ML18260A317

From kanterella
Revision as of 09:59, 21 September 2018 by StriderTol (talk | contribs) (Created page by program invented by StriderTol)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Nuscale Handouts for August 30, 2018 Public Meeting on Initial Test Program
ML18260A317
Person / Time
Issue date: 09/17/2018
From: Tabatabai-Yazdi O
NRC/NRO/DLSE/LB1
To:
Tabatabai-Yazdi O / 415-6616
References
Download: ML18260A317 (24)
v  d  e


Text

1 Comparison of ESBWR and NuScale Preoperational Test Abstract Details Summary The test abstracts in the ESBWR Initial Test Program (DCD Chapter 14) typically contain more detail in the prerequisites section than the equivalent NuScale test abstracts. However, the level of detail and information included is inconsistent, often ambiguous, and in many cases meaningless. Detailed exampled are provided below.

In all of the other sections of the test abstracts, which include objectives, test methods, and acceptance criteria, the NuScale test abstracts provide significantly greater detail than the ESBWR counterparts.

Prerequisites Examples The following example is taken directly from the ESBWR Plant Automation System Preoperational Test (ESBWR DCD Chapter 14, Section 14.2.8.1.11), and represents typical ESBWR test abstract prerequisites

The construction tests have been successfully completed and the SCG has reviewed the test procedure and approved the initiation of testing. The PGCS, RC&IS, Turbine Control System, and other required system interfaces shall be available to support the specific system testing. The required input and output devices and various system interfaces shall be connected and available, as needed, for supporting the specified testing configurations.

In this example, the prerequisites identify three systems (PGCS, RC&IS, and Turbine Control System) that are required to support the test. This type of information is not provided in the NuScale test abstracts. RG 1.206 states that test abstracts should "(2) specify the prerequisites and major plant operating conditions necessary for each test (such as power level and mode of operation of major control systems)." NuScale interpreted the parenthetical statement to be examples of the types of prerequisites and major plant operating conditions expected in a test abstract, which does not include a list of support systems.

Additionally, the ESBWR example includes catch

-all caveats such as "other required system interfaces," "various system interfaces," and "as needed." These statements add to the volume of the prerequisite without adding to the quality. When the process of detailed procedure development is undertaken, such statements must be filtered and discarded, a negative attribute of the prerequisite statement.

Additional examples of this type of ESBWR prerequisite statements include the following:

The required interfacing systems shall be available, as needed, to support the specified testing and the appropriate system configurations.

Adequate laboratory facilities and appropriate analytical procedures shall be in place.

2 Initial system installation and setup has been accomplished per instructions.

(Note: The test abstract from which this statement was taken does not include the instructions for system installation and setup or a description of what they might include.)

Construction is completed to the extent necessary to perform this test.

The first statement of the prerequisite regarding construction testing completion and the use of approved procedures is an administrative prerequisite which is repeated in most of the ESBWR test abstracts. These types of requirements will be a programmatic requirement of the NuScale ITP, and therefore are not included in each of the NuScale test abstracts.

Some ESBWR test abstracts contain significant detail regarding plant condition prerequisites for testing. The following example is taken directly from the ESBWR Containment Structural Integrity Test (ESBWR DCD Chapter 14, Section 14.2.8.1.31):

The containment construction is complete to the extent necessary to perform this test. Construction turnover of the system is completed. The SCG has reviewed the test procedures and approved the initiation of testing. Reactor vessel, GDCS Pools, IC/PCCS Pools, reactor cavity, equipment storage pool, spent fuel pool and suppression pool are filled with water to the normal operation level. The instruments and controls within the scope of this test are calibrated. The structural integrity measurement and pressurizing equipment is available for use to support the test. Equipment incapable of withstanding the test pressure are removed from containment or otherwise protected.

Similarly, when specific plant conditions are required for testing, NuScale test abstracts contain detailed prerequisites. The following example is taken directly from the NuScale Primary and Secondary Chemistry Test #79 (Table 14.2-79): i. The PSS instruments have been calibrated.

ii. The NPM is fully assembled.

iii. The RCS is at hot zero power (RCS at normal operating pressure and RCS temperature at the maximum temperature obtainable when heated only by the MHS).

