NEI - L-2023-NFN-0012 - NRC Staff Feedback on NEI 20-07 Draft Rev E (Non-Proprietary)

ML24081A025
Person / Time
Issue date:	02/29/2024
From:	Edwards T, Marshall M Licensing Processes Branch
To:
References
NEI 20-07, Draft Rev E
Download: ML24081A025 (1)
v • d • e

Text

February 29, 2024 Official Use Only - Proprietary Information.

1 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback General or Overarching comment

1.

The enclosure to SRM-SECY-22-0076 states: The applicant must assess the defense in depth and diversity of the facility incorporating the proposed digital I&C system to demonstrate that vulnerabilities to digital CCFs have been adequately identified and addressed NEI 20-07 Rev. E states: This document provides a process for developing a new type of Diversity and Defense-in-Depth (D3) analysis. This document establishes a safety case using claims, arguments, and evidence to demonstrate that vulnerabilities to digital CCF have been adequately addressed. The safety case depends on outputs from EPRI engineering and diagnostic tools to provide evidence that supports claims and arguments described in this document.

Defense in depth has always been part of NPP facilities. The assessment of the facilities defense in depth is not clear from the content of NEI 20-07 Rev. E. Therefore, NEI 20-07 Rev. E does not address the entire SRM.

2.

NEI 20-07 generally credits EPRI DEG, HAZCADS, DRAM and says the outputs provide the evidence but does not specifically state what parts of these processes or what evidence is necessary and sufficient.

What are the acceptance criteria to determine whether the processes produces the desired result?

What evidence or process outputs, specifically, should be examined?

((

)) Let alone which specific outputs are used or how they are used.

3.

Scoring of systematic control methods.

((

What is the technical basis for the validity of the scoring method?

Provide an example that illustrates the scoring method.

Generally, each different control method is good for addressing some specific source(s) of concern, but not others. The selection of control methods should, when taken together, broadly address all the sources of concerns. Please

February 29, 2024 Official Use Only - Proprietary Information.

2 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

))

explain how this concept is addressed by the process in NEI 20-07 Rev. E.

4.

Various sections regarding guidance on non-light-water reactors (non-LWRs) and new LWRs NEI 20-07, applicable to both operating and new LWRs and non-LWRs, is written with more details or focus on operating LWRs. Additional enhancements or clarifications regarding guidance for non-LWRs are needed as discussed in comments below. Examples include the use of risk metrics, acceptability of the probabilistic risk assessment used, and other guidance on non-LWRs under the licensing modernization project (LMP). The NRC staff suggest a comprehensive evaluation of NEI 20-07 on this topic.

Most new LWRs have successfully employed the deterministic best-estimate coping analysis to address CCF concerns in accordance the Commission Policy in SRM-SECY-93-087 and may choose to follow the same deterministic approach for future LWR designs. NEI 20-07 should also address use of deterministic approach for addressing the digital I&C CCF concerns.

5.

Applicability of NEI 20-07, Rev E to advanced reactors including microreactors The NRC staff notes that some of the advanced reactors may not be vulnerable to potential DI&C CCFs of concern. For example, the inherent safety and/or passive features may demonstrate that the designs are safe for the CCF scenarios using the LMP process in RG 1.233. Another example may be that there may not be any HSSSR DI&C systems in some of these designs. The NRC staff suggests that NEI 20-07 consider this feedback and include any additional clarifications as necessary regarding the use of its guidance for this area.

EXECUTIVE

SUMMARY

AND TABLE OF CONTENTS

6.

Historically, CCF has been addressed through the implementation of independent Suggest deleting this sentence or modifying sentence to acknowledge other means of

February 29, 2024 Official Use Only - Proprietary Information.

3 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback and diverse Instrumentation and Control (I&C) systems.

addressing CCF or add some after Historically".

7.

