ML18025B924: Difference between revisions
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
||
| Line 17: | Line 17: | ||
=Text= | =Text= | ||
{{#Wiki_filter:Summary of Comments | {{#Wiki_filter:Summary of Comments on 2018-01-23 | ||
on 2018-01-23 | |||
Draft RIS_KS.pdf | Draft RIS_KS.pdf | ||
This page contains | This page contains no comments | ||
no comments | |||
This page contains | This page contains no comments | ||
no comments | 1 2 3 4 | ||
Page: 3 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | |||
Page: | 12:06:34 PM In the sentence directly before this one, the limitation | ||
Sticky Note Date: 01/24/2018 | |||
12:06:34 | |||
PM In the sentence | |||
directly | |||
before this one, the limitation | |||
regarding | regarding | ||
not providing | not providing | ||
new guidance | new guidance is restricted | ||
is restricted | to RPS and ESF. But in this sentence that limitation | ||
to RPS and ESF. But in this sentence | is extended to all SSCs. This contradicts | ||
that limitation | |||
is extended | |||
to all SSCs. This contradicts | |||
subsequent | subsequent | ||
sections | sections of this RIS which provide new CCF guidance for other non-RPS/ESF | ||
of this RIS which provide new CCF guidance | SSCs. Number: 2 Author: KenSc Subject: Highlight Date: 01/23/2018 | ||
for other non-RPS/ESF | 10:39:52 PM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
SSCs. Number: 2 Author: KenSc Subject: | |||
Highlight | |||
10:39:52 | |||
PM Number: 3 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
9:03:14 AM ATWS is considered | 9:03:14 AM ATWS is considered | ||
in most FSARs, maybe all. So CCF due to a design flaw is considered | in most FSARs, maybe all. So CCF due to a design flaw is considered | ||
in most, maybe all, FSARs. Number: 4 Author: KenSc Subject: | in most, maybe all, FSARs. Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | |||
9:02:09 AM | 9:02:09 AM | ||
1 2 | |||
Page: | Page: 4 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Sticky Note Date: 01/24/2018 | 12:07:45 PM The first paragraph | ||
12:07:45 | |||
PM The first paragraph | |||
on Page 3 says this RIS is not applicable | on Page 3 says this RIS is not applicable | ||
to RPS/ESF. | to RPS/ESF. But this paragraph | ||
But this paragraph | |||
implies it would not be applicable | implies it would not be applicable | ||
to any equipment | to any equipment | ||
of equal or greater importance | of equal or greater importance | ||
to RPS/ESF. | to RPS/ESF. Importance | ||
Importance | |||
can be determined | can be determined | ||
by the PRA. Equipment | by the PRA. Equipment | ||
of equal or greater importance | of equal or greater importance | ||
would typically | would typically | ||
include load sequencers, | include load sequencers, and accident monitoring | ||
and accident | |||
monitoring | |||
instrumentation | instrumentation | ||
and controls | and controls for manual actions credited in the TAA. So the original statement | ||
for manual actions credited | |||
in the TAA. So the original | |||
statement | |||
that says this RIS is not applicable | that says this RIS is not applicable | ||
to RPS and ESFAS should be expanded | to RPS and ESFAS should be expanded to encompass | ||
to encompass | |||
these additional | these additional | ||
systems. Number: 2 Author: KenSc Subject: | systems. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | |||
9:06:19 AM | 9:06:19 AM | ||
1 2 3 4 | |||
Page: | Page: 5 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Sticky Note Date: 01/24/2018 | 12:08:20 PM We typically | ||
12:08:20 | view "failure to perform" as "no function at all". But equally important | ||
PM We typically | |||
view "failure | |||
to perform" | |||
as "no function | |||
at all". But equally important | |||
is performing | is performing | ||
a design function | a design function erroneously. | ||
erroneously. | |||
This is too often forgotten | This is too often forgotten | ||
by digital designers. | by digital designers. | ||
It should be clearly stated. Number: 2 Author: KenSc Subject: | It should be clearly stated. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 9:15:39 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
9:15:39 AM Number: 3 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
9:17:29 AM A failure of shared resources | 9:17:29 AM A failure of shared resources | ||
among safety control functions | among safety control functions | ||
| Line 113: | Line 74: | ||
unanalyzed | unanalyzed | ||
malfunctions. | malfunctions. | ||
Number: 4 Author: KenSc Subject: | Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | |||
9:13:15 AM | 9:13:15 AM | ||
1 2 | |||
Page: | Page: 6 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Sticky Note Date: 01/24/2018 | 10:01:37 AM SECY 93-087 and BTP 7-19 constitute | ||
10:01:37 | |||
AM SECY 93-087 and BTP 7-19 constitute | |||
current NRC policy on digital CCF. The current policy does not allow a conclusion | current NRC policy on digital CCF. The current policy does not allow a conclusion | ||
that the likelihood | that the likelihood | ||
| Line 130: | Line 87: | ||
factors facilitate | factors facilitate | ||
a conclusion | a conclusion | ||
that the CCF is beyond design basis, but not that it requires | that the CCF is beyond design basis, but not that it requires no further consideration. | ||
no further consideration. | |||
Another way of looking at this is that the current policy is that qualitative | Another way of looking at this is that the current policy is that qualitative | ||
factors do not allow a conclusion | factors do not allow a conclusion | ||
| Line 137: | Line 93: | ||
is comparable | is comparable | ||
to other sources of CCF that are not considered | to other sources of CCF that are not considered | ||
in the FSAR. How can a RIS be used to change previous | in the FSAR. How can a RIS be used to change previous NRC policy. I have heard some people say that the current NRC policy is only applicable | ||
NRC policy. I have heard some people say that the current NRC policy is only applicable | to new plants. If that is true, which I don't believe it is, then how can the NRC create a new policy for operating | ||
to new plants. If that is true, which I don't believe it is, then how can the NRC | |||
plants that is different | plants that is different | ||