NuScale test abstracts also provide detailed prerequisites when conditions specific to the system under test are required prior to conducting the test. The following example is taken directly from the NuScale Highly Reliable DC Power System Test #57 (Table 14.2

-57): i. Verify an instrument calibration has been completed, with approved records and within all calibration due dates, for all instruments required to perform this test.

ii. Verify a valve

-regulated lead

-acid battery acceptance test has been performed on all EDSS batteries to confirm battery capacity in accordance with IEEE Standard 1188 Sections 6 and 7.

iii. Verify battery charger performance testing has been completed by the manufacturer or a site acceptance test has been completed in accordance with manufacturer instructions.

3 Objectives Examples (Note: ESBWR test abstracts state the objective of the tests under the heading of Purpose.) The following example is taken directly from the ESBWR Safety System Logic and Control Engineered Safety Feature Preoperational Test (ESBWR DCD Chapter 14, Section 14.2.8.1.6):

The objective of this test is to verify proper operation of the Safety System Logic and Control Engineered Safety Feature (SSLC/ESF) and the safety

-related (Q

-DCIS) and nonsafety-related (N

-DCIS) plant Distributed Control and Information System (DCIS) indicated in Subsection 14.2.8.1.7. Proper functioning of the DCIS includes those functions utilized for the preoperational testing of the aggregate plant systems.

This represents a typical objective statement in an ESBWR test abstract. The phrase "verify proper operation" is obvious and lacks any specific detail.

Conversely, each NuScale test abstract provide an objective statement for each component level and system level test included in the test abstract. The test abstract for the NuScale Module Protection System test #63 (Table 14.2

-63) includes eleven test objective statements, several of which are multi

-part. Examples include:

System Level Test #63

-1 Test Objective Verify the instrument signals of MPS monitored variables are displayed in the MCR. System Level Test #63

-6 Test Objective

i. Verify the MPS can manually actuate ESF equipment from the MCR.

ii. Verify deliberate operator action is required to return the ESF actuated equipment to its non-actuated position.

iii. Verify the MPS can automatically actuate ESF equipment from all ESF actuation signals. Test Method and Acceptance Criteria Examples The ESBWR test abstracts include a section titled "General Test Methods and Acceptance Criteria." A bulleted list is then provided that represents the test methods and acceptance criteria. The following examples are taken directly from the ESBWR Reactor Water Cleanup/Shutdown Cooling System Preoperational Test (ESBWR DCD Chapter 14, Section 14.2.8.1.13):

Proper functioning of instrumentation and alarms used to monitor system operation and availability; Proper operation of system valves, including timing, under expected operating conditions; Proper operation of pumps and motors in all design operating modes;

4 Although presented as test methods and acceptance criteria, the bulleted statements do not describe a method for demonstrating the generic acceptance criteria of "proper functioning" and "proper operation".

The NuScale test abstracts list test methods in one column and the acceptance criteria specif i c to th at test method in an adjacent column. The NuScale test abstract for the Spent Fuel Pool Cooling System Test #1 (Table 14.2

-1) includes the following test methods and associated acceptance criteria (not a complete list):

Test Objective Test Method Acceptance Criteria Verify each SFPCS air

-operated valve fails to its safe position on loss of electrical power to its solenoid. Place each valve in its non

-safe position. Isolate electrical power to each air-operated valve. MCR display and local, vis ual observation indicate each valve fails to its safe position.

Verify each SFPCS pump can be started and stopped remotely.

Align the SFPCS to allow for pump operation.

Stop and start each pump from the MCR. MCR display and local, visual observation indicate each pump starts and stops.

Verify each SFPCS pump automatically stops to protect the pump. Align the SFPCS to allow for pump operation. Place a pump in service.

Initiate a simulated stop signal for the following system conditions.

i. Low pump suction pressure ii. High pump discharge pressure. MCR display and local, visual observation indicate each pump stops. In this format, a test method is specified for each test objective, and acceptance criteria are provided to demonstrate the objective is satisfied.

5 The following is a line

-by-line analysis of the ESBWR test abstract for the Nuclear Boiler System and comparison to the NuScale test abstracts containing comparable plant functions.

LEGEND Black text, non-italics: Text copied directly from ESBWR Chapter 14, Initial Test Program, test abstracts Black text, italics: Clarifying notes and comparison summaries Red text, non-italics: Text copied directly from NuScale Chapter 14, Initial Test Program, test abstracts Red text, italics: Supplementary information, comments, and descriptions of deltas.

