Text

M181025: Scheduling Note and Slides - Briefing on Digital Instrumentation and Control (Public Meeting)
	ML18299A193
Person / Time
Issue date:	10/25/2018
From:	; NRC/SECY
To:	;
References
	M181025
	Download: ML18299A193 (62)
	v • d • e

Title:

SCHEDULING NOTE Briefing on Digital Instrumentation and Control (Public Meeting)

Purpose:

To discuss with the Commission the progress in implementing the regulatory infrastructure for digital and instrumentation control (Dl&C) systems, and industry initiatives in implementing Dl&C Scheduled:

October 25, 2018 9:00 am Duration:

Approx. 3 hours3.472222e-5 days <br />8.333333e-4 hours <br />4.960317e-6 weeks <br />1.1415e-6 months <br /> Location:

Commissioners' Conference Room, 1st Floor OWFN

Participants:

External Panel Bill Pitesa, Chief Nuclear Officer, Nuclear Energy Institute Topics:

Industry perspectives on:

o Progress on publishing and implementing guidance for digital l&C upgrades at nuclear power plants o

Planned digital l&C capital improvements at nuclear power plants o

NRC licensing and oversight of digital l&C o

Transformation Team Dl&C recommendations Frank Novak, Senior Systems Engineer, GE Hitachi Nuclear Energy, Instrumentation and Control Group; and Chair of IEEE Nuclear Power Engineering Committee (NPEC) Working Group 6.3 Topics:

IEEE perspectives on:

o Recent digital l&C upgrades at nuclear power plants o

NRC licensing of digital l&C o

NRC Transformation Team recommendations Clayton Scott, Senior Vice President - Deputy, Global l&C Business, Framatome Inc.

Topic:

Vendor's perspectives on international practices and standards, commercial grade dedication, and NRC's digital l&C platform approval process Presentation 40 mins.*

8 mins.*

1

George Romanski, Chief Scientific and Technical Advisor for Aircraft Computer Software, Federal Aviation Administration 8 mins.*

Topics:

Federal Agency's perspectives on approaches for software reliability in critical safety systems, experience in the aviation industry guidance and standards for digital l&C Digital implementation and operational experience Dr. John P. Thomas, Professor, Massachusetts Institute of Technology Topic:

8 mins.*

Subject matter experts views on addressing common cause failure hazards, addressing evolving digital technologies, and perspectives on regulatory acceptance of digital l&C Commission Q & A 50 mins.

Break NRC Staff Panel 5mins.

40 mins.*

Margaret Doane, Executive Director for Operations Ho Nieh, Director, Office of Nuclear Reactor Regulation (NRR)

Eric Benner, Director, Division of Engineering, NRR Michael Waters, Chief, Instrumentation and Control Branch, NRR Rossnyev Alvarado, Digital l&C Engineer, NRR Dinesh Taneja, Sr. Electronics Engineer, NRO Topics:

Status of Digital l&C Integrated Action Plans (SECY-16-0070) o Digital Upgrades under 10 CFR 50.59: Status of guidance development, implementation and inspection training and lessons-learned in guidance improvements o

New Licensing Approaches for Major Digital Systems: Licensing and digital l&C platform approval status and status of guidance development, and future risk-informed approaches and digital l&C categorization o Addressing Digital Common Cause Failure (CCF): Key safety and regulatory issues; NRC and industry guidance development; and graded approaches for evaluating diversity and defense-in-depth o

Broader Modernization Activities: Commercial grade dedication; risk-informing initiatives and CCF research; advanced reactor l&C framework; as well as relevant transformation team recommendations 2

~*

Commission Q & A Discussion - Wrap-Up 50 mins.

5 mins.

3

Introduction

~I Quotes from SECY 18-0060 (Transformation)

"The current staff review process is burdensome to these technologies as it drives the licensees or manufacturers to demonstrate detailed compliance with no commensurate safety improvement to the design"

"Promotes a clause-by-clause, compliance-based approach to l&C safety system reviews that is focused on component-level design rather than a more performance-based, risk informed approach that permits a broader consideration of overall plant safety and system performance" 2

Historical Performance PWR Turbine Controls 0.140

'i:"

g 0.120 a, 0.100 a,.!::!