than for new plants. This directly | than for new plants. This directly contradicts | ||
contradicts | |||
the commissioners | the commissioners | ||
direction | direction | ||
in (SRM)-SECY-16-0070 | in (SRM)-SECY-16-0070 | ||
that the guidance | that the guidance for new plants and operating | ||
for new plants and operating | plants should be the same. Number: 2 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
plants should be the same. Number: 2 Author: KenSc Subject: | 12:10:01 PM Dave, You told me that "sufficiently | ||
Sticky Note Date: 01/24/2018 | low" could only be reached with 4 factors, the fourth being an evaluation | ||
12:10:01 | |||
PM Dave, You told me that "sufficiently | |||
low" could only be reached with 4 factors, | |||
the fourth being an evaluation | |||
of the "what if" malfunction | of the "what if" malfunction | ||
results. | results. This contradicts | ||
This contradicts | |||
your explanation | your explanation | ||
of this RIS. If your interpretation | of this RIS. If your interpretation | ||
is confused, | is confused, the industry's | ||
the industry's | |||
interpretation | interpretation | ||
is also going to be confused. | is also going to be confused. | ||
This page contains | This page contains no comments | ||
no comments | |||
This page contains | This page contains no comments | ||
no comments | 1 2 3 4 | ||
Page: 9 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | |||
Page: | |||
Sticky Note Date: 01/24/2018 | |||
9:38:55 AM Licensees | 9:38:55 AM Licensees | ||
will often conduct these evaluations | will often conduct these evaluations | ||
| Line 178: | Line 122: | ||
in revised design/analysis | in revised design/analysis | ||
documentation. | documentation. | ||
Number: 2 Author: KenSc Subject: | Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 9:37:49 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
9:37:49 AM Number: 3 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
9:40:45 AM Dave, This does not say that a failure must be postulated. | 9:40:45 AM Dave, This does not say that a failure must be postulated. | ||
Number: 4 Author: KenSc Subject: | Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | |||
9:40:15 AM | 9:40:15 AM | ||
1 2 | |||
Page: | Page: 10 Number: 1 Author: KenSc Subject: Highlight Date: 01/23/2018 | ||
Highlight | 10:53:30 PM Number: 2 Author: KenSc Subject: Sticky Note Date: 01/23/2018 | ||
10:53:57 PM No postulation | |||
10:53:30 | |||
PM Number: 2 Author: KenSc Subject: | |||
Sticky Note Date: 01/23/2018 | |||
10:53:57 | |||
PM No postulation | |||
of CCF. | of CCF. | ||
1 2 3 4 5 6 | |||
Page: | Page: 11 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Sticky Note Date: 01/24/2018 | |||
9:47:22 AM This is technically | 9:47:22 AM This is technically | ||
incorrect. | incorrect. | ||
Single failures, | Single failures, by definition | ||
by definition | |||
are random, non-systematic | are random, non-systematic | ||
failures. | failures. | ||
An increase | An increase in the likelihood | ||
in the likelihood | of a single failure, does lower system availability, but it does not increase the likelihood | ||
of a single failure, | of a CCF. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
does lower system availability, | 9:44:37 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
but it does not increase | 10:18:38 AM Should be NEI 01-01 Section 4.4.6. Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
the likelihood | 10:18:44 AM Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
of a CCF. Number: 2 Author: KenSc Subject: | 10:04:39 AM This note just adds confusion | ||
Highlight | because it says that if a failure is not credible but not sufficiently | ||
9:44:37 AM Number: 3 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:18:38 | |||
AM Should be NEI 01-01 Section 4.4.6. Number: 4 Author: KenSc Subject: | |||
Highlight | |||
10:18:44 | |||
AM Number: 5 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:04:39 | |||
AM This note just adds confusion | |||
because it says that if a failure is not credible | |||
but not sufficiently | |||
low likelihood | low likelihood | ||
it must be considered. | it must be considered. | ||
Number: 6 Author: KenSc Subject: | Number: 6 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 10:03:46 AM | ||
1 2 3 4 5 6 | |||
10:03:46 | Page: 12 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
AM | 10:12:33 AM This contradicts | ||
previous statements | |||
Page: | |||
Sticky Note Date: 01/24/2018 | |||
10:12:33 | |||
AM This contradicts | |||
previous | |||
statements | |||
in this RIS and in NEI 01-01 which state to require no further consideration | in this RIS and in NEI 01-01 which state to require no further consideration | ||
in 50.59, the failure likelihood | in 50.59, the failure likelihood | ||
must be "comparable | must be " comparable | ||
to other common cause failures | to other common cause failures that are not considered | ||
that are not considered | in the UFSAR". Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
in the UFSAR". Number: 2 Author: KenSc Subject: | 10:12:30 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Highlight | 10:07:57 AM Yes, but the sentence above says that even if you have not reached the "sufficiently | ||
low" threshold, there are no new accidents | |||
10:12:30 | |||
AM Number: 3 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:07:57 | |||
AM Yes, but the sentence | |||
above says that even if you have not reached the "sufficiently | |||
low" threshold, | |||
there are no new accidents | |||
introduced | introduced | ||
unless the failure is "as likely" as other failures | unless the failure is "as likely" as other failures assumed in the FSAR. This is quite confusing. | ||
assumed in the FSAR. This is quite confusing. | Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Number: 4 Author: KenSc Subject: | 10:05:54 AM Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Highlight | 10:11:38 AM This contradicts | ||
previous statements | |||
10:05:54 | |||
AM Number: 5 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:11:38 | |||
AM This contradicts | |||
previous | |||
statements | |||
in this RIS and in NEI 01-01 which state to require no further consideration | in this RIS and in NEI 01-01 which state to require no further consideration | ||
