ML18228A855
| ML18228A855 | |
| Person / Time | |
|---|---|
| Site: | PROJ0769, NuScale |
| Issue date: | 08/16/2018 |
| From: | Rad Z NuScale |
| To: | Document Control Desk, Office of New Reactors |
| Shared Package | |
| ML18228A854 | List: |
| References | |
| LO-0718-61104 TR-1117-57216, Rev 1 | |
| Download: ML18228A855 (109) | |
Text
LO-0718-61104 August 16, 2018 Docket No. PRO 0769 U.S. Nuclear Regulatory Commission ATTN: Document Control Desk One White Flint North 11555 Rockville Pike Rockville, D 20852-2738 S C NuScale Power, LLC Submittal of Changes to NuScale Generic Technical Guidelines, Draft Revision 1, TR-1117-57216 NC S 1. Letter from NuScale Power, LLC to U.S. Nuclear Regulatory Commission, NuScale Power, LLC Submittal of Technical Report NuScale Generic Technical Guidelines, TR-1117-57216, dated November 30, 2017 ( L17334 822)
- 2. Nuclear Regulatory Commission Summary of February 2, 2018. Category 1, Public Closed Teleconference to Discuss U.S. Nuclear Regulatory Commission Staff Feedback on NuScale Power, LLC Generic Technical Guidance, Revision 0, dated une 21, 2018 ( L18169A172)
During a series of public closed teleconferences held on February 2, 2018, February 9, 2018, and February 15th, 2018 with NRC uman Factors Engineering Staff, NuScale Power, LLC (NuScale) discussed potential updates to the NuScale Generic Technical Guidelines (GTG), TR-1117-57216. As a result of this discussion, NuScale has revised the NuScale Generic Technical Guidelines, TR-1117-57216, as documented in NRC meeting summary (Reference 2). The Enclosure to this letter provides a mark-up of the report pages incorporating revisions to the GTG in redline strikeout format. NuScale will include the change as part of a future revision to the NuScale NuScale Generic Technical Guidelines Revision 1. is the proprietary version of the NuScale Generic Technical Guidelines, TR-1117-57216.
NuScale requests that the proprietary version be withheld from public disclosure in accordance with the requirements of 10 CFR § 2.390. The enclosed affidavit (Enclosure 3) supports this request. is the nonproprietary version of the NuScale Generic Technical Guidelines.
This letter makes no regulatory commitments or revisions to any existing regulatory commitments.
If you have any questions, please feel free to contact Carrie Fosaaen at 541-452-7126 or at cfosaaen nuscalepower.com Sincerely, Zackary W. Rad Director, Regulatory Affairs NuScale Power, LLC NuScale Power, LLC 1100 NE Circle Blvd., Suite 200 Corvallis, Oregon 97330 Office 541.360-0500 Fax 541.207.3928 www.nuscalepower.com
LO-0718-61104 Page 2 of 2 8/16/18 Distribution: Samuel Lee, NRC, OWFN-8G9A Greg Cranston, NRC, OWFN-8G9A Prosanta Chowdhury, NRC, OWFN-8G9A Enclosure 1: Changes to NuScale Generic Technical Guidelines, Draft Revision 1, TR-1117-57216-P proprietary version Enclosure 2: Changes to NuScale Generic Technical Guidelines, Draft Revision 1, TR-1117-57216-NP, nonproprietary version Enclosure 3: Affidavit of Zackary W. Rad, AF-0718-61106 NuScale Power, LLC 1100 NE Circle Blvd., Suite 200 Corvallis, Oregon 97330 Office 541.360-0500 Fax 541.207.3928 www.nuscalepower.com
LO-0718-61104 :
Changes to NuScale Generic Technical Guidelines, Draft Revision 1, TR-1117-57216-P, proprietary version NuScale Power, LLC 1100 NE Circle Blvd., Suite 200 Corvallis, Oregon 97330 Office 541.360-0500 Fax 541.207.3928 www.nuscalepower.com
LO-0718-61104 :
Changes to NuScale Generic Technical Guidelines, Draft Revision 1, TR-1117-57216-NP, nonproprietary version NuScale Power, LLC 1100 NE Circle Blvd., Suite 200 Corvallis, Oregon 97330 Office 541.360-0500 Fax 541.207.3928 www.nuscalepower.com
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Licensing Technical Report NuScale Generic Technical Guidelines November 30, 2017 Draft Revision 01 Docket: 52-048 NuScale Power, LLC 1100 NE Circle Blvd., Suite 200 Corvallis, Oregon 97330 www.nuscalepower.com
© Copyright 20178 by NuScale Power, LLC
© Copyright 20178 by NuScale Power, LLC i
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Licensing Technical Report COPYRIGHT NOTICE This report has been prepared by NuScale Power, LLC, and bears a NuScale Power, LLC, copyright notice. No right to disclose, use, or copy any of the information in this report, other than by the U.S.
Nuclear Regulatory Commission (NRC), is authorized without the express, written permission of NuScale Power, LLC.
The NRC is permitted to make the number of copies of the information contained in this report that is necessary for its internal use in connection with generic and plant-specific reviews and approvals, as well as the issuance, denial, amendment, transfer, renewal, modification, suspension, revocation, or violation of a license, permit, order, or regulation subject to the requirements of 10 CFR 2.390 regarding restrictions on public disclosure to the extent such information has been identified as proprietary by NuScale Power, LLC, copyright protection notwithstanding. Regarding nonproprietary versions of these reports, the NRC is permitted to make the number of copies necessary for public viewing in appropriate docket files in public document rooms in Washington, DC, and elsewhere as may be required by NRC regulations. Copies made by the NRC must include this copyright notice and contain the proprietary marking if the original was identified as proprietary.
© Copyright 20178 by NuScale Power, LLC ii
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Licensing Technical Report Department of Energy Acknowledgement and Disclaimer This material is based upon work supported by the Department of Energy under Award Number DE-NE0000633.
This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or any agency thereof. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or any agency thereof.
