ML20349E838

From kanterella
Jump to navigation Jump to search
Design Review Guide (Drg): Instrumentation and Controls for Non-Light-Water Reactor (Non-LWR) Reviews
ML20349E838
Person / Time
Issue date: 12/16/2020
From: Matthew Sunseri
Advisory Committee on Reactor Safeguards
To: Margaret Doane
NRC/EDO
C. Antonescu, ACRS
References
Download: ML20349E838 (5)
v  d  e


Text

UNITED STATES NUCLEAR REGULATORY COMMISSION ADVISORY COMMITTEE ON REACTOR SAFEGUARDS WASHINGTON, DC 20555 - 0001 December 16, 2020 Ms. Margaret M. Doane Executive Director for Operations U.S. Nuclear Regulatory Commission Washington, DC 20555-0001

SUBJECT:

DESIGN REVIEW GUIDE (DRG): INSTRUMENTATION AND CONTROLS FOR NON-LIGHT-WATER REACTOR (NON-LWR) REVIEWS

Dear Ms. Doane:

During the 681st meeting of the Advisory Committee on Reactor Safeguards, December 1- 4, 2020, we reviewed Design Review Guide (DRG): Instrumentation and Controls for Non-Light-Water (Non-LWR) Reactor Reviews, dated October 8, 2020. Our Digital Instrumentation and Control (DI&C) Systems Subcommittee also reviewed this matter on June 2 and October 21, 2020. During these reviews, we had the benefit of discussions with representatives of the United States Nuclear Regulatory Commission staff. We also had the benefit of the documents referenced.

CONCLUSIONS AND RECOMMENDATIONS

1. The DRG is a significant advancement to the standard review process for nuclear power plant (NPP) reactor instrumentation and control (I&C) systems. The DRG should be issued subject to incorporation of Recommendation 2.
2. Some I&C systems may be suitable for sharing among multiple units. However, the sharing of reactor trip systems (RTS) or engineered safety features actuation systems (ESFAS) between multiple units potentially compromises plant safety. Sharing should not be allowed for these two specific systems.
3. This guide is technology neutral in all aspects and would streamline the review of I&C safety systems for any proposed Light Water Reactor (LWR) or Non-LWR reactor plant design and any proposed safety I&C system modifications in operating plants.

BACKGROUND Licensing reviews of I&C, and digital-based I&C systems, in particular, have been a significant challenge from the perspectives of safety demonstration, schedule, and resources for all new LWR applications. Digital technology offers significant operational and maintenance benefits for I&C systems in NPPs. DI&C systems are composed of hardware components, logic elements (e.g., hardware- and software-based), and digital data communications. Industry has consistently expressed that DI&C licensing certainty is one of their highest priorities.

M. Doane Staff Requirements Memorandum (SRM) to SECY-11-0024, Use of Risk Insights to Enhance the Safety Focus of Small Modular Reactor [SMR] Reviews, approved the staffs recommendation to enhance the efficiency and effectiveness of the SMR application reviews through a design-specific, risk-informed, and safety-focused approach.

In response to these concerns, the staff developed a Design-Specific Review Standard (DSRS)

Chapter 7, Instrumentation and Controls, initially for the BWXT mPowerTM SMR design.

Subsequently, it provided the basis for the NuScale SMR DI&C design review. The mPower and NuScale DSRS provide guidance for developing RTS and ESFAS based on a defined and detailed one-line block diagram architecture that meets the fundamental design principles for the structure of DI&C system designs. Such an architecture already embodies multiple layers of defense-in-depth. The detailed-architecture also provides the basic framework for identifying the need for and type of additional defense-in-depth to mitigate any remaining vulnerabilities.

DISCUSSION The proposed DRG builds on the mPower and NuScale DSRS, factors in lessons learned from new LWR reviews and incorporates principles in regulatory guide (RG) 1.233. This new guidance reorganizes the existing Standard Review Plan from a bottom-up to a top-down approach that focuses on ensuring the basic architecture of the I&C systems meets the fundamental design principles. These principles are independence, redundancy, diversity in support of defense-in-depth, and deterministic behavior (predictability and repeatability), as well as simplicity. In addition, it addresses management of internal and external physical and electronic access to in-plant systems and networks. Design characteristics and regulatory requirements are then assessed within each system.

The DRG specifies the following objectives of the overall staff review:

1. Ensure that a management system is in place to confirm that the completed I&C systems meet all regulatory requirements.
2. Ensure that the safety-significance of Structures, Systems and Components (SSCs) is considered in determining the level of detail of the review and that applicable domestic and/or international standards are met.
3. Ensure a thorough qualification program is in place.
4. Ensure that a systematic assessment of design basis or licensing basis hazards is incorporated.
5. Ensure that human factors assessments are incorporated.
6. Ensure that I&C digital communications systems are assessed for hazards associated with paths that could affect the reliability and robustness of the system.

To achieve these objectives, the DRG develops overall systematic and architecture assessment review criteria. The DRG then provides the reviewer with specific review criteria for evaluation with respect to fundamental I&C design principles, network and system data communication, and qualification measures.