1ii ~

a: a, 0.080

E-

~ *~ 0.060 u::,

VI -"' 0.040 C

C1I > 0.020 C1I -

0.000

Analog

Digital Historical Performance BWR Digital Feedwater 0.300

'i:"

g 0.250 QI u QI *- 0.200 a: ~

E -

~ *~ 0.150 u::,

VI ";;' 0.100 C

QI > 0.050 QI -

0.000

Analog

Digital Historical Performance BWR Turbine Controls 0.140

'i:"

"' 0.120 a, >

a, 0.100 a,.!::!

a:

a, 0.080

E -

~ *~ 0.060 u

VI -"' 0.040 C

C1I > 0.020 C1I -

0.000

Analog

Digital

Final Document Issued May 2018 Planned NRC Revision 4Q2018 Planned NRC Endorsement 2018 Awaiting EPRI Results in 2019 Awaiting EPRI Guidance in 2019 2018and Beyond

Digital Appetite

~I

Over 50 system and component upgrades planned as a result of RIS guidance Control room chiller controls, indicators and recorders Emergency Diesel Generator controls Circuit breakers and relays with embedded digital devices Main / Emergency Feedwater and Turbine controls

Utilities in discussion to implement digital upgrades to Reactor Protection and Engineered Safety Features Actuation Systems Plans subject to revision of Dl&C ISG-06 Second License Renewal providing opportunity for major capital investments 6

Goin Forward - Re ulato Guidance

While RIS 2002-22, Supplement 1 & ISG-06 Rev 2 provide near-term opportunity - long term digital solutions are still needed Policy for CCF in SECY 93-0087 (implemented in BTP 7-19) does not reflect current technology nor risk insights Current policy does not recognize:

international standards

EPRI studies

industry's design guides

digital engineering standardization initiatives

~I 9

Goin Forward - Culture

~I

SECY 18-0090 (September 2018)

"staff continues to believe that the Commission's direction in SRM-SECY-93-087 addresses CCF in digital l&C systems and provides adequate flexibility for regulatory modernization activities" "staff believes that some residual faults might remain undetected within a system and could result in hazards that can challenge plant safety" 10

Implement NRC Transformation Recommendations ftEI

Eliminate outdated regulatory guidance

Benefits and advances achieved under RIS 2002-22, Supplement 1 and ISG-06 Rev 2 should be moved into more durable regulatory guidance (Reg Guide)

Allow Alternate Standards

-- Allowing the use of international Dl&C standards will broaden available equipment resulting in a more efficient design and procurement process 11

Implement NRC Transformation Recommendations ~I

"The staff recommends changing the paradigm for licensing reviews of Dl&C systems from a strictly bottom-up approach using specific standards to a risk-informed, performance-based approach" Such an approach would enable effective, efficient, and agile use of multiple alternative standards and methods Focusing on the most safety significant issues will reduce the impact of CCF questions 12

L Future

~I Digital upgrades are paramount to the success of the nuclear industry We need tangible, useable, endorsed Digital l&C guidance for implementation of safety-related digital upgrades both under 10 CFR 50.59 and the License Amendment Request (LAR) process such that regulatory uncertainty is minimized 13

HITACHI Digital IHC Licensing and the NRC Transformation NRC Panel, October 25. 2018 Frank Novak Senior Systems Engineer

/

DutlinB

Perspectives on

Recent experience with digital IHC modifications

NRC Transformation T earn recommendations

NRC licensing of digital IHC

Status of IEEE Std 603 revision Clarification:

I chair the IEEE Working Group that is responsible for IEEE Std 603. but I do not represent IEEE.

e HITACHI Class I (Public) 2 NRC Panel ID/25/2Dl8

Recent Experience with Licensing Digital Modifications:

Before S After ISG-6 (Rev t)

Overview of product License Amendment Requests (LAR) were for different sites. but for the same product and based on the same Licensing T apical Report (L TR).

