ML21312A034

From kanterella
Jump to navigation Jump to search
Combined Slides for November 9, 2021, Technology Inclusive Content of Application Project Public Meeting
ML21312A034
Person / Time
Site: Grand Gulf, Arkansas Nuclear, River Bend, Waterford  Entergy icon.png
Issue date: 11/09/2021
From: Joseph Sebrosky
NRC/NRR/DANU/UARP
To:
Sebrosky J
References
Download: ML21312A034 (77)


Text

Technology Inclusive Content of Application Project (TICAP) Public Meeting November 9, 2021 Microsoft Teams Meeting Bridgeline: 301-576-2978 Conference ID: 292 316 880#

1 of 77

Agenda Time Topic Speaker 1:00 - 1:10 pm Opening Remarks NRC/Industry 1:10 - 2:15 pm Overview of Response to NRC Industry Comments Discussed during Public Meeting on October 5, 2021 2:15 - 2:30 pm NRC Staff Overview of Updates to NRC TICAP Guidance 2:30 - 2:45 pm Stakeholder Questions All 2:45 - 3:00 pm Break (if needed) All 3:00 - 3:40 pm Continuation of Discussion NRC/Industry 3:40 - 3:50 pm Stakeholder Questions All 3:50 - 4:00 pm Next Steps and Closing Remarks NRC/Industry

  • Note that Industry's TICAP guidance document is available at:

https://adamswebsearch2.nrc.gov/webSearch2/main.jsp?AccessionNumber=ML21250A378 2

2 of 77

TICAP Public Meeting

Purpose:

to discuss draft guidance for advanced reactor application safety analysis reports (SARs) using Nuclear Energy Institute (NEI) 18-04s Licensing Modernization Project (LMP)

  • Key documents:
  • NEI 21-07, Revision 0, Technology Inclusive Guidance for Non-Light Water Reactors Safety Analysis Report Content for Applicants Using the NEI 18-04 Methodology (ML21250A378)
  • NRC draft exceptions, clarifications, and additions (ML21274A032)
  • Additional background available on the NRC Advanced Reactor Content of Application Project (ARCAP)/TICAP public webpage (see:

https://www.nrc.gov/reactors/new-reactors/advanced/details.html#advRxContentAppProj) 3 of 77 3

ARCAP and Technology Inclusive Content of Application Project (TICAP) - Nexus Outline Safety Analysis Report (SAR) - Additional Portions of Application Based on TICAP Guidance

  • Technical Specifications
1. General Plant Information, Site
  • Technical Requirements Manual Description, and Overview of the Safety
  • Quality Assurance Plan (design)

Case

2. Methodologies and Analyses
  • Quality Assurance Plan
3. Licensing Basis Event (LBE) Analysis (construction and operations)
4. Integrated Evaluations
5. Safety Functions, Design Criteria, and
  • Physical Security Plan Audit/inspection of Applicant Records SSC Safety Classification
  • Calculations
6. Safety Related SSC Criteria and
  • SNM material control and
  • Analyses Capabilities accounting plan
7. Non-safety related with special treatment
  • System Descriptions SSC Criteria and Capabilities
  • Design Drawings
8. Plant Programs
  • Design Specs (operational)
  • Procurement Specs
  • Radiation Protection Program Additional SAR Content -Outside the Scope
  • Inservice inspection/Inservice
9. Control of Routine Plant Radioactive testing (ISI/IST) Program Effluents, Plant Contamination, and Solid
  • Environmental Report Waste
  • Site Redress Plan
10. Control of Occupational Doses
  • Exemptions, Departures, and
11. Organization and Human-System Variances Considerations
  • Facility Safety Program (under
12. Post-construction Inspection, Testing and consideration for Part 53 Analysis Programs applications)
  • Safety Analysis Report (SAR) structure based on clean sheet approach 4 of 77
  • Additional contents of application outside of SAR are still under discussion. The above list is draft and for illustration purposes only. 4

NRC Public Meeting on TICAP Cross-Cutting Major Topics Associated with NEI 21-07 Technology Inclusive Guidance for Non-Light Water Reactors Steve Nesbit, LMNT Consulting Karl Fleming, KNF Consulting Services Ed Wallace, GNBC Associates Brandon Chisholm, Southern Company Ben Holtzman, NEI November 9, 2021 5 of 77

=

Background===

  • The Nuclear Energy Institute (NEI) submitted NEI 21-07 Rev. 0 to the NRC on August 30, 2021 o Guidance for safety analysis reports (SARs) by applicants using the Licensing Modernization Project (LMP) methodology documented in NEI 18-04 Risk-Informed Performance-Based Technology Inclusive Guidance for Non-Light Water Reactor Licensing Basis Development
  • The Nuclear Regulatory Commission (NRC) provided feedback to NEI on September 30, 2021 o Table of exceptions, clarifications, and additions o Markup of document
  • NRC Public Meeting on October 5 to get clarification from the NRC on some of its comments 6 of 77

©2021 Nuclear Energy Institute 2

Approach for the Meeting

  • Goal: Obtain convergence between TICAP team and NRC on appropriate guidance for a SAR based on NEI 18-04 prior to finalizing NEI 21-07 Rev 1
  • TICAP team identified a number of cross-cutting major issues on which industry and the NRC are not in alignment
  • The cross-cutting major issues are:
1. Scope and level of detail of probabilistic risk assessment (PRA) information in the safety analysis report (SAR)
2. Human actions
3. Defense-in-depth (DID)
4. Additional documentation for some Licensing Basis Events (LBEs)
5. Principal design criteria (PDC) and complementary design criteria (CDC)
  • TICAP team will also provide feedback to some specific NRC comments outside the cross-cutting major topics area
  • Ultimately TICAP will report7 ofdispositions 77 of all NRC comments

©2021 Nuclear Energy Institute 3

General Notes

  • A number of NRC comments appear to relate to the NEI 21-07 approach of distributing information on specific topics throughout the SAR o Examples include PRA, DID, and human actions
  • The TICAP team recognizes this is a departure of sorts from the standard compartmentalized approach of a light water reactor SAR
  • The TICAP team believes the distributed approach is necessary in order to o Provide proper, integrated treatment of the LMP-based affirmative safety case, and o Avoid excessive repetition of information in the document 8 of 77

