Text

13-1 CONDUCT OF OPERATIONS This chapter of the safety evaluation report (SER) documents the U.S. Nuclear Regulatory Commission (NRC) staffs (the staff) review of Chapter 13, Conduct of Operations, of the NuScale Power, LLC (NuScale or the applicant), Standard Design Approval Application (SDAA),

Part 2, Final Safety Analysis Report (FSAR). The staffs regulatory findings documented in this report are based on Revision 2 of the SDAA, dated April 9, 2025 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML25099A237). The precise parameter values, as reviewed by the staff in this SER, are provided by the applicant in the SDAA using the English system of measure. Where appropriate, the NRC staff converted these values for presentation in this SER to the International System (SI) units of measure based on the NRCs standard convention. In these cases, the SI converted value is approximate and is presented first, followed by the applicant provided parameter value in English units within parentheses. If only one value appears in either SI or English units, it is directly quoted from the SDAA and not converted.

Organizational Structure Introduction A combined license (COL) applicants organizational structure includes the corporate-level management and technical support organization and the onsite operating organization. The management and technical support organization includes the corporate or home office offsite organization; associated functions, activities, and responsibilities; and the approximate number and qualifications of offsite personnel necessary to ensure that sufficient technical resources have been, are being, and will continue to be provided to accomplish the safe design, construction, testing, and operation of the nuclear plant. The onsite operating organization includes the structure, functions, activities, responsibilities, and approximate number and qualifications of onsite personnel necessary to safely operate and maintain the facility.

The staff reviewed the FSAR to evaluate the COL information items that pertain to (1) COL applicant descriptions of the corporate-level management and technical support organization and (2) COL applicant descriptions of the onsite operating organization.

Summary of Application The plans for a corporate-level, technical, and onsite organizational structure to support, design, construct, test, operate, and maintain the nuclear plant are not within the scope of the NuScale SDAA. This responsibility resides with a COL applicant referencing the NuScale Power Plant US460 standard design. Chapter 13 of the application specifies combined license information items for the COL applicant to describe the corporate-level management and technical support organization and the onsite operating organization.

ITAAC: NuScale has not proposed any inspections, tests, analyses, and acceptance criteria (ITAAC) related to this area of review.

Technical Specifications: There are no technical specifications (TS) for this area of review.

Technical Reports: No technical reports (TRs) are associated with this area of review.

13-2 Regulatory Basis Section 13.1.1, Management and Technical Support Organization, and Section 13.1.2-13.1.3, Operating Organization, of NUREG-0800, Standard Review Plan for the Review of Safety Analysis Reports for Nuclear Power Plants: LWR Edition (SRP), identify, in part, the relevant NRC regulatory requirements for organizational structure and the associated acceptance criteria.

The following regulatory requirements apply to the organizational structure:

Title 10 of the Code of Federal Regulations (10 CFR) 50.34(f)(3)(vii), as it pertains to requirements related to lessons learned from the accident at Three Mile Island (TMI) for the standard design approval applicant, in part, to describe the management plan for design and construction activities of the proposed plant 10 CFR 50.40(b), which requires the COL applicant to be technically qualified to engage in activities associated with the design, construction, and operation of a nuclear power plant 10 CFR 50.48(a)(1)(ii), as it pertains to information that must be included in the fire protection plan of the holder of a COL under 10 CFR Part 52, Licenses, Certifications, and Approvals for Nuclear Power Plants,; specifically, the identification of the various positions within the licensees organization that are responsible for the program 10 CFR 50.54(i), (j), (k), (l), and (m), as they pertain to the organizational staffing requirements for, and responsibilities of, operators and senior operators licensed under 10 CFR Part 55, Operators Licenses 10 CFR Part 50, Domestic Licensing of Production and Utilization Facilities, Appendix B, Quality Assurance Criteria for Nuclear Power Plants and Fuel Reprocessing Plants, as it pertains to organizational responsibilities for the establishment and execution of the quality assurance program 10 CFR 52.79(a)(26)-(28) and (29)(i), as they pertain to information that must be included in the FSAR that is submitted as part of the application for a COL, specifically, the following:

(1) the applicants organizational structure, allocations or responsibilities and authorities, and personnel qualifications requirements for operation (2) managerial and administrative controls to be used to ensure safe operation as established in 10 CFR Part 50, Appendix B (3) plans for preoperational testing and initial operations (4) plans for the conduct of normal operations

13-3 The related acceptance criteria are as follows:

Section III, Acceptance Criteria, of SRP section 13.1.1, Revision 6, issued August 2016 Section III, Acceptance Criteria, of SRP section 13.1.2-13.1.3, Revision 7, issued August 2016 Review Criterion 6.4(2) in Section 6, Staffing and Qualifications, of NUREG-0711, Human Factors Engineering Program Review Model, Revision 3, issued November 2012 (ML12324A013)

NUREG-1791, Guidance for Assessing Exemption Requests from the Nuclear Power Plant Licensed Operator Staffing Requirements Specified in 10 CFR 50.54(m), issued July 2005 (ML052080125)

NUREG/CR-6838, Technical Basis for Regulatory Guidance for Assessing Exemption Requests from the Nuclear Power Plant Licensed Operator Staffing Requirements Specified in 10 CFR 50.54(m), issued February 2004 (ML040580289)

Technical Evaluation The COL applicant is responsible for describing the corporate-level management and technical support organization and the onsite operating organization. This section presents the staffs evaluation of the COL information items that pertain to the COL applicants organizational structures.

13.1.4.1 Combined License Information Items 13.1.4.1.1 Management and Technical Support Organization SRP section 13.1.1 states that for the management and technical support organization, the COL applicants safety analysis report (SAR) should do the following:

Describe the qualification requirements for each identified position or class of positions that provide technical support to the onsite operating organization.

Specify the qualification requirements for individuals holding management and supervisory positions in organizational units that provide support to the onsite operating organization.

In Section 13.1.1, Management and Technical Support Organization, of the FSAR, NuScale specified COL Item 13.1-1, which directs the COL applicant to describe the corporate-level or home office management and technical support organization and specify the necessary qualification requirements for positions within the management and technical support organization that provide technical support to the onsite operating organization. The staff finds that COL Item 13.1-1 appropriately addresses the information that the COL applicant should provide for corporate-level management and technical support organizations.

13-4 13.1.4.1.2 Operating Organization SRP section 13.1.2-13.1.3 states that the COL applicants SAR should describe (1) the structure, functions, and responsibilities of the onsite operating organization established to operate and maintain the plant and (2) any alternatives to the requirements involving the number of licensed personnel, as specified in 10 CFR 50.54(m). Consistent with the SRP, in chapter 13 of the SDAA, Section 13.1.2, Operating Organization, COL Item 13.1-2 directs the COL applicant to describe the onsite operating organization, including the organizations structure, functions, and responsibilities. In addition, COL Item 13.1-2 specifies that the proposed operating staff shall be consistent with the minimum licensed operator staffing requirements in section 18.5, Staffing and Qualification, of the SDAA.

In SDAA section 18.5, the applicant described a staffing level and qualifications analysis that is an alternative to the requirements of 10 CFR 50.54(m). Within the context of its review of SDAA chapter 13, the staff concludes that it is acceptable for the COL item to reference the discussion in section 18.5. Chapter 18 of the SER describes the staffs evaluation of the staffing and qualification element of the NuScale Human Factors Engineering (HFE) Program. Accordingly, the staff determined that COL Item 13.1-2 appropriately identifies information the COL applicant needs to provide about the onsite operating organization.

SRP section 13.1.2-13.1.3 states that the COL applicants SAR should describe the education, training, and experience requirements (qualification requirements) that the COL applicant established to fill each management, operating, technical, and maintenance position category in the operating organization. In the SDAA, Section 13.1.3, Qualifications of Nuclear Plant Personnel, COL Item 13.1-3 directs the COL applicant to describe the qualification requirements for each of the identified position categories for the operating organization.

Accordingly, the staff determined that COL Item 13.1-3 appropriately identifies information the COL applicant needs to provide regarding the qualification requirements for the operating organization.

Combined License Information Items Table 13.1-1 lists COL information related to the organizational structure from FSAR Table 1.8-1, Combined License Information Items.

Table 13.1-1 NuScale COL Information Items Related to FSAR section 13.1 Item No.

Description SDAA Part 2 Chapter 13 COL Item 13.1-1 An applicant that references the NuScale Power Plant US460 standard design will provide a description of the corporate or home office management and technical support organization, including a description of the qualification requirements for (1) each identified position or class of positions that provide technical support to the on-site operating organization, and (2) individuals holding management and supervisory positions in organizational units providing technical support to the on-site operating organization.

13.1.1

13-5 Item No.

Description SDAA Part 2 Chapter 13 COL Item 13.1-2 An applicant that references the NuScale Power Plant US460 standard design will provide a description of the proposed structure, functions, and responsibilities of the on-site organization necessary to operate and maintain the plant. The proposed operating staff shall be consistent with the minimum licensed operator staffing requirements in Section 18.5.

13.1.2 COL Item 13.1-3 An applicant that references the NuScale Power Plant US460 standard design will provide a description of the qualification requirements for each management, operating, technical, and maintenance position described in the operating organization.

13.1.3 Conclusion For the reasons given above, the staff concludes that the COL information items specified in table 13.1-1 and included in the FSAR are sufficient to identify information that the COL applicant needs to provide to meet the applicable requirements of 10 CFR 50.34(f)(3)(vii);

10 CFR 50.40(b); 10 CFR 50.48(a)(1)(ii); 10 CFR 50.54(i), (j), (k), and (l); 10 CFR Part 50, Appendix B; 10 CFR 52.79 (a)(26)-(28) and (29)(i); and the minimum licensed operator staffing requirements in lieu of 10 CFR 50.54(m) as described in FSAR Section 18.5.

Training Introduction A COL applicants training program should include (1) the initial license training program for reactor operators and senior reactor operators, (2) the licensed operator requalification program, and (3) the nonlicensed plant staff training program. The latter consists of initial training, periodic retraining, and qualifications for nonlicensed operators, shift supervisors, shift technical advisors, instrumentation and control technicians, electrical maintenance personnel, mechanical maintenance personnel, radiological protection technicians, chemistry technicians, and engineering support personnel.

The staff reviewed the SDAA to evaluate the COL information items that pertain to the COL applicants description of and schedule for (1) the licensed operator training program for reactor operators and senior reactor operators, including the licensed operator requalification program, and (2) the training program for the nonlicensed plant staff.

Summary of Application FSAR: The development of site-specific training programs is not within the scope of the NuScale SDAA. This responsibility resides with the COL applicant. In FSAR Section 13.2, Training, the SDA applicant specified two COL information items that direct the COL applicant to describe the initial license training program, the licensed operator requalification program, and the nonlicensed plant staff training program and to provide schedules for these programs.

ITAAC: The applicant has not proposed any ITAAC related to this area of review.

13-6 Technical Specifications: There are no TS for this area of review.

Technical Reports: No TRs are associated with this area of review.

Regulatory Basis SRP Section 13.2.1, Reactor Operator Requalification Program; Reactor Operator Training, and SRP Section 13.2.2, Non-Licensed Plant Staff Training, identify, in part, the relevant NRC regulatory requirements for training and the associated acceptance criteria.

The following regulatory requirements are applicable for training:

10 CFR 19.12, Instruction to workers, as it pertains to instructions provided to workers for the protection of personnel from exposure to radiation or radioactive material 10 CFR 26.29, Training, as it pertains to employee training associated with the fitness-for-duty (FFD) program 10 CFR 50.34(f)(2)(ii), as it pertains to the TMI-related requirement for applicants to establish a program to begin during construction and to follow into operation for assessing and improving plant procedures applicable to operator training 10 CFR 50.40(a) and (b), as they pertain to the issuance of a COL under 10 CFR Part 52 based on considerations of whether the applicant (1) is technically qualified to engage in activities associated with the design, construction, and operation of a nuclear power plant and (2) has established the licensed and nonlicensed plant staff training programs necessary to provide reasonable assurance that the nuclear power plant can be safely operated 10 CFR 50.54(i-1), as it pertains to requirements for the establishment of a licensed operator requalification training program within 3 months after the date that the Commission makes the finding under 10 CFR 52.103(g) that the acceptance criteria in the COL are met 10 CFR 50.120(b)(1)-(3), as they pertain to requirements for the establishment, implementation, and maintenance of training programs derived from a systems approach to training as defined in 10 CFR 55.4, Definitions, for specific categories of nuclear power plant personnel 10 CFR Part 50, Appendix B, as it pertains to the training and technical qualifications of personnel who perform activities that affect the quality of structures, systems, and components (SSCs) that are covered by the quality assurance program 10 CFR Part 50, Appendix E, Emergency Planning and Preparedness for Production and Utilization Facilities, as it pertains to the requirements for emergency preparedness training of employees and other persons whose assistance may be needed in the event of a radiological emergency (e.g., local emergency services and law enforcement personnel), including participation in drill and exercise scenarios to provide performance opportunities to develop, maintain, and demonstrate key skills

13-7 10 CFR 52.79(a)(26)-(28) and (29)(i), as they pertain to information to be included in the COL FSAR, specifically, the following:

(1) the qualification requirements of licensed and nonlicensed plant personnel to engage in activities associated with operation of the nuclear power plant (2) the controls associated with the training of personnel who perform activities that affect the quality of SSCs that are covered by the quality assurance program as established in 10 CFR Part 50, Appendix B (3) plans for licensing personnel and training nonlicensed plant staff before criticality to support preoperational testing activities and initial operations (4) plans for licensed and nonlicensed plant staff to receive the technical and administrative training required to operate, test, and maintain the nuclear power plant during the conduct of normal operations 10 CFR 52.79(a)(14), (21), (33), (34), (36), (39), (40), and (44), as they pertain to information that must be included in the FSAR that an applicant submits as part of the application for a COL, specifically, descriptions of the following:

(1) licensed operator training required by 10 CFR Part 55 (2) training required by 10 CFR 50.120, Training and qualification of nuclear power plant personnel, for specific categories of nuclear power plant personnel (3) nonlicensed plant staff training associated with security procedures, radiological emergency plans, radiation protection, fire protection, and FFD 10 CFR 55.4, as it pertains to Commission-approved training programs that are based on a systems approach to training 10 CFR 55.31(a)(4)-(5), as they pertain to the documentation requirements associated with successful completion by an applicant for an operator license of a facility licensee training program, when the facility licensee requests administration of the licensing exam (i.e., written examination and operating test) 10 CFR 55.41, Written examination: Operators, as it pertains to requirements associated with the content and makeup of the NRCs written examination for operators 10 CFR 55.43, Written examination: Senior operators, as it pertains to requirements associated with the content and makeup of the NRCs written examination for senior operators 10 CFR 55.45, Operating tests, as it pertains to requirements associated with (1) the content and makeup of the NRCs operating test for operators and senior operators and (2) the use of a Commission-approved simulation facility, a plant-referenced simulator, or the physical plant for administration of the operating test

13-8 10 CFR 55.46, Simulation facilities, as it pertains to requirements for the use of simulation facilities in the administration of the NRC operating test 10 CFR 55.59, Requalification, as it pertains to requirements associated with licensed operator requalification training programs The related acceptance criteria are as follows:

Section III, Acceptance Criteria, of SRP Section 13.2.1, Revision 4, issued August 2016 Section III, Acceptance Criteria, of SRP Section 13.2.2, Revision 4, issued August 2016 Regulatory Guide (RG) 1.8, Qualification and Training of Personnel for Nuclear Power Plants, Revision 4, issued June 2019 (ML19101A395)

RG 1.149, Nuclear Power Plant Simulation Facilities for Use in Operator Training, License Examinations, and Applicant Experience Requirements, Revision 4, issued April 2011 (ML110420119)

NUREG-0711, Revision 3 NUREG-1021, Operator Licensing Examination Standards for Power Reactors, Revision 12, issued September 2021 (ML21256A276)

NUREG-1220, Training Review Criteria and Procedures, Revision 1, issued January 1993 (ML102571869)

Technical Evaluation The COL applicant is responsible for the development of site-specific training programs. This section presents an evaluation of the COL information items that pertain to training programs for licensed and nonlicensed plant staff.

13.2.4.1 Combined License Information Items The NRC regulations require the COL applicant that references the NuScale Power Plant US460 standard design to address the site-specific information described in COL information items at the COL stage.

13.2.4.1.1 Licensed and Nonlicensed Plant Staff Training Programs SRP section 13.2.1 states that the COL applicant should provide the description and scheduling of the licensed operator training program for reactor operators and senior reactor operators, including the licensed operator requalification program. SRP section 13.2.2 states that the COL applicants nonlicensed plant staff training program should include the initial training, periodic retraining, and qualification that are required for nonlicensed plant staff. The staff reviewed FSAR section 13.2, COL Item 13.2-1, and found that it specifies the appropriate and necessary information for licensed plant staff. The staff reviewed FSAR section 13.2, COL Item 13.2-2, and

13-9 found that it specifies the appropriate and necessary information for nonlicensed plant staff training programs. The staff also verified that the FSAR adequately incorporates the COL information items presented in table 13.2-1.

Combined License Information Items Table 13.2-1 lists COL information item numbers and descriptions related to training from FSAR table 1.8-1.

Table 13.2-1 NuScale COL Information Items Related to FSAR, section 13.2 Item No.

Description SDAA Part 2 Chapter COL Item 13.2-1:

An applicant that references the NuScale Power Plant US460 standard design will provide a description and schedule of the Initial Training and Qualification as well as Requalification Programs for reactor operators and senior reactor operators.

13.2 COL Item 13.2-2:

An applicant that references the NuScale Power Plant US460 standard design will provide a description and schedule of the Non-Licensed Plant Staff Training Programs including initial training, periodic retraining, and qualification requirements.

13.2 Conclusion For the reasons given above, the staff concludes that the COL information items specified in table 13.2-1 of this report and included in the FSAR are sufficient to identify information that the COL applicant needs to provide to meet the applicable requirements of 10 CFR 19.12; 10 CFR 26.29; 10 CFR 50.34, Contents of applications: general information; 10 CFR 50.40, Common standards; 10 CFR 50.54, Conditions of licenses; 10 CFR 50.120; 10 CFR Part 50, Appendix B; 10 CFR Part 50, Appendix E; 10 CFR 52.79, Contents of applications; technical information in final safety analysis report; and 10 CFR Part 55.

Emergency Planning The NRC staff conducted its review of the NuScale Standard Design Approval (SDA) application (SDAA) emergency planning (EP) in accordance with the requirements contained in 10 CFR 52.137, Contents of applications; technical information, and 10 CFR 52.139, Standards for Review of Applications. This report section addresses those EP design features that are technically relevant to 10 CFR, Part 52, Subpart E, Standard Design Approvals, that are not site specific and that affect some aspect of emergency planning or the capability of a licensee to cope with plant emergencies. The applicant may choose the extent to which the SDAA includes EP features to be reviewed as part of the SDA evaluation.

The NRC staff conducted the review of standard design information and COL information items (designated as COL items) related to EP and documented the results in this section of Chapter

13. The EP COL items are listed in Table 13.3-1, NuScale US460 SDAA Emergency Planning COL Items, of this report.

13-10 Introduction The following subsections present the staffs technical evaluation of the EP design for the NuScale US460 SDAA.

Summary of Application The subsections below summarize the EP design information submitted in the NuScale US460 SDAA FSAR.

The NuScale US460 SDAA FSAR Section 13.3, Emergency Planning, states that the NuScale Power Plant design includes design features, facilities, and equipment that are usable for up to six (6) NuScale Power Modules to support emergency response functions. A COL applicant that references the NuScale Power Plant US460 standard design is responsible for providing a comprehensive emergency plan (COL Item 13.3-2) and the descriptions of the emergency response facilities (ERFs) for management of overall licensee emergency response (COL Item 13.3-1). Thus, the COL applicant that references the NuScale US460 standard design is responsible for the interfaces of these features with site-specific parameters.

Further, the NuScale US460 FSAR Section 13.3, Emergency Planning, states that the NuScale US460 standard plant emergency planning design ensures that personnel are protected from radiological hazards, including direct radiation and airborne radioactivity from in-plant sources under accident conditions (i.e., radiation dose is limited to 5 roentgen equivalent man (rem) total effective dose equivalent (TEDE) for the duration of the accident). In the event of a Technical Support Center (TSC) loss of ventilation, or if the TSC becomes otherwise uninhabitable, TSC personnel are evacuated and the TSC functions are transferred to a location designated by the comprehensive emergency plan that will be provided by the COL applicant.

Although the development of a comprehensive emergency plan is the responsibility of the COL applicant that references the NuScale US460 standard design, the design bases for the NuScale US460 standard plant include design features, facilities, functions, and equipment necessary for EP. The design bases for the NuScale US460 standard plant include the following EP features:

TSC A TSC is an onsite ERF that provides plant management and technical support to the plant operations personnel during emergency conditions.

Emergency Response Data System (ERDS)

ERDS is a direct near real-time electronic data link between a licensees onsite computer system and the NRC Operations Center and provides for the automated transmission of a limited data set of selected parameters from a licensees installed onsite computer system in the event of an emergency.

TSC Engineering Workstations The TSC engineering workstations are for information display only and no control functions are provided on the TSC engineering workstations. Sufficient backup power

13-11 sources are provided to maintain continuity of TSC functions and to immediately resume data acquisition, storage, and display of TSC data if a loss of the primary TSC power source occurs. The plant network, as described in FSAR Section 7.2.13.7, Other Information Systems, provides data recording, trending, and historical retention that can be retrieved on the TSC engineering workstations.

TSC Variables Available for Accident Assessment The appropriate Regulatory Guide 1.97, Criteria for Accident Monitoring Instrumentation for Nuclear Power Plants, criteria that are essential for performance of TSC functions are available in the TSC.

FSAR: The following NuScale US460 SDAA FSAR sections describe the design features with an interface to EP:

FSAR Section 1.2.2.2 Control Building, states that the NuScale US460 control building contains the TSC. The TSC layout within the control building is shown in FSAR Figure 1.2-19, Control Building 125-0 Elevation, and Figure 1.2-20, Control Building North-South Section View show that the TSC and the main control room (MCR) are located on the same floor level elevation of the control building.

FSAR Section 3.7.2.1.2.5, Control Building, states that the control building is comprised of a seismic category I (SC-I) portion and a seismic category II (SC-II) portion and that the TSC is located in the SC-II portion of the control building.

FSAR Section 7.2.13.7, Other Information Systems, describes the TSC engineering workstations.

FSAR Section 9.4.1.2, System Description, and FSAR Section 12.3.3.5, Normal Control Room Heating, Ventilation, and Air Conditioning System, discuss heating, ventilation, and air conditioning for the TSC.

FSAR Section 9.5.2, Communication System, provides descriptions for the TSC communication systems.

FSAR Section 18.7.2.4.3, Technical Support Center, Emergency Operating Facility, Waste Management Control Room, and Module Maintenance Center, provide descriptions of the TSC workstation human-system interfaces.

ITAAC: The SDA applicant has not proposed any ITAAC related to this area of review.

Technical Specifications: There are no TS for this area of review.

Technical Reports: Human Factors Engineering Program Management Plan, TR-130414-NP, Revision 0, dated December 2022, states in Section 2.2.3, Applicable Facilities, that the NuScale Human Factors Engineering Program scope, applicable from the start of conceptual design through turnover to the licensee, is limited to defining the TSC plant data and the TSCs human-system interfaces impact on licensed operator workload.

13-12 Regulatory Basis The following NRC regulations contain the relevant requirements for this review:

10 CFR Part 50, Appendix E, as it relates to EP and the ERDS 10 CFR 52.137(a)(8), which requires that an SDAA FSAR must include the information necessary to demonstrate compliance with any technically relevant portions of the TMI requirements in 10 CFR 50.34(f), except 10 CFR 50.34(f)(1)(xii), (f)(2)(ix), and (f)(3)(v) 10 CFR 52.137(a)(11), which requires that an SDAA FSAR must include the information pertaining to design features that affect plans for coping with emergencies in the operation of the reactor facility or a major portion of the facility 10 CFR 52.139, as it relates to EP information submitted under 10 CFR Part 52, Subpart E, Standard Design Approvals, for an SDAA The following guidance documents provide criteria relevant to this review and were used to confirm that the above requirements have been adequately addressed:

NUREG-0800 (SRP), Section 13.3, Emergency Planning, lists the acceptance criteria that are adequate to meet the above requirements and the review interfaces with other SRP sections.

NUREG-0696, Functional Criteria for Emergency Response Facilities, issued February 1981 (ML051390358), describes the facilities and systems that nuclear power plant licensees will use to improve responses to emergencies.

NUREG-0737, Clarification of TMI Action Plan Requirements, Supplement 1, Requirements for Emergency Response Capability, issued January 1983 (ML051390367), describes post-TMI requirements for emergency response capabilities that have been approved for implementation.

NUREG-1394, Emergency Response Data System, Revision 2, August 2022 (ML22244A081), provides guidance for the implementation and continued operation of ERDS at licensee sites.

The NRC Office of Nuclear Security and Incident Response (NSIR), Division of Preparedness and Response (DPR), interim staff guidance (ISG) document, NSIR/DPR-ISG-01, Interim Staff GuidanceEmergency Planning for Nuclear Power Plants, issued November 2011, provides updated guidance for addressing EP requirements for nuclear power plants based on changes to emergency preparedness regulations, in part, to 10 CFR 50.47, Emergency plans, and 10 CFR Part 50, Appendix E, that the NRC published on November 23, 2011, in the Federal Register (76 FR 72560).

Technical Evaluation The design information required to license and operate a site-specific NuScale US460 nuclear power plant is identified throughout the NuScale US460 FSAR as COL information items. These

13-13 COL information items are the responsibility of a COL applicant that desires to construct and obtain a license to operate a NuScale US460 standard design power plant and are to be provided in the COL application. FSAR section 13.3 and table 13.3-1 of this report identifies the NuScale US460 FSAR EP COL information items that are described or provided in the NuScale SDAA FSAR and are evaluated by the staff in this report. COL Item 13.3-2 states that an applicant that references the NuScale Power Plant US460 standard design is responsible for providing a comprehensive emergency plan. Therefore, the following subsections document the staffs review and evaluation of the EP design features information contained in the NuScale US460 SDAA for conformance with the applicable standard design acceptance criteria as identified in SRP section 13.3 to demonstrate compliance with the listed EP requirements.

