Text

DG-1145, Page C.I.17-1 C.I.17. Quality Assurance & Reliability Assurance Consistent with the approach taken in the new update to Chapter 17 of the Standard Review Plan, Sections I.17.1, I.17.1.1, I.17.2, and I.17.3 of this chapter point the reader to Section I.17.5 for the required format and content of a QA program during design, construction, and operation.

C.I.17.1 Quality Assurance During the Design and Construction Phase COL applicants should refer to Section I.17.5 for a complete discussion of the required format and content of a QA program during design, construction, and operation.

C.I.17.1.1 Early Site Permit Quality Assurance Measures COL applicants should refer to Section I.17.5 for a complete discussion of acceptable format and content of a QA program during design, construction, and operation. This section will identify those aspects of a QAPD associated with early site permits, versus other applications, such as design certification and COL.

C.I.17.2 Quality Assurance during the Operations Phase COL applicants should refer to Section I.17.5 for a complete discussion of acceptable format and content of a QA program during design, construction, and operation.

C.I.17.3 Quality Assurance Program Description COL applicants should refer to Section I.17.5 for a complete discussion of acceptable format and content of a QA program during design, construction, and operation.

C.I.17.4 Reliability Assurance Program Guidance C.I 17.4.1 New Section 17.4 in the Standard Review Plan The Office of Nuclear Reactor Regulation (NRR) revised NUREG-800, Standard Review Plan (SRP) to add new Section 17.4, Reliability Assurance Program (RAP). This new SRP section addresses the Commissions Policy for the RAP that is presented in SECY 95-132, Policy and Technical Issues Associated with the Regulatory Treatment of Non-Safety Systems (RTNSS) in Passive Plant Designs (SECY 94-084), Item E, Reliability Assurance Program, dated June 28, 1995. SRP Section 17.4 is the principle guidance for NRC reviews of a RAP submitted by COL an applicant.

C.I.17.4.2 Reliability Assurance Program Scope, Stages and Goals The RAP applies to those plant structures, systems and components (SSCs) that are identified as being risk-significant (or significant contributors to plant safety), as determined by using a combination of probabilistic, deterministic, or other methods of analysis, including information obtained from sources such as plant-and site-specific probabilistic risk assessment (PRA), nuclear plant operating experience, relevant component failure data bases, and expert panels. The purposes of the RAP are to provide reasonable assurance that:

(1) a reactor is designed, constructed, and operated in manner that is consistent with the assumptions and risk insights for these risk-significant SSCs,

DG-1145, Page C.I.17-2 (2) the risk-significant SSCs do not degrade to an unacceptable level during plant operations (3) the frequency of transients that challenge SSCs is minimized, and (4) these SSCs function reliably when challenged.

The RAP is implemented in two stages. The first stage applies to reliability assurance activities that occur before the initial fuel load. The goal of the RAP during this stage is to ensure that the reactor design meets the purposes identified above, through the reactor design, procurement, fabrication, construction, and preoperational testing activities and programs. The second stage applies to reliability assurance activities for the operations phase of the plant life cycle. The goal of the RAP during this stage is to ensure that the operation of the plant meets the purposes identified above, through existing operational programs (e.g., maintenance rule, surveillance testing, inservice inspection, inservice testing, and quality assurance). Individual component reliability may change throughout the course of plant life due to a number of factors including aging and changes in suppliers and technology. Changes in individual component reliability values are acceptable as long as overall plant safety performance is maintained within the licensing basis.

C.I.17.4.3 Reliability Assurance Program Implementation The RAP is implemented in several phases. The first phase implements the aspects of the program that apply to the design process. During this phase, risk-significant SSCs are identified for inclusion in the program by using probabilistic, deterministic, and other methods. The design certification document addresses this phase. The design certification document also addresses a non-system based Tier 1 inspection, test, analysis, and acceptance criteria (ITAAC) requirement for RAP.

