ML16256A314
| ML16256A314 | |
| Person / Time | |
|---|---|
| Site: | Waterford  |
| Issue date: | 08/25/2016 |
| From: | Entergy Operations |
| To: | Office of Nuclear Reactor Regulation |
| Shared Package | |
| ML16256A115 | List:
|
| References | |
| W3F1-2016-0053 | |
| Download: ML16256A314 (10) | |
Text
WSES-FSAR-UNIT-3 7.1-17.0INSTRUMENTATION AND CONTROLS
7.1INTRODUCTION
The instrumentation and control systems which monitor and perform safety related function are discussedin this chapter. Complete descriptions and analyses of these systems are provided in Sections 7.2 through 7.6.7.1.1IDENTIFICATION OF SAFETY RELATED SYSTEMSThe safety related instrumentation and controls, including supporting systems, are identified below. Theresponsibility for design and supply of each system is identified as follows:Combustion Engineering, Inc(CE)Ebasco Services, Inc(E)7.1.1.1Plant Protection SystemThe Plant Protection System (PPS) includes the electrical and mechanical devices and circuitry (fromsensors to actuation device input terminals) involved in generating the signal associated with the two protective functions defined below.a)Reactor Protective System (Reactor Trip System)(CE)The Reactor Protective System (RPS) is that portion of the PPS which generatessignals that actuate reactor trip. A description of the RPS, detailing the functions of the system modules is found in Section 7.2.b)Engineered Safety Features Actuation System (ESFAS)(CE)
The ESFAS is that portion of the PPS which generates signals that actuate Engineered Safety Featuresystems (ESF Systems). Details of the actuation and actuated system modules are found in Section 7.3.
The ESF systems are as follows:1)Containment Isolation System(E)2)Containment Spray System(E)3)Containment Cooling System(E)4)Safety Injection System(CE)5)Main Steam Isolation System(E)6)Emergency Feedwater system(E)7)Shield Building Ventilation System(E) 8)Combustible gas control systems(E)
WSES-FSAR-UNIT-3 7.1-27.1.1.2Safe ShutdownThe systems required for safe shutdown include those systems which are required to secure and maintainthe reactor in a hot shutdown condition and bring it to cold shutdown.The systems are listed below:
a)Emergency Feedwater System(E) b)Chemical & Volume Control System(CE)(Boron Addition)c)Shutdown Cooling System(E)d)ESF Support Systems(E)e)Atmospheric Steam Dump System(E)
The instrumentation and controls for the system required for safe shutdown are described in Section 7.4.7.1.1.3ESF Supports systemsESF support systems vital to the proper functioning of safety related systems have their instrumentationand control portion designed to the same criteria as those for the safety related systems that they support.
Actuation signals for ESF Support Systems are provided from the associated ESFAS systems. This is discussed in Section 7.3.The ESF Supporting Systems are listed below:
a)Standby (Emergency) Power and Distribution Systems(E)b)Diesel Fuel Oil Storage & Transfer System(E) c)Component Cooling Water System(E) d)HVAC Systems for Safety Related Equipment Areas(E) 7.1.1.4Safety Related Display InstrumentationThe safety related display instrumentation provides information to the operator to allow him to adequatelymonitor plant operating conditions and to perform any required manual safety functions.Safety-related displays are provided for:a)Reactor Protective System(CE) b)Engineered safety Features Systems(CE), (E)c)ESF Support systems(E)
WSES-FSAR-UNIT-37.1-3Revision 9 (12/97)d)Deletede)Post-accident monitoring instrumentation(E), (CE)f)Control Element Assembly (CEA) position(CE)g)Auxiliary Control Panel Instrumentation(E), (CE)h)Miscellaneous Plant Process Safety-Related(E), (CE)InstrumentationThis instrumentation is described in Section 7.5.
