ML23304A373
| ML23304A373 | |
| Person / Time | |
|---|---|
| Site: | 05200050 |
| Issue date: | 12/31/2022 |
| From: | NuScale |
| To: | Office of Nuclear Reactor Regulation |
| Shared Package | |
| ML23306A033 | List:
|
| References | |
| LO-151262 TR-124333-NP | |
| Download: ML23304A373 (1) | |
Text
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0 Licensing Technical Report
© Copyright 2022 by NuScale Power, LLC i
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan December 2022 Revision 0 Docket: 52-050 NuScale Power, LLC 1100 NE Circle Blvd., Suite 200 Corvallis, Oregon 97330 www.nuscalepower.com
© Copyright 2022 by NuScale Power, LLC
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0 Licensing Technical Report
© Copyright 2022 by NuScale Power, LLC ii COPYRIGHT NOTICE This document bears a NuScale Power, LLC, copyright notice. No right to disclose, use, or copy any of the information in this document, other than by the U.S. Nuclear Regulatory Commission (NRC), is authorized without the express, written permission of NuScale Power, LLC.
The NRC is permitted to make the number of copies of the information contained in these reports needed for its internal use in connection with generic and plant-specific reviews and approvals, as well as the issuance, denial, amendment, transfer, renewal, modification, suspension, revocation, or violation of a license, permit, order, or regulation subject to the requirements of 10 CFR 2.390 regarding restrictions on public disclosure to the extent such information has been identified as proprietary by NuScale Power, LLC, copyright protection notwithstanding.
Regarding nonproprietary versions of these reports, the NRC is permitted to make the number of additional copies necessary to provide copies for public viewing in appropriate docket files in public document rooms in Washington, DC, and elsewhere as may be required by NRC regulations. Copies made by the NRC must include this copyright notice in all instances and the proprietary notice if the original was identified as proprietary.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0 Licensing Technical Report
© Copyright 2022 by NuScale Power, LLC iii Department of Energy Acknowledgment and Disclaimer This material is based upon work supported by the Department of Energy under Award Number DE-NE0008928.
This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights.
Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or any agency thereof. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or any agency thereof.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0 Table of Contents
© Copyright 2022 by NuScale Power, LLC iv Abstract................................................................... 1 Executive Summary.......................................................... 2 1.0 Introduction.......................................................... 3 1.1 Purpose.............................................................. 3 1.2 Scope................................................................ 3 1.3 Abbreviations.......................................................... 4 2.0 Implementation........................................................ 5 2.1 Functional Requirements Analysis and Function Allocation Process Overview....... 5 3.0 Methodology.......................................................... 7 3.1 General Information..................................................... 7 3.2 Functional Requirement Analysis........................................... 7 3.3 Function Allocation...................................................... 9 3.4 System-Level Analysis................................................... 9 3.5 Validation............................................................. 9 3.6 Automation Philosophy................................................. 10 3.7 Automation Criteria.................................................... 10 4.0 Conclusion.......................................................... 13 5.0 References.......................................................... 14 5.1 Source Documents..................................................... 14 5.2 Referenced Documents................................................. 14
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0 List of Tables
© Copyright 2022 by NuScale Power, LLC v
Table 1-1 Abbreviations.................................................... 4 Table 1-2 Definitions....................................................... 4 Table 3-1 NuScale Plant Functions........................................... 8 Table 3-2 Levels of Automation............................................. 11
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 1
Abstract The functional requirements analysis and function allocation is a significant element of the Human Factors Engineering Program. The purpose of this element is to verify that those functions that must be carried out to satisfy the plant's safety and commercial goals, and that the assignment of responsibilities for those functions (function allocation) to personnel and automation, takes advantage of human and machine strengths and avoids human and machine limitations. This implementation plan describes the process that ensures the NuScale Power Plant design, including design changes, is incorporated into the task analysis, training program, and process library from a Human Factors Engineering perspective.
The methodology used in the functional requirements analysis and function allocation Human Factors Engineering element conducted by NuScale is consistent with the applicable provisions of Section 4 of NUREG-0711, Reference 5.1.1.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 2
Executive Summary Consistent with the guidance of NUREG-0711, Reference 5.1.1, Section 4, the scope of the functional requirements analysis and function allocation (FRA/FA) performed by NuScale includes a method to ensure that the functions necessary to accomplish plant goals are defined and analyzed so that the allocation of functions to personnel and machine resources takes advantage of human and machine strengths and avoids human and machine limitations.
