 The initial full load design current for each loop power supply should not exceed 75% of aLTRan UNIT &2 DC 663195-44-6 PAGE 27 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 28 of 80 rated power supply capacity to provide margin for future expansion.
3.1.1.6.3 Failure of a loop power supply shall be alarmed (see Section 3.2.1.5).
3.1.1.7 Non-vital 125 VDC from the Main Annunciator will be provided for interrogation of alarm output contacts.
3.1.1.7.1 Output contacts provided for interrogation by the MAS shall be rated at 125 Vdc, 50 mA (minimum).
3.1.1.8 The HSI equipment is Instrument Class II and shall be isolated from the PPS processing instrumentation as required by General Design Criteria (GDC) 24 [Reference 1.4.1.3.1.16].
Refer to DCM T-24 [Reference 1.4.3.15] for guidance.
3.1.1.9 PPS processing instrumentation shall be qualified and installed to satisfy Seismic Category I requirements applicable to DCPP. Refer to Section 3.1.5 for guidance.
3.1.1.10 The PPS HSI equipment shall be seismically supported to prevent damage to or loss of operability of the safety related PPS instrumentation should a seismic event occur. Refer to Section 3.1.5 for guidance.
3.1.2 Durability The PPS equipment shall be capable of continuous operation in the environment specified in Section 3.1.4.
3.1.3 Adaptability The PPS is a mature system and it is not anticipated that many changes to processing instrumentation or inputs and outputs will be required over the life of the system. However, it is desirable that the system have the capability for additional inputs/outputs within the existing environs so that any required changes to system function can be readily accommodated.
3.1.3.1 There shall be adequate rack space available to accommodate at least 10% additional inputs of each type used within the system for future use.
3.1.3.2 There shall be adequate rack space available to accommodate at least 10% additional outputs of each type used within the system for future use.
3.1.4 Environmental Conditions The Cable Spreading Rooms at DCPP are considered to be a mild environment.
3.1.4.1 The PPS instrumentation shall be qualified for the following conditions which define this environment:
3.1.4.1.1 Temperature: 40 to 104'F 3.1.4.1.2 Relative Humidity: 0 to 95% (non-condensing) 3.1.4.1.3 Pressure: Atmospheric 3.1.4.1.4 Radiation: N/A (mild environment) 3.1.5 Seismic Requirements aLTRan UNIT& 2 DC 663195-44--6 PAGE 28 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 29 of 80 The PPS Class I equipment shall be qualified to Seismic Category I levels by test, analysis, or a combination thereof, to satisfy the requirements of IEEE Std. 344 [Reference 1.4.1.1.6]
(endorsed by Regulatory Guide 1.100 [Reference 1.4.1.5.6]) as supplemented by the following DCPP requirements:
3.1.5.1 Seismic Response Spectra The seismic inertial loads acting on the PPS are defined in DCM C-17 [Reference 1.4.3.7],
DCM C-25 [Reference 1.4.3.8], and DCM C-30 [Reference 1.4.3.10]. The seismically induced inter- and intra- structural displacements are defined in DCM C-28 [Reference 1.4.3.9].
3.1.5.2 Seismic Qualification Design Class I PPS equipment and components shall meet the design bases for seismic qualification in accordance with DCM T-10 (Seismic Qualification of Equipment) [Reference 1.4.3.13].
Non-Class 1E (Class II) PPS equipment is not subject to the seismic requirements of Section 3.1.5. The Class II equipment shall be mounted and supported in such a fashion that it cannot become a missile during a seismic event and possibly damage or disable a safety-related structure, system, or component.
3.1.6 Electromagnetic Compatibility 3.1.6.1 Susceptibility: The PPS shall be qualified by test, analysis, or a combination thereof, to function without fault or error in an electromagnetic environment in accordance with the guidance of Regulatory Guide 1.180 [Reference 1.4.1.5.10].
3.1.6.2 Emissions: the PPS equipment shall be qualified by test, analysis or a combination thereof, to not create an electromagnetic environment that will adversely affect the operation of safety-related Class 1E equipment operating in the same location (cable spreading room).
The qualification shall follow the guidance of Regulatory Guide 1.180, as above.
3.1.6.3 Grounding: the PPS equipment shall support the grounding methods described in IEEE Std.
1050 [Reference 1.4.1.1.11] and endorsed by Regulatory Guide 1.180 to limit adverse effects of susceptibility and emissions (both radiated and conducted).
3.1.7 Time Synchronization As applicable (digital system with calendar function), a method shall be provided to allow synchronization of real-time clocks with an external reference clock provided by PG&E.
3.2 System Performance Characteristics The PPS is required to monitor plant parameters that are important to safety. The PPS provides signals for parameter monitoring, indication, recording, and to the MAS for alarming in the MCR for use by operations personnel and to satisfy the Post-Accident Monitoring requirements of Regulatory Guide 1.97
[Reference 1.4.1.5.5] as defined in Chapter 7.5 of the DCPP FSARU [Reference 1.4.3.2].
With the exception of Delta-T and Tavg from the Delta-TITavg (DTTA) channels, where required, the PPS will provide isolated signals from the channel sensor (prior to processing by the PPS instrumentation) via qualified isolation devices for use by Class II control systems such as the DFWCS, the Rod Speed and Direction System, the Pressurizer Pressure Control System, the Pressurizer Level Control System, and the AMSAC.
aLTRan1 UNIT 1 & 2 DC 663195-44-6 PAGE 29 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 30 of 80 The PPS will provide isolated (Class II) level signals from level channel sensors (prior to processing by the PPS instrumentation) via qualified isolation devices for use by the Class I Auxiliary Feedwater System.
The PPS provides partial trip output signals to the SSPS whenever established RTS or ESFAS parameter setpoints are exceeded. The SSPS will initiate a Reactor Trip and/or actuate ESFAS whenever the design logic (coincidence) for the required protective action is satisfied. The DCPP FLDs [Reference 1.4.3.5] provide detailed information regarding the SSPS Reactor Trip and ESFAS functional operation.
The following Sections (3.2.1 thru 3.2.13) define the specific requirements for each PPS channel that must be satisfied to ensure that the PPS performs as designed.
3.2.1 Requirements Applicable to All PPS Channels The following requirements are applicable to all PPS channels. Requirements specific to a particular channel will be identified in the specific Section (3.2.2 through 3.2.13) dealing with that channel.
3.2.1.1 Functional Description Refer to the "Functional Description" requirement Section associated with each individual PPS channel.
3.2.1.2 Special Environmental Requirements This Specification applies only to the PPS instrumentation that is located in the Unit 1 and Unit 2 Cable Spreading Rooms at DCPP (elevation 128). These areas are considered to be a mild environment. See Section 3.1.4 for specific environmental conditions applicable to these areas.
3.2.1.3 Indicators, Status Lights, and Controls The following status requirements are applicable to all PPS channels:
3.2.1.3.1 Status indication (ON/OFF) shall be provided locally at the PPS instrumentation racks for all comparator outputs.
3.2.1.3.2 Partial trip outputs from comparators shall be of the supervisory type for energize to trip/actuate outputs unless specified otherwise in Sections 3.2.2 thru 3.2.13 of this document. Feedback shall be provided to the PPS to facilitate detection of open circuits, short circuits, or actual output not matching command.
3.2.1.3.3 Signals for status indication to satisfy the requirements of Regulatory Guide 1.47
[Reference 1.4.1.5.2] shall be provided to the MOR from each protection set for indication that a protection channel has been placed in an inoperable condition (e.g., bypassed).
3.2.1.3.4 Manual trip switches shall be provided locally at the PPS instrumentation racks for all comparator outputs except for those provided for alarm purposes only.
a) These manual trip switches shall provide an independent trip capability that will override the PPS comparator output.
b) Channel status downstream of the manual trip switch shall be determinable by the PPS.
c) Exceptions to this requirement for a particular comparator output will be identified in the "Trips and Trip Logic" subsection of the Section (3.2.2 thru 3.2.13) associated with that comparator.
3.2.1.3.5 Manual bypass switches shall be provided for each Containment High-High Pressure aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 30 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 31 of 80 (Containment Spray) comparator output to facilitate on-line maintenance and testing.
a) When in bypass, these switches shall maintain the normal (non-tripped) condition of the comparator output independent of the PPS.
b) Indication of Bypass shall satisfy the requirements of Section 3.2.1.5.3.
c) The requirements of Section 3.2.1.3.4.b shall apply.
3.2.1.3.6 Manual bypass switches shall be provided for each Turbine Impulse Pressure High (P-13) comparator output to facilitate on-line maintenance and testing.
a) When in bypass, these switches shall maintain the normal (non-tripped) condition of the comparator output independent of the PPS.
b) Indication of Bypass shall satisfy the requirements of Section 3.2.1.5.3.
3.2.1.3.7 A method shall be provided for placing a PPS channel out-of-service (e.g. manual OOS switch) for the purpose of performing maintenance activities (e.g., parameter updates) without requiring that a Protection Set be declared inoperable.
a) Indication of Out-of-Service shall satisfy the requirements of Section 3.2.1.5.5.
3.2.1.4 Outputs for Monitoring, Indication, Recording, and Control Analog outputs shall be capable of driving an impedance of up to 1000 ohms without loss of accuracy.
Refer to the "Outputs for Monitoring, Indication, Recording, and Control" requirement Section associated with each individual PPS channel.
Note: "Outputs"includes: outputs processedthrough the PPS instrumentation (e.g., RCS Flow); and outputs processed through qualified hardware isolation devices on the sensor input loop (e.g., PZR Level to process control).
3.2.1.5 Alarms and Annunciators The following system level alarms and annunciators will be provided by PG&E for each Protection Set. Separate input signals shall be provided to these alarms from processing instrumentation for each Protection Set. Refer to PPS System Level Alarm drawings:
Protection Set I [References 1.4.2.2.21, 1.4.2.2.22], Protection Set II [References 1.4.2.2.43, 1.4.2.2.44], Protection Set III [References 1.4.2.2.58, 1.4.2.2.59], and Protection Set IV
[References 1.4.2.2.71, 1.4.2.2.72].
The initiating events identified for each alarm are a non-inclusive listing. Based on the PPS hardware architecture, other initiating events may be included.
3.2.1.5.1 PPS Failure [Deenergize to Alarm with Reflash capability]
The following conditions, as a minimum, shall provide signals to initiate a "PPS Failure" alarm/annunciator in the MCR:
a) Fatal diagnostic (a detected inability of a Protection Set to perform its intended safety function) b) Failure to set trip on demand c) Primary and secondary instrument power supply failures 3.2.1.5.2 PPS Trouble [Deenergize to Alarm with Reflash capability]
The following conditions, as a minimum, shall provide signals to initiate a "PPS Trouble" alarm/annunciator in the MCR:
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 31 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 32 of 80 a) Trip output set without a demand b) Detected (non-fatal) equipment failure c) RTD trouble in a DTTA channel (any Thot or Tcold Sensor out-of-range or failed) d) Loss of one instrument power supply (redundant supply working) e) Failure of a Channel Bypass to initiate on demand f) Any input sensor out-of-range with the following exception: alarms shall be suppressed for inputs that are out-of-range low due to present plant conditions and not due to a failed sensor.
3.2.1.5.3 PPS Channel in Bypass [Energize to Alarm with Reflash capability]
a) Actuation of any comparator Bypass switch in a protection set will provide a signal to the MAS for alarming the Bypassed condition in the Main Control Room.
b) Where utilized, external comparator Bypass switches shall be provided with two (2) separate and independent output contacts.
- 1) One contact will be used to physically bypass the comparator trip/actuation output maintaining the non-tripped/non-actuated state.
- 2) The other contact will be for use in satisfying Bypassed indication requirements per part a) of Section 3.2.1.5.3.
c) Deleted.
3.2.1.5.4 PPS RTD Failure [Energize to Alarm with Reflash capability]
See Section 3.2.5.5.
3.2.1.5.5 PPS Out of Service [Energize to Alarm with Reflash capability (for Item b) 2) below)]
a) Actuation of any manual OOS switch in a protection set will provide a signal to the MAS for alarming the OOS condition in the Main Control Room.
b) Where utilized, external Channel Out-of-Service (OOS) switches shall be provided with two (2) separate and independent output contacts.
- 1) One contact without reflash capability will be provided for use by the MAS (independent of the PPS instrumentation) to indicate that a manual OOS switch has been actuated.
- 2) The other contact will be for use in establishing the proper HMI/PPS interfaces for performing maintenance and parameter/setpoint updates. A signal shall be provided for use by the MAS to indicate the channel OOS condition once it is established.
3.2.1.6 Interlocks and Permissives Refer to the "Interlocks and Permissives" requirement Section associated with each individual PPS channel.
3.2.1.7 Trips and Trip Logic PPS comparators determine when established setpoints have been exceeded and provide outputs for use by other systems such as the RTS and ESFAS. Refer to the "Trips and Trip Logic" requirements Section associated with each individual PPS channel for comparator requirements associated with that channel.
3.2.1.8 Accuracy aLTRan UNIT l& 2 DC 663195-44-6 PAGE 32 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 33 of 80 A statistical analysis of PPS rack accuracy allowances shall be performed by the equipment supplier and provided for use by PG&E to evaluate the need for changes to PPS setpoints.
The equipment supplier shall provide a detailed description of the methodology used to determine rack accuracy allowance value(s).
Section 3.2.1.8.1 includes typical rack allowances that shall be considered. This is a non-inclusive list and may be supplemented depending on the type of equipment utilized.
