HEAVY LOADS PROBABILISTIC

SAFETY ASSESSMENT

BY JOSEPH MARTORE, TENERA LP HOWARD LAMBERT

SPONSORED BY THE NATIONAL SCIENCE FOUNDATION

OCTOBER 5, 1988

Section

1.0

2.0

3.0

4.0

TABLE OF CONTENTS

PROBLEM DEFINITION

OBJECTIVES

OVERVIEW OF THE ANALYSIS

3.1 3.2

Structural Evaluation Methodology Quantitative Fault Tree Analysis

CALCULATIONAL PROCEDURES AND METHODS

4.1.1 4.1.2 4.1.3 4.1.3.1 4.1.3.2 4.1.4 4.2 4.2.1

4.2.2 4.2.3 4.2.4 4.2.5 4.2.6

4.2.7 4.2.8 4.2.9 4.2.10

4.2.11

4.3

4.3.1 4.3.2 4.4 4.4.1 4.4.2

Structural Evaluation Methodology Local Impact Response Overall Structural Response Concrete Steel Drops Onto the Reactor Core Quantitative Fault Tree Analysis System and Heavy Loads of Concern (BWR, Plant X) . Areas of Concern (BWR) Slings and Lifting Devices (BWR) Reactor Building Crane (BWR) Control Circuit and Wiring Diagram (BWR) System and Heavy Loads of Concern (PWR, Plant Y) . Areas of Concern (PWR) Containment Polar Crane (PWR) Crane Controls (PWR) Reactor Vessel Head Removal and Installation (PWR) Upper Internals Removal and Installation (PWR) Events Identification and Fault Tree Construction Fault Tree Construction (Plant X) Fault Tree Construction (Plant Y) Qualitative Evaluation Min Cut Sets (Plant X) Min Cut Sets (Plant Y)

i

1-1

2-1

3-1

3-1 3-2

4-1

4-1 4-2 4-2 4-3 4-4 4-4 4-5

4-5 4-6 4-7 4-7 4-8

4-9 4-9 4-9 4-10

4-12

4-12

4-13 4-14 4-17 4-18 4-19 4-19

5.0

6.0

7.0

8.0

9.0

4.5 4.5.1 4.5.2 4.5.3 4.5.4 4.5.4.1 4.5.4.2 4.5.4.3 4.5.5 4.5.6 4.5.6.1 4.5.6.2 4.5.7

Probabilistic Analysis Probabilistic Data for Basic Events Structural Failures Human Error Equipment Failure Plant X Plant Y Failure Rate Data Used for Both Plants Heavy Load Drop Probability Per Lift Importance Analysis Importance Analysis (Plant X) Importance Analysis (Plant Y) Uncertainty Analysis

INTERPRETATION OF RESULTS

5.1 5.2 5.3 5.3.1 5.3.2 5.4

Plant X Results Plant Y Results Proposed Safety Upgrades Safety Upgrade (Plant X) Safety Upgrade (Plant Y) Study Limitations

PEER REVIEW

REFERENCES

FIGURES

TABLES

10.0 APPENDICES

Appendix A Appendix B

Appendix C Appendix D Appendix E

Crane Terminology Wiring Diagram and Control Circuit Description (Plant X). Wiring Diagram (Plant Y) Fault Tree (Plant X) Fault Tree (Plant Y)

ii

4-19 4-20 4-20 4-22 4-23 4-23 4-23 4-24 4-24 4-25 4-26 4-27 4-27

5-1

5-1 5-1 5-1 5-1 5-2 5-2

6-1

7-1

8-1

9-1

A-1

B-1 C-1 D-1 E-1

iii

1.0 PROBLEM DEFINITION

The United States Nuclear Regulatory Commission in report NUREG-0612, "Control of Heavy Loads at Nuclear Power Plants," proposes guidelines which control movement of heavy loads (Ref. 1 ). Accidental drops of heavy loads could damage spent fuel, cause criticality accidents, or damage safe shutdown equipment. NUREG-0612 guidelines gave special attention to the following accident preventative measures:

o definition of safe load paths;

o training, qualification, and conduct of crane operators;

o testing, inspection, and maintenance of cranes.

In addition to the above, special attention is given to procedures, equipment, and personnel for the handling of heavy loads over the core, such as the reactor vessel head, vessel internals, or vessel inspection tools. This special review includes the following for these loads: (I) review of procedures for installation of rigging or lifting devices and movement of the load to assure that sufficient detail is provided and that instructions are clear and concise; (2) visual inspections of load bearing components of cranes, slings, and special lifting devices to identify flaws or deficiencies that could lead to failure of the component; (3) appropriate repair and replacement of defective components; and (4) verification that the crane operators have been properly trained and are familiar with specific procedures used in handling these loads, e.g., hand signals, conduct of operations, and content of procedures.*

One issue that NUREG-0612 addresses is the drop of heavy loads, such as the reactor vessel head or vessel internals, during refueling. NUREG-0612 requires that the probability of dropping these loads be small or that the consequences for dropping these loads be within acceptable limits (see Page 5-1 of NUREG-0612). NUREG-0612 itself uses quantitative fault tree analysis as a means of establishing the level of safety associated with the guidelines described within that report.

For heavy load drop events, NUREG-0612 suggests that a total probability of about 10-6 per reactor year or less is within acceptable limits. More recent NRC (Ref. 2) positions on quantified safety goals indicate that a more reasonable level of total probability for core melt is 10-5 per reactor year,

* A glossary of terms used in the crane industry is given in Appendix A.

1-1

although this frequency is not explicitly stated. A "large release" frequency should be less than 10-6 per reactor year. It should be emphasized that the accident analyzed here would not likely result in core melt and, in any event, the decay heat and fission product inventory reduction due to shutdown is such that the consequences of any load drop accident would be less severe than a core melt accident.

This case study describes the analyses conducted by the authors for several U.S. utilities. The purpose of the analyses is twofold : (1) to establish if the procedures and equipment used by the utilities for movement of heavy loads conform to the guidelines proposed by NUREG-0612, and (2) to determine if any design or procedural changes should be adopted to conform to these guidelines.

Two nuclear power plants studied by the authors are chosen (one a BWR, the other a PWR) to demonstrate the steps necessary to implement the methodology described in this case study.

1-2

2.0 OBJECTIVES

The objective of this case study is to use probabilistic safety assessment (PSA) to determine if there is an acceptable level of safety for movement of heavy loads at nuclear power plants studied.

The specific objectives of this case study are threefold:

(1) By referring to plant procedures, plant experience and LER's, postulate load drop scenarios;

(2) For each load drop scenario identified in Step 1, use an assessment procedure described in Sections 2 and 3 of this case study to assess the structural damage associated with each load drop scenario to determine if the following damage events could occur;

o damage to spent fuel

o criticality accidents

o damage to safe shutdown equipment

(3) If any of the damage events could occur in Step 2, use quantitative fault tree analysis (as described in Sections 2 and 3 of this case study) to compute the probability of the heavy load drop in question and then establish whether this probability is acceptable. If this probability is unacceptable, incorporate design or procedural changes so that the guidelines of NUREG-0612 are met.