13.3.4.1 Emergency Response Facilities The guidance of SRP section 13.3,Section II, SRP Acceptance Criteria, item 25, states, in part, that an applicant subject to the 10 CFR 50.34(f)(2)(xxv) criterion shall provide a technical support center (TSC) and an operational support center (OSC). NuScale FSAR Table 1.9-3, Conformance with NUREG-0800, Standard Review Plan and Design Specific Review Standard, and Table 1.9-5, Conformance with Three Mile Island Requirements (10 CFR 50.34(f)) and Generic Issues (NUREG-0933), state that the NuScale US460 SDAA only partially conforms to 10 CFR 50.34(f)(2)(xxv). Specifically, the NuScale US460 SDAA design includes a TSC but does not include an OSC. The design and descriptions of emergency response facilities are the responsibility of an applicant that references the NuScale US460 standard design in a COL application. This is stated in COL Item 13.3-1.

The staff used the guidance in NUREG-0696, Supplement 1 to NUREG-0737, and NUREG-0800 specific acceptance criteria to evaluate the TSC design for compliance with the relevant standard design emergency response facilities requirements.

13.3.4.1.1 Technical Support Center FSAR Section 13.3, Emergency Planning, states that a TSC is provided that is compliant with the design requirements of NUREG-0696 functional criteria for ERFs.

13.3.4.1.1.1 Technical Support Center Structure FSAR Section 1.2.2.2 Control Building, states that the NuScale US460 control building contains the TSC. The TSC layout within the control building is shown in FSAR Figure 1.2-19, Control Building 125-0 Elevation, and Figure 1.2-20, Control Building North-South Section View.

FSAR Section 3.7.2.1.2.5, Control Building, states that the control building is comprised of a seismic category I (SC-I) portion and a seismic category II (SC-II) portion and that the TSC is located in the SC-II portion of the control building. In FSAR Section 13.3, the applicant states that the SC-II structures, systems, and components are analyzed for safe shutdown earthquake loads and the same wind pressure as the SC-I portion, that the NuScale US460 standard design approval flood level is below the 125 ft elevation of the TSC, and that the control building that the TSC is located will be constructed to a building code that is endorsed by the International Building Code that replaced the Uniform Building Code. In that response, the applicant concluded that the TSC is a well-engineered structure designed to be capable of withstanding earthquakes, high winds, and floods.

The NRC staff reviewed the above NuScale US460 SDAA TSC structure design descriptions, and finds that the NuScale US460 TSC design is consistent with the TSC structure design

13-14 guidance in Section 2.5, Structure, of NUREG-0696 and NUREG-0737, Supplement 1, Section 8.2.1.d.

13.3.4.1.1.2 Technical Support Center Size The TSC is sized to accommodate staffing levels of 25 persons that consist of 20 licensee personnel and 5 NRC personnel at 75 square feet per person. The TSC includes a technical evaluation room and additional space for storage, offices, and conference rooms. The staff finds that this NuScale US460 TSC size design information is consistent with the specific space and personnel accommodation guidance contained in NUREG-0696, Section 2.4 Size and NUREG-0737, Supplement 1, Section 8.2.1.c.

13.3.4.1.1.3 Technical Support Center Location FSAR Figure 1.2-19 and Figure 1.2-20, show that the TSC and the main control room (MCR) are located on the same floor level elevation of the control building. When using the shortest designed direct route, the walking time between the entrance of the MCR and the entrance of the TSC does not exceed two minutes. Based on this TSC location design information, the staff finds that the NuScale US460 TSC location design addresses the applicable standard design approval TSC location guidance in Section 2.2, Location, of NUREG-0696 and Section 8.2.1.b of NUREG-0737, Supplement 1.

13.3.4.1.1.4 Technical Support Center Communications The TSC is equipped with voice communications systems that provide communications between the TSC and plant, local off-site emergency response facilities, the NRC, and State operations centers. FSAR Section 9.5.2.3, Safety Evaluation, states that the TSC voice communications consist of the telephony system, wide area mass notification system (WAMNS), and the plant radio system. FSAR Section 9.5.2.2, System Description, provides descriptions for these TSC communication systems:

The telephony service includes onsite communication and an interface with an offsite public switched telephone network and has the necessary bandwidth to support peak traffic for normal and emergency plant operations modes.

The WAMNS sends emergency alarms and communications to plant personnel by broadcast paging. The WAMNS has the capability to support operations during normal and emergency conditions.

The distributed antenna system distributes frequencies for the plant radio system in buildings and outdoors across the site, as needed. The distributed antenna system interfaces with the telephony system to allow access to both onsite telephony and the external telecommunications network. The plant radio has the capability to support operations during normal and emergency conditions.

These TSC communication systems provide communications between the TSC and plant, offsite emergency response facilities, the NRC, and local and state operations centers and are physically independent of each other such that a failure in one system will not disable another system. COL Item 9.5-1 specifies that it will be the responsibility of a COL applicant that

13-15 references the NuScale US460 standard design approval to provide a description of the offsite communication system, how the offsite communication system interfaces with the onsite communications system, and how continuous communications capability is maintained to ensure effective command and control with onsite and offsite resources during both normal and emergency situations.

Section 9.5.2 of this report documents the staffs evaluation and safety findings for these TSC communication systems. Based on its review of the above NuScale US460 TSC communication system design information, the staff finds that the TSC communications design is consistent with the TSC communication guidance in Section 2.7, Communications, of NUREG-0696 and NUREG-0737, Supplement 1, Section 8.2.1.g.

13.3.4.1.1.5 Technical Support Center Technical Data, Data System, and Human Factors Engineering FSAR Section 7.2.13.7, Other Information Systems, states that the plant monitoring data is retrieved in the TSC from the plant network via the TSC engineering workstations and displayed in the TSC. The plant network provides plant operation and variable data recording, trending, and historical retention that can be retrieved by the TSC engineering workstations. The plant network is shown in Figure 7.0-1, Overall Instrumentation and Controls System Architecture Diagram.

The guidance of SRP 13.3, states that for an applicant subject to 10 CFR 50.34(f)(2)(iv), a review is to be performed to assure that the safety parameter display system information capabilities are available in the TSC. The NuScale US460 safety display and indication system is integrated into the MCR Human System Interface (HSI) design. FSAR Section 18.7.2.4.3, states that the HSI design in the TSC is a derivative of the MCR HSI and complies with the NuScale HSI Style Guide. FSAR Section 18.7.2.3.1, Concept of Use, states that the HSIs facilitate the operators' abilities to perform their plant activities (e.g., responding to off-normal conditions, performing emergency response duties such as off-site notifications) by providing the controls, indications, alarms, and procedures necessary for the operators to carry out their responsibilities. The HSI design element of the Human Factors Engineering (HFE) Program provides the design of interfaces between plant personnel and plant systems and components.

FSAR Section 18.7.1, Objectives and Scope, states that the objective of the HSI design element is to translate the functional requirements analysis, function allocation requirements, as well as task analysis requirements, into HSI design requirements and the detailed design of alarms, indications, controls, and other aspects of the HSIs and that this objective is accomplished by systematically applying HFE principles and criteria. The TSC HSIs are for information display only and no control functions are provided in the TSC. The evaluation of the HFE aspects of the NuScale US460 HSI design is provided in Chapter 18 of this report.

FSAR Section 13.3 states that FSAR Table 7.1-7, Summary of Post-accident Monitoring Variables, list post-accident monitoring (PAM) variables available in the TSC and the MCR.

FSAR Section 7.1.1.2.2, Post-Accident Monitoring, states that PAM Type B, C, D, E, and F variables are summarized in Table 7.1-7 and that the NuScale US460 reactor design has no Type A variables. In addition, the selection of each type of variable follows the guidance provided in Institute of Electrical and Electronics Engineers (IEEE) Std 497-2016, "IEEE Standard Criteria for Accident Monitoring Instrumentation for Nuclear Power Generating Stations, and the guidance of Regulatory Guide 1.97, Criteria for Accident Monitoring Instrumentation for Nuclear Power Plants, Revision 5.

13-16 Based on its review of the above TSC HSI design and TSC PAM variable descriptions listed above, the staff finds that the NuScale US460 TSC data set display and data system design is consistent with the TSC technical data system guidance in Section 2.9, Technical Data and Data System, of NUREG-0696 and Supplement 1 to NUREG-0737, Section 8.2.1.h and Section 8.2.1.k, and SRP 13.3. Therefore, the staff finds that the MCR HSI information capabilities are available in the TSC and that the HSI TSC design meets the applicable TSC requirements of 10 CFR 50.34(f)(2)(iv).

13.3.4.1.1.6 Technical Support Center Instrumentation, Data System Equipment, and Power Supplies The plant network receives plant data from one-way deterministic isolation devices that provide one-way communication interfaces to the plant network as shown in FSAR Figure 7.0-1. The TSC engineering workstations are separate from the MCR operator workstations, which are located in the MCR. The TSC engineering workstations have licensed operating systems, configuration software, and a software package for complete configuration, trending, and diagnostics. TSC workstation operation is independent of actions in the MCR and do not degrade or interfere with MCR functions or safety-related plant functions.

FSAR Section 13.3 states that the TSC engineering workstations and communications equipment are supplied with power from the normal DC power system (EDNS). Section 13.3 of the FSAR further states that the EDNS includes battery backup power and may also be provided backup power from the backup power supply system. By letter dated December 18, 2023 (ML23352A361), the SDA applicant states that there are sufficient backup power supply sources available to maintain reliability and continuity of the TSC data systems and the TSC functions. If a loss to the primary TSC power source occurs, the TSC backup power sources immediately resume data acquisition, storage, and display of TSC data.

Based on its review of the above NuScale US460 TSC data system backup power sources provided to maintain continuity of TSC functions and TSC operational independence from the MCR workstation control functions, the staff finds that the NuScale US460 TSC data system design is consistent with the TSC data system equipment guidance in Section 2.8, Instrumentation, Data System Equipment, and Power Supplies of NUREG-0696.

13.3.4.1.1.7 Technical Support Center Habitability The TSC is designed to protect TSC personnel from radiological hazards, including direct radiation and airborne radioactivity from in-plant sources under accident conditions (i.e.,

maximum of 5 rem TEDE for the duration of the accident). As stated in FSAR Section 15.0.3.6.4, Radiological Exposures from Shine, the potential radiological exposures following radiological release events were evaluated and the 30-day cumulative TSC doses, considering the combination of the beyond-design-basis core damage event-based shine dose and the event-specific doses calculated, remained below the limit of 5 rem TEDE for the duration of the accident. FSAR Section 9.4.1.2, System Description, and FSAR Section 12.3.3.5, Normal Control Room Heating, Ventilation, and Air Conditioning System, state that during normal operations, the normal control room heating, ventilation, and the air conditioning (HVAC) system (CRVS) supplies conditioned air to the control building, including the TSC, with outside air that is filtered to maintain a suitable environment for personnel and equipment. The CRVS maintains temperature and humidity control within ranges suitable for the comfort of personnel and to prevent degradation of equipment. The CRVS has two 100 percent capacity air handling units designed such that if the current operating air handling unit fails, the standby air handling unit

13-17 will start automatically. The CRVS is designed to maintain a positive pressure inside the control building with respect to adjacent spaces. If a high radiation indication is received from an outside air intake radiation monitor, the supply air is routed through the CRVS filter unit which provides high-efficiency particulate air (HEPA) and charcoal filtration. Section 9.4 of this report provides the staffs evaluation of the CRVS. The staffs evaluation of the radiological habitability of the TSC is provided in Section 6.4 and Chapter 15 of this report.

In the event of a loss of TSC ventilation, or if the TSC becomes uninhabitable, TSC personnel will be evacuated and the TSC functions will be transferred to a location designated by the COL applicants emergency plan (COL Item 13.3-2). Based on its review of the above NuScale US460 SDAA accident event analysis results demonstrating protection of TSC personnel from radiological release hazards under accident conditions, the staff finds that the NuScale US460 TSC personnel protection from radiological hazards under accident conditions design is consistent with the TSC personnel radiological protection guidance in Section 2.6, Habitability, of NUREG-0696 and NUREG-0737, Supplement 1, Section 8.2.1.f.

The TSC is designed with fixed area radiation monitors (ARM). FSAR Section 12.3.4.2, Fixed Area Radiation Monitoring Instrumentation, states that the TSC ARM alarm setpoints are established to alert plant personnel when radioactivity in a specific location reaches levels that have been determined to be abnormal. The ARMs provide both indication and alarm functions to the TSC. The fixed ARMs and associated instrument and controls platforms provide information that can supplement radiological surveys, meet reporting requirements, and inform workers of radiological conditions. In addition, ARMs system data is capable of being supplied to the NRC Operations Center through the connection to the ERDS. The ARM indication provides awareness to operators and workers of changing radiological conditions. The TSC ARMs, including the type of radiation monitored and the associated principal isotope(s) and instrument ranges were reviewed by staff and are identified in FSAR Table 12.3-8, Fixed Area and Airborne Radiation Monitors Post-Accident Monitoring Variables, and Table 12.3-10, Fixed Area Radiation Monitors. Based on its review of the NuScale US460 TSC radiation monitoring design descriptions listed above, the staff finds that the NuScale US460 TSC radiation monitoring design is consistent with the TSC radiation monitoring system guidance in Section 2.6, Habitability, of NUREG-0696.