3.2.1.8.1 Typical Rack Allowances include the following:
a) Rack Calibration Accuracy (RCA): The reference (calibration) accuracy rating for a process loop string. A process loop includes all modules in a specific channel. It is assumed that the individual modules are calibrated to a particular tolerance and that the process loop is verified to be calibrated to a specific tolerance.
- 1) The following tolerances for input signal conditioning shall be applicable:
- i. 4-20 mA input signal conditioning accuracy tolerance shall not exceed:
+/- 0.13% span ii. RTD accuracy tolerance shall not exceed:
o +/- 0.375 OF (narrow range) o +/- 1.05 OF (wide range) b) Rack Comparator Setting Accuracy (RCSA): The reference (calibration) accuracy of the instrument loop comparator (bistable).
- 1) For a single input bistable the tolerance shall not exceed +/- 0.2% span.
- 2) For a dual input bistable the tolerance shall not exceed +/- 0.5% span.
- 3) No uncertainty shall be included for this term for channels that do not have an electronic comparator.
c) Rack Temperature Effects (RTE): The change in input-output relationship for the process rack module string due to a change in the ambient environmental conditions.
- 1) For an analog system the tolerance shall not exceed +/- 0.5% span.
- 2) As applicable, for a digital system the following tolerances shall be applicable:
- i. 4-20 mA input signal conditioning temperature effects shall not exceed:
+/- 0.25% span ii. RTD input signal conditioning temperature effects shall not exceed:
o +/- 1.2 OF (narrow range) o +/- 5.6 OF (wide range) d) Rack Drift (RD): The change in input-output relationship over a period of time.
- 1) For an analog system the tolerance shall not exceed +/- 1.0% span.
- 2) As applicable, for a digital system the tolerance shall not exceed:
- i. 4-20 mA input signal conditioning rack drift tolerance shall not exceed:
+/- 0.2% span ii. RTD input signal conditioning rack drift tolerance shall not exceed:
o +/- 0.3 OF (narrow range) o +/- 1.4 OF (wide range) aLTRan UNIT &2 DC 663195-44-6 PAGE 33 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 34 of 80
- 3) The drift requirements per this Section shall be valid for a period of 30 calendar months (minimum).
3.2.1.8.2 As applicable (digital system), Processor Time Base (Loop Cycle Time)
Where input and output signals are updated on a time-dependant cyclic basis, a method for verifying the time base shall be provided.
a) The measurable time base shall have an accuracy of +/- 0.1% of the utilized time base (e.g., for a 100 msec time base this would be +/- 0.1 msec).
3.2.1.9 Range (for Inputs, Calculated Values, and Outputs)
Instrument Range requirements are function dependent. Refer to the "Range (for Inputs, Calculated Values, and Outputs)" requirements Section associated with each individual PPS channel.
3.2.1.9.1 Analog inputs shall be provided with the capability to adjust input scaling (see Section 3.2:1.13).
3.2.1.10 Time Response The time response of the PPS processing instrumentation (from input signal conditioner to conditioned output signal) shall not exceed 0.409 seconds [Reference 1.4.3.17].
The time delay mentioned above is defined as the elapsed time following a step change at the signal conditioner input from 5% below (above) to 5% above (below) the comparator setpoint with all externally adjustable transfer functions set to 1 (as applicable) and all externally adjustable time delays set to 0.0 (as applicable).
3.2.1.11 Overload and Recovery Characteristics Overload (overrange) of any instrument channel or component in an affected protection system must result only in the saturation of the affected components in the direction of the overload.
3.2.1.11.1 After the out-of-range signal causing the overload returns from the overload condition, all component units of the system must recover from the saturated condition and shall return to their correct output values (within nominal accuracy limits) within 1 second.
Note: The I second recovery time specified need be met only when all externally adjustable time delays are set to 0.0.
3.2.1.11.2 During recovery from overload, the output of all affected component units must progress smoothly from the saturated value to the correct value without oscillation or overshoot larger than 1% (peak-to-peak) of channel range exclusive of the theoretical amplification of lead/lag and rate/lag units.
Note: The requirementson oscillation and overshoot should be met even with all externally adjustable time delays set to 0.0.
3.2.1.12 Noise Levels 3.2.1.12.1 The PPS instrumentation shall satisfy the emissions requirements of Regulatory Guide 1.180 [Reference 1.4.1:5.10]. Refer to Section 3.1.6 for additional information.
3.2.1.12.2 For analog inputs, an adjustable low pass filter with a cutoff frequency range of 0 - 15 Hz (minimum bandwidth) shall be provided.
Filter attenuation reuirements:
- 10Hz = -20 dB minimum aLTRan UNIT1&2 DC 663195-44-6 PAGE 34 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 35 of 80
- 60 Hz = -45 dB minimum 3.2.1.13 Controller Transfer Functions Refer to the "Controller Transfer Functions" requirement Section associated with each individual PPS channel for channel specific transfer functions.
3.2.1.13.1 All PPS instrumentation shall have the capability to provide a hysteresis/deadband setting for comparator setpoints as follows:
a) Comparator reset for increasing signal trips shall be 1% of input span below trip setpoint.
b) Comparator reset for decreasing signal trips shall be 1% of input span above trip setpoint.
3.2.1.13.2. All PPS analog inputs shall be provided with the capability to adjust scaling. Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.1.14.
3.2.1.14 Setpoints (Range of Setting) 3.2.1.14.1 All comparator setpoints shall be capable of being entered and changed locally under administrative controls:
3.2.1.14.2 All tuning constants shall be capable of being entered and changed locally at the PPS instrumentation racks under administrative controls.
3.2.1.14.3 Ranges for Analog Input Adjustment Tuning Constants (unless specified otherwise in Subsection 14 of Sections 3.2.2 thru 3.2.13) a) m (gain) 0.1000000 to 1.999999 b) b (offset) -1.000000 to 1.000000 3.2.1.15 Test and Calibration The capability shall be provided for PPS channel calibration and test at power as required by IEEE Std. 338 [Reference 1.4.1.1.5] with the following constraints:
3.2.1.15.1 The capability shall be provided for testing at power in either bypass mode (where the partial trip/actuation outputs associated with the channel in test are maintained in the non-tripped/non-actuated condition) or partial trip mode (where the partial trip/actuation outputs associated with the channel in test are maintained in the tripped/actuated condition).
3.2.1.15.2 In the case of 1/N (one-out-of-N) logic, a bypass shall (must) be provided to prevent the actuation of a protection system during a channel test.
3.2.1.15.3 As applicable, the capability to verify that all analog-to-digital (A/D) conversions are calibrated independently of each other shall be provided.
3.2.1.15.4 As applicable, the capability to verify that digital-to-analog (D/A) conversions are calibrated independently of the A/Ds shall be provided (i.e., the inputs to the D/As are independently verifiable from the inputs to the A/Ds for calibration purposes).
3.2.1.15.5 Overlap test capability shall be provided for both periodic and time response testing.
3.2.1.15.6 Periodic testing shall not require the need for the use of temporary jumpers or lifting of leads.
3.2.1.15.7 A method shall be provided for verification of allowed changes to setpoints and/or tuning constants prior to and following initiation of the change.
aLTRanf UNIT 1& 2 DC 663195-44--6 PAGE 35 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 36 of 80 3.2.1.15.8 For channels without partial trip/actuation output(s), the capability shall be provided for testing at power with positive indication of the channel in test provided.
3.2.1.16 Failure Mode Requirements 3.2.1.16.1 Analog outputs shall fail low upon loss of vital bus power.
3.2.1.16.2 Analog outputs shall fail low upon detection of an internal rack failure (fatal diagnostic) that would prevent proper action of the protection system.
3.2.1.16.3 Reactor Trip and SI actuation comparator outputs to the SSPS shall be designed such that upon loss of electrical power, the resultant output is a trip signal [Deenergize to Trip].
3.2.1.16.4 Containment Spray actuation outputs to the SSPS shall be designed such that upon loss of electrical power, no actuation output signal is generated.
3.2.1.16.5 Upon detection of an internal rack failure (fatal diagnostic), the resultant output of a partial trip signal (RTS/ESFAS) shall be the tripped (deenergized) condition with the exception of the Energize to Trip Containment Spray and PZR Pressure High (PORV) which shall be the "AS-IS" condition.
3.2.1.16.6 Upon detection of an internal rack failure (fatal diagnostic), the resultant output from Energize to Trip comparators not associated with Requirement 3.2.1.16.5 shall be the "AS-IS" condition. See channel specific "Failure Mode Requirements" sections for applicability of this requirement.
3.2.1.16.7 The capability shall be provided to transit from Bypass to Trip for a failed channel to support Technical Specification [Reference 1.4.3.1] requirements.
3.2.1.16.8 The capability shall be provided to transit from Trip to Bypass for a failed channel to support Technical Specification [Reference 1.4.3.1] requirements.
3.2.2 Specific Requirements for Reactor Coolant Flow The following specific requirements apply to the Reactor Coolant Flow channels and are in addition to the requirements specified in Section 3.2.1.
3.2.2.1 Functional Description Reactor Coolant Flow channels are presented graphically in the PPS Functional Block Diagrams [Reference 1.4.2.2]. These drawings identify all inputs, outputs, and external interfaces and provide a simplified representation of the channel functionality (logic).
3.2.2.1.1 Reactor Coolant Flow, Loops 1 thru 4 (Protection Set I):
Reference 1.4.2.2.1, 1.4.2.2.2 3.2.2.1.2 Reactor Coolant Flow, Loops 1 thru 4 (Protection Set II):
Reference 1.4.2.2.23, 1.4.2.2.24 3.2.2.1.3 Reactor Coolant Flow, Loops 1 thru 4 (Protection Set Il1):
Reference 1.4.2.2.45, 1.4.2.2.46 3.2.2.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.2.3 Indicators, Status Lights, and Controls No additional requirements to those identified in Section 3.2.1.3.
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 36 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 37 of 80 3.2.2.4 Outputs for Monitoring, Indication, Recording, and Control The following outputs shall be provided by the Reactor Coolant Flow channels:
3.2.2.4.1 Reactor Coolant Flow Loop 1 (Protection Sets 1,11,111) a) MCR Indication b) PPC Monitoring 3.2.2.4.2 Reactor Coolant Flow Loop 2 (Protection Sets 1,11,111) a) MCR Indication b) PPC Monitoring 3.2.2.4.3 Reactor Coolant Flow Loop 3 (Protection Sets 1,11,111) a) MCR Indication b) PPC Monitoring 3.2.2.4.4 Reactor Coolant Flow Loop 4 (Protection Sets 1,11,111) a) MCR Indication b) PPC Monitoring 3.2.2.5 Alarms and Annunciators No additional requirements to those identified in Section 3.2.1.5.
3.2.2.6 Interlocks and Permissives There are no interlocks or permissives associated with PPS Reactor Coolant Flow channel processing.
3.2.2.7 Trips and Trip Logic The following comparator outputs shall be provided by the Reactor Coolant Flow channels:
3.2.2.7.1 Reactor Coolant Loop 1 Flow Low (Protection Sets 1,11,111)
For use by the SSPS Low Reactor Coolant Flow Reactor Trip logic [Deenergize to Trip].
3.2.2.7.2 Reactor Coolant Loop 2 Flow Low (Protection Sets 1,11,111)
For use by the SSPS Low Reactor Coolant Flow Reactor Trip logic [Deenergize to Trip].
3.2.2.7.3 Reactor Coolant Loop 3 Flow Low (Protection Sets 1,11,111)
For use by the SSPS Low Reactor Coolant Flow Reactor Trip logic [Deenergize to Trip].
3.2.2.7.4 Reactor Coolant Loop 4 Flow Low (Protection Sets 1,11,111)
For use by the SSPS Low Reactor Coolant Flow Reactor Trip logic [Deenergize to Trip].
3.2.2.8 Accuracy No additional requirements to those identified in Section 3.2.1.8.
3.2.2.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be scaled as follows:
3.2.2.9.1 Input Variables:
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 37 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 38 of 80 a) Reactor Coolant Flow:
4 - 20 mA = 0 to 100 XMTR dp%
3.2.2.9.2 Calculated Variables:
Refer to Section 3.2.2.13.
3.2.2.9.3 Output Variables:
a) Reactor Coolant Flow:
0 to 100 XMTR dp% = 4 - 20 mA Note: equivalent to 0 to 120% of rated flow.
3.2.2.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
3.2.2.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.2.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
3.2.2.13 Controller Transfer Functions The following controller transfer functions are used in the processing of Reactor Coolant Flow channels:
3.2.2.13.1 Reactor Coolant Flow Normalization Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.2.14.2.
3.2.2.14 Setpoints (Range of Setting)
The following shall apply to the comparator settings and tuning constants of the Reactor Coolant Flow channels:
3.2.2. 14.1 Reactor Coolant Flow Low Reactor Trip:
70 to 100% of rated flow 3.2.2.14.2 Tuning Constants a) m (normalizing constant) 0.1000000 to 1.3000000 3.2.2.15 Test and Calibration No additional requirements to those identified in Section 3.2.1.15.
3.2.2.16 Failure Mode Requirements No additional requirements to those identified in Section 3.2.1.16.
3.2.3 Specific Requirements for Wide Range Reactor Coolant Temperature The following specific requirements apply to the Wide Range Temperature channels and are aLTRan UNIT1&2 DC 663195-44-6 PAGE 38 OF 80
DCPP Units 1 & 2, Process Protection System 08..0015-SP-001, Revision: 7 Functional Requirements Specification Page 39 of 80 in addition to the requirements specified in Section 3.2.1.
