ML19343C979
| ML19343C979 | |
| Person / Time | |
|---|---|
| Site: | Arkansas Nuclear  |
| Issue date: | 03/04/1981 |
| From: | Ditto S AFFILIATION NOT ASSIGNED |
| To: | Savio R Advisory Committee on Reactor Safeguards |
| References | |
| ACRS-CT-1323, NUDOCS 8104090015 | |
| Download: ML19343C979 (2) | |
Text
L t
cJ-13 Al
~
~
Stephen J. Ditto CONSULTING ENGINEE R - NUCLE AR RE ACTOFt SYSTEMS 3615 Cherrylog Road - Knowille,Tn 37921 (615) S46-0094 RECEIVED Ms).s$.g.c, DC hMR 91981 au 98 F g#g March 4, 1981 0
AklfgIIk1 j
8 i
t, t Dr. Richard Savio Advisory Committee on Reactor Saferuards Washington, D. C. 20555 L
Dear L r:
Dr. Kerr requested that we send him comments regardingThis the Electrical Subcommittee meetine of February 24.
letter is in response to that request.
Although the meeting presented little, if any, new infor-mation rerarding the design of the CFC, it did provide us with uo-to-date information on experience at AFO-2, come insirht into the interpretation of that experience by the operators, and an overview of the NBC staff's review plans.
My brief comments on these items are intended to present a slightly different viewpoint.
During the meeting the measurement o* prinary coolant flow was discussed briefly.
It was stated that a static flow calibration was made periodically from steam side calori-l metry and that dynamic flow calculations were made by the It CPC's usine pump speed measurements as a major input, was further stated that fiere are no installed conventional flow meters, thus the only real flow calibration occurs annually and, if in error, would quite'likely involve all We have protection channels and the control system as well. recorded It is not easy to believe that, Dersisted for some time.
in such a system, the core power is known within about 2%
as stated in the meeting and that such knowledre is independ-ently obtained from four redundant channels.
The discussion of operating experience at AU0-2 indicated that a number of " bugs" had been found in the CPC system.
It was repeatedly stated that all of the failures were " safe" Often these failures caused reactor shutdown - par-ticularly those that involved the CEAC's which are effectively ones.
in a one-of-two arranrement.
Other shutdowns were caused by 81040900 6 J*'
46 desirn shortcomines that failed to account for certain power deoendent variations.
None of these is surprising or alarmine.
What is surprisine (and could be alarmine) is that such experience mirbt be taken to indicate that the system failures are all of the " safe" kind.
While the mass of evidence points in this direction the conclusion is not justified.
It is almost surely true that, in the absence of the need for protective action, the most trouble-some failures are the " safe" ones.
It is also true that by design, safety systems are frequently super-sensitive.
However, it must be remembered that reliability (or safety effectiveness) is not achieved by increasing the number or frequency of " safe" failures but by decreasing the unsafe.
Experiencing a large number of easily detected " safe" fail-ures should not delude us into overlooking the possibility of the existence of, or potential for, serious failures of the other kind which are sometimes hard to find.
One last comment is directed at two table presented by Mr.
Corburn of AP&L.
The next to last slide presented showed hardware failures and indicated that, of 49 failures, 41 were intermittent and the causes of 16 were unknown.
It is my belief that if those intermittent ones had been of the unsafe kind most mirbt never have been detected.
Of course the duration of the failure would be a factor.
Further, the discovery of the eight "hard" failures would not have been immediate as surrested in the last slide.
The point I'm attemptine to make is that the probability and timinr of detection of a failure in a protection systep,is stronrly dependent unon the nature of the failure.
The probability of discoverine a " safe" failure alnost instantly is very nearly one.
Not so with " unsafe" failures.
The observed statistics may be telline us this.
9 S inc.erely,
/
Stephen J. Ditto Consultant cc Dr. Um, Kerr, ACRS m