2013 CMBG Modification Technical Risk Assessment

1. 2013 CMBG Modification Technical Risk Assessment Presenter: Bobbi Jo Halvorson

2. Modification Technical Risk Nuclear technology is recognized as special and unique…. • INPO AFI: Insufficient technical reviews of a few vendor-supplied modifications resulted in the removal of a main turbine protective trip feature, a loss of a qualified off-site power source and a failed preoperational test, which required engineering reword during an outage. Contributing is an assessment of technical risk was not performed to determine the appropriate level of technical review required to identify error in the modification.

3. Modification Technical Risk • On May 2011, a vendor-supplied design error identified • Modification to install a Bently Nevada vibration and thrust bearing wear monitoring system • Main turbine trip design function unintentionally removed during 2009 modification • Removal of the thrust bearing wear detector along with its pressure switches

4. Modification Technical Risk • On May 2011, a vendor-supplied design error identified • Impact – • Main turbine low lube oil trip removed • Increased station risk and insurance deductable • Resolution – • Performed a modification to install turbine bearing lube oil header low pressure trip function

5. Modification Technical Risk • On March 2011, a vendor-supplied design error identified • Modification to replace 1AR transformer • Aux Xfmr supplies operating power/control logic incorrectly wired • Impact- • Unavailability of 1AR (loss of 1 of 3 qualified offsite sources) • Resolution – • Correct the wiring

6. Modification Technical Risk • On May 2011, a vendor-supplied design error identified • Modification stator cooling system improvements • Incorrect calculated setpoints, instrument design and parts failures • Impact- • Delays with testing/plant startup • Flow indicating switch error caused circuit board failure • Resolution – • Corrected various deficiences

7. Modification Technical Risk • On May 2009, a vendor-supplied design error identified • Modification installation of iso-phase bus duct cooler • Numerous equipment failures – cooling coil leaks, fan drive, train swap sequence and expansion joints • Impact- • Potential of load reduction to approx. 60% power • Various unplanned maintenance activities and Tmods • Resolution – • Corrected various deficiences and a study to improve equipment reliability

8. Modification Technical Risk • Benchmarking/OE: • Consequence risk factors • Human performance and process risk factors • INPO SER 04-05 Errors in the preparation and implementation of modifications • INPO AFI and Strengths

9. Modification Technical Risk • Analysis: • Fleet modification process does not adequately drive the identification of critical design information • Suitability review does not require a risk review of the critical attributes and design vulnerabilities • Fleet modification does not require a risk review for design vulnerabilities and critical attributes in EDO performed modifications

10. Modification Technical Risk • Determined cause of the deficiency: • The modification process lacks specific process and procedure guidance for performing a risk assessment for vendor supplied modifications to determine what critical attributes require additional technical validation and oversight.

11. Modification Technical Risk • Actions taken: • Fleet design peer group developed a process for performing a documented risk assessment for modifications • Risk assessment is to be used for both vendor and in-house modifications • Perform the risk assessment on all modifications that are awaiting installation

12. Modification Technical Risk • Update to FP-E-DES-01 (Contractor Control and Stakeholder Involvement) • 5.4 DEVELOPING THE REVIEW PLAN / DETERMINING RISK • 5.4.1 The Responsible Engineer (RE) should document the overall risk and mitigation • actions to be taken on a QF0557, “EC Technical Risk Assessment.” • 1. Use Attachment 2, “Risk Management”, to assist in determining the overall risk. • 2. Use the result of the risk assessment to identify risk factors and the mitigation • actions that will be integrated into the design process. • 3. Document Engineering Supervisor concurrence and Design Engineering • Manager approval via signature on the form.

13. Modification Technical Risk • Overview: This attachment provides a risk management tool for managing design change product quality based on evaluation / assessment of the risk. Risk assessment may consider many elements, including: • Safety consequences: • Does the design change include evolutions or design elements that are vital to nuclear • safety, industrial safety, compliance, or safety system performance? • Does the design change involve a reactivity management issue? • Does the design change adversely affect design margin? • Does the design change satisfy a commitment?

