ML21202A162

From kanterella
Revision as of 02:38, 9 September 2021 by StriderTol (talk | contribs) (StriderTol Bot change)
Jump to navigation Jump to search
Rulemaking: Discussion Table for Preliminary Rule Language for the Part 53 Rulemaking: 3rd Iteration of Subparts B - Technology-Inclusive Safety Requirements and C - Requirements for Design and Analysis
ML21202A162
Person / Time
Issue date: 08/10/2021
From: Robert Beall
NRC/NMSS/DREFS/RRPB
To:
Beall, Robert
Shared Package
ML20289A534 List:
References
10 CFR Part 53, NRC-2019-0062, RIN 3150-AK31
Download: ML21202A162 (20)


Text

THIS THIRD ITERATION OF PRELIMINARY RULE LANGUAGE IS BEING RELEASED TO SUPPORT INTERACTIONS WITH STAKEHOLDERS AND THE ADVISORY COMMITTEE ON REACTOR SAFEGUARDS (ACRS). THIS LANGUAGE HAS BEEN SUBJECT TO ONLY LIMITED NRC MANAGEMENT OR LEGAL REVIEW, AND ITS CONTENTS SHOULD NOT BE INTERPRETED AS OFFICIAL AGENCY POSITIONS. THE NRC STAFF PLANS TO CONTINUE WORKING ON THE CONCEPTS AND DETAILS PROVIDED IN THIS ITERATION OF PRELIMINARY RULE LANGUAGE AND WILL CONTINUE TO PROVIDE OPPORTUNITIES FOR PUBLIC PARTICIPATION AS PART OF THE PART 53 RULEMAKING ACTIVITIES.

AN IMPORTANT NOTE FOR THIS ITERATION IS THAT THE STAFF IS ACTIVELY ASSESSING VARIOUS ALTERNATIVE DESIGN/LICENSING APPROACHES TO ADDRESS COMMENTS THAT THE RULEMAKING SHOULD SUPPORT METHODOLOGIES THAT ARE LESS RELIANT ON PROBABILISTIC RISK ASSESSMENTS (PRA). THE DEVELOPMENT OF RECENT SUBPARTS (E.G., SUBPARTS H & I) PRIMARILY REFLECTS A RISK-INFORMED, PRA-CENTERED APPROACH.

THE STAFF IS DEVELOPING ALTERNATIVE APPROACHES AND RELATED PRELIMINARY RULE SECTIONS FOR A FUTURE ITERATION THAT CAN BE CONSIDERED BY AND DISCUSSED WITH STAKEHOLDERS, NRC MANAGEMENT, AND THE COMMISSION.

THE STAFF IS CONTINUING TO REVIEW ALL OF THE COMMENTS AND SUGGESTIONS RECEIVED TO DATE BUT IS ISSUING THIS THIRD ITERATION TO SUPPORT ONGOING DISCUSSIONS RELATED TO KEY CONCEPTS.

August 2021 - Part 53 Subparts B and C Preliminary Rule Language Introduction The NRC staff is releasing additional preliminary rule language related to the ongoing Risk-informed, Technology-Inclusive Regulatory Framework for Advanced Reactors Rulemaking, which is commonly referred to as the Part 53 rulemaking (Docket ID NRC-2019-0062). In this release, the staff provides below a third iteration of preliminary proposed rule language related to:

  • Subpart B, Technology-Inclusive Safety Requirements, and
  • Subpart C, Design and Analysis Requirements.

In separate tables, the first iteration of preliminary proposed rule language related to:

  • Portions of Subpart H, Licenses, Certifications, and Approvals, and
  • Subpart I, Maintaining and Revising Licensing Basis Information.

The changes in this iteration of Subparts B and C involve revising the terminology used for the safety criteria to eliminate the previously used tiers in the titles and reorganizing the sections such that normal operations are addressed separately from unplanned events. These changes are described below in the Subparts B and C discussion table (Agencywide Documents Access and Management System (ADAMS) Accession No. ML21202A162). These changes also result in a number of conforming changes throughout Subparts B and C. These requirements are supported by the guidance in Regulatory Guide 1.233, Guidance for a Technology-Inclusive, Risk-Informed, and Performance-Based Methodology to Inform the Licensing Basis and Content of

Applications for Licenses, Certifications, and Approvals for Non-Light Water Reactors (ADAMS Accession No. ML20091L698), and additional guidance that is being prepared as part of utility-led, Department of Energy (DOE) cost-shared initiatives. This iteration of Subparts B and C continue to assume that probabilistic risk assessments are used to systematically assess a wide range of possible plant events and those tools are thereby available to assess and address plant risks against related performance measures. This assumption also affects the later subparts being released, including the preliminary proposed rule language and associated discussion tables for portions of Subparts H (ADAMS Accession No. ML21202A178) and I (ADAMS Accession No. ML21202A175),

which use risk-related performance measures within specific requirements (e.g., preliminary Subpart I, § 53.1322, Evaluating changes to facility as described in final safety analysis reports).