2-1

3.0 OVERVIEW OF THE ANALYSIS

In this section we give a brief overview of the structural evaluation methodology and the quantitative fault tree analysis used in this case study.

3.1 STRUCTURAL EVALUATION METHODOLOGY

A full assessment of load drop consequences requires an iterative utilization of combined systems analyses, structural analyses, dose calculations, and criticality evaluations. The structural evaluation methodology used to perform the structural evaluations for a variety of load drop scenarios, shown in flow chart form in Fig. I*, consists of the following general steps:

1. Identification of heavy loads, handling systems, and handling locations including a full characterization of the load weight, dimensions, materials properties, and structural characteristics.

2. Development of postulated drop scenarios based upon realistic consideration of plant procedures.

3. Review of important structural engineering aspects of impacted structural elements to fully characterize behavior. For reinforced concrete and steel elements identify both "local" and "overall" structural response modes. For reactor internals elements and fuel, identify on a component-by component basis the potential failure mechanisms (i.e., bending, shear, buckling, etc.)

4. Conduct detailed structural evaluations subsequent to bounding system, dose, and criticality evaluations, when these initial approaches fail to demonstrate acceptable consequences. The detailed structural evaluations include:

*

a. Specification of impact energy considering, as appropriate, the energy dissipated due to the transfer of momentum, fluid drag, buoyancy, and constrictive flow ("dash pot") effects of the internals sliding with the reactor;

b. Model development for assessing dynamic response utilizing empirical data as necessary;

All figures are presented in Chapter 8.

3-1

c. Development of failure criteria based upon stability, functionability, leak tightness, or fuel cladding strain considerations;

d. Computation of the response behavior and strain energy absorbed prior to reaching the prescribed performance limits, and assessment of the consequences.

Implementation of the above steps requires consideration of a large body of experimental and analytical information along with the recommendations of experts within the technical community. A cost effective technical approach incorporating the above considerations is presented in Section 4.0.

3.2 QUANTITATIVE FAULT TREE ANALYSIS

For load drop scenarios which could potentially cause unacceptable structural damage, such as drop of the reactor vessel head and vessel internals, quantitative fault tree analysis is used to calculate the probability of the load drop scenario on a per-lift basis.

The quantitative fault tree analysis approach adopted for this follows a step-by-step procedure typical to fault tree analysis. include:

case study These steps

o Description of the crane handling system and associated testing, maintenance, inspection, training, and lift procedures regarding removal and installation of the heavy load in question;

o Events identification and fault tree construction -- formulation of the top structure of the fault tree (typical structure shown in Fig. 2) that depicts all of the ways the crane handling system could fail, resulting in the drop of the heavy load in question;

(I) structural failure while subjected to normal load conditions;

(2) structural failure due to excessive load;

(a) two-blocking event

(b) load hangup event

(c) binding

(3) overspeed event -- loss of hoisting or lowering capability coupled with loss of brakes;

3-2

o Qualitative analysis - find minimal cut sets and establish all single failure events leading to the load drop scenario in question;**

o Probabilistic analysis;

0

**

(I) find sources of data and determine applicability to the load drop scenario in question;

(2) perform structural reliability calculations as needed;

(3) compute probability of the load drop scenario, i.e., Top Event; normalize to annual frequency;

( 4) probabilistically rank basic events and min cut sets (i.e., conduct an importance analysis).

Conclusions, recommendations, and results.

A min cut set is a set of basic events that causes the Top Event to occur. Basic events represent the limit of resolution m the fault tree and represent events such as: I) human error, 2) equipment failure, and 3) environmental conditions.

3-3

4.0 CALCULATIONAL PROCEDURES AND METHODS

4.1 STEPS INVOLVED IN STRUCTURAL EVALUATION METHODOLOGY

4.1.1 STRUCTURAL EVALUATION METHODOLOGY

The potential for accidental drops of heavy loads handled within safety­related areas of nuclear power facilities has led to a need for evaluation of the consequences of these potential drops (Ref. 1 ). A full assessment of load drop consequences for scenarios involving heavy loads handled over spent fuel, fuel in the reactor core, and equipment required to achieve and maintain the reactor in a safe shutdown condition, requires an iterative utilization of systems evaluations, structural analyses, dose calculations, and criticality evaluations. Structural evaluations are initiated at two levels:

1. As early input to system evaluations to identify drop scenarios that potentially lead to discrete levels of damage (e.g. local concrete scabbing), and

2. Following bounding system, dose, and criticality evaluations when these initial approaches cannot screen out the particular scenario based on having either a small probability of occurrence or minor consequences associated with the scenario.

The quantitative and plant specific analyses associated with Item 2 (Section 3.1 of this case study) require a full characterization of the parameters of the dropped item and the impacted structure, in order to adequately represent the response of each during and following impact. This complete characterization for each scenario could result in numerous and unnecessary analysis efforts due to the multiple loads, handling systems, handling locations, and drop orientations which would be postulated. Therefore, an effort is made to limit the load drop scenarios which must be evaluated based upon a realistic consideration of plant procedures and on identification of loads which control:

1. Local response (e.g. penetration, scabbing, spalling, perforation, etc.);

2. Overall structural response (e.g. large inelastic deformations or abrupt failures of principal structural members, etc.), and/or;

3. Behavior that exhibits combined response such that either overall or local failure modes would control.

4-1

Local effects are generally independent of the dynamic characteristics of the impacted structure; whereas overall structural response is a direct function of these characteristics. In general. we have found that empirical evaluations and energy techniques can be used to adequately represent the response behavior of heavy load drops, such that detailed finite element/difference computer analyses may not be warranted.

The evaluation methodology and criteria generally follow the recommendations made by the American Society of Civil Engineers Technical Committee on Impactive and Impulsive Loads (Ref. 3), supplemented by a large body of experimental and analytical information documented in Refs. 4-8, 11, 12, and 17-22.

4.1.2 LOCAL IMPACT RESPONSE

Local impact response of concrete structures may lead to severe damage such as crushing, perforation, and concrete ejection in the vicinity of the impactive load. However, overall dynamic response of the structure in terms of reactions away from the load is typically insignificant. The complex nature of local impact response of reinforced concrete structures requires evaluation using empirical formulae that are experimentally derived. Based upon a review of the literature. we chose to use the modified National Defense Research Committee (NDRC) formula (Ref. 4) because it has been shown to give the best fit with available experimental data (Refs. 5.6). Concrete perforation and scabbing are a function of load impact diameter and penetration; therefore, review of handling procedures is important to identify worst case drop orientations.