ESBWR NuScale 14.2.8.1.1 Nuclear Boiler System Preoperational Test Containment System Test #43 Reactor Coolant System Test #46 Module Protection System Test

  1. 63 Safety Display and Indication Test #66 ESBWR Objectives (NuScale comments and comparisons in red text

) The objective of this test is to verify that the valves, actuators, instrumentation, trip logic, alarms, annunciators, and indications associated with the Nuclear Boiler System (NBS) function as specified.

A generic objective statement such as this is made at the beginning of most ESBWR test abstracts.

NuScale Objectives From Test #43:

Verify the CNTS safety

-related check valves change position under design differential pressure and flow.

Verify the leaktightness of the containment system.

From Test #46:

Verify the RCS safety

-related check valves change position under design differential pressure and flow.

Verify the RCS safety

-related excess flow check valves change position under design flow. Verify each RCS instrument is available on an MCS or PCS display. (Test not required if the instrument calibration verified the MCS or PCS display.)

6 From Test #63:

Verify the instrument signals of MPS monitored variables are displayed in the MCR. Verify the MPS automatically initiates a reactor trip signal.

Verify the MPS automatically initiates an ESF actuation signal.

Verify the MPS can automatically actuate ESF equipment from all ESF actuation signals. Verify the CIVs operate to satisfy their ESF-actuated design stroke time.

Verify the MPS response times from sensor output through:

o i. reactor trip breaker actuation for the reactor trip function.

o ii. de-energization of the associated solenoid valve for ESF

-actuated valves. o iii. opening of the pressurizer heater supply breaker for the pressurizer heater trip. From Test #66:

Verify the proper valve position indication for each ESF valves that provide input to MPS. Verify PAM Type B and C variables are displayed on the module-specific SDIS displays in the MCR.

Verify alarms associated with PAM Type B and C variables are retrieved in the MCR.

Verify module

-specific PAM Type D variables are displayed on the module-specific SDIS displays in the MCR. Objective Summary:

The NuScale test abstract contains a significantly more detailed explanation of the test objectives.

ESBWR Prerequisites (NuScale comments and comparisons in red text)

The construction tests have been successfully completed and the SCG has reviewed the test procedure and approved the initiation of testing.

This is a generic statement in each of the ESBWR test abstracts.

This is an administrative control detailed in the Startup Administrative Manual, and is unnecessary to state in the test abstracts.

The Depressurization Valve (DPV) engineering development tests have been completed as described in Subsection 5.4.13.3. The DPV factory operability tests, including response tests and flow tests, have been completed. The Reactor Pressure Vessel (RPV) and Main Steamlines (MSL) can accept water during the test.

7 The NuScale Power Module (NPM) arrives at the site with all piping and valves directly associated with the NPM installed. The EQ testing of the components occurs at the vendor or NPM manufacturer site. Verification that the testing required prior to shipping the NPM to the site has been completed is not necessary as a prerequisite The nitrogen gas and instrument air are available to support operation of Main Steam (MS) valves. Electrical power is available to support MS valves, instrumentation, and system operation.

RG 1.206 states that test abstracts should "(2) specify the prerequisites and major plant operating conditions necessary for each test (such as power level and mode of operation of major control systems)." ESBWR, in this particular example, has provided specific systems necessary to operate specific components that will be tested. It should be noted that this practice is not consistently applied in their test abstracts. The statement that "electrical power is available" is generic (no detail) and provides no real usable information for development of the detailed test procedure, which is the purpose of the test abstracts.

Frequently To the extent necessary, the interfacing systems are available to support the specific system testing and the appropriate system configurations.

This generic statement is repeated in the prerequisites of most of the ESBWR test abstracts. It contains no detail, and is not included in NuScale test abstracts.

To prevent actuation of single

-use squib valves during the logic portion of this testing process, the valve(s) may be isolated electrically to prevent actuation. This process of isolation, verification of the firing signal during the test, and subsequent reconnection must be controlled within the test document.

The NuScale design does not contain an equivalent feature.

NuScale Prerequisites Verify an instrument calibration has been completed, with approved records and within all calibration due dates, for all instruments required to perform this test.

(Note: The following is not listed in the prerequisite section of the test abstract, but rather in the description of the associated system level test.)

Test 63-6 is performed at hot functional testing concurrently with TGS test #33

-1 (reference 14.2.12.33) to allow testing of ESF actuations at normal operating pressure and elevated temperatures. Test #33

-1 heats the RCS from ambient conditions to the highest temperature achievable by MHS heating. These hot functional testing conditions provide the highest differential pressure and temperature conditions that can be achieved prior to fuel load.

