ML19306A017
| ML19306A017 | |
| Person / Time | |
|---|---|
| Site: | Hope Creek  |
| Issue date: | 12/17/1984 |
| From: | Mittl R Public Service Enterprise Group |
| To: | Schwencer A Office of Nuclear Reactor Regulation |
| References | |
| GL-83-28, NUDOCS 8412260215 | |
| Download: ML19306A017 (28) | |
Text
. . ..- . __ _ . . . . _ _. _
,s . i P.cc Senn e
! . E'ectnc an Gas Cormpam j 80 Park Plaza, Newark, NJ 07101/ 201430-E217 MAlltNG ADDRESS / P.O. Boi 570. Newark. NJ 07101 Robert L Mitt! General Manager Nuclear Assurante and Reputation December 17, 1984 i
Director of Nuclear Reactor Regulation
~
U.S. Nuclear Regulatory Commission 7920 Norfolk Avenue
. Bethesca, Maryland 20814
'i Attention: Mr. Albert Schwencer, Chief
')j Licensing Branch 2 Division of Lict.7 sing Gentlemen:
i HOPE CREEK GENERATING STATION DOCKET EO. 50-354 RESPONSE TO NRC GENERIC LE*r'TER 83-28 Pursuant to our letter of March 30, 1984, from R. L. Mitti to A. Schwencer on the above subject, attsched is Revision 1
.to Public Service Electric and Gas Company's response for the Hope Creek Generating Station. This revision p.ovides additional information on the Post Trip Review Program description and procedtares and the Master Equipment List.
Additional information on the Equipment Classification and Vendor Interface and Post Maintenance Testing will be provided by tr? dates noted in this revision.
If you requi? e additional infonnation, do not hesitate to contact us.
Very truly you s, .
['l 1- $ [ 2 i E l I I
Attachment - Hope Creek Generating Station Response to 1 Generic Letter 83-28 Revision 1 N Energy People 8412260215 842217 ena snrru nsnnn su ___
_ caen ,,ma _ _
Mr. Albert Schwencer 2 12/17/84 C D. H. Wagner (w/ attach.)
USNRC Licensing Project Manager W. H. Bateman (w/ attach.)
USNRC Senior Resident Inspector O
OB 20 01/02C d
'l
, i _. _. _ _ . _ . _ _ __ _ .._.._. _ _ _ . . _ _ . . . . . . . . _ .
4 ATTACHMENT HOPE CREEK GENERATING STATION RESPONSE TO GENERIC LETTER 83-28 1.1 POST-TRIP REVIEW (PROGRAM DESCRIPTION AND PROCEDURE) )
Position i
Licensees and applicants shall describe their program i for ensuring that unscheduled reactor shutdowns are analyzed and that a determination is made that the plant can be restarted safely. A report describing the program for review and analysis of such unsched- ,
uled reactor shutdowns should include, as a minimum:
- 1. The criteria for determining the acceptability of l
4 restart.
- 2. The responsibilities and authorities of personnel who will perform the review and analysis of these j events.
a
- 3. The necessary qualifications and training for the responsible personnel.
- 4. The sources of plant information necessary to conduct the review and analysis. The sources of information should include the measures and equipment that provide the necessary detail ar.d type of information to reconstruct the event ac-curately and in sufficient detail for proper understar. ding. (See Action 1.2).
l 5. The methods and criteria for comparing the event information with known or expected plant behavior 4
(e.g., tnat safety-related equipment operates as required by the Technical Specifications or other perforraance specifications related to the safety function).
- 6. The criteria for determining the need f or inde-pendent assessment of an event (e.g., a case in which the cause of the event cannot i>e positively
, identified, a competent group such as the Plant i Opetations Review Committee, will be consulted prior to authorizing restart) and guidelines on ,
the preservation of physical evidence (both hard-ware and software) to support. independent analy-sic of the event.
1 l
M PB4 50/04 1-bp m.v. I
I I .
- 7. Items 1 through 6 above are considered to be the basis for the establishment of a systematic method to assess unscheduled reactor shutdowns.
The systematic safety assessment procedures com-piled from the above items, which are to be used in conducting the evalua' ion, should be in the
. report.
O
Response
- l. Operations Department procedure OP-AP.ZZ-101(O)
" Post Reactor Scram /ECCS Actuation Review and Approval Requirements" has been written (and is in draft form) to provide a systematic method for diagnosing the causes of reactor SCRAM /ECCS actuations. This procedure also establishes the >
- requirements and criteria that must be met prior j to startup following a reactor scram /ECCS actuation.
i
- a. After a reactor scram or ECCS actuation the Emergency Operating Procedures (EOPs) place the plant in a safe condition. Step 5.1.1 of OP-AP.ZZ-101(O) directs the Senior Nuclear Shift Supervisor to initiate data collection as soon as plant conditions permit.
b, These items are all covered under Section 5.3 c, (Approval Requirements for Reactor Startup d following a reactor scram /ECCS actuation),
which statos the folloeing l
5.3.1 In the event of a reacter scram /ECCS actuation, the Operations Manager shall perform the following:
- 5.3.1.1 Ensure that the cause of the scram /ECCS actuation has been clearly identified.
