ML13338A769

From kanterella
Jump to navigation Jump to search
NRC Regulatory Issue Summary 2014-## Embedded Digital Devices in Safety-Related Systems (Revised, Draft)
ML13338A769
Person / Time
Issue date: 04/03/2014
From:
NRC/NRO/DE/ICE2
To:
Eagle E
Shared Package
ML14070A427 List:
References
Download: ML13338A769 (15)
v  d  e


Text

UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, DC 20555-0001 Month XX, 2014 Draft Revised NRC REGULATORY ISSUE

SUMMARY

2014-##

EMBEDDED DIGITAL DEVICES IN SAFETY-RELATED SYSTEMS ADDRESSEES All holders of, and applicants for, licenses for conversion and deconversion fuel cycle facilities, under Title 10 of the Code of Federal Regulations (10 CFR) Part 40, Domestic Licensing of Source Material.

All holders of, and applicants for, a power reactor operating license or construction permit under 10 CFR Part 50, Domestic Licensing of Production and Utilization Facilities, including those that have permanently ceased operations and have spent fuel in storage in the spent fuel pool.

All holders of, and applicants for, a construction permit or an operating license for non-power reactors or medical isotope production facilities under 10 CFR Part 50, except those that have permanently ceased operations and have returned all of their fuel to the U.S. Department of Energy.

All holders of, and applicants for, a power reactor combined license, standard design approval, or manufacturing license, and all applicants for a standard design certification, under 10 CFR Part 52, Licenses, Certifications, and Approvals for Nuclear Power Plants.

All holders of, and applicants for, licenses for enrichment, fuel fabrication, mixed-oxide fuel fabrication fuel cycle facilities under 10 CFR Part 70, Domestic Licensing of Special Nuclear Material.

All holders of, and applicants for, certificates of compliance for gaseous diffusion enrichment fuel cycle facilities under 10 CFR Part 76, Certification of Gaseous Diffusion Plants.

INTENT The U.S. Nuclear Regulatory Commission (NRC) is issuing this regulatory issue summary (RIS) to clarify the NRCs technical position on existing regulatory requirements for the quality and reliability of safety-related equipment with embedded digital devices.

The scope of this RIS is limited to equipment, including instrumentation and controls (I&C), in safety-related systems. Although this RIS excludes systems that are not safety-related from its scope, this RIS identifies considerations involving the application of embedded digital devices in a nonsafety system that, if inadequately addressed, could adversely affect safety. For example, a software common cause failure (CCF) in redundant nonsafety equipment with embedded digital devices of an important to safety system might create a condition that is beyond the design basis of safety-related systems or a condition that has not been analyzed in the nuclear facilitys safety analyses.

ML13338A769

RIS 2014-XX Page 2 of 15 The scope of this RIS excludes embedded digital devices in systems related to common defense and security under 10 CFR Part 73, Physical Protection of Plants and Materials, and 10 CFR Part 74, Material Control and Accounting of Special Nuclear Material. This RIS does not address the cyber security regulation provided in 10 CFR Part 73.54, Protection of Digital Computer and Communication Systems.

This RIS reminds addressees of the need to identify, review, document, and control equipment with embedded digital devices in safety-related systems to comply with applicable regulations for the nuclear facility. For clarity, this RIS separately discusses two nuclear facility sectors to address regulatory differences. These nuclear facility sectors are: (1) the nuclear reactor sector, which addresses both power and non-power reactors, and (2) the fuel cycle facility sector.

Identification, review, documentation, and control of safety-related equipment with embedded digital devices are necessary to demonstrate quality and reliability. This demonstration should address material control, development processes, and equipment qualification. Addressees should be aware of any potential vulnerability that could result from a postulated software common-cause failure (CCF) of redundant safety-related equipment using components with non-diverse embedded digital devices, which includes components implementing safety-related execute features (e.g., motor control centers, actuated equipment).

The NRCs intent in issuing this RIS is to heighten awareness that embedded digital devices may exist in procured equipment used in safety-related systems without the devices having been explicitly identified in procurement documentation. Inadequate consideration of these devices in diversity assessments to address potential software CCFs could lead to an adverse safety consequence. Therefore, addressees should implement early efforts to identify these devices.