3.2.3.1 Functional Description Wide Range Temperature channels are presented graphically in the PPS Functional Block Diagrams [Reference 1.4.2,2]. These drawings identify all inputs, outputs, and external interfaces and provide a simplified representation of the channel functionality (logic).
3.2.3.1.1 Wide Range Temperature, Reactor Coolant Loops 1 and 2 (Protection Set I):
Reference 1.4.2.2.3 3.2.3.1.2 Wide Range Temperature, Reactor Coolant Loops 3 and 4 (Protection Set II):
Reference 1.4.2.2.25 3.2.3.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.3.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.3.4 Outputs for Monitoring, Indication, Recording, and Control The following outputs shall be provided by the Wide Range Temperature channels:
3.2.3.4.1 Hot Leg Temperature Loop 1 (Protection Set I) a) MCR Recording b) ERFDS Monitoring c) RVLIS Train B Monitoring d) PPC Monitoring 3.2.3.4.2 Hot Leg Temperature Loop 2 (Protection Set I) a) MCR Recording b) ERFDS Monitoring c) RVLIS Train B Monitoring d) PPC Monitoring 3.2.3.4.3 Hot Leg Temperature Loop 3 (Protection Set II) a) MCR Recording b) ERFDS Monitoring c) RVLIS Train A Monitoring d) PPC Monitoring 3.2.3.4.4 Hot Leg Temperature Loop 4 (Protection Set II) a) MCR Recording b) ERFDS Monitoring c) RVLIS Train A Monitoring d) PPC Monitoring aLTRan UNIT l& 2 DC 663195-44-6 PAGE 39 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 40 of 80 3.2.3.4.5 Cold Leg Temperature Loop 1 (Protection Set I) a) MCR Recording b) ERFDS Monitoring c), PPC Monitoring 3.2.3.4.6 Cold Leg Temperature Loop 2 (Protection Set I) a) MCR Recording b) ERFDS Monitoring c) PPC Monitoring 3.2.3.4.7 Cold Leg Temperature Loop 3 (Protection Set II) a) MCR Recording b) ERFDS Monitoring c) PPC Monitoring 3.2.3.4.8 Cold Leg Temperature Loop 4 (Protection Set II) a) MCR Recording b) ERFDS Monitoring c) PPC Monitoring 3.2.3.5 Alarms and Annunciators No additional requirements to those identified in Section 3.2.1.5.
3.2.3.6 Interlocks and Permissives There are no interlocks or permissives associated with PPS Wide Range Temperature channel processing.
3.2.3.7 Trips and Trip Logic The following comparator outputs shall be provided by the Wide Range Temperature Channels:
3.2.3.7.1 Cold Leg Temperature Low Loop 2 (Protection Set I)
For use by the LTOPS [Energize to Trip].
3.2.3.7.2 Cold Leg Temperature Low Loop 3 (Protection Set II)
For use by the LTOPS [Energize to Trip].
3.2.3.8 Accuracy No additional requirements to those identified in Section 3.2.1.8.
3.2.3.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be scaled as follows:
3.2.3.9.1 Input Variables a) Wide Range Temperature Hot Leg:
[4-wire 200 ohm platinum RTD] = 0 to 700°F aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 40 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 41 of 80 b) Wide Range Temperature Cold Leg:
[4-wire 200 ohm platinum RTD] = 0 to 700°F 3.2.3.9.2 Calculated Variables: None 3.2.3.9.3 Output Variables:
a) Wide Range Temperature Hot Leg:
0 to 700°F = 4 - 20 mA b) Wide Range Temperature Cold Leg:
0 to 700°F = 4 - 20 mA 3.2.3.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
3.2.3.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.3.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
3.2.3.13 Controller Transfer Functions The following controller transfer functions are used in the processing of Wide Range Temperature channels:
3.2.3.13.1 RTD Resistance to Temperature Calculation Refer to Reference 1.4.3.18 for details.
3.2.3.14 Setpoints (Range of Setting)
The following shall apply to the comparator settings and tuning constants of the Wide Range Temperature channels:
3.2.3.14.1 Cold Leg Temperature Low LTOPS (Protection Sets 1,11):
0 to 700°F 3.2.3.15 Test and Calibration No additional requirements to those identified in Section 3.2.1.15.
3.2.3.16 Failure Mode Requirements 3.2.3.16.1 Detected RTD failures shall result in a low-going signal (failed low).
3.2.3.16.2 Upon detection of an internal rack failure (fatal diagnostic) the resultant output from the comparators identified in Sections 3.2.3.7.1 and 3.2.3.7.2 shall be the "AS-IS" condition.
3.2.4 Specific Requirements for Wide Range Reactor Coolant Pressure The following specific requirements apply to the Wide Range Pressure channels and are in addition to the requirements specified in Section 3.2.1.
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 41 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 42 of 80 3.2.4.1 Functional Description Wide Range Pressure channels are presented graphically in the PPS Functional Block Diagrams [Reference 1.4.2.2]. These drawings identify all inputs, outputs, and external interfaces and provide a simplified representation of the channel functionality (logic).
3.2.4.1.1 Wide Range Pressure, Reactor Coolant Loop 4 (Protection Set Ill):
Reference 1.4.2.2.47 3.2.4.1.2 Wide Range Pressure, Reactor Coolant Loops 3 and 4 (Protection Set IV):
Reference 1.4.2.2.60 3.2.4.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.4.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.4.4 Outputs for Monitoring, Indication, Recording, and Control The following outputs shall be provided by the Wide Range Pressure channels:
3.2.4.4.1 Wide Range Pressure Loop 4 [PT-403] (Protection Set Ill) a) MCR Recording b) ERFDS Monitoring c) RVLIS Train B Monitoring d) PPC Monitoring 3.2.4.4.2 Wide Range Pressure Loop 4 [PT-403A] (Protection Set III) a) MCR Indication b) ERFDS Monitoring c) PPC Monitoring 3.2.4.4.3 Wide Range Pressure Loop 3 [PT-405] (Protection Set IV) a) MCR Indication b) ERFDS Monitoring c). PPC Monitoring d) RVLIS Train A Monitoring 3.2.4.4.4 Wide Range Pressure Loop 4 [PT-405A] (Protection Set IV) a) MCR Indication b) PPC Monitoring c) ERFDS Monitoring 3.2.4.5 Alarms and Annunciators The following alarm outputs shall be provided for the Wide Range Pressure channels:
3.2.4.5.1 Reactor Coolant Pressure Hi, Loop 4 [PT-403A] (Protection Set III) aLTRan UNIT l& 2 DC 663195-44-6 PAGE 42 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 43 of 80 Input to RHR Valve 8702 Not Isolated alarm circuit (RHR Interlocks, see Section 3.2.4.6.3).
3.2.4.5.2 Reactor Coolant Pressure Hi, Loop 4 [PT-405A] (Protection Set IV)
Input to RHR Valve 8701 Not Isolated alarm circuit (RHR Interlocks, see Section 3.2.4.6.4).
3.2.4.6 Interlocks and Permissives The following comparator outputs shall be provided by the Wide Range Pressure channels:
3.2.4.6.1 Reactor Coolant Pressure Low, Loop 4 (Protection Set Ill)
For use by the RHR system interlocks Valve 8702 control circuit [Energize to Trip].
3.2.4.6.2 Reactor Coolant Pressure Low, Loop 4 (Protection Set IV)
For use by the RHR system interlocks Valve 8701 control circuit [Energize to Trip].
The Wide Range Pressure Low Loop 4 comparator output to the RHR Valve 8701 Interlock circuit shall be interlocked with the Pressurizer Vapor Space Temperature Low comparator output. A graphical presentation is shown on References 1.4.2.2.60 and 1.4.2.2.65.
3.2.4.6.3 Reactor Coolant Pressure High, Loop 4 (Protection Set Ill)
For use by the RHR system interlocks Valve 8702 alarm circuit (see Section 3.2.4.5.1)
[Deenergize to Trip].
3.2.4.6.4 Reactor Coolant Pressure High, Loop 4 (Protection Set IV)
For use by the RHR system interlocks Valve 8701 alarm circuit (see Section 3.2.4.5.2)
[Deenergize to Trip].
3.2.4.7 Trips and Trip Logic The following comparator outputs shall be provided by the Wide Range Pressure channels:
3.2.4.7.1 Reactor Coolant Pressure High, Loop 4 (Protection Sets Ill, IV)
For use by LTOPS [Energize to Trip].
3.2.4.8 Accuracy No additional requirements to those identified in Section 3.2.1.8.
3.2.4.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be scaled as follows:
3.2.4.9.1 Input Variables:
a) Reactor Coolant Wide Range Pressure:
4 - 20 mA = 0 to 3000 psig 3.2.4.9.2 Calculated Variables: None 3.2.4.9.3 Output Variables:
a) Reactor Coolant Wide Range Pressure:
4 - 20 mA [0 to 3000 psig] = 4-20 mA (input loop Class IA/Il isolator) 3.2.4.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 43 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 44 of 80 3.2.4.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.4.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
3.2.4.13 Controller Transfer Functions No additional requirements to those identified in Section 3.2.1.13.
3.2.4.14 Setpoints (Range of Setting)
The following shall apply to the comparator settings and tuning constants of the Wide Range Pressure channels:
3.2.4.14.1 Reactor Coolant Wide Range Pressure High LTOPS (Protection Sets IlI, IV):
0 to 3000 psig 3.2.4.14.2 Reactor Coolant Wide Range Pressure High RHR Interlocks (Protection Sets Ill, IV):
0 to 3000 psig 3.2.4.14.3 Reactor Coolant Wide Range Pressure Low RHR Interlocks (Protection Sets III, IV):
0 to 3000 psig 3.2.4.15 Test and Calibration No additional requirements to those identified in Section 3.2.1.15.
3.2.4.16 Failure Mode Requirements 3.2.4.16.1 Upon detection of an internal rack failure (fatal diagnostic) the resultant output from the comparator identified in Section 3.2.4.7.1 shall be the "AS-IS" condition.
3.2.5 Specific Requirements forDTTA The following specific requirements apply to the DTTA channels and are in addition to the requirements specified in Section 3.2.1.
3.2.5.1 Functional Description DTTA channels are presented graphically in the PPS Functional Block Diagrams [Reference 1.4.2.2]. These drawings identify all inputs, outputs, and external interfaces and provide a simplified representation of the channel functionality (logic).
The following sub-sections provide information regarding the development of the Thot, Tcold, Tavg, and Delta-T signals used in calculating the Thermal Overpower and Overtemperature Protection trip setpoints. The information is presented in a "per DTTA channel" basis. The same process shall be performed in all four DTTA channels. Each DTTA channel is associated with a particular reactor coolant loop (e.g., DTTA channel I is for reactor coolant loop 1).
3.2.5.1.1 DTTA Reactor Coolant Loop 1 (Protection Set I):
Reference 1.4.2.2.4, 1.4.2.2.5 3.2.5.1.2 DTTA Reactor Coolant Loop 2 (Protection Set II):
Reference 1.4.2.2.26, 1.4.2.2.27 aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 44 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 45 of 80 3.2.5.1.3 DTTA Reactor Coolant Loop 3 (Protection Set III):
Reference 1.4.2.2.48, 1.4.2.2.49 3.2.5.1.4 DTTA Reactor Coolant Loop 4 (Protection Set IV):
Reference 1.4.2.2.61, 1.4.2.2.62 3.2.5.1.5 Tcold Signal Development A filtered Tcold average (T cavg) signal shall be calculated from the two (2) Tcold RTD inputs configured for use in a single DTTA channel for use in the DTTA channel protection function calculations. The following constraints apply:
a) All Tcold inputs shall be processed through a Lag Filter per Section 3.2.5.13.1.
b) Only Tcold signals that have been validated by the Sensor Quality Algorithm (SQA2)
[Reference Section 3.2.5.13.8] shall be used in the Tfcavg calculation.
c) Any Tcold signal rejected by the SQA2 algorithm shall be alarmed.
d) The Tfcavg shall be the output of the SQA2 Algorithm.
3.2.5.1.6 Thot Signal Development A filtered Thot average (Tfhavg) signal shall be calculated from the six (6) Thot RTD inputs configured for use in a single DTTA channel for use in the DTTA channel protection calculations.
a) All Thot inputs shall be processed through a Lag Filter per Section 3.2.5.13.1.
b) Each Thot input shall be compensated by application of a Thot streaming factor determined per Section 3.2.5.13.10.
c) The SQA3A algorithm [Reference Section 3.2.5.13.9] shall be used to calculate a Tfhavg value for the three (3) Thot "A"inputs.
d) The SQA3B algorithm [Reference Section 3.2.5.13.9] shall be used to calculate a Tlhavg value for the three (3) Thot "B"inputs.
e) Only Thot signals that have been validated by the SQA3A or SQA3B algorithm shall be used in the Tfhavg calculation for that group.
f) Any Thot signal rejected by the SQA3A or SQA3B Algorithm shall be alarmed.
g) The Tfhavg for the DTTA channel shall be calculated from the outputs of the SQA3A and SQA3B algorithms.
3.2.5.1.7 Delta-T Signal Development Delta-T (calculated loop differential temperature, OF) shall be determined for each DTTA channel [Reference Section 3.2.5.13.4].
3.2.5.1.8 Tavg Signal Development Tavg (calculated average loop temperature, OF) shall be determined for each DTTA channel [Reference Section 3.2.5.13.41.
3.2.5.1.9 Normalized Power (PB) Signal Development PB (calculated value for normalized power, unitless) shall be determined for each DTTA channel [Reference Section 3.2.5.13.11].