4.1.3 OVERALL STRUCTURAL RESPONSE

The overall structural response of heavy load drops results from the dynamic interactions between the impactive load and the structure which it impacts. The resulting complex forcing function produces instructure dynamic reactions in the forms of forces, moments, and shears at points away from the impactive load. As a rule, this forcing function is unknown, however, occasionally it can be estimated by incorporating knowledge of the characteristics of the dropped load (weight, size, shape, deformability), characteristics of the impacted structure (material properties, structural configuration, etc.), and impact conditions (velocity, orientation). The use of energy balance methods for the evaluation of reinforced concrete and structural steel structures is recommended, since these techniques do not require explicit knowledge of the forcing function.

A cost effective methodology for evaluating structural response to postulated heavy load drops has been developed and implemented. The approach provides

4-2

concise determination of sequential structural behavior, while reducing the need for expensive finite element/difference formulations.

4.1.3.1 CONCRETE

The structural evaluation methodology shown in Figure incorporates conservation of energy and momentum to calculate the transmitted kinetic energy and maximum displacement of supporting members. These are considered to investigate the important modes of overall reinforced concrete structural behavior, and to establish the capabilities of the impacted system. The objective of this methodology is to characterize structural behavior in terms of the available strain energy up to prescribed performance limits. These limits are dictated by either ductile or brittle modes of failure. The ductile mode is characterized by large inelastic deflections without complete collapse, while the brittle mode may result in partial failure or total collapse. The available internal strain energy that can be absorbed by the concrete floor system without reaching those limits of unacceptable behavior is compared with the externally applied energy resulting from the heavy load drop.

Generally, the ultimate load of a concrete slab or beam system is reached prior to exceeding the hinge rotational capacity of particular sections, as unstable shear mechanisms are formed. Hence, an investigation of shear as a function of load path is required to identify the most vulnerable locations for postulated drops. When unstable mechanisms could be minimized, the hinge rotational capacity was used as a criterion to set the maximal allowable level of deflections for the concrete slab or beam system. The hinge rotational capacity for concrete structures was developed in Refs. 9 and 10 based upon test results given in Refs. 11 and 12, and is given as

=

where, = =

c =

0.0065(d/c) x 0.07

rotational capacity of plastic hinge (radians) distance from the compression face to the tensile reinforcement distance from the compression face to the neutral axis at ultimate strength.

The load/deflection history up to the point of ultimate loading, coupled with the maximum allowable deflection, defines the maximum level of strain energy absorption provided that a shear failure has not occurred. The shear stress at limiting sections is checked and compared to allowable as specified in Ref. 13. As mentioned above, in several scenarios investigated, shear was found to control, thus effectively limiting the energy absorbing mechanisms which could have been developed.

4-3

4.1.3.2 STEEL

The maximum response of structural steel elements is determined using the commonly applied energy balance method (Refs. 3, 14, 15) by equating the externally applied kinetic energy to the available internal strain energy. The maximal permissible deflection of each structural element is given in terms of an allowable ductility ratio, which is defined as the maximum permissible deflection divided by deflection at the affected limit. Allowable structural steel ductility ratios for impact loads are taken from Ref. 3.

The effective yield limit corresponds to the deflection point of an equivalent elasto-plastic resistance displacement curve as defined by Newmark (Ref. 16). For simplicity, an equivalent elasto-plastic resistance displacement curve was developed by setting the maximum resistance equal to the actual minimum yield resistance. This procedure is conservative because it neglects the strain energy associated with the strain hardening mechanism.

4.1.4 DROPS ONTO THE REACTOR CORE

Potential drops of reactor internals or other miscellaneous equipment onto the reactor core are evaluated by conservatively assuming that the total kinetic energy reaches the core and directly loads the fuel assemblies, although certain physical limitations do exist and potential additional sources of energy dissipation may also be included. In the analysis, the impact load is transmitted from the upper grid of the internals to the fuel assembly. Individual fuel rods typically buckle elastically between spacer grids at the Euler critical buckling load. However, strain energy can be absorbed beyond the point of reaching this critical buckling load through bending until the fuel cladding strain reaches a criterion value. For a typical cladding material, zircoloy 4, this strain criterion value was taken as 1 percent based upon the irradiated properties of zircoloy 4. The local behavior of the cladding must also be investigated to protect against local instabilities which could lead to radioactive releases.

The fuel rod is assumed to take a half wave sinusoidal shape between spacer grids, based upon a pinned-pinned boundary condition. The deflection along the fuel rod is determined and the stress strain distribution through the cross section of the fuel rod under combined axial and compressive/bending loadings is evaluated. Expressions are then developed to define the axial force and moments in the fuel rod as a function of the changing inelastic stress distribution. Together these expressions define the midspan deflection. In addition, the shortening of the fuel rod is also calculated such that the post buckling load deflection diagram for the fuel rod can be drawn. The area under this curve represents the strain energy absorbed by the fuel rod.

This energy absorbing capability of the fuel rods is then evaluated in terms of the total impact energy of the dropped internals. The impact energy is

4-4

established based upon considerations of gravity and, as these drops typically are through water, drag, buoyancy, and constrictive flow (dashpot effect) considerations are accounted for.

4.2 QUANTITATIVE FAULT TREE ANALYSIS

As a result of conducting the structural evaluation described in Section 4.1, there were several types of load drops whose consequences have the potential of exceeding NUREG-0612 guidelines. The five loads for boiling water reactor (BWR) plants include (weights are indicated in parenthesis):

o reactor vessel head and lifting rig (73 tons)

o steam separator and sling assembly (43.5 tons)

o shipping cask (34 tons)

o recirculation motor with slings and shackles (20 tons)

o spent fuel shipping cask (70-11 0 tons)

Two loads for the pressurized water reactor (PWR) include:

o reactor head, reactor head lifting device and control rod mechanism (169.5 tons)

o upper internals and upper internals lifting device (77 .5 tons)

It is not intended that the above list be a complete set but these are the heavy load drops found by the authors for the nuclear power plants studied.

The above drops define top events to fault trees. Before discussing the fault tree analysis, we give an overview of the operations concerning movement of the heavy loads listed above. We first discuss specific operations for one BWR plant, called Plant X in this case study; then, for one PWR plant, called Plant Y. Operations described below are fairly representative for the plants studied.

4.2.1 SYSTEM AND HEAVY LOADS OF CONCERN (BWR, PLANT X)

Plant X is a BWR reactor with a Mark I containment. A number of heavy loads must be removed by the reactor building crane during refueling or other maintenance operations. The loads considered in this study include:

o reactor vessel head and lifting rig (73 tons)

o steam separator and sling assembly (43.5 tons)

4-5

o shipping cask Chern Nuclear, CNS 4-45 (34 tons)

o spent fuel shipping cask (70-11 0 tons)

o recirculation motor with slings and shackles (20 tons)

Figure 3 shows the layout of the operating/refueling floor and associated load paths and laydown areas for the loads described above. Figure 4 shows the cross section of the reactor building according to elevation. Detailed maintenance procedures for Plant X describe disassembly and reassembly of the reactor and describe movements of the loads described above.