5.3.1.2 Ensures all major safety >
related and other equipment required to function during the event operated as anticipated or expected. j l
5.3.1.3 Evaluate the event to l determine if there are any 4
. corrective actions required l prior to reactor startup.
M P84 50/04 2-bp ,,y, y
__ __ _ , _ _ . _ . _ _ _ _ _ . . . . . _J
j
]
l 5.3.2 The Operations Manager can grant ,
approval for startup if all of the l l requiremen'a listed above are met satisfactorily. J
- 2. The responsibilities and authorities of personnel who perform the review and analysis are "
identi-
)
fied in Section 4 of SA-AP.22-002(Q), Station '
Organization and Operating Practices." Section 4.5.3 of this procedure states, "A Post Trip review shall be conducted after every reactor ,
j trip." This procedure also lists the succession ;
of responsibility for the trip evaluation process in Section 4.5.3.
- 3. The necessary qualifications and training for responsible personnel in the review process are specified in Section 5.1.3 of SA-AP.ZZ-002(Q),
" Station Personnel Qualification Requirements." '
Section 5.2 of the same procedure also requires that Attachment 1 "Verificatien of Qualification
' for Position" be maintained in file by the l Technical Engineer.
Attachments 3 and 4 of OP-AP-22-101(O) are titled 4.
" Sequence of Events Checklist," and " Sequence of Events Standards", respectively. These attach-l ments along with the sequence of events printout
- will be used to identify the sequence of events i which initiated the reactor scram and also to j identify the proper operation of all safety
) related equipment. Attachments 3 and 4 will be j developed when additional required information i i becomes available.
t A detailed report, titled " Reactor Trip Compo- '
nents and Safety Function Verification Points" has been prepared by PSEEG's Engineering Depart-ment. The repcrt identifies all events wh: ch j will initiate a reactor scram and all equi . ment associated with safety related functions which
- are required to perform durit) each trip event.
1 It consists of logic diagrams and instrument i f
I tables. It identific the number and location of 4
appropriate instruments which can be used to l
< verify that each piece of equipment has actuated j
, as required. The report will be incorporated l into the procedure as Attachment 5.
i i
~
~**V- 1 M P84 50/04 3-bp 1
- - , - - + - - , + - - - - - -a,-, , -,,-.gw% -,-m,,<- w,.,- ew--a e *w'w- --+rv>=-+er**--**--***e
- 1
- 5. Item 5 is incorporated in re ense to Item 4. ,
- 6. In case the cause of the event has not been clearly determined or e;uipment and/or systems performance is questionable an independent as-sessment will be performed by the Station Opera-tions Review Committee (SORC). These requirements
-are covered by the following steps in procedure ,
OP-AP.22-101(O): ;
5.3.3 If the cause of the event has not been l clearly determined or there is question concerning the proper perfo . nance of l equipment or systems that were required to function during the event, the Operations l Manager shall deny approval for startup :
and further investigation into the event ,
shall be performed.
l 5.3.4 The results of the investigation shall I then be presented to the SORC for thorough l review. i l
5.3.5 The SORC will perform a complete review l of the results of the investigation and make recommendations to the General Manager - Hope Creek Oper:tions on reactor startup.
5.3.6 After reviewing the event, and the recom-pendations of the SORC, and the satis-factory determination that the reactor can be restarted safely, the General Manager !
may authorize reactor startup.
SORC responsibilities are also discussed in SA-AP.22-004(O), " Station Operational Review Com-mittee." Item 5.2.1 of this procedure specifies the composition of SORC, and item 5.5.12 doc-
..e responsibility of SORC with regard to ume n'.s reactor trips or ECCS actuations.
- 7. See Items 1 through 6 above.
M P84 50/04 4-bp Rev. 1 i
- - - . . , - , . , - . . - ....-,n.- , , .
l l
l l 1.2 POST-TRIP REVIEW - DATA AND INFORMATION CAPABILITY l
Positica l
! Licensees and applicants shall have sr have planned a capability to record, recall, and a play data and in-formation t: permit diagnosing tb> causes of unsched-
- uled reactor shutdowns prior to 1. ; tart and for ascertaining the proper functioning of safety-related equipment.
Adequate data and information shall be provided to correctly diagnose the cause of unscheduled reactor shutdowns and the proper functioning of safety-related '
equipment during these events using systematic safety assessment procedures (Action 1.1). The data and in-formation shall be displayed in a form that permits ease of assimilation and analysis by persons trcined in the ose of systematic safety assessment procedures.
l A report shall be prepared which describes and justi- ,
fies the adequacy of equipment for diagnosing an un-scheduled reactor shutdown. The report shall describe as a minimum: -
- 1. Capability for assessing sequence of events (on-off indications)
(1) Brief description of equipment (e.g., plant computer, dedicated computer, strip chart)
(2) Parameters monitored (3) Time discrimination between events (4) Format for displaying data and information ,
(5) Capability for retention of data and i information (6) Power source (s) (e.g., Class IE, non-Class IE, non-interruptible)
- 2. Capability for assessing the time history of analog variables needed to determine the cause of ,
unscheduled reactor shutdowiss, and the function-ing of safety-re3ated equipment. !