The following sections identify the regulations that apply to the use of equipment containing embedded digital devices for the two nuclear facility sectors. The Summary of Applicable Regulations provides the complete set of regulations from both sectors. Similarly, each nuclear facility sector identifies applicable guidance documents and the Summary of Applicable Staff Guidance provides the complete set of guidance from both sectors.

This RIS requires no specific action or written response on the part of an addressee.

BACKGROUND INFORMATION Nuclear facilities have increased the use and reliance on digital technology in systems and equipment (e.g., I&C, electrical systems, and fluid systems). The use of digital technology may reduce operating and maintenance costs, improve equipment reliability, and enhance overall safety. Examples of safety-related equipment that may use digital technology include emergency diesel generators, pumps, valve actuators, motor control centers, breakers, priority logic modules, and uninterruptible power sources. It is important for licensees and applicants to ensure that the digital technology introduced in nuclear facility safety-related equipment is identified, reviewed, and controlled.

For the purposes of this RIS, an embedded digital device is a component consisting of one or more electronic parts that requires the use of software, software-developed firmware, or

RIS 2014-XX Page 3 of 15 software-developed logic and that is integrated into equipment to implement one or more system safety functions.

The NRC guidance (e.g., Branch Technical Position (BTP) 7-19 Revision 6) does not accept embedded digital devices as strictly hardware components. Embedded digital devices include digital components with executable code or software-developed logic that is permanent or semi-permanently installed within the device (commonly referred to as firmware). Firmware includes devices such as programmable logic devices (PLDs), field programmable gate arrays (FPGAs), application-specific integrated circuits (ASICs), erasable programmable read-only memory (EPROMs), electrically erasable programmable read-only memory (EEPROMs), and complex programmable logic devices (CPLDs).

The NRC staff provides guidance applicable to components containing software, firmware, and logic developed from software-based development systems. The firmware of an embedded digital device may provide limited functionality with a well-documented design basis such that the embedded digital device could be characterized as simple. However, NRC staff guidance does not automatically exclude the application of these (so-called simple) devices containing the firmware from consideration within an assessment of diversity to evaluate and address vulnerabilities to potential CCF. Nevertheless, simplicity, diversity, design documentation, quality development, testing, and operational history are some of the important factors to be considered within analyses to evaluate the suitability for use of an embedded digital device.

NRC Information Notice (IN) 1994-020, Common-Cause Failures due to Inadequate Design Control and Dedication, describes a CCF incident of an emergency diesel generator load sequencer at Beaver Valley Power Station, Unit 2, following the replacement of electromechanical timer/relays with microprocessor-based timer/relays. This incident occurred before additional guidance (e.g., Electric Power Research Institute topical report (EPRI TR)-106439, Guideline on Evaluation and Acceptance of Commercial Grade Digital Equipment for Nuclear Safety Applications, and Nuclear Energy Institute (NEI) 01-01, Guideline on Licensing Digital Upgrades) was developed to ensure that adequate equipment qualification or commercial grade item dedication is performed on a digital component replacing an analog component before the replacement component is put into service. Even so, the incident illustrates that a digital replacement can produce a new susceptibility to a CCF. In this case, the commercial grade dedication that was performed for this component did not adequately represent the inservice environment to demonstrate the replacement components compatibility.

The NRC issued IN 2007-015, Effects of Ethernet-Based Non-Safety Related Controls on the Safe and Continued Operation of Nuclear Power Stations, to alert licensees about the effects of potential interactions and unanticipated failures of Ethernet-connected nonsafety equipment on the safety and performance capability of nuclear power plants. On August 19, 2006, Browns Ferry Nuclear Plant, Unit 3, operators initiated a manual reactor shutdown following the loss of both reactor recirculation pumps. The root cause investigation determined that the recirculation pump variable frequency drive controllers malfunctioned because of excessive traffic on the plant integrated computer system network. The excessive traffic was likely caused by a faulty programmable logic controller (PLC) in the condensate demineralizer controller on the same network. This was not a failure mode applicable to the technology used when the plant was started up in 1977. However, the new failure mode should have been considered when the PLC and the plant integrated computer system were added as upgrades since initial operation of the plant. This event illustrates that vendors, licensees, and applicants must understand the operation and failure modes of digital systems (including embedded digital