14. Modification Technical Risk • Performance Consequences: • Is a specification (or change to an existing specification) required? • Does the design change include any evolutions or design elements that are vital to plant • reliability or performance. ? • Does the design change have a significant plant impact? • Does the design change affect the grid interface operating limits or performance • characteristics?

15. Modification Technical Risk • Business Consequences: • Is the design change outsourced (i.e., design by a contractor)? • Does the design change involve significant cost, resources or dose? • Does the design change represent a first in the industry? • IF the design change is implemented on the operating unit, THEN are there any • compensatory measures required during implementation? • Does the design change rely heavily on vendors (equipment, design, or installation support)? • Is an expedited design change due to late scope addition for outages?

16. Modification Technical Risk • Complexity • 1 – Simple The product is simple in nature. It is small in scope and does not involve multiple interfaces. The approach or activity has been done before with acceptable results under similar circumstances, so adverse consequences are unlikely. There are few (if any) technical concerns. • 2 – Moderately Complex The activity is complex. The planned approach has identifiable shortcomings that may result in adverse consequences, but they are avoidable using due care. The activity is being prepared under some time pressure. Multiple engineering disciplines are involved. • 3 – Very Complex The activity or product is very complex or is a first time evolution. The planned approach has led to adverse consequences in the past under similar circumstances. Extreme care is needed to avoid adverse consequences. There is considerable time pressure. There are many design or technical issues to resolve. Multiple design organizations are involved.

17. Modification Technical Risk • Consequence • 1 – Low The product has no potential to cause a condition adverse to quality. Typically the product would be classified as non-safety related. Priority Grading / Ranking score per FG-E-EWM-01, “Engineering Work Management”, Attachment 2, is less than 30. Total project cost is < $250K. • 2 – Moderate The product has a potential to cause a condition adverse to quality but not a significant condition adverse to quality. The modification would typically be classified as reliability related or lower. Priority Grading / Ranking per FG-E-EWM-01, Attachment 2, will typically be between 30 and 60. Total project cost is > $250K • 3 - Significant The engineering change could have the potential to cause a significant condition adverse to quality. The product would typically be classified as Augmented Quality or Safety Related. Priority Grading / Ranking per FG-E-EWM-01, Attachment 2, will typically be > 60. Total project cost is > $1M.

18. Modification Technical Risk

19. Modification Technical Risk

20. Modification Technical Risk

21. Modification Technical Risk

22. Modification Technical Risk

23. Modification Technical Risk • Risk Tool Effectiveness • “Back-fit” technical risk reviews of the prepared EPU modifications as new process was being developed Technical Risk Assessment - Risk Identified: • Upcoming construction phase - Site changed construction organizations after design phase • Performed new Constructability Reviews • Various potential issues were identified during the meetings • Resolved before they became field issues or problems that would not be found until testing or after mod implementation

24. Modification Technical Risk • Risk Tool Effectiveness • Alternate Spent Fuel Pool Cooling Mod Fast track, complicated, $4 Million project with multiple vendors involved. Technical Risk Assessment - Risks Identified: • Electrical (rented electrical equipment from non-nuclear vendor) • Independent review of electrical design by EDO • In-house SME’s reviewed design also, and checked ETAP calcs • Found electrical panels not rated for the application • Found errors in short circuit and arch flash calcs

25. Modification Technical Risk • Risk Tool Effectiveness • Reactivity (injecting cold water into the pool) • Reactivity Management Review Board review (at Supervisor/Manager discretion) • Board asked for additional temperature monitoring • Added a hierarchy of valves to operate in order to reduce temp change • Ops procedure revised to address the concern • Complex construction (flying heavy equipment over SR duct bank, pipe routing on outside of Reactor bldg and on roof, lifting pipe over a 3-story bldg) • Contracted external SME’s • Bogart-Pederson (heavy hauls and layout over UG utilities) • Structural Integrity (load drop analysis) • VICs (crane vendor – meeting/challenge board)

26. Questions?