The second phase is the site-specific phase, which introduces the plants site-specific design information to the RAP process. The COL applicant performs this phase. At this phase, the RAP is modified or appended based on considerations specific to the site. The COL applicant establishes the probabilistic, deterministic, and other methods to determine and maintain the site-specific list of SSCs under the scope of RAP. The COL applicant is also responsible for implementing the RAP using existing operational programs.

C.I.17.4.4 Reliability Assurance Program Information needed in a COL application 10 CFR 50.34(h) and 10 CFR 52.79(b) require that COL applicants include an evaluation of the facility against the SRP that is in effect 6 months prior to the docket date of the application of a new facility. A COL applicant should address the following in Chapter 17 of the SAR in accordance with the provisions in SRP Section 17.4:

Describe the applicants RAP that includes: scope, purpose, and objectives.

The process for evaluating, identifying and prioritizing the site-specific SSCs, according to their degree of risk significance.

The methods used to ensure that significant assumptions, such as equipment reliability and unavailability, are realistic and achievable.

A prioritized list of site-specific SSCs designated as risk-significant.

The quality controls for developing and implementing the RAP.

The design and operational information used for plant reliability assurance activities.

Procurement, fabrication, installation, construction and testing requirements for risk-significant

DG-1145, Page C.I.17-3 SSCs.

The integration of the RAP into the applicants existing operational programs (e.g., maintenance rule, surveillance testing, inservice testing, inservice inspection, and quality assurance).

The process for providing corrective action for design and operation errors that degrade nonsafety-related, risk-significant SSCs.

If more detailed information is provided in other sections or chapters of the applicants FSAR regarding particular aspects of RAP (e.g., the use of the plant-and site-specific PRA, the methods used in identifying and prioritizing SSCs in accordance with their risk significance), it is acceptable to provide a cross-reference to the specific section or chapter. Describing these aspects of the applicants RAP in FSAR Chapter 17 in accordance with the provisions in SRP Section 17.4 is an acceptable method for meeting the Commissions policy for a RAP in SECY 95-132.

17.5 Quality Assurance Program Guidance 17.5.1 COL Applicant QA Program Responsibilities An applicant is responsible for the establishment and implementation of a quality assurance (QA) program applicable to activities during design, fabrication, construction, testing, and operation of the nuclear power plant. The minimum QA Information required to be provided in the FSAR is described in 10 CFR 50.34 (referenced from 10 CFR 52.79).

17.5.2 Updated SRP Section 17.5 and the QA Program Description The Office of Nuclear Reactor Regulation (NRR) revised NUREG-800, Standard Review Plan (SRP) to add new Section 17.5, Quality Assurance Program Description - Design Certification, Early Site Permit and New License Applicants. This new SRP section addresses QA program description (QAPD) provisions for combined license (COL) applicants. NRR reviews and evaluates QAPDs in accordance with the applicable sections of the SRP. SRP Section 17.5 is the principle guidance for NRC reviews of a QAPD submitted by COL an applicant. A COL applicants QAPD may be submitted in two phases. The first phase could apply to design, fabrication, construction and testing QA activities and the second phase could apply to operational QA activities. Regardless of the approach, the QAPD(s) would be reviewed and evaluated by the NRC prior to issuing the COL. The QAPD (or QAPDs) should be incorporated by reference in Chapter 17 of the FSAR.

17.5.3 Evaluation of the QAPD Against the SRP and QAPD Submittal Guidance COL applicants may use an existing QAPD that is approved by the NRC for current use for either or both phases, provided that alternatives to or differences from the SRP in effect 6 months prior to the docket date of the application of a new facility are identified and justified.

Chapter 17 of the FSAR should also describe the extent to which the applicant will delegate the work of establishing and implementing the QA program or any part thereof to other contractors. The FSAR should clearly delineate those QA functions which are implemented within the applicants QA organization and those which are delegated to other organizations. The FSAR should describe how the applicant will retain responsibility for and maintain control over those portions of the QA program delegated to other organizations. The FSAR should identify the responsible organization and the process for verifying that delegated QA functions are effectively implemented. The FSAR should identify major work interfaces for activities affecting quality and describe how clear and effective lines of communication between the applicant and its principal contractors are maintained to assure coordination and control of the QA program.