in 50.59, the failure likelihood | in 50.59, the failure likelihood | ||
must be "comparable | must be " comparable | ||
to other common cause failures | to other common cause failures that are not considered | ||
that are not considered | in the UFSAR". Number: 6 Author: KenSc Subject: Highlight Date: 01/23/2018 | ||
in the UFSAR". Number: 6 Author: KenSc Subject: | 10:57:32 PM | ||
Highlight | 1 2 3 4 5 6 7 8 9 10 | ||
Page: 13 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | |||
10:57:32 | 10:20:03 AM This contradicts | ||
PM | |||
Page: | |||
Sticky Note Date: 01/24/2018 | |||
10:20:03 | |||
AM This contradicts | |||
NEI 01-01 which says to require no further consideration | NEI 01-01 which says to require no further consideration | ||
the failure likelihood | the failure likelihood | ||
must be "comparable | must be " comparable | ||
to other common cause failures | to other common cause failures that are not considered | ||
that are not considered | |||
in the UFSAR", not as likely as those that are considered. | in the UFSAR", not as likely as those that are considered. | ||
Number: 2 Author: KenSc Subject: | Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 10:13:32 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
10:21:57 AM Needs to also include ways of erroneous | |||
10:13:32 | |||
AM Number: 3 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:21:57 | |||
AM Needs to also include ways of erroneous | |||
performance. | performance. | ||
You can argue that "failure" | You can argue that "failure" encompasses "erroneous" but erroneous | ||
encompasses | |||
"erroneous" | |||
but erroneous | |||
is too often overlooked | is too often overlooked | ||
by digital designers. | by digital designers. | ||
Number: 4 Author: KenSc Subject: | Number: 4 Author: KenSc Subject: Highlight Date: 01/23/2018 | ||
Highlight | 10:58:55 PM Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
10:27:10 AM This should say "which ones that are not as unlikely as failures not considered | |||
10:58:55 | |||
PM Number: 5 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:27:10 | |||
AM This should say "which ones that are not as unlikely | |||
as failures | |||
not considered | |||
in the FSAR" or "which one whose likelihood | in the FSAR" or "which one whose likelihood | ||
is not | is not c omparable | ||
to other common cause failures | to other common cause failures that are not considered | ||
that are not considered | in the UFSAR." Number: 6 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
in the UFSAR." Number: 6 Author: KenSc Subject: | 10:22:20 AM Number: 7 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Highlight | 10:53:43 AM "as likely as those described | ||
10:22:20 | |||
AM Number: 7 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:53:43 | |||
AM "as likely as those described | |||
in the FSAR" contradicts | in the FSAR" contradicts | ||
"comparable | " comparable | ||
to other common cause failures | to other common cause failures that are not considered | ||
that are not considered | |||
in the UFSAR", which is your definition | in the UFSAR", which is your definition | ||
of "sufficiently | of "sufficiently | ||
low". These are two different | low". These are two different | ||
thresholds. | thresholds. | ||
So it is not clear when Steps 3-5 are needed. This RIS is supposed | So it is not clear when Steps 3-5 are needed. This RIS is supposed to bring clarity to the 50.59 issue, not more ambiguity. | ||
to bring clarity to the 50.59 issue, not more ambiguity. | Number: 8 Author: KenSc Subject: Highlight Date: 01/23/2018 | ||
Number: 8 Author: KenSc Subject: | 11:00:26 PM Number: 9 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Highlight | 10:33:03 AM Clarify that "end result" means "plant level". Number: 10 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
10:28:29 AM | |||
11:00:26 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | ||
PM Number: 9 Author: KenSc Subject: | Page: 14 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Sticky Note Date: 01/24/2018 | 10:49:34 AM This is new NRC policy that clearly contradicts | ||
10:33:03 | |||
AM Clarify that "end result" means "plant level". Number: 10 Author: KenSc Subject: | |||
Highlight | |||
10:28:29 | |||
AM | |||
Page: | |||
Sticky Note Date: 01/24/2018 | |||
10:49:34 | |||
AM This is new NRC policy that clearly contradicts | |||
the quote in this paragraph | the quote in this paragraph | ||
from NEI 01-01, which is previously | from NEI 01-01, which is previously | ||
endorsed | endorsed by NRC. It is not clarification | ||
by NRC. It is not clarification | of previous policy. It also contradicts | ||
of previous | SECY 93-087 and BTP 7-19. A RIS cannot change previous NRC policy. Regardless, "best estimate" methods are used in most, maybe all, FSARs for ATWS, SBO and fire. So they are used in the FSAR, therefore | ||
policy. It also contradicts | even with this new policy they can be used to evaluate CCFs when the CCF is considered | ||
SECY 93-087 and BTP 7-19. A RIS cannot change previous | |||
NRC policy. Regardless, | |||
"best estimate" | |||
methods are used in most, maybe all, FSARs for ATWS, SBO and fire. So they are used in the FSAR, therefore | |||
even with this new policy they can be used to evaluate | |||
CCFs when the CCF is considered | |||
beyond design basis (i.e., significantly | beyond design basis (i.e., significantly | ||
less likely than other malfunctions | less likely than other malfunctions | ||
considered | considered | ||
in design basis events). Number: 2 Author: KenSc Subject: | in design basis events). Number: 2 Author: KenSc Subject: Highlight Date: 01/23/2018 | ||
Highlight | 11:02:45 PM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
10:33:15 AM Clarify that "end result" means "plant level". Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018 | |||
11:02:45 | 10:31:39 AM Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
PM Number: 3 Author: KenSc Subject: | 10:34:04 AM These are failure modes or component | ||
Sticky Note Date: 01/24/2018 | level effects. They are not the "end result" Number: 6 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
10:33:15 | 10:34:02 AM Number: 7 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
AM Clarify that "end result" means "plant level". Number: 4 Author: KenSc Subject: | 10:44:51 AM What does it mean to be "bounded". | ||
Highlight | This RIS needs to provide guidance, because this is a particular | ||
area for frequent industry inconsistency. | |||
10:31:39 | Number: 8 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
AM Number: 5 Author: KenSc Subject: | 10:34:56 AM Clarify that "end result" means "plant level". Number: 9 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Sticky Note Date: 01/24/2018 | 10:34:29 AM Number: 10 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
10:34:04 | 10:44:57 AM Number: 11 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
AM These are failure modes or component | 10:47:18 AM This is not clear. All design functions | ||
level effects. | are assigned at the system level. But the effects of system level failures are determined | ||
They are not the "end result" Number: 6 Author: KenSc Subject: | at the plant level. Clarity is needed here because this is another area of frequent industry inconsistency. | ||
Highlight | Number: 12 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
10:46:06 AM Number: 13 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | |||
10:34:02 | 10:47:45 AM define "bounded" Number: 14 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
AM Number: 7 Author: KenSc Subject: | 10:47:34 AM Number: 15 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Sticky Note Date: 01/24/2018 | 10:48:50 AM "results" appears to have two different | ||
10:44:51 | |||
AM What does it mean to be "bounded". | |||
This RIS needs to provide guidance, | |||
because this is a particular | |||
area for frequent | |||
industry | |||
inconsistency. | |||
Number: 8 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:34:56 | |||
AM Clarify that "end result" means "plant level". Number: 9 Author: KenSc Subject: | |||
Highlight | |||
10:34:29 | |||
AM Number: 10 Author: KenSc Subject: | |||
Highlight | |||
10:44:57 | |||
AM Number: 11 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:47:18 | |||
AM This is not clear. All design functions | |||
are assigned | |||
at the system level. But the effects of system level failures | |||
are determined | |||
at the plant level. Clarity is needed here because this is another area of frequent | |||
industry | |||
inconsistency. | |||
Number: 12 Author: KenSc Subject: | |||
Highlight | |||
10:46:06 | |||
AM Number: 13 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:47:45 | |||
AM define "bounded" | |||
Highlight | |||
10:47:34 | |||
AM Number: 15 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
10:48:50 | |||
AM "results" | |||
appears to have two different | |||
meanings. | meanings. | ||
This needs clarification. | This needs clarification. | ||
Number: 16 Author: KenSc Subject: | Number: 16 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 10:48:19 AM Number: 17 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
10:48:24 AM Number: 18 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | |||
10:48:19 | 10:52:10 AM "bounded" is used in three quotes on this page. But it is never defined here or in NEI 01-01. A definition | ||
AM Number: 17 Author: KenSc Subject: | is clearly needed. Number: 19 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 10:51:10 AM | ||
1 2 | |||
10:48:24 | Page: 15 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
AM Number: 18 Author: KenSc Subject: | 10:58:08 AM The same software in different | ||
Sticky Note Date: 01/24/2018 | |||
10:52:10 | |||
AM "bounded" | |||
is used in three quotes on this page. But it is never defined here or in NEI 01-01. A definition | |||
is clearly needed. Number: 19 Author: KenSc Subject: | |||
Highlight | |||
10:51:10 | |||
AM | |||
Page: | |||
Sticky Note Date: 01/24/2018 | |||
10:58:08 | |||
AM The same software | |||
in different | |||
systems could be considered | systems could be considered | ||
a "shared resource". | a "shared resource". | ||
So change to "shared hardware | So change to "shared hardware resource". | ||
resource". | Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Number: 2 Author: KenSc Subject: | 10:56:17 AM | ||
Highlight | 1 2 3 4 5 6 7 8 | ||
Page: 16 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | |||
10:56:17 | 11:00:58 AM This contradicts | ||
AM | previous sections which say that the malfunction | ||
must be analyzed only if the likelihood | |||
Page: | |||
Sticky Note Date: 01/24/2018 | |||
11:00:58 | |||
AM This contradicts | |||
previous | |||
sections | |||
which say that the malfunction | |||
must be analyzed | |||
only if the likelihood | |||
is not "sufficiently | is not "sufficiently | ||
low" based on a qualitative | low" based on a qualitative | ||
assessment. | assessment. | ||
Here you say that analysis | Here you say that analysis is needed to reach the "sufficiently | ||
is needed to reach the "sufficiently | |||
low" threshold. | low" threshold. | ||
This is quite confusing. | This is quite confusing. | ||
Number: 2 Author: KenSc Subject: | Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 10:59:25 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
11:01:26 AM Very unclear. See previous comments. Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018 | |||
10:59:25 | 11:01:11 AM Very Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
AM Number: 3 Author: KenSc Subject: | 11:04:42 AM Even if you hardwire a signal from a digital device, the digital device itself can create an erroneous | ||
Sticky Note Date: 01/24/2018 | |||
11:01:26 | |||
AM Very unclear. | |||
See previous | |||
comments. | |||
Highlight | |||
11:01:11 | |||
AM Very Number: 5 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
11:04:42 | |||
AM Even if you hardwire | |||
a signal from a digital device, the digital device itself can create an erroneous | |||
signal that could adversely | signal that could adversely | ||
affect RPS/ESF. | affect RPS/ESF. Digital data communication | ||
Digital data communication | |||
creates an additional | creates an additional | ||
communication | communication | ||
| Line 521: | Line 287: | ||
on functional | on functional | ||
independence. | independence. | ||
Number: 6 Author: KenSc Subject: | Number: 6 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 11:02:46 AM Number: 7 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
