ML20055D356
| ML20055D356 | |
| Person / Time | |
|---|---|
| Issue date: | 06/20/1990 |
| From: | Kenyon T Office of Nuclear Reactor Regulation |
| To: | Office of Nuclear Reactor Regulation |
| References | |
| PROJECT-669A NUDOCS 9007060224 | |
| Download: ML20055D356 (80) | |
Text
..
June 20,1990 o,
Project No. 669 APPLICANT:
Electric Power Research Institute PROJECT:
ALWR Recuirements Document
SUBJECT:
SUMMARY
OF MEETING TO DISCUSS CHAPTER 10 0F THE EPRI ALWR REQUIREMENTS DOCUMENT On December 6,1989, representatives from the NRC and EPRI ret to discuss the contents of Chapter 10 of the EPRI ALWR Requirements Docunent.
- Man-Machine Interface Systems". Enclosure 1 is the list of attendees. is a copy of the slides presented during the netting.
During the meeting, EPRI discussed their general philosophy in the development of the document. The applicant indicated they intend to use modern technology to deal with existing problems in currently operating reactors.
The staff expressed concern that it felt that more detail should be provided in Chapter 10. At the close of the meeting, the staff indicated it would review Chapter 10 to determine if the design criteria met the NRC's regulations and would provide reconmendations for additional criteria in those areas where the staff felt the regulations are imprecise.
/s/
Thomas J. Kenyon, Project Manager Standardization Project Directorate Division of Reactor Projects - III, IV, V, and Special Projects
Enclosures:
As stated cc: See next page
(
)lSTRIBUT!0N:
- entral me,
NRC'PDR
FMiraglia JPartlow PDS Peading TKenyon 0GC EJordan NRC Participants ACRS (10)
PShea IDh P[ S:
P D:PDS PS a T
n:cw CMiller Dl 06
/90 06/ /90 06/tcV90 MTG
SUMMARY
.ON EPRI CH 10 0007060224 900620 pa 10rne e m m
Y0os uog'o UNITED STATES
['
,#r Ig NUCLEAR REGULATORY COMMISSION e
I WASHINGTON. D. C. 205%
g, g
/
June 20,1990 Project No. 669 APPLICANT:
Electric Power Research Institute PROJECT:
ALWR Requirements Docurient
SUBJECT:
SUMMARY
OF MEETIt:G TO DISCUSS CHAPTER 10 0F THE EPRI ALWR REQUIREMENTS DOCUMENT On December 6,1989, representatives from the NRC and EPRI met to discuss the contents of Chapter 10 of the EPRI ALWR Requirenents Docunent,
" Man-Machine Interf ace Systems *. Enclosure 1 is the list of attendees, r is a copy of the slides presented during the meeting, During the meeting, EPRI discussed their general philosophy in the developnent of the docunent.
The arpitcant inoicated they intend to use modern technology to deal with existing problems in currently operating reactors.
The staff expressed concern that it felt that more detail should be provided in Chapter 10. At the close of the meeting, the staff indicated it would i
review Chapter 10 to determine if the design criteria met the NRC's regulations and would provide recommendations for additional criteria in those areas where the staff felt the regulations are imprecise.
l c.-
Thomas J. Kenyon, Project Manager Standardization Project Directorate Division of Reactor Projects - III, IV, V, and Special Projects
Enclosures:
As stated cc w/ enclosures:
See next page 4
r-u.
c Project No. 669 EPRI ALWR Utility Steering Coneittee cc: Mr. E. E tintner, Chairr.an Advanced Light Water Reactor Steering Committee GPV Nuclear Corporation 100 Interpace Parkway Parsippany, New Jersery 07054 Nr. John DeVine, Jr.
Nuclear Power Division Electric Power Research Institute P.O. Box 10412 Palo Alto, CA 94303 I
i i
l l
t-
Meetina Attendees DeceE5er);^1989' Nane OrSanization T. J. Kenyon NRC/NRR/PDSLE B. T. Mendelsohn NRC/NRR/RSGB Jim Stewart NRC/NRR/ DST /SICB Rich Correia NRC/NRR/DLPQ/HFAB Scott Newberry NRC/NRR/ DST /SICB Ed Rumble SAIC-ALWR Program Dwight Harrison MPR Associates Robert M. Carritte MPR Associates Jim Lazevnick NRC/NRR/SELB Ray Ets Smartwane Assoc /
I&CB Consultant Paul Eshleman SIC / ESSA Contractor Jim Leivo Contractor to SICB J. H. Baek Kopec (:,vrea Power Engineering Company)
Kris Parcrewski NRC/NRR/EMCB Mauro Ghiri ENEL (Entenazionale Energia Electircal)-Italy Roy Woods NRC/RES/DSIR/PPS!B D. L. Boesdekas NRC/RES/DSIR/PPSIB Brad Hardin NRC/RES/DRA/ARGIB A1 Ostenso SLI Chpt. 10 Preparation John Trotter Grove Engr./EPRI George Schwenk NRC/NRR/SRXB Jim Martin NRR/PRAB Jerry Wachtel NRC/RES/DSR/HFB i
L Tom Fukushina S. Levy Inc. Chap 10 Section 6 Presenter l
i t
_7 L
l l
l l
i THE ADVANCED
~
l LIGHT WATER REACTOR l
PROGRAM l
l L
Chapter 10 i
Man-Machine Interface Systems Presentation to the USNRC 1
December 6,1989 Rockville, Maryland 4
.m._,.__
[
i Chapter 10 Meeting Agenda j
December 6,1989 1:00 - 5:00 PM Approximate Toole Auration/ Mins.
