Text

Changes Related to AP1000 Gts Subsection 3.8.5, Distribution Systems Operating
	ML22240A111
Person / Time
Issue date:	04/29/2016
From:	; NRC/NRR/DSS/STSB
To:	;
	Craig Harbuck NRR/DSS 301-415-3140
Shared Package
ML22240A001	List: ML22240A003; ML22240A005; ML22240A006; ML22240A007; ML22240A008; ML22240A010; ML22240A011; ML22240A012; ML22240A013; ML22240A014; ML22240A015; ML22240A016; ML22240A017; ML22240A018; ML22240A019; ML22240A020; ML22240A021; ML22240A022; ML22240A023; ML22240A024; ML22240A026; ML22240A027; ML22240A028; ML22240A030; ML22240A031; ML22240A033; ML22240A035; ML22240A036; ML22240A037; ML22240A038; ML22240A040; ML22240A041; ML22240A042; ML22240A043; ML22240A044; ML22240A045; ML22240A046; ML22240A047; ML22240A049; ML22240A050; ML22240A051; ML22240A052; ML22240A053; ML22240A054; ML22240A056; ML22240A057; ML22240A058; ML22240A059; ML22240A060; ML22240A061; ... further results
References
	Download: ML22240A111 (49)
	v • d • e

GTST AP1000-B85-3.8.5, Rev. 1

Advanced Passive 1000 (AP1000)

Generic Technical Specification Traveler (GTST)

Title:

Changes related to Section 3.8.5, Distribution Systems - Operating

I. Technical Specifications Task Force (TSTF) Travelers, Approved Since Revision 2 of STS NUREG-1431, and Used to Develop this GTST

TSTF Number and

Title:

TSTF-425, Rev. 3, Relocate Surveillance Frequencies to Licensee Control - RITSTF Initiative 5b TSTF-439-A, Rev. 2, Eliminate Second Completion Times Limiting Time from Discovery of Failure to Meet an LCO

STS NUREGs Affected:

TSTF-425, Rev. 3: NUREG -1430, -1431, -1432, -1433, and -1434 TSTF-439-A, Rev. 2: NUREG -1430, -1431, -1432, -1433, and -1434

NRC Approval Date:

TSTF-425, Rev. 3: 18-Mar -2009 TSTF-439-A, Rev. 2: 01-Dec -2005

TSTF Classification:

TSTF-425, Rev. 3: Technical Change TSTF-439-A, Rev. 2: Technical Change

Date report generated:

Wednesday, April 29, 2015 Page 1 GTST AP1000-B85-3.8.5, Rev. 1

II. Reference Combined License (RCOL) Standard Departures (Std. Dep.), RCOL COL Items, and RCOL Plant -Specific Technical Specifications (PTS) Changes Used to Develop this GTST

RCOL Std. Dep. Number and

Title:

None

RCOL COL Item Number and

Title:

None

RCOL PTS Change Number and

Title:

VEGP LAR DOC A104: Revision of TS 3.8.5 Condition E to add of Condition A, B, C, or D.

VEGP LAR DOC A112: Revision of TS 3.8.5 to delete bus from the name for subsystem AC instrument and control and to specify the two electrical power distribution subsystems in a list format. Also, revise wording such that the description of a Condition ends with Division inoperable or Divisions inoperable, and the description of a Required Action ends with Division to OPERABLE status. (DOC 112 was revised in response to NRC RAI letter No. 01, Question 16-16.)

VEGP LAR DOC L04: VEGP TS Section 1.3, Completion Time is revised to remove second Completion Time and replace the current discussion of second Completion Time with a new one.

Date report generated:

Wednesday, April 29, 2015 Page 2 GTST AP1000-B85-3.8.5, Rev. 1

III. Comments on Relations Among TSTFs, RCOL Std. Dep., RCOL COL Items, and RCOL PTS Changes

This section discusses the considered changes that are: (1) applicable to operating reactor designs, but not to the AP1000 design; (2) already incorporated in the GTS; or (3) superseded by another change.

TSTF-439-A and VEGP LAR DOC L04 address same changes in AP1000 TS 3.8.5. Following incorporation of changes due to TSTF-439-A, no additional change was needed for VEGP LAR L04.

TSTF-432, Rev. 1, Changes to Technical Specification End States, is based on Topical Report, WCAP-16294. WCAP-16294 did not consider AP1000 design and is therefore not applicable for AP1000 STS without further analyses. TSTF-432 was not considered.

TSTF-425 is deferred for future consideration.

Rev. 0 version of this GTST included a number of changes replacing bus[es] with electric power distribution system(s) or division. Based on APOG comments, it is recognized that the use of the term is appropriate in many locations and previous changes were withdrawn/corrected. However, some additional editorial changes are included, as presented in Section VI of this GTST, under heading Description of additional changes proposed by NRC staff/preparer of GTST. The changes also ensure use of electrical power system, as opposed to electric power system and avoid use of and/or per writer's guide.

Date report generated:

Wednesday, April 29, 2015 Page 3 GTST AP1000-B85-3.8.5, Rev. 1

IV. Additional Changes Proposed as Part of this GTST (modifications proposed by NRC staff and/or clear editorial changes or deviations identified by preparer of GTST)

Editorial changes and corrections in the Background section of the Bases, in addition to that recommended by APOG.

Editorial changes and corrections in the LCO section of the Bases, in addition to that recommended by APOG.

Editorial changes and corrections in the Actions section of the Bases, in addition to that recommended by APOG.

Editorial changes and corrections in the Surveillance Requirements section of the Bases, in addition to that recommended by APOG.

APOG Recommended Changes to Improve the Bases

Throughout the Bases, references to Sections and Chapters of the FSAR do not include the FSAR clarifier. Since these Section and Chapter references are to an external document, it is appropriate to include the FSAR modifier. (DOC A003)

Make editorial changes in the Background section of the Bases for clarity and consistency.

Make editorial changes in the Applicable Safety Analyses section of the Bases for clarity and consistency.

Make editorial changes in the LCO section of the Bases for clarity and consistency.

Make editorial changes in the Actions section of the Bases for clarity and consistency.

Make editorial changes in the Surveillance Requirements section of the Bases for clarity and consistency.

Make editorial changes in Table 3.8.5-1 in Bases for clarity.

Date report generated:

Wednesday, April 29, 2015 Page 4 GTST AP1000-B85-3.8.5, Rev. 1

V. Applicability

Affected Generic Technical Specifications and Bases:

Section 3.8.5, Distribution Systems - Operating

Changes to the Generic Technical Specifications and Bases:

TS 3.8.5 Distribution Systems - Operating is revised to delete bus from the name of subsystem AC instrument and control and to specify the two electrical power distribution subsystems in a list format. (DOC A112)

TS 3.8.5 Conditions A, B, C, and D are revised to move Division or Divisions such that the description of the Condition reads Division inoperable or Divisions inoperable. (DOC A112)

TS 3.8.5 Required Actions A.1, B.1, C.1, and D.1 are revised to add division such that each of these Restore Required Action ends with division to OPERABLE status. (DOC A112)

TS 3.8.5 Required Action C.1 and Required Action D.1 are revised from Restore... to Restore one... (DOC A112)

Second Completion Times for Conditions A, B, C, and D are deleted. (TS TF-439-A; DOC L04)

TS 3.8.5 Condition E is revised to Required Action and associated Completion Time of Condition A, B, C, and D not met by adding of Condition A, B, C, and D. (DOC A102)

TS 3.8.5 Condition F is revised to remove divisions with and distribution subsystems to state Two inoperable divisions that result in a loss of safety function. (DOC A112)

The discussion in the Bases is revised to be consistent with the wordings in the Specifications.

The revisions include deletion of bus fro m the name of subsystem AC instrument and control and use of division or divisions, as appropriate. (DOC A112)

Changes were made to clarify use of buses, divisions, subsystems, and Class 1E AC instrument and control in different sections of the Bases. (APOG comment)

Footnote in Table B 3.8.5-1 relating to the use division and subsystem was removed. AC Instrument and Control Panels (Buses) was used replacing AC Instrument and Control Buses to be consistent with DC Distribution Panels; and for consistency with rest of the Bases and Specifications. (APOG comment and NRC staff comment)

The acronym FSAR is added to modify Section and Chapter in references to the FSAR throughout the Bases. (DOC A003)

Editorial changes are made throughout the Bases for clarity and consistency with the TS requirement(s). (APOG Comment and NRC staff changes)

Date report generated:

Wednesday, April 29, 2015 Page 5 GTST AP1000-B85-3.8.5, Rev. 1

VI. Traveler Information

Description of TSTF changes:

TSTF-439-A

TSTF-439-A deletes a second completion time that was included for certain Required Actions to establish a limit on the maximum time allowed for any combination of Conditions that result in a single continuous failure to meet the LCO. These (second) completion times are joined by an AND logical connector to the Condition-specific Completion Time and state X days from discovery of failure to meet the LCO (where X varies by specification).

Rationale for TSTF changes:

TSTF-439-A

TSTF-439-A deletes the second completion time because two new programs (Maintenance Rule and Reactor Oversight Process) that currently apply and make the use of the second completion time unnecessary. The adoption of a second Completion Time was based on an NRC concern that a plant could continue to operate indefinitely with an LCO governing safety significant systems never being met by alternately meeting the requirements of separate Conditions. In 1991, the NRC could not identify any regulatory requirement or program which could prevent this misuse of the Technical Specifications. However, that is no longer the case.

There are now two programs which would provide a strong disincentive to continued operation with concurrent multiple inoperabilities of the type the second Completion Times were designed to prevent.

The Maintenance Rule: 10 CFR 50.65 (a)(1), the Maintenance Rule, requires each licensee to monitor the performance or condition of SSCs against licensee-established goals to ensure that the SSCs are capable of fulfilling their intended functions. If the performance or condition of an SSC does not meet established goals, appropriate corrective action is required to be taken.

The NRC Resident Inspectors monitor the licensees Corrective Action process and could take action if the licensees maintenance program allowed the systems required by a single LCO to become concurrently inoperable multiple times. The performance and condition monitoring activities required by 10 CFR 50.65 (a)(1) and (a)(2) would identify if poor maintenance practices resulted in multiple entries into the ACTIONS of the Technical Specifications and unacceptable unavailability of these SSCs. The effectiveness of these performance monitoring activities, and associated corrective actions, is evaluated at least every refueling cycle, not to exceed 24 months per 10 CFR 50.65 (a)(3).

Under the Technical Specifications the Completion Time for one system is not affected by other inoperable equipment. The second Completion Times were an attempt to influence the Completion Time for one system based on the condition of another system, if the two systems were required by the same LCO. However 10 CFR 50.65(a)(4) is a much better mechanism to apply this influence as the Maintenance Rule considers all inoperable risk -significant equipment, not just the one or two systems governed by the same LCO.

Under 10 CFR 50.65(a)(4), the risk impact of all inoperable risk -significant equipment is assessed and managed when performing preventative or corrective maintenance. The risk assessments are conducted using the procedures and guidance endorsed by Regulatory Guide 1.182, Assessing and Managing Risk Before Maintenance Activities at Nuclear Power Plants.

Date report generated:

Wednesday, April 29, 2015 Page 6 GTST AP1000-B85-3.8.5, Rev. 1

Regulatory Guide 1.182 endorses the guidance in Section 11 of NUMARC 93-01, Industry Guideline for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants. These documents address general guidance for conduct of the risk assessment, quantitative and qualitative guidelines for establishing risk management actions, and example risk management actions. These include actions to plan and conduct other activities in a manner that controls overall risk, increased risk awareness by shift and management personnel, actions to reduce the duration of the condition, actions to minimize the magnitude of risk increases (es tablishment of backup success paths or compensatory measures), and determination that the proposed maintenance is acceptable. This comprehensive program provides much greater assurance of safe plant operation than the second Completion Times in the Technical Specifications.

The Reactor Oversight Process: NEI 99-02, Regulatory Assessment Performance Indicator Guideline, describes the tracking and reporting of performance indicators to support the NRCs Reactor Oversight Process (ROP). The NEI document is endorsed by RIS 2001-11, Voluntary Submission of Performance Indicator Data.NEI 99 -02, Section 2.2, describes the Mitigating Systems Cornerstone. NEI 99-02 specifically addresses emergency AC Sources (which encompasses the AC Sources and Distribution System LCOs), and the Auxiliary Feedwater system. Extended unavailability of these systems due to multiple entries into the ACTIONS would affect the NRCs evaluation of the licensees performance under the ROP.

In addition to these programs, a requirement is added to Section 1.3 of the Technical Specifications to require licensees to have administrative controls to limit the maximum time allowed for any combination of Conditions that result in a single contiguous occurrence of failing to meet the LCO.These administrative controls should consider plant risk and shall limit the maximum contiguous time of failing to meet the LCO. This Technical Specification requirement, when considered with the regulatory processes discussed above, provide an equivalent or superior level of plant safety without the unnecessary complication of the Technical Specifications by second Completion Times on some Specifications.

IN NUREG-1430, 1431, and 1432, Specification 3.8.9, Distribution Systems - Operating, has an 8 hour9.259259e-5 days 0.00222 hours 1.322751e-5 weeks 3.044e-6 months Completion Time for one or more AC electrical power distribution subsystems inoperable (Condition A), and a 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months Completion Time for one or more AC vital bus (Condition B) or one or more DC electrical power subsystems (Condition C) inoperable. Conditions A, B, and C have a second Completion Time of 16 hours1.851852e-4 days 0.00444 hours 2.645503e-5 weeks 6.088e-6 months from discovery of failure to meet the LCO. The second Completion Time is not needed. First, it is unusual for an AC electrical power subsystem or AC vital bus to be inoperable without causing a reactor trip. Secondly, Completion Times are very short (8 and 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months ) providing little time to restore systems such that the Conditions overlap and multiple inoperabilities occur. Lastly, should any overlapping inoperabilities that result in a loss of safety function occur, a plant shutdown in accordance with LCO 3.0.3 is required.

As discussed above, the concern regarding the multiple continuous entries into Conditions without meeting the LCO is addressed by two programs (Maintenance Rule and Reactor Oversight Program) and the administrative control required by Section 1.3 of the Technical Specifications. Therefore, this potential concern is no longer an issue and the Technical Specifications can be simplified by eliminating the second Completion Times with no detriment to plant safety.

Date report generated:

Wednesday, April 29, 2015 Page 7 GTST AP1000-B85-3.8.5, Rev. 1

Description of changes in RCOL St d. Dep.,RCOL COL Item(s), and RCOL PTS Changes:

VEGP LAR DOC A104:

TS 3.8.5, Distribution Systems - Operating, Condition E is revised from Required Action and associated Completion Time not met, to Required Action and associated Completion Time of Condition A, B, C, or D not met (i.e., adding of Condition A, B, C, or D ).

VEGP LAR DOC A112:

TS 3.8.5 Distribution Systems - Operating is revised to delete bus from the name of subsystem AC instrument and control and to specify the two electrical power distribution subsystems in a list format.

TS 3.8.5, Distribution Systems - Operating, Conditions A, B, C, and D are revised to move Division or Divi sions such that the Condition reads Division inoperable or Divisions inoperable; for example Condition A is revised to One AC instrument and control division inoperable.

TS 3.8.5 Required Actions A.1, B.1, C.1, and D.1 are revised to add Division such that each of these Restore Required Action reads Division to OPERABLE status. For example, Required Action A.1 is revised to Restore AC instrument and control division to OPERABLE status.

TS 3.8.5 Required Action C.1 and Required Action D.1 are revised from Restore... to Restore one....

TS 3.8.5 Condition F is revised to remove divisions with and distribution subsystems to state Two inoperable divisions that result in a loss of safety function.

VEGP LAR DOC L04:

Current TS Section 1.3, Completion Times, Example 1.3-3 is revised to eliminate the Required Action A.1 and Required Action B.1 second Completion Times, and to replace the discussion regarding second Completion Times with a new discussion. The second Completion Times associated with current TS 3.8.5, Distribution Systems - Operating, Required Actions A.1, B.1, C.1, and D.1 are also deleted.

Rationale for changes in RCOL Std. Dep., RCOL COL Item(s), and RCOL PTS Changes:

VEGP LAR DOC A104:

Currently, TS 3.8.5 Condition E does not specify which Required Actions and associated Completion Times not met would require entry into Condition F.

TSTF-GG 01, Subsection 4.1.6, paragraph i.5 provides guidance on the appropriate Condition wording for Conditions that are required to be entered as a result of failing to satisfactorily complete another Required Action. As stated in the guidance, if the Condition is only entered for failure of some of the Required Actions, the entry condition shall include a specific listing of the applicable Conditions. A listing is not provided only if all Required Action failures would lead to entering the subject Condition. For TS 3.8.5, failing to complete Required Action F.1 would not allow reentering Condition E.

Date report generated:

Wednesday, April 29, 2015 Page 8 GTST AP1000-B85-3.8.5, Rev. 1

These changes (wording preferences, editorial changes, reformatting, revised numbering, etc.)

are made to provide clarification and for consistency with TSTF-GG-05-01. These changes are designated as administrative changes and are acceptable because they do not result in technical changes to the TS.

VEGP LAR DOC A112:

The nomenclature used for the two Class 1E electrical power distribution subsystems is clarified by deleting bus from the name for subsystem AC instrument and control and the TS 3.8.5 LCO reformatted to clarify that both DC and AC instrument and control divisions are electrical power distribution subsystems. The Actions are revised to present inoperabilities of divisions.

As described in the TS Bases, current TS 3.8.5 Action A provides the requirements when one division of the AC instrument and control electrical power distribution subsystem is inoperable and current Action B provides the requirements when one division of the DC electrical power distribution subsystem is inoperable. Current TS 3.8.5 Actions C and D provide the requirements when two divisions of the AC instrument and control electrical power distribution subsystem are inoperable and two divisions of DC electrical power distribution subsystems are inoperable, respectively. The revised wording of the Conditions and Required Actions provides for clarity and consistency without changing the intent or technical requirements. Therefore, usability is enhanced.

In the event two divisions of AC instrument and control electrical power distribution subsystem are inoperable, once a single division of AC instrument and control is restored to Operable status, TS 3.8.5 Condition C no longer applies. Thus Required Action C.1 is clarified to Restore one AC instrument and control division to OPERABLE status. Only a single AC instrument and control division must be restored within the required 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months . Since Action A was also entered when the first division of AC instrument and control became inoperable, Action A governs the restoration of the remaining inoperable AC instrument and control division. Therefore, for clarity and consistency with the actual requirements, proposed TS 3.8.5 Required Actions C.1 and D.1 only require the restoration of one AC instrument and control division and one DC division, respectively. Minor wording clarification and reformatting are made for consistency and more standard TS phrasing.

Since these changes do not result in any technical change to the current requirements, they are considered administrative. These changes are designated as administrative changes and are acceptable because they do not result in technical changes to the TS.

VEGP LAR DOC L04:

In adopting TSTF-439 into Revision 3.1 of the NUREG -1431 the NRC Staff concluded that multiple continuous entries into Conditions, without meeting the LCO, is acceptable because these practices are controlled by licensee's configuration risk management programs, which were implemented to meet the requirements of the maintenance rule to assess and manage risk. The TS controls, coupled with the licensee's configuration risk management programs, provide adequate assurance against inappropriate use of Combinations of Conditions that result in a single contiguous occurrence of failing to meet the LCO. Final Safety Analysis Report (FSAR) Chapter 17 describes implementation of the Operational Phase Reliability Assurance Activities (OPRAA), which appropriately addresses the NRC Staffs evaluation and conclusion regarding licensees configuration risk management programs. The VEGP OPRAA includes implementation of the Maintenance Rule Program to meet the requirements of 10 CFR 50.65.

Date report generated:

Wednesday, April 29, 2015 Page 9 GTST AP1000-B85-3.8.5, Rev. 1

Accordingly, TS requirements, when considered with the regulatory processes discussed above, provide an equivalent or superior level of plant safety without the unnecessary complication of the TS by second Completion Times on some Specifications that are deleted with this change.

In addition, a requirement is being included in TS Section 1.3 to require administrative controls to limit the maximum time allowed for any combination of Conditions that result in a single contiguous occurrence of failing to meet the LCO.

These administrative controls will consider plant risk and limit the maximum contiguous time of failing to meet the LCO. This TS requirement, when considered with the regulatory processes discussed above, provide an equivalent or superior level of plant safety without the unnecessary complication of the TS by second Completion Times on some Specifications. Current TS 3.8.5 Required Actions A.1, B.1, C.1, and D.1 are the only uses of this second Completion Time to limit the maximum contiguous time of failing to meet the LCO, and are therefore also deleted with this change.

Description of additional changes proposed by NRC staff/preparer of GTST :

The changes addressed in different Bases sections, based on APOG comments and NRC staff proposed changes, are as follows:

The Background section of the Bases was revised as follows:

first paragraph:

The onsite Class 1E and DC and uninterruptible power supply (UPS) electrical power distribution system is divided by division into four independent divisions of AC and DC electrical power distribution subsystems (Divisions A, B, C, and D).

second paragraph, first through fourth sentences:

The Class 1E AC distribution Divisions A and D each consists of one 208/120 V instrument and control bus (distribution panel). The Class 1E AC distribution Divisions B and C each consists of two 208/120 V instrument and control buses (distribution panels). The AC buses are normally powered from separate inverters which are connec ted to the respective Division division Class 1E battery banks through the associated Class 1E 250 VDC buses (switchboards). The backup electrical power source provided for each division of Division for the Class 1E AC instrument and control buses is a Class 1E voltage regulating transformer providing regulated output to the Class 1E AC instrum ent and control buses through a static transfer switch and a manual bypass switch...

third paragraph, first through third and sixth sentences:

The Class 1E DC distribution Divisions A and D each consists of one 250 VDC bus (switchboard). The Class 1E DC distribution Divisions B and C each consists of tw o 250 VDC buses (switchboards). The buses for the four Divisions are normally powered from their associated Division battery chargers. The backup electrical power source for each Class 1E DC bus is its associated Class 1E battery bank.... Additional description of this system may be found in the Bases for Specification 3.8.1, DC Sources - Operating.

fourth paragraph:

Date report generated:

Wednesday, April 29, 2015 Page 10 GTST AP1000-B85-3.8.5, Rev. 1

The list of all required Class 1E AC distribution and DC distribution buses and panels is presented in Table B 3.8.5-1 and shown in FSAR Section 8.3.2 (Ref. 1).

The first, third, and last paragraphs of the Applicable Safety Analyses section of the Bases were revised as follows:

The initial conditions of Design Basis Accident (DBA) and transient analyses in FSAR Chapter 6 (Ref. 2) and FSAR Chapter 15 (Ref. 3), assume engineered safety features (ESFs) are OPERABLE. The Class 1E AC instrument and control and DC electrical power distribution systems are designed to provide sufficient capacity, capability, redundancy, and reliability to ensure the availability of necessary power to the ESFs so that the fuel, Reactor Coolant System (RCS) and containment design limits are not exceeded.

The OPERABILITY of the Class 1E AC instrument and control and DC electrical power distribution systems is consistent with the initial assumptions of the accident analyses and is based upon meeting the design basis of the unit. This includes maintaining at least three of the four Divisions of Class 1E AC instrument and control and DC electrical power distribution systems OPERABLE during accident conditions in the event of:

The Class 1E AC instrument and control and DC electrical power distribution system s satisfy Criterion 3 of 10 CFR 50.36(c)(2)(ii).

The first, second, and third paragraphs (split third paragraph) of the LCO section of the Bases were revised as follows:

The required electrical power distribution subsystems listed in Table B 3.8.5-1 ensure the availability of Class 1E AC instrument and control and DC electrical power for the systems required to shut down the reactor and maintain it in a safe condition after an anticipated operational occurrence (AOO) or a postulated DBA. The Division A, B, C, and D Class 1E ACinstrument and control and DC electrical power distribution subsystems are required to be OPERABLE.

Maintaining the Division A, B, C, and D AC instrument and control and DC electrical power distribution subsystems OPERABLE ensures that the redundancy incorporated into the design of the ESFs is not defeated. Three of the four Class 1E AC instrument and control and DC electrical power distribution subsystems are capable of providing the necessary electrical power to the associated ESF components. Therefore, a single failure within any subsystem or within the electrical power distribution subsystems will not prevent safe shutdown of the reactor.

OPERABLE Class 1E DC electric electrical power distribution subsystems require the associated buses (switchboards), distribution panels, motor control centers, and electrical circuits to be energized to their proper voltage from either the associated battery bank or battery charger. The spare battery bank, and/or the spare battery charger, s or both may be used by one DC electrical power distributionsubsystem for OPERABILITY.

OPERABLE Class 1E AC instrument and control electrical power distribution subsystems require the associated buses (distribution panels) to be energized to their proper voltages and frequencies from the associated inverter or voltage regulating transformer.

Date report generated:

Wednesday, April 29, 2015 Page 11 GTST AP1000-B85-3.8.5, Rev. 1

The last two sentences of the fourth paragraph in the Actions section of the Bases, under the heading B.1, were revised as follows:

.. Inoperability of a PMS division is similar to loss of one DC electrical power distribution subsystem division. In both cases, actuation of the safety functions associated with one of the four subsystems/ divisions may no longer be available.

The Ac tions section of the Bases, under heading C.1, was revised as follows (existing markups are included):

first paragraph, first and last sentences

With two divisions of AC instrument and control buses divisions inoperable, the remaining OPERABLE divisions buses are capable of supporting the minimum safety functions necessary to shut down the unit and maintain it in the safe shutdown condition....

.. Therefore, the one required divisions of AC instrument and control buses must be restored to OPERABLE status within 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months by powering the division bus from the associated inverter via inverted DC, inverter using internal AC source, or Class 1E constant voltage regulating transformer.

second paragraph

Condition C represents two divisions of AC instrument and control vital buses divisions without power; potentially both the DC source and the associated AC source ar e nonfunctioning. In this situation, the unit is significantly more vulnerable to a complete loss of all noninterruptable power. It is, therefore, imperative that the operators attention focus on stabilizing the unit, minimizing the potential for loss of power to the remaining divisions buses and restoring power to one the affected division buses.

third paragraph, list item b was revised from Applicable Conditions to applicabl e Conditions.

fourth paragraph

The 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months Completion Time takes into account the importance to safety of restoring the one AC instrument and control divisions buses to OPERABLE status, the redundant capability afforded by the other OPERABLE buses divisions, and the low probability of a DBA occurring during this period.

The Actions section of the Bases, under heading D.1, was revised as follows (existing markups are included):

first paragraph

With two divisions of DC electrical power distribution subsystems subsystem divisions inoperable, the remaining DC electrical power distribution subsystems subsystem divisions are capable of supporting the minimum safety functions necessary to shut dow n the reactor and maintain it in a safe shutdown condition, assuming no single failure. The overall reliability is reduced, however, because a single failure in the remaining DC electrical power distribution subsystem division divisions could result in the minimum required ESF functions not being supported. Therefore, the one required DC division

Date report generated:

Wednesday, April 29, 2015 Page 12 GTST AP1000-B85-3.8.5, Rev. 1

buses must be restored to OPERABLE status within 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months by powering the division bus from the associated battery or charger.

fourth paragraph

The 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months Completion Time for restoring one DC electrical power distribution subsystem division buses to OPERABLE status is consistent with Regulatory Guide 1.93 (Ref. 4).

The Actions section of the Bases, under heading F.1, was revised as follows (existing markups are included):

With two inoperable divisions Divisions with inoperable distribution subsystems that result in a loss of safety function, adequate core cooling, containment OPERABILITY and other vital functions for DBA mitigation would be compromised, and immediate plant shutdown in accordance with LCO 3.0.3 is required.

The Surveillance Requirements section of the Bases, under heading SR 3.8.5.1, was revised as follows:

This Surveillance verifies that the Class 1E AC instrument and control and DC electrical power distribution subsystems are functioning properly, with the required circuit breakers and switches properly aligned. The verification of proper voltage availability on the buses ensures that the required voltage is readily available for motive as well as control functions for critical system loads connected to these buses. The 7 day Frequency takes into account the redundant capability of the Class 1E AC inst rument and control and DC electrical power distribution subsystems, and other indications available in the control room that alert the operator to electrical power distribution system malfunctions.

Table B 3.8.5-1 was revised as follows:

Footnote in Table B 3.8.5-1 relating to the use division and subsystem was removed. AC Instrument and Control Panels (Buses) was used replacing AC Instrument and Control Buses to be consistent with DC Distribution Panels; and for consistency with rest of the Bases and Specifications. (APOG comment and NRC staff comment)

The acronym FSAR is added to modify Section and Chapter in references to the FSAR throughout the Bases. (DOC A003)

Rationale for additional changes proposed by NRC staff/preparer of GTST :

Since Bases references to FSAR Sections and Chapters are to an external document, it is appropriate to include the FSAR modifier.

The remaining changes are editorial changes for clarity and provide consistency with the TS requirement(s) being discussed.

Date report generated:

Wednesday, April 29, 2015 Page 13 GTST AP1000-B85-3.8.5, Rev. 1

VII. GTST Safety Evaluation

Technical Analysis:

Deletion of Second Completion Time

The deletion of second completion time in the Required Actions is justified because two programs (Maintenance Rule and Reactor Oversight Program) that will be part of AP1000 plant operation make the use of the second completion time unnecessary. The adoption of a second Completion Time on designs of operating plants was based on an NRC concern that a plant could continue to operate indefinitely with an LCO governing safety significant systems never being met by alternately meeting the requirements of separate Conditions. In 1991, the NRC could not identify any regulatory requirement or program which could prevent this misuse of the Technical Specifications. However, that is not the case with AP1000 plants.

There are now two programs which would provide a strong disincentive to continued operation with concurrent multiple inoperabilities of the type the second Completion Times were designed to prevent.

The Maintenance Rule: 10 CFR 50.65 (a)(1), the Maintenance Rule, requires each licensee to monitor the performance or condition of SSCs against licensee-established goals to ensure that the SSCs are capable of fulfilling their intended functions. If the performance or condition of an SSC does not meet established goals, appropriate corrective action is required to be taken. The NRC Resident Inspectors monitor the licensees Corrective Action process and could take action if the licensees maintenance program allowed the systems required by a single LCO to become concurrently inoperable multiple times. The performance and condition monitoring activities required by 10 CFR 50.65 (a)(1) and (a)(2) would identify if poor maintenance practices resulted in multiple entries into the ACTIONS of the Technical Specifications and unacceptable unavailability of these SSCs. The effectiveness of these performance monitoring activities, and associated corrective actions, is evaluated at least every refueling cycle, not to exceed 24 months per 10 CFR 50.65 (a)(3). Under the Technical Specifications, the Completion Time for one system is not affected by other inoperable equipment. The second Completion Times were an attempt to influence the Completion Time for one system based on the condition of another system, if the two systems were required by the same LCO. However 10 CFR 50.65(a)(4) is a much better mechanism to apply this influence as the Maintenance Rule considers all inoperable risk-significant equipment, not just the one or two systems governed by the same LCO.

Under 10 CFR 50.65(a)(4), the risk impact of all inoperable risk -significant equipment is assessed and managed when performing preventative or corrective maintenance. The risk assessments are conducted using the procedures and guidance endorsed by Regulatory Guide 1.182, Assessing and Managing Risk Before Maintenance Activities at Nuclear Power Plants.

Regulatory Guide 1.182 endorses the guidance in Section 11 of NUMARC 93-01, Industry Guideline for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants. These documents address general guidance for conduct of the risk assessment, quantitative and qualitative guidelines for establishing risk management actions, and example risk management actions. These include actions to plan and conduct other activities in a manner that controls overall risk, increased risk awareness by shift and management personnel, actions to reduce the duration of the condition, actions to minimize the magnitude of risk increases (establishment of backup success paths or compensatory measures), and determination that the proposed maintenance is acceptable. This comprehensive program provides much greater assurance of safe plant operation than the second Completion Times in the Technical Specifications.

Date report generated:

Wednesday, April 29, 2015 Page 14 GTST AP1000-B85-3.8.5, Rev. 1

The Reactor Oversight Process: NEI 99-02, Regulatory Assessment Performance Indicator Guideline, describes the tracking and reporting of performance indicators to support the NRCs Reactor Oversight Process (ROP). The NEI document is endorsed by RIS 2001-11, Voluntary Submission of Performance Indicator Data.NEI 99 -02, Section 2.2, describes the Mitigating Systems Cornerstone. NEI 99-02 specifically addresses emergency AC Sources (which encompasses the AC Sources and Distribution System LCOs), and the Auxiliary Feedwater system. Extended unavailability of these systems due to multiple entries into the ACTIONS would affect the NRCs evaluation of the licensees performance under the ROP.

In addition to these programs, a requirement is added to Section 1.3 of the Technical Specifications to require licensees to have administrative controls to limit the maximum time allowed for any combination of Conditions that result in a single contiguous occurrence of failing to meet the LCO. These administrative controls should consider plant risk and shall limit the maximum contiguous time of failing to meet the LCO. This Technical Specification requirement, when considered with the regulatory processes discussed above, provide an equivalent or superior level of plant safety without the unnecessary complication of the Technical Specifications by second Completion Times on some Specifications.

As discussed above, the concern regarding the multiple continuous entries into Conditions without meeting the LCO is addressed by two programs (Maintenance Rule and Reactor Oversight Program) and the administrative control required by Section 1.3 of the Technical Specifications. Therefore, this potential concern is no longer an issue and the Technical Specifications can be simplified by eliminating the second Completion Times with no detriment to plant safety.

Accordingly, the removal of the additional completion times in the AP1000 STS is justified and acceptable.

Revision of Condition E adding of Condition A, B, C, or D

Currently, TS 3.8.5 Condition E does not specify which Required Actions and associated Completion Times not met would require entry into Condition F. Without inclusion of such a list, the Required Action for failing to meet Condition A, B, C, or D is not defined. In addition, as per the STS Writer's Guide, if the Condition is only entered for failure of some of the Required Actions, the entry condition shall include a specific listing of the applicable Conditions.

Accordingly, the addition, specifying the list of applicable Conditions, is needed and is applicable.

This change provides clarification in the Specification and will help their implementation. It is, therefore, acceptable.

Changes to clarify wording of different Condition and Required Actions :

The changes in the wording of Conditions A, B, C, and D and the associated Required Actions provide useful clarification. The revised wording of the Conditions and Required Actions provides for consistency without changing the intent or technical requirements. Therefore, usability is enhanced.

In the event two Divisions of AC instrument and control buses are inoperable, once a single Division of AC instrument and control bus is restored to Operable status, TS 3.8.5 Condition C no longer applies. Thus Required Action C.1 is clarified to Restore one AC instrument and control bus Division to OPERABLE status. Only a single AC instrument and control bus Division must be restored within the required 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months . Since Action A was also entered when

Date report generated:

Wednesday, April 29, 2015 Page 15 GTST AP1000-B85-3.8.5, Rev. 1

the first Division of AC instrument and control buses became inoperable, Action A governs the restoration of the remaining inoperable AC instrument and control bus. Therefore, for clarity and consistency with the actual requirements, proposed TS 3.8.5 Required Actions C.1 and D.1 only require the restoration of one AC instrument and control bus Division and one DC electrical power distribution subsystem Division, respectively.

These wording changes provide useful clarify and will contribute to proper implementation of the requirements. Therefore, these changes are acceptable.

Remaining changes:

The remaining changes are editorial, clarifying, grammatical, or otherwise considered administrative. These changes do not affect the technical content, but improve the readability, implementation, and understanding of the requirements, and are therefore acceptable.

Having found that this GTSTs proposed changes to the GTS and Bases are acceptable, the NRC staff concludes that AP1000 STS Subsection 3.8.5 is an acceptable model Specification for the AP1000 standard reactor design.

References to Previous NRC Safety Evaluation Reports (SERs) :

None

Date report generated:

Wednesday, April 29, 2015 Page 16 GTST AP1000-B85-3.8.5, Rev. 1

VIII. Review Information

Evaluator Comments:

None

Pranab K. Samanta Brookhaven National Laboratory 631-344-4948 samanta@bnl.gov

Review Information:

Availability for public review and comment on Revision 0 of this traveler approved by NRC staff on 4/15/2014.

APOG Comments (Ref. 7) and Resolutions

(Internal #3) Throughout the Bases, references to Sections and Chapters of the FSAR do not include the FSAR clarifier. Since these Section and Chapter references are to an external document, it is appropriate to include the FSAR modifier. This is resolved by adding the FSAR modifier as appropriate.

(Internal #465) Editorial changes were recommended for Background section in the Bases for clarity and consistency with the TS requirements. These changes, along with additional edits to correct GTS Bases errors and for clarification, were incorporated.

(Internal #466) Editorial changes were recommended for Applicable Safety Analyses section of the Bases for clarity and consistency with the TS requirements. These changes were incorporated.

(Internal #467) Editorial changes were recommended for LCO section of the Bases for clarity and consistency with the TS requirements. These changes, along with additional edits for clarity, consistency, and avoiding use of and/or per writer's guide, were incorporated.

(Internal #468) Editorial changes were recommended for Actions section of the Bases, under heading B.1, for clarity and consistency with the TS requirements. These changes were incorporated.

(Internal #469) Editorial changes were recommended for Actions section of the Bases, under heading C.1, for clarity and consistency with the TS requirements. These changes were incorporated.

(Internal #470) Editorial changes were recommended for Actions section of the Bases, under heading C.1, for clarity and consistency with the TS requirements. These changes, along with a typographical correction, were incorporated.

(Internal #471) Editorial changes were recommended for Actions section of the Bases, under heading D.1, for clarity and consistency with the TS requirements. These changes, along with additional clarifications, were incorporated.

Date report generated:

Wednesday, April 29, 2015 Page 17 GTST AP1000-B85-3.8.5, Rev. 1

(Internal #472) Editorial changes were recommended for Actions section of the Bases, under heading F.1, for clarity and consistency with the TS requirements. These changes were incorporated.

(Internal #473) Editorial changes were recommended for Surveillance Requirements section of the Bases, under heading SR 3.8.5.1, for clarity and consistency with the TS requirements.

These changes, along with an additional clarification, were incorporated.

(Internal #474) Editorial changes were recommended for Table 3.8.5-1 for clarity and consistency with the TS requirements. These changes, along with additional clarifications, were incorporated.

NRC Final Approval Date:04/29/2015

NRC

Contact:

T. Robert Tjader United States Nuclear Regulatory Commission 301-415-1187 Theodore.Tjader@nrc.gov

Date report generated:

Wednesday, April 29, 2015 Page 18 GTST AP1000-B85-3.8.5, Rev. 1

IX. Evaluator Comments for Consideration in Finalizing Technical Specificat ions and Bases

None

Date report generated:

Wednesday, April 29, 2015 Page 19 GTST AP1000-B85-3.8.5, Rev. 1

X. References Used in GTST

1. AP1000 DCD, Revision 19, Section 16, Technical Specifications, June 2011 (ML11171A500).

2. Southern Nuclear Operating Company, Vogtle Electric Generating Plant, Uni t 3 and 4, Technical Specifications Upgrade License Amendment Request, February 24, 2011 (ML12065A057).

3. TSTF-GG 01, Technical Specification Task Force (TSTF) Writer's Guide for Plant-Specific Improved Technical Specifications, Revision 1.

4. RAI Letter No. 01 Related to License Amendment Request (LAR)12-002 for the Vogtl e Electric Generating Plant Units 3 and 4 Combined Licenses, September 7, 2012 (ML12251A355).

5. Southern Nuclear Operating Company, Vogtle Electric Generating Plant, Units 3 an d 4, Response to Request for Additional Information Letter No. 01 Related to Licens e Amendment Request LAR-12-002, ND-12-2015, October 04, 2012 (ML12286A 363 and ML12286A360).

6. NRC Safety Evaluation (SE) for Amendment No. 13 to Combined License (COL) No. NPF -

91 for Vogtle Electric Generating Plant (VEGP) Unit 3, and Amendment No. 13 to COL N o.

NPF-92 for VEGP Unit 4, September 9, 2013 (ADAMS Package Accession N o.

ML13238A337), which contains:

ML13238A355, Cover Letter - Issuance of License Amendment No. 13 for Vogtle Units 3 and 4 (LAR 12-002).

ML13238A359, Enclosure 1 - Amendment No. 13 to COL No. NPF-91 ML13239A256, Enclosure 2 - Amendment No. 13 to COL No. NPF-92 ML13239A284, Enclosure 3 - Revised plant-specific TS pages (Attachment to Amendment No. 13)

ML13239A287, Enclosure 4 - Safety Evaluation (SE), and Attachment 1 - Acronyms ML13239A288, SE Attachment 2 - Table A - Administrative Changes ML13239A319, SE Attachment 3 - Table M - More Restrictive Changes ML13239A333, SE Attachment 4 - Table R - Relocated Specifications ML13239A331, SE Attachment 5 - Table D - Detail Removed Changes ML13239A316, SE Attachment 6 - Table L - Less Restrictive Changes

The following documents were subsequently issued to correct an administrative error in Enclosure 3:

ML13277A616, Letter - Correction To The Attachment (Replacement Pages) - Vogtle Electric Generating Plant Units 3 and 4-Issuance of Amendment Re:

Technical Specifications Upgrade (LAR 12-002) (TAC No. RP9402)

ML13277A637, Enclosure 3 - Revised plant-specific TS pages (Attachment to Amendment No. 13) (corrected)

Date report generated:

Wednesday, April 29, 2015 Page 20 GTST AP1000-B85-3.8.5, Rev. 1

7. APOG-2014 -008, APOG (AP1000 Utilities) Comments on AP1000 Standardized Technical Specifications (STS) Generic Technical Specification Travelers (GTSTs), Docket ID NRC-2014-0147, September 22, 2014 (ML14265A493).

Date report generated:

Wednesday, April 29, 2015 Page 21 GTST AP1000-B85-3.8.5, Rev. 1

XI. MARKUP of the Applicable GTS Subsection for Preparation of the STS NUREG

The entire section of the Specifications and the Bases associated with this GTST is presented next.

Changes to the Specifications and Bases are denoted as follows: Deleted portions are marked in strikethrough red font, and inserted portions in bold blue font.

Date report generated:

Wednesday, April 29, 2015 Page 22 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating 3.8.5

3.8 ELECTRICAL POWER SYSTEMS

3.8.5 Distribution Systems - Operating

LCO 3.8.5 The following Division A, B, C, and D AC instrument and control bus and DC electrical power distribution subsystems shall be OPERABLE.:

a. DC; and

b. AC instrument and control.

APPLICABILITY: MODES 1, 2, 3, and 4.

ACTIONS

CONDITION REQUIRED ACTION COMPLETION TIME

A. One Division AC A.1 Restore AC instrument and 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months instrument and control control bus division to bus divisioninoperable. OPERABLE status. AND

12 hours1.388889e-4 days 0.00333 hours 1.984127e-5 weeks 4.566e-6 months from discovery of failure to meet the LCO

B. One Division DC B.1 Restore DC electrical 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months electrical power power distribution distribution subsystem subsystem division to AND division inoperable.OPERABLE status.

12 hours1.388889e-4 days 0.00333 hours 1.984127e-5 weeks 4.566e-6 months from discovery of failure to meet the LCO

AP1000 STS 3.8.5-1 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 23 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating 3.8.5

ACTIONS (continued)

CONDITION REQUIRED ACTION COMPLETION TIME

C. Tw o Divisions AC C.1 Restore one AC instrument 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months instrument and control and control bus division to bus divisions OPERABLE status. AND inoperable 16 hours1.851852e-4 days 0.00444 hours 2.645503e-5 weeks 6.088e-6 months from discovery of failure to meet the LCO.

D. Tw o Divisions DC D.1 Restore one DC electrical 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months electrical power power distribution distribution subsystem subsystem division to AND divisions inoperable.OPERABLE status.

16 hours1.851852e-4 days 0.00444 hours 2.645503e-5 weeks 6.088e-6 months from discovery of failure to meet the LCO.

E. Required Action and E.1 Be in MODE 3. 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months associated Completion Tim e of Condition A, B, AND C, or D not met.

E.2 Be in MODE 5. 36 hours4.166667e-4 days 0.01 hours 5.952381e-5 weeks 1.3698e-5 months

F. Tw o Divisions with F.1 Enter LCO 3.0.3 Immediately inoperable divisions distribution subsystems that result in a loss of safety function.

SURVEILLANCE REQUIREMENTS

SURVEILLANCE FREQUENCY

SR 3.8.5.1 Verify correct breaker and switch alignments and 7 days voltage to required DC and AC instrument and control bus electrical power distribution subsystems.

AP1000 STS 3.8.5-2 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 24 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

B 3.8 ELECTRICAL POWER SYSTEMS

B 3.8.5 Distribution Systems - Operating

BASES

BACKGROUND The onsite Class 1E and DC and uninterruptible power supply (UPS )

electrical power distribution system is divided by division into four independent divisions of AC and DC electrical power distribution subsystems (Divisions A, B, C, and D).

The Class 1E AC distribution Divisions A and D each consists of one 208/120 V instrument and control bus (distribution panel). The Class 1E AC distribution Divisions B and C each consists of two 208/120 V instrument and control buses (distribution panel). The AC buses are normally powered from separate inverters which are connected to the respective dDivision Class 1E battery banks through the associated Class 1E 250 VDC buses (switchboards). The backup electrical power source provided for each division of Division for the Class 1E AC instrument and control buses is a Class 1E voltage regulating transformer providing regulated output to the Class 1E AC instrument and control buses through a static transfer switch and a manual bypass switch. Power to the transformer is provided by the nonsafety related Main AC Power System. Additional description of this system may be found in the Bases for Specification 3.8.3, Inverters - Operating.

The Class 1E DC distribution Divisions A and D each consists of one 250 VDC bus (switchboards). The Class 1E DC distribution Divisions B and C each consists of two 250 VDC buses (switchboards). The buses for the four Divisions are normally powered from their associated Division battery chargers. The backup electrical power source for each Class 1E DC bus is its associated Class 1E battery bank. Additionally, there is one installed spare Class 1E battery bank and one installed spare Class 1E battery charger, which can provide backup power to a Class 1E DC bus in the event that one of the battery banks or one of the chargers is out of service. Additional description of this system may be found in the Bases for Specification 3.8.1, DC Sources - Operating.

The list of all required distribution Class 1E AC distribution and DC buses and panels is presented in Table B 3.8.5-1 and shown in FSAR Section 8.3.2 (Ref. 1).

AP1000 STS B 3.8.5-1 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 25 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

APPLICABLE The initial conditions of Design Basis Accident (DBA) and transient SAFETY analyses in FSAR Chapter 6 (Ref. 2) and FSAR Chapter 15 (Ref. 3),

ANALYSES assume engineered safety features (ESFs) are OPERABLE. The Class 1E AC instrument and control and DC electrical power dis tribution systems are designed to provide sufficient capacity, capability, redundancy, and reliability to ensure the availability of necessary power to the ESFs so that the fuel, Reactor Coolant System (RCS) and containment design limits are not exceeded.

These limits are discussed in more detail in the Bases for Technical Specifications 3.2 (Power Distribution Limits), 3.4 (Reactor Coolant System), and 3.6 (Containment Systems).

The OPERABILITY of the Class 1E AC instrument and control and DC electrical power distribution systems is consistent with the initial assumptions of the accident analyses and is based upon meeting the design basis of the unit. This includes maintaining at least three of the four Divisions of Class 1E AC instrument and control and DC electrical power distribution systems OPERABLE during accident conditions in the event of:

a. An assumed loss of all offsite and onsite AC power sources; and

b. A worst case single failure.

The Class 1E AC instrument and control and DC electrical power distribution systems satisfy Criterion 3 of 10 CFR 50.36(c)(2)(ii).

LCO The required electrical power distribution subsystems listed in Table B 3.8.5-1 ensure the availability of Class 1E AC instrument and control and DC electrical power for the systems required to shut down the reactor and maintain it in a safe condition after an anticipated operational occurrence (AOO) or a postulated DBA. The Division A, B, C, and D Class 1E AC instrument and control and DC electrical power distribution subsystems are required to be OPERABLE.

Maintaining the Division A, B, C, and D AC instrument and control and DC electrical power distribution subsystems OPERABLE ensures that the redundancy incorporated into the design of the ESFs is not defeated.

Three of the four Class 1E AC instrument and control and DC electrical power distribution subsystems are capable of providing the necessary electrical power to the associated ESF components.

Therefore, a single failure within any subsystem or within the electrical

AP1000 STS B 3.8.5-2 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 26 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

LCO (continued)

power distribution subsystems will not prevent safe shutdown of the reactor.

OPERABLE Class 1E DC electrical power distribution subsystems require the associated buses (switchboards), distribution panels, motor control centers, and electrical circuits to be energized to their proper voltage from either the associated battery bank or charger. The spare battery bank, and/or the spare battery charger, s or both may be used by one DC electrical power distribution subsystem for OPERABILITY.

OPERABLE Class 1E AC instrument and control electrical power distribution subsystems require the associated buses (distribution panels) to be energized to their proper voltages and frequencies from the associated inverter or voltage regulating transformer.

APPLICABILITY The Class 1E AC instrument and control and DC electrical power distribution subsystems are required to be OPERABLE in MODES 1, 2, 3, and 4 to ensure that:

a. Acceptable fuel design limits and reactor coolant pressure boundary limits are not exceeded as a result of AOOs or abnormal transients ;

and

b. Adequate core cooling is provided, and containment OPERABILITY and other vital functions are maintained in the event of a postul ated DBA.

The Class 1E AC instrument and control and DC electrical power distribution subsystem requirements for MODES 5 and 6 are covered in the Bases for Specification 3.8.6, Class 1E Distribution Systems -

Shutdown.

AP1000 STS B 3.8.5-3 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 27 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS A.1

With one division of the Class 1E AC instrument and control divisionbus inoperable (for Division B or C, either one or both required distribution panels inoperable can cause that division to be inoperable) the remaining Class 1E AC instrument and control busesdivisions have the capacity to support a safe shutdown and to mitigate all DBAs, based on conservative analysis.

Because of the passive system design and the use of fail-safe components, the remaining Class 1E AC instrument and control divisionsbuses have the capacity to support a safe shutdown and to mitigate most design basis accidents following a subsequent worst case single failure. The 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months Completion Time is reasonable based on engineering judgement balancing the risks of operation without one AC instrument and control divisionbus against the risks of a forced shutdown. Additionally, the Completion Time reflects a reasonable time to assess plant status; attempt to repair or replace, thus avoiding an unnecessary shutdown; and, if necessary, prepare and effect an orderly and safe shutdown.

This 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months limit is shorter than Completion Times allowed for most supported systems which would be without power. Taking exception to LCO 3.0.2 for components without adequate DC pPower, which would have Required Action Completion Times shorter than 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months , is acceptable because of:

a. The potential for decreased safety by requiring a change in uni t conditions (i.e., requiring a shutdown) while allowing stabl e operations to continue;

b. The potential for decreased safety by requiring entry into numerous applicable Conditions and Required Actions for components wi thout DC power and not providing sufficient time for the operators to perform the necessary evaluations and actions for restoring power to the affected division; and

c. The potential for an event in conjunction with a single failure of a redundant component.

The 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months Completion Time takes into account the importance to safety of restoring the Class 1E AC instrument and control divisionbus to OPERABLE status, the passive design of the ESF systems, the redundant capability afforded by the other OPERABLE Class 1E AC

AP1000 STS B 3.8.5-4 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 28 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

instrument and control divisionsbuses, and the low probability of a DBA occurring during this period which requires more than two OPERABLE AC instrument and control divisionsbuses.

The 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months Completion Time is also consistent with the time specified for restoration of one (of four) Protection and Safety Monitoring System actuation division (LCO 3.3.152, Engineered Safety Feature Actuation System (ESFAS)ESFAS Instrumentation Actuation Logic - Operating).

Depending on the nature of the AC instrument and control inoperability, one supported division of instrumentation could be considered inoperable. Inoperability of a PMS division is similar to loss of one division AC instrument and control divisionbus. In both cases, actuation of the safety functions associated with one of the four subsystems/divisions may no longer be available.

The second Completion Time for Required Action A.1 establishes a limit on the maximum time allowed for any combination of required distribution subsystems to be inoperable during any single contiguous occurrence of failing to meet the LCO. If Condition A is entered while, for instance, a DC bus is inoperable and subsequently restored OPERABLE, the LCO may already have been not met for up to 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months . This could lead to a total of 12 hours1.388889e-4 days 0.00333 hours 1.984127e-5 weeks 4.566e-6 months , since initial failure of the LCO, to restore the AC instrument and control distribution system. At this time, a DC circuit could again become inoperable, and AC instrument and control distribution restored OPERABLE. This could continue indefinitely.

The Completion Time allows for an exception to the normal time zero for beginning the allowed outage time clock. This will result in establishing the time zero at the time the LCO was initially not met, instead of the time Condition A was entered. The 12 hour1.388889e-4 days 0.00333 hours 1.984127e-5 weeks 4.566e-6 months Completion Time is an acceptable limitation on this potential to fail to meet the LCO indefinitely.

B.1

With one dDivision of the Class 1E DC electrical power distribution subsystem inoperable (for Division B or C, either one or more required buses or distribution panels inoperable can cause that division to be inoperable), the remaining d Divisions have the capacity to support a safe shutdown and to mitigate all DBAs, based on conservative analysis.

AP1000 STS B 3.8.5-5 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 29 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

Because of the passive system design and the use of fail-safe components, the remaining dDivisions have the capacity to support a safe shutdown and to mitigate most design basis accidents following a subsequent worst case single failure. The 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months Completion Time is reasonable based on engineering judgement balancing the risks of operation without one dDivision against the risks of a forced shutdown.

Additionally, the completion time reflects a reasonable time to assess plant status; attempt to repair or replace, thus avoiding an unnecessary shutdown; and, if necessary, prepare and effect an orderly and safe shutdown.

The 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months Completion Time is also consistent with the time specified for restoration of one (of four) Protection and Safety Monitoring System division (LCO 3.3.152, Engineered Safety Feature Actuation System (ESFAS)ESFAS Instrumentation Actuation Logic - Operating).

Depending on the nature of the DC electrical power distribution subsystem inoperability, one supported division of instrumentation could be considered inoperable. Inoperability of a PMS division is similar to loss of one DC electrical power distribution subsystem division. In both cases, actuation of the safety functions associated with one of the four subsystems/divisions may no longer be available.

This 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months limit is shorter than Completion Times allowed for most supported systems which would be without power. Taking exception to LCO 3.0.2 for components without adequate DC power, which would have Required Action Completion Times shorter than 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months , is acceptable because of:

a. The potential for decreased safety by requiring a change in unit conditions (i.e., requiring a shutdown) while allowing stable operations to continue;

b. The potential for decreased safety by requiring entry into numerous applicable Conditions and Required Actions for components without DC power and not providing sufficient time for the operators to perform the necessary evaluations and actions to restore power to the affected division; and

c. The potential for an event in conjunction with a single failure of a redundant component.

AP1000 STS B 3.8.5-6 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 30 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

The second Completion Time for Required Action B.1 establishes a limit on the maximum time allowed for any combination of required distribution subsystems to be inoperable during any single contiguous occurrence of failing to meet the LCO. If Condition B is entered while, for instance, an AC instrument and control bus is inoperable and subsequently returned OPERABLE, the LCO may already have been not met for up to 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months .

This could lead to a total of 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months , since initial failure of the LCO, to restore the DC distribution system. At this time, an AC train could again become inoperable, and DC distribution restored OPERABLE. This could continue indefinitely.

This Completion Time allows for an exception to the normal time zero for beginning the allowed outage time clock. This will result in establishing the time zero at the time the LCO was initially not met, instead of the time Condition B was entered. The 12 hour1.388889e-4 days 0.00333 hours 1.984127e-5 weeks 4.566e-6 months Completion Time is an acceptable limitation on this potential to fail to meet the LCO indefinitely.

C.1

With two divisions of AC instrument and control buses divisions inoperable, the remaining OPERABLE divisionsbuses are capable of supporting the minimum safety functions necessary to shut down the unit and maintain it in the safe shutdown condition. Overall reliability is reduced, however, since an additional single failure could result in the minimum required ESF functions not being supported. Therefore, the one required divisions of AC instrument and control buses must be restored to OPERABLE status within 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months by powering the divisionbus from the associated inverter via inverted DC, inverter using internal AC source, or Class 1E constant voltage regulating transformer.

Condition C represents two divisions of AC instrument and control divisionsvital buses without power; potentially both the DC source and the associated AC source are nonfunctioning. In this situation, the unit is significantly more vulnerable to a complete loss of all noninterruptable power. It is, therefore, imperative that the operators attention focus on stabilizing the unit, minimizing the potential for loss of power to the remaining divisionsbuses and restoring power to onethe affected divisionbuses.

AP1000 STS B 3.8.5-7 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 31 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

This 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months time limit is more conservative than Completion Times allowed for the vast majority of components that are without adequate AC instrument and control power. Taking exception to LCO 3.0.2 for components without adequate vital AC power, which would have the Required Action Completion Times shorter than 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months if declared inoperable, is acceptable because of:

a. The potential for decreased safety by requiring a change in unit conditions (i.e., requiring a shutdown) and not allowing stable operations to continue);

b. The potential for decreased safety by requiring entry into numer ous aApplicable Conditions and Required Actions for components without adequate AC power and not providing sufficient time for the operators to perform the necessary evaluations and actions for restoring power to the affected train; and

c. The potential for an event in conjunction with a single failure of a redundant component.

The 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months Completion Time takes into account the importance to safety of restoring theone AC instrument and control divisions buses to OPERABLE status, the redundant capability afforded by the other OPERABLE busesdivisions, and the low probability of a DBA occurring during this period.

The second Completion Time for Required Action C.1 establishes a limit on the maximum allowed for any combination of required distribution subsystems to be inoperable during any single contiguous occurrence of failing to meet the LCO. If Condition C is entered while, for instance, a DC bus is inoperable and subsequently returned to OPERABLE, the LCO may already have been not met for up to 12 hours1.388889e-4 days 0.00333 hours 1.984127e-5 weeks 4.566e-6 months . This could lead to a total of 14 hours1.62037e-4 days 0.00389 hours 2.314815e-5 weeks 5.327e-6 months , since initial failure of the LCO, to restore the bus distribution system. At this time, a DC train could again become inoperable, and AC bus distribution restored to OPERABLE. This could continue indefinitely.

This Completion Time allows for an exception to the normal time zero for beginning the allowed outage time clock. This will result in establishing the time zero at the time the LCO was initially not met, instead of the time Condition B was entered. The 16 hour1.851852e-4 days 0.00444 hours 2.645503e-5 weeks 6.088e-6 months Completion

AP1000 STS B 3.8.5-8 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 32 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

Time is an acceptable limitation on this potential to fail to meet the LCO indefinitely.

D.1

With two divisions of DC electrical power distribution subsystems system divisions inoperable, the remaining DC electrical power distribution subsystemssystem divisions are capable of supporting the minimum safety functions necessary to shut down the reactor and maintain it in a safe shutdown condition, assuming no single failure. The overall reliability is reduced, however, because a single failure in the remaining DC electrical power distribution subsystem divisions could result in the minimum required ESF functions not being supported. Therefore, the one required DC divisionbuses must be restored to OPERABLE status within 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months by powering the divisionbus from the associated battery or charger.

Condition D represents two divisionssubsystems without adequate DC power; potentially both with the battery significantly degraded and the associated charger nonfunctioning. In this situation, the unit is significantly more vulnerable to a complete loss of all DC power. It is, therefore, imperative that the operators attention focus on stabilizing the unit, minimizing the potential for loss of power to the remaining divisions and restoring power to onethe affected divisions.

This 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months limit is more conservative than Completion Times allowed for the vast majority of components that would be without power. Taking exception to LCO 3.0.2 for components without adequate DC power, which would have Required Action Completion Times shorter than 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months , is acceptable because of:

a. The potential for decreased safety by requiring a change in unit conditions (i.e., requiring a shutdown) while allowing stable operations to continue;

b. The potential for decreased safety by requiring entry into numerous applicable Conditions and Required Actions for components without DC power and not providing sufficient time for the operators to perform the necessary evaluations and actions for restoring power to the affected divisions; and

AP1000 STS B 3.8.5-9 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 33 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

c. The potential for an event in conjunction with a single failure of a redundant component.

The 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months Completion Time for restoring one DC electric power distribution system division to OPERABLE status buses is consistent with Regulatory Guide 1.93 (Ref. 4).

The second Completion Time for Required Action D.1 establishes a limit on the maximum time allowed for any combination of required distribution subsystems to be inoperable during any single contiguous occurrence of failing to meet the LCO. If Condition D is entered while, for instance, an AC instrument and control bus is inoperable and subsequently returned OPERABLE, the LCO may already have been not met for up to 12 hours1.388889e-4 days 0.00333 hours 1.984127e-5 weeks 4.566e-6 months .

This could lead to a total of 14 hours1.62037e-4 days 0.00389 hours 2.314815e-5 weeks 5.327e-6 months , since initial failure of the LCO, to restore the DC distribution system. At this time, an AC train could again become inoperable, and DC distribution restored to OPERABLE. This could continue indefinitely.

This Completion Time allows for an exception to the normal time zero for beginning the allowed outage time clock. This will result in establishing the time zero at the time the LCO was initially not met, instead of the time Condition C was entered. The 16 hour1.851852e-4 days 0.00444 hours 2.645503e-5 weeks 6.088e-6 months Completion Time is an acceptable limitation on this potential to fail to meet the LCO indefinitely.

E.1 and E.2

If the inoperable distribution division(s)subsystem cannot be restored to OPERABLE status within the required Completion Time, the unit must be brought to MODE 5 where the probability and consequences on an event are minimized. To achieve this status, the plant must be brought to at least MODE 3 within 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months and to MODE 5 within 36 hours4.166667e-4 days 0.01 hours 5.952381e-5 weeks 1.3698e-5 months . The allowed Completion Times are reasonable, based on operating experience, to reach the required unit conditions from full power conditions in an orderly manner and without challenging plant systems.

AP1000 STS B 3.8.5-10 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 34 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

F. 1

With two inoperable divisions Divisions with inoperable distribution subsystems that result in a loss of safety function, adequate core cooling, containment OPERABILITY and other vital functions for DBA mitigation would be compromised, and immediate plant shutdown in accordance with LCO 3.0.3 is required.

SURVEILLANCE SR 3.8.5.1 REQUIREMENTS This Surveillance verifies that the Class 1E AC instrument and control and DC electrical power distribution subsystems are functioning properly, with the required circuit breakers and switches properly aligned. The verification of proper voltage availability on the buses ensures that the required voltage is readily available for motive as well as control functions for critical system loads connected to these buses. The 7 day Frequency takes into account the redundant capability of the Class 1E AC instrument and control and DC electrical power distribution subsystems, and other indications available in the control room that alert the operator to electrical power distribution subsystem malfunctions.

REFERENCES 1. FSAR Section 8.3.2, DC Power Systems.

2. FSAR Chapter 6, Engineering Safety Features.

3. FSAR Chapter 15, Accident Analyses.

4. Regulatory Guide 1.93, Availability of Electric Power Sources, U.S.

Nuclear Regulatory Commission, December 1974.

AP1000 STS B 3.8.5-11 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 35 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

Table B 3.8.5-1 (page 1 of 1)

Class 1E AC and DC Electrical Power Distribution System

TYPE VOLTAGE DIVISION A* DIVISION B* DIVISION C* DIVISION D*

DC Buses (switchboards) 250 Vdc IDSA-DS-1 IDSB-DS-1 IDSC-DS-1 IDSD-DS-1 IDSB-DS-2 IDSC-DS-2

DC Distribution Panels 250 Vdc IDSA-DD-1 IDSB-DD-1 IDSC-DD-1 IDSD-DD-1 IDSA-DK-1 IDSB-DK-1 IDSC-DK-1 IDSD-DK-1

AC Instrumentation and 120 Vac IDSA-EA-1 IDSB-EA-1 IDSC-EA-1 IDSD-EA-1 Control Distribution IDSB-EA-3 IDSC-EA-3 Panels (Buses )

Each Division of the AC and DC electrical power distribution systems is a subsystem.

AP1000 STS B 3.8.5-12 Amendment 0Rev. 0 Revision 19 Date report generated:

Wednesday, April 29, 2015 Page 36 GTST AP1000-B85-3.8.5, Rev. 1

XII. Applicable STS Subsection After Incorporation of this GTST s Modifications

The entire sub section of the Specifications and the Bases associated with this GTST, following incorporation of the m odifications, is presented next.

Date report generated:

Wednesday, April 29, 2015 Page 37 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating 3.8.5

3.8 ELECTRICAL POWER SYSTEMS

3.8.5 Distribution Systems - Operating

LCO 3.8.5 The following Division A, B, C, and D electrical power distribution subsystems shall be OPERABLE:

a. DC; and

b. AC instrument and control.

APPLICABILITY: MODES 1, 2, 3, and 4.

ACTIONS

CONDITION REQUIRED ACTION COMPLETION TIME

A. One AC instrument and A.1 Restore AC instrument and 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months control division control division to inoperable. OPERABLE status.

B. One DC division B.1 Restore DC division to 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months inoperable. OPERABLE status.

C. Two AC instrument and C.1 Restore one AC instrument 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months control divisions and control division to inoperable OPERABLE status.

D. Two DC divisions D.1 Restore one DC division to 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months inoperable. OPERABLE status.

E. Required Action and E.1 Be in MODE 3. 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months associated Completion Tim e of Condition A, B, AND C, or D not met.

E.2 Be in MODE 5. 36 hours4.166667e-4 days 0.01 hours 5.952381e-5 weeks 1.3698e-5 months

AP1000 STS 3.8.5-1 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 38 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating 3.8.5

ACTIONS (continued)

CONDITION REQUIRED ACTION COMPLETION TIME

F. Two inoperable divisions F.1 Enter LCO 3.0.3 Immediately that result in a loss of safety function.

SURVEILLANCE REQUIREMENTS

SURVEILLANCE FREQUENCY

SR 3.8.5.1 Verify correct breaker and switch alignments and 7 days voltage to required DC and AC instrument and control electrical power distribution subsystems.

AP1000 STS 3.8.5-2 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 39 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

B 3.8 ELECTRICAL POWER SYSTEMS

B 3.8.5 Distribution Systems - Operating

BASES

BACKGROUND The onsite Class 1E DC and uninterruptible power supply (UPS) electrical power distribution system is divided by division into four independent divisions of AC and DC electrical power distribution subsystems (Divisions A, B, C, and D).

The Class 1E AC distribution Divisions A and D each consists of one 208/120 V instrument and control bus (distribution panel). The Class 1E AC distribution Divisions B and C each consists of two 208/120 V instrument and control buses (distribution panel). The AC buses are normally powered from separate inverters which are connected to the respective division Class 1E battery banks through the associated Class 1E 250 VDC buses (switchboards). The backup electrical power source provided for each division of the Class 1E AC instrument and control buses is a Class 1E voltage regulating transformer providing regulated output to the Class 1E AC instrument and control buses through a static transfer switch and a manual bypass switch. Power to the transformer is provided by the nonsafety related Main AC Power System. Additional description of this system may be found in the Bases for Specification 3.8.3, Inverters - Operating.

The Class 1E DC distribution Divisions A and D each consists of one 250 VDC bus (switchboards). The Class 1E DC distribution Divisions B and C each consists of two 250 VDC buses (switchboards). The buses for the four Divisions are normally powered from their associated Division battery chargers. The backup electrical power source for each Class 1E DC bus is its associated Class 1E battery bank. Additionally, there is one installed spare Class 1E battery bank and one installed spare Class 1E battery charger, which can provide backup power to a Class 1E DC bus in the event that one of the battery banks or one of the chargers is out of service. Additional description of this system may be found in the Bases for Specification 3.8.1, DC Sources - Operating.

The list of all required distribution Class 1E AC distribution and DC buses and panels is presented in Table B 3.8.5-1 and shown in FSAR Section 8.3.2 (Ref. 1).

AP1000 STS B 3.8.5-1 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 40 GTST AP1000-B85 -3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

APPLICABLE The initial conditions of Design Basis Accident (DBA) and transient SAFETY analyses in FSAR Chapter 6 (Ref. 2) and FSAR Chapter 15 (Ref. 3),

ANALYSES assume engineered safety features (ESFs) are OPERABLE. The Class 1E AC instrument and control and DC electrical power dis tribution systems are designed to provide sufficient capacity, capability, redundancy, and reliability to ensure the availability of necessary power to the ESFs so that the fuel, Reactor Coolant System (RCS) and containment design limits are not exceeded.

These limits are discussed in more detail in the Bases for Technical Specifications 3.2 (Power Distribution Limits), 3.4 (Reactor Coolant System), and 3.6 (Containment Systems).

The OPERABILITY of the Class 1E AC instrument and control and DC electrical power distribution systems is consistent with the initial assumptions of the accident analyses and is based upon meeting the design basis of the unit. This includes maintaining at least three of the four Divisions of Class 1E AC instrument and control and DC electrical power distribution systems OPERABLE during accident conditions in the event of:

a. An assumed loss of all offsite and onsite AC power sources; and

b. A worst case single failure.

The Class 1E AC instrument and control and DC electrical power distribution systems satisfy Criterion 3 of 10 CFR 50.36(c)(2)(ii).

LCO The required electrical power distribution subsystems listed in Table B 3.8.5-1 ensure the availability of Class 1E AC instrument and control and DC electrical power for the systems required to shut down the reactor and maintain it in a safe condition after an anticipated operational occurrence (AOO) or a postulated DBA. The Division A, B, C, and D Class 1E AC instrument and control and DC electrical power distribution subsystems are required to be OPERABLE.

Maintaining the Division A, B, C, and D AC instrument and control and DC electrical power distribution subsystems OPERABLE ensures that the redundancy incorporated into the design of the ESFs is not defeated.

Three of the four Class 1E AC instrument and control and DC electrical power distribution subsystems are capable of providing the necessary electrical power to the associated ESF components. Therefore, a single

AP1000 STS B 3.8.5-2 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 41 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

LCO (continued)

failure within any subsystem or within the electrical power distribution subsystems will not prevent safe shutdown of the reactor.

OPERABLE Class 1E DC electrical power distribution subsystems require the associated buses (switchboards), distribution panels, motor control centers, and electrical circuits to be energized to their proper voltage from either the associated battery bank or charger. The spare battery bank, the spare battery charger, or bothmay be used by one DC electrical power distribution subsystem for OPERABILITY.

OPERABLE Class 1E AC instrument and control electrical power distribution subsystems require the associated buses (distribution panels) to be energized to their proper voltages and frequencies from the associated inverter or voltage regulating transformer.

APPLICABILITY The Class 1E AC instrument and control and DC electrical power distribution subsystems are required to be OPERABLE in MODES 1, 2, 3, and 4 to ensure that:

a. Acceptable fuel design limits and reactor coolant pressure boundary limits are not exceeded as a result of AOOs or abnormal transients; and

b. Adequate core cooling is provided, and containment OPERABILITY and other vital functions are maintained in the event of a postulated DBA.

The Class 1E AC instrument and control and DC electrical power distribution subsystem requirements for MODES 5 and 6 are covered in the Bases for Specification 3.8.6, Class 1E Distribution Systems -

Shutdown.

ACTIONS A.1

With one Class 1E AC instrument and control division inoperable (for Division B or C, either one or both required distribution panels inoperable can cause that division to be inoperable) the remaining Class 1E AC instrument and control divisions have the capacity to support a safe shutdown and to mitigate all DBAs, based on conservative analysis.

AP1000 STS B 3.8.5-3 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 42 GTST AP1000-B85 -3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

Because of the passive system design and the use of fail-safe components, the remaining Class 1E AC instrument and control divisions have the capacity to support a safe shutdown and to mitigate most design basis accidents following a subsequent worst case single failure.

The 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months Completion Time is reasonable based on engineering judgement balancing the risks of operation without one AC instrument and control division against the risks of a forced shutdown. Additionally, the Completion Time reflects a reasonable time to assess plant status; attempt to repair or replace, thus avoiding an unnecessary shutdown; and, if necessary, prepare and effect an orderly and safe shutdown.

This 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months limit is shorter than Completion Times allowed for most supported systems which would be without power. Taking exception to LCO 3.0.2 for components without adequate DC power, which would have Required Action Completion Times shorter than 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months , is acceptable because of:

a. The potential for decreased safety by requiring a change in unit conditions (i.e., requiring a shutdown) while allowing stable operations to continue;

b. The potential for decreased safety by requiring entry into numerous applicable Conditions and Required Actions for components without DC power and not providing sufficient time for the operators to perform the necessary evaluations and actions for restoring power to the affected division; and

c. The potential for an event in conjunction with a single failure of a redundant component.

The 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months Completion Time takes into account the importance to safety of restoring the Class 1E AC instrument and control division to OPERABLE status, the passive design of the ESF systems, the redundant capability afforded by the other OPERABLE Class 1E AC instrument and control divisions, and the low probability of a DBA occurring during this period which requires more than two OPERABLE AC instrument and control divisions.

The 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months Completion Time is also consistent with the time specified for restoration of one (of four) Protection and Safety Monitoring System actuation division (LCO 3.3.15, Engineered Safety Feature Actuation System (ESFAS) Actuation Logic - Operating). Depending on the nature

AP1000 STS B 3.8.5-4 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 43 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

of the AC instrument and control inoperability, one supported division of instrumentation could be considered inoperable. Inoperability of a PMS division is similar to loss of one AC instrument and control division. In both cases, actuation of the safety functions associated with one of the four subsystems/divisions may no longer be available.

B.1

With one Class 1E DC electrical power distribution subsystem inoperable (for Division B or C, either one or more required buses or distribution panels inoperable can cause that division to be inoperable), the remaining divisions have the capacity to support a safe shutdown and to mitigate all DBAs, based on conservative analysis.

Because of the passive system design and the use of fail-safe components, the remaining divisions have the capacity to support a safe shutdown and to mitigate most design basis accidents following a subsequent worst case single failure. The 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months Completion Time is reasonable based on engineering judgement balancing the risks of operation without one d ivision against the risks of a forced shutdown.

Additionally, the completion time reflects a reasonable time to assess plant status; attempt to repair or replace, thus avoiding an unnecessary shutdown; and, if necessary, prepare and effect an orderly and safe shutdown.

The 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months Completion Time is also consistent with the time specified for restoration of one (of four) Protection and Safety Monitoring System division (LCO 3.3.15, Engineered Safety Feature Actuation System (ESFAS) Actuation Logic - Operating). Depending on the nature of the DC electrical power distribution subsystem inoperability, one supported division of instrumentation could be considered inoperable. Inoperability of a PMS division is similar to loss of one DC electrical power distribution system division. In both cases, actuation of the safety functions associated with one of the four divisions may no longer be available.

AP1000 STS B 3.8.5-5 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 44 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

This 6 hour6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months limit is shorter than Completion Times allowed for most supported systems which would be without power. Taking exception to LCO 3.0.2 for components without adequate DC power, which would have Required Action Completion Times shorter than 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months , is acceptable because of:

a. The potential for decreased safety by requiring a change in unit conditions (i.e., requiring a shutdown) while allowing stable operations to continue;

b. The potential for decreased safety by requiring entry into numerous applicable Conditions and Required Actions for components without DC power and not providing sufficient time for the operators to perform the necessary evaluations and actions to restore power to the affected division; and

c. The potential for an event in conjunction with a single failure of a redundant component.

C.1

With two AC instrument and control divisions inoperable, the remaining OPERABLE divisions are capable of supporting the minimum safety functions necessary to shut down the unit and maintain it in the safe shutdown condition. Overall reliability is reduced, however, since an additional single failure could result in the minimum required ESF functions not being supported. Therefore, one required division of AC instrument and control must be restored to OPERABLE status within 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months by powering the division from the associated inverter via inverted DC, inverter using internal AC source, or Class 1E voltage regulating transformer.

Condition C represents two AC instrument and control divisions without power; potentially both the DC source and the associated AC source are nonfunctioning. In this situation, the unit is significantly more vulnerable to a complete loss of all noninterruptable power. It is, therefore, imperative that the operators attention focus on stabilizing the unit, minimizing the potential for loss of power to the remaining divisions and restoring power to one affected division.

AP1000 STS B 3.8.5-6 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 45 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

This 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months time limit is more conservative than Completion Times allowed for the vast majority of components that are without adequate AC instrument and control power. Taking exception to LCO 3.0.2 for components without adequate vital AC power, which would have the Required Action Completion Times shorter than 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months if declared inoperable, is acceptable because of:

a. The potential for decreased safety by requiring a change in unit conditions (i.e., requiring a shutdown) and not allowing stable operations to continue);

b. The potential for decreased safety by requiring entry into numerous applicable Conditions and Required Actions for components without adequate AC power and not providing sufficient time for the operators to perform the necessary evaluations and actions for restoring power to the affected train; and

c. The potential for an event in conjunction with a single failure of a redundant component.

The 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months Completion Time takes into account the importance to safety of restoring one AC instrument and control division to OPERABLE status, the redundant capability afforded by the other OPERABLE divisions, and the low probability of a DBA occurring during this period.

D.1

With two DC electrical power distribution system divisions inoperable, the remaining DC electrical power distribution system divisions are capable of supporting the minimum safety functions necessary to shut down the reactor and maintain it in a safe shutdown condition, assuming no single failure. The overall reliability is reduced, however, because a single failure in the remaining DC electrical power distribution system divisions could result in the minimum required ESF functions not being supported.

Therefore, one required DC division must be restored to OPERABLE status within 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months by powering the division from the associated battery or charger.

Condition D represents two divisions without adequate DC power; potentially both with the battery significantly degraded and the associated charger nonfunctioning. In this situation, the unit is significantly more vulnerable to a complete loss of all DC power. It is, therefore, imperative

AP1000 STS B 3.8.5-7 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 46 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

that the operators attention focus on stabilizing the unit, minimizing the potential for loss of power to the remaining divisions and restoring power to one affected division.

This 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months limit is more conservative than Completion Times allowed for the vast majority of components that would be without power. Taking exception to LCO 3.0.2 for components without adequate DC power, which would have Required Action Completion Times shorter than 2 hours2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months , is acceptable because of:

a. The potential for decreased safety by requiring a change in unit conditions (i.e., requiring a shutdown) while allowing stable operations to continue;

b. The potential for decreased safety by requiring entry into numerous applicable Conditions and Required Actions for components without DC power and not providing sufficient time for the operators to perform the necessary evaluations and actions for restoring power to the affected divisions; and

c. The potential for an event in conjunction with a single failure of a redundant component.

The 2 hour2.314815e-5 days 5.555556e-4 hours 3.306878e-6 weeks 7.61e-7 months Completion Time for restoring one DC electric power distribution system division to OPERABLE status is consistent with Regulatory Guide 1.93 (Ref. 4).

E.1 and E.2

If the inoperable distribution division(s) cannot be restored to OPERABLE status within the required Completion Time, the unit must be brought to MODE 5 where the probability and consequences on an event are minimized. To achieve this status, the plant must be brought to at least MODE 3 within 6 hours6.944444e-5 days 0.00167 hours 9.920635e-6 weeks 2.283e-6 months and to MODE 5 within 36 hours4.166667e-4 days 0.01 hours 5.952381e-5 weeks 1.3698e-5 months . The allowed Completion Times are reasonable, based on operating experience, to reach the required unit conditions from full power conditions in an orderly manner and without challenging plant systems.

AP1000 STS B 3.8.5-8 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 47 GTST AP1000-B85-3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

BASES

ACTIONS (continued)

F. 1

With two inoperable divisions that result in a loss of safety function, adequate core cooling, containment OPERABILITY and other vital functions for DBA mitigation would be compromised, and immediate plant shutdown in accordance with LCO 3.0.3 is required.

SURVEILLANCE SR 3.8.5.1 REQUIREMENTS This Surveillance verifies that the Class 1E AC instrument and control and DC electrical power distribution subsystems are functioning properly, with the required circuit breakers and switches properly aligned. The verification of proper voltage availability on the buses ensures that the required voltage is readily available for motive as well as control functions for critical system loads connected to these buses. The 7 day Frequency takes into account the redundant capability of the Class 1E AC instrument and control and DC electrical power distribution subsystems, and other indications available in the control room that alert the operator to electrical power distribution system malfunctions.

REFERENCES 1. FSAR Section 8.3.2, DC Power Systems.

2. FSAR Chapter 6, Engineering Safety Features.

3. FSAR Chapter 15, Accident Analyses.

4. Regulatory Guide 1.93, Availability of Electric Power Sources, U.S.

Nuclear Regulatory Commission, December 1974.

AP1000 STS B 3.8.5-9 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 48 GTST AP1000-B85 -3.8.5, Rev. 1

Distribution Systems - Operating B 3.8.5

Table B 3.8.5-1 (page 1 of 1)

Class 1E AC and DC Electrical Power Distribution System

TYPE VOLTAGE DIVISION A DIVISION B DIVISION C DIVISION D

DC Buses (switchboards) 250 Vdc IDSA-DS-1 IDSB-DS-1 IDSC-DS-1 IDSD-DS-1 IDSB-DS-2 IDSC-DS-2

DC Distribution Panels 250 Vdc IDSA-DD-1 IDSB-DD-1 IDSC-DD-1 IDSD-DD-1 IDSA-DK-1 IDSB-DK-1 IDSC-DK-1 IDSD-DK-1

AC Instrument and Control 120 Vac IDSA-EA-1 IDSB-EA-1 IDSC-EA-1 IDSD-EA-1 Distribution Panels (Buses) IDSB-EA-3 IDSC-EA-3

AP1000 STS B 3.8.5-10 Rev. 0

Date report generated:

Wednesday, April 29, 2015 Page 49

ML22240A111

Contents

Text

Title:

Title:

Title:

Title:

Title:

Contact:

Navigation menu

ML22240A111

Text

Title:

Title:

Title:

Title:

Title:

Contact:

Navigation menu

Search