Korea Hydro & Nuclear Power Co., Ltd - Revised Response to RAI 316-8305 for the Question 17.04-1 (Rev.3)

ML18031A565
Person / Time
Site:	05200046
Issue date:	01/31/2018
From:	Korea Hydro & Nuclear Power Co, Ltd
To:	Office of New Reactors
Shared Package
ML18031A561	List: ML18031A563 ML18031A565
References
MKD/NW-18-0021L
Download: ML18031A565 (103)
v • d • e

Text

17.04-1_Rev.3 - 1 / 2 KEPCO/KHNP REVISED RESPONSE TO REQUEST FOR ADDITIONAL INFORMATION APR1400 Design Certification Korea Electric Power Corporation / Korea Hydro & Nuclear Power Co., LTD Docket No.52-046 RAI No.:

316-8305 SRP Section:

SRP 17.04 Application Section: 17.4 Date of RAI Issue:

11/17/2015 Question No. 17.04-1 SRP Chapter 17.4, Revision 1,Section II, Acceptance Criteria states, an applicant is required to identify differences between the design features, analytical techniques, and procedural measures proposed for its facility and the SRP acceptance criteria and evaluate how the proposed alternatives to the SRP acceptance criteria provide acceptable methods of compliance with the NRC regulations. The staff reviewed APR1400 DCD Section 17.4, Reliability Assurance Program, and found that the DCD Table 1.9-2 referenced SRP Chapter 17.4, Revision 1, but the information seems to follow the guidance provided in SRP Chapter 17.4, Revision 0. For example, APR1400 DCD Section 17.4 discusses a) essential elements of RAP instead of programmatic controls and processes for RAP in the operations phase, and b) development/integration of operational RAP (O-RAP), which is not included in the SRP guidance. Therefore, in order for the staff to reach an assurance finding on the conformance to SRP Chapter 17.4 regarding program adequacy, please provide details of a RAP program that follows the guidance in SRP Chapter 17.4, Revision 1 or an alternative to the SRP acceptance criteria, and revise the APR1400 DCD Section 17.4 accordingly.

Response - (Rev. 3)

A revision to DCD Section 17.4 was submitted to the NRC. Subsequently, the NRC staff requested several clarifications on the revision and asked additional questions during follow-up conference calls. The questions and clarifications are addressed in the RAP notebook (APR1400-K-P-NR-013903-P, Rev. 3), Appendix A.6.

Revised DCD Section 17.4, Table 17.4-1 and Table 3.2-1 based on the NRC feedback and the PRA update results, are provided in Attachments 1, 2, and 3, respectively.

17.04-1_Rev.3 - 2 / 2 KEPCO/KHNP Impact on DCD DCD Section 17.4, Table 17.4-1 and Table 3.2-1 will be revised as discussed above.

Impact on PRA There is no impact on the PRA.

Impact on Technical Specifications There is no impact on the Technical Specifications.

Impact on Technical/Topical/Environmental Reports There is no impact on Technical/Topical/Environmental Reports.

APR1400 DCD TIER 2 17.4 Reliability Assurance Program This section presents the design reliability assurance program (RAP) for the APR1400.

17.4.1 Introduction The RAP is implemented according to the Commissions direction provided in the Staff Requirements Memorandum (SRM) dated June 28, 1995, for Item E, the Reliability Assurance Program (RAP), of SECY-95-132, A Policy and Technical Issues Associated with the Regulatory Treatment of Non-Safety Systems (RTNSS) in Passive Plant Designs (Reference 1). The RAP applies to the systems, structures, and components (SSCs), both safety-related and non-safety-related that are identified as risk-significant (or significant contributors to plant safety). The SSCs within the scope of the RAP, referred to in this chapter as within-scope SSCs, are identified by a combination of probabilistic, deterministic, or other methods of analysis, including information obtained from sources such as the probabilistic risk assessment (PRA), severe accident evaluations, industry operating experience, and expert panels.

The RAP provides reasonable assurance of the following:

a. A plant is designed, constructed, and operated in a manner that is consistent with the risk insights and key assumptions (e.g., SSC design, reliability, and availability) from the probabilistic, deterministic, and other methods of analysis used to identify and prioritize risk.

b. The RAP SSCs do not degrade to an unacceptable level of reliability, availability, or condition during plant operation.

c.

The frequency of transients that challenge these SSCs is minimized.

d. These SSCs will function reliably when challenged.

The RAP is implemented in two stages. The first stage, the design reliability assurance program (D-RAP), encompasses reliability assurance activities that occur before initial fuel load. The second stage comprises the reliability assurance activities conducted during the operations phase of the plants license. This DCD only describes the first stage.

The second stage, the operations RAP (O-RAP), is not within the scope of the design certification and will be addressed during the COL application stage.

17.4-1 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 The D-RAP ensures that the plant is designed and constructed in a manner that is consistent with the risk insights and key assumptions (e.g., SSC design, reliability, and availability) from the probabilistic, deterministic, and other methods of analysis used to identify and quantify risk. Therefore, the key features of the D-RAP include the following:

a. Programmatic controls that ensure the risk insights and key assumptions are consistent with the plant design and construction. These programmatic controls address organization responsibilities, design control activities, procedures and instructions, records, corrective action and assessment plans, and that the list of D-RAP SSCs is appropriately developed, maintained, and communicated to the appropriate organizations.

b. Quality assurance (QA) programs related to design and construction activities (e.g.,

design, procurement, fabrication, construction, inspection, and testing activities) to safety-related SSCs are established through Title 10 of the Code of Federal Regulations (10 CFR) Part 50, Domestic Licensing of Production and Utilization Facilities. The QA requirements are specified in Appendix B, Quality Assurance Criteria for Nuclear Power Plants and Fuel Reprocessing Plants. SRP Section 17.5, Part V, Nonsafety-Related SSC Quality Controls, addresses QA controls for RAP SSCs that are not safety-related.

17.4.2 RAP Implementation Phase 1 of the design RAP includes the initial identification of SSCs in the program, implementation of the aspects applicable to design efforts, and the definition of the scope, requirements, and implementation options included in the later phases.

The D-RAP is implemented as follows, in compliance with NUREG-0800 (Reference 5):

17.4.2.1 Development The RAP identifies risk-significant SSCs and provides key assumptions and risk insights for aspects of plant operation, maintenance, and performance monitoring to provide reasonable assurance of safe, reliable plant operation or to mitigate plant transients or other events that could present a risk to the public. Risk-significant SSCs are identified using the PRA, deterministic evaluation or other methods of analysis, including industry experience, and the input of the expert panel.

17.4-2 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 The D-RAP process is implemented in three phases.

a.

Phase 1 (Design Certification) During this phase, system information is collected and a system model is developed. The designer, Korea Hydro & Nuclear Power Co., Ltd. (KHNP), is responsible for Phase 1. The system information and model are used as input to a design phase PRA and review of external events.

Phase 1 provides reasonable assurance that the reactor design meets the purposes specified above through the design, procurement, fabrication, construction, and preoperational testing activities and programs. The results of these activities are provided to an expert panel that identifies risk-significant SSCs using deterministic, probabilistic, and other methods.

b. Phase 2 (Site Specific) During this phase, the RAP process is applied to the plant site-specific information and the site-specific SSCs and APR1400 design SSCs are combined into one list.

c.

Phase 3 (Final pre-operation). During the last phase of the RAP, the procurement, fabrication, construction, and preoperational testing are implemented. The site-specific list of SSCs is provided as input to the RAP during the operations phase, which addresses plant operation and maintenance activities. This phase provides reasonable assurance that the reliability of the SSCs within the scope of the RAP is maintained during plant operations.

Phases 2 and 3 are the responsibility of the COL applicant. Additional details are provided in Subsection 17.4.3 (COL 17.4(1)).

17.4.2.2 Programmatic Controls

a. Organization KHNP has established the following positions to ensure effective design and configuration control throughout the DC process:

The Project Manager of the APR1400 project is responsible for establishing and implementing the RAP. The Project Manager or designated representative is responsible for providing reasonable assurance that all affected organizations are aware of the D-RAP, its purposes and requirements.

17.4-3 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 The Manager of Plant Safety is responsible for providing reasonable assurance of overall plant safety in the design, including the use of the PRA results and risk insights in the D-RAP implementation.

The Manager of QA is responsible for providing reasonable assurance that the QA program is implemented properly, which includes design control, procedures and instructions, records, corrective actions and audits pertaining to the D-RAP.

The Managers of Design Engineering are responsible for implementing the RAP and providing reasonable assurance that the APR1400 design is consistent with the identified risk-significant SSCs and the associated key assumptions and risk insights from the PRA.

The risk management organization is responsible for requesting design engineering to review key assumptions in the PRA and to incorporate the comments to provide reasonable assurance that the key assumptions are realistic and achievable. The risk management organization is also responsible for providing the related inputs to RAP in the design process by participating in the design change process. The risk management organization is also responsible for being involved in the design review. Changes are therefore identified for potential D-RAP impact.

Configuration control is established by the risk management organization, which maintains the list of risk-significant SSCs for the RAP and the associated key assumptions and risk insights from the PRA. The list and changes are approved by an expert panel, and the panel provides the information to design engineering and QA staff working on the APR1400 project.

The risk management organization provides reasonable assurance that the design engineering organizations are provided with the list of risk-significant RAP SSCs and the associated key assumptions and risk insights from the PRA, which are addressed in Section 19.1. The design engineering organization reviews the list of risk-significant RAP SSCs and associated key assumptions and risk insights from the PRA. The design engineering organization compares this information to the design activities and provides feedback to the risk management organization to achieve reasonable assurance that the risk-significant SSCs and the key assumptions and risk insights from the PRA are reasonably incorporated into the 17.4-4 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 design, construction, and operational activities. This action ensures an acceptable level of quality control.

The APR1400 Project Manager or designated representative prepares the procedures and instructions used to implement the RAP. The Project Manager or representative is responsible for the development, verification, and implementation and for providing reasonable assurance that all affected organizations are aware of the RAP.

b. Records RAP-related records include the following:

1) List of risk-significant SSCs

2) Expert panel meeting minutes/summaries Other QA program records are maintained in accordance with the QA Program for the APR1400 (Reference 2).

c. Corrective Action The activities associated with the RAP that are determined to be in error, deficient, or nonconforming are processed through the corrective action program (CAP),

which supports the quality assurance procedure.

d. Audits Audit plans include a consideration of sampling the implementation of the D-RAP and its procedures to evaluate effectiveness. Audits consider several key aspects of the D-RAP including the identification of risk-significant SSCs and whether the key assumptions and risk insights from PRA are reasonably incorporated in the design, construction and operational activities.

17.4.2.3 SSC Identification During the APR1400 design phase, risk-significant SSCs are identified for inclusion in the RAP. A list of risk-significant SSCs is developed and controlled as design input for consideration during the design phase. The list of risk-significant SSCs is initially based 17.4-5 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 on the results of the PRA and the expert panel. For further information on the PRA, refer to Section 19.1. In addition to PRA input, information from U.S. industry operating experience is considered in the identification of risk-significant SSCs. The list of risk-significant SSCs identified during the design phase is updated after the plant-specific PRA results are developed.

The PRA evaluates the APR1400 design response to a spectrum of initiating events to provide reasonable assurance that plant damage has a low frequency and that risk to the public is minimized. The risk-significant SSCs including both safety-related and non-safety-related SSCs for the APR1400 design are identified for the design organization.

The PRA is used to identify risk-significant SSCs, based on risk achievement worth (RAW) and Fussell-Vesely (FV) importance. Risk-significant SSCs are identified with importance criteria of FV greater than 0.005 and RAW greater than 2. In the APR1400 D-RAP, these criteria have been applied to both single-failure basic events and common cause failure (CCF) basic events. A RAW value of 20 was conservatively selected to reflect the fact that the common cause RAW measures the failure of two or more trains, including the higher likelihood of failure of the second train from common causes, as described in NEI 00-04 (Reference 4). Risk-significant SSCs identified by a RAW greater than 2 for single-failure basic events sufficiently cover the risk-significant SSCs identified by a RAW greater than 20 for common cause basic events. Component-based FVs are also estimated and used to identify risk-significant SSCs. The RAW and FV criteria are applied to the results of each risk hazard model separately, not to the combined results. For the seismic margin analysis (SMA), risk-significant SSCs are identified according to the approach provided by NEI 00-04.

Engineering judgment based on the PRA key assumptions and results is used for:

1) SSCs for which RAW/FV values have not been quantified,

2) SSCs whose RAW/FV results do not exceed the importance criteria Risk significance is identified by engineering judgment from the following points of view:

1) Contribution to required mitigation functions during the accident

2) Similarity of the impact of failure with other risk-significant SSCs 17.4-6 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2

3) Impact on risk-significant human actions or signals

4) Potential contribution of un-modeled components

5) Potential impact of conservative modeling For severe accident management SSCs, SSCs that are required to meet the requirements of 10 CFR are evaluated, and key SSCs are identified as risk-significant SSCs (e.g. cavity flooding system isolation valves).

A third source in the RAP process for identifying risk-significant SSCs is the use of an expert panel consisting of representatives from design engineering, PRA, and other qualified individuals in operations and maintenance who are independent of the PRA group.

The expert panel also reviews the categorization of SSCs determined to be non-risk significant based on quantified PRA results (e.g., technical adequacy of the basis used in the categorization, review of defense-in-depth implications, review of safety margin implications). As part of the RAP process, the PRA analytical results, operating experience, and an expert panel process are combined to develop a comprehensive list of risk-significant SSCs.

For SSCs modeled in the PRA models, the failure modes of SSCs that can impact accident mitigative functions are represented by basic events in fault tree models. The dominant failure modes are determined from PRA models. For SSCs that are not modeled in PRA, dominant failure modes are based on SSCs that have a similar impact on the accident mitigation. The expert panel considers dominant failure modes in order to reflect industry operating experience.

The expert panel is responsible for the final selection of the SSCs included in the RAP.

The expert panel consists of a minimum of four people and includes at least one person with experience in design engineering, PRA, operations and maintenance, and QA.

Industry operating experience and the expert panel are part of the deterministic approach and other processes. Engineering judgment is used in considering the addition of SSCs to the RAP. Qualifications of the voting members of the expert panel are defined in the Expert Panel Implementing Procedure for APR1400 Reliability Assurance Program and are as follows:

1) Minimum of 6 years of experience in the nuclear industry.

17.4-7 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2

2) Minimum of 4 years of experience in a relevant discipline such as engineering or operations.

The SSCs included in the design phase are listed in Table 17.4-1. The boundaries for the RAP SSCs listed in the table are defined as follows:

1) The SSC boundaries are verified as consistent with the SSCs in the corresponding sections of the DCD.

2) Each SSC boundary is specific to the component and/or structure under consideration and does not include any supporting or backup SSCs.

3) The SSC boundary modeled in the PRA is consistent with the SSC boundary definition used in the APR1400 PRA (refer to Section 19.1), which is consistent with the available generic failure data.

Phase 1 RAP activities provide reasonable assurance that the key assumptions and risk insights from PRA, as identified in Section 19.1, are appropriately reflected in Table 17.4-1.

17.4.2.4 QA Controls The non-safety-related RAP SSCs are subjected to appropriate QA controls as described in Section 17.5.

17.4.2.5 ITAAC Development Tier 1 inspections, tests, analyses and acceptance criteria (ITAAC) for the COL D-RAP are proposed to provide reasonable assurance that the plant is designed and constructed in a manner that is consistent with the key assumptions and risk insights for risk-significant SSCs. The list of risk-significant SSCs for ITAAC is prepared by introducing the plants site-specific information to the list shown in Table 17.4-1 in Phase 2 of the RAP. The ITAAC is established to provide reasonable assurance that the APR1400 design has been subjected to the applicable reliability assurance activities for all risk-significant within-scope SSCs when the COL is issued (COL 17.4(2)).

17.4-8 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 17.4.3 Operations Phase 17.4.3.1 Objective Once operation commences, the RAP ensures that the reliability and availability of SSCs are maintained commensurate with their risk significance. This phase is implemented through regulatory requirements for SSCs, including (1) the maintenance rule program established per 10 CFR 50.65, Requirements for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants, (2) the QA program for safety-related SSCs established per Appendix B to 10 CFR Part 50, (3) QA controls for nonsafety-related SSCs established in accordance with Part V of SRP Section 17.5, and (4) the inservice inspection, inservice testing, surveillance testing, and maintenance programs. Prior to initial fuel load, the COL licensee identifies dominant failure modes and integrates the RAP into operational programs. During the operations phase of the plant, performance and condition monitoring are implemented to provide reasonable assurance that these SSCs do not degrade to an unacceptable level of reliability, availability, or condition.

17.4.3.2 Integration The APR1400 RAP serves as a source for other administrative and operational programs.

Certain risk-significant SSCs identified in the RAP may be included in existing operational programs such as Technical Specifications surveillance requirements and provide reasonable assurance that the reliability values assumed in the PRA are maintained throughout the plant life.

During the operations phase, the RAP implements measures that yield continual improvements in the PRA through the plants existing programs for maintenance or QA.

Implementation of the Maintenance Rule requirements in 10 CFR 50.65 (Reference 3) is an example of how the plant could address the enhanced treatment of certain SSCs during the operations phase. COL applicant responsibilities are listed in Subsection 17.4.4 (COL 17.4(3)).

17.4.3.3 Operating Experience Consideration and use of operating experience is vital to the objective of the RAP.

Operating experience is considered along with various PRA analytical and importance measures when developing a comprehensive risk analysis. The expert panel considers SSC operating history and industry operating experience when assessing SSC risk 17.4-9 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 significance. For example, operating experience indicates that the reliability of motor-driven and turbine-driven pumps may be different.

A review of operating experience may reveal conditions in which previous failures of SSCs in similar design applications have led to functional failures of SSCs. The review of operating experience is not limited to hardware failure but also extends to situations in which human performance led to functional failures of SSCs with a similar system design.

For example, the APR1400 design improves SSC reliability by eliminating required operator actions to switch from injection to recirculation, which is an improvement relative to conventional PWRs.

17.4.4 Combined License Information The COL applicant responsibilities during the license application phase, and prior to the initial fuel load, are delineated in NUREG-0800. These responsibilities are not addressed in detail during the APR1400 design phase. The following paragraphs briefly summarize these D-RAP responsibilities on a preliminary basis.

COL 17.4(1)

The COL applicant is to develop and implement Phases 2 and 3 of the design RAP, including QA requirements. In Phase 2, the plants site-specific information is subjected to the D-RAP process, and the site-specific risk-significant SSCs are combined with the Phase 1 (design) risk-significant SSCs into one list for the plant. Phase 2 is performed during the COL application phase and updated/maintained during the COL license holder phase. In Phase 3, procurement, fabrication, construction, and test specifications for the SSCs within the scope of the D-RAP provide reasonable assurance that key assumptions, such as equipment reliability, are realistic and achievable. The QA requirements are implemented at this time. Phase 3 is performed during the COL license holder phase and prior to initial fuel loading.

COL 17.4(2)

The COL applicant is to propose a method for incorporating the objectives of the reliability assurance program into other programs for design or operational errors that degrade non-safety-related, risk-significant SSCs.

COL 17.4(3) The COL applicant to develop and implement the RAP in the operations phase in which RAP activities are integrated into the existing operational program (e.g., Maintenance Rule, surveillance testing, inservice inspection, 17.4-10 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 inservice testing, QA). The RAP in the operations phase also includes the process for providing corrective actions for design and operational errors that degrade non-safety-related SSCs within the scope of the RAP. A description of the proposed method for developing and integrating the operational RAP into operating plant programs (e.g., Maintenance Rule, quality assurance) is to be performed during the COL application phase.

The development/integration of the O-RAP is performed during the COL license holder phase and prior to initial fuel loading. All SSCs identified as risk-significant within the scope of the design RAP are categorized as high-safety-significant (HSS) within the scope of the initial Maintenance Rule. Integration of reliability assurance activities into existing operational programs also addresses the establishment of:

a. Reliability performance goals for risk-significant SSCs consistent with the existing maintenance and quality assurance processes on the basis of information from the D-RAP. For example, implementation of the Maintenance Rule per Regulatory Guide 1.160 is one acceptable method for establishing performance goals if SSCs are categorized as HSS within the scope of the Maintenance Rule program.

b. Performance and condition monitoring requirements to provide reasonable assurance that risk-significant SSCs do not degrade to an unacceptable level during plant operations.

17.4.5 References

1.

SECY 95-132, Policy and Technical Issues Associated with the Regulatory Treatment of Non-Safety Systems (RTNSS) in Passive Plant Design, U.S. Nuclear Regulatory Commission, May 1995.

2.

APR1400-K-Q-TR-11005-NP, KHNP Quality Assurance Program Description (QAPD) for the APR1400 Design Certification, Rev. 5, KHNP, September 2014.

3.