(1) Brief description of equipment (e.g., plant >
- omputer, dedicated computer, strip charts)
M PB4 50/04 5-bp Rev. 1 a
t b
1 4
(2) Parameters monitored, sampling rate, and basis for selecting parameters and .
i sampling rate
(!) Duration of time history (minutes before trip and minutes after trip)
(4) Format for displaying data including scale l (readability) of time histories ;
l (5) Capability for retention of data, informa-tion, and physical evidence (both hardware 4
and software)
(6) Power source (s) (e.g. , Class IE, non-Class 4
, IE, non-interruptible) ;
- 3. o Other data a.nd inf'rmation provided to assess the cause of unscheduled reactor shutdowns.
1
- 4. Schedule for any planned changes to existing data and information capability. ,
Response -
'.. (1) Plant compater edundant Honeywell TDC4500 computer system with Honeywell 7100 remote Input / output. Information output capabilities includes CRTs and line printers. >
l (2) Parameters are identified in post trip review procedure. See response to 1.1.4.
. (3) Up to 240 sequence of events points can be col-
- lected at a maximum rate of one per millisecond
- until 52 events are collected.
I (4) Format used to display sequence of events
- includes
- a. Time - Hour, Minute, Second and Miliseconds
- b. Message ID: EVTSOE or SIMSOE where SIMSOE identifies a sequence of events which occured simultaneously with another.
- c. Point Identifier
- d. Description i
- e. Status - high/not high, trip / reset, etc. *
- f. Contact state - 1 = closed, 0 = open M P84 50/04 6-bp mav. 1
_ ,- _ _ . - _ _ _ _ - . ._ . . _ . . - - - - _ _ _ _ . . . . _ _ _ _ _ ~ _
4 1 Examples:
1 J
13:53:07----0--EVTSOE-D2113-REAC-HI-PRESS-SCRAM W--TRIP--I 13:53:07----0--SIMSOE-D2114-REAC-HI-PRESS-SCRAM-X--TRIP--I ,
3 13:53:07----2--EVTSOE-D2115-REAC-HI-PRESS-SCRAM-Y--TRIP--I (5) If the events occur at less than the maximum ,
speed, up to 52 events could be collected. Time 4
j of the event will be printed to the nearest millisecond, in their order of occurrence. If l
1 more than one event changes in the same time frame, the events will be printed in the same time in the order they were scanned. If the max-imum number of events occur and the buf fer is filled, the state of all events differing from the last detected sequential change will be
, printed.
Sequence of events will print immediately on the '
control room line printer. Sequence of events
]
4 are also retained in memory for two eight hour shifts allowing Operations personnel to print on 4 the computer room line printer or display on a control room CRT all events that have occurred during the current or past shift. Also, all se-quence of events occurring during any shift will automatically print on the computer room line l
printer at the end of the shift. ,
(6) Power source is a non-IE UPS system. ,
' 2. (1) Plant computer - redundant Honeywell TDC4500 computer system with Honeywell 7100 remote I/O.
Information output capabilities includes CRT's and line printers.
(2) The post trip log contains up to 100 variables selected from Reg. Guide 1.g' parameters sampled every 15 seconds. -
i (3) The 100 variables are sampled for 30 minutes pre l and post trip..
1 (4) Format of the Post Trip Log includes (sample printout attached):
l a. Time of trip - hour, minute, second.
- 5. Point identification and description of trip
< event.
Rev. 1 M P84 50/04 7-bp
- c. Point identification and description of collected points. -
- d. Time of collection - hour, minute, second.
- e. Value of Analog points (F9.3); contact inputs
= 1 or 0 (closed /open).
(5) When a trip is detected, the pretrip data is
" frozen" in memory and collection of the post trip data is initiated. After the post trip data is collected, a message is o put to advise the operator that the log is ready to be output.
Once output is initiated by the operator, the log will run to completion unless cancelled by the operator.
Since data collection for the post trip log is double-buffered, the data collection switches to the second buffer when the " log ready" message is output, thus 1.osing nc data. Also at this time a timeout is set up such that after a predefined length of time the log will no longer be avail-able for operator demand and the buffer will be overwritten when a second trip occurs. -
(6) Power source is a non-IE uninterruptible power system.
- 3. Control room indication and Emergency Response Facility Data Acquisition System provides additional information.