©2021 Nuclear Energy Institute 4

  1. 1: Scope and Level of Detail of PRA Information in the SAR 9 of 77 5

PRA Scope and Level of Detail

Background

  • NEI 21-07 addresses PRA information in the SAR in Chapter 2 (Methodologies and Analyses), Section 2.1

- Section 2.1.1 addresses the description of the PRA

- Section 2.1.2 addresses the summary of PRA results

- Due to the nature of a risk-informed, performance-based application, some of the PRA information is provided in other chapters of the SAR

  • NRC provided a number of comments on PRA

- Comments 2.1, 2.1.1b, 2.1.1c, and 2.1.2

- Markups to NEI 21-07 Section 2.1 10 of 77 6

PRA Scope and Level of Detail TICAP Perspective

  • Advanced light water reactor (ALWR) precedents for documenting PRA results in the SAR are limited to severe (beyond design basis) accidents, appear in one SAR chapter, and are not used in the deterministic safety case

- Results limited to estimates of core damage frequency (CDF), large early release frequency (LERF) or large release frequency (LRF), and risk significant contributions

- No results for design basis events, multi-unit accidents, non-reactor sources, or severe accident consequences

- Alternative methods, e.g. seismic margin assessment, accepted for some hazards

- Risk insights normally based on results of applying risk importance measures to CDF and LERF or LRF

  • Other risk-insights are included on an ad hoc basis (scope and 11 of 77 content varies) 7

PRA Scope and Level of Detail TICAP Perspective (cont.)

  • PRA scope for LMP-based affirmative safety case is much more comprehensive than ALWRs

- The term PRA results in an NEI 18-04-based application has a fundamentally different meaning

- Using the ALWR SAR model is not practical nor desirable

  • PRA assumptions, results, risk insights, and importance and sensitivity analyses that are essential to the LMP-based safety case are covered in other sections of the SAR

- Repeating that same information in Chapter 2 would serve no useful purpose

- Presenting this information as PRA results separated from the deterministic inputs to risk-informed performance-based decision making reflected in the other chapters would lack the context of the LMP Integrated Decision Making Process 12 of 77 8

PRA Scope and Level of Detail 2.1.1a Clarification

  • NRC Clarification 1 - NRC staff positions in Regulatory Guide 1.247, once issued, should be addressed along with the Non-LWR PRA Standard

- TICAP does not plan to reference the Regulatory Guide until the Regulatory Guide is issued

  • NRC Clarification 2 - the guidance should refer to NEI 20-09, Revision 1 instead of Revision 0

- TICAP will modify the guidance to refer to Revision 1 13 of 77 9

PRA Scope and Level of Detail 2.1.1b Clarification and Addition Further discussion is necessary in either NEI 21-07, Revision 1, or in TICAP draft RG white paper to cover the level of detail for the PRA information to be included in the SAR as follows: This section should describe PRA assumptions, the identification of PRA-based insights, and an overview of the results and insights from importance, sensitivity, and uncertainty analyses. A pointer should be provided if the information is described in other Chapters (e.g., Chapter 3).

Detailed information used in the PRA will not be included in the SAR but will be available for NRC audit.

  • It is important to recognize that Section 2.1.1 Overview of PRA does not cover results
  • Therefore, the part of the comment pertaining to identification of PRA-based insights, and an overview of the results and insights from importance, sensitivity analyses will be addressed in Section 2.1.2 14 of 77 10

PRA Scope and Level of Detail Section 2.1.1 - Assumptions

  • TICAP plans to modify the words after the bulleted list in Section 2.1.1 as follows The assumptions, supporting methods, data, and detailed information used in the PRA will not be included in the SAR but will be available for NRC audit. Assumptions made in performing the PRA that are essential to the LMP-based affirmative safety case will be identified in the sections of the SAR to which they apply. For example, such assumptions that impact the selection and evaluation of LBEs will be noted in Chapter 3. PRA assumptions that are not essential to the safety case will not be included in the SAR but will be available in the plant records for NRC audit.
  • This approach is best suited for a risk-informed, performance-based application in which PRA information is an integral part of the safety case rather than being bolted on as in an ALWR application 15 of 77 11

PRA Scope and Level of Detail Section 2.1.2 - Insights and Results, et al.

  • TICAP plans to modify Section 2.1.2 as follows

- The title will become Summary of PRA Results Essential to the LMP-Based Affirmative Safety Case Key PRA Results

- The first two paragraphs will become Because NEI 18-04 is a risk-informed methodology, key PRA results and insights that have been used to inform the LMP-based affirmative safety case are incorporated in the descriptions of the outputs of the methodology provided in the SAR. Those results are not repeated here, but this section provides pointers to those PRA results.

The applicant should provide a statement such as the following, identifying those parts of the SAR that include key PRA results and insights essential to the LMP-based affirmative safety case.

  • As summarized in the bulleted list in Section 2.1.2 of NEI 21-07 and further expounded in the following slides, there is an extensive amount of such PRA information in the SAR 16 of 77 12

PRA Scope and Level of Detail Section 2.1.2 - Insights and Results, et al.

  • Chapter 3

- LBEs, including frequencies, consequences, and uncertainties derived from the PRA

- Descriptions of plant responses based on PRA event sequence models

- Human actions involved in PRA safety functions

- Identification of risk-significant LBEs and high consequence beyond design basis events (BDBEs) informed by uncertainties and sensitivities derived from the PRA

  • Chapter 4

- Integrated risks compared to the LMP cumulative risk targets

- DID evaluation which is informed by PRA uncertainties, assumptions, and limitations 17 of 77 13

PRA Scope and Level of Detail Section 2.1.2 - Insights and Results, et al.

