Multiple Equipment Failures in Safety-Related Systems (Generic Letter 79-24)
GL79024
UNITED STATES
NUCLEAR REGULATORY COMMISSION
WASHINGTON, D.C. 20555
June 26, 1979
ALL PRESSURIZED WATER REACTORS
Gentlemen:
Recently, because of operator error, an inadvertent reactor scram and safety
injection occurred during monthly surveillance tests of the safeguards
system at a PWR facility.
At the time of the event, train "A" of the safeguards system had been placed
in "test", and the operator, in addition to inserting a high steam flow
signal required by the test, inadvertently incorrectly inserted a low steam
pressure signal. This action resulted in a low steam pressure signal
(signifying a main steam line break) in train "A" which initiated main steam
isolation valve (MSIV) isolation and a reactor scram. One MSIV, however, did
not close because of a valve solenoid failure. The resultant differential
pressure between two steam lines initiated a safety injection signal from
train "B". In the ensuing events several more equipment failures occurred.
One feedwater regulation valve failed to close because of another solenoid
failure. The steam driven auxiliary feedwater pump tripped on overspeed and
one of the steam generator atmospheric relief valves failed to fully reseat
upon closure.
This occurrence, with its ensuing sequence of events, is of concern to the
NRC staff because of the serious questions that are raised due to the
multiple equipment failures and whether a very real problem could exist that
has not been analyzed. For example, the potential for common mode failures
(in this case two apparently independent solenoid valve failures) should be
investigated to ensure that a problem does not exist which could negate the
criteria assumed in your previous accident analyses or which could lead to
an overall reduction in system reliability.
This occurrence is also of concern because of an apparent sense of
complacency towards periodic surveillance requirements in general and on
engineered safeguards systems in particular which has all too often resulted
in inadvertent reactor scrams and safety injection system actuations. From
the standpoint of unnecessary challenges to the reactor trip and the
safeguards systems and the imposition of unnecessary thermal stress cycles
on reactor coolant system and its components, this is undesirable.
.
- 2 - June 26, 1979
You and your plant supervisors should review the events described in this
letter, to determine whether similar errors have occurred or could occur at
your facility and whether the potential exists for a problem associated with
occurrences that you have not previously considered. In addition, it is
requested that management policies and procedures be reviewed and
strengthened as necessary to assure that multiple equipment failures in
safety-related systems will be vigorously pursued and analyzed to identify
potential failure modes not previously considered that could lead to a
significant reduction in the ability of safety systems to function as
required. Finally, you are requested to review your engineered safety system
surveillance procedures to determine whether appropriate cautions are
included and to ensure that plant operators and supervisors are aware of the
importance of avoiding challenges to the protective features of your
facility.
Within 30 days of receipt of this letter, please submit, in accordance with
10 CFR 50.54(f) of the Commission's regulations, the results of these
reviews. In addition to licensing reviews of these matters, we have
requested that the NRC's Office of Inspection and Enforcement perform a
followup inspection on these matters in the near future.
Sincerely,
Darrell G. Eisenhut, Acting Director
Division of Operating Reactor
Office of Nuclear Reactor Regulation
Page Last Reviewed/Updated Tuesday, March 09, 2021