- 4. No changes anticipated.
l l
l l
M P84 50/04 8-bp Rev. 1 !
l l
2.1 ECUIPMENT CLASSIFICATION AND VENDOR INTERFACE (REACTOR TRIP SYSTEM COMPONENTS) ,
Position Licensees and applicants shall confirm that all com-ponents whose functioning is required to trip the reactor are identified as safety-related on documents, ,
procedures, and information handling systems used in ,
i the plant to control safety-related activities, in-cluding maintenance, work orders, and parte replace- '
ment. In addition, for these components, _icensees and applicants shall establish, implement, and main-tain a continuing program to ensure that vendor inf or-mation is complete, current and controlled throughout the life of the plant, and appropriately referenced or :
- incorporated in plant instructions and procedures. .
1 Vendors of these components should be contacted and en interface established. Where vendors cannot be identified, have gone out of business, or will not i supply the information, the licensee or applicant ,
shall assure that suffic4ent attention is paid to '
i eqaipment maintenance, replacement, and repair, to compensate for the lack of rendor backup, to assure ;
reactor trip system reliability. The vendor interface program shall include periodic communication with -
vendors to assure that all applicable information has been received. The program should une a system of positive feedback wit'h vendors for mailings containing technical information. This could be accomplished by licensee acknowledgement for receipt of technical mailings. The program shall also define che interf ace and division of responsibilities'among tne licensees and t!.e nuclear and non-nuclear divisions of their vendors that provide service on reactor trip system I components to assure that requisite control cf and
- applicable instructions for maintenance work are provided. f
- l Response l As described in Section 3.1.2.5 of NUREG 1000, the
, G.E. boiling water reactor trip system design differr from the PWR design.
Parameters from several BWR systems are monitored by the Reactor Protection SyJtem (RPS) and the Redundant
- Reactivity Control System (RRCS). Either or both of
- these systems can effect a reactor trip by communi-M P84 50/04 9-bp Rev. I 1
1 I
.,L..,. . . . . . . . . . _ . . - - - . - - . . . . . . - -' + - * ** -
cating a reactor trip signal to the Control Rod Drive
'CRD) system which accomplishes rapid control rod ~
insertion. ,
I The RPS is designed to initiate a reactor trip upon j sensing specific plant parameters when they exceed predetermined limits or identifying events which re- '
quire a reactor trip. The RPS receives input via four redundant and independent trip channels from various '
switches and trip units which identify that a para-mr_er has exceeded its limit or that a trip initiating event has occurred. The RPS logic decides whether or not to trip the reactor by applying a "one-out-of- l tuo-twice" criterion to the four trip channels. A l reactor trip is accomplished by deenergizing both solencids on each centrol rod drive scram valve which initiates rapid insertion of each control rod into the reactor core. In addition, an RPS trip energizes two redundant backup scram valves, either one of which effects a reactor trip by venting the instrument air header which feeds the control rod drive scram valves.
Tne RRCS is a backup system to the RPS which ir.dep'end-ently initiates a reactor trip upon sensing Rx vessel low level, Rx vessel high pressure or a manual initia-tion signal. The RRCS eff ects a scram by deenergizing two redundant Alternate Rod Insertion (ARI) valves, either one of which will vent the instrument air hea' der which feeds the control rod drive scram valves.
For all reactor trips, the rapid insertion of all control rods is accomplished hydraulically by the Hydraulic Control Units (HCU's) of the Control Rod Drive System.
Both the RPS and RRCS are designed to deenergize to trip, therefore loss of power will initiate a reactor trip. Similarly, the HCU's are designed such that loss of power or loss of instrument air will initiate a reactor trip.
PSE&G plans to comply with Section 2.1 of Generic Letter 83-28 by insuring that all components whose functioning is required to trip the reactor are identified as safety related. PSE&G will, prior to 3/85:
M P84 50/04 10-bp Rev. 1
' j (a) Identify all safety-related trip events and verify that all components whose functioning is required to sense the occurrence of a trip ~ event i and relay the information to either the RPS or l the RRCS are identified as safety related.
i (b) Verify that the RPS and RRCS have been designed !
and implemented as safety related systems and all {
active components which have been identified by
- design as required to initiate a reactor trip are
- j identified and maintained as safety relatad
- components.
1 (c) Verify that the HCU's and other active components ;
, of the CRD system which have been identified by ;
~
design as required to accomplish the rapid
, insertion of the control rods are identified and
- maintained as safety related components.
3 As the' components required to trip the reactor are ,
identified, they will be included in the Hope Creek Generating Station Master Equipment List (MEL). The
- MEL is a computerized lis't of plant components. It contains information such as: equipment identifica-1 tion, general equipment information, applicable system infcrmation, quality assurance requirements including !
safety classification, general location information, '
drawing information, purenase order references, and ;
applicable vendor technical menual numbers. Vendor ,
technical manuals are required to be submitted by pur-chase order with the procured equipment. Vendor tech- :'
nical manuals contain information concerning opera-tions and maintenance of supplied components. The technica1 manuals, in addition to other vendor sup-
' plied documentation, are tracked and controlled through a conputerized document control system which !
also lista the current revision received. This doc- ,
ument control system is being further enhanced to
- cross-reference vendor technical manuals and other applicable vendor inform.acion'to plant instructions and procedures.
