ML18284A071: Difference between revisions
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
||
| Line 17: | Line 17: | ||
=Text= | =Text= | ||
{{#Wiki_filter: | {{#Wiki_filter:October 30, 2018 Dr. Michael Corradini, Chairman Advisory Committee on Reactor Safeguards U.S. Nuclear Regulatory Commission Washington, DC 20555-0001 | ||
/RA/}} | ==SUBJECT:== | ||
CHAPTERS 7, INSTRUMENTATION AND CONTROLS, AND CHAPTER 8, ELECTRIC POWER, OF THE U.S. NUCLEAR REGULATORY COMMISSION STAFFS SAFETY EVALUATION REPORT WITH OPEN ITEMS RELATED TO THE CERTIFICATION OF THE NUSCALE POWER, LLC SMALL MODULAR REACTOR | |||
==Dear Dr. Corradini:== | |||
Thank you for your letter, dated September 26, 2018 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML18270A374), regarding the Advisory Committee for Reactor Safeguards (ACRS or Committee) review of Chapter 7, Instrumentation and Controls, and Chapter 8, Electric Power, of the safety evaluation report (SER) with open items associated with the NuScale Power, LLC (NuScale) design certification application (DCA). | |||
I appreciate the time and effort the ACRS has devoted to these important subjects, as reflected in meetings held with the ACRS Subcommittee for NuScale on June 6, 2018, and August 23, 2018, and the ACRS Full Committee on September 6, 2018. | |||
Your letter contained three conclusions and recommendations: | |||
Conclusion and Recommendation 1: | |||
We have identified no major issues at this time. However, there are items, such as those noted below, that need to be resolved because they may alter this conclusion. | |||
Staff Response: The staff agrees with the ACRS Recommendation 1. | |||
Conclusion and Recommendation 2: | |||
The staff should ensure that the unidirectional communication interfaces labeled on Figure 7.0-1 in Chapter 7 of NuScales design certification application as PCS Unidirectional Data Diode and MCS Unidirectional Data Diode are one-way, hardware-based devices that neither use nor are configured by software to demonstrate complete isolation from external communications. | |||
Staff Response: The staff agrees with the ACRS Recommendation 2, which, as described below, will be addressed during review of any combined license (COL) application that references a NuScale DC. Title 10 of the Code of Federal Regulations (10 CFR), Section 50.55a(h) requires compliance with the Institute of Electrical and Electronics Engineers Standard (IEEE Std.) 603-1991, IEEE Standard Criteria for | |||
M. Corradini Safety Systems for Nuclear Power Generating Stations, including the correction sheet, dated January 30, 1995, which is incorporated by reference in 10 CFR 50.55a(a)(2). | |||
Section 5.9 of IEEE Std. 603-1991 states that the design shall permit the administrative control of access to safety system equipment. These administrative controls shall be supported by provisions within the safety-related systems, by provision in the generating station design, or by a combination thereof. The U.S. Nuclear Regulatory Commission (NRC) staff discussed its review of DCA, Revision 1, during the ACRS Subcommittee meeting held on August 23, 2018. Based on the discussion, the applicant submitted a list of proposed markups to DCD Tier 2, on September 4, 2018, (ADAMS Accession No. ML18247A186) where they revised the DCD Chapter 7 to one-way deterministic isolation device between the connection from the module control system (MCS) to the plant network. The NRC staff evaluated the unidirectional data diode from the MCS and PCS Control Network to the plant network and found that that the design provides sufficient information to demonstrate that the proposed administrative provisions for controlling access to instrumentation and controls (I&C) safety systems and equipment are adequate to prevent unauthorized access and modification to the safety I&C systems. Additionally, DCD Tier 2, Section 7.2.9.1, Control of Access, states that a COL applicant must submit a Cyber Security Plan in compliance with 10 CFR Part 73. | |||