3.2.5.1.10 Overtemperature Delta-T (OTDT) Setpoint An Overtemperature Delta-T (OTDT) Setpoint shall be determined for each DTTA channel
[Reference Section 3.2.5.13.6].
aLTRdfl UNIT 1&2 DC 663195-44-6 PAGE 45 OF 80
DCPP Units 1 & 2, Process Protection System 08--0015-SP-001, Revision: 7 Functional Requirements Specification Page 46 of 80 3.2.5.1.11 Overpower Delta-T (OPDT) Setpoint An Overpower Delta-T (OPDT) Setpoint shall be determined for each DTTA channel
[Reference Section 3.2.5.13.7].
3.2.5.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.5.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.5.4 Outputs for Monitoring, Indication, Recording, and Control The following outputs shall be provided by the DTTA channels:
3.2.5.4.1 Calculated Delta-T (Protection Set I [Loop 1], Protection Set II [Loop 2], Protection Set III
[Loop 3], Protection Set IV [Loop 4])
a) MCR Indication b) MCR Recording c) Delta-T Auctioneering Circuit d) PPC Monitoring e) Associated Steam Generator Level Channel (Trip Time Delay) 3.2.5.4.2 Calculated Tavg (Protection Set I [Loop 1], Protection Set II [Loop 2], Protection Set III
[Loop 3], Protection Set IV [Loop 4])
a) MCR Indication b) Alarming (Deviation Alarm Circuit) c) PPC Monitoring d) To Control (Tavg Auctioneered - High to Rod Speed and Direction, Steam Dumps, Pressurizer Level) 3.2.5.4.3 Calculated Overpower Setpoint (Protection Set I [Loop 1], Protection Set II [Loop 2],
Protection Set III [Loop 3], Protection Set IV [Loop 4])
a) MCR Indication b) MCR Recording c) PPC Monitoring 3.2.5.4.4 Calculated Overtemperature Setpoint (Protection Set I [Loop 1], Protection Set II [Loop 2],
Protection Set III [Loop 3], Protection Set IV [Loop 4])
a) MCR Indication b) MCR Recording c) PPC Monitoring 3.2.5.5 Alarms and Annunciators The following alarms and annunciator outputs shall be provided by the DTTA channels and are in addition to those identified in Section 3.2.1.5.
The following conditions shall provide a signal to cause actuation of a dedicated alarm and aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 46 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification - Page 47 of 80 annunciator in the MCR (see also Section 3.2.1.5.4):
3.2.5.5.1 Tcold sensor(s) determined to be out-of-range or failed as detected by the processing instrumentation per Reference 1.4.3.18.
3.2.5.5.2 Thot sensor(s) determined to be out-of-range or failed as detected by the processing instrumentation per Reference 1.4.3.18.
3.2.5.5.3 Deleted.
3.2.5.6 Interlocks and Permissives The following comparator outputs shall be provided by the DTTA channels:
3.2.5.6.1 OPDT Interlock C-4 (Protection Set I [Loop 1], Protection Set II [Loop 2], Protection Set III
[Loop 3], Protection Set IV [Loop 4])
For use by Interlock C-4 logic [Deenergize to Trip].
Note: Comparatoroutput voltage provided externally from RNARA.
3.2.5.6.2 OTDT Interlock C-3 (Protection Set I [Loop 1], Protection Set II [Loop 2], Protection Set III
[Loop 3], Protection Set IV [Loop 4]) 1 For use by Interlock C-3 logic [Deenergize to Trip].
Note: Comparatoroutput voltage provided externally from RNARA.
3.2.5.6.3 Low-Low Tavg Permissive P-12 (Protection Set I [Loop 1], Protection Set II [Loop 2],
Protection Set III [Loop 3], Protection Set IV [Loop 4])
For use by SSPS Protection Interlock P-12 logic [Deenergize to Trip].
3.2.5.7 Trips and Trip Logic The following comparator outputs shall be provided by the DTTA channels:
3.2.5.7.1 Overpower Delta-T (OPDT) Reactor Trip (Protection Set I [Loop 1], Protection Set II [Loop 2], Protection Set III [Loop 3], Protection Set IV [Loop 4])
For use by the SSPS OPDT Reactor Trip logic [Deenergize to Trip].
3.2.5.7.2 Overtemperature Delta-T (OTDT) Reactor Trip (Protection Set I [Loop 1], Protection Set II
[Loop 2], Protection Set III [Loop 3], Protection Set IV [Loop 4])
For use by the SSPS OTDT Reactor Trip logic [Deenergize to Trip].
3.2.5.7.3 Low Tavg Feedwater Isolation (Protection Set I [Loop 1], Protection Set II [Loop 2],
Protection Set III [Loop 3], Protection Set IV [Loop 4])
For use by SSPS Feedwater Isolation logic [Deenergize to Trip].
3.2.5.8 Accuracy No additional requirements to those identified in Section 3.2.1.8.
3.2.5.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be scaled as follows:
3.2.5.9.1 Input Variables a) Thot (Th):
[4-wire 200 ohm platinum RTD] = 530 to 650°F aLTRan UNIT1&2 DC 663195-44-6 PAGE 47 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 48 of 80 b) Tcold (Tc):
[4-wire 200 ohm platinum RTD] = 510 to 630°F c) Pressurizer Pressure 4 -20 mA = 1250 to 2500 psig d) Lower Flux, NIS Power Range:
0 - 10 VDC = 0 to 120% (power) e) Upper Flux, NIS Power Range:
0 - 10 VDC = 0 to 120% (power) 3.2.5.9.2 Calculated Variables a) Power Range Axial Flux Difference
[Calculated] = -60 to +60% (power) b) PB (Normalized Power Factor)
[Calculated] = 0 to 1.5 c) Delta-T (AT):
[Calculated] = 0 to 150% (power) d) OPDT Setpoint
[Calculated] = 0 to 150% (power) e) OTDT Setpoint
[Calculated] = 0 to 150% (power) f) Tavg:
[Calculated] = 530 to 630°F 3.2.5.9.3 Output Variables a) Tavg:
530 to 630°F = 4-20 mA b) Delta-T (AT):
0 to 150% (power) = 4 - 20 mA c) OPDT Setpoint 0 to 150% (power) = 4 - 20 mA d) OTDT Setpoint 0 to 150% (power) = 4 - 20 mA 3.2.5.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
3.2.5.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.5.12 Noise Levels aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 48 OF 80
DCPP Units 1 & 2, Process Protection System 08-.0015-SP-001, Revision: 7 Functional Requirements Specification Page 49 of 80 No additional requirements to those identified in Section 3.2.1.12.
3.2.5.13 Controller Transfer Functions The following controller transfer functions are used in the processing of DTTA channels:
3.2.5.13.1 Lag Units Lag units shall be provided for each of the loop Thot and Tcold input signals used for OTDT and OPDT Protection.
Lag units shall be provided for each of the loop Thot Streaming Factor calculated outputs.
Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2-.5.14.
3.2.5.13.2 Lead/Lag Units Lead/Lag units shall be provided for each of the measured loop Tavg and AT signals used for OTDT and OPDT Protection.
Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.5.14.
3.2.5.13.3 Rate/Lag Units A Rate/Lag unit shall be provided for each of the loop Tavg signals used for OPDT Protection.
Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.5.14.
3.2.5.13.4 Tavg and Delta-T Calculations The loop average temperature (Tavg) and temperature delta between hot and cold legs (AT) shall be calculated by each DTTA channel..
Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.5.14.
3.2.5.13.5 RTD Resistance to Temperature Calculation Refer to Reference 1.4.3.18 for details.
3.2.5.13.6 OTDT Setpoint Calculation The OTDT Setpoint shall be calculated for each DTTA channel.
Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.5.14.
3.2.5.13.7 OPDT Setpoint Calculation The OPDT Setpoint shall be calculated for each DTTA channel.
Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.5.14.
3.2.5.13.8 Sensor Quality Algorithm 2 (SQA2)
The SQA2 Algorithm shall be used in development of the average filtered Tcold signal in each DTTA channel.
Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.5.14.
3.2.5.13.9 Sensor Quality Algorithms 3A and 3B (SQA3A/SQA3B) aLTRan UNIT 1&2 DC 663195-44-6 PAGE 49 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 50 of 80 The SQA3A and SQA3B Algorithms shall be used in development of the average filtered Thot signal in each DTTA channel.
Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.5.14.
3.2.5.13.10 Thot Streaming Factor Calculation A temperature streaming correction factor shall be calculated for the Thot RTDs (one factor for each Thot thermowell). The capability shall be provided for manually setting streaming factor values to zero.
Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.5.14.
3.2.5.13.11 Normalized Power (PB) Calculation Normalized Power (PB) shall be calculated for each DTTA Channel.
Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.5.14.
3.2.5.14 Setpoints (Range of Setting)
The following shall apply to the comparator settings and tuning constants of the DTTA channels:
3.2.5.14.1 OPDT Turbine Runback (OPTR): -20 to 20 percent (usually negative) 3.2.5.14.2 OTDT Turbine Runback (OTTR): -20 to 20 percent (usually negative) 3.2.5.14.3 OPDT Reactor Trip: -20 to 20 percent (usually zero) 3.2.5.14.4 OTDT Reactor Trip: -20 to 20 percent (usually zero) 3.2.5.14.5 LOW Tavg Feedwater Isolation: 530 to 630°F 3.2.5.14.6 LOW-LOW Tavg P-12: 530 to 630'F 3.2.5.14.7 Tuning Constants:
a) fl (AI)A (OTDT Flux Imbalance) 0 to -50%
b) fl (AI)B (OTDT Flux Imbalance) -0.01 to -0.03/percent c) fl(AI)C (OTDT Flux Imbalance) 0.0 to 1.0 d) fl (AI)D (OTDT Flux Imbalance) 0 to 50%
e) f2(AI)F (OPDT Flux Imbalance) 0 to -50%
f) f2(AI)H (OPDT Flux Imbalance) 0.0 to 1.0 g) f2(AI)I (OPDT Flux Imbalance) 0 to 50%
h) f2(AI)J (OPDT Flux Imbalance) 0.01 to 0.03/percent i) fl(AI)N (OTDT Flux Imbalance) 0.01 to 0.03/percent J) fl (AI)Q (OTDT Flux Imbalance) 0.0 to 1.0 k) f2(AI)V (OPDT Flux Imbalance) -0.01 to -0.03/percent I) f2(AI)W (OPDT Flux Imbalance) 0.0 to 1.0 0
m) P (OTDT Setpoint) 1700 to 2500 psig aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 50 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 51 of 80 n) AT' (OTDT, OPDT Setpoint) 30 to 80°F o) T'avg (OTDT Setpoint) 540 to 590°F p) T'avg (OPDT Setpoint) 540 to 590°F q) DELTAC (Tcold SQA2 Algorithm) 0 to 10°F r) DELTAH (Thot SQA3A(B) Algorithm) 0 to 25 0F s) K, (OTDT Setpoint) 0.7 to 1.5 t) K2 (OTDT Setpoint) 0.01 to 0.03/ 0F u) K3 (OTDT Setpoint) 0.00035 to 0.001/psig v) K4 (OPDT Setpoint) 0.7 to 1.5 w) K5 (OPDT Setpoint) 0.01 to 0.03/°F x) K6 (OPDT Setpoint) 0.001 to 0.003/°F Y) m Lead Constant (Tavg Lead/Lag) 0 to 60 seconds z) T2 Lag Constant (Tavg Lead/Lag) 0 to 60 seconds aa) T3 Rate and Lag Constant (Tavg Rate/Lag)0 to 30 seconds bb) T4 Lead Constant (AT Lead/Lag) 0 to 60 seconds cc) T5 Lag Constant (AT Lead/Lag) 0 to 60 seconds dd) -6 Lag Constant (Thot Lag) 0 to 30 seconds ee) T7 Lag Constant (TCOd Lag) 0 to 30 seconds if) '8 Lag Constant (Thot Streaming Lag) 0 to 600 seconds gg) Si Calculated Thot Streaming Factor -20 to 20°F hh) PLOW PB Threshold (User entered constant) 0 to 1 ii) SCAL FLUX CALIB fl(AI)/f2(AI) (User entered constant) 1.000000 to 10.000000 3.2.5.14.8 All displays of measured AT and AT setpoints shall be in percent of full power AT with scales reading 0- 150%.
3.2.5.14.9 During initial plant operation, the AT channels will be calibrated to indicate 100% at 100%
power such that the channels do hot reflect minor flow variations between loops or minor variations from design flow. Provisions to allow this calibration shall be available in each channel before the AT signal is used for any alarm or protective function.
3.2.5.14.10 It is recommended that different tuning constants be used in the OTDT and OPDT setpoint calculations (Taavg and T'avg respectively) to represent the nominal Tavg at rated thermal power so that they can be set and changed independently should the need arise in the future. In most applications, both constants will have the same range setting.
3.2.5.14.11 All settings with the exception of time constants shall be adjustable within their range and all time constants shall be continuously adjustable or adjustable in increments such that any setpoint can be obtained within +/-10% of the setpoint value.
3.2.5.15 Test and Calibration The following shall apply to all DTTA channels:
3.2.5.15.1 The capability shall be provided to locally monitor the following variables from all DTTA aLTRan UNIT& 2 DC 663195-44-6 PAGE 51 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 52 of 80 channels in addition to those that are manually entered:
a) Filtered Thot for all Thot sensors b) Filtered TCOId for all TCOd sensors 3.2.5.15.2 The capability shall be provided for determining the RTD element resistance without lifting field terminations.