RIS 2014-XX Page 4 of 15 devices) and the effects of these failure modes on operations and safety. The failure mode of excessive data rates, which could exceed the capacity of a communications link or the ability of nodes to handle excessive traffic, has also been identified by the NRC staff in Digital Instrumentation and Controls (DI&C)-ISG-04, Task Working Group #4: Highly-Integrated Control RoomsCommunications Issues (HICRc), Interim Staff Guidance [ISG].

Safety-related systems, equipment, instrumentation, and controls that include components with embedded digital devices must satisfy regulatory requirements, including quality and reliability, consistent with the safety significance of the equipment. Quality and reliability considerations related to safety significance include potential vulnerabilities to CCFs and electromagnetic compatibility (EMC). The EMC established for original equipment may be insufficient to support reliable operation of new equipment containing an embedded digital device. Likewise, the EMC characteristics of new equipment containing an embedded digital device may be insufficient to support continued reliable operation of nearby unmodified equipment, given its original EMC qualification envelope. In both cases, equipment containing an embedded digital device should be identified, evaluated, and tested to ensure reliable operation for the inservice environment.

The regulations identified in each nuclear facility sector provide requirements for the process by which changes to a facility, procedure, or other controlling document may be made without prior NRC approval, except for 10 CFR Part 40 facilities (further discussed in the Fuel Cycle Facility Sector). Records of changes to the facility must be maintained. These records must include a written evaluation that provides the bases for the determination that the change, test, or experiment does not require prior NRC approval. The records of changes to the facility should show that any potential safety issue from the use of embedded digital devices has been adequately addressed.

SUMMARY

OF ISSUE The key issue is that the increased use of embedded digital devices in safety-related equipment may increase a facilitys vulnerability to a CCF, challenge equipment EMC, or otherwise degrade equipment reliability to adversely affect safety. Potential safety issues from using embedded digital devices should be adequately addressed. This key issue is further summarized by the following three points:

(1) the need to ensure adequate quality and reliability of embedded digital devices that exist in actuation equipment; (2) the need to address potential facility vulnerabilities to CCFs; and (3) the need to ensure sufficient procurement planning and material control to identify, review, test, and control embedded digital devices.

Nuclear Reactor Sector The term safety-related as applicable to nuclear reactors is defined in 10 CFR 50.2, Definitions, as:

Safety-related structures, systems and components means those structures, systems and components that are relied upon to remain functional during and following design basis events to assure:

RIS 2014-XX Page 5 of 15 (1) The integrity of the reactor coolant pressure boundary; (2) The capability to shut down the reactor and maintain it in a safe shutdown condition; or (3) The capability to prevent or mitigate the consequences of accidents which could result in potential offsite exposures comparable to the applicable guideline exposures set forth in § 50.34(a)(1) or § 100.11 of this chapter, as applicable.

The 10 CFR 50.59, Changes, Tests, and Experiments, rule contains requirements for the process by which licensees may make changes to their facilities and procedures, as described in the facilitys final safety analysis report (FSAR) (as updated), without prior NRC approval.

This RIS applies to equipment, instrumentation, and controls that contain embedded digital devices in safety-related systems for nuclear power plants and non-power reactors in order to address the following:

(1) The need to ensure adequate quality and reliability of embedded digital devices that exist in actuation equipment Safety-related equipment with embedded digital devices must comply with the following regulations and should address the following guidance, as applicable:

  • 10 CFR 50.34(a)(7), requires a description of the quality assurance program and how requirements of Appendix B will be satisfied
  • NUREG-0800, Standard Review Plan for the Review of Safety Analysis Reports for Nuclear Power Plants: LWR Edition (SRP), Chapter 7, Instrumentation and Controls, (power reactors)
  • NUREG-0800, SRP, Chapter 7, Branch Technical Position (BTP), BTP 7-14, Guidance on Software Reviews for Digital Computer-Based Instrumentation and Control Systems
  • NUREG-1537, Guidelines for Preparing and Reviewing Applications for the Licensing of Non-Power Reactors, Part 1, Format and Content, February 1996

