ML20101S829
| ML20101S829 | |
| Person / Time | |
|---|---|
| Site: | Vermont Yankee  |
| Issue date: | 01/31/1985 |
| From: | VERMONT YANKEE NUCLEAR POWER CORP. |
| To: | |
| Shared Package | |
| ML20101S824 | List: |
| References | |
| RTR-NUREG-0737, RTR-NUREG-737, RTR-REGGD-01.097, RTR-REGGD-1.097 NUDOCS 8502050660 | |
| Download: ML20101S829 (29) | |
Text
. ~ . ,
1 VERMONT YANKEE k~
NUCLEAR POWER CORPORATION - -
. RD 5. Box 169. Ferry Road, Brattleboro, VT 053o1 ,
y ENGINEERING OFFICE 1671 WORCESTER ROAD
- FRAMINGHAM, MASS ACHUsETTs 01701
- TELEPHONE 6t?472-4100 February 1, 1985 1 U.S. Nuclear Regulatory Comission
! Washington, D.C. 20555 Attention: Office of Nuclear Reactor Regulation Mr. Domenic B. Vassallo, Chief s
Operating Reactors Branch No. 2 Division of Licensing
References:
(a) License No. DPR-28 (Docket No. 50-271)
Letter, VYNPC to USNRC, FVY 83-30, dated April 19, 1983
- f. Letter, VYNPC to USNRC, FVY 83-85, dated August 4,1983 i
3 Letter, VYNPC to USNRC, FVY 83-90, dated August 12, 1983
) e Letter, USNRC to VYNPC, NVY 84-128, dated June 12, 1984,
" Issuance of Order Confirming Licensee Commitments on Emergency Response Capability" (f) Letter, VYNPC to USNRC, FVY 84-127, dated October 30, 1984, "NUREG-0737, Supplement I - Regulatory Guide 1.97" (g) EPRI Document NP-3701, dated September 1984 and entitled,
" Computer Generated Display System Guidelines"
Dear Sir:
Subject:
Safety Parameter Display System In previous correspondence [ References (b), (c), and (d)], Vennont Yankee provided an integrated plan and schedule for addressing the concerns detailed in NUREG-0737, Supplement I, " Requirements For Emergency Response Capability."
This overall integrated approach resulted in mutually acceptable program plans for the Emergency Operating Procedures, the Detailed Control Room Design Review, the Regulatory Guide 1.97 Assessment, and a new Emergency Response Facility. Each of these integrated tasks has provided meaningful contributions to the finalization of the Safety Parameter Display System (SPDS) design, the major features of which are described in the enclosed report.
At.the present time we have also completed an evaluation of the existing plant computer and its peripheral equipment for suitability to perfonn the SPDS task. Memory limitations, data trend, expansion, communication, Off-Line calculation, a lack of CRT Compatibility, and approaching computer obsolescense problems have been identified. It is our belief that SPDS and replacement of 8502050660 850201 PDR ADOCK 05000271 F PDR I
U.S. Nuclear R:gulatory Commission ,
F:bruary 1, 1985 g Pag 2 VEltMONT YANKEE NUCLEAlt POWElt CollPOltATION our plant process computer are dependent tasks which will share common com-ponents and must proceed concurrently. The existing General Electric supplied Honeywell GEPAC-4020 must be maintained available to support the plant through the next two refueling outages, but will be phased out in a series of equip-ment upgrades. Our overall schedule is to complete Phase I during the Refueling Outage in 1987 and complete Phase II during the 1988 Refueling Outage. The SPDS installation would be completed concurrent with Phase II.
As committed to in References (c) and (f), the enclosed functional Safety Analysis Report (SAR) provides the Vermont Yankee SPDS design approach, major safety functions and parameters and SPDS implementation schedule. We have elected to follow a design and procurement process similar to that presented inReference(g)andintendtointegratetheSPDSwithotherrelatedtasks, including NUREG-0737, Supplement I, the replacement of our plant process computer, and future scheduled plant outages. We believe we have established a schedule and program that is both reasonable and consistent with other utilities re-garding SPDS and plant process computer replacement.