7.1.1.5All Other Systems Required For SafetyAll other systems required for safety include the interlocks and systems as listed below. These are furtherdescribed in Section 7.6 or sections referenced therein.a)Shutdown Cooling Interlocks(CE) b)Safety Injection Tank Isolation(CE)Valve Interlocksc)Refueling Interlocks(CE) d)Spent Fuel Pool Cooling & Cleanup Systems(E) e)Containment Purge Isolation System(E) f)Reactor Coolant Leak Detection System(E) g)Containment Vacuum Relief(E) h)Area and Process Radiation Monitoring(E) i)Low Temperature Overpressure Protection(CE) 7.1.1.6Control and Instrumentation Systems Not Required For SafetyThe control systems that are not required for the safety of the plant, but are required for the orderly controland operation of reactor are listed below:a)Reactor Regulating System(CE)b)Boron Control(CE) c)Pressurizer Pressure Control(CE)d)Pressurizer Level Control(CE)e)Feedwater Control(CE)
WSES-FSAR-UNIT-3 7.1-4 Revision 307 (07/13) f) Steam Bypass Control (CE) g) Main Turbine Control (E) h) Core Operating Limit Supervisory System (CE) i) Plant Monitoring Computer (E) i) Incore Instrumentation (CE) k) Excore Neutron Flux Monitoring System (CE)
- 1) Reactor Power Cutback System (CE) m) Plant Safety Parameter Display System (E)
A detailed description of these syst ems is given in Section 7.7. 7.1.1.7 Comparison The Plant Protection System was designed and built by Combustion Engineering Inc. The system is
functionally identical to the system provided for t he ANO Unit 2 plant (AEC Docket No. 50-368) with the following exception; (EC-2800, R307)
The number of CEAs is changed to 87. The co rresponding change in the number of CEAs and CEA subgroups has resulted in minor changes in the CEA and CPC software for deviation logic. (EC-2800, R307)
The ESF Systems that are not part of the NSSS are similar in design to the ESF Systems used on the St Lucie #1 Nuclear Power Plant (Docket No. 50-335). In some systems specific instrument channels have been added or deleted depending on specif ic system requirements.
The major differences of these systems are described below:
a) The Waterford 3 Containment c ooling System uses two speed fans.
b) The Waterford 3 Emergency Feedwater Syst em is automatically initiated and has a different valving configuration.
c) The Waterford 3 Shield Building V entilation System uses no outside air, has somewhat different valving confi guration and uses different set points and control although the functions of the systems are alike.
7.1.1.8 ATWS MITIGATING SYSTEMS
For detail description of ATWS Mitigating Systems (DRT, DEFAS, and DTTS) refer to Section 7.8.
WSES-FSAR-UNIT-37.1-57.1.2IDENTIFICATION OF SAFETY CRITERIAComparison of the design with applicable regulatory guide recommendations and degrees of compliancewith the appropriate design bases, criteria, standards, and other documents used in the design of the systems listed in Subsection 7.1.1 are described in Subsections 7.1.2.4 through 7.1.2.7 and in each of the subsections describing the system.7.1.2.1Design BasesThe design bases for the safety related instrumentation and control of each safety related system arepresented in the section of this chapter that discusses the system to which the information applies.All instrument uncertainties are considered in set point selection as discussed in chapter 15.
7.1.2.1.1Systems Required For Plant ProtectionThe design bases for the RPS and ESFAS is as follows:a)IEEE standard 279-1971. Detailed discussion of conformance for these and otherSafety related system instrumentation and controls isprovided in the applicable section of this chapter. Conformance to the other IEEE Standards is discussed in Subsections 7.1.2.4 through 7.1.2.6.b)Regulatory Guide Recommendations for Water Cooled Nuclear Power Plants, Divisionof Reactor Standards, Nuclear Regulatory Commission. Regulatory Guides are discussed in Subsection 7.1.2.7.c)Quality assurance procedures are described in the Quality Assurance Program Manual(QAPM).d)General Design Criteria for Nuclear Power Plants, Appendix A to 10CFR50, July 7,1971, are described in Section 3.1, Sections 7.2 and 7.3.7.1.2.1.2ESF Support Systems The design bases for the ESF support systems are described in Section 7.3.
7.1.2.1.3Systems Required For Safe Shutdown The design bases for the systems required for safe shutdown are described in Section 7.4.
7.1.2.1.4Safety-Related Display Instrumentation The design bases for safety-related display instrumentation are described in Section 7.5.
7.1.2.1.5All Other Systems Required For Safety The design bases for all other systems required for safety are described in Section 7.6.