RIS 2014-XX Page 6 of 15

  • NUREG-1537, Guidelines for Preparing and Reviewing Applications for the Licensing of Non-Power Reactors, Part 2, Standard Review Plan and Acceptance Criteria, February 1996
  • U.S. Nuclear Regulatory Commission, Interim Staff Guidance Augmenting NUREG-1537, Part 1, Guidelines for Preparing and Reviewing Applications for the Licensing of Non-Power Reactors: Format and Content, for Licensing Radioisotope Production Facilities and Aqueous Homogeneous Reactors, October 2012
  • U.S. Nuclear Regulatory Commission, Interim Staff Guidance Augmenting NUREG-1537, Part 2, Guidelines for Preparing and Reviewing Applications for the Licensing of Non-Power Reactors: Standard Review Plan and Acceptance Criteria, for Licensing Radioisotope Production Facilities and Aqueous Homogeneous Reactors, October 2012
  • Regulatory Guide (RG) 2.5, Quality Assurance Program Requirements for Research and Test Reactors, Revision 1, June 2010 Regulations and review guidance focus on the safety-related system control and protection logic rather than the actuated device. Digital technology is being introduced into actuation and actuated equipment, such as motor controllers, sequencers, pumps, valve actuators, breakers, uninterruptable power supplies, emergency diesel generator controls, etc.

Equipment consisting of commercial grade items with older non-digital technology is being replaced with commercial grade products containing embedded digital devices that include software, software-developed firmware, or software-developed logic that may not have been developed in accordance with guidance and acceptable industry standards.

(2) The need to address potential vulnerabilities to CCFs Safety-related equipment with embedded digital devices must comply with the following regulations and should address the following guidance, as applicable:

  • NUREG-0800, SRP, Chapter 7, BTP 7-19, Guidance for Evaluation of Diversity and Defense-in-Depth in Digital Computer-Based Instrumentation and Control Systems Applicable regulations, guidance, and industry standards are relied on to assure the safety system sense and command features provide the logic signals to the safety system execute features. It may be possible that the intended safety protection could be defeated by a software CCF of an embedded digital device when the same device is used within redundant safety system execute features. Such a software CCF could prevent more than one train of otherwise independent redundant equipment from accomplishing the intended safety function.

RIS 2014-XX Page 7 of 15 Consideration of CCF applies to equipment that is not safety-related to the extent that a CCF could create a condition that is beyond the design basis of safety-related equipment (i.e., when the results of the CCF are not bounded by the facility design-basis accident analysis and a safety vulnerability results with respect to a radiological release).

The guidance in BTP 7-19 is helpful when considering potential CCFs of embedded digital devices located in equipment performing safety-related system execute features.

(3) The need to ensure sufficient procurement planning and material control to identify, review, test, and control embedded digital devices Safety-related equipment with embedded digital devices must comply with the following regulations and should address the following guidance, as applicable:

  • EPRI TR-106439, Guideline on Evaluation and Acceptance of Commercial Grade Digital Equipment for Nuclear Safety Applications, Electric Power Research Institute, Palo Alto, CA, October 1996
  • RG 1.152, Criteria for Use of Computers in Safety Systems of Nuclear Power Plants, Revision 3, July 2011
  • RG 2.5, Quality Assurance Program Requirements for Research and Test Reactors, Revision 1, June 2010 Licensees should include, as part of their specifications for vendors supplying commercial products, requirements to identify the use of embedded digital devices and to sufficiently document the quality of the embedded digital devices to support commercial grade item dedication per the guidance in EPRI TR-106439, as identified in RG 1.152, Revision 3, July 2011.

In the early stages of a design, vendors, licensees, and applicants should fully understand the challenges that embedded digital devices may pose. Procurement activities, including commercial grade item dedication processes, should be sufficient to ensure adequate quality and to prevent the introduction of components that could degrade system reliability.

