ML071630512: Difference between revisions

From kanterella
Jump to navigation Jump to search
(Created page by program invented by StriderTol)
(Created page by program invented by StriderTol)
 
Line 16: Line 16:


=Text=
=Text=
{{#Wiki_filter:FPIP-0126 Rev. 0 Page 1 of 13 I Information Use  FIRE PROTECTION INITIATIVES PROJECT PROJECT PROCEDURE
{{#Wiki_filter:I Information Use FIRE PROTECTION INITIATIVES PROJECT PROJECT PROCEDURE FPIP-0126 NON-POWER OPERATIONAL MODES TRANSITION REVIEW Revision 0 Reichle, Stephen                  Began, Keith                Jeffery        Digitally signed by Jeffery Ertman DN: cn=Jeffery Ertman, c=US, Prepared By                      Reviewed By                                o=Progress Energy, ou=NGG 2007.05.07 07:58:12 -04'00'      2007.05.07 08:02:27 -04'00' Ertman        Date: 2007.05.07 08:16:03 -04'00' Prepared By / Date                Reviewed By / Date          Approved By / Date FPIP-0126                                     Rev. 0                             Page 1 of 13


FPIP-0126 NON-POWER OPERATIONAL MODES TRANSITION REVIEW Revision 0  
TABLE OF CONTENTS SECTION                                                                                                                                PAGE 1.0   PURPOSE ................................................................................................................................. 3


Prepared By / Date Reviewed By / Date  Approved By / Date
==2.0  REFERENCES==
........................................................................................................................... 3 3.0  DEFINITIONS ............................................................................................................................ 3 4.0  RESPONSIBILITIES .................................................................................................................. 5 5.0  PREREQUISITES ...................................................................................................................... 6 6.0  PRECAUTIONS AND LIMITATIONS.......................................................................................... 6 7.0  SPECIAL TOOLS AND EQUIPMENT ........................................................................................ 6 8.0  ACCEPTANCE CRITERIA ......................................................................................................... 6 9.0  INSTRUCTIONS ........................................................................................................................ 6 9.1 Background ....................................................................................................................... 6 9.2 Plant Outage Process........................................................................................................ 7 9.3 Identification of Required Equipment ................................................................................. 8 9.4 Circuit Analysis .................................................................................................................. 8 9.5 Identification of Equipment/Cable or Recovery Action Location ......................................... 9 9.6 Fire Area Assessment ....................................................................................................... 9 9.7 Documentation ................................................................................................................ 10 10.0 RECORDS ............................................................................................................................... 10 ATTACHMENTS 1    NFPA 805 - Non-Power Operational Guidance........................................................................ 11 REVISION


FPIP-0126 Rev. 0 Page  2 of 13 TABLE OF CONTENTS SECTION PAGE 1.0 PURPOSE.................................................................................................................................3
==SUMMARY==
........................................................................................................................ 13 FPIP-0126                                              Rev. 0                                                          Page 2 of 13
 
1.0  PURPOSE The purpose of this project procedure is to describe the process used to demonstrate that the nuclear safety performance criteria outlined in NFPA 805 are met for high risk evolutions that are performed during non-power operational modes. This procedure does not include development of new, or modification of existing, procedures to be utilized in managing risk post NFPA 805 transition.
This project procedure follows the guidance provided in Section 4.3.3 of NEI 04-02 (Reference 2.6) for performing a transitional review of high risk evolutions that are performed while the plant is in one of the non-power operational modes, and could impact Key Safety Functions.
The Fire Protection Initiatives Project has issued this instruction for the purpose of providing project level guidance during transition of the Progress Energy nuclear plant fleet to NFPA 805.
At the completion of the tasks covered by this instruction, it will be cancelled or converted to a NGGC procedure as appropriate.
 
==2.0  REFERENCES==
 
2.1    NGG Fire Protection Program Improvement Initiatives Project Plan 2.2    FPIP-0100, Fire Protection Initiatives Project, Project Controls 2.3    FPIP-0104, Safe Shutdown Equipment List and Fault Tree Logics 2.4    FPIP-0105, Safe Shutdown Circuit Analysis 2.5    National Fire Protection Association (NFPA) Standard 805-2001, Performance Based Standard for Fire Protection for Light Water Reactor Electric Generating Plants, Section B.6 2.6    Nuclear Energy Institute (NEI) 04-02, Revision 1, Guidance for Implementing a Risk-Informed, Performance-Based Program Under 10CFR50.48(c) 2.7    NUREG-1449, Final Report, Shutdown and Low-Power Operation at Commercial Nuclear Power Plants in the United Stated, September, 1993 2.8    NUMARC 91-06, Guidelines for Industry Actions to Assess Shutdown Management 2.9    NUMARC 93-01, Industry Guidelines for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants 2.10    OMP-003, Outage Shutdown Risk Management (Harris plant document) 3.0  DEFINITIONS 3.1    High Risk Evolution Outage activities, plant configurations or conditions during shutdown where the plant is more susceptible to an event causing the loss of a key safety function.
(NUMARC 91-06)
FPIP-0126                                     Rev. 0                                     Page 3 of 13
 
3.2 Key Safety Function Those functions required to ensure nuclear safety during shutdown consisting of decay heat removal capability (both when the core is in the vessel AND in the spent fuel pool),
inventory control, power availability, reactivity control, pressure control, and containment.
Specifically the Key Safety Functions to be considered are (OMP-003):
Decay Heat Removal The ability to maintain reactor coolant system (RCS) temperature and pressure, and spent fuel pool (SFP) temperature below specified limits following a shutdown.
Inventory Control Measures established to ensure that irradiated fuel remains covered with coolant to maintain heat transfer and shielding requirements.
Power Availability The ability to provide AC or DC power to the components required to provide the Key Safety Functions.
Reactivity Control Measures established to preclude inadvertent dilutions, criticalities, power excursions or losses of shutdown margin, and to predict and monitor core behavior.
Containment The action to secure primary (PWR) or secondary (BWR) containment and its associated structures, systems, and components as a functional barrier to fission product release under existing plant conditions.
3.3  Fire Safe Shutdown Program Manager and Database (FSSPMD)
The FSSPM is a software program and database that has been developed for use in managing the post-fire safe shutdown data and analysis for the Progress Energy nuclear fleet. An independent version of this Program has been developed for each Progress Energy nuclear site. The Program contains data and information on components, circuits, and cables that are credited in effecting a safe shutdown at that plant in the event of a fire. The Program is also used to store data on non-power operations and probabilistic risk assessment components, and has the capability to generate the necessary reports that will document how compliance with NRC regulations is maintained.
3.4  Recovery Action Activities to achieve the nuclear safety performance criteria that take place outside of the main control room or outside of the primary control station(s) for the equipment being operated, including the replacement or modification of components.
FPIP-0126                                  Rev. 0                                      Page 4 of 13
 
3.5 Risk Management Integrated process of assessing and reducing the likelihood and/or consequences of an adverse event. (NUMARC 91-06) 3.6  Terms 3.6.1   May Denotes permission, not a requirement or a recommendation.
3.6.2  Shall Denotes a requirement or a mandatory activity.
3.6.3  Should Denotes an expected action unless there is justifiable reason not to perform the action.
4.0   RESPONSIBILITIES 4.1  CES Fire Protection Initiatives Project Manager 4.1.1  Ensuring that work performed under their supervision is performed in accordance with this instruction.
4.1.2  Approval of each plants Transition Report.
4.2  Site Fire Protection Initiative Project Coordinator 4.2.1  Ensuring that Fire Protection Initiative Project tasks and deliverables associated with their plant is performed in accordance with this procedure.
4.2.2  Review and approval of their plants Transition Report 4.3  Site Safe Shutdown Engineer 4.3.1  Review and approve the list of equipment and circuit analyses required to ensure the ability to achieve Key Safety Functions are not adversely impacted from a fire during non-power operations.
4.4  Safe Shutdown Engineer 4.4.1  Contacting designated individuals within the plants various departments (Operations, Outage Management, Scheduling, etc.) that are familiar with typical high risk evolutions that are performed during non-power operating modes to identify those systems that need to be considered within the scope of this review.
4.4.2  Identification of equipment required during non-power operations to ensure that Key Safety Functions are maintained.
FPIP-0126                                  Rev. 0                                    Page 5 of 13
 
4.4.3  Preparation of new and modified circuit analyses for equipment identified in 4.4.1.
4.4.4  Performance of a fire area assessment for non-power operations, and preparation of the Transition Report.
4.5  Fire Protection Engineer 4.5.1  Provide support to the Safe Shutdown Engineers on an as needed basis to assess situations (scenarios) where fire modeling might prove to be a strategy for demonstrating that fire will not affect a Key Safety Function.
4.5.2  Perform fire modeling for scenarios where a Key Safety Functions may not be affected or lost as a result of a fire in a given area.
5.0  PREREQUISITES 5.1  Personnel assigned to prepare or review documents under this Project procedure shall have the required level of training, completed qualifications for a Post-Fire Safe Shutdown Engineer.
6.0  PRECAUTIONS AND LIMITATIONS 6.1  This procedure does not provide guidance on how to control changes to safe shutdown database (e.g. FSSPMD). Changes to the SSEL and the circuit analysis in the database are to be processed using the guidance provided in References 2.3 and 2.4.
7.0  SPECIAL TOOLS AND EQUIPMENT N/A 8.0  ACCEPTANCE CRITERIA 8.1  The equipment selected and/or recovery actions identified demonstrate that the nuclear safety performance criteria can be met.
9.0  INSTRUCTIONS 9.1  Background The nuclear safety goal stated in NFPA 805 is:
The nuclear safety goal is to provide reasonable assurance that a fire during any operational mode and plant configuration will not prevent the plant from achieving and maintaining the fuel in a safe and stable condition.
Accomplishment of this goal will be through the management of shutdown and fire risk during high risk evolutions.
The concept of protection of equipment from the effects of fire during plant shutdown conditions is discussed in NUREG-1449. In addition, the current industry approaches for evaluating risk during shutdown conditions involves both quantitative and qualitative assessments and is based on guidance provided in NUMARC 91-06 and 93-01. These guidance documents have been considered in the development of procedures used at FPIP-0126                                  Rev. 0                                      Page 6 of 13
 
each of Progress Energy nuclear plants to manage risk when the plants are in non-power modes or defueled (i.e. OMP-003 used at HNP).
In order to assess the impact of a fire that might originate when the plant is in a shutdown mode, a nuclear safety assessment similar to that performed for safe shutdown components while the plant is at power shall be performed. This assessment shall be focused on those sets of systems and equipment that are required to ensure that Key Safety Functions (KSF) and safe shutdown conditions can be maintained while various outage related functions are performed. While it is expected that the majority of the equipment required to accomplish these functions would have been identified as required to support safe shutdown, there may be additional sets of systems or differences in the functional requirements and time dependencies on decay heat removal system operation for non-power operation than there was for full power operation.
The guidance provided in this document will be used to identify systems, components, and cables required to ensure that these systems necessary to support each KSF will be available, or compliance strategies for maintaining the KSF are developed.
This process should begin with a discussion of the objectives of this assessment with Probabilistic Risk Assessment (PRA), Fire Protection, Operations, and Outage Management Staffs to obtain their input and determine the best way to integrate the fire protection aspects of this assessment into existing Outage Management Processes.
9.2  Plant Outage Process During this step a review of existing plant management and risk assessment processes that are utilized during outages will be conducted. The purpose of this review is to identify those systems and equipment that is relied upon to provide Key Safety Functions (KSF) during each outage evolution. Each outage evolution identifies the diverse methods of achieving the KSF. For example to achieve the Decay Heat Removal KSF a plant may credit DHR Train A, DHR Train B, HPI Train A, HPI Train B, and Gravity Feed and Chemical and Volume Control.
During this phase of the review, it will be necessary to identify those high risk evolutions that are typically performed during an outage in order to bound the number of systems that are credited in maintaining each of the Key Safety Functions. It is important to note that there may be new evolutions identified from outage to outage, but it is expected that the core systems credited to maintain the Key Safety Functions will remain the same, and new nuclear safety analysis will not need to be performed.
9.2.1  Identify the plant procedures, or directives, that are utilized to manage risk when the plant is shutdown.
9.2.2  Review these outage management procedures (or directives) and identify the Key Safety Functions that are considered.
9.2.3  Identify the various shutdown and fuel pool cooling evolutions that are performed during an outage, and categorize them as either low or high risk evolutions.
(NFPA 805, B.6) 9.2.4  For the high risk evolutions determine the methods (procedures) within these evolutions that are used to achieve the KSF.
FPIP-0126                                  Rev. 0                                      Page 7 of 13
 
9.2.5  Review the procedures utilized to conduct these evolutions to identify the systems and equipment that is credited.
9.3  Identification of Required Equipment 9.3.1  For systems relied upon to achieve, or support, one or more of the outage evolutions, and the Key Safety Functions identified in subsection 9.2, the guidance provided in FPIP-0104 (Reference 2.3) will be utilized in identifying the components required for each of the high risk outage evolutions.
9.3.2  System and plant operating procedures, as well as flow diagrams, and operations training lessons plans should be considered in identification of systems, components, and functions required.
9.3.3  If a component is required to achieve one of the Key Safety Functions, and it is already credited to perform a nuclear safety function (i.e. safe shutdown of plant) when the plant is at power, it should be reviewed to identify any differences in required position and/or function. For example, the existing nuclear safety analysis (Appendix R/NUREG-0800 analysis) may credit the valve in the closed position however; the valve may be required open for shutdown modes of operation.
9.3.4  Components that are required to perform or support an outage function will be identified in the plants FSSPMD as required for Non-Power Operation.
9.3.4.1 If the outage related component is not already included in the FSSPMD, a new record shall be added to the SSEL and fields completed as prescribed in FPIP-0104.
9.3.4.2 If the outage related component is already in the FSSPMD as required to support post-fire safe shutdown, and if operating modes are the same as the safe shutdown component, all that is required is to flag the component as required for Non-Power Operation.
9.3.4.3 If the outage related component is already on the FSSPMD SSEL, but the operating mode for performing the outage evolution is different, a new record shall be created.
9.3.4.4 The key safety function(s) that the component supports will be identified in a separate field. It should be noted that some components such as those for the Emergency Service Water System may support more that one KSF, and each of them should be identified.
9.3.5  Power sources necessary to support the equipment needed for non-power operation modes should also be identified, similar to the method used for power operation in FPIP-0104. These power supplies should also be identified as required for Non-Power Operations.
9.4  Circuit Analysis 9.4.1  For each new electrically operated component that is added to the SSEL to perform, or support, an outage function a circuit analysis shall be completed and documented in accordance with FPIP-0105 (Reference 2.4). The Circuit FPIP-0126                                    Rev. 0                                    Page 8 of 13


==2.0 REFERENCES==
Information Form included in the FSSPMD shall be completed using the input criteria, assumptions, notes, definitions, and standard abbreviations contained in FPIP-0105.
...........................................................................................................................3 3.0 DEFINITIONS............................................................................................................................3 4.0 RESPONSIBILITIES..................................................................................................................5 5.0 PREREQUISITES......................................................................................................................6 6.0 PRECAUTIONS AND LIMITATIONS..........................................................................................6 7.0 SPECIAL TOOLS AND EQUIPMENT........................................................................................6 8.0 ACCEPTANCE CRITERIA.........................................................................................................6 9.0 INSTRUCTIONS........................................................................................................................6 9.1 Backgr ound.......................................................................................................................6 9.2 Plant Outage Process........................................................................................................7 9.3 Identification of Required Equipment.................................................................................8 9.4 Circuit Analysis..................................................................................................................8 9.5 Identification of Equipment/Cable or Recovery Action Location.........................................9 9.6 Fire Area Assessment.......................................................................................................9 9.7 Documentation................................................................................................................10 10.0 RECORDS...............................................................................................................................10 ATTACHMENTS 1 NFPA 805 - Non-Power Operational Guidance........................................................................
9.4.2   If the component currently has a completed circuit analysis that was performed for a nuclear safety function, but the required position/function of the component to perform its outage function is different that that for safe shutdown, a new circuit analysis utilizing FPIP-0105 shall be performed for the new position since different failures modes will need to be considered.
11 REVISION
9.5 Identification of Equipment/Cable or Recovery Action Location 9.5.1  New equipment that is added to the SSEL in the FSSPMD will be identified as to which fire zone it is located when the component is entered into the FSSPMD utilizing Reference 2.3.
9.5.2  Additional cables that are identified for inclusion in the FSSPMD as part of this non-power operations review will be incorporated utilizing the process described in Reference 2.4.
9.5.3  If a recovery (i.e. manual) action is credited to satisfy a KSF (i.e. alignment of gravity feed), the location (fire zone or fire area) of this action shall be identified so that it can be factored into the fire area assessment.
9.6 Fire Area Assessment 9.6.1  Identify those areas (pinch points) where a single fire might damage (or impede) all credited paths, or affect recovery actions used to perform a KSF. It should be noted that some KSFs may be achieved solely by the performance of some recovery action (i.e. alignment of gravity feed).
9.6.2  Pinch points will be identified using the following process:
9.6.2.1 As previously identified, the FSSPMD will be utilized to store information on components and circuits, as well as their locations within the plant, associated with a specific KSF can not be credited.
9.6.2.2 Reports provided from FSSPMD will identify the components associated with a given KSF in the fire area that may be damaged by a fire and therefore can not be credited.
9.6.2.3 The data outputs will then be reviewed to determine if the minimum requirements (components and systems) are met to ensure that the KSF will remain available.
9.6.3  Fire modeling may be used to determine if the postulated fire would be expected to damage required equipment, or impede recovery actions.
9.6.4  In addition to the review of outage planning and assessment processes, the plants Technical Specifications and any Administrative control procedures that could affect the availability of equipment required during non-power operational modes should be considered.
FPIP-0126                                    Rev. 0                                       Page 9 of 13


==SUMMARY==
9.6.5  Fire protection system operability requirements and transient combustible control programs should be reviewed to identify any practices that are unique to shutdown modes.
........................................................................................................................13 FPIP-0126 Rev. 0 Page 3 of 13 1.0 PURPOSE The purpose of this project procedure is to describe the process used to demonstrate that the nuclear safety performance criteria outlined in NFPA 805 are met for high risk evolutions that are performed during non-power operational modes. This procedure does not include development of new, or modification of existing, procedures to be utilized in managing risk post NFPA 805 transition. This project procedure follows the guidance provided in Section 4.3.3 of NEI 04-02 (Reference 2.6) for performing a transitional review of high risk evolutions that are performed while the plant is in one of the non-power operational modes, and could impact Key Safety Functions. The Fire Protection Initiatives Project has issued this instruction for the purpose of providing project level guidance during transition of the Progress Energy nuclear plant fleet to NFPA 805. At the completion of the tasks covered by this instruction, it will be cancelled or converted to a NGGC procedure as appropriate.
9.6.6  For those fire areas where a single fire may damage all credited paths used to perform a KSF, the following options (compliance strategies) should be considered and incorporated into the outage management and planning procedures to reduce the risk from fire depending upon the significance of the potential damage:
* Prohibition or limitation of hot work in fire areas during periods of increased vulnerability.
* Verification of operable detection and /or suppression in the vulnerable areas.
* Prohibition or limitation of combustible materials in fire areas during periods of increased vulnerability.
* Provision of additional fire patrols at periodic intervals or other appropriate compensatory measures (such as surveillance cameras) during increased vulnerability.
* Use of recovery actions to mitigate potential losses of key safety functions.
This could include staging of backup equipment, repair capabilities, or contingency plans to account for increased vulnerability.
* Identification and monitoring of in-situ ignition sources for fire precursors (e.g., equipment temperatures).
9.7    Documentation 9.7.1  Additional components selected, and circuit analyses performed, shall be entered into the FSSPMD and changes documented utilizing the Change Control process described in Reference 2.2.
9.7.2  A description of the Non-Power operational modes review and it results shall be incorporated into the plants Shutdown Calculation. This will be performed by preparing a mark-up of the calculation with necessary attachments for incorporation into the calculation at the next update.
9.7.3  Prepare a Transition Report that summarizes the results of this fire area assessment, and documents the vulnerabilities identified. This report shall also include any recommendation for modifying procedures utilized to manage risk during plant shutdown and outage periods to ensure that Key Safety Functions are not compromised in the event of a fire during high risk evolutions.
9.7.4 Included with the Transition Report should be a summary of the tasks that were performed to demonstrate that the nuclear safety performance criteria are met for high risk evolutions that are performed during non-power operational modes.
The accomplishment of these tasks should be documented using the format provided in Table F-1 of Reference 2.6 (see Attachment 1 to this procedure).
10.0  RECORDS Refer to FPIP-0100 (Reference 2.2) for guidance on electronic storage/filing of project documents.
FPIP-0126                                    Rev. 0                                      Page 10 of 13


==2.0 REFERENCES==
ATTACHMENT 1 Sheet 1 of 1 NFPA 805 - Non-Power Operational Guidance Table F-1 NFPA 805 - Non-Power Operational Guidance NFPA 805 Requirements                         Implementing Guidance                             Process and Results The nuclear safety goal is to provide           Review existing plant outage processes      List the KSFs and the systems /
2.1 NGG Fire Protection Program Improvement Initiatives Project Plan 2.2 FPIP-0100, Fire Protection Initiatives Project, Project Controls 2.3 FPIP-0104, Safe Shutdown Equipment List and Fault Tree Logics 2.4 FPIP-0105, Safe Shutdown Circuit Analysis 2.5 National Fire Protection Association (NFPA) Standard 805-2001, Performance Based Standard for Fire Protection for Light Water Reactor Electric Generating Plants, Section B.6 2.6 Nuclear Energy Institute (NEI) 04-02, Revision 1, Guidance for Implementing a Risk-Informed, Performance-Based Program Under 10CFR50.48(c) 2.7 NUREG-1449, Final Report, Shutdown and Low-Power Operation at Commercial Nuclear Power Plants in the United Stated, September, 1993 2.8 NUMARC 91-06, Guidelines for Industry Actions to Assess Shutdown Management 2.9 NUMARC 93-01, Industry Guidelines for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants 2.10 OMP-003, Outage Shutdown Risk Management (Harris plant document) 3.0 DEFINITIONS 3.1 High Risk Evolution Outage activities, plant configurations or conditions during shutdown where the plant is more susceptible to an event causing the loss of a key safety function.  (NUMARC 91-06)
reasonable assurance that a fire during any       (outage management and outage risk            components required to support those operational mode and plant configuration will     assessments) to determine equipment          function.
FPIP-0126 Rev. 0 Page  4 of 13 3.2 Key Safety Function Those functions required to ensure nuclear safety during shutdown consisting of decay heat removal capability (both when the core is in the vessel AND in the spent fuel pool), inventory control, power availability, reactivity control, pressure control, and containment.
not prevent the plant from achieving and         relied upon to provide Key Safety            Identify those systems / components that maintaining the fuel in a safe and stable         Functions (KSF) including support             require additional analyses. For example, condition.                                        functions. Each outage evolution              a KSF may rely on instrumentation that is identifies the diverse methods of            currently not part of the Safe Shutdown achieving the KSF. For example to            Analysis, or a component may have been achieve the Decay Heat Removal KSF a          modeled in one position (closed, off, etc.)
Specifically the Key Safety Functions to be considered are (OMP-003): Decay Heat Removal The ability to maintain reactor coolant system (RCS) temperature and pressure, and spent fuel pool (SFP) temperature below specified limits following a shutdown. Inventory Control Measures established to ensure that irradiated fuel remains covered with coolant to maintain heat transfer and shielding requirements. Power Availability The ability to provide AC or DC power to the components required to provide the Key Safety Functions. Reactivity Control Measures established to preclude inadvertent dilutions, criticalities, power excursions or losses of shutdown margin, and to predict and monitor core behavior. Containment The action to secure primary (PWR) or secondary (BWR) containment and its associated structures, systems, and components as a functional barrier to fission product release under existing plant conditions. 3.3 Fire Safe Shutdown Program Manager and Database (FSSPMD) The FSSPM is a software program and database that has been developed for use in managing the post-fire safe shutdown data and analysis for the Progress Energy nuclear fleet. An independent version of this Program has been developed for each Progress Energy nuclear site. The Program contains data and information on components, circuits, and cables that are credited in effecting a safe shutdown at that plant in the event of a fire. The Program is also used to store data on non-power operations and probabilistic risk assessment components, and has the capability to generate the necessary reports that will document how compliance with NRC regulations is maintained. 3.4 Recovery Action Activities to achieve the nuclear safety performance criteria that take place outside of the main control room or outside of the primary control station(s) for the equipment being operated, including the replacement or modification of components.
plant may credit DHR Train A, DHR Train      but to support the KSF it would need to be B, HPI Train A, HPI Train B, and Gravity      evaluated in an additional positions (open, Feed and Chemical and Volume Control.        on, etc.)
FPIP-0126 Rev. 0 Page  5 of 13 3.5 Risk Management Integrated process of assessing and reducing the likelihood and/or consequences of an adverse event. (NUMARC 91-06) 3.6 Terms 3.6.1 May Denotes permission, not a requirement or a recommendation. 3.6.2 Shall Denotes a requirement or a mandatory activity. 3.6.3 Should Denotes an expected action unless there is justifiable reason not to perform the action. 4.0 RESPONSIBILITIES 4.1 CES Fire Protection Initiatives Project Manager 4.1.1 Ensuring that work performed under their supervision is performed in accordance with this instruction.
For those additional components, perform circuit analysis, location tasks described in Appendix B of NFPA 805. Document the results.
4.1.2 Approval of each plants Transition Report.
Identify locations where 1) fires may       Evaluate on a fire area basis the loss of cause damage to the equipment (and           KSFs. Document those areas cabling) credited above, or 2) recovery actions credited for the KSF are performed (for those KSFs that are achieved solely by recovery action i.e.,
4.2 Site Fire Protection Initiative Project Coordinator 4.2.1 Ensuring that Fire Protection Initiative Project tasks and deliverables associated with their plant is performed in accordance with this procedure.
alignment of gravity feed).
4.2.2 Review and approval of their plant's Transition Report 4.3 Site Safe Shutdown Engineer 4.3.1 Review and approve the list of equipment and circuit analyses required to ensure the ability to achieve Key Safety Functions are not adversely impacted from a fire during non-power operations.
Identify fire areas where a single fire may For the areas identified above, determine if damage all the credited paths for a KSF.     a single fire in the area can cause a loss of This may include fire modeling to            all credited paths for a KSF.
4.4 Safe Shutdown Engineer 4.4.1 Contacting designated individuals within the plant's various departments (Operations, Outage Management, Scheduling, etc.) that are familiar with typical high risk evolutions that are performed during non-power operating modes to identify those systems that need to be considered within the scope of this review. 4.4.2 Identification of equipment required during non-power operations to ensure that Key Safety Functions are maintained.
determine if a postulated fire (MEFS -      Conservatively, assume the entire contents LFS) would be expected to damage              of a fire area are lost. If this does not result equipment required.                          in the loss of all credited paths for a KSF, document success.
FPIP-0126 Rev. 0 Page  6 of 13 4.4.3 Preparation of new and modified circuit analyses for equipment identified in 4.4.1. 4.4.4 Performance of a fire area assessment for non-power operations, and preparation of the Transition Report. 4.5 Fire Protection Engineer 4.5.1 Provide support to the Safe Shutdown Engineers on an as needed basis to assess situations (scenarios) where fire modeling might prove to be a strategy for demonstrating that fire will not affect a Key Safety Function. 4.5.2 Perform fire modeling for scenarios where a Key Safety Functions may not be affected or lost as a result of a fire in a given area. 5.0 PREREQUISITES 5.1 Personnel assigned to prepare or review documents under this Project procedure shall have the required level of training, completed qualifications for a Post-Fire Safe Shutdown Engineer. 6.0 PRECAUTIONS AND LIMITATIONS 6.1 This procedure does not provide guidance on how to control changes to safe shutdown database (e.g. FSSPMD). Changes to the SSEL and the circuit analysis in the database are to be processed using the guidance provided in References 2.3 and 2.4. 7.0 SPECIAL TOOLS AND EQUIPMENT N/A 8.0 ACCEPTANCE CRITERIA 8.1 The equipment selected and/or recovery actions identified demonstrate that the nuclear safety performance criteria can be met. 9.0 INSTRUCTIONS 9.1 Background The nuclear safety goal stated in NFPA 805 is: "The nuclear safety goal is to provide reasonable assurance that a fire during any operational mode and plant configuration will not prevent the plant from achieving and maintaining the fuel in a safe and stable condition." Accomplishment of this goal will be through the management of shutdown and fire risk during high risk evolutions. The concept of protection of equipment from the effects of fire during plant shutdown conditions is discussed in NUREG-1449. In addition, the current industry approaches for evaluating risk during shutdown conditions involves both quantitative and qualitative assessments and is based on guidance provided in NUMARC 91-06 and 93-01. These guidance documents have been considered in the development of procedures used at FPIP-0126 Rev. 0 Page  7 of 13 each of Progress Energy nuclear plants to manage risk when the plants are in non-power modes or defueled (i.e. OMP-003 used at HNP). In order to assess the impact of a fire that might originate when the plant is in a shutdown mode, a nuclear safety assessment similar to that performed for safe shutdown components while the plant is at power shall be performed. This assessment shall be focused on those sets of systems and equipment that are required to ensure that Key Safety Functions (KSF) and safe shutdown conditions can be maintained while various outage related functions are performed. While it is expected that the majority of the equipment required to accomplish these functions would have been identified as required to support safe shutdown, there may be additional sets of systems or differences in the functional requirements and time dependencies on decay heat removal system operation for non-power operation than there was for full power operation. The guidance provided in this document will be used to identify systems, components, and cables required to ensure that these systems necessary to support each KSF will be available, or compliance strategies for maintaining the KSF are developed. This process should begin with a discussion of the objectives of this assessment with Probabilistic Risk Assessment (PRA), Fire Protection, Operations, and Outage Management Staffs to obtain their input and determine the best way to integrate the fire protection aspects of this assessment into existing Outage Management Processes. 9.2 Plant Outage Process During this step a review of existing plant management and risk assessment processes that are utilized during outages will be conducted. The purpose of this review is to identify those systems and equipment that is relied upon to provide Key Safety Functions (KSF) during each outage evolution. Each outage evolution identifies the diverse methods of achieving the KSF. For example to achieve the Decay Heat Removal KSF a plant may credit DHR Train A, DHR Train B, HPI Train A, HPI Train B, and Gravity Feed and Chemical and Volume Control. During this phase of the review, it will be necessary to identify those high risk evolutions that are typically performed during an outage in order to bound the number of systems that are credited in maintaining each of the Key Safety Functions. It is important to note that there may be new evolutions identified from outage to outage, but it is expected that the core systems credited to maintain the Key Safety Functions will remain the same, and new nuclear safety analysis will not need to be performed. 9.2.1 Identify the plant procedures, or directives, that are utilized to manage risk when the plant is shutdown. 9.2.2 Review these outage management procedures (or directives) and identify the Key Safety Functions that are considered. 9.2.3 Identify the various shutdown and fuel pool cooling evolutions that are performed during an outage, and categorize them as either low or high risk evolutions.  (NFPA 805, B.6) 9.2.4 For the high risk evolutions determine the methods (procedures) within these evolutions that are used to achieve the KSF.
If fire modeling is used to limit the damage in a fire area, document that fire modeling is credited and ensure the basis for acceptability of that model (location, type, and quantity of combustible, etc.) is FPIP-0126                                                           Rev. 0                                                         Page 11 of 13
FPIP-0126 Rev. 0 Page  8 of 13 9.2.5 Review the procedures utilized to conduct these evolutions to identify the systems and equipment that is credited. 9.3 Identification of Required Equipment 9.3.1 For systems relied upon to achieve, or support, one or more of the outage evolutions, and the Key Safety Functions identified in subsection 9.2, the guidance provided in FPIP-0104 (Reference 2.3) will be utilized in identifying the components required for each of the high risk outage evolutions.
9.3.2 System and plant operating procedures, as well as flow diagrams, and operations training lessons plans should be considered in identification of systems, components, and functions required.
9.3.3 If a component is required to achieve one of the Key Safety Functions, and it is already credited to perform a nuclear safety function (i.e. safe shutdown of plant) when the plant is at power, it should be reviewed to identify any differences in required position and/or function. For example, the existing nuclear safety analysis (Appendix R/NUREG-0800 analysis) may credit the valve in the closed position however; the valve may be required open for shutdown modes of operation.
9.3.4 Components that are required to perform or support an outage function will be identified in the plant's FSSPMD as required for "Non-Power Operation".
9.3.4.1 If the outage related component is not already included in the FSSPMD, a new record shall be added to the SSEL and fields completed as prescribed in FPIP-0104. 9.3.4.2 If the outage related component is already in the FSSPMD as required to support post-fire safe shutdown, and if operating modes are the same as the safe shutdown component, all that is required is to flag the component as required for "Non-Power Operation". 9.3.4.3 If the outage related component is already on the FSSPMD SSEL, but the operating mode for performing the outage evolution is different, a new record shall be created. 9.3.4.4 The key safety function(s) that the component supports will be identified in a separate field. It should be noted that some components such as those for the Emergency Service Water System may support more that one KSF, and each of them should be identified. 9.3.5 Power sources necessary to support the equipment needed for non-power operation modes should also be identified, similar to the method used for power operation in FPIP-0104. These power supplies should also be identified as required for "Non-Power Operations". 9.4 Circuit Analysis 9.4.1 For each new electrically operated component that is added to the SSEL to perform, or support, an outage function a circuit analysis shall be completed and documented in accordance with FPIP-0105 (Reference 2.4). The Circuit FPIP-0126 Rev. 0 Page  9 of 13 Information Form included in the FSSPMD shall be completed using the input criteria, assumptions, notes, definitions, and standard abbreviations contained in FPIP-0105. 9.4.2 If the component currently has a completed circuit analysis that was performed for a nuclear safety function, but the required position/function of the component to perform its outage function is different that that for safe shutdown, a new circuit analysis utilizing FPIP-0105 shall be performed for the new position since different failures modes will need to be considered. 9.5 Identification of Equipment/Cable or Recovery Action Location 9.5.1 New equipment that is added to the SSEL in the FSSPMD will be identified as to which fire zone it is located when the component is entered into the FSSPMD utilizing Reference 2.3. 9.5.2 Additional cables that are identified for inclusion in the FSSPMD as part of this non-power operations review will be incorporated utilizing the process described in Reference 2.4. 9.5.3 If a recovery (i.e. manual) action is credited to satisfy a KSF (i.e. alignment of gravity feed), the location (fire zone or fire area) of this action shall be identified so that it can be factored into the fire area assessment. 9.6 Fire Area Assessment 9.6.1 Identify those areas ("pinch points") where a single fire might damage (or impede) all credited paths, or affect recovery actions used to perform a KSF. It should be noted that some KSFs may be achieved solely by the performance of some recovery action (i.e. alignment of gravity feed). 9.6.2 Pinch points will be identified using the following process: 9.6.2.1 As previously identified, the FSSPMD will be utilized to store information on components and circuits, as well as their locations within the plant, associated with a specific KSF can not be credited. 9.6.2.2 Reports provided from FSSPMD will identify the components associated with a given KSF in the fire area that may be damaged by a fire and therefore can not be credited. 9.6.2.3 The data outputs will then be reviewed to determine if the minimum requirements (components and systems) are met to ensure that the KSF will remain available. 9.6.3 Fire modeling may be used to determine if the postulated fire would be expected to damage required equipment, or impede recovery actions. 9.6.4 In addition to the review of outage planning and assessment processes, the plant's Technical Specifications and any Administrative control procedures that could affect the availability of equipment required during non-power operational modes should be considered.
FPIP-0126 Rev. 0 Page  10 of 13 9.6.5 Fire protection system operability requirements and transient combustible control programs should be reviewed to identify any practices that are unique to shutdown modes. 9.6.6 For those fire areas where a single fire may damage all credited paths used to perform a KSF, the following options (compliance strategies) should be considered and incorporated into the outage management and planning procedures to reduce the risk from fire depending upon the significance of the potential damage:  Prohibition or limitation of hot work in fire areas during periods of increased vulnerability. Verification of operable detection and /or suppression in the vulnerable areas. Prohibition or limitation of combustible materials in fire areas during periods of increased vulnerability. Provision of additional fire patrols at periodic intervals or other appropriate compensatory measures (such as surveillance cameras) during increased vulnerability. Use of recovery actions to mitigate potential losses of key safety functions. This could include staging of backup equipment, repair capabilities, or contingency plans to account for increased vulnerability. Identification and monitoring of in-situ ignition sources for "fire precursors" (e.g., equipment temperatures). 9.7 Documentation 9.7.1 Additional components selected, and circuit analyses performed, shall be entered into the FSSPMD and changes documented utilizing the Change Control process described in Reference 2.2. 9.7.2 A description of the Non-Power operational modes review and it results shall be incorporated into the plant's Shutdown Calculation. This will be performed by preparing a mark-up of the calculation with necessary attachments for incorporation into the calculation at the next update. 9.7.3 Prepare a Transition Report that summarizes the results of this fire area assessment, and documents the vulnerabilities identified. This report shall also include any recommendation for modifying procedures utilized to manage risk during plant shutdown and outage periods to ensure that Key Safety Functions are not compromised in the event of a fire during high risk evolutions. 9.7.4 Included with the Transition Report should be a summary of the tasks that were performed to demonstrate that the nuclear safety performance criteria are met for high risk evolutions that are performed during non-power operational modes. The accomplishment of these tasks should be documented using the format provided in Table F-1 of Reference 2.6 (see Attachment 1 to this procedure). 10.0 RECORDS Refer to FPIP-0100 (Reference 2.2) for guidance on electronic storage/filing of project documents.
ATTACHMENT 1 Sheet 1 of 1 NFPA 805 - Non-Power Operational Guidance FPIP-0126 Rev. 0 Page  11 of 13 Table F-1 NFPA 805 - Non-Power Operational Guidance NFPA 805 Requirements Implementing Guidance Process and Results The nuclear safety goal is to provide reasonable assurance that a fire during any operational mode and plant configuration will not prevent the plant from achieving and maintaining the fuel in a safe and stable condition. Review existing plant outage processes (outage management and outage risk assessments) to determine equipment relied upon to provide Key Safety Functions (KSF) including support functions. Each outage evolution identifies the diverse methods of achieving the KSF. For example to achieve the Decay Heat Removal KSF a plant may credit DHR Train A, DHR Train B, HPI Train A, HPI Train B, and Gravity Feed and Chemical and Volume Control. List the KSFs and the systems / components required to support those function. Identify those systems / components that require additional analyses. For example, a KSF may rely on instrumentation that is currently not part of the "Safe Shutdown Analysis", or a component may have been modeled in one position (closed, off, etc.) but to support the KSF it would need to be evaluated in an additional positions (open, on, etc.) For those additional components, perform circuit analysis, location tasks described in Appendix B of NFPA 805. Document the results. Identify locations where 1) fires may cause damage to the equipment (and cabling) credited above, or 2) recovery actions credited for the KSF are performed (for those KSFs that are achieved solely by recovery action i.e., alignment of gravity feed). Evaluate on a fire area basis the loss of KSFs. Document those areas Identify fire areas where a single fire may damage all the credited paths for a KSF.
This may include fire modeling to determine if a postulated fire (MEFS -
LFS) would be expected to damage equipment required. For the areas identified above, determine if a single fire in the area can cause a loss of all credited paths for a KSF. Conservatively, assume the entire contents of a fire area are lost. If this does not result in the loss of all credited paths for a KSF, document success. If fire modeling is used to limit the damage in a fire area, document that fire modeling is credited and ensure the basis for acceptability of that model (location, type, and quantity of combustible, etc.) is ATTACHMENT 1 Sheet 1 of 1 NFPA 805 - Non-Power Operational Guidance FPIP-0126 Rev. 0 Page 12 of 13 Table F-1 NFPA 805 - Non-Power Operational Guidance NFPA 805 Requirements Implementing Guidance Process and Results documented. These critical design inputs are required to be maintained during outage modes. See next step below.
For those areas consider one or more of the following options to mitigate potential fire damage depending upon the significance of the potential damage:


o Prohibition or limitation of hot work in fire areas during periods of increased vulnerability o Verification of operable detection and /or suppression in the vulnerable areas. o Prohibition or limitation of combustible materials in fire areas during periods of increased vulnerability o Provision of additional fire patrols at periodic intervals or other appropriate compensatory measures (such as surveillance cameras) during increased vulnerability o Use of recovery actions to mitigate potential losses o Identification and monitoring insitu ignition sources for "fire precursors" (e.g., equipment temperatures). Integrate the results of the analysis performed above into the plant's outage management process. To the extent practical pre-plan the options for achieving the KSF. See list to the left.
ATTACHMENT 1 Sheet 1 of 1 NFPA 805 - Non-Power Operational Guidance Table F-1 NFPA 805 - Non-Power Operational Guidance NFPA 805 Requirements                          Implementing Guidance                          Process and Results documented. These critical design inputs are required to be maintained during outage modes. See next step below.
For those areas consider one or more of      Integrate the results of the analysis the following options to mitigate potential    performed above into the plants outage fire damage depending upon the                management process.
significance of the potential damage:        To the extent practical pre-plan the options o Prohibition or limitation of hot work in     for achieving the KSF. See list to the left.
fire areas during periods of increased vulnerability o Verification of operable detection and
                                                        /or suppression in the vulnerable areas.
o Prohibition or limitation of combustible materials in fire areas during periods of increased vulnerability o Provision of additional fire patrols at periodic intervals or other appropriate compensatory measures (such as surveillance cameras) during increased vulnerability o Use of recovery actions to mitigate potential losses o Identification and monitoring insitu ignition sources for fire precursors (e.g., equipment temperatures).
(The above Table is from NEI 04-02, Revision 1)
(The above Table is from NEI 04-02, Revision 1)
FPIP-0126                                                            Rev. 0                                                          Page 12 of 13
REVISION  
REVISION  


==SUMMARY==
==SUMMARY==
Sheet 1 of 1 FPIP-0126 Rev. 0 Page 13 of 13 Rev. 0 - Initial issue}}
 
Sheet 1 of 1 Rev. 0 - Initial issue FPIP-0126                 Rev. 0       Page 13 of 13}}

Latest revision as of 05:25, 23 November 2019

FPIP-0126, Rev 0, Non-Power Operational Modes Transition Review. 05/21/2007 Clarification Phone Call Regarding Pilot Plant (Shearon Harris) Transition to NFPA 805
ML071630512
Person / Time
Site: Harris Duke Energy icon.png
Issue date: 05/21/2007
From: Reichle S
Nuclear Generation Group, Progress Energy Co
To:
Office of Nuclear Reactor Regulation
References
FPIP-0126, Rev 0
Download: ML071630512 (13)


Text

I Information Use FIRE PROTECTION INITIATIVES PROJECT PROJECT PROCEDURE FPIP-0126 NON-POWER OPERATIONAL MODES TRANSITION REVIEW Revision 0 Reichle, Stephen Began, Keith Jeffery Digitally signed by Jeffery Ertman DN: cn=Jeffery Ertman, c=US, Prepared By Reviewed By o=Progress Energy, ou=NGG 2007.05.07 07:58:12 -04'00' 2007.05.07 08:02:27 -04'00' Ertman Date: 2007.05.07 08:16:03 -04'00' Prepared By / Date Reviewed By / Date Approved By / Date FPIP-0126 Rev. 0 Page 1 of 13

TABLE OF CONTENTS SECTION PAGE 1.0 PURPOSE ................................................................................................................................. 3

2.0 REFERENCES

........................................................................................................................... 3 3.0 DEFINITIONS ............................................................................................................................ 3 4.0 RESPONSIBILITIES .................................................................................................................. 5 5.0 PREREQUISITES ...................................................................................................................... 6 6.0 PRECAUTIONS AND LIMITATIONS.......................................................................................... 6 7.0 SPECIAL TOOLS AND EQUIPMENT ........................................................................................ 6 8.0 ACCEPTANCE CRITERIA ......................................................................................................... 6 9.0 INSTRUCTIONS ........................................................................................................................ 6 9.1 Background ....................................................................................................................... 6 9.2 Plant Outage Process........................................................................................................ 7 9.3 Identification of Required Equipment ................................................................................. 8 9.4 Circuit Analysis .................................................................................................................. 8 9.5 Identification of Equipment/Cable or Recovery Action Location ......................................... 9 9.6 Fire Area Assessment ....................................................................................................... 9 9.7 Documentation ................................................................................................................ 10 10.0 RECORDS ............................................................................................................................... 10 ATTACHMENTS 1 NFPA 805 - Non-Power Operational Guidance........................................................................ 11 REVISION

SUMMARY

........................................................................................................................ 13 FPIP-0126 Rev. 0 Page 2 of 13

1.0 PURPOSE The purpose of this project procedure is to describe the process used to demonstrate that the nuclear safety performance criteria outlined in NFPA 805 are met for high risk evolutions that are performed during non-power operational modes. This procedure does not include development of new, or modification of existing, procedures to be utilized in managing risk post NFPA 805 transition.

This project procedure follows the guidance provided in Section 4.3.3 of NEI 04-02 (Reference 2.6) for performing a transitional review of high risk evolutions that are performed while the plant is in one of the non-power operational modes, and could impact Key Safety Functions.

The Fire Protection Initiatives Project has issued this instruction for the purpose of providing project level guidance during transition of the Progress Energy nuclear plant fleet to NFPA 805.

At the completion of the tasks covered by this instruction, it will be cancelled or converted to a NGGC procedure as appropriate.

2.0 REFERENCES

2.1 NGG Fire Protection Program Improvement Initiatives Project Plan 2.2 FPIP-0100, Fire Protection Initiatives Project, Project Controls 2.3 FPIP-0104, Safe Shutdown Equipment List and Fault Tree Logics 2.4 FPIP-0105, Safe Shutdown Circuit Analysis 2.5 National Fire Protection Association (NFPA) Standard 805-2001, Performance Based Standard for Fire Protection for Light Water Reactor Electric Generating Plants, Section B.6 2.6 Nuclear Energy Institute (NEI) 04-02, Revision 1, Guidance for Implementing a Risk-Informed, Performance-Based Program Under 10CFR50.48(c) 2.7 NUREG-1449, Final Report, Shutdown and Low-Power Operation at Commercial Nuclear Power Plants in the United Stated, September, 1993 2.8 NUMARC 91-06, Guidelines for Industry Actions to Assess Shutdown Management 2.9 NUMARC 93-01, Industry Guidelines for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants 2.10 OMP-003, Outage Shutdown Risk Management (Harris plant document) 3.0 DEFINITIONS 3.1 High Risk Evolution Outage activities, plant configurations or conditions during shutdown where the plant is more susceptible to an event causing the loss of a key safety function.

(NUMARC 91-06)

FPIP-0126 Rev. 0 Page 3 of 13

3.2 Key Safety Function Those functions required to ensure nuclear safety during shutdown consisting of decay heat removal capability (both when the core is in the vessel AND in the spent fuel pool),

inventory control, power availability, reactivity control, pressure control, and containment.

Specifically the Key Safety Functions to be considered are (OMP-003):

Decay Heat Removal The ability to maintain reactor coolant system (RCS) temperature and pressure, and spent fuel pool (SFP) temperature below specified limits following a shutdown.

Inventory Control Measures established to ensure that irradiated fuel remains covered with coolant to maintain heat transfer and shielding requirements.

Power Availability The ability to provide AC or DC power to the components required to provide the Key Safety Functions.

Reactivity Control Measures established to preclude inadvertent dilutions, criticalities, power excursions or losses of shutdown margin, and to predict and monitor core behavior.

Containment The action to secure primary (PWR) or secondary (BWR) containment and its associated structures, systems, and components as a functional barrier to fission product release under existing plant conditions.

3.3 Fire Safe Shutdown Program Manager and Database (FSSPMD)

The FSSPM is a software program and database that has been developed for use in managing the post-fire safe shutdown data and analysis for the Progress Energy nuclear fleet. An independent version of this Program has been developed for each Progress Energy nuclear site. The Program contains data and information on components, circuits, and cables that are credited in effecting a safe shutdown at that plant in the event of a fire. The Program is also used to store data on non-power operations and probabilistic risk assessment components, and has the capability to generate the necessary reports that will document how compliance with NRC regulations is maintained.

3.4 Recovery Action Activities to achieve the nuclear safety performance criteria that take place outside of the main control room or outside of the primary control station(s) for the equipment being operated, including the replacement or modification of components.

FPIP-0126 Rev. 0 Page 4 of 13

3.5 Risk Management Integrated process of assessing and reducing the likelihood and/or consequences of an adverse event. (NUMARC 91-06) 3.6 Terms 3.6.1 May Denotes permission, not a requirement or a recommendation.

3.6.2 Shall Denotes a requirement or a mandatory activity.

3.6.3 Should Denotes an expected action unless there is justifiable reason not to perform the action.

4.0 RESPONSIBILITIES 4.1 CES Fire Protection Initiatives Project Manager 4.1.1 Ensuring that work performed under their supervision is performed in accordance with this instruction.

4.1.2 Approval of each plants Transition Report.

4.2 Site Fire Protection Initiative Project Coordinator 4.2.1 Ensuring that Fire Protection Initiative Project tasks and deliverables associated with their plant is performed in accordance with this procedure.

4.2.2 Review and approval of their plants Transition Report 4.3 Site Safe Shutdown Engineer 4.3.1 Review and approve the list of equipment and circuit analyses required to ensure the ability to achieve Key Safety Functions are not adversely impacted from a fire during non-power operations.

4.4 Safe Shutdown Engineer 4.4.1 Contacting designated individuals within the plants various departments (Operations, Outage Management, Scheduling, etc.) that are familiar with typical high risk evolutions that are performed during non-power operating modes to identify those systems that need to be considered within the scope of this review.

4.4.2 Identification of equipment required during non-power operations to ensure that Key Safety Functions are maintained.

FPIP-0126 Rev. 0 Page 5 of 13

4.4.3 Preparation of new and modified circuit analyses for equipment identified in 4.4.1.

4.4.4 Performance of a fire area assessment for non-power operations, and preparation of the Transition Report.

4.5 Fire Protection Engineer 4.5.1 Provide support to the Safe Shutdown Engineers on an as needed basis to assess situations (scenarios) where fire modeling might prove to be a strategy for demonstrating that fire will not affect a Key Safety Function.

4.5.2 Perform fire modeling for scenarios where a Key Safety Functions may not be affected or lost as a result of a fire in a given area.

5.0 PREREQUISITES 5.1 Personnel assigned to prepare or review documents under this Project procedure shall have the required level of training, completed qualifications for a Post-Fire Safe Shutdown Engineer.

6.0 PRECAUTIONS AND LIMITATIONS 6.1 This procedure does not provide guidance on how to control changes to safe shutdown database (e.g. FSSPMD). Changes to the SSEL and the circuit analysis in the database are to be processed using the guidance provided in References 2.3 and 2.4.

7.0 SPECIAL TOOLS AND EQUIPMENT N/A 8.0 ACCEPTANCE CRITERIA 8.1 The equipment selected and/or recovery actions identified demonstrate that the nuclear safety performance criteria can be met.

9.0 INSTRUCTIONS 9.1 Background The nuclear safety goal stated in NFPA 805 is:

The nuclear safety goal is to provide reasonable assurance that a fire during any operational mode and plant configuration will not prevent the plant from achieving and maintaining the fuel in a safe and stable condition.

Accomplishment of this goal will be through the management of shutdown and fire risk during high risk evolutions.

The concept of protection of equipment from the effects of fire during plant shutdown conditions is discussed in NUREG-1449. In addition, the current industry approaches for evaluating risk during shutdown conditions involves both quantitative and qualitative assessments and is based on guidance provided in NUMARC 91-06 and 93-01. These guidance documents have been considered in the development of procedures used at FPIP-0126 Rev. 0 Page 6 of 13

each of Progress Energy nuclear plants to manage risk when the plants are in non-power modes or defueled (i.e. OMP-003 used at HNP).

In order to assess the impact of a fire that might originate when the plant is in a shutdown mode, a nuclear safety assessment similar to that performed for safe shutdown components while the plant is at power shall be performed. This assessment shall be focused on those sets of systems and equipment that are required to ensure that Key Safety Functions (KSF) and safe shutdown conditions can be maintained while various outage related functions are performed. While it is expected that the majority of the equipment required to accomplish these functions would have been identified as required to support safe shutdown, there may be additional sets of systems or differences in the functional requirements and time dependencies on decay heat removal system operation for non-power operation than there was for full power operation.

The guidance provided in this document will be used to identify systems, components, and cables required to ensure that these systems necessary to support each KSF will be available, or compliance strategies for maintaining the KSF are developed.

This process should begin with a discussion of the objectives of this assessment with Probabilistic Risk Assessment (PRA), Fire Protection, Operations, and Outage Management Staffs to obtain their input and determine the best way to integrate the fire protection aspects of this assessment into existing Outage Management Processes.

9.2 Plant Outage Process During this step a review of existing plant management and risk assessment processes that are utilized during outages will be conducted. The purpose of this review is to identify those systems and equipment that is relied upon to provide Key Safety Functions (KSF) during each outage evolution. Each outage evolution identifies the diverse methods of achieving the KSF. For example to achieve the Decay Heat Removal KSF a plant may credit DHR Train A, DHR Train B, HPI Train A, HPI Train B, and Gravity Feed and Chemical and Volume Control.

During this phase of the review, it will be necessary to identify those high risk evolutions that are typically performed during an outage in order to bound the number of systems that are credited in maintaining each of the Key Safety Functions. It is important to note that there may be new evolutions identified from outage to outage, but it is expected that the core systems credited to maintain the Key Safety Functions will remain the same, and new nuclear safety analysis will not need to be performed.

9.2.1 Identify the plant procedures, or directives, that are utilized to manage risk when the plant is shutdown.

9.2.2 Review these outage management procedures (or directives) and identify the Key Safety Functions that are considered.

9.2.3 Identify the various shutdown and fuel pool cooling evolutions that are performed during an outage, and categorize them as either low or high risk evolutions.

(NFPA 805, B.6) 9.2.4 For the high risk evolutions determine the methods (procedures) within these evolutions that are used to achieve the KSF.

FPIP-0126 Rev. 0 Page 7 of 13

9.2.5 Review the procedures utilized to conduct these evolutions to identify the systems and equipment that is credited.

9.3 Identification of Required Equipment 9.3.1 For systems relied upon to achieve, or support, one or more of the outage evolutions, and the Key Safety Functions identified in subsection 9.2, the guidance provided in FPIP-0104 (Reference 2.3) will be utilized in identifying the components required for each of the high risk outage evolutions.

9.3.2 System and plant operating procedures, as well as flow diagrams, and operations training lessons plans should be considered in identification of systems, components, and functions required.

9.3.3 If a component is required to achieve one of the Key Safety Functions, and it is already credited to perform a nuclear safety function (i.e. safe shutdown of plant) when the plant is at power, it should be reviewed to identify any differences in required position and/or function. For example, the existing nuclear safety analysis (Appendix R/NUREG-0800 analysis) may credit the valve in the closed position however; the valve may be required open for shutdown modes of operation.

9.3.4 Components that are required to perform or support an outage function will be identified in the plants FSSPMD as required for Non-Power Operation.

9.3.4.1 If the outage related component is not already included in the FSSPMD, a new record shall be added to the SSEL and fields completed as prescribed in FPIP-0104.

9.3.4.2 If the outage related component is already in the FSSPMD as required to support post-fire safe shutdown, and if operating modes are the same as the safe shutdown component, all that is required is to flag the component as required for Non-Power Operation.

9.3.4.3 If the outage related component is already on the FSSPMD SSEL, but the operating mode for performing the outage evolution is different, a new record shall be created.