Duratian af Review af License Amendment Requests (LAR's) 3.0 Modification involves replacing a single input to the Reactor Protection System (RPS).

2.5

LAR scope increase due to ISG-06 (Rev I)

Page count: from -150 pages in 2 attachments to more than IDDD pages in 34 attachments.

GEH support: a few hundred hours to thousands of hours.

Comments on factors contributing to difficulty Increased scrutiny of software development process. which continues through Factory Acceptance Test (FAT). was a major factor.

Complying with system criteria in IEEE Standards was only a minor factor.

u, L co OJ 2.0 1.5 1.0 0.5 0.0 j

1995 2000 2005 201D Approval Date The anticipated improvements in (draft) ISG-06 Rev 2 are much appreciated.

2015 2020 e HITACHI Class I (Public) 3 NRC Panel I0/25/2DIB

Perspective on Transformation T earn Recommendation:

Alternative Standards for Digital IHC

=========-=--------

New Plant Designs Dperating._F_.le_et _____

~

System-level modifications

Transition to alternative less likely to be cost-effective.

Pre-existing design basis for lfiC is IEEE-based.

Approved software development processes (in US) tend to be IEEE-based.

General comments

Both IEEE and established alternatives lead to excellent safety and quality.

Appeal of alternatives relies on clean endorsements. leading to ease of use.

ISG-06 Rev 2 continues to be very important.

HITACHI Class I (Public) 4 NRC 0anel ID/25/2Dl8

NRC LicBnsing of Digital IHC:

Important RBlatBd lnitiativBs to ConsidBr===~-----------

I.

Transition regulatory review of software development process to NRC UA

ProposBd in SECY-18-0060 (pagB 12 6 EnclosurB 5. pagB 14).

Could BliminatB projBct-by-projBct rBviBw of softwarB dBvBlopmBnt procBss.

Should rBliBVB schBdulB prBssurB and rBducB rBgulatory uncertainty.

ISG-06 RBvision 2 is taking stBps in this dirBction.

2.

Promote harmonization of nuclear IHC standards

Industry and thB standards bodiBs alrBady support dBvBlopmBnt of harmonizBd IEEE/ IEC standards carrying "joint logos."

- Successes include IEEE/IEC standards for equipment qualification. condition monitoring. accident monitoring.

- Recent decision: pursue joint IEEE/IEC standard for safety classification.

- Fosters standardization. cost-effectiveness.

In anticipation of Bndorsing altBrnativBs. NRC should support harmonization.

e HITACHI Significant positive impact can be made without waitin for rule-making.

Class I (Public) 5 NRC Panel I0/25/2Dl8

Status of IEEE Std 603

Snapshot of current revision project

Revision started: Feb. 2Dl5.

Issuance expected: 2Dl8.

Revisions. balloting. and IEEE Review Committee approvals are complete.

Most important change: addition of a risk-based criterion for addressing Common Cause Failure (CCF).

Disposition of NRC input

NRC letter to IEEE Nuclear Power Engineering Committee (NPEC) dated May 4. 2Dl6 [MLl6117A374]

- addressed technical concerns.

New issues in SECY-18-0060 (Encl. 5) - not considered because of timing.

8 HITACHI Class I (Public)

NRC Panel ID/25/2Dl8

Summary

CausBs of rBcBnt difficulty of licBnsing DISC modifications

Scrutiny on software development - a major factor.

Concerns about IEEE standards (as raised in SECY) - only a minor factor.

PBrspBctivBs on NRC Transformation S Digital ISC LicBnsing

Processes involving alternative / harmonized standards are appealing. especially for new plant designs.

Should pursue related initiatives in parallel:

I.

Transition review of software development to NRC UA

2.