M. Doane This revision is a significant advancement to the standard review process for NPP reactor I&C systems. Its focus on a top down approach organized around an architecture that meets the framework of the critical fundamental I&C design principles of independence, redundancy, diversity in support of defense-in-depth to address common cause failures, deterministic processing (predictability and repeatability), and network and system data communication, all supported by evaluating simplicity provides a firm and easily understood basis for evaluating future safety I&C systems whether digital, analog or a hybrid combination. The proposed DRG should be issued.

That said, we have two concerns:

1. Section A.8, Multi-Unit Stations: As proposed, the DRG will state: I&C design descriptions in the application provide assurance that safety-related I&C SSCs are not shared among units in multi-unit stations. If safety-related I&C SSCs are shared among NPP units, then the reviewer should confirm that the ability to simultaneously perform required safety functions in all units is not impaired.

The staff provided their basis for maintaining the shared option by noting that the text in question originates from 10 CFR Part 50 Appendix A, General Design Criteria for Nuclear Power Plants, General Design Criterion 5, Sharing of Structures, Systems, and Components, which is retained in RG 1.232, Guidance for Developing Principal Design Criteria for Non-Light Water Reactors, Appendix A, Criterion 5. They also note that 10 CFR 50.55a(h) invokes Institute of Electrical and Electronics Engineers (IEEE) Standard 603-1991, which provides similar language.

We agree that some I&C systems may be suitable for sharing. However, the sharing of RTS or ESFAS between multiple units potentially compromises plant safety. Sharing of these systems jeopardizes redundancy, independence, data communication, diversity and defense-in-depth, and simplicity, and should not be allowed.

2. The guide states that it applies only to Non-LWRs; we disagree with this narrow application.

Its development was based on lessons learned from LWR design certification application reviews. This guide is technology neutral in all aspects and will streamline the review of I&C safety systems for any proposed LWR or Non-LWR reactor plant design and any proposed safety I&C system modifications in operating plants.

We compliment the staff for applying the lessons-learned over the last decade during the reviews of design applications and operating plant modifications, including extensive public and industry interactions. This resulted in an easily understood review guide that provides a clear understanding of expected design approaches and should streamline future reviews.

Sincerely, Matthew W. Sunseri Digitally signed by Matthew W. Sunseri Date: 2020.12.16 14:15:26 -05'00' Matthew W. Sunseri Chairman

M. Doane REFERENCES

1. U.S. Nuclear Regulatory Commission, NUREG-0800, Chapter 7, Branch Technical Position 7-19, Guidance for Evaluation of Diversity and Defense-in-Depth in Digital Computer-Based Instrumentation and Control Systems, Revision 7, August 2016 (ML16019A344)
2. Regulatory Guide (RG) 1.232, Guidance for Developing Principal Design Criteria for Non-Light Water Reactors, Revision 0, April 2018 (ML17325A611)
3. NUREG/CR - 6303, Method for Performing Diversity and Defense-in-Depth Analyses for Reactor Protection Systems, December 1994 (ML071790509)
4. Regulatory Guide (RG) 1.233, Guidance for Technology-Inclusive, Risk-Informed, and Performance-Based Approach to Inform the Licensing Basis and Content of Applications for Licenses, Certifications, and Approvals for Non-Light Water Reactors, Revision 0, June 2020 (ML20091L698)
5. Title 10 of the Code of Federal Regulations (10 CFR) Section 50.55a, Codes and Standards, 50.55a(h), Protection and Safety Systems.
6. Institute of Electrical and Electronics Engineers Inc., IEEE Standard Criteria for Safety Systems for Nuclear Power Generating Stations, IEEE Std. 603-1991, and the correction sheet dated January 30, 1995
7. 10 CFR Part 50 Appendix A, General Design Criteria for Nuclear Power Plants, General Design Criterion 5, Sharing of Structures, Systems, and Components
8. U.S. NRC, Staff Requirements Memorandum (SRM) to SECY-11-0024, Use of Risk Insights to Enhance the Safety Focus of Small Modular Reactor Reviews, May 2011 (ML111320551)
9. Design-Specific Review Standard for NuScale Small Modular Reactor Design, December 21, 2015 (ML15355A295)
10. mPower Design-Specific Review Standard (DSRS) - Proposed-For Interim Use and Comment, October 31, 2012 (ML12305A348)

M. Doane December 16, 2020

SUBJECT:

DESIGN REVIEW GUIDE (DRG): INSTRUMENTATION AND CONTROLS FOR NON-LIGHT-WATER REACTOR (NON-LWR) REVIEWS Accession No: ML20349E838 Publicly Available (Y/N): _Y___ Sensitive (Y/N): N If Sensitive, which category?

Viewing Rights: NRC Users or ACRS only or See restricted distribution OFFICE ACRS SUNSI Review ACRS ACRS ACRS NAME CAntonescu CAntonescu LBurkhart SMoore (SWM) MSunseri DATE 12/14/20 12/14/20 12/15/20 12/15/20 12/16/20 OFFICIAL RECORD COPY

Retrieved from "https://kanterella.com/w/index.php?title=ML20349E838&oldid=3151188"