Plant Designers Operational Support Info Plan for ABB-CE Sys 80+ (Tm)

ML20058N094
Person / Time
Site:	05200002
Issue date:	09/30/1993
From:	ABB COMBUSTION ENGINEERING NUCLEAR FUEL (FORMERLY, ASEA BROWN BOVERI, INC.
To:
Shared Package
ML20058N083	List: LD-93-143, Forwards Rev 2 to NPX80-IC-DP790-01, Human Factors Program Plan for Sys 80+ (Tm) Std Plant Design, Plant Designers Operational Support Info Plan... & Rev 2 to Design Alternatives for Sys 80+ Nuclear Power Plant ML20058N085 ML20058N094 ML20058N100
References
PROC-930930, NUDOCS 9310070367
Download: ML20058N094 (18)
v • d • e

Text

.

l l

J PIANT DESIGNER'S  !

OPERATIONAL SUPPORT INFORMATION PLAN i For the ABB-CE SYSTEM 80+=

t F

September 1993 ABB-CE SEIEM 90+

9310070367 930930 PDR ADOCK 05200002 3@

A PDR !s

1 PLANT DESIGNER'S  !

OPERATIONAL SUPPORT INFORMATION (OSI) PLAN . {

For the ABB-CE SYSTEM 80+"  :

l PURPOSE This plan describes the System 80+ plant designer's program for developing operational  !

support information in a time-phased fashion from design through construction to plant operations and conveying this information to a plant owner / operator.  !

l SCOPE

.l The plant designer's OSI Plan specifies the categories of information to be developed during the appropriate phases of design, procurement, construction, startup, and initial operation.

It also identifies a hierarchial structure of the information that will be developed. The i elements of the OSI with its information hierarchy are shown in Figure 1.  !

The information hierarchy includes:

PIANS - Plans are the highest lev;l documents. They establish goals and objectives for the development and implementation of an activity. A plan also outlines a l time-phased sequence to be followed to successfully implement'a program.

GUIDES - Guides provide specific design information, requirements and bases necessary l for implementing a designated portion or aspect of plant operations. j GUIDELINES - Guidelines provide the equipment specific sequences, actions, or guidance i necessary to execute a process, perform a function, or manipulate equipment in accordance with the intentions of the designer and within the bounds of the design bases. These form the basis for development of detailed procedures.

PROCEDURES - Procedures are the actual step-by-step instructions that implement procedure guidelines in an integrated fashion for a specific application.

Procedures are the terminal level documents in the OSI program and are the end product developed and used by the owner / operator.

Elements of the OSI are expected to be developed to support design certification of the System 80+ plant. Other elements would be developed during the detailed design process which may run concurrently with and continue after design certification. Additional elements would be developed only after an operator applicant files a license application.

In general, each element of the OSI would be updated, as required, as the detailed design progresses, equipment and components are specified, and as-built information becomes available.

i ABBCE SWIM 30+ l l

l The plant designer's OSI is consistent with and complements the information provided in regulatory documents, industry standards, and general guidance used by a plant owner / operator to develop and execute an acceptable plant operations program. The OSI is based on guidance provided in the NPOC Strategic Plan and documents issued by INPO, NUMARC, and EPRI. The OSI program does not specify the scope or content of a plant owner / operator's operations program. It does, however, insure that the plant designer's guidance and insights, as well as, operational constraints of the design are transferred to the plant owner / operator.

OSI PROGRAM The plant designer's OSI program spans the period from initial design of the System 80+

plant to initial operation.

Early in the design process, higher level and less detailed information is required to relate the design bases to operational requirements. Plan and guide level documents developed by the designers are sufficient to support this requirement.

Guidelines are generally developed later in the detailed engineering design phase and are completed when equipment specifications, system parameters, and plant arrangements are essentially final.

Detailed procedures are prepared by the plant owner / operator during the construction and preoperational phases. The detailed procedures must include the guidance, insights, and operational constraints provided by the plant designer.