Presenter Introduction and Background 20 Gary Vine /EPRI M MIS Overview and Main Control Room 50 Ed Rumble /SAIC '.
l Key Requirements 30 Dwight Harrison /MPR Break 10 l
Control Station Requirements 20 Dwight Harrison /MPR l
Data Gathering, Transmission, 20 Al Ostenso/SLI and Processing Requirements l
- Hardware, Software and Control 20 Tom Fukushima/SLI j.
Requirements System Specific Requirements 15 Dwight Harrison /MPR Summary and Discussion Open Gary Vine /Ed Rumble P
e I
i
. Utility /EPRI l
i 1
1 5
i t
[
CHAPTER 10 i
1 MAN-MACHINE INTERFACE SYSTEMS 1
4 I
Introduction and Background 4
I t
i Y
\\'
1 Advanced LWR Program ]
[
WRC 12/89-1 l
l i
i t
~...
~
?
Utility /EPRI ALWR Design Principles 1
ALWR Utility Steering Committee has established the following as key technical principles to guide the design of any ALWR
.j l
h Highest attention to nuclear safety Simplicity - to enhance safety, constructibility, operations and i
maintenance Margin - a rugged, forgiving plant Proven technology - relic ce on demonstrated success paths Human factors - attention to man-machine interiace in every l
aspect of the design I
Adv'anced LWR Program NFIC 12/89-2 I
l
Utility /EPRI ALWR Program Approach Ensure Utility focus, leadership i
l l
Examine experience, build on success Create broad-based, construcGve technical interactions l
among:
- Utilities around the world t
- U.S. Department of Energy
- U.S. Nuclear Regulatory Commission
- NSSS vendors and architect-engineers Establish a sensible starting point for standardization i
Advanced LWR Program nnc,2:e,.,
i
y J..
~~
Utility /EPRI Evolutionary and Passive Concepts Two concepts are being developed:
Evolutionary ALWR
- A simple, rugged and reliable advancement of today's LWR designs, using conventional safety system concepts Passive Plant
- A greatly simplified ALWR which employs primarily passive means for accident prevention and mitigation
- Advinced LWR Prograin NilC 1229-4
~.,
~
Utility /EPRI L
L The Evolutionary ALWR Concept
- PWR or BWR, higher rated plant (1100-1300 MWe)
- Substantialimprovements in safety, simplification, margin, 4
- Extensive application of lessons learned in existing plants j
- Utilizes conventional safety systems concepts
- Employs advanced control. systems i
- A direct descendent of today's LWRs l
f Advanced LWR Program NRC 12/89 5
~
c Utility /EPRI The: Passive ALWR Plant Concept:
PWR or BWR, reference size 600 MWe Utilizes primarily passive means (gravity, natural circulation, stored energy) for accident prevention and mitigation Keeps core protected without operator action for about 3 days Greatly simplified compared to existing plants Can be constructed in three years, with extensive modularization, prefabrication Adv' nced LWR Program '
a flRC 12/89 6
e _'
z -
-w
+
Aw a
Utility /EPRI 4
E 9
The ALWR Requirements Document Establishes top-tier, functional and' system / component design requirements for
- evolutionary and passive plants
- PWR and BWR, entire plant Incorporates resolutions of generic safety issues and optimization issues Reflects industry and NRC consensus on principal safety, performance and design requirements for the ALWR j
i i
j Advbnced LWR Program NRC 12/89-7
~
l
~,
.w...
.i Utility /EPRI~
m ALWR REQUIREMENTS DOCUMENT STRUCTURE d
l VOLUME I-ALWR TOP-TIER REOUIREMENTS l
j EXECUTIVE
SUMMARY
ALWR POLICIES ALWR KEY REQUIREMENTS 1
VOLUME 111 - PASSIVE PLANT i
ALWR REQUIREMENTS l
CHAPTER 1:
VOLUME II-EVOLUTIONARY PLANT OVERALL PERFORMANCE ALWR REQUIREMENTS AND DESIGN REQUIREMENTS FOR PASSIVE ALWR i
CHAPTER 1:
OVERALL PERFORMANCE PLANTS i
AND DESIGN REQUIREMENTS CHAPTER 2-13: REQUIREMENTS FOR l
FOR EVOLUTIONARY ALWR SYSTEMS AND STRUCTURES l
PLANTS I
CHAPTER 2-13: REQUIREMENTS FOR SYSTEMS AND STRUCTURES l
Advanced LWR Program
[
tJRC 12/89-8 i
L Utility /EPRI l
Requirements Document Status i
jj For the Evolutionary Plant (RD Volume ll):
Thirteen (13) chapters completed, approved by USC, 1
submitted to NRC.