Prerequisite Summary

8 The ESBWR test abstract prerequisites contains details not necessary for NuScale test abstracts due to the NPM valves and piping being connected and tested a t the manufacturer site.

The ESBWR test abstract contains details about systems required to support testing, but of limited scope and inconsistent application.

The NuScale test abstracts that test similar functions only include a prerequisite for instrumentation calibration.

However, where specific plant conditions are required for a system level test, those conditions are explicitly stated.

ESBWR General Test Methods and Acceptance Criteria (The ESBW R test method and acceptance criteria for this test abstract are bulleted in the following pages. The test method and acceptance criteria for the equivalent NuScale functions' tests are provided in red text after each ESBWR example. Comments about differences are provided in italics.

) Performance shall be observed and recorded during a series of individual component and integrated system tests to demonstrate the following:

NuScale test abstracts are divided into component level and system level tests.

Verification that the sensing devices respond to actual process variables and provide alarms and trips at specified values; Proper operation of system instrumentation and any associated logic, including that of the Automatic Depressurization System (ADS);

Proper operation of Main Steam Isolation Valves (MSIVs) and main steamline drain valves, including verification of closure time in the isolation mode; Proper operation of the Feedwater (FW) isolation valves and FW check valves, including verification of closure times in isolation mode and testability features, if present; Proper operation of DPV and SRV including verification of position indication; and Acceptability of instrument channel response times, as measured from each applicable process variable input signal to the applicable process actuator confirmation signal.

(Note: The NuScale test abstracts separate the test method and acceptance criteria. The following table lists the test method and associated acceptance criteria for each of the elements described the ESBWR General Test Method and Acceptance Criteria above.)

Test Method Acceptance Criteria Initiate a single real or simulated instrument signal from each RCS transmitter.

The instrument signal is displayed on an MCS or PCS display, or is recorded by the applicable control system historian.

Table 7.1-2 lists all of sensors which input to MPS. This test may be performed concurrently with safety display and indication system (SDIS) test #66-2 for PAM Type B and Type C testing described in Section 14.2.12.

Each MPS monitored signal is displayed on an MCR workstation and the module specific safety display instrument panel (if designed for safety display instrument display).

9 Inject a single signal as close as practical for each sensor listed in Table 7.1

-2 and monitor its response on an MCR workstation and the module-specific safety display instrument panel (if designed for safety display instrument display). If the sensor signal is designed to be disconnected when the NPM is moved then it will be necessary to test the signal from the sensor to the disconnect and then from the disconnect to the MCR display. This test verifies initiation of reactor trip signals and ESF actuation signals only.

Component actuation is not required or verified. Test #63-1 is completed in order to use the associated test signals.

Real or simulated CNTS level, reactor trip breaker position, RCS temperature and NMS signals may be required to provide the necessary bypass interlock status for either the reactor trip or ESF actuation to be available.

i. Initiate an automatic reactor trip signal by simulating a reactor trip function for each function listed in Table 7.1-3. All combinations of the 2 out of 4 logic are tested for each reactor trip function. ii. Initiate an automatic ESF actuation signal by simulating an ESF actuation function for each function listed in Table 7.1-4. All combinations of the 2 out of 4 logic must be actuated for each ESF function.
i. A reactor trip signal is displayed in the MCR for all 2 out of 4 logic combinations of each reactor trip function. [ITAAC 02.05.08]

ii. An ESF actuation signal is displayed in the MCR for all 2 out of 4 logic combinations each reactor ESF actuation function.

[ITAAC 02.05.09]

Figure 7.1

-1 identifies all ESF actuation signals such as CVCS isolation and CNTS isolation.

Table 7.1-4 lists all of the ESF functions.

This test will verify the design response of ESF actuation signals using both a single manual ESF signal and a single ESF function to provide an automatic ESF actuation signal. All manual and automatic ESF actuation signals i. The MPS actuates the ESF equipment to perform its safety-related function as described in Table 7.

1-4. Each ECCS valve opens after receipt of an ESF signal and after RCS pressure is decreased to the threshold pressure for operation of the inadvertent actuation block described in Section 6.3.2.2. [ITAAC 02.01.13] [ITAAC 02.01.14]

[ITAAC 02.01.15]

10 are tested. The RCS is at normal operating pressure supplying bypass steam to the condenser.

i. Initiate a manual ESF actuation signal from the MCR. ii. a. Attempt to operate the actuated ESF equipment from the MCR.
b. Remove the manual ESF actuation signal and attempt to operate the actuated ESF equipment from the MCR.
c. Use the MCR enable nonsafety control switch to allow operation of the ESF actuated equipment from the MCR.

