ML24131A128

From kanterella
Jump to navigation Jump to search

Lessons Learned for ECCS Digital I&C License Amendment
ML24131A128
Person / Time
Site: Peach Bottom  Constellation icon.png
Issue date: 05/14/2024
From:
Division of Operating Reactor Licensing
To:
Theo Edwards, NRR/DORL/LPL1
References
EPID L-2024-LRM-0009
Download: ML24131A128 (1)


Text

Digital I&C Modernization Lessons Learned

Peach Bottom Units 2 and 3 Digital Upgrade Pre-application Meeting May 14, 2024 Outline

  • Lessons Learned
  • Tiered Review Process vs Alternate Review Process
  • Information Availability
  • Multi-Disciplinary Review Team
  • Virtual Audits and Open Items
  • Considerations for Major Digital I&C Upgrades
  • Use of New Components
  • Equipment Qualification
  • Vendor Oversight Plan
  • Vendor Inspections
  • Regional Inspections
  • FPGA Licensing Actions

2 2 Pre-Application Meetings

  • Early and frequent interaction has proven to be very beneficial:
  • frequent communication between the NRC and applicants promotes the submission of high quality and complete applications
  • helps licensees prepare a license amendment request (LAR) that can be accepted for review
  • helps the staff prepare for the review
  • helps identify potential issues that may arise during the licensing review and helps identify potential solutions

3 3 Tiered Review Process vs Alternate Review Process

Tier 1 Review Process CompleteDraft SE LA Issued LAR Submitted NRC: LAR (Phase 1) and Phase 2 Review, NRC:

(Phase 1) and Regulatory Audit(s) Regional Inspections of Site Activities Licensee & Vendor Tier 1 Licensee Activity:

Producing and Submitting Phase 2 Activities Supplement Information Modification High Level System and HW/SW Implementation and Concept System Requirements, Detailed Test Activities, Post FAT Licensee and Phase 0 Design, HW/SW Design including FAT Report Activities, SAT Meeting(s) Planning and Fabrication Alternate Review CompleteDraft SE LA Issued Process NRC: VOP and NRC:

LAR Submitted NRC: LAR Review and Vendor Inspections Regional Inspections Regulatory Audit(s)of Implementation of Site Activities

& Test Activities Timeline 4

Tiered Review Process vs Alternate Review Process

  • The ISG-06 Enclosure B tables identify the typical information to be submitted depending on the applicable review process
  • the tables assume a model case application and do not account for deviations from the ISG-06 guidance
  • Actual applications submitted under the Alternate Review Process (ARP) have elements of the Tiered Review Process
  • Elements of Tier 1 if supplemental information needs to be provided
  • Elements of Tier 2 if there are changes from the pre-approved topical report
  • Elements of Tier 3 if there are components not previous approved by a topical report

5 5 Tiered Review Process vs Alternate Review Process (continued)

  • A tailored approach to the licensing review can be considered in order to determine:
  • the licensing review schedule - what is a reasonable review time (based on the complexity of the modification and information availability) and does the schedule support the installation date
  • information needs - it could be a mix of ARP and Tiered information from Enclosure B (depending on the modification and the review schedule)
  • information availability - what is submitted and when
  • A tailored approach could provide advantages to the licensee in terms of flexibility to address licensing process deviations
  • however, because a tailored approach adapts to information availability and schedule changes, the review time may take longer than an ARP review

6 6 Information Availability

  • If applications are submitted before key aspects of the design are completed (e.g., system requirements), then there could be delays in responding to NRC questions
  • Supplemental information submittals extend the review schedule
  • equipment qualification (EQ)
  • human factors engineering (HFE)
  • EQ testing is often deferred to later stages of the project and EQ summary reports (EQSRs) are provided as late supplements to the LAR

7 7 Multi-Disciplinary Review Team

  • A digital I&C modification encompasses various technical disciplines:
  • technical specifications
  • reactor safety systems
  • human factors engineering
  • Depending on the application, the staff responsible for these disciplines may be involved in the licensing review, the inspections, or both
  • The responsible staff reviews the information necessary to make a safety determination using the review criteria found in the Standard Review Plan (SRP) for all relevant review areas
  • The guidance in ISG-06 is only applicable to the digital I&C portion of the review