j Man-Machine interface Systems (Chapter 10) completed j
in October 1989 NRC draft SERs in hand for the first four chapters l
The final version, called the Rollup Document, will be completed and issued by April 1990 l
l i
5
-l Adianced LWR Program NRC 12/89-9
~
x
~
Utility /EPRI-1 Requirements Document Status i
1 Passive Plant Requirements (RD Volume Ill):
l First set of chapters on Reactor and Safety Systems in process; scheduled for completion in late 1989 Remainder of chapters to follow; completion by mW 1990 l
l l
l l
l
'i Advanced LWR Program NRC 12/8910
-. ~
l..
s t.
h)
'1
-4 WDR AssdCd'T5 T tCO.3l *26 07/10/09 Y
d APPENDIX A - DEFINITIONS OF INTRODUCTION TERWS AND ACRONYWS I
APPENDIX B - GENERIC SAFE" AND UCENSING ISSUES
(.
APPENDIX C - OFTlWIZATION ISSUE PAPERS -
S OEUECTNES t
AND POUCY l'
u i
l E
KEY REOUIREWENTS t-NIECMTED M-MtS REQUIREMENTS r--------------
7';
l l
c l
I l
-l d b
DATA GATHERING, b ' COWWON SOFTWARE.
I l'
. CONTROL STATION TRANSWIS$10N, AND HARDWARE. AND I
REOUIREWENTS
[
l.
PROCESSING REOUIREMENTS CONTROL REOUIREMENTS l
I l
t_______________________________J i
I S
M_WIS REQlMRtMENTS FOR SPECtRC_ PLANT S15_7E_MS
(
l-
.I LlL I
I l
l E OVERALL PLANT, b
REACTOR UPOWER GC1ERATION
$ AUX)UARY AND l-REACTOR. AND REACTOR PROTECTION AND AND E1 TUR81NE-PLANT SUPPORT
_ l COOLANT SYSTEMS SAFETY SYSTEMS GENEAATOR 51 STEWS SERYlCES SYSTEWS -
l
- _ _e
. l-I L _
._. J l'
l CHKPTER 10 ORGANIZATION AND STRUCTURE 1
l l'
I,
4 Utility /EPRI i
Background Information r
Long time to complete - fresh approach exploit modern technology i
deal with existing problems i
standardize approach Modular Chapter 6 of 10 sections applicable to both Evolutionary and l
Passive designs 4 sections will require changes only to reflect specific differences between plant system Involvement of International Partners j
off-shore experience with modern technology l
ALWR M-MIS requirements will be challenging to NSSS vendors and taxing of industry resources Advanced LWR Program NRC 12/89-11
. m,
Utility /EPHI t
Chapter 10 Man-Machine;lnterface Systems 1
i l
i 1
Discussion of Ocquirements l
Adva' riced LWR' Program l
tJRC 12/89-73
.~.
-a
Utility /EPRI i
ALWR.M-MIS Requirements Overview Section 2 Obiectives and Policy Objectives M-MIS Systems approach
}:
Design process Reliability inherent in design
,1 Testing of M-MIS Systems Proven technology and cost-Operating staff, human factors and automation i
Main Control Room Other control and monitoring stations
)
Protection from obsoles~cence Regulatory. stabilization Adviticed LWR Program l
NRC 12/99-12 l
1 a,.
~,.,
,n..
-.s
1 Utility /EPRI.
] }
Objectives a
l a
Utilization of Operators 1
explicitly included operators in design f
t recognize operator capabilities and limitations Coordination with overall plant design iteration in the design process interaction _among M-MIS, plant systems and civil-structural designers Consistent integrated design High reliability i
highly reliable components and equipment well analyzed and tested failures not able to propagate designed for maintenance 1
Adianced LWR Program i
j NRC 12/89-13
+...
Utility /EPRI j
~l Overview Instrumentation. Control and Protection Systems - Systems l
Approach l
Will employ modern digital technology to provide high accuracy, increase reliability, reduce drift and reduce the calibration burden Provide robust. system design, including segmentation of major functions, separation of redundant equipment within a segment, 1
and high levels of fault tolerance.
Propagation of failures between segments will be prevented Utilize signal validation to assure high quality data and enhance reliability -
Multiplexing will be used for any function, including safety, where cost and simplicity warrant its use Fiber optics will be used to provide high data transmission rate with electrical isolation and protection from electromagnetic interference r
Advanced LWR Program NRC 12/89-14
-.. i
2 FIGIIHE Iti.I I AllVANWil I.lGill' UATElf 1(l:M :T ult" M-kilS INl'EGl:ATED SY. STEM AitclilI'ECTill(E l
Ol'ER,iTIONAL TEAbt's illifbitNS)' ~ ~ ~
l
~
p~'~~~"'
.y,g INtsIRhlATitlN DISL *lA t* ANi> l*l ANT CONTKill MAsNlt HANC(
ERf 5 O)taf f*til Dua848' 84 hallt 5'#88 Ed' eta Parat s t em.wat a kwa.
et asas unsaan.e ast ase f-st arat Pe ars tw1 saata nsas
- <t as sine s e t s a ee s, e s m.*.,
l Ors eatRwaat EOt. ssp DBACN051eC5 IfCH 5tJPPOni (13Jg p y OnIa ANO hasNitNW[
C1NIfR
=.mset A g set ha a
((stalROLS
( oralettit 5 Z'~
et tenta
~ ~ ' ~ -
as asRs u,r
.a..