Repeat for all MCR manual ESF actuations.

iii. Initiate an automatic ESF actuation signal. The test may be performed with the RCS at ambient conditions.

Repeat for all ESF actuation signals.

[ITAAC 02.01.18]

[ITAAC 02.01.19]

[ITAAC 02.01.20]

[ITAAC 02.05.13]

[ITAAC 02.05.16]

ii. a. The actuated equipment cannot be operated from the MCR.

b. The actuated equipment cannot be operated from the MCR.
c. The ESF equipment can be operated from the MCR. [ITAAC 02.01.13]

[ITAAC 02.01.14]

[ITAAC 02.01.15]

[ITAAC 02.05.16]

iii. The MPS automatically actuates the ESF equipment to perform its safety

-related function as described in Table 7.1-4. [ITAAC 02.01.13]

[ITAAC 02.01.14]

[ITAAC 02.01.15]

[ITAAC 02.01.18]

[ITAAC 02.01.20]

[ITAAC 02.05.11]

[ITAAC 02.05.16]

Table 6.2-5 contains the design closure time for containment isolation valves.

Time the operation of all CIVs as they actuate to their ESF position during the manual ESF actuation testing in Test #63

-6. Each containment isolation valve travels from fully open to fully closed in less than or equal to the time listed in Section 6.2.4.3 after receipt of a containment isolation signal.

[ITAAC 02.01.08]

[ITAAC 02.05.17] Section 7.1.4 contains a description of design basis event actuation delays assumed in the plant safety analysis and listed in Table 7.1

-6. The actuation delays do not include ESF actuated component delays for actuated valves. Perform a time response test for the actuation signals listed in Table 7.1

-6. Response time testing for ESF actuated CNTS, DHRS, ECCS and DWS valves are found in Test #63

-7. The MPS reactor trip functions listed in Table 7.1-3 and ESF functions listed in Table 7.1-4 have response times that are less than or equal to the design basis safety analysis response time assumptions in Table 7.1

-6. [ITAAC 02.05.17]

i. With the NPM assembled, open and close the valves listed in Table 7.1

-2. i. The valves open and close as indicated by a module-specific SDIS display and an MCR workstation display.

11 ii. Provide a real or simulated signal f or each reactor safety valve position (Table 7.1

-2). ii. The valve opens and closes as indicated by a module-specific SDIS display and an MCR workstation display. i. Simulate an injection signal for the PAM Type B and C variables listed in Table 7.1-7. ii. Increase or decrease a simulated injection signal for the PAM Type B and C variables listed in Table 7.1

-7 to obtain its associated alarm. iii. Simulate an injection signal for the PAM Type D variables listed in Table 7.1-7 i. The PAM Type B and C variables listed in Table 7.1-7 are retrieved and displayed on the SDI displays in the MCR. [ITAAC 02.05.25]

ii. The alarms associated with the P AM Type B and C variables listed in Table 7.1-7.are retrieved and displayed on the SDI displays in the MCR. iii. The PAM Type D variables listed in Table 7.1-7 are retrieved and displayed on the SDIS displays in the MCR. The check valves are tested in accordance with the requirements of ASME OM Code, ISTC-5220, Check Valves

. Each RCS safety

-related check valve strokes fully open and closed under forward and reverse flow conditions, respectively.

[ITAAC 02.01.16]

The check valves are tested in accordance with the requirements of ASME OM Code, ISTC-5220, Check Valves

. Each RCS safety

-related excess flow check valve strokes fully closed under excess flow conditions.

The NuScale test abstract provides detailed descriptions of the test method to be employed for each of the functions tested, as well as acceptance criteria specific to the test method. Additionally, locations of the associated information are provided in both the test methods and acceptance criteria to remove any ambiguity as to what it be tested and to what acceptance criteria. Verification of the acceptable leaktightness and overall integrity of the reactor coolant pressure boundary via the leakage rate and hydrostatic testing as described in Section 5.2 Test Method Acceptance Criteria Perform 10 CFR Part 50, Appendix J local leak rate tests (Type B and Type C tests) of the CNTS in accordance with the guidance provided in ANSI/ANS 56.8,RG 1.163, and NEI 94-01. Local leak rate tests are completed on containment penetrations listed in Table 6.2-9 which require Appendix J, Type B or C testing.

