Text

New Rev 8 Section Applicable section in Rev 7 Rev 8 Observations Comments/Review Unplanned Scrams per 7,000 hours0 days <br />0 hours <br />0 weeks <br />0 months <br /> Same Two New bullets in the list of scrams that are not included in the PI:

Manual scrams that are initiated at less than or equal to 35% reactor power that are used to complete a reactor shutdown sequence following an unplanned transient, equipment failure, spurious signal, or those directed by abnormal or annunciator response procedures in which reactor trip criteria was not reached but it is desired to shut down the reactor. Note: May require reporting as an unplanned power change.

A manual scram that occurs during the execution of a procedure or evolution (e.g., Main Turbine start-up testing) to establish plant conditions (e.g., breaking condenser vacuum) needed as part of a maintenance or startup activity (i.e., not due to equipment failure) in which the scram was planned and intended (e.g., part of refueling outage schedule, maintenance work order. etc).

Summary of changes refers to FAQs 18-05 and 23-01.

FAQ 18-05 (ML19024A500) was not approved by the NRC and no language changes to NEI 99-02 were approved by that FAQ.

FAQ 23-01 (ML23104A432) was not approved by the NRC and no language changes to NEI 99-02 were approved by that FAQ.

These two new bullets potentially directly contradict the staffs conclusions of the referenced FAQs.

Unplanned downpowers PI Same New language to clarify unplanned downpowers:

Unrelated equipment problems encountered during a planned power reduction greater than 20% that alone may have required a power reduction of 20% or more to repair are not counted as part of this indicator if they are repaired during the planned power reduction and no change to the planned power reduction occurred. However, if during the implementation of a planned power reduction, power is reduced by more than 20% of full power beyond the planned reduction then an unplanned power change has occurred. If the unrelated equipment problem causes a change to the planned power reduction, an unplanned power change may have occurred. It is incumbent upon licensees to provide objective evidence that identifies FAQs 13-02 (ML16285A318) and 13-05 (ML16285A321) were cited as the basis for this revision to provide clarity for when a unrelated equipment problems may result in an unplanned power change.

The staff recommended clarifying NEI 99-02 in both FAQs referenced.

It appears that this clarification may be non-conservative relative to the resolution of FAQ 13-02. It appears FAQ 13-02 indicates that a change to a planned downpower due to an unplanned issue would count if the overall power reduction was greater than 20%, not if the delta from

when the unrelated equipment problem occurred and how it did or did not impact the planned power reduction. Such objective evidence may include logs, troubleshooting plans, meeting minutes, corrective action program documents, or similar type documentation.

the planned power reduction is 20% more than planned.

USwC PI Same New language defining Initial Transient as a result of FAQ 18-01, but the language, while appearing to be generally consistent with the approved FAQ, isnt the same as the approved FAQ language. Rev 8 text shown below with changes from approved FAQ:

Initial Transient is intended to envelope the immediate and expected changes to primary plant parameters as a result of a scram (e.g., pressure, level, etc.). For a BWR, this may be due to the collapsing of voids in the core and the routine response of the main feedwater and turbine control systems. For example, at some BWRs the reflected pressure wave resulting from the rapid closure of turbine valves during a turbine trip may result in a pressure spike in the reactor vessel that causes one or more safety-relief valves (SRVs) to briefly lift. The intent is to allow a licensee to exclude the momentary operation of SRVs when answering Was pressure control unable to be established? The sustained or repeated operation of SRVs in response to turbine control bypass valve failures or Main Steam Isolation Valve (Group I) isolations are not a part of routine BWR scram responses and are therefore not considered to occur within the initial transient. Similarly, an initial reactor level decrease to Level 3 immediately following a reactor trip due to the expected collapsing of voids in the core can be excluded when answering the question Following initial transient, did stabilization of reactor pressure/level and drywell pressure meet the entry conditions for EOPs? as long as the feedwater control system and at least one feedwater pump were operating as designed. Initial transient is different from scram response. The initial transient is a subset of the overall scram response time. [See FAQ 18-01]

The Rev 8 language appears to apply the FAQ resolution more generically than the approved FAQ (ML18144A961).

USwC Main Feedwater Question Same The following language is new in Rev 8 (re; MFW recovery in roughly 30 minutes) without reference to an FAQ. This statement appears to change the threshold for determining whether MFW was recoverable.