Each OSI category identified in Figure 1 has as its basis a plan that describes information to be provided and interfaces to other plans, programs, or operations related elements. The topical elements presently identified to be part of each information plan are outlined in Appendices A through F.

The content and format of the guides, procedure guidelines and procedures developed as part of the OSI program will be based on the guidance provided in regulatory directives and industry standards. This will include the development of writer's guides in those areas .

where they are appropriate and/or are required.

SCHEDULE The initial plan for each category of OSI is expected to be developed prior to Final Design Approval (FDA). The plans will subsequently be updated, as required. Specific time frames for development of information for each element will reflect the need for the ,

information. '

i ABB-CE SWrEM 80+

APPENDIX A PLANT DESIGNER'S l CONSTRUCTION INFORMATION PLAN i FOR THE SYSTEM 80+

{

Topical Outline AREAS ADDRESSED

1. Equipment Delivery, Receipt, Acceptance and Storage

2. Code Compliance (including code stamps)

3. Component and System Installations

4. Walkdowns

5. Construction Verification 4 l

6. System Turnover To Startup Engineering

7. Preventive Maintenance During Construction

8. Field Modifications e ITAAC Considerations e Equipment Failures e Spare Parts Qualification e Standardization Preservation l 9. Equipment Protection Program

10. Surveillances and Inspections During Construction

11. Spare Parts Program Interfaces e Plant Information System (Plant Design Data Base) e Adverse Systems Interactions (ASI) e Vendor Documents for Equipment

- A-1 ABS-CE SYS1M SB+

APPENDIX B i i

PLANT DESIGNER'S l SECURITY INFORMATION PLAN * '

- FOR THE SYSTEM 80+ >

Topical Outline ,

AREAS ADDRESSED

1. Physical Arrangements ,

o Protected Area Access '!

e' Design Provisions for Physical Security e Equipment Separation e Security Zones  ;

e Detection and Alarm Systems

2. Secured Electrical Power

3. Site Communications 1

4. Security Illumination l I

5. Qualification Testing of Facilities j Interfaces  !

l e Site Emergency Planning j

.

• Surveillance, Inspections and Maintenance of Security Systems e Security Training e PRA Insights to Security

• Security related information may have restricted distribution.

1 l

l l

- A ABECE SY5mW M+ l l

APPENDIX C PIANT DESIGNER'S STARTUP INFORMATION PIAN

_ FOR THE SYSTEM 80+

Toolcal Outlig AREAS ADDRESSED

1. Startup Phases e Turnover From Construction e Pre-requisite Testing e Pre-operational Testing e Fuel Load e Post Fuel Load Testing

• Turnover to Operations i

2. Regulatory Requirements with Commitments i

e Commitments Made in Response to Regulatory Review

3. Industry Standards e Provisions For Code Inspections -

l t

4. Division of Responsibilities For Startup

5. Conduct of Testing e Test Results Review and Approval e Modifications e Field, Design and Temporary Modifications i e Equipment Failures e Adverse System Interactions (ASI) e Surveillance, Inspection and Maintenance e ITAAC Considerations

- A-3 ABECE SmW 88+

i APPENDIX C (Continued)

PLANT DESIGNER'S I STARTUP INFORMATION PLAN FOR THE SYSTEM 80+  !

i AREAS ADDRESSED  ;

6. Testing Sequences

7. Test Guides, Guidelines, and Procedures e Component Testing

• Integrated System Testing i e Pre Service Inspection (PSI)

8. Special Test Equipment  !

Interfaces

• Operating Procedures  !

e Maintenance Procedures ,

e Technical Specifications e Control Room Simulator '

e Plant Information System (Plant Design Data Base)  !

