Summarizes 870618-19 Meetings W/Doe,Ornl & BNL to Review Listed Sections & Chapters from Modular HTGR Preliminary Safety Info Document.List of Meeting Attendees,Agenda,Action Items & Clarifications & Physical Security Requirement Encl

ML20235G205
Person / Time
Issue date:	07/06/1987
From:	Morris B NRC OFFICE OF NUCLEAR REGULATORY RESEARCH (RES)
To:	Gavigan F ENERGY, DEPT. OF
References
PROJECT-672A NUDOCS 8707140155
Download: ML20235G205 (20)
v • d • e

Text

-- __ _ ._- . _ . _ _ _ _ - _ _ _ . _ _ _ _ _ _ _ _ _ _ - _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

BUL 0 6 XEN Mr. Francis X. Gavigan, Director Office of Advanced Reactor Programs j Office of Nuclear Energy 2 U. S. Department of Energy Washington, DC 20545

Dear Mr. Gavigan:

On June'18 and 19, 1987, members of the NRC staff and its contractors from ORNL and BNL met with representatives of DOE and its contractors to review the following sections and chapters from the Modular HTGR Preliminary Safety Information Document (PSID), Project 672: Section 10.15, "Startup and Shutdown System," Section 11.1, " Radionuclides Design Criteria," Chapter 15,

" Safety Analysis," and Chapter 17, " Quality Assurance." Also several other topics were reviewed and discussed which were: (1) the Safety Classification of Structures, Systems and Components (2) the Regulatory Technology Develop-ment Plan (3) preliminary results of independent analyses by NRC contractors, (4) a preliminary NRC contractor assessment of the MHTGR PRA, and (5) plans for the consideration of accident events beyond the design basis. The list of attendees and agenda are given in Enclosures 1 and 2, respectively. The Action Items and Clarifications (including requests for additional information) resulting from this meeting are given in Enclosure 3. Your response to these items is required by July 31, 1987, in order for us to maintain our current review schedule. Our questions and requests for additional information on Physical Security Requirements, as indicated in Coment 13-3, are given in Enclosure 4. Please let us know when you will respond or be prepared to discuss these.

One item of major the preliminary concern resulting assessment providedfrom thereviewers by our meeting w(as staffthe andimplication of consultants) on the MHTGR Probabilistic Risk Assessment (PRA). Based upon the review to date it is not clear that the confidence in the PRA results is high enough to enable us to concur with the many key positions for which you are proposing the PRA be used as the basis. This suggests that perhaps a more deterministic set of criteria should also be considered for the MHTGR with the PRA used to supplement the review, but not relied upon as the sole basis for decision making. We will be prepared to discuss this further at our next meeting on July 15-16, 1987.

/

{

4 8707140155 870706 _

6f2 PDR

- /

JUL 0 a 1987 1.

l. -2 If you have any questions please do not hesitate to contact Dr. Peter Williams, the Project Manager for Project 672. ,

Sincerely, Bill M. Morris, Director Division of Regulatory Applications

, Office of Nuclear Regulatory Research 1

Enclosures:

1. List of Meeting Attendees

2. Agenda 3.' Action Items and Clarifications

4. Physical Security Requirements l

l cc: D. Mears, GCRA A. Millunzi, DOE O

OFC :ARGIB:DRA ,4ARGIB:DRA :ARGIB:DRA :DD:DRA :D:DRA .:  :

...__: ........._ 4 ..{./........  :. .

.:. .:. g g _..: .... 7...:._____.....:...........

NAME :PWilliams:sm:JWilson :T i g :ZRosztoczy :BMor  :  :

5/M/87 DATE :  : \f; Ac.; /87 : '? / / /87  :' /4 /87 :7 / 2-/87  :  :

OFFICIAL RECORD COPY

_ _ . - _ . _ - .-.-..____.m_--m-

Enclosure 1, Part A Attendees NRC/ DOE Meeting on MHTGR ,

June 18, 1987 l

P. M. Williams NRC/RES/ARGIB 492-9613 Ralph Landry NRC/RES/ARGIB 492-4914 Thomas L. King NRC/RES/ARGIB 492-7014 Sham B. Inamati GA (619) 455-331 Melinda Malloy NRC/OSP/CPPD 492-7624 Richard E. Johnson NRC/RES 492-8129 Jerry N. Wilson NRC/RES/ARGIB 492-4727 Peter G. Kroeger BNL (516) 282-2610 Lloyd P. Walker SWEC/GCRA (619) 455-9500 Andrew C. Millunzi DOE (301) 353-3405 Tony Nylan GA (619) 455-2580 John C. Cunliffe Bechtel (415) 768-2227 .