.Should you have any questions on this matter we would be pleased to answer them.
Very truly yours.
VERMONT YANKEE NUCLEAR POWER CORPORATION x b Warren P Murphy I-Vice Pr sident and h)
Manager of Operations WPM /ss Enclosure
(
--mu+ma-mu.__..w...uw.%.+-sau-uw-..-~,.mm.--aaam._*__-m,*=-muu-.._-e.
4 e4 11 t*
o fh
~
O l, 4
I s .
i t~
FUNCTIONAL i
SAFETY PARAMETER DISPLAY SYSTEM (SPDS)
SAFETY ANALYSIS REPORT FOR O
VERMONT YANKEE NUCLEAR POWER CORPORATION l.
h' i
I:
- JANUARY 1985 t
?
i.
p' . ,
L t>
D TABLE OF CONTENTS
.i t
i.
t
1.0 INTRODUCTION
........................................ 1 .
A 2.0 DISPLAYS............................................
3.0 SPDS ALARMS......................................... 9 4.0 REP 0RTS............................................. 11 s.0 INS 1RUMeN1AT10N AND CON 1a0LS........................ 13 6.0 COMPUTER PROCESSING HARDWARE........................ 15
? 7.0 S0FTWARE............................................ 17 8.0 VERIFICATION AND VALIDATION......................... 19 9.0 SCHEDULES........................................... 21
{.
i.
(
O
--+ -4 - e ~ - - 4-i ,,
i -.;
1 e L t
I k
6 I
i SECTION 1.0 4
?
l INTRODUCTION i
f f
I 9
f-l s
a 4
I I
i-L t
i I -
1 l-t I
l l
4e-g'+-'e e e '-w - e- yem-rww -w wur e -e we w --*- w w e W w+er e,g-ev-m w m-W - vv www w-we-m+wv--wrw v w %-v-e re-e--g w wy-,yver-+-ew -- we -we - w e v -ve
~ . - - .
~y7 ~
1.0 INTRODUCTION
~f u :
The-primary purpose of the Ver.nont Yankee Safety Parameter Display System
~ (SPDS) will be to provide a concise display of Critical Safety function parame-ters -(CSE) to station operating personnel. The SPDS will graphically display plant variables and computer derived displays to operating personnel and aid k;, them to: reliably and rapidly determine the safety status of the plant. It will n be operated during both normal and abnormal plant conditions. However, the f, principal. purpose and function will be to aid personnel during abnormal and emergency l conditions. Control room personnel may use the displays to determine f
1: the plant status and assess whether abnormal conditions warrant corrective
{ action'to avoid core degradation. The SPDS is expected to fulfill the infor-
+ -mation requirements.for the Technical Support Center (TSC), and the Emergency L0ff-site Facility-(E0F) under construction in Brattleboro. The TSC will share the full- capabilities of the SPDS and have the ability to call-up the same pro-
- cess variable and display information as the control room. The EOF will be able to _ access-_ derived data on high speed peripheral printers but may not have CRT
- graphic _ displays. .
1
- 'Th'e SPDS design approach at Ver=cnt Yankee will be to monitor CSF parame-
'.ters derived from the BWR _0wner's Group (BWROG) Emergency Procedure Guidelines
[- l(EPG's),~ the-Vermont Yankee specific Er.ergency Operating Procedures (EOP's) and 2
the. integration ~of other concurrent NUREG 0737 mandated activities. Vermont Yankee has maintained a continuing dialogue with the USNRC_on progress in the
- matters of E0P's, Regulatory Guide 1.97, E0F siting plans, the completed TSC, the Detailed Control Room Design Review (DCRDR), and the Procedures Generation
. Package (PGP). Integration of all'of these ictivities will be factored into the
, :SPDS specification; activity.