. The purpose of the vendor interf ace program is' to !
ensure that current information and data will be made ,
available to those personnel responsible for develop- :
ing and maintaining. plant instructions and proce- '
dures. These-information systems and programs cur-rently exist and are capable of identifying the ind-ustry precursors that could lead to a Salem-type- .
event. It should be noted that the vendor interface !
M P84 50/04 ll-bp P
+ .. - - - - , - ,.m.. .rm,..,.,- #.. , ,,,.. . .,.m,~. - - , - . . - . . . . - _ , . - - _ _ , . , - , - - . . . - - - . , , - . _ , _
program is industry controlled and is mainly hardware oriented program that does not rely on vendor action, other than the NSSS vendor to provide information directly to utilities. Instead, the vendor interface program relies on information developed by industry experience through the INPO Significant Event Evalua-tion and Information Network (SEE-IN) and the Nuclear Plant Reliability Data System (NPRDS).
The following is supplied by G.E. to ensure vendor information to PSE&G.
(a) Safety Concerns 10CFR21 Reportino - The General Electric Company has established a reporting system to handle safety con-cerns that complies with the requirements of 10CFR21.
Urgent Communications - In addition to the 19CFR21 reports, a procedure for handling urgent communica-tions to BWR owner / operators has been established for use in providing fast notification of safety con-cerns.' These' communications are usually in the form of a stort letter which provides a brief explanation and advice or precautionary measures to be observed to avoid potential operational hazards. Due to their urgent nature, these communications are processed to operating plants by the most ef fective method (i.e.,
telex, telecopy, cable, special mail handling, etc.)
(b) Several ca.her information systems exist to pro-vide channels of communication for various types of information:
Service Information Letters (SILS) - These documents are usually brief, providing recommendations for equipment modification, plant design improvements, or changes to procedures to improve plant performance.
Service Advice Letters - These documents are issued by GE Product Departments other than the San Jose based Nuclear Energy Product Departments and are used to provide notification of prcduct problems and/or serv-ice information on a broad range of GE consumere and industrial products. Those Service Advise Letters that are recognized by the issuing product department as applying to devices used in nuclear plants are specially identified and are flagged for distribution to all nuclear plants.
M P84 50/04 12-bp Rev. 1 v ,--w- -- - - .,_ _ _ _ _
Turbine Information Letters (TILs) - TILs are issued by GE's Large Steam Turbine Generator Department to provide descriptions of product problems / improvements and to recommend modifications that will mitigate problems or improve product performance.
Operation and Maintenance Manuals - These documents are issued by all GE product departments to provide instructions for installation, operation, and main-tenance of GE designed repairable equipment and sys-tems. Final revisions to the manuals provided for the NSSS ccope of supply are delivered as contractually required, but usually are shipped at about the time of plant commercial operation.
Application Information Documents - are white papers that describe potential operating problems and provide design change or operating recommendations to mitigate or avoid them. These documents are primarily aimed at requisition plants, but are also forwardeo to operat-ing plants then they have any applicability to those plants.
Other documents are available and are as follows:
. INPO Operations and Maintenance Reports
. INPO Significant Operating Experience Reports
. INPO Significant Event Report
. NRC Generic Letters
. NRC Bulletins
. NRC Information Notices PSE&G has estabished a Response Coordinating Team (RCT) for HCGS which evaluates and processes the above information notices and correspondence.
The RCT is a multi-departmental organization comprised of Engineering, Operations, Quality Assurance, and Licensing personnel. The RCT reviews the documents listed above, transmite them to affected organiza-tions/ departments withs a "SE&G for action or incor-poration and maintains ti.e applicable records to document the disposition of said documents.
The program described above ensures that reactor trip system and other safety related system vendor informa-tion is reviewed and controlled, and will be continued throughout the life of the plant. Furthermore, it will be appropriately referenced or incorporated in plant instructions and procedures. No changes in this meth^d are planned.
M P84 50/04 13-bp Rev. 1
2.2 EQUIPMENT CLASSIF.ICATION AND VENDOR INTERFACE (PROGRAMS FOR ALL SAFETY-RELATED COMPONENTS)
~
Position Licensees and applicants shall submit, for staff review, a description of their programs for safety-related equipment classification and vendor interface as described below:
- 1. For equipment classification, licensees and applicants shall describe their program for ensuring that all components of safety-related systems necessary for accomplishing required safety functions are identified as safety-related on documents, procedures, and information handl-ing systems used in the plant to control safety-related activities, including maintenance, work orders and replacement parts. This description '
shall include:
(1) The criteria for identifying components as safety-related within systems currently classified as safety-related. This shall not be interpreted to require changes in safety classification at the systems level.
(2) A description of the information handling '
system used to identify safety-related com-ponents (e.g., computerized equipment list) ;
and the methods used for its development and validation.