3.2.5.15.3 Where possible (hardware dependent), the capability.should be provided to transmit the following variable quantities from all DTTA channels to a plant device for recording and storage (offline storage is acceptable):
a) Tavg b) AT c) OPDTsetpont d) OTDTsetpoint e) Filtered Thot f) Filtered TcoId g) Thot h) Teold i) PB j) Filtered Thot average k) Filtered Tcold average I) Filtered Thot Streaming Factors 3.2.5.16 Failure Mode Requirements Detected RTD failures shall result in a low-going signal (failed low).
3.2.6 Specific Requirements for Pressurizer Level The following specific requirements apply to the Pressurizer Level channels and are in addition to the requirements specified in Section 3.2.1.
3.2.6.1 Functional Description Pressurizer Level channels are presented graphically in the PPS Functional Block Diagrams
[Reference 1.4.2.2]. These drawings identify all inputs, outputs, and external interfaces and provide a simplified representation of the channel functionality (logic).
3.2.6.1.1 Pressurizer Level (Protection Set I)
Reference 1.4.2.2.6 3.2.6.1.2 Pressurizer Level (Protection Set I!)
Reference 1.4.2.2.28 3.2.6.1.3 Pressurizer Level (Protection Set Ill)
Reference 1.4.2.2.50 aLTRan UNIT1&2 DC 663195-44-6 PAGE 52 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 53 of 80 3.2.6.1.4 Isolated signals (not processed by the PPS) from all Pressurizer Level channel sensors shall be provided for use by the Pressurizer Level Control System.
3.2.6.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.6.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.6.4 Outputs for Monitoring, Indication, Recording, and Control The following outputs shall be provided by the Pressurizer Level channels:
3.2.6.4.1 Pressurizer Level (Protection Sets 1,11) a) MCR Indication b) PPC Monitoring c) Hot Shutdown Panel Indication d) Pressurizer Level Control (Control Set I) e) Pressurizer Level Control (Control Set II) 3.2.6.4.2 Pressurizer Level (Protection Set Ill) a) MCR Indication b) PPC Monitoring c) Pressurizer Level Control (Control Set I) d) Pressurizer Level Control (Control Set II) 3.2.6.5 Alarms and Annunciators No additional requirements to those identified in Section 3.2.1.5.
3.2.6.6 Interlocks and Permissives There are no interlocks or permissives associated with PPS Pressurizer Level channel processing.
3.2.6.7 Trips and Trip Logic (RTS and ESFAS)
The following comparator outputs shall be provided by the Pressurizer Level channels:
3.2.6.7.1 Pressurizer Level High Reactor Trip (Protection Sets 1,11,111)
For use by the SSPS Pressurizer Level High Reactor Trip logic [Deenergize to Trip].
3.2.6.8 Accuracy No additional requirements to those identified in Section 3.2.1.8.
3.2.6.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be scaled as follows:
3.2.6.9.1 Input Variables:
a) Pressurizer Level:
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 53 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 54 of 80 4-20 mA = 0 to 100%
3.2.6.9.2 Calculated Variables: None 3.2.6.9.3 Output Variables:
a) Pressurizer Level:
4 - 20 mA [0 to 100%] = 4 - 20 mA (from input loop) b) Pressurizer Level:
4 - 20 mA [0 to 100%] = 4 - 20 mA (input loop Class IA/IlI isolator) 3.2.6.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
3.2.6.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.6.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
3.2.6.13 Controller Transfer Functions No additional requirements to those identified in Section 3.2.1.13.
3.2.6.14 Setpoints (Range of Setting)
The following shall apply to the comparator settings and tuning constants of the Pressurizer Level channels:
3.2.6.14.1 Pressurizer Level High Reactor Trip: 40 to 100%
3.2.6.15 Test and Calibration No additional requirements to those identified in Section 3.2.1.15.
3.2.6.16 Failure Mode Requirements No additional requirements to those identified in Section 3.2.1.16.
3.2.7 Specific Requirements for Pressurizer Pressure The following specific requirements apply to the Pressurizer Pressure channels and are in addition to the requirements specified in Section 3.2.1.
3.2.7.1 Functional Description Pressurizer Pressure channels are presented graphically in the PPS Functional Block Diagrams [Reference 1.4.2.2]. These drawings identify all inputs, outputs, and external interfaces and provide a simplified representation of the channel functionality (logic).
3.2.7.1.1 Pressurizer Pressure (Protection Set I)
Reference 1.4.2.2.7, 1.4.2.2.8 3.2.7.1.2 Pressurizer Pressure (Protection Set II) aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 54 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 55 of 80 Reference 1.4.2.2.29, 1.4.2.2.30 3.2.7.1.3 Pressurizer Pressure (Protection Set Ill)
Reference 1.4.2.2.51, 1.4.2.2.52 3.2.7.1.4 Pressurizer Pressure (Protection Set IV)
Reference 1.4.2.2.63, 1.4.2.2.64, 3.2.7.1.5 Each Pressurizer Pressure channel shall provide a Pressurizer Pressure signal for use by the DTTA channel processed in the same Protection Set.
3.2.7.1.6 Isolated signals (not processed by the PPS) from all Pressurizer Pressure channel sensors shall be provided for use by the Pressurizer Pressure Control System.
3.2.7.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.7.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.7.4 Outputs for Monitoring, Indication, Recording, and Control The following outputs shall be provided by the Pressurizer Pressure channels:
3.2.7.4.1 Pressurizer Pressure (Protection Set I):
a) MCR Indication b) PPC Monitoring c) Hot Shutdown Panel Indication d) Pressurizer Pressure Control 3.2.7.4.2 Pressurizer Pressure (Protection Sets II, III, IV):
a) MCR Indication b) PPC Monitoring c) Pressurizer Pressure Control 3.2.7.5 Alarms and Annunciators No additional requirements to those identified in Section 3.2.1.5.
3.2.7.6 Interlocks and Permissives The following comparator outputs shall be provided by the Pressurizer Pressure channels:
3.2.7.6.1 Pressurizer Pressure High P-11 Interlock (Protection Sets 1,11,111)
For use by the SSPS P-11 Interlock logic [Deenergize to Trip].
3.2.7.6.2 Pressurizer Pressure High PORV Control (Protection Sets 1,11,111, IV)
For use by the PORV Control logic [Energize to Trip].
3.2.7.7 Trips and Trip Logic (RTS and ESFAS)
The following comparator outputs shall be provided by the Pressurizer Pressure channels:
aLTRan UNIT l& 2 DC 663195-44-6 PAGE 55 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 56 of 80 3.2.7.7.1 Pressurizer Pressure Low Reactor Trip (Protection Sets 1,11,111, IV)
For use by the SSPS Pressurizer Pressure Low Reactor Trip logic [Deenergize to Trip].
3.2.7.7.2 Pressurizer Pressure Low-Low Safety Injection (SI) (Protection Sets 1,11,111, IV)
For use by the SSPS Pressurizer Pressure Low-Low SI logic [Deenergize to Trip].
3.2.7.7.3 Pressurizer Pressure High Reactor Trip (Protection Sets 1,11,111, IV)
For use by the SSPS Pressurizer Pressure High Reactor Trip logic [Deenergize to Trip].
3.2.7.8 Accuracy No additional requirements to those identified in Section 3.2.1.8.
3.2.7.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be as follows:
3.2.7.9.1 Input Variables:
a) Pressurizer Pressure:
4 - 20 mA = 1250 to 2500 psig 3.2.7.9.2 CalculatedVariables:
a) Pressurizer Pressure Compensated:
[Calculated] = 1250 to 2500 psig 3.2.7.9.3 Output Variables:
a) Pressurizer Pressure:
4 - 20 mA [1250 to 2500 psig] = 4 - 20 mA (input loop Class IA/II isolator) 3.2.7.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
3.2.7.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.7.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
3.2.7.13 Controller Transfer Functions The following controller transfer functions are used in the processing of Pressurizer Pressure channels:
3.2.7.13.1 Lead-Lag for Pressurizer Low Pressure Reactor Trip Compensation Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.7.14.
3.2.7.14 Setpoints (Range of Setting)
The following shall apply to the comparator settings and tuning constants of the Pressurizer Pressure channels:
aLTRan UNIT1&2 DC 663195-44-6 PAGE 56 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 57 of 80 3.2.7.14.1 Pressurizer Pressure Low Reactor Trip: 1700 to 2250 psig 3.2.7.14.2 Pressurizer Pressure Low-Low SI Actuation: 1700 to 2250 psig 3.2.7.14.3 Pressurizer Pressure High Reactor Trip: 2250 to 2500 psig 3.2.7.14.4 Pressurizer Pressure High P-11 Permissive: 1700 to 2250 psig 3.2.7.14.5 Pressurizer Pressure High PORV:
a) Protection Sets I and I1: 1250 to 2500 psig b) Protection Sets III and IV: 1250 to 2500 psig 3.2.7.14.6 Tuning Constants a) Lead Time Constant 0.0 to 60 seconds.
b) Lag Time Constant 0.0 to 10 seconds 3.2.7.15 Test and Calibration No additional requirements to those identified in Section 3.2.1.15.
3.2.7.16 Failure Mode Requirements 3.2.7.16.1 Upon detection of an internal rack failure (fatal diagnostic) the resultant output from the comparator identified in Section 3.2.7.6.2 shall be the "AS-IS" condition.
3.2.8 Specific Requirements for Pressurizer Vapor Temperature The following specific requirements apply to the Pressurizer Vapor Temperature channel and are in addition to the requirements specified in Section 3.2.1.
3.2.8.1 Functional Description The Pressurizer Vapor Temperature channel is presented graphically in the PPS Functional Block Diagrams [Reference 1.4.2.2]. This drawing identifies all inputs, outputs, and external interfaces and provides a simplified representation of the channel functionality (logic).
3.2.8.1.1 Pressurizer Vapor Temperature (Protection Set IV):
Reference 1.4.2.2.65 3.2.8.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.8.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.8.4 Outputs for Monitoring, Indication, Recording, and Control The following outputs shall be provided by the Pressurizer Vapor Temperature channel:
3.2.8.4.1 Pressurizer Vapor Temperature (Protection Set IV) a) MCR Indication b) PPC Monitoring c) To Pressurizer Temperature High Alarm Circuit aLTRan UNIT l& 2 DC 663195-44-6 PAGE 57 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 58 of 80 3.2.8.5 Alarms and Annunciators The following alarm and annunciator outputs shall be provided by the Pressurizer Vapor Temperature channel:
3.2.8.5.1 Pressurizer Vapor Temperature High (Protection Set IV) 3.2.8.6 Interlocks and Permissives The following interlocks and/or permissives are applicable to the Pressurizer Vapor Temperature channel:
3.2.8.6.1 Pressurizer Vapor Temperature Low (Protection Set IV)
For use by the RHR Valve 8701 Interlock Circuit [Energize to Trip].
The Pressurizer Vapor Space Temperature Low comparator output shall be interlocked with the Wide Range Pressure Low Loop 4 comparator output to the RHR Valve 8701 Interlock circuit. A graphical presentation is shown on References 1.4.2.2.60 and 1.4.2.2.65.
3.2.8.7 Trips and Trip Logic The following comparator outputs shall be provided by the Pressurizer Vapor Temperature channel:
3.2.8.7.1 Pressurizer Vapor Temperature High (Protection Set IV)
Temperature High alarm to Main Annunciator System (MAS) [Energize to Trip].
3.2.8.8 Accuracy No additional requirements to those identified in Section 3.2.8.8.
3.2.8.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be scaled as follows:
3.2.8.9.1 Input Variables:
a) Pressurizer Vapor Temperature:
[3-wire 200 ohm platinum RTD] = 100 to 700OF 3.2.8.9.2 Calculated Variables: None 3.2.8.9.3 Output Variables:
a) Pressurizer Vapor Temperature:
100 to 700OF = 4 - 20 mA 3.2.8.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
3.2.8.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.8.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
aLTRan UNIT1&2 DC 663195-44-6 PAGE 58 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 59 of 80 3.2.8.13 Controller Transfer Functions 3.2.8.13.1 RTD Resistance to Temperature Calculation Refer to Reference 1.4.3.18 for details.
3.2.8.14 Setpoints (Range of Setting)
The following shall apply to the comparator settings and tuning constants of the Pressurizer Vapor Temperature channel:
3.2.8.14.1 Pressurizer Vapor Temperature Low (RHR Interlock): 100 to 700OF 3.2.8.14.2 Pressurizer Vapor Temperature High Alarm (MAS): 100 to 700°F 3.2.8.15 Test and Calibration No additional requirements to those identified in Section 3.2.1.15.
3.2.8.16 Failure Mode Requirements Detected RTD failures shall result in a low-going signal (failed low).
3.2.9 Specific Requirements for Steamflow The following specific requirements apply to the Steamflow channels and are in addition to the requirements specified in Section 3.2.1.
3.2.9.1 Functional Description Steamflow channels are presented graphically in the PPS Functional Block Diagrams
[Reference 1.4.2.2]. These drawings identify all inputs, outputs, and external interfaces and provide a simplified representation of the channel functionality (logic).
3.2.9.1.1 Steamflow Loops 1 thru 4 (Protection Set I):
References 1.4.2.2.9 thru 1.4.2.2.12 3.2.9.1.2 Steamflow, Loops 1 thru 4 (Protection Set II):
References 1.4.2.2.31 thru 1.4.2.2.34 3.2.9.1.3 The Steamline Pressure signal used for Steamflow compensation shall be from the Steamline Break Protection channel processed in the same Protection Set (see Section 3.2.10).