DG-1145, Page C.I.17-4 C.I.17.6 Description of Applicant's Program for Implementation of 10 CFR 50.65, the Maintenance Rule For requested information that is not known at the time of COL application, explain why it is not known and estimate when the information will become available.

C.I.17.6.1 Program Procedures Describe program procedures for Maintenance Rule implementation in accordance with NUMARC 93-01, as endorsed by Regulatory Guide 1.160, including, but not limited to the following areas:

Note 1: Deviations from the guidance in NUMARC 93-01 and RG 1.160 should be explained and justified Note 2: While the Maintenance Rule does not require procedures or documentation, the NRC needs this information to obtain reasonable assurance of consistent compliance.

Note 3: Include procedures' status in procedural hierarchy, whether treated as safety-related or non-safety-related, level of compliance expected, responsibility for preparation, review, approval, use, compliance oversight, and disposition. Submission of actual procedures or software for review is not desired or required for the COL application.

C.I.17.6.1.1 Scoping per 10 CFR 50.65(b)

List and provide information on the structures, systems, or components (SSCs) within the scope of your proposed Maintenance Rule (MR) program to the extent that this information is known at the time of the COL application. For each SSC in scope, provide the following:

(1)

Specific MR requirement(s) in 50.65(b) that require it to be in scope. Provide data for each subparagraph, i.e., (b)(1)(i), (b)(1)(ii), (b)(1)(iii), (b)(2)(i), (b)(2)(ii), (b)(2)(iii).

(2)

For each SSC, indicate for each applicable paragraph (b) scoping criterion the function(s) that require the SSC to be in scope.

(3)

For each SSC, indicate for each applicable paragraph (b) scoping criterion, the failure modes and effects that required the SSC to be in scope, as applicable.

(4)

For each SSC scoping function or vulnerability, indicate the functional performance requirements/success criteria and/or functional failure definitions and implications.

17.6.1.2 Reactor Safety Significance Classification and Other Factors Considered by Expert Panel Describe the process for safety significance classification (i.e., HSS or LSS) of in-scope SSCs and the bases thereof, including risk metrics/importance measures and values, operating experience, vendor information, and any other factors to be considered by the expert panel.

17.6.1.3 Scoping Procedures Identify and describe the program procedures and documents (including computer software and data) that prescribe or govern scoping, including the items above.

17.6.2 Monitoring per 10 CFR 50.65(a) and (a)(2)

For each SSC, indicate its standby or continuously operating status and associated type (i.e.,

availability, reliability, or condition) and level (i.e., component, system, pseudo-system, train, or plant) of monitoring/tracking. Describe the process for determining which SSCs' performance or condition will be monitored initially per paragraph 50.65(a)(1) and which will be tracked per 50.65(a)(2).

DG-1145, Page C.I.17-5 17.6.3 Periodic Evaluation per 10 CFR 50.65(a)(3)

Identify the plant's refueling cycle. Identify and describe the program procedures and documents (including computer software and data) that prescribe or govern periodic evaluation of the Maintenance Rule program in accordance with 50.65(a)(3). Ensure the following considerations are included:

(1) how procedures govern the scheduling and timely performance of (a)(3) evaluations (2) documenting, reviewing and approving evaluations, providing and implementing results (3) making adjustments to achieve or restore balance between reliability and availability (4) industry operating experience (IOE), including the following:

C.I.17.6.4 Risk Assessment and Management per 10 CFR 50.65(a)(4)

Identify and describe the program procedures and documents (including computer software and data) that prescribe or govern maintenance risk assessment and management accordance with 50.65(a)(4) including, but not limited to the following areas:

(1) determination of the scope (or limited scope) of SSCs to be included in (a)(4) risk assessments (2) risk assessment and management during work planning (3) risk assessment and management of emergent conditions and updating risk assessments as maintenance situations and plant conditions and configurations are changed (4) assessment (quantitative and qualitative capabilities) and management of risk of external events or conditions, including fire (internal, external and fire-risk-sensitive maintenance activities),

severe weather, external flooding, landslides, seismic activity and other natural phenomena; grid/offsite power reliability for grid-risk-sensitive maintenance activities (respond to or refer to responses to MR-related questions in NRC GL 2006-02), and internal flooding (5) assessment and management of risk of maintenance activities affecting containment integrity (6) assessment and management of risk of maintenance activities when at low power or when shut down (including implementation of NUMARC 91-06)

(7) assessment and management of risk associated with the installation of plant modifications and assessment and management of risk associated with temporary modifications in support of maintenance activities (in lieu of screening in accordance with 10 CFR 50.59), in accordance with latest revision of NEI 96-07 as endorsed by latest revision of RG 1.187 (8) risk assessment and management associated with risk-informed technical specifications (9)

If known at the time of COL application, describe the scope and level of the probabilistic risk analysis (i.e., operational modes, Level I or II, internal or external events, etc.) and risk assessment tool or process to be used for (a)(4) risk assessments and its capabilities and limitations (otherwise, this information will be reviewed during inspection) 17.6.5 Maintenance Rule Training and Qualification Describe the program, including procedures and documentation, for Maintenance Rule training and qualification consistent with the provisions of Section C.I.13 of this guide as applicable.

17.6.6 Maintenance Rule Program and Operational Reliability Assurance Program Interface

DG-1145, Page C.I.17-6 Describe the relationship and interface between MR and the Operational Reliability Assurance Program (ORAP) (See Section C.I.17.4), including how functions are coordinated and procedures overlap and/or are cross referenced. Note: If the scope of the ORAP is enveloped by the Maintenance Rule Program's SSCs classified as HSS, the Maintenance Rule Program is an acceptable method of implementation of the ORAP.

17.6.7 Maintenance Rule Program Implementation Describe the plan or process for implementing the MR program as described in the COL application, including sequence and milestones for establishing program elements, commencing monitoring or tracking of performance and/or condition of SSCs as they become operational.

I.17.7 References 10 CFR Part 21 10 CFR Part 50 10 CFR 50.4 10 CFR 50.34(a)(7) 10 CFR 50.34(b)(6)(ii) 10 CFR 50.34(f)(3)(ii) 10 CFR 50.34(f)(3)(iii) 10 CFR 50.34(g) 10 CFR 50.54(a) 10 CFR 50.55(e)(4) 10 CFR 50.55(f) 10 CFR 50.55a(b)(1)(iv) 10 CFR 50.55a(b)(2)(x) 10 CFR 50.55a(b)(3)(I) 10 CFR 50.65 10 CFR Part 50, Appendix B 10 CFR Part 52 10 CFR 52.47(a)(1) [cross references to other regulatory requirements]

10 CFR 52.79 [cross references to other regulatory requirements]

10 CFR 52.81 [cross references to other regulatory requirements]

10 CFR 52.83 [cross references to other regulatory requirements]

Regulatory Guidance Documents NUREG-0800, Standard Review Plan RS-002, Processing Applications for Early Site Permits, May 2004 RIS 00-018 Guidance on Managing Quality Assurance Records in Electronic Media RG 1.189, Fire Protection for Operating Nuclear Power Plants RG 1.155, Station Blackout RG 1.26, Quality Group Classifications and Standards for Water-, Steam-, and Radioactive-Waste-Containing Components of Nuclear Power Plants

DG-1145, Page C.I.17-7 RG 1.29, Seismic Design Classification RG 1.54, Service Level I, II, and III Protective Coatings Applied to Nuclear Power Plants RG 1.97, Instrumentation for Light-Water Nuclear Power Plants to Assess Plant and Environs Conditions During and Following an Accident RG 1.142 Revision 2, Safety-Related Concrete Structures for Nuclear Power Plants (Other Than Reactor Vessels and Containments) (11/01)

