Text

h edade 'CL

[p* "%

?

[ )k$f,%

UNITED STATES j

NUCLEAR REGULATORY COMMISSION

• Ajhk j

WASHINGTON D.C. 20 % 5 0001 January 4, 1994 Docket No.52-003 APPLICANT: Westinghouse Electric Corporation FACILITY:

AP600

SUBJECT:

SUMMARY

OF MEETING TO DISCUSS THE RELIABILITY ASSURANCE PROGRAM (RAP) FOR YHE AP600 GESIGN On December 1,1993, representatives of the Nuclear Regulatory Commission (NRC) and Westinghouse Electric Corporation (Westinghouse) met to discuss the RAP for the AP600 design. is a list of attendees. is a copy of the slide presentation made by Westinghouse. The modifications to the slides represent the results of discussions with the staff during the meeting.

Westinghouse opened the meeting stating that they are looking for a staff conclusion that the process proposed by the applicant for implementing the RAP is an acceptable approach. They stated the goals of their design reliability assurance program (D-RAP) and discussed the inter-relationship of the D-RAP (during and after design certification) and their proposed guidelines for developing the operations reliability assurance program (0-RAP).

The designer explained its design approach for both safety-and non-safety-related structures, systems, and components (SSCs) and discussed its process for identifying and prioritizing risk-significant SSCs.

They described the role of the probabilistic risk assessment 'PRA) in the design process. At the end of the meeting, Westinghouse provided examples of how the RAP would be applied to safety-related and non-safety-related SSCs.

The staff indicated that Section 16.2 of the standard safety analysis report (SSAR) was not as complete as the staff requires. The staff indicated that several of the applicant's responses to its requests for additional information should be incorporated into this section of the SSAR. The staff indicated that information on the RAP should be provided in one location or references to other documents should be clearly indicated.

The staff indicated that it would begin discussing modifications to the SSAR using the January amendment as the starting point.

At the end of the meeting, Westinghouse stated that it would consider how to perform a priority ranking of SSCs. The staff requested Westinghouse to 060030 iMIC RM CMiHi09PY 9401110031 940104 PDR ADOCK 05200003 A

pop f

a January 4, 1994 provide such a listing and explain the methodology used to develop this list, including explaining how it is taking credit for the unique aspects of the i

design.

(Original signed by)

Thomas J. Kenyon, Project Manager Standardization Project Directorate Associate Directorate for Advanced Reactors and License Renewal, NRR

Enclosures:

As stated cc w/ enclosures:

See next page DISTRIBUTION w/ enclosures:

Docket File PDST R/F DCrutchfield-TKenyon PDR PShea DISTRIBUTION w/o enclosures:

RBorchardt RArchitzel FHasselberg.

KShembarger EJordan, 3701 JHoore, 15B18 WDean, EDO ACRS (11)

TPolich, 10A19 GPisanti i

/l, 0FC:

LA:PDF-D PM,

$T:ADAR SC:PDST:ADAR NAME: PShea TKer&on:tz RArchitzel

{/3 /9 12/y/93

/p/93 DATE:

0FFICIAL RECORD COPY: RAPSUM.TJK

o Westinghouse Electric Corporation Docket No.52-003 cc:

Mr. Nicholas J. Liparulo Mr. Victor G. Snell, Director Nuclear Safety and Regulatory Analysis Safety and Licensing Nuclear and Advanced Technology Division AECL Technologies Westinghouse Electric Corporation 9210 Corporate Boulevard P.O. Box 355 Suite 410 Pittsburgh, Pennsylvania 15230 Rockville, Maryland 20850 Mr. B. A. McIntyre Advanced Plant Safety & Licensing Westinghouse Electric Corporation Energy Systems Business Unit Box 355 Pittsburgh, Pennsylvania 15230 Mr. John C. Butler Advanced Plant Safety & Licensing Westinghouse Electric Corporation Energy Systems Business Unit Box 355 Pittsburgh, Pennsylvania 15230 Mr. M. D. Beaumont i

Nuclear and Advanced Technology Division Westinghouse Electric Corporation One Montrose Metro 11921 Rockville Pike i

Suite 350 Rockville, Maryland 20852 Mr. Sterling Franks U.S. Depart;aent of Energy NE-42 Washington, D.C.

20585 Mr. S. M. Modro EG&G Idaho Inc.

Post Office Box 1625 Idaho Falls, Idaho 83415 Mr. Steve Goldberg Budget Examiner j

725 17th Street, N.W.