3.2.9.1.4 The following isolated signals (not processed by the PPS) shall be provided for use by the Digital Feedwater Control System (DFWCS):
a) Steamflow channel sensor input, Steam Generators 1, 2, 3, 4 (Protection Sets 1,11) 3.2.9.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.9.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.9.4 Outputs for Monitoring, Indication, Recording, and Control aLTRan UNIT 1 & 2 DC 663195-44-6 PAGE 59 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 60 of 80 The following outputs shall be provided from the Steamflow channels:
3.2.9.4.1 Steamflow Steam Generator 1,2, 3, 4 (Protection Set I) a) [Compensated] MCR Indication b) [Compensated] ERFDS Monitoring c) DFWCS d) [Compensated] PPC Monitoring 3.2.9.4.2 Steamflow Steam Generator 1, 2, 3, 4 (Protection Set II) a) [Compensated] MCR Indication b) [Compensated] ERFDS Monitoring c) DFWCS d) [Compensated] PPC Monitoring 3.2.9.5 Alarms and Annunciators No additional requirements to those identified in Section 3.2.1.5.
3.2.9.6 Interlocks and Permissives There are no interlocks or permissives associated with Steamflow channel processing.
3.2.9.7 Trips and Trip Logic The following comparator outputs shall be provided by the Steamflow channels:
None 3.2.9.8 Accuracy No additional requirements to those identified in Section 3.2.1.8.
3.2.9.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be scaled as follows:
3.2.9.9.1 Input Variables:
a) Steamflow:
4 -20 mA = 0 to 100 XMTR dp%
3.2.9.9.2 Calculated Variables:
a) Steamflow (compensated):
Refer to Section 3.2.9.13.
3.2.9.9.3 Output Variables:
a) Steamflow (compensated):
0 to 4.5 million pounds per hour= 4 - 20 mA b) Steamflow:
4 - 20 mA [0 to 100 XMTR dp%] = 4 - 20 mA (input loop Class IA/II isolator) 3.2.9.10 Time Response aLTRan UNIT1&2 DC 663195-44-6 PAGE 60 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 61 of 80 No additional requirements to those identified in Section 3.2.1.10.
3.2.9.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.9.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
3.2.9.13 Controller Transfer Functions 3.2.9.13.1 Steamflow Compensation Algorithm Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.9.14.
3.2.9.13.2 Steamflow Normalization Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.9.14.1.
3.2.9.14 Setpoints (Range of Setting)
The following shall apply to the comparator settings and tuning constants of the Steamflow channels:
3.2.9.14.1 Tuning Constants The following tuning constants apply to the Steamflow Compensation Algorithm:
a) Deleted b) Deleted c) SFmin Value equivalent to user-desired SFDP value between 0 and 1% of full load DP d) A (Used in Steam Density Calc) 0.00223 to 0.00254 lb/ft3/psig e) B (Used in Steam Density Calc) -0.263 to 0.0 lb/ft3 f) (Steam Density)ref 1.57 to 2.52 lb/ft3 3.2.9.15 Test and Calibration No additional requirements to those identified in Section 3.2.1.15.
3.2.9.16 Failure Mode Requirements No additional requirements to those identified in Section 3.2.1.16.
3.2.10 Specific Requirements for Steamline Break Protection The following specific requirements apply to the Steamline Break Protection channels and are in addition to the requirements specified in Section 3.2.1.
3.2.10.1 Functional Description Steamline Break Protection channels are presented graphically in the PPS Functional Block Diagrams [Reference 1.4.2.2]. These drawings identify all inputs, outputs, and external aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 61 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 62 of 80 interfaces and provide a simplified representation of the channel functionality (logic):
3.2.10.1.1 Steamline Break Protection Loops 1, 2, 3, 4 (Protection Set I)
References 1.4.2.2.13 thru 1.4.2.2.16 3.2.10.1.2 Steamline Break Protection Loops 1, 2, 3, 4 (Protection Set II)
References 1.4.2.2.35 thru 1.4.2.2.38 3.2.10.1.3 Steamline Break Protection Loops 2, 3 (Protection Set III)
References 1.4.2.2.53 and 1.4.2.2.54 3.2.10.1.4 Steamline Break Protection Loops 1, 4 (Protection Set IV)
References 1.4.2.2.66 and 1.4.2.2.67 3.2.10.1.5 The following isolated signals (not processed by the PPS) shall be provided for use by the Digital Feedwater Control System (DFWCS):
a) Steamline Pressure channel sensor input, Steam Generators 1, 2, 3, 4 (Protection Sets.1, II, III, IV) 3.2.10.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.10.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.10.4 Outputs for Monitoring, Indication, Recording, and Control The following outputs shall be provided by the Steamline Break Protection channels:
3.2.10.4.1 Steamline Pressure Loops 1, 2, 3, 4 (Protection Set I) a) MCR Indication b) ERFDS Monitoring c) Hot Shutdown Panel Indication d) DFWCS 3.2.10.4.2 Steamline Pressure Loops 1, 2, 3, 4 (Protection Set II) a) MCR Indication b) ERFDS Monitoring c) DFWCS 3.2.10.4.3 Steamline Pressure Loops 2, 3 (Protection Set III) a) MCR Indication b) DFWCS c) PPC Monitoring 3.2.10.4.4 Steamline Pressure Loops 1, 4 (Protection Set IV) a) MCR Indication b) DFWCS c) PPC Monitoring aLTRan UNIT1 &2 DC 663195-44-6 PAGE 62 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 63 of 80 3.2.10.5 Alarms and Annunciators The following alarm outputs shall be provided for the Steamline Break Protection channels:
3.2.10.5.1 Steamline Loop 1 Pressure Low (Protection Set IV) 3.2.10.5.2 Steamline Loop 2 Pressure Low (Protection Set III) 3.2.10.5.3 Steamline Loop 3 Pressure Low (Protection Set Ill) 3.2.10.5.4 Steamline Loop 4 Pressure Low (Protection Set IV) 3.2.10.6 Interlocks and Permissives There are no interlocks or permissives associated with PPS Steamline Break Protection channel processing.
3.2.10.7 Trips and Trip Logic (RTS and ESFAS)
The following comparator outputs shall be provided by the Steamline Break Protection channels:
3.2.10.7.1 Steamline Pressure Low Loop 1 (Protection Sets 1,11,IV)
For use by the SSPS Low Steamline Pressure Safety Injection (SI) and Steamline Isolation logic [Deenergize to Trip].
3.2.10.7.2 Steamline Pressure Low Loop 2 (Protection Sets 1,11,111)
For use by the SSPS Low Steamline Pressure SI and Steamline Isolation logic [Deenergize to Trip].
3.2.10.7.3 Steamline Pressure Low Loop 3 (Protection Sets 1,11,111)
For use by the SSPS Low Steamline Pressure SI and Steamline Isolation logic [Deenergize to Trip].
3.2.10.7.4 Steamline Pressure Low Loop 4 (Protection Sets 1,11,IV)
For use by the SSPS Low Steamline Pressure SI and Steamline Isolation logic [Deenergize to Trip].
3.2.10.7.5 Steamline Pressure High Negative Rate Loop 1 (Protection Sets 1,11,IV)
For use by the SSPS Steamline Isolation logic [Deenergize to Trip].
3.2.10.7.6 Steamline Pressure High Negative Rate Loop 2 (Protection Sets 1,11,111)
For use by the SSPS Steamline Isolation logic [Deenergize to Trip].
3.2.10.7.7 Steamline Pressure High Negative Rate Loop 3 (Protection Sets I, II, Ill)
For use by the SSPS Steamline Isolation logic [Deenergize to Trip].
3.2.10.7,8 Steamline Pressure High Negative Rate Loop 4 (Protection Sets 1,11,IV)
For use by the SSPS Steamline Isolation logic [Deenergize to Trip].
3.2.10.7.9 Steamline Loop 1 Pressure Low (Protection Set IV)
Low Pressure alarm to Main Annunciator System (MAS) [Deenergize to Trip].
3.2.10.7.10 Steamline Loop 2 Pressure Low (Protection Set Ill)
Low Pressure alarm to Main Annunciator System (MAS) [Deenergize to Trip].
3.2.10.7.11 Steamline Loop 3 Pressure Low (Protection Set Ill) aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 63 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 64 of 80 Low Pressure alarm to Main Annunciator System (MAS) [Deenergize to Trip].
3.2.10.7.12 Steamline Loop 4 Pressure Low (Protection Set IV)
Low Pressure alarm to Main Annunciator System (MAS) [Deenergize to Trip].
3.2.10.8 Accuracy No additional requirements to those identified in Section 3.2.1.8.
3.2.10.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be as follows:
3.2.10.9.1 Input Variables a) Steamline Pressure:
4 - 20 mA = 0 to 1200 psig 3.2.10.9.2 Calculated Variables: None 3.2.10.9.3 Output Variables:
a) Steamline Pressure:
4 - 20 mA [0 to 1200 psig] = 4 - 20 mA (from input loop) b) Steamline Pressure:
4 - 20 mA [0 to 1200 psig] = 4 - 20 mA (input loop Class IA/Il isolator) 3.2.10.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
3.2.10.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.10.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
3.2.10.13 Controller Transfer Functions The following controller transfer functions are used in the processing of Steamline Break Protection channels:
3.2.10.13.1 Steamline Pressure Lead/Lag Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.10.14.
3.2.10.13.2 Steamline Pressure Rate/Lag Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.10.14.
3.2.10.14 Setpoints (Range of Setting)
The following shall apply to the comparator settings and tuning constants of the Steamline Break Protection channels:
3.2.10.14.1 Steamline Pressure Low SI and Steamline Isolation: 385 to 885 psig aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 64 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 65 of 80 3.2.10.14.2 Steamline Pressure High Negative Rate Steamline Isolation: 5 to 200 psig 3.2.10.14.3 Steamline Pressure Low Alarm: 0 to 1200 psig 3.2.10.14.4 Tuning Constants a) Lead Time Constant (Lead/Lag function) 0 to 60 seconds b) Lag Time Constant (Lead/Lag function) 0 to 10 seconds c) Rate Time Constant (Rate/Lag function) 0 to 200 seconds d) Lag Time Constant (Rate/Lag function) 0 to 200 seconds 3.2.10.15 Test and Calibration No additional requirements to those identified in Section 3.2.1.15.
3.2.10.16 Failure Mode Requirements The following failure mode requirements are applicable to the Steamline Break Protection channels:
3.2.10.16.1 The Steamline Break Protection channels shall be designed so that upon loss of electrical power, the output of each trip or interlock channel is an actuation signal.
3.2.10.16.2 The Steamline Break Protection channels shall be designed so that upon detection of a fatal PPS processing instrumentation error or failure, the output of each trip or interlock channel is an actuation signal.
3.2.11 Specific Requirements for Steam Generator Narrow Range Level The following specific requirements apply to the S/G Narrow Range Level channels and are in addition to the requirements specified in Section 3.2.1.
3.2.11.1 Functional Description S/G Narrow Range Level channels are presented graphically in the PPS Functional Block Diagrams [Reference 1.4.2.2]. These drawings identify all inputs, outputs, and external interfaces and provide a simplified representation of the channel functionality (logic).
3.2.11.1.1 Steam Generator Narrow Range Level, Loops 2 and 3 (Protection Set I):
Reference 1.4.2.2.17 3.2.11.1.2 Steam Generator Narrow Range Level, Loops 1 and 4 (Protection Set II):
Reference 1.4.2.2.39 3.2.11.1.3 Steam Generator Narrow Range Level, Loops 1 thru 4 (Protection Set Ill):
Reference 1.4.2.2.55 3.2.11.1.4 Steam Generator Narrow Range Level, Loops 1 thru 4 (Protection Set IV):
Reference 1.4.2.2.68 3.2.11.1.5 Isolated signals (not processed by the PPS) from all S/G Narrow Range Level channel sensors shall be provided for use by the DFWCS.
3.2.11.1.6 Isolated signals (not processed by the PPS) from all S/G Narrow Range Level channel sensors shall be provided for use by the AFW control system.