To prove that vulnerabilities to CCF have been adequately addressed, the D3 analysis must be able to demonstrate that:

1. Credible and likely sources of potential CCF have been identified and analyzed.

2. Each source of potential CCF has been reasonably prevented, mitigated, or adequately dispositioned.

The concept of vulnerability to CCF in SRM-SECY-22-0076 was understood to mean a situation where a CCF would produce unacceptable results. This quotation, and others in this document change the focus to sources of CCF, but this document does not describe or define what sorts of things sources of CCF are (e.g., people, equipment, procedures).

There is an implication that not all sources of CCF can be identified, which is created by this document only addressing credible and likely sources of CCF.

Is it analogous to the distinction between failure mode (e.g., potential CCF) and failure mechanism (e.g., source of potential CCF)?

Does each potential CCF have many sources?

8.

Credible and likely sources of potential CCF have been identified and analyzed.

The enclosure to SRM-SECY-22-0076 states:

In performing the defense-in-depth and diversity assessment, the applicant must analyze each postulated CCF using either best-estimate methods or a risk-informed approach or both.

How does addressing the credible and likely sources meet this aspect of the policy?

9.

This document provides the safety case which provides the details that demonstrates the output of the EPRI Digital Engineering Guideline (DEG), Hazards and Consequence Analysis in Digital Systems (HAZCADS), and Digital Reliability Analysis Methodology (DRAM) processes (References 13, 14, and

15) provide a D3 analysis addressing the SRM-SECY-22-0076 policy.

This statement is misleading and should be changed. This document provides a high-level overarching approach, but it does not provide details.

10.

The use of independent and diverse I&C systems may address some sources of CCF, but these systems do not sufficiently address other sources of CCF.

This needs further elaboration or a reference to where it is described which sources of CCF are addressed with independent and diverse systems, and which sources are not addressed

February 29, 2024 Official Use Only - Proprietary Information.

4 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback using independence and diversity. Also, it is not clear from the balance of this document whether all sources of CCF are really being addressed with the proposed methodology. An explanation is provided that seems to address control logic sources of CCF but no explanation is provided regarding common cause sources of hardware-related failures.

11.

Independence and diversity are indeed useful design techniques; however, these design techniques should be used when supported by an engineering analysis.

It seems to imply that there may be other design techniques that do not need to be supported by an engineering analysis. If engineering analysis is not being used for these other techniques, what proof is there to demonstrate that CCF has been sufficiently addressed?

12.

This document provides the safety case which provides the details that demonstrate the output of the EPRI Digital Engineering Guideline (DEG), Hazards and Consequence Analysis in Digital Systems (HAZCADS), and Digital Reliability Analysis Methodology (DRAM) processes (References 13, 14, and

15) provide a D3 analysis addressing the SRM-SECY-22-0076 policy.

In effect, this document does not provide an evidentiary safety caserather at best, it attempts to describe a method one could use to develop a safety case.

13.

Tier 2 provides sub-claims and arguments that demonstrate the efficacy of the EPRI HAZCADS and DRAM processes to identify and establish the criteria for each applicant to demonstrate they adequately executed these processes.

It does not appear that such sub-claims and arguments are conclusive (see NRC staff comments on Section 5.3).

SECTION 1 INTRODUCTION

14.

The use of independent and diverse I&C systems may address some sources of CCF, but these systems do not sufficiently address other sources of CCF.

What sources of CCF do independent and diverse I&C systems not address, that the proposed methodology of NEI 20-07 does addresses?

Explain or provide examples of which sources of CCF can be addressed via independence and diversity and which sources of CCF cannot but can be addressed by NEI 20-07.

February 29, 2024 Official Use Only - Proprietary Information.

5 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

15.

This process may be applied to operating reactor licensees or new plant applicants.

Applicants using this guidance for new plant applications using Regulatory Guide 1.233 can use this guidance to develop a D3 assessment to demonstrate the adequacy of special treatments applied to address CCF.

The NEI 20-07 process primarily focuses on risk metrics of CDF and LERF and corresponding thresholds for these risk metrics based on regulatory guidance for operating light-water reactors. Advanced light-water and non-light-water reactors do not use the same risk metrics, so it is not apparent that this process can be applied to all new plant applicants without changes, which will need a detailed review.