RG 1.143, Design Guidance for Radioactive Waste Management Systems, Structures, and Components Installed in Light-Water-Cooled Nuclear Power Plants RG 1.152, Criteria for Digital Computers in Safety Systems of Nuclear Power Plants RG 1.160, Monitoring the Effectiveness of Maintenance at Nuclear Power Plants, Revision 2, March 1997 RG 1.168, Verification, Validation, Reviews, and Audits for Digital Computer Software Uses in Safety Systems of Nuclear Power Plants RG 1.169, Configuration Management Plans for Digital Computer Software Used in Safety Systems of Nuclear Power Plants RG 1.170, Software Test Documentation for Digital Computer Software Used in Safety Systems of Nuclear Power Plants RG 1.171, Software Unit Testing for Digital Computer Software Used in Safety Systems of Nuclear Power Plants RG 1.172, Software Requirements Specifications for Digital Computer Software Used in Safety Systems of Nuclear Power Plants RG 1.173, Developing Software Live Cycle Processes for Digital Computer Software Used in Safety Systems of Nuclear Power Plants RG 1.182, Assessing and Managing Risk Before Maintenance Activities at Nuclear Power Plants, May 2000 RG 1.200, An Approach for Determining the Technical Adequacy of Probabilistic Risk Assessment Results for Risk-Informed Activities RG 4.15, Quality Assurance for Radiological Monitoring Programs (Normal Operations) - Effluent Streams and the Environment RG 7.10, Establishing Quality Assurance Programs for Packaging Used in Transport of Radioactive Material NUMARC 93-01, Industry Guidance for Monitoring the Effectiveness of Maintenance at Nuclear Power Plants, Revision 2, dated April 1996 February 22, 2000, revision to Section 11 of NUMARC 93-01, Assessment of Risk Resulting from Performance of Maintenance Activities.

NUREG 1070, NRC Policy on Future Reactor Designs, July 1985 NUREG 1462, Final Safety Evaluation Report Related to the Certification of the System 80+ Design, August 1994 NUREG 1503, Final Safety Evaluation Report Related to the Certification of the

DG-1145, Page C.I.17-8 Advanced Boiling Water Reactor Design, July 1994 NUREG 1512, Final Safety Evaluation Report Related to the Certification of the AP600 Standard Design, September 1998 NUREG 1793, Final Safety Evaluation Report Related to the Certification of the AP1000 Standard Design, September 2004 NUREG/CR 3385, Measures of Risk Importance and Their Applications, May 1986 Generic Letters Generic Letter 83-28, Required Actions Based on Generic Implications of Salem ATWS Events, July 8, 1983 Generic Letter 85-06, Quality Assurance Guidance for ATWS Equipment That Is Not Safety Related, January 16, 1985 Generic Letter 89-02, Actions to Improve the Detection of Counterfeit and Fraudulently Marketed Products, March 21, 1989 Generic Letter 91-05, Licensee Commercial-Grade Procurement and Dedication Programs, April 9, 1991 Generic Letter 2006-02, Grid Reliability and the Impact on Plant Risk and the Operability of Offsite Power, February 1, 2006 Commission Papers SECY 89-013, Design Requirements Related to the Evolutionary Advanced Light-Water Reactors (ALWR), January 19, 1989 SECY 93-087, Policy, Technical, and Licensing Issues Pertaining to Evolutionary and Advanced Light-Water Reactor Designs, April 2, 1993 SECY 94-084, Policy and Technical Issues Associated with Regulatory Treatment of Non-Safety Systems in Passive Plant Designs, March 28, 1994 and related Staff Requirements Memorandum, dated June 30, 1994 SECY 95-132, Policy and Technical Issues Associated with Regulatory Treatment of Non-Safety Systems (RTNSS) in Passive Plant Designs, May 22, 1995