In addition, COL Item 13.6-6 states that a COL applicant that references the NuScale Power Plant design certification will provide a Cyber Security Plan. In the NuScale I&C design review, the staff followed the NRC direction on performing integrated safety-focused reviews, which involves taking credit for operational programs to demonstrate satisfaction of acceptance criteria for nonsafety-related and non-risk-significant structure, system, and components. The staffs review takes credit for the future COL applicants Cyber Security Program, where a COL applicant is responsible for assuring that these deterministic one-way data communication devices comply with the regulations and are adequately protected from external threats. On this basis, the staffs conclusion is affirmed that the design of I&C systems satisfies the control of access requirements of Section 5.9 of IEEE Std. 603-1991. | |||
Conclusion and Recommendation 3: | |||
The staffs safety evaluation report for Chapter 8 has not yet resolved the significant open item of whether the design certification application meets the specifications of topical report TR-0815-16497-P-A and its associated safety evaluation limitations and conditions. | |||
Staff Response: The staff agrees with the ACRS Recommendation 3. The staff is currently reviewing the supplemental information, such as responses to the staffs requests for additional information, received from NuScale and will complete its evaluation of the Open Item in Phase 4 of the DCA review to determine whether the NuScale design meets the specifications of the topical report TR-0815-16497-P-A, Safety Classification of Passive Nuclear Power Plant Electrical System, including safety evaluation limitations and conditions. | |||
In addition to the above recommendations, on Page 5 of your letter dated September 26, 2018, the ACRS commented that the staff should include an additional condition that the design, qualification, and quality assurance provisions described in Table 3-2, Augmented Design, Qualification, and Quality Assurance Provisions, of the topical report TR-0815-16497-P-A should be applied to any nonsafety alternating current (AC) or direct current (DC) power supplies that support (1) operation of risk-significant systems or components or (2) performance of risk-significant human actions that are | |||
M. Corradini identified in the site-specific probabilistic risk assessment. In a letter dated September 11, 2017 (ADAMS Accession No. ML17221A058), the staff discussed the design, qualification, and quality assurance provisions described in Table 3-2 and determined that the intent of the recommendation has been addressed through the NRC requirement for a reliability assurance program (RAP). Specifically, any nonsafety AC or DC power supplies that support (1) operation of risk significant systems or components or (2) performance of risk-significant human actions that are identified in the site-specific probabilistic risk assessment, would be considered risk-significant and therefore, would be within the scope of the design certification applicants RAP. Being in the scope of the RAP ensures that such systems or components receive appropriate treatment in the areas of design, qualification, quality assurance, and others, as prescribed by the Commission policy and associated regulatory provisions. | |||
The staff appreciates your review of this SER and looks forward to future interactions with the Committee as part of its NuScale review activities. | |||
Sincerely, | |||
/RA/ | |||
Frederick D. Brown, Director Office of New Reactors Docket No. 52-048 cc: Chairman Svinicki Commissioner Baran Commissioner Burns Commissioner Wright Commissioner Caputo SECY | |||
ML18275A389 (Package) *via e-mail OFFICE NRO/DLSE/LB1: NRO/DLSE/LB1: NRR/DE/EENB QTE PM LA NAME OTabatabai* MMoore* TMartinezNavedo* QTE* | |||
(FSacko for) | |||
DATE 10/11/2018 10/11/2018 10/12/2018 10/11/2018 OFFICE NRO/DEI/ICEB: NRO/DLSE/LB1: NRO/DEI: D NRO/DLSE: D BC BC NAME DTaneja* (DZhang SLee ABradford (RCaldwell for) RTaylor for) (MMcCoppin for) | |||
DATE 10/12/2018 10/12/2018 10/15/2018 10/15/2018 OFFICE NRR/DE: D OGC (NLO) NRO: D NAME EBenner* AHove* FBrown DATE 10/15/2018 10/24/2018 10/30/2018}} | |||