There is a need to define the scope of NEI 20-

07.

16.

Independence and diversity are indeed useful design techniques; however, these design techniques should be used when supported by an engineering analysis.

It seems to imply that there may be other design techniques that do not need to be supported by an engineering analysis. If engineering analysis is not being used for these other techniques, what proof is there to demonstrate that CCF has been sufficiently addressed?

SECTION 2 DEFINITIONS

17.

NEI 20-07 defines a high-safety-significant safety-related as an SSC that has one or more of the following3. Failure could lead directly to accident conditions that have unacceptable consequences. This definition is broader than that in BTP 7-19, which uses the criterion, their failure could lead directly to accident conditions that may have unacceptable consequences (e.g.,

exceeding siting dose guidelines for a DBE) if no other automatic systems are available to provide the safety function, or no preplanned manual operator actions have been validated to provide the safety function.

Does NEI 20-07 intend to make a distinction between the definition of high-safety-significant safety-related in NEI 20-07 and BTP 7-19?

18.

HSSSR SSC definition For non-LWRs, the LMP in RG 1.233 classifies SSCs as safety-related, safety-related with special treatment, and non-safety-related with no special treatment based on a systematic risk-informed and performance-based approach. NEI

February 29, 2024 Official Use Only - Proprietary Information.

6 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback 20-07s definition of HSSSR SSCs should include information on what SSCs are considered HSSSR under the LMP.

19.

NEI 20-07 defines a risk reduction target as the risk reduction to be achieved by the []

safety-related systems and/or other risk reduction measures in order to ensure that the tolerable risk is not exceeded.

Can SSCs that are not safety-related be credited to reduce risk to achieve the risk reduction target?

How do the safety-related systems and/or other risk reduction measures ensure that the tolerable risk is not exceeded? [emphasis added]

20.

NEI 20-07 uses the term Stakeholder Losses in several sections. It also uses the term loss scenarios.

Please provide a definition of Stakeholder Losses and provide examples that help the reader to understand the Stakeholder Loss concept to differentiate such losses from those regulatory safety concerns (e.g., design basis events) that could result from digital I&C failures to perform required safety functions.

Also, are both Stakeholder Losses and safety consequences of failures both considered loss scenarios described in Section 4.0? If not, please explain further.

21.

Section 4.1 discusses controller beliefs and process model beliefs Please define what is a controller belief and what is a process model belief?

((

))

22.

((

))

[emphasis added]

The insertion of ((

)) is inconsistent with the policy. Therefore, this phrases is an incorrect characterization of the policy.

The SRM states The Commission has approved the staffs recommendation to expand the existing policy for digital instrumentation and control (I&C) common-cause failures Please remove the words ((

))

23.

((

))

Since NEI 20-07 was written in July 2023; it does not accurately reflect what is in the new version of BTP 7-19. Therefore, such wording must be checked after the final version 9 of BTP 7-19 is issued. See Section B.1.2 for critical safety function.

24.

((

Consider adding additional guidance for non LWR applicants on addressing Point 4 of SRM.

February 29, 2024 Official Use Only - Proprietary Information.

7 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

))

Not clear how guidance in NEI 20-07 is applied to non-LWR applicants, because a lot of the guidance appear to be LWR specific.

The NRC staff agrees with the statement but provides the following additional information. For non-LWRs, the LMP in RG 1.233, safety functions are defined and discussed mainly in terms of Required Safety Functions (RSFs) and Probabilistic Risk Assessment Safety Functions (PSFs). The NRC staff relies on RG 1.233 and the Design Review Guide (DRG),

Instrumentation and Controls for Non-LWRs Reviews (ML21011A140) for non-LWR I&C reviews. The NRC staff will use pre-application engagement to discuss use of the expanded policy, including critical safety functions in Point 4 for non-LWRs with interested applicants to address any questions or concerns. A relevant discussion is in SECY-23-0092.

25.

((

))

((

))

For non-LWRs, the LMP in RG 1.233 identifies technology-inclusive risk metrics for use, which is also discussed in ASME/ANS RA-S-1.4-2021, endorsed in RG 1.247 with clarifications. The LMP also discusses the possibility of reactor-specific risk metrics by the designers as needed.