The.SPDS will be designed to interact with existing signals within the control room, gather l data from diverse sources and present integrated cohesive video _ displays -which will aid operating personnel to track process events. The '
,SPDS will not-be designed for any control . function, but will be capable of moni-toring plant analog and digital signals, calculated value and time-trend plot idisplays. The information displays will _ be capable of tracking reactivity ~
p control, reactor core cooling and heat -removal, reactor coolant system integrity, radioactivity control and .drywell and secondary containment con-diticns. EThe SPDS design, in-concert with the E0P's,'will provide operating
[;6 ~ personnel with valid process information so they can concentrate on the resolu-p ition'of any unusual plant condition.- The control room Class IE electrical and
. electronic: equipment remain as the key displays and will remain as the only control / points available to the station operators. The SPDS will be available to the. Shift Engineers (STA's) to monitor overall plant conditions and to track Lthe plant response to the actions of station operators.
1
a -
"y' I J
- [-
- p. -
, i u -
.[' LSPDS' software and firmware available within the BWR0G will be evaluated and utilized. The BWROG display concepts modified to meet plant specific needs will dictate the programming efforts. A determination of these needs is currently in
- progress.
- , E The SPDS input sources will be predominantly Class 1E electrical safety
. circuits. The computer and most of its peripherals except the DAS signal input
! circuit isolation boards will be acquired from competent commercial sources of l
non-Class' 1E n'on-seismic. equipment. . Class 1E signals to DAS equipment inter-L faces.will be appropriately qualified. Manufacturers of the DAS I/O circuitry and cards will have to qualify their apparatus which interacts with plant Class 1E circuits to equipment qualification criteria imposed by Verinont Yankee.
t A duplicate display o[the Control Room SPDS will be located in the Technical Support Center (TSC). This will improve the operational aids available to the TSC staff and assist them in evaluating transient conditions Land providing -guidance and direction to the plant operating personnel. Al so ,
the Emergency Off-Site Facility (E0F) under construction'in Brattleboro will .
have access to the SPDS to meet information requirements via hard copy high .
- speed peripheral printern.
The SPDS will be designed to be an aid to operating personnel. All of the V;O parameters available for display on the SPDS are also located in the main control ' room. The existing control room instruments are the information sources the operator has'been trained to use. They are currently b'eing further verified
~by the E0P and DCRDR prograrn plans. The SPDS displays and trendingfcapabilities will assist the Shift. Supervisor in evaluating the adequacies of,his instruc-tions to;the operators. ,
The major features of the Vermont Yankee-SPDS are described in more detail in the following sections.
}: -
G h-
~ s i e f i un
- ) ~
p ;!
s <
l -
- [' . . . , , . . _ . - ..._._,.._a. N ,, __ , , _ . _ . . _ _ . _ _ , . , , , . ._
4 1-
_3 a-f*
i
.f.
O ;
d i SECTION 2.0 l DISPLAYS 3
4 3 ~~ l b
5 e
r e
1=
a 4
M #
4 :
{
[. .
.i
?
- ~ . ~ , _ . . . - _ _ _ . - _ . _ _ . - - . . . . , _ _ _ , . _ _ _ _ _ . _ . . _ . , _
. . . . . . _ _ _ _ _ _ _ , . _ _ _ _ _ . , . , _ , - _ _ . . - . , . . . . , ~ . . , . , . - . . . .
^- -
6 h
f Y
. 2.0 DISPLAYS ~ [-
/m V) :
The Vermont Yankee SPDS will be equipped with two or more color graphic display monitors. One or two will be located in the Control Room (CR) and one in the Technical Support Center (TSC). Each monitor will have a keyboard which instructs the SPDS to produce the desired display on that monitor. The SPDS will'also have connections which allow off-site access to SPDS information via hard copy high speed peripheral printers.