Syd Ball ORNL (615) 574-0415 David L. Moses ORNL (NRC Programs) (615) 574-6103/

Paul R. Kasten ORNL (615) 574-6093 Jerry J. Swift NRC/NRR/DREP 492-7569 Jacques Read NRC/RES/DRAA/SAIB 492-7569 Fred A. Silaby GA (619) 455-4320 William C. Craig SWEC (617) 589-5397 John H. Flack NRC/RES (301) 443-7767 George Sherwood DOE (301) 353-4162 L. Walter Deitrich EPRI/ANL (312) 972-4571 Uri. Gat ORNL (615) 574-0560 Vincent Boyer GCRA Management Comm. (216) 841-6524 J. M. Kendall GCRA (619) 455-9500 Alan D. McWhirter CE (203) 285-4505 Neil W.-Brown General Electric (408) 365-6516 H. L. Brey Public Service of Colo. (303) 480-6944 J. Glynn NRC/RES (301) 443-7630 R. E. Ireland NRC Reg. IV (817) 860-8138 D. L. Hanson . GA (619) 455-2722 John P. Sanders ORNL (615) 574-0570 G. Patrick Connors PDC 0 (619) 455-4298

., l Enclosure 1, Part B Attendees NRC/ DOE Meeting on MHTGR June 19, 1987 P. M. Williams NRC/RES/ARGIB 492-9613 ,

Ralph Landry NRC/RES/ARGIB 492-4914 Thomas L. King NRC/RES/ARGIB 492-7014  ;'

Sham B. Inamati GA (619) 455-331 Melinda Malloy NRC/OSP/CPPD 492-7624 Richard E. Johnson NRC/RES 492-8129 Jerry N. Wilson NRC/RES/ARGIB 492-4727 Peter G. Kroeger BNL (516) 282-2610 Scott R. Penfield GCRA (619) 455-9500 >

Andrew C. Millunzi DOE (301) 353-3405  !'

Tony Nylan GA (619) 455-2580 John C. Cunliffe Bechtel (415) 768-2227 Syd Ball ORNL (615) 574-0415 {

David L. Moses ORNL (NRC Programs) (615) 574-6103/

Jerry J. Swift NRC/NRR/DREP 492-7569 Jacques Read NRC/RES/DRAA/SAIB 492-7569 l Fred A. Silaby GA (619) 455-4320

' William C. Craig. SWEC

. John H. Flack NRC/RES (301) 443-7767 L. Walter Deitrich EPRI/ANL (312) 972-4571-Uri Gat ORNL (615) 574-0560 j J. M. Kendall GCRA (619) 455-9500 Alan D. McWhirter CE (203) 285-4505 Neil W. Brown General Electric (408) 365-6516 D. L. Hanson GA (619) 455-2722 '

John P. Sanders ORNL (615) 574-0570 G. Patrick Connors PDC 0 (619) 455-4298 Donald Graf MHTGR-PDC 0 (619) 455-4294 ],

f n

1 ha m -mmr i .i m er in. . _ _ . _ _ _ _ _ _ _ _ _ . . . . _ _ . . _ _ .m_..___..._. . . _ _

Eaclosure 2 AGENDA 1

l NRC/ DOE Meeting'on MHTGR PSID and Other Issues June 18, 1987 Org.

.9:00 - 11:00 Opening Remarks NRC/ DOE, Others 11:00 - 1:00 Overview of LBE Selection. GA ,

1:00 - 2:00 Lunch 2:00 - 2:15 Fort St. Vrain PSC

'2:15 - 3:15 Chapter 11.1, Radionuclides Design Criteria ~ GA Bases for Criteria

- Significance to Chapter 15 l Response to NRC Questions Startup/ Shutdown 3:15 - 4:30 Chapter 15, Radionuclides Release During GA LBEs

- Bounding PSID LBEs

- Description of Radionuclides Release

- Event Description System Response.

Radionuclides Release.