The FRA/FA analysis is done in two phases for the NuScale Power Plant design; an initial analysis for the Design Certification Application (DCA) was documented in a results summary report, which led to a revised implementation plan to support the NuScale Power Plant US460 standard design. The FRA process performed for the DCA identified plant functions that must be performed to satisfy the plant's overall safety and operating objectives and goals. NuScale established plant functions to meet those objectives and goals. NuScale also established system level functions that are designed to support the plant functions.
The FRA/FA effort for the NuScale DCA was based on high-level plant functions, which were defined during the initial Design Reliability Assurance Program analysis, as described in Section 17.4 of the DCA. This effort ensured these high-level functions were addressed with respect to plant design. Upon completion of the FRA/FA work, the results were incorporated into the Human Factors Engineering (HFE) task analysis, which were then used during the development of the NuScale Power Plant operating procedures. As a result, the updated HFE task analysis database was tied to system-level functions and tasks, rather than high-level plant functions. During this alignment, the operator training program task analysis and task-to-training matrix was added to the HFE task analysis and operating procedure set. Going forward, the HFE task analysis will be cross referenced to the FRA/FA database to ensure that interrelated items remain aligned and can be managed in one interlinked database. NuScale maintains the HFE, training, and operating procedure database until the licensee assumes responsibility.
The FA determines if tasks are performed by personnel, automation, or a combination of both.
Each system function is analyzed to determine the tasks, how the tasks are performed (manual, automated, or both), the technical basis, and the role of the operator. The analysis and allocation results for the FRA/FA are maintained in the FRA/FA & task analysis database.
This report describes the revised implementation methodology of the HFE Program FRA and FA analysis. The foundation for this implementation plan was first documented to support the DCA in Human Factors Engineering Functional Requirements Analysis and Function Allocation Results Summary Report, RP-0316-17615, Rev. 0 (Reference 5.2.1).
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 3
1.0 Introduction 1.1 Purpose The purpose of this document is to describe the process to implement and maintain the functional requirements analysis and function allocation (FRA/FA) database for the NuScale Power Plant (NPP) for the Standard Design Approval. A standalone FRA/FA database was initially documented as part of the Design Certification Application process.
To support US460 Standard Design Approval Application activities, NuScale maintains a single database to address FRA/FA and task analysis (TA) Human Factors Engineering (HFE) elements.
1.2 Scope The scope of the FRA/FA includes activities performed by licensed operators in the main control room during normal, abnormal, and emergency operating conditions. It also includes activities performed by the non-licensed operators assigned to each crew, and activities performed by the specifically assigned refueling senior reactor operator, which are directly related to licensed operators. Analysis for maintenance activities, activities completed by craft or technical personnel (e.g., mechanical, electrical, or instrumentation and controls, health physics, chemistry, engineering, or information technology), the Technical Support Center, Emergency Operations Facility, or other Emergency Response facilities, unless they are determined to impact licensed operator responsibilities, are outside the scope of this report. When licensed operator responsibilities are impacted, the area of concern is analyzed to a degree sufficient to quantify the impact to licensed operator functional responsibilities, human-system interface (HSI) design, and associated allocation of functions.
Design changes to NuScale systems that require direct operator interaction, relative to the plant design, are evaluated for HFE impact. Each task is analyzed to ensure plant goals and desired performance is accomplished. This includes determining that the system components, instrumentation, controls, automation, and alarms are sufficient.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 4
1.3 Abbreviations Table 1-1 Abbreviations Term Definition DCA Design Certification Application D-RAP Design Reliability Assurance Program FA function allocation FRA functional requirements analysis HFE Human Factors Engineering HSI human-system interface NPP NuScale Power Plant RCPB reactor coolant pressure boundary SDAA Standard Design Approval Application SSC structures, systems, and components TA task analysis Table 1-2 Definitions Term Definition D-RAP The purpose of Design Reliability Assurance Program (D-RAP) is to guide NuScale Power, LLC (NuScale) personnel through the process of identifying risk-significant structures, systems, and components (SSC).