[ITAAC 02.01.07]

Verification of appropriate Safety Relief Valve (SRV) and MSIV accumulator capacity; Proper operation of SRV air piston actuators and discharge line vacuum breakers;

12 The NuScale design does not include components with similar functionality. However, it should be noted that the only acceptance criteria provided are "appropriate" accumulator capacity and "proper operation" of actuators and vacuum breakers.

13 The following is a line

-by-line analysis of the ESBWR test abstract for the Process Radiation Monitoring System and comparison to the NuScale test abstracts containing comparable plant functions.

LEGEND Black text, non-italics: Text copied directly from ESBWR Chapter 14, Initial Test Program, test abstracts Black text, italics: Clarifying notes and comparison summaries Red text, non-italics: Text copied directly from NuScale Chapter 14, Initial Test Program, test abstracts Red text, italics: Supplementary information, comments, and descriptions of deltas.

(Note: The ESBWR test abstract does not inventory the specific process radiation monitors. The NuScale test abstracts inventory and test the process radiation monitors in the system to which the radiation monitor belongs.)

ESBWR NuScale 14.2.8.1.16 Process Radiation Monitoring System Preoperational Test Pool Surge Control System Test #4 Auxiliary Boiler System Test #9 Control Room Habitability System Test # 18 Normal Control Room HVAC System Test #19 Reactor Building HVAC System Test #20 Balance-of-Plant Drains Test #24 Liquid Radioactive Waste System Test #35 Gaseous Radioactive Waste System Test #36 Chemical and Volume Control System Test

  1. 38 Containment Evacuation System Test #41 Containment Flooding and Drain System Test
  1. 42 Safety Display and Indication Test #66 14.2.8.1.16 Process Radiation Monitoring System Preoperational Test Purpose The objective of this test is to verify the ability of the Process Radiation Monitoring System (PRMS) to indicate and alarm normal and abnormal radiation levels, and to initiate, if appropriate, isolation functions upon detection of high radiation levels in any of the process streams that are monitored.

From DCA Section 14.2

.3.2:

14 Credit is taken for the logic testing performed for the nonsafety

-related module control system (MCS) described in Section 7.0.4.5, and the nonsafety

-related plant control system (PCS) described in Section 7.0.4.6. Therefore, if the component is controlled by MCS or PCS, the component-level logic testing in the preoperational test is limited to the testing of component

-level design features described below (if the design feature is applicable to the system) unless the preoperational test verifies an ITAAC. The component tests are standardized to provide the same level of test detail across all systems. This graded approach does not affect system

-level tests which require integrated system operation. The standardized component tests are:

  • Remote operation of equipment.
  • Manual control of variable

-speed pump or fan.

  • Automatic start of standby pump or fan.
  • Automatic operation of pump recirculation valve.
  • Remote operation of valve or damper.
  • Valve or damper fails to its safe position on loss of air.
  • Valve or damper fails to its safe position on loss of electrical power to its solenoid.
  • Damper or fan responds to fire or smoke alarm.
  • Equipment response to automatic signals to protect plant equipment.
  • Automatic operation of tank or basin level control valve.
  • Automatic bus transfer via bus tie breaker.
  • System instrument calibration.
  • Each instrument is monitored in the MCR and the remote shutdown station (RSS), if the signal is designed to be displayed in the RSS. (Test not required if the instrument calibration verified the MCR and RSS display.)
  • Equipment protection logic From PSCS Test #4, Component Level Test 4

-v Test Objective:

Verify the PSCS automatically responds to mitigate a release of radioactivity.

From ABS Test #9, Component Level Test 9

-vi and 9-vii Test Objective:

Verify the ABS automatically responds to mitigate a release of radioactivity.

From CRHS Test #18, System Level Test 18

-1 Test Objective:

Verify the CRHS and the CRVS automatically respond to provide breathable air to the CRE under accident conditions.

From CRVS Test #19, System Level Test 19

-4 Test Objective:

Verify the CRVS automatically responds to mitigate the consequences of high radiation in the outside air.

15 From RBVS Test #20, System Level Test 20

-3 Test Objective:

i. Verify RBVS automatic alignment on a simulated spent fuel pool hi

-hi radiation level.

ii. Verify the RBVS maintains a negative pressure in the RXB relative to the outside environment while the RBVS is operating in accident alignment.

iii. Verify the RWBVS maintains a negative pressure in the RWB relative to the outside environment while the RBVS is operating in accident alignment.

From BPDS Test #24, System Level Test 24-2, 24-3, 24-4, 24-5, and 24-6 Test Objective:

Verify the BPDS automatically responds to mitigate a release of radioactivity.

From LRWS Test #35, Component Level Test 35

-vi Test Objective:

Verify radiation isolation on discharge to the utility water discharge basin high radiation, low dilution flow or underground pipe break.

From GRWS Test #36, Component Level Test 36

-vii Test Objective:

Verify radiation isolation of GRWS charcoal decay beds upon detection of decay bed discharge flow high radiation level.

From GRWS Test #36, Component Level Test 36

-viii Test Objective:

Verify radiation isolation of GRWS discharge to the RWBVS exhaust upon detection of a high radiation level.

From CVCS Test #38, Component Level Tests 38

-xiii, 38-xiv, and 38

-v Test Objective

Verify the CVCS automatically responds to mitigate a release of radioactivity.

From CES Test #41, System Level Test 41

-2 Test Objective:

Verify radiation isolation and flow diversion on high radiation level in the CES.

From CFDS Test #42, System Level Test 42-4 Test Objective:

Verify the 6A CFDS automatically responds to mitigate a release of radioactivity.

From CFDS Test #42, System Level Test 42

-5 Test Objective:

Verify the 6B CFDS automatically responds to mitigate a release of radioactivity.

From SDIS Test #66, Common SDIS Component Level Test 66

-ii Test Objective:

Verify radiation monitor indication is obtained in the MCR for each radiation monitor that provides input to the PPS.

From SDIS Test #66, Module Specific Component Level Test 66

-ii Test Objective:

16 Verify radiation monitor indication is obtained in the MCR for each radiation monitor that provides input to the MPS.

Prerequisites The construction tests have been successfully completed and the SCG has reviewed the test procedure and approved the initiation of testing.

No value added with prerequisite.

The various process radiation monitoring subsystems, including the sensors, the digital radiation monitors and associated sampling racks have been calibrated according to instructions.

All NuScale DCA test abstracts with process radiation monitors include the following prerequisite:

Verify an instrument calibration has been completed, with approved records and within all calibration due dates, for all instruments required to perform this test.

The required interfacing systems shall be available, as needed, to support the specified testing.

This prerequisite is not included in any DCA Chapter 14.2 Test abstract.

General Test Methods and Acceptance Criteria The PRMS consists of a number of subsystems that monitor various liquid and gaseous process streams, building and area ventilation exhausts, and plant and process effluents. The offgas system and the main steamlines are also monitored.

The NuScale test abstracts specifically define the systems that contain process radiation monitoring.

Performance shall be observed and recorded during a series of individual component and integrated subsystem tests to demonstrate the following:

  • Proper calibration of detector assemblies and associated equipment using a standard radiation source or portable calibration unit; This is already verified in the prerequisites. This is a redundant task and is not redundant in the NuScale test abstracts.
  • Proper functioning of radiation monitors and alarms;

17 From PSCS Test #4, Component Level Test 4

-vii: The prerequisite: "Verify an instrument calibration has been completed, with approved records and within all calibration due dates, for all instruments required to perform this test," will verify proper operation of the radiation detector. The component level test verifies the instrument signal is being received by the control system.

From DCA section 7.2.1.2.8 Software Integration and Testing:

(Bolded for emphasis)

For SIL 3 and 4 software or Complex Logic Device logic, a test engineer from an independent V&V team:

  • Develops the test documentation listed above
  • Conducts software integration testing to verify that software requirements have been adequately implemented for this phase of the software life cycle
  • Compares integration test results to the requirements in the Digital I&C Software Requirements Specification and Interface Requirements Specification to ensure satisfaction of requirements.
  • Identifies and resolves discrepancies between actual and expected results in integration testing.
  • Ensures that the integrated software or Complex Logic Device logic modules have successfully passed integration testing and that the software system is integrated with applicable hardware systems.
  • Conducts system testing on a complete, integrated system to evaluate system performance based on the I&C system requirements from the System Requirements Specification and system design documentation.
  • Ensures the detection of any inconsistencies between the software or Complex Logic Device logic and the hardware.