- ~ _ _ _
STAItIS emie n g att i3 94 tstfeOrt I t ow wastpe rM F 5 ItUt 5.1 ta9 *s TIC f } 'jg,
$(NSOR$
-*r r,v,* 7. ~ 7 Page1012 y
-.v-,,
4 u
-r-(
ys
. ~
+
e Utility /ERRI instrumentation, Control and Protection Systems - Systems Approach 1
Standardization of hardware and software will be used to simplify maintenance and protect against obsolescence problems Built-in testing will provide computer-aided, periodic functional test capabilities, continuous self-testing, locate failures upon i
detection., and record test results Recognize the key dependence of equipment reliability on the environment. Provide enhanced control of the environment to the degree practical and assure M-MIS equipment is selected to be compatible with its environment under both normal and l
casually conditions i
i Advanced LWR Program flRC 12/89-15 i
s m
s
=
Utility /EPRI Design Process Directed by a single organization, carried out by a multi-disciplined design team Coordination of the design among plant designers; take into account operations / maintenance input Continuous V&V effort performed in parallel by an independent team.
Analysis of. functions, tasks and plant response using mockups, dynamic models, and plant simulator Advbnced LWR Program -
- Nfl012/89-16
~
+
1 Utility /EPRI
- t Reliability inherent in Design Emphasis on assuring failures accommodated gracefully, i
operators don't become over-burdened, and no loss of essential capability Robust design that prevents single random failure of M-MIS equipment from causing a forced outage c
Defense against propagation of faults so that a failure in one i
function doesn't propagate to another function
~
t l
Advbriced LWR Program NRC 12/89-18
[
i Utility /EPRI t
Testing of M-MIS Systems 1
h Testina of M-MIS Systems Support in-Service Testing
]
built-in test features y
self-diagnostics for continuous on-line-testing t
automated functional testing for periodic surveillance testing i
Advanced LWR Program i
NRC 12/89-19 1
l
~
_____.g n..
m:~.
Utility /EPRI Cost ij Initial cost of M-MIS equipment is considered subordinate in importance to safety and reliability / availability. Basis is anticipated higher plant availiability due to reductions in unplanned trips, ease of maintenance and testing It is expected, however, that use of modern digital technology,.
o multiplexing, fiberoptic cabling, etc. will result in net reduction 1
in cost i
~
t Advanced LWR Program NRC 12/89-20
,w, m
s g
q-4M g-*-
g tiw yw4-=
,y p g, g,'
g 7g ar*
gq(gms' y
-m g 3 y-
-Utility /EPRI.
[
?
i e
4 l
Proven Technology
- l f
f l
L 1
l Incorporation of modern digital technology is encouraged l
to. solve existing problems and improve designs l
Must adhere to ALWR principle'of proven technology to prevent introduction of new problems successful experience in similar power plant or process industry applications undergone extensive testing 1
i Advanced LWR Program i
NRC 12/89-21
g
-m
+-
1.
Utility /EPRI 4
investment Protection Objective is to achieve a robust design that minimizes likelihood of failure, and limits the propagation and l
impact of failure To be achieved by requiring:
- highly reliable M-MIS equipment specific and -
quantitative reliability requirements and analyses to demonstrate requirements.are met
- single and multiple failure criteria which must be met for not only the protection system but also non-safety control and monitoring systems
- minimum required levels of segmentation and independence Advaisced LWR Program NRC 12/89-22
=
g 7,+
m.
4 Utility /EPRI Operations Staffing Single reactor operator able to perform necessary monitoring and control functions during normal power operations 1
M-MIS design should be based on a control room operating staff of two-to-three continuously in the control room for operation i
during startup, shutdown, transient and emergency conditions.
1 Control room designed to also accommodate a maximum operating staff as follows:
Number Position License 1
Shift Supervisor SRO l
1 Senior Reactor Operator SRO l
3 Reactor Operator RO 1
Technical Advisor l
2 Equipment Operators 2
Observers M-MIS designer will provide facility that envelopes this variety of needs Advidced LWR Program une nma L
i
(( Utility /EPRI
' Human Factors Engineering i
Major part of the: design from the start Elimination of potential sources of human error function and task analysis in design process use of mockups and simulation I
I Reduction in the likelihood of human error i
careful selection and allocation of tasks j
proper support of defined tasks enforcement of consistency and integration of the design with 4
regard to both operator and maintenance interfaces Provision for detection and recovery from human errors should they
]
occur robust design using operating team concept f
automatic checks and alerts Advanced LWR Program NRC 12/89-24
~
z v.
...m.____,_____
t l
l Utility /EPRI j
i Level of Automation i
i Trend toward operators' role as " intelligent overseer", not " fast actuator" M-MIS Designer evaluate each monitoring, control, and protection l
function in design process - determine appropriate level of automation; evaluation includes:.
. operator workload, burden, level and duration of attention required potential failures of equipment and automatic controls system response requirements complexity of operation i
need to maintain operators in the loop / cognizant of plant status, alert, ready to intervene in plant operations as required i
type.and level of plant data provided to operators
!l Advdriced LWR Program NRC 12/89-25 i-i 4
. =
' 1~..
