ML20216J153
| ML20216J153 | |
| Person / Time | |
|---|---|
| Issue date: | 06/26/1987 |
| From: | Randy Erickson Office of Nuclear Reactor Regulation |
| To: | King T NRC OFFICE OF NUCLEAR REGULATORY RESEARCH (RES) |
| References | |
| PROJECT-672A NUDOCS 8707020202 | |
| Download: ML20216J153 (4) | |
Text
t o MHTGR PSID PHYSICAL SECURITY JUN gg y MEMORANDUM FOR: Thomas L. King, Acting Chief Advanced Reactors Generic Issues Branch Division of Regulatory Applications, RES FROM: Robert A. Erickson, Chief Safeguards Branch Division of Reactor Inspection &
Safeguards
SUBJECT:
REVIEW OF MODULAR HTGR PRELIMINARY SAFETY INFORMATION DOCUMENT (PSID)
We have initiated a review of the Modular HTGR Preliminary Safety Infomation Document (PSID) relative to physical protection requirements of current 1
regulations, as well as with respect to the following portions of the Commission's Severe Accident Policy Statement [FR50:32141, August 1985]:
"The Commission also recognizes the importance of such potential contributors to severe accident risk as human performance and sabotage.
The issues of both insider and outsider sabotage threats will be carefully !
analyzed and, to the extent practicable, will be emphasized in the design and in the operating procedures developed for new plants."
The following comments need to be discussed with DOE and its contractors, bearing in mind the need to protect certain safeguards information in accordance with 10 CFR 73.21:
- 1) A description is needed of the design features that would make the MHTGR more inherently safe from radiological sabotage and ler.s dependent upon physical security systems for protection against such eabotage. l
- 2) Consideration should be given to protecting certain information from public disclosure in accordance with 10 CFR 73.21. This includes any figures that identify physical protection features not observable from outside of the protected area, lists or locations of safety-related l equipment explicitly identified in the documents as vital for the purposes of physical protection, and any vulnerabilities to sabotage.
- 3) While it is reasonable that physical protection equipment and organization l be an owner responsibility rather than a designer responsibility, it would i simplify licensing of sites if the identification of equipment to be protected as vital within the nuclear island, which is within the designer's scope, was standard, rather than utility specific. Please identify the systens and components (including piping runs and valve motor control centers), and their locations, within your scope that should be considered vital in the sense of 10CFR73.2(1). (This response should be j protected as Safeguards Information in accordance with 10CFR73.21.) i s 4) As some equipment within the nuclear island may be vita 3, consideration of the needs of vital barriers during building design could be beneficial, Consideration could be given in Chapter 6, Buildings and Structures, to /hf
, p-8707020202 87a626 PDR PROJ
({-}b)p ' i 672 PDR
MHTGR:PSID PHYSICAL SECURITY Thomas L. King 2 the regulatory position on physical barriers in Regulatory Guide 5.65, which could impact on design of some ducts and penetrations. Consideration should also be given to assuring that vital equipment (whether passive or active equipment) could not be damaged from outside of the vital area containing that equipment. Discussions of potential vulnerabilities should be protected in accordance with 10 CFR 73.21. j
- 5) Discuss which decay heat removal systems would have to be defeated to prevent mitigation of a loss of offsite power or other transient. How would this be affected by loss of cooling water to the diesel generators, or other loss of the service water system? Discussions of potential vulnerabilities should be protected in accordance with 10 CFR 73.21.
- 6) Discuss protection afforded against deliberate attempts to chemically i attack the core. Discussions of potential vulnerabilities should be protected in accordance with 10 CFR 73.21.
- 7) Sections 13.3.1.2 through 13.3.1.8 paraphrase 10 CFR 73.55 (b) through (h), respectively, except for sections 13.3.1.5, Detection Aids, and 13.3.1.7, Testing and Maintenance, which do not. Why were these sections treated differently?
- 8) Clarify whether or not the protected area is identical to the Nuclear Island boundary. Note that the Operations Center and Nuclear Island Warehouse buildings, which are not listed as part of the Nuclear Island, contain the boundary between the lesser security Energy Conversion Area (equivalent to what is often called owner controlled area) and the Nuclear Island security area and thus portions of those buildings should be considered to be in the protected area.
- 9) It is argued in section 1.3.2 that "the passive safety characteristics and slow response of the modular design provide a basis for not designating the control building as ' safety related'." Section 13.3.1.3 states that the reactor control room will be in the less secure Energy Conversion Area rather than in the Nuclear Island, yet states that it is to be bullet resistant. Should the bullet resistant requirement of 10 CFR 73.55(d) be retained if the control room is not vital for this reactor?.
- 10) Are there any acts of radiological sabotage that can be accomplished in the control building?