13.3.4.1.1.8 Technical Support Center Evaluation Conclusion The staff notes that EP specific guidance applicable to the TSC that is not addressed in this reports EP evaluation section will be addressed by the COL applicant that references the NuScale US460 standard design approval and provides the site-specific TSC design information and emergency plan. Thus, based on the staffs evaluation of the NuScale SDAA TSC design information, the staff concludes that for the matters reviewed in this TSC evaluation report section, the TSC EP design information provided in the NuScale US460 SDAA is consistent with the applicable TSC emergency planning guidance identified in NUREG-0696, Supplement 1 to NUREG-0737, and SRP Section 13.3. Therefore, the staff finds that NuScale US460 SDAA TSC EP design information meets the applicable TSC general description requirements for ERFs of 10 CFR 50.34(f)(2)(xxv).

13.3.4.2 Emergency Response Data System SRP Section 13.3,Section II, SRP Acceptance Criteria, Item 12, states that Section VI, Emergency Response Data System, of Appendix E to 10 CFR Part 50, requires an ERDS. The ERDS guidance of NUREG-1394, Office of Nuclear Security and Incident Response

13-18 Emergency Response Data System, Section 2.1, ERDS Design Concept, states that the ERDS concept involves the direct electronic transmission of selected parameters from the electronic data systems that are currently installed at the licensee facility. FSAR Section 7.2.13.7, Other Information Systems, states that there is a link from the NuScale US460 plant network to the NRC ERDS through dedicated communication servers that connect to the plant network and provide data communication of required plant data. The NuScale US460 ERDS link provides a direct near-real-time electronic data link of selected parameters between the on-site computer system and the NRC Operations Center in the event of an emergency. The ERDS will be designed to be compliant with Section VI of 10 CFR Part 50, Appendix E. FSAR Table 1.9-3 states that the ERDS site-specific aspects are the responsibility of the applicant (COL Item 13.3-2).

Based on the ERDS design information above, the staff concludes that the NuScale US460 SDAA has provided adequate descriptions of the ERDS electronic data link design between the NuScale US460 facility and the NRC Operations Center and addresses the ERDS acceptance criteria guidance of SRP 13.3,Section II, Item 12. Therefore, staff finds that the NuScale US460 SDAA ERDS design information meets the applicable ERDS standard design requirements in Section VI, Emergency Response Data System, of Appendix E to 10 CFR Part 50.

13.3.4.3 Decontamination Facilities SRP Section 13.3,Section III, REVIEW PROCEDURES, review Section Standard Design Certification, Items 3 and 4, states that the reviewer should examine the relevant sections of the FSAR that address decontamination facilities and systems that support the emergency preparedness and response capabilities of the proposed reactor design. FSAR Section 12.1.2.3, Facility Layout General Design Considerations for Maintaining Radiation Exposures as Low as Reasonably Achievable, states that the radiation protection support facilities are located in the Radioactive Waste Building and include change rooms, counting room, and personnel decontamination facilities, and also serves as the access portal to the radiologically controlled area and includes dosimetry issue and personnel contamination monitors. In addition, FSAR Section 12.3.6.1.3, Design Considerations for Reduction of Cross-Contamination, Decontamination and Waste Generation - Objective 3, states that the NuScale US460 standard design contains an on-site decontamination facility to reduce the potential for cross-contamination, the need for decontamination, and radioactive waste generation.

Decontamination facilities are provided to remove or reduce radioactive contaminants from plant equipment, protective clothing, and personnel.

Based on its review of the decontamination emergency preparedness capabilities design descriptions above, the staff concludes that the NuScale US460 SDAA has provided adequate descriptions for the standard designs emergency preparedness decontamination facilities and address the applicable decontamination guidance of SRP 13.3,Section III, review Section Standard Design Certification, Items 3 and 4.

13.3.4.4 Post-accident Sampling System SRP Section 13.3,Section II, Item 27, states that 10 CFR 50.34(f)(2)(viii) requires that an applicant provide a capability to promptly obtain and analyze samples from the reactor coolant system and containment that may contain accident source term radioactive materials, while ensuring that no individual receives radiation exposure in excess of 0.05 Sv (5 rem) to the whole body or 0.5 Sv (50 rem) to the extremities. FSAR Table 1.9-5 states that the NuScale US460 standard design does not rely on primary coolant or containment samples to assess the extent

13-19 of potential core damage and that the NuScale US460 standard design supports an exemption from the 10 CFR 50.34(f)(2)(viii) requirement. The exemption from the design criterion of CFR 50.34(f)(2)(viii) is evaluated in Section 9.3.2 of this evaluation report.

13.3.4.5 Containment Monitoring and Continuous Sampling of Potential Accident Release Points SRP Section 13.3,Section II, Item 28, states that 10 CFR 50.34(f)(2)(xvii) requires instrumentation to measure, record, and readout in the control room various containment parameters, including noble gas effluents at all potential accident release points. In addition, an applicant must provide for continuous sampling of radioactive iodine and particulates in gaseous effluents from all potential accident release points, and for onsite capability to analyze and measure these samples. FSAR Table 1.9-5 and FSAR Section 9.3.2.2.3, System Operation, state that the NuScale US460 standard design supports an exemption from 10 CFR 50.34(f)(2)(xvii)(c). This exemption from the requirement of 50.34(f)(2)(xvii)(c) is evaluated in Sections 6.2.5 and 9.3.2 of this report. The evaluation of the sampling system instrumentation is provided in Section 7.2.13 of this report. In addition, the evaluation for continuous sampling of radioactive iodine and particulates in gaseous effluents from all potential accident release points is conducted in Section 11.5.2 and Section 12.3.4 of this report.

13.3.4.6 Inspections, Tests, Analyses, and Acceptance Criteria FSAR Table 1.9-3 states that NuScale US460 EP ITAAC were not included as part of the SDAA. COL Item 14.3-1 specifies that an applicant that references the NuScale US460 standard design will provide the site-specific selection methodology and ITAAC for emergency planning.

Combined License Information Items Table 13.3-1, NuScale US460 SDAA Emergency Planning COL Items, of this report provide the NuScale US460 SDAA COL design information items related to EP. The NRC staff reviewed the COL items and found them to be consistent with the regulatory standards in 10 CFR Part 52.139 and with the applicable standard design SRP guidance. Therefore, the staff finds that the proposed COL items are sufficient in identifying information a COL applicant needs to provide to address the applicable EP requirements.

Table 13.3-1 NuScale US460 SDAA Emergency Planning COL Items COL Item No.

Description FSAR Section COL Item 9.5-1 An applicant that references the NuScale Power Plant US460 standard design will provide a description of the offsite communication system, how that system interfaces with the onsite communications system, as well as how continuous communications capability is maintained to ensure effective command and control with onsite and offsite resources during both normal and emergency situations.

9.5.2.1 COL Item 13.3-1 An applicant that references the NuScale Power Plant US460 standard design will provide a description of the Emergency Response facilities for management of overall licensee 13.3

13-20 Emergency Response. The facility will meet the requirements of 10 CFR 52.79.

COL Item 13.3-2 An applicant that references the NuScale Power Plant US460 standard design will provide a comprehensive Emergency Plan in accordance with 10 CFR 50 and 10 CFR 52.79(a)(21).

13.3 COL Item 14.3-1 An applicant that references the NuScale Power Plant US460 standard design will provide the site-specific selection methodology and inspections, tests, analyses, and acceptance criteria (ITAAC) for emergency planning.

14.3.1 Conclusion The staff concludes, on the basis of its review as described above, that the applicant has adequately addressed the EP standard design related guidance described in section 13.3.3 of this report for the NuScale US460 standard design approval. Therefore, staff finds that the NuScale US460 SDAA EP design information meets the SDA requirements of 10 CFR 52.137(a)(8) and 10 CFR 52.137(a)(11).

Operational Programs Introduction A COL applicant is required by 10 CFR 52.79 to describe operational programs, but similar requirements do not exist for SDAAs. NuScale provided a COL item describing a future COL applicants obligation to provide operational program information. The staff evaluated this section using draft Revision 4 of SRP Section 13.4, Operational Programs, issued September 2018.

Summary of Application In FSAR Section 13.4, Operational Programs, the applicant provided COL Item 13.4-1, which states that a COL applicant that references the NuScale power plant standard design approval will provide site-specific information, including an implementation schedule, for the listed operational programs.

FSAR: FSAR section 13.4 provides the applicants COL information item on operational programs.

ITAAC: No ITAAC are associated with the operational programs.

Technical Specifications: No TS are associated with the operational programs.

Technical Reports: No TRs are associated with the operational programs.

Regulatory Basis There are no regulatory requirements for operational programs for an SDAA. An SDAA is required to include a quality assurance program meeting the criteria of 10 CFR Part 50, Appendix B. SER chapter 17 describes how the applicant meets that requirement. Similarly, SER section 13.6 describes how the applicant meets the information security requirements of 10 CFR Part 73, Physical Protection of Plants and Materials.

13-21 Technical Evaluation The staff compared the list of operational programs in COL Item 13.4-1 with the recommended list in SRP section 13.4. The staff finds that the applicants list includes all of the applicable programs recommended by the SRP.

Combined License Information Items Table 13.4-1 lists a COL information item related to operational programs from FSAR table 1.8-1.

Table 13.4-1 NuScale COL Information Items Related to FSAR Section 13.4 Item No.

Description FSAR Section COL Item 13.4-1 An applicant that references the NuScale Power Plant US460 standard design will provide site-specific information, including implementation milestones, for Operational Programs:

Inservice Inspection Programs (Section 5.2, Section 5.4, and Section 6.6)

Inservice Testing Programs (Section 3.9 and Section 5.2)

Environmental Qualification Program (Section 3.11)

Preservice Inspection Program (Section 5.2 and Section 5.4)

Preservice Testing Program (Section 3.9.6 and Section 5.2)

Containment Leakage Rate Testing Program (Section 6.2)

Fire Protection Program (Section 9.5.1)

Process and Effluent Monitoring and Sampling Program (Section 11.5)

Radiation Protection Program (Section 12.5)

Non-Licensed Plant Staff Training Program (Section 13.2)

Reactor Operator Training Program (Section 13.2)

Reactor Operator Requalification Program (Section 13.2)

Emergency Planning (Section 13.3)

Process Control Program (Section 11.4)

Security (Section 13.6) 13.4

13-22 Item No.

Description FSAR Section Quality Assurance Program (Section 17.5)

Maintenance Rule (Section 17.6)

Initial Test Program (Section 14.2)

Conclusion The staff determined that the COL item listed above is acceptable because the SDAA appropriately directs the COL applicant to develop operational programs, consistent with the list provided and as applicable in SRP section 13.4, draft Revision 4.

Plant Procedures Introduction A COL holders plant procedures include (1) administrative procedures that provide for administrative control over safety-related activities for the operation of the facility, (2) operating procedures and emergency operating procedures (EOPs) used to ensure that routine operating, off-normal (i.e., abnormal), and emergency activities are conducted safely, and (3) procedures for other safety-related plant operating activities, including related maintenance activities, that the operating program or EOP program does not cover.

The staff reviewed the SDAA to evaluate the COL information items for plant procedures. The staff will review the technical content of the generic guidance used to develop plant-specific technical guidelines when a COL applicant submits a procedure generation package.

Summary of Application FSAR: Procedure development is not within the scope of the NuScale US460 SDAA. This responsibility resides with the COL applicant. FSAR Section 13.5, Plant Procedures, specifies COL information items directing the COL applicant to describe the administrative, operating, and maintenance procedures.

ITAAC: The applicant has not proposed any ITAAC related to this area of review.

Technical Specifications: There are no TS for this area of review.

Technical Reports: There are no TRs for this area of review.

Regulatory Basis SRP Section 13.5.1.1, Administrative ProceduresGeneral, and SRP Section 13.5.2.1, Operating and Emergency Operating Procedures, identify, in part, the relevant NRC regulatory requirements for plant procedures and the associated acceptance criteria.