  • Chapter 5

- PRA Safety Functions addressed by Safety-Related Structures, Systems and Components (SR SSCs) and Non-Safety-Related with Special Treatment (NSRST) SSCs

- Risk significant SSCs including associated human actions

>> This is done through the application of risk important measures reflected in the Non-Light Water Reactor PRA Standard risk significance criteria and sensitivity analyses informed by the PRA results

- Identification of Required Safety Functions (RSFs) and selection of Required Functional Design Criteria and Complementary Design Criteria address the evaluation of uncertainties and sensitivities from the PRA results 18 of 77 14

PRA Scope and Level of Detail Section 2.1.2 - Insights and Results, et al.

  • Chapters 6 and 7

- Reliability and capability targets for SR SSCs and NSRST SSCs in the performance of their safety functions

- Human actions reflected in the targets if a SR or NSRST SSC function requires or depends on the performance of the human action

- Targets and special treatments are informed by inputs from the PRA including results, uncertainties, assumptions, and insights 19 of 77 15

PRA Scope and Level of Detail 2.1.1c - Two-Step Licensing Further discussion is necessary in either NEI 21-07, Revision 1, or in TICAP draft RG with paper to clarify the basis for omitting peer review for PRA for a CP application as follows (italics are used to set off the clarification - final text should be in regular font): To be clear, consistent with the baseline for this guidance, to the extent that an applicant does not request any design finality as part of its CP application, no PRA peer review should be required at the CP application stage.

20 of 77 16

PRA Scope and Level of Detail 2.1.1c - Two-Step Licensing (cont.)

  • Planned TICAP change to 2.1.1 Two-Step Licensing guidance is shown below

- To be clear, consistent with the baseline for this guidance, to the extent that an applicant does not request any design finality as part of its CP application, no PRA peer review should be required at the CP application stage. However, if an applicant wishes to seek Commission approval of any design feature or specifications, then peer review for the scope of the PRA supporting those features or specifications would be required consistent with the non-LWR PRA Standard ASME/ANS-RA-S-1.4-2021.

21 of 77 17

PRA Scope and Level of Detail 2.1.2 - Human Actions The last bullet in this section states that SAR Chapters 6 and 7 are to address reliability and capability targets for SR and NSRST SSCs.

Further discussion is necessary in either NEI 21-07, Revision 1, or in TICAP draft RG white paper to address SR and NSRST human actions.

  • This comment will be addressed in the context of the cross-cutting major topic on human actions 22 of 77 18

PRA Scope and Level of Detail Summary

  • PRA will be used much more extensively and in a very different manner in an application based on the NEI 18-04 methodology than in past ALWR applications
  • PRA information is necessarily integrated throughout the parts of the SAR essential to the LMP-based affirmative safety case rather than collected in one place
  • Although some PRA results are applied directly, e.g., LBE information, the PRA results most essential to the LMP affirmative safety case are combined with deterministic inputs to a RIPB Integrated Decision-Making process.
  • As described in the previous slides, the guidance will call for some summary information to be provided in Chapter 2 and other information to be provided in other pertinent chapters 23 of 77 19
  1. 2: Human Actions 24 of 77 20

Human Actions TICAP Perspective

  • The inclusion of safety significant human actions in the SAR is in the TICAP scope, consistent with NEI 18-04
  • The guidance locates the human action-related results and treatments in the appropriate chapter, consistent with

- the objectives and context of the chapter, and

- the flow of the affirmative safety case logic

  • The level of detail of the actions is informed by the safety significance of SSC performance requirements the actions support
  • SSC safety classification is based on SSCs performing specific functions that are identified in the LBEs

- In NEI 18-04 SSCs are not classified outside the context of the SSC safety functions they perform.

25 of 77 21

Human Actions TICAP Perspective (cont.)

  • Any human action or inaction that contributes to or prevents the performance of a safety function must involve SSCs
  • Any human action that may be needed to enable an SSC to perform its safety function, or to provide a backup to an automatic action of an SSC, is an integral part of the SSC safety performance and is not a separable item
  • TICAP guidance recognizes that human actions are considered as part of the classifying SSC safety significance, establishing reliability and capability targets, and special treatment requirements
  • The required details of the Human Factors Engineering (HFE) program are presumed to be in ARCAP Chapter 11 and not included in TICAP Chapters

- Further reconciliation of TICAP human action discussions and ARCAP HFE content is needed 26 of 77 22

Human Actions NRC Comments

  • NRC Clarification and Additions related to human actions are listed below

- 2.1.2 Summary of Key PRA Results

- 4.2.2.2 Human Factors Considerations - SR SSC Performance Monitoring

- 4.2.2.3 Human Factors Considerations - NSRST SSC Performance Monitoring

- 6.4.1a Human Factors Considerations - SR SSCs

- 7.3.1a Human Factors Considerations - NSRST SSCs

- 6.4.1b and 7.3.1b Human Reliability and Capability

  • The comments are discussed individually in the following slides 27 of 77 23

Human Actions 2.1.2 Summary of Key PRA Results

  • NRC Clarification and Addition: Page 24 - The last bullet in this section states that SAR Chapters 6 and 7 are to address reliability and capability targets for SR and NSRST SSCs. Further discussion is necessary in either NEI 21-07, Revision 1, or in TICAP draft RG white paper to address SR and NSRST human actions.
  • TICAP Response: Explicit wording to be added in Sections 6.2 and 7.1 to clarify that reliability and capability targets for SSCs incorporate human actions as well 28 of 77 24

Human Actions 4.2.2.2 Human Factors Considerations

  • NRC Addition: Page 44, Further discussion is necessary in either NEI 21-07, Revision 1, or in TICAP draft RG white paper to state that an applicant should include the description of programs to assure human performance for risk-significant functions should address human factors considerations such as operating experience review, safety function review, human action task analysis, human system interface design, procedures, training and V&V, human performance monitoring (where not described in Chapter 6).
  • TICAP Response:

- The TICAP presumption is that ARCAP Chapter 11 will contain the full description of Human Factors Engineering (HFE) program components

- The following example bullet to Chapter 8 program category examples to be added:

>> Conduct of Operations programs (operating procedures, training, HFE, etc.)