WSES-FSAR-UNIT-37.1-6Revision 10 (10/99)7.1.2.2Independence of Redundant Safety-Related SystemsChannels that provide redundant signals for the same protective function are designed to meet theindependence and separation requirements for Section 4.6 of IEEE Standard 279-1971.Figures 7.1-1. 7.1-2, and 7.1-3 show the typical arrangement of interconnecting cabling between the PPScabinet, ESFAS auxiliary relay cabinets (supplied by CE). and typical field cabling. All interconnection between the PPS and the auxiliary relay cabinet is through conduit, except CEA position reed switch cables which run in dedicated trays.Separation within the PPS cabinets is provided by barriers. These barriers run the full depth and fullvertical dimensions.All cabling entering each barriered section of the panel is separated as it enters the cabinet.As shown on Figure 7.1-1, all four PPS cabinet bays are interconnected through internal cable wireways.These metal wireways are totally enclosed and surrounded by insulated fireproof material. In addition, the wireways are packed with fireproof material to a sufficient density to preclude the transmission of firewithin the interconnecting wireway ducts.The reactor trip switchgear, which interrupts power to the coils of the control element drive mechanisms, isa single cabinet that houses the trip breakers. It is also separated into four sections to ensure separation of protection signals.The ESFAS is provided with two independent and separate auxiliary relay cabinets that maintainseparation between the two actuation trains.Safety-related system analog signals that go to both the plant monitoring computer and the CEA positiondisplay CRT are isolated from the safety-related systems by means of active electronic isolation devices.Signals from relays in safety-related systems that go to the plant annunciator, plant monitoring computer, and control element drive mechanism control system are isolated from the originating system by the inherent coil-to-contact isolation for the relays. Redundant Class 1E channels of instrumentation are separated in accordance with IEEE 279-1971 requirements. Whenever a signal derived from the Class1E instrumentation loop is used with non-Class 1E instrument, an isolation device is used to isolate the non-Class 1E instrument from the Class 1E instrumentation loop. All of these isolation techniques ensurethat no credible failures on the output side of the isolators will affect the function of safety-related systems, and that the independence of safety-related systems is not jeopardized.7.1.2.3Physical Identification of Safety Related EquipmentThe channels of electric circuits are identified with letter suffixes that follow the cable number.
These are four distinctive groups of electric circuits: protective, safety, non-safety, and information. Theelectric circuits in protective and safety utilize redundant channels.
WSES-FSAR-UNIT-37.1-77.1.2.4Conformance to IEEE Standard 279Extent of conformance to IEEE standard 279-1971 is discussed in the applicable section of Chapter 7.7.1.2.5Conformance to IEEE Standard 338The RPS and the ESF Systems are periodically tested in accordance with the criteria described in IEEEStandard 338-1971. Test intervals and their bases are included in the technical specifications.Since operation of the ESF System is not expected, the systems are periodically tested to verifyoperability. Complete channels, in the ESFAS, can be individually tested without initiating protective action and without inhibiting the operation of the system.Those actuated devices, which are not tested during reactor operation will be tested during scheduledreactor shutdown to ensure that they are capable of performing the necessary functions. Minimum frequencies for checks, calibration and testing of the ESFAS instrumentation are given in the Technical Specificiations. Testing criteria are described in Subsection 7.2.2.3.3 for the protective systems and 7.3.1.1.1.9 for the ESF Systems.7.1.2.6Conformance to IEEE Standard 344Safety related electrical I&C equipment is in conformance with IEEE Standard 344 and is discussed insection 3.10.7.1.2.7Comparison of Design With NRC Regulatory GuidesThe following is a comparison of the Waterford 3 instrumentation and control design with the listedRegulatory Guides:R.G. 1.6 Independence Between Redundant Standby (Onsite) Power Sources and Between TheirDistribution Systems (3/10/71)A comparison of the design with the recommendation of Regulatory Guide 1.6 is discussed in Section 8.3.R.G. 1.7 Control of Combustible Gas Concentrations in Containment Following a LOCA (3/10/71)A comparison of the design with the recommendations of Regulatory Guide 1.7 is discussed in Subsection 6.2.5.