10 CFR 50.65, Requirements for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants, U.S. Nuclear Regulatory Commission.

4.

NEI 00-04, 10 CFR 50.69, SSC Categorization Guideline, Rev. 0, Nuclear Energy Institute, 2005.

17.4-11 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2

5.

NUREG-0800, Standard Review Plan, Section 17.4, Reliability Assurance Program, Rev. 1, U.S. Nuclear Regulatory Commission, May 2014.

6.

10 CFR 52.47(b)(1), Contents of Applications; Additional Technical Information, 2015.

7.

10 CFR 52.80(a), Contents of Applications; Additional Technical Information, 2015.

17.4-12 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (1 of 34)

Risk-Significant Within-Scope RAP SSCs Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 1 AF TP01A Fails to Start Fails to Run Auxiliary Feedwater Turbine-Driven Pump 1A Level 1, Level 2, Flood, Fire, Seismic 2

AF TP01B Fails to Start Fails to Run Auxiliary Feedwater Turbine-Driven Pump 1B Level 1, Level 2, Flood, Fire, Seismic 3

AF MDP02A Fails to Start Fails to Run Auxiliary Feedwater Motor-Driven Pump 2A Level 1, Fire, Seismic 4

AF MDP02B Fails to Start Fails to Run Auxiliary Feedwater Motor-Driven Pump 2B Level 1, Fire, Seismic 5

AF CV1003A Fails to Open Auxiliary Feedwater Motor-Driven Pump 2A Discharge Check Valve Level 1, Level 2, Fire 6

AF CV1003B Fails to Open Auxiliary Feedwater Motor-Driven Pump 2B Discharge Check Valve Level 1, Level 2, Fire 7

AF CV1004A Fails to Open Auxiliary Feedwater Turbine-Driven Pump 1A Discharge Check Valve Level 1, Level 2, Fire 8

AF CV1004B Fails to Open Auxiliary Feedwater Turbine-Driven Pump 1B Discharge Check Valve Level 1, Level 2, Fire 9

AF CV1007A Fails to Open Auxiliary Feedwater Motor-Driven Pump 2A Discharge Check Valve Level 1, Level 2, Fire 10 AF CV1007B Fails to Open Auxiliary Feedwater Motor-Driven Pump 2B Discharge Check Valve Level 1, Level 2, Fire 11 AF CV1008A Fails to Open Auxiliary Feedwater Turbine-Driven Pump 1A Discharge Check Valve Level 1, Level 2, Fire 12 AF CV1008B Fails to Open Auxiliary Feedwater Turbine-Driven Pump 1B Discharge Check Valve Level 1, Level 2, Fire 13 AF CV1012A Fails to Open Auxiliary Feedwater Motor-Driven Pump 2A Mini-flow Line Check Valve Level 1, Level 2, Fire 14 AF CV1012B Fails to Open Auxiliary Feedwater Motor-Driven Pump 2B Mini-flow Line Check Valve Level 1, Level 2, Fire 15 AF CV1014A Fails to Open Auxiliary Feedwater Turbine-Driven Pump 1A Mini-flow Line Check Valve Level 1, Fire 17.4-13 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (2 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 16 AF CV1014B Fails to Open Auxiliary Feedwater Turbine-Driven Pump 1B Mini-flow Line Check Valve Level 1, Fire 17 AF MV043 Fails to Open Fails to Closed Auxiliary Feedwater Motor-Driven Pump 2A Discharge Isolation Valve Level 1, Level 2, Fire 18 AF MV044 Fails to Open Fails to Closed Auxiliary Feedwater Motor-Driven Pump 2B Discharge Isolation Valve Level 1, Level 2, Fire 19 AF MV045 Fails to Open Fails to Closed Auxiliary Feedwater Turbine-Driven Pump 1A Discharge Isolation Valve Level 1, Level 2 20 AF MV046 Fails to Open Fails to Closed Auxiliary Feedwater Turbine-Driven Pump 1B Discharge Isolation Valve Level 1, Level 2 21 AF SOV0035 Fails to Control Spuriously Closed Auxiliary Feedwater Motor-Driven Pump 2A Discharge Modulation Valve Level 2, Fire 22 AF SOV0036 Fails to Control Spuriously Closed Auxiliary Feedwater Motor-Driven Pump 2B Discharge Modulation Valve Level 2, Fire 23 AF SOV0037 Fails to Control Spuriously Closed Auxiliary Feedwater Turbine-Driven Pump 1A Discharge Modulation Valve Level 1 24 AF SOV0038 Fails to Control Spuriously Closed Auxiliary Feedwater Turbine-Driven Pump 1B Discharge Modulation Valve Level 1 25 AF 78-15D

-AF-X Break Auxiliary Feedwater System Piping in Room 078-A15D Flood 26 AT AOV009 Fails to Open Auxiliary Feedwater Turbine-Driven Pump 1A Turbine Steam Supply Isolation Valve Level 1, Level 2 27 AT AOV010 Fails to Open Auxiliary Feedwater Turbine-Driven Pump 1B Turbine Steam Supply Isolation Valve Level 1, Level 2 28 AT CV1020A Fails to Open Auxiliary Feedwater Turbine-Driven Pump 1A Turbine Steam Supply Check Valve Level 1, Level 2 29 AT CV1020B Fails to Open Auxiliary Feedwater Turbine-Driven Pump 1B Turbine Steam Supply Check Valve Level 1, Level 2 17.4-14 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (3 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 30 AX AFWST Rupture Auxiliary Feedwater Storage Tank Expert Panel 31 AX CV1600 Fails to Open Demineralized Water Line Check Valve Level 1, Level 2 32 CA CV1023 Fails to Open Condenser Vacuum System -

Containment Isolation Valve LPSD Fire Level 2 33 CC MP01A Fails to Start Fails to Run Component Cooling Water Pump 1A Level 1, Level 2, Fire, Seismic 34 CC MP01B Fails to Start Fails to Run Component Cooling Water Pump 1B Level 1, Level 2, Fire, Seismic 35 CC MP02A Fails to Start Fails to Run Component Cooling Water Pump 2A Level 1, Level 2, Fire, Seismic 36 CC MP02B Fails to Start Fails to Run Component Cooling Water Pump 2B Level 1, Level 2, Fire, Seismic 37 CC HE01A Fails while operating Component Cooling Water Heat Exchanger 1A Level 1, Level 2, Fire, Seismic 38 CC HE01B Fails while operating Component Cooling Water Heat Exchanger 1B Level 1, Level 2, Fire, Seismic 39 CC HE02A Fails while operating Component Cooling Water Heat Exchanger 2A Level 1, Level 2, Fire, Seismic 40 CC HE02B Fails while operating Component Cooling Water Heat Exchanger 2B Level 1, Level 2, Fire, Seismic 41 CC HE03A Fails while operating Component Cooling Water Heat Exchanger 3A Level 1, Level 2, Fire, Seismic 17.4-15 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (4 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 42 CC HE03B Fails while operating Component Cooling Water Heat Exchanger 3B Level 1, Level 2, Fire, Seismic 43 CC CV1001 Fails to Open Component Cooling Water Pump 1A Discharge Check Valve Level 1, Level 2, Fire 44 CC CV1002 Fails to Open Component Cooling Water Pump 1B Discharge Check Valve Level 1, Level 2, Fire 45 CC CV1003 Fails to Open Component Cooling Water Pump 2A Discharge Check Valve Level 1, Level 2, Fire 46 CC CV1004 Fails to Open Component Cooling Water Pump 2B Discharge Check Valve Level 1, Level 2, Fire 47 CC MV021 Fails to Remain Open Component Cooling Water Heat Exchanger 1A Discharge Valve Expert Panel 48 CC MV022 Fails to Remain Open Component Cooling Water Heat Exchanger 1B Discharge Valve Expert Panel 49 CC MV023 Fails to Remain Open Component Cooling Water Heat Exchanger 2A Discharge Valve Expert Panel 50 CC MV024 Fails to Remain Open Component Cooling Water Heat Exchanger 2B Discharge Valve Expert Panel 17.4-16 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (5 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 51 CC MV025 Fails to Open Component Cooling Water Heat Exchanger 3A Discharge Valve Expert Panel 52 CC MV026 Fails to Open Component Cooling Water Heat Exchanger 3B Discharge Valve Expert Panel 53 CC MV027 Fails to Open Component Cooling Water Heat Exchanger Bypass Valve Expert Panel 54 CC MV028 Fails to Open Component Cooling Water Heat Exchanger Bypass Valve Expert Panel 55 CC MV097 Fails to Open Containment Spray Heat Exchanger 1A Component Cooling Water Inlet Valve Level 1, Level 2 56 CC MV098 Fails to Open Containment Spray Heat Exchanger 1B Component Cooling Water Inlet Valve Level 1, Level 2 57 CC MV131 Fails to Open Essential Chiller 2A Component Cooling Water Outlet Valve Level 1, Fire 58 CC MV132 Fails to Open Essential Chiller 2B Component Cooling Water Outlet Valve Level 1, Fire 59 CC MV143 Fails to Close Component Cooling Water Non-Safety Load Line Isolation Valve Level 1, Level 2, Fire 60 CC MV144 Fails to Close Component Cooling Water Non-Safety Load Line Isolation Valve Level 1, Level 2, Fire 61 CC MV145 Fails to Close Component Cooling Water Non-Safety Load Line Isolation Valve Level 1, Level 2, Fire 62 CC MV146 Fails to Close Component Cooling Water Non-Safety Load Line Isolation Valve Level 1, Level 2, Fire 63 CC MV147 Fails to Close Component Cooling Water Non-Safety Load Line Isolation Valve Level 1, Level 2, Fire 64 CC MV148 Fails to Close Component Cooling Water Non-Safety Load Line Isolation Valve Level 1, Level 2, Fire 17.4-17 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (6 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 65 CC MV149 Fails to Close Component Cooling Water Non-Safety Load Line Isolation Valve Level 1, Level 2, Fire 66 CC MV150 Fails to Close Component Cooling Water Non-Safety Load Line Isolation Valve Level 1, Level 2, Fire 67 CC MV181 Fails to Open Emergency Diesel Generator 1C Component Cooling Water Inlet Valve Level 1, Level 2, Fire 68 CC MV182 Fails to Open Emergency Diesel Generator 1D Component Cooling Water Inlet Valve Level 1, Level 2, Fire 69 CC MV191 Fails to Open Emergency Diesel Generator 1A Component Cooling Water Inlet Valve Level 1, Level 2, Fire 70 CC MV192 Fails to Open Emergency Diesel Generator 1B Component Cooling Water Inlet Valve Level 1, Level 2, Fire 71 CC MV351 Fails to Open Shutdown Cooling Heat Exchanger 1A Component Cooling Water Inlet Valve LPSD 72 CC MV352 Fails to Open Shutdown Cooling Heat Exchanger 1B Component Cooling Water Inlet Valve LPSD 73 CC MV383 Fails to Open Essential Chiller 1A Component Cooling Water Outlet Valve Expert Panel 74 CC MV384 Fails to Open Essential Chiller 1B Component Cooling Water Outlet Valve Expert Panel 75 CC TK01A Rupture Component Cooling Water Surge Tank 1A Level 1, Level 2, Flood, Fire 76 CC TK01B Rupture Component Cooling Water Surge Tank 1B Level 1, Level 2, Flood, Fire 77 CD TK01 Rupture Condensate Deaerator Storage Tank A Level 1 78 CD TK02 Rupture Condensate Deaerator Storage Tank B Level 1 79 CS PP01A Fails to Start Fails to Run Containment Spray Pump 1A Level 1, Level 2, Fire, Seismic 17.4-18 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (7 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 80 CS PP01B Fails to Start Fails to Run Containment Spray Pump 1B Level 1, Level 2, Fire, Seismic 81 CS HE01A Fails while operating Containment Spray Heat Exchanger 1A Level 1, Level 2, Seismic 82 CS HE01B Fails while operating Containment Spray Heat Exchanger 1B Level 1, Level 2, Seismic 83 CS HE02A Fails while operating Containment Spray Mini-flow Line Heat Exchanger 2A Seismic 84 CS HE02B Fails while operating Containment Spray Mini-flow Line Heat Exchanger 2B Seismic 85 CS CV1001 Fails to Open Containment Spray Pump 1A Discharge Check Valve Level 1 86 CS CV1002 Fails to Open Containment Spray Pump 1B Discharge Check Valve Level 1 87 CS CV1007 Fails to Open Containment Spray Heat Exchanger 1A Discharge Check Valve Level 1, Level 2 88 CS CV1008 Fails to Open Containment Spray Heat Exchanger 1B Discharge Check Valve Level 1, Level 2 89 CS MV001 Fails to Open Containment Spray Heat Exchanger 1A Discharge Isolation Valve Level 1, Level 2 90 CS MV002 Fails to Open Containment Spray Heat Exchanger 1B Discharge Isolation Valve Level 1, Level 2 91 CS MV003 Fails to Open Containment Spray Heat Exchanger 1A Discharge Isolation Valve Level 1, Level 2 92 CS MV004 Fails to Open Containment Spray Heat Exchanger 1B Discharge Isolation Valve Level 1, Level 2 93 CV PP03 Fails to Start Fails to Run Auxiliary Charging Pump Level 1, Level 2, Seismic 94 CV CV334 Fails to Open Auxiliary Charging Pump Discharge Check Valve Level 1 95 CV CV189 Fails to Open In-Containment Refueling Water Storage Tank Return Line Check Valve Level 1, Level 2 17.4-19 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (8 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 96 CV MV509 Fails to Open In-Containment Refueling Water Storage Tank Return Line Isolation Valve (Normally Closed)

Level 1, Level 2 97 CV MV553 Fails to Open In-Containment Refueling Water Storage Tank Return Line Isolation Valve (Normally Open)

Level 1, Level 2 98 CV VV126 Fails to Open In-Containment Refueling Water Storage Tank Refill Line Manual Isolation Valve Level 1, Level 2 99 CV VV649 Fails to Open In-Containment Refueling Water Storage Tank Refill Line Manual Isolation Valve Level 1, Level 2 100 CV TK02 Rupture Boric Acid Storage Tank Level 1 101 CV AV505, AV523, AV561 Fails to Close Chemical and Volume Control System

- Containment Isolation Valve LPSD Fire Level 2 102 CV AV506, AV522, AV560 Fails to Close Chemical and Volume Control System

- Containment Isolation Valve Expert Panel 103 DA AACTG Fails to Start Fails to Run Alternate Alternating Current Gas Turbine Generator SBO, Level 1, Level 2, Seismic 104 DA PP01 Fails to Start Fails to Run Alternate Alternating Current Fuel Oil Transfer Pump SBO, Fire 105 DA PP02 Fails to Start Fails to Run Alternate Alternating Current Fuel Oil Transfer Pump SBO, Fire 106 DA CV1005 Fails to Open Alternate Alternating Current Fuel Oil Transfer Pump Discharge Check Valve SBO, Expert Panel 107 DA CV1007 Fails to Open Alternate Alternating Current Fuel Oil Transfer Pump Discharge Check Valve SBO, Expert Panel 108 DA TK01 Rupture Alternate Alternating Current Fuel Oil Storage Tank SBO, Expert Panel 109 DA TK02 Rupture Alternate Alternating Current Fuel Oil Day Tank SBO, Expert Panel 17.4-20 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (9 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 110 DC BC01A Fails to Operate Class 1E 125 V Direct Current Battery Charger 1A Level 1, Level 2, Seismic 111 DC BC01B Fails to Operate Class 1E 125 V Direct Current Battery Charger 1B Level 1, Level 2, Seismic 112 DC BC01C Fails to Operate Class 1E 125 V Direct Current Battery Charger 1C Level 1, Level 2, Seismic 113 DC BC01D Fails to Operate Class 1E 125 V Direct Current Battery Charger 1D Level 1, Level 2, Seismic 114 DC BC02A Fails to Operate Class 1E 125 V Direct Current Standby Battery Charger 2A Level 1, Seismic 115 DC BC02B Fails to Operate Class 1E 125 V Direct Current Standby Battery Charger 2B Level 1, Seismic 116 DC BC02C Fails to Operate Class 1E 125 V Direct Current Standby Battery Charger 2C Level 1, Seismic 117 DC BC02D Fails to Operate Class 1E 125 V Direct Current Standby Battery Charger 2D Level 1, Seismic 118 DC BT01A Fails to Provide Output Class 1E 125 V Direct Current Battery 1A Level 1, Level 2, Fire, Seismic 119 DC BT01B Fails to Provide Output Class 1E 125 V Direct Current Battery 1B Level 1, Level 2, Fire, Seismic 120 DC BT01C Fails to Provide Output Class 1E 125 V Direct Current Battery 1C Level 1, Level 2, Fire, Seismic 121 DC BT01D Fails to Provide Output Class 1E 125 V Direct Current Battery 1D Level 1, Level 2, Fire, Seismic 17.4-21 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (10 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 122 DC MC01A Fails to Operate Class 1E 125 V Direct Current Bus 1A Level 1, Level 2, Flood, Fire, Seismic 123 DC MC01B Fails to Operate Class 1E 125 V Direct Current Bus 1B Level 1, Level 2, Flood, Fire, Seismic 124 DC MC01C Fails to Operate Class 1E 125 V Direct Current Bus 1C Level 1, Level 2, Flood, Fire, Seismic 125 DC MC01D Fails to Operate Class 1E 125 V Direct Current Bus 1D Level 1, Level 2, Flood, Fire, Seismic 126 DC MC01M Fails to Operate Non-Class 1E 250 V Direct Current Bus 1M Level 1, Level 2 127 DC MC01N Fails to Operate Non-Class 1E 250 V Direct Current Bus 1N Level 1, Level 2 128 DE AV006 Fails to Close Radioactive Drain System -

Containment Isolation Valve Level 2 129 DE MV005 Fails to Close Radioactive Drain System -

Containment Isolation Valve LPSD Fire Level 2 130 DG EDG A Fails to Start Fails to Run Emergency Diesel Generator A Level 1, Level 2, LPSD, Fire, Seismic 131 DG EDG B Fails to Start Fails to Run Emergency Diesel Generator B Level 1, Level 2, LPSD, Fire, Seismic 132 DG EDG C Fails to Start Fails to Run Emergency Diesel Generator C Level 1, Level 2, LPSD, Fire, Seismic 17.4-22 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (11 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 133 DG EDG D Fails to Start Fails to Run Emergency Diesel Generator D Level 1, Level 2, LPSD, Fire, Seismic 134 DO PP01A Fails to Start Fails to Run Diesel Fuel Oil Transfer Pump 1A Level 1, Level 2, Seismic 135 DO PP01B Fails to Start Fails to Run Diesel Fuel Oil Transfer Pump 1B Level 1, Level 2, Seismic 136 DO PP01C Fails to Start Diesel Fuel Oil Transfer Pump 1C Level 1, Level 2, Seismic 137 DO PP01D Fails to Run Diesel Fuel Oil Transfer Pump 1D Level 1, Level 2, Seismic 138 DO PP02A Fails to Start Diesel Fuel Oil Transfer Pump 2A Level 1, Level 2, Seismic 139 DO PP02B Fails to Run Diesel Fuel Oil Transfer Pump 2B Level 1, Level 2, Seismic 140 DO PP02C Fails to Start Diesel Fuel Oil Transfer Pump 2C Level 1, Level 2, Seismic 141 DO PP02D Fails to Run Diesel Fuel Oil Transfer Pump 2D Level 1, Level 2, Seismic 142 DO CV1005A Fails to Open Diesel Fuel Oil Transfer Pump 1A Discharge Check Valve Level 1, Level 2, Fire 143 DO CV1005B Fails to Open Diesel Fuel Oil Transfer Pump 1B Discharge Check Valve Level 1, Level 2, Fire 144 DO CV1005C Fails to Open Diesel Fuel Oil Transfer Pump 1C Discharge Check Valve Level 1, Level 2, Fire 17.4-23 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (12 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 145 DO CV1005D Fails to Open Diesel Fuel Oil Transfer Pump 1D Discharge Check Valve Level 1, Level 2, Fire 146 DO CV1007A Fails to Open Diesel Fuel Oil Transfer Pump 2A Discharge Check Valve Level 1, Level 2, Fire 147 DO CV1007B Fails to Open Diesel Fuel Oil Transfer Pump 2B Discharge Check Valve Level 1, Level 2, Fire 148 DO CV1007C Fails to Open Diesel Fuel Oil Transfer Pump 2C Discharge Check Valve Level 1, Level 2, Fire 149 DO CV1007D Fails to Open Diesel Fuel Oil Transfer Pump 2D Discharge Check Valve Level 1, Level 2, Fire 150 DO LS3025A Fails to Operate Diesel Fuel Oil Day Tank Level Switch Fire 151 DO LS3025B Fails to Operate Diesel Fuel Oil Day Tank Level Switch Fire 152 DO LS3025C Fails to Operate Diesel Fuel Oil Day Tank Level Switch Fire 153 DO LS3025D Fails to Operate Diesel Fuel Oil Day Tank Level Switch Fire 154 DO TK01A Rupture Diesel Fuel Oil Storage Tank A Level 1, Level 2, Fire, Seismic 155 DO TK01B Rupture Diesel Fuel Oil Storage Tank B Level 1, Level 2, Fire, Seismic 156 DO TK01C Rupture Diesel Fuel Oil Storage Tank C Level 1, Level 2, Fire, Seismic 157 DO TK01D Rupture Diesel Fuel Oil Storage Tank D Level 1, Level 2, Fire, Seismic 158 DP HS071A Fails to Operate Diverse Protection System Manual Trip Push Button