We summarize the movements of these loads below. The reactor vessel head is removed from the reactor vessel flange, is lifted 18 inches above the flange, and is suspended for five minutes to check for levelness (see Fig. 7). The head is lifted 25 feet above the flange and is moved in a straight line path to the head storage area, (see Fig. 3).

The steam separator is also lifted 18 inches above the shroud head connection and is suspended for five minutes. It is then lifted 32 feet above the head shroud connection and is moved to steam separator storage area in the internals storage pit. The separator is moved entirely under water.

The spent fuel shipping cask is moved from the spent fuel storage area to the head storage area for wash down. It is then briefly suspended above this storage area and is moved to the northeast equipment hatch and is lowered to the ground floor, elevation 272 feet, onto a railroad car.

During the life of the plant, it is also possible that the recirculation pump motor would be lifted through the northwest equipment hatch, elevation 326 feet, to the operating floor, elevation 369 feet. It is then moved to the northeast equipment hatch and is lowered to the ground floor, elevation 272 feet.

4.2.2 AREAS OF CONCERN (BWR)

The safety concern posed by the Reactor Building Crane is the movement of loads over or in proximity to: fuel in the core when the vessel head is removed; fuel in the spent fuel pool; the reactor vessel itself; and safe shutdown equipment at lower elevations. The safe shutdown equipment at lower elevations that are of concern when handling heavy loads includes:

I. cabling and equipment in the "crescent area" (below elevation 272') that is beneath the track floor under the main equipment hatch in the southeast quadrant of the Reactor Building;

4-6

2.

3.

4.

4.2.3

the suppression pool, portions of which are beneath this equipment hatch;

safety related equipment at various elevations that may be located in the vicinity of the equipment hatches in the northwest and southeast quadrants; and

cabling and equipment (including battery and inverter rooms) at elevation 344' that are below the travel path of heavy loads handled at elevation 369', such as the reactor vessel head, drywell head, shield blocks, and shipping casks.

SLINGS AND LIFTING DEVICES (BWR)

The slings and lifting devices used to lift the loads of interest in this study are listed in Table I*.

The head strongback (see Fig. 5) consists of four lifting arms mounted at right angles between top and bottom four-point star plates. The top plate has a slot through which the double hook of the crane passes to engage the two hook pins. The strongback is attached to lifting lugs on the drywell head and reactor vessel head, and to lifting lugs at the end of each arm of the strongback, by turnbuckles and anchor shackles.

The dryer and separator sling (see Fig. 6) is a cruciform steel frame attached to a hook box by four wire ropes with turnbuckles. The four ends of the cruciform frame are each fitted into a bell-shaped housing which is open and flared at the bottom. A hole passes through two sides of the housing for the lifting pin travel. Each lifting pin is actuated by a double-acting air piston. The lifting pin, in turn, actuates an air valve at the end of the pin's travel. This air valve gives positive indication by way of a pressure gauge that the lifting pin is fully inserted into the dryer and separator lifting lug. A lifting eye, located on top of each !-beam, is connected to a turnbuckle and a wire rope. The wire ropes are attached to the hook box by spelter sockets and pins. The hook box contains a slot at the top which is sized to accommodate the double hook of the crane. The hook pins pass through the hook box to engage the crane hook.

4.2.4 REACTOR BUILDING CRANE (BWR)

The bridge crane, designed and fabricated by Harnischfeger P&H, has a main hoist capacity of 125 tons, an auxiliary hoist of 20 tons, and a second auxiliary hoist of 1/2 ton capacity. It is located above the operating/refueling floor ( el. 369') with crane rails located at el. 402'. The crane is normally used during maintenance and refueling operations. These

* Tables are presented in Section 9.

4-7

operations include handling of the shield plugs, the reactor vessel and drywell heads, the steam dryer and steam separator, and shipping casks. It is also used to raise and lower various pieces of equipment through the general purpose equipment hatches in the southeast and northwest quadrants of the Reactor Building and through several special purpose hatches. The 1/2-ton hoist is used to handle new fuel elements and various lighter loads. Detailed procedures for inspecting, testing, and maintaining the reactor building crane are written.

The main and both auxiliary hoists also have gear-driven limit switches that are connected to and driven by the hoisting drum. These switches are provided to prevent the cables from being completely unwound from the drums and to prevent overtravel of the hooks in the lifting and lowering direction. In addition, a block-actuated limit switch is provided for each hook to prevent overtravel of the hook in the upward direction and prevent a two­blocking event should the gear-operated limit switch be out of adjustment or fail to operate. Both upward limit switches are tested individually prior to lift. A typical hoisting arrangement for Harnischfeger cranes is shown in Figure 8. The illustration shows one electric brake; however, the reactor building crane at Plant X has two brakes. The brakes are shoe-type, spring­set electric brakes (a detailed drawing is shown in Figure 9). Each brake for the main hoist is rated at 150% of full motor torque. Energizing the crane applies power to both the crane controls and the brake coils, releasing both brakes. Both brakes will remain in the released position as long as power is applied. Both brakes are tested individually prior to lift.

Figure 8 also shows a magnetorque motor which is an electric load brake used for speed control. In addition, this load brake will prevent a free-field fall of the load in the event that the hoisting motor fails and power is available. Upon loss of power, the electric brakes engage. In the event the load brake should fail during lowering, the hoisting motor will exceed synchronous speed and act as a generator. In this case, the load will lower at 120% of the maximum rated speed of 4 feet/min.

4.2.5 CONTROL CIRCUIT AND WIRING DIAGRAM (BWR)

Appendix B contains Figures B-1 and B-2 which are the wiring diagrams for the main hoist control circuit. Appendix B also contains a catalog that describes the operation of the control circuit (in particular, see Fig. 1, Page 2 and Fig. 8, Page 7). In addition, the catalog describes in detail the function of each electrical component shown in Figs. B-1 and B-2. Note that in Fig. B-1, there is a radio transmitter which controls movement of the crane. In the event of a radio transmitter failure, a detachable pendant is used as a backup.

4-8

4.2.6 SYSTEM AND HEAVY LOADS OF CONCERN (PWR, PLANT Y)

Plant Y is a four-loop PWR. During reactor disassembly for refueling, the reactor head, together with the reactor head lifting device and control rod drive mechanism (total weight 169.5 tons including the load block), is lifted from the flange of the reactor vessel and placed on the reactor vessel head storage stand located at elevation 140'-0" in the containment building. The upper internals assembly, together with the upper internals lifting device (total weight 77.5 tons including the load block), is lifted under water and placed on its storage stand in the refueling cavity. These laydown areas are shown in Figs. I 0 and 11. Detailed procedures for reactor disassembly and reassembly are written.