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 65 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 66 of 80 3.2.11.1.7 Isolated signals (not processed by the PPS) from S/G Narrow Range Level channel sensors shall be provided for use by the AMSAC system as follows:
a) S/G Narrow Range Level - Loop 1 (Protection Set IV) b) S/G Narrow Range Level - Loop 2 (Protection Set Ill) c) S/G Narrow Range Level - Loop 3 (Protection Set I) d) S/G Narrow Range Level - Loop 4 (Protection Set II) 3.2.11.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.11.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.11.4 Outputs for Monitoring, Indication, Recording, and Control The following outputs shall be provided by the Steam Generator Narrow Range Level channels:
3.2.11.4.1 Steam Generator Narrow Range Level Loop 1 (Protection Set II) a) MCR Indication b) DFWCS c) AFW 3.2.11.4.2 Steam Generator Narrow Range Level Loop 1 (Protection Set Ill) a) MCR Indication b) ERFDS Monitoring c) DFWCS d) AFW 3.2.11.4.3 Steam Generator Narrow Range Level Loop 1 (Protection Set IV) a) MCR Indication b) ERFDS Monitoring c) DFWCS d) AFW e) AMSAC 3.2.11.4.4 Steam Generator Narrow Range Level Loop 2 (Protection Set I) a) MCR Indication b) DFWCS c) AFW 3.2.11.4.5 Steam Generator Narrow Range Level Loop 2 (Protection Set IlI) a) MCR Indication b) ERFDS Monitoring c) DFWCS aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 66 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 67 of 80 d) AFW e) AMSAC 3.2.11.4.6 Steam Generator Narrow Range Level Loop 2 (Protection Set IV) a) MCR Indication b) ERFDS Monitoring c) DFWCS d) AFW 3.2.11.4.7 Steam Generator Narrow Range Level Loop 3 (Protection Set I) a) MCR Indication b) DFWCS c) AFW d) AMSAC 3.2.11.4.8 Steam Generator Narrow Range Level Loop 3 (Protection Set III, IV) a) MCR Indication b) ERFDS Monitoring c) DFWCS d) AFW 3.2.11.4.9 Steam Generator Narrow Range Level Loop 4 (Protection Set II) a) MCR Indication b) DFWCS c) AFW d) AMSAC 3.2.11.4.10 Steam Generator Narrow Range Level Loop 4 (Protection Set III, IV) a) MCR Indication b) ERFDS Monitoring c) DFWCS d) AFW 3.2.11.5 Alarms and Annunciators The following alarms and annunciator outputs shall be provided by the Stearn Generator Narrow Range Level channels:
3.2.11.5.1 Steam Generator Low-Low Level Loop 2 or Loop 3 Trip Time Delay Timer Actuated (Protection Set I) 3.2.11.5.2 Steam Generator Low-Low Level Loop 1 or Loop 4 Trip Time Delay Timer Actuated (Protection Set II) 3.2.11.5.3 Steam Generator Low-Low Level Loop 1, Loop 2, Loop 3, or Loop 4 Trip Time Delay Timer Actuated (Protection Set III) 3.2.11.5.4 Steam Generator Low-Low Level Loop 1, Loop 2, Loop 3, or Loop 4 Trip Time Delay Timer aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 67 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 68 of 80 Actuated (Protection Set IV) 3.2.11.6 Interlocks and Permissives The following interlocks and/or permissives are applicable to the Steam Generator Narrow Range Level channels:
3.2.11.6.1 Steam Generator Low-Low Water Level Trip Time Delay (TTD)
All S/G Low-Low Water Level Reactor Trip signals shall be interlocked with a TTD timer that functions as follows: .
a) Low-Low Water Level detected in any S/G shall generate a signal which will start an elapsed time trip delay timer.
b) The allowable TTD shall be based upon the prevailing power level (PL) at the time the Low-Low Water Level Reactor Trip setpoint is reached.
c) The PL shall be determined from the Delta-T signal calculated in the DTTA channel of the same Protection Set.
d) PL will be used to calculate the allowable time delays for Low-Low Water Level in a single S/G (TD).
e) Partial trip actuation shall not occur until the elapsed time is greater than or equal to the allowable TTD.
f) Logic and interlocks shall be provided to delay transmission of the S/G Low-Low Water Level signal according to the following:
- i. PL < PHL (PHL = Power High Limit): Time Delay = TD ii. PL >PHL: Time Delay = No Delay g) The TD delay shall be selected when the Low-Low Water Level setpoint is reached in any S/G.
h) Should PL increase at any time after TD has been calculated, TD shall be recalculated and the newer (shorter) TTD shall be applied.
i) Should PL decrease after TD has been calculated, there shall be no change in the TD TTD.
j) In any Protection Set, restoration of all S/G water levels to a level above the Low-Low Water Level setpoint shall result in termination of the TTD (without trip) and all trip logic signals shall be reset.
3.2.11.6.2 Steam Generator Level High-High Loop 1 (Protection Set II, 11, IV)
For use by the SSPS P-14 Permissive logic [Deenergize to Trip].
3.2.11.6.3 Steam Generator Level High-High Loop 2 (Protection Set 1,111,IV)
For use by the SSPS P-14 Permissive logic [Deenergize to Trip].
3.2.11.6.4 Steam Generator Level High-High Loop 3 (Protection Set 1,111,IV)
For use by the SSPS P-14 Permissive logic [Deenergize to Trip].
3.2.11.6.5 Steam Generator Level High-High Loop 4 (Protection Set II, III, IV)
For use by the SSPS P-14 Permissive logic [Deenergize to Trip].
3.2.11.7 Trips and Trip Logic The following comparator outputs shall be provided by the Steam Generator Narrow Range aLTRan UNIT l& 2 DC 663195-44-6 PAGE 68 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 69 of 80 Level channels:
3.2.11.7.1 Steam Generator Low-Low Level Loop 1 (Protection Set II, III, IV)
For use by the SSPS Low-Low Level Reactor Trip and Auxiliary Feedwater (AFW) Pump Start logic [Deenergize to Trip].
The Steam Generator Low-Low Level Trip is constrained by the TTD function described in Section 3.2.11.6.1.
3.2.11.7.2 Steam Generator Low-Low Level Loop 2 (Protection Set 1,111,IV)
For use by the SSPS Low-Low Level Reactor Trip and AFW Pump Start logic [Deenergize to Trip].
The Steam Generator Low-Low Level Trip is constrained by the TTD function described in Section 3.2.11.6.1.
3.2.11.7.3 Steam Generator Low-Low Level Loop 3 (Protection Set 1,111,IV)
For use by the SSPS Low-Low Level Reactor Trip and AFW Pump Start logic [Deenergize to Trip].
The Steam Generator Low-Low Level Trip is constrained by the TTD function described in Section 3.2.11.6.1.
3.2.11.7.4 Steam Generator Low-Low Level Loop 4 (Protection Set II, IlI, IV)
For use by the SSPS Low-Low Level Reactor Trip and AFW Pump Start logic [Deenergize to Trip].
The Steam Generator Low-Low Level Trip is constrained by the TTD function described in Section 3.2.11.6.1.
3.2.11.8 Accuracy The following accuracy requirements are applicable to the Steam Generator Narrow Range Level channels:
3.2.11.8.1 The accuracy of the effective time delay for the TTD circuit shall be within +/-1% of adjustable range.
3.2.11.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be scaled as follows:
3.2.11.9.1 Input Variables:
a) Steam Generator Narrow Range Level:
4 - 20 mA = 0 to 100%
3.2.11.9.2 Calculated Variables:
a) Delta-T:
Calculated in associated DTTA channel .per Section 3.2.5.13.4 = 0 to 150% power b) Low-Low Level TTD (TD):
Calculated per Section 3.2.11.6.1 = 0 to 700 seconds 3.2.11.9.3 Output Variables:
a) Steam Generators 2, 3 Narrow Range Level (Protection Set I):
4 - 20 mA [0 to 100%] = 4 - 20 mA (from input loop Class IA/II isolator) aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 69 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 70 of 80 b) Steam Generators 1, 4 Narrow Range Level (Protection Set II):
4 - 20 mA [0 to 100%] = 4 - 20 mA (input loop Class IA/II isolator) c) Steam Generator 3 Narrow Range Level (Protection Set I):
4 -20 mA [0 to 100%] = 4 -20 mA (input loop Class IA/II isolator to AMSAC) d) Steam Generator 4 Narrow Range Level (Protection Set II):
4 - 20 mA [0 to 100%] = 4 - 20 mA (input loop Class IA/Il isolator to AMSAC) e) Steam Generator 1, 2, 3, 4 Narrow Range Level (Protection Sets III and IV):
4 - 20 mA [0 to 100%] = 4 - 20 mA (from input loop) f) Steam Generator 1, 2, 3, 4 Narrow Range Level (Protection Sets III and IV):
4 -20 mA [0 to 100%] = 4 -20 mA (input loop Class IA/lI isolator) g) Steam Generator 2 Narrow Range Level (Protection Set III):
4 - 20 mA [0 to 100%] = 4 - 20 mA (input loop Class IA/Il isolator to AMSAC) h) Steam Generator 1 Narrow Range Level (Protection Set IV):
4 -20 mA [0 to 100%] = 4 -20 mA (input loop Class IA/II isolator to AMSAC) 3.2.11.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
3.2.11.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.11.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
3.2.11.13 Controller Transfer Functions The following controller transfer functions are used in the processing of Steam Generator Narrow Range Level channels:
3.2.11.13.1 The delay units provided for the Steam Generator Low-Low Water Level signals shall have the following transfer function:
S- A -- I A =time delay input --- I I1- - - output 3.2.11.13.2 Upon loss of signal to the delay unit, the output of the unit must reset to its initial state.
3.2.11.13.3 Trip Time Delay Algorithm Refer to Reference 1.4.3.18 for details. Ranges for tuning constants associated with this function are provided in Section 3.2.11.14.
3.2.11.14 Setpoints (Range of Setting) aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 70 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 71 of 80 The following shall apply to the comparator settings and tuning constants of the Steam Generator Narrow Range Level channels:
3.2.11.14.1 Steam Generator Water Level Low-Low Reactor Trip:
0 to 45% of Narrow Range Span Note: Percentof Narrow Range Span refers to percent of span as measuredfrom the narrow range level tap.
3.2.11.14.2 Steam Generator Water Level High-High Turbine Trip and Feedwater Isolation:
45 to 90% of Narrow Range Span Note: Percent of Narrow Range Span refers to percent of span as measured from the narrow range level tap.
3.2.11.14.3 Tuning Constants The following tuning constant ranges are applicable to the TTD algorithm:
- a. Power High Limit (PHL) 0 to 100% of Rated Thermal Power
- b. A 0.0 to -0.01
- c. B 0.0to 1.0
- d. C 0.0 to -100.0
- e. D 0.0 to 1000.0 3.2.11.15 Test and Calibration The following Test and Calibration requirements are applicable to the Steam Generator Narrow Range Level channels:
3.2.11.15.1 For the purpose of testing the Delta-T signal that provides input for the TTD logic, the design shall automatically enable a zero second allowable trip delay for all narrow range level channels in the affected Protection Set.
3.2.11.15.2 The capability shall be provided for manually setting the TTD to zero.
3.2.11.16 Failure Mode Requirements The following Failure Mode requirements are applicable to the Steam Generator Narrow Range Level channels:
3.2.11.16.1 Failures (other than loss of power or isolation device) within the PPS processing instrumentation shall not affect the operability of the AMSAC system.
3.2.12 Specific Requirements for Turbine Impulse Chamber Pressure The following specific requirements apply to the Turbine Impulse Chamber Pressure channels and are in addition to the requirements specified in Section 3.2.1.
3.2.12.1 Functional Description Turbine Impulse Chamber Pressure channels are presented graphically in the PPS Functional Block Diagrams [Reference 1.4.2.2]. These drawings identify all inputs, outputs, and external interfaces and provide a simplified representation of the channel functionality (logic).
aLTRan UNIT &2 DC 663195-44-6 PAGE 71 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 72 of 80 3.2.12.1.1 Turbine Impulse Chamber Pressure (Protection Set I):
Reference 1.4.2.2.18 3.2.12.1.2 Turbine Impulse Chamber Pressure (Protection Set II):
Reference 1.4.2.2.40 3.2.12.1.3 Isolated signals (not processed by the PPS) from all Turbine Impulse Chamber Pressure channel sensors shall be provided for use by the following:
a) AMSAC 3.2.12.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.12.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.12.4 Outputs for Monitoring, Indication, Recording, and Control The following outputs shall be provided by the Turbine Impulse Chamber Pressure channels:
3.2.12.4.1 Turbine Impulse Chamber Pressure (Protection Set I):
a) MCR Indication b) PPC Monitoring c) AMSAC 3.2.12.4.2 Turbine Impulse Chamber Pressure (Protection Set II):
a) MCR Indication b) PPC Monitoring c) AMSAC 3.2.12.5 Alarms and Annunciators No additional requirements to those identified in Section 3.2.1.5.
3.2.12.6 Interlocks and Permissives The following comparator outputs shall be provided by the Turbine Impulse Chamber Pressure channels:
3.2.12.6.1 Turbine Impulse Pressure High (Protection Sets 1,II):
For use by the SSPS P-13 Permissive logic [Deenergize to Trip].
3.2.12.6.2 Turbine Impulse Pressure Low (Protection Set I)
For use by the Turbine Low Power Interlock C-5 logic [Deenergize to Trip].
3.2.12.7 Trips and Trip Logic The following comparator outputs shall be provided by the Turbine Impulse Chamber Pressure channels:
None aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 72 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 73 of 80 3.2.12.8 Accuracy No additional requirements to those identified in Section 3.2.1.8.
3.2.12.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be scaled as follows:
3.2.12.9.1 Input Variables:
a) Turbine Impulse Chamber Pressure:
4 - 20 mA = 0 to 110% of Turbine Power 3.2.12.9.2 Calculated Variables: None 3.2.12.9.3 Output Variables:
a) Turbine Impulse Chamber Pressure:
0 to 110% of Turbine Power = 4-20 mA b) Turbine Impulse Chamber Pressure:
4 - 20 mA [0 to 11Q% of Turbine Power] = 4 - 20 mA (input loop Class IA/II isolator) 3.2.12.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
3.2.12.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.12.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
3.2.12.13 Controller Transfer Functions No additional requirements to those identified in Section 3.2.1.13.
3.2.12.14 Setpoints (Range of Setting)
The following shall apply to the comparator settings and tuning constants of the Turbine Impulse Chamber Pressure channels:
3.2.12.14.1 Turbine Impulse Pressure High to P-13:
5 to 20%.
3.2.12.14.2 Turbine Impulse Pressure Low to C-5:
5 to 20%.
3.2.12.15 Test and Calibration A manual Trip Bypass switch shall be provided for the Turbine Impulse Pressure High to P-13 comparator output to facilitate test and calibration. When in Bypass, the switch shall maintain the non-tripped condition of the comparator.