ATWS, Expert Panel 159 DP HS071B Fails to Operate Diverse Protection System Manual Trip Push Button

ATWS, Expert Panel 17.4-24 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (13 of 34)

Index System (1) SSC ID Failure Mode SSC Description Within-Scope Basis (2) 160 DP PLC1 Fails to Operate Diverse Protection System Signal Processor

ATWS, Expert Panel 161 DP PLC2 Fails to Operate Diverse Protection System Signal Processor

ATWS, Expert Panel 162 FP 055-05

-FP-X Break 4 in and 6 in Fire Protection System piping in stairwell 055-A05D Flood 163 FP 78-01D

-FP-M Break 4 to 8 in Fire Protection System piping in room 078-A01D Flood 164 FP 78-10C

-FP-M Break 4 to 8 in Fire Protection System piping in room 078-A10C Flood 165 FP 78-19A

-FP-M Break 2.5 to 8 in Fire Protection System piping in room 078-A19A Flood 166 FP 78-19A

-FP-X Break 2.5 to 8 in Fire Protection System piping in room 078-A19A Flood 167 FP 78-19B

-FP-X Break 1 to 8 in Fire Protection System piping in room 078-A19B Flood 168 FP 78-31A

-FP-M Break 4 in and 8 in Fire Protection System piping in room 078-A31A Flood 169 FP 78-31A

-FP-X Break 4 in and 8 in Fire Protection System piping in room 078-A31A Flood 170 FP 78-44B

-FP-X Break 2 to 8 in Fire Protection System piping in room 078-A44B Flood 171 FP 100-10B

-FP-X Break 3 in and 8 in Fire Protection System piping in room 078-A10B Flood 172 FP 100-20A

-FP-X Break 2.5 in to 12 in Fire Protection System piping in room 100-A20A Flood 17.4-25 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (14 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 173 FP 100-22A-FP-X Break 4 in and 6 in Fire Protection System piping in room 100-A22A Flood 174 FP 100-37B-FP-X Break 2.5 in to 4 in Fire Protection System piping in room 100-A37B Flood 175 FP 120-11B-FP-X Break 8 in Fire Protection System piping in room 120-A11B Flood 176 FP 137-09C-FP-X Break 4 to 8 in Fire Protection System piping in room 137-A09C Flood 177 FP 137-13B-FP-M Break 1 in and 1.5 in Fire Protection System piping in room 137-A13B Flood 178 FP 137-29B-FP-X Break 4 to 8 in Fire Protection System piping in room 137-A29B Flood 179 FW CV1026 Fails to Open Startup Feedwater Pump Discharge Check Valve Level 1 180 FW MP07 Fails to Start Fails to Run Startup Feedwater Pump Level 1, Level 2 181 FW MV093 Fails to Open Startup Feedwater Pump Discharge Isolation Valve Level 1 182 FW ZV058 Fails to Open Startup Feedwater Pump Discharge Stop Check Valve Level 1 183 GW SV002 Fails to Close Gaseous Radwaste System -

Containment Isolation Valve Level 2 184 GW Fails to Operate Key SSCs in Gaseous Waste Management System Expert Panel 185 HG PAR Fails to Operate Passive Autocatalytic Recombiners Level 2 186 HG Igniter Fails to Operate Hydrogen Igniters Expert Panel 187 IP IN01A Fails to Operate Class 1E 120 V Alternating Current Inverter 1A Level 1, Level 2, Fire, Seismic 17.4-26 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (15 of 34)

Index System (1) SSC ID Failure Mode SSC Description Within-Scope Basis (2) 188 IP IN01B Fails to Operate Class 1E 120 V Alternating Current Inverter 1B Level 1, Level 2, Fire, Seismic 189 IP IN01C Fails to Operate Class 1E 120 V Alternating Current Inverter 1C Level 1, Level 2, Fire, Seismic 190 IP IN01D Fails to Operate Class 1E 120 V Alternating Current Inverter 1D Level 1, Level 2, Fire, Seismic 191 IW CFS Valves -

MV001/

002

/003/004 Fails to Open Cavity Flooding System Isolation Valves Level 2 192 MS MSIV-

EV011, EV012,

EV013, EV014 Fails to Close Main Steam Isolation Valves Level 1, Level 2 193 MS MSSV-1301/

1303/

1305/

1307/

1309/

1302/

1304/

1306/

1308/

1310/

1311/

1313/

1315/

1317/

1319/

1312/

1314/

1316/

1318/

1320 Fails to Open Main Steam Safety Valves Level 1, Level 2 17.4-27 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (16 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 194 MS AOV109/

110 Fails to Open Auxiliary Feedwater Pump Turbine Steam Supply Valves Level 1, Level 2 195 NB SW01M Fails to Operate Non-1E 4.16 kV Switchgear Level 1, Level 2 196 NB SW02N Fails to Operate Non-1E 4.16 kV Switchgear Level 1, Level 2 197 NB SW03N-F2 Fails to Operate Non-1E 4.16 kV Switchgear Circuit Breaker Level 1, Level 2 198 NB SW03N-G2 Fails to Operate Non-1E 4.16 kV Switchgear Circuit Breaker Level 1, Level 2 199 NG LC05N Fails to Operate Non-1E 480 V Load Center Level 1, Level 2 200 NG LC10M Fails to Operate Non-1E 480 V Load Center Level 1, Level 2 201 NG TR05N Fails to Operate Non-1E 480 V Load Center Transformer Level 1, Level 2 202 NG TR10M Fails to Operate Non-1E 480 V Load Center Transformer Level 1, Level 2 203 NH MC03M Fails to Operate Non-1E 480 V Motor Control Center Level 1, Level 2 204 NH MC20N Fails to Operate Non-1E 480 V Motor Control Center Level 1, Level 2 205 NP SW02N Fails to Operate Non-1E 13.8 kV Switchgear Bus Level 1 206 NP TR02M Fails to Operate Standby Auxiliary Transformer Fire 207 NP TR02N Fails to Operate Standby Auxiliary Transformer Fire 17.4-28 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (17 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 208 PF SW01A Fails to Operate Class 1E 4.16 kV Switchgear Level 1, Level 2,

Flood, Seismic 209 PF SW01B Fails to Operate Class 1E 4.16 kV Switchgear Level 1, Level 2,

Flood, Seismic 210 PF SW01C Fails to Operate Class 1E 4.16 kV Switchgear Level 1, Level 2,

Flood, Seismic 211 PF SW01D Fails to Operate Class 1E 4.16 kV Switchgear Level 1, Level 2,

Flood, Seismic 212 PF SW01A-H2 Fails to Open Class 1E 4.16 kV Switchgear Circuit Breaker (Unit Auxiliary Transformer)

Level 1, Level 2, Fire 213 PF SW01B-H2 Fails to Open Class 1E 4.16 kV Switchgear Circuit Breaker (Unit Auxiliary Transformer)

Level 1, Level 2, Fire 214 PF SW01C-C2 Fails to Open Class 1E 4.16 kV Switchgear Circuit Breaker (Unit Auxiliary Transformer)

Level 1, Level 2, Fire 215 PF SW01D-G2 Fails to Open Class 1E 4.16 kV Switchgear Circuit Breaker (Unit Auxiliary Transformer)

Level 1, Level 2, Fire 17.4-29 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (18 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 216 PF SW01A-A2 Fails to Close Fails to Open Class 1E 4.16 kV Switchgear Circuit Breaker (Standby Auxiliary Transformer)

Fire 217 PF SW01B-A2 Fails to Close Fails to Open Class 1E 4.16 kV Switchgear Circuit Breaker (Standby Auxiliary Transformer)

Fire 218 PF SW01C-A2 Fails to Close Fails to Open Class 1E 4.16 kV Switchgear Circuit Breaker (Standby Auxiliary Transformer)

Fire 219 PF SW01D-J2 Fails to Close Fails to Open Class 1E 4.16 kV Switchgear Circuit Breaker (Standby Auxiliary Transformer)

Fire 220 PF SW01A-G2 Fails to Close Class 1E 4.16 kV Switchgear Circuit Breaker (Alternate Alternating Current)

Level 1, Level 2 221 PF SW01B-B2 Fails to Close Class 1E 4.16 kV Switchgear Circuit Breaker (Alternate Alternating Current)

Level 1, Level 2 222 PF SW01C-E2 Fails to Close Class 1E 4.16 kV Switchgear Circuit Breaker (Alternate Alternating Current)

Level 1, Level 2 223 PF SW01D-D2 Fails to Close Class 1E 4.16 kV Switchgear Circuit Breaker (Alternate Alternating Current)

Level 1, Level 2 224 PG LC01A Fails to Operate Class 1E 480 V Load Center Level 1, Level 2, Flood, Fire, Seismic 225 PG LC01B Fails to Operate Class 1E 480 V Load Center Level 1, Level 2, Flood, Fire, Seismic 17.4-30 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (19 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 226 PG LC01C Fails to Operate Class 1E 480 V Load Center Level 1, Level 2, Flood, Fire, Seismic 227 PG LC01D Fails to Operate Class 1E 480 V Load Center Level 1, Level 2, Flood, Fire, Seismic 228 PG LC02 Fails to Operate Class 1E 480 V Load Center Level 1, Seismic 229 PG LC02A Fails to Operate Class 1E 480 V Load Center Fire 230 PG LC02B Fails to Operate Class 1E 480 V Load Center Fire 231 PG LC02C Fails to Operate Class 1E 480 V Load Center Fire 232 PG LC02D Fails to Operate Class 1E 480 V Load Center Fire 233 PG TR01A Fails to Operate Class 1E 480 V Load Center Transformer Level 1, Level 2, Flood, Fire, Seismic 234 PG TR01B Fails to Operate Class 1E 480 V Load Center Transformer Level 1, Level 2, Flood, Fire, Seismic 235 PG TR01C Fails to Operate Class 1E 480 V Load Center Transformer Level 1, Level 2, Flood, Fire, Seismic 236 PG TR01D Fails to Operate Class 1E 480 V Load Center Transformer Level 1, Level 2, Flood, Fire, Seismic 237 PG TR02A Fails to Operate Class 1E 480 V Load Center Transformer Fire 238 PG TR02B Fails to Operate Class 1E 480 V Load Center Transformer Fire 239 PG TR02C Fails to Operate Class 1E 480 V Load Center Transformer Fire 17.4-31 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (20 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 240 PG TR02D Fails to Operate Class 1E 480 V Load Center Transformer Fire 241 PH MC01A Fails to Operate Class 1E 480 V Motor Control Center Level 1, Level 2, Fire, Seismic 242 PH MC01B Fails to Operate Class 1E 480 V Motor Control Center Level 1, Level 2, Fire, Seismic 243 PH MC01C Fails to Operate Class 1E 480 V Motor Control Center Level 1, Level 2, Fire, Seismic 244 PH MC01D Fails to Operate Class 1E 480 V Motor Control Center Level 1, Level 2, Fire, Seismic 245 PH MC02A Fails to Operate Class 1E 480 V Motor Control Center Fire, Seismic 246 PH MC02B Fails to Operate Class 1E 480 V Motor Control Center Fire, Seismic 247 PH MC02C Fails to Operate Class 1E 480 V Motor Control Center Fire, Seismic 248 PH MC02D Fails to Operate Class 1E 480 V Motor Control Center Fire, Seismic 249 PH MC03A Fails to Operate Class 1E 480V Motor Control Center Fire, Seismic 250 PH MC03B Fails to Operate Class 1E 480 V Motor Control Center Fire, Seismic 251 PH MC03C Fails to Operate Class 1E 480 V Motor Control Center Fire, Seismic 252 PH MC03D Fails to Operate Class 1E 480 V Motor Control Center Fire, Seismic 253 PH MC04C Fails to Operate Class 1E 480 V Motor Control Center Level 1, Level 2, Fire, Seismic 17.4-32 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (21 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 254 PH MC04D Fails to Operate Class 1E 480 V Motor Control Center Level 1, Level 2, Fire, Seismic 255 PH MC05A Fails to Operate Class 1E 480 V Motor Control Center Fire, Seismic 256 PH MC05B Fails to Operate Class 1E 480 V Motor Control Center Fire, Seismic 257 PS

AV031, AV032,

AV033, AV034 Fails to Close Process Sampling System -

Containment Isolation Valve LPSD Fire Level 2 258 RC MV 130/131, MV 132/133, MV 134/135, MV 136/137 Fails to Open POSRV Pilot Valves Seismic 259 RC POSRVs

V200, V201,

V202, V203 Fails to Open Pressurizer Pilot Operated Safety Relief Valves Level 1, Level 2, Seismic 260 RC PT102 A/B/C/D Fails to Operate Pressurizer Low Pressure Transmitters Fire 261 RG SOV 410/412 Fails to Close Pressurizer Gas Vent Line Isolation Valves Expert Panel 262 RG SOV 411/413 Fails to Close Pressurizer Gas Vent Line Isolation Valves Expert Panel 263 RG SOV 415/417 Fails to Close Reactor Vessel Gas Vent Line Isolation Valves Expert Panel 264 RG SOV 414/416 Fails to Open Reactor Vessel Gas Vent Line Isolation Valves Expert Panel 265 RG SOV418 Fails to Open Reactor Vessel Gas Vent Line Reactor Drain Tank Discharge Isolation Valve Expert Panel 17.4-33 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (22 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 266 RG SOV 419/420 Fails to Open Reactor Vessel Gas Vent Line In-Containment Refueling Water Storage Tank Discharge Isolation Valves Expert Panel 267 RP TCB-A1/B1/

C1/D1 Fails to Open Reactor Trip Circuit Breakers A1/B1/C1/D1 Level 1, ATWS 268 RP TCB-A2/B2/

C2/D2 Fails to Open Reactor Trip Circuit Breakers A2/B2/C2/D2 Level 1, ATWS 269 SI CV100 Fails to Open Safety Injection Pump 2A/2C In-Containment Refueling Water Storage Tank Return Line Check Valve Level 1, Level 2, Fire 270 SI CV101 Fails to Open Safety Injection Pump 2B/2D In-Containment Refueling Water Storage Tank Return Line Check Valve Level 1, Level 2, Fire 271 SI CV113 Fails to Open Safety Injection Pump 2D Injection Line Check Valve Level 1, Level 2, LPSD, Fire 272 SI CV123 Fails to Open Safety Injection Pump 2B Injection Line Check Valve Level 1, Level 2, LPSD, Fire 273 SI CV133 Fails to Open Safety Injection Pump 2C Injection Line Check Valve Level 1, Level 2, LPSD, Fire 274 SI CV143 Fails to Open Safety Injection Pump 2A Injection Line Check Valve Level 1, Level 2, LPSD, Fire 275 SI CV157 Fails to Open Containment Spray Pump 1A In-Containment Refueling Water Storage Tank Suction Line Check Valve Level 1, Level 2, Fire 276 SI CV158 Fails to Open Containment Spray Pump 1B In-Containment Refueling Water Storage Tank Suction Line Check Valve Level 1, Level 2, Fire 17.4-34 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (23 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 277 SI CV159 Fails to Open Shutdown Cooling Pump 1A In-Containment Refueling Water Storage Tank Suction Line Check Valve Level 1, Fire 278 SI CV160 Fails to Open Shutdown Cooling Pump 1B In-Containment Refueling Water Storage Tank Suction Line Check Valve Level 1, Fire 279 SI CV168 Fails to Open Shutdown Cooling Heat Exchanger 1B Discharge Line Check Valve Expert Panel 280 SI CV178 Fails to Open Shutdown Cooling Heat Exchanger 1A Discharge Line Check Valve Expert Panel 281 SI CV217 Fails to Open Safety Injection Line Check Valve -

DVI Nozzle 1B Level 1, Level 2, LPSD, Fire 282 SI CV227 Fails to Open Safety Injection Line Check Valve -

DVI Nozzle 2B Level 1, Level 2, LPSD, Fire 283 SI CV237 Fails to Open Safety Injection Line Check Valve -

DVI Nozzle 2A Level 1, Level 2, LPSD, Fire 284 SI CV247 Fails to Open Safety Injection Line Check Valve -

DVI Nozzle 1A Level 1, Level 2, LPSD, Fire 285 SI CV404 Fails to Open Safety Injection Pump 2A Discharge Check Valve Level 1, Level 2, Fire 286 SI CV405 Fails to Open Safety Injection Pump 2B Discharge Check Valve Level 1, Level 2, Fire 287 SI CV446 Fails to Open Safety Injection Pump 2D Discharge Check Valve Level 1, Level 2, Fire 288 SI CV424 Fails to Open Safety Injection Pump 2A Mini-flow Line Check Valve Level 1, Level 2, Fire 289 SI CV426 Fails to Open Safety Injection Pump 2B Mini-flow Line Check Valve Level 1, Level 2, Fire 290 SI CV448 Fails to Open Safety Injection Pump 2D Mini-flow Line Check Valve Level 1, Level 2, Fire 17.4-35 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (24 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 291 SI CV451 Fails to Open Safety Injection Pump 2C Mini-flow Line Check Valve Level 1, Level 2, Fire 292 SI CV540 Fails to Open Safety Injection Pump 2D Discharge Check Valve Level 1, LPSD, Fire 293 SI CV541 Fails to Open Safety Injection Pump 2B Discharge Check Valve Level 1, LPSD, Fire 294 SI CV542 Fails to Open Safety Injection Pump 2C Discharge Check Valve Level 1, LPSD, Fire 295 SI CV543 Fails to Open Safety Injection Pump 2A Discharge Check Valve Level 1, LPSD, Fire 296 SI CV568 Fails to Open Shutdown Cooling Pump 1A Discharge Check Valve Level 1, Fire 297 SI CV569 Fails to Open Shutdown Cooling Pump 1B Discharge Check Valve Level 1, Fire 298 SI PP01A Fails to Start Fails to Run Shutdown Cooling Pump 1A Level 1, Level 2, LPSD, Fire, Seismic 299 SI PP01B Fails to Start Fails to Run Shutdown Cooling Pump 1B Level 1, Level 2, LPSD, Fire, Seismic 300 SI HE01A Fails to Operate Shutdown Cooling Heat Exchanger 1

LPSD, Seismic 301 SI HE01B Fails to Operate Shutdown Cooling Heat Exchanger 2

LPSD, Seismic 302 SI HE02A Fails to Operate Shutdown Cooling Mini-flow Line Heat Exchanger 1 Seismic 303 SI HE02B Fails to Operate Shutdown Cooling Mini-flow Line Heat Exchanger 2 Seismic 304 SI PP02A Fails to Start Fails to Run Safety Injection Pump 2A Level 1, Level 2, LPSD, Fire, Seismic 17.4-36 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (25 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 305 SI PP02B Fails to Start Fails to Run Safety Injection Pump 2B Level 1, Level 2, LPSD, Fire, Seismic 306 SI PP02C Fails to Start Fails to Run Safety Injection Pump 2C Level 1, Level 2, LPSD, Fire, Seismic 307 SI PP02D Fails to Start Fails to Run Safety Injection Pump 2D Level 1, Level 2, LPSD, Fire, Seismic 308 SI MV616 Fails to Open Safety Injection Pump 2D Discharge Isolation Valve Level 1, Level 2, LPSD, Fire 309 SI MV626 Fails to Open Safety Injection Pump 2B Discharge Isolation Valve Level 1, Level 2, LPSD, Fire 310 SI MV636 Fails to Open Safety Injection Pump 2C Discharge Isolation Valve Level 1, Level 2, LPSD, Fire 311 SI MV646 Fails to Open Safety Injection Pump 2A Discharge Isolation Valve Level 1, Level 2, LPSD, Fire 312 SI MV302 Fails to Open Safety Injection Pump 2A/2C Mini-flow Line Isolation Valve Fire 313 SI MV303 Fails to Open Safety Injection Pump 2B/2D Mini-flow Line Isolation Valve Fire 314 SI MV395 Fails to Open Safety Injection Pump 2A/2C Mini-flow Line Isolation Valve Fire 315 SI MV308 Fails to Open In-Containment Refueling Water Storage Tank Suction Line Isolation Valve LPSD Level 2 316 SI MV309 Fails to Open In-Containment Refueling Water Storage Tank Suction Line Isolation Valve LPSD Level 2 317 SX PP01A Fails to Start Fails to Run Essential Service Water Pump 1A Level 1, Level 2, Fire, Seismic 17.4-37 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (26 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 318 SX PP01B Fails to Start Fails to Run Essential Service Water Pump 1B Level 1, Level 2, Fire, Seismic 319 SX PP02A Fails to Start Fails to Run Essential Service Water Pump 2A Level 1, Level 2, Fire, Seismic 320 SX PP02B Fails to Start Fails to Run Essential Service Water Pump 2B Level 1, Level 2, Fire, Seismic 321 SX CV1001 Fails to Open Essential Service Water Pump 1A Discharge Check Valve Level 1, Level 2, Fire 322 SX CV1002 Fails to Open Essential Service Water Pump 1B Discharge Check Valve Level 1, Level 2, Fire 323 SX CV1003 Fails to Open Essential Service Water Pump 2A Discharge Check Valve Level 1, Level 2, Fire 324 SX CV1004 Fails to Open Essential Service Water Pump 2B Discharge Check Valve Level 1, Level 2, Fire 325 SX