- Additional text to be added to Chapters 6 and 7 as discussed below for Section 6.4.1.a 29 of 77 25

Human Actions 4.2.2.3 Human Factors Considerations

  • NRC Addition: Page 45, Further discussion is necessary in either NEI 21-07, Revision 1, or in TICAP draft RG white paper to state that an applicant should include the description of programs to assure human performance for safety-significant functions should address human factors considerations such as operating experience review, safety function review, human action task analysis, human system interface design, procedures, training and V&V, human performance monitoring (where not described in Chapter 7).
  • TICAP Response: See response to 4.2.2.2 above 30 of 77 26

Human Actions 6.4.1a Human Factors Considerations - SR

  • NRC Addition: Page 62 - Further discussion is needed in either NEI 21-07, Revision 1, or the TICAP draft RG white paper to clarify that where human actions perform required safety functions, the description of controls and displays should address human factors considerations such as operating experience review, safety function review, human action task analysis, human system interface design, and V&V.
  • TICAP Response: TICAP plans to adapt the NRC language as follows

- Controls and displays needed to accomplish RSFs - where human actions are required to accomplish safety functions, a description of required controls and displays should be provided 31 of 77 27

Human Actions 7.3.1a Human Factors Considerations - NSRST

  • NRC Addition: Page 65 - Further discussion is needed in either NEI 21-07, Revision 1, or the TICAP draft RG white paper to clarify that where human actions perform PRA safety functions, the description of controls and displays should address human factors considerations such as operating experience review, safety function review, human action task analysis, human system interface design, and V&V.
  • TICAP Response: This addition is similar to the associated with Comment one 6.4.1a
  • That change language will be adapted to the NSRST SSC descriptions 32 of 77 28

Human Actions 6.4.1b and 7.3.1b Reliability and Capability

  • NRC Addition: Pages 61 and 65 - These sections list the design aspects of the various SR and NSRST SSCs, including human actions. Further discussion is needed in either NEI 21-07, Revision 1, or the TICAP draft RG white paper to clarify that the applicant should describe the measures to be taken to ensure that the human actions meet their reliability and capability targets assumed in the PRA. For the reliability and capability of equipment, these measures are called Special Treatment.
  • TICAP response: TICAP plans to adapt the NRC language as follows

- Identification of operator actions needed to implement the RSFs -

where reliability and capability targets for SR human actions are derived from the PRA, measures applied to achieve the target values should be addressed Chapter 11 33 of 77 29

Human Actions Summary

  • The previous slides identify enhancement to human action content in the following locations:

- Section 6.2: Reliability and Capability Targets for SR SSCs

- Section 6.4: Descriptions for SR SSCs

- Section 7.1: Reliability and Capability Targets for NSRST SSCs

- Section 7.3: Descriptions for NSRST SSCs

- Chapter 8: Plant Programs

  • TICAP will supplement the discussions in NEI 21-07 r1 to more explicitly include identification of safety significant actions associated with SSC performance requirements consistent with the analogous discussions on NRC clarifications and additions.
  • It is understood the NRC intends to address human factors engineering content in ARCAP Chapter 11
  • When Chapter 11 is available the TICAP team will attempt to address interface issues between Chapter 11 34and of 77 the NEI 21-07 guidance.

30

  1. 3: Defense-in-Depth 35 of 77 31

Defense-in-Depth (DID)

Background

Attribute

  • Using NEI 21-07, the DID story Use of risk triplet beyond PRA Knowledge level is an integrated discussion Uncertainty management Action refinement spanning the content in multiple chapters of the SAR
  • NEI 21-07 was developed using the affirmative safety case to avoid over-prescribing exactly how the risk-informed, performance-based (RIPB) DID story is presented
  • The purpose of Section 4.2 of the SAR (according to NEI Attribute Attribute IE and accident sequence completeness 21-07) is to present the results Layers of defense Quality/reliability Compensation for uncertainties Functional reliability of the integrated RIPB DID Prevention and mitigation balance Offsite response evaluation 36 of 77 32

Defense-in-Depth (DID)

Mapping from NEI 18-04 to NEI 21-07

1. Establish initial 10. Select SR Iterate as
  • Alignment of NEI 18-04 Figure 5-4 design SSCs and required capabilities define DBAs tasks with content of SAR chapters A

A

2. Establish F-C
11. Perform safety Target Based analysis of DBAs on TLSTs A
  • DID built in during iterative design process
3. Define
12. Confirm Plant SSC safety Capability DID functions for adequacy PRA modeling
4. Define scope 13. Identify NSRST Risk Significant SSCs
  • Integrated DID adequacy evaluation of PRA for current considers all the interfacing SSCs design phase Other SSCs needed for DID Adequacy elements of the RIPB methodology A
14. Define and
5. Perform PRA evaluate FDC for Color Key:

once design and safety SR SSCs Where Topic is Discussed SAR SAR assessments are mature enough for A

Chapter 1 Chapter 4

6. Identify and
15. Evaluate categorize uncertainties and LBEs as AOO, regulatory license applications margins DBE, or BDBE SAR SAR A Chapter 2 Chapter 5
16. Specify
7. Evaluate LBE
  • NEI 18-04 focuses on the method ST requirements risks vs. F-C for SR and NSRST Target SSCs SAR SAR Chapter 6, 7, Chapter 3 while SAR (developed using NEI and/or 8 A A
8. Evaluate 17. Confirm plant risks vs 21-07) focuses on conveying results Programmatic Acronymns Cumulative Risk DID adequacy Targets F-C Frequency Consequence DID Defense-in-Depth for licensing FDC Functional Design Criteria LBE Licensing Basis Events
18. DID adequacy NSRST Non-Safety Related with ST
9. Identify DID established; Document/ SSC Structure, System, Component layers challenged Update DID Baseline ST Special Treatment 37 of 77 by each LBE SR Safety Related evaluation TLSTs Top Level Safety Targets 33

Defense-in-Depth (DID)

Introduction to VTR TICAP Tabletop Exercise

  • The Versatile Test Reactor (VTR) tabletop exercise explored how a specific application might implement the DID guidance

