Title: Risk Analysis of Various Design Architectures for High Safety-significant Safety-related Digital Instrumentation and Control Systems of Nuclear Power Plants during Accident Scenarios

This report documents the plus-up activities performed by Idaho National Laboratory (INL) during Fiscal Year (FY) 2022 for the U.S. Department of Energy (DOE) Light Water Reactor Sustainability (LWRS) Program, Risk Informed Systems Analysis (RISA) Pathway, digital instrumentation and control (DI&C) risk assessment project. In FY 2019, the RISA Pathway initiated a project to develop a risk assessment strategy for delivering a strong technical basis to support effective, licensable, and secure DI&C technologies for digital upgrades/designs. An integrated risk assessment technology for the DI&C systems was proposed for this strategy, which aims to (1) provide a best-estimate, risk-informed capability to quantitatively and accurately estimate the safety margin obtained from plant modernization, especially for the high safety-significant safety-related (HSSSR) DI&C systems, (2) support and supplement existing advanced risk-informed DI&C design guides by providing quantitative risk information and evidence, (3) offer a capability of design architecture evaluation of various DI&C systems to support system design decisions and diversity and redundancy applications, (4) assure the long-term safety and reliability of HSSSR DI&C systems, and (5) reduce uncertainty in costs and support integration of DI&C systems in the plant. To achieve these technical goals and deal with the expensive licensing justifications from regulatory insights, the LWRS-developed framework instructs nuclear vendors and utilities on how to effectively lower the costs associated with digital compliance and speed industry advances by: (1) defining an integrated risk-informed analysis process for DI&C upgrade, including hazard analysis, reliability analysis, and consequence analysis, (2) applying systematic and risk-informed tools to address common cause failures (CCFs) and quantify corresponding failure probabilities for DI&C technologies, particularly software CCFs, (3) evaluating the impact of digital failures at the component level, system level, and plant level, and (4) providing insights and suggestions on designs to manage the risks, thus to support the development, licensing, and deployment of advanced DI&C technologies on nuclear power plant (NPPs). Adding diversity within system or components is the main means to eliminate and mitigate CCFs, but diversity also increases plant complexity and errors and may not address all sources of systematic failures. How to optimize the diversity and redundancy applications for the safety-critical DI&C systems remains a challenge. To deal with the technical issues in addressing potential software CCFs in HSSSR DI&C systems of NPPs and supporting relevant design optimization, the framework provides: ? An integrated best-estimate, risk-informed capability to address new technical digital issues quantitatively, accurately, and efficiently in plan modernization progress, such as software CCFs in HSSSR DI&C systems of NPPs ? A common and a modularized platform for DI&C designers, software developers, cybersecurity analysts, and plant engineers to efficiently predict and prevent risk in the early design stage of DI&C systems ? Technical bases and risk-informed insights to assist U.S. Nuclear Regulatory Commission (NRC) and industry to address and fulfill the risk-informed alternatives for evaluation of CCFs in HSSSR DI&C systems of NPPs ? An integrated risk-informed tool that offers a capability of design architecture evaluation of various DI&C systems to support system design decisions in diversity and redundancy applications. The plus-up research and development efforts of this project in FY 2022 are focused on methodology improvement of software CCF modeling and estimation, prevention analysis, importance analysis and risk analysis of various design architectures of HSSSR DI&C systems. This work greatly enhances the capability of the LWRS-developed framework for the risk assessment and design optimization of safety-critical DI&C systems. It should be noted that all the analyses are performed for the demonstration of the LWRS-developed framework, not for the evaluation of relevant systems. Results are obtained based on very limited design information and testing data.