Text

Nuclear Energy Institue (NEI) Presentation Slides to ACRS Subcommittee on CCF Secy Paper, May 20, 2022
	ML22143A854
Person / Time
Site:	Nuclear Energy Institute
Issue date:	05/20/2022
From:	Andy Campbell; Nuclear Energy Institute
To:	Bhagwat Jain; NRC/NRR/DORL/LPL4
References
	Download: ML22143A854 (29)
	v • d • e

NEI Common Cause Failure Policy Input Alan Campbell Technical Advisor

State of Digital I&C The Digital I&C Integrated Action Plan (IAP) has improved regulatory guidance clarity and consistency

RIS 2002-22 Supplement 1 provided criteria for qualitative assessments of Common Cause Failure (CCF) in low safety significant safety-related systems.

BTP 7-19 Revision 8 incorporated graded approach assessments into staff review guidance

NEI 96-07, Appendix D and Reg. Guide 1.187 Rev. 3 provided enhanced guidance for digital systems under 50.59

DI&C-ISG-06 Rev. 2 provided an Alternate Review Process to improve regulatory confidence for digital safety systems upgrades.

Why Digital Safety Systems?

Existing systems are reaching (or have already reached) obsolescence Enhances safety via system diagnostic capabilities to identify and respond to issues Improves plant performance via improved accuracy, processing time, and automated capabilities Provides more data available to Operations, Maintenance and Engineering resulting in better real-time knowledge Reduces hardware inventory compared to existing systems Supports long-term, safe operation of our plants

Todays Digital Landscape Digital I&C technology has design features that provide for deterministic behaviors through the use modern standards International standards, such as IEC/IEEE, are widely accepted and have stable processes to reflect current understanding Hazard analysis techniques have matured and are used extensively in non-nuclear safety industries (such as aviation/aerospace, defense, automotive, and chemical industries)

NRC needs a modernized digital CCF policy that reflects todays technology, experience, and understanding

Applicable Regulation 10 CFR 50.55a(h) - Codes and Standards, Protection and safety systems

Requires compliance with either IEEE 603-1991 or IEEE 279-1971 IEEE requirements

Both IEEE standards require means to implement manual initiation of protection actions

Neither IEEE standard requires diversity RG 1.62 - Manual Initiation of Protective Actions

Provides guidance for manual initiation/control to meet IEEE requirements

Provides a staff position that diversity is required to meet BTP 7-19.

Required codes and standards specify a means for manual initiation of protection actions, BUT do not specify diversity as a requirement.

Applicable Regulation 10 CFR 50.62 - Anticipated Transient Without SCRAM (ATWS)

PWRs

1) Must have diverse means of automatic Auxiliary (or Emergency) Feedwater Initiation and Turbine Trip

2) Must have diverse SCRAM system (CE and B&W only)

BWRs

3) Must have diverse Alternate Rod Injection system

4) Must have standby liquid control system (no diversity requirement)

5) Must have reactor coolant recirculation pump trip (no diversity requirement)

ATWS requirements for diversity are limited to specific functions and do NOT require manual, system-level actuation.

Applicable Regulation 10 CFR 50 Appendix A, General Design Criteria 22 - Protection System Independence

The protection system shall be designed to assure that the effects of natural phenomena, and of normal operating, maintenance, testing, and postulated accident conditions on redundant channels do not result in loss of the protection function, or shall be demonstrated to be acceptable on some other defined basis. Design techniques, such as functional diversity or diversity in component design and principles of operation, shall be used to the extent practical to prevent loss of the protection function. [emphasis added]

Design techniques are required to prevent loss of the protection function.