4.2.7 AREAS OF CONCERN (PWR)

Drop of either the reactor vessel head or upper internals could potentially deform the input/output nozzles to the reactor vessel or in the severe case, damage the reactor vessel itself.

4.2.8 CONTAINMENT POLAR CRANE (PWR)

Below we describe the containment polar crane and the crane controls and the procedures used for reactor vessel head removal and installation and for removal and installation of the upper internals. An understanding of the crane, its controls, and the above procedures is necessary to develop and understand the fault tree discussed in Section 4.3.

An overhead gantry polar crane lifts, moves, and lowers the reactor head and upper internals. The crane has a movable trolley, main and auxiliary hooks, and is designed to rotate in either direction on a track 103 feet in diameter at elevation 140'-0" in the containment building. Principal dimensions and figures are shown in Fig. 12.

The main hoist consists of a variable speed motor which drives through a double-reduction enclosed gear set, and then through one reduction of open gearing to the drum. A magnetic, spring-set brake is mounted directly on the motor shaft.

A second identical brake is mounted on an extended shaft of the speed reducer, so that there is no coupling between the brake and the drum. The brakes actuate when their respective magnetic coil are de-energized (i.e., fail safe upon loss of power).

4-9

The drum has right-and-left grooving for 1 1/4-inch rope. The rope is in one continuous length, with both ends winding on the drum and equalizer sheaves in the center. There are 10 sheaves in the fall block, so that the load is supported by 20 ropes, but the efficiency is that of a 10-part tackle.

4.2.9 CRANE CONTROLS (PWR)

The motor control system, as well as all associated electrical equipment such as motors and brakes, was furnished by the General Electric Company. The crane control circuitry is presented in Appendix C.

This system utilizes a DC drive motor and a General Electric Maxspeed 250 stepless control system. The DC power is supplied by a generator driven by an AC motor. "Spotting Zone Control" is provided by a thumb-operated switch located on top of the master switch, whereby the operator may cause the load to creep, stop, hold, or reverse, without setting the holding brakes. During normal movements of the controller handle, the speed of movement of the load depends both on the amount of the load and the position of the controller.

The pendant station, furnished by General Electric, is a miniature control console (see figure 15). It contains the following controls:

a. Master Switch with thumb latch for Main Hoist b. Master Switch with thumb latch for Auxiliary Hoist c. Master Switch for Trolley Drive e. Switch for Pendant Travel f. Switch for Pendant Raise and Lower g. Pushbotton for Control On h. Pushbotton for Gong i. Pushbotton for Stop

All movements of the crane are controlled by a pendant station that is normally positioned for an operator at elevation 140'-0" at the leg of the gantry crane, but can be lowered 30 feet when required.

All of the motions of the crane, except gantry travel, are restricted by limit switches that de-energize the control circuit. The limit switches are:

a. A block-up limit switch is provided to limit the upper travel of the main and auxiliary blocks. The block strikes a suspended weight, which releases the weighted lever-type switch.

b. A second redundant upper limit switch for the main and auxiliary hoist is a geared switch (GLS).

4-10

c. A block-down limit switch is provided to limit the lower travel of the main and auxiliary blocks. This is a geared limit switch, driven from the end of the drum shaft.

d. A lever-type limit switch is placed at each end of the drive girder to stop the trolley just before it strikes the bumper. A third limit switch near the overhang end of the girder prevents operation of the main hoist when the main block is in a position where is would foul the crane frame.

The operation of the main hoist control is summarized below.

The main hoist is of the "Stepless" type, and the speed of hoisting will depend both on the position of the controller handle and the amount of load on the hook. The pushbutton on the master switch releases the motor brakes. Therefore, with the pushbutton depressed, the load can be raised, lowered, inched or held. Note that the hoist can also be operated without depressing the pushbutton, in which case the brakes will set each time the master switch is returned to "OFF".

The operation of the crane control circuits is summarized below.

The hoist motor direction (Hoist/Lower) is determined by the generator polarity [( +) for hoist and (-) for lower]. Hoist motor speed is determined by generator voltage level in either the hoist or lower direction. Generator polarity and magnitude are set by the master controller position as selected by the operator.

The master controller contains six sets of contacts which are connected and interlocked into the brake and magnetic amplifier circuits. The controller also contains a potentiometer which selects the set point voltage supplied to the control circuit. The reference voltage is the source of the speed set­point voltage [( -20)-0-( +20)]. The generator voltage level is maintained at a set-point by a generator field control which will read the voltage feedback signal, compare it with the set-point and generate a corrective error signal which will change the generator field current level in the correct direction and polarity to regain the original set-point level when a deviation occurs.

A current feedback circuit, which measures a voltage signal proportional to the generator armature current, limits the generator armature current.

The motor shunt field current is controlled by the motor field programmer magnetic amplifier and field magnetic amplifier. The magnetic amplifiers are AC supplied. The reference for this magnetic amplifier is generator armature voltage. A current feedback voltage proportional to the armature current modifies the magnetic amplifier action to provide motor field current values which give the hoisting motor a constant horsepower hoist characteristic.

4-11

4.2.10 REACTOR VESSEL HEAD REMOVAL AND INSTALLATION (PWR)

A special lifting rig, called the reactor head lifting device (see Fig. 13), is used with the polar crane to remove and install the vessel head. This rig attaches the reactor head to the main hook. The lower legs of the lifting device are mated with holes in the link assembly on the reactor head and lifting bolts are inserted. Alignment of the lifting device to the head is accomplished by a dual scope method. The reactor head is lifted one inch and checked for levelness. The lifting of the reactor head serves as a load test for the crane.

The reactor vessel head (RVH) is lifted six inches above the vessel flange and the brakes are engaged to observe that no creeping of the load occurs. The RVH is lowered two inches and the procedure is repeated. During this procedure two people are in the refueling cavity at the 114-foot level and are in radio communication to the crane operator, who is located at the pendant station at the 140-foot level. During the lift, these personnel are observing a reading of a load cell which is structurally in series with the hook and lifting device. Any significant change in the load cell reading causes them to give instructions to the crane operator to cease hoisting.

After it has been verified that the reactor control cluster assembly has disconnected (at about 24 feet above the flange), the reactor vessel head is hoisted approximately 30 feet straight up at the maximum hook speed of 3.8 feet per minute and is then carried horizontally in a straight line to the reactor head laydown area.

The initial series of lift and hold steps requires approximately 15 minutes to complete. After the initial series of steps is complete, an additional 15 minutes is required to complete the lift and to move the head to the laydown area.

The procedure for installing the reactor vessel head is essentially the reverse of the removal procedure. The head is checked for level when it is lifted from the storage stand. The head is then moved over the vessel using dual scopes and reference marks on the containment lines to properly locate the head with respect to the guide studs. The head is them lowered into place. The installation process requires about 15 minutes.

4.2.11 UPPER INTERNALS REMOVAL AND INSTALLATION (PWR)

Prior to removal of the upper internals, the refueling cavity is flooded to about 24 feet above the reactor vessel flange.