© Copyright 20178 by NuScale Power, LLC iii
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Licensing Technical Report CONTENTS Abstract ....................................................................................................................................... 1 Executive Summary .................................................................................................................... 2 1.0 Introduction ..................................................................................................................... 3 1.1 Purpose ................................................................................................................. 3 1.2 Scope .................................................................................................................... 3 1.3 Abbreviations ......................................................................................................... 3 2.0 Background ..................................................................................................................... 6 3.0 Methodology .................................................................................................................... 7 4.0 Procedure Development ................................................................................................. 9 4.1 Symptom-Based Procedures ................................................................................ 9 4.2 Critical Safety Functions ........................................................................................ 9 4.2.1 Containment Integrity .......................................................................................... 10 4.2.2 Reactivity ............................................................................................................. 11 4.2.3 Core Heat Removal ............................................................................................. 12 4.3 Structure and Use ............................................................................................... 13 4.4 Manual Actions .................................................................................................... 18 4.5 Entry Conditions .................................................................................................. 24 4.6 Exit Conditions .................................................................................................... 24 4.7 Setpoint Selection ............................................................................................... 25 4.8 Implementation Strategy ..................................................................................... 25 5.0 Generic Technical Guidelines and Basis .................................................................... 28 5.1 Containment Integrity Safety Function ................................................................ 29 5.1.1 Containment Atmosphere .................................................................................... 30 5.1.2 Containment Bypass ........................................................................................... 31 5.1.3 Containment Isolation Signal Actuation ............................................................... 34 5.1.4 Chemical and Volume Control System Isolation Actuation .................................. 37 5.1.5 Primary-to-Secondary Leakage ........................................................................... 40 5.2 Reactivity Safety Function ................................................................................... 43 5.2.1 Reactor Trip System Actuation ............................................................................ 44 5.2.2 Dilution Isolation .................................................................................................. 47 5.2.3 Reactivity Verification .......................................................................................... 54
© Copyright 20178 by NuScale Power, LLC iv
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Licensing Technical Report 5.3 Core Heat Removal Safety Function ................................................................... 57 5.3.1 Ultimate Heat Sink Inventory ............................................................................... 58 5.3.2 Fuel Clad Protection ............................................................................................ 59 5.3.3 Emergency Core Cooling System (ECCS) & Low Temperature Overpressure Actuation ....................................................................................... 63 5.3.4 Decay Heat Removal Actuation ........................................................................... 68 5.3.5 Pressurizer Heater Trip Actuation ........................................................................ 76 5.4 Defense-in-Depth Actions .................................................................................... 77 5.4.1 Electrical .............................................................................................................. 79 5.4.2 Other Defense-in-Depth Actions .......................................................................... 84 6.0 Validation ....................................................................................................................... 86 7.0 References ..................................................................................................................... 87 7.1 Source Documents .............................................................................................. 87 7.2 Referenced Documents ....................................................................................... 87 8.0 Appendix A - Event Progression Comparison ........................................................... 88 9.0 Appendix B - NuScale Design Severe Accident Management Guideline Development .................................................................................................................. 91 10.0 Appendix C - Instrumentation Utilized in the General Technical Guidelines .......... 94 TABLES Table 1-1 Abbreviations ......................................................................................................... 3 Table 1-2 Definitions .............................................................................................................. 5 Table 4-1 PRA credited operator actions to mitigate core damage ..................................... 19 Table 4-2 PRA credited operator actions to mitigate large radiological release .................. 19 Table 4-3 Operator actions described in FSAR for Chapter 20 beyond-design-basis events .................................................................................................................. 20 Table 4-4 Operator actions to support critical safety functions ............................................ 21 Table 8-1 Loss of coolant accident ...................................................................................... 88 Table 8-2 Steam generator tube failure ............................................................................... 89 Table 8-3 Loss of feedwater ................................................................................................ 89 Table 8-4 Inadequate core cooling/loss of forced circulation............................................... 90 Table 9-1 EPRI Candidate high-level action comparison to NuScale design ...................... 91 Table 10-1 List of reactor trip parameters.............................................................................. 94 Table 10-2 List of general technical guidelines decision variables ........................................ 95
© Copyright 20178 by NuScale Power, LLC v
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Licensing Technical Report FIGURES Figure 4-1 Example safety function status display on the HSI.............................................. 16 Figure 4-2 Example safety function display on manual electronic interface ......................... 17 Figure 4-3 Unit overview display ........................................................................................... 24 Figure 5-1 Comparison of riser level vs. average RCS temperature for bounding cases ..... 33 Figure 5-2 ATWS response under different conditions. ........................................................ 54
© Copyright 20178 by NuScale Power, LLC vi
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Abstract This document describes the generic guidance that is provided to emergency procedure writers to develop procedures used by plant operators to ensure plant safety during an accident. This guidance covers the content provided in existing industry procedure classes including:
emergency operating procedures, severe accident management guidelines, extended loss of AC power and loss of large area guidance.
© Copyright 20178 by NuScale Power, LLC 1
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Executive Summary TMI Action Plan Item I.C.1, a post-TMI requirement approved by the Commission for implementation, requires the preparation of emergency procedure technical guidelines for development of the emergency operating procedures (EOPs). Preparation of the technical guidelines is conducted in accordance with Clarification of TMI Action Plan Requirements, NUREG-0737, and Supplement 1, Requirements for Emergency Response Capability, NUREG-0737, that also specify submittal of the technical guidelines to the NRC for review and approval.
Meeting the requirements of TMI Action Plan Item I.C.1 as prescribed in NUREG-0737,Section I.C.1, and Supplement 1 to NUREG-0737, Section 7 is an acceptance criterion in Operating and Emergency Operating Procedures, SRP Chapter 13.5.2.1, NUREG-0800. Design-specific generic technical guidelines (GTGs) will be used by combined license applicants to develop their plant-specific technical guidelines, from which their EOPs will be developed. The GTGs are described in Guidelines for the Preparation of Emergency Operating Procedures, NUREG-0899.
The GTGs are documents that identify the equipment or systems to be operated and list the steps necessary to mitigate the consequences of transients and accidents and restore safety functions. The GTGs represent the translation of engineering data derived from transient and accident analyses and probabilistic risk assessment (PRA) into information presented in such a way that it can be used to write EOPs.
The NuScale Power, LLC plant design is both simple and passive with limited manual actions required to ensure nuclear safety. There are no operator actions credited in the evaluation of NuScale design-basis accidents. All of the analyzed operator actions are used to mitigate beyond-design-basis events.
This document describes the NuScale generic technical guidance, including:
- 1. the process used to develop GTGs.
- 2. the assumptions used during development.
- 3. a description of the supportive analysis.
- 4. a description of the validation process.
© Copyright 20178 by NuScale Power, LLC 2
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 1.0 Introduction 1.1 Purpose This document describes the generic guidance that is provided to the emergency procedure writers to develop procedures used by plant operators to ensure plant safety during an accident. This guidance covers the content provided in existing industry operating procedure classes including: emergency operating procedures, severe accident management guidelines, extended loss of AC power and loss of large area guidance.
1.2 Scope This document describes the actions assumed within analysis of accident conditions that occur outside the design basis. The NuScale transient and accident analyses conducted for design-basis events (DBEs) do not identify any required operator actions. The generic technical guidelines (GTGs) contain those actions that have been credited by probabilistic risk assessment (PRA) and described in the final safety analysis report (FSAR) to respond to beyond-design events such as severe accidents, extended loss of AC power, and loss of large area. Additionally, some actions have been included solely based on task analysis performed as part of the human factors engineering program.
This document is intended to provide guidance and basis for the emergency operating procedures but does not describe actions to the level of detail expected for a final operating procedure.