The staff has received requests from some external stakeholders to provide an alternative to the risk-informed, performance-based methodology currently reflected in the Part 53 preliminary proposed rule language and related guidance. One reason for developing such an alternative is to provide a framework that more closely aligns with licensing methodologies used in international standards such as the International Atomic Energy Agency (IAEA) Specific Safety Standard 2/1, Safety of Nuclear Power Plants: Design. The IAEA standard reflects a more traditional or deterministic approach, like NRCs regulations in Title 10 of the Code of Federal Regulations (10 CFR) Part 50, Domestic Licensing of Production and Utilization Facilities, and 10 CFR Part 52, Licenses, Certifications and Approvals for Nuclear Power Plants, including associated design requirements such as using the single failure criterion within plant design activities and including measures to mitigate severe plant conditions. The staff is actively working to develop such an alternative approach that would generally increase the use and importance of preestablished design criteria compared to the preliminary proposed Part 53 rule language and allow the use of probabilistic risk assessments in a supporting role for the methodology, rather than a leading role. The staff plans to release preliminary proposed rule language to support additional stakeholder discussions on this alternative design and licensing methodology in September 2021. The preliminary proposed rule language is expected to incorporate some existing NRC requirements and policies, provide technology-inclusive alternatives to existing requirements that were developed primarily for large light-water reactors, and align with some ongoing activities such as the Emergency Preparedness for Small Modular Reactors and Other New Technologies, rulemaking (Docket ID NRC-2015-0225), as well as possible changes in areas such as siting criteria, and plant security. The staff will have a public meeting to discuss the alternative technology-inclusive framework after releasing the preliminary proposed rule language.

Subpart B, Technology-Inclusive Safety Requirements 3rd Iteration (Redline/Strikeout) of Discussion Preliminary Rule Language

§ 53.200 Safety Objectives.

Each advancedcommercial nuclear plant must be No changes from the previously released preliminary language in designed, constructed, operated, and decommissioned to limit this section, other than a conforming change related to referring the possibility of an immediate threat to the public health and to commercial nuclear plant licensed under this part versus safety. In addition, each advancedcommercial nuclear plant advanced nuclear plant. Key documents related to the Part 53 must take such additional measures as may be appropriate when rulemaking, including preliminary proposed rule language and

considering potential risks to public health and safety. These stakeholder comments, can be found at Regulations.gov safety objectives shall be carried out by meeting the safety under Docket ID NRC-2019-0062. Previous iterations related to criteria identified in this subpart. Subparts B and C can also be found in NRCs ADAMS under accession numbers ML20311A004, ML20337A422 and ML21083A031.

As described in the release of the second iteration language, the safety objectives do not refer to the Atomic Energy Act (AEA)

Sections 182 and 161 authorities as the safety objectives for part 53. Instead, the use of adequate protection is expected to be used in its traditional role as an NRC regulatory finding, which is presumed through compliance with NRC regulations including part 53 or other license requirements, as appropriate. While Sections 182 and 161 of the AEA will be cited as enabling legislation within the rule package (e.g., in the Federal Register Notice), the staff does not foresee incorporating language from the AEA into the safety objectives or specific criteria in part 53.

§ 53.210 First Tier Safety Criteria for Design Basis Accidents. To address numerous comments related to the use of first tier (a) Normal operations. Design features and programmatic and second tier safety criteria in the previously released controls must be provided for each advanced nuclear plant to preliminary language for this section and § 53.220, the section ensure the contribution to total effective dose equivalent to titles are changed to Safety Criteria for Design Basis Accidents individual members of the public from normal plant operation and Safety Criteria for Licensing Basis Events Other Than does not exceed the public dose limits provided in Subpart D to Design Basis Accidents. This change is intended to better 10 CFR part 20. describe the role of the two categories of safety criteria, the (b) Unplanned events. Design features and programmatic relationship between these safety criteria and the different types controls must be provided for each advancedcommercial nuclear of LBEs, and the relationship to later sections in Subpart B and plant such that analyses of licensingdesign basis C. This change also leads to moving the requirements for eventsaccidents in accordance with § 53.240, including normal operations to a separate section (§ 53.260). Relocating treatment of uncertainties, demonstrate that events with an upper the requirements for normal operations from the safety criteria bound frequency greater than approximately once per 10,000 sections will hopefully clarify the requirements for normal years meet the following: operations and how they are addressed in later subparts, which (1a) An individual located at any point on the boundary of is separate from measures taken to prevent or mitigate licensing the exclusion area for any 2-hour period following the onset of basis events (i.e., unplanned events).