4-12

A special internals lifting rig (see Fig. 14) is used to handle the upper reactor vessel internals package. It is attached to the main crane hook for all lifting, lowering and traversing operations. As with the RVH lift, a load cell linkage is connected between the main crane hook and the rig to monitor loads during all operations. When not in use, the rig is stored on the upper internals storage stand.

The rig attaches to the internals package by means of three engaging screws which are screwed into tapped holes in the internals flanges (see Fig. 14). These screws are manually operated from the manipulator crane or lifting rig platforms using a handling tool which is essentially a long wrench. The screws are normally spring retracted upward and are depressed to engage the tapped holes by the weight of the handling tool.

For initial rough alignment and guidance when positioning over the reactor and upper internals storage stands, the rig uses two long guide studs. For final fine alignment and guidance, the rig uses the four reactor vessel alignment pins and similar pins on the upper internals storage stand. When over the vessel, finer alignment can be obtained using the dual scope method. The brackets at the bottom of the rig which are guided on these alignment pins must be manually "extended" when handling the upper internals.

Using the handling tool as a wrench, the rigger screws the three internals rig engaging screws into the tapped holes in the flange of the upper internals assembly. The engaging screws thread three inches into the tapped holes.

The rigger verifies this length of engagement on each screw by scribing a reference line at a convenient spot on the tool body and measuring the relative change in elevation of that reference line after the engagement is complete.

As the load cell is monitored by two people, the crane operator slowly raises the internals package until it is clear of the reactor vessel and the lifting rig is clear of the reactor vessel guide studs. The upper internals is then moved in a straight horizontal line to the upper internals storage stand. As part of the procedure the upper internals remain suspended 24 inches above the top of the core for one minute as a check on the brakes.

The installation procedure for the upper internals is the reverse of the removal procedure.

4.3 EVENTS IDENTIFICATION AND FAULT TREE CONSTRUCTION

First we discuss the fault tree analysis for Plant X. The analysis for Plant Y is similar to Plant X with exceptions noted in Section 4.3.2.

4-13

4.3.1 FAULT TREE CONSTRUCTION- PLANT X

A generic fault tree with Top Event (drop of load) is shown in Appendix D. Important load movement information for the loads described in Section 4.2.0 for Plant X is given in Table 2. The fault tree in Appendix D applies equally to all load drop scenarios. By modifying the basic event probabilities, we can generate the probability of each scenario defined in Table 2. The critical lift interval in Table 2 refers to a distance in which, if the load were dropped above the 0' reference point, an accident could result, exceeding NUREG-0612 guidelines. The critical lift or movement time is based upon the following maximum crane speeds.

o Hoist 4 ft/min.

o Trolley 50 ft/min.

o Bridge 100 ft/min.

Conservative estimates for the critical lift time in Table 2 are used in the probability calculations.

As indicated in Section 3.2, drops can occur in three ways:

o Structural failure while subjected to normal load conditions

o Structural failure due to excessive loads resulting from two-blocking, load hangup or binding

o Overspeed event--loss of hoisting or lowering capability coupled with loss of both electric spring brakes and the load brake.

With regard to structural failure, the reactor building crane system, including rigging, is a series system which includes the following:

o Bridge, trolley, hoisting drum, cable, gears, shaft and hook

o Lifting rig.

Excessive loads on cabling can occur when the movable lower block touches the upper block, called a two-blocking event. In this case, mechanical advantage is lost which results in excessive load. Another way a load could be dropped is by loss of hoisting capability during lifting or by loss of lowering capability coupled in both cases by loss of both the electric spring brakes and the load brake.

4-14

The braking system for the hoisting motor consists of two redundant brakes that activate when their respective solenoids are de-energized (i.e., fail safe upon loss of power), as shown in Fig. B-1 (Appendix B), drawing location [A, 17]. In addition, when electric power is available, a backup load brake is provided that actuates when the operator releases the raise or lower pushbutton on the radio transmitter.

The Top Event to the fault tree in Sheet 1 of Appendix D is defined in terms of two events:

o Drop during removal

o Drop during installation.

These two events will generate the same load drop scenarios with two exceptions:

o During installation, a two- blocking event would most likely occur above the laydown area. Hence, this scenario is not considered during installation.

o A reactor head load hangup event or separator hangup event would occur only during removal. Again, this scenario is not considered during installation.

The fault tree on Sheet 1 is further segregated into two types of drops:

o Drop during initial lift (within approximately the first 18 inches of lift)

o Drop above the critical lift height.

Drops during initial lift include a load hangup event and structural failures. They are considered separately in the probabilistic analysis. Load hangup events are not applicable to movement of the cask or recirculation pump motor.

Structural failures as described in Sheet 2 of the fault tree in Appendix D can occur after the initial lift and checkout. This means failure must occur after the head or separator has been suspended for approximately 15 minutes.

Structural failures after the initial lift phase are represented by a single event on the fault tree.

4-15

Sheet 2 of the fault tree shows two events other than structural failures:

o Overspeed events

o Two-blocking event.

As described in the fault tree development on Sheet 3, the following sequence of events must occur for two- blocking:

o Hoisting motor continues to operate above upper limit switch position (due to operator error or equipment failure)

o Failure of both the geared upper limit switch and the hoist block limit switch (equipment failure or operator error).

A reverse reeving event occurs when the cabling is completely unwound and then rewound backwards around the drum. For two-blocking to occur under these circumstances, the above sequence of events has to occur with failure of the geared lower limit switch to stop lowering.

We consider a reverse reeving event to be at least 1,000 times less likely than the two-blocking event described above due to additional multiple failures that must occur. For this reason, a reverse reeving event was not developed on the fault tree.

As described on Sheet 1 of the fault tree, for a load hangup event to occur, the following sequence of events must all occur:

o Reactor head or separator is initially stuck in place

o Operator continues to hoist during load hangup

o Handling system failure given load hangup (assume to occur with probability one).

It is important to note that none of the lifts uses a load cell.

Sheets 4 and 5 of the fault tree depict the overspeed events. Several events initiate an overspeed condition during lift:

o Loss of power

o Loss of brakes

o Loss of hoisting motor during lift

o Loss of load brake during lowering.

4-16

Loss of power inactivates both the load brake and hoisting motor. Engaging at least one electric brake is required to prevent an unimpeded drop. Upon loss of load brake during lowering, the hoisting motor speed will exceed synchronous speed, will act as a generator in producing power and will produce retarding torque.

Because there is a different circuit response depending upon which event initiated the overspeed condition, a different fault tree is constructed for each initiating event. For a drop to occur during overspeed, the braking system on the hoist motor must fail. Since all three brakes are entirely redundant, all three brakes must fail. However, if power is lost, the load brake is ineffective and only the two holding brakes are available.

