ML20136C473
| ML20136C473 | |
| Person / Time | |
|---|---|
| Site: | Crane  |
| Issue date: | 04/06/1979 |
| From: | Flynn W AFFILIATION NOT ASSIGNED |
| To: | NRC COMMISSION (OCM) |
| Shared Package | |
| ML20136C470 | List: |
| References | |
| NUDOCS 7909240594 | |
| Download: ML20136C473 (2) | |
Text
a L.*
C rriC E.
O*
OL"* MAN AN o FLYN N
............, ~,.... ~ev.
4i.. s ~........c... e ~. m e v. u =, ~ o
- 91. wcc6E Rivg. O n tv t FC., L.W D E N C.6 E 8PL O *' O.
33304 April 6, 1979 r.u..........<......
- = - ~. o s~. ~
....../..,...-
. ei.~ s.,r~~
....~...i.,,e..
.3 Nuclear Regulatory Commission Washington, D.C.
Gentlemen:
The accident in Pennsylvania indicates the need for more sophisticated controls in the reactor cooling systems.
My understanding from the newspaper accounts is that the emergency cooling system is merely a standby system which is called up to provide cooling water only in the event of a failure of the primary cooling system.
Some worker turned off a manual valve and this prevented the emergency cooling system from functioning at all.
Modern control systems for punch presses and other machines of that type are much more sophisticated.
They use paired, duplicate control elements (limit switches, relays, valves) to provide re-dundancy so that both control elements of a given pair must fail simultaneously for a dangerous malfunction to occur.
If just one control element of a particular pair fails, the =achine is stopped and cannot endanger the operator.
The various control elements are interconnected electrically so that the performance of each one is monitored throughout each cycle of operation.
Such press controls do not rely en a mere standby system which j us t sits there passively, doing nothing, until the primary control system fails.
Instead, they are based on the concept of active redundancv - every control element (which is duplicated by another in the system) is put through its paces during each cycle of operatio:
That is, each limit switch =ust open and close, each re).ay must be energired and de-energi::ed, and each valve cust cpen and close, at appropriate times in each operating cycle.
The basic philosophy is that the best assurance that a control element will perform properly l
the next time is the fact that it did perform the last time.
l l
i l
l l
79 a n46 5 9y
(
i
m
.........._....m.
e
'aw C 99' C E S CW oLTM AN AND FLYN N April 6, 1979 Nuclear Regulatory Commission OSHA has mandated " interrupted stroke protection" for press controls which reflect this philosophy.
I suggest that you consider whether some of these ideas might be transferred to the technology of nuclear reactor cooling.
If you are interested, I can put you in touch with an inventor / client who is an expert in the press control field and who, I am sure, would be agreeable to working with you on this very serious problem.
Very truly yours, OLTMAN AND FLYNN
^
V, lf V. Q.
f)
WilliamJ.Ffynn WJF:lh l
J p
,=.r.m
..-...m
.+----.e
--,.,,.. ~
..,-,or,,...yr..r-..m..cm,,,
.-.,m,rt+-
- -r
-t e rr v* n +a-