the postulated fission product release would not receive a

radiation dose in excess of 25 rem (250 mSv) total effective dose The changes in the section titles and relocation of normal equivalent; and operations to a separate section do not change the technical (2b) An individual located at any point on the outer requirements being proposed within the previously released boundary of the low population zone who is exposed to the preliminary rule language.

radioactive cloud resulting from the postulated fission product release (during the entire period of its passage) would not receive a radiation dose in excess of 25 rem (250 mSv) total effective dose equivalent.1

1. A whole body dose of 25 rem has been stated to correspond numerically to the once in a lifetime accidental or emergency dose for radiation workers which, according to NCRP [National Council on Radiation Protection and Measurements] recommendations at the time could be disregarded in the determination of their radiation exposure status (see NBS Handbook 69 dated June 5, 1959). However, its use is not intended to imply that this number constitutes an acceptable limit for an emergency dose to the public under accident conditions. Rather, this dose value has been set forth in this section as a reference value, which can be used in the evaluation of plant design features with respect to postulated reactor accidents, to assure that these designs provide assurance of low risk of public exposure to radiation, in the event of an accident.

§ 53.220 Second Tier Safety Criteria.

(a) Normal operations. for Licensing Basis Events Other than See above discussion for § 53.210.

Design features and programmatic controls must be provided for each advanced nuclear plant to ensure the estimated total The staff is assessing various alternative design/licensing effective dose equivalent to individual members of the public approaches to address comments that the rulemaking should from effluents resulting from normal plant operation are as low as support methodologies less reliant on PRA and related is reasonably achievable taking into account the state of measures. This iteration of this section reflects the risk informed technology, the economics of improvements in relation to the option being developed and has been used to develop first state of technology, operating experience, and the benefits to the iterations of other subparts (e.g., Subparts H and I). The staff is public health and safety. Design features and programmatic developing alternate approaches and related preliminary rule controls must be established such that [to be reworded for sections for a future iteration that can be considered by and consistency with 10 CFR part 20 and 40 CFR part 190].Basis discussed with stakeholders, NRC management, and the Accidents. Commission.

(b) Unplanned events. Design features and programmatic controls must be provided to:

(1a) Ensure plant structures, systems and components (SSCs,), personnel, and programs provide the necessary capabilities and maintain the necessary reliability to address

licensing basis events in accordance with § 53.240 and provide measures for defense-in-depth in accordance with § 53.250; and (2b) Maintain overall cumulative plant risk from licensing basis events such that the risk to an average individual within the vicinity of the plant receiving a radiation dose with the potential for immediate health effects remains below five in 10 million years, and the risk to such an individual receiving a radiation dose with the potential to cause latent health effects remains below two in one million years.

§ 53.230 Safety Functions.

(a) The primary safety function is limiting the release of Conforming changes to reflect changes to §§ 53.210 and 53.220.

radioactive materials from the facility and must be maintained during routine operation and for licensing basis events over the life of the plant.

(b) Additional safety functions supporting the retention of radioactive materials during routine operation and licensing basis eventssuch as controlling heat generation, heat removal, and chemical interactions--must be defined.

(c).) The primary and additional safety functions are required to meet the first and second tier safety criteria defined in

§§ 53.210 and 53.220 and are fulfilled by the design features and programmatic controls specified throughout this part.

§ 53.240 Licensing Basis Events.

Licensing basis events must be identified for each Conforming changes to reflect changes to §§ 53.210 and 53.220.

advancedcommercial nuclear plant and analyzed in accordance with § 53.450 to support assessments of the safety requirements The addition of specific wording for the analysis of design basis in this subpart. The licensing basis events must address accidents relates to the clarification of § 53.210 and alignment of combinations of malfunctions of plant SSCs, human errors, and this section with § 53.450(f). The addition does not change the the effects of external hazards ranging from anticipated technical requirements from those included within the previously operational occurrences to very unlikely event sequences with released preliminary rule language.

estimated frequencies well below the frequency of events expected to occur in the life of the advanced nuclear plant. The evaluationcommercial nuclear plant. The analysis of licensing basis events must include analysis of one or more design basis

accidents in accordance with § 53.450(f). The analysis of licensing basis events must be used to confirm the adequacy of design features and programmatic controls needed to satisfy first and second tier safety criteria of this subpartdefined in §§ 53.210 and 53.220 and to establish related functional requirements for plant SSCs, personnel, and programs.

§ 53.250 Defense in Depth.