_ ~ _.
~
=
- u. _..
s
[ Utility /EPRI
(
Main Control Room
)
i At heart of M-MIS Designed as coordinated whole by a dedicated, t
interdisciplinary team which includes operations and maintenance personnel Designed to. accommodate specific levels of operator l
staffing Adequacy of staffing, control room size and layout will be j
l l
verified by use of mock-ups and dynamic simulation Located and arranged to provide good communication with l
field equipment operators and maintenance staff I
I l
?
l l
Advbric_ed LWR Program NRC 12/89-26 L.
Utility /EPRI Main Control Room Arrangement Main control area open and free of obstructions so-operator / supervisors have clear view and ready access a
Ample storage, laydown and work space for procedures, drawings, etc. Written documentation will be reduced by exploiting up-to-date electronic storage / display / printing capabilities Human engineered environment to provide professional, comfortable atmosphere to enhance operator effectiveness. HVAC, lighting, sound level, use of colors, etc. will be fully engineered Control room design / environment will also reflect need to keep operators alert and attentive -- will have flexibility to su'pport utility efforts in this area Provide office space, storage, restroom and kitchen facilities along periphery Advbriced LWR Program NRC 12/89-27
- w
~^
' ' ;'( l J-
. Utility /EPRI Operator interface l
Approach Emp!cy modern control station technology proven in other industries to enhance operators' interface with the plant and
. further foster our existing established vision:
j top-down, functionally-based, decision-making approach consistent operation for both normal and emergency / upset -
conditions j
provide an integrated operatorinterface that conveniently j
allows the operator (s) to coordinate CRT displayed a
procedures with displays,~ controls and alarms j
Advanced LWR Program
- l NRC 12/89-28 i
I
~ =r -
p y
-=-
.. ~
- Utility /EPRI Operator Interface (continued) l General
~
Layout selected through operator task analysis backed up by walk-throughs and dynamic simulation Presentation will be consistent with current 3-section versions:
i alarm information on top; process displays in center; controls on.
lower section Alarms, displays and controls will be sensibly arranged, grouped and labeled
]
Computer-driven alarms and de
!ays and controls will be used to exploit enhanced trending, alarm,rioritization and suppression, etc.
Spatial dedication of selected controls, overview displays and high level alarms will be balanced with programmed displays to accomplish desired simplification t
Advbnced LWR Program l
NRC 12/89 29 -
.,~.:.
~
Utility /EPRI Operator Interface (continued) 1 General (continued)
Level of automation determined in design process:
operator work-loads will be engineered rather than a byproduct The M-MIS will exploit the ALWR's tendency to naturally seek a safe state, so rapid and complex operator response is not needed Plant design and margin will be used to modify the operators' role to that of " intelligent overseer", not
" fast actuator" NHC 12/89-30
4 Utility /EPRI i
t L
Operator Interface 1
(continued) l i
(
Procedures
\\
CRT displayed diagrammatic normal and emergency procedures
- proceduro to be an integral part of design process
- minimize use of lengthy text i
- embedded dynamic indication and alarm information
- coordinated with controls l
- indicate procedural options and provide recommendations
- flag and iog operator actions that deviate from recommended l
I Adv6nced LWR Program
\\
NRC 12/89-31
- o
I i
Utility /EPRI l
Operator Interface (continued)
Displays i
i CRT displayed presentations of plant parameters and technical data:
- based and organized on operator tasks and event categories l
- graphical and diagrammatical format showing present values, 1
trends, and plots
- indicates acceptance ranges, set points, control bands, correlations, etc. CRT displayed CAD-based P & ids CRT displayed CAD-based P & ids
- multiple diagrams at different levels of detail
- logically organized for easy access
- dynamically updated with equipment status information j
- integral part of computer-based plant configuration management system l
i Advanced LWR Program NHC 12/89-32
. I
-Utility /EPRI Operator Interface (continued)
Alarms and Controls CRT displayed alarms j
i
- mire iize nuisance alarms
- alarm ordering and grouping j
- alarm reflash
- provide casual data
- provide recommended actions for operator to choose from Programmed controls coordinated with procedures, displays and alarms I
- spatial arrangement for each " control group" (e.g., controls for auxiliary feedwater) l
- " control group" need not be spatially dedicated t
- spatially dedicated controls not ruled out for specific equipment j
(e.g. reactor. trip)
Advanced LWR Program '
[
i NHC 12/89-33 r
i Utility /EPRI I
4 Operator Interface (continued) i Workstations i
Compact workstations for operators 1
- use of redundant workstations
[
- number to satisfy staffing, training, reliability e.id maintainability needs i
Shift supervisor and other workstations (e.g., TSC, STA) l l
- redundant to operator workstation except control feature i
normally disabled 1
Advanced LWR Program tARC 12/89-34
~
Utility /EPRI
~
Operator interface (continued) i Laroe Display and Alarm Panel Large, upright, integrated plant overview display and alarm l
panels f
l
- plant configuration - state of essential equipment and key parameters
- top-level alarms l
- viewable anywhere in main control room l
- provides spatially dedicated, continuously available reference information
.provides spatial dedicated top-level alarms
- supplements overlayed presentations (non-spacially l
dedicated) at workstations
- coordinate control room staff activities (instantaneous big picture)
Advanced LWR Program NRC 12/89-35 1
i i
. ~..