~
The Vermont Yankee SPDS will be specified with as many as thirty specific displays _ that are available at each of the color graphic monitors. Each one may be called up on any monitor. The SPDS displays will be designed to monitor CSF parameters derived from the BWROG Emergency Procedure Guidelines, the Vermont Yankee specific Emergency Operating Procedures, and the integration of other concurrent NUREG 0737 activities. A tentative listing of the displays is shown .
on Table 2.1. A similar listing of the process instrumentation signals, both Class 1E and non-1E sources is detailed in Table 2.2 and 2.3. These listings are subject to change as vendor selection and industry experience develop.
~
D.
G The SPDS displays may be either graphic in nature in the -form of X-Y axis displays with a time-history plot of CSF multiple parameter overlays or a graphical presentation of a single point time trend history. The displays will alert the viewer that an alarm status change has occurred. Acknowledgement of the altered signal status will be required to ensure the man-machine interface
-is transacted whenever an alarm condition occurs. It will be the design intent-to collect appropriate control room display data within the SPDS in t !amily of cohesive displays. The SPDS will be designed to be incapable of any process control tasks; - Control tasks remain at their present panel board ' locations.
Human factors engineering and task coordination will be prudently app' tied so -
coordinated SPDS information graphics and reports will enhance the operators
-tasks.
LVermont Yankee will acquire proven, user maintainable software program routines, so that future alteration is possible if it is required. The graphic displays may be direct or derived data displays which combine calculated input data sources into a special display. An example would be pressure-temperature reactor ; vessel conditions coupled with a steam table enthalpy calculated from a programmed algorithm. Rate of change alarms, preferred warm-up and cool-down metal temperature rates would be examples of calculation routines.
Ad r-r--m-s . . . , ..- . -- , -- ... e -r-**v--*w * -*
~ -
TABLE 2.1 d TENTATIVE f;p
. LISTING OF SPDS GRAPHIC DISPLAYS C' DISPLAY TITLE NOTE 1 1 RCS Summary -
12 Pressure vs Temperature -
'3 Emergency Operating Procedures -
.4 Trend Plot -
.5 RCS Integrity 111 b 6 Reactivity Neutron Flux i l:g 7 Residual Heat Removal 11 8 High Pressure Coolant Injection 11 9 Low Pressure Coolant Injection ii .'
- 10 Core Spray ii
[11 Standby Liquid Control i
- 12. Reactor Vessel Inventory 11 13 Primary Containment Integrity v 14 Secondary Containment Integrity -
l :15 Electric Supply 11 d:' 16 ' ~ Isolation Valve Status v 17 Traveling In-Core Probes, IRM, SRM, APRM i
~ l'8 Rod Control & Position i
. 19 Torus Conditions 11
('
7 20 Radioactivity: Steam Tunnel, -
Standby Gas, Coolant High Range Drywell, etc. iv 21'- 30 Unassigned
, NOTE: CFS designator- 1, 11,'111, iv, and v refer to NUREG 0737, Supplement
- 1,' paragraph 4.lf, Critical Safety Function Parameters. See Table 2.2 q( ) for inputs. .
TABLE 2.2 ,{.
(D
- \~' SPDS INPUTS
?
I REG. GUIDE 1.97: CATEGORY 1 AND 2 INSTRUMENTED PROCESS VARIABLES 3
-(i) REACTIVITY CONTROL Neutron Flux (ii) REACTOR CORE COOLING & HEAT REMOVAL RV Press RCIC Flow RV Lev HPCI Flow
- RV Ref Leg Temp Core Spray Flow ,
Torus ~ Press LPCI Flow
- Torus Wat. Temp SLC Press Torus Wat Lev SLC Lev
^
j: ~O Torus Air Temp RHR Flow PRI Relief ADS Pos RHR Ht.x Temp b') ~. PowerSource(s)
.(iii) REACTOR CCOLANT SYSTEM INTEGRITY Drywell Press Torus Wat Lev Drywell Sump Lev RCS Pressure I (iv) RADI0 ACTIVITY CONTROL Drywell Rad Standby Gas (v) CONTAINMENT CONDITIONS
[ - Drywell Press Drywell Temp Supp Pool Lev Supp Pool Temo PRI- CTMT Isol Val Pos Drywell Environ Temp Drywell Spray Flow
{ RCS Press PRI CTMT Press CTMT/Drywell 02 Conc CTMT/Drywell H2 Conc Supp Spray Flow l .-
O v _7
r TABLE 2.3 . jI
,.( .