These identified SSC are controlled under a number of programs and are cataloged in the D-RAP report.
FRA/FA The identification of functions that must be performed to satisfy the nuclear power plants overall goals. Function allocation determines which tasks are manual, automatic, or a combination of the two.
FRA/FA & TA database The FRA/FA & TA database is a relational database that is used to store the FRA/FA, task analysis, staffing and qualifications analysis, development of HSI, procedures, and training data. In this document it may be referred to as the FRA/FA & TA database or database.
Plant functions The plant functions describe how the plant meets NuScales mission statement of safe, scalable, affordable, electrical generation using nuclear power.
Subject matter expert An individual with appropriate knowledge in a specific area or discipline that has sufficient experience and education to competently develop or review a licensing topical report in that discipline.
Unit A NuScale unit consists of the components necessary to generate electricity. This includes a primary side containing a reactor power module and its specific supporting systems, and a secondary side containing a turbine generator and its specific supporting systems.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 5
2.0 Implementation 2.1 Functional Requirements Analysis and Function Allocation Process Overview The FRA/FA incorporates HFE Program principles and practices and is performed using a structured and documented methodology. The process is iterative in nature and is kept current over the plant's life cycle, from design development through decommissioning.
During the design process, the NuScale Power Plant SSC are evaluated to ensure that the plant's overall safety and operating objectives continue to be met. Additional evaluation is performed to determine if the changes being made impact the original functional allocation. For example, if a design change creates a more complicated series of actions, it may be beneficial to include automatic controls for the new function.
The product of the FRA is a complete set of functional requirements necessary to satisfy NPP functions. The product of the FA is the identification of how personnel and automatic controls perform the functions.
The original FRA/FA scope involved analyzing each system that requires direct operator interaction. Each system function was analyzed to ensure NuScale's high-level goals and desired performance is accomplished. This process included determining that the system components, instrumentation, controls, automation, and alarms are sufficient.
The plant functions evolve as the system design matures and can be found in the system design description and the functional specification. These data, along with the input from the subject matter expert, is used to determine the tasks that need to be completed and the appropriate role for each task. These data provide the basis to ensure that the plant functions are satisfied.
During the original FA process, each system function was analyzed to determine the tasks based on the conditions or components required for that function and was entered into an FA table. In this table, the determination was documented whether the task was automatic, manual or shared, the technical basis for the allocation was documented, and the role of the operator was identified. The information obtained during the FRA/FA process provided a foundation for the task analysis.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 6
The process undertaken to maintain FRA/FA integrity feeds into the following end products:
tasks allocated to human control, automation, or a combination of human and automation
inputs to the following elements:
HFE task analysis operating experience review staffing & qualifications human-system interface design treatment of important human actions procedure development training development
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 7
3.0 Methodology 3.1 General Information The HFE Program includes FRA/FA as part of a series of analyses that relies primarily on design documents and subject matter experts. Functional requirements analysis is a resource for task analysis, staffing & qualifications, and the development of HSI, procedures, and training; there is feedback to FRA/FA from treatment of important human actions for the identification of important human actions and operating experience review.
The FRA/FA methodology remains the same whether conducted as the first step in a series or when the task is revisited as part of the natural evolution of updating the plant design as it matures. Rigid sequencing is not practical for HFE analyses as the iterative nature of both the design and the HFE process necessitates flexibility. For example, new or modified tasks in the task analysis would require updating the FA table; conversely, changes to the FA table may need to be reflected in the task analysis. Those changes are made as part of the NuScale design development process, or the necessary changes become HFE issues to be tracked using the Human Factors Engineering issues tracking system.
3.2 Functional Requirement Analysis Plant-level functions are defined, which, when successfully executed, accomplish the plant functional goals: 1) to ensure the health and safety of the public by preventing or mitigating the consequences of postulated accidents, and 2) to generate electricity. For the NuScale design, the plant functions are shown in Table 3-1.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 8
The original functional analysis process included a team review of SSC functions derived from design documentation. Based on the team review of the SSC functions (documented in the D-RAP report for each associated system), a determination was made to ensure the SSC can support the plant functions (e.g., reactivity control and containment integrity).