FT01A, FT01B,

FT02A, FT02B,

FT03A, FT03B Fails to Operate Essential Service Water Debris Filters Level 1, Level 2, Fire, LPSD Fire, LPSD Fire Level 2 326 SX MV071 Fails to Open Ultimate Heat Sink Cooling Tower 1A Discharge Line Control Valve Level 1, Level 2 327 SX MV072 Fails to Open Ultimate Heat Sink Cooling Tower 1A Discharge Line Bypass Valve Level 1, Level 2 328 SX MV073 Fails to Open Ultimate Heat Sink Cooling Tower 1B Discharge Line Control Valve Level 1, Level 2 329 SX MV074 Fails to Open Ultimate Heat Sink Cooling Tower 1B Discharge Line Bypass Valve Level 1, Level 2 330 SX AH01A Fails to Run Ultimate Heat Sink Cooling Tower Fan 1A Level 1, Level 2, Fire 331 SX AH01B Fails to Run Ultimate Heat Sink Cooling Tower Fan 1B Level 1, Level 2, Fire 17.4-38 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (27 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 332 SX AH02A Fails to Start Fails to Run Ultimate Heat Sink Cooling Tower Fan 2A Level 1, Level 2, Fire 333 SX AH02B Fails to Start Fails to Run Ultimate Heat Sink Cooling Tower Fan 2B Level 1, Level 2, Fire 334 VD HV12A Fails to Start Fails to Run Emergency Diesel Generator Room Emergency Cubicle Cooler -

Quadrant A Level 1, Level 2, LPSD, Fire, Seismic 335 VD HV12B Fails to Start Fails to Run Emergency Diesel Generator Room Emergency Cubicle Cooler -

Quadrant B Level 1, Level 2, LPSD, Fire, Seismic 336 VD HV12C Fails to Start Fails to Run Emergency Diesel Generator Room Emergency Cubicle Cooler -

Quadrant C Level 1, Level 2, LPSD, Fire, Seismic 337 VD HV12D Fails to Start Fails to Run Emergency Diesel Generator Room Emergency Cubicle Cooler -

Quadrant D Level 1, Level 2, LPSD, Fire, Seismic 338 VD HV13A Fails to Start Fails to Run Emergency Diesel Generator Room Emergency Cubicle Cooler -

Quadrant A Level 1, Level 2, LPSD, Fire, Seismic 339 VD HV13B Fails to Start Fails to Run Emergency Diesel Generator Room Emergency Cubicle Cooler -

Quadrant B Level 1, Level 2, LPSD, Fire, Seismic 340 VD HV13C Fails to Start Fails to Run Emergency Diesel Generator Room Emergency Cubicle Cooler -

Quadrant C Level 1, Level 2, LPSD, Fire, Seismic 341 VD HV13D Fails to Start Fails to Run Emergency Diesel Generator Room Emergency Cubicle Cooler -

Quadrant D Level 1, Level 2, LPSD, Fire, Seismic 17.4-39 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (28 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 342 VK Y1301A Fails to Open Auxiliary Building Controlled Area I Emergency Core Cooling System Equipment Room Air Cleaning Unit Exhaust Damper Seismic 343 VK Y1301B Fails to Open Auxiliary Building Controlled Area II Emergency Core Cooling System Equipment Room Air Cleaning Unit Exhaust Damper Seismic 344 VO HV31A Fails to Run Essential Chiller 1A Room Cubicle Cooler Level 1, Level 2 345 VO HV31B Fails to Run Essential Chiller 1B Room Cubicle Cooler Level 1, Level 2 346 VO HV32A Fails to Start Fails to Run Essential Chiller 2A Room Cubicle Cooler Level 1, Level 2 347 VO HV32B Fails to Start Fails to Run Essential Chiller 2B Room Cubicle Cooler Level 1, Level 2 348 VO HV33A Fails to Start Fails to Run Auxiliary Feedwater Motor-Driven Pump 2A Room Cubicle Cooler Level 1, Level 2, Fire 349 VO HV33B Fails to Start Fails to Run Auxiliary Feedwater Motor-Driven Pump 2B Room Cubicle Cooler Level 1, Level 2, Fire 350 VO TE085A Fails to Operate Auxiliary Feedwater Motor-Driven Pump 2A Room Temperature Transmitter Level 1, Level 2, Fire 351 VO TE086B Fails to Operate Auxiliary Feedwater Motor-Driven Pump 2B Room Temperature Transmitter Level 1, Level 2, Fire 352 VQ 2014/2016

/2024 Fails to Close Reactor Containment Building Purge System - Leak Rate Test Line Valves Level 2, LPSD Fire Level 2 353 WM VV1201A Fails to Open Raw Water Pump Supply Isolation Manual Valve Level 1, Level 2 354 WM VV1205 Fails to Open Raw Water Pump Discharge Isolation Manual Valve Level 1, Level 2 355 WM VV1220 Fails to Open Raw Water Pump Discharge Isolation Manual Valve Level 1, Level 2 17.4-40 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (29 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 356 WM VV1700 Fails to Open Raw Water Pump Discharge Isolation Manual Valve Level 1, Level 2 357 WO PP01A Fails to Run Essential Chilled Water Pump 1A Level 1, Level 2, Fire, Seismic 358 WO PP01B Fails to Run Essential Chilled Water Pump 1B Level 1, Level 2, Fire, Seismic 359 WO PP02A Fails to Start Fails Run Essential Chilled Water Pump 2A Level 1, Level 2, Fire, Seismic 360 WO PP02B Fails to Start Fails to Run Essential Chilled Water Pump 2B Level 1, Level 2, Fire, Seismic 361 WO CV1010A Fails to Open Fails to Close Essential Chilled Water Pump 1A Discharge Check Valve Level 1, Fire 362 WO CV1010B Fails to Open Fails to Close Essential Chilled Water Pump 1B Discharge Check Valve Level 1, Fire 363 WO CV1014A Fails to Open Fails to Close Essential Chilled Water Pump 2A Discharge Check Valve Level 1, Fire 364 WO CV1014B Fails to Open Fails to Close Essential Chilled Water Pump 2B Discharge Check Valve Level 1, Fire 365 WO CH01A Fails to Start Fails to Run Essential Chiller 1A (includes evaporator, compressor, condenser and associated piping)

Level 1, Level 2, Fire 366 WO CH01B Fails to Start Fails to Run Essential Chiller 1B (includes evaporator, compressor, condenser and associated piping)

Level 1, Level 2, Fire 367 WO CH02A Fails to Start Fails to Run Essential Chiller 2A (includes evaporator, compressor, condenser and associated piping)

Level 1, Level 2, Fire 368 WO CH02B Fails to Start Fails to Run Essential Chiller 2B (includes evaporator, compressor, condenser and associated piping)

Level 1, Level 2, Fire 17.4-41 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (30 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 369 WO TK01A Rupture Essential Chilled Water Compression Tank 1A Level 1, Level 2, Flood, Fire 370 WO TK01B Rupture Essential Chilled Water Compression Tank 1B Level 1, Level 2, Flood, Fire 371 WO TK02A Rupture Essential Chilled Water Air Separator Tank 2A Level 1, Level 2, Flood, Fire 372 WO TK02B Rupture Essential Chilled Water Air Separator Tank 2B Level 1, Level 2, Flood, Fire 373 FP Fails to Start Fails to Run Fire Protection Pumps and Associated SSCs Fire Protection, Expert Panel 374 Light Load Handling System Fails to Operate Key SSCs in Light Load Handling System Expert Panel 375 Liquid Waste Management System Fails to Operate Key SSCs in Liquid Waste Management System Expert Panel 376 Control Room HVAC System Fails to Operate Main Control Room Air Handling Units and Air Cleaning Unit Expert Panel 377 Emergency Containment Spray Backup System Fail to Operate Key SSCs in Emergency Containment Spray Backup System LPSD Level 2, LPSD Fire Level 2 378 VG ESW Pump Room Cooling Fails to Operate Key SSCs in Essential Service Water Pump Room Cooling Function Level 1, Fire,

Seismic, LPSD Fire Level 2 17.4-42 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (31 of 34)

Index System (1)

SSC ID Failure Mode SSC Description Within-Scope Basis (2) 379 VU AAC Building Cooling Fails to Operate Key SSCs in Alternate Alternating Current Building Cooling Function SBO, Expert Panel, LPSD Fire, LPSD Fire Level 2 380 EF-Group Controller

PA03A, PA03B,

PA03C, PA03D,

PA06C, PA06D Fails to Operate Group Controller (Engineered Safety Function Actuation System)

LPSD Fire, LPSD Fire Level 2 381 PE-Loop Controller

LX01A, LX02B,

LX03A, LX03B,

LX03C, LX03D,

LX04A, LX04B,

LX05A, LX05B Fails to Operate Loop Controller (Engineered Safety Feature - Component Control System)

LPSD Fire, LPSD Fire Level 2 382 PE-Loop Controller

LX06A, LX06B,

LX09B, LX10A, LX10B Fails to Operate Loop Controller (Engineered Safety Feature - Component Control System)

LPSD Fire Level 2 383 Fails to Integrity Containment Building Expert Panel 384 Fails to Isolate Containment Equipment Hatch Level 2 385 Fails to Operate Remote Shutdown Console Expert Panel 17.4-43 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (32 of 34)

(1) System codes table System Codes

System Description

AF Auxiliary Feedwater System AT Auxiliary Feedwater Pump Turbine System AX Auxiliary Feedwater Storage and Transfer System CA Condenser Vacuum System CC Component Cooling Water System CD Condensate System CS Containment Spray System CV Chemical and Volume Control System DA Alternate Alternating Current Gas Turbine Generator DC Direct Current Distribution System DE Radioactive Drain System DG Emergency Diesel Generator System DO Diesel Fuel Oil Transfer System DP Diverse Protection System EF Engineered Safety Function Actuation System FP Fire Protection System FW Feedwater System GW Gaseous Waste Management System HG Containment Hydrogen Control System IP Instrument Power System IW In-Containment Water Storage System MS Main Steam System NB Non Class 1E 4.16KV System NG Non Class 1E 480V Load Center System NH Non Class 1E 480V Motor Control Center & Low Voltage System NP 13.8KV Power System PE Engineered Safety Feature - Component Control System PF Class 1E 4.16KV System PG Class 1E 480V Load Center System 17.4-44 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (33 of 34)

System Codes

System Description

PH Class 1E 480V Motor Control Center & Low Voltage System PS Process Sampling System RC Reactor Coolant System RG Reactor Coolant Gas Vent System RP Reactor Protection System SI Safety Injection/Shutdown Cooling System SX Essential Service Water System VD Emergency Diesel Generator Area Heating, Ventilation, and Air conditioning System VG ESW Intake Structure/CCW heat Exchanger Building Heating, Ventilation, and Air conditioning System VK Auxiliary Building Controlled Area Heating, Ventilation, and Air conditioning System VO Auxiliary Building Clean Area Heating, Ventilation, and Air conditioning VQ Reactor Containment Building Purge System VU Miscellaneous Building Heating, Ventilation, and Air conditioning System WM Makeup Demineralizer System WO Essential Chilled Water System 17.4-45 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 Table 17.4-1 (34 of 34)

(2) Codes table for scope basis explanations.

Scope Basis Description Level 1 Results of Level 1 PRA at full power Level 2 Results of Level 2 PRA at full power LPSD Results of Low Power and Shutdown Level 1 PRA Flood Results of Level 1 Internal Flooding PRA Fire Results of Level 1 Internal Fire PRA Seismic Results of Seismic Margin Analysis (based on qualitative analysis)

Expert Panel Decision made by the RAP expert panel ATWS Per 10 CFR 50.62 and Generic Letter 85-06, Quality Assurance Guidance for ATWS Equipment That Is Not Safety-Related Fire Protection Per 10 CFR 50.48 and Regulatory Position 1.7, Quality Assurance, in RG 1.189, Fire Protection for Operating Nuclear Power Plants SBO Per 10 CFR 50.63 and Regulatory Position 3.5, Quality Assurance and Specific Guidance for SBO Equipment That Is Not Safety-Related, and Appendix A, Quality Assurance Guidance for Non-Safety Systems and Equipment, in RG 1.155, Station Blackout Note: Risk criteria for Level 1, Level 2, LPSD, Flood and Fire PRAs are as follows:

FV > 0.005 for independent basic events, RAW > 2.0 for independent basic events, or RAW > 20 for common cause events.

1.

SX (including UHS) and VG are parts of the conceptual design information (CDI), and the within scope SSCs applicability will follow the conditions specified in Section 1.8.

2.

Potential within scope SSCs associated with loss of large area (LOLA) and aircraft impact assessment (AIA) described in Sections 19.4 and 19.5 are not included in this table.

17.4-46 5HY

Section 17.4 will be replaced with "A" in next pages 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

17.4 Reliability Assurance Program Guidance 17.4.1 Overview The APR1400 Reliability Assurance Program (RAP) identifies Systems, Structures and Components (SSCs) that are risk-significant, or significant contributors to plant safety. This determination is based upon a review of all available quantitative (PRA) and qualitative information about each SSC. These risk-significant components are tabled on the RAP list, which is issued to the Design Engineering, Operations, Maintenance and Quality Assurance departments. These organizations utilize the RAP list of risk-significant SSCs to provide reasonable assurance of the following:

x The APR1400 is designed, constructed, and operated in a manner that is consistent with the risk insights and key assumptions (e.g., SSC design, reliability, and availability) from the probabilistic, deterministic, and other methods of analysis used to identify and quantify risk.

x The RAP SSCs do not degrade to an unacceptable level of reliability, availability or condition during plant operations.

x The frequency of transients that challenge these SSCs is minimized.

x These SSCs will function reliably when challenged.

This section describes the RAP as it has been established for the design phase of the APR1400, and identifies those program elements that will be developed in the Combined License phase.

17.4.2 Reliability Assurance Program Scope, Stages, and Goals Scope. The APR1400 Reliability Assurance Program identifies risk-significant components for the departments that are tasked to achieve the RAP objectives summarized above. The RAP scope includes all plant Systems, Structures and Components that have been identified by the RAP Expert Panel as risk-significant, based upon a review of all available quantitative and qualitative risk information. This information is presented in the RAP list (Table 17.4-1).

Stages. The RAP is implemented in two stages. The first stage, the Design Reliability Assurance Program (D-RAP), encompasses the reliability assurance activities that occur before initial fuel load. The D-RAP is applicable during the APR1400 design certification, licensing and plant construction. The second stage comprises the reliability assurance activities conducted during the operations phase of the plants license.

Goals. The goal of the RAP during the design stage is to ensure that the reactor design meets the purposes identified in Section 17.4.1 above, through the reactor design, procurement, fabrication, construction and preoperational testing activities and programs.

The goal of the RAP during the operations stage is to ensure that the reliability of the SSCs within the RAP scope (i.e., all risk-significant components) is maintained.

"A" (1/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

construction phase.

17.4.3 Reliability Assurance Program Implementation 17.4.3.1 Description The RAP is implemented in three phases. These include the following:

x Design certification (DC) x Combined License (COL) application, including construction x Operation Once the COL phase is complete and fuel load commences, the RAP ends and its functions are assumed by specific plant programs such as the Maintenance Rule.

During the design phase, the APR1400 designer, Korea Hydro & Nuclear Power Co., Ltd.

(KHNP), implemented the Design Reliability Assurance Program. At the same time, KHNP developed and updates the quantitative probabilistic risk model and generates importance statistics for all modeled components. These results were provided to the Expert Panel, which supplemented the quantitative PRA results with all available qualitative information and established the RAP scope of components. The RAP list of risk-significant components is maintained, updated and issued to all interfacing organizations, each of which has a role in achieving the RAP goals. As a design certification activity, this phase is the responsibility of KHNP.

17.4.3.2 Programmatic Controls 17.4.3.2.1 Organizations The D-RAP is implemented by the following departments:

x The Design Engineering department holds the lead responsibility for implementing the Reliability Assurance Program. Duties include RAP oversight and the issuance of the RAP SSC list to impacted organizations.

x The Risk Management department includes the Probabilistic Risk Analysis staff, which maintains the PRA model and provides risk input for the Reliability Assurance Program. The PRA engineer also provides risk input during design reviews.

x The Operations department participates in the Expert Panels duties and minimizes RAP component unavailability.

x The Site Engineering department provides system engineering expertise for the Expert Panel.

x The Maintenance department participates in the Expert Panels duties, ensures that RAP component maintenance is effective and unavailability is minimized.

x The Safety Engineering department provides safety analysis expertise for the Expert Panel.

x The Quality Assurance department participates in the Expert Panels duties. The QA department focuses on RAP components in audits and other activities.

All organizations are expected to proactively identify new issues and concerns that may affect the RAP scope and impact any aspect of plant design and operation.

"A" (2/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

phase phase phase applicant

17.4.3.2.2 Design Control Plant changes and D-RAP updates. Proposed design changes include a risk review to ensure that reliability is reasonably optimized and risk significance is minimized.

The Reliability Assurance Program evaluates plant changes also. Following each PRA model update, the PRA engineer reviews the new importance statistics for all modeled components.

These results are provided to the Expert Panel. The Panel supplements the PRA input with qualitative insights in order to update the RAP scope.

The scope may be reviewed, between PRA model updates, if warranted by important design changes or new information. Interim reviews may be requested by any member of the Expert Panel. Interim reviews are entirely qualitative, pending a PRA model update when applicable.

RAP Scope Update Notifications. Following each revision of the RAP list, the Expert Panel provides a timely, written update to all interfacing organizations.

Quality Controls. Section 19.1.2 of the APR1400 Design Certification Document (Reference 11) discusses PRA model quality, including personnel qualification requirements, procedures and corrective action. This text summarizes the PRA model quality bases as required by SRP Sections 19.0 (Reference 12) and 17.4 (Reference 13). These quality controls govern PRA model revisions, quantification and the generation of the importance measures that are used as key input data for the RAP risk classification. Issues are tracked by the Corrective Action Program.

Configuration Control. The RAP list of risk-significant components is established and maintained by the Expert Panel. Potential changes include both the scope of systems, structures and components, as well as their dominant failure modes.

17.4.3.2.3 Implementing Procedures The Reliability Assurance Program is implemented via procedures which control the following:

x RAP duties and responsibilities.

x Expert Panel activities.

x Design changes.

x Risk Management.

x Inspections and audits.

17.4.3.2.4 Corrective Action Program The Corrective Action Program (CAP) is a web-based reporting and tracking system. It is used to document any D-RAP activities that are determined to be in error, deficient, or nonconforming.

CAP issues are tracked to resolution and documented.

"A" (3/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

17.4.3.2.5 Records Required RAP documentation includes the following:

x Panel membership requirements and qualifications x Component Risk Significance Evaluation sheets x RAP Scope Table x Expert Panel meeting minutes x Design change request reviews x General quality requirements, design control, personnel training and qualification 17.4.3.2.6 Audits Reference 1 describes the APR1400 Quality Assurance program in general, and Section 18 specifically addresses audit requirements. Section 18.1 notes that, in general, the audit requirements for all programs include, at a minimum, verification of compliance and effectiveness of implementation of internal rules, procedures (e.g., design, procurement, surveillance, and test), regulations, programs for training, retraining, qualification, and corrective actions, including associated record keeping. During the early portions of the APR1400 DC activities, audits will focus on areas including, but not limited to, design control, procurement, and corrective action. The scope of the audit is determined by the quality status and safety importance of the activities being performed. Management addresses all audit findings and initiates corrective action where indicated.

All applicable QA program elements are audited at least once a year. Additional audits may be performed as deemed necessary by management.

These audits are the responsibility of KHNP during the design certification phase. The responsibility transfers to the COL applicant during the Combined License phase.