\
SPDS INPUTS
-(Extracted from FVY 82-12, dated 2/12/82)
PARAMETER /No. OF CHANNELS APRM Power SRM Countrate .
IRM Percent Range Rx Water Level i Rx Pressure
! - Control' Rod Position Recirc Drive Flow A&B
~
- CRD Flow Feedwater Flow A&B Steam Flow .
- CST Volume F Torus Level
- RHR lbc Inlet /0utlet Temp. A&B
! Drywell Pressure
.-(~')
- ' - Drywell-Torus Delta Press Torus Water Temp Drywell Area Temp
- Reactor Bldg. Atmospheric Delta Press ARM'
. Stack Gas Flow Rate Off-Gas Flow Off-Gas Activity Stack Gas Activity
- Rx. Bldg. Ventilation Monitor Refuel Floor High Rad. ARM Containment Rad. Monitor Containment Act. Monitor Wind Speed Wind Direction Upper / Lower Delta Temp L Rx Temp. .Recirc Loop Inlet A&B j.
V v
O v-
-g .- .
l 4'
1, e 1 I
l SECTION 3.0 SPDS ALARMS l ..
a,.
4
-u l
5 e
e I
r k
L I
p f
l i
H.
k l
l' i
i I
t t
f
, - . - . - . . . . . - ,._ .. . , . . _ . _ . . - . . . - - . - ~ _ . . . . . . . . . - - - _ _ _ _ , _ . - . - - , . - - , - _ , , . . - .
- -. - -. ~ .- - - .
E
- ~
f.
3.0 SPDS ALARMS The major emphasis during the definition of the SPDS alarms will be to pro-vide an aid to the operating personnel and not a system that would compete with
-the control board instrumentation for their attention. Thus, a relatively small 1 number of parameters .are likely to be selected for alarm.
SPDS alarm setpoints will generally be set beyond those alarms at the control board or set for parameters that do not have existing main control board alarms. Thus, an alarm on ths SPDS might indicate the parameter had degraded
.-beyond the control board alarm setpoint and that any action an operator may have ,
taken upon-initiation of the control board alarm had apparently not been ade- .
- quate. The SPDS will provide a convenient way to add alarm capability.
-The alarm assignment is considered to be machine specific. When the machine specific operating environment and the capabilities for establishing
. y- alarm regimens is known,' listings and alarm value tables will be prepared.
Alarm setpoint change flexibility and authorization will also be provided.
t 5
9
(- / -
10-e y9*s ye d, g,-G- - , -g--s -, e,ca4m aep -
a g%---w+me vg- m----m. ,v cet- -*,,--gpWw-y--g- y--,- ,g-+ spt y #t*-e-.-mq yw yp e- -
9-
" ' A rpp-, e 9 .w'.,
i s
M.
CI :
T,
> s;
. i s
SECTION 4.0 h
REPORTS 4
i
'I as i
1 1
t d
e i
i l
a r
i 4
A 1
L 1
k l'
I l
L
m -
4.0 REPORTS The Vermont Yankee SPDS will be designed as an aid for the operating per-sonnel in their task of operating the plant. Hard copy terminals may be
. installed in the Control Room even though the trending capability of the color graphic monitors =will be suitable for normal and emergency activities. To pro-
. vide the capability to access the information stored in the SPDS, a hard copy terminal will-be installed in the adjacent Technical Support Center (TSC) in
. addition to a color graphic monitor. -Circuits' for interactive data will also be
~ connected to the Emergency Off-Site Facility under construction in Brattleboro.