Latest revision as of 12:39, 20 October 2019
| ML18284A071 | |
| Person / Time | |
|---|---|
| Site: | NuScale |
| Issue date: | 10/30/2018 |
| From: | Frederick Brown Office of New Reactors |
| To: | Michael Corradini Advisory Committee on Reactor Safeguards |
| Tabatabai-Yazdi O/NRO/415-6616 | |
| Shared Package | |
| ML18275A389 | List: |
| References | |
| OEDO-18-00510 | |
| Download: ML18284A071 (4) | |
Text
October 30, 2018 Dr. Michael Corradini, Chairman Advisory Committee on Reactor Safeguards U.S. Nuclear Regulatory Commission Washington, DC 20555-0001
SUBJECT:
CHAPTERS 7, INSTRUMENTATION AND CONTROLS, AND CHAPTER 8, ELECTRIC POWER, OF THE U.S. NUCLEAR REGULATORY COMMISSION STAFFS SAFETY EVALUATION REPORT WITH OPEN ITEMS RELATED TO THE CERTIFICATION OF THE NUSCALE POWER, LLC SMALL MODULAR REACTOR
Dear Dr. Corradini:
Thank you for your letter, dated September 26, 2018 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML18270A374), regarding the Advisory Committee for Reactor Safeguards (ACRS or Committee) review of Chapter 7, Instrumentation and Controls, and Chapter 8, Electric Power, of the safety evaluation report (SER) with open items associated with the NuScale Power, LLC (NuScale) design certification application (DCA).
I appreciate the time and effort the ACRS has devoted to these important subjects, as reflected in meetings held with the ACRS Subcommittee for NuScale on June 6, 2018, and August 23, 2018, and the ACRS Full Committee on September 6, 2018.
Your letter contained three conclusions and recommendations:
Conclusion and Recommendation 1:
We have identified no major issues at this time. However, there are items, such as those noted below, that need to be resolved because they may alter this conclusion.
Staff Response: The staff agrees with the ACRS Recommendation 1.
Conclusion and Recommendation 2:
The staff should ensure that the unidirectional communication interfaces labeled on Figure 7.0-1 in Chapter 7 of NuScales design certification application as PCS Unidirectional Data Diode and MCS Unidirectional Data Diode are one-way, hardware-based devices that neither use nor are configured by software to demonstrate complete isolation from external communications.
Staff Response: The staff agrees with the ACRS Recommendation 2, which, as described below, will be addressed during review of any combined license (COL) application that references a NuScale DC. Title 10 of the Code of Federal Regulations (10 CFR), Section 50.55a(h) requires compliance with the Institute of Electrical and Electronics Engineers Standard (IEEE Std.) 603-1991, IEEE Standard Criteria for
M. Corradini Safety Systems for Nuclear Power Generating Stations, including the correction sheet, dated January 30, 1995, which is incorporated by reference in 10 CFR 50.55a(a)(2).
Section 5.9 of IEEE Std. 603-1991 states that the design shall permit the administrative control of access to safety system equipment. These administrative controls shall be supported by provisions within the safety-related systems, by provision in the generating station design, or by a combination thereof. The U.S. Nuclear Regulatory Commission (NRC) staff discussed its review of DCA, Revision 1, during the ACRS Subcommittee meeting held on August 23, 2018. Based on the discussion, the applicant submitted a list of proposed markups to DCD Tier 2, on September 4, 2018, (ADAMS Accession No. ML18247A186) where they revised the DCD Chapter 7 to one-way deterministic isolation device between the connection from the module control system (MCS) to the plant network. The NRC staff evaluated the unidirectional data diode from the MCS and PCS Control Network to the plant network and found that that the design provides sufficient information to demonstrate that the proposed administrative provisions for controlling access to instrumentation and controls (I&C) safety systems and equipment are adequate to prevent unauthorized access and modification to the safety I&C systems. Additionally, DCD Tier 2, Section 7.2.9.1, Control of Access, states that a COL applicant must submit a Cyber Security Plan in compliance with 10 CFR Part 73.
