ML20083M932
| ML20083M932 | |
| Person / Time | |
|---|---|
| Issue date: | 03/31/1984 |
| From: | Office of Nuclear Reactor Regulation |
| To: | |
| References | |
| NUREG-0800, NUREG-0800-07.1-R3, NUREG-800, NUREG-800-7.1-R3, SRP-07.01, SRP-7.01, NUDOCS 8404180395 | |
| Download: ML20083M932 (24) | |
Text
-_
7590-01 4
\\g t
U.S. NUCLEAR REGULATORY COMMISSION NUREG-0800
" STANDARD REVIEW PLAN FOR THE REVIEW OF SAFETY 1
i ANALYSIS REPORTS FOR NUCLEAR POWER PLANTS" NOTICE OF ISSUANCE AND AVAILABILITY REVISED SRP SECTION 7.1 AND APPENDIX A TO SRP SECTION 7.1, SECTION 7.5 AND SECTION 7.7 l
The U.S. Nuclear Regulatory Commission (NRC) has published a revision to Section 7.1, " Instrumentation and Controls - Introduction" and Appendix A to SRP Section 7.1, " Acceptance Criteria and Guidelines for Instrumentation and Control Systens Important to Safety"; Section 7.5, "Information Systems Important to Safety"; and Section 7.7, " Control Systems" of NUREG-0800,
" Standard Review Plan for the Review of Safety Analysis Reports for Nuclear Power Plants," LWR Edition (SRP).
The revision consists of SRP Section 7.1, Rev. 3; an appendix to this Section, Appendix A, Rev. 1; Section 7.5, Rev. 3; and Section 7.7, Rev.
l 3.
The revised SRP Sections incorporates the resolution of Generic Issues 45, "Inoperability of Instrumentation Due to Extreme Cold Weather."
The guidelines incorporated are not new requirements, they are a formalization
)
8404180395 840331.
PEHt NUREQ 0800 R PDR 1
7590-01 O
of existing criteria that were previously reviewed and approved in Regulatory Guide 1.151, " Instrument Sensing Lines" (which incorporates ANSI /ISA-567.02. All changes to the SRP Sections resulting from the resolution of this generic issue and a few editorial changes are identified by a line in the margin of the revised SRP section.
The revised SRP sections are effective immediately. A copy is expected to be available in the Public Docurrent Room within 2 weeks.
Copies of the revised SRP Sections or of the complete Standard Review Plan, NUREG-0800, Accession No. PD-81-920199, are available for purchase from the National Technical Information Service, 5285 Port Royal Road, Springfield, Virginia 22161; telephone (703) 487-4650.
Dated at Bethesda, Maryland this 23 day of March, 1984.
FOR THE NUCLEAR REGULATOR COMMISSION A
Harold R. Denten, Director Office of Nuclear Reactor Regulation l
l l
2
NU REG-0800 (Formsrly NUREG-75/087)
O
- paa'coq 7%
U.S. NUCLEAR REGULATORY COMMISSION Gg3j)' STANDARD REVIEW PLAN gw OFFICE OF NUCLEAR REACTOR REGULATION Standard Review Plan for the Review of Safety Analysis Reports for Nuclear Power Plants Section No.
7.1 Revision No.
3 Appendix No.
A to 7.1 Revision No.
1 Branch Tech. Position N/A Revision No.
N/A Date issued February 1984 FILING INSTRUCTIONS PAGES TO BE REMOVED NEW PAGES TO BE INSERTED PAGE NUMBER DATE PAGE NUMBER DATE Section 7.1 Section 7.1 7.1-1 Rev.2 July 1981 7.1-1 Rev.3 February 1984 Thru Thru 7.1-5 7.1-5 Table 7-1 to Section 7.1 Table 7-1 to Section 7.1 7.1-6 Rev.2 July 1981 7.1-6 Rev.3 February 1984 Thru Thru 7.1-10 7.1-10 Table 7-2 to Section 7.1 Table 7-2 to Section 7.1 7.1-11 Rev.0 July 1981 And No Change to Table 7-2 7.1-12 Appendix A to Section 7.1 Appendix A to Section 7.1 7.1-13 Rev.0 July 1981 7.1-13 Rev.1 February 1984 Thru Thru
)
7.1-21 7.1-21 The U.S. Nuclear Regulatory Commission s Standard Review Plan, NUREG-0000, prepared by the Office of Nuclear Reactor Regulation, is available for sale by the National Technical Information Service, Springfield, VA 22161, I.
NU REG-0800 (Formsrly NUREG-75/087)
/p no uq O*
!@j/y.7%
U.S. NUCLEAR REGULATORY COMMISSION i STANDARD REV EW PLAN 8
OFFICE OF NUCLEAR REACTOR REGULATION
\\..ve..o 7.1 INSTRUMENTATION AND CONTROLS - INTRODUCTION REVIEW RESPONSIBILITIES Primary - Instrumentation and Control Systems Branch (ICSB)
Secondary - None I.
AREAS OF REVIEW The instrumentation and control systems important to safety fall into the follow-ing categories and are addressed in detail in subsequent sections of Chapter 7 or other sections of the safety analysis report (SAR).
Protection Systems are those instrumentation and control systems which initiate safety action.s to mitigate the consequences of design basis events.
The protec-tion systems include the Reactor Trip System (RTS) discussed in Section 7.2 and the engineered safety features actuation system (ESFAS) discussed in Section 7.3 of the SAR.
Engineered Safety Features (ESF) Control Systems are those control systems which v
regulate the operation of ESF systems following their initiation by the protec-tion system.
The ESF control systems are discussed in Section 7.3 of the SAR.
Safe Shutdown Systems are those systems which must function to achieve and main-tain a safe shutdown condition of the plant.
The safe shutdown systems include those instrumentation and control systems which are used to maintain the reactor core in a subcritical condition and provide adequate core cooling to achieve and maintain both hot and cold shutdown conditions.
Safe shatdown systems are dis-cussed in Section 7.4 of the SAR.
Information Systems Important to Safety are those systems which provide informa-tion for the safe operation of the plant during normal operation, anticipated operationa-i occurrences, and accidents.
The information systems important to safety include those systems which provide information for manual initiation and control of safety systems, to indicate that plant safety functions are being accomplished, and to provide information from which appropriate actions can be Rev. 3 - February 1984 USNRC STANDARD REVIEW PLAN Standard review plans are prepared for the guidance of the office of Nuclear Reactor Regulation staff responsible for the review of applications to construct and operate nuclear power plants. These documents are made available to the public as part of the Commission's policy to inform the nuclear industry and the general public of regulatory procedures and policies. Standard review Cs plans are not substitutes for regulatory guides or the Commission's regulations and compliance with them is not required. The I
standard review plan sections are keyed to the Standard Format and Content of Safety Analysis Reports for Nuclear Power Plants.
(
Not all sections of the Standard Format have a corresponding review plan.
Published standard review plans will be revised periodical!y, as appropriate, to accommodate camments and to reflect new informa-tion and experience.
Comments and suggestions for improvement will be considered and should be sent to the U.S. Nuclear Regulatory Commission, Office of Nuclear Reactor Regulation, Washington, D.C. 20555.
taken to mitigate the consequences of anticipated operational occurrences and accidents.
During normal plant operation, the information systems important to safety provide information on the bypassed and inoperable status of safety systems.
Information systems important to safety are discussed in Section 7.5 of the SAR.
Interlock Systems Important to Safety are those systems which operate to reduce the probability of occurrence of specific events or to maintain safety systems in a state to assure their availability in an accident.
These systems differ from protection systems in that their safety action is taken prior to or to prevent accidents.
Interlock systems important to safety are discussed in Section 7.6 of the SAR.
Control Systems are those systems used for normal operation that are not relied upon to perform safety functions following anticipated operational occurrences of accidents, but which control plant processes having a significant impact on plant safety.
Control systems are discussed in Section 7.7 of the SAR.
Essential Auxiliary Supporting Systems are those systems that must function to assure the capability of the instrument and control systems important to safety to perform safety functions.
Heating, ventilation and air conditioning systems, electrical power systems, and cooling water systems are typical examples of essential auxiliary supporting systems.
Essential auxiliary supporting systems are discussed in other chapters of the SAR.
The instrumentation and control aspects of essential auxiliary supporting systems are addressed in the review of those SAR sections which discuss those systems.
To the extent that the operation of essential auxiliary supporting systems are initiated by the protection system, this aspect is included in the review of the protection systems in Section 7.2 or 7.3 of the SAR.
All other instrumentation and control systems important to safety such as fire protection, fuel handling, radiation monitoring, and control of essential auxiliary supporting systems are addressed in the review of other SRP sections which discuss these systems.
The review of Section 7.1 of the SAR includes the tabulation of instrumentation and control systems important to safety and the acceptance criteria and guidelines applicable to each of these systems.
The review also includes the identification
[
of those instrumentation and control systems important to safety that are identi-cal to those which have previously been reviewed by the staff and where the adequacy of these systems n based upon prior Commission approval.
The bases for prior approval includes the staff's evaluation of applications for construc-tion permits and operating licenses, preliminary and final design approvals for standardized plants, and topical reports.
l II.
ACCEPTANCE CRITERIA The General Design Criteria (GDC), which are provided in the Commission regula-tions, establish minimum requirements for the design of nuclear power plants.
IEEE Standard 279" Criteria for Protection Systems for Nuclear Power Generating Stations," is also incorporated in 10 CFR Part 50, 650.55a(h) of the Commission's regulations.
These criteria establish the necessary design, fabrication, con-struction, testing, and performance requirements for structures, systems, and components important to safety.
The structures, systems, and components important to safety are those that provide reasonable assurance that the facility can be operated without undue risk to the health and safety of the public.
7.1-2 Rev. 3 - February 1984
.. - - = - -..
l j
Regulatory guides amplify specific regulations, describe acceptable methods l
for meeting their requirements and provide guidance to applicants.
Industry codes and standards set forth requirements and recommended practices applicable to instrumentation and control systems for nuclear power plants.
These standards, j
as modified by the regulatory guides which endorse them, also provide acceptable l
methods for meeting the requirements of the regulations.
The acceptance criteria consist of the GDC and IEEE Std 279 which establish the Commission requirements for instrumentation and control systems important to l
safety. The regulatory guides and the endorsed industry codes and standards are the guidelines which are used as a basis for the evaluation of conformance to the requirements of the Commission's regulations.
Table 7-1, " Acceptance i
Criteria and Guidelines for Instrumentation and Control Systems Important to l
Safety" (Ref.1), lists the acceptance criteria and guidelines applicable to instrumentation and control systems important to safety which are included in j
the evaluation of these systems as addressed in Chapter 7 of the SAR.
TMI Action Plan requirements for instrumentation and control systems important to safety are identified in Table 7-2 (Ref. 2).
Other acceptance criteria which are applicable to instrumentation and control i
systems important to safety are not included when the evaluation of conformance to such criteria is addressed in the review of other SAR sections.
For example, GDC 3 " Fire Protection," is not included in Table 7.1 since conformance to the j
requirements of GDC 3 is addressed in the review of Section 9.5.1 of the SAR.
j Appendix A (Ref. 3) to this SRP section provides guidance on the applicability j
and review methods to be used in the evaluation of conformance to the accep h nce i
criteria and guidelines for instrumentation and control systems important to i
safety.
Appendix B (Ref. 4) to this SRP section provides guidance to be used in the evaluation of confonnance to the requirements of IEEE Std 279.