Including some of the relevant information from the LMP on risk metrics in an appropriate section should enhance NEI 20-07 for clarity and being more technology-agnostic.

26.

((

Please clarify what "sensitivity analysis" is being referred to here. ((

February 29, 2024 Official Use Only - Proprietary Information.

8 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

))

))

Please specify what would be the sensitivity analysis being referred to here. A postulated digital CCF either has an adverse risk impact or it doesn't. Alternatively, define the criteria that will be used to identify "significant risk impact" or "not a significant risk impact."

((

))

27.

((

))

Provide a clarification or footnote indicating that this example would apply only to those piping subsystems for which the fracture mechanics have been analyzed and reviewed.

28.

((

))

With the level of reliance placed on the execution of the EPRI HAZCADS and DRAM processes as part of the NEI 20-07 methodology, it appears that the NRC staff would need to review and endorse the HAZCADS and DRAM processes.

Does NEI intend to provide these documents on the docket and seek their review and endorsement by NRC staff?

29.

((

))

((

))

Alternatively, describe how an iterative design process is used which continues to uncover new hazards as the design evolves.

30.

NEI 20-07 states, ((

))

Draft BTP 7-19, Revision 9, states, the application should evaluate DI&C system interconnectivity and address DI&C system spatial separation that could significantly influence the risk due to fires, earthquakes, and other hazards.

How does the NEI 20-07 process address these spatial concerns?

February 29, 2024 Official Use Only - Proprietary Information.

9 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

31.

((

))

((

))

32.

((

))

((

))

33.

((

))

((

))

34.

((

))

((

))

35.

((

))

((

))

February 29, 2024 Official Use Only - Proprietary Information.

10 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

36.

((

))

Does NEI intend for the NRC staff to review and endorse the DRAM process?

Does NEI intend to provide this document on the docket?

37.

((

))

What requirements, if any, are provided for the technical acceptability of a PRA model?

SECY-22-0076 provides guiding principles that the staff will follow, one of which is that the underlying PRAs used for the bounding assessment as part of risk-informed approaches will be technically acceptable and will be supported by an effective PRA configuration control and feedback mechanism. To use the NEI 20-07 process for a risk-informed application, the applicants PRA models will need to be demonstrated to be technically acceptable.

38.

See the previous item.

For non-LWRs, RG 1.247 (For Trial Use),

Acceptability of Probabilistic Risk Assessment Results for Non-Light-Water Reactor Risk-informed Activities, provides guidance on the subject. Additional guidance on technical acceptability of a PRA such as a discussion on RG 1.247 related to non-LWRs should enhance NEI 20-07 for clarity.

39.

((

This description is solely applicable to LWRs with the shall language. It should be revised to be technology-agnostic or additional clarification should be made on guidance for non-LWRs.

February 29, 2024 Official Use Only - Proprietary Information.

11 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

40.

((

))

The expression ((

)) is not clear and should be clarified.

((

))

41.

((

))

NEI does not explain what was changed or what was adopted from the identified standards or what was changed; therefore, it is not clear what NEI understands to be a safety case.

42.

5 SAFETY CASE DEVELOPMENT

((

))

In short, a safety case is built on three things:

Claims, Reasoning, & Evidence. The reasoning explains how or why the evidence supports the claim.

The reasoning part of the safety case in NEI 20-07 is missing. In some cases, the reasons provided are just unsupported claims. For example

((

))

How is this argument/reason not just a restatement of the claim?

The argument/reason does not explain why the evidence listed below it supports the claim. It is obvious that the EPRI processes identify some losses and hazards, but what makes us believe that they identify enough? Why?

The same problem exists with the other Tier 2 claims and Tier 3 Arguments.

February 29, 2024 Official Use Only - Proprietary Information.

12 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

43.