Additional time may be allowable (e.g., low decay heat conditions) provided the station can demonstrate the ability to restore MFW prior to it being needed. Actions that require cooling down the plant to use Condensate/Condensate Booster pumps to feed the Steam Generators does not meet the intent of this PI.

This change is cited as based on commonly and frequently asked questions but no formal FAQ is cited.

USwC BWR RPS question Same New text (in red underline) for BWR USwC question on whether RPS failed to indicate or establish a shutdown rod pattern.

Any initial evaluation that calls into question the shutdown condition of the reactor and results in additional operator actions intended to place the reactor in a shutdown condition requires this question to be answered Yes.

regardless of any subsequent determination that the reactor was in a shutdown condition prior to those actions.

Utilizing alternative indication to clarify the status of the control rods is not considered to be an additional operator action intended to place the reactor in a shutdown condition and would not count in this indicator.

The required entry into the Anticipated Transient without Scram (ATWS) leg of the EOP or required use of Alternate Rod Insertion (ARI) requires this question to be answered Yes. Failure of the rod position indication in conjunction with the loss of full-in-lights on enough rods to question the cold clean core shutdown status would require this question to be answered Yes.

FAQ 15-01 (ML16285A333) is referenced and in that FAQ the staff agreed with the proposed changes to the BWR RPS question. No concerns.

Appendix F section F.1, Table F-2, various other mentions of Definition of Unavailability in several locations The definition of time of discovery in Rev 8 appears to omit unavailability dating back to when an evaluation determines a failure occurred (note the highlighted language).

Definition of time of discovery in Rev 8:

Need to determine (1) if this is consistent with the NUREG-1022 changes and (2) whether it is an appropriate change here even if it is consistent with reportability guidance changes.

time of discovery Time of discovery of a failed monitored component is when the failure becomes evident to the licensee. Evaluations that look retroactively for when the function was lost determine the time of failure. When an evaluation determines that the train would not have been able to perform its monitored function(s) at some time prior to discovery, the failure is assigned to the time of discovery, rather than the time the evaluation determined the failure occurred. Figure F-1 describes an example timeline showing the distinction between time of discovery and time of failure for latent failures.

Rev 7 existing definition (note it is not a specifically defined term, this definition is lifted from the definition of Unavailability on page 34):

Time of discovery of a failed monitored component is when the licensee determines that a failure has occurred or when an evaluation determines that the train would not have been able to perform its monitored function(s).

Appendix F section F.1 Page 36 Definition of success criteria in Rev 8 is slightly modified from Rev 7:

Rev 8: The plant-specific values of parameters the train/system or component is required to achieve to perform its monitored functions. Success criteria to be used are those documented in the plant-specific PRA.

Design Basis success criteria should be used in the case where the plant-specific PRA has not documented alternative success criteria for use in the PRA.

Individual component capability must be evaluated against MSPI-monitored component level success criteria (e.g., a valve stroke time may exceed an ASME requirement, but if the valve still strokes in time to meet the PRA success criteria for the component, the component has not failed for the purposes of this indicator). Additional details relative to PRA success criteria are provided in Section G.2.1.

Rev 7: The plant-specific values of parameters the train/system is required to achieve to perform its monitored functions. Success criteria to be used are those documented in the plant-specific PRA. Design Basis success criteria should be used in the case where the plant-specific PRA has not documented alternative success criteria for use in the PRA.

Individual component capability must be evaluated against train/system level success criteria (e.g., a valve stroke time may exceed an ASME requirement, but if the valve still strokes in time to meet the PRA success criteria for the train/system, the component has not failed for the purposes of this indicator.).

Appendix F section F.1 None MSPI Failure is a newly defined term.

MSPI Failure: In general, a failure of a component for the MSPI is any circumstance when the component is not in a condition to meet the performance requirements defined by the PRA success criteria or mission time for the functions monitored under the MSPI. Failures for the MSPI are not necessarily equivalent to failures in the maintenance rule. Specifically, the MSPI failure determination does not depend on whether a failure is maintenance preventable. Additionally, the functions monitored for the MSPI are normally a subset of those monitored for the maintenance rule. For additional guidance on what constitutes an MSPI failure, see Section F.4.1.

Appendix F section F.3.2 F.1.2.1 Definitions of planned and unplanned unavailable hours are tweaked, and these tweaks appear to confirm the change to the definition of time of discovery mentioned previously.