A alpha-numeric " snapshot".of the raw data for selected process points can -
be; accessed at all printer terminals. Although the formatted handling of this data _is known to be machine specific, the-Vermont Yankee SPDS will require a minimum of four_ major printed reports as follows:
- 1. Signal'Value This report will list the current engineering value, units, point mnemonic, 17 . point description; and rate of scan for all existing SPDS input signals.
3 - . The current engineering values will be those at the one specific time 1
_ printed at the top of the report.
~
1 2. Critical Safety Functions A data report willibe available for any one of the five Critical Safety
- Functions (CSF): Reactivity, Coolant Inventory, Core Heat Removal,
' Radioactivity and Containment Integrity. Each report-will 11st the point ID number for the parameters in the CSF,.its current engineering value at-
.the time. printed in the heading, the units, mnemonic, description, and scan
-rate. The report will' also list each alarm for that CSF and the current engineering value.
- 3. Alarm P51ntis .
This report will . list the point ID number, time, current engineering value, mnemonic, and description for all. the existing SPDS alarms.
~
-4 ~ Point Scan Monitor b,
' This report will list the current time, current engineering value, units y and the' mnemonic for any single SPDS' parameter. The report will be con-
'tinuously updated 'at its designated scan rate thus giving a listing of the current values during the period of the~ report. .The highest and lowe-t-engineering values wil1 also be identified:as the report is printed.
L
'.* 7 ...w , , - . - ,r ,#, ...-,,_w._- m,,_..y.e--,ww-,,, ,,,n --,,,...,_ w w .m-+.,_.-~ _ ,,._e .m.m.__.,__,wm,r...m.
. m 2.a m A. L_.4 4_ , . A.,...A a
_._.,, a a n.Aam*_a .2_4.___A J.m.._ _er.y , ~ a esse f
.r o
SECTION 5.0 t;
4
- INSTRUMENTATION AND CONTROLS e
a
~e ~
O LO l
t l~
4
'a e
a i
l I
I F
- 13-
[]
-V 5.0 INSTRUMENTATION AND CONTROLS l ~The Vermont Yankee SPDS computer will have the capability to process both r analog and digital input signals, and will be designed with adequate spare capa-city. ' Some will originate from safety-grade instrumentation (see Table 2.1) and some fro,i non-safety grade instrumentation. Appropriate signal isolation and p signal conditioning will be applied to each input signal. The Final Safety Analysis Repcrt _(FSAR) will address the DAS I/O signal conditioning and signal isolation equipment. Specifically, the SPDS FSAR will:
o Describe the environs withstand capability of all devices (Qualification results).
o - Describe qualification test plan and results.
o Describe device level test methodology resulting in an evaluation to use
-- Q this DAS device (including perturbations, test severity, equipment con-
- (_) figuration, and diagrams).
O Describe results of planned tests.
- o State pass / fail criteria applied to test cycle (s).
o Provide engineering proof that safety grade Class 1E system equipment will not be affected by SPDS generated interference phenomena: EMI, RFI, common mode, electrostatic coupling or crosstalk.
E L
F
A 24- Mra-Gk---- -M mk. . . , -M.-,r & a 3-e* 4kJ,.m=4A 3.A-Wr m e m- 6 &- " a"u--aana Au s n----"--a 4A 4.4++= a--s_.za.-a,r,e- .=, . &,1.-- m
,y,g. sa w m _ s ,, a e,
Ci 4
+;
I SECTION 6.0 1
i b s
} COMPUTER PROCESSING HARDWARE 4
4
.i a t s
h i
l I
e i
5 a
2 e
G 6 L 6
l s
- 15-i I
y, -. ., g e-, -. ,,,--.-mmn,aw ,e
j
{
6.0 COMPUTER PROCESSING HARDWARE I
i i The performance capabilities of this equipment and the interactions between its. peripheral equipment is regarded to be machine specific. Details of system architecture and machine firmware protocols are not known at this time. The
. design-details for this section will be submitted with the Final Safety Analysis '
Report.
l e
10 E
l r
i l
I i 4
a i
i r.
i f.li
, 4
- i i
j.
i i
. i i.
i t 1 t
j SECTION 7.0
(
i SOFTWARE I a
t e
t-i a
l t
r t
i s
O ,
l-
?
I s .
I l' r -
r I
b e
l' P
h 4
1, k.
NO 1
l 1
1 I h
e f
I' f
l I
h k
+
7.0 SOFTWARE ~f
( ,
The software will consist of a real-time, multi-tasking operating system and integrated packages of application support software. The application sup-port software will consist of data acquisition, engineering units conversion, F alarming, data base, graphic displays and reports.
The operating system will be real-time, communication-oriented and capable of multi-tasking. The system will provide for inter-task communication and an error logging service which logs the time, type and location of all parity errors. It will allow user written programs to be compiled, assembled, and line-edited on-line. .
c A utility library will be provided which includes mathematical functions and executive services routines, including complete task control, I/O control, multiplex conversion, informational and conversion services callable from high level languages. .
! Program development and communication services will also be supported including:
o high and . low level graphics software for any display generator; o file utility processor for sequential and direct access files; o ' object library update; and L
p o utility job control procedure for software development.
. Diagnostic programs will be included to detect bit errors, peripheral-
" failures (both hard and soft)'and CPU-integrity. These programs will run con-
.tinually in the computer memory.
The.following design standards and practices will be used:
o standard software (i.e., readily available, general purpose) will be used whenever practical; t o system operation will be controlled by table structures whenever possible to maximize flexibility; and
( o. all codes will be documented with appropriate comments to the level of detail necessary to define the function being performed.
/]-
O .
6
i l
l 1
.=..
~
O :
SECTION 8.0 i.
3
} VERIFICATION AND VALIDATION 4
1 a
- O l
i.
t-1
'I a
i I
l 0 . . , - - . . . - . . - . . - - . . - - . . . . . - . . - - . . - _ . , _ . . - - - _ . - . _ - - . - . . . . . .
e:
4
. 8.0 VERIFICATION AND VALIDATION 'l Q.
M ~
Verification and' Validation (V&V) refers to the program applied during development and implementation of the SPDS that will ensure that the system
- being built does the right job and does the job right. The program will con-
. sider requirements ' reviews, design reviews, and validation testing and documentation.
~
Verification will involvb independent requirements review and design
- reviews. These reviews will consist of evaluating the following
- 1. Determination of human factors requirements for effective man / machine E interfacing. ,
- 2. Establishment of the SPDS hardware environment, including signal con-ditioning, signal isolation, computer hardware, software, power sour-ces and communications.
\/ 3. Definition of the SPDS inputs, outputs, and historical data base requirements.
- 4. . Determination if the right problem is being solved by the SPDS and if the SPDS is consistent with the Vermont Yankee Emergency Operating c
Procedures.
L F The objective of the verification ' reviews will be to compare the hardware p and software design against the SPDS and NRC requirements.
a r A validation testing effort will certify that the SPDS will operate in accordance with its design specifications. It will provide assurance that the i final system complies with the system requirements document through a testing f and evaluation process. The V8V program will be defined during the vendor contract negotiations and will be included in the SPDS Final Safety Analysis
, Report.:
The level- of V&V to be performed will be consistent with the view of the SPDS as a Control Room operational aid. It will be considered a surveillance tool designed primarily to assist the operator. Its function will not be essen-tial; for plant operation and it will not be a safety-related device.
-Q/
4.
L -
i 5
'N I IQ SECTION 9.0 SCHEDULES a
W
~ !
h
[
- [).