3.2.12.16 Failure Mode Requirements The following Failure Mode requirements are applicable to the Turbine Impulse Pressure aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 73 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 74 of 80 channels:
3.2.12.16.1 Failures (other than loss of power or isolation device) within the PPS processing instrumentation shall not affect the operability of the AMSAC system.
3.2.13 Specific Requirements for Containment Pressure The following specific requirements apply to the Containment Pressure channels and are in addition to the requirements specified in Section 3.2.1.
3.2.13.1 Functional Description Containment Pressure channels are presented graphically in the PPS Functional Block Diagrams [Reference 1.4.2.2]. These drawings identify all inputs, outputs, and external interfaces and provide a simplified representation of the channel functionality (logic).
3.2.13.1.1 Containment Pressure (Protection Set I):
Reference 1.4.2.2.19, 1.4.2.2.20 3.2.13.1.2 Containment Pressure (Protection Set II):
Reference 1.4.2.2.41, 1.4.2.2.42 3.2.13.1.3 Containment Pressure (Protection Set Ill):
Reference 1.4.2.2.56, 1.4.2.2.57 3.2.13.1.4 Containment Pressure (Protection Set IV):
Reference 1.4.2.2.69, 1.4.2.2.70 3.2.13.2 Special Environmental Requirements No additional requirements to those identified in Section 3.2.1.2.
3.2.13.3 Indicators, Status Lights and Controls No additional requirements to those identified in Section 3.2.1.3.
3.2.13.4 Outputs for Monitoring, Indication, and Control, The following outputs shall be provided by the Containment Pressure channels:
3.2.13.4.1 Containment Pressure (Protection Sets I, IV) a) MCR Indication b) PPC Monitoring 3.2.13.4.2 Containment Pressure (Protection Sets II, Ill) a) MCR Indication b) PPC Monitoring c) ERFDS Monitoring 3.2.13.5 Alarms and Annunciators The following alarms and annunciator outputs shall be provided by the Containment Pressure channels:
3.2.13.5.1 Signals shall be provided to the MAS for actuation of an alarm and annunciator in the MCR aLTRanf UNIT 1& 2 DC 663195-44-6 PAGE 74 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 75 of 80 whenever any Containment Spray Actuation channel (Containment Pressure High-High) is placed in the TEST mode.
3.2.13.6 Interlocks and Permissives There are no interlocks or permissives associated with PPS Containment Pressure channel processing.
3.2.13.7 Trips and Trip Logic (RTS and ESFAS)
The following comparator outputs shall be provided by the Containment Pressure channels:
3.2.13.7.1 Containment Pressure High (Protection Sets II, Ill, IV)
For use by SSPS SI and Phase A Containment Isolation logic [Deenergize to Trip].
3.2.13.7.2 Containment Pressure High-High (Protection Sets 1,11,111, IV)
For use by SSPS Phase B Containment Isolation, Containment Spray, and Steamline Isolation logic [Energize to Trip].
Containment Pressure High-High comparator output shall be exempt from the requirements of Section 3.2.1.3.4.
3.2.13.8 Accuracy No additional requirements to those identified in Section 3.2.1.8.
3.2.13.9 Range (for Inputs, Calculated Values, and Outputs)
Ranges for input, calculated, and output variables shall be scaled as follows:
3.2.13.9.1 Input Variables:
a) Containment Pressure:
4 - 20 mA = -5 to 55 psig 3.2.13.9.2 Calculated Variables: None 3.2.13.9.3 Output Variables:
a) Containment Pressure:
4 - 20 mA [-5 to 55 psig] = 4 - 20 mA (from input loop) 3.2.13.10 Time Response No additional requirements to those identified in Section 3.2.1.10.
3.2.13.11 Overload and Recovery Characteristics No additional requirements to those identified in Section 3.2.1.11.
3.2.13.12 Noise Levels No additional requirements to those identified in Section 3.2.1.12.
3.2.13.13 Controller Transfer Functions No additional requirements to those identified in Section 3.2.1.13.
3.2.13.14 Setpoints (Range of Setting) aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 75 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 76 of 80 The following shall apply to the comparator settings and tuning constants of the Containment Pressure channels:
3.2.13.14.1 Containment Pressure High SI, Phase A Isolation:
0 to 10 psig 3.2.13.14.2 Containment Pressure High-High Phase B Isolation, Containment Spray, Steamline Isolation:
0 to 40 psig 3.2.13.15 Test and Calibration A manual Trip Bypass switch independent of the PPS shall be provided for the Containment Pressure High-High comparator output to facilitate test and calibration. When in Bypass, the switch shall maintain the non-tripped condition of the comparator.
3.2.13.16 Failure Mode Requirements 3.2.13.16.1 Upon detection of an internal rack failure (fatal diagnostic) the resultant output from the comparator identified in Section 3.2.13.7.2 shall be the "AS-IS" condition.
3.3 System Security Access to the PPS will be administratively controlled by the end user(s). The following features shall be available to support configuration control/management of the system and shall be described in the Configuration Management Plan for the system.
3.3.1 Physical Security The PPS processing instrumentation shall have provisions for accommodating physical security devices such as keylocks, cabinet locks, etc. to ensure that only appropriate personnel have access to the PPS processing instrumentation.
3.3.2 System Logon Protection Access to the PPS processing instrumentation will be administratively controlled using physical security and/or password logon security measures (as applicable). Any utilized password scheme shall be as described in the system Configuration Management Program created for the PPS.
3.3.3 Communications With External (Non-PPS) Systems All communications between external systems/devices and the PPS instrumentation shall be read only by the external system.
3.4 Information Management There are no information management requirements imposed on the PPS.
3.5 System Operations 3.5.1 System Human Factors aLTRan UNIT l& 2 DC 663195-44-6 PAGE 76 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 77 of 80 3.5.1.1 The PPS HSI design should follow the guidance provided in the DCPP HSI Development Guidelines Document [Reference 1.4.3.16].
3.5.2 System Maintainability 3.5.2.1 The PPS processing instrumentation shall have the capability for removal and replacement of all cards/modules at power (hot swap capability) with the system on-line without adverse effect to any protection function.
3.5.2.2 System power supplies shall provide hot swap capability.
3.5.2.3 Test and Calibration requirements are identified in Section 3.2.1.15.
3.5.2.4 The capability shall be provided to place and maintain multiple channels Out of Service (trip or bypass).
3.5.3 System Reliability System diagnostics and self-testing features shall be incorporated in the design to provide automatic detection (where possible) of component failures or degradation of operability.
3.6 Policy and Regulation Section 1.4 provides a listing of References that are utilized in the development of the PPS and all changes thereto to ensure that system design bases requirements are satisfied and the PPS will function as required within the Plant Protection System to ensure that the health and safety of the general public is not jeopardized by the operation of DCPP. The listed References include documents defining design requirements, documents providing guidance for implementation of design requirements, and licensing documents that provide definitive direction for ensuring that operation of the PPS will be maintained within design requirements.
3.7 System Life Cycle Sustainment This Section is only applicable if the PPS equipment subject to this FRS is digital and requires software to be developed for its use.
3.7.1 PPS Software Software shall be maintained in accordance with the Software Quality Assurance Plan developed for the PPS as required by IDAP CF2.1D9 [Reference 1.4.3.6].
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 77 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 78 of 80 4 System Interfaces 4.1 External Interfaces The PPS has external interfaces with the following systems. The exchange of information is strictly from the PPS to the identified system. There is no return of information from the receiving system.
4.1.1 Plant Process Computer (PPC)
The PPS shall interface with the PPC to provide monitoring and status information.
4.1.1.1 Appropriate signal isolation shall be provided between the PPS and PPC.
4.1.2 Main Annunciator System (MAS)
The PPS shall provide contact outputs where needed to interface with the MAS.
4.1.2.1 The MAS shall provide the contact interrogation voltage.
4.1.2.2 Appropriate signal isolation shall be provided between the PPS and MAS.
4.1.3 Main Control Panels The PPS shall provide appropriately qualified analog outputs and/or appropriately qualified isolation devices to interface with the main control panels in the MCR for purposes of indication and status monitoring (i.e., indicators, recorders, ERFDS, etc.).
4.1.3.1 Appropriate signal isolation shall be provided between the PPS and main control panel devices.
4.1.4 Hot Shutdown Panel The PPS shall provide analog outputs from Pressurizer Level, Pressurizer Pressure, and Steamline Pressure channels to interface with the Hot Shutdown Panel.
4.1.4.1 Appropriate signal isolation shall be provided between the PPS and the Hot Shutdown Panel.
4.1.5 Solid State Protection System (SSPS)
The PPS shall provide partial trip outputs to interface with the SSPS as shown on the Functional Block Diagrams [Reference 1.4.2.2].
4.1.6 AMSAC The PPS shall provide shared signals from the S/G Narrow Range Level and Turbine Impulse Chamber Pressure channel sensor inputs to interface with the AMSAC.
Refer to Sections 3.2.11 and 3.2.12.
4.1.6.1 These signals shall be from the raw sensor input and shall not be processed by the PPS.
4.1.6.2 Appropriate signal isolation shall be provided between the PPS and the AMSAC.
aLTRan UNIT 1& 2 DC 663195-44-6 PAGE 78 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 79 of 80 4.1.7 Digital Feedwater Control System (DFWCS)
The PPS shall provide signals from the S/G Narrow Range Level, Steamflow, and Steamline Pressure channel sensor inputs to interface with the DFWCS.
Refer to Sections 3.2.11, 3.2.9, and 3.2.10.
4.1.7.1 These signals shall be from the raw sensor input and shall not be processed by the PPS.
4.1.7.2 Appropriate signal isolation shall be provided between the PPS and the DFWCS.
4.1.8 Rod Speed and Direction The PPS shall provide analog outputs from the DTTA channels to interface with Rod Speed and Direction in the Process Control System (PCS).
Refer to Section 3.2.5.
Note: The alternative of sharing RTD input signals is not considered a feasible option with today's technology but would be allowable should the technology become available.
4.1.8.1 Appropriate signal isolation shall be provided between the PPS and the PCS.
4.1.9 Pressurizer Pressure Control The PPS shall provide signals from the Pressurizer Pressure channel sensor inputs to interface with Pressurizer Pressure Control in the PCS.
Refer to Section 3.2.7.
4.1.9.1 These signals shall be from the raw sensor input and shall not be processed by the PPS.
4.1.9.2 Appropriate signal isolation shall be provided between the PPS and the PCS.
4.1.10 Pressurizer Level Control The PPS shall provide signals from the Pressurizer Level channel sensor inputs to interface with Pressurizer Level Control in the PCS.
Refer to Section 3.2.6.
4.1.10.1 These signals shall be from the raw sensor input and shall not be processed by the PPS.
4.1.10.2 Appropriate signal isolation shall be provided between the PPS and the PCS.
4.1.11 Auxiliary Feedwater (AFW) Control The PPS shall provide signals from the S/G Narrow Range Level sensor inputs to interface with AFW Control in the PCS.
Refer to Section 3.2.11.
4.1.11.1 These signals shall be from the raw sensor input and shall not be processed by the PPS.
4.1.11.2 Appropriate signal isolation shall be provided between the PPS and the PCS.
aLTRan UNIT1&2 DC 663195-44-6 PAGE 79 OF 80
DCPP Units 1 & 2, Process Protection System 08-0015-SP-001, Revision: 7 Functional Requirements Specification Page 80 of 80 4.1.12 Reactor Vessel Level Indicating System (RVLIS)
Outputs from the PPS Wide Range Temperature and Wide Range Pressure channels shall be provided to interface with the RVLIS.
Refer to Sections 3.2.3 and 3.2.4.
4.1.12.1 The PPS Wide Range Temperature (hot leg) channels shall provide analog outputs to interface with the RVLIS.
4.1.12.2 The PPS Wide Range Pressure channels (reactor coolant loops 3 and 4) shall provide raw sensor input signals not processed by the PPS to interface with the RVLIS.
4.1.12.3 Appropriate signal isolation shall be provided between the PPS and the RVLIS.
4.1.13 Low Temperature Overpressure Protection System (LTOPS)
Outputs from the PPS Wide Range Temperature and Wide Range Pressure channels shall be provided to interface with the LTOPS.
Refer to Sections 3.2.3 and 3.2.4.
4.1.13.1 The PPS Wide Range Temperature (cold leg) channels shall provide comparator outputs to interface with LTOPS via isolation relays in the Aux Safeguards (RNASA) relay rack.
4.1.13.2 The PPS Wide Range Pressure channels shall provide comparator outputs to interface with LTOPS via isolation relays in the Aux Safeguards (RNASA) relay rack.
4.1.14 Pressurizer Power Operated Relief Valve (PORV) Control System The PPS shall provide comparator outputs from Pressurizer Pressure channels to interface with the PORV Control System via isolation relays in the Aux Safeguards (RNASA) relay rack.
Refer to Section 3.2.7.
4.1.15 Residual Heat Removal (RHR) Interlocks The PPS shall provide comparator outputs from Wide Range Pressure channels to interface with the RHR system RHR suction valve (V-8701 and V-8702) "OPEN" actuation logic and alarming circuits via isolation relays in the Aux Safeguards (RNASA and RNASB) relay racks.
Refer to Section 3.2.4.
4.2 Human System Interface A Human System Interface (HSI) shall be provided that will provide the primary interface between plant personnel and the PPS instrumentation for purposes of testing, maintenance, and troubleshooting.
aLTRaf UNIT 1 & 2 DC 663195-44--6 PAGE 80 OF 80