i Utility /EPHI t
l Remote Shutdown Station i
1 l
I RSS improved; human engineered panel based on operator needs and a walk-through of procedures RSS not a second full-scope control room l
RSS provides reactor trip capability, and control and monitoring i
of subsequent safe shutdown RSS provides capability to initiate residual heat removal, but will i
rely on local operation of selected equipment to achieve cold
. shutdown
\\
l I
y
.I 4dv6ticed LWR Program NilC 12/89-36 4
T-~-
w
+e-v---,
e, e-
.e
Utility /EPRI Local Control Stations and Monitoring Facilities Same rigorous design approach will be taken for local control stations Good human factors, e.g., lighting, access, consistent color coding and labeling, use of mimics, etc.
Same equipment, displays, etc., to degree practical as in main control stations-Emphasis on good communications with main control room to assure local operations are monitored and controlled Monitoring provisions for the Technical Support Center, Emergency Operations Facility, technical advisors,pnd plant / site management
- Advshced LWR Program flRC 12/89-37
~
Utility /EPRI a
i-
}
Protection from Obsolescence Continuing concern for M-MIS equipment Minimize impact of obsolescence j
modular in construction use standardization of M-MIS equipment to ease maintenance, training, simplify spare parts needs and support ready replacement and upgradirg i
i
^
i l
e Advanced LWR Program NRC 12/89-38
1 Utility /EPRI Key Licensing Challenges 1
~
6 Developing IE seismic category workstations existing guides and standards were developed i
for older technology may necessitate new implementation of the intent and purpose of existing l
guides / standards t
l 1
Advanced LWR Program NRC 12/89-39 l
.i 1
Utility /EPRI
\\
Section 3 I
Key Requirements M-MIS Design Process Requirements Proven Techno!ogy l
Cost Operator Actions Availability and Reliability Testability Requirements Maintainability
~Constructibility i
~
Design Flexibility l
Y Adianced LWR Program r
1
(
NTIC 12/89-40 4
l e
Utility /EPRI T
t i
Section 3 i
. Key Requirements e
Design process requirements j
Other key requirements l
{
1 i
i 4dvsticed LWR Program '
NHC 12/89 41 a
m
=- -
e u
n
.e,s v,re,.
s.w.-
,- a em-a r~-n-,-
ew -
-s~---
~-------w--
w
+.,.
~
l Utility /EPRI
(
Key Requirements (continued) l l
i i
Desian Process Requirements Are Emphasized Because:
New technology.makes control of end product by specific requirements less practical than if conventional I & C were used Existing plants have often not followed a process which integrates I
j the M-MIS with the Plant Design l
i L
aavances 1.wn program -
f3RC 1?>S942
-~~
.v s
~ ~ ~ ~. ~
1
^ Utility /EPRI f
Major Design Process Requirements i
i Focus on functions lieration between M-MIS and Plant System designs Consistency of design process l
t
\\
)
i I
Advsticed LWR Program i
NRC 12/89-43
(
.=.-
L Utility /EPRI i
Major Design Process Requirements (continued) i i
Single overall design effort coordination and direction Interdisciplinary design team i
Interdisciplinary design reviews Resolution of past problems Simplification and standardization i
l 1
i l
4 l
~
. Advanced LWR Program j
niu: u e.u i
Utility /EPRI Major Design Process Requirements (continued)
I i
Identification of functions and tasks at beginning of and throughout the design process as major bases for all design activities and fundamental l
design decisions i
't, Advariced LWR Program NRC 12/8945 m
w-m 3-_,
- ,.w-s c,,,.
-.-~.-,.
. -. _ w w-s.-,.
v-.----
l..
l; Utility /EPHI s
e Major Design Process Requirements 1
(continued) i l
l Dynamic modeling (and simulation) throughout the process All testing aspects to be addressed
)
component and manufacturing l
l installation and startup in-service surveillance i
I NRC G8946 4
7 Utility /EPRi i
i i
Major Design Process Requirements (continued) 4 i
t Explicit review of the process itself i
independent, multidisciplinary review team i
i throughout the design process i
I i
4 t
I f
i Advanced LWR Program i
fMIC 1299 41 s
-.w a
W e
Utility /EPRI Other Key Requirements 5
Criteria for " proven" components and use of new i
components Costs over total plant life l
Operators and operator actions to be an integral part of the design l
4 workload
)
vigilance i
automatic or manual i
local or remote i
i l
l l
Advanced LWR Program j
V3C 12nn 48
N Utility /EPRI-i Key Requirements (continued)
Availability and reliability - general l
l M-MIS should not have a significant impact on l
plant reliability or availability utilize techniques which have been developed to i
achieve fault resistant and fault tolerant systems i
l i,
i i
I Advanced LWR Program PARC 12/89 49 l
1
+
o Utility /EPRI c
Key Requirements 1
(continued) l Availability and reliability - specific
{
effects of M-MIS failures 1
quantitative requirements on forced outage frequency loss of full power availability i
maintenance frequency segmentation of major functions i
a environmental control for M-MIS equipment i
analyses of reliability j
l Advariced LWR Program i4RC 12/89-50 i
i
3 I
. Utility /EPHl.