- Sensitivity Analysis Response to NRC Questions 3:15 - 4:30' Chapter 17, Quality Assurance PDC 0 5:00 - 7:00 NRC Contractor Calculations of ORNL, BNL RCCS heat removal, Air Ingress, and Earth heatup l

6 l

o l (

[

• L ..

AGENDA-NRC/ DOE Meeting on MHTGR FSID and Other Issues June 19, 1987 Org.

8:30 - 10:30 Section 3.2, MHTGR Safety Classification Introduction DOE Review of Approach and Terminology in PSID GA Plans for PSSAR BNI 10:30 - 11:30 Regulatory Technology Development Plan, GA Overview and Introduction Definition of Technology

, - Method for Identifying Technology Needs Overview of the Regulatory Technology Program Response to NRC Questions 11:30 - 12:30 Fuel / Fission Product Technology Develop-ment Plan GA Basis for Technology Need Description of Technology Need Planned Program Response to NRC Questions 12:30 - 1:30 Lunch 1:30 - 3:30 Role and Objectives of PRA, Coments NRC and on Initial Review of PRA Contractors 3:30 - 4:00 Events Beyond Design Basis NRC and (RCCS failure, massive water ingress, Contractors fa110re of core support system, non-mechanistic large reactivity insertion, cross duct failure, position on non-mechanistic source term)

s .

l

, Enclosure 3 i

GENERAL COMMENT

S i

G-14 In comment G-12A the staff stated that definitions for the terms " safety-related," "important to safety" and "non-safety related" for equipment classification had not yet been satisfactorily established. In response, DOE has committed to identifying all structures, systems, and components that have a radionuclides control f function in addition to those SSCs it has already identified as necessary for meeting 10CFR100 guidelines'. The identification'of each item will include description of its function, design criteria, and desigr requirements. DOE is also considering eliminating or clarifying its use of the term " safety related" and developing a 1 nomenclature that more closely reflects its criteria intentions.

Later DOE may modify the PSID and PRA accordingly. The staff plans to make use of the above information ir, resolving its concerns about appropriate equipment classification and may, as a last resort, impose a traditional nomenclature on the SSCs identified by DOE, if 1 DOE's proposed nomenclature is not acceptable.

G-15 The following comments and information requests are made with regard to DOE's Regulatory Technology Development Plan. Some comments have already been made during individual PSID Chapter reviews and further comments are expected after additional review cf the plan. '

A. DOE will identify individual members of the various peer review groups that were used to help establish technical development needs and will indicate if these groups are to remain active as the MHTGR Project progresses and, if so, what will be the responsibilities of these groups. l l

B. DOE will provide to the staff, on request, experimental and test information available or to be obtained for the MHTGR under programs other than the Regulatory Technology Development Plan.

This shall include foreign information available to DOE. ~

)!

- - o

e I'

1 C. DOE will provide information on how the allowable design limits on fuel element cracking under normal operations are being determined and will discuss any test data available or tests planned to support this determination.

D. Based upon the information provided to date the staff cannot agree that the Regulatory Technology Development Plan'should not include elements for (1) RCCS testing, (2) reactor physics l

confirmation, and (3) automatic control development. However, these items are still under evaluation and our final position on these topics will be developed as our review progresses.

E. At this stage of the staff's review, the Fission Product' .

Technology Development Plan (RTDP-Section 6) is judged compre-I hensive and well planned. However, as our review continues and we begin our preparation of the SER we may request additional information to support this preliminary conclusion. A part-icular concern that we are investigating is the adequacy of the test program to yield sufficient statistical evidence for (1) confirming the reference fuel design and (2) supporting the consistency of the fuel manufacturing process to yield the high quality fuel required.

F. DOE stated that it does not believe seismic model testing is needed for the MHTGR design. DOE should document the reasons for this position.

i G. Development of a reliability assurance program is not part of j the Technology Development Plan. DOE should describe the role a reliability assurance program is expected to play in MHTGR  !

safety.

i i

G-16 In preparation for the forthcoming meeting on July 15, and 16, 1987, which will include DOE's presentation and discussion of the MHTGR PRA, the staff and its consultant (J. Minarick) provided comments pertaining to a preliminary review of DOE's PRA document and related matters. DOE should be prepared to address these and additional comments, as summarized below.