In addition, COL Item 13.6-6 states that a COL applicant that references the NuScale Power Plant design certification will provide a Cyber Security Plan. In the NuScale I&C design review, the staff followed the NRC direction on performing integrated safety-focused reviews, which involves taking credit for operational programs to demonstrate satisfaction of acceptance criteria for nonsafety-related and non-risk-significant structure, system, and components. The staffs review takes credit for the future COL applicants Cyber Security Program, where a COL applicant is responsible for assuring that these deterministic one-way data communication devices comply with the regulations and are adequately protected from external threats. On this basis, the staffs conclusion is affirmed that the design of I&C systems satisfies the control of access requirements of Section 5.9 of IEEE Std. 603-1991.
Conclusion and Recommendation 3:
The staffs safety evaluation report for Chapter 8 has not yet resolved the significant open item of whether the design certification application meets the specifications of topical report TR-0815-16497-P-A and its associated safety evaluation limitations and conditions.
Staff Response: The staff agrees with the ACRS Recommendation 3. The staff is currently reviewing the supplemental information, such as responses to the staffs requests for additional information, received from NuScale and will complete its evaluation of the Open Item in Phase 4 of the DCA review to determine whether the NuScale design meets the specifications of the topical report TR-0815-16497-P-A, Safety Classification of Passive Nuclear Power Plant Electrical System, including safety evaluation limitations and conditions.
In addition to the above recommendations, on Page 5 of your letter dated September 26, 2018, the ACRS commented that the staff should include an additional condition that the design, qualification, and quality assurance provisions described in Table 3-2, Augmented Design, Qualification, and Quality Assurance Provisions, of the topical report TR-0815-16497-P-A should be applied to any nonsafety alternating current (AC) or direct current (DC) power supplies that support (1) operation of risk-significant systems or components or (2) performance of risk-significant human actions that are
M. Corradini identified in the site-specific probabilistic risk assessment. In a letter dated September 11, 2017 (ADAMS Accession No. ML17221A058), the staff discussed the design, qualification, and quality assurance provisions described in Table 3-2 and determined that the intent of the recommendation has been addressed through the NRC requirement for a reliability assurance program (RAP). Specifically, any nonsafety AC or DC power supplies that support (1) operation of risk significant systems or components or (2) performance of risk-significant human actions that are identified in the site-specific probabilistic risk assessment, would be considered risk-significant and therefore, would be within the scope of the design certification applicants RAP. Being in the scope of the RAP ensures that such systems or components receive appropriate treatment in the areas of design, qualification, quality assurance, and others, as prescribed by the Commission policy and associated regulatory provisions.
The staff appreciates your review of this SER and looks forward to future interactions with the Committee as part of its NuScale review activities.
Sincerely,
/RA/
Frederick D. Brown, Director Office of New Reactors Docket No.52-048 cc: Chairman Svinicki Commissioner Baran Commissioner Burns Commissioner Wright Commissioner Caputo SECY
ML18275A389 (Package) *via e-mail OFFICE NRO/DLSE/LB1: NRO/DLSE/LB1: NRR/DE/EENB QTE PM LA NAME OTabatabai* MMoore* TMartinezNavedo* QTE*
(FSacko for)
DATE 10/11/2018 10/11/2018 10/12/2018 10/11/2018 OFFICE NRO/DEI/ICEB: NRO/DLSE/LB1: NRO/DEI: D NRO/DLSE: D BC BC NAME DTaneja* (DZhang SLee ABradford (RCaldwell for) RTaylor for) (MMcCoppin for)
DATE 10/12/2018 10/12/2018 10/15/2018 10/15/2018 OFFICE NRR/DE: D OGC (NLO) NRO: D NAME EBenner* AHove* FBrown DATE 10/15/2018 10/24/2018 10/30/2018