1.3 Abbreviations Table 1-1 Abbreviations Term Definition AAPS auxiliary AC power source ATWS anticipated transient without scram BDG backup diesel generator CET core exit thermocouple CFDS containment flood and drain system CHLA candidate high-level actions CIS containment isolation signal CIV containment isolation valve CNV containment vessel CVCI chemical volume control isolation CVCS chemical and volume control system DBA design-basis accident DBE design-basis event DHRS decay heat removal system DW demineralized water DWSIIS demineralized water system isolation signal DWS demineralized water system
© Copyright 20178 by NuScale Power, LLC 3
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Term Definition ECCS emergency core cooling system EDSS highly reliable DC power system ELVS electrical low voltage system EOF emergency operations facility EOP emergency operating procedure ESFAS engineered safety features actuation system FSAR final safety analysis report GTG generic technical guideline HSI human-system interface I&C instrumentation and controls IHA important human action ISV integrated system validation LOCA loss of coolant accident LOCA-IC loss of coolant accident inside containment LOCA-OC loss of coolant accident outside containment (containment bypassed)
MCC motor control center MCR main control room MCS module control system MPS module protection system PCS plant control system PORV power operated relief valve PRA probabilistic risk assessment PZR pressurizer RCS reactor coolant system RPV reactor pressure vessel RRV reactor recirculation valve RTS reactor trip system RVV reactor vent valve SAMG severe accident management guidance SDI safety display and indication SGTF steam generator tube failure SME subject matter expert TMI Three Mile Island UHS ultimate heat sink UTB under the bioshield WR wide range
© Copyright 20178 by NuScale Power, LLC 4
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Table 1-2 Definitions Term Definition defense-in-depth function A function defined by the plant design that verifies and restores nonsafety related equipment to mitigate beyond-design-basis events, provides additional margin to safety system actuation or maintains parameters within normal operating ranges. The defense-in-depth functions are: (1) electrical, (2) reactor coolant system (RCS) makeup, (3) secondary heat removal, and (4) post trip actions.
design basis accident A postulated accident that a nuclear facility must be designed and built to withstand without loss to the systems, structures and components necessary to ensure public health and safety.
design basis event Postulated events used in the design to establish the acceptable performance requirements for the structures, systems, and components.
safety function A function defined by the plant design that maintains the unit in a safe shutdown condition and provides mitigating actions for accidents that cause core damage or release of radioactivity. The NuScale design has three safety functions defined: (1) maintain containment integrity, (2) reactivity control, and (3) remove fuel assembly heat.
maintain containment Design features used to prevent fission products from escaping the integrity containment boundary. This function is referred to as containment integrity for ease of communication.
reactivity control Design features used to control reactivity to maintain core and RCS integrity in order to prevent the release of radioactive material to the environment.
remove fuel assembly heat Design features used to remove heat from the fuel assemblies via passive convection and conduction. This function maintains fuel integrity and prevents the release of radioactive material to the environment. This function is referred to as core heat removal for ease of communication.
Operations subject matter A person who has completed the NuScale human factors engineering expert (HFE)/Operations initial company training program, has previous licensed operating nuclear plant experience, and has performed task analysis or NuScale system reviews so they are familiar with the NuScale plant design.
secondary heat sink Use of the steam generators to accomplish core heat removal. Each of the two steam generators acts as a secondary heat sink to facilitate core heat removal. Heat removal can be accomplished by supplying feedwater to the steam generator where it is converted to steam and subsequently transferred to the circulating water system via the main condenser, or to the DHRS where core heat is transferred to the reactor pool.
© Copyright 20178 by NuScale Power, LLC 5
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 2.0 Background The generic technical guidance is described in the Standard Review Plan, NUREG-0800, Chapter 13.5.2.1. The Standard Review Plan is the parent document providing guidance for the review of submittal documents and states that a procedures generation package should be submitted. The procedures generation package describes the applicants program for developing the emergency operating procedures as well as the content. Vendor-supplied generic technical guidance is developed to be used by applicants or licensees to develop emergency operating procedures.
The Three Mile Island accident in 1979 provided the impetus for renewed guidance and clarity on the development of emergency operating procedures. The nuclear steam supply system vendors at the time developed generic guidance that was then given to the plant owners to develop specific plant technical guidance. NUREG-0899, Guidelines for the Preparation of Emergency Operating Procedures, provides guidance that the U.S. Nuclear Regulatory Commission uses in evaluating whether an applicant or licensee meets the requirements for Emergency Operating Procedures of Title 10 Code of Federal Regulations, Part 50.34(b)(6)(ii).
The NuScale GTGs have been developed by referring to the content and format that legacy vendor guidelines have used. Traditionally, generic guidance has been arranged in four volumes: (1) the actual guidelines, (2) an annotated version of the guidelines with reference to a basis document, (3) the guidelines basis, and (4) an implementation guide. NuScale is presenting the GTGs by consolidating the content that would traditionally have been contained in Volumes 1 through 3 into a single volume. An implementation guide is not included with this current guidance, but may be developed later when a combined operating license applicant is identified.
Additionally, four events are typically described in past vendor-submitted generic technical guidance: (1) loss of coolant events, (2) steam generator tube rupture events, (3) loss of feed events, and (4) inadequate core cooling events. The NuScale generic technical guidance supports a symptom-based approach and is, therefore, not event specific.
© Copyright 20178 by NuScale Power, LLC 6
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 3.0 Methodology Technical guidance is necessary to develop the emergency operating procedures that operators use during accident conditions. Multiple inputs are evaluated to determine the appropriate mitigating strategies and actions based on plant design. The following topics are reviewed to include any assumed operator actions:
- 2. The instrumentation and controls(I&C) failure defense-in-depth analysis as described in FSAR Chapter 7
- 4. The operator actions assumed in beyond-design-basis event evaluation as described in FSAR Chapter 20
- 5. Multi-unit design considerations as described in FSAR Chapter 21
- 6. Plant technical specifications as described in Part 4 of the NuScale design certification application (DCA)
- 7. System requirements and limitations as defined in system description documents
- 8. HFE task analyses results as described in FSAR Chapter 18.4 and its associated reference Single operator errors of both omission and commission were considered and analyzed in the transient and accident analysis of FSAR Chapter 15. The NuScale design limits operator error consequences to be less severe than the worst-case component single failure. The NuScale plant is a passive design that requires no operator action for 72 hours8.333333e-4 days <br />0.02 hours <br />1.190476e-4 weeks <br />2.7396e-5 months <br /> for any design basis event. Automated actions place and maintain the unit in a safe-state for at least 72 hours8.333333e-4 days <br />0.02 hours <br />1.190476e-4 weeks <br />2.7396e-5 months <br /> after a DBE even with assumed failures. Operator actions directed by procedure make the consequences of an event less severe, but failure to take one of these actions cannot make the consequences worse than the bounding FSAR Chapter 15 analysis.
Safety analysis of DBEs are performed from event initiation until a safe, stabilized condition is reached. A safe, stabilized condition is reached when the initiating event is mitigated, the FSAR Chapter 15 acceptance criteria are met, and system parameters are trending in the favorable direction. No operator action is required to reach or maintain a safe, stabilized condition for any DBE.
Instrumentation and controls (I&C) diversity and defense-in-depth analysis documented in FSAR Chapter 7 did not result in any required operator actions.
Multiple operator errors or errors that result in common mode failures are beyond-design-basis and analyzed in the PRA.