Room 8002 Washington, D.C.

20503 Mr. Frank A. Ross U.S. Department of Energy, NE-42 Office of LWR Safety and Technology 19901 Germantown Road Germantown, Maryland 20874 4

i I

MEETING TO DISCUSS THE RELIABILITY ASSURANCE PROGRAM FOR THE AP600 MEETING ATTENDEES F

December 1, 1993 UAME AFFILIATION T. Kenyon NRR/PDST T. Polich NRR/DRIL/RPEB G. Pisanti NRR/PDST K. Shembarger NRR/PDST J. Wheeler DOE A. Sterdis Westinghouse T. Schultz Westinghouse C. Haag Westinghouse D. Trombola Westinghouse M. Canton Westinghouse i

j

. l 1

yrq WESTINGHOUSE ELECTRIC CORPORATION

'" {

PRESENTATION ON THE AP600 RciLIABILITY ASSURANCE PROGRAM TO UNITED STATES NUCLEAR REGULATORY COMMISSION

[

DECEMBER 1,1993 B

ro 0005als/1 1

y---

AP600 Reliability Assurance Program

_ [_]_

AGENDA Introduction D-RAP Process Overview Reliability / Availability in Design Process Identification of Risk-Significant SSCs RAP Treatment of Risk-Significant SSCs Design Procurement Operation PRA Unavailability Examples (Safety and Nonsafety)

Discussion 0005als/2

W3 l

INTRODUCTION AP600 D-RAP i

Maintain assumptions for SSC reliability in PRA Integrate reliability into design process l

Identify and prioritize risk-significant SSCs Establish realistic and achievable SSC reliability.

Provide consistency in SSC reliability for procurement Support COL development of the O-RAP

.s.i.a

_._.,a

~

e-

- ---+---:

an

RELIABILITY TRACKING m oo Plant availability and PRA evaluated separately a

Different failure modes Different plant goals Plant availability tracking Maintenance level based on component importance relative to plant performance goals Monitor component unavailability Assess impact on plant performance goals Adjust maintenance ievei to maintain plant performance PRA tracking Monitor component unavailability Assess impact on core melt frequency and large release frequency Adjust maintenance level to maintain plant risk goals 0006als/3 t

b COLLECT INiitAL SYSTEM INFO AND DEVELOP SYSTEM WODEL 4

INiilAL LWR PRA AV AIL ABtLIT Y 4

E XPERIE NCE EVALUAf TON ALLOC AilON psy,gw 1

I h

h RISM-SNLNtFtCANT AVAILA8ttif y -

LICENSE-RENEWAL-S SC'S RELATED SSC's RELATED SSC'S L__

D-RAP, DESIGN CERTIFICATION

'f D-RAP, POST-DESIGN CERTIFICATION RANMED CRiflC AL ITE MS LIST INTEGRATED PLANT WAtNTEMANCE WE THOOOLOG4ES e

9 RE COMME NDE D Pt AN T M AtNTEN ANCE PLAN O-RAP-4-

i; o

o o

y a

PR EDKilVE PREVE NitVE OUTAGE STAFFING SPARE PARTS PROCEDURES M AIN TE NJANCE M AIN TEN ANCE PLANNING LEVELS FROGRAM PROGRAM PROGRAM PROGRAM

. ~..

i+

i

~

k k

~.

q=

rE p

no i

t a

s re m

p e

t o

s y

l a

ss ts m

tny o

r C

o et e

n vf ea

,y r

s te o

e l

n be f

fan d

s v

n ot ai So e

e ors nbs i

i t e os s

vioC a

eta u

aa aS mr a l

t vr t

r oe t

v urS ep pp rp o

t e pi e f c pO s nlyev c pty ou r ol i

qo b

m

nia oe ae l

H i&

msot eu c ena me msp r

f e ms at os rv C

o r u t

t e seef n

o i o y&

f A

s c yt co ayo tf n

r sc nc ry O

ma Ssyot n n a eat e

ssl R

en ysf nm i

t e

en b dn si l

t P

st eygmtedo s a ee e u e

t yn ft n sn ml sf c P

Si aeinye i

t v

n a eeo aigspe eerb dnt A

a Sf t

yM es ri f nk ed vd"dardn sre l

f t

o yoc ous N

i l

i pn sel e pd e Sf nee i

r G

mi st ampep yeenze o

I it a ar ce tdii i

rl c

S Sc Picut u i

t s ud eiet mu f v E

u da e dt aops nd i

yr e

D eNnoeo Srxirie l t l

ta s pD" ONRN PEFMR 0

e n m

n 0

ro o

i 6

GC S-N-

5 P

ts le 5

A 00 0

i L

l

pq AP600 SAFETY DESIGN APPROACH Safety Systems Design Features

. Simplified system designs Significant design margins Verify by test / analysis program I

