QA-1 RPS/ES Digital Upgrade

advertisement
Oconee RPS/ESPS Digital
Upgrade
Presented by: Michael Bailey
June 3, 2013
1
Oconee RPS/ESPS Digital Upgrade
Agenda:






Oconee Digital Upgrades
RPS/ESPS Digital Upgrade Overview
License Amendment Request Review and Approval
NRC Follow up Inspection
Implementation Activities
System Operational Performance
2
Oconee Digital Upgrades
 Oconee Nuclear Station is a Babcock and Wilcox PWR design
 Duke Energy designed and constructed Oconee in the late 1960s and early 1970s
 Unit 1 began commercial operation in 1973 and Units 2 and 3 began commercial
operation in 1974
 License Renewal extended the Facility Operating Licenses to 2033 and 2034.
 Original Non-Safety Control Systems were analog systems that were based on
standard power plant design practices at the time
 A lack of redundancy was common with the analog Non-Safety Control Systems
 Pneumatic Instrumentation and Controllers were common elements of the control
system strategy
3
Oconee Digital Upgrades
 A Trip and Transient Report (TTR) was developed to assist in identifying the plant
improvements needed to address equipment reliability
 The TTR outlined the incorporation of redundancy in the Non-Safety Control Systems and elimination
of single point vulnerabilities
 System upgrades were initiated on the Integrated Control System, Main Turbine Control System,
Control Rod Drive System, Main Generator Voltage Regulator, and Main Feedwater Pump Controls
 Another input into the Digital Modernization Project was the obsolescence of Control and
Protection Systems
 Following a review of options to address the obsolescence Issues, upgrades were planned for the
Reactor Protection System, Engineered Safeguards System, Keowee Exciter, Keowee Governor,
Turbine Supervisory Instrumentation, and Pneumatic Instrumentation and Controllers
 The final input into the Digital Modernization Project was the need to isolate Feedwater during
specific Design Basis Events
 Designed a new Safety-Related Automatic Feedwater Isolation System
4
Oconee Digital Upgrades
 Oconee implemented several directives to control the digital upgrade lifecycle and
software design controls
 These directives incorporate the guidance of industry standards and NRC documents
 An Engineering Directive was developed in the mid 1990s to support digital upgrades
 The first version of the updated software controls for plant control and protection
systems were implemented in 2005
 Fleet digital system lifecycle directives and cyber security directives have been
generated
 Fleet modification directives were revised to ensure digital design aspects are
addressed by modifications
5
RPS/ESPS Digital Upgrade Overview
 Replaces Analog Reactor Protection System and Engineered Safeguards Protection System
 Uses existing Reactor Protection and Accident Mitigation Sensor inputs
 Actuates existing Reactor Trip Breakers and Engineered Safety Features systems/components
 Adds Diverse LPI and HPI Actuation Systems
 Oconee Unit 1 Installation was performed in April and May 2011
 Oconee Unit 3 Installation was performed in April and May 2012
 Oconee Unit 2 Installation is scheduled for October and November 2013
6
LAR Review and Approval
 Duke submitted Cyber Security Submittal on January 30, 2008
 Duke submitted the RPS/ESPS License Amendment Request on January 31, 2008
 Diversity and Defense in Depth analysis was submitted previously and incorporated by
reference
 NRC performed acceptance review in accordance with the office instruction provided in LIC109 for acceptance review
 NRC identified six areas of concern in the acceptance review






Diversity and Defense-in-Depth assessment
Bi-directional communications between safety and non-safety (ISG#4)
Software quality program
Acceptability of hardware, software and procedure changes
Compliance with IEEE 1012, IEEE Standard for Software Verification and Validation
Software test tool questions
 NRC approval of the Oconee Digital RPS/ESPS was received in January 2010
7
LAR Review and Approval





Weekly conference calls with NRC staff.
Established sharepoint to share over 70,000 pages of documentation.
18 Supplements for Project to address ~120 RAIs.
2 Supplements for Cyber Security to address ~10 RAIs.
NRC/NRR Audits and Inspections ~5
 Vendor Design Office – Alpharetta, GA
 Vendor Test Area – Erlanger, Germany
 Duke - Oconee
 NRC/Duke/AREVA meetings ~ 8
 NRC Region 2 Inspections with support from NRR during each outage installation.
8
NRC Followup Inspection
 Safety Evaluation Report identified 5 Software Plan and Site
Acceptance Testing reviews that needed to be performed by inspection
 The 5 Software Plan and Testing reviews consisted of:





Software Maintenance Plan
Software Operation Plan
Software Training Plan
Software Installation Plan
Site Acceptance Test Plan and Results
9
NRC Followup Inspection
 The Safety Evaluation Report outlined 40 Inspector Followup Items
which addressed the following major areas:







Modification Documentation
Installed Configuration
Procedures Review (Ops, Mnt, Cyber)
Design Basis Documents
Operations Manual
Software Training
System Indication and Alarms
10
NRC Followup Inspection
 NRC Inspection team consisted of 5 inspectors that were onsite in various numbers
during the Site Acceptance Testing, Installation, and Post Installation Testing
 NRC Inspection Plan was based on IP 52003 – Digital Instrumentation and Control
Modification Inspection
 Inspection results were documented in a separate inspection report
 NRC Observations - incomplete Human Factors V&V process, wiring bend radius,
Software Operation Plan did not refer to Alarm Response Guides
11
RPS/ESPS Outage Implementation
 Oconee Unit 1 outage implementation consisted of the following major activities:












Isolation of RPS and ESPS
Determination of the existing analog system
Removal of analog system cabinets
Removal of fire penetration material
Movement of the new cabinets into the Control Room
Re-termination of the cabinet connections
System power up
System calibrations
RPS and ESPS equipment restorations
Functional Tests
Integrated Test
Startup Tests
12
RPS/ESPS Outage Implementation
 Lessons learned from the Unit 1 implementation were accumulated during the outage
 Lessons learned were factored into the design and implementation of the Unit 3 modification
and are being factored into the Unit 2 modification
 The major lessons learned were in the following categories:
 Outage preparation – Field walkdowns for Unit 1 were not intrusive enough to identify legacy
configuration management issues
 Project execution – Challenges with work sequencing to ensure efficient work scheduling
 Testing – Difficult to manage alarms for redundant hardware, especially with one Train or Diverse
System bypassed or in test mode. Inconsequential alarms caused problems with test procedure
performance.
13
RPS/ESPS System Operational Performance
 After completion of the post modification testing, overall system performance has
meet expectations.





No negative Operating Experience
No operational challenges
No nuisance alarms
No equipment failure concerns
Maintenance activities have been performed without challenges
 Obsolescence of equipment has been addressed
 Improved redundancy has been realized
14
Oconee Operating Experience
 Positive OE from Digital Upgrades
 Digital Systems have replaced obsolete systems which had some performance
problems
 Digital Systems have enhanced system and plant reliability by installing
redundancy to eliminate single point vulnerabilities
 Digital Systems have provided better reactivity management by increasing system
stability
 Digital Systems have allowed increased system monitoring and on-line functional
check capabilities
 Digital Systems have allowed for automation of certain plant activities such as
turbine valve movement testing
15
Oconee Operating Experience
 Other OE from digital upgrades
 The interaction between the digital system and the installed plant equipment must
be a focus
 Scope control is a challenge as projects get into the detailed design phase
 Functional requirements must be clearly identified as part of project initiation
 System testing must include multiple levels to ensure the system requirements are
tested
 Training of plant personnel must be included in the project
 Cyber Security requirements continue to change and must be factored into the
system design
16
Questions
?
17
Download