(3) A description of the process by which station personnel use this information handling sys- ,
tem to determine that an activity is safety- ,
related and what procedures for maintenance, surveillance, parts replacement and other activities defined in the introduction to 10 CFR 50, Appendix B, apply to safety-related Components.
(4) A description of the management controls utilized to verify that the procedures for preparation, validation and routine utiliza-tion of the information handling system have been followed.
M P84 50/04 34-bp Rev. 1
i l
(5) A demonstration that appropriate design veri-fication and qualification testing is speci-fied for procurement of safety-related com-ponents. The specifications shall include l qualification testing for expected safety service conditions and provide support for the licensees' receipt of testing documenta-tion to support the limits of life recom-mended by the supplier.
(6) Licensees and applicants need only to submit for staff review the equipment classification program for safety-related components. Al-though not required to be submitted for staff review, your equipment classification program should also include the broader class of structures, systems, and components important to safety required by GDC-1 (defined in 10 CFR Part 50, Appendix A, " General Design Criteria, Introduction").
Response
PSE&G's program for identifying and classifying sa'fety related components is a computarized data base which will be available to Hope Creek Operations and Engi-neering organizations. The program consists of the following:
(1) Components within safety related systems are identified as safety related based on the func-tions they were designed to perform. That is, if these components were relied upon to remain func-tional during and after design basis events to ensure: (1) the integrity of the reactor coolant boundary, (2) the capability to shut down the reactor and maintain it in a safe shutdown condi-tion, and (3) the capability to prevent or mit-igate the consequences of accidents that could result in potential offsite exposures specified in regulatory requirements.
(2) The Hope Creek Generating Station Master Equip-ment List (MEL) is a computerized listing of com-ponents and their associated systems. The MEL contains information such as: component identi-fication, general component information, appli-cable system information, quality assurance i
I M P84 50/04 15-bp Rev. 1
)
requirements including safety classification, general location within the plant, drawing infor- ;
nation, purchase order information, and applice-ble vender technical manual numbers and their associated revisions.
Components are indentified and classified using design documents and vendor documents and when necessary, field verifications. ,
, (3) The Master Equipment List is being expanded into a larger data base containing: spare parts in-formation and other activities associated with normal plant operations.
(4) The MEL and the expanded MEL data base will be used by all PSE&G personnel to perform all design change, maintenance, operations and procurement activities for the life of the plant. The MEL and the expanded MEL data base will be available on remote computer terminals available to all PSEEG departments involved in plant operations.
Selective input / update capabilities are also pro-vided for and will be available through the
- remote terminals.
l (5) The MEL data will be administered by an organiza-tion within the Engineering Department. Proce-dures to update the MEL data and utilize have been developed. All information concerning com-ponents will be linked to the component identification which is unique.
4 The MEL contains quality assurance information applicable to. individual components. The quality assurance information is comprised of coded fields containing information concerning the fol-lowing: quality assurance requiremer.ts, quality group classification for mechanical components, seismic requirements, environmental qualification requirements and 10CFR21 applicability. The ex-panded MEL data base will hiso reference the i seismic and environmental qualification reports r applicable to that component, andprocurement and quality assurance requirements applicable to ;
replacement parts.
i l
M PB4 50/04 16-bp gev. 2 l
i l
Position 2.2.2 For vendor interface, licensees and applicants shall estabitsh implement, and maintain a con-t tinuing program to ensure that vendor informa-tion for safety-related components is complete, current, and controlled throughout the life of g
their plants, and appropriately referenced or incorporated in plant instructions and proce-deres. Vendors of safety-related equipment should be contacted and an interface estab-lished. Where vendors cannot be identified, have gone out of business, or will not supply information, the licensee or applicant shall assure that suf r'icient attention is paid to equipment maintenance, replacement, and repair, to compensate for the lack of vendor backup, to assure reliability commensurate with its safety function (GDC-1). The program shall be closely coupled with action 2.2.1 above (Equipment Qualif icat. ion) . The program shall include periodic communication with vendors to assure that all applicable information has been re-ceived. The program should use a system of positive feedback with vendors for mailings containing technical information. This could be accomplished by licensee acknowledgment for receipt of technical mailings. _It shall also i
define the interface and division of responsi-bilities among the licensee and the nuclear and non-nuclear divisions of their vendors that provide service on safety-related equipment to assure that requisite control of and ap'plicable instructions for maintenance work on safety-related equipment are provided.
Response
This response is cimilar to 2.1. PSE&G endorses the Nuclear Utility Task Action Committee (NUTAC) report to Item 2.2.2 concerning a Vendor Equipment Technical Information Program (VETIP).
M P84 50/04 17-bp p,y, 1 4
e w.e -y., , , . . .ns- , , -> . - -
3.1 POST-MAINTENANCE TESTING (REACTOR TRIP SYSTEM COMPONENTS)
Position The following actions are applicable to post- !
i maintenance testing: i
- 1. Licensees and applicants shall submit the results l o' their review of test and maintenance proced- l ures and Technical Specifications to assure that !
post-maintenance operability testing of safety-related components in the reactor trip system is required to be conducted and that the testing ,
demonstrates thac the equipment is capable of :
performing its safety functions before being returned to service.