Licensees should ensure vendors of items containing embedded digital devices document the presence of these devices to alert licensees, so that the licensees can adequately consider the issues discussed in this RIS.

RIS 2014-XX Page 8 of 15 Fuel Cycle Facility Sector Fuel cycle facilities (FCFs) may implement control systems that make use of digital technology with embedded digital devices. Identification, review, documentation, and control of equipment in safety-related systems with embedded digital devices are necessary to demonstrate the quality and reliability of these systems. This demonstration should address material control, development processes, and equipment qualification as appropriate to the facility.

For the purpose of this RIS, the term safety-related as applicable to FCFs applies to systems, structures, components, procedures and controls (of a facility or a process) that are relied upon to protect the health and safety of workers, the public and the environment. Their functionality ensures key regulatory requirements (and license commitments), such as exposures to or levels of radiation, radioactivity, or hazardous chemicals released, are met.

This RIS applies to equipment, instrumentation, and controls that contain embedded digital devices in safety-related systems for FCFs to comply with the following regulations and address the following guidance, as applicable:

  • 10 CFR Part 40, Domestic Licensing of Source Material, for conversion and deconversion facilities, subject to 10 CFR Part 70, Subpart H, Additional Requirements for Certain Licensees Authorized to Possess a Critical Mass of Special Nuclear Material, where required by license condition(s) or order
  • 10 CFR Part 70, Domestic Licensing of Special Nuclear Material, paragraph 70.24, Criticality Accident Requirements, paragraphs 70.61, Performance Requirements, through 70.65, Additional Content of Applications, for enrichment, fuel fabrication, and mixed-oxide fuel fabrication facilities
  • 10 CFR 76.87, Technical Safety Requirements, and 10 CFR 76.89, Criticality Accident Requirements, for gaseous diffusion fuel cycle facilities
  • NUREG-1520, Standard Review Plan for the Review of a License Application for a Fuel Cycle Facility
  • NUREG-1718, Standard Review Plan for the Review of an Application for a Mixed Oxide (MOX) Fuel Fabrication Facility
  • DI&C-ISG-07, Task Working Group #7: Digital Instrumentation and Control Systems in Safety Applications at Fuel Cycle Facilities, Interim Staff Guidance The provisions in 10 CFR 70.72, Facility Changes and Change Process, contain requirements for the process by which 10 CFR Part 70 fuel cycle facility licensees may make changes to the site, structures, processes, systems, equipment, components, computer programs, and activities of personnel without prior NRC approval. The provisions in 10 CFR 76.68, Plant Changes, contain requirements for the process by which 10 CFR Part 76 certificate holders may make changes to the plant or the plants operations without prior Commission approval.

There are no equivalent regulations for 10 CFR Part 40 facilities. Provisions in 10 CFR 70.72 may be applicable to 10 CFR Part 40 facilities where required by license condition(s) or order.

RIS 2014-XX Page 9 of 15 Safety-related systems and components that include embedded digital devices must satisfy regulatory requirements, including quality and reliability, commensurate with the safety significance of systems and components. The following regulatory requirements address quality assurance requirements for equipment, instrumentation, and controls that contain embedded digital devices in safety-related systems:

  • 10 CFR Part 50, Appendix B, Quality Assurance Criteria for Nuclear Power Plants and Fuel Reprocessing Plants, is applicable to mixed-oxide fuel fabrication facilities and other existing or new FCFs subject to license condition(s) or order.
  • 10 CFR 76.93, Quality Assurance, is applicable to gaseous diffusion facilities.

Potential safety issues from using embedded digital devices should be adequately addressed.

The increased presence of embedded digital devices in commercially procured safety-related components creates a need for heightened awareness by vendors, licensees, and applicants.

This heightened awareness is important for new facilities (e.g., initial installation) as well as modernization (e.g., upgraded components at existing facilities) because safety-related systems in these facilities may include commercial equipment with embedded digital devices.