As shown on Sheet 4 of the fault tree, loss of both holding brakes can initiate an overspeed condition. This scenario could occur if both brakes were to fail during lift. When the operator releases either the lower or raise pushbutton, the holding brakes should engage. If the brakes do not engage and the load brake fails to excite, then an impeded drop of the load occurs.

The other overspeed event on Sheet 5 of the fault tree describes an open circuit in the hoisting motor during lift. In this case, for an impeded drop to occur, the following two events must both occur:

o Both brakes must fail to engage (due to equipment failure or operator error)

o The load brake is unavailable (due to equipment failure or loss of power).

Since the overspeed event occurs so fast, we do not give credit for operator action, such as activating the hoisting motor when the brakes do not engage.

4.3.2 FAULT TREE CONSTRUCTION- PLANT Y

A fault tree was constructed with Top Event "Drop of the Reactor Vessel Head During Refueling" (see Appendix E). This fault tree applies to movement of the upper internals with some minor modifications. The major differences between Plant X and Plant Y fault trees come from different designs, as described below.

Sheet 1 (Appendices D and E)

I. Load Hangup Event--A load cell is used for lift of the reactor head and upper internals.

4-17

Sheet 4 (Appendix D), Sheet 5 (Appendix E)

2.

3.

4.4

Overspeed Event--Plant Y has two brakes only and does not have a load brake.

Overspeed Event--Plant Y's hoisting motor is DC powered. In the case of loss of armature current to the hoisting motor for Plant Y, there is no protective device to sense loss of armature current to the hoisting motor and subsequently apply the brakes. Hence loss of armature current directly leads to overspeed.

QUALITATIVE EVALUATION

The fault trees in Appendices D and E are segmented according to lifting phases:

o Drop during the initial lift phase during removal (Phase 1)

o Drop after initial lift phase during removal (Phase 2)

o Drop during installation (Phase 3).

These lift phases were defined in order to account for procedural and other differences which exist among these phases.

The fault tree is coded according to descriptor events in such a manner that each min cut set will contain one or more descriptor events that describe the type of load drop scenario and its sequence. The purpose of such descriptor events is to describe load drop scenarios which contain the descriptor events. These events do not change the Top Event probability. Descriptor events are also used in the quantitative evaluation to compute the probability of the load drop scenario which they describe. The relationship among the descriptor events in the fault tree is presented below:

Drop During Initial Lift (INITIALF)

Load hangup event (LOADHANG) Overspeed (OVERSPED) Binding (BINDING) Structural

4-18

Drop After Initial Lift (DURINGLF)

Overspeed (OVERSPED) Binding (BINDING) Two-blocking event (TWOBLOCK) Structural

Drop During Installation (INSTALL)

Overspeed (OVERSPED)

The computer code FT AP (Ref. 23) was used to find the min cut sets.

4.4.1 MIN CUT SETS - PLANT X

As shown in Table 3, a total of 39 min cut sets were found. Ten min cut sets of Order 1 were obtained (disregarding descriptor events which contain double asterisks). Order refers to the number of basic events in the min cut sets. These ten min cut sets are structural failures that occur either during or after initial lifting. These events are described on Sheets 1 and 2 of the fault tree in Appendix D. A table of the number of min cut sets versus order is given in Table 3 which includes descriptor events.

4.4.2 MIN CUT SETS- PLANT Y

The min cut sets for Plant Y are listed in Table 4. There are a total of 77 min cut sets (load drop scenarios) for the reactor vessel head and 78 for the upper internals.

There were 19 min cut sets of order one for drop of the reactor vessel head and 20 min cut sets of order one for drop of the upper internals. (The internals drop case has one more single-event min cut set that describes failure of the internals rig due to improper connection.) For the initial lift phase, there are two min cut sets for the reactor vessel head case involving structural failure and three min cut sets for the upper internals case involving structural failures.

For each lifting phase there are five single events that cause loss of the armature current in the hoisting motor which leads to overspeed.

4.5 PROBABILISTIC ANALYSIS

The probabilistic or quantitative analysis for this study was conducted in three steps:

4-19

o Assigning probabilistic data to the basic events

o Computing the probability of the Top Event (i.e., probability of reactor head drop or upper internals drop during refueling)

o Determining the most important basic events and min cut sets that contribute to the load drop event (i.e., conduct a sensitivity analysis)

o Conducting an uncertainty analysis.

Each step is discussed in subsequent subsections.

4.5.1 PROBABILISTIC DATA FOR BASIC EVENTS

These studies were conducted by the authors in the early 1980s. Some data was taken from WASH 1400 (Ref. 24). As was done in WASH 1400, the error of the estimate in the basic event probability was assumed to be log normally distributed. The uncertainty in the estimates is described by the error factor, EF, defined as:

EF = X5o median

where X95 and X5o refer to the 95th and 50th percentiles of a given log normal distribution, the 50th percentile being the median of the distribution.

There are three types of basic events generated for these studies:

o Structural failure

o Human error

o Equipment failure.

Below we discuss the sources of data for each type of basic event.

4.5.2 STRUCTURAL FAILURES

Structural failure events include:

o Structural failure of the polar crane system

o Structural failure of the lifting rig

4-20

o Structural failure of the load cell

o Structural failure of link assembly on reactor head.

These failures apply both to initial lifting and to subsequent hoisting of the load. The basic starting point for obtaining data for the above failures was to examine NUREG-0612. NUREG-0612 listed a total of 34 crane incidents from Licensee Event Reports in the time period from July 1969 to July 1979. Incidents are broken down in Table 5. None of these incidents caused injury or release of radioactivity. Section 4.2 of NUREG-0612 compiled data for crane failures involved in U.S. Navy operations. A total of 43 load drop events occurred between February 1974 and October 1977. NUREG-0612 estimated that the number of lifts which have occurred is between 2.5 x 105 and 1.5 x 106 with an estimated midpoint at 8.75 x 105 lifts. In addition, NUREG-0612, as shown in Table 6, categorized the 43 load drop events according to the following causes of failure:

o Crane failure

o Crane operator failure

o Rigging

For structural failure probabilities during initial lift, mean value Navy data was used with a reduction of 0.5 to give credit for stricter procedures required at nuclear power plants (as was done in NUREG-0612).

For Plant Y, a structural reliability approach was used to determine structural failure probability after the initial lift phase (see Section 6 this report and Ref. 25). Component failure probabilities are calculated according to the stress-strength interference principle. The approach was based on the assumption that ten structural elements are in series and that each element is stressed to the maximum allowable stress limit. The mean probabilities are given below:

0

0

0

During lifting the head (after initial lift), no binding

Same as above, but with binding

During lifting the upper internals (after initial lift)

3.0 X 10-8 /lift

1.0 X 10-4 /lift

Insignificant

Since the upper bound pull-out capacity of the guide studs is 48 tons, binding adds an additional 48-ton load to the crane. No credit is given to the overcurrent trip relay, since its setting is at 250% of rated load.

