Resolution of Generic Safety Issues: Item A-47: Safety Implications of Control Systems (Rev. 1) ( NUREG-0933, Main Report with Supplements 1–34 )
Nuclear power plant instrumentation and control systems are composed of safety-related protection systems and non-safety-related control systems. The safety-related protection systems are designed to satisfy the General Design Criteria identified in Appendix A to 10 CFR 50. They are used in part to trip the reactor when certain plant parameters exceed allowable limits and to protect the core from overheating by actuating emergency core cooling systems. Non-safety-related control systems are used to maintain the plant within prescribed pressure and temperature limits during shutdown, startup, and normal power operation. The non-safety-related control systems are not relied on to perform any safety functions during or following postulated transients or accidents. They are used, however, to control plant processes that could have an impact on plant dynamics. This issue was originally identified in NUREG-03712 and was later determined to be a USI in NUREG-0705.44
The purpose of USI A-47 was to perform an in-depth review of the non-safety-related control systems and to assess the effect of control system failures on plant safety. To this end, tasks were established to identify potential control system failures that, either singly or in selected combinations, could cause overpressure, overcooling, overheating, overfilling, or reactivity events. The staff concluded from its investigations that certain actions should be taken to enhance safety in LWRs and recommended that plants: (1) provide systems to protect against reactor vessel/steam generator overfill events and to prevent steam generator dryout; (2) include in their plant procedures and their Technical Specifications provisions to periodically verify the operability of these systems; and (3) modify selected emergency procedures to ensure safe plant shutdown following a small-break LOCA. Most plants already have substantial design protection against control system failures. The recommended safety improvements would apply to those plants for which additional or enhanced protection is warranted.
The staff's technical findings were published in NUREG-12171247; the regulatory analysis associated with the resolution of this issue was published in NUREG-1218.1248 The Commission was informed of the staff's resolution in SECY-89-2551249 and Generic Letter 89-191250 was later issued to licensees. Thus, this issue was RESOLVED and new requirements were established.1251