This is further addressed in the following three categories:

(1) The need to ensure adequate quality and reliability of embedded digital devices that exist in actuation equipment Regulations and review guidance focus on safety-related system control and protection logic rather than the actuated device. Digital technology is being introduced into actuation and actuated equipment. Examples include motor controllers, pumps, valve actuators, breakers, uninterruptible power supplies, and emergency diesel generator controls (if applicable).

In many instances, equipment consisting of older non-digital technology is being replaced with commercially procured products containing embedded digital devices that include software, software-developed firmware, or software-developed logic that may not have been developed in accordance with guidance and acceptable industry standards.

(2) The need to address potential vulnerabilities to CCFs Applicable regulations, guidance, and industry standards are relied on to assure the safety system sense and command features provide the logic signals to the safety system execute features. It may be possible that the intended safety protection could be

RIS 2014-XX Page 10 of 15 defeated by an undetected error in the software or software-developed logic in embedded digital devices within these redundant safety system execute features that could prevent accomplishment of their intended safety function.

The guidance provided in DI&C-ISG-07 is helpful when considering CCFs for digital controls and functions in safety-related applications. The criteria of independence, redundancy, and diversity are addressed for the protection of digital I&C system channels and functions from potential CCFs.

(3) The need to ensure sufficient procurement planning and material control to identify, review, test, and control embedded digital devices Licensees should include, as part of their specifications for vendors supplying commercial products, requirements to identify the use of embedded digital devices and to sufficiently document the quality of the embedded digital devices to support the licensees specific quality verification process (e.g., commercial grade dedication, management measures).

In the early stages of design, vendors, licensees, and applicants should fully understand the challenges that embedded digital devices may pose. Procurement activities, including commercial grade item dedication processes and product testing and inspection, should be sufficient to ensure adequate quality and to prevent the introduction of components that could degrade system reliability. Where there is a strong reliance on functional testing to verify component quality, performance, and reliability, such testing should enable identification of product deficiencies. Licensee monitoring of components with embedded digital devices should support the documentation of item failures in order to aid in the identification of specific devices and vendors of suspect quality.

SUMMARY

OF APPLICABLE REGULATIONS

  • 10 CFR 50.34(a)(7), requires a description of the quality assurance program and how requirements of Appendix B will be satisfied
  • 10 CFR 50.34(b)(6)(ii), the final safety analysis report shall describe managerial and administrative controls to be used to assure safe operation

RIS 2014-XX Page 11 of 15

  • 10 CFR Part 52, Licenses, Certifications, and Approvals for Nuclear Power Plants

SUMMARY

OF APPLICABLE STAFF GUIDANCE

  • Staff Requirements Memorandum SECY 93-087 II.Q, Policy, Technical, and Licensing Issues Pertaining to Evolutionary and Advanced Light-Water Reactor (ALWR) Designs April 2, 1993 (Agencywide Documents Access and Management System (ADAMS)

Accession No. ML003708056)

  • RG 1.180, Guidelines for Evaluating Electromagnetic and Radio-Frequency Interference in Safety-Related Instrumentation and Control Systems, Revision 1, October 2003 (ADAMS Accession No. ML032740277)
  • RG 2.5, Quality Assurance Program Requirements for Research and Test Reactors, Revision 1, June 2010 (ADAMS Accession No. ML093520099)
  • DI&C-ISG-04, Task Working Group #4: Highly-Integrated Control Rooms-Communications Issues (HICRc), Interim Staff Guidance, Revision 1, March 6, 2009 (ADAMS Accession No. ML083310185)