1 I
j III. REVIEW PROCEDURES I
The objectives of the review are to confirm that the instrumentation and control i
systems important to safety, addressed in Chapter 7 of the SAR, are identified with the appropriate acceptance criteria and guidelines applicable to each of l
these systems. This identification meets the applicable requirements of General i
Design Criterion 1, " Quality Standards and Records," of Appendix A of 10 CFR i
Part 50.
General Design Criterion 1 requires that, " Structures, systems and components important to safety shall be designed, fabricated, erected and tested i
to quality standards commensurate with the importance of the safety function to be performed." Therefore, the review should confirm that the SAR includes (1) a discussion regarding the applicability of each criterion and guideline 1
l for each system important to safety, and (2) a statement that the criteria and guidelines are implemented (OL) or will be implemented (CP) in the design of 1
instrumentation and control systems important to safety.
If exceptions are
{
taken to the guidelines, the review confirms that an acceptable basis has been l
provided for any exceptions.
)
The review of Section 7.1 of the SAR is performed as follows:
1.
The categories of systems important to safety included in the areas of review for Chapter 7 of the SAR provided above should be'used in assessing the completeness of the identification.
The' identification of instrumenta-i tion and control systems important to safety are reviewed to confirm that it is consistent with the design bases for safety systems as provided in'
[
other sections of the SAR, particularly in Chapters 5, 6, 8, 9, 10, and 7.1-3 Rev. 3 - February 1984
)
15, and in subsequent sections of Chapter 7.
The review of the systems identified is coordinated with the branches which have primary review responsibility for these systems.
2.
The acceptance criteria applicable to each of the instrumentation and control systems important to safety are reviewed to confirm that the appropriate criteria have been identified for each system.
Appendix A to this SRP section identifies the acceptance criteria applicable to the instrumentation and control systems important to safety and describes the method and scope of the review required to verify conformance.
3.
The guidelines applicable to each of the instrumentation and control systems important to safety are reviewed to confirm that the appropriate guidelines have been identified for each system.
Appendix A to this SRP section identifies the guidelines applicable to the instrumentation and control systems important to safety and describes the method and scope of the review required to verify conformance.
4.
When the applicant takes exceptions to the guidelines applicable to instru-mentation and control systems important to safety, the bases for such exception are reviewed to confirm that they are acceptable.
The bases for the exceptions to the guidelines must demonstrate that a significant reduction in the margin of safety does not result and that the exceptions do not result in nonconformance to the requirements of the acceptance criteria.
5.
The review includes those instrumentation and control systems important to safety that are identified as identical to systems that have been reviewed and approved by the staff.
The evaluation of these systems in subsequent sections of Chapter 7 may be based upon prior staff approval.
Where differences exist between prior approvals, they should be identified and the review should confirm that an adequate basis has been provided.
The review should include an evaluation of differences to confirm that they are acceptable.
IV.
EVALUATION FINDINGS The review confirms that sufficient information has been provided and that the
' review supports conclusions of the following type to be included in the staff's safety evaluation report (SER).
The applicant has identified the instrumentation and control systems important to safety and the acceptance criteria consisting of the General Design Criteria (GDC) and IEEE Std. 279, included in the Commission's regulations, which are applicable to those systems as identified in the Standard Review Plan (SRP).
The applicant has also identified the guidelines consisting of the regulatory guides and the industry codes and standards which are applicable to the systems as identified in the SRP.
(If exception to the guidelines has been taken by the a;.plicant an evaluation of the exception or a reference to the section of the SER which addresses those exceptions should be provided.) We conclude that the implementation of the identified acceptance criteria and guidelines satisfies the require-ments of GDC 1 with respect to the design, fabrication, erection, and testing to quality standards commensurate with the importance of the safety functions to be performed.
7.1-4 Rev. 3 - February 1984
4 V.
IMPLEMENTATION The following is intended to provide guidance to applicants and licensees g
regarding the NRC staff's plans for using this SRP section.
i Except in those cases in which the applicant proposes an acceptable alternative method for complying with specified portions of the Commission's regulations, 4
the method described herein will be used by the staff in its evaluation of f
conformance with Commission regulations.
Implementation schedules for conformance to parts of the method discussed herein are contained in the referenced regulatory guides.
VI.
REFERENCES 1.
Standard Review Plan Section 7.1, Table 7-1, " Acceptance Criteria and Guidelines for Instrumentation and Control Systems Important to Safety."
2.
Standard Review Plan Section 7.1, Table 7-2, "TMI Action Plan Requirements for Instrumentation and Control Systems Important to Safety."
3.
Standard Review Plan Section 7.1, Appendix A, " Acceptance Criteria and Guidelines for Instrumentation and Control Systems Important to Safety."
4.
Standard Review Plan Section 7.1, Appendix B, " Guidance for Evaluation of Conformance to IEEE Std 279."
5.
Standard Review Plan, Appendix 7-A, " Branch Technical Position (ICSB)."
1 i
I I
OV 7.1-5 Rev. 3 - February 1984 l
+
w
-+%<-
r
+y
STANDARD REVIEW PLAN TABLE 7-1 ACCEPTANCE CRITERIA AND GUIDELINES FOR INSTRUMENTATION AND CONTROL SYSTEMS IMPORTANT TO SAFETY The matrix of Table 7-1 identifies the acceptance criteria (denoted by "A")
and the guidelines (denoted by "G") and their applicability to the various sections of Chapter 7 of the SAR.
These acceptance criteria include the applicable General Design Criteria and IEEE Standard 279 which establish the Commission requirements for the instrumentation and control systems important to safety.
The guidelines for implementation of these requirements are provided in Regulatory Guides, the endorsed IEEE Standards and the Branch Technical Positions (BTP) of the Instrumentation and Control Systems Branch (ICSB).