• PRA Insights e Design Reliability Assurance Program (DRAP) e Operational Reliability Assurance Program (ORAP) f

- A ABEG SWmM 30+

APPENDIX D.

i PLANT DESIGNER'S OPERATIONS INFORMATION PLAN

. FOR THE SYSTEM 80+

, Toolcal Outline l

AREAS ADDRESSED

1. Staffing Analysis l

l e Shift Staffing l e Operating Crew Staffing e Main Control Room Staffing e Remote Shutdown Panel Staffing

2. Operating Guides, Guidelines and Procedures e Normal Operations e Shutdown Operations e Abnormal Operations e Emergency Operations e Severe Accident Evolutions e Surveillances e Administrative Interfaces e Adverse System Interactions e ITAAC Considerations e Technical Specifications

• Training and Control Room Simulator e Plant Information System (Plant Design Data Base) e PRA Insights e Plant Designer's Operational Guidance, Insights, and Constraints e Human Factors Program Plan e Task analysis data and reports l e HFE Standards & Guidelines,

• Bases l e Verification & Validation plans, data and reports e Design Validation scenarios & operating sequences e TOI database and open issues

- A ARB CE SYSUN 90+

l l

x. - -

APPENDIX E -

i PLANT DESIGNER'S i MAINTENANCE INFORMATION PLAN

. FOR THE SYSTEM 80+  :

i I

Tonical Outline .

1

. AREAS ADDRESSED t

1. Staffing Analysis e Shift Staffing  !

• Operating Crew Staffing e Main Control Room Staffing e Remote Shutdown Panel Staffing

2. Maintenance Guides, Guidelines and Procedures In-Service Inspections ,

e iurveillance and Inspections e Preventive Maintenance e Corrective Maintenance '

3. Equipment Manuals -

4. Conduct of Maintenance o Design Modifications e Equipment Failures ,

o Spare Parts

• Temporary Modifications

5. Special Tools and Equipment List

6. Material Receipt, Inspection, Handling and Storage of Components and Parts.

7. Lubricants and Preservatives

- A ABBG SMW SO+

APPENDIX E (Continued)-  ;

PLANT DESIGNER'S MAINTENANCE INFORMATION PLAN

- FOR THE SYSTEM 80+

8. Outage Management Insights Interfaces  ;

e Reliability Centered Maintenance (Reliability Assurance Program) ,

o AI. ARA Program t e Training (including Component Mockups, as applicable) e Technical Speci5 cations ,

e Plant Information System (Plant Design Data Base)  ;

e Design Reliability Assurance Program (DRAP) i e Operational Reliability Assurance Program (ORAP) j e Human Factors Program Plan '

i l

.l 4

1 1

l i

l 4

- A ABECE SmW 80+

t i

APPENDIX F i

PIANT DESIGNER'S TRAINING INFORMATION PIAN FOR THE SYSTEM 80+ ,

Topical Outlin_t AREAS ADDRESSED l

1. Training Guides, Guidelines, and Procedures  !

e Operations Staff e Maintenance Staff e Startup Staff '

e Technical Support Staff e

2. Training Aids and Facilities

• Training Areas e Control Room Simulator e Component and System Mockups

3. Training Staff i

4. Simulator Verification Program

5. Training Materials ,

e Vendor Manuals ,

e System Descriptions Interfaces

• Interfaces To All Aspects of Plant Startup and Operations e Plant Information System (Plant Design Data Base) i 1

l f

- A-8 ABM SWIEM 89+ ~

I i

i

FIGURE 1 l

PROCESS FOR DEVELOPMENT OF OPERATIONAL SUPPORT INFORMATION BASES FOR OS1 PROGRAM e Fundional Requirements OSI PROGRAM PLAN . Component & System Descriptions e Operations and Maintenance Charatteristics

. Reliability Assessments

. IkhNisc Rik Asresnat (FRA) e Performance Testing CONSTRUCTION TIST OPELATING MAI ANCE TRA NING SEC JRITY INFORMATION INFORMATION INFORMATION INFORMATION PROGRAM INFORMATION PLAN PLAN PLAN PLAN INFORMATION PIAN PLAN DESIGN CERTIFICATION