- VTR tabletop report (ML21272A338) completed April 2021 using draft TICAP guidance

- Conducted with GE Hitachi, Argonne National Laboratory, and Idaho National Laboratory

  • One of four TICAP tabletop exercises - major foci included:

- Defense-in-Depth (Appendix A of tabletop report);

- Safety Functions, Design Criteria, and SSC Classification (Appendix B)

- Safety-Related SSC Criteria and Capabilities (Appendix C)

- NSRST SSC Criteria and Capabilities (Appendix D)

  • VTR design at conceptual stage of design during tabletop

- No specific examples of Programmatic DID available

  • VTR will be authorized by DOE; tabletop 38 of 77 report includes some DOE terms 34

Defense-in-Depth Adequacy Plant Capability DID (Section 5.9.3 of NEI 18-04)

  • Plant capability guidelines in Table 5-2 are satisfied
  • Review of LBEs is completed with satisfactory results

- Risk margins against the F-C Target are sufficient

- Risk margins against cumulative risk targets are met

- The role of SSCs in the prevention and mitigation at each layer of defense challenged by each LBE is understood

- Prevention/mitigation balance is sufficient

- Classification of SSCs into SR, NSRST, and NST is appropriate

- Risk significance classification of LBEs and SSCs is appropriate

- Independence among design features at each layer of defense is sufficient

- Design margins in plant capabilities are adequate to address uncertainties identified in the PRA 39 of 77 35

Defense-in-Depth Adequacy Plant Capability DID (Section 5.9.3 of NEI 18-04)

  • Plant capability guidelines in Table 5-2 are satisfied
  • Review of LBEs is completed with satisfactory results

- Risk margins against the F-C Target are sufficient

- Risk margins against cumulative risk targets are met

- The role of SSCs in the prevention and mitigation at each layer of defense challenged by each LBE is understood

- Prevention/mitigation balance is sufficient

- Classification of SSCs into SR, NSRST, and NST is appropriate

- Risk significance classification of LBEs and SSCs is appropriate

- Independence among design features at each layer of defense is sufficient

- Design margins in plant capabilities are adequate to address uncertainties identified in the PRA 40 of 77 36

Defense-in-Depth - VTR Example Plant Capability Guidelines Note:

41 of 77 37

Defense-in-Depth Adequacy Plant Capability DID (Section 5.9.3 of NEI 18-04)

  • Plant capability guidelines in Table 5-2 are satisfied
  • Review of LBEs is completed with satisfactory results

- Risk margins against the F-C Target are sufficient

- Risk margins against cumulative risk targets are met

- The role of SSCs in the prevention and mitigation at each layer of defense challenged by each LBE is understood

- Prevention/mitigation balance is sufficient

- Classification of SSCs into SR, NSRST, and NST is appropriate

- Risk significance classification of LBEs and SSCs is appropriate

- Independence among design features at each layer of defense is sufficient

- Design margins in plant capabilities are adequate to address uncertainties identified in the PRA 42 of 77 38

Defense-in-Depth - VTR Example Risk Margins VTR Tabletop Report, Appendix A NEI 21-07, Table 4-1 Mean F-C Target Freq. Mean F-C Target Mean LBE Mean Freq./

Name Dose at LBE Frequency Dose at LBE Dose Category plant-yr (rem) Dose/plant-yr[a] Margin[b] Freq. (rem) [c] Margin[d]

AOO AOO-5 4.00E-02 2.50E-04 4.00E+02 1.0E+04 1.00E+00 4.0E+03 DBE DBE-10 1.00E-02 2.00E-03 6.00E+01 6.0E+03 1.00E+00 5.0E+02 BDBE BDBE-2 3.00E-06 4.00E-03 2.50E+01 8.3E+06 2.50E+02 6.2E+04 Notes:

[a] Frequency value measured at the LBE mean dose level from the F-C Target

[b] Ratio of the frequency in Note [a] to the LBE mean frequency (Mean Frequency Margin)

[c] Dose value measured at the LBE mean frequency from the F-C Target

[d] Ratio of the dose in Note [c] to the LBE mean 43 dose (Mean Dose Margin) of 77 39

Defense-in-Depth Adequacy Plant Capability DID (Section 5.9.3 of NEI 18-04)

  • Plant capability guidelines in Table 5-2 are satisfied
  • Review of LBEs is completed with satisfactory results

- Risk margins against the F-C Target are sufficient

- Risk margins against cumulative risk targets are met

- The role of SSCs in the prevention and mitigation at each layer of defense challenged by each LBE is understood

- Prevention/mitigation balance is sufficient

- Classification of SSCs into SR, NSRST, and NST is appropriate

- Risk significance classification of LBEs and SSCs is appropriate

- Independence among design features at each layer of defense is sufficient

- Design margins in plant capabilities are adequate to address uncertainties identified in the PRA 44 of 77 40

Defense-in-Depth - VTR Example Confirmation of Plant Capability Adequacy See Sections A.4.2.2.1 and A.4.2.2.2 of VTR Tabletop Report:

  • The balance between prevention and mitigation is also reviewed by the IDP as a part of the plant capability DID discussed in Table A-1.
  • The technical bases for classifying SSCs are provided in Chapter 3, where the use of the LMP methodology is discussed. The SSC classification results are provided in Chapter 5 as well as the SSC RSFs.
  • The effectiveness of physical and functional barriers to retain radionuclides in preventing and limiting releases is demonstrated in the PRA and LMP F-C results discussed in Chapter 3. The results were reviewed by the IDP for confirmation of adequacy. As discussed in NEI 18-04, Table 5-4 [1]; the fraction of source term released from the fuel, coolant boundary and reactor building can be mitigated by inherent and passive capabilities including design margins to limit the release.