((

))

The last sentence appears to indicate that the Tier 3 evidence will not be in the licensing application but will be available for audit or inspection by the NRC staff. At a minimum, a summary of the Tier 3 evidence to support the corresponding argument should be included in the licensing application with the detailed documentation being available for a regulatory audit or inspection.

44.

((

))

This is an unsupported claim. How do we know it is true?

45.

((

))

How does this compare with BTP 7-19 Section B.3.4?

How is the output of the ((

)) used?

46.

((

))

This description is more applicable to LWRs regarding the use of Core Damage and Large Early Release. It should be revised to be technology-agnostic or additional clarification should be made on guidance for non-LWRs.

47.

((

))

The technology of establishing risk effectiveness scores and applying them to individual control measure has not yet been demonstrated to be adequate for regulatory purposes.

Please describe how this adequacy will be demonstrated.

48.

((

))

Traditionally (or historically), one did not try to determine the source of the CCF, but rather just postulated the CCF and determined whether the results were acceptable or not.

The US NRC (called AEC at the time) described the reasoning behind this traditional approach for example, in the Chapter 12 of the AEC HB on I&C Part 2 TID-25952-P2.

February 29, 2024 Official Use Only - Proprietary Information.

13 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback How is the implementation of the term ((

)) risk informed?

49.

((

))

This text does not match the text in Figure ((

)). There is a very big difference in the wording.

Please ensure consistent wording throughout.

Since there is an inconsistency in the description, it is not clear which one (or neither) you are proposing.

Furthermore, there are other inconsistencies between the figure and the textual description of it.

It would be helpful if the claims, arguments, &

evidence in the figure were labeled the same as those in the text.

50.

((

))

This is another example where the description is more applicable to LWRs regarding the use of Core Damage and Large Early Release.

Additional clarification should be made on guidance for non-LWRs.

51.

((

))

For the most risk-significant vulnerabilities, should it be risk-significant vulnerabilities? ((

))

52.

((

RG 1.233 covers all safety-significant SSCs including both safety-related and non-safety-related with special treatment (NSRST) SSCs.

February 29, 2024 Official Use Only - Proprietary Information.

14 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

))

The NRC staff suggest using safety-significant instead of safety-related in the statement.

53.

((

))

The staff can recognize how the processes described can provide insights toward attaining a degree of reliability of operations as a complement to existing regulatory activities.

However, it is not clear whether these processes alone, without the complementary regulatory activities are effective at identifying and eliminating all sources of CCF, which is the purpose of this document.

54.

((

))

((

))

55.

((

))

The use of the term argument here in the first sentence is understood to be used in the sense of claims, reasoning & evidence and not simply a statement to include the bolded text in the application. Consider using the term claims, reasoning & evidence instead of argument in all such cases. Otherwise, it is confusing with respect to the use of the term argument in the figures.

This ((

)) does not contain reasoning about why the evidence supports the claim. But rather is just an unsupported claim.

February 29, 2024 Official Use Only - Proprietary Information.

15 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

56.

((

))

This ((

)) states that something is ((

)) but not of how or why the information to be provided or made available explains why it is true or how it was determined to be true.

If the various methodologies referenced in ((

)) are acceptable, there is still the concern of whether those methodologies were adequately implemented by the applicant and that these methods were followed on the application.

57.

((

))

((

))

58.

((

)) [emphasis added]

((

))

59.

((

))

((

))

60.

((

This description is more applicable to LWRs regarding the use of core damage and large early release. It should be revised to be

February 29, 2024 Official Use Only - Proprietary Information.

16 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback

))

technology-agnostic or additional clarification should be made on guidance for non-LWRs.

61.

((

))

Relevant PRA information including credited external design features (e.g., manual operator actions, passive design features) need to be of a sufficient high fidelity to provide an accurate picture as to the likelihood of success of each operator response action in the event of a common cause failure of the HSSSS. It should not rely on handbook-based canned assumptions, without formal validation.

62.

((

))

Does NEI intend to provide these reports document on the docket?

63.

((

))

((

))

64.

((

))

((

))

February 29, 2024 Official Use Only - Proprietary Information.

17 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback SECTION 6 CONCLUSION

65.