- 11) Locating both the Primary and Secondary Alarm Stations within the Operations Center, as described in section 6.2.7.1, could make it more difficult to assure "that a single act cannot remove the capability of !
calling for assistance or otherwise responding to an alarm." [10 CFR 73.55(e)(1))
- 12) References to " industrial sabotage" should be replaced with " radiological j sabotage," which is defined in.10 CFR 73.2(p). 1
- 13) Section 13.3.2, Interface with Nuclear. Island, states that the plant security system is supported by a dedicated security Uninterruptable Power Supply (UPS) which is backed up with a dedicated backup generator.
'J
' - MHTGR PSID PHYSICAL SECURITY
$(h 7 (f tW Thomas L. King 3 Figure 6.2-12, Operations Center Plan, indicates these are within the protected area portion of the Operations Center.
a) Confirm that this equipment will be'within vital areas within the protected area.
b) Will exterior lighting needed for security alarm assessment be supported by this security UPS or will ' security lighting be vulnerable to cutting of off-site transmission lines? Section 8.10.1.1, Lighting.
H System, does not show exterior lighting to be on emergency power.
c) Will the potential for electromagnetic interference (EMI) between Nuclear Island systems and security alarms on doors within the Nuclear Island be considered in design specifications?- ;
l
- 14) Section 13.3.1.3 states that access to vital equipment requires passage i through'at least two physical barriers. Confirm that this does not mean j two fences but rather that at least the vital area barriers will meet- ,
the definition of 10 CFR 73.2(f)(2).
- 15) One of the lessons learned about protected area access. control stations )
is the desireability of a designated place, segregated from personnel and :
package traffic, to conduct pat-down searches when necessary. The preliminary design in Fig. 6.2-12 may not be adequate in this regard. l 1
- 16) Secticii 6.2.7, Operations Center, infers that all security services are housed within the Operations Center building. Fig. 6.2-12 shows that an ,
arms room and security ready room are located there. Consider whether locating all the response weapons in this single location could facilitate interdiction of the site's armed response force.
- 17) 10CFR73.55(d)(8) discusses access to reactor containment where paragraph 8 of section 13.3.14 discusses access to "the reactor area".
a) Defiae "reacto r crea." Does this mean the Reactor Building described I in section 6.1.1? l b) Discuss whether the Reactor Building (or reactor area) structure would provide protection of its vital equipment equivalent to that provided'by containment buildings at PWRs and drywells at BWRs, giving particular attention to vent openings.
- 18) As promise.' at the May 28, 1987 meeting with DOE and its contractors, the following are cdditions to the list of NRC documents the contractor should consider to be applicable to MHTGR physical security:
a) Regulations:
10CFR50.34(d) and'(e) - security plans; 10CFR73.1(a )(1) - design basis threat; 10CFR73.2 - definitions; 10CFR73.21 protection of safeguards information; 10CFR73.70 - records; 10CFR73.71 - reports; 10CFR73 Appendix B - security personnel; ;
10CFR73 Appendix C - contingency plans.
[ i 4 .
i 1
.MHTGR PSID PHYSICAL SECURITY-g gg Thomas L. King 4 b) Regulatory Guides:
5.7 - entry / exit control for Protected Areas, Vital Areas; 3.12 - use of locks; 5.44 - perimeter intrusion alarm systems; 5,65 - vital area barriers and emergency access to vital areas.
c) Review Guidelines:
9
- compensatory measures for intrusion detection hardware outage; 10 power supply to security lighting; 13 - vital areas lacking two barrier protection; 15 package search; 16 protective measures for central and secondary alarm stations; 17 ' definition of vital areas; _
18 protected area control function in bullet resistant structure; 20 - explosives search.
d) NUREG Reports:
0178 - closed-cicuit television systems; CR-0509 - emergency power supplies; 0794 - protection of unclassified safeguards information; 0908
- acceptance criteria for evaluation of. security plans; CR-1142 - remote response mechanisms; CR-1327 - security lighting planning; CR-1467 - CAS/SAS work station design; CR-1468 - design concepts for independence of CAS and SAS Robert A. Erickson, Chief Safeguards Branch Division of Reactor Inspection &
Safeguards, NRR cc: Pete Williams,-RES DISTRIBUTION Jim Partlow PDR Brian Grimes Central (Files; Bob Erickson Branch rf Bob Dube Sect Subj File:
Loren Bush Advanced Reactor Licensing Barry Hendelsohn OFC: NRR/RSGB. :NRR/RSGB :NRR/R GB : :
NAME:BMen NIohn:RJDube : son: :
"" ~"" " "~ " " " " ~ "
DATE M
= OFFICIAL RECORD COPY