The BTPs listed in this table are contained in Appendix 7-A to Chapter 7 of the SRP.
The guidelines are not mandatory and only set forth acceptable methods of implementing the acceptance criteria.
The branch technical positions (Ref. 5) are used when a particular design problem has an identified and acceptable solu-tion; they also are not mandatory.
In all cases, the primary basis for acceptance of the design is conformance to the acceptance criteria.
Industry standards that are not endorsed by regulatory guides or incorporated in regulations or branch technical positions, or that have not been previously used and accepted in the licensing process, must be reviewed before they can be accepted as a sole basis for approval of a design.
They are useful as guidance for identifying the subjects of importance to be considered in the review of the systems important to safety.
O 7.1-6 Rev. 3 - February 1984
_. ~. _ _ _..
1 ACCEPTANCE CRITERIA FOR INSTRUMENTATION AND CONTROL SYSTEMS IMPORTANT TO SAFETY - TABLE 7-1 CRITERIA TITLE APPLICABILITY REMARKS 1
t 7.1 7.2 7.3 7.4 7.5 7.6 7.7 1.
6 50.55a(h)
Criteria for Protection A
A i
Systems for Nuclear Power Generating Stations l
(IEEE Std 279) l 2.
General Design Criteria (GDC),
Appendix A to
-10 CFR Part 50 y
a.
GDC 1 Quality Standards A
l and Records i
- b.
GDC 2 Design Bases for A
A A
A A
i Protection Against Natural Pnenomena 4
c.
GDC 4 Environmental and A
A A
A A
]
Missile Design Bases i
d.
GDC 13 Instrumentation and A
A A
A A
I Control e.
GDC 19 Control Room A
A A
A A
A f.
GDC 20-Protection System
'A A
Functions
- Although not required by the Commission Regulations, the criteria of IEEE Std 279 address considerations such as design bases, redundancy, independence, single failures, qualification, bypasses, status indication and testing that are used as guidance, where appropriate, for systems addressed in these sections of the SRP.
Rev. 3 - February 1984 i
TABLE 7-1 (CONTINUED)
CRITERIA TITLE APPLICABILITY REMARKS 7.1 7.2 7.3 7.4 7.5 7.6 7.7 g.
GDC 21 Protection Systems A
A Reliability and Testability h.
GDC 22 Protection System A
A l
Independence
{
i.
GDC 23 Protection System Failure A
A Modes j.
GDC 24 Separation of Protection A
A and Control Systems
[-
k.
GDC 25 Protection System Require-A f,
ments for Reactivity Control Malfunctions 1.
GDC 29 Protection Against Antici-A A
pated Operational Occurrences 3.
Regulatory Guides (RG) a.
RG 1.22 Periodic Testing of Protection G
G G
G G
System Actuation Functions b.
RG 1.47 Bypassed and Inoperable Status G
G G
G G
Indication for Nuclear Power Plant Safety Systems c.
RG 1.53 Application of the Single-G G
G G
G See IEEE Std 379 Failure Criterion to Nuclear (ANSI N41.2)
Power Plant Protection Systems Rev. 3 February 1984 e
G G
7
)
)
(
)
J
/
Q,J TABLE 7-1 (CONTINUED)
CRITERIA TITLE APPLICABILITY REMARKS 7.1 7.2 7.3 7.4 7.5 7.6 7.7 d.
RG 1.62 Manual Initiation of Protec-G G
G G
tion Actions e.
RG 1.75 Physical Independence of G
G G
G G
See IEEE Std 384 Electric Systems (ANSI N41.14) f.
RG 1.97 Instrumentation for Light G
See ANSI /ANS 4.5 Water Cooled Nuclear Power Plants to Assess Plant Condi-tions During and Following an Accident g.
RG 1.105 Instrument Spans and Setpoints G
G G
G G
sa
(
h.
RG 1.118 Periodic Testing of Electric G
G G
G G
See IEEE Std 338 Power and Protection Systems i.
RG 1.151 Instrument Sensing Lines G
G See ANSI /ISA-567.02 4.
Branch Technical Positions (BTP) ICSB a.
BTP ICSB 3 Isolation of Low Pressure G
Systems from the High Pres-sure Reactor Coolant System b.
BTP ICSB 4 Requirements on Motor-Operated G
Valves in the ECCS Accumulator Lines c.
BTP ICSB 12 Protection System Trip Point G
G Changes for Operation with Reactor Coolant Pumps Out of Service Rev. 3 - February 1984
TABLE 7-1 (CONTINUED)
CRITERIA TITLE APPi.ICABILITY REMARKS 7.1 7.2 7.3 7.4 7.5 7.6 7.7 d.
BTP ICSB 13 Design Criteria for Auxiliary G
Feedwater Systems e.
BTP ICSB 14 Spurious Withdrawals of Single G
G Control Rods in Pressurized Water Reactors f.
BTP ICSB 16 Control Element Assembly (CEA)
G Interlocks in Combustion Engineering Reactors g.
BTP ICSB 20 Desihn of Instrumentation and G
Controls Provided to Accomplish
[
Changeover from Injection to 3
Recirculation Mode o
h.
BTP ICSB 21 Guidance for Application of G
G G
G G
BTP ICSB 22 Guidance for Application of G
G G
G G
BTP ICSB 26 Requirements for Reactor G
Protection System Anticipa-tory Trips Rev. 3 - February 1984 O
O O
STANDARD REVIEW PLAN i
TABLE 7-2 i
I TMI ACTION PLAN REQUIREMENTS FOR INSTRUMENTATION AND CONTROL SYSTEMS IMPORTANT TO SAFETY l
The matrix of Table 7-2 identifies the TMI action plan requirements and their applicability (denoted by "A") to the various sections of Chapter 7 of the SAR.
i Further clarification of the action plan requirements are provided in the referenced NUREGs.
4 I
4 i
t i
4 i
i i
i i
i 1
i 4
1 l
i 1
i i
I i
?
J
(
)
1 7.1-11 Rev. 0 - July 1981
. ~.
TMI ACTION PLAN REQUIREMENTS FOR INSTRUMENTATION AND CONTROL SYSTEMS ZMPORTANT TO SAFETY - TABLE 7-2 APPLICABILITY ITEM TITLE 7.1 7.2 7.3 7.4 7.5 7.6 7.7 NUREGs*
II.D.3 Relief and safety valve position indication A
0718, 0737, 0694 II.E.1.2 Auxiliary feedwater system automatic initiation and flow indication A
0718, 0737, 0694 II.E.4.2 Containment Isolation Dependability Positions (4), (6) & (7)
A II.F.1 Accident monitoring instrumentatinn Positions (4), (5), and (6)
A 0718, 0737, 0694 II.F.3 Instrumentation for monitoring accident conditions (RG 1.97, Rev. 2)
A 0718
[II.K.1 IE Bulletins
.21 Safety grade anticipatory trip Superceded by II.K.2.10 N
.23 RV level indication A
0694 II.K.2 Orders on B&W plants
.8 Auxiliary feedwater system upgrading Superceded by II.E.1.2
.9 FMEAonltheICS A
0718, 0737, 0694
.10 Safety grade anticipatory trip A
0718, 0737, 0694 II.K.3 Final recommendations, B&O Task Force
.1 Auto PORV isolation A
0737
.9 PID controller S
0737, 0694
.10 Proposed anticipatory trip modification A
0737, 0694
.12 Anticipatory reactor trio A
0737, 0694
.13 HPCI and RCIC initiation levels A
0718, 0737
.15 Isolation of HPCI and RCIC A
0737
.18 ADS actuation A
0718, 0737
.21 Restart of LPCS and LCPI A
0718, 0737
.22 RCIC automatic switchover A
0737
.23 Central water level recording A
0718
- NUREG-0718, " Licensing Requirements for Pending Applications for Construction
)ermits and Manufacturing License,"
NUREG-0737, " Clarification of TMI Action Plan Requirements," and NUREG-0694, "TMI-Related Requirements for New Operating' Licenses."
Rev. 0 - Jul 1
9 9
APPENDIX A STANDARD REVIEW PLAN SECTION 7.1 1
ACCEPTANCE CRITERIA AND GUIDELINES FOR INSTRUMENTATION AND CONTROL SYSTEMS IMPORTANT TO SAFETY The acceptance criteria and guidelines for instrumentation and control systems 1
important to safety are divided into two categories:
(1) Regulations including j
the General Design Criteria and IEEE 279 (paragraph 50.55a(h) of 10 CFR Part 50) and (2) Regulatory Guides (including endorsed industry codes and standards) and Branch Technical Positions.
For each criterion and guideline, a statement is provided on its applicability to the review of instrumentation and control systems.
Conformance to the requirements of GOC 1 is evaluated in the review of Section 7.1 of the SAR.
Conformance to the requirement of the remainder of the GDC applicable to instrumentation and control systems is evaluated on a system basis in the review of the system as described in SAR Sections 7.2 through 7.7.
Likewise, the degree of conformance to the guidelines provided in regulatory guides and industry codes and standards is evaluated on a system basis in the review of Sections 7.2 through 7.7 of the SAR.
Where exceptions are taken to the guidance provided by regulatory guides and endorsed industry codes and standards, they should be evaluated as a part of the review of the applicability of these criteria.
The evaluation findings should be provided as a part of the review of Section 7.1 of the SAR or the exception should be noted and a reference provided to the section where it is addressed.
i 4
Acceptance criteria and guidelines are not included herein when the primary review responsibility for these aspects of instrumentation and control systems V
are reviewed in accordance with sections other than Chapter 7 of the SRP.
1.
Regulations (General Design Criteria and IEEE Std 279) a.
Criterion 1 - Quality standards and records:
" Structures, systems, and components important to safety shall be designed, fabricated, erected, and tested to quality stand-ards commensurate with the importance of the safety functions to be performed. Where generally recognized codes and stand-ards are used, they shall be identified and evaluated to deter mine their applicability, adequacy, and sufficiency and shall be supplemented or modified as necessary to assure a quality product in keeping with the required safety function.
A.
i quality assurance program shall be established and implemented in order to provide adequate assurance that these structures, systems, and components will satisfactorily perform their safety functions.
Appropriate' records of the design, fabrica-tion, erection, and testing of structures, systems, and compo-nents important to safety shall..be maintained by or under the control of the nuclear power unit licensee throughout the life of the unit."
4 Applicability:
All instrumentation and control systems and components important to safety.
G/
7.1-13.
Rev. 1 - February 1984
Review Methods:
Regulatory guides and endorsed codes and standards applicable to instrumentation and control systems J
important to safety are identified in Section 2 of this Appendix. These guidelines provide the information required to determine their applicability.
The review of Section 7.1 of the SAR should confirm that the appropriate regulatory guides and endorsed standards are identified as applicable for each instrument and control system important to safety.
The evaluation of the quality assurance program and appro-priate records therefore are addressed in the review of Section 17 of the SAR.
b.
Criterion 2 - Design Bases for Protection Against Natural Phenomena.
" Structures, systems, and components important to safety shall be designed to withstand the effects of natural phenom-ena such as earthquakes, tornadoes, hurricanes, floods, tsunami, and seiches without loss of capability to perform their safety functions.
The design bases for these structures, systems, and components shall reflect:
(1) appropriate con-sideration of the most severe of the natural phenomena that have been historically reported for the site and surrounding area, with sufficient margin for the limited accuracy, quantity, and period of time in which the historical data have been accumulated, (2) appropriate combinations of the effects of normal and accident conditions with the effects of the natural phenomena, and (3) the importance of the safety functions to be performed."
~
Applicability:
All instrumentation and control systems and components important to safety.
Review Methods:
The design bases for protection against natural phenomena for instrumentation and control systems important to safety should be provided for each system in the subsequent sections of Chapter 7 of the SAR. The design bases should identify those systems and components which are qualified to survive the effects of earthquakes and other natural phenomena.
The review should confirm that the instru-ment and control systems important to safety are qualified for protection against natural phenomena consistent with the analysis of these events as provided in Chapter 3 of the SAR, and that they are located and housed in structures consistant with these requirements.
The evaluation of the adequacy of qualification programs to demonstrate the capability of instrumentation and control systems to withstand the effects of natural phenomena is l
addressed in the review of Section 3.10 of the SAR.
c.
Criterion 4 - Environmental and Missile Design Bases.
" Structures, systems, and components important to safety shall be designed to accommodate the effects of and to be compatible 7.1-14 Rev. 1 - February 1984
L with the environmental conditions associated with normal operation, maintenance, testing, and postulated accidents, including loss-of-coolant accidents.
These structures, O
systems, and components shall be appropriately protected against dynamic effects, including the effects of missiles, pipe whipping, and discharging fluids that may result from equipment failures and from events and conditions outside the nuclear power unit."
Applicability:
All instrumentation and control systems and components important to safety.
Review Methods:
The environmental and missile design bases for instrumentation and control systems important to safety should be provided for each system in subsequent sections of Chapter 7 of the SAR.
The design bases should identify those systems and components which are qualified to accommodate 4
the effects of environmental conditions and protected for dynamic effects of missiles, pipe whipping, and discharging fluids.
If systems or components are qualified to survive the environmental effects of postulated accidents for only finite periods of time, the bases for limited operability should be provided.
The review should confirm that the instru-ment and control systems important to safety are qualified to be compatible with the environmental effects of accidents consistent with the analysis of these events as provided in Chapter 15 and with the effects of missiles as provided in Chapter 3 of the SAR.
The evaluation of the adequacy of qualification programs to demonstrate the capability of instrumentation and control systems to accommodate the environmental effects of postulated accidents and missiles is addressed in the review of Section 3.11 of the SAR.
d.
Criterion 13 - Instrumentation and Control.
" Instrumentation shall be provided to monitor variables and systems over their anticipated ranges for normal operation, for anticipated operational occurrences, and for accident conditions as appropriate to assure adequate safety, includ-ing those variables and systems that can affect the fission process, the integrity of the reactor core, the reactor coolant pressure boundary, and the containment and its associated systems.
Appropriate controls shall be provided to maintain these variables and systems within prescribed operating ranges."
Applicability:
All instrumentation and control systems.
Review Methoos:
Regulatory Guide (RG) 1.97 provides guidance on conformance to GDC 13 for information systems important to safety.
RG 1.151 provides guidance on conformance to
(
GDC 13 for instrument sensing line as related to providing protection due to extreme cold weather.
The evaluation of
(-
conformance to this aspect of GDC 13 is addressed in the 7.1-15 Rev. 1 - February 1984 i
review of Section 7.5 of the SAR.
The evaluation of control systems to maintain system variables within prescribed oper-ating ranges is addressed in the review of Section 7.7 of the SAR.
e.
Criterion 19 - Control Room.
"A control room shall be provided from which actions can be taken to operate the nuclear power unit safely under normal conditions and to maintain it in a safe condition under accident conditions, including loss-of-coolant accidents.
Adequate radiation protection shall be provided to permit access and occupancy of the control room under accident con-ditions without personnel receiving radiation exposures in excess of 5 rem whole body, or its equivalent to any part of the body, for the duration of the accident.
" Equipment at appropriate locations outside the control room shall be provided (1) with a design capability for prompt hot shutdown of the reactor, including necessary instrumenta-tion and controls to maintain the unit in a safe condition during hot shutdown, and (2) with a potential capability for subsequent cold shutdown of the reactor through the use of suitable procedures."
Applicability:
The control room and instrumentation and control systems important to safety.
Review Methods:
RG 1.97 provides guidance on conformance to GDC 19 for information systems provided in the control room from which actions can be taken to operate the unit safely.
The evaluation of conformance to this aspect of GDC 19 is addressed in the review of Section 7.5 of the SAR.
The evaluation of plant control systems used during normal opera-tion is addressed in the review of Section 7.7 of the SAR.
The adequacy of the human factor aspects of the control room design is addressed in the review of Chapter 18 of the SAR.
The evaluation of the habitability aspects of GDC 19 with respect to radiation protection is addressed in the review of Section 6.4 of the SAR.
Guidance does not exist to specifically define indication and controls features which should be provided at appropriate locations outside the control room.
Guidelines for the review of remote shutdown capabilities are provided in SRP Section 7.4.
The evaluation of conformance to this aspect of GDC 19 is addressed in the review of Section 7.4 of the SAR.
f.
Criterion 20 - Protection System Functions.
"The protection system shall be designed (1) to initiate auto-matically the operation of appropriate systems including the reactivity control systems, to assure that specified accept-7.1-16 Rev. 1 - February 1984
able fuel design limits are not exceeded as a result of i
anticipated operational occurrences and (2) to sense acci-O-
dent conditions and to initiate the operation of systems and components important to safety."
Applicability:
The protection systems:
reactor trip system l
(RTS), engineered safety features actuation system (ESFAS).
Review Method:
Chapter 15 of the SAR provides the bases for protective system functions for anticipated operational occurrences and accidents.
The evaluation of conformance to GDC 20 is addressed in the review of Sections 7.2 and 7.3 of the SAR.
g.