Promote IEEE/IEC harmonization

IEEE Std 603should bB issuBd soon 8 HITACHI Class I {Public}

7 NRC Panel JD/25/2Dl8

framat Digital l&C in Nuclear Briefing for the NRC October 25, 2018 Clayton Scott SVP-Deputy, Global l&C Business

Digital l&C Digital systems have been in use in all Sectors of industry including Nuclear since the 1970's Global agencies in all Sectors of industry have issued substantial guidance, information, papers, publications, studies, regulations, etc... to support understanding, implementing and operating digital control systems A large percentage of nuclear power plants both new and existing are using digital technologies both in safety related and non-safety related systems p.2 framatome

p.3 Fuqing Unit 1 and Taishan Control Room Tricon and Teleperm XS installed and many units globally meeting multiple regulatory requirements and providing safe, reliable operation framatome

New Build or Modernization - technology is technology l&C Regulation applies to both

What are we missing? - Trust in Technology

+ Some technology platforms have over 1 Billion hours of operation without failure upon demand in Safety Related systems across multiple sectors including nuclear

+ The technologies today individually and even more so once placed within a multiple channel architecture have PRA's that are 1 Q-6 to 10 more emphasis on overall PRA needs to be leveraged

+ Overall NRC movement towards risk-informed regulation, but l&C not fully aligned p.4 Technology framatome

Reliance Petroleum - Worlds Largest Control room in Sector globally 180,000 digital 1/0 Technology Trust in Technology in critical process systems - emergency shutdown systems Foxboro DCS and Tricon platforms used - S1L4 for safety critical are designed to consider failures that can impact digital, yet have demonstrated high levels of fault tolerance and high reliability - same technology supplied to nuclear power plants p.5 framatome

J Technology

Outside US - Regulation ~s based on ~AEA, ~EC, IEEE and NRC guidance - why not in the US recogn~ze gioba! standards as well -

critical to supply chain

Common Cause Fa~~ure - is not common, most or a~~ digital events evolve around m~s~nterpretation of functional requkements or building of appi~cation code, not fai~ure-of the code itseff or even the hardware supporting the app~~cation as ~n -most safety or safety critical app!~caUons redundancy and in some cases triplications are in place *

Diverse Technologies in place globally p.6 framatome

Regulation Need to expedrne Regu!atorry change to a~!ow for modernization New guidance should be structured to benefn from the technologica!.

advantages of dig~tai platforms to make plants.safer arnd more reliable

+ Less risk of trip

+ less risk of entering LCO

. industry core knowiedgei des~gn processes weU advanced~ being implemented. in digital design process, NR.C regu!atorry focus shou!d be on the final outcome of plant designs and thek ~mpact on safety~ not

.

on trying to specifyi or detail desigrn processes used. by ut!lities

/

framatome

Regulation.

NRC not ieveragirng industry (EPR!) and internaUonal data, standards, and practices and incorporating these ~nto the NRC regulatory framework

NRC ~&C staff should cons~der incorporating risk k~s~ghts into i&C regulations

+ Too much emphasis is being placed on the software life cycle

+ Nuclear and other industry data show !&C systems are not the dominant contributors to failure, and the !&C failure rates are negligible when compared to the plant pr~cess systems they interface with

/ '

p.8 framatome r

Future Digital upgrades-are_a*necessity to sustain long term, efficient and safe operation of the plants both new and old.. Regulatory positions* for all upgrades need to-be useable and positioned so that there is minimal uncerl~inty allowing utilities to support -their fleet safely into the future p.9.

framatome

p. 10 framatome

l'lil Massachusetts Institute of Technology Digital l&C Lessons learned across industries Dr. John Thomas MIT Experiences across industries (Automotive, Aviation, Space Systems, Chemical, Oil & Gas, Nuclear Power, Defense, Healthcare, Medical Devices, Weapon Systems, etc.)

Accidents causes are changing Non-failure accidents Component failure accidents 1970s Non-failure accidents Component failure accidents Today

Barrier: requirements

"The hardest single part of building a software system is deciding precisely what to build."

-- Fred Brooks, The Mythical Man-Month

Most software-related accidents have been traced to flaws in the requirements (Leveson, 2004) (Endres et al., 2003)(Lutz et al., 1993)

As is well known to softWare engineers~ by far the largest class of problems arises from errors made in the eliciting~

recorcling~ and analysis of requirementsn (Jackson et al., 2007) 3

Insight from Automotive 11ln my experience the requirements are much more important than* preventing hard.ware failures.

recalls are rarely due to component failures, typically it's due to missed requirements, requirements never verified, or missed interaction

with sup.plier."