The PRA assessment documented in FSAR Chapter 19 identified seven human actions to prevent core damage in beyond-design-basis accident sequences. These actions are listed in Section 4.4 of this report.
© Copyright 20178 by NuScale Power, LLC 7
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Additional evaluations for beyond design-basis events, performed and documented in FSAR Chapter 20, identified two human actions that would mitigate core damage once it has occurred or minimize the radioactive release. These actions are also listed in Section 4.4 of this report.
Other actions have been included within the generic technical guidelines that do not originate from analysis but are considered prudent and promote consistent operator performance. For instance, the PRA analysis only credits manual initiation of emergency core cooling system (ECCS) or containment isolation signal (CIS) when those systems fail to actuate properly. Any failed engineered safety features actuation system (ESFAS) actuation will be manually actuated to provide prudent and consistent guidance for operators.
© Copyright 20178 by NuScale Power, LLC 8
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 4.0 Procedure Development 4.1 Symptom-Based Procedures The structure of the guidelines is symptom-based. Symptom-based procedures are used to allow the operator to respond directly to the indications presented as part of the accident progression. Symptom-based procedures do not require the operator to attempt to diagnose the accident in progress. Symptom-based procedures allow the operator to respond to an event without knowledge of the initiating event or equipment status. These procedures also allow the operator to respond to unanticipated events, because they evaluate key parameters and direct actions to maintain them within the prescribed limits rather than responding in a predetermined sequence based on a diagnosed accident.
Legacy generic guidelines have included event-based descriptions. These events were based on the transient and accident analysis events and associated operator actions described in those designs Final Safety Analysis Report Chapter 15. Because the NuScale design has no FSAR Chapter 15 manual actions credited, the symptom-based approach allows for mitigating strategies to be effective with multiple failures regardless of the combination.
4.2 Critical Safety Functions The evaluation of symptoms is grouped into critical safety functions. This guidance is developed to maintain critical safety functions for the NuScale plant design. Evaluation of the NuScale design, in addition to performing a comparison with traditional light water reactor safety functions, was used to determine the appropriate NuScale safety functions. These functions are accomplished by maintaining the following, listed in order of priority:
- containment integrity
- reactivity
- core heat removal Additional safety functions are not needed due to the simplicity and reliance on passive systems in the NuScale design. For example, current fleet pressurized-water reactors (PWRs) typically have a critical safety function of maintaining a secondary heat sink.
Heat sink maintenance exists in other PWR designs because its loss can lead to core damage. Timely assessment and recovery or mitigation is critical to preventing core damage and, therefore, a separate critical safety function is warranted. The key difference is that in the NuScale design, loss of secondary heat sink, by itself, does not result in core damage. Mitigation of a complete loss of secondary heat sink has been analyzed as part of PRA and, as such, is a best estimate analysis. This analysis demonstrates that loss of secondary heat sink is mitigated passively with the reactor safety valves and heat removal through containment. The ECCS is also fully capable of removing decay heat in all required operating conditions.
RCS integrity is not a stand-alone safety function and is monitored by the core heat removal safety function since the primary actuation that mitigates a loss of RCS integrity
© Copyright 20178 by NuScale Power, LLC 9
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 is the ECCS. When the ECCS actuation valves open, a natural circulation path is created, allowing heat to be removed by the containment vessel to the ultimate heat sink.
((2(a),(c) 4.2.1 Containment Integrity ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 10
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 4.2.2 Reactivity
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 11
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 4.2.3 Core Heat Removal
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 12
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 4.3 Structure and Use The GTGs and associated basis are contained within Section 5.0 of this report. ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 13
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 14
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 15
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
Figure 4-1 Example safety function status display on the HSI
© Copyright 20178 by NuScale Power, LLC 16
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
Figure 4-2 Example safety function display on manual electronic interface
© Copyright 20178 by NuScale Power, LLC 17
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 4.4 Manual Actions There are limited operator actions required in the NuScale design. All of the analyzed operator actions are used to mitigate beyond-design-basis events. There are no operator actions credited in the evaluation of NuScale DBEs. Automated actions place and maintain the unit in a safe state for at least 72 hours after a DBE even with assumed failures. Operator errors of both omission and commission were analyzed. Operator actions directed by guidance are intended to mitigate the consequences of the event. Failure to take action cannot make the consequences more severe than the bounding FSAR Chapter 15 analysis. The I&C analysis of diversity and defense-in-depth identified no manual operator actions for a DBE. ((
}}2(a)(c)
The PRA analysis examined beyond-design-basis events that lead to core damage and identified seven human actions, including two that are important human actions (IHAs) that are highlighted in Table 4-1. A single action to mitigate large radiological releases is listed separately in Table 4-2; although it is identical to the first item listed in Table 4-1. © Copyright 20178 by NuScale Power, LLC 18
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Table 4-1 PRA credited operator actions to mitigate core damage Name Description Context CFDS-HFE-0001C-FOP-N Operator fails to unisolate and Used for LOCA-OC, SGTF, and initiate CFDS injection (IHA) transients important human action CVCS-HFE-0001C-FOP-N Operator fails to unisolate and Used for LOCA-IC, LOCA-OC initiate CVCS injection (IHA) (letdown), transients and secondary steam line break, upon failure of ECCS, and SGTF important human action CNTS-HFE-0001C-FTC-N Operator fails to isolate Backup action to MPS auto function containment failure CVCS-HFE-0002C-FOP-N Operator fails to locally Local unisolation due to lack of control unisolate and initiate CVCS from a partial loss of DC power injection ECCS-HFE-0001C-FTS-N Operator fails to open ECCS Backup action to MPS auto function valves failure EHVS-HFE-0001C-FTS-N Operator fails to start/load Backup local action to control room combustion turbine generator initiation failure during loss of offsite power ELVS-HFE-0001C-FTS-N Operator fails to start/load Backup local action to control room backup diesel generator initiation failure during loss of offsite power The important human actions of injecting water into the NuScale Power Module are successful to mitigate core damage when taken as assumed by supporting PRA analysis. When emergency makeup is initiated, the top of active fuel may be uncovered for a period of time, but peak cladding temperature remains below the temperature at which damage occurs (Reference 7.2.1, Section 19.2.5). Table 4-2 PRA credited operator actions to mitigate large radiological release Name Description Context CFDS-HFE-0001C-FOP-N Operator fails to unisolate and Used for LOCA-OC, SGTF, and initiate CFDS injection (IHA) transients important human action Additional evaluations for beyond-design-basis events, performed and documented in FSAR Chapter 20, identified the following two actions not covered in other programs that are meant to prevent core damage during an extended loss of AC power (ELAP), or to mitigate core damage and minimize the spread of radioactive release during a loss of large area (LOLA) event. © Copyright 20178 by NuScale Power, LLC 19
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Table 4-3 Operator actions described in FSAR for Chapter 20 beyond-design-basis events Name Description Context LOLA phase 2/ELAP phase 3 Add inventory to the UHS Long-term extended loss of AC power through the spent fuel pool action (> 30 days) assured makeup line LOLA phase 3 Mitigate damage to fuel in the Long-term action loss of large area to reactor vessel and radiological support a reduced emergency release - evaluate safety planning zone functions, provide a means for water spray scrubbing using fog nozzles and available water sources. Address runoff water containment issues (sandbags, dikes, etc.) Firefighting activities are not included within the generic technical guidelines and are addressed through other procedures. This practice is consistent with the current industry practice where separate fire response plans and procedures are maintained specific to each site. In addition to the actions specifically required by analysis, manual actions have been included when deemed appropriate by subject matter expert experience or to maintain consistency among mitigating strategies. For example, the PRA only assumes manual actuation of two of seven ESFAS functions. For consistent performance and standardization for operators, when any ESFAS function does not actuate as designed, the manual action is taken to actuate that function from the control room. Manual actions are prioritized based on both the time allowed to perform the action and the location where the action is taken. The allowed times are based on PRA analysis of operator actions to mitigate core damage or large radiological releases. The following examples demonstrate how this prioritization is taken into account:
- Actions in the main control room are prioritized over actions taken locally in the plant.