45 of 77 41

Defense-in-Depth Adequacy Programmatic DID (Section 5.9.3 of NEI 18-04)

  • Performance targets for SSC reliability and capability are established
  • Sources of uncertainty in selection and evaluation of LBE risks are identified

- Completeness in selection of initiating events and event sequences is sufficient

- Uncertainties in the estimation of LBE frequencies are evaluated

- Uncertainties in the plant response to events are evaluated

- Uncertainties in the estimation of mechanistic source terms are evaluation

- Design margins in plant capabilities are adequate to address residual uncertainties

  • Special treatment for all SR and NSRST SSCs is sufficient 46 of 77 42

Defense-in-Depth Adequacy Programmatic DID (Section 5.9.3 of NEI 18-04)

  • Performance targets for SSC reliability and capability are established
  • Sources of uncertainty in selection and evaluation of LBE risks are identified

- Completeness in selection of initiating events and event sequences is sufficient

- Uncertainties in the estimation of LBE frequencies are evaluated

- Uncertainties in the plant response to events are evaluated

- Uncertainties in the estimation of mechanistic source terms are evaluation

- Design margins in plant capabilities are adequate to address residual uncertainties

  • Special treatment for all SR and NSRST SSCs is sufficient 47 of 77 43

Defense-in-Depth - VTR Comments Special Treatment Adequacy

  • VTR design was not mature enough to support exploration of Programmatic DID
  • The reliability and availability requirements related to the performance of SSC functions were not completed for the VTR in this phase of design. The programmatic attributes for reliability/availability are discussed in Chapter 8 of the SAR, which is not within the scope of this tabletop exercise.

Programs that ensure reliability and availability targets are met include:

- The RAM program, with the objective of maintaining the facility in a safe state.

- SSC Testing, inspection and monitoring programs including application of the maintenance rule program.

- Application of Technical Specifications including allowed outage times for SR-SSCs, where applicable.

- Environmental Qualification Program, which ensures SSCs can perform their safety functions within the environmental and accident conditions that the SSCs might experience during an LBE. 48 of 77 44

Defense-in-Depth Adequacy Risk-Informed Evaluation of DID

  • Foundation laid in incremental reviews of results as part of design development processes
  • Periodic integrated design reviews normally done as design matures
  • Final Integrated DID Adequacy Review prior to combined construction permit and operating license application completes the process and establishes the safety baseline for licensing change control
  • Result of the evaluation is confirmation of adequate DID (for safety case as a whole) with respect to the following attributes:

- Use of risk triplet beyond PRA

- Knowledge level

- Uncertainty management 49 of 77

- Action refinement 45

Defense-in-Depth NRC Comment - Section 4.2.1

  • NRC Comment

- Clarification: Text added to provide a complete description of DID analysis.

- For SSCs that are relied upon to perform DID prevention and mitigation functions for risk-significant LBEs, and where not described elsewhere in the SAR, this section should describe the set of requirements related to the performance, reliability, and availability of the SSC functions that are relied upon to ensure the accomplishment of their tasks, as defined by the PRA or deterministic analysis. This description should include how that capability is ensured through testing, maintenance, inspection and performance monitoring.

50 of 77 46

Defense-in-Depth NRC Comment - Section 4.2.1

  • TICAP Response

- NEI 18-04, Section 5.6.2: Non-SR SSCs that perform a function or functions that are necessary for DID adequacy are classified as NSRST.

Special treatment requirements for NSRST SSCs include the setting of performance requirements for SSC reliability, availability, and capability and any other treatments deemed necessary by the IDP for completing the integrated design process in Figure 5-4 and evaluating DID adequacy.

- NSRST SSC performance criteria and capabilities are presented in Chapters 5 and 7 of a SAR developed using NEI 21-07

- The suggested clarification will not be added in order to minimize the amount of information repeated in different chapters of the SAR 51 of 77 47

Defense-in-Depth NRC Comment - Section 4.2.2

  • NRC Comment

- Further discussion is needed in either NEI 21-07, Revision 1, or the TICAP draft RG white paper to document that The applicant should provide the justification for where the design does not incorporate the programmatic capability attributes provided in NEI 18-04 Table 5-6.

52 of 77 48

Defense-in-Depth NRC Comment - Section 4.2.2

  • TICAP Response

- The RIPB DID approach described in NEI 18-04 (including the considerations in Table 5-6) is not a compliance-based framework

- The objective of the integrated RIPB assessment of DID is to confirm that the entire safety case (including plant capability and programmatic elements of DID) is adequate to provide reasonable assurance of adequate protection

- One result of the integrated assessment is the conclusion that each element of DID has been sufficiently evaluated, commensurate with the RIPB safety case of the specific plant design

- Additionally, the affirmative safety case approach does not require negative declarations in the SAR licensing basis

- As such, the suggested edit will not be implemented in the revision to NEI 21-07 53 of 77 49

Defense-in-Depth NRC Comment - Section 4.2.3b

  • NRC Comment

- Addition: Further discussion is needed in either NEI 21-07, Revision 1, or the TICAP draft RG white paper to document that an applicant should address how the integrated DID analysis meets the standards in NEI 18-04

- The applicant should summarize how the integrated DID process was applied in evaluating the overall adequacy of DID. The description should address how each of the decision guidelines listed in NEI 18-04, Section 5.9.3, was evaluated and the basis for an affirmative response.

The criteria used in making the decisions (e.g., risk margins are sufficient, prevention/mitigation balance is sufficient, etc.) should be provided. If quantitative measures were used as part of the criteria, they should be provided. A description of how the results of the integrated DID process are documented and available for future DID decision-making and operations support should 54 of 77 also be provided.

50

Defense-in-Depth NRC Comment - Section 4.2.3b

  • TICAP Response

- The comprehensive DID story is not entirely contained within Section 4.2 of a SAR developed using NEI 21-07

>> Examples from the VTR TICAP tabletop exercise were used to demonstrate the cross-linkages between the DID story and other relevant portions of the SAR

- The RIPB DID approach described in NEI 18-04 is not a compliance-based framework

- The objective of the integrated RIPB assessment of DID is to confirm that the entire safety case (including plant capability and programmatic elements of DID) is adequate to provide reasonable assurance of adequate protection

- First, third, and fourth sentences (italicized on previous slide) will be added to Section 4.2.3 55 of 77 51

Defense-in-Depth NRC Comment - Section 4.2.3c

  • NRC Comment

- Clarification and Addition: Further discussion is needed in either NEI 21-07, Revision 1, or the TICAP draft RG white paper to document that an applicant should include a discussion of the change process associated with defense in depth analysis described in Section 4.2.3 of the NEI guidance document.