4-21

Use of the structural reliability approach assumes there are no design and/or construction errors. The use of Navy data for structural failure probabilities during initial lifting allows incorporation of design and construction errors in the analysis.

The upper internals lift is more complicated than the head lift because the upper internals must be connected to the rig under water. (The same is true for the steam separator at Plant X.) Careful attention must be exercised by maintenance personnel to assure that the lifting rig is squarely seated on the internals flange and that full thread engagement has been achieved. For this reason, two events were considered for a rig failure of the upper internals:

o Structural failure

o Failure due to improper connection.

The failure probability of the internals rig due to improper connection was assigned a probability ten times greater than that assigned the failure of the head lifting device. The same assumption regarding a ten-fold increase in probability was made for the lift of the steam separator in Plant X. The internals rig failure probability due to improper connection corresponds to the human error probability in Table 6 (with a 0.5 reduction factor to allow for stricter procedures at nuclear power plants).

4.5.3 HUMAN ERROR

In most cases, the mean occurrence of the first operator error in a min cut set was assumed to be 10-2;event with an error factor of 10. This is consistent with WASH 1400 assumptions. Furthermore, it was assumed in some cases that a subsequent crane operator error is completely coupled (i.e., dependent in a statistical sense) with the occurrence of the first operator error. For example, in a load hangup event or a two-blocking event, the operator was assumed to fail, with probability one, to press the stop pushbutton, given that he failed to place the master switch in the off position.

Lifting the reactor head and internals is a controlled lift. Several persons are involved, including the maintenance supervisor. Normally these loads are lifted only a few feet above the containment floor. For the operator to erroneously hoist to the upper limit position seems like a very low probability event. For this reason, a probability of 10-3;event was assigned for the event, OPHOIST2, in Appendices D and E, which is consistent with the data given by Swain and Guttmann (Ref. 26).

4-22

4.5.4 EQUIPMENT FAILURE

Two types of equipment failure are considered in this study:

o Being unavailable at the time of the demand (e.g., open or short circuit in a control circuit)

o Failure to change state upon demand (e.g., relay contacts failure to open, brakes failing to operate).

In the first case, the failure probability is an integral over time. We first discuss failure rate data for Plant X; second, Plant Y and thirdly, for both plants.

4.5.4.1 PLANT X

For the first type of failure mode described above, the exposure time is determined by the critical lift times in Table 2. In all cases except two, testing the reactor building crane prior to operation ensures that the control circuitry is working at the lift. The exceptions are the two 3 ohm resistors at location K-12 in Fig. B-1 (Appendix B). The function of these resistors is to supply excitation (i.e., current) to the load brake while the crane is at rest. For these resistors, we assume an exposure time of one half of the total remaining expected plant life, which is 15 years, a time which is necessary in computing average unavailability or average probability of not working.

WASH 1400 data was used in assigning a failure rate of 10-5 /hr for the hoisting motor. In the regeneration mode, a factor of 100 higher was assigned, 10-3 /hr, which corresponds to the extreme-environment failure rate for electric motors in general.

The radio transmitter has not experienced a failure in ten years. To compute its failure rate, it is assumed that it has been in use 5% of the time, i.e., 6 months. It is conservatively assumed that there was actually one failure even though the data base has zero and we estimate its failure rate as:

1/ (6 x 720)hr-1 = 2 x 10-4 hr-1

4.5.4.2 PLANT Y

In all cases, testing the containment polar crane prior to operation ensures that the control circuitry is working at the start of the lift. The exposure time or fault duration time for failure to occur in each lift phase for the reactor head and upper internals is 15 minutes. For two events, load cell

4-23

reading low (event LCRLOW) and resistor R5 open circuit (event IRS) data was taken from UKAEA data (SYREL data bank), Ref. 27.

4.5.4.3 FAILURE RATE DATA USED FOR BOTH PLANTS

In general, WASH 1400 data used in both studies is presented in Table 7. For crane brake failures, the Navy data in Table 6 was used, and it was conservatively assumed for probability estimation that all crane failures were due to brake failures. Hence, a probability of 1. 7 x 10-5 /lift was assigned for failure of one brake. However, the hoisting motor has two redundant brakes. Procedures call for individually testing the brakes prior to the lift. A coupling probability of 0.01 was assumed for failure of the second brake, given failure of the first brake due to failure of the operator to bring the first brake into service after test of the second brake.

4.5.5 HEAVY LOAD DROP PROBABILITY PER LIFT

The computer code IMPORTANCE (Ref. 28) was used to compute the probabilities per lift for heavy load drops listed in Section 4.2.0. It was assumed that human error events and hardware failure events, as described in the last section, are coupled (i.e., correlated); otherwise, basic events were assumed to be statistically independent. Mean estimates with 90% confidence intervals are presented in Tables 8 and 9. The methods to derive these confidence intervals are described in Section 4.5. 7.

Median basic event probabilities were converted to mean probabilities using the following expression:

J.l.x = X so exp ( ai h) where

J.l.x is the mean of a log normal distribution Xso is the 50% percentile (median) of the log normal distribution ay is the standard deviation of the normal distribution.

It can be shown that

(LN EF)/ 1.645

where EF is the error factor defined in Section 4.5.1 and LN is natural log to the base e.

Drop probabilities were computed on a lift consists of the lift and hold phase for laydown after the initial lift phase, and average, there is one lift cycle per year. corresponds to the annual frequency.

4-24

cycle basis. That is, a lift cycle removal, completion of lift and the installation phase. On the

Thus the lift cycle probability

In this study, the approximated by mathematically,

Top Event probability is small and can be accurately the sum of the min cut set frequencies, stated

Prob. Top Event N

I: j = 1

(1)

where

=

=

mean probability or frequency of occurrence for basic event i means for all basic events contained in min cut set j is n index for the min cut sets a number of min cut sets

This expression assumes that basic events are statistically independent. In the case of coupled probabilities, conditional probabilities must be used in the above expression.

Equation 1 gives the expected number of drops per lift cycle, since equipment failure rates are integrated over time. However, if the expected number of Top Event occurrences is small (2 x 10-4 or less for this study), then the probability of two or more Top Event occurrences together is extremely small and equation 1 is a conservative approximation for the drop probability.

4.5.6 IMPORTANCE ANALYSIS

The concept of probabilistic importance to rank minimal cut sets and basic events according to their quantitative contribution to the Top Event probability was used. An importance analysis can suggest where procedural or design changes should be incorporated to reduce the probability of the Top Event.

The importance of a min cut set, j, Ij, is defined as its probability divided by the Top Event probability. Stated mathematically,

I· J Probability of the Top Event

4-25

(2)

In addition, we can define the importance of basic event i, Ij, as the ratio of the sum of the probability of occurrence of the min cut sets containing basic event i to the Top Event probability. Stated mathematically,

I· 1 I· J (3)

where Ni = number of min cut sets containing basic event i and i € kj means the summation is over each min cut set j containing basic event i.

For example, