• General Info
  • History
  • General Information
  • The Committee
    • Conway, Member
    • Rossin, Member
    • Budnitz, Member
    • Booker. Consultant
    • Wardell, Consultant
    • Wellington, Consultant
  • Organization Charts
    • Senior VP
    • VP Operations
    • VP Nuclear Services
  • DCISC Brochure
  • Home
• January 2008 Agenda
• Next Public Meetings
• 17th Annual Report
  • Preface
  • Executive Summary
  • Volume 1
    • Table of Contents
    • 1.0 Introduction
      • 1.1 Formation
      • 1.2 Appointments
        • William F. Conway
        • Per F Petersen
        • David Rossin
      • 1.3 Public Meetings
      • 1.4 Inspections
      • 1.5 Visits to CA Agencies
      • 1.6 Documents Provided
      • 1.7 Documentation
    • 2.0 Public Meetings
      • 2.1.1 October 2006
      • 2.1.2 February 2007
      • 2.1.3 June 2007
    • 3.0 NRC Assessments
      • 3.1 NRC Table
    • 4.0 Summary
      • 4.1 Conduct or Operations
      • 4.2 Conduct of Maintenance
      • 4.3 Engineering Program
      • 4.4 Human Performance
      • 4.5 Health Nuclear Safety
      • 4.6 Performance Improvement
      • 4.7 Emergency Preparedness
      • 4.8 Risk Assessment
      • 4.9 Nuclear Safety
      • 4.10 Radiation Protection
      • 4.11 Quality Programs
      • 4.12 Nuclear Fuel Performance
      • 4.13 Equipment Reliability
      • 4.14 Organizational Effectiveness
      • 4.15 System/Equipment Performance
      • 4.16 Steam Generator
      • 4.17 Outage Management
      • 4.18 Plant Security
      • 4.19 Spent Fuel
      • 4.20 Earthquakes Tsunamis
      • 4.21 Fire Protection
      • 4.22 Training & Development
    • 5.0 Performance Indicators
      • 5.1 Performance Charts
    • 6.0 Open Items
    • 7.0 Previous
    • 8.0 Public Input
      • 8.1 Phone Calls
      • 8.2 Internet Activity
      • 8.3 Comments Received
      • 8.4 Public Tours
      • 8.5 DCISC Evaluation
    • 9.0 PG&E Responses
  • Volume 2
    • Table of Contents
    • A Documents Received
    • B Public Meetings
      • B1 Notice October 2006
      • B2 Agenda October 2006
      • B3 Minutes October 2006
      • B4 Notice January 2007
      • B5 Agenda January 2007
      • B6 Minutes January 2007
      • B7 Notice June 2007
      • B8 Agenda June 2007
      • B9 Minutes June 2007
      • B10 Mailing List
    • C Operations
    • D Fact-finding Trips
      • D1 July 2005
      • D2 September 7, 2005
      • D3 September 21, 2005
      • D4 November 2005
      • D5 December 2005
      • D6 January 2006
      • D7 March 2006
      • D8 April 2006
      • D9 May 4, 2006
      • D10 May 31, 2005
    • E DCISC Tours
    • F Open Items List
    • G Public Contacts
      • Correspondence Log
      • Comments from Meetings
    • H Past PG&E Responses
      • 15th Report
      • 14th Report
    • I Brochure as PDF
    • J Glossary
  • PG&E Response
  • Report as PDF
• References
  • Useful Links
    • Diablo Canyon Power Plant
    • PG E
    • California Public Utilities Commission
    • NRC
    • International AEA
    • Live Broadcasts
  • Glossary
  • Acronyms
    • A
    • B
    • C
    • D
    • E
    • F
    • G
    • H
    • I
    • J
    • K
    • L
    • M
    • N
    • O
    • P
    • Q
    • R
    • S
    • T
    • U
    • V
    • W-Z
  • 16th Annual Report
  • 15th Annual Report
• Contact

4.0 Summary of Major DCISC Review Topics, 17th Annual Report - July 1, 2006 thru June 30, 2007

4.8 Risk Assessment and Management

4.8.1 Overview and Previous Activities

PG&E has developed in-house capability to perform risk assessments and periodically updates its Probabilistic Risk Assessment (PRA) to incorporate changes in plant configuration and, if appropriate, operations. The PRA Group has been updating the original 1995 risk assessment which included the sum of internal, seismic, fire and shutdown risks. The 1995 core damage frequency (CDF) was 1.12x10-4 per year, and the revised risk is lower at 9.72x10-5 per year – a 13% decrease. Much of the reduction is due to implementation of the Maintenance Rule and resultant increased equipment reliability and PRA modeling improvements. The reduced overall risk permits more flexibility in scheduling on-line maintenance. The NRC criteria are based on a 1.0x10-6 per year risk threshold for on-line maintenance, and DCPP will have more room within that threshold to perform additional maintenance on line.

PG&E controls its risk from on-line maintenance procedurally. For On-Line Maintenance the PRA Group prepares a Risk Profile on a weekly, monthly and fuel cycle basis. The PRA Group works very closely with personnel performing the On-Line Maintenance risk assessment, and the program has been working well.

The On-Line Maintenance (OLM) model has been used by Operations and Maintenance as an on-line planning tool for various operations and maintenance activities. DCPP is now using ORAM Sentinel (Outage Risk and Management) instead of OLM. Using ORAM, the PRA Group has increased allowable outage times (AOTs) for the Auxiliary Feedwater Pump and identified more sources of water. Similarly, AOTs have been increased for the EDGs, startup power, and CCWPs. AOTs have decreased for the SI, Charging and RHR pumps and have decreased significantly for the SSPS, which represents the highest-risk AOT.

Although the DCISC did not review it during the 2005-2006 reporting period, the Probabilistic Risk Assessment (PRA) Program has appeared satisfactory in previous reporting periods. The DCISC will continue to review PRA including the model updates and upgrades as they are completed.

4.8.2 Current Period Activities

The DCISC did not review Probabilistic Risk Assessment (PRA) items per se during the current reporting period but did review the following related item:

Outage Risk Analyzer – Maintenance (ORAM)

The DCISC Fact-finding Team (FFT) met with Nathan Barber, Reactor Engineering Group Engineer, at its October 25-26, 2006 Fact-finding Meeting (Volume II, Exhibit D.3, Section 3.3) to review DCPP’s use of Outage Risk Analyzer – Maintenance (ORAM).

ORAM is a work-station-based logic program incorporating DCPP Probabilistic Risk Assessment (PRA) data which is used to determine the risk of various plant equipment outage combinations during plant operation. DCPP has Train Level System, Structure & Component (TLS) codes for its risk-significant work items, typically equipment that is to be out-of-service (OOS) for maintenance. ORAM reads the TLS Codes and assesses risk using PRA tables and Safety Function Assessment Trees (SFATs). ORAM output consists of risk colors (green/yellow/orange/red) assigned based on quantitative PRA criteria as well as Key Safety Assessment (KSA) scores.

Operations Shift Manager approval is required for the following situations which will show Orange risk:

• Risk configurations resulting in a KSA score > 8
• PRA Allowed Outage Time (AOT) < Threshold PRA
• PRA AOT < Planned Work Duration
• Trip risk item with Trip Mitigation Equipment OOS

Plans showing Red risk color must be reviewed and approved by the PRA Group. DCPP runs ORAM each day with the daily work plan. Because ORAM is used for safety-related applications, it is included in the DCPP Software Quality Assurance Program.

The FFT reviewed a sample ORAM risk chart for the outage of Emergency Diesel Generator (EDG) 1-3 and Residual Heat Removal (RHR) Pump 1-1. Overall risk was Orange for an outage time of 183.0 hours, whereas each individual equipment outage was Yellow. The Core Damage Frequency was 6.499E-005 per reactor year. The risk chart appeared to be a useful tool to assure plant risk is minimized and with acceptable limits.

ORAM is also used to calculate outage risk assessment. The FFT reviewed an Outage Risk Assessment chart. The chart graphed Core Damage Risk per Hour against time for various plant equipment configurations. In this example, relatively higher risk was shown for the two mid-loop operations following shutdown and prior to startup. The highest risk was calculated to be in the range of 1E-09 to 1E-08 per hour (acceptable) for the duration of mid-loop operation. The risk for other outage operations was less than 1E-15 per hour.

In the second quarter of 2007 DCPP plans to replace ORAM with a new program, Safety Monitor, from the Electric Power Research Institute (EPRI). DCPP is presently testing the program and verifying interfaces. It can calculate risk from more than two components OOS, whereas ORAM is limited to two. It also has the capability to include environmental (e.g., controlled burning near off-site power lines) and test factors and allows for a more accurate assessment of trip risks. Safety Monitor can perform risk calculations based on the full DCPP PRA.

DCPP is currently working on its quantitative PRA shutdown model which is scheduled to be complete in late 2008. (The Fire Protection PRA is expected to be complete by the end of 2007). When completed, the updated quantitative shutdown model will be incorporated into Safety Monitor and used for shutdown risk assessment. In the meantime, the quantitative ORAM shutdown model will continue to be used.

DCPP’s use of the Operating Risk Analyzer – Maintenance (ORAM) for determining the risk of equipment outages for maintenance during operation and for risk estimates during outages appears appropriate. It determines when management approvals are required for relatively higher risk plant evolutions. DCPP will be replacing ORAM with Safety Monitor which has more capabilities and which will provide more accurate and detailed shutdown risk assessments.

4.8.3 Conclusions and Recommendations

Conclusion:

Although the DCISC did not review Probabilistic Risk Assessment (PRA) per se during the 2006-2007 reporting period, the Program has appeared satisfactory in previous reporting periods. DCPP’s use of PRA-based Outage Risk Analyzer – Maintenance (ORAM) appeared appropriate. The DCISC will continue to review PRA including the model updates and upgrades as they are completed.

Recommendations: None

---

For more information about DCISC contact:

Diablo Canyon Independent Safety Committee
  Office of the Legal Counsel
857 Cass Street, Suite D, Monterey, California 93940
Telephone: in Califonia call 800-439-4688; outside of California call 831-647-1044
Send E-mail to: dcsafety@dcisc.org