UCAs that are present in multiple redundancies of a DI&C system and impact core damage or large early releases are considered CCF.

This definition of CCF is not consistent with the NRC understanding of the term. Using different definitions for terms than the NRC uses only creates regulatory uncertainty.

Maybe it is better to say considered risk/safety significant CCFs and that control measures are applied to these CCFs.

66.

UCAs that are present in multiple redundancies of a DI&C system and impact core damage or large early releases are considered CCF.

This description is more applicable to LWRs regarding the use of core damage and large early release. It should be revised to be technology-agnostic or additional clarification should be made on guidance for non-LWRs.

67.

This process is effective at identifying the most likely and credible CCFs at a nuclear power plant.

The NRC is also concerned about CCFs that are unlikely.

This conclusion should probably be a bit more precise in terms of Modes, causes, mechanisms, or sources of CCF.

SECTION 7 REFERENCES

68.

The document text often does not identify the specific reference. Please ensure all references are used refer to the reference number in the body of the document.

APPENDIX A. RELEVANT NRC REGULTORAY FRAMEWORK

69.

Appendix A This Appendix describes the relationship between the process described in this document and the NRC regulatory framework.

Note that the regulations listed below may not necessarily apply to all applicants and licensees. The applicability of the regulatory requirements is determined by the plant-specific licensing basis and any proposed changes to the licensing basis associated with the proposed DI&C system under evaluation.

Conceptually, NEI 20-07 is proposed to be used as an alternative way to meet the Commission policy on CCF; therefore, this appendix should explicitly include the NRC regulatory framework applicable to the Commission policy on CCF. It appears that this appendix is incomplete in that respect. For example, it does not include the SRM.

The NRC regulatory framework includes more than just regulatory requirements.

70.

Appendix A, Section A1 states A.1. 10 CFR 50.54(jj), 10 CFR 50.55a(h) IEEE 603-1991 or IEEE 279 -1971 as incorporated by reference requires, in part, that components 10 CFR 50.55a(h) also incorporates by reference IEEE 279-1968; therefore, please add this regulatory requirement to this section.

February 29, 2024 Official Use Only - Proprietary Information.

18 of 18 Official Use Only - Proprietary Information.

NRC Staff Questions and Feedback on NEI 20-07, Draft Rev E Excerpt or Section Number from NEI 20-07 Question or Feedback and modules shall be designed, manufactured, inspected, installed, tested, operated, and maintained in accordance with a prescribed quality assurance program.

Please add GDC 1 and 10 CFR50.55(i) to this section.

The requirement that an NPP is constructed and operated in accordance with a quality assurance program is not imposed by GDC1, 10 CFR 50.55a(h), 10 CFR 50.54.(jj), or 10 CFR 50.55(i)

- as this section states. The QA program is imposed by other regulatory requirements.

GDC 1, 10 CFR 50.54.(jj), and 10 CFR 50.55(i) impose the requirement to do things in accordance with established standards. A 10 CFR Appendix B compliant QA program ensures the standards are achieved. The establishment of standards to ensure equipment meets its obligations in the FSAR is a technical matter and not a programmatic QA matter. The quotation seems to confuse these issues and thereby create regulatory uncertainty. For example, RG 1.75 establishes standards for separation, and if committed to, the QA program ensures the standards established are conformed to.

71.

Appendix A, Section A.1 The term "quality standards" is used in several places in the regulations and guidance -- e.g.,

GDC 1, 10 CFR 50.54(jj), 10 CFR 50.55(i), AEC I&C Handbook Volumes 1 & 2, RG 1.26 Rev. 5, SECY-03-0117, GL 84-01. This appendix should use the term quality standards in a manner consistent with how the NRC uses the term.

72.

Appendix A, Section A.2.1 Pre-scored Systematic Control Methods are techniques and measures that may, synthesized from the industry standard IEC 61508 Part 3, normative Annex A which is a recognized safety standard in the petrochemical industry.

Doing a part of a standard is not the same as following the standard. These use of these methods in this document differs from how they are used in the standard.