- Actions with the shortest analyzed time for success will be prioritized first.
Table 4-4 provides a comprehensive list of all actions determined to be included in the generic technical guidance from sources described in Tables 4-1, 4-2, 4-3, and from subject matter expert task analysis. These are grouped by critical safety function. © Copyright 20178 by NuScale Power, LLC 20
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Table 4-4 Operator actions to support critical safety functions ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 21
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 22
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 23
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 4.5 Entry Conditions ((
}}2(a),(c)
Figure 4-2 Unit overview display 4.6 Exit Conditions The generic technical guidance is intended to inform the writing of the emergency operating procedures to enable operators to mitigate accident conditions. The GTGs are exited and normal operating procedures commence when the event has been mitigated to the extent that parameters allow return to normal operation. © Copyright 20178 by NuScale Power, LLC 24
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 4.7 Setpoint Selection The listed setpoints have been derived from safety analysis (Table 7.1-4 of Reference 7.2.1), calculations, or best estimate. These final setpoints may be adjusted to reflect design changesdeviate from those listed here due to final selection of instrumentation, accuracy, and allowing appropriate time for the operator to respond. The values have been included within these guidelines to provide a reference and it is anticipated that the basis for the setpoints will remain constant.
Instrumentation requirements have been provided based on NuScale requirements, regulatory requirements, or vendor recommendations, but must be refined once the actual instrumentation is selected or purchased. Emergency procedures developed from these GTGs will need to reference the plant specific equipment values, ranges, and accuracies. 4.8 Implementation Strategy Upon meeting an entry condition as listed in section 4.5, all of the the safety function and defense-in-depth flow charts for the affected unit are entered concurrently. By design, the various flow chart analysis is completed by the human-system interface automatically more than once per second. This analysis consists of evaluating system parameters against the flow chart decision setpoints and resulting in an end point. An end point can be either the green safety function met indication and no procedure to be performed, OR a red/yellow condition in which there are applicable procedure steps to be performed. When the procedure steps have been successful, the flow chart is re-evaluated to determine the appropriate end point. Safety functions always take priority over defense-in-depth functions. The safety functions are arranged in order of importance: containment integrity, reactivity, and core heat removal. If two or more red paths exist on a single unit, then the crew starts with containment integrity then reactivity and core heat removal as actions are completed. If an operator is performing steps in a higher priority function but is waiting for an action to complete, then actions may be taken on lower level safety functions or defense-in-depth © Copyright 20178 by NuScale Power, LLC 25
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 actions until the higher level action is completed at which time the higher level priority must be addressed first. The prioritization also applies to multiple red safety functions on multiple units. The highest affected safety function on any unit would be addressed first. Red paths of the safety function occur when the unit is outside the analysis of design basis events and is in a beyond-design-basis scenario which has a very small probability of occurrence. Within each flow chart for a specific safety or defense-in-depth function, the actions are addressed in order of priority. Each chart is intended to be performed in series from left to right. If an end point is reached, only the actions listed need to be performed. The green safety function met end point has no actions. When the actions taken at an endpoint are successful, the system interface will re-evaluate the flow chart logic to automatically indicate the new endpoint state. If the emergency procedures are being implemented manually, such as when the system interface is not operating correctly, then an initial evaluation of the safety functions should be performed within a reasonable time. Follow-up evaluations would be performed at periodic intervals. Continuous evaluation of the flow charts and logic is not needed since even in beyond-design-basis events, accident progression is relatively slow. The following examples demonstrate how to apply the implementation strategy:
- 1) A single unit experiences a reactor trip and loss of coolant accident from the reactor coolant to the containment. Containment Isolation has actuated. All containment isolation valves are closed with the exception of a single valve.
The pressurizer heater breakers did not open when pressurizer level lowered below 35%. All other equipment operated as designed. The expected safety function display should be: Containment Integrity: Yellow - CI-6 Reactivity: Green Core Heat Removal: Red - HP-3 In this case, core heat removal is the highest priority since the logic has culminated in a red end point. It is only required for operators to take the actions listed in HP-3 and not to take actions in any other end point until the HP-3 actions are successful or a successive core heat removal flow chart evaluation results in an earlier end point within the decision paths. In the above example, if two containment isolation valves in the same path failed to close, the containment integrity function would have reached the Red
- CI-7 end point. Containment integrity being red would now be the highest priority. Once action has been started to address containment isolation, the operators can then take actions for core heat removal.
© Copyright 20178 by NuScale Power, LLC 26
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Reactivity in this example is green, so there are no actions that would be taken to address reactivity.
- 2) A multi-unit trip has occurred. All safety functions for each unit are green except for a red containment integrity function on Unit 1 and a red reactivity function on Unit 2. In this case, operators would address Unit 1 first since containment integrity is the highest priority safety function.
- 3) A single unit experiences a beyond-design-basis event that met the entry conditions of the generic technical guidelines. Core exit thermocouple readings exceed 700°F but are less than 1200°F. The containment integrity and reactivity safety functions status indicate green. The core heat removal end point is red HF-3. Operators are expected to take actions listed in HF-3 and no other actions listed on the core heat removal flow chart. Only when core exit thermocouple readings lower to less than 700°F and a re-evaluation of the core heat removal flow chart is performed, would different actions be performed (based on the new end point).
© Copyright 20178 by NuScale Power, LLC 27
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 5.0 Generic Technical Guidelines and Basis ((
}}2(a),(c)
The GTGs are arranged by safety function and are meant to be used by utilizing the flowchart in conjunction with the text. Each section contains a flowchart showing the functional logic and is accompanied by a narrative separated into the logic decision and endpoints. The decision points are described first for that function followed by the manual actions supporting that function. © Copyright 20178 by NuScale Power, LLC 28
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 5.1 Containment Integrity Safety Function ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 29
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 5.1.1 Containment Atmosphere Containment Atmosphere is prioritized first because the conditions that could challenge containment would only be present long after event initiation and it is addressing a precursor to containment failure. Containment atmosphere is prioritized higher than individual isolation valves because a failure of containment would result in a failure of all other containment integrity safety function success paths. ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 30
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c) 5.1.2 Containment Bypass
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 31
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 32
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
Figure 5-1 Comparison of riser level vs. average RCS temperature for bounding cases ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 33
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c) 5.1.3 Containment Isolation Signal Actuation This subfunction is intended to verify that the automatic protective action of containment isolation is complete. Containment isolation is prioritized higher than CVC isolation since the CVC valves are a subset of the containment isolation valves and would be verified
© Copyright 20178 by NuScale Power, LLC 34
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 along with all other containment isolation valves if the conditions for a containment isolation are present. ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 35
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 36
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 5.1.4 Chemical and Volume Control System Isolation Actuation CVCS Isolation is prioritized after CIS actuation since these valves represent a subset of all containment isolation valves. If a CIS actuation signal is generated, these valves are checked by CI-4 and CI-5. Only if the specific conditions requiring a less comprehensive CVCS isolation is required would the valves be assess by CV-3 and CV-4.
((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 37
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 38
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 39
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01
* ((
}}2(a),(c) 5.1.5 Primary- to- Secondary Leakage Primary-to-secondary leakage is the lowest priority subfunction. The action to isolate a small primary-to-secondary leak within the steam generator is conservative and does not constitute a loss of safety function. Large steam generator tube failures are mitigated by the low PZR level actuation setpoint and accounted for in the CIS actuation subfunction.
((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 40
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 41
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 42
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 5.2 Reactivity Safety Function ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 43
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 5.2.1 Reactor Trip System Actuation This subfunction is intented to verify that the automatic protective action of reactor trip is complete. Reactor trip completion is verified by checking that the reactor trip breakers have opened resulting in de-energization of the control rod drives and insertion of the control rods. All operator actions to attempt to shutdown the reactor are contained within this subfunction. ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 44
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 5.2.2 Reactivity Verification Reactivity verification is the lowest priority subfunction. The reactivity safety function is not jeopardized during ATWS and return to criticality events as the reactor fuel does not become damaged in these events. For this reason the reactivity safety function remains yellow if control rods are mechanically stuck or reactor power exhibits anomalous behavior. Failure of reactivity control safety systems to actuate are addressed in either the RTS actuation or dilultion isolation subfunctions.
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 45
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
Figure 5-2 ATWS response under different conditions. ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 46
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 5.2.35.2.2 Demineralized Water IsolationDilution Isolation The DWSI signal is generated by a low RCS flow or high subcritical multiplication signal.
Additionally, any time a reactor trip signal is generated, the DWS receives a pulsed actuation signal to close the two demineralized water isolation valves. The logic includes a decision point that uses indication from MPS that the DWS has been sent an actuation signal. This is unique when compared to how other checks within this document are made against a specific parameter. The basis for using this Initiate indicator is that following a reactor trip, operators are notified using the safety function checks that the DWSI has either actuated properly or not. Additionally, after a reactor trip, it allows operators to use demineralized water as an RCS makeup source without indicating a red or yellow reactivity safety function status. © Copyright 20178 by NuScale Power, LLC 47
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Within this subfunction, the isolation of CVCS on low RCS flow is prioritized above the signals that would isolate the DWS isolation valves. The basis for this is that if a CVCS isolation signal on RCS low flow is generated, the ability to add diluted water to the RCS is stopped. The DWS isolation valves interface with the CVCS such that isolating CVCS effectively stops the dilution flow path at a higher level. ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 48
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)FSAR Table 7.1-4 (Reference 7.2.1)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 49
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 50
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 51
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 52
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 53
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 5.2.3 Reactivity Verification Reactivity verification is the lowest priority subfunction. The reactivity safety function is not jeopardized during ATWS and return to criticality events as the reactor fuel does not become damaged in these events. For this reason the reactivity safety function remains yellow if control rods are mechanically stuck or reactor power exhibits anomalous behavior. Failure of reactivity control safety systems to actuate are addressed in either the RTS actuation or dilultion isolation subfunctions. ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 54
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 55
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 56
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 5.3 Core Heat Removal Safety Function ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 57
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 5.3.1 Ultimate Heat Sink Inventory The UHS inventory subfunction is the highest priority as the UHS provides the heat sink for reactor decay heat regardless of the safety system being used. Ensuring the UHS is above the minimum level for DHR and ECCS supports the lower priority subfunctions. ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 58
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 5.3.2 Fuel Clad Protection The fuel clad subfunction is prioritized after ensuring that an adequate heat sink exists.
This subfunction is intended to provide actions for conditions when the ECCS and DHRS safety systems are clearly not providing the intended cooling in accident conditions. Assuming the UHS is available and either the ECCS or DHRS system is operating, conditions are not expected to reach the identification pararmeter thresholds. ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 59
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 60
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 61
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 5.3.3 Passive Cooling
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 62
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c) 5.3.45.3.3 Emergency Core Cooling System (ECCS) & Low Temperature Overpressure Actuation
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 63
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 64
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 65
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 66
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 67
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 5.3.55.3.4 Decay Heat Removal Actuation DHRS actuation is prioritized below ECC/LTOP since at this point in the decision logic, the UHS heat sink has been verified available, no fuel clad damage is indicated, and RCS water level is sufficient that the steam generators are available as a decay heat removal path.
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 68
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 69
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 70
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 71
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 72
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 73
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 74
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 75
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) 5.3.65.3.5 Pressurizer Heater Trip Actuation If the pressurizer heaters were to become uncovered and remain energized, it is possible that the heaters could challenge the RCS pressure vessel as the heat from the heaters is transferred directly to the metal of the RCS. The heater trip is last of the heat removal subfunctions since it is designed to prevent a loss of coolant event during normal cooldown and shrink of the RCS volume. If a loss of coolant event were to occur, the event would be mitigated by ECCS which is evaluated as a higher subfunction.
This subfunction is prioritized last within the core heat removal safety function since it is intended to protect the RCS as a pressure boundary during cooldown events. If an actual loss of coolant accident occurs, the RCS pressure boundary is intentionally lost when ECC actuates. A DHRS actuation also results in a PZR heater trip actuation, so this subfunction is a direct support function to the DHRS subfunction. ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 76
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 77
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 78
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 5.4.1 Electrical ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 79
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 80
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 81
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 82
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 83
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 5.4.2 Other Defense-in-Depth Actions ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 84
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 85
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 6.0 Validation This revision of the GTGs is issued with the understanding that the selected setpoints are based on analysis and engineering judgement. Instrument selection is not complete in all cases and final instrument selection may impact the listed setpoints as tolerances and accuracy are considered. This revision of the GTGs has been incorporated into the NuScale simulator. It has undergone limited scenario testing to ensure the expected operator cues prompt operators to perform the credited actions within expected times, but is not considered to be validated. The current actions and logic have been used in simulations to provide high confidence in the mitigating strategies. The generic technical guidance provided in this document will be validated during the performance of the NuScale integrated system validation testing. An update to the generic technical guidelines will occur to document any changes resulting from the integrated system validation testing. © Copyright 20178 by NuScale Power, LLC 86
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 7.0 References 7.1 Source Documents 7.1.1 U.S. Nuclear Regulatory Commission, NRC Action Plan Developed as a Result of the TMI-2 Accident, NUREG-0660, May 1980. 7.2 Referenced Documents 7.2.1 NuScale Power Standard Plant Design Certification Application, Rev. 0. 7.2.2 U.S. Nuclear Regulatory Commission, Clarification of TMI Action Plan Requirements, NUREG-0737, November 1980. 7.2.3 U.S. Nuclear Regulatory Commission, Requirements for Emergency Response Capability, NUREG-0737, Supplement No. 1, December 1982. 7.2.4 U.S. Nuclear Regulatory Commission, Standard Review Plan, Operating and Emergency Operating Procedures, NUREG-0800, Rev. 2, Chapter 13, Section 13.5.2.1. 7.2.5 U.S. Nuclear Regulatory Commission, Guidelines for the Preparation of Emergency Operating Procedures, NUREG-0899, August 1982. 7.2.6 Combustible Gas Control, TR-0716-50424, Rev. 0. 7.2.7 Electric Power Research Institute, Severe Accident Management Guidance Technical Basis Report Volume 1: Candidate High-Level Actions and Their Effects, EPRI #1025295, EPRI, Palo Alto, CA, 2012. 7.2.8 Electric Power Research Institute, Severe Accident Management Guidance Technical Basis Report Volume 2: The Physics of Accident Progression, EPRI
#1025295, EPRI, Palo Alto, CA, 2012.
7.2.9 Electric Power Research Institute, Steam Generator Management Program: PWR Primary-to-Secondary Leak GuidelinesRevision 4, EPRI #1022832, EPRI, Palo Alto, CA, 2011. 7.2.10 Electric Power Research Institute, Hydrogen Detection in Nuclear Power Plants: Comparison of Potential, Existing, and Innovative Technologies, EPRI
#3002002107, EPRI, Palo Alto, CA, 2013.
© Copyright 20178 by NuScale Power, LLC 87
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 8.0 Appendix A - Event Progression Comparison This appendix is intended to illustrate the differences in how a loss of coolant accident, steam generator tube rupture, loss of feedwater, and inadequate core cooling are mitigated between existing PWR technology and the NuScale design. The list of actions is provided at a high level for illustrative purposes only. These compare events between the two designs for those events within the scope of design-basis events. Table 8-1 Loss of coolant accident Typical PWR Mitigating Strategy/Actions NuScale Mitigating Strategy/Actions Maximize safety injection flow into the RCS There is no injection phase Manually isolate the source of RCS leakage Containment Isolation occurs automatically Manually control RCS pressure to maintain RCS pressure control is not required. Passive subcooling cooling systems are designed so that subcooling is not jeopardized Manually control RCS inventory to maintain No additional makeup is necessary as long as subcooling the RCS leak is being captured in containment Manually perform a controlled cooldown using the DHRS passively performs cooldown within steam generators design cooldown rates Manually secure RCS recirculation pumps No recirculation pumps Manually align shutdown cooling system if RCS ECCS occurs automatically to provide additional leakage is small or has been isolated passive cooling Transition from injection to containment sump There is no injection phase and recirculation recirculation occurs naturally using the ECCS Manually alternate hot and cold leg recirculation There is no injection phase Manual actions required No manual actions required © Copyright 20178 by NuScale Power, LLC 88
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Table 8-2 Steam generator tube failure Typical PWR Mitigating Strategy/Actions NuScale Mitigating Strategy/Actions Manually confirm the affected steam generator Not required as both are isolated Manually perform a controlled cooldown using the DHRS passively performs cooldown within steam generators design cooldown rates Manually isolate the most affected steam generator Decay heat removal occurs automatically and isolates both steam generators Manually control RCS pressure to maintain RCS pressure quickly matches DHRS pressure subcooling and match steam generator pressure and effectively stops the RCS leak in the affected steam generator Manually control RCS inventory to maintain DHRS passively performs cooldown within subcooling design cooldown rates Manually secure RCS recirculation pumps as No recirculation pumps exist needed Manually align shutdown cooling system if RCS ECCS occurs automatically to provide additional leakage is small or has been isolated passive cooling if necessary Manual actions required No manual actions required Table 8-3 Loss of feedwater Typical PWR Mitigating Strategy/Actions NuScale Mitigating Strategy/Actions Manually minimize heat input to the RCS by No recirculation pumps exist securing RCS recirculation pumps Manually conserve steam generator inventory by Decay heat removal occurs automatically that isolating steam generator blowdowns isolates the inventory in both steam generators Manually regain a source of feedwater to at least Decay heat removal occurs automatically and one steam generator isolates both steam generators and retains it in the DHRS Manually control RCS pressure to maintain RCS pressure control is not required. Passive subcooling cooling systems are designed so that subcooling is not jeopardized Manually control RCS inventory to maintain No additional RCS inventory is required subcooling If feed cannot be restored, manually align injection ECCS occurs automatically to provide additional to the RCS and open PORVs for once through core passive cooling if necessary cooling Manual actions required No manual actions required © Copyright 20178 by NuScale Power, LLC 89
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Table 8-4 Inadequate core cooling/loss of forced circulation Typical PWR Mitigating Strategy/Actions NuScale Mitigating Strategy/Actions Verify natural circulation established No action, natural circulation is the normal cooling mechanism Manually perform a controlled cooldown using the DHRS passively performs cooldown within steam generators design cooldown rates Manually control RCS pressure to maintain RCS pressure control is not required. Passive subcooling cooling systems are designed so that subcooling is not jeopardized Manually control RCS inventory to maintain No additional RCS inventory is required subcooling Manually restore electrical power to de-energized No AC power is required to obtain safe AC buses shutdown conditions Manually start RCS recirculation pumps as needed No recirculation pumps exist Manually align shutdown cooling system ECCS occurs automatically to provide additional passive cooling if necessary Manual actions required No manual actions required © Copyright 20178 by NuScale Power, LLC 90