- The change control process should be described addressing how the baseline DID evaluation will be re-evaluated, based on proposed changes, to determine which programmatic or plant capability attributes have been affected for each layer of defense. Changes that impact the definition and evaluation of LBEs, safety classification of SSCs, or risk significance of LBEs or SSCs should be assessed. This section should also describe how any changes to the baseline DID evaluation will be documented and implemented.

56 of 77 52

Defense-in-Depth NRC Comment - Section 4.2.3c

  • TICAP Response

- TICAP agrees with the NRC that change control is an area that needs to be addressed for reactors using an NEI 18-04 LMP-based affirmative safety case

- TICAP believes that the proposed addition by the NRC goes beyond re-evaluation of the baseline DID evaluation

>> TICAP agrees that Changes that impact the definition and evaluation of LBEs, safety classification of SSCs, or risk significance of LBEs or SSCs should be assessed

>> However, these are not DID-specific issues, but are broader in nature

- TICAP proposes to address change control more broadly, but including impacts on DID, with additional guidance on implementation of 10 CFR 50.59 for reactors with an NEI 18-04 LMP-based affirmative safety case

>> See further discussion under the next topic 57 of 77 53

  1. 4: Additional Documentation for LBEs 58 of 77 54

Additional Documentation for Some LBEs

Background

- DBAs are deterministic events derived from DBEs but relying only on safety-related equipment

- Other events are event sequence families from the PRA

- NEI 21-07 requires Chapter 15 type information for DBAs but requirements for other LBEs are different (intentionally less stringent)

- NRC wants the SAR to contain detailed dose analysis information for all LBEs

>> Further discussion is needed in either NEI 21-07, Revision 1, or the TICAP draft RG white paper to clarify that a description of the models, site characteristics, and supporting data associated with the calculation of the mechanistic source terms and radiological consequences should be included in the discussion of AOOs with a release in Section 3.3.1 of the SAR.

59 of 77 55

Additional Documentation for Some LBEs Background (cont.)

  • Justification for NRC position

- the safety case for the reactor is tied to appropriately identifying licensing basis events, including Anticipated Operational Occurrences (AOOs), Design Basis Events (DBEs), Design Basis Accidents (DBAs),

and Beyond Design Basis Events (BDBEs).

- This type of information should be captured in the SAR to ensure that changes to the plant are appropriately assessed under the applicable change process (e.g., 10 CFR 50.59) reflecting their status as methods of evaluation used in establishing the design bases or in safety analyses.

  • TICAP agrees with the first bullet point but disagrees with the second
  • TICAP also notes that these issues identified in NRC Clarification and Exception Comments 3.3.1, 3.4.1, and 3.5.1 are essentially identical to the issues raised in NRC Addition Comment 4.1 60 of 77 56

Additional Documentation for Some LBEs TICAP Position

  • There is a distinction between AOOs, DBEs, BDBEs, on the one hand, and DBAs on the other hand, for a reason

- They are best estimate analyses, not conservative Chapter 15 analyses

- PRA analyses are not performed and controlled like Chapter 15 analyses

- Assurance of technical adequacy of the PRA is provided through the peer review process described in the non-LWR PRA Standard ASME/ANS-RA-S-1.4-2021

- Changes to the PRA are controlled through processes addressed in the non-LWR PRA Standard

- The direct link to PRA event sequences has implications for SAR documentation 61 of 77 57

Additional Documentation for Some LBEs TICAP Position (cont.)

- They are based on DBEs but assume only safety-related equipment is available to mitigate the event

- DBA analyses are performed with conservative deterministic safety analysis methods (i.e., Chapter 15-type analyses) and results are compared to regulatory limits

- DBA analyses demonstrate the adequacy of safety-related SSC identification in the performance of their RSFs 62 of 77 58

Additional Documentation for Some LBEs TICAP Position (cont.)

  • DBA analyses are documented in SAR Section 3.6

- The information desired by the NRC is to be provided in the SAR in Chapter 3 or Chapter 2

  • Consideration of DBAs in evaluation of changes should provide reasonable assurance that changes to the plant or methods of analyses do not pose an undue risk to the public 63 of 77 59

Additional Documentation for Some LBEs TICAP Position (cont.)

  • PRA is an analytical tool that reflects the best understanding of plant risk, and it needs to be maintained consistent with that purpose
  • It is not necessary - and in fact counterproductive - to include detailed information on the method of evaluation for AOOs, DBEs, and BDBEs in the SAR

- PRAs are not Chapter 15 analyses

- Rather than controlling the PRA through established processes as described in the Non-LWR PRA Standard, putting too much PRA content in the SAR could make PRA activities subject to 10 CFR 50.59, which is not a practical process 64 of 77 60

Additional Documentation for Some LBEs Further Discussion

  • The NRC position seems to be grounded in the viewpoint that all NEI 18-04 LBEs must be treated as if they are Chapter 15 DBAs
  • NEI 18-04 and NEI 21-07, if properly implemented, provide a risk-informed, performance-based approach to demonstrating reasonable assurance of adequate protection

- The risk tool - the plant PRA - is integrated into the plant design and safety case

- The approach retains traditional deterministic elements (DBAs) that enable application of the existing regulatory framework (10 CFR Parts 50 and 52)

  • If too much information is required to be in the SAR, NEI 18-04 and NEI 21-07 will not be practical because it would unduly increase overall burden on the applicant and licensee 65 of 77 61

Additional Documentation for Some LBEs Further Discussion (cont.)