Measures must be taken for each advancedcommercial No changes (other than conforming changes) from the previously nuclear plant to ensure appropriate defense in depth is provided release preliminary language in this section.

to compensate for uncertainties such that there is high confidence that the safety criteria in this subpart are met over the life of the plant. The uncertainties to be considered include those related to the state of knowledge and modeling capabilities, the ability of barriers to limit the release of radioactive materials from the facility during routine operation and for licensing basis events, and those related to the reliability and performance of plant SSCs and personnel, and programmatic controls. No single engineered design feature, human action, and or programmatic control, no matter how robust, should be exclusively relied upon to meet the safety criteria of § 53.220 or the safety functions defined in accordance with § 53.230.

§ 53.260 Normal Operations (a) Maximum public dose. Licensees under this part must The addition of this section results from the removal of normal ensure that the contribution to total effective dose equivalent to operations from §§ 53.210 and 53.220. The reorganization of individual members of the public from normal plant operation the preliminary rule language does not change the technical does not exceed the public dose limits provided in Subpart D to requirements from those included in the previously released 10 CFR part 20. preliminary rule language.

(b) As low as reasonably achievable. Design features and programmatic controls must be established such that the The staff continues to seek suggestions on how an integrated estimated total effective dose equivalent to individual members framework can be best incorporated into the individual subparts of the public from effluents resulting from normal plant operation for lifecycle stages, such as establishing requirements for design, are as low as is reasonably achievable in accordance with 10 analysis, and operations. For example, staff is considering how CFR part 20 [consider also possible updates for consistency with to best address in part 53 the corresponding requirements in requirements in 10 CFR 50.34a, Appendix I to part 50, and parts 50 and 52 for applications for a construction permit, 40 CFR part 190]. standard design approval, a design certification, or a manufacturing license to identify the design objectives, and the means to be employed, for keeping levels of radioactive material in effluents to unrestricted areas as low as is reasonably achievable (see 10 CFR 50.34a1). Various sections of Parts 50 and 52, Appendix I to Part 50, and Part 190 to Title 40 (Protection of Environment) currently require plant designs to contribute to keeping public doses from routine effluents low (below performance objectives on the order of millirems). The requirement in § 53.260(b) serves to accomplish the same purpose.

1. 10 CFR 50.34a, paragraph(e) states:

(e) Each application for a design approval, a design certification, or a manufacturing license under part 52 of this chapter shall include:

(1) A description of the equipment for the control of gaseous and liquid effluents and for the maintenance and use of equipment installed in radioactive waste systems, under paragraph (a) of this section; and (2) The information required in paragraph (b)(2) of this section The referenced paragraph (a) states:

(a) An application for a construction permit shall include a description of the preliminary design of equipment to be installed to maintain control over radioactive materials in gaseous and liquid effluents produced during normal reactor operations, including expected operational

occurrences. In the case of an application filed on or after January 2, 1971, the application shall also identify the design objectives, and the means to be employed, for keeping levels of radioactive material in effluents to unrestricted areas as low as is reasonably achievable. The term "as low as is reasonably achievable" as used in this part means as low as is reasonably achievable taking into account the state of technology, and the economics of improvements in relation to benefits to the public health and safety and other societal and socioeconomic considerations, and in relation to the use of atomic energy in the public interest. The guides set out in appendix I to this part provide numerical guidance on design objectives for light-water-cooled nuclear power reactors to meet the requirements that radioactive material in effluents released to unrestricted areas be kept as low as is reasonably achievable. These numerical guides for design objectives and limiting conditions for operation are not to be construed as radiation protection standards.

As discussed in the release of the second iteration language, this issue is related to and also addressed in the NRC Advanced Reactor Content of Application Project (ARCAP). Specifically, draft guidance for ARCAP Chapter 9 (ML20262H264) includes the following:

in lieu of providing detailed system descriptions and analysis of estimated effluent releases as required by 10 CFR 50.34, 50.34a, 52.47, and 52.79, an application may demonstrate compliance with the applicable regulations by describing a radiation protection program and an effluent release monitoring program that will ensure that effluent release limits will be met during normal operations for the life of the plant. Information related to physical systems can be limited to general descriptions of layout and technologies used to limit the release of the various inventories of radioactive materials within the plant.

§ 53.260270 Protection of Plant Workers.

(a) Design features and programmatic controls must exist This section is renumbered and includes conforming changes to for each advanced nuclear plant to(a) Maximum occupational reflect the proposed revisions in previous sections.

dose. Licensees under this part must ensure that radiological dose to plant workers does not exceed the occupational dose Section 53.270(a) is revised to require licensees under this part limits provided in subpart C to 10 CFR part 20. to ensure that the dose to plant workers does not exceed limits in (b)(b) As low as reasonably achievable. As required by 10 CFR Part 20. The change clarifies that while design features Subpart B to 10 CFR part 20, design features and programmatic may contribute to limiting the dose to plant workers, ultimately

controls must, to the extent practical, be based upon sound the licensee is responsible for limiting occupational exposures radiation protection principles to achieve occupational doses that taking into account both design features and programmatic are as low as is reasonably achievable. controls. The staff continues to seek suggestions on how an integrated framework can be best incorporated into the subparts for lifecycle stages such as establishing requirements for design, analysis, and operations.