RIS 2014-XX Page 12 of 15

  • DI&C-ISG-07, Task Working Group #7: Digital Instrumentation and Control Systems in Safety Applications at Fuel Cycle Facilities, Revision 1, December 1, 2010 (ADAMS Accession No. ML101900316)
  • NUREG-0800, Standard Review Plan for the Review of Safety Analysis Reports for Nuclear Power Plants: LWR Edition (SRP), Chapter 7, Branch Technical Position (BTP) 7-14, Guidance on Software Reviews for Digital Computer Based Instrumentation and Control Systems, Revision 5, March 2007 (ADAMS Accession No. ML070670183)
  • NUREG-0800, Standard Review Plan for the Review of Safety Analysis Reports for Nuclear Power Plants: LWR Edition (SRP), Chapter 7, Branch Technical Position 7-19, Guidance for Evaluation of Diversity and Defense-in-Depth in Digital Computer-Based Instrumentation and Control Systems, Revision 6, July 2012 (ADAMS Accession No. ML110550791)
  • NUREG-1520, Revision 1, Standard Review Plan for the Review of a Licensee Application for a Fuel Cycle Facility, May 2010 (ADAMS Accession No. ML101390110)
  • NUREG-1537, Guidelines for Preparing and Reviewing Applications for the Licensing of Non-Power Reactors; Part 1, Format and Content, February 1996, (ADAMS Accession No. ML042430055)
  • NUREG-1537, Guidelines for Preparing and Reviewing Applications for the Licensing of Non-Power Reactors,; Part 2, Standard Review Plan and Acceptance Criteria, February 1996 (ADAMS Accession No. ML042430048)
  • U.S. Nuclear Regulatory Commission, Interim Staff Guidance Augmenting NUREG-1537, Guidelines for Preparing and Reviewing Applications for the Licensing of Non-Power Reactors, Part 1, Format and Content, for Licensing Radioisotope Production Facilities and Aqueous Homogeneous Reactors, October 2012, (ADAMS Accession No. ML12156A069)
  • U.S. Nuclear Regulatory Commission, Interim Staff Guidance Augmenting NUREG-1537, Guidelines for Preparing and Reviewing Applications for the Licensing of Non-Power Reactors, Part 2, Standard Review Plan and Acceptance Criteria, for Licensing Radioisotope Production Facilities and Aqueous Homogeneous Reactors, October 2012, (ADAMS Accession No. ML12156A075)

RIS 2014-XX Page 13 of 15 Revision of EPRI TR-102348 to Reflect Changes to the 10 CFR 50.59 Rule, November 25, 2002 (ADAMS Accession No. ML023160044)

RELATED INDUSTRY GUIDANCE

  • Electric Power Research Institute (EPRI) TR-106439, Guideline on Evaluation and Acceptance of Commercial Grade Digital Equipment for Nuclear Safety Applications, October 1996 (ADAMS Accession No. ML103360462)

OTHER RELATED GENERIC COMMUNICATIONS

BACKFITTING AND ISSUE FINALITY This RIS clarifies the NRCs technical position on existing regulatory requirements related to embedded digital devices and heightens awareness that these devices may exist in safety-related systems. The NRC staff position in the RIS does not represent a new or changed position with respect to the need for applicants and licensees to identify, review, document, and control embedded digital devices in safety-related systems in order to comply with 10 CFR 50.55a(h), Protection and Safety Systems; 10 CFR Part 50, Appendix A, General Design Criteria for Nuclear Power Plants; 10 CFR Part 50, Appendix B, Quality Assurance Criteria for Nuclear Power Plants and Fuel Reprocessing Plants; 10 CFR Part 40; 10 CFR Part 70; 10 CFR Part 76; and other NRC regulations and guidance as identified above under Summary of Applicable Regulations, and Summary of Applicable Staff Guidance.

Therefore, this RIS does not represent backfitting, as defined in 10 CFR 50.109(a)(1),

10 CFR 70.76, or 10 CFR 76.76; nor is it otherwise inconsistent with any issue finality provision in 10 CFR Part 52. Therefore, the NRC did not prepare a backfit analysis for this RIS or further address the issue finality criteria in Part 52.

FEDERAL REGISTER NOTIFICATION The NRC published a notice of opportunity for public comment on this RIS in the Federal Register (78 FR 29392) on May 20, 2013. The Commission received comments from an individual member of the public, the Pressured Water Reactor Owners Group (PWROG),

Nuclear Energy Institute (NEI), Exelon Generation Company, LLC, AREVA, and an internal comment set. This draft revised RIS reflects the NRC staffs consideration of these comments.

