Graded QA

The inherent problems with blanket application of quality assurance requirements for all safety related SSCs have manifest themselves primarily as producing SSCs which do not necessarily exhibit levels of reliability which are significantly higher than corresponding commercial quality items, yet cost significantly more. In the future, the application of a

“graded” quality assurance programme, in which the application of “Quality Requirements” is balanced with the expected benefit and the importance of the individual SSCs, offers the promise of controlling this inefficient use of resources.

QA programmes generally focus on the imposition of institutional requirements on the procurement, manufacture, installation, operation and maintenance of all safety related components to ensure that they meet their specifications throughout all phases of plant life and during all plant activities and evolution. It is within this context that the current weaknesses in

the application of QA becomes manifest, namely, that though the QA programme is focused on maximizing reliability there are generally no formal requirements to perform reliability assessments for important SSCs to provide a basis for the QA programme.

This limited viewpoint or perspective results in a tendency to focus on documentation of all activities associated with manufacture, installation and operation of the safety related SSCs, without ever exploiting current reliability engineering methods and techniques to confirm that components will provide adequately reliable operation in their selected application. This programmatic focus on meeting requirements, without regard to the formal application of reliability engineering assessments, leads to additional attributes which add to the cost-ineffectiveness of QA, namely:

- There is a tendency to subrogate responsibility for quality performance from the line organizations, to the QA organizations. This flies in the face of experience which shows that unless each line organization has responsibility for quality of its own performance, performance will never be optimal, or, in the words of an old adage “quality cannot be inspected into a product, but, must be built into it”,

- QA programme focus on the blanket implementation of, and compliance with, deterministic requirements initiated to assure the quality of SSCs, decreases the freedom of RAP engineers to make decisions to implement enhancements which necessarily discriminate between important, and not so important, failure modes. Because there is a tendency to classify a complete component as “safety” or “non-safety” related, similar requirements are imposed on all piece parts, a strategy which may increase costs without necessarily increasing reliability to a commensurate level.

A “graded quality assurance” programme can be expected to have the following general characteristics:

- The QA programme will be integrated with the RA programme so that quality requirements are applied in areas where they provide enhanced reliability, i.e. reduce the frequency of flaw initiation and the rate of flaw propagation for important failure modes, - QA requirements will be imposed upon reliability critical SSCs, and focused on

prevention of the important functional failure modes to the extent that segregation of individual piece parts into those which are either safety or non-safety related, is practical within a single SSC,

- QA requirements will only be imposed upon components whose commercially available reliability is insufficient, or, components which must operate under uniquely harsh environmental conditions during the mitigation of severe accidents.

In these cases, because there may be no actuarial experience upon which to base predictions of performance under adverse conditions, it will be necessary to:

(i) Test the components in an environment corresponding to that which it is expected to see during an accident, and provide the necessary assurance that their “as installed” configuration and condition is comparable to the “as tested”

configuration,

(ii) Confirm that the materials of construction are as specified and compatible with the expected accident and process environment.

- The QA programme will be heavily dependent upon the RA programme because the requirements for each SSC will be derived from formal reliability analyses. The applied QA requirements will ensure that these reliability based requirements are preserved during each SSC activity initiated by the manufacturer, installer or maintainer.

The graded QA programme (GQAP) will rely heavily on the rank-ordered list of SSCs which the D-RAP team will develop and maintain current throughout the plant’s design phase. The scope of the GQAP should not necessarily lead to need for discrimination between SSCs installed in “safety“ systems and those within the normally non-safety related SSCs in the

“balance of plant” scope of supply whose failure becomes an initiating event, and hence, may be important to safety. This fact, by implication, means that the RAM and PSA models and analytical methods and tools used to develop the rank-ordered list of SSCs must be “Quality Assured” and meet all the requirements of the plant QA programme. One general approach which could be used to develop a graded QA programme is shown in Figure 5-10.

5.13.1. Nominal QA requirements and the effects of graded QA

Current QA programmes rely heavily on the use of inspection, documentation and compliance auditing against specified deterministic criteria to assure the quality of important safety-related components throughout their operational life. The graded QA programme does not necessarily eliminate this approach, nor the types of activities associated with implementation of these types of programmes. A GQAP will, however, try to limit attempts to “inspect in quality” to those areas in which inspection provides an identifiable value or benefit. For example, the GQAP will:

- Identify institutional activities which influence various aspects of individual SSC reliability and exploit the insights from D-RAP to focus the definition of requirements and activities in areas in which they provide a positive payback, i.e.:

(a) Where material properties are known to be important, specify inspections to ensure that the manufacturer uses the required materials,

(b) Where piping and pressure vessel are expected to be exposed to high levels of radiation, be sure that the actual weld materials and procedures are recorded, (c ) Where material integrity is important, ensure that there is an inspection record for

the manufactured product, not only to provide assurance of initial quality, but, to provide a condition benchmark against which to compare the results of all future inspections,

- Implement programmatic requirements where they enhance reliability commensurate with their importance to safety, reliability or economy. In most cases, this implies that activities:

(i) which reduce or minimize flaw initiation and propagation rates will be controlled, (ii) which do not play an important direct role in influencing important failure modes

and mechanisms will be allowed to default to good industrial practices,

- Monitor procurement and manufacturing processes for original and replacement parts to ensure that they conform to original specifications-this is important to both economy and safety. However, the review will focus only on ensuring that requirements are met, where they have the potential to have a deleterious effect on important SSC failure modes, e.g. assume commercial bolting on a pressure boundary seal is adequate, when the nominal specification with commercial quality is adequate.

FIG. 5-10. Use of rank-ordered SSCs in graded QA.

The importance of GQA in future reactors will depend, to a large extent, to the degree to which formal D-RA and O-RA programmes are used to specify the plant wide reliability specifications for SSCs. When the specification of all SSC requirements for reliability are dictated by the RA programme, the QA programme should be applied in all areas of importance to confirm that the specifications are being satisfied, in other words, QA requirements are dictated by the RA programme to proved GQA by default.

Where comprehensive implementation of plant-wide D-RAP and O-RAP does not occur, the ad hoc reduction in QA requirements for individual SSCs, typical of current approaches to

“graded QA” will reflect the insights above and will be guided by RAM and PSA assessments wherever possible and practical.

Note:

At all times, deterministic QA requirements imposed by the cognizant regulatory authorities in individual member states must be waived or modified before insights and directives from D-RAP and O-RAP can lead to any relaxation of current QA requirements.