Joseph Miller 4

H PCI Flow Control System System Initiation Signals (Open Steam Admission Valve &

Process Valves)

1. Low Reactor Level (-48")

2. High Drywell Pressure* (HPCI only; +2 psig) i * * * * * * * * * * * * * *

Operator Interaction HPCI/RCIC Flow Control System System Isolation Signals (Trip Turbine & Close Process Valves)

1. High Steam Line Flow

2. High Area Temperature

3. Low Steam Line Pressure (HPCI only)

4. Low Reactor Pressure (RCIC only)

5. Manual Trip/

System Initiation Signal Throttle Admission Valve Valve Turbine Trip Signals (Close TripfThrottle Valve)

1. Any system isolation signal

2. High Steam Exhaust Pressure (150 psi)

3. High Reactor Level (+46")

4. Low pump suction pressure (15" Hg)

5. Turbine overspeed

6. Manual (local or remote)

Operating Experience (No Component Failures) 2~0 120%

2200 Governor 2000 r

Valve 100%

1800

\\ I

1 C:

1600 80%

0

\\

~

"'C Ill QJ 1~0 QJ

\\

0 ci.

a.

V, 1200 QJ C: *-

.c 1000 I..

~

800 600 400 200 Turbine Speed I.

I

\\. I

\\

\\.

I Reset Setpoint I

.J, QJ 60% >

~

I..

0 C:

40%

QJ >

0 C,

200.k 0

~

L. -. - --. -. -. -. - --. -. -. -. -. -. -. -. -

0%

0 0

R R

R 0

0

!=?

R 0

0 0

0 R

0

!=?

0

!=?

R R

!=?

R VJ VJ VJ -

VJ - - - -

Time

Operating Experience (No Component Fa i I u res) 2~0 1~%

~o

/

I 100%

2000

\\

1aoo I System Enable 80%

"Trip" Signal (17%)

1600 I I Setpoint

"'C QJ 1~0 QJ Q.

C:

0 *-..,

0

~

QJ 60%.2 V,

1~0 System QJ

~

' 1 0

C:

Initiation C:

Signal {0%)

-P.----*

..c 1000

~

Actual Response 40%

QJ

s 0

I-Nonnal Start CJ 800 I..

_

Gov Valve Position 600

. \\

400 f----4 Reset I

20%

Setpoint I

I 200 0

0%

0 0

0

~

0 0

0

~

~ N N

c.>

w c.>

w * * *

0 en

()0 0

(J) 00 0

en 00 0

tJ

en 00 0

tJ

en Time

Blind test of STPA I

Select 1 Controller I

(MCR/RSP)

System I

t Flow Rate

To Reactor I

I I

I t

I I

t I

I I

t t

Operator I

t I Set Desired I

Adjust Select Auto I

I t

Flow Rate I

or Manual I

I Flow I

I t

(Auto)

I (Manual)

I I

I t

t t

t Process Model System I

I Flow I

I Rate I

I t

Desired Speed Plant Conditions Flow Control System Process Model Turbine Speed I

Valve I

I I

Open/Close I

System Initiation Signal I

Position I

I Commands System 1 Enable :

I

o Magnetic PickUp I

I I

I I *---

I I

Actuator From Torus or

--+--- Condensate Storage Tank Trip/

Throttle Valve I

I I

I t

t t -----

Steam Admission Valve From Main Steam Controlled Process

Blind test: STPA identified the problem Hazard: Equipment Operated Beyond Limits (H3)

Controller: HPCI-RCIC Flow Control System Hazardous Control Action No. 2: "Increase governor valve position" command is provided when:

there is an accident and turbine speed is too high, regardless of system flow Inadequate, Missing or Delayed Feedback Enable signal sent to controller before there is a valid demand on HPCI/RCIC enable provided when steam admission valve is not open (broken or misaligned LS) steam admission valve commanded open when there is no demand on HPCI/RCIC (spurious ESFAS signal) enable provided when steam admission valve is opened, but too late (misaligned LS or LS setpoint too high) steam admission valve commanded open too late when there is a demand on HPCI/RCIC (ESFAS delay)

HPCI/RCIC pump flow rate signal to controller is missing, delayed, incorrect, too infrequent, or has inadequate resolution Signal corrupted during transmission sensor failure sensor design flaw sensor operates correctly but actual flow rate is outside sensor's operating range fluid type is not as expected (water vs. steam?)