8 8 Virtual Audits and Open Items

  • Virtual audits of undocketed material and living documents (e.g., the VOP) have proven to be very effective
  • The Open Items list is a tool intended to expedite the exchange of information to provide clarifications and identify requests for additional information (RAIs)
  • Providing questions (e.g., open items) to the licensee in advance of virtual audit calls improved the effective use of the audit time
  • In-person audits of the vendor should be performed during the licensing review to familiarize the technical reviewers and inspectors with the system and interfaces

9 9 Virtual Audits and Open Items (continued)

  • Early coordination is needed to determine how the Open Items list will be controlled and updated
  • this may need to be reinforced during the review period
  • Use of multiple portals (e.g., for licensee and vendor) involves further coordination
  • Some licensees implement more formal internal approval processes when developing responses to open items
  • this results in longer times for providing responses and delays in the closure of open items or in creating follow-up open items
  • in some cases, it may be more expedient to issue an RAI without first having an open item

10 10 Considerations for Major Digital I&C Upgrades

Major upgrades require additional review considerations:

  • Integration of multiple safety systems (e.g., RPS, ESFAS) into the same platform
  • Reduction of plant redundancy
  • Major Control Room Upgrades
  • use of components not previously approved or qualified for safety (e.g., video display units)
  • common-cause failures can be introduced if manual controls and automatic controls for critical safety functions are not diverse
  • additional review resources may be needed (e.g., HFE)

11 11 Use of New Components

  • Some applications make use of components not previously approved in a topical report or that have not undergone equipment qualification
  • Some components may have been previously approved, but not for the particular design application being incorporated
  • This results in additional review time, which may include the following evaluations for the new components:
  • Software development
  • Equipment qualification
  • Secure development and operational environment
  • Human factors engineering

12 12 Equipment Qualification

  • Early identification of components requiring qualification (environmental, seismic, electromagnetic interference/radiofrequency interference) is important to meet the review schedule
  • Design process and procurement issues may delay the qualification of certain components, and thus, push the submittal of equipment qualification summary reports

13 13 Vendor Oversight Plan

  • A VOP Summary is provided in the LAR per ISG-06, Revision 2, Section C.2.2
  • The staff performs a virtual audit of the VOP
  • There may be discrepancies between the VOP and the Summary, or key information missing from the VOP Summary
  • Multiple revisions of the VOP and VOP Summary may occur during the licensing review
  • The staff recognizes the need for guidance for developing the VOP and VOP Summary
  • The staff plans to develop guidance after completion of current licensing applications

14 14 Vendor Inspections

  • Performed using inspection procedure (IP) 43002 and IP 35710
  • May be performed in parallel with the licensing review
  • The maturity and complexity of the design will inform the timing and frequency of vendor inspections
  • Design changes may occur following completion of design and implementation phases that will require regression analysis
  • Results of FAT and SAT may trigger additional design changes
  • Completion of vendor IV&V activities (e.g., reports) may occur later in lifecycle phases

15 15 Regional Inspections

  • Depending on document availability, some remote documentation review activities may take place after the inspectors have returned to their offices
  • Because of the ARP, the NRCs inspection approach in IP 52003 adjusted from only verifying installation activities to also verifying that the system was designed, developed, and tested in accordance with the amendment
  • Early and frequent communication between the NRC (regional, vendor, technical reviewers, and cyber), licensee and vendor is critical due to the dynamic aspects of the digital I&C system development

16 16 FPGA Licensing Actions

  • The staff has approved the use of Field Programmable Gate Arrays (FPGAs) in DI&C applications:
  • Diablo Canyon Process Protection System & Emergency Safety Features Actuation System
  • License Amendment dated December 21, 2016 (ML16139A008)
  • NuScale Highly Integrated Protection System Platform Topical Report

17 17 Backup Slides

18 Tiered Review Process vs Alternate Review Process

Tiered Review Process Lifecycle Activities Alternate Review Process

Pre-Application - Design Concept - Pre-Application Meetings - High-Level System Design - Meetings

Licensing Review - Detailed HW and SW Design - Licensing Review

License Amendment Request - Fabrication - License Amendment Request Regulatory Audits - Implementation - Regulatory Audits

Supplemental Information - Factory Acceptance Testing -

- Site Acceptance Testing - Vendor and Regional Regional Inspections Inspections

- Site Installation -

19