  • The PRA will evolve over the life of the plant

- Models of plant, system, and human behavior

- Incorporation of new structure, system, and component (SSC) performance data

- Changes in analytical methods

  • These changes will be reflected in the SAR through PRA results

- Events, event frequencies, consequences, integrated plant performance, etc. as noted in Section 2.1.2 of NEI 21-07

  • Proposed plant changes will be evaluated against the information in the SAR, including the traditional deterministic DBA analyses

- DBA methods of analyses are addressed under 10 CFR 50.59

  • The scenario of NRC concern is not clear 66 of 77 62

Additional Documentation for Some LBEs Observations on Change Control

  • Industry and NRC have extensive experience applying 10 CFR 50.

59 (change control) in accordance with guidance provided in NEI 96-07

  • 50.59 guidance needs enhancement to apply the regulation effectively to reactors with applications developed pursuant to NEI 18-04 and NEI 21-07
  • Industry plans to propose such guidance to the NRC
  • Lack of detailed 50.59 guidance at this time should not preclude finalization of SAR guidance
  • If necessary, NEI 21-07 or the associated regulatory guide can be adjusted once 50.59 guidance is in place 67 of 77 63

Additional Documentation for Some LBEs Summary

  • TICAP and the NRC disagree about the level of documentation necessary in the SAR for non-DBA LBEs
  • TICAP believes the NEI 21-07 approach provides reasonable assurance of adequate protection and includes the appropriate information in the SAR for an effective change control program
  • TICAP believes the changes proposed by the NRC are not necessary for reasonable assurance of adequate protection and would unduly burden the applicant and licensee 68 of 77 64

Other NRC Comments 69 of 77 65

Other NRC Comments B.3 Italics vs. Regular Font

  • TICAP developed a distinction between guidance in italics and regular font (see NEI 21-07 Section B.3)

- Italics denotes background information for context and perspective

- Regular font denotes instructions for the applicant

  • NRC desires more text to be in regular font (guidance) rather than italics
  • TICAP does not believe that this should be a major issue
  • TICAP performed an independent review of the NRCs suggested changes against the TICAP criteria and adopted some of the NRC suggested changes - but not all 70 of 77 66

Other NRC Comments B.3 Italics vs. Regular Font

  • NRC also desires to modify the italics criterion to include modifications to NEI 18-04 (see NRC redline markup)

- The additional criterion for regular font is or further clarifies details of the LMP approach beyond the description(s) provided in NEI 18-04 and the associated endorsements in RG 1.233.

  • TICAP does not plan to implement the NRCs desired change

- There does not appear to be compelling value to the NRC proposal

- TICAP will stick with simple, binary criteria rather than introduce another category

  • TICAP did make additional modifications to Section B.3 in an attempt to further clarify its criteria 71 of 77 67

Other NRC Comments Section 5.4

  • Section 5.4 includes contextual information from NEI 18-04 and its supporting documents that does not need to be in an application

- Specifically, Table 5-2 which provides background information on how SSC combinations to satisfy RSFs are determined

  • NRC stated in its redline markup that Table 5-2 should be required in the SAR

- NRC provided no basis or justification other than the information should be included in the application.

  • TICAP disagrees with the NRC statement and plans no changes to the guidance document in this regard 72 of 77 68

Questions Questions?

© 2018 NEI. All rights reserved.

73 of 77 ©2021 Nuclear Energy Institute 69

NRC Update to TICAP Guidance

  • NRC draft exceptions, clarifications, and additions (ML21274A032)
  • Discussed during October 5, 2021, Public Meeting
  • Staff updating July 8, 2021, draft TICAP Regulatory Guide white paper (ML21190A014) to include the following:
  • Exceptions, clarifications, and additions discussed during October 5, 2021, public meeting
  • Interpretation of principal design criteria (PDC) requirements and proposed guidance not included and will be updated when staff position has been developed
  • Staff removing addition related to applicability of Tables 5-1 and 5-2 to Non-Safety-Related with Special Treatment (NSRST) structures, systems, and components (SSCs).
  • Based on reconsideration from information provided during October 5, 2021, public meeting, staff determined that this does not apply to the NSRST SSC classification process 74 of 77 5

NRC Update to TICAP Guidance

  • Staff updating July 8, 2021, draft TICAP Regulatory Guide white paper (ML21190A014) to include the following (continued):
  • Exceptions, clarifications, and additions discussed during October 5, 2021, public meeting (continued):
  • Staff considering changes to discussion Appendix B, Example Licensing Basis Event Descriptions, beyond stating that it does not endorse it.
  • Considering expanding discussion, with appropriate caveats, that Appendix B provides useful examples on how to apply the guidance in specific areas
  • Staff notes that in the absence of an NRC-approved SAR with associated references, a conclusion on completeness is predecisional 75 of 77 6

NRC Update to TICAP Guidance

  • Staff updating July 8, 2021, draft TICAP Regulatory Guide white paper (ML21190A014) to include the following (continued):
  • Updating draft TICAP Regulatory Guide white paper Appendix A, Construction Permit Application Guidance, based on NEI 21-07, Revision 0 and to note inconsistencies, for example:
  • Detailed list addressing site information required to be in the construction permit (CP) application
  • Preliminary analysis to support §§ 50.34(a)(4) & 50.43(e)(1)(iii) reasonable assurance finding addressed in Section 2.c of Appendix A
  • PDC discussion and complimentary design criteria (CDC) discussion will be updated
  • Information to support determinations that each Safety-Related (SR) or NSRST SSC will meet reliability and performance specifications credited in the PRA discussed in Sections 6 and 7 of Appendix A
  • Outside of TICAP guidance, NRC is considering adding guidance on how to select the source term to be used for the siting determination to the ISG for Chapter 2 "Site Information" 76 of 77 7

Next Steps - Future Milestones TICAP Near-Term Milestones Target Date Update of NRC Draft Guidance Documents November 2021 ACRS Future Plant Designs Subcommittee December 15, 2021 Meeting on ARCAP/TICAP Guidance Documents Continuation of Discussion of NRC draft TBD Exceptions, Clarifications, and Additions (possibility of future draft industry or staff documents)

NEI 21-07, Revision 1 TBD Issuance of TICAP draft RG and ARCAP Early Calendar Year interim staff guidance for public comment 2022 77 of 77 8