9.3.4.4 The key safety function(s) that the component supports will be identified in a separate field. It should be noted that some components such as those for the Emergency Service Water System may support more that one KSF, and each of them should be identified.

9.3.5 Power sources necessary to support the equipment needed for non-power operation modes should also be identified, similar to the method used for power operation in FPIP-0104. These power supplies should also be identified as required for Non-Power Operations.

9.4 Circuit Analysis 9.4.1 For each new electrically operated component that is added to the SSEL to perform, or support, an outage function a circuit analysis shall be completed and documented in accordance with FPIP-0105 (Reference 2.4). The Circuit FPIP-0126 Rev. 0 Page 8 of 13

Information Form included in the FSSPMD shall be completed using the input criteria, assumptions, notes, definitions, and standard abbreviations contained in FPIP-0105.

9.4.2 If the component currently has a completed circuit analysis that was performed for a nuclear safety function, but the required position/function of the component to perform its outage function is different that that for safe shutdown, a new circuit analysis utilizing FPIP-0105 shall be performed for the new position since different failures modes will need to be considered.

9.5 Identification of Equipment/Cable or Recovery Action Location 9.5.1 New equipment that is added to the SSEL in the FSSPMD will be identified as to which fire zone it is located when the component is entered into the FSSPMD utilizing Reference 2.3.

9.5.2 Additional cables that are identified for inclusion in the FSSPMD as part of this non-power operations review will be incorporated utilizing the process described in Reference 2.4.

9.5.3 If a recovery (i.e. manual) action is credited to satisfy a KSF (i.e. alignment of gravity feed), the location (fire zone or fire area) of this action shall be identified so that it can be factored into the fire area assessment.

9.6 Fire Area Assessment 9.6.1 Identify those areas (pinch points) where a single fire might damage (or impede) all credited paths, or affect recovery actions used to perform a KSF. It should be noted that some KSFs may be achieved solely by the performance of some recovery action (i.e. alignment of gravity feed).

9.6.2 Pinch points will be identified using the following process:

9.6.2.1 As previously identified, the FSSPMD will be utilized to store information on components and circuits, as well as their locations within the plant, associated with a specific KSF can not be credited.

9.6.2.2 Reports provided from FSSPMD will identify the components associated with a given KSF in the fire area that may be damaged by a fire and therefore can not be credited.

9.6.2.3 The data outputs will then be reviewed to determine if the minimum requirements (components and systems) are met to ensure that the KSF will remain available.

9.6.3 Fire modeling may be used to determine if the postulated fire would be expected to damage required equipment, or impede recovery actions.

9.6.4 In addition to the review of outage planning and assessment processes, the plants Technical Specifications and any Administrative control procedures that could affect the availability of equipment required during non-power operational modes should be considered.

FPIP-0126 Rev. 0 Page 9 of 13

9.6.5 Fire protection system operability requirements and transient combustible control programs should be reviewed to identify any practices that are unique to shutdown modes.

9.6.6 For those fire areas where a single fire may damage all credited paths used to perform a KSF, the following options (compliance strategies) should be considered and incorporated into the outage management and planning procedures to reduce the risk from fire depending upon the significance of the potential damage:

  • Prohibition or limitation of hot work in fire areas during periods of increased vulnerability.
  • Verification of operable detection and /or suppression in the vulnerable areas.
  • Prohibition or limitation of combustible materials in fire areas during periods of increased vulnerability.
  • Provision of additional fire patrols at periodic intervals or other appropriate compensatory measures (such as surveillance cameras) during increased vulnerability.
  • Use of recovery actions to mitigate potential losses of key safety functions.

This could include staging of backup equipment, repair capabilities, or contingency plans to account for increased vulnerability.

  • Identification and monitoring of in-situ ignition sources for fire precursors (e.g., equipment temperatures).

9.7 Documentation 9.7.1 Additional components selected, and circuit analyses performed, shall be entered into the FSSPMD and changes documented utilizing the Change Control process described in Reference 2.2.

9.7.2 A description of the Non-Power operational modes review and it results shall be incorporated into the plants Shutdown Calculation. This will be performed by preparing a mark-up of the calculation with necessary attachments for incorporation into the calculation at the next update.

9.7.3 Prepare a Transition Report that summarizes the results of this fire area assessment, and documents the vulnerabilities identified. This report shall also include any recommendation for modifying procedures utilized to manage risk during plant shutdown and outage periods to ensure that Key Safety Functions are not compromised in the event of a fire during high risk evolutions.

9.7.4 Included with the Transition Report should be a summary of the tasks that were performed to demonstrate that the nuclear safety performance criteria are met for high risk evolutions that are performed during non-power operational modes.

The accomplishment of these tasks should be documented using the format provided in Table F-1 of Reference 2.6 (see Attachment 1 to this procedure).

10.0 RECORDS Refer to FPIP-0100 (Reference 2.2) for guidance on electronic storage/filing of project documents.

FPIP-0126 Rev. 0 Page 10 of 13

ATTACHMENT 1 Sheet 1 of 1 NFPA 805 - Non-Power Operational Guidance Table F-1 NFPA 805 - Non-Power Operational Guidance NFPA 805 Requirements Implementing Guidance Process and Results The nuclear safety goal is to provide Review existing plant outage processes List the KSFs and the systems /

reasonable assurance that a fire during any (outage management and outage risk components required to support those operational mode and plant configuration will assessments) to determine equipment function.

not prevent the plant from achieving and relied upon to provide Key Safety Identify those systems / components that maintaining the fuel in a safe and stable Functions (KSF) including support require additional analyses. For example, condition. functions. Each outage evolution a KSF may rely on instrumentation that is identifies the diverse methods of currently not part of the Safe Shutdown achieving the KSF. For example to Analysis, or a component may have been achieve the Decay Heat Removal KSF a modeled in one position (closed, off, etc.)

plant may credit DHR Train A, DHR Train but to support the KSF it would need to be B, HPI Train A, HPI Train B, and Gravity evaluated in an additional positions (open, Feed and Chemical and Volume Control. on, etc.)

For those additional components, perform circuit analysis, location tasks described in Appendix B of NFPA 805. Document the results.

Identify locations where 1) fires may Evaluate on a fire area basis the loss of cause damage to the equipment (and KSFs. Document those areas cabling) credited above, or 2) recovery actions credited for the KSF are performed (for those KSFs that are achieved solely by recovery action i.e.,

alignment of gravity feed).

Identify fire areas where a single fire may For the areas identified above, determine if damage all the credited paths for a KSF. a single fire in the area can cause a loss of This may include fire modeling to all credited paths for a KSF.

determine if a postulated fire (MEFS - Conservatively, assume the entire contents LFS) would be expected to damage of a fire area are lost. If this does not result equipment required. in the loss of all credited paths for a KSF, document success.

If fire modeling is used to limit the damage in a fire area, document that fire modeling is credited and ensure the basis for acceptability of that model (location, type, and quantity of combustible, etc.) is FPIP-0126 Rev. 0 Page 11 of 13

ATTACHMENT 1 Sheet 1 of 1 NFPA 805 - Non-Power Operational Guidance Table F-1 NFPA 805 - Non-Power Operational Guidance NFPA 805 Requirements Implementing Guidance Process and Results documented. These critical design inputs are required to be maintained during outage modes. See next step below.

For those areas consider one or more of Integrate the results of the analysis the following options to mitigate potential performed above into the plants outage fire damage depending upon the management process.

significance of the potential damage: To the extent practical pre-plan the options o Prohibition or limitation of hot work in for achieving the KSF. See list to the left.

fire areas during periods of increased vulnerability o Verification of operable detection and

/or suppression in the vulnerable areas.

o Prohibition or limitation of combustible materials in fire areas during periods of increased vulnerability o Provision of additional fire patrols at periodic intervals or other appropriate compensatory measures (such as surveillance cameras) during increased vulnerability o Use of recovery actions to mitigate potential losses o Identification and monitoring insitu ignition sources for fire precursors (e.g., equipment temperatures).

(The above Table is from NEI 04-02, Revision 1)

FPIP-0126 Rev. 0 Page 12 of 13

REVISION

SUMMARY

Sheet 1 of 1 Rev. 0 - Initial issue FPIP-0126 Rev. 0 Page 13 of 13