Subpart C, Design and Analysis Requirements 3rd Iteration (Redline/Strikeout) of Discussion Preliminary Rule Language

§ 53.400 Design Features for Licensing Basis Events.

Design features must be provided for each Conforming changes to reflect changes to §§ 53.210 and 53.220 advancedcommercial nuclear plant such that, when combined and to better align design features under § 53.400 to those with associated programmatic controls and human actions, the needed to prevent or mitigate licensing basis events (i.e.,

plant will satisfy the first and second tier safety criteria defined in unplanned events).

§§ 53.210 and 53.220. Design features must ensure that the safety functions identified in § 53.230, of limiting the release of radioactive materials from the facility, is maintainedare fulfilled during routine operations and licensing basis events by controlling the release of radioactive materials and by supporting other safety functions.

§ 53.410 Functional Design Criteria for First Tier Safety CriteriaDesign Basis Accidents. Conforming changes to reflect changes to § 53.210 (Safety (a) Normal operations. Functional design criteria must be Criteria for Design Basis Accidents), which include relocating defined for each design feature required by § 53.400 to requirements for normal operations and emphasizing the tie to demonstrate compliance with the first tier safety criteria defined design basis accidents.

in § 53.210(a). Corresponding programmatic controls, including monitoring programs, must be established to confirm that the established functional design criteria and the first tier safety criteria required in § 53.210(a) are not exceeded during normal operations.

(b) Unplanned events. Functional design criteria must be defined for each design feature required by § 53.400 relied upon to demonstrate compliance with the first tier safety criteria defined in § 53.210(b).. Corresponding programmatic controls and interfaces must be established in accordance with this and other subparts to achieve and maintain the reliability and capability of SSCs relied upon to meet the established functional design criteria and the first tier safety criteria required in

§ 53.210(b),, and to maintain consistency with analyses required by § 53.450.

§ 53.420 Functional Design Criteria for Second Tier Safety CriteriaLicensing Basis Events Other than Design Basis Conforming changes to reflect changes to § 53.220 (Safety Accidents. Criteria for Licensing Basis Events Other Than Design Basis (a) Normal operations. Functional design criteria must be Accidents), which include relocating requirements for normal defined for each design feature relied upon to demonstrate operations and emphasizing the tie to licensing basis events compliance with the second tier safety criteria in § 53.220(a). such as anticipated operational occurrences, unlikely event Corresponding programmatic controls, including monitoring sequences, and highly unlikely event sequences.

programs, must be established to confirm that the established functional design criteria and the safety criteria and performance objectives in § 53.220(a) are not exceeded during normal operations.

(b) Unplanned events. Functional design criteria must be defined for each design feature relied upon to demonstrate compliance with the second tier safety criteria in § 53.220(b) considering safety criteria in § 53.220 considering licensing basis events ranging from anticipated operational occurrences to very unlikely event sequences with estimated frequencies well below the frequency of events expected to occur in the life of the advancedcommercial nuclear plant. Corresponding programmatic controls and interfaces must be established in accordance with this and other subparts to achieve and maintain the reliability and capability of SSCs relied upon to meet the second tier safety criteria in § 53.220(b) and to maintain consistency with analyses required by § 53.450.

§ 53.430425 Design Features and Functional Design Criteria for Protection of Plant Workers.Normal Operations The addition of this section results from the removal of normal Design features must be provided for each operations from §§ 53.210 and 53.220 and the movement of advancedcommercial nuclear plant such that, when combined normal operations in Subpart B to § 53.260.

with associated programmatic controls and human actions, there is reasonable assurance the requirements for limiting the This section, as well as the following section for protection of protection of plant workerspublic dose from normal operations in plant workers, present a challenge in terms of implementing a

§ 53.260 will be met. Functional design criteria must be defined performance-based approach that recognizes the roles of both for each design feature relied upon to demonstrate compliance design features and programmatic controls in reaching desired with § 53.260. Corresponding programmatic controls, including objectives. The staff continues to seek suggestions on how an monitoring programs, must be established to confirm that the

worker protectionpublic dose criteria in § 53.260(a) are not integrated framework can be best incorporated into the subparts exceeded. In addition, functional design criteria must be defined for lifecycle stages such as design and analysis.

for each design feature to ensure that plant SSCs and associated programmatic controls, including monitoring programs, achieve occupationalpublic doses as low as is reasonably achievable as required by § 53.260(b).

§ 53.430 Design Features and Functional Design Criteria for Protection of Plant Workers. Conforming changes to reflect renumbering of § 53.270.