11:07:50 AM Per previous NRC policy, all of these attributes | |||
11:02:46 | |||
AM Number: 7 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
11:07:50 | |||
AM Per previous | |||
NRC policy, all of these attributes | |||
facilitate | facilitate | ||
a conclusion | a conclusion | ||
of sufficiently | of sufficiently | ||
low likelihood | low likelihood | ||
to be analyzed | to be analyzed using "best estimate" methods. Not sufficiently | ||
using "best estimate" | |||
methods. | |||
Not sufficiently | |||
low to require no further consideration. | low to require no further consideration. | ||
This RIS is changing | This RIS is changing NRC policy. Number: 8 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
NRC policy. Number: 8 Author: KenSc Subject: | 11:07:41 AM | ||
Highlight | |||
11:07:41 | |||
AM | |||
This page contains | This page contains no comments | ||
no comments | 1 2 3 | ||
Page: 18 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | |||
Page: | 11:10:25 AM Limiting and mitigating | ||
Sticky Note Date: 01/24/2018 | |||
11:10:25 | |||
AM Limiting | |||
and mitigating | |||
do not reduce the likelihood | do not reduce the likelihood | ||
of the failure. Number: 2 Author: KenSc Subject: | of the failure. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 11:09:58 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
11:12:29 AM This paragraph | |||
11:09:58 | |||
AM Number: 3 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
11:12:29 | |||
AM This paragraph | |||
is not related to design attributes | is not related to design attributes | ||
that reduce the likelihood | that reduce the likelihood | ||
of failure. | of failure. It is about tolerating | ||
It is about tolerating | the failure. This paragraph | ||
the failure. | |||
This paragraph | |||
should be deleted or moved. | should be deleted or moved. | ||
This page contains | This page contains no comments | ||
no comments | |||
This page contains | This page contains no comments | ||
no comments | 1 2 | ||
Page: 21 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | |||
Page: | 11:18:10 AM Clarify that this refers to functional | ||
Sticky Note Date: 01/24/2018 | |||
11:18:10 | |||
AM Clarify that this refers to functional | |||
diversity. | diversity. | ||
Implementation | Implementation | ||
diversity | diversity | ||
is not required | is not required in the protection | ||
in the protection | system by 10CFR Part 50 Appendix A. Implementation | ||
system by 10CFR Part 50 Appendix | |||
A. Implementation | |||
diversity | diversity | ||
is only required | is only required by 50.62 for ATWS, which is a beyond design basis event for which "best estimate" methods are permitted. | ||
by 50.62 for ATWS, which is a beyond design basis event for which "best estimate" | Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
methods are permitted. | 11:16:14 AM | ||
Number: 2 Author: KenSc Subject: | |||
Highlight | |||
11:16:14 | |||
AM | |||
This page contains | This page contains no comments | ||
no comments | |||
This page contains | This page contains no comments | ||
no comments | |||
This page contains | This page contains no comments | ||
no comments | 1 2 3 4 | ||
Page: 25 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | |||
Page: | 11:27:04 AM This contradicts | ||
Sticky Note Date: 01/24/2018 | |||
11:27:04 | |||
AM This contradicts | |||
your definition | your definition | ||
of "sufficiently | of "sufficiently | ||
low" which requires | low" which requires the failure likelihood | ||
the failure likelihood | |||
to be comparable | to be comparable | ||
to failures | to failures not considered | ||
not considered | in the FSAR". Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
in the FSAR". Number: 2 Author: KenSc Subject: | 11:26:09 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Highlight | 11:29:00 AM The ability to mitigate the malfunction | ||
11:26:09 | |||
AM Number: 3 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
11:29:00 | |||
AM The ability to mitigate | |||
the malfunction | |||
is completely | is completely | ||
different | different | ||
than the determination | than the determination | ||
of likelihood. | of likelihood. | ||
Number: 4 Author: KenSc Subject: | Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 11:27:52 AM | ||
1 2 | |||
11:27:52 | Page: 26 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
AM | 11:31:46 AM Clarify that this means risk comparable | ||
to other failures that are not considered | |||
Page: | |||
Sticky Note Date: 01/24/2018 | |||
11:31:46 | |||
AM Clarify that this means risk comparable | |||
to other failures | |||
that are not considered | |||
in the FSAR and distinguish | in the FSAR and distinguish | ||
this from risks that do not reach this level and therefore | this from risks that do not reach this level and therefore | ||
require further analysis | require further analysis of the plant level effects. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
of the plant level effects. Number: 2 Author: KenSc Subject: | 11:30:54 AM | ||
Highlight | |||
11:30:54 | |||
AM | |||
This page contains | This page contains no comments | ||
no comments | 1 2 | ||
Page: 28 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | |||
Page: | 11:36:46 AM BTP 7-19 says a D3 analysis is required for "safety systems" not just protection | ||
Sticky Note Date: 01/24/2018 | systems. A RIS cannot change current Staff policy. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
11:36:46 | 11:36:08 AM | ||
AM BTP 7-19 says a D3 analysis | |||
is required | |||
for "safety systems" | |||
not just protection | |||
systems. | |||
A RIS cannot change current Staff policy. Number: 2 Author: KenSc Subject: | |||
Highlight | |||
11:36:08 | |||
AM | |||
This page contains | This page contains no comments | ||
no comments | 1 2 3 4 5 6 | ||
Page: 30 Number: 1 Author: KenSc Subject: Highlight Date: 01/24/2018 | |||
Page: | 11:39:34 AM Number: 2 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
Highlight | 11:39:13 AM These other attributes | ||
11:39:34 | |||
AM Number: 2 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
11:39:13 | |||
AM These other attributes | |||
can be used when accompanied | can be used when accompanied | ||
by Staff review. Now you are changing | by Staff review. Now you are changing the Staff policy to allow these other attributes | ||
the Staff policy to allow these other attributes | to be used without Staff review and without additional | ||
to be used | endorsed Staff guidance. Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
endorsed | 11:42:46 AM You are making a statement | ||
Staff guidance. | |||
Sticky Note Date: 01/24/2018 | |||
11:42:46 | |||
AM You are making a statement | |||
with inadequate | with inadequate | ||
justification. | justification. "Best estimate" methods are used in most, maybe all, FSARs for all beyond design basis events. SECY 93-087 and BTP 7-19 define CCF with concurrent | ||
"Best estimate" | |||
methods are used in most, maybe all, FSARs for all beyond design basis events. SECY 93-087 and BTP 7-19 define CCF with concurrent | |||
accidents | accidents | ||
as a beyond design basis event. Now, you are using this RIS to change NRC policy. Number: 4 Author: KenSc Subject: | as a beyond design basis event. Now, you are using this RIS to change NRC policy. Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 11:40:21 AM Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
11:44:21 AM This is not an alternate | |||
11:40:21 | |||
AM Number: 5 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
11:44:21 | |||
AM This is not an alternate | |||
approach. | approach. | ||
It is your definition | It is your definition | ||
of "sufficiently | of "sufficiently | ||
low" Number: 6 Author: KenSc Subject: | low" Number: 6 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Highlight | 11:43:50 AM | ||
1 2 3 4 | |||
11:43:50 | Page: 31 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
AM | 12:01:52 PM "Best estimate" methods facilitate | ||
Page: | |||
Sticky Note Date: 01/24/2018 | |||
12:01:52 | |||
PM "Best estimate" | |||
methods facilitate | |||
crediting | crediting | ||
backups. | backups. Without "best estimate" methods backups cannot be credited because they will never achieve the same performance (e.g. response time, design basis margin to critical safety function limits) as the original system. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
Without "best estimate" | 11:59:40 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018 | ||
methods backups cannot be credited | 12:03:16 PM This is not an economical | ||
because they will never achieve the same performance | |||
(e.g. response | |||
time, design basis margin to critical | |||
safety function | |||
limits) as the original | |||
system. Number: 2 Author: KenSc Subject: | |||
Highlight | |||
11:59:40 | |||
AM Number: 3 Author: KenSc Subject: | |||
Sticky Note Date: 01/24/2018 | |||
12:03:16 | |||
PM This is not an economical | |||
means nor is it likely to show equivalent | means nor is it likely to show equivalent | ||
design basis results. | design basis results. This is why "best estimate" methods are needed. Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018 | ||
This is why "best estimate" | 12:02:23 PM | ||
methods are needed. Number: 4 Author: KenSc Subject: | |||
Highlight | |||
12:02:23 | |||
PM | |||
This page contains | This page contains no comments | ||
no comments | |||
This page contains | This page contains no comments | ||
no comments | |||
This page contains | This page contains no comments | ||
no comments | |||
This page contains | This page contains no comments | ||
no comments | |||
This page contains | This page contains no comments | ||
no comments | |||
}} | }} | ||
Revision as of 04:49, 6 July 2018
| ML18025B924 | |
| Person / Time | |
|---|---|
| Issue date: | 01/24/2018 |
| From: | Office of Nuclear Reactor Regulation |
| To: | |
| References | |
| RIS-02-022, S01 DRF | |
| Download: ML18025B924 (72) | |
See also: RIS 2002-22
Text
Summary of Comments on 2018-01-23
Draft RIS_KS.pdf
This page contains no comments
This page contains no comments
1 2 3 4
Page: 3 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
12:06:34 PM In the sentence directly before this one, the limitation
regarding
not providing
new guidance is restricted
to RPS and ESF. But in this sentence that limitation
is extended to all SSCs. This contradicts
subsequent
sections of this RIS which provide new CCF guidance for other non-RPS/ESF
SSCs. Number: 2 Author: KenSc Subject: Highlight Date: 01/23/2018
10:39:52 PM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
in most FSARs, maybe all. So CCF due to a design flaw is considered
in most, maybe all, FSARs. Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018
9:02:09 AM
1 2
Page: 4 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
12:07:45 PM The first paragraph
on Page 3 says this RIS is not applicable
to RPS/ESF. But this paragraph
implies it would not be applicable
to any equipment
of equal or greater importance
to RPS/ESF. Importance
can be determined
by the PRA. Equipment
of equal or greater importance
would typically
include load sequencers, and accident monitoring
instrumentation
and controls for manual actions credited in the TAA. So the original statement
that says this RIS is not applicable
to RPS and ESFAS should be expanded to encompass
these additional
systems. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
9:06:19 AM
1 2 3 4
Page: 5 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
12:08:20 PM We typically
view "failure to perform" as "no function at all". But equally important
is performing
a design function erroneously.
This is too often forgotten
by digital designers.
It should be clearly stated. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
9:15:39 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
9:17:29 AM A failure of shared resources
among safety control functions
can also introduce
unanalyzed
malfunctions.
Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018
9:13:15 AM
1 2
Page: 6 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:01:37 AM SECY 93-087 and BTP 7-19 constitute
current NRC policy on digital CCF. The current policy does not allow a conclusion
that the likelihood
of a CCF is sufficiently
low to require no further consideration
based on these qualitative
factors alone. The current policy is clear that these qualitative
factors facilitate
a conclusion
that the CCF is beyond design basis, but not that it requires no further consideration.