Criterion 21 - Protection System Reliability and Testability.
"The protection system shall be designed for high functional reliability and inservice testability commensurate with the safety functions to be performed.
Redundancy and independence designed into the protection system shall be sufficient to assure that (1) no single failure results in loss of the pro-tection function and (2) removal from service of any component or channel does not result in loss of the required minimum redundancy unless the acceptable reliability of operation of the protection system can be otherwise demonstrated.
The protection system shall be designed to permit periodic testing of its functioning when the reactor is in operation, including a capability to test channels independently to determine O,
failures and losses of redundancy that may have occurred."
Applicability:
The protection systems:
Review Methods:
See RGs 1.22, 1.47, 1.53, 1.118 and IEEE Stds 338 and 379 below.
The evaluation of conformance to GDC 21 is addressed in the review of Sections 7.2 and 7.3 j
of the SAR.
h.
Criterion 22 - Protection System Independence.
"The protection system shall be designed to assure that the j
effects of natural phenomena, and of normal operating, main-tenance, testing, and postulated accident conditions on redundant channels do not result in loss of the protection function, or shall be demonstrated to be acceptable on some other defined basis.
Design techniques, such as functional l
diversity or diversity in component design and principles of operation, shall be used to the extent practical to prevent loss of the prot'ection function."
Applicability:
The protection systems:
Review Methods:
See RG 1.75 and IEEE Std 384 below.
The evaluation of conformance to GDC 22 is addressed in the review of Sections 7.2 and 7.3 of the SAR.
LJ i
7.1-17 Rev. 1 - February 1984
i.
Criterion 23 - Protection System Failure Modes.
"The protection system shall be designed to fail into a safe state or into a state demonstrated to be acceptable on some other defined basis if conditions such as disconnection of the system, loss of energy, (e.g., electric power, instrument air), or postulated adverse environments (e.g., extreme heat or cold, fire pressure, steam, water, and radiation) are experienced."
Applicability:
The protection systems:
Review Methods:
RG 1.70, " Standard Format and Content of Safety Analysis Reports for Nuclear Power Plants," states that an analysis should be performed to demonstrate confor-mance to the requirements of the GDC.
Conformance to the requirements of GDC 23 is addressed in the review of Sections 7.2 and 7.3 of the SAR.
j.
Criterion 24 - Separation of Protection and Control Systems.
"The protection system shall be separated from control systems to the extent that failure of any single control system com-ponent, or channel, or failure or removal from service of any single protection system component or channel which is common to the control and protection systems leaves intact a system satisfying all reliability, redundancy, and independence requirements of the protection system.
Interconnection of the protection and control systems shall be limited so as to assure that safety is not significantly impaired."
Applicability:
The protection systems:
Review Methods:
Requirements related to control and protection system interaction are given in Section 4.7 of IEEE Std 279.
Conformance to the requirements of GDC 24 is addressed in the review of Sections 7.2 and 7.3 of the SAR.
k.
Criterion 25 - Protection System Requirements for Reactivity Control Malfunctions.
"The protection system shall be designed to assure that speci-fied acceptable fuel design limits are not exceeded for any single malfunction of the reactivity control systems, such as accidental withdrawal (not ejection or dropout) of control rods."
Applicability:
The reactor trip system and reactivity control system interlocks identified in Chapter 15, if required, to l
assure that specified acceptable fuel design limits are not exceeded for any single malfunction of the reactivity control systems.
i O
7.1-18 Rev. 1 - February 1984
Review Methods:
Chapter 15 of the SAR provides the bases for the protection system and reactivity control system inter-locks.
Section 7.7 should provide an evaluation of failures (m) in the reactivity control systems.
The evaluation of confor-N_/
mance to the requirement of GDC 25 is addressed in the review of the reactor trip system in Section 7.2, and in the review of reactivity control system interlocks in Section 7.7 of the SAR.
See BTP ICSB 14.
1.
Criterion 29 - Protection Against Anticipated Operational Occurrences.
"The protection and reactivity control systems shall be designed to assure an extremely high probability of accomp-lishing their safety. unctions in the event of anticipated operational occurrences."
Applicability:
The protection systems and reactivity control systems.
Review Methods:
Conformance to requirements of GDC 29 is concluded based upon conformance of the protection system and reactivity control systems to the above applicable GDCs.
Probabilistic reliability assessments may be performed by the Commission to provide a basis for development of deter-ministic criteria for specific systems.
However, the review of these systems will address conformance to the deterministic criteria so established.
Conformance of the reactivity control systems to GDC 29 is addressed in the review of s
Section 7.2 of the SAR.
%./
m.
IEEE-279, Criteria for Protection Systems for Nuclear Power Generating Stations (10 CFR Part 50, 9 50.55a(h)).
Applicability:
The protection systems:
Review Methods:
Appendix B to SRP Section 7.1 provides guidance for the evaluation of conformance to the requirements of IEEE Std 279, including the applicable regulatory guides as noted in Item 2 below.
2.
Regulatcry Guides (including endorsed industry codes and standards) and Branch Technical Positions, a.
RG 1.22, " Periodic Testing of Protection System Functions."
Applicability:
The protection systems:
Review Methods:
Provides bases for evaluating conformance to GDC 21 and IEEE Std 279, Sections 4.10 through 4.13.
b.
RG 1.47, " Bypassed and Inoperable Status Indication for Nuclear Power Plant Safety System."
/7
(
)
Applicability:
All instrumentation and control systems which perform a safety function.
u-7.1-19 Rev. 1 - February 1984
Review Methods:
Provides a bases for evaluating conformance to GDC 21 and IEEE Std 279, Section 3.14 for protection systems.
Provides a bases for evaluating the adequacy of bypass and inoperable status indication for instrumentation and control systems important to safety as addressed in the review of Section 7.5 of the SAR.
c.