Governor valve position signal to controller is missing, delayed, incorrect, too infrequent, or has inadequate resolution Problems with communication path actual position is beyond sensor's range sensor reports actuator position and it doesn't match valve position

Industry standards to solve this problem

ISO/PAS 21448: Safety of the Intended Functionality (SOTIF)

STPA used assess safety of digital systems _

ASTM WK60748

"Standard Guide for Application of STPA to Aircraft"

SAE AIR6913

"Using STPA during Development and Safety Assessment of Civil Aircraft"

RTCA D0-356A

"Airworthiness Security Methods and Considerations"

STPA-sec used for cybersecurity of digital systems

SAE JXXXX

"Recommended Practice for STPA in Automotive Safety Critical Systems" (Last Slide)

7 U.S.NRC United Stares Nuclear Regulatory Comm ission Protecting People and the Environment BRIEFING ON DIGITAL INSTRUMENTATION AND CONTROL Commission Meeting October 25, 2018

Speakers

Margaret Doane, Executive Director for Operations

Ho Nieh, Director, Office of Nuclear Reactor Regulation {NRR)

Eric Benner, Director, Division of Engineering {DE), NRR

Rossnyev Alvarado, Electronics Engineer, Instrumentation and Control Branch B, NRR/DE

Michael Waters, Chief, Instrumentation and Control Branch B, NRR/DE

Dinesh Taneja, Sr. Electronics Engineer, Instrumentation and Control Branch A, NRR/DE 2

Significantly Modernizing our

Digital l&C Infrastructure

Making real progress, in terms of flexibility and external engagement

Considering experiences, internal and external to NRC

Embracing a vision that safely enables new technologies and innovation Shippingport Control Room - 1957 NuScale Control Room Simulator 3

Focused on the Most Significant Regulatory Challenges

Addressing near-term challenges identified by external stakeholders Clarify common cause failure {CCF) expectations.

Clarify and expand use of 10 CFR 50.59 Improve licensing-and certification processes Clarify commercial grade dedication expectations

Identifying broader improvements to modernize the regulatory infrastructure Leverage international and non-nuclear approaches

_- Expand use of risk information 4

The IAP Implements Commission Direction and Stakeholder Priorities

*. Enable performance-based and*

technology neutral approaches

Use same re.gulations for new and operating reactors, with tailored

guidance if necessary.

Ensure co,mmon.understanding with

. stakeholders on challenges, priorities, and potential solutions 5

Recent Accomplishments Enabled

. by Changes in our Approach

Self-critical assessment of NRC practices:

. - Implementation of Commission* policy on CCF

Creating support networks to ensure/ effective implementation of new guidance:

- RIS 2002-22, Supplement 1

*

Revisiting what information is necessary to make a regulatory decision:

- Operating Reactor License Amendments (ISG-06)

- New Reactor Design Certification (NuScale DSRS) 6

Clarifying CCF Expectations

Evaluated:

- Policy in SRM-SECY-93-087

- Feedback from industry

- Lessons learned from regulatory reviews

Concluded:

- Current policy adequate and supports near-term improvements (i.e., graded approach, alternative standards, alternative methods of diverse actuation)

- Implementation has been inconsistent and, in specific cases, overly restrictive ~

SECY 18-0090:.