WSES-FSAR-UNIT-37.1-8Revision 9 (12/97)R G. 1.11 Instrument Lines Penetrating Primary Reactor Containment (3/10/71)Containment Isolation provisions are complied with by the following design:a)A manually operated valve shall be installed as close to the containment as practicable and,b)Essential system instrument lines shall have a self actuated excess flow check valve installed asclose to the containment as practicable downstream of the manually operated valve. The CVR essential instrument line(s) is considered a closed system outside containment. These lines do not meet the requirements of Quality Group B standards defined in RG 1.26. However, the lines do meet the requirements defined in ISA-67.02. The NRC staff agreed (in License Amendment128) that the criteria of ISA-67.02 are consistent with Quality Group C (i.e., ASME,Section III, Class 3) which is consistent with the staff's interpretation of the criteria governing instrument lines.Therefore, the staff concluded that the system is a closed system. Upon high pressure in containment, the excess flow check valve will close. Since the excess flow check valve is orificed, the sensing line will equalize causing the excess flow check valve to open and permit normaloperation of the actuating system. The instrument lines downstream of the excess flow checkvalves are designed to Safety Class 3, Seismic Category I, therefore, meet a closed system for instrument lines outside containment (see Licensing Amendment 128).c)Nonessential system instrument lines will be equipped with redundant solenoid valves locatedoutside containment in lieu of manual valves. The solenoid valves will close on CIAS. This containment isolation provisions was approved per Licensing Amendment 128.d)The containment extreme wide range pressure instrumentation for post accident monitoringconsists of a sealed liquid filled system with bellows, following the guidelines in ANS-56.2/N271-
1976.R.G. 1.22 Periodic Testing of Protection Systems Actuation Function (2/17/72)Testing of the RPS and ESFAS in compliance with Regulatory Guide 1.22 is described in sections 7.2 and 7.3.R.G. 1.29 Seismic Design (6/7/72)The instrumentation and control of safety-related systems and safety-related portions of systems complywith Regulatory Guide 1.29.R.G. 1.30 Quality Assurance Requirements For the Installation, Inspection and Testing ofInstrumentation and Electric Equipment (08/11/72)References discussing comparison of the design with the recommendations of Regulatory Guide 1.30 isprovided in Table 8.1-3.R.G. 1.40 Qualification Test of Continuous Duty Motors Installed Inside the Containmentof Water Cooled Nuclear Power Plants (3/16/73A comparison of the design with the recommendations of Regulatory Guide 1.40 is provided in section 3.11.
WSES-FSAR-UNIT-37.1-9Revision 9 (12/97)R.G. 1.53 Application of Single Failure Criterion to Nuclear Power Plant Protection System (6/73)
The instrumentation and controls for the RPS and the ESFAS conform to the requirements of IEEEStandard 379-1972, IEEE Trial-Use Guide for the Application of the Single Failure Criterion to Nuclear Power Generating Station Protection Systems, and are consistent with the recommendation of Regulatory Guide 1.53, June 1973. A discussion of the single failure criterion is provided in Section 7.2.R G. 1.62 Manual Initiation of Protective Actions (10/73)Manual initiation of the RPS is described in 7.2.1.1.1.11 and 7.2.2.3.2. Manual initiation of the ESFAS isdescribed in Paragraph 7.3.2.1-2.R.G. 1.63 Electric Penetration Assemblies in Containment Structures for Water Cooled Nuclear Power Plant (10/73)A comparison of the design with the recommendations of Regulatory Guide 1.63 is provided in Section 8.3.R.G. 1.68 Preoperational and Initial Starting Test Program for Water Cooled Power Reactors (8/78)A comparison of the design with the recommendations of Regulatory Guide 1.68 is provided in Chapter 14.R.G. 1.73 Qualification Test of Electric Valve Operators Installed Inside the Containment (1/74)A comparison of the design with the recommendation of Regulatory Guide 1.73 is provided in Section 3.11.R.G. 1.75 Physical Independence of Electric Systems (Rev 1, January 1975)A comparison of the design with the recommendations of Regulatory Guide 1.75 is provided in Section 8.3.R.G. 1.80 Preoperational Testing of Instrument Air System (6/74)A comparison of the design with the recommendation of Regulatory Guide 1.80 is provided in Subsection 14.2.7.
WSES-FSAR-UNIT-37.1-10Revision 9 (12/97)R.G. 1.89 Qualification of Class 1E Equipment for Nuclear Power Plants (11/74)
A comparison of the design with the requirements of Regulatory Guide 1.89 is provided in Section 3.11.7.1.2.8IE Bulletin 79-27 and Safety Related and Nonsafety-Related Instrumentationand Control Systems (11/30/79)Waterford 3 in response to SER (NUREG-0787), Section 7.1.2, provided an evaluation forIE Bulletin 79-27.All Class 1E and non-Class 1E ac and dc buses supplying power to safety-related andnonsafety-related instrumentation and control system that could affect the ability to achieve a cold shutdown condition were considered using the guidelines of IE Bulletin 79-
- 27. All the Waterford 3 instrumentation and controls required for safe plant shutdown are redundant and Class 1E. The control room operators thus have the necessary redundantClass 1E instrumentation and control systems available to obtain cold shutdown. Theappropriate annunciation is provided in the control room which will indicate the loss of a particular bus. Procedural guidelines have been prepared to address adverse effects from single instrument bus losses. These procedures were developed to ensure that thecapability exists to achieve cold shutdown if power is lost to any one Class 1E or non-Class 1E instrument bus.The NRC concluded in SSER 6, Section 7.1.2, that satisfactory information (assummarized above) has been provided to address the IE Bulletin 79-27 concerns.