The following regulatory requirements are applicable for plant procedures:

13-23 10 CFR 50.34(f)(2)(ii), as it pertains to the TMI-related requirement for applicants to establish a program to begin during construction and to follow into operation for assessing and improving plant emergency procedures 10 CFR 50.34(f)(3)(i), as it pertains to the TMI-related requirement to provide administrative procedures that evaluate and provide feedback on operating, design, and construction experience 10 CFR 50.40(a), as it pertains to the issuance of a COL under 10 CFR Part 52 based on considerations of whether the applicant has developed operating procedures that are sufficient to provide reasonable assurance that the nuclear power plant can be safely operated 10 CFR Part 50, Appendix B, as it pertains to the establishment of criteria for the development, approval, and control of procedures for all activities affecting quality 10 CFR 52.79(a)(27), (29)(i), and (29)(ii), as they pertain to information that must be included in the FSAR submitted as part of the application for a COL, specifically, (1) the managerial and administrative controls associated with procedures used to perform activities that affect the quality of SSCs covered under the quality assurance program, as established in 10 CFR Part 50, Appendix B, and (2) plans for the development and implementation of plant procedures used for emergency operations (other than EP) and the conduct of normal operations, including maintenance, surveillance, and periodic testing of SSCs The related acceptance criteria are as follows:

RG 1.33, Quality Assurance Program Requirements (Operation), Revision 3, issued June 2013 (ML13109A458)

Appendix A, Typical Procedures for Pressurized Water Reactors and Boiling Water Reactors, to American National Standards Institute (ANSI)/American Nuclear Society (ANS) 3.2-2012, Managerial, Administrative, and Quality Assurance Controls for Operational Phase of Nuclear Power PlantsSection III, Acceptance Criteria, of SRP Section 13.5.1.1, Revision 2, issued August 2016 SRP Section 13.5.2.1, Revision 3, issued August 2014 Section I.C.1, Guidance for the Evaluation and Development of Procedures for Transients and Accidents, of NUREG-0737 (ML051400209)

Section 7, Upgrade Emergency Operating Procedures, of Supplement 1 to NUREG-0737 (ML102560009)

NUREG-0899, Guidelines for the Preparation of Emergency Operating Procedures Resolution of Comments on NUREG-0799, issued August 1982 (ML102560007)

13-24 Technical Evaluation FSAR section 13.5 identifies procedure development as the COL applicants responsibility. This section evaluates the adequacy of the COL information items for plant procedures.

13.5.4.1 Combined License Information Items 13.5.4.1.1 Administrative Procedures SRP section 13.5.1.1 describes administrative procedures as those that provide for administrative control over safety-related activities for the operation of the facility. The staffs review of the NuScale US460 used SRP section 13.5.1.1 and focused on the evaluation of COL information items pertaining to administrative procedures. COL Item 13.5-1 in FSAR Section 13.5.1, Administrative Procedures, directs the COL applicant to describe site-specific procedures that provide administrative control for activities that are important for the safe operation of the facility consistent with the guidance in RG 1.33, Revision 3, which endorses ANSI/ANS 3.2-2012. Accordingly, the staff determined that COL Item 13.5-1 identifies information on administrative procedures that the COL applicant needs to provide.

SRP section 13.5.1.1 provides the technical rationale for applying SRP acceptance criteria to the establishment of a program for the development and implementation of administrative procedures. FSAR section 13.5.1, COL Item 13.5-2, directs the COL applicant to provide a plan for the development, implementation, and control of administrative procedures, including preliminary schedules for preparation and target completion dates. Additionally, the COL applicant will identify the group within the operating organization responsible for maintaining these procedures. The staff determined that COL Item 13.5-2 is consistent with provisions in SRP section 13.5.1.1.

13.5.4.1.2 Operating and Maintenance Procedures SRP section 13.5.2.1 states that the applicants SAR should describe the different classifications of procedures that the operators will use in the control room and locally for operations in the plant. FSAR Section 13.5.2.1, Operating and Emergency Operating Procedures, COL Item 13.5-3, directs the COL applicant to describe the site-specific procedures that operators use in the MCR and locally in the plant, including normal operating procedures, abnormal operating procedures, and EOPs. The COL applicant will also describe the classification system for these procedures and the general format and content of the different classifications. The staff determined that COL Item 13.5-3 appropriately directs the COL applicant to describe the different classifications of the site-specific procedures that licensed operators and nonlicensed operators perform.

SRP section 13.5.2.1 provides the technical rationale for applying SRP acceptance criteria to the establishment of programs for the development and implementation of operating and maintenance procedures. Thus, an applicant should consider including COL information items that direct the COL applicant to provide programs for development and implementation of the operating and maintenance procedures. FSAR Section 13.5.2, Operating and Maintenance Procedures, COL Item 13.5-4, directs a COL applicant to provide a plan for the development, implementation, and control of operating procedures, including preliminary schedules for preparation and target completion dates. Additionally, the COL applicant will identify the group within the operating organization responsible for maintaining these procedures.

13-25 COL Item 13.5-5 directs a COL applicant that references the standard design approval for NuScale US640 to provide a plan for the development, implementation, and control of EOPs, including preliminary schedules for preparation and target completion dates. Additionally, the COL applicant will identify the group within the operating organization responsible for maintaining these procedures.

For the reasons stated above, the staff concludes that COL Items 13.5-4 and 13.5-5 appropriately state that the COL applicant will provide programs for the development, implementation, and control of operating and maintenance procedures.

FSAR section 13.5.2.1, COL Item 13.5-6, directs an applicant referencing the standard design for NuScale US460 to describe site-specific maintenance and other operating procedures. It also requires COL applicants to describe how these procedures are classified, including the general format and content of the different classifications. This COL information item contains a list of the categories of procedures to be included.

COL Item 13.5-7 directs a COL applicant to provide a plan for the development, implementation, and control of maintenance and other operating procedures, including preliminary schedules for preparation and target completion dates. Additionally, the COL applicant will identify the group or groups within the operating organization that will be responsible for maintaining and following these procedures.

For the reasons stated above, the staff determined that COL Items 13.5-6 and 13.5-7 appropriately direct the COL applicant to describe the different classifications of procedures for developing maintenance and other operating procedures (i.e., procedures for activities not covered under the operating procedures or EOPs identified in section I.1 of SRP section 13.5.2.1).

Combined License Information Items Table 13.5-1 lists COL information item numbers and descriptions related to plant procedures from FSAR table 1.8-1.

Table 13.5-1 NuScale COL Information Items Related to FSAR Section 13.5 Item No.

Description FSAR Section COL Item 13.5-1:

An applicant that references the NuScale Power Plant US460 standard design will describe the site-specific procedures that provide administrative control for activities that are important for the safe operation of the facility consistent with the guidance provided in Regulatory Guide 1.33, Quality Assurance Program Requirements (Operation), Revision 3.

13.5

13-26 Item No.

Description FSAR Section COL Item 13.5-2:

An applicant that references the NuScale Power Plant US460 standard design will provide a plan for the development, implementation, and control of administrative procedures, including preliminary schedules for preparation and target dates for completion. Additionally, the applicant will identify the group within the operating organization responsible for maintaining these procedures.

13.5 COL Item 13.5-3:

An applicant that references the NuScale Power Plant US460 standard design will describe the process to manage the development, review, and approval of the site-specific procedures that operators use in the main control room and locally in the plant, including normal operating procedures, abnormal operating procedures, and emergency operating procedures. The applicant will describe the classification system for these procedures, and the general format and content of the different classifications.

13.5 COL Item 13.5-4:

An applicant that references the NuScale Power Plant US460 standard design will provide a plan for the development, implementation, and control of operating procedures, including preliminary schedules for preparation and target dates for completion. Additionally, the applicant will identify the group within the operating organization responsible for maintaining these procedures.

13.5 COL Item 13.5-5:

An applicant that references the NuScale Power Plant US460 standard design will provide a plan for the development, implementation, and control of emergency operating procedures, including preliminary schedules for preparation and target dates for completion. Additionally, the applicant will identify the group within the operating organization responsible for maintaining these procedures.

13.5 COL Item 13.5-6:

An applicant that references the NuScale Power Plant US460 standard design will describe the site-specific maintenance and other operating procedures, including how these procedures are classified, and the general format and content of the different classifications. The categories of procedures listed below will be included:

• plant radiation protection procedures

• emergency preparedness procedures

• calibration and test procedures

• chemical-radiochemical control procedures

• radioactive waste management procedures

• maintenance and modification procedures

• material control procedures

• plant security procedures 13.5

13-27 Item No.

Description FSAR Section COL Item 13.5-7:

An applicant that references the NuScale Power Plant US460 standard design will provide a plan for the development, implementation, and control of maintenance and other operating procedures, including preliminary schedules for preparation and target dates for completion. Additionally, the applicant will identify what group or groups within the operating organization have the responsibility for maintaining and following these procedures.

13.5 Conclusion The COL applicant is responsible for the development of plant procedures. In its review of the FSAR for US460, section 13.5, the staff evaluated seven COL information items. The staff determined that the seven items are sufficient to identify information the COL applicant needs to provide to address the applicable requirements for plant procedures.

The staff concludes that the COL information items specified in table 13.5-1 are sufficient to identify information that the COL applicant needs to provide to address the applicable requirements of 10 CFR 50.34, 10 CFR 50.40, Appendix B to 10 CFR Part 50, and 10 CFR 52.79.

Physical Security Introduction This chapter of the SER documents the NRC staffs review of section 13.6 of the FSAR, Revision 2. The FSAR and the referenced Technical Report (TR) 118318, NuScale Design of Physical Security Systems, Revision 1, dated August 2023, describe the physical security systems, hardware, and features (PSS) that are within the scope of the standard design approval. The PSS is relied on to implement security response functions (i.e., detection, assessment, communications, security responsedelays, interdictions, and neutralization).

Specifically, the SDAA provides the design descriptions for engineered PSS and credited design features (e.g., structural walls, floors, ceilings, and configurations of the nuclear island and structures), descriptions of intended security functions and performance requirements, design bases for the detailed design, and supporting technical bases that a COL applicant will incorporate by reference as part of its design and licensing bases to meet 10 CFR Part 73.

The COL applicant that references the standard design will address the PSS designs that are not included in the scope of the standard design approval. FSAR Section 13.6.1, Physical Security, includes COL Items 13.6-1 through 13.6-3, which address the establishment of a physical security program for operations and site-specific PSS designs. These COL items direct an applicant that references the standard design to establish operational programs and to provide security plans, address requirements involving the central alarm station (CAS) consistent with TR-118318 and provide a secondary alarm station that is equal and redundant to the CAS. COL Items 13.6-4 and 13.6-5 direct a COL applicant to develop an access authorization program and a cybersecurity program, respectively. Where practical, the programs may be implemented in phases, and the COL applicant is to include the phased implementation milestones. This section also notes that ITAAC for site-specific SSCs are described in FSAR Section 14.3, Inspections, Tests, Analyses, and Acceptance Criteria. Specifically, COL

13-28 Item 14.3-2, located in FSAR section 14.3, directs an applicant that references the standard design to provide ITAAC for site-specific SSCs.

Summary of Application The FSAR sections cited below, and the referenced TR, contain the applicants descriptions of the PSS and physical security ITAAC (SDAA Part 8) for the standard design approval and describe how they meet regulatory requirements.

FSAR: FSAR Section 1.2, General Plant Description, through Section 1.9, Conformance with Regulatory Criteria, describe the scope of the standard design approval. FSAR Section 1.8, Interfaces with Standard Design, addresses the interface requirements between the standard design approval and the site-specific design. FSAR Figure 1.2-1, Conceptual Site Layout, depicts the general boundaries of structures or components between the standard design and site-specific design. FSAR Section 1.8.1, Combined License Information Items, identifies information that must be provided to license and operate a site-specific NuScale power plant but is not included in the standard design. FSAR table 1.8-1 lists the descriptions of COL information items that are to be addressed by the COL applicant. COL Items 13.6-1 through 13.6-5 address physical security.

FSAR section 13.6 provides design descriptions of the PSS. TR-118318, which is incorporated by reference, describes the design of the PSS within the nuclear island and structures.

The applicant describes conformance with the NRC RGs in FSAR section 1.9. Tables 1.9-1 through 1.9-4 identify conformance to RGs, standard review plans, design-specific review standards, and interim staff guidance. FSAR Table 1.9-2, Conformance with Regulatory Guides, identifies the applicants conformance or partial conformance with Division 5, Materials and Plant Protection, RGs that apply to security and lists guidance that includes RG 5.7, Entry/Exit Control for Protected Areas, Vital Areas, and Material Access Areas, and RG 5.79, Protection of Safeguards Information, for elements of the site-specific PSS design details that the COL applicant will address and that do not apply to the standard design. FSAR table 1.9-3 specifically describes the applicability of standard review plans to the applicants standard design approval.

SDAA Part 8: SDAA Part 8, Section 3.0, Shared Structures, Systems, and Components and Non-Structures, Systems, and Components Based Inspections, Tests, Analyses, and Acceptance Criteria (ITAAC) Design Descriptions and ITAAC, includes design descriptions and ITAAC for portions of the plant that are common or shared by multiple modules in the standard design approval. SDAA Part 8, Section 3.16.1, Physical Security System, describes the standard design commitments for PSS that facilitate the implementation of a physical protection program to protect against potential acts of radiological sabotage. SDAA Part 8, Table 3.16-1, Physical Security System Inspections, Tests, Analyses, and Acceptance Criteria (ITAAC 03.16.xx), establishes design commitments and ITAAC to verify PSS that are within the scope of the standard design approval. The staff has documented its review of these ITAAC in chapter 14 of this SER.

Technical Specifications: There are no TS established for PSS or operations.