• CONSTRUCTION TEST OPERATING MAINTENANCE TRAINING SECURITY GUIDES GUIDES GUIDES GUIDES PROGRAM GUIDES GUIDES FIRST-OF-A-KIND ENGINEERING

• CONSTRUCTION TEST OPL2ATING MAINTENANCE PLANT INSTALLATION PROCEDURE PROCEDURE PROCEDURE SPECIFIC GUIDELINES GUIDELINES GUIDELINES GUIDELINES TRAINING PROGRAM GUIDELINES CONSTRUCTION AND START-UP PIIASE* CONSTRUCTION DETAILED PLANT PLANT TRAINING SECURITY INSTALIATION TEST SPECIFIC SPECIFIC MATERIALS PROCEDURES PROCEDURES PROCEDURES OPERATIONS MAINTENANCE & SIMULATOR PROCEDURES PROCEDURES VALIDATION PROCEDURES

• APPROXIMATE PIIASE WIIEN INFORMATION WOULD IlE DEVELOPED

t

$ $,2 >

f i

I,

.t i

~I:

-1 i

I i

+

i t

-r r

r r

z

.I 6

-r P

b i

6 ATTACHMENT 3 i

)

l

.t

'I r

I b

I n

h t

r t

L o

e t

s r

1 i

l i

a i

l l

l l

-1

'l 1

B I

i

~ - . . - . - . -. -- .

RECOMMENDATIONS REGARDING NRC POLICY  !

IN THE AREA 0F EQUIPMENT QUALIFICATION FOR ACCIDENTS l ABB-CE has been evaluating the impact of new design basis source terms in  ;

connection with its design of the System 80+ evolutionary PWR (References l' and  !

2). A key impetus behind the application of new design basis source terms to the System 80+ design is to increase the accuracy of the information that is being l used to determine and establish plant capabilities in the area of accident  ;

mitigation. The greater the degree of accuracy in the design basis source term  !

specification, the more capable the plant design will be to protect public health .:

and safety in the unlikely event of an accident with the potential for the '

release of radioactivity to the plant environs.

l Equipment qualification is one of the areas in which radiation source terms i affect plant design. Equipment qualification for electrical equipment is a  !

programmatic requirement established by 10CFR50.49, with 10CFR50.34(f) l establishing additional equipment qualification requirements, particularly in the  ;

area of radiation exposure. In complying with these regulations it is important j that the radiation source term be consistent with other system design bases.  !

This is the principal thrust of the recommendations contained in this document, t and this point is further illustrated by the discussion which follows. It should '

also be noted that actual equipment survivability may greatly exceed the  !

qualification limits established under these regulations because of conservatisms  ;

inherent in the qualification process.

To provide " defense-in-depth" a balanced view is taken of the relative importance  !

of prevention and mitigation; e.g., a level 1 PRA has been prepared in the design I stage as required by 10CFR52.47 to minimize the likelihood of accidents and (

associated challenges to the mitigation systems, but prevention is not viewed as'  !

a sufficient basis for a claim of adequate plant safety. As required by 1 Reference 3, the mitigation capability of the plant is established according to two bases, the design basis and the safety-margin basis. Since the safety-margin -

basis for mitigation is addressed both deterministically (by meeting the ,

deterministic requirements of Reference 3) and probabilistically (in the Level 1 2 and 3 portions of the PRA required by 10CFR52.47) and since in both approaches  !

equipment survivability is evaluated by experience, analysis, and engineering l judgement rather than exclusively by the equipment qualification process, the NRC <

policy on equipment qualification applies only to the design basis of the plant.  ;

Even within the design basis the concept of defense-in-depth is employed. For example, an emergency core cooling system (ECCS) is incorporated into the plant {

design which is designed against single failure as required by Appendix A of  ;

10CFR50 and evaluated for adequate performance as required and specified by  ;

Appendix K of 10CFR50. However, additional requirements exist in 10CFR100 for the postulation of "a major accident [resulting in) potential hazards not exceeded by those from any accident considered credible" and that "such accidents .  ;

have generally been assumed to result in substantial meltdown of the core". This ,

" substantial" core melt accident is used as the design basis for determining the adequacy of the site / containment combination independent of the requirement for the demonstration of a reliable and capable ECCS.