Design features must be provided for each commercial nuclear plant such that, when combined with associated This section, as well as the preceding section for normal programmatic controls and human actions, there is reasonable operations, present a challenge in terms of implementing a assurance the requirements for the protection of plant workers in performance-based approach that recognizes the roles of both

§ 53.270 will be met. Functional design criteria must be defined design features and programmatic controls in reaching desired for each design feature relied upon to demonstrate compliance objectives. The staff continues to seek suggestions on how an with § 53.270. Corresponding programmatic controls, including integrated framework can be best incorporated into the subparts monitoring programs, must be established to confirm that the for lifecycle stages such as design and analysis.

worker protection criteria in § 53.260(a) are not exceeded. In addition, functional design criteria must be defined for each design feature to ensure that plant SSCs and associated programmatic controls, including monitoring programs, achieve occupational doses as low as is reasonably achievable as required by § 53.270(b).

§ 53.440 Design Requirements.

(a) The design features required to meet the first and Conforming changes to reflect changes to §§ 53.210 and 53.220.

second tier safety criteria defined in §§ 53.210 and 53.220 shallmust be designed using generally accepted consensus codes and standards wherever applicable.

(b) The materials used for safety related and non-safety related but safety significant SSCs [as will be defined in subpart A] must be qualified for their service conditions over the plant lifetime.

(c) Possible degradation mechanisms related to aging, The addition of this paragraph (c) results from the need for fatigue, chemical interactions, operating temperatures, effects of designers to evaluate and consider, in both the design and irradiation, and other environmental factors that may affect the integrity assessment programs, possible degradation performance of safety related and non-safety related but safety mechanisms such as aging, fatigue, and chemical interactions.

significant SSCs must be evaluated and used to inform the This is similar to the Design Reliability Assurance Program for design and the development of integrity assessment programs passive LWRs established under the Part 52 design certification under § 53.850. process. As in other areas, the staff is seeking input on the (c(d) Safety and security must be considered together in appropriate balancing of requirements to be fulfilled at the design the design process such that, where possible, security issues are stage and the consideration of performance-based approaches effectively resolved through design and engineered security that assess both design and monitoring requirements.

features.

(de) Design features must be demonstrated capable of fulfilling functional design criteria considering interdependent effects through analysis, appropriate test programs, prototype testing, operating experience, or a combination thereof for the range of conditions under which the analysis required in § 53.450 assumes these features will function throughout the plants lifetime.

(f)(1) Safety-related (SR) and non-safety-related but Paragraph (f) was added to provide additional discussion for fire safety significant (NSRSS) structures, systems, and components protection.

must be designed and located to minimize, consistent with other safety requirements in this Part, the probability and effect of fires and explosions.

(2) Noncombustible and fire-resistant materials shall be used wherever practical throughout the facility, particularly in locations with SR and NSRSS structures, systems, and components.

(3) Fire detection and fire suppression systems of appropriate capacity and capability shall be provided and designed to minimize the adverse effects of fires on SR and NSRSS structures, systems, and components.

(4) Fire suppression systems shall be designed to ensure that their rupture or inadvertent operation does not significantly impair the ability of SR and NSRSS structures, systems, and components to perform their safety function to meet § 53.230.

(g) The reactor system and waste stores for each Paragraphs (g) & (h) add requirements for longer term (e.g., after commercial nuclear plant must be capable of achieving and achieving a safe stable end state in the LBE analysis) maintaining a subcritical condition during normal operations and capabilities to ensure reactor and waste stores can achieve and following any licensing basis event identified in accordance with maintain subcritical conditions and cooling.

§ 53.240.

(h) Each commercial nuclear plant must have a capability to provide long-term cooling of the reactor fuel and waste stores following normal operations or any licensing basis event identified in accordance with § 53.240.

(i) The design of each commercial nuclear plant must Paragraph (i) is added to reinforce that the design and analyses consider in the design, analysis, and development of activities under Part 53 are based on the concept of a nuclear programmatic controls the number of reactor units, waste stores, plant and need to consider the number of units and radioactive and other significant inventories of radioactive materials and the sources and possible interactions between them.

associated operating configurations, common systems, system interfaces, and system interactions.

§ 53.450 Analysis Requirements.

(a) Requirement to have a probabilistic risk assessment. Paragraph (a): Conforming changes to reflect changes to A probabilistic risk assessment (PRA) of each § 53.220 (Safety Criteria for Licensing Basis Events Other Than advancedcommercial nuclear plant [reminder - plant definition to Design Basis Accidents) and to remove degradation include multi-module and multi-source] must be performed to mechanisms, which are better addressed through the design identify potential failures, degradation mechanisms, susceptibility and programmatic requirements defined elsewhere in Part 53.

to internal and external hazards, and other contributing factors to unplanned eventsevent sequences that might challenge the safety functions identified in § 53.230 and to support demonstrating that each advancedcommercial nuclear plant meets the second tier safety criteria of § 53.220(b)..