A. A sumary of a draft review by J. Minarick and others of Science Applications International Corporation was presented to DOE for its consideration. Major points of this draft review centered on the fact that since the MHTGR design is not available in detail, the PRA cannot identify those potential sequences that involve plant details not yet developed. How much this may contribute to risk is unknown at this point. In addition, with failure probabilities being claimed for certain components and systems of less than 10-6 per reactor year, it is not clear what confidence can be given these values considering the difficulty in comprehensively identifying failure sequences in that frequency range. Furthermore, the truncation of sequences ,

at IX10-8 per reactor year prior to consequence analysis provides little confidence that dominant risk-related sequences have been identified. -

B. DOE should describe how the PRA was used to make design trade-offs and to classify equipment. l C. DOE should provide at the meeting or plan to document later a i complete discussion of RCCS failure modes, and present a RCCS fault tree, including the cut sets developed. This response should make appropriate use of responses to Comments 5-2 through 5-13, and 6-1 and 6-2.

D. DOE should provide at the meeting or plan to document later a failure modes and effects analysis of the primary vessel system.

This response should make appropriate use of response to

)

t

)

Comments 5-14 through 5-22 and also consider the differences between LWR and HTGR service and environmental conditions.

E. The use of established guidelines and available documents for the selection of accident initiators should be discussed and referenced.

F. DOE should describe the methodology and reasoning used in establishing Table 4-3. We note that by not including passive support systems in the table, earthquakes do not appear to be treated with the same regard as other accident initiators.

G. DOE should provide more information on how human reliability and human recovery operations contribute to the PRA. While we appreciate that the MHTGR's automated control, passive safety features and slow plant response to transients and accidents provide for human factors considerations somewhat different than for LWRs, treatment of these differences as well as the similarities should be described.

H. DOE should be prepared to discuss at the meeting or document later a description of the quantification process used in quantifying the sequence frequency estimates reported in the MHTGR PRA. The description should include detail such as development of modular fault trees for various front-line and support systems using consistent symbols and nomenclatures, and linking all the fault trees in logical fashion at the accident sequence level and reducing them to assign probability estimates to various cutsets. The possibility of the development of the fault trees for various initiating events should also be discussed.

I. DOE should be prepared to provide at the July 15-16, 1987 meeting a discussion of the process used to identify various common cause failures applicable to MHTGT; components and the process l used to treat them quantitatively at the system level and the

~

l sequence level.

J. DOE should be prepared to provide at the meeting or document later details of the recovery operations applicable to various accident sequences. The discussion should include the mission time of the sequence, the type of system or component, the mean time to repair and/or restore and the basis for the credit taken for recovery operations.

G-17 DOE has stated that PRA has been the underlying methodology used for-the design of the MHTGR safety structures systems and components..

Top level design criteria were used to establish a chart where risk from various design options was explored and, where necessary, design changes were made to reduce risks to acceptable levels, based on PRA estimates. Considering the state of the art in PRA technology, the fact that the MHTGR is a conceptual design and the fact that the frequency range of failure scenarios being evaluated for the MHTGR is below that which has been generally accepted for LWRs, the NRC staff may not accept this methodology a's the fundamental bases for the MHTGR safety design. Rather, the traditional design bases of engineering analysis and judgement, the satisfactory completion of research and development programs, use of past design and operational experiences, and substantial conformance to established nuclear j reactor design criteria is being considered by the staff in l

assessing the MHTGR design. This is consistent with NRC's Severe Accident Policy Statement which states that PRA is complementary to traditional review methods and considered as only one of the various tools used in' nuclear power plant review.

G-18 As a portion of the PRA review planned for July 16, 1987, DOE will describe accidents beyond the design basis in terms of frequency of events and consequences. In addition to the four accidents currently planned for discussion (i.e., large reactivity transients, conduction cool down without the RCCS, large steam ingress and large depressurization), DOE will include discussions of core support failure resulting from an earthquake beyond the SSE and a large failure of the vessel system cross duct.

J

.______________-____n

G-19 The staff stated that it would be necessary for DOE to explore the consequences of fuel failure beyond the amount that DOE has calculated for various LBEs in order to ascertain if the MHTGR design is approaching any " cliffs" in its accident responses. The staff will further describe its needs in this matter after evaluation of material to be presented in accordance with Comment G-18.

G-20 DOE will discuss at the July meeting its response to Comment G-12C (role of and safety classification of reactor operators) which was discussed at the May meeting.

G-21 Syd Ball, NRC staff consultant at ORNL, made a preliminary report of (1) independent calculations he is making on RCCS performance and (2) reactivity transient studies that John Cleveland is making, also at ORNL. Mr. Ball generally confirmed PSID values but noted that there is significant sensitivity of vessel and maximum fuel temperatures to the values used for the thermal conductivity of the reflector and core graphite. DOE will investigate the thermal conductivity issue and report its findings at the July meeting. Mr. Cleveland's studies so far indicate that water ingress produces significantly less reactivity input than given in the PSID. ORNL will work with DOE to resolve this difference.

G-22 Peter Kroeger, NRC consultant at BNL, made a preliminary report of his studies of RCCS performance, air ingress and earth heatup. His conclusions oh RCCS performance and air ingress were consistent with the PSID but his studies of earth heatup gave higher fuel and vessel temperatures than in the PRA. DOE will present its methodology for earth heatup in the July meeting and the differences in the two results will be discussed at that tine.

SPECIFIC COMMENTS 10-5 The description of startup and shutdown equipment and procedures presented by view-graphs and in discussion at the June 18, 1987

2  : .

meeting should be summarized and used to augment the material given in Section 10.15 of the PSID.

10-6 DOE should evaluate the potential for and consequences of thermal shock of the steam generator as might be caused by improper startup or shutdown operations or failures in equipment used in the  !

startup/ shutdown sequences. .

11-5 DOE will clarify (by the use of a table if convenient), the various release requirements (e.g., PAGs, 10CFR100, 10CFR20, 40CFR190, 10CFR50, Appendix I) that are used to back calculate " design" criteria which limit the release of fission products from the core

~during normal operation. This clarification will include identi-fication of any credit for use of the primary system boundary, secondary system pathways and the reactor building in computing certain of the design criteria.

11-6 DOE will clarify the assumptions used in determining the " maximum  ;

expected" criteria from the design criteria. (As given in the PSID, page 11.1-6, these assumptions were a factor of 4 for gas releases and a factor of 10 for metal releases).

11-7 DOE should document the view-graphs showing " Key Fuel Performance Requirements" and " Key Fuel Products Specifications" and discuss the quantitative relationships to the " design" and " maximum expected" radionuclides triteria.  ;

11-8 DOE committed to use appropriate administrative controls to monitor fuel operational performance. Describe the techniques that will be used to determine levels of circulating activity and plateout of controlling isotopes. Will post irradiation examination be routinely l used to monitor fuel particle coating performance?

l 11-9 Two of the view-graphs presented described inventories or release fractions of Kr-88, 1-31, Sr-90 and Cs-137 and no other isotopes. j

- i 1

l

- - - - - - - -- - A

f . ,

l i

DOE should justify by quantitative examples that these are-the isotopic species.that control dose estimates'(i.e., " Radionuclides l with. Safety Significance") and that other species are of secondary .)

importance at the PSID stage of safety review.

15-1 Describe the role of the reactor building and any other " barriers" used in meeting thyroid PAG doses (95 percent confidence)'for DBEs

~

and EPBEs. This response should be coordinated with the response to Comments 6-4 and 11-5.

15-2 DOE will_ supply more detailed information supporting its conclusion that combustible gas mixtures are not formed as a consequence of'

.SRDC-7. The information should include'the rate, quantity and concentration of combustibles emanating from the open relief valve, arguments supporting the judgement that subsequent mixing with the

]

building atmosphere always falls within the incombustible regions of j the helium diluents or air, and that pockets of combustible gas mixtures do not accumulate.

15-3 In some of the accidents described in Chapter 15 core temperatures reach levels where metals.that clad and support the-absorber materials of the control rods would loose their functions. Could a rearrangement of absorber materials result in a recriticality accident that could result in even higher core temperatures?

17-1 The extent of the quality assurance program to be applied to structures,~ systems, components and activities not considered " Safety related" by DOE will be determined following resolution of Comment G-14. Resolution of this comment will result in the classification of all equipment in the plant that has a radionuclides control function. We cannot pass judgment on the quality assurance program until Comment G-14 is resolved.

l' -

In general we expect DOE to commit to meet the intent of the l SRP for quality assurance.(NUREG-0800 Chapters 17.1 and 17.2) for systems, structures and components that perform a radionuclides control function.