The staffs resolution of these comments is publicly available under ADAMS Accession No. ML13351A204.

RIS 2014-XX Page 14 of 15 CONGRESSIONAL REVIEW ACT The NRC has determined that this RIS is not a rule as designated by the Congressional Review Act (5 U.S.C. §§ 801-808) and, therefore, is not subject to the Act.

PAPERWORK REDUCTION ACT STATEMENT This RIS contains and references information collection requirements that are subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). These information collection requirements were approved by the Office of Management and Budget (OMB), approval numbers 3150-0035, 3150-0020, 3150-0011, 3150-0151, and 3150-0009.

PUBLIC PROTECTION NOTIFICATION The NRC may not conduct or sponsor, and a person is not required to respond to, a request for information or an information collection requirement unless the requesting document displays a currently valid OMB control number.

RIS 2014-XX Page 15 of 15 CONTACT Please direct any questions about this matter to the technical contacts listed below or to the appropriate regional office.

Lawrence E. Kokajko, Director Marissa G. Bailey, Director Division of Policy and Rulemaking Division of Fuel Cycle Safety and Safeguards Office of Nuclear Reactor Regulation Office of Nuclear Material Safety and Safeguards Michael C. Cheok, Director Larry W. Camper, Director Division of Construction Inspection Division of Waste Management and Operational Programs and Environmental Protection Office of New Reactors Office of Federal and State Materials and Environmental Management Programs Technical Contacts:

Ian Jung, NRO/DE/ICE2 Duane Hardesty, NRR/DPR/PRLB 301-415-2969 301-415-3724 E-mail: Ian.Jung@nrc.gov E-mail: Duane.Hardesty@nrc.gov Eugene Eagle, NRO/DE/ICE2 Booma Venkataraman, NMSS/FCSS/PORSB 301-415-3706 301-287-9143 E-mail: Eugene.Eagle@nrc.gov E-mail: Booma.Venkataraman@nrc.gov Bernard Dittman, RES/DE/ICEEB 301-251-7494 E-mail: Bernard.Dittman@nrc.gov Note: NRC generic communications may be found on the NRC public Web site, http://www.nrc.gov, under NRC Library/Document Collections.

ML13338A769 *via e-mail TAC No. ME9020 Office NRO/DE/ICE2 NRR/DE/EICB NMSS/FCSS/ NRO/DE/ICE1 RES/DE/ICEEB NSIR/CSD PORSB Name EEagle* BDittman* BVenkataraman* DZhang* MWaterman* ELee*

Date 12/17/2013 12/18/2013 01/28/2014 1/3/2014 12/18/2013 01/06/2014 Office NRR/DPR/PRLB Tech Editor BC:NRO/DE/ICE2 BC:NRO/DE/ICE1 BC:NRR/DE/EICB BC:NMSS/FCSS/

PORSB Name DHardesty* CHsu* IJung* TJackson* JThorp* MFranovich*

Date 12/18/2013 11/19/2013 01/16/2014 01/22/2014 12/24/2013 01/16/2014 Office BC:FSME/DWME BC:NRR/DPR/PRL DD: D:NRO/DE OE OIS P/DURLD/RD B NSIR/CSD Name BWatson* LTran* for AAdams RFelts* TBergman* LCasey* for NHilton TDonnell*

Date 12/23/2013 01/03/2014 01/06/2014 03/07/2014 01/03/2014 01/07/2014 Office D:NSIR/DSO D:NSIR/CSD D:NRR/DE D:NRR/DORL OGC NRR/PGCB/LA Name PHolahan* BWestreich* PHiland* MEvans* AHove* and CHawes HBenowitz*

Date 02/5/2014 01/15/2014 01/22/2014 02/6/2014 03/28/2014 Office PM: BC A: D:NMSS/FCSS D:FSME/DWMEP D:NRR/DPR D:NRO/DCIP NRR/DPR/PGCB NRR/DPR/PGCB Name TAlexion SStuchell MBailey LCamper LKokajko MCheok Date

Retrieved from "https://kanterella.com/w/index.php?title=ML13338A769&oldid=2454521"