17.4.3.3 RAP SSC Identification The process for identifying RAP systems, structures and components typically begins with a PRA review of importance statistics following model revision. A review can also be initiated at the request of any Expert Panel member. This review includes all available APR1400 PRA models: internal events, fire and flood; at full power and shutdown; Level 1 (core damage) and Level 2 (large, offsite radionuclide release). The PRA staff identifies potentially risk-significant components and their failure modes. The PRA criteria for consideration include the Risk Achievement Worth (RAW > 2) and the Fussell-Vesely (FV > 0.005) for individual components.

If at least one train meets any of these criteria, all redundant trains are retained for further evaluation.

In addition, the PRA Engineer reviews common cause failures (CCFs) with a RAW>20. If the individual components in these CCFs are not RAP list candidates already, then these SSCs are added to the list for Expert Panel review as potentially risk-significant.

"A" (4/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

The PRA staff provides the list of recommendations for risk-significant components to the Expert Panel. The PRA representative provides interpretations and background information as needed to support the Expert Panels classification process.

The Expert Panel supplements the quantitative PRA input with the following qualitative information, when available:

x PRA model assumptions and limitations x Qualitative risk analyses (e.g., seismic margins analyses, etc.)

x Deterministic safety analyses x Root cause analyses x Failure modes & effects analyses x Severe accident evaluations x Operating experience (e.g., industry LERs, etc.)

x SSC risk significance at other, similar plants x Expert Panel judgment All available quantitative and qualitative sources of information are considered during the review process. The panel reviews these sources and classifies each SSC as risk-significant or low risk.

All risk-significant components are placed on the RAP list in Table 17.4-1.

The Expert Panel (1) can designate a component as risk-significant even if the PRA engineer did not make that recommendation; or (2) can designate components as low risk, even if the PRA engineer recommended it as risk-significant.

The panel also evaluates components that are not modeled. These determinations are solely qualitative. The RAP scope therefore includes SSCs that are not modeled in the PRA.

The panel revisits the RAP scope following each revision of the PRA model. If prompt action is warranted, the panel shall review design changes between PRA model updates, and perform an interim, qualitative evaluation until new PRA model results are available.

Certain passive components, such as pipes or electrical cables, are omitted from the review process. These SSCs are generally associated with an active, risk-significant component, such as a pump or a valve, which is included within the RAP scope. The reliability of the passive components is typically much higher than that for an active component. In addition, the passive component reliability implicitly falls under the umbrella of its corresponding, active risk-significant component. Therefore these passive components are omitted from the RAP scope.

17.4.3.4 Expert Panel The RAP Expert Panel organization, qualifications and duties are defined in Reference 8. The panel includes personnel with experience in PRA, safety analysis, operations, maintenance, design engineering and systems engineering. These disciplines are selected to ensure that the panel membership breadth of experience will be sufficient to properly evaluate SSC risk significance.

"A" (5/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

The panel membership consists of the following:

x RAP Coordinator x PRA Engineer x Safety Engineer (provides safety analysis expertise) x Operations representative x Maintenance representative x Design Engineer x Site Engineer (provides system engineering expertise) x Quality Assurance representative Each member must have at least 6 years of nuclear industry experience. Except for the RAP Coordinator, all members must also have a minimum of 4 years of position-specific experience.

The RAP Coordinator must meet this qualification for at least one specific discipline. All members are trained by the PRA Engineer on importance measures.

17.4.3.5 RAP Scope Components within the D-RAP scope are listed in Table 17.4-1. This list includes the following information:

x List of RAP systems, structures and components (SSCs), including identification numbers and descriptions x Basis for inclusion, including the analysis or evaluation (e.g., internal events or fire) that resulted in the risk-significant classification x Dominant Failure Modes Component boundaries are not reproduced in the RAP list. SSC boundaries have been defined in the DCD Section 19.1, Table 19.1-15.

The RAP list of risk-significant components and their DFMs is revisited following each PRA model revision. The scope, or any part thereof, can also be re-evaluated between model revisions if new information is obtained concerning design changes, modeling assumptions or possible errors.

17.4.3.6 Dominant Failure Modes (DFMs)

In addition to the list of components, Table 17.4-1 also lists the Dominant Failure Modes for each SSC. A failure mode is dominant if it is a basis for a risk-significant classification. For example, the DFMs for a specific valve might include a failure-to-open if that valve is required to open to perform a risk-significant function. These failure modes may be based upon quantitative PRA results or qualitative reviews.

The PRA model itself has been designed to be in conformance with the PRA quality requirements of Reference 19. These requirements include a comprehensive scope of initiating events, systems, components and failure modes in order to ensure that plant risk is effectively "A" (6/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

analyzed and quantified. These failure modes (e.g., a standby pump start in a risk-significant system would typically be included, as would any necessary valve re-alignments, etc.) are analyzed as a starting point in identifying the Dominant Failure Modes. Most DFMs will be identified in this manner. Additional DFMs can be identified by Expert Panel judgment.

DFMs are reviewed following each PRA model update, or upon request by any Expert Panel member.

17.4.3.7 QA Associated with Design Activities The Quality Assurance (QA) program for the APR1400 design certification is described in Reference 1. The QA program is based on the requirements of Reference 3 and other, applicable regulatory documents or guides.

The overall QA program is described in Section 2 of Reference 1 and Design Control is specifically addressed in Section 3. The Reliability Assurance Program is not explicitly addressed but the RAP design activities fall under the general oversight of Section 3. See also DCD Sections 17.1, 17.2 & 17.3.

Appropriate QA controls for the nonsafety-related RAP SSCs are addressed in Section 17.5 and COL 17.4(2).

The APR1400 design process controls design inputs, outputs, changes, interfaces, records, and organizational interfaces.

Section 3.1 of Reference 1 notes that design processes ensure that items and activities under QA control are suitable for their intended application, consistent with their effect on safety. The extent of the design verification required is a function of the importance to safety.

Section 3.2 of Reference 1 requires that important design steps, including input sources, are documented.

Part III of Reference 1 specifically addresses quality control for non-safety related components.

It notes, for example, that The specific program controlsare targeted at those characteristics...that render the SSC a significant contributor to plant safety. Risk-significant SSCs that are non-safety related will be subject to augmented quality requirements, above and beyond those for non-safety related, low risk SSCs. These requirements include corrective actions for potential design and pre-operational errors that could degrade the SSCs.

17.4.3.8 ITAAC Inspections, Tests, Analysis and Acceptance Criteria (ITAAC) are developed to meet multiple requirements, including the Design RAP. The ITAAC requirements verify the as-built configuration and performance characteristics of SSCs as identified in Tier 1 design descriptions.

The ITAAC is described in Reference 14. DCD Sections 14.3.2.13 and 2.13 specifically address "A" (7/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

the Design Reliability Assurance Program. The D-RAP ITAAC requirements ensure that the various test requirements of the ITAAC reflect the latest available list of RAP components.

All RAP components are addressed by the ITAAC to ensure that their performance is consistent with the key assumptions and risk insights that resulted in their classification.

17.4.3.9 The RAP During the COL Applicant Phase During this phase, the Combined License applicant assumes RAP responsibilities. The RAP procedures are reviewed to ensure that they remain applicable. The COL applicant updates the RAP list of risk-significant SSCs and their DFMs with site-specific design information. The RAP list is then distributed to the affected organizations.

The COL applicant is also responsible for describing how it will integrate reliability assurance activities into existing programs (e.g., Maintenance Rule, surveillance testing, ISI, IST, maintenance and QA). Program procedures are developed for the operation phase, at which time the RAP functions will be assumed by the regulatory programs identified below. Procedures are developed to ensure that maintenance will be timely and effective for RAP equipment. QA procedures are developed for appropriate oversight of these programs.

17.4.3.10 The RAP During the Operations Phase Once construction ends and the initial fuel load begins, the RAP also ends. However, its functions are assumed by specific operational programs including the Maintenance Rule, surveillance testing, ISI, IST, maintenance and quality assurance.

17.4.4 Reliability Assurance Program Information Included in the COL Application The Combined License applicant shall provide the following in Chapter 17 of the safety analysis report:

COL 17.4(1) - An updated description of the D-RAP to include relevant site-and plant-specific information (e.g., design, program, procedural, and organizational information).

This includes identifying the SSCs within the scope of the plant-specific RAP (i.e.,

the RAP SSCs identified in the DC, updated using COL site-and plant-specific information) and establishing the programmatic controls of D-RAP to be applied during the COL design and construction activities prior to initial fuel load.

COL 17.4(2) - Appropriate QA controls for the nonsafety-related RAP SSCs in accordance with the provisions in Part V, "Nonsafety-Related SSC Quality Controls," of SRP Section 17.5. This includes providing corrective actions for potential design and pre-operational errors that could degrade nonsafety-related RAP SSCs. These controls are not applicable to SSCs that are not on the RAP list.

COL 17.4(3) - The process for integrating the RAP into operational programs (e.g., maintenance rule program, QA program, inservice inspection, inservice testing, surveillance "A" (8/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

testing, and maintenance programs). The process should also address the (1) establishment of reliability, availability, or condition performance goals for the RAP SSCs, (2) establishment of performance and condition monitoring requirements to provide reasonable assurance that RAP SSCs do not degrade to an unacceptable level of reliability, availability, or condition during plant operations, (3) for nonsafety-related RAP SSCs, establishment of QA controls for activities during the operations phase in accordance with the provisions in Part V of SRP Section 17.5, and (4) consideration of dominant failure modes of RAP SSCs in meeting the objectives of the RAP during plant operation.

17.4.5 References

1. APR1400-K-Q-TR-11005-NP, Rev. 4, KHNP Quality Assurance Program Description (QAPD) for the APR1400 Design Certification, March 2014.

2. 10 CFR 50.65, Requirements for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants, U.S. Nuclear Regulatory Commission.

3. 10 CFR Part 50, Appendix B, Quality Assurance Criteria for Nuclear Power Plants and Fuel Reprocessing Plants, U.S. Nuclear Regulatory Commission.

4. NUREG-0800, Standard Review Plan, Section 17.5, Rev. 0, Quality Assurance Program Description - Design Certification, Early Site Permit and New License Applicants, U.S.

Nuclear Regulatory Commission, March 2007.

5. NUMARC 93-01, Rev. 4a, Industry Guideline for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants, April 2011.

6. Regulatory Guide 1.160, Rev. 3, Monitoring the Effectiveness of Maintenance at Nuclear Power Plants, May 2012.

7. KHNP Procedure DC-DG-03-09, Implementation of the Reliability Assurance Program (RAP).

8. KHNP Procedure DC-DG-03-10, Expert Panel Roles and Responsibilities.

9. KHNP Procedure DC-DG-03-11, Risk Significance Determination of RAP SSCs.

10. KHNP Procedure DC-DG-03-24, Risk Management Procedure.

11. APR1400-K-X-FS-14002-P, APR1400 Design Control Document Tier 2, Chapter 19, Rev. 1, Probabilistic Risk Assessment and Severe Accident Evaluation, March 2017.

12. NUREG-0800, Standard Review Plan, Section 19.0, Probabilistic Risk Assessment and Severe Accident Evaluation for New Reactors, Rev. 3, U.S. Nuclear Regulatory Commission, December 2015.

"A" (9/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

13. NUREG-0800, Standard Review Plan, Section 17.4, Reliability Assurance Program, Rev.

1, U.S. Nuclear Regulatory Commission, May 2014.

14. APR1400-K-X-FS-14002-NP, APR1400 Design Control Document Tier 2, Chapter 14, Rev.

1, Verification Programs, March 2017.

15. KHNP Procedure DC-DG-03-01, Design Change Control.

16. KHNP Procedure DC-DG-16-01, Corrective Action Program.

17. KHNP Procedure DC-DG-03-05, Technical Audit at Suppliers Facility.

18. KHNP Procedure DC-DG-03-23, Implementation of Severe Accident Mitigation Design Alternatives.

19. ASME/ANS RA-S-2009, Addenda to ASME/ANS RA-S-2008, Standard for Level 1/Large Early Release Frequency Probabilistic Risk for Nuclear Power Plant Applications, 2009.

"A" (10/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Table 17.4-1 (1 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Motor-Driven Auxiliary Feedwater Pump trains AF PP02A/B Motor-Driven Pumps Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD:

Test & Maintenance Fail to start Fail to run MDP Normal Discharge to Steam Generators AF CV1003A/B Motor-Driven Pump Discharge Check Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FLD Level 2 SD:

Fail to open AF SOV0035/0036 Motor-Driven Pump Discharge Modulation Solenoid-Operated Valves Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP: IE Level 2 SD:

Spurious closure Fail to operate AF MV043/044 Motor-Driven Pump Discharge Isolation Motor-Operated Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: FLD Level 2 AP: IE, FLD Level 2 SD:

Spurious operation Fail to open Fail to close AF CV1007A/B Motor-Driven Pump Discharge Check Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FLD Level 2 SD:

Fail to open MDP Recirculation Discharge AF CV1012A/B Motor-Driven Pump Mini-flow Line Check Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FLD Level 2 SD:

Fail to open Turbine-Driven Auxiliary Feedwater Pump trains AF TP01A/B Turbine-Driven Pumps Level 1 AP: IE, FIRE, FLD Level 1 SD: IE Level 2 AP: IE, FIRE, FLD Level 2 SD:

Test & Maintenance Fail to start Fail to run TDP Normal Discharge to Steam Generators "A" (11/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Expert Panel : seismic PP01A/B

Table 17.4-1 (2 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

AF CV1004A/B Turbine-Driven Pump Discharge Check Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: IE Level 2 AP:

Level 2 SD:

Fail to open AF SOV0037/0038 Turbine-Driven Pump Discharge Modulation Valves Expert Panel Spurious closure AF MV045/046 Turbine-Driven Pump Discharge Isolation Motor-Operated Valves Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP: IE, FIRE, FLD Level 2 SD:

Spurious operation Fail to open Fail to close AF CV1008A/B Turbine-Driven Pump Discharge Check Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: IE Level 2 AP:

Level 2 SD:

Fail to open TDP Recirculation Discharge AF CV1014A/B Turbine-Driven Pump Mini-flow Line Check Valves Level 1 AP: IE Level 1 SD: IE Level 2 AP:

Level 2 SD:

Fail to open Steam Supply to the Turbine-Driven AF Pumps AT CV1020A/B AF Turbine-Driven Pump Steam Supply Check Valves Level 1 AP: IE Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to open AT AV009/010 AF Turbine-Driven Pump Steam Supply Isolation Air-Operated Valves Level 1 AP: IE, FLD Level 1 SD:

Level 2 AP: IE Level 2 SD:

Fail to open Auxiliary Feedwater Storage & Transfer Normal Suction to AF Pumps AX TK01A/B Auxiliary Feedwater Storage Tanks Expert Panel Leak or rupture Alternate AF suction from CST AX CV1630 CST Suction Check Valve Expert Panel Fail to open AX CV1628/1629 CST Suction Check Valves Level 1 AP: FIRE Level 1 SD:

CCF to open "A" (12/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Table 17.4-1 (3 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Level 2 AP:

Level 2 SD:

AF Tank Refill AX CV1600 Demineralized Water Common Header Check Valve Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to open Condenser Vacuum CA CV1023 Containment Isolation Check Valve Level 1 AP:

Level 1 SD:

Level 2 AP:

Level 2 SD: FIRE Fail to close Component Cooling CC TK01A/B Component Cooling Water Surge Tanks Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE Level 2 SD: IE, FIRE Leak or rupture CC V1121/1122/1123/1124 CC Pump Suction Manual Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Spurious closure CC PP01A/B PP02A/B Component Cooling Water Pumps Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Test & Maintenance Fail to start Fail to run CC CV1001/1002/

1003/1004 Component Cooling Water Pump Discharge Check Valves Level 1 AP: IE Level 1 SD: FLD Level 2 AP: FIRE, FLD Level 2 SD:

Fail to open Fail to close CC V1007/1008/1009/1010 CC Pump Discharge Manual Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Spurious closure "A" (13/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

System System Expert Panel : seismic

Table 17.4-1 (4 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

CC V1013/1014 HE Header Inlet Isolation Manual Valves Expert Panel Spurious closure CC HE01A/B HE02A/B Component Cooling Water Heat Exchangers Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Loss of heat transfer CC HE03A/B Component Cooling Water Heat Exchangers Expert Panel (should be same as HE01A/B & HE02A/B)

Loss of heat transfer CC V1211/1212 HE01A/B Outlet Manual Valves Level 1 AP: IE Level 1 SD:

Level 2 AP: IE Level 2 SD:

Spurious closure CC MV021/022/023 MV024/025/026 Component Cooling Water Heat Exchanger Discharge Motor-Operated Valves Expert Panel Fail to operate CC MV027/028 Component Cooling Water Heat Exchanger Bypass Motor-Operated Valves Expert Panel Fail to operate Various CC Loads CC MV097/098 CS Heat Exchanger 1A/1B CC Inlet Motor-Operated Valves Level 1 AP: IE Level 1 SD:

Level 2 AP: IE, FLD Level 2 SD:

Fail to open CC MV131/132 Essential Chiller 2A/B CC Outlet Motor-Operated Valves Level 1 AP: FLD Level 1 SD: FLD Level 2 AP: FLD Level 2 SD:

Fail to open CC MV143/145/147/149 MV144/146/148/150 Non-Safety Load Supply and Return Isolation Motor-Operated Valves Level 1 AP: IE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FLD Level 2 SD: IE, FIRE CCF to close CC MV181/182 MV191/192 EDG CC Inlet Motor-Operated Valves Level 1 AP: IE Level 1 SD: IE, FLD Level 2 AP: FIRE Level 2 SD: IE, FIRE Fail to open "A" (14/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Table 17.4-1 (5 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

CC MV351/352 Shutdown Cooling Heat Exchanger 1A/B CC Inlet Motor-Operated Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD: IE Fail to open CC MV383/384 Essential Chiller 1A/1B CC Outlet Motor-Operated Valves Expert Panel Fail to operate CC V1261/1262 Essential Water Chiller Condenser CH02A/B Inlet Manual Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Spurious closure CC V1263/1264 Essential Water Chiller Condenser CH02A/B Outlet Manual Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Spurious closure CC V1281/1282 V1291/1292 DG 01A/B/C/D Outlet Manual Valves Level 1 AP: IE Level 1 SD: IE, FLD Level 2 AP:

Level 2 SD: FIRE Spurious closure Containment Spray System CS PP01A/B Containment Spray Pumps Level 1 AP: IE, FLD Level 1 SD: IE Level 2 AP: IE, FLD Level 2 SD: IE Test & Maintenance Fail to start CCF to run CS CV1001/1002 Containment Spray Pump Discharge Check Valves Level 1 AP: IE, FLD Level 1 SD: IE Level 2 AP: IE Level 2 SD:

CCF to open CS HE01A/B Containment Spray Heat Exchangers Level 1 AP: IE Level 1 SD:

Level 2 AP: IE, FLD Level 2 SD:

Loss of heat transfer Test & Maintenance CS MV001/002 Containment Spray Heat Exchanger Discharge Isolation Motor-Operated Valves Level 1 AP: IE Level 1 SD:

Spurious closure "A" (15/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Add B

5$,4XHVWLRQB5HY

&&

([SHUW3DQHOVLPLODU

WR&+$%YDOYH

6SXULRXVFORVXUH

&&

6SXULRXVFORVXUH

5$,4XHVWLRQB5HY

$WWDFKPHQW

(VVHQWLDO:DWHU&KLOOHU&RQGHQVHU&+$%2XWOHW0DQXDO

9DOYHV

([SHUW3DQHOVLPLODU

WR&+$%YDOYH

9

9

(VVHQWLDO:DWHU&KLOOHU&RQGHQVHU&+$%,XWOHW0DQXDO

9DOYHV B

Table 17.4-1 (6 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Level 2 AP: IE Level 2 SD:

CS MV003/004 Containment Spray Heat Exchanger Discharge Isolation Motor-Operated Valves Level 1 AP: IE Level 1 SD:

Level 2 AP: IE, FLD Level 2 SD:

Fail to open CS CV1007/1008 Containment Spray Heat Exchanger Discharge Check Valves Level 1 AP: IE Level 1 SD:

Level 2 AP: IE Level 2 SD:

Fail to open CS ECSBS Key Components in Emergency Containment Spray Backup System (ECSBS)

Expert Panel (per DCD 19.3)

Fail to operate CS Mini-flow Recirculation CS HE02A/B Containment Spray Mini-flow Line Heat Exchangers Level 1 AP: IE Level 1 SD:

Level 2 AP: IE, FLD Level 2 SD:

Test & Maintenance Chemical & Volume Control CV CV189 IRWST Return Line Check Valve Level 1 AP:

Level 1 SD:

Level 2 AP:

Level 2 SD: FIRE Fail to open CV AV505/506 Containment Isolation RCP to VCT AOVs Level 1 AP:

Level 1 SD:

Level 2 AP: FLD Level 2 SD: FIRE Fail to close CV AV522/523 Regenerative HX outlet AOVs Expert Panel Fail to close CV AV560/561 Reactor Drain Tank outlet AOVs Expert Panel Fail to close Alternate AC Diesel Generator DA TK01 AAC Fuel Oil Storage Tank Expert Panel Leak or rupture DA PP01/02 AAC Fuel Oil Transfer Pumps Expert Panel Test & Maintenance Fail to start "A" (16/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

(10)

System (SBO)

(SBO)

Pumping Device Connections Water Source

Table 17.4-1 (7 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Fail to run DA CV1005/1007 AAC Fuel Oil Transfer Pump Discharge Check Valves Expert Panel Fail to open DA TK02 AAC Fuel Oil Day Tank Expert Panel Leak or rupture DA AACTG AAC Gas Turbine Generator Level 1 AP: IE, FIRE Level 1 SD: IE Level 2 AP: IE, FIRE Level 2 SD: IE Test & Maintenance Fail to run DC Buses & Batteries DC BC01A/B/C/D BC02A/B/C/D Class 1E 125V DC Battery Chargers Level 1 AP: IE, FIRE Level 1 SD:

Level 2 AP: IE Level 2 SD:

Fail to operate DC BT01A/B/C/D Class 1E 125V DC Batteries Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Test & Maintenance Fail to operate DC MC01A/B/C/D Class 1E 125V DC Buses Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Fail to operate DC MC01M/01N Non-Class 1E 250V DC Buses Level 1 AP: IE Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to operate Radioactive Drains DE AV006 Radioactive Drain System - Containment Isolation Valve Level 1 AP:

Level 1 SD:

Level 2 AP: FIRE, FLD Level 2 SD: IE, FIRE Fail to close DE MV005 Radioactive Drain System - Containment Isolation Valve Expert Panel Fail to close Emergency Diesel Generators "A" (17/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

(SBO)

(SBO)

Expert Panel : seismic System

Table 17.4-1 (8 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

DG EDG A/B/C/D Emergency Diesel Generators, including the day tanks (DO TK02A/B/C/D)

Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Test & Maintenance Fail to start Fail to run DG SEQ A/B/C/D DG Load Sequencers Level 1 AP: IE, FIRE Level 1 SD: IE, FLD Level 2 AP: IE, FIRE Level 2 SD: IE, FIRE Fail to operate Diesel Fuel Oil Transfer System DO TK 01A/B/C/D Diesel Fuel Oil Storage Tanks Level 1 AP:

Level 1 SD: IE, FLD Level 2 AP:

Level 2 SD: FIRE Leak or rupture DO LS3025A/B/C/D Fuel Oil Tank Level Switches Level 1 AP: IE Level 1 SD:

Level 2 AP:

Level 2 SD: IE Fail to operate DO V1002A/B/C/D V1009A/B/C/D V1010A/B/C/D FOTP Suction Manual Valves Level 1 AP: IE Level 1 SD: IE, FLD Level 2 AP:

Level 2 SD: FIRE Spurious closure DO PP01A/B/C/D PP02A/B/C/D Diesel Fuel Oil Transfer Pumps Level 1 AP: IE, FIRE Level 1 SD: IE, FLD Level 2 AP: IE Level 2 SD: IE, FIRE CCF to start CCF to run DO CV1005A/B/C/D CV1007A/B/C/D FOTP Discharge Manual Valves Level 1 AP: IE, FIRE Level 1 SD: IE Level 2 AP:

Level 2 SD:

CCF to open DO V1015A/B/C/D V4011A/B/C/D FOTP Discharge Manual Valves Level 1 AP: IE Level 1 SD: IE, FLD Level 2 AP:

Level 2 SD: FIRE Spurious closure "A" (18/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Expert Panel : seismic DG A/B/C/D

Table 17.4-1 (9 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Diverse Protection System DP HS071A/B Diverse Protection System Manual Trip Push Buttons ATWS, Expert Panel Fail to operate DP PLC1/PLC2 Diverse Protection System (DPS) Signal Processors ATWS, Expert Panel Fail to operate Fire Protection FP Fire barriers between rooms:

Level 1 AP: FIRE Level 1 SD: FIRE Level 2 AP: FIRE Level 2 SD: FIRE Barrier Failure F000-ADGD & F100-A06D Diesel Generator room D and General access area at 100 D F078-AGAC & F078-AGAD General access areas 78 C and 78 D F100-A06D & F100-AGAC General access areas 100 D and 100 C F120-A05D & F120-AGAD Electrical equipment room 120 D and general access area 120 D F120-AGAC & F120-AGAD General access areas 120 C and 120 D F137-A02D & F157-AMCR Electrical equipment room 137 D and Main control room Feedwater FW V1025 Startup Feedwater Pump Suction Valve Level 1 AP: IE Level 1 SD:

Level 2 AP:

Level 2 SD:

Spurious closure FW PP07 Startup Feedwater Motor-Driven Pump Level 1 AP: IE Level 1 SD:

Level 2 AP: IE Level 2 SD:

Test & Maintenance Fail to start Fail to run FW CV1026 Startup Feedwater Pump Discharge Check Valve Level 1 AP: IE Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to open FW CV058 Startup Feedwater Pump Discharge Stop Check Valve Level 1 AP: IE Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to open FW MV093 Startup Feedwater Pump Discharge Isolation Motor-Operated Valve Level 1 AP: IE Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to open Gaseous Radwaste "A" (19/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Add C Fire Protection System System System

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW



















)3

)LUHVXSSUHVVLRQ

VXEV\\VWHPV

&RQWURO5RRP 

6ZLWFKJHDU5RRPILUHVXSSUHVVLRQ

([SHUW3DQHO

)DLOWRRSHUDWH



C

Table 17.4-1 (10 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

GW SV002 Gaseous Radwaste System - Containment Isolation Valve Level 1 AP:

Level 1 SD:

Level 2 AP: FIRE, FLD Level 2 SD: IE, FIRE Fail to open GW MV001 Containment Isolation Valve Level 1 AP:

Level 1 SD:

Level 2 AP:

Level 2 SD: FIRE Fail to close GW Key SSCs in Gaseous Waste Management System Expert Panel Integrity failure Hydrogen Control HG HI01 through 10 Hydrogen Igniters Expert Panel Fail to operate HG PARs Passive Autocatalytic Recombiners Level 1 AP:

Level 1 SD:

Level 2 AP:

Level 2 SD: IE, FIRE Fail to operate Instrument Power (120 VAC) System IP IN01A/B/C/D Class 1E 120V AC Inverters Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP: IE, FIRE, FLD Level 2 SD:

Test & Maintenance Fail to operate In-Containment Refueling Water Storage Tank System IW HVT trash racks In-containment Refueling Water Storage Tank (IRWST)

Holdup Volume Tank (HVT) trash racks Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Plugged Main Steam System MS ADV101/102/103/104 Main Steam Atmospheric Dump Valves Level 1 AP: IE Level 1 SD: FIRE Level 2 AP: IE Level 2 SD:

CCF to open MS SV1301 through 1320 Main Steam Safety Valves Level 1 AP: IE, FIRE, FLD Level 1 SD:

CCF to open "A" (20/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Delete System (mechanical, electrical or I&C faults)

Replace D

,:

+97WUDVKUDFNV

67$%&'

,QFRQWDLQPHQW5HIXHOLQJ:DWHU6WRUDJH7DQN

,5:67+ROGXS9ROXPH7DQN+97WUDVKUDFNV

,5:67VXPSVWUDLQHUV

/HYHO$3 ,(),5()/'

/HYHO6' ,(),5()/'

/HYHO$3 ,(),5()/'

/HYHO6' ,(),5(

([SHUW3DQHOFRQILUPVERWK

UDFNVDQGVWUDLQHUV

3OXJJHG

1RWH ,QHDUOLHUYHUVLRQVRIWKH5$3QRWHERRNWKH,:VWUDLQHUVZHUHFODVVLILHGDVULVNVLJQLILFDQW  +RZHYHUWKH6HSWHPEHUSDQHO

GHVLJQDWHGWKHFRDUVHILOWUDWLRQWUDVKUDFNVDVULVNVLJQLILFDQWEXWH[FOXGHGWKHILQHILOWUDWLRQVWUDLQHUV  8SRQVXEVHTXHQWUHYLHZRIWKH

VWUDLQHUGHVLJQUHSRUWWKH1RYHPEHUSDQHOGHWHUPLQHGWKDWERWKWKHWUDVKUDFNVDQGWKHVXPSVWUDLQHUVVKRXOGEHGHVLJQDWHGDVULVN

VLJQLILFDQW  35$KDVDQDFWLRQWRFODULI\\WKHGHVFULSWLRQRIWKHDVVRFLDWHGEDVLFHYHQW

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

D

Table 17.4-1 (11 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Level 2 AP: IE Level 2 SD:

MS MSIV011/012/013/014 Main Steam Isolation Valves Level 1 AP: IE Level 1 SD:

Level 2 AP: IE Level 2 SD:

Fail to close MS AV109/110 Auxiliary Feedwater Pump Turbine Steam Supply Air-Operated Valves Level 1 AP: IE, FLD Level 1 SD:

Level 2 AP: IE Level 2 SD:

Fail to open Non-Class 1E 4.16 kV System NB SW01M Non-1E 4.16KV Switchgear Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to operate Non-Class 1E 480V Load Center System NG LC05N/10M Non-1E 480V Load Centers Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to operate NG TR05N/10M Non-1E 480V Load Center Transformers Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to operate Non-Class 1E 480V MCC & Low Voltage System NH MC03M/20N Non-1E 480V MCCs Level 1 AP: IE, FIRE Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to operate 13.8 kV Power System "A" (21/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Table 17.4-1 (12 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

NP SW02N Non-1E 13.8 kV Switchgear for FW PP07 Level 1 AP: IE Level 1 SD:

Level 2 AP:

Level 2 SD:

Fail to operate NP TR01/02/03 Main Transformers Level 1 AP: IE, FLD Level 1 SD: IE, FIRE Level 2 AP: IE, FLD Level 2 SD: IE, FIRE Fail to operate NP TR01M/01N Unit Auxiliary Transformers Level 1 AP: IE, FLD Level 1 SD: IE, FIRE Level 2 AP: IE, FLD Level 2 SD: IE, FIRE Fail to operate NP TR02M/02N Standby Auxiliary Transformers Level 1 AP: FIRE, FLD Level 1 SD: FIRE Level 2 AP: FIRE, FLD Level 2 SD: FIRE Test & Maintenance Fail to operate NP IPB43000A Iso-Phase Bus Level 1 AP: IE, FLD Level 1 SD: IE, FIRE Level 2 AP: IE, FLD Level 2 SD: IE, FIRE Fail to operate I&C Equipment Rm & Computer Room Panels & Cabinets PA PA06C/D ESF CCS Loop Controllers Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Fail to operate ESF Component Control System PE LX01A/B/C/D LX02C/D LX05A/B Analog Input Modules Level 1 AP: IE, FIRE Level 1 SD: FLD Level 2 AP: IE, FLD Level 2 SD:

Fail to operate PE LX03D Digital Input Module Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Fail to operate "A" (22/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Digital Output Modules (PA06C/D branches 01/02/03/04)

Primary Loop Controller (PA06C/D)

(listed as EF in the last RAP list)

(All PE component were identified as LOOP CONTROLLERS in the last RAP list revision)

Table 17.4-1 (13 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Level 2 SD:

PE LX001A/B/C/D LX02B/D LX03C/D LX04B LX05A/B/C/D LX08A LX09B Digital Output Modules Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Fail to operate PE LX01A/B/C/D LX02B/D LX03A/B/C/D LX04B LX05A/B/C/D LX08A LX09B Primary Loop Controllers Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Fail to operate Class 1E 4.16 kV Subsystem PF SW01A/B/C/D Class 1E 4.16 kV Switchgear Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Fail to operate PF SW01A/B-A2 Class 1E 4.16 kV Switchgear PCB from SAT Level 1 AP: FIRE, FLD Level 1 SD: FLD Level 2 AP: FIRE, FLD Level 2 SD:

Fail to close PF SW01A-H2 SW01B-H2 SW01C-C2 SW01D-G2 Class 1E 4.16 kV Switchgear PCB (UAT)

Level 1 AP: IE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FLD Level 2 SD: IE, FIRE Fail to open Class 1E 480V Load Center Subsystem "A" (23/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Table 17.4-1 (14 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

PG LC01A/B/C/D Class 1E 480V Load Centers Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Fail to operate PG TR01A/B/C/D Class 1E 480V Load Center Transformers Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Fail to operate Class 1E 480V MCC & Low Voltage Subsystem PH MC01A/B/C/D Class 1E 480V Motor Control Centers Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: FIRE Fail to operate PH MC02A/B/C/D Class 1E 480V Motor Control Centers Level 1 AP: FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: FLD Level 2 SD: FIRE Fail to operate PH MC03A/B/C/D Class 1E 480V Motor Control Centers Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD: FIRE Fail to operate PH MC04A/B/C/D Class 1E 480V Motor Control Centers Level 1 AP: IE, FIRE Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Fail to operate PH MC05A/B Class 1E 480V Motor Control Centers Level 1 AP:

Level 1 SD: IE, FLD Level 2 AP:

Level 2 SD: FIRE Fail to operate Process-Component Control System PO LX-54/58/70 P-CCS Loop Controllers Level 1 AP: IE, FLD Level 1 SD:

Level 2 AP:

Fail to operate "A" (24/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Table 17.4-1 (15 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Level 2 SD:

Plant Protection PP BPM, GC, LC, LCL application software and Operating system software Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE CCF to operate Reactor Coolant System RC SRV200/201/202/203 Pressurizer Pilot-Operated Safety Relief Valves Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP: IE, FIRE, FLD Level 2 SD:

Fail to open Fail to close RC MV130/131/132/133 134/135/136/137 POSRV Pilot Motor-Operated Valves Level 1 AP: FIRE, FLD Level 1 SD:

Level 2 AP: FIRE, FLD Level 2 SD:

Fail to open RC INV01A/B/C/D Inverters for Motor Operated POSRVs Level 1 AP: FIRE, FLD Level 1 SD: FIRE, FLD Level 2 AP:

Level 2 SD:

Fail to operate RC PP01A/B PP02A/B RC Pump trip circuits Expert Panel Fail to operate Reactor Coolant Gas Vent System RG SOV410/411/412/413 Pressurizer Gas Vent Line Isolation Solenoid-Operated Valves Expert Panel Fail to operate RG SOV414/415/416/417 Reactor Vessel Gas Vent Line Isolation Solenoid-Operated Valves Expert Panel Fail to open RG SOV418 Reactor Vessel Gas Vent Line RDT Discharge Isolation Solenoid-Operated Valve Expert Panel Fail to operate RG SOV419/420 Reactor Vessel Gas Vent Line IRWST Discharge Isolation Solenoid-Operated Valves Expert Panel Fail to operate Reactor Protection System "A" (25/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Add E System

5&

&RUH([LW7KHUPRFRXSOHV

([SHUW3DQHO

)DLOWRRSHUDWH

5&

/7

/(7

6KXWGRZQ/HYHO7UDQVPLWWHUV

/7VSRROSLHFH

/(7XOWUDVRQLFOHYHOPHDVXUHPHQW

([SHUW3DQHO

)DLOWRRSHUDWH

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

E

Table 17.4-1 (16 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

RP PA14A/B/C/D Plant Protection System Cabinets (Analog input modules Bistable process modules Digital output modules Protection relays)

Level 1 AP: IE Level 1 SD:

Level 2 AP: IE Level 2 SD:

CCF to operate RP SW01A/B/C/D Reactor Trip Switchgear (UV/shunt trip devices)

Level 1 AP: IE Level 1 SD:

Level 2 AP: IE Level 2 SD:

CCF to energize RP TCB A-1/B-1/C-1/D-1 TCB A-2/B-2/C-2/D-2 Reactor Trip Circuit Breakers Level 1 AP: IE, FIRE, FLD Level 1 SD: IE Level 2 AP: IE, FIRE, FLD Level 2 SD:

CCF to open Safety Injection Normal Suction and Discharge SI CV157/158 IRWST Suction Check Valves Level 1 AP: IE, FLD Level 1 SD: IE Level 2 AP: IE Level 2 SD:

CCF to open SI MV304/305/308/309 IRWST Suction MOVs to SI/SC Pumps Level 1 AP: FIRE Level 1 SD: IE, FLD Level 2 AP:

Level 2 SD: IE, FIRE Spurious closure SI V130/131/402/470 Safety Injection Pump Suction Manual Valves Level 1 AP: FIRE Level 1 SD: IE, FLD Level 2 AP:

Level 2 SD: IE Spurious closure SI PP02A/B/C/D Safety Injection Pumps Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE Level 2 SD: IE, FIRE Test & Maintenance Fail to start Fail to run SI CV404/405/434/446 Safety Injection Pump Discharge Check Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE Fail to open "A" (26/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Table 17.4-1 (17 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Level 2 SD: IE, FIRE SI V435/447/476/478 Safety Injection Pump Discharge Manual Valves Level 1 AP: IE, FIRE Level 1 SD: IE, FIRE, FLD Level 2 AP:

Level 2 SD: IE Spurious closure SI MV616/626/636/646 Safety Injection Pump Discharge Isolation Motor-Operated Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE Level 2 SD: IE, FIRE Fail to open SI CV113/123/133/143 Safety Injection Pump 2A/B/C/D Injection Line Check Valves Level 1 AP: FIRE Level 1 SD: IE, FIRE, FLD Level 2 AP:

Level 2 SD: IE, FIRE Fail to open SI CV540/541/542/543 Safety Injection Pump Discharge Check Valves Level 1 AP: FIRE Level 1 SD: IE, FIRE, FLD Level 2 AP:

Level 2 SD: IE, FIRE Fail to open SI CV217/227/237/247 Safety Injection Line DVI Nozzle Check Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE Level 2 SD: IE, FIRE Fail to open Safety Injection Recirculation to IRWST SI CV424/426/448/451 Safety Injection Mini-flow Check Valves Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP: IE Level 2 SD:

Fail to open SI V410/411/412/413 Safety Injection Pump Mini-flow Line Manual Valves Level 1 AP: FIRE Level 1 SD:

Level 2 AP:

Level 2 SD:

Spurious closure SI MV302/303 Safety Injection Pump 2A/B/C/D Mini-flow Line Isolation Motor-Operated Valves Level 1 AP:

Level 1 SD:

Level 2 AP: FIRE Spurious closure "A" (27/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Table 17.4-1 (18 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Level 2 SD:

SI CV100/101 Safety Injection Pump 2A/B/C/D IRWST Return Line Check Valves Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP: IE, FIRE Level 2 SD:

Fail to open Shutdown Cooling Subsystem SDC Alternate Suction from IRWST SI CV159/160 IRWST Suction Check Valves Level 1 AP: IE, FLD Level 1 SD: IE Level 2 AP: IE Level 2 SD:

CCF to open SDC Pump Suction and Discharge SI PP01A/B Shutdown Cooling Pumps Level 1 AP: IE, FLD Level 1 SD: IE, FLD Level 2 AP:

Level 2 SD:

CCF to start Fail to run SI CV568/569 Shutdown Cooling Pump Discharge Check Valves Level 1 AP:

Level 1 SD: IE, FLD Level 2 AP: IE Level 2 SD:

Fail to open SI HE01A/B Shutdown Cooling Heat Exchangers Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Loss of heat transfer SI CV168/178 Shutdown Cooling Heat Exchanger Discharge Check Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Fail to open Shutdown Cooling Mini-flow Lines SI HE02A/B Shutdown Cooling Mini-flow Line Heat Exchangers Expert Panel Loss of heat transfer SDC Recirculation to IRWST SI MV395 Shutdown Cooling Pump PP01A Mini-flow Isolation Level 1 AP: IE, FIRE Spurious closure "A" (28/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Table 17.4-1 (19 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Valve (the redundant valve opposite 395 is manual valve 959)

Level 1 SD:

Level 2 AP:

Level 2 SD:

SI V959 Shutdown Cooling Pump PP01B Mini-flow Isolation Valve (the redundant valve opposite V959 is motor-operated valve MV395)

Level 1 AP: IE, FIRE Level 1 SD:

Level 2 AP: FIRE Level 2 SD:

Spurious closure Essential Service Water System SX(9)

PP01A/B PP02A/B Essential Service Water Pumps Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Test & Maintenance Fail to start Fail to run SX(9)

CV1001/1002/

1003/1004 Essential Service Water Pump 1A/B & 2A/B Discharge Check Valves Level 1 AP: IE Level 1 SD: FLD Level 2 AP: FLD Level 2 SD:

Fail to open Fail to close SX(9)

MV045/046/047/048 Essential Service Water Pump Discharge Motor-Operated Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Spurious closure SX(9)