Redundancy to meet single failure criteria Redundancy / diversity to meet safety goals Hazard protection (seismic, fire, flood)

Safety Equipment Design Features Reliable / experience based equipment Improved inservice testing / inspection Reg Guide 1.26 Quality Group A, B, or C and Seismic I Qualified Equipment Short-term availability controls Tech Spec with shutdown requirements Reliability Assurance Program Tier I description and ITAAC e

0005els/6 I,

k

a a<

]

pr;qq AP600 NONSAFETY DESIGN APPROACH i

Nonsafety Systems Design Features Simplified system designs Redundancy for more probable failures Connections to the non-safety diesels j

Automatic actuation and controls Separated from safety systems Separation within NNS systems not required Non-Safety Equipment Design Features Reliable / experienced based equipment Reg Guide 1.26 Quality Group D Uniform Building Code, not seismic 1 i

Short-term availability controls (RTNSS) l Plant procedures w/o shutdown requirements r

Reliability Assurance Program l

l Less detailed Tier i description and ITAAC 0005als/F

V3 IDENTIFICATION OF RISK-SIGNIFICANT SSCs

-J Identify and Prioritize SSCs - Design Missions Safety-related missions Nonsafety-related SSCs with important RTNSS missions Nonsafety-related SSCs modeled in the PRA RAP Treatment Integrates design activities Three categories Design Procurement Operation 0005els,11 f...

=.

IDENTIFICATION AND PRIORITIZATION OF RISK SIGNIFICANT SSCS AP600 SSCs i

I Develop RAP treatment is the SSC safety-Yes based on the safety.

related function.

\\

No r

Develop RAP treatment s the SSC defin Yes as important by the based on the nonsafety-related RTNSS function.

RTNSS process?

)

2 No i

Develop RAP treatment is the nonsafety-Yes related SSC based on the modelled nonsafety-related function, modelled in the PRA?

No

+

Risk-significant RAP treatment not necessary

AP600 SAFETY DESIGN PROCESS 1

+

Integrated / lterative Design Process System specification documents (SSDs)

Safety, RTNSS, PRA, RAP requirements NRC regulations URD requirements Lessons learned i

Detailed design requirements for SSCs RAP analysis Safety analyses Design control SSAR, PRA, ITAAC treatment i

Testing Design certification (separate effects / integrated) l Equipment qualification Plant startup (design, SSAR, ITAAC)

Inservice (Tech Spec, SSAR, RAP) 0005els/10

p gg AP600 NONSAFETY DESIGN PROCESS Similar to Safety Design Process System specification documents (SSDs)

Safety, RTNSS, PRA, RAP requirements URD requirements Lessons learned Detailed design requirements for SSCs RAP analysis Best estimate performance analyses Design control SSAR, PRA, ITAAC treatment Testing Plant startup (design, SSAR, ITAAC)

Inservice (RAP)

^

ooosals/11 t

^

~

a R/A IN THE DESIGN PROCESS 1

RAM Analysis Evaluate SSC reliability and unavailability contribution Support for design improvement PRA Analysis Identify important PRA functions Initiating event / mitigation RTNSS process Component failure and maintenance unavailability data Historical data / rationale

.Supportfor design improvement SSCs Selection Incorporates Operating Experience l

Identify successful SSCs Identify design and reliability problems / improvements l

0005elst12

,1; t

1

t q

R/A IN PROCUREMENT PROCESS L

1 k

AP600 Equipment Classification Defined in SSAR.section 3.2 Safety SSCs; reg guide 1.26 class A, B, C, seismic I RTNSS / PRA; reg guide 1.26 class D, nonseismic Provide Design Information to Vendors Detailed engineering specifications for components More complete Identify.important design reliability assumptions Failure rates used in PRA / RAP Guidance not requirement t