The regulations cited above are supplemented by requirements in 10CFR50.49 which establish that safety-related electrical equipment (or other electrical equipment

_w .,. < ., , - ,-y

"whose failure under postulated environmental conditions could prevent satisfactory accomplishment of [ safety-related] functions" or "certain post-accident monitoring equipment") must be qualified for "the most severe design basis accident during or following which the equipment is required to remain functional". The key issue is the proper association of equipment with "the most severe design basis accident during or following which [it] is required to remain functional". For example,10CFR50.34(f) establishes a blanket requirement which at least in part parallels Reference 4, II.B.2, that the present 10CFR100 containment design basis accident source term be used as the basis for radiation qualification of any LOCA-related equipment "which may be used in post-accident operations".

The " substantial" core melt accident postulated to satisfy 10CFR100 (which is then used as the design basis for the containment and containment systems) is clearly one which presupposes that the ECCS has already failed to meet its design basis. Therefore, the design basis for the ECCS in terms of equipment qualification should be a conservative representation of that degrec of core damage which is permitted by the other design bases for the FCCS, not the 10CFR100 postulated source term. This position is consistent with the letter of 10CFR50.34(f) which requires " radiation and shielding design reviews of spaces around systems that may, as a result of an accident, contain [10CFR100 containment design basis] source term radioactive materials ... to protect safety equipment from the radiation environment" This would indicate that the use of the 10CFR100 source term for equipment qualification of all safety-related equipment which could come into play following a LOCA is not a requirement, only of the subset which is needed and could be affected by systems containing the 10CFR100 source term. If the ECCS functions withi1 its design basis then no such source term would exist. Therefore, the ECCS (anJ areas around the ECCS system) could be appropriately qualified to a non-10CFR10] source term within the current regulations.

It is evident, however, that the " substantial" core melt accident postulated to satisfy 10CFR100 is one in which the core damapa has, in some way, been arrested.

The arresting of the core damage could be actleved in a number of ways and, as illustrated by the accident at Three Mile Island-2, is a thoroughly plausible and even an expected outcome for an event involving some damage to the core. (In this context the event leading to a 10CFR100 containment design basis source term may be viewed as a " limiting" case rather than as an " expected" case for all cases involvir,g some core damage). With respect to the qualification of the ECCS and " surrounding" equipment, it should be noted that the design radiation levels for a non-10CFR100 source term would be sufficiently high to justify credit for restoration of ECCS in the short-term to arrest core damage.

With respect to the containment and the containment systems credited for mitigating the 10CFR100 dose it is considered appropriate that these . systems (and their source " surroundings")

term. With thisbehaving qualified for the 10CFR100 containment design basis been done for the System 80+ design, sustained long-term core cooling can also then be guaranteed under these. circumstances by the cross-connection of the 10CFR100-qualified containment spray pumps to the shutdown this time cooling return path which can provide injection into the cold legs. At removal. sprays would no longer be needed for containment fission product Therefore, the arrested core melt could be maintained long-term.

This discussion has been developed specifically to address the qualification

1 approach for the ECCS and its surroundings, but the concept is more broad.  !

Presented below is an outline of the approach ABB-CE intends to follow relative to equipment qualification. I I

Prior to establishing the environmental qualification requirements of equipment  ;

important to safety, a determination will be made of the following ,

1. Time af ter the accident under consideration when the equipment is required to function.  !

2. Radiation sources expected in the environment (based on the accident in  !

question, up to and including an arrested core melt scenario with Reference 5 source terms) prior to and at the time the equipment is }

required to function.