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 9.0 Appendix B - NuScale Design Severe Accident Management Guideline Development As part of development of the severe accident management guidelines, EPRI Severe Accident Management Guidance Technical Basis Report, Volume 1: Candidate High-Level Actions and Their Effects (Reference 7.2.7) was reviewed and the 20 candidate high-level actions (CHLAs) identified in the report were categorized by their applicability to the NuScale design. Given the unique design features of the NuScale Power Module, the applicability review was not limited to PWR actions only. Table 9-1 EPRI Candidate high-level action comparison to NuScale design ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 91
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c)
© Copyright 20178 by NuScale Power, LLC 92
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 93
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 10.0 Appendix C - Instrumentation Utilized in the General Technical Guidelines The following instrumentation is used as inputs to the RTS. A valid reactor trip signal is processed with two of four of the input channel parameters exceed the analytical limit setpoint. A reactor trip is the initiator for entry into the generic technical guidance. The table lists the parameter, limit, number of channels, and the actuation logic with an arrow indicating if the parameter is rising or lowering to actuate. Each of the reactor trip parameters are described in the Safety Analysis Analytical Limits Report (Reference 7.2.1, Table 7.1-4). Table 10-1 List of reactor trip parameters Parameter Analytical Limit Channels Logic High Power Range Linear Power High-1 = 25% RTP 4 2/4 High-2 = 120% RTP High Intermediate Range Log Power Rate 3 dpm 4 2/4 High Power Range Positive and Negative +/- 15% RTP/minute 4 2/4 Rate High Source Range Count Rate 5x105 cps 4 2/4 High Source Range Log Power Rate 3 dpm 4 2/4 High Range RCS Thot (NR RCS Thot) 610°F 4 2/4 High Range Containment Pressure 9.5 psia 4 2/4 High Pressurizer Pressure 2000 psia 4 2/4 Low Pressurizer Pressure 1720 psia (when Thot > 600°F) 4 2/4 Low Low Pressurizer Pressure 1600 psia 4 2/4 High Pressurizer Level 80% 4 2/4 Low Pressurizer Level 35% 4 2/4 High Main Steam Pressure 800 psia 4 2/4 Low Main Steam Pressure 300 psia 4 2/4 Low Low Main Steam Pressure 100 psia 4 2/4 High Steam Superheat (MS Temperature 150°F 4 2/4 and Pressure) Low Steam Superheat (MS Temperature 0.0°F 4 2/4 and Pressure) Low Low RCS Flow 0.0 ft3/sec 4 2/4 Low ELVS 480 VAC to EDSS Battery Actuation Delay of 60 seconds 4 2/4 Chargers High Under-the-Bioshield Temperature 250°F 4 2/4 The following parameters are used within the generic technical guidance as decision points for the operators. The parameters are arranged by safety function and, in most cases, are the same as the actuation setpoints for the associated ESFAS functions. © Copyright 20178 by NuScale Power, LLC 94
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 Table 10-2 List of general technical guidelines decision variables ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 95
NuScale Generic Technical Guidelines TR-1117-57216-NP Draft Rev. 01 ((
}}2(a),(c) © Copyright 20178 by NuScale Power, LLC 96
LO-0718-61104 : Affidavit of Zackary W. Rad, AF-0718-61106 NuScale Power, LLC 1100 NE Circle Blvd., Suite 200 Corvallis, Oregon 97330 Office 541.360-0500 Fax 541.207.3928 www.nuscalepower.com
NuScale Power, LLC AFFIDAVIT of Zackary W. Rad I, Zackary W. Rad, state as follows: (1) I am the Director of Regulatory Affairs of NuScale Power, LLC (NuScale), and as such, I have been specifically delegated the function of reviewing the information described in this Affidavit that NuScale seeks to have withheld from public disclosure, and am authorized to apply for its withholding on behalf of NuScale (2) I am knowledgeable of the criteria and procedures used by NuScale in designating information as a trade secret, privileged, or as confidential commercial or financial information. This request to withhold information from public disclosure is driven by one or more of the following: (a) The information requested to be withheld reveals distinguishing aspects of a process (or component, structure, tool, method, etc.) whose use by NuScale competitors, without a license from NuScale, would constitute a competitive economic disadvantage to NuScale. (b) The information requested to be withheld consists of supporting data, including test data, relative to a process (or component, structure, tool, method, etc.), and the application of the data secures a competitive economic advantage, as described more fully in paragraph 3 of this Affidavit. (c) Use by a competitor of the information requested to be withheld would reduce the competitors expenditure of resources, or improve its competitive position, in the design, manufacture, shipment, installation, assurance of quality, or licensing of a similar product. (d) The information requested to be withheld reveals cost or price information, production capabilities, budget levels, or commercial strategies of NuScale. (e) The information requested to be withheld consists of patentable ideas. (3) Public disclosure of the information sought to be withheld is likely to cause substantial harm to NuScales competitive position and foreclose or reduce the availability of profit-making opportunities. The accompanying attachment reveals distinguishing aspects about the process by which NuScale develops its generic technical guidelines. NuScale has performed significant research and evaluation to develop a basis for this process and has invested significant resources, including the expenditure of a considerable sum of money. The precise financial value of the information is difficult to quantify, but it is a key element of the design basis for a NuScale plant and, therefore, has substantial value to NuScale. If the information were disclosed to the public, NuScale's competitors would have access to the information without purchasing the right to use it or having been required to undertake a similar expenditure of resources. Such disclosure would constitute a misappropriation of NuScale's intellectual property, and would deprive NuScale of the opportunity to exercise its competitive advantage to seek an adequate return on its investment. (4) The information sought to be withheld is in the enclosure entitled NuScale Power, LLC Submittal of Changes to NuScale Generic Technical Guidelines, Draft Revision 1, TR-1117-57216. The enclosure contains the designation Proprietary" at the top of each page containing proprietary information. The information considered by NuScale to be proprietary is identified within double braces, "(( }}" in the document. (5) The basis for proposing that the information be withheld is that NuScale treats the information as a trade secret, privileged, or as confidential commercial or financial information. NuScale relies upon AF-0718-61106 Page 1 of 2
the exemption from disclosure set forth in the Freedom of Information Act ("FOIA"), 5 USC § 552(b)(4), as well as exemptions applicable to the NRC under 10 CFR §§ 2.390(a)(4) and 9.17(a)(4). (6) Pursuant to the provisions set forth in 10 CFR § 2.390(b)(4), the following is provided for consideration by the Commission in determining whether the information sought to be withheld from public disclosure should be withheld: (a) The information sought to be withheld is owned and has been held in confidence by NuScale. (b) The information is of a sort customarily held in confidence by NuScale and, to the best of my knowledge and belief, consistently has been held in confidence by NuScale. The procedure for approval of external release of such information typically requires review by the staff manager, project manager, chief technology officer or other equivalent authority, or the manager of the cognizant marketing function (or his delegate), for technical content, competitive effect, and determination of the accuracy of the proprietary designation. Disclosures outside NuScale are limited to regulatory bodies, customers and potential customers and their agents, suppliers, licensees, and others with a legitimate need for the information, and then only in accordance with appropriate regulatory provisions or contractual agreements to maintain confidentiality. (c) The information is being transmitted to and received by the NRC in confidence. (d) No public disclosure of the information has been made, and it is not available in public sources. All disclosures to third parties, including any required transmittals to NRC, have been made, or must be made, pursuant to regulatory provisions or contractual agreements that provide for maintenance of the information in confidence. (e) Public disclosure of the information is likely to cause substantial harm to the competitive position of NuScale, taking into account the value of the information to NuScale, the amount of effort and money expended by NuScale in developing the information, and the difficulty others would have in acquiring or duplicating the information. The information sought to be withheld is part of NuScale's technology that provides NuScale with a competitive advantage over other firms in the industry. NuScale has invested significant human and financial capital in developing this technology and NuScale believes it would be difficult for others to duplicate the technology without access to the information sought to be withheld. jury that the foregoing is true a I declare under penalty of perjury and correct. Executed on August 16, 2018 Zackary W. Rad AF-0718-61106 Page 2 of 2}}