Historical operating problems identified / addressed r

t 0005els/13

.I

png R/A IN PLANT OPERATION Provide Information for O-RAP Development Define R/A missions PRA unavailability data / assumptions Equipment failure rates Test frequency Maintenance Short-Term Availability Controls Tech Spec for safety SSCs Operating procedures for RTNSS SSCs Testing / inspection Plant startup Inservice Maintenance recommendations 0005als/14

t i

,hh[yEB t

,3*

r1 g

s s

t n

n o

a i

l t

P i

d g

n n

n o

o i

c t

it a

as g

c rt i

en n

f ri i

pa ot c

gs a

e dne Olp n r ie ep eit sg mp s

vs st a

)

sr an i

e o e

t s

t e

Ct srt v

a n et e i

v e r

r at l

Sr an a

r n

dnu Se eyr v

em dol e

s e aia i

pmhf e e S

nr t

e o

/

m ut f D

ou daf c

ait sd A

Cc ei n nr i

i f o o

f i Ss se

(

h) sr st as il nct s

eCinist pnn ue i

sS

,ewen a eieQi i

g t

t r

ve at rd USs v

e e et a n Dl a t

l i

n snt i

ssvf f

vo pm meis Y

maluie p

em nemn dnk T

ee t

ocm ao I

t gl pe L

sm,repeo Rcibis s

yak amhc edsouqA

/

IB Ss n eo d

r e c

er A

ysar cTe ul d pE R i

t t e a d gd P l

eSi L

eC f

i S e, h mwd Fedsiem at en i

I f

t A

asp eaRo t v r

V S

aao i

l prs ( M aeer r o

I t

e cr r A

es f

epr vo h

i ocpmPe r

N sM W-nOI i

oMI U

s s

t a

i A

P H

s n.

R as P

=

imo;;

EXAMPLE SAFETY-RELATED SSC 1"

Core Makeup Tank Discharge Isolation Valves l

Open to initiate RCS injection flow from CMT Safety-related valves that open on loss of power or air RAP Treatment Safety-related design requirements identified in SSAR Reg Guide 1.26 class A, seismic I Actuation by protection system (auto / manual)

PRA related requirements identified in SSAR Actuatbn by DAS (auto / manual)

Reliability information in procurement specifications ISI / IST confirm integrity and functional capabilities l

Technical specification for short-term availability. control included in ITAAC Included in RAP (valve unavail -> core melt frequency)

Maintenance recommendations 0005 ele /16 bi

[

8 l

EXAMPLE NONSAFETY-RELATED SSC (RTNSS) 1 Normal Residual Heat Removal Pump Provide RCS boundary during shutdown conditions Provide flow for shutdown decay heat removal Provide RCS injection post ADS to backup ADS l

RAP Treatment 1

Design requirements identified in SSAR Safety; pressure boundary reg guide 1.26 class C l

RTNSS; shutdown cooling with reduced RCS inventory PRA mitigation; RCS injection post ADS l

Actuation by control system (manual)

Reliability information in procurement specifications Operating surveillance teste confirm functional capabilities RTNSS based short-term availability controls for shutdown l

/ reduced inventory conditions i

l Less detailed ITAAC treatment Included in RAP (pump unavail -> core melt frequency)

Maintenance recommendations 0005 ele /17

.i!!!!7i!I EXAMPLE NONSAFETY-RELATED SSC (PRA) i 1

Startup Feedwater Pump Provide S/G feedwater flow for decay heat removal during anticipated events RAP Treatment Design requirements identified in SSAR PRA mitigation Reg guide 1.26 class D, nonseismic Actuation by control system (auto / manual)

Reliability information in procurement specifications Operating surveillance tests confirm functional capabilities No short-term availability controls Less detailed ITAAC treatment included in RAP (pump unavai! -> core melt frequency)

Maintenance recommendations 0006 ale /18

~ - ' ' ' '

...c-

j rry EXAMPLE NONSAFETY-RELATED SSC (PRA)

Condensate Pumps Provide feedwater flow to main feedwater pumps for normal power operation 1

RAP Treatment Design requirements identified in SSAR PRA initiating events Nonsafety-related equiprnent, nonseismic Actuation by ccatrol system (manual)

Reliability information in procurement specifications No short-term availability controls No ITAAC treatment Inc!uded in RAP (!ces "Pf! frequency -> core melt freq)

=

Maintenance recommendations 0005eleM9

-x.

. ~.

e ww.,

w

...--em..wa+.,e--

m-i CONCLUSION l

AP600 RAP Program Addresses NRC Criteria Identify.and prioritize risk-significant SSCs Identify significant design assumptions for SSC reliability and unavailability

~

Realistic and achievable Procurement process addresses reliability Design information to support COL O-RAP development q

I i

e

=

-