18

  • Documents system test results and analyzes test results to verify that digital I&C system requirements from the have been satisfied.
  • Demonstrates that hazards identified in the Software Safety Analysis Report have been eliminated or controlled to an acceptable level of risk and ensures that additional hazardous states identified during testing undergo analysis prior to software delivery or use.
  • Evaluates and ensures the correction of test discrepancies identified and makes provisions available for appropriate regression testing following changes made to resolve discrepancies.
  • Provides the completed system test results in the System Test Report to the engineering team as an input to the ongoing digital I&C system safety analysis activity of the NuScale Digital I&C Software Safety Plan.

From DCA Section 7.2.1.2.2:

A Digital I&C System Requirements Specification is developed describing the identification, development, documentation, review, approval, and maintenance of I&C system requirements. The system requirements documentation together with the system design documentation developed during the I&C basic design process (see Section 7.2.1.1.1) may be used as a System Requirements Specification. The Digital I&C System Requirements Specification includes the following:

  • the need for system and software safety analyses throughout the life cycle
  • functions and capabilities of the I&C system during operations
  • system boundaries
  • safety classification
  • safety functional properties and additional features not performing a safety function
  • licensee requested features
  • safety, security, and human machine interfaces
  • operations and maintenance measures, including intended fault identification, test, calibration and repair
  • design constraints
  • qualification requirements
  • results from hazard analyses
  • restrictions and constraints placed on the system to ensure compatibility with other plant systems From DCA Section 7.2.14.4:

The MCS and PCS human

-system interface is developed with integration of the HFE functional allocation, task analysis and alarm philosophy. The HFE functional allocation, task analysis, and 19 alarm philosophy specify the level of automation and indication required for each process and electrical system.

The MCS and PCS provide a high level of automation with minimal local operation to reduce operator burden and optimize staffing levels while ensuring personnel safety, equipment protection, and system availability.

Coordination with HFE analysis determines the level of automation for the various plant systems and components. This process determines the need for human interfaces to be manual control, shared control, or automatic control. Alarms are developed in accordance with the HFE alarm philosophy and are described in the Human

-System Interface Design Results Summary Report (Reference 18.7

-2). The MCS and PCS human

-system interface is a collection of both hardware, in the form of physical screens and input devices, and software, in the context of the displays designed to represent real

-time plant operations and enable the user to monitor and manage the process.

From DCA Section 14.2.1.1:

The testing and installation of digital I&C systems includes factory acceptance testing and site acceptance testing which is completed as part of construction and installation tests performed prior to preoperational tests. Factory acceptance tests are performed during the digital I&C system testing phase described in FSAR Section 7.2.1.1.3.1. Site installation and checkout activities are performed as part of the integrated site acceptance testing during the system installation phase as described in FSAR Section 7.2.1.1.3.2. Software integration and testing is governed by the NuScale Digital I&C Software Master Test Plan described in FSAR Section 7.2.1.2.8.

Conclus ion: From the above statements from Chapter 7, alarms, indications, and controls are determined using that described in the design documents and from task analysis and alarm philosophy from the HFE program. These alarms, indication, and controls will then be part of the System Requirement Specifications, which will then be tested according to the NuScale Digital I&C Software Master Test Plan. This testing will occur prior to preoperational testing during the system installation phase or earlier. It can therefore be concluded that all alarms and logic testing will be completed prior to the preoperational test phase. All instrumentation is also functionally checked either through the calibration described in the prerequisites or using the Component Level Test shown above, which is common to all systems that include any instrumentation.

  • Proper system trips in response to high radiation and downscale/inoperative conditions;

20 From PSCS Test #4:

From ABS Test #9:

From CRHS Test #18

-1: From CRVS Test

  1. 19:

21 From RBVS Test #20:

22 From BPDS Test #24:

23 From LRWS Test #35:

From GRWS Test #36 From CES Test #41:

24 From CFDS Test #42:

From SDIS Test #66:

Conclusion:

The NuScale DCA describes which specific systems need to be tested, and which specific actions need to occur in the acceptance criteria. The ESBWR statement is very generic and does not specify the systems or the actions that are being tested. The downscale inoperable instrument portion is part of the control system logic, which is described in the previous explanation.

  • Proper operation of the isolation functions; and See previous explanation.
  • Proper operation of the sampling functions.

This would be part of the instrumentation test since there are no specified sampling functions of process radiation monitors in the NuScale design.

Retrieved from "https://kanterella.com/w/index.php?title=ML18260A317&oldid=1063235"