Another way of looking at this is that the current policy is that qualitative
factors do not allow a conclusion
that the likelihood
is comparable
to other sources of CCF that are not considered
in the FSAR. How can a RIS be used to change previous NRC policy. I have heard some people say that the current NRC policy is only applicable
to new plants. If that is true, which I don't believe it is, then how can the NRC create a new policy for operating
plants that is different
than for new plants. This directly contradicts
the commissioners
direction
in (SRM)-SECY-16-0070
that the guidance for new plants and operating
plants should be the same. Number: 2 Author: KenSc Subject: Sticky Note Date: 01/24/2018
12:10:01 PM Dave, You told me that "sufficiently
low" could only be reached with 4 factors, the fourth being an evaluation
of the "what if" malfunction
results. This contradicts
your explanation
of this RIS. If your interpretation
is confused, the industry's
interpretation
is also going to be confused.
This page contains no comments
This page contains no comments
1 2 3 4
Page: 9 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
9:38:55 AM Licensees
will often conduct these evaluations
prior to investing
in revised design/analysis
documentation.
Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
9:37:49 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
9:40:45 AM Dave, This does not say that a failure must be postulated.
Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018
9:40:15 AM
1 2
Page: 10 Number: 1 Author: KenSc Subject: Highlight Date: 01/23/2018
10:53:30 PM Number: 2 Author: KenSc Subject: Sticky Note Date: 01/23/2018
10:53:57 PM No postulation
of CCF.
1 2 3 4 5 6
Page: 11 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
9:47:22 AM This is technically
incorrect.
Single failures, by definition
are random, non-systematic
failures.
An increase in the likelihood
of a single failure, does lower system availability, but it does not increase the likelihood
of a CCF. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
9:44:37 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:18:38 AM Should be NEI 01-01 Section 4.4.6. Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018
10:18:44 AM Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:04:39 AM This note just adds confusion
because it says that if a failure is not credible but not sufficiently
low likelihood
it must be considered.
Number: 6 Author: KenSc Subject: Highlight Date: 01/24/2018
10:03:46 AM
1 2 3 4 5 6
Page: 12 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:12:33 AM This contradicts
previous statements
in this RIS and in NEI 01-01 which state to require no further consideration
in 50.59, the failure likelihood
must be " comparable
to other common cause failures that are not considered
in the UFSAR". Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
10:12:30 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:07:57 AM Yes, but the sentence above says that even if you have not reached the "sufficiently
low" threshold, there are no new accidents
introduced
unless the failure is "as likely" as other failures assumed in the FSAR. This is quite confusing.
Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018
10:05:54 AM Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:11:38 AM This contradicts
previous statements
in this RIS and in NEI 01-01 which state to require no further consideration
in 50.59, the failure likelihood
must be " comparable
to other common cause failures that are not considered
in the UFSAR". Number: 6 Author: KenSc Subject: Highlight Date: 01/23/2018
10:57:32 PM
1 2 3 4 5 6 7 8 9 10
Page: 13 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:20:03 AM This contradicts
NEI 01-01 which says to require no further consideration
the failure likelihood
must be " comparable
to other common cause failures that are not considered
in the UFSAR", not as likely as those that are considered.
Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
10:13:32 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:21:57 AM Needs to also include ways of erroneous
performance.
You can argue that "failure" encompasses "erroneous" but erroneous
is too often overlooked
by digital designers.
Number: 4 Author: KenSc Subject: Highlight Date: 01/23/2018
10:58:55 PM Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:27:10 AM This should say "which ones that are not as unlikely as failures not considered
in the FSAR" or "which one whose likelihood
is not c omparable
to other common cause failures that are not considered
in the UFSAR." Number: 6 Author: KenSc Subject: Highlight Date: 01/24/2018
10:22:20 AM Number: 7 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:53:43 AM "as likely as those described
in the FSAR" contradicts
" comparable
to other common cause failures that are not considered
in the UFSAR", which is your definition
of "sufficiently
low". These are two different
thresholds.
So it is not clear when Steps 3-5 are needed. This RIS is supposed to bring clarity to the 50.59 issue, not more ambiguity.
Number: 8 Author: KenSc Subject: Highlight Date: 01/23/2018
11:00:26 PM Number: 9 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:33:03 AM Clarify that "end result" means "plant level". Number: 10 Author: KenSc Subject: Highlight Date: 01/24/2018
10:28:29 AM
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
Page: 14 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:49:34 AM This is new NRC policy that clearly contradicts
the quote in this paragraph
from NEI 01-01, which is previously
endorsed by NRC. It is not clarification
of previous policy. It also contradicts
SECY 93-087 and BTP 7-19. A RIS cannot change previous NRC policy. Regardless, "best estimate" methods are used in most, maybe all, FSARs for ATWS, SBO and fire. So they are used in the FSAR, therefore
even with this new policy they can be used to evaluate CCFs when the CCF is considered
beyond design basis (i.e., significantly
less likely than other malfunctions
considered
in design basis events). Number: 2 Author: KenSc Subject: Highlight Date: 01/23/2018
11:02:45 PM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:33:15 AM Clarify that "end result" means "plant level". Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018
10:31:39 AM Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:34:04 AM These are failure modes or component
level effects. They are not the "end result" Number: 6 Author: KenSc Subject: Highlight Date: 01/24/2018
10:34:02 AM Number: 7 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:44:51 AM What does it mean to be "bounded".
This RIS needs to provide guidance, because this is a particular
area for frequent industry inconsistency.
