- Site: Hinkley Point C
- IR number: 21-014
- Date: July 2021
- LC numbers: 12, 14, 17
Executive summary
Purpose of Intervention
The purpose of the intervention is to gain confidence in the adequacy of NNB Generation Company (HPC) Limited’s (NNB GenCo) arrangements, and those of its supporting organisations, covering the traceability of requirements through the control and instrumentation (C&I) lifecycle in the centralised and dedicated C&I system areas.
Interventions Carried Out by ONR
Office for Nuclear Regulation (ONR) C&I and security specialist inspectors undertook a remote intervention (via videoconference), on a sampling basis, to form a judgement on the adequacy of the arrangements associated with requirements traceability for the centralised systems; protection system (PS) and non-computerised safety system (NCSS) and the dedicated systems; turbine protection and control system (TPCS) and polar crane at Hinkley Point C (HPC).
ONR technical assessment guides NS-TAST-GD-051 (the purpose, scope, and content of safety cases), NS-TAST-GD-049 (licensee core safety and intelligent customer (IC) capabilities) and expectations for compliance with licence condition (LC) 12 (duly authorised and other suitably qualified and experienced persons), LC 14 (safety documentation) and LC 17 (management systems) were used to inform ONR’s judgement during this intervention.
Explanation of Judgement if Safety System Not Judged to be Adequate
Not applicable as this was not a system/structure-based inspection.
Key Findings, Inspector's Opinions and Reasons for Judgements Made
Based on the evidence presented, areas of good practice relate to the processes, procedures and implementation of requirements traceability, notably:
- the processes allow for adequate specification, implementation and assessment of requirements traceability;
- adequate quality has been demonstrated in delivery of the arrangements;
- the requirements for functions sampled from the centralised C&I system can be traced from the safety functional requirements note (SFRN) to validation;
- NNB GenCo has satisfactory oversight of the Responsible Designer’s activities, and that of the supply chain, to underpin its IC role.
I found two minor shortfalls:
- a divergence from the licensee’s methodology for requirements traceability within the PS design; and
- the security documentation not reflecting close alignment between the security and computer-based systems important to safety (CBSIS) lifecycles.
I have raised these as observations, which will be followed-up through regular regulatory level 4 meetings with the licensee.
I found a significant shortfall, relating to the dedicated C&I systems, summarised as:
- inadequate definition of performance requirements linked to safety functions;
- where performance requirements (linked to safety functions) are defined, inadequate underpinning of these requirements; and
- inadequate demonstration that the safety function (i.e. sensor detection to completion of safety action) can be delivered when considering the associated performance requirements of all contributing structures, systems, or components (SSCs).
I consider this to be a significant shortfall in requirements definition and traceability to underpinning evidence to justify the performance requirements for safety functions. However, I recognise this shortfall is associated with the reference configuration (RC) 1.2 stage of the project and that several issues associated with this shortfall were already recognised by the licensee. I acknowledge the licensee is committed to address the shortfall within the safety case to underpin the RC 2 design.
Conclusion of Intervention
I judge that an intervention rating of GREEN (no formal action) is appropriate for LC12 (duly authorised and other suitably qualified and experienced persons), LC17 (management systems) and AMBER (seek improvement) is appropriate for LC14 (safety documentation).
LC12 – I found adequate arrangements in place which had been implemented to ensure that only suitably qualified and experienced persons (SQEP) are performing duties which may impact safety. This relates to the production of documentation providing the traceability of requirements in the scope of the PS, NCSS, TPCS and polar crane.
LC17 – I found that the licensee has made and implemented adequate quality management arrangements with respect to traceability of requirements associated with safety functions.
LC14 – I consider there is adequate traceability for the safety functions sampled from the centralised and dedicated C&I systems from the safety plant design base to the allocation of functions to C&I systems. Also, the arrangements adequately describe the methodology for implementing requirements traceability for each system.
However, there are areas for improvement as described in paras 6 and 8. One of which I consider to be a significant shortfall in the safety case demonstration which has informed the AMBER (seek improvement) inspection rating.
I have raised the following regulatory issue (RI): RI 8900 “HPC C&I performance requirements traceability”.