~s 9.0 SCHEDULES l
.In previous correspondence, Vermont Yankee has pledged to work closely with our NRC Project Manager in finalizing the specific detailed schedule for each of the NUREG 0737, Supplement 1, items. This cooperative effort has resulted in mutually acceptable program plans for the Emergency Operating Procedures, the Detailed Control Room Design Review, the Reg. Guide 1.97 Assessment, and a new Emergency Response Facility. Each of these individual 0737 tasks are currently on schedule and can now provide a meaningful contribution to the finalization of the~SPDS design.
We have evaluated the pr$sent plant computer and its peripheral equipment for suitability to perform the SPDS task. The existing computer performs a data acquisition system (DAS) function without any assigned control functions and
' limited calculation tasks on BWR software routines which monitor reactor fuel status. -. Memory limitations, data trend, expansion, communication, off-line ,
calculation, a lack of CRT compatibility and approaching computer obsolescence problems have been identified. We have determined that the present General Electric supplied Honeywell GE-PAC-4020 must be maintained available to sup-port the plant through the next two refueling outages, but will be phased out in O
v a series of upgrades utilizing equipment substitutions. Our present schedule is to complete Phase I during the refueling outage in 1987 and complete Phase II e
.during the 1988 refueling outage. The SPDS installation would be completed con-
} current with Phase II. Performance validation and verifications will be imposed on the new equipment as it is initialized and brought on-line. The computer itself will be replaced with a state-of-the-art host central processor unit and will be configured to support all the tasks now accomplished by the existing Honeywell computer. Additional DAS analog and digital signal conditioning I
input / output devices will support both the SPDS and the replacement process com-puter.
At the present time, Vermont Yankee is in the process of evaluating six proposals for qualified consultant assistance in pre-planning a comprehensive i
SPDS/ Process Computer Replacement design approach which proceeds from analysis of the end user's information needs. It is our intent to carefully and clearly
~ define what will- be required of the system from an operational or user prospec-tive prior to contract award including:
L o Who will use the system?
, .o What should the system do?
O o Where will the system be used?
o When will the system be used?
How can advantage be taken of other existing industry systems?
~
o o What lessons have been learned from others?
a
- j. .
(
r F
,3 .
%_)
Our previous experience as a member of the Northeast Consortium and direct communication with other utilities have indicated a priority need to identify all system functions, tasks and objectives early in the procurement process. We are aware of many others.who have attempted to contract and install a system
. without this pre-planning and, as a result: (1) have installed systems which simply did not work; (2) contracted with system suppliers who have since defaulted on those contracts; (3) were forced to renegotiate vendor contracts because of extensive system design changes; or (4) are now redesigning second generation systems because the original efforts and/or requirements were either premature or failed to adequately consider end user needs.
Vermont Yankee has electid to follow a procurement process similar to that presented in EPRI NP-3701, Computer Generated Display System Guidelines. We intend to integrate the SPDS system with the other in-progress 0737 tasks and future scheduled plant outages. It is also our belief that SPDS and replacement of our plant process computer are dependent tasks which share common components and must: proceed concurrently. We. believe we have established a schedule and program that is both reasonable and consistent with other utilities regarding SPDS ~and plant process' computer replacement.
' p L
7 m
(,) - .
y .-
% w_ - . - .
.__=m_ . . .- --- _m__. _
,- s
- v V SPDS/PC/ERF PROJECT SCHEDULE
/85 RFP Consult Services 3 3/85 Select Consultant g 1 9
7 5/85 Define SPDS/PC/ERF Objectives A 9 Implement E0P's g .f/85 DCRDR Report 4 77/85 ,
6 Requirements Document A 911/85 EOF Functional A 711/85 Recirc Pipe Outage L *f/86 g 3 System Specifications 72/86 SPDS Safety Analyses Report 4 7 7/86 6
4 78/86 Bid Process 0
Design, Construct & Install PC M# -V M-4 SPDS Installation Test & Validate b M /88
- W l,