FT01A/B FT02A/B FT03A/B Essential Service Water Debris Filters Level 1 AP: IE, FIRE, FLD Level 1 SD: FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: FIRE CCF plugging SX(9)

HV071/072/073/074 Ultimate Heat Sink Cooling Tower Control Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: FIRE Fail to open Spurious closure SX(9)

HV075/076/077/078 Ultimate Heat Sink Cooling Tower Line Bypass Valves Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FLD Level 2 SD: IE, FIRE Spurious opening "A" (29/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

MV MV

Table 17.4-1 (20 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

SX(9)

AH01A/B AH02A/B Ultimate Heat Sink Cooling Tower Fans Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Test & Maintenance Fail to start Fail to run Control Room HVAC System VC AH01A/B AH02A/B HV01A/B AU01A/B Main Control Room Air Handling Units (AHs), Chillers (HVs) and Air Cleaning Units (AUs)

Expert Panel Fail to operate Emergency Diesel Generator Area HVAC System VD HV12A/B/C/D HV13A/B/C/D EDG Room Emergency Cubicle Coolers Level 1 AP: IE Level 1 SD: IE, FLD Level 2 AP: IE, FIRE Level 2 SD: IE, FIRE Test & Maintenance Fail to start Fail to run ESW Intake Structure/CCHX Bldg HVAC System VG(7)

AH01A/B AH02A/B ESW Pump Room Supply Fans Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Test & Maintenance Fail to start Fail to run VG(7)

Y1011A/B ESW Pump Room Fans 2A/B - Exhaust Dampers Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Fail to open Auxiliary Building Controlled Area HVAC System VK HV13A/B HV14A/B CC Pump Cubicle Coolers Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Test & Maintenance Fail to start Fail to run VK Y1301A/B Auxiliary Building ECCS Equipment Room ACU Exhaust Dampers Seismic Fail to operate Auxiliary Building Clean Area HVAC System VO HV31A/B Essential Chiller 1A/B Room Coolers Level 1 AP: IE, FIRE, FLD Fail to start "A" (30/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Delete DG

Table 17.4-1 (21 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Fail to run VO HV32A/B Essential Chiller 2A/B Room Coolers Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Test & Maintenance Fail to start CCF to run VO HV33A/B Auxiliary Feedwater Motor-Driven Pump 2A/B Room Coolers Level 1 AP: IE, FIRE, FLD Level 1 SD: FLD Level 2 AP: IE, FIRE, FLD Level 2 SD:

Test & Maintenance Fail to start Fail to run Miscellaneous Building HVAC System (AAC GTG)

VU Key SSCs in Alternate AC Building Cooling Function Expert Panel / SBO Fail to operate Makeup Demineralizer System WM V1201A Raw Water Pump Supply Isolation Manual Valves Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP:

Level 2 SD:

Spurious closure WM V1205A/1220/1700 Raw Water Pump Discharge Isolation Manual Valves Level 1 AP: IE, FIRE, FLD Level 1 SD:

Level 2 AP:

Level 2 SD:

Spurious closure Essential Chilled Water System WO V1008A/B Quadrant Return Header Isolation Manual Valves Expert Panel Spurious closure WO TK01A/B Essential Chilled Water Compression Tanks Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Leak or rupture WO TK02A/B Essential Chilled Water Air Separator Tanks Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FIRE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Leak or rupture "A" (31/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Delete

Table 17.4-1 (22 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

WO V1009A/B V1013A/B ECW Pumps 01A/B & 02A/B Suction Manual Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Spurious closure WO PP01A/B PP02A/B Essential Chilled Water Pumps Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Test & Maintenance Fail to start Fail to run WO CV1010A/B CV1014A/B ECW Pump Discharge Check Valves Level 1 AP: IE Level 1 SD: FLD Level 2 AP: FIRE Level 2 SD:

Fail to open WO V1012A/B V1016A/B ECS Pump Discharge Manual Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Spurious closure WO V1019A/B V1023A/B Essential Chiller 01A & B and 02A & B Inlet Manual Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Spurious closure WO CH01A/B CH02A/B Essential Chilled Water Chillers (includes evaporator, compressor, condenser and associated piping)

Level 1 AP: IE, FIRE, FLD Level 1 SD: IE, FLD Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Test & Maintenance Fail to start Fail to run WO V1020A/B V1024A/B Essential Chiller 01A&B and 02A & B Outlet Manual Valves Level 1 AP:

Level 1 SD: FLD Level 2 AP:

Level 2 SD:

Spurious closure WO V1019A/B V1020A/B V1027A/B V1028A/B Quadrant Header Supply Isolation Manual Valves Expert Panel Spurious closure Turbine Generator Building Closed Cooling Water System "A" (32/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Delete

Table 17.4-1 (23 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System(1)

SSC ID(s)(2)

SSC Description Risk Significance Basis(3), (4), (5)

Dominant Failure Modes(6), (7)

WT TK01 Turbine Generator Building Closed Cooling Water Tank Level 1 AP: IE Level 1 SD:

Level 2 AP: IE Level 2 SD:

Leak or rupture WT PP01/02 Turbine Generator Building Closed Cooling Water Pumps Level 1 AP: FIRE Level 1 SD:

Level 2 AP:

Level 2 SD:

Test & Maintenance WT PT04 PP01 & 02 Pump Discharge PT Interlock Level 1 AP: FLD Level 1 SD:

Level 2 AP:

Level 2 SD:

Fails to operate Liquid Radwaste System WV Key SSCs in Liquid Waste Management System Expert Panel Integrity failure Miscellaneous Key SSCs in Lighting System Expert Panel Fail to operate Containment Building Expert Panel Integrity failure Containment Equipment Hatch Level 1 AP:

Level 1 SD:

Level 2 AP: IE, FIRE, FLD Level 2 SD: IE, FIRE Fail to close Remote Shutdown Console (RSC)

Expert Panel Fail to operate NOTES:

(1) System codes are defined below.

(2) In some cases, additional SSCs may have been added below by symmetry; i.e., if at least one train or division was risk significant but did not list the redundant trains, then those trains may have been added to the current RAP list. These are not specifically identified for purposes of brevity.

(3) AP = Full power; SD = Low Power & Shutdown; IE = Internal Events; FLD = Internal Flooding; FIRE = Internal Fires.

(4) Individual components are included if any modeled basic event (a failure event or a maintenance unavailability) has a Risk Achievement Worth (RAW) >

2, or a Fussell-Vesely (FV) > 0.005, for at least one redundant train, for any of the available AP or SD analyses of Internal Events, Fire or Flood initiating events, for Level 1 (CDF) or Level 2 (LRF). Components are also included if they are part of a Common Cause Failure (CCF) event with a RAW > 20. If "A" (33/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Delete Control Room Emergency Lighting Remote Shutdown Console Emergency Lighting (2) In some cases, additional SSCs may have been added by symmetry; i.e., if at least one train or division met the PRA importance criteria but the redundant trains did not, then those trains may have been added to the current RAP list. These are not specifically identified for purposes of brevity.

Table 17.4-1 (24 of 26)

Reliability Assurance Program Systems, Structures & Components(8) the basis is listed as the Expert Panel then the SSC has been included on the basis of professional judgment or another qualitative consideration. By definition, all SSCs within the RAP scope have been designated as risk-significant by the RAP Expert Panel (5) Due to PRA model changes, the individual bases for risk-significance may have changed. These changes are not identified. However, if individual rows of SSCs have been added or deleted, these are identified in Tables 2 and 3 below.

(6) All run, run-first-hour, run-after-first-hour and load-and-run failure events are listed as Fail to run in this column.

(7) Battery failures between tests or following an initiating event are both classified as Fail to operate in this column.

(8) Potential RAP SSCs associated with loss of large area (LOLA) and aircraft impact assessment (AIA) described in DC Sections 19.4 and 19.5 are not included in this table.

(9) The SX (including UHS) and VG systems are parts of the conceptual design information (CDI), and the SSC applicability will follow the conditions specified in DC Section 1.8.

System Codes:

AF - Auxiliary Feedwater System AP - Auxiliary Power System AS - Auxiliary Steam System AT - Auxiliary Feedwater Pump Turbine System AX - Auxiliary Feedwater Storage and Transfer System CA - Condenser Vacuum System CC - Component Cooling Water System CD - Condensate System CF - Chemical Feed System CL - Chlorination System CM - Containment Monitoring System CO - Carbon Dioxide System CP - Condensate Polishing System CS - Containment Spray System CT - Condensate Transfer System CV - Chemical and Volume Control System CW - Circulating Water System DA - AAC Gas Turbine Generator System DC - DC Distribution System DE - Radioactive Drain System DG - Emergency Diesel Generator System DM - Miscellaneous Building Drain System DO - Diesel Fuel Oil Transfer System NR - Ex-Core Neutron Flux Monitoring System NT - Nitrogen System OT - Bearing Oil Transfer and Purification System PA - I&C Equipment Rm & Computer Room Panels & Cabinets PC - Containment Isolation System PE - ESF Component Control System PF - Class 1E 4.16 kV System PG - Class 1E 480V Load Center System PH - Class 1E 480V MCC & Low Voltage System PO - Process-Component Control System PP - Plant Protection PR - Radiation Monitoring System PX - Primary Laundry System PS - Process Sampling System RC - Reactor Coolant System RG - Reactor Coolant Gas Vent System RP - Reactor Protection System SI - Safety Injection/Shutdown Cooling System ST - Sanitary Water Transfer System SW - Travelling Screen and Screen Wash System SX - Essential Service Water System TA - Main Turbine and Auxiliary System VB - Compound Building HVAC System "A" (34/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Replace F (10) The ECSBS design has not been finalized. However, the function has been qualitatively determined to be risk significant.

Table 17.4-1 (25 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System Codes:

DP - Diverse Protection System DT - Turbine Generator Building Drain System DV - FW Heater Miscellaneous Drains & Vents System EA - Breathing Air System ED - Non-radioactive Equipment Vents & Drains System EF - Engineering Safety Features Actuation System ES - Extraction Steam System FC - Spent Fuel Pool Cooling and Cleanup System FO - Fuel Oil System AP - Fire Protection System FT - Feedwater Pump Turbine System FW - Feedwater System GW - Gaseous Waste Management System HD - Heater Drain System HG - Containment Hydrogen Control System HY - Hydrogen System IA - Instrument Air System IP - Instrument Power System IW - In-Containment Water Storage System MP - Main Power System MS - Main Steam System NB - Non Class 1E 4.16 kV System NG - Non Class 1E 480V Load Center System NH - Non Class 1E 480V MCC & Low Voltage System NP - 13.8 kV Power System VC - Control Room HVAC System VD - Emergency Diesel Generator Area HVAC System VE - Electrical and I&C Equipment Areas HVAC System VF - Fuel Handling Area HVAC System VG - ESW Intake Structure/CCHX Bldg HVAC System VH - CW Pump Building HVAC System VJ - Cold Machine Shop HVAC System VK - Auxiliary Building Controlled Area HVAC System VN - Water Treatment & Chlorination Bldg HVAC System VO - Auxiliary Building Clean Area HVAC System VP - Reactor Containment Building HVAC System VQ - Reactor Containment Building Purge System VT - Turbine Generator Building HVAC System VU - Miscellaneous Building HVAC System (AAC GTG)

WD - Domestic Water System WH - Turbine Generator Building Open Cooling Water System WI - Plant Chilled Water System WL - Raw Water System WM - Makeup Demineralizer System WN - Nonpoint Source Pollution Abatement System WO - Essential Chilled Water System WT - Turbine Generator Building Closed Cooling Water System WV - Liquid Radwaste System WW - Wastewater Treatment System WX - Solid Radwaste System WY - Radioactive Laundry System Component Codes:

AACTG - Alternate AC Turbine Generator AD - Air Dryer ADV - Atmospheric Dump Valve AH - Air Handler (fan)

AV - Air-Operated Valve BC - Battery Charger BT - DC Battery LS - Level Switch MC - Motor Control Center (bus)

MSIV - Main Steam Isolation Valve MV - Motor-Operated Valve PP - Motor-Driven Pump RV - Relief Valve SEQ - Diesel Generator Load Sequencer "A" (35/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Replace F

Table 17.4-1 (26 of 26)

Reliability Assurance Program Systems, Structures & Components(8)

System Codes:

CH - Chillers CV - Check Valves DA - Deaerator EDG - Emergency Diesel Generator (or DG)

FT - Filter HE - Heat Exchanger HOV - Hydraulically-Operated Valve HV - Chillers or Coolers IN - Inverter LC - Load Center (bus)

IPB - Iso-Phase Bus SW - Switchgear SOV - Solenoid-Operated Valve SRV - Pilot-Operated Safety Relief Valve SV - Safety Valve TCB - Trip Circuit Breaker TE - Temperature Element or Transmitter TK - Tank TP - Turbine-Driven Pump TR - Transformer V - Manual Valve Y - Damper "A" (36/36) 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

Replace F

1++/-1RQ&ODVV(90&& /RZ9ROWDJH6\\VWHP

13+/-N93RZHU6\\VWHP

3$+/-, &(TXLSPHQW5RRP3DQHO

3(+/-(6)&RPSRQHQW&RQWURO6\\VWHP

3)+/-&ODVV(N96\\VWHP

3*+/-&ODVV(9/RDG&HQWHU6\\VWHP

3++/-&ODVV(90&& /RZ9ROWDJH6\\VWHP

32+/-3URFHVV&RPSRQHQW&RQWURO6\\VWHP

5&+/-5HDFWRU&RRODQW6\\VWHP

5*+/-5HDFWRU&RRODQW*DV9HQW6\\VWHP

53+/-5HDFWRU3URWHFWLRQ6\\VWHP

6,+/-6DIHW\\,QMHFWLRQ6KXWGRZQ&RROLQJ6\\VWHP

6;+/-(VVHQWLDO6HUYLFH:DWHU6\\VWHP

9&+/-&RQWURO5RRP+9$&6\\VWHP

9'+/-(PHUJHQF\\'LHVHO*HQHUDWRU$UHD+9$&6\\VWHP

9*+/-(6:3XPS%XLOGLQJ&&:+;%XLOGLQJ+9$&6\\VWHP

9.+/-$X[LOLDU\\%XLOGLQJ&RQWUROOHG$UHD+9$&6\\VWHP

92+/-$X[LOLDU\\%XLOGLQJ&OHDQ$UHD+9$&6\\VWHP

98+/-0LVFHOODQHRXV%XLOGLQJ+9$&6\\VWHP

0+/-0DNHXS'HPLQHUDOL]HU6\\VWHP

2+/-(VVHQWLDO&KLOOHG:DWHU6\\VWHP

7+/-7XUELQH*HQHUDWRU%XLOGLQJ&ORVHG&RROLQJ:DWHU

6\\VWHP:9+/-/LTXLG5DGZDVWH6\\VWHP

6\\VWHP&RGHV

$)$X[LOLDU\\)HHGZDWHU6\\VWHP

$7+/-$X[LOLDU\\)HHGZDWHU3XPS7XUELQH6\\VWHP

$;+/-$X[LOLDU\\)HHGZDWHU6WRUDJHDQG7UDQVIHU

6\\VWHP&$+/-&RQGHQVHU9DFXXP6\\VWHP

&&+/-&RPSRQHQW&RROLQJ:DWHU6\\VWHP

&6+/-&RQWDLQPHQW6SUD\\6\\VWHP

&9+/-&KHPLFDODQG9ROXPH&RQWURO6\\VWHP

'$+/-$OWHUQDWH$&'LHVHO*HQHUDWRU6\\VWHP

'&+/-'&'LVWULEXWLRQ6\\VWHP

'(+/-5DGLRDFWLYH'UDLQ6\\VWHP

'*+/-(PHUJHQF\\'LHVHO*HQHUDWRU6\\VWHP

'2+/-'LHVHO)XHO2LO7UDQVIHU6\\VWHP

'3+/-'LYHUVH3URWHFWLRQ6\\VWHP

)3+/-)LUH3URWHFWLRQ6\\VWHP

):+/-)HHGZDWHU6\\VWHP

• &+/-*URXS&RQWUROOHU&DELQHW

• +/-*DVHRXV5DGZDVWH6\\VWHP

+*+/-&RQWDLQPHQW+\\GURJHQ&RQWURO6\\VWHP

,3+/-,QVWUXPHQW3RZHU6\\VWHP

,:+/-,Q&RQWDLQPHQW:DWHU6WRUDJH6\\VWHP

/;+/-/RRS&RQWUROOHU&DELQHW

06+/-0DLQ6WHDP6\\VWHP

1%+/-1RQ&ODVV(N96\\VWHP

1*+/-1RQ&ODVV(9/RDG&HQWHU6\\VWHP

&RPSRQHQW&RGHV

$'9+/-$WPRVSKHULF'XPS9DOYH

$++/-$LU+DQGOHUIDQ

$9+/-$LU2SHUDWHG9DOYH

%&+/-%DWWHU\\&KDUJHU

%7+/-'&%DWWHU\\

&+RU+9+/-&KLOOHUVRU&RROHUV

0&+/-0RWRU&RQWURO&HQWHUEXV

06,9+/-0DLQ6WHDP,VRODWLRQ9DOYH

09+/-0RWRU2SHUDWHG9DOYH

33+/-3XPS

37+/-3UHVVXUH7UDQVPLWWHU

59+/-5HOLHI9DOYH

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

F (1/2)

&9+/-&KHFN9DOYHV

'*+/-(PHUJHQF\\'LHVHO

• HQHUDWRU)7+/-)LOWHU

+(+/-+HDW([FKDQJHU

+6+DQGVZLWFK

+9RU&++/-&KLOOHUVRU&RROHUV

,1+/-,QYHUWHU

,3%+/-,VR3KDVH%XV

/&+/-/RDG&HQWHUEXV

/,6+/-/HYHO,QGLFDWLQJ6ZLWFK

6(4+/-'LHVHO*HQHUDWRU/RDG6HTXHQFHU

6:+/-6ZLWFKJHDU

629+/-6ROHQRLG2SHUDWHG9DOYH

659+/-3LORW2SHUDWHG6DIHW\\5HOLHI

9DOYH69+/-6DIHW\\9DOYH

7$+/-7XUELQH

7&%+/-7ULS&LUFXLW%UHDNHU

7.+/-7DQN

75+/-7UDQVIRUPHU

9+/-0DQXDO9DOYH

<+/-'DPSHU

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

F (2/2)

APR1400 DCD TIER 2 Table 1.8-2 (33 of 38)

Item No.

Description COL 17.1(1)

The COL applicant is to establish and implement a QA program that is applicable to site-specific design activities during the plant construction and operation phases.

COL 17.2(1)

The COL applicant is to establish and implement a QA program that is applicable to site-specific design activities during the plant construction and operation phases.

COL 17.3(1)

The COL applicant is to establish and implement a QA program that is applicable to site-specific design activities during the plant construction and operation phases.

COL 17.4(1)

The COL applicant is to develop and implement Phases 2 and 3 of the design RAP, including QA requirements. In Phase 2, the plant's site-specific information is subjected to the D-RAP process, and the site-specific risk-significant SSCs are combined with the Phase 1 (design) risk-significant SSCs into one list for the plant. Phase 2 is performed during the COL application phase and updated/maintained during the COL license holder phase. In Phase 3, procurement, fabrication, construction, and test specifications for the SSCs within the scope of the D-RAP provide reasonable assurance that key assumptions, such as equipment reliability, are realistic and achievable. The QA requirements are implemented at this time. Phase 3 is performed during the COL license holder phase and prior to initial fuel loading.

COL 17.4(2)

The COL applicant is to propose a method for incorporating the objectives of the reliability assurance program into other programs for design or operational errors that degrade non-safety-related, risk-significant SSCs.

COL 17.4(3)

The COL applicant to develop and implement the RAP in the operations phase in which RAP activities are integrated into the existing operational program (e.g., Maintenance Rule, surveillance testing, inservice inspection, inservice testing, QA). The RAP in the operations phase also includes the process for providing corrective actions for design and operational errors that degrade non-safety-related SSCs within the scope of the RAP. A description of the proposed method for developing and integrating the operational RAP into operating plant programs (e.g., Maintenance Rule, quality assurance) is to be performed during the COL application phase. The development/integration of the O-RAP is performed during the COL license holder phase and prior to initial fuel loading. All SSCs identified as risk-significant within the scope of the design RAP are categorized as high-safety-significant (HSS) within the scope of the initial Maintenance Rule. Integration of reliability assurance activities into existing operational programs also addresses the establishment of:

a. Reliability performance goals for risk-significant SSCs consistent with the existing maintenance and quality assurance processes on the basis of information from the D-RAP. For example, implementation of the Maintenance Rule per Regulatory Guide 1.160 is one acceptable method for establishing performance goals if SSCs are categorized as HSS within the scope of the Maintenance Rule program.

b. Performance and condition monitoring requirements to provide reasonable assurance that risk-significant SSCs do not degrade to an unacceptable level during plant operations.