- 2. Licensees and applicants shall submit the results of their check of vendor and engineering recom-mendations to ensure that any appropriate test guidance is included in the test and maintenance procedures or the Technical Specifications, where required.
- 3. Licensees and applicants shall identify, if applicable, any post-maintenance test rec,uire-ments in existing Technical Specifications which can be demonstrated to degrade ather than en-hance safety. Appropriate changes tc these test requirements, with supporting justification, shall be submitted for staff approval. (Note that action 4.5 discusses on-line system func-tional testing.)
i Response Refer to Response to 3.2 i
d M PB4 50/04 18-5p g,y, 1 I
i
~
3.2 POST-MAINTENANCE TESTING (ALL OTHER SAFETY-RELATED COMPONEATS)
Position The following actions are applicable to post-maintenance testing:
I
- 1. Licensees and applicants shall submit a report documenting the extending of test and maintenance procedures and Technical Specifications review to assure that post-maintenar, e operability testing of all safety-related equipment is required to be conducted and that the testing demonstrates that the equipment is capable of performing its safety functions before being returned to service. i
- 2. Licensees and applicants shall submit the results of their check of vendor and engineering recom-mendations to ensure that any appropriate test guidance is included in the test and maintenance
- procedures or the Technical Specifications where
~
rc;uired. .
- 3. Licensees and applicants shall identify, if applicable, any post-maintenance test require-i ments in existing Technical Specifications which ,
' are perceived to degrade rather than enhance safety. Appropriate changes to these test re-quirements, with supporting justification, shall be submitted for staff approval.
1 Response .
- 1. Station Administrative Procedure SA-AP.22-09,
" Control of Station Maintenance," designates the responsibility for ensuring that post-maintenance operability testing of safety related components is required to be conducted and that the testing ,
demonstrates that the equipment is capable of ;
performing its safety functions before being re-turned to service. Reference to this is also provided in SA-AP.22-17 " Station Safety Tagging Program: Section 5.1.6.2(a). SA-AP.22-ll, " Tech-nical Specification Surveillance Responsi-bilities," delineates Technical Specification responsibilitiec by department. All main-tenance/ testing procedures and administrative controls will be draf ted by 6/85.
I i
M P84 50/04 19-bp Rev. 1
1
- 2. An integrated Nuclear Department procedure is being prepared which will specifically address the !
review of various regulatory and vendor corres- l pondence for impact on the safe operation of' Hope Creek Generating Station. This procedure will be drafted by 6/85. In the interim, the Response Coordinating Team (RCT) as identified in response to item 2.1 enables Hope Creek Generating Station to document and track the status of action items that result from receipt of material from various regulatory agencies and vendors for inclusion into the appropriate test, operating, maintenance and administrative procedures or Technical Specifications, where required.
1
- 3. Any post-maintenance test requirements which can be demonstrated to degrade rather than enhance
- safety shall be addressed during the preparation and review of Technical Specifications. ;
e i
i i
l 1
i M P84 50/04 20-bp Rev. 1 l
)
- I 4.1 REACTOR TRIP SYSTEM RELIABILITY (VENDOR-RELATED MODIFICATIONS)
~
^
I Position All vendor-recommended reactor trip breaker modifica-tions shall be reviewed to veify that either: (1) each modification has, in fact, been implemented; or (2) a written evaluation of the techn:. cal reasons for not implementing a modification exists.
a
' For example, the modifications recommended by Westing-house in NCD-Elec-18 for the DB-50 breakers and a March 31, 1983, letter for the DS-416 breakers shall be implemented or a justification for not implementing
, shall be made available. Modifications not previously d made shall be incorporated or a written evaluation shall be provided.
Response ,
This is not applicable to a G.E. BWR design.
6 4
i a
1 i
i l
i l
1 I M P84 50/04 21-bp R*V- 1
- - - -w - -yi. -, - -.-, -.,,._.,g _, w. , . , , , , , , , , , , , . , _ , , . ,_ ,
n 4.2 REACTOR TRIP SYSTEM RELIABILITY (PREVENTATIVE i I
. MAINTENANCE AND SURVEILLANCE PROGRAM FOR REACTOR TRIP !
I BREAKERS) i Position
- Licensees and applicants snall describe their preven-tative maintenance and surveillance program to ensure i reliable reactor trip breaker operation. The program shall include the following: ,
1.- A planned program of periodic maintenance,
- including lubrication, housekeeping, and other ;
j items recommened by the equipment supplier.
! 2. Trending of parameters affecting operation and ,
' measured during testing to forecast degradation ,
of operability. ;
Life testing of the breakers (including the trip 3.
l 3
attachments) on an acceptabic sample size. -
3
- 4. Periodic replacement of breakers or components
)J consistent with demonstrated life cycles. -
4 Response-This is not applicable to a G.E. BWR design. .
l J l i !
l ?
1 .