3 b
Key Requirements (continued) 1 Design for testing Design for maintenance
[
Design for construction l
i i
l Design for change i
I t
l i
i
\\
i i
Advanced LWR Program NilC 12/89 51
l Utility /EPRI j'l Section 4 i
Control Station Requirements l
i I
Control Station Design Process Requirements i
Operating Crew Alarms Displays Controls t
Voice Communication Systems t
Arrangement, Environment, and Equipment l
l Control Panels i
Requirements for Specific Control Stations l
i k
l Q
Advidced LWR Program l
l tcac u s s2 i
l l
- ~.
1 Utility /EPRi
/
l Control Station Requirements (continued)
L l
Design process requirements i
realistic conceptual designs
?
extensive.multidisciplinary review Design integrated with functions and tasks l
Applied plant-wide, not just Main Control Room l
l Design practices to be developed, documented, and l
l l
consistently applied 1
i Advanced LWR Program i
~
intG 1?!89 *n 4
i t
e
,,rw---
.-,e--
....-w.,
________________________,_.,,,_,_______________m
- m...
.I h
Utility /EPRI i
l l'
Control Station Requirements (continued) e l
t l
Operating crew defined for:
normal and emergency l
minimum and maximum Designed so that only one operator required for normal t
monitoring and control 1
i i
Advinced LWR Program NilC 12/89 54 i
i'
I Utility /EPRI i
Control Station Requirements
-(continued) i i
?
[
1 Alarm System which supports, but does not over burden l
operators Requirements on controls and displays to correct current problems i
Requirements on voice communication as an integral part of the M-MIS Requirements on arrangement, environment, equipment l
l access prevent disruption l
t Advanced LWR Program FCIC 12/89 55 l
h
i Utility /EPRI Section 5 4
Data Gathering, Transmission and Processing Requirements Purpose To provide requirements for plant-wide data system To assure satisfactory design of hardware and software for:
l signal acquisition i
signal distribution 4
signal processing Scope t
l Encompasses hardware and softwar e from:
l i
i sensor outputs -> data paths -* control / monitor inputs r
I control / monitor outputs -> data paths -> actuator inputs includes requirements for operator support and aids j
i Advanced LWR Program
\\
tinC ; l189 56 l
k Utility /EPRI l
\\
Data Gathering, Transmission and Processing Requirements l
(continued) i i
Overall Reauirements Must meet the general requirements sections l
.Provides design process requirements to assure adequate control 1
of signal utilization and signal specifications l
Data rate requirements to meet the needs of utilizing systems and plant operators y
i must be based on conditions that cause highest loading must consider operator action / response needs Requirements to place bounds on the architecture used Requires open, standard, communication protocols proprietary allowed in local areas if justified i
Adianced L.WR Program i
!71C 12/89 5?
.i
~
h..
~
s r
-Utility /EPRi Data Gathering, Transmission l
and Processing Requirements (continued)
Subfunction Reauirements Data acquisition requirements requirements for signal specifications and characteristics requirements for noise and anti-aliasing filters Data transmission requirements signais must be tagged with quality and identification information requirements for immunity to soft errors Signal processing requirements
- signal processing data base integrity requirements requirements for signal validity checks requirements for anti-alaising filters or resampling
\\
Advanced LWR Program NRC 12/89-58
~ _
h L
Utility /EPRI L
Data Gathering, Transmission and Processing. Requirements (continued)
Hardware and Software Requirements General sections adequately address most requirements.
Provides requirements for D / A and A / D converters speed accuracy resolution glitches Requirement to support initial plant startup testing Module conf.guration by back-plant wiring rather than on module jumpers or switches Advanced LWR Program NRC 12/89 59 l
- g Utility /EPRI Data Gathering, Transmission j
and Processing Requirements 1
(continued)
Operator Aids Requirements q
Technical specification monitoring i
to determine approach to or existance of an LCO to provide aids for avoiding and recovering from an LCO ESF availabiNty monitoring monitor both initiating and " implementing" equipment l
~
monitor. process ' conditions that could effect operation l
Diagnostic, maintenance, and testing aids j
l t
rnust provide procedural control features l
3 must provide test equipment control aids must provide troubleshooting aids Provide emergency response facilities to. meet regulatory H
requirements -
Advsnced LWR Program fRC 12/89 60 l
~
~
i Utility /EPRI-Data Gathering, Transmission and Processing Requirements i
' (continued)
]
1 Potential Safety and Licensina issues Addressed in Section 6 and other sections i
4
,. l 4
7 i
t Advdriced LWR Program i
NRC 12/89 61
.w.
, +..
.,. ~,
+
w.