17-2 Foreign technology may be important in supporting the MHTGR Safety design and analysis, particularly in fuel performance and manufacturing. The staff. understands that agreements are being developed with the Federal Republic cf Germany to assure that the German technology to be cited by DOE in support of the MHTGR will meet the equivalent 10CFR50, Appendix B. In order to determine if the equivalent ,is actually met, the staff reserves the right to perform its own audits in accordance with 10CFR50, Appendix B, XVIII to verify compliance, if it determines such audits are needed.

17-3 As a portion of DOE's quality assurance commitments, DOE will develop detailed, " Handbook" type documentation for all fundamental data used in the MHTGR design.

I i

i

)

ENCLOSURE 4 Physical Protection Requirements for the MHTGR DOE should respond to the following comments on Physical Protection Requirements. This information should be protected against unauthorized disclosure in accordance with 10CFR73.21.

1) A description is needed of the design features that would make the MHTGR more inherently safe from radiological sabotage and'less dependent upon physical security systems for protection against such sabotage.

2) Consideration should be given to protecting certain information from public disclosure.in accordance with 10 CFR 73.21. This includes any figures that identify physical protection features not observable from outside of the protected area, lists or locations of safety-related equipment explicitly identified in the documents as vital for the purposes of physical protection, and any vulnerabilities to sabotage.

~

3) While it is reasonable that physical protection equipment and organization be an owner responsibility rather than a designer responsibility, it would simplify licensing of sites if the identification of equipment to be protected as vital within the nuclear island, which is within the designer's scope, was standard, rather than utility specific. Please identify the systems and components (including piping runs and valve motor control centers), and their locations, within your scope that should be considered vital in the sense of 10CFR73.2(i). (This response should be protected as Safeguards Information in accordance with 10CFR73.21.)

4) As some equipment within the nuclear island may be vital, consideration of the needs of vital barriers during building design could be beneficial.

Consideration could be given in Chapter 6, Buildings and Structures, to the regulatory position on physical barriers in Regulatory Guide 5.65, which could impact on design of some ducts and penetrations. Consideration should also be given to assuring that vital equipment (whether passive or active equipment) could not be damaged from outside of the vital area containing that equipment. Discussions of potential vulnerabilities should be protected in accordance with 10 CFR 73.21.

5) Discuss which decay heat removal systems would have to be defeated to prevent mitigation of a loss of offsite power or other transient. How would this be affected by loss of cooling water to the diesel generators, or other loss of the service water system? Discussions of potential vulnerabilities should be protected in accordance with 10 CFR 73.21.

6) Discuss protection afforded against deliberate attempts to chemically attack the core. Discussions of potential vulnerabilities should be protected in accordance with 10 CFR 73.21.

7) Sections 13.3.1.2 through 13.3.1.8 paraphrase 10 CFR 73.55 (b) througn (h), respectively, except for sections 13.3.1.5, Detection Aids, and 13.3.1.7, Testing and Maintenance, which do not. Why were these sections -

treated differently?

8) Clarify whether or not the protected area is identical to the Nuclear Island boundary. Note.that the Operations Center and Nuclear Island '

Warehouse buildings, which are not listed as part of the Nuclear Island, contain the boundary between the lesser security Energy Conversion Area (equivalent to what is often called owner controlled area) and the Nuclear Island security area and thus portions of those buildings should be considered to be in the protected area. .I

9) It is argued in section 1.3.2 that "the passive safety characteristics and slow response of the modular design provide a basis for not designating the control building as ' safety related'." Section 13.3.1.3 states that the reactor control room will be in the less secure Energy Conversion Area i rather than in the Nuclear Island, yet states that it is to be bullet resistant. Should the bullet resistant requirement of 10 CFR 73.55(d) be .

retained if the control room is not vital for this reactor?

i

10) Are there any acts of radiological sabotage that can be accomplished in I

the control building?

i

11) Lochting both the Primary and Secondary Alarm Stations within the Operations Center, as described in section 6.2.7.1, could make it more difficult to assure "that a single act cannot remove the capability of callin for assistance or otherwise responding to an alarm." [10 CFR 73.55(g)(1)]

e

12) References to " industrial sabotage" should be replaced with " radiological sabotage," which is defined in 10 CFR 73.2(p).

13) Section 13.3.2, Interface with Nuclear Island, states that the plant security system is supported by a dedicated security Uninterruptable Power Supply (UPS) which is backed up with a dedicated backup generator.