Rev 8:

Planned unavailable hours: These hours include time a train or segment is removed from service for a reason other than a condition within the system/train/segment boundary that renders the train/segment unavailable to perform its monitored function. Examples of activities Planned unavailable hours definition matches the proposed update in FAQ 13-

06.

Unplanned unavailable hours revised definition is not consistent with the FAQ 13-06 approved definition, and reinforces the unexpected time of discovery definition change.

included in planned unavailable hours are preventive maintenance, testing, equipment modification, or any other time equipment is removed from service to correct a degraded condition that had not resulted in loss of function. When used in the calculation of UAI, if the planned unavailable hours are less than the baseline planned unavailable hours, the planned unavailable hours will be set equal to the baseline value.

Unplanned unavailable hours: These hours include elapsed time between the time of discovery (see definition in Section F.1) and the restoration to service of an equipment failure, condition, or human error (such as a misalignment) that results in a loss of the monitored function. In any case where a monitored or unmonitored component within the systems boundary has been declared inoperable because of a degraded condition, if the train/segment is considered available, there must be a documented basis for that determination, otherwise a loss of the monitored function will be assumed and unplanned unavailability would accrue. If the component is degraded but considered operable, timeliness of completing additional evaluations would be addressed through the inspection process. Unavailable hours to correct discovered conditions that render a train/segment incapable of performing its monitored function are counted as unplanned unavailable hours. An example of this is a condition discovered by an operator on rounds, such as an obvious oil leak, that was determined to have resulted in the equipment being non-functional even though no demand or failure actually occurred.

Unavailability due to mispositioning of components that renders a train/segment incapable of performing its monitored functions is included in unplanned unavailability for the time required to recover the monitored function.

Rev 7:

Planned unavailable hours: These hours include time a train or segment is removed from service for a reason other than equipment failure or human error. Examples of

activities included in planned unavailable hours are preventive maintenance, testing, equipment modification, or any other time equipment is electively removed from service to correct a degraded condition that had not resulted in loss of function. When used in the calculation of UAI, if the planned unavailable hours are less than the baseline planned unavailable hours, the planned unavailable hours will be set equal to the baseline value.

Unplanned unavailable hours: These hours include elapsed time between the discovery and the restoration to service of an equipment failure or human error (such as a misalignment) that makes the train/segment unavailable.

Time of discovery of a failed monitored component is when the licensee determines that a failure has occurred or when an evaluation determines that the train would not have been able to perform its monitored function(s). In any case where a monitored component has been declared inoperable due to a degraded condition, if the component is considered available, there must be a documented basis for that determination, otherwise a failure will be assumed and unplanned unavailability would accrue. If the component is degraded but considered operable, timeliness of completing additional evaluations would be addressed through the inspection process. Unavailable hours to correct discovered conditions that render a monitored train/segment incapable of performing its monitored function are counted as unplanned unavailable hours. An example of this is a condition discovered by an operator on rounds, such as an obvious oil leak, that was determined to have resulted in the equipment being non-functional even though no demand or failure actually occurred. Unavailability due to mis-positioning of components that renders a train incapable of performing its monitored functions is included in unplanned unavailability for the time required to recover the monitored function.

Table F-2 for Human Performance Failures FAQ 14-08 was submitted to retract what was initially characterized as an MSPI failure. Human error resulted in a reverse power condition that resulted in an EDG D1 trip. The proposed resolution submitted by The staff has concluded that retracting this failure would be in accordance with the current NEI

industry was to retract the failure and revise NEI 99-02 language about human error-induced trips and MSPI.

The NRC text in the approved FAQ does not mention anything about the proposed revised NEI 99-02 text and instead states in part, The staff has concluded that retracting this failure would be in accordance with the current NEI 99-02 guidance and in keeping with the intent of the MSPI performance indicator. Thus it is not clear that it is appropriate for the proposed revised text to be in Rev 8, which it is, as it appears the staff felt the existing guidance was sufficient.

The new Rev 8 text in question is:

Human errors/component trips, inadvertent actuations or unplanned unavailability which are not indicative of the reliability of the equipment had the activity not been performed, should NOT be counted as failures as long as they are immediately revealed and promptly reported to the control room.

This applies to human errors which result in tripping an MSPI component whether or not the MSPI train/segment is considered available that:

1. Do not result in actual equipment damage;

2. Are immediately revealed through clear and unambiguous indication;

3. Are promptly reported to the control room without delay prior to the performance of corrective actions, and;

4. Are clearly associated with an activity such that the failure sequence would not have occurred and cannot occur if the activity was not being performed.

99-02 guidance and in keeping with the intent of the MSPI performance indicator.

This response to the FAQ does not imply that an NEI 99-02 revision is needed.

Appendix G PWR RHR System Appendix F PWR RHR System The highlighted text for RHR train determination was dropped from Rev 7 to Rev 8, not sure why.

The number of trains in the RHR system is determined by the number of parallel RHR heat exchangers. Some components are used to provide more than one function of RHR. If a component cannot perform as designed, rendering its associated train incapable of meeting one of

the monitored functions, then the train is considered to be failed. Unavailable hours would be reported as a result of the component failure.

Section G.2.1 PRA Success Criteria Section G.1.3 PRA Success Criteria The highlighted bullet below is new from Rev 7 to Rev

8.

If the licensee has chosen to use design basis success criteria in the PRA, then provide a statement in this section that states the PRA uses design basis success criteria.

If success criteria from the PRA are different from the design basis, then the specific differences from the design basis success criteria shall be documented in this section. Provide the actual values used to characterize success such as: The time required in the PRA for the EDG to successfully reach rated speed and voltage is 15 seconds.

Only those functions that are risk-significant (per the Maintenance Rule) need to be considered.

FAQ 14-01 approved numerous changes to Appendix G but does not include the highlighted bullet.

G.2.8.2 Monitored Functions and System Boundaries F.1.1.1 Monitored Functions and System Boundaries Highlighted bullet is new in Rev 8. This criteria does not appear to be in Rev 7.

The monitored functions of the system are those functions in Section G.1.2 of this appendix that have been determined to be risk-significant functions per NUMARC 93-01 and are reflected in the PRA. If none of the functions listed in Section G.1.2 for a system are determined to be risk significant, then:

If only one function is listed for a system, then this function is the monitored function (for example, CE NSSS designs use the Containment Spray system for RHR but this system is redundant to the containment coolers and may not be risk significant. The Containment Spray system would be monitored.)

If multiple functions are listed for a system, the most risk significant function is the monitored function for the system. Use the Birnbaum Importance values to determine The highlighted language was approved via FAQ 15-03

which function is most risk significant.

Identify trains/segments with an adjusted Birnbaum value of less than 1.0E-07 (these may be excluded from unavailability monitoring).

G.2.8.3 Identification of Trains Within the System F.1.1.2 Identification of Trains Within the System Appears to be new guidance for systems with no monitored trains. This language does not appear to be in Rev 7:

Systems with no monitored trains:

One of the rules used for determining the trains/segments to be monitored in this performance indicator is that licensees are given the option of excluding trains/segments with an adjusted Birnbaum importance less than 1.0E-07. This is an option, not a requirement.

Calculation of Birnbaum for trains/segments is described in Section G.2.8.6.3.

These should be documented in the Basis Document and not included in unavailability monitoring.

If all trains/segments within a system have been excluded, a pseudo train will be reported in IRIS. The train should be identified by the name of the system followed by the word pseudo (e.g., RHR pseudo). The following values should be applied to all pseudo trains:

FV = 0.0 UA = 1.0 Baseline planned unavailability = 0.0 Baseline unplanned unavailability = 0.0 Monthly Unavailability Hours (planned and unplanned) = 0 Approved via FAQ 15-03 G.2.8.4 and G.2.9.3.5 F.2.3.5 This section is new in Rev 8. It appears similar to section F.2.3.5 in Rev 7 but that section is exactly duplicated as section G.2.9.3.5 in Rev 8. So section G.2.8.4 appears new. The purpose isnt clear.

The last two columns of Table G-9 (Adjusted Birnbaum Value and Monitored) are required only if the licensee chooses to exclude trains/segments with low adjusted Birnbaum values. A licensee may choose to use this exclusion in one system without using it in any other system(s). To apply this screening rule the Birnbaum

importance is calculated from the values derived in this section as:

B = CDF*[FV/UA]ind = CDF*[FV/UA]max Ensure that the support system initiator correction (if applicable) is included in the Birnbaum value used to exclude components from monitoring.

G.2.8.5 F.1.2 The below bullet was added to this section and does not exist in Rev 7. It reads as if its associated with an FAQ but none is referenced.

If a previously excluded train/segment is restored to monitoring as a result of a PRA model revision, unavailability data only for the quarter in which the train/segment is restored (and future quarters) needs be included for reporting purposes. A value of 0 (zero) should be entered for the previous 11 quarters with a note that unavailability reporting was not required for those quarters as the train/segment was previously excluded.

Approved via FAQ 20-03 G.2.8.5.1 New note:

If the planned unavailability baseline value is adjusted, the critical hours used to express as a probability should be changed to those of the most recent 3 year period. If the most recent 3 year period includes an extended shutdown

(> 6 months), the most recent 3 year period that does not include the extended shutdown should be used.

Approved via FAQ 17-03 G.2.9.1.3 Table G-2 F.2.1.3 Table 2 Table G-2 Component Boundary Definition has a new row for diesel driven pumps. This row, nor diesel driven pump guidance, is included in the comparable table (Table 2 of section F.2.1.3) in Rev 7.

Diesel-Driven Pumps The diesel-driven pump boundary includes the pump body, diesel engine, fuel system (local), lubrication system (local), cooling components (local), and associated control system (relay contacts for normally auto actuated

components, control board switches for normally operator actuated components*).

G.5 PRA Requirements G.2 PRA Requirements Rev 7 includes discussion of Alternative A and Alternative B for ensuring PRA is of sufficient technical adequacy. These alternatives refer to Category A and B F&Os. None of this appears to be in Rev 8.

There appears to be a substantial amount of new guidance on PRA acceptability, PRA configuration control, pending model changes - most of section G.5 appears new (too lengthy to quote here).

FAQ 14-01 approved quite a bit of new text in App G, though not everything.

Same as Rev 7

2.5 Occupational Radiation Safety Rev 8 amends footnote 17 (Footnote 14 in Rev 7, at the bottom of new page 84) to include additional language that explains concurrent nonconformances.

The new footnote language is consistent with the language that was approved through FAQ 14-04.

Recommend adding the following paragraph to the Clarifying Notes section at the end of section 2.5 to further clarify concurrent non-conformances (this para is adapted from FAQ 12-04, ML16285A130):

In those cases where a licensee fails to provide adequate physical controls around a TSHRA, for whatever reason (e.g.,

failure to survey, failure to lock the area, etc.), subsequent non-conformances would be concurrent non-conformances, as defined in footnote 17, if they were the result of the same occurrence. For example, if a change in plant conditions creates an unrecognized TSLHRA, the subsequent failure to post the area, failure to prevent unauthorized access (possible several entries), entry not controlled per an RWP, etc., are all concurrent non-conformances if they are directly attributable to the original occurrence.

However, if during the time that this TSHRA is unidentified (or uncontrolled)

there is a subsequent failure by the RP Program to take timely action that reasonably would have ended the TSHRA non-conformance (e.g., a failure to perform a routine or directed surveillance that would have identified the non-conformance, or a failure to respond to new information that indicates the potential for the unidentified or uncontrolled TSHRA), then this subsequent failure is considered a separate PI occurrence. In such a case the non-conformances that occurred before the subsequent failure would be concurrent non-conformances (i.e., one PI occurrence) with the initial TSHRA occurrence. Similarly, any non-conformances caused by the subsequent failure would be concurrent with the second TSHRA occurrence.

2.5 Occupational Radiation Safety Please consider deleting the following preamble section at the beginning of section 2.5 The objectives of this cornerstone are to:

(1) keep occupational dose to individual workers below the limits specified in 10 CFR Part 20 Subpart C; and (2) use, to the extent practical, procedures and engineering controls based upon sound radiation protection principles to achieve occupational doses that are as low as is reasonably achievable (ALARA) as specified in 10 CFR 20.1101(b).

There is one indicator for this cornerstone:

Occupational Exposure Control Effectiveness

If this preamble is necessary, please consider using the cornerstone objective definition from IMC 0308 (pg 14), or changing the words so that bullets (1) and (2) are not described as cornerstone objectives 2.6 Public Radiation Safety Please consider correcting the first row in the Data Example table from RESTS/ODCM Radiological Effluent Occurrence to RETS/ODCM Radiological Effluent Occurrence 2.4 Emergency

Response

Organization Drill Participation 2.4 Emergency

Response

Organization Drill Participation This section requires revision to address what are now considered ERO Key Positions for response to certain emergency response facilities.