3. Degree of deterioration expected and whether compensatory techniques can I be employed (e.g. , increased drift in instrumentation readings will be  !

addressed if considered appropriate after a certain time frame).

Active electrical and controls equipment required to perform a safety function f' following an accident will be divided into two groups; those that are required to function to support safe shutdown and accident mitigation manually or automatically (Group A), including Reference 6 Type A variables, and those needed to monitor plant status following an accident (Group B), including Reference 6 j

Category 1 and Category 2 items not included in Group A. Given that the  ;

qualification requirements will be based on the radiation sources expected in the '

environment (see Item 2 above) a review will then be performed of the two listings to establish the following-  ;

Group A-  !

e Time after the accident under consideration when the component is required

• to operate. For short-term equipment (needed to operate within the first hour following the accident in question) the qualification time will be i established based on a conservative estimate of when the equipment is i required to function plus a margin of I hour (e.g., the electrical and

• controls portion of containment isolation valves). For equipment needed i to operate in the short-term but longer than an hour the margin addressed  !

will be that required by Reference 7; i.e., 10%. -

e Equipment needed to operate intermittently will be qualified to the maximum time considered necessary (based on engineering judgement) or  ;

until such time when an alternate method can be used to perform the function or when replacement components can be installed. In the event  ;

that none of the above can be clearly established to be possible prior to  !

30 days following the DBA, the component will be qualified to the full 30  :

days following an accident. Thirty days is defined as the duration of the accident to be consistent with the time frames for which site  !

boundary / control room analyses are performed. A 10 % margin will also be i included.

Group B: I e Monitoring (e.g., Reference 6 instrumentation) and support equipment 5 l

(e.g.,. cables, etc.) should be qualified to the maximum time considered necessary or until such time alternate methods to perform the function or replacement instrumentation can be provided. In the event that none of the above.can be clearly established, the component should be qualified-

~

for a time frame greater than the duration of the accident; i.e., until-the major recovery efforts . are initiated and other monitoring techniques / devices appropriate for the specific event introduced. In this case the qualification time (i.e., the time the monitoring capability may-be- required to establish plant status) will be assumed to be 100 days.

Consideration will be- given to degree _of deterioration and impact on component function up to that time.

In summary ABB-CE intends to pursue equipment qualification for the new source term for the System 80+ using the overall philosophy outlined in the first paragraph of this document; i.e., in such a way as to increase the accuracy of the information that is being used to determine and establish plant capabilities l in the area of accident mitigation.

Reference 1 NRC letter dated October 19, 1992 to ABB-CE (C.B. Brinkman) " Staff  !

Position use of Revised Source Term for CE System 80+" l Reference 2 ABB-CE letter dated January 14, 1992 in response to Reference 1 Reference 3 ALWR Program Utility Requirements Document, Volume II, EPRI Reference 4 NUREG-0737, " Clarification of TMI Action Plan Requirements",

November 1980 Reference 5 Draft NUREG-1465, " Accident Source Terms for Light-Water Nuclear Power Plants", June 1992 Reference 6 Regulatory Guide 1.97, " Instrumentation for Light-Water Cooled Nuclear Power Plants to Assess Plant and Environs Conditions During and Immediately Following an Accident", Revision 3, May 1983 Reference 7 IEEE-323, " Standard for Qualifying Class IE Equipment for Nuclear Power Generating Stations"

> ,.. s a a~ . . . . ~= . >.a - +.. .n -.. + ~ . , + . . ~~ - - - . . . . . - - . . . . . . .

.,1 t

G h

- f,

.tl

'i

's t

2' s

M i

6 t

l i

)

.)

I e

.V ATTACHMENT 4 j

l f

d i

l l

1 1

i i

I J

s 4

- ,-,,-- ~ , , , , _ . . . , . . .. . _ , ~ . . . , . - , , - , , , . . . - , , . -