Figure 6.2-12, Operations Center Plan, indicates these are within the protected area portion of the Operations Center.

a) Confirm that this equipment will be within vital areas within the protected area.

b) Will exterior lighting needed for security alarm assessment be supported by this security UPS or will security lighting be vulnerable to cutting of off-site transmission lines? Section 8.10.1.1, Lighting System, does not show exterior lighting to be on emergency power.

c) Will the potential for electromagnetic interference (EMI) between Nuclear Island systems and security alarms on doors within the Nuclear Island be considered in design specifications?

14) Section 13.3.1.3 states that access to vital equipment requires passage through at least two physical barriers. Confirm that this does not mean two fences but rather that at least the vital area barriers will meet the definition of 10 CFR 73.2(f)(2).

2

1

15) One of the lessons learned about protected trea access control statiens is the desirability of a designated place, segregated from personnel and package traffic, to conduct pat-down searches when necessary. The preliminary design in Fig. 6.2-12 may not be adequate in this regard.

1

16) Section 6.2.7, Operations Center, infers that all security services are housed within the Operations Center building. Fig. 6.2-12 shows that an arms room and security ready room are located there. Consider whether locating all the response weapons in this single location could facilitate interdiction of the site's armed response force.

17) 10CFR73.55(d)(8) discusses access to reactor containment where paragraph 8 of section 13.3.14 discusses access to "the reactor area".

a) Define " reactor area." Does this mean the Reactor Building described in section 6.1.17 b) Discuss whether the Reactor Building (or reactor area) structure would provide protection of its vital equipment equivalent to that provided by containment buildings at PWRs and drywells at BWRs, giving partictilar attention to vent openings.

18) As promised at the May 28, 1987 meeting with DOE and its contractors, the following are additions to the list of NRC documents the contractor should consider to be applicable to MHTGR physical security:

n) Regulations:

10CFR50.34(d) and (e) - security plans; 10CFR73.1(a)(1) - design basis threat; ,

10CFR73.2 - definitions; 10CFR73.21 - protection of safeguards information; 10CFR73.70 - records; 10CFR73.71 - reports; 10CFR73 Appendix B - security personnel; 10CFR73 Appendix C - contingency plans.

b) Regulatory Guides:

5.7 - entry / exit control for Protected Areas, Vital Areas; 5.12 - use of locks; 5.44 - perimeter intrusion alarm systems; 5.65 - vital area barriers and emergency access to vital areas.

c) Review Guidelines:

l 9 - compensatory measures for intrusion detection hardware outage; 10 - power supply to security lighting; 13 - vital areas lacking two barrier protection; 15 - package search; 16 - protective measures for central and secondary alarm stations; 17 - definition of vital areas; 18 - protected area control function in bullet resistant structure; 20 - explosives search.

3

n .

re-(

i d) NUREG Reports: .

0178 - closed-cicuit1 television systems; CR-0509 - emergency power supplies; 0794 - protection of unclassified safeguards information; 0908 - acceptance criteria for. evaluation of security plans; CR-1142 - remote response rechanisms; CR-1327 - security lighting planning; CR-1467 - CAS/SAS work station design; CR-1468 - design concepts for independence of CAS and SAS M

l l

l i

l l

4

-t A JUL00

+ M EfP.iBMTION

, RES Circ'-

Chron ARGIB R/F E. Beckjord T. Speis B. Morris

2. Rosztoczy

-T. King J. N. Wilson C. Allen 1 R. Landry P. Williams J. Flack R. Baer

.N. Anderson F. Cherny S. Shaukat R. Johnson ,

D. Th:tcher J. Hulman J. Glynn-L. Soffer .

J. Read D. Cleary A. Murphy G. Arndt R. Kirkwood M. Lamastra R. Erickson B. Mendleschn H. VanderMolen E. Chelliah L. Beltracchi F. Congel ,

J. Swift

0. Lynch D. Matthews i R. Senseney -

M. Spangler F. Coffman

.S. Ball, ORNL P. Kroeger, BNL G. VanTuyle, BNL R. Ireland, Reg. IV (M.

. PDR El-Zef W Project:672_ tawy, ACRS/H-1026-Project File'~6724(Central Files)

. . _ _ _ _ _ _ _ - _ _ _ . _ _ _ _ _ _ _ _