- Documents staff evaluation and identifies guiding principle~ to improve policy implementation 7

SECY 18-0090 Guiding Principles

Continue to address CCF

Diversity and Defense-in-Depth analysis typically warranted, but can be:

- Best estimate or design basis

- Graded commensurate with safety significance &

may not be necessary for low safety significance

Alternate means to accomplish safety function acceptable:

-

Non-safety or safety-related

- Manual or automatic

- Mitigation of consequences through other means

Justification for defensive measures can be commensurate with safety sfgnificance

8

Clarifying and Expanding the use of 10 CFR 50.59

Operating reactors seek to implement majority of upgrades under 10 CFR 50.59

RIS 2002-22, Supplement 1

- Focused on lower safety significance l&C systems

- Clarifies appropriate use of qualitative factors when performing 1 o. CFR 50.59 evaluations

Appendix D to NEI 96-07

- Addresses all l&C systems

- Includes improved 50.59 screening guidance.

L 9

Demonstrated Improvement in Recent Licensing and Certification Actions

Hope Creek PRNMS

NuScale Design Certification

~

~

..,...-i,IT"'"='~'11"10

APR-1400 Design 1

Approval

Vogtle Unit 3&4 Amendments

MIT Nuclear Safety System Purdue-1 Digital l&C System

Purdue l&C System Upgrade 10

Improving the Licensing Process

Operating reactor licensees seek to obtain regulatory approval before making significant capital investment

Revising ISG-06 to:

- Provide alternate review process for earlier approval of digital systems

- Clarify information needed to initiate regulatory review

- Incorporate other lessons learned from operating and new reactor reviews 11

Licensing Processes Comparison Timeline (not to scale) 7 Traditional Process

t-NRC Decision on LAR I

I LA R Submitted.+I NRCReviewandAudits I

(Phase 1 Information)

I I

Licensee Activities Concepts Initial System and Pre-application

Design, Meetings Planning II Phase 2 Supplemental 1

1 Information I

I Detailed HW & SW Design and Fabrication I

I I

Implementation, Software V&V, and Factory Testing NRC Regional Inspection Processes Installation and Site Acceptance Testing Alternate Review Process *~-----* ~ NRC Decision on LAR I

I..--

I I

NRCVendor NRC Regional Inspection LAR Submitted 71 NRCRevlewandAudits I Inspection Processes Processes All Information I

I I

I 12

Clarifying Commercial. Grade Dedication Expectations

-Vendors seek to demonstrate achievement, of domestic nuclear*

safety standards through international safety certi'fication

Will expand the number of systems and components available for use by domestic licensees

EPRI currently developing process which NEI will submit for NRC review 13

Continuing to Identify Broader Improvements to Modernize the

Regulatory Infrastructure

Evaluating international and non-nuclear approaches to identify best practices

Expanding use of higher level design principles applied in NuScale to improve advanced reactor reviews

Engaging industry to iden.tify alternative standards they are most interested in u.sing

. Evaluating broader use of risk-information in licensing, certification and oversight 14

Making Progress on Achieving an Efficient and Effective Digital l&C

Framework

Continue our efforts to modernize our decisio*n making in the use of Dl&C systems

Continue to effectively communicate with all stakeholders to understand their challenges, priorities, and potential solutions

Continue to transform with risk-informed and innovative approaches 15

Acronyms APR....: Advanced Power Reactor BTP - Branch Technical Position CCF...:. Common Cause Failure CFR - Code of Federal Regulations D3 - Diversity and Defense-in-Depth Dl&C - Digital Instrumentation and Control DSRS - Design Specific Review Standard ESFAS - Engineered Safety Actuation System FPGA - Field Programmable Gate Array HW - Hardware IAP - Integrated Action Plan l&C-Instrumentation and Control IEEE - Institute of Electrical and Electronics *.

Engineers IEC - International Electrotechnical Commission ISG - Interim Staff Guidance LA - License Amendment LAR - License Amendment Request MIT - Massachusetts Institute of Technology NEI - Nuclear Energy Institute PRNMS - Power Range Neutron Monitoring System QA - Quality Assurance RIS - Regulatory Issue Summary RPS - Reactor Protections System SIL-Safety Integrity Level SW - Software V & V - Verification and Validation 16

ML18299A193

Text

Purpose:

Participants:

Navigation menu

Search