Technical Reports: By letter dated November 23, 2022, the applicant submitted to the NRC, TR-118318, Revision 0, which describes the security considerations in the standard design approval. By letter dated August 28, 2023, the applicant submitted to the NRC, TR-118318,

13-29 Revision 1. This TR describes the design bases for the PSS designs, including plant layout and building configurations, results of evaluations, and identified vital equipment and areas for the standard design approval. The scope of the PSS described in the SDAA is limited to the PSS related to the nuclear island and structures that are within the scope of the standard design approval. TR-118318 contains safeguards information (SGI), security-related information, and proprietary information; therefore, it is protected in accordance with 10 CFR 73.21, Protection of Safeguards Information: Performance requirements, and 10 CFR 2.390, Public inspections, exemptions, requests for withholding.

Section 4.1, Design Element No. 1, through Section 4.24, Design Element No. 24, of TR-118318 provide design descriptions and system performance information that support the SDAA Part 8 physical security ITAAC. The descriptions correlate to each of the physical security hardware ITAAC in SRP Section 14.3.12, Physical Security HardwareInspections, Tests, Analyses, and Acceptance Criteria; FSAR section 14.2, Initial Plant Test Program; and SDAA Part 8, section 3.16.

TR-118318 identifies PSS that are not within the scope of the standard design approval (e.g., the protected area (PA) barrier systems, unattended openings, isolation zones, vehicle barrier systems (VBSs), PA security lighting, perimeter defensive fighting positions, personnel and vehicle access control portals, PA penetrations). COL Item 13.6-1 directs the applicant to describe site-specific PSS designs (i.e., outside of the scope of the standard design approval) and security plans that indicate how engineered and administrative controls, management systems, and organization will meet the requirements of 10 CFR Part 73 that apply to an operating nuclear power reactor.

Regulatory Basis The provisions of 52.139, Standards for review of applications, requires applications filed under this subpart will be reviewed for compliance with the standards set out in 10 CFR Part 73.

The security regulations in 10 CFR Part 73 include performance and prescriptive requirements that, when adequately met and implemented, provide protection against acts of radiological sabotage, prevent the theft or diversion of special nuclear material, and protect SGI.

Under 10 CFR 73.55(b), the NRC requires the COL applicant to describe a physical protection system and security organization the objective of which will be to provide high assurance1 that activities involving special nuclear material are not inimical to the common defense and security and do not constitute an unreasonable risk to public health and safety. Physical protection systems and features are relied on to implement security response functions (i.e., detection, assessment, communications, security responsedelays, interdictions, and neutralization).

1 The general performance objective of 10 CFR 73.55(b)(1) is to provide high assurance that activities involving special nuclear material are not inimical to the common defense and security and do not constitute an unreasonable risk to the public health and safety. In SRM-SECY-16-0073, Staff Requirements SECY-16-0073Options and Recommendations for the Force-on-Force Inspection Program in Response to SRM-SECY-14-0088, dated October 5, 2016, the Commission stated that the concept of high assurance of adequate protection found in our security regulations is equivalent to reasonable assurance when it comes to determining what level of regulation is appropriate. Throughout this publication, the term high assurance is used in alignment with Commission policy statements that high assurance is equivalent to reasonable assurance of adequate protection.

13-30 The regulations in 10 CFR 73.55(b)(2) establish the performance requirements to protect a nuclear power plant against the design-basis threat (DBT) of radiological sabotage as described in 10 CFR 73.1(a)(1). The COL applicant must describe how it will meet regulatory requirements, including achieving the objective to protect against the DBT of radiological sabotage. The provisions in 10 CFR 73.54, Protection of digital computer and communication systems and networks; 10 CFR 73.55, Requirements for physical protection of licensed activities in nuclear power reactors against radiological sabotage; 10 CFR 73.56, Personnel access authorization requirements for nuclear power plants; 10 CFR 73.58, Safety/security interface requirements for nuclear power reactors; and Appendix B, General Criteria for Security Personnel, and Appendix C, Licensee Safeguards Contingency Plans, to 10 CFR Part 73 establish performance and prescriptive requirements that apply to PSS designs, operational security, management processes, and programs.

The applicable requirements for a standard design are limited to PSS within the scope of the standard design approval. According to 10 CFR 52.79, the COL applicant addresses the operational or administrative controls, programs, procedures, and processes (e.g., management systems or controls), but these areas are not in the review scope of the standard design approval application.

An applicant may apply the latest revision of the following regulatory guidance documents and accepted industry codes, standards, or guidance to meet regulatory requirements:

The SRP, particularly Section 13.6.2, Physical SecurityReview of Physical Security System DesignsStandard Design Certification and Operating Reactor Licensing Applications, Revision 2, issued June 2015, and section 14.3.12, Revision 1, issued May 2010.

The NRC guidance, approaches, and examples described above and in other guidance for methods of compliance are not regulatory requirements and are not intended to be all-inclusive.

The COL applicant may use methods or approaches for meeting NRC regulations other than those discussed in agency guidance if such measures satisfy the applicable NRC regulatory requirements.

Technical Evaluation The staff reviewed the design descriptions of the PSS within the scope of the standard design approval to determine whether they satisfy the requirements of 10 CFR Part 73. The staffs review consisted of determining whether the applicant provided adequate and reasonable descriptions of the design and technical bases and how the proposed design will achieve the intended security functions. The staffs review does not include the security programs or integrations of engineered systems with administrative controls and management measures and organization to determine whether they would provide reasonable assurance of adequate protection and a finding of an adequate physical security program, as specified in 10 CFR 73.55(a) through 10 CFR 73.55(r) for a COL applicant. The NRC staff reviewed the identified COL information items to determine specific actions required for the design of the site-specific PSS and the establishment of security programs that COL applicants referencing the standard design will address.

The staffs review was limited to the adequacy of the design and bases for the PSS that is relied on to implement security response functions (i.e., detection, assessment, communications, security responsedelays, interdictions, and neutralization). The COL applicant must

13-31 demonstrate reasonable assurance of adequate protection against the DBT of radiological sabotage and compliance with the programmatic requirements of 10 CFR Part 73, including administrative controls such as people and procedures.

The staffs review included TR-118318, Revision 1, submitted by letter to the NRC on August 28, 2023, and incorporated by reference in FSAR section 13.6.

13.6.4.1 Design Considerations for Physical Security In FSAR section 13.6 and TR-118318, the applicant described how the PSS is designed to protect against potential acts of radiological sabotage.

TR-118318 descriptions of the PSS design conform to SRP section 13.6.2, Revision 2, which was in effect when the SDAA was docketed. Conforming to guidance, the applicants design descriptions address design elements identified in SRP section 13.6.2, Table 13.6.2.1, Design of Physical Security Systems within the Nuclear Island and Structures. The applicant also considered additional PSSs identified in SRP Table 13.6.2.2, Designs of Physical Security Systems for Plant Area Beyond the Nuclear Island and Structures, which may be included within the scope of the standard design approval or reserved for a COL applicant that references the standard design. Section 7, Figures, of TR-118318 provides the plant layout diagram that identifies SSCs and design configurations of the PSS that are within the scope of the standard design approval.

TR-118318 states that the nuclear island and structures physical security design provides features to detect, assess, impede, and delay threats up to and including the design basis threat [of] radiological sabotage in compliance with the requirements of 10 CFR 73.55, Requirements for Physical Protection of Licensed Activities in Nuclear Power Reactors against Radiological Sabotage.

TR-118318 supplements the information in FSAR Chapter 13 with design and related information, results of evaluations or analyses, and design and performance requirements. The applicants descriptions of security design elements and concepts (e.g., engineered systems, technologies, and equipment) address the following for the nuclear island and structures within the scope of the standard design approval:

the design of the PSS for interior detection, assessment, access control, and security response physical barriers (e.g., control (or denial) of access, interior security response, deterrence, and delay, securing and monitoring of openings, bullet-resistance, protection of vital equipment) vital equipment, vital areas, and intrusion detection and control of access systems minimum safe standoff distances (MSSDs) interior detection and assessment systems central (security) alarm station illuminations

13-32 communications The staff found the following:

Consistent with SRP Section 13.6.2, the applicant adequately considered physical security in the standard design by including design information on PSS within the nuclear island and structures to address security functions that meet the applicable requirements of 10 CFR 73.55. A detailed explanation of how the PSS specifically meet the applicable requirements is given below in Sections 13.6.4.2-13.6.4.4.

TR-118318, Table 5-1, Applicant Responsibilities, states the following:

[The] applicant addresses design elements involving site-specific conditions unable to be addressed in the standard design approval (e.g., programs, personnel, plans, and procedures) and design element details exempted in accordance with Criterion 3(a) or 3(b) [described in SRP section 13.6.2]. An applicant that references the standard design is responsible for the items listed in Table 5-1.

The items identify information that the COL applicant provides to satisfy COL Items 13.6-1 and 13.6-3. COL Item 13.6-2 states that the COL applicant will be responsible for the requirements in table 5-1 of TR-118318. Table 5-1 includes the COL applicants responsibilities for providing design details that address PSSs outside the scope of the standard design approval and program descriptions and security plans in accordance with the requirements in 10 CFR Part 73. A COL application that addresses COL Items 13.6-1 and 13.6-3 would include site-specific PSS design details such as the following:

location and design details for the secondary alarm station physical security barriers outside the nuclear island and structures isolation zones, PA, and associated intrusion assessment systems VBS exterior personnel, vehicle, and material access control portals main security building secondary power supply for the communication system secondary security power system bounding MSSD, alarm station survivability, and protection against vehicle bombs alarm station functions and redundant capabilities detection and assessment functions illumination of isolation zone and PA secondary alarm station communications uninterruptible power system and inline generators or other sources of backup power The staff finds that the applicant adequately established the COL applicants responsibilities for providing the design of PSSs that are not located within or integral to the construction of the nuclear island and structures and providing security programs that are outside of the scope of the standard design approval.

13-33 13.6.4.2 Security Evaluations and Analyses Vital Equipment Identification Process TR-118318, Section 4.8, Design Element No. 8, lists vital equipment for the standard design approval.

The applicant evaluated reactor design and safety analysis information in the SDAA and supporting analyses and documentation that served as the source for the vital equipment identification process. The applicant indicated that it based its identification of vital equipment on the definition of vital equipment in 10 CFR 73.2, Definitions. In TR-118318, section 4.8, the applicant stated the following about identifying vital equipment:

An interdisciplinary design team evaluated SSC for vital equipment designation.

The team included members of NuScale s Physical Security, Plant Operations, Electrical Engineering, Instrumentation and Controls Engineering, Civil/Structural Engineering, Nuclear Safety Engineering, and Probabilistic Risk Assessment Engineering. Using the 10 CFR 73.2 definition for vital equipment, the team evaluated systems and components for potential inclusion as vital equipment.

The applicant applied the definition of vital equipment in 10 CFR 73.2, which states that vital equipment means any equipment, systems, devices, or material, that failure, destruction, or release of which could directly or indirectly endanger the public health and safety by exposure to radiation. Equipment or systems which would be required to function to protect public health and safety following such a failure, destruction, or release are considered to be vital.

The staff finds the following:

The applicant considered information from the design and safety analyses to identify vital equipment and determined that the applicant established a reasonable process and criteria to identify vital equipment for the standard design approval using the definition of vital equipment in 10 CFR 73.2.

Vital Equipment List The details of the SSCs (e.g., frontline systems and supporting systems) that make up the vital equipment for the standard design approval are identified as SGI; therefore, they are protected in accordance with 10 CFR 73.21 and withheld from the public in accordance with provisions of 10 CFR 2.390. In its review of the applicants vital equipment list, the staff did not identify cases in which the applicant excluded frontline systems or functions or primary supporting systems that meet the definition of vital equipment.

The staff finds the following:

The applicant identified and provided a sufficiently complete and accurate list of vital equipment for the standard design approval based on the definition of vital equipment in 10 CFR 73.2.

13-34 Vital Areas The requirements in 10 CFR 73.55(e)(9)(i) state the following:

Vital equipment must be located only within vital areas, which must be located within a protected area so that access to vital equipment requires passage through at least two physical barriers, except as otherwise approved by the Commission and identified in the security plans.

The applicant established vital areas within the scope of the standard design approval based on the safety-related systems and components identified on the vital equipment list and other areas required by 10 CFR 73.55(e)(9) to be designated as vital (the MCR, CAS, spent fuel pool (SFP),

and secondary power supply). TR-118318, Section 4.10, Design Element No. 10, addresses the specific areas that are designated vital, which are documented in TR-118318, section 7.

The applicant identified the vital areas that consist of the nuclear island and structures. Given the diverse locations of equipment considered vital, the applicant established certain building perimeters that enclose the vital equipment as boundaries of the vital areas. The applicant indicated that the designs and configurations of vital areas restrict access and limit access pathways, which facilitates the implementation of security for unauthorized access. TR-118318, section 7 (figures 1-10), shows the specific boundaries of a structure that form the vital areas within the nuclear island and structures. The figures also show the exterior boundaries of the plant structures that form vital areas. The detailed boundaries of the vital areas are identified as SGI and are protected in accordance with 10 CFR 73.21. The figures in TR-118318, section 7, also show the specific boundaries of the SFP that form the vital area.

TR-118318, Section 4, Design Element Responses, describes the designs of the PSS for the vital area portal detection system, interior assessment and monitoring, the vital area access control system, and the alarm system associated with the protection of the vital areas.