J I
2 i
i I
. l j l i
M P84 50/04 22-bp R*v 1 l
b
_ _ _ _ . - . _ - _ . . , . . . . . - . ~ . . , . . . .,.._--..,-.--..;,,J_,'....,~,._r,... , . . . _ , , . . , . . . . - - _ . ~ . _ . , . . . . . . . .
- 7._
l s
4 e
4.3 REACTOR TRI.? SYSTEM (AUTOMATIC ACTUATION OF SHUNT TRIP ATTACHMENT FOR HESTINGHOUSE AND B&W PLANTS) l Position i
Westinghouse and B&W reactors shall be modified by :
providing automatic reactor trip system actuation of the breaker shunt trip attachments. The shunt trip attachment shall be considered safety related (Class ,
IE).
j Response 4
This is not applicable to a G.E. BWR design.
i
)
i 4
W v
I i
.s 4
M P84 50/04 23-bp Rev. 1 l
. . ._ ._.- . . . . _ _ . - . _ _ _ , _ , . _,_ ..~. . . . . - . _ _ . . _ , , . . . . . _ . . _ , _ . . . _ . . . . . . . _ , . _ . . _ _
- i 4.4 REACTOR TRIP SYSTEM RELIACILITY (IMPROVEMENTS IN MAINTENANCE AND TEST PROCEDURES FOR B&W PLANTS)
Position Licensees and applicants with B&W reactors shall apply safety-related maintenance and test procedures to the diverse reactor trip feature provided by interrupting power to control rods through the silicon controllec rectifiers.
This action shall not be interpreted to require hard-ware changes or additional environmental or 2eismic qualification of these components.
Response
This is not applicable to a G.E. BWR design.
i i
l
)
M E84 50/04 24-bp 3,y, 2 i
4.5 REACTOR TRIP SYSTEM RELIABILITY (SYSTEM FUNCTIONAL TESTING) _
Posit $on t on-line functional testing of the reactor trip system, l including independent testing of the diverse trip features, shall be performed on all plants.
- 1. The diverse trip features to be tested include ;
the breaker undervoltage and shunt trip features on Westinghouse, B&W (see Action 4.3 above) and CE plants; the circuitry used for power interrup-tion with the silicon controlled rectifiers on B&W plants (see Action 4.3 above) and CE plants; the circuitry used for power interruption with the silicon controlled rectifiers on B&W plants !
(see Action 4.4 above); and the scram pilot valve and backup scram valves (including all initiating circuitry) on GE plants.
- 2. Plants not currently designed to permit periodic on-line testing shall justify not making modifi- i cations to permit such testing. Alternatives to 1 on-line testing proposed by licensees will be ;
considered where special circumstances ex12t and where the objective of high reliablity can be met in another way.
- 3. Existing intervals for on-line functional testing ,
requireJ by Technical Specifications shall be re-viewed to determine that the intervals are con-sistent with achieving high reactor trip system availability wher accounting for considerations such as:
- 1. uncertainties in component failure rates
- 2. uncertainty in common mode failure rates
- 3. reduced redundancy during testing !
- 4. operator errors during testing
- 5. component " wear-out" caused by the testing ;
Licensees currently not performing perirdic on-line testing shall datermine appropriate test intervals as described above. Changes to exist- l ing required intervals for on-line testing l as well as the intervals to be determined by l licensees currently not performing on-line test- l ing shall be justified by information on the !
l l
M P84 50 S4 25-bp m.v. 1 l
. - _ . _. - - . = .- - - -
_ _ _ ._. _ __. __s _ .. . . _ _ . . . ..
. i O
sensitivity of reactor trip system availability to parameters such as the test intervals, compo- l nent failure rates, and common mode failure ~
rates.
i Response ,
- 1. On-line functional testing of the scram logic ,
channels shall be performed consistent with the [
requirements specified in the Technical Specifi--
cations. The backup scram valves will not be tested periodically, however, each will be inde- ,
pendently tested during each refueling outage.
- 2. Since periodic on-line functional testing of the !
reactor trip system logic will be performed as specified in 4.5.1, no alternatives to on-line testing will be required. [
r i- 3. PSEEG is partic'ipating in the BWR Owners' Group l Technical Specification Improvemenos Committee '
program. This progrtm includes develcpment of a l
methodology for application to the revicw of intervals for on-line functional testing required by Technical Specifications. A generic method-ology will be developed to show the sensitivity of system unavailability to changes in the following:
- a. Component failure rates
- b. Common mode failure rates !
- c. Reduced redundancy during testing !
- d. Human error rates during testing, and -
- e. Component " wear-out" rates caused by testing i PSE&G will then utilize the results for specific ;
application to Hope Creek Generating Station.
The schedule for the above generic approach is currently being prepared by the Technical Speci-fication Improvements Committee of the BWR j
Owners' Group.
1
)
i s' .
M P84 50/04 26-bp Rev. 1 1
__ ,_. _ __ . . . . __.-.--.,_- _ . . _ . .-..