(b) Specific uses of analyses. The PRA, other generally The staff is investigating the best approach to address comments accepted risk-informed approachapproaches for systematically and suggestions to enable a more traditional or deterministic evaluating engineered systems, or combination thereof must be approach within the technology-inclusive regulatory framework.

used: Such requests for a more deterministic approach would generally (1) In determining the licensing basis events, as be seen as corresponding to the second element in the described in § 53.240, which must be considered in the design to preliminary language other generally accepted risk-informed determine compliance with the safety criteria in Subpart B of this approaches for systematically evaluating engineered systems.

part. As mentioned in the general discussion at the beginning of this (2) For classifying SSCs and human actions according to discussion table, an example of such an approach is the their safety significance in accordance with § 53.460 and for methodology described in IAEA SSR 2/1.

identifying the environmental conditions under which the SSCs and operating staff must perform their safety functions. In developing Subparts H and I and some specific sections within (3) In evaluating the adequacy of defense-in-depth Subparts B and C, the staff is assuming a risk-informed measures required in accordance with § 53.250. approach that corresponds to the first element in paragraph (b),

(4) To identify and assess all plant operating states where which includes reliance on a PRA to support the various design there is the potential for the uncontrolled release of radioactive and licensing activities listed in the paragraph. The staff is material to the environment. developing alternate approaches and related preliminary rule (5) To identify and assess events that challenge plant sections for the second element in paragraph(b) for approaches control and safety systems whose failure could lead to the less reliant on a PRA. A future iteration will address this uncontrolled release of radioactive material to the environment. alternative more directly and will be used to support discussions These include internal events, such as human errors and with stakeholders, NRC management, and the Commission equipment failures, and external events, such as earthquakes, identified in accordance with Subpart D of this part.

(c) Maintenance and upgrade of analyses. The PRA, other generally accepted risk-informed approach for systematically evaluating engineered systems, or combination thereof must be maintained and upgraded in conformance with generally accepted methods, standards, and practices.

(d) Qualification of analytical codes. The analytical codes used in modeling plant behavior in analyses of licensing basis events (e.g. thermodynamics, reactor physics, fuel performance, mechanistic source term) must be qualified for the range of conditions for which they are to be used.

(e) Analyses of licensing basis events. Analyses must be Paragraph (e) is revised to include requirements to define performed for licensing basis events ranging fromincluding evaluation criteria for specific event categories and a means to anticipated operational occurrences to, unlikely event identify event sequences deemed significant for controlling risks sequences, and very unlikely event sequences with estimated posed to public health and safety. These requirements are frequencies well below the frequency of events expected to added to support the evaluation of events, which need criteria occur in the life of the advancedcommercial nuclear plant. The beyond the aggregate or cumulative risk measures in § 53.220 licensing basis events must be identified using insights from a and to support a proposed requirement for assessing plant PRA, other generally accepted risk-informed changes in Subpart I. Examples of evaluation criteria for event approachapproaches for systematically evaluating engineered categories and risk-significant licensing basis events is provided systems, or combination thereof to systematically identify and in NEI 18-04.

analyze equipment failures and human errors. The analyses must address event sequences from initiation to a defined end state and demonstrate that the functional design criteria required by § 53.420 provide sufficient barriers to the unplanned release of radionuclides to satisfy evaluation criteria defined for licensing basis events, to satisfy the second tier safety criteria of

§ 53.220(b), and provide defense in depth as required by

§ 53.250. The methodology used to identify, categorize, and analyze licensing basis events must include a means to identify event sequences deemed significant for controlling the risks posed to public health and safety.

(f) Analysis of design basis accidents. The analysis of Paragraph (f) is revised to clarify the selection of design basis licensing basis events required by §§§ 53.240 and § 53.450(e) accidents.

must include analysis of a set of design basis accidents that address possible challenges to the safety functions identified in accordance with § 53.230. Design basis accidents must be selected from those unanticipatedunlikely event sequences with an upper boundwithin a frequency range of at least less than one hundred years and greater than one in 10,000 years as identified using insights from a PRA, other generally accepted risk-informed approachapproaches for systematically evaluating engineered systems, or combination thereof to systematically identify and analyze events considering equipment failures and, human errors, and uncertainties. The events selected as design basis accidents should be those that, if not terminated, have the potential for exceeding the safety criteria in § 53.210(b).. The design-basis accidents selected must be analyzed using deterministic methods that address event sequences from initiation to a safe stable end state and assume only the safety-related SSCs identified in § 53.460 and human actions addressed by § 53.8xx (reference to concept of operations sections of Subpart F) are available to perform the safety functions identified in accordance with § 53.230. The analysis must conservatively demonstrate compliance with the safety criteria in § 53.210(b)..