Specifically, TR-118318, section 4.1; Section 4.2, Design Element No. 2; and Section 4.9, Design Element No. 9, describe the design requirements for systems and components that provide access control, locking, and intrusion detection; assessment; communications; and emergency egress for the vital areas. The design descriptions include the system interfaces with security alarm stations necessary for the redundant intrusion detection alarm indications and assessment of alarms and physical barriers to address unauthorized access. TR-118318, Section 4.6, Design Element No. 6, addresses the design of security systems for securing, monitoring, detecting intrusion, and controlling access of vital area barrier system openings.

TR-118318, Section 4.16, Design Element No. 16, describes the design of system logic sequences for initiating alarm conditions and the supervision and monitoring of alarm signal integrity and system normal and trouble conditions, such as tampering, loss of or degraded signals, or a short in the system signal circuits for detecting the loss of system functions or abnormal system functions.

TR-118318, section 4.1, establishes design requirements for interfaces between the access control system and locking devices in the event of a loss of both primary and secondary power and identifies the design requirements for protecting control and power wiring against physical tampering. TR-118318, section 7, Figure 38, Security Power One Line Diagram, and Figure 39, Simplified Security System Interconnection Diagram, show the configurations for the design of the primary and secondary power supply for performing security functions, vital entry controls, and alarms with intrusion detection systems that annunciate at alarm stations to

13-35 comply with regulatory requirements. The vital area physical boundaries are spatially separated from the PA boundary. TR-118318, section 7, provides the vital area boundaries.

The staff finds the following:

The applicant identified and designated vital areas to include vital equipment listed in TR-118318, Section 4.8, Design Element No. 8, and established that no vital equipment within the scope of the standard design approval is located outside of areas designated as vital.

The applicant adequately described the design bases for physical barriers for the nuclear island and structures that have been designated as vital areas to address one of two barriers in accordance with 10 CFR 73.55(e)(9)(i). The other barrier is the PA barrier, which is not within the scope of the standard design approval and would be addressed by a COL applicant referencing the standard design approval.

The applicant adequately described the design of physical barriers to control access to the vital areas within the scope of the standard design approval and satisfied the requirements of 10 CFR 73.55(e)(1). The design provided the control and delay of access necessary to facilitate the implementation of security responses.

The applicant adequately addressed the requirements of 10 CFR 73.55(e)(9)(v) by designating the MCR, CAS, SFP, and secondary power supply as vital areas.

The COL applicant that references the standard design is responsible for location and design details for the secondary alarm station that is equal and redundant to the CAS.

Security Computer Design Requirements TR-118318 provides system functional diagrams showing the design interfaces of security computer systems with subsystems for performing redundant intrusion detection and assessment, access controls, and the interfaces between alarm stations. TR-118318, section 7, figure 39, shows the design diagram addressing the capabilities of the systems for data communication and interfaces with subsystems and components.

The security computer systems support the plant security functions by continuous access control, monitoring of doors, and the prompt reporting and permanent recording of all alarm points and system conditions (e.g., intrusions, tampers, and trouble conditions). The security computers are located within vital areas, and access is controlled. TR-118318, section 7, figure 39, shows the redundant security computers, which are spatially separated and independently powered by diverse security power subsystems; each one is independently capable of providing the required security functions. The security computer systems network is isolated and does not connect to any other plant system, computer, or data network. The CAS workstation and monitors are used to display the area of the originating alarm.

The security computer systems will be capable of data communications using the dedicated network. The computers, graphic displays, closed-circuit television system (CCTV) servers, and digital video recording systems are connected to the network. The network configuration allows communication between devices to provide information to the alarm station operators.

TR-118318, section 7, figure 39, shows the functional diagram for the design of the security computer systems network. The figure shows how the network will be configured and how the

13-36 backbone and infrastructure will accommodate the security devices. The remote field devices, such as intrusion detectors, CCTV, door card readers, and security alarming devices, are connected to the network and will be supplied by the COL applicant to complete the total integrated security systems. The security circuits are supervised and tamper-indicating for indication of system conditions and operability.

The computer systems are also designed such that an alarm station operator cannot change the status of a detection point or deactivate a locking control device at a PA or vital area portal without the knowledge and concurrence of the alarm station operator in the other alarm station.

All wiring that connects the computer systems with remote access control components (e.g., card readers, controllers) and with other security subsystems (e.g., perimeter intrusion detection) is configured as electronically supervised circuits. The primary and secondary cables between the alarm stations and controllers are separated to prevent simultaneous damage caused by a sabotage attempt or any unintended actions.

The security computer systems also interface with the CCTV. The functions of the CCTV system include operating cameras that provide visual monitoring of the area with an alarm if the intrusion detection system actuates and allow assessment of the area with an alarm.

A computer-based automatic access control system controls personnel access for the standard design approval. The computer for the access control system will also interface with security subsystems, such as intrusion detection and CCTV images. The access control system permits entry only to those persons authorized to enter specific areas at the access point into the PA, buildings, and vital areas. Access point activities (including open or close door status, alarm indications, and attempts at unauthorized entry) are recorded. For continuity of access control functions, the system provides for automatic switchover to an uninterrupted power supply and secondary power if primary power is interrupted.

In TR-118318, section 4.1.2, the applicant indicated that the COL applicant is responsible for providing vendor-specific design descriptions for the assessment system.

The COL applicant that references the standard design must establish and describe how it will meet the requirements of 10 CFR 73.54. RG 5.71, Cyber Security Programs for Nuclear Facilities, and Nuclear Energy Institute (NEI) report NEI 08-09, Revision 6, Cyber Security Plan for Nuclear Power Reactors, dated April 2010, provide acceptable methods and approaches for developing and establishing a cybersecurity program and submitting a cybersecurity plan to satisfy the requirement of 10 CFR 52.79(a)(36)(iii). COL Item 13.6-5 and TR-118318, Table 5-1, address the need for this information.

The staff finds the following:

The applicant adequately described the design of independent and redundant security computer systems and interfaces that support redundancy for the alarm station security functions of intrusion detection, assessment, and access control.

The COL applicant that references the standard design is responsible for meeting the requirements of 10 CFR 73.54 for a cybersecurity program that protects digital computers and communication systems and networks.

The determination and finding on whether the applicant has met the requirements of 10 CFR 73.54 for a cybersecurity program are beyond the scope of the standard design

13-37 approval. The staff will evaluate compliance with the regulatory requirements for an adequate cybersecurity program as part of the review of a COL or an operating license application.

13.6.4.3 Design for Physical Barriers Vital Area and Security Delay Barriers Figure 1.2-1 in FSAR Section 1.2.1, Principal Site Characteristics, shows the separation from a PA boundary that a COL applicant will establish to comply with the requirements of 10 CFR 73.55(e)(8). The physical barriers for the PA perimeter and the vital area barriers and access controls delay an unauthorized persons access to a vital area and allow security responders to interdict the unauthorized person before they can reach a vital area boundary and delay their access into a vital area.

The applicant described the design of the PSS that protects the access to vital areas.

Specifically, TR-118318 describes the design requirements for the protection of unoccupied vital areas, establishment of vital area physical barriers and separation from the PA, protection of penetrations through vital area physical barriers, minimization of entry points, hardening of vital area portal egress, control of access to vital areas, and detection and assessment of unauthorized access or intrusion for security response.

Section 3, Security by Design, of TR-118318 describes the design and construction of vital area barriers, the vital area access control system, and alarm station design (bullet-resistant).

The configurations of vital area boundaries are described in sections 4.2, 4.3, 4.6, 4.7, 4.14, and 7 (figures 1-10) of the TR. Sections 4.1-4.4, 4.7, 4.9, and 7 (Figure 37, Figure 37 Central Alarm Station Layout) describe the minimum construction design requirements for walls, floors, and ceilings to establish physical barriers that enclose the designated vital areas, the MCR, and the CAS to satisfy bullet-resisting requirements. TR-118318, section 4.10, describes the identification of the walls, floor, and roof that form the boundaries enclosing the SFP, which is designated as vital in accordance with 10 CFR 73.55(e)(9)(v) and (9)(vi).

In TR-118318, Section 3, item 16, the applicant described physical barriers within the reactor building to delay the DBT adversary. The applicant identified preliminary locations for such barriers in TR-118318, Section 4.4, Design Element No. 4, and Section 7 (Figure 40, HVAC Barrier Simplified Drawing, and Figure 41, Mall Gate Simplified Drawing), based on recommended typical design of physical barriers. The applicant indicated that final delay credited for physical barriers, including access and exit barriers, will be the COL applicants responsibility. The COL applicants protective strategy must account for site-specific conditions, in accordance with 10 CFR 73.55(b)(4), for the design of a physical protection system that protects against the DBT of radiological sabotage.

TR-118318, Section 4.7, Design Element No. 7, describes the minimum design requirements of the walls, floor, and ceiling needed to meet the function of bullet-resisting barriers. The design descriptions include the requirement for doors to meet Underwriters Laboratories (UL) 752, Standard for Bullet-Resisting Equipment, which is an acceptable standard for meeting NRC requirements as discussed in SRP section 13.6.2. The design requirements include the protection of openings, such as for HVAC, that penetrate the vital area barriers. TR-118318, section 7 (figures 37 and 39), describe the barriers for protecting the CAS and typical protection for HVAC penetrations through the vital area barriers. The design for HVAC penetration openings requires the installation of barriers that allow airflow but do not allow the passage of a

13-38 person. The physical barriers installed for HVAC penetrations are to restrict access and provide a security delay against forced entry.

TR-118318, sections 3.0, 4.2-4.6, 4.8, 4.9, 4.13, 4.14, 4.19, and 4.21, provide additional design descriptions for the protection of penetrations through the vital area physical barriers.

Engineered systems or features that provide delay, denial, control, detection, and monitoring functions for unauthorized access must protect all openings that exceed a standard opening that is too small for the passage of an individual. TR-118318, section 7, shows the typical configuration of a vital area door with locking and alarming capabilities and the locations for installations of bullet-resistant doors (Figures 20, Figure 20 Control Building Security Equipment 100-0, 21, Figure 21 Control Building Security Equipment 125-0, and 37). The penetrations of HVAC ducts, cable trays, ventilation fans, and other such features are protected to ensure that the integrity of the vital area barrier is not decreased and that the penetrations do not allow for the passage of a person. TR-118318, section 7 (figure 39), shows the design configurations of vital area access controls, locks, and alarms for PSSs that are included in the standard design approval.

The applicant indicated that barriers to protect penetrations through the vital area barriers will provide for a delay like that afforded by the adjacent portion of the vital area barriers or will otherwise provide the delay needed, and these barriers will comply with the regulatory requirements for a security barrier in 10 CFR 73.2. The security design features include hardened doors that delay forced entry and resist mechanical and explosive breaching to allow for security responses. TR-118318, section 7 (figures 4-7, 10, 14-17, 20-21), shows locations and doors that will be designed to delay unauthorized entries into designated vital areas and to control access to vital equipment.

TR-118318, sections 4.6, 4.7, and 4.9, describe the design and construction requirements for delay to forced entry and locking mechanisms to secure vital area portals for ingress and egress. The design includes locking devices that allow for rapid egress during an emergency.

UL-listed exit devices or panic and locking hardware account for normal and emergency operations and functions in the event of a loss of power.

The system functional diagrams in TR-118318, section 7 (figure 39), show the design for the access control system, door control, intrusion detection components, and network management systems for vital areas. The design provides redundant systems for access control functions at alarm stations. Similarly, the design details of the intrusion detection and assessment systems show and establish the designed redundancy and separation of systems that provide intrusion detection and assessment functions.

The staff finds the following:

The applicant adequately described the design bases for the physical barriers of the nuclear island and structures that are within the scope of the standard design approval to meet 10 CFR 73.55(e).

A COL applicant that references the standard design will analyze site-specific conditions and describe the integration and design of additional physical barriers for meeting the requirements of 10 CFR 73.55(e), including sufficient delay to support the required security response time.

13-39 The applicant adequately addressed the requirements of 10 CFR 73.55(e)(9)(ii) by providing a standard design that protects all vital area access points and vital area emergency exits with intrusion detection equipment and locking devices that satisfy the vital area entry control requirements and meet the requirement in 10 CFR 73.55(e)(9)(iii) that unoccupied vital areas must be locked and alarmed.

The applicant adequately described the design and performance requirements of the PSS for access control. Specifically, the applicants design addresses the requirements of 10 CFR 73.55(g) as they pertain to access to the nuclear island and structures of the standard design approval. The PSS design includes access control systems that meet the requirements of 10 CFR 73.55(g)(1)(i)(A) and (i)(B) at the vital area boundaries for the control of personnel, protection of openings with physical barriers with locking devices to delay access, inclusion of intrusion detection systems to detect unauthorized access, and provision of equipment to assess physical conditions of designated vital areas.

The applicant adequately met the prescriptive requirements in the 10 CFR 73.2 definition for physical barrier by providing the design of PSS or by crediting building structural systems that satisfy the requirement for using brick, cinder block, concrete, steel, or comparable material for the construction of walls, ceilings, and floors. The openings in such structures are secured by grates, doors, or covers of construction and fastening with sufficient strength such that any opening will not lessen the integrity of the structures.