The function decomposition process addressed plant functions and processes, specific plant systems and components, and appropriate human actions. The team members verified that plant level functions and associated requirements necessary to achieve safe and reliable operation have been analyzed and documented in the database.
As the NuScale Power Plant design evolves, the system design descriptions and the functional specifications, along with the input from the subject matter expert, are used to determine the tasks that need to be completed and the appropriate role for each task.
The data are maintained in the FRA/FA & TA database and provides the basis to ensure that the plant functions are satisfied.
Table 3-1 NuScale Plant Functions Plant Function NuScale Design Features to Support Plant Function Remove Fuel Assembly Heat Design features used to remove heat from the fuel assemblies via passive convection and conduction.
Maintain Containment Integrity Design features used to maintain containment integrity to prevent fission product from escaping the containment boundary.
Maintain Reactor Coolant Pressure Boundary (RCPB)
Integrity Design features used to maintain RCPB integrity to prevent fission products from escaping the RCPB.
Reactivity Control Design features used to maintain reactivity within required limits.
Radioactivity Control Design features used to control the spread of radioactive contamination.
Emergency Response Design features used to identify and communicate plant conditions to internal and external organizations during emergencies.
Human Habitability Design features used to maintain comfortable and safe environmental conditions for personnel habitability by providing adequate air quality, air temperature, humidity, fire and radiation protection, illumination, and sanitary and potable water supplies.
Protection of Plant Assets Design features used to protect plant assets from degradation due to plant environmental conditions or external environmental conditions.
Plant Security Design features used to protect the physical security of the plant.
Power Generation Design features used to perform startup, normal operations, shutdown, and refueling.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 9
3.3 Function Allocation The FA assigns task responsibilities to personnel and automation, taking advantage of human and machine strengths and avoiding human and machine limitations. Each system function is analyzed at the component level (e.g., pumps, control valves) and plant conditions (e.g., system startup or shutdown). The tasks that need to be performed are identified, then for each task a determination is made for the technical basis, the allocation (automatic, manual, or shared), and the role of the operator.
The technical bases for determining the FA is as follows:
operating experience (major plant evolutions or subject matter expert determination that automation would aid the operator)
whether human error is likely (complex sequence or performing tasks within the available time)
whether human capabilities are exceeded
technical feasibility or cost
whether precise control is required, for example:
quick response routine or repetitive tasks continuous monitoring temperature, pressure, or level control standby pump starts
whether human knowledge and judgment is needed 3.4 System-Level Analysis In the event a system design is revised, the design change documentation is reviewed to ensure that the system function supports the plant functions. The results of system design change reviews are contained and updated in the FRA/FA & TA database.
3.5 Validation In order to confirm the subject matter expert selections for FA, simulation of the function is tested using the HSI or tabletop procedure walkthrough. In the event that the allocation negatively impacts operator workload or situational awareness, the FA may be adjusted based on these results. Overall changes to operator workload also may impact integrated systems validation testing and are considered separately.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 10 3.6 Automation Philosophy Determining the level of automation during design is an iterative process. Balancing the needs of the operator, the capabilities of the instrumentation and controls architecture, and the design of the system requires solid communication among work groups. When making the decision to use automation, the following guidance is considered.
Automation is utilized to aid the operator and to avoid human error.
For routine tasks, it is preferred that the automation identifies initiating conditions and prerequisites and prompts the operator to perform the task instead of requiring the operator to select the appropriate automation to perform. As an example, to perform the correct dilution amount on the correct unit, the automation monitors parameters and request the operator to concur with the selected automation.
Automation is designed to prevent the operator from performing an undesired action through use of interlocks, prompts, and intuitive displays.
Information display for automation is as consistent as possible in terms of location, arrangement, and functionality in order to optimize operator-to-system interaction and reduce potential error.
Automation controls are standard and intuitive to understand. This simplifies training and provides the operator with a base level of comprehension regardless of the specific automated task.
Automated processes are incorporated into the task analysis and procedures, so that they can be referenced for pre-job discussions. Automated tasks are described in the database and accessed similarly to other procedures.