Number: 8 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:34:56 AM Clarify that "end result" means "plant level". Number: 9 Author: KenSc Subject: Highlight Date: 01/24/2018
10:34:29 AM Number: 10 Author: KenSc Subject: Highlight Date: 01/24/2018
10:44:57 AM Number: 11 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:47:18 AM This is not clear. All design functions
are assigned at the system level. But the effects of system level failures are determined
at the plant level. Clarity is needed here because this is another area of frequent industry inconsistency.
Number: 12 Author: KenSc Subject: Highlight Date: 01/24/2018
10:46:06 AM Number: 13 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:47:45 AM define "bounded" Number: 14 Author: KenSc Subject: Highlight Date: 01/24/2018
10:47:34 AM Number: 15 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:48:50 AM "results" appears to have two different
meanings.
This needs clarification.
Number: 16 Author: KenSc Subject: Highlight Date: 01/24/2018
10:48:19 AM Number: 17 Author: KenSc Subject: Highlight Date: 01/24/2018
10:48:24 AM Number: 18 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:52:10 AM "bounded" is used in three quotes on this page. But it is never defined here or in NEI 01-01. A definition
is clearly needed. Number: 19 Author: KenSc Subject: Highlight Date: 01/24/2018
10:51:10 AM
1 2
Page: 15 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
10:58:08 AM The same software in different
systems could be considered
a "shared resource".
So change to "shared hardware resource".
Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
10:56:17 AM
1 2 3 4 5 6 7 8
Page: 16 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:00:58 AM This contradicts
previous sections which say that the malfunction
must be analyzed only if the likelihood
is not "sufficiently
low" based on a qualitative
assessment.
Here you say that analysis is needed to reach the "sufficiently
low" threshold.
This is quite confusing.
Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
10:59:25 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:01:26 AM Very unclear. See previous comments. Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018
11:01:11 AM Very Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:04:42 AM Even if you hardwire a signal from a digital device, the digital device itself can create an erroneous
signal that could adversely
affect RPS/ESF. Digital data communication
creates an additional
communication
independence
vulnerability.
But it has no effect (positive
or negative)
on functional
independence.
Number: 6 Author: KenSc Subject: Highlight Date: 01/24/2018
11:02:46 AM Number: 7 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:07:50 AM Per previous NRC policy, all of these attributes
facilitate
a conclusion
of sufficiently
low likelihood
to be analyzed using "best estimate" methods. Not sufficiently
low to require no further consideration.
This RIS is changing NRC policy. Number: 8 Author: KenSc Subject: Highlight Date: 01/24/2018
11:07:41 AM
This page contains no comments
1 2 3
Page: 18 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:10:25 AM Limiting and mitigating
do not reduce the likelihood
of the failure. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
11:09:58 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:12:29 AM This paragraph
is not related to design attributes
that reduce the likelihood
of failure. It is about tolerating
the failure. This paragraph
should be deleted or moved.
This page contains no comments
This page contains no comments
1 2
Page: 21 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:18:10 AM Clarify that this refers to functional
diversity.
Implementation
diversity
is not required in the protection
system by 10CFR Part 50 Appendix A. Implementation
diversity
is only required by 50.62 for ATWS, which is a beyond design basis event for which "best estimate" methods are permitted.
Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
11:16:14 AM
This page contains no comments
This page contains no comments
This page contains no comments
1 2 3 4
Page: 25 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:27:04 AM This contradicts
your definition
of "sufficiently
low" which requires the failure likelihood
to be comparable
to failures not considered
in the FSAR". Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
11:26:09 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:29:00 AM The ability to mitigate the malfunction
is completely
different
than the determination
of likelihood.
Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018
11:27:52 AM
1 2
Page: 26 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:31:46 AM Clarify that this means risk comparable
to other failures that are not considered
in the FSAR and distinguish
this from risks that do not reach this level and therefore
require further analysis of the plant level effects. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
11:30:54 AM
This page contains no comments
1 2
Page: 28 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:36:46 AM BTP 7-19 says a D3 analysis is required for "safety systems" not just protection
systems. A RIS cannot change current Staff policy. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
11:36:08 AM
This page contains no comments
1 2 3 4 5 6
Page: 30 Number: 1 Author: KenSc Subject: Highlight Date: 01/24/2018
11:39:34 AM Number: 2 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:39:13 AM These other attributes
can be used when accompanied
by Staff review. Now you are changing the Staff policy to allow these other attributes
to be used without Staff review and without additional
endorsed Staff guidance. Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:42:46 AM You are making a statement
with inadequate
justification. "Best estimate" methods are used in most, maybe all, FSARs for all beyond design basis events. SECY 93-087 and BTP 7-19 define CCF with concurrent
accidents
as a beyond design basis event. Now, you are using this RIS to change NRC policy. Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018
11:40:21 AM Number: 5 Author: KenSc Subject: Sticky Note Date: 01/24/2018
11:44:21 AM This is not an alternate
approach.
It is your definition
of "sufficiently
low" Number: 6 Author: KenSc Subject: Highlight Date: 01/24/2018
11:43:50 AM
1 2 3 4
Page: 31 Number: 1 Author: KenSc Subject: Sticky Note Date: 01/24/2018
12:01:52 PM "Best estimate" methods facilitate
crediting
backups. Without "best estimate" methods backups cannot be credited because they will never achieve the same performance (e.g. response time, design basis margin to critical safety function limits) as the original system. Number: 2 Author: KenSc Subject: Highlight Date: 01/24/2018
11:59:40 AM Number: 3 Author: KenSc Subject: Sticky Note Date: 01/24/2018
12:03:16 PM This is not an economical
means nor is it likely to show equivalent
design basis results. This is why "best estimate" methods are needed. Number: 4 Author: KenSc Subject: Highlight Date: 01/24/2018
12:02:23 PM
This page contains no comments
This page contains no comments
This page contains no comments
This page contains no comments
This page contains no comments