(g) Other required analyses. If not addressed within the Paragraph (g) updated for fire protection analysis.

PRA, other generally accepted risk-informed approach for systematically evaluating engineered systems, or combination thereof under paragraph (b), analyses must be performed to assess:

(1) fire protection measures provided to protect against, detect and suppress firesdemonstrate reasonable assurance that

could impact the ability ofno fire or explosion in any plant area can:

(i) prevent equipment to performfrom performing its safety function andto meet § 53.230, or (ii) challenge the safety criteria contained in §§ 53.210 and 53.220.

(2) measures provided to protect against aircraft impacts as required by 10 CFR 50.150, and (3) measures to mitigate specific beyond design basis events as required by 10 CFR 50.155.

§ 53.460 Safety Categorization and Special Treatment.

(a) SSCs and human actions must be classified No changes (other than conforming changes) from the previously according to their safety significance. The categories must release preliminary language in this section.

include Safety Related (SR), Non-Safety Related but Safety Significant (NSRSS), and Non-Safety Significant (NSS), as defined in subpart A of this part.

(b) For SR and NSRSS SSCs and human actions, the conditions under which they must perform their safety function in

§ 53.230 must be identified. Special Treatment (e.g., functional design criteria and programmatic controls) must be established in accordance with this and other Subparts to provide appropriate confidence that the SSCs will perform under the service conditions and with the reliability assumed in the analysis performed in accordance with § 53.450 to provide reasonable assurance of meeting the safety criteria in §§ 53.210(b) and 53.220(b)..

(c) Human actions to prevent or mitigate licensing basis events must be capable of being reliably performed under the postulated environmental conditions present and be addressed by programs established in accordance with Subpart F of this part to provide confidence that those actions will be performed as assumed in the analysis performed in accordance with § 53.450 to provide reasonable assurance of meeting the safety criteria in

§§ 53.210(b) and 53.220(b)..

§ 53.470 Application of Analytical Safety Margins to Operational Flexibilities. Conforming changes to reflect changes to §§ 53.210 and 53.450.

Where an applicant or licensee so chooses, designalternative criteria more restrictive than those defined in §

§§ 53.220(b and 53.450(e) may be adopted to support operational flexibilities (e.g., emergency planning requirements under Subpart F of this part). In such cases, applicants and licensees must ensure that the functional design criteria of

§ 53.420(b),, the analysis requirements of § 53.450,(e), and identification of special treatment of SSCs and human actions under § 53.460 reflect and support the use of alternative design criteria to obtain additional analytical safety margins. Licensees must ensure that measures taken to provide the analytical margins supporting operational flexibilities are incorporated into design features and programmatic controls and are maintained within programs required in other Subparts.

§ 53.480 Design Control Quality Assurance.

(a) Measures must be established to assure that the No changes from the previously release preliminary language in design criteria, analysis, categorization and special treatment of this section.

SSCs as required by § 53.460 are correctly translated into specifications, drawings, procedures, and instructions. These measures must include provisions to assure that appropriate quality standards are specified and included in design documents and that deviations from such standards are controlled. Measures must also be established for the selection and review for suitability of application of materials, parts, equipment, and processes needed to meet the safety criteria identified per §§ 53.210 and 53.220 in accordance with Subpart E of this part. The QA program must conform with generally accepted consensus codes and standards.

(b) Measures must be established for the identification and control of design interfaces in accordance with § 53.490.

(c) The design control measures must provide for verifying or checking the adequacy of design in a manner commensurate with its safety significance, such as by the

performance of design reviews, by the use of alternate or simplified calculational methods, or by the performance of a suitable testing program. The verifying or checking process must be performed in accordance with appropriate quality standards.

Design changes, including field changes, must be subject to design control measures commensurate with those applied to the original design and be approved by the organization that performed the original design unless the applicant designates another qualified organization.

§ 53.490 Design and Analyses Interfaces.

Measures must be established for the identification and No changes (other than conforming changes) from the previously control of interfaces between (a) the plant design and supporting release preliminary language in this section.

analyses required by this Subpart and (b) the activities addressed by other Subparts over the life of each advancedcommercial nuclear plant. These measures must include procedures for the review, approval, release, distribution, and revision of documents involving design interfaces such that design decisions are made in an integrated fashion considering all aspects of the facility impacted by the design or operational change prior to its implementation. Changes to design features and related programmatic controls over the lifetime of an advancedcommercial nuclear plant must be considered along with the state of technology, the economics of improvements in relation to the state of technology, operating experience, and benefits to the public health and safety, and other factors included in the assessments performed under the facility safety program required by § 53.800.