3.7 Automation Criteria There are many facets that must be evaluated when determining when to use automation, and the proper level of automation to accomplish specific tasks. The subject matter experts develop the initial tasks, which may be system based, integrated, or for abnormal or emergency tasks. During the performance of FA, functions are identified as assigned to human action (manual), system (automatic), or shared between human and system. During the performance of FA determination, each human action is selected for the expected level of automation as listed in Table 3-2.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 11 Table 3-2 Levels of Automation Levels of Automation (Concept of Automation)
Description Fully Automatic An automated sequence that once initiated continues to perform a desired function without additional operator input. A parameter or set of parameters is controlled within specified bands, and the operator performs periodic monitoring.
Failures may require operators to take manual action to establish control.
Examples: (1) a temperature controller is set to modulate flow through a heat exchanger to maintain a setpoint temperature; (2) pressurizer heater power modulates to maintain a desired saturation condition in the pressurizer; (3) module protection system monitors and performs actions when predetermined setpoints are reached.
Operation by Exception The automation monitors and provides the operator the ability to stop automation during specified conditions. If no operator action is taken, the automation continues as programmed. For example, automation initiates an action within 120 seconds of an event. The operator may stop the automation within that time period, but if no action is taken, the automation proceeds.
Operation by Consent An automated sequence that does not initiate unless specifically approved by operator action. This also applies to an automated process that is in progress, but needs operator approval or input at specific hold points. For example, performing a routine boron dilution of the reactor coolant system. The automation monitors for conditions to request the dilution but does not perform without approval from the operator.
Shared Operation Tasks or portions of tasks are performed by the automation and portions are performed manually. For example, manual alignment and start of the reactor pool cooling system, but standby pump starts automatically when conditions are met.
Manual Control No level of automation. All actions are performed manually. Examples: (1) performing a valve line-up in the field and (2) manipulating components one at a time using the HSI.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 12 Most functions are automated in the NPP to aid the operators in managing the workload for multiple units. This aids the operator to remain situationally aware of the plant status and to be engaged at the level appropriate during performance of the automated task.
The following criteria are used during FA and are considered as preferred for automation, in determining if automation should be used, and at what level.
Major plant evolutions (e.g., unit shutdown, unit power escalation)
System operations that require continuous monitoring, are repetitive, or require quick response (e.g., temperature, pressure, or level control; standby pump start; or routine rotation of operating equipment)
Component operation that has special requirements or restrictions (e.g., valves need to close upon pump stop, prerequisites must be met to open valve)
Routine or repetitive tasks (e.g., 12-hour surveillance checks, rod movement testing)
Personnel safety or dose reduction
Sequence is complex
Time to perform task challenges in the time available
Implementation cost seems reasonable for the automation benefit
Subject matter expert determines that automation would aid the operator based on operating experience
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 13 4.0 Conclusion NuScale's integrated design approach resulted in a close collaboration among safety analysis engineers, design engineers, Operations personnel, and human factors engineers. This collaboration drove multi-disciplinary analyses to complex design decisions early in the conceptual design.
The FA determined which tasks are performed by personnel, automation, or a combination of both. Each system function was analyzed to determine the tasks, how the tasks are performed (manual, automated, or both), the technical basis, and the role of the operator. The analysis and allocation results are maintained in the FRA/FA & TA database.
As the NPP design evolves, the FRA/FA and TA are reviewed and updated to ensure consistency with plant functions. The results of the initial FRA/FA were captured in the FRA/FA & TA database and is updated as the design evolves. The results of this review will be summarized in a results summary report, in accordance with NUREG-0711, Reference 5.1.1, The FRA/FA process information is used to support the task analysis, automation, HSI development, staffing and qualifications analysis, the treatment of important human actions, procedure development, and training program development.
Human Factors Engineering Functional Requirements Analysis and Function Allocation Implementation Plan TR-124333-NP Revision 0
© Copyright 2022 by NuScale Power, LLC 14 5.0 References 5.1 Source Documents 5.1.1. U.S. Nuclear Regulatory Commission, "Human Factors Engineering Program Review Model," NUREG-0711, Rev. 3, 2012.
5.2 Referenced Documents 5.2.1. Human Factors Engineering Functional Requirements Analysis and Function Allocation Results Summary Report, RP-0316-17615, Rev. 0.