RG 1.53, " Application of the Single-Failure Criterion to Nuclear Power Plant Protection Systems."
(Endorses IEEE Std 379, " Guide for the Application of the Single Failure Criterion to Nuclear Power Generating Station Protection System.")
Applicability:
The protection systems:
Review Methods:
Provides a bases for evaluating conformance to GDC 21 and IEEE Std 279, Section 4.2.
d.
RG 1.62, " Manual Initiation of Protection Action."
Applicability:
The protection systems:
Review Methods:
Provides a basis for evaluating conformance to IEEE Std 279, Section 4.17.
RG 1.75, " Physical Independence of Electrical Systems."
e.
(Endorses IEEE Std 384, " Criteria for Separation of Class 1E Equipment and Circuits.")
Applicability:
All instrumentation and control systems impor-tant to safety.
Review Methods:
Provides a basis for evaluating conformance to GDC 21 and IEEE Std 279, Section 4.6 for protection systems.
Provides a basis for evaluating the adequacy of instrumenta-tion and control systems important to safety which incorporate redundant or diverse features to satisfy the single failure criterion.
The ICSB evaluation is limited to the review of components and electrical wiring internals to racks, panels, and control boards for systems important to safety.
The evaluation of the physical separation of electrical cables is addressed in the review of Chapter 8 of the SAR.
f.
RG 1.97, " Instrumentation for Light-Water-Cooled Nuclear Power Plants to Assess Plant and Environs Conditions During and Following an Accident."
Applicability:
Information systems important to safety.
Review Methods:
Provides a basis for evaluating conformance to GDC 13.
The ICSB evaluation is limited to the review of instrumentation for monitoring plant conditions.
The evalu-ation of instrumentation for monitoring environs conditions and radiation monitoring systems are addressed in the review of other sections of the SAR.
I i
7.1-20 Rev. 1 - February 1984
g.
RG 1.105, " Instrument Spans and Setpoints."
t Applicability:
The instrumentation and control systems 4
- \\g important to, safety.
Review Sethods:, 'Provides a basis for evaluating conformance to GOC 13 and IEEE Std 279, Section 3.
i t
h.
RG 1.118 " Periodic Testing of Electric Power and Protection Sys tems."'
(Endorses'IEEE Std 338, " Criteria for Periodic Testing of Nuclear Power Generating Station Protection
]
Systems.")
l Applicability: The protection system:
ReviewMethods:/ Prev ~idesabisisfor,evaluatingconformance l
to GDC 21 and IFEE Std 279Maction 4.16.- The ICSB evalua-tion is limited to Tne review of testing'of protection systems. 1he evaluation of testing'of electric power systems 1
is addressed in the review of Chapter 8 of the SAR.
~
j i.
RG 1.51, " Instrument Sens'ingIires."' (Encl $sures ANSI /ISA-567.02,"'Nucleai.Safwty R41ated Iristrument Sensing Line Piping and Tubing Standard for the in Nuclear Power 1
l Plants.")
/
r
^
Applicability:
Safety related instrument,seniing lines.
3 l
\\
Review Methods:
Provides a bas'is for evaluating conformance
)
to GDC 13.
The ICSB evaluation should be based on meeting
^
the guidance provided in Regulatory Position 5 of the guide.
j.
Branch Technical Positions (BTPs).
8
')
s.
AppIlcability: As noted in the BTPs in App'endix 7-A of the I
SRP.
/
l Review Methods:
The BTPs provide bases for evaluating specific i
problem areas as identified in,tb B1Ps.
y
~t 1
e 4
4
~
e
- e s
s as
/
,7 7.1-21','. "f.
Res."1 - February 1984 L
n.
6
/
- i Os ~ a,<..,-.. r,o c.-.......,
..c o..
3.
v i sva.., w., u.. cc.... 0, 3,
NUREG-0800 BIBLIOGRAPHIC DATA SHEET
/
(
, i
...-.7 4 A t CsPet ACCTS $ SON huu.ta Toft t.ND $v.f iftt Standard Revies Plan for the Review of Safety Analysis
/
Reports for Nuc 'ar Power Plants. LWR Edition.
o a'r e Pc,a r cOvn t it o U'984
'~
Revision No. 3 to ection 7.1 rch l
fo.i t..,Oa,,isut o
. tvi 0ais, j,t.a
.O ~ i.,
March 1984 9 PMOJE C T # 1.SE 4v0AE UNIT NUU.t M 3 Pt M8 OmMING ORG ANilaT 80% N AMt.ND Mai NG ADDatt 51 narsee /.e ce*,
Office of Nuclear Reactor egulation io * '~ ~ue.i a U. S. Nuclear Regulatory Co. ission
!!ashington, D. C.
11 SPONSOM+%ta ORGa%il AfiON maut a%o wa LeNG.cout s r,ieg,e. /, cos.,
l ).
Tvra 0,alPOmf Guide same as above ii...00cO,ta.on e.,,,,
13 SUPPLtwe %f ARY NOf f t Revision 3 to Section 7.1, Rev. I to Appen A," Acceptance Criteria and Guidelines for
-dqgt,rg, gig,tjgg and CentM-Systc= !mport> t-to Safety" l
l Revision No. 3 to Section7.1 of the tan d Review Plan incorporates changes that have been developed since the original i suance n July 1981.
This revision incorporates the resolutinn of r,eneric Issues 45, "I operabili of Instrumentation Due to Extreme Cold 'fcather."
i w... -- o s., a im u. ~,. ~. 6,...
... u.u
.,,0..
instrumentation contro1 systems l
I
.,..,c,va...,,c
.....c..,0.
- i. ~o
... O...
...t.i.........,
, uncTassi fied Unlimited
,,,,c.o.,,.,.,,,,,,,,,,,,,,,,,
,,,,,,c, n..
,