-s
.u
._+--_.,-m--
Utility /EPRI e
Section 6 h
Common Software, Hardware, and Control Requirements
[
Purpose 1
Provide the common software, hardware, and control requirements for design, selection, and installation 1
L Does not repeat requirements specified in other chapters Requirements specified compiements other chapter 3
requirements Scope M-MIS software requirements includes all software and firmware for operation and maintenance of the plant Software requirements include both developed and purchased i
i software Requirements applies to all M-MIS ha.rdware Requirements covers all control systems required for operation l
l l
and maintenance of the plant 1
Advdriced LWR Program i
NRC 12/89 62
- - _ - - - - - _ _ - - _ _ - - - - = -
~
Utility /EPRI Common Software, Hardware, and Control Requirements L
(continued) 1 i
Examples of Software Requirements l
t Requires a top-down design with software life cycle Software quality assurance in accordance to NUREG/CR-4640 l
Verification and validation requirements 1
Standardization of software Diversity and redundancy consideration for software l
-Coding in highcievel language for maintainability j
On-line and off-line diagnostic testing Security protection i
Advanced LWR Program
]
HRC 12/89 63 l
.__-_.__-_____._-__-_______:=_______-_~-_,_. - _ _ _ - - - - _
(^.
Utility /EPRI
.i Common Software, Hardware, i
and Control Requirement (continued) 1 t
i Examples of Hardware Reauirements All analog signals to be either current inputs or differential voltage l
Protective, power,-instrument grounding requirements for signal i
l noise elimination and personnel safety q
Switch accuracy,. repeatability, testing provision, position
=
t adjustment and maintainability Sensor accuracy, repeatability, calibration accuracy, range of l
operation, failure detection, and maintainability j
Analog isolator linearity,. stability, and degradation of accuracy Valve position indication, leakage, diagnostic, calibration and other requirements Raceway shielding, power cable shielding, and cable loading on raceways Advbnced LWR Program NilC 12/89 64
.-~--y_.__,_
_m,
,4
-w.
3.-r--
=.
._.~.y
~
Utility /EPRI Common Software,. Hardware, and Control Requirement (continued)
)
Examples of Control System Reauirements
- Software interfaces of safety and non-safety systems discouraged Safety-related control system software retained on power interrupt Controls will remairi in known safe state following power recovery Transfer between manual and automatic control shall be bumpless i
Resolution and accuracy for settings of control parameters are specificed Time delays, sample rate and resolutiori are considerations for evaluating stability and response rates y
Advsnced LWR Program NRC 12/89 65
4 Utility /EPRI i
Common Software, Hardware, and Control Requirement (continued) l Potential Safety and Licensina Issues ALWR requirements emphasize standardized software of high l
quality and reliability 3
design process V&V l
operational testing / surveillance Software diversity is therefore not required as a means of achieving high software reliability ALWR requirements specify functional separation between safety and non-safety software - safety software isolation not required j
High reliability for control system networks to be achieved by redundant, independent data highways.
i hdvbnced LWR Program -
NRC 12/89 66
,c
a
[ Utility /EPRI
(
Section 7-10 i
Specific System Requirements i
i
+
Relies on other chapters, particularly:
functions
.i interfaces performance requirements 3
system-specific instrumentation and control requirements t
1 i
Advariced LWR Program tHIC 12/89 67
or
[
Utility /EPRI 2
i-l Specific System Requirements l
(continued) '
Requirements from M-MIS viewpoint M-MIS functions control and monitoring strategies M-MIS integration and coordination i
l I
.~ Advanced LWR Program NRC 12/89-68
- ? :.
Utility /EPRI N
~
4 m
I Specific System Requirements (continued)
Control and monitoring strategies deal with i-1 selection of automatic or manual control selection of remote or local stations interlocks, bypassing, permissives
)
Typically covers normal operation startup (initiation) and shutdown reconfiguration l
- 1 testing
)
l Advanced LWR Program NRC 12/89 69 c-n - - -.
v.
.~.
--.~ -1
. Y
~.
h! ?
< Utility /EPRI.
K Specific Sy(stem Requirements continued) ff ti
. Allocation o unc ons initial allocation isifor illustration M-MIS designer is expected to determine consistent with a functional approach and to iterate with system designers 1
Advbnced LWR Program NGC 12/89-70 4
n.
...gg
%g,..
.9%
p.,
,qy{ gg,3,j
?,;$i.,
,, ;., _,,,.c; g ~; _ A/jjf
~'^,,5 s.;
J%. 9 r.,,;. ;a stQm
-~
- ,3 Utility /EPRI L
Specific System Requirements
-(continued) i t
Each section covers a related group of systems and typically includes:
a chart showing schematically the initial functional l
allocation a set of cbmmon requirements for all M-MIS in the
. group of systems requirements for M-MIS of individual systems i
I Advariced L.WR Program NRC 12/89-71
..,,. m 3
~
Utility /EPRI 3
L Specific System Requirements
~
(continued)
I r
i Systems Grouped As Follows:
i Section Systems l
7.0 Overall Plant, Reactor and Reactor Coolant Systems 8.0 Reactor Protection and Safety Systems i
9.0 Power Generation and Main Turbine-Generator Systems l
10.0 Auxiliary and Plant Support Services Systems t
e i
i
\\
l l
i Advsnced LWR Program NRC 12/89 72 l
. ~.
.._ _ _ _. ___ _ ________. _ _ _ _.. _ _ _ _.___ _ ___,__ _