The staff determined that the 10 CFR 73.2 prescriptive requirements for physical barriers related to site specific designs for fence construction do not apply to the physical barrier systems described for the nuclear island and structures within the scope of the standard design approval because it is not part of the nuclear island.

The COL applicant will address and satisfy the requirements for site-specific physical barriers.

Bullet-Resistant Barriers In TR-118318, the applicant described the minimum construction standards for the walls, floors, and ceilings of the MCR and CAS and the exterior and interior boundaries of buildings that have been designated as physical barriers that enclose vital areas. The applicant included design information for protecting openings and penetrations through vital area barriers, as previously discussed in this SER.

The structural design for walls, floors, and ceilings consists of varying thicknesses of reinforced concrete that exceed the minimum thickness required for structures, walls, and locations of doors needed to meet bullet-resistance requirements. The walls, floors, and ceilings of the CAS are of a thickness beyond that chosen as a baseline minimum required for resisting bullets.

The building that houses the CAS is designated as a vital area and will be constructed and installed with access controls and protection of openings and penetrations to meet vital area and bullet-resistance requirements. The areas that contain the alarm station will also be designated as vital areas and will meet the appropriate vital area requirements. The applicant indicated that the design of the last access control location is outside the scope of the standard

13-40 design approval and will be specified by the COL applicant. The COL applicant will include the construction requirements for bullet-resistant physical barriers.

The applicant indicated that the MCR and CAS walls, floors, ceilings, doors, and windows are designed and will be constructed to meet a minimum bullet-resistance. The applicant indicated that the walls, floors, and ceilings of the MCR have a minimum thickness of reinforced concrete that is credited to meet the physical protection requirement for a bullet-resistant barrier. The thickness of concrete exceeds the bullet-resistance requirements of the Underwriters Laboratories (UL) 752 standard, as described in SRP Section 13.6.2. Any doors on the MCR boundary will be bullet-resisting to the minimum of the UL 752 standard. The windows on doors that lead into the MCR will be bullet resistant.

The staff finds the following:

The applicant adequately described the design for the MCR and CAS to meet the requirements of 10 CFR 73.55(e)(5). The design provides protection for the MCR and CAS with a bullet-resistant enclosure by crediting structural elements of the standard design approval and providing hardened doors and engineered barriers for protecting openings and penetrations of the bullet-resistant enclosure.

The design of the last access control to the PA is outside the scope of the standard design approval.

Vital Area Doors TR-118318, section 7 (figures 11-17, 20, 21, 23, 24), establishes door schedules for the design and locations of doors with card reader access, lock, and alarm. The figures in TR-118318, section 7, show the typical vital area access control doors and the design configuration for the installation of intrusion detection, access control, locking, and other design features for securing vital areas. To provide delay and access control, exterior doors have a delay capability equivalent to the delay capability credited for the structure walls. The remaining exterior doors are hardened to provide resistance to penetrations with delay control as stated in TR-118318.

The design descriptions in TR-118318, section 4.9, address requirements to provide exit devices on vital area egress doors that require emergency egress capability. Utility penetrations, such as HVAC ducts and other piping, will be equipped with barriers hardened with construction material that delays unauthorized access. Section 7 (figures 25-36 and 40) depicts HVAC barriers.

The staff finds the following:

The applicants description of the design bases for physical barriers, as detailed in TR-118318, adequately addresses the requirements of 10 CFR 73.55(e)(4) by providing the design of physical barrier systems that secure openings or penetrations into the structural boundaries of the nuclear island and structures.

Vehicle Barrier System The COL applicant will address the construction and installation of the VBS. However, in TR-118318, Section 4.11, Design Element No. 11, the applicant established and showed the bounding MSSD for protecting the nuclear island and structures, including the CAS, from the

13-41 maximum DBT vehicle-borne explosive. Table 4-1, Minimum Standoff Distances, in TR-118318 shows the required MSSDs for the construction and installation of a continuous VBS, along with results for the required minimum standard of distance for the CAS and the protection of physical security SSCs and personnel that must be met for a bounding MSSD.

TR-118318, section 4.11, indicates that the VBS must be located at least the bounding MSSD from the nearest external surface of any vital areas. The distance required is based on methods or approaches referenced in NUREG/CR-6190, Protection against Malevolent Use of Vehicles at Nuclear Power Plants, dated March 17, 2004. The applicant applied Department of Defense methods and guidance for predicting blast effects and structural responses to assess and evaluate the various distances that would be safe for SSCs for the safety of nuclear plant operations and personnel. They included UFC 3-340-02, Structures to Resist the Effect of Accidental Explosion, dated 2008, and U.S. Army Corps of Engineers Protective Design Center TR-06-08, Single Degree Freedom Structural Response Limits for Antiterrorism Design, dated 2008.

TR-118318, section 4.11, provided required MSSDs for the structures within the scope of the standard design approval. Item 25 in table 5-1 of TR-118318 clarifies that it is a COL applicants responsibility to verify that the door is designed appropriately.

In TR-118318, table 4-1, the applicant provided the minimum standoff distances analyzed for the reactor building to protect against the DBT vehicle-borne explosive. The applicants analysis did not include the determination of minimum standoff distances for the secondary alarm station, personnel in open or in nonhardened enclosures, and blast-and bullet-resistant enclosures, which are not included in the scope of the standard design approval.

In TR-118318, Section 6, References, the applicant identified engineering calculations, analyses, assessments, or other references that provide the design and technical basis for the summary descriptions of designs, design bases, results, and conclusions.

The staff finds the following:

The applicant adequately assessed and documented the required MSSDs for the nuclear island and structures based on a maximum quantity of explosives associated with the adversarial characteristics of the DBT.

The applicant adequately established the design basis for a location of the VBS that would be sufficient to protect safety-related SSCs or loss of SFP cooling against the DBT vehicle-borne explosive threats.

13.6.4.4 Design Features Facilitating Security Response The applicant did not include the design of PSS that facilitate security, such as hardened defensive fighting positions, in the scope of the standard design approval. Other than the PSS described above, the design of the fighting positions (e.g., locations, blast and bullet-resistance, firing ports, material construction, fully or partially enclosed fighting positions to protect security personnel from attack, blast protection, environmental controls and protection, lighting, communications) and other features (e.g., delay, protection against hand-thrown explosives) for security responses to interdict or neutralize the DBT must be provided by the COL applicant.

13-42 Combined License Information Items The staff reviewed the applicants descriptions of COL information items that a COL applicant is directed to address if referencing the NuScale US460 standard design. The applicant provided COL information items related to Section 13.6 in FSAR Table 1.8-1, Combined License Information Items.

Table 13.6-1 NuScale COL Information Items Related to Section 13.6 Item No.

Description FSAR Section COL Item 13.4-1 An applicant that references the NuScale Power Plant US460 standard design will provide site-specific information, including implementation milestones, for Operational Programs:

Security (refer to Section 13.6) 13.4 COL Item 13.5-6 An applicant that references the NuScale Power Plant US460 standard design will describe the process to manage the development, review, and approval of the site-specific procedures that operators use in the main control room and locally in the plant, including normal operating procedures, abnormal operating procedures, and emergency operating procedures. The applicant will describe the classification system for these procedures, and the general format and content of the different classifications. The categories of procedures listed below will be included: [] plant security procedures.

13.5 COL Item 13.6-1 An applicant that references the NuScale Power Plant US460 standard design will provide the following: Security Plans (Physical Security, Security Training and Qualification, and Safeguards Contingency Plans); proposed site security provisions to be implemented during construction and as modules are completed and become operational; and elements of the physical security system not located within the nuclear island and structures.

13.6 COL Item 13.6-2 An applicant that references the NuScale Power Plant US460 standard design will be responsible for the requirements described in Table 5-1 of TR-118318, NuScale Design of Physical Security Systems (Reference 13.6-1).

13.6 COL Item 13.6-3 An applicant that references the NuScale Power Plant US460 standard design will provide a secondary alarm station that is equal and redundant to the central alarm station.

13.6 COL Item 13.6-4 An applicant that references the NuScale Power Plant US460 standard design will provide a description of the Access Authorization Program.

13.6 COL Item 13.6-5 An applicant that references the NuScale Power Plant US460 standard design will provide a Cyber Security Plan.

13.6 TR-118318, Section 5, Summary and Conclusions, states that the COL applicant will be responsible for addressing site-specific conditions (e.g., programs, personnel, plans, procedures) and design element details that are not addressed in the standard design approval, based on the guidance of SRP section 13.6.2 (i.e., Criterion 3(A) and 3(B)).

13-43 TR-118318, table 5-1, identifies 25 site-specific PSS design and configuration details (items) that the COL applicant that references the standard design will address, including the following:

Provide the location and design details for the secondary alarm station (item 4).

Provide design details for physical barriers located outside the nuclear island and structures (item 5).

Provide design details for isolation zones, associated intrusion detection monitoring equipment, and areas of the PA perimeter without isolation zones (item 6).

Provide vehicle barrier design details (item 7).

Provide design details for the exterior personnel, vehicles, and material access control portals (item 8).

Provide design details for the secondary alarm station and the main security building (item 10).

Provide design details for, and placement of, the communication system secondary power supply (item 11).

Provide design details for, and placement of, the secondary security power supply (item 12).

Ensure that the site-specific characteristics are bounded by the calculated minimum standoff distances and ensure the survivability of the security alarm station (item 13).

Ensure that the site-specific physical security design is bounded by the blast analysis (item 14).

Ensure that the CAS and secondary alarm station are designed and equipped in accordance with the DBT of radiological sabotage such that no single act can simultaneously remove the ability of both alarm stations to (1) detect and assess alarms, (2) initiate and coordinate an adequate response to alarms, (3) summon offsite assistance, and (4) provide effective command and control (item 17).

Design the secondary alarm station such that the CAS and the secondary alarm station are functionally redundant (item 18).

Ensure that the alarm system design does not allow a change in the status of a detection point, locking mechanism, or access control device without the knowledge and concurrence of the alarm station operator in the other alarm station (item 19).

Provide design details for specific security illumination for the isolation zone and accessible external PAs (item 21).

Provide design details for the communication equipment in the secondary alarm station (item 22).

13-44 Describe the independent security power sources that consist of fully charged uninterrupted power supply batteries, inline generators, or other power sources (item 23).

Procure, install, and test applicable surveillance, observation, and monitoring equipment (item 24).

Verify the reactor building equipment door is designed to withstand the DBT (item 25).

Table 5-1 of TR-118318 identifies commitments related to the security operational program that a COL applicant must complete to establish elements of a physical security program:

Establish, maintain, and implement a standalone insider mitigation program (item 1).

Establish, maintain, and implement a site-specific cybersecurity plan (item 2).

Establish and implement an access authorization system or program with a numbered photograph identification badge system for controlling access to PAs and vital areas (item 3).

Develop and implement a comprehensive site-specific physical security program description for PSS (item 9).

Test intrusion detection and assessment equipment to ensure that the requirements of 10 CFR 73.55(i)(3)(i) through 10 CFR 73.55(i)(3)(v) are met before declaring that the systems are operable (item 15).

Test intrusion detection systems to ensure that the recordkeeping capability meets the requirements of 10 CFR 73.55(i)(4)(ii)(H) and 10 CFR 73.70(f) before declaring that the intrusion recording system is operable (item 16).

Select the appropriate vendors alarm station design (item 20).

The staff finds the following:

The COL information items listed in FSAR, Section 13.6, address site-specific designs of the PSS that are outside the scope of the standard design approval. In addition to the information reviewed in FSAR, Section 13.6, the COL applicant must provide information showing compliance with applicable requirements (i.e., for a security plan, access authorization program, and cybersecurity plan), including addressing the COL information items described above.

Conclusion For the reasons discussed above, the staff concludes that the applicant has considered and provided the PSS in the NuScale US460 Standard Power Plant, within the scope of the standard design approval, to facilitate the implementation of a physical protection program to protect against potential acts of radiological sabotage. As further stated above, NuScale proposed that the standard design has adequately described the plant layout for physical protection and identified vital equipment and areas for meeting, in part, specified requirements of 10 CFR 73.55.

13-45 As explained above, NuScales proposed standard design of the PSS, including system location and configuration, is adequate with respect to the nuclear island and structures within the scope of the standard design approval. This conclusion is limited to the adequacy of NuScales description of the design bases of the PSS and features within the scope of the standard design that are relied on to implement security response functions (i.e., detection, assessment, communications, security responsedelays, interdictions, and neutralization). The demonstration of reasonable assurance of adequate protection against the DBT required by NRC regulations and compliance with the programmatic requirements (including administrative controls such as people and procedures) of NRC regulations for physical protection are to be addressed by a COL applicant that is seeking a COL to construct and operate a nuclear power plant.

Fitness for Duty In 10 CFR Part 26, Fitness for Duty Programs, the NRC prescribes requirements and standards for the establishment, implementation, and maintenance of FFD programs (73 FR 17176; March 31, 2008, as amended).

FSAR Section 13.7, Fitness for Duty, states, in part, that FFD is an operational program and is not applicable to new plant designs.

Conclusion The staff finds the statement in FSAR section 13.7 on program applicability acceptable, because the applicant referencing this standard design is responsible for providing an FFD program description and implementation as described in 10 CFR Part 26.