COL 17.5(1)

The COL applicant is to establish and implement a QA program that is applicable to site-specific design activities related to the plant construction and operation phases.

COL 17.6(1)

The COL applicant is to provide in its Final Safety Analysis Report a description of the Maintenance Rule program and a plan for implementing it to meet the requirements of 10 CFR 50.65.

1.8-37 5HY

5HSODFHGZLWK$LQQH[WSDJH 5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

$



&2/7KH$35DSSOLFDWLRQZLOOXSGDWHWKHGHVFULSWLRQRIWKH'5$3WRLQFOXGHUHOHYDQWVLWHDQGSODQW

VSHFLILFLQIRUPDWLRQHJGHVLJQSURJUDPSURFHGXUDODQGRUJDQL]DWLRQDOLQIRUPDWLRQ7KLVLQFOXGHV

LGHQWLI\\LQJWKH66&VZLWKLQWKHVFRSHRIWKHSODQWVSHFLILF5$3LHWKH5$366&VLGHQWLILHGLQWKH

'&XSGDWHGXVLQJ&2/VLWHDQGSODQWVSHFLILFLQIRUPDWLRQDQGHVWDEOLVKLQJWKHSURJUDPPDWLF

FRQWUROVRI'5$3WREHDSSOLHGGXULQJWKH&2/GHVLJQDQGFRQVWUXFWLRQDFWLYLWLHVSULRUWRLQLWLDOIXHO

ORDG



&2/7KH$35DSSOLFDWLRQZLOOVSHFLI\\DSSURSULDWH4$FRQWUROVIRUWKHQRQVDIHW\\UHODWHG5$366&VLQ

DFFRUGDQFHZLWKWKHSURYLVLRQVLQ3DUW91RQVDIHW\\5HODWHG66&4XDOLW\\&RQWUROVRI6536HFWLRQ

7KLVLQFOXGHVSURYLGLQJFRUUHFWLYHDFWLRQVIRUSRWHQWLDOGHVLJQDQGSUHRSHUDWLRQDOHUURUVWKDW

FRXOGGHJUDGHQRQVDIHW\\UHODWHG5$366&V



&2/7KH$35DSSOLFDWLRQZLOOSURSRVHDSURFHVVIRULQWHJUDWLQJWKH5$3LQWRRSHUDWLRQDOSURJUDPV

HJPDLQWHQDQFHUXOHSURJUDP4$SURJUDPLQVHUYLFHLQVSHFWLRQLQVHUYLFHWHVWLQJVXUYHLOODQFH

WHVWLQJDQGPDLQWHQDQFHSURJUDPV7KHSURFHVVVKRXOGDOVRDGGUHVVWKHHVWDEOLVKPHQWRI

UHOLDELOLW\\DYDLODELOLW\\RUFRQGLWLRQSHUIRUPDQFHJRDOVIRUWKH5$366&VHVWDEOLVKPHQWRI

SHUIRUPDQFHDQGFRQGLWLRQPRQLWRULQJUHTXLUHPHQWVWRSURYLGHUHDVRQDEOHDVVXUDQFHWKDW5$366&V

GRQRWGHJUDGHWRDQXQDFFHSWDEOHOHYHORIUHOLDELOLW\\DYDLODELOLW\\RUFRQGLWLRQGXULQJSODQWRSHUDWLRQV

IRUQRQVDIHW\\UHODWHG5$366&VHVWDEOLVKPHQWRI4$FRQWUROVIRUDFWLYLWLHVGXULQJWKHRSHUDWLRQV

SKDVHLQDFFRUGDQFHZLWKWKHSURYLVLRQVLQ3DUW9RI6536HFWLRQDQGFRQVLGHUDWLRQRI

GRPLQDQWIDLOXUHPRGHVRI5$366&VLQPHHWLQJWKHREMHFWLYHVRIWKH5$3GXULQJSODQWRSHUDWLRQ

5$,4XHVWLRQB5HY

5$,4XHVWLRQB5HY

$WWDFKPHQW

APR1400 DCD TIER 2 3.2-23 Table 3.2-1 (9 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B(3)

Seismic Category Remarks

8) Non-essential supply and return piping between the valve CC-146 and CC-148 in the auxiliary building of the division II AB NNS D

ASME B31.1-2010 A

II (3)(d)

9) Non-essential supply and return piping in the compound building of the division II CPB NNS D

ASME B31.1-2010 N/A III

10. CD - Condensate

a. Piping in auxiliary bldg.

AB NNS D

ASME B31.1-2010 A

II (3)(d)

b. Condenser, condensate pumps, tanks, valves, strainers TGB NNS D

ASME B31.1-2010 N/A III

c. Deaerator storage tank TGB NNS D

ASME Sec. VIII -2007 with 2008 addenda A

III (3)(e)

d. Feedwater Heaters TGB NNS D

ASME Sec. VIII -2007 with 2008 addenda N/A III

e. Other piping TGB NNS D

ASME B31.1-2010 N/A III

11. CE - Control Element Assembly Drive

a. Control element drive mechanism RCB SC-1 A

ASME Sec. III NB -2007 with 2008 addenda Yes I

1) Pressure housing assembly RCB SC-1 A

ASME Sec. III NB -2007 with 2008 addenda Yes I

2) Motor assembly RCB SC-2 B

N/A Yes I

(N-10)

3) Extension shaft assembly RCB SC-2 B

N/A Yes I

(N-10)

b. Reactor trip switchgear RCB SC-3 N/A IEEE-603-1991 Yes I

c. Rod drive motor generator set RCB NNS N/A N/A N/A III Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (1/11) 5$,4XHVWLRQB5HY

N/A Delete

APR1400 DCD TIER 2 3.2-33 Table 3.2-1 (19 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B(3)

Seismic Category Remarks

6) Boric acid supply (BAST to VCT/charging pump suction)

Yard, AB SC-3 C

ASME Sec. III ND-2007 with 2008 addenda Yes I

7) Reactor makeup water supply (RMWT to CV-186 inlet)

Yard, AB NNS D

ASME B31.1-2010 A

II (3)(d)

8) BAMP to IRWST isolation valve CV-553 AB, RCB NNS D

ASME B16.34 - 2009 A

II (3)(d),

(3)(e)

9) BABT to BAST isolation valve CV-126 AB NNS D

ASME B16.34 - 2009 A

III (3)(e)

21. CW - Circulating Water

a. ((CW pumps))

CWPH NNS D

HI Standards - 2010 N/A III

b. Butterfly valves

TGB, CWPH NNS D

AWWA C504-2010 N/A III

c. Condenser tube cleaning system components TGB NNS D

ASME B31.1-2010 N/A III

d. Circulating water pump lube water booster pumps CWPH NNS D

HI Standards-2010 N/A III

e. ((Makeup pumps))

Yard NNS D

HI Standards-2010 N/A III

f. ((Blowdown pumps))

Yard NNS D

HI Standards-2010 N/A III

g. ((Cooling towers (including cooling tower fans)))

Yard NNS D

ASME PTC 23-2003 N/A III

h. Piping and valves

TGB, CWPH, Yard NNS D

ASME B31.1-2010 N/A III Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (2/11) 5$,4XHVWLRQB5HY

N/A Delete Delete

APR1400 DCD TIER 2 3.2-40 Table 3.2-1 (26 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B(3)

Seismic Category Remarks

30. EF - Engineered Safety Feature Actuation System AB SC-3 N/A IEEE-323-2003 IEEE-344-2004 IEEE-379-2000 IEEE-603-1991 IEEE-7-4.3.2-2003 Yes I

31. EM - Seismic Monitoring AB, RCB,

CPB, CCWHXB NNS N/A IEEE-344-2004 A

I (9)

32. ER - Emergency Response Facility

a. TSC Console AB NNS N/A N/A A

II (3)(d),

(5)

b. Panels and displays in EOF Outside of plant NNS N/A N/A N/A III

33. ET - Auxiliary Transformer

a. Standby aux. transformers Yard NNS N/A N/A A

III (3)(e)

b. Unit aux. transformers Yard NNS N/A N/A N/A III

34. FC - Spent Fuel Pool Cooling and Cleanup (10)

a. Spent fuel pool cooling heat exchangers AB SC-3 C

ASME Sec. III ND-2007 with 2008 addenda Yes I

b. Spent fuel pool cooling pumps AB SC-3 C

ASME Sec. III ND-2007 with 2008 addenda Yes I

c. Spent fuel pool cleanup pumps AB NNS D

ASME Sec. VIII-2007 with 2008 addenda A

II (3)(d)

d. Spent fuel pool cleanup filters AB NNS D

ASME Sec. VIII-2007 with 2008 addenda A

II (3)(d)

Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (3/11) 5$,4XHVWLRQB5HY

A (3)(e)

APR1400 DCD TIER 2 3.2-45 Table 3.2-1 (31 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B(3)

Seismic Category Remarks

c. Normal fire protection subsystem in safety-related areas

1) Subsystem Components (a) Fire control panel ALL NNS N/A UL/NFPA 20-2013 A

II (3)(d)

(b) Fire hydrant Yard NNS E

NFPA 24-2013 A

II (3)(d)

(c) Extinguisher ALL NNS E

NFPA 10 -2013 A

II (3)(d)

(d) Others ALL NNS E

Applicable UL/NFPA A

II (3)(d)

2) Subsystem fire protection piping ALL NNS D

ASME B31.1-2010 A

II (3)(d)

3) Subsystem fire protection piping ALL NNS E

NFPA 13-2013 A

II (3)(d)

d. Normal fire protection subsystem in non-safety-related areas

1) Subsystem components (a) Main fire pumps and jockey pump FPWTB NNS E

NFPA 20-2013 A

III (3)(e)

(b) Freshwater storage tanks Yard NNS E

AWWA D-100-2005 NFPA 22-2013 A

III (3)(e)

(c) Fire control panel FPWTB NNS N/A UL/NFPA 20-2013 A

III (3)(e)

(d) Fire hydrant Yard NNS E

NFPA 24-2013 A

III (3)(e)

(e) Extinguisher ALL NNS E

NFPA 10-2013 A

III (3)(e)

(f) Others ALL NNS E

Applicable UL/NFPA A

III (3)(e)

2) Subsystem fire protection piping ALL NNS D

ASME B31.1-2010 A

III (3)(e)

3) Subsystem fire protection piping ALL NNS E

NFPA 13-2013 A

III (3)(e)

Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (4/11) 5$,4XHVWLRQB5HY

N/A Delete (3)(e)

II A

Applicable UL/NFPA E

NNS AB

4) Clean Agent Suppression Subsystem in Control Room

5) Fire Suppression Subsystem in Switchgear Room AB NNS E

Applicable UL/NFPA A

II (3)(e)

APR1400 DCD TIER 2 3.2-46 Table 3.2-1 (32 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B(3)

Seismic Category Remarks

39. FW - Feedwater

a. From the SG up to and including the MSVH penetration anchor

RCB, MSVH SC-2 B

ASME Sec. III NC-2007 with 2008 addenda Yes I

b. Other piping TGB NNS D

ASME B31.1-2010 N/A III

c. Feedwater pumps TGB NNS D

HI Standards - 2010 N/A III

d. Feedwater booster pumps TGB NNS D

HI Standards - 2010 N/A III

e. Startup feedwater pump TGB NNS D

HI Standards - 2010 A

III (3)(e)

f. Startup feedwater pump discharge check valve TGB NNS D

ASME B31.1-2010 A

III (3)(e)

g. Startup feedwater pump discharge isolation valve TGB NNS D

ASME B31.1-2010 A

III (3)(e)

h. Feedwater heaters TGB NNS D

ASME Sec. VIII - 2007 with 2008 addenda N/A III

i. Other components TGB NNS D

ASME Sec. VIII - 2007 with 2008 addenda N/A III

40. GD - Grounding

a.

Grounding conductor ALL NNS N/A IEEE 80-2000 IEEE 665-1995 N/A III

b. Lightning protection equipment ALL NNS N/A IEEE 80-2000 IEEE 665-1995 N/A III Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (5/11) 5$,4XHVWLRQB5HY

Startup feedwater pump discharge check valve, discharge stop check valve, and suction valve

APR1400 DCD TIER 2 3.2-51 Table 3.2-1 (37 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B(3)

Seismic Category Remarks

50. IS - Security

a. Security CCTV subconsole and color graphic console AB NNS N/A 10 CFR 73.55-2010 IEEE 692-2010 A

II (3)(d),

(6)

b. Other security equipment ALL NNS N/A N/A N/A III (6)

51. IW - In-Containment Refueling Water Storage

a. In-containment refueling water storage tanks RCB SC-3 G

ACI 349-1997, ASME Sec. III CC-2001 with 2003 Addenda Yes I

b. Holdup volume tank RCB SC-3 G

ACI 349-1997, ASME Sec. III CC-2001 with 2003 Addenda Yes I

c. Trisodium phosphate baskets RCB SC-3 N/A AISC N690-1994&2004 (Supplement No.2)

Yes I

d. IRWST sump strainers RCB SC-3 G

AISC N690-1994&2004 (Supplement No.2)

Yes I

e. Swing panels RCB SC-3 G

ASME AG-1-2009 Yes I

f. In-containment refueling water storage tank spillway RCB SC-2 B

ASME Sec. III NC-2007 with 2008 addenda Yes I

g. Holdup volume tank flooding lines including the power operated valves V001 and 002 (MOV)

RCB SC-2 B

ASME Sec. III NC-2007 with 2008 addenda Yes I

h. Reactor cavity flooding lines including the power operated valves V003 and 004 (MOV)

RCB SC-2 B

ASME Sec. III NC-2007 with 2008 addenda Yes I

Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (6/11) 5$,4XHVWLRQB5HY

Equipment in Safety-Related Areas Others AB, CCWHXB, ESWB, EDGB

APR1400 DCD TIER 2 3.2-53 Table 3.2-1 (39 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B (3)

Seismic Category Remarks

53. LL - Lighting

a. Equipment in safety-related area

1) Lighting fixture RCB, AB,

CCWHXB, ESWB, EDGB NNS N/A NFPA 101-2012 A

II (3)(d)

2) Lighting transformer RCB, AB,

CCWHXB, ESWB, EDGB NNS N/A NFPA 101-2012 A

II (3)(d)

3) Lighting distribution panel RCB, AB,

CCWHXB, ESWB, EDGB NNS N/A NFPA 101-2012 A

II (3)(d)

b. Equipment in other areas ALL NNS N/A N/A N/A III

54. LP - Large Display Panel AB NNS N/A N/A A

II (3)(d)

55. MP - Main Power

a. Protective relays for generator and transformer AB NNS N/A N/A A

II (3)(d)

b. Generator excitation system, main transformer, generator circuit breaker, isolated phase bus and related protection facility TGB Yard NNS N/A N/A N/A III

c. Others TGB NNS N/A N/A N/A III Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (7/11) 5$,4XHVWLRQB5HY

c d

Delete

b. Main transformer and isolated phase bus TGB Yard NNS N/A N/A A

III (3)(e)

APR1400 DCD TIER 2 3.2-54 Table 3.2-1 (40 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B(3)

Seismic Category Remarks

56. MS - Main Steam

a. Piping and components from SG up to and including the MSVH penetration anchor wall

RCB, MSVH SC-2 B

ASME Sec. III NC-2007 with 2008 addenda Yes I

b. Piping and components from outlet of MSADVs and MSSVs AB NNS D

ASME B31.1-2010 A

II (3)(d)

c. Piping inside main steam pipe enclosure MS Pipe Enclosure NNS D

ASME B31.1-2010 A

II (3)(d)

d. Components inside turbine generator building from outside main steam pipe enclosure TGB NNS D

ASME B31.1-2010 N/A III

e. Other piping TGB NNS D

ASME B31.1-2010 N/A III

57. NB - 4.16 kV Non-Class 1E Power

a. 4.16 kV switchgear (SW01M) in aux.

building AB NNS N/A N/A A

II (3)(d),

(3)(e)

b. 4.16 kV switchgear (SW02N) in TG building TGB NNS N/A N/A A

III (3)(e)

c. 4.16 kV switchgear (SW03N) in AAC GTG building AAC GTGB NNS N/A N/A A

III (3)(b),

(3)(e)

d. 4.16 kV switchgear (SW02M) in TG building TGB NNS N/A N/A N/A III

58. NC - NSSS process control

a. Feedwater control signal processing and processor AB NNS N/A N/A A

II (3)(d)

b. Steam bypass control signal processing and processor AB NNS N/A N/A A

II (3)(d)

Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (8/11) 5$,4XHVWLRQB5HY

e. 4.16 kV switchgear (SW01N) in aux.

building AB NNS N/A N/A A

II (3)(d)

N/A Delete

APR1400 DCD TIER 2 3.2-59 Table 3.2-1 (45 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B(3)

Seismic Category Remarks

67. PG - 480V Class 1E Load Center

a. 480V LCs and LC XFMRs AB SC-3 N/A IEEE 308-2001, IEEE 323-2003, IEEE 344-2004, IEEE 420-2001 Yes I

68. PH - 480V Class 1E MCC and Low Voltage

a.

480V MCCs 120/208V distribution panels and XFMRs AB ESWB EDGB SC-3 N/A IEEE 308-2001, IEEE 323-2003, IEEE 344-2004, IEEE 420-2001 Yes I

69. PM - MCR

a. Operator console (RO, TO, EO, SS, STA)

1) Frame AB SC-3 N/A IEEE-323-2003 IEEE-344-2004 IEEE-420-2013 IEEE-603-1991 Yes I

2) IFPD AB NNS N/A N/A A

II (3)(d)

3) ESCM AB SC-3 N/A IEEE-603-1991 IEEE-323-2003 IEEE-344-2004 IEEE-420-2013 Yes I

Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (9/11) 5$,4XHVWLRQB5HY

APR1400 DCD TIER 2 3.2-62 Table 3.2-1 (48 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B(3)

Seismic Category Remarks

2) Process loop controller cabinet and related components AB, CPB, TB,

FPWTB, CWPH, AAC

GTGB, SWYD NNS N/A IEEE-383-2003 (17)

IEEE-420-2001(17)

IEEE-7-4.3.2-2003(17)

A II (3)(d)

b. Non-safety-instrument sensing lines

1) Non-safety instrument sensing line in safety-related area AB, RCB, TGB, CPB, ACC

GTGB, ESWB,

CWPH, CCWHXB, Yard NNS D

N/A A

II (3)(d)

2) Reliability related non-safety instrument sensing line in non-safety-related area AB, TGB, CPB

FPWTB, RCB

CWPH, Yard NNS D

N/A A

III (3)(e)

3) Other non-safety instrument sensing line in non-safety-related area AB, TGB,

CCWHXB, RCB, CPB,

CWPH, FPWTB,

ESWB, AAC

GTGB, Yard NNS D

N/A N/A III Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (10/11) 5$,4XHVWLRQB5HY

3) Other process

2) Reliability related process loop controller cabinet and related components TB NNS N/A IEEE-383-2003(17)

IEEE-420-2001(17)

IEEE-7-4.3.2-2003(17)

A II (3)(d),

(3)(e)

APR1400 DCD TIER 2 3.2-95 Table 3.2-1 (81 of 86)

SSC Identification Location(2)

Safety Class Quality Group Codes and Standards 10 CFR 50, App. B(3)

Seismic Category Remarks

j. Demineralized water makeup manual valve AB NNS D

ASME B31.1-2010 A

II (3)(d)

k. Nitrogen makeup control valves AB NNS D

ASME B31.1-2010 A

II (3)(d)

l. Chemical additive tank supply and return line piping and associated valves AB NNS D

ASME B31.1-2010 A

II (3)(d) 108. WT - Turbine Generator Building Closed Cooling Water

a.

Pumps TGB NNS D

HI Standards-2010 N/A III

b. Heat exchangers TGB NNS D

ASME Sec. VIII-2007 with 2008 Addenda N/A III

c.

Valves and associated piping TGB NNS D

ASME B31.1-2010 N/A III 109. WV - Liquid Radwaste

a. Piping and components in safety-related areas AB NNS D

ASME B31.1 - 2010 A

II (3)(d)

b. Piping and valve containing radioactive materials CPB NNS D

ASME B31.3 - 2010 Note (4)

Note (4)

(4)

c. Floor drain tank CPB NNS D

API650 - 2007 Note (4)

Note (4)

d. Equipment waste tank CPB NNS D

API650 - 2007 Note (4)

Note (4)

e. Chemical waste tank CPB NNS D

API650 - 2007 Note (4)

Note (4)

f. Monitor tank CPB NNS D

API650 - 2007 Note (4)

Note (4)

Rev. 1 RAI 316-8305 - Question 17.04-1_Rev.3 (11/11) 5$,4XHVWLRQB5HY

Heat exchangers, and chemical addition tank

b. Surge tank TGB NNS D

ASME Sec. VIII-2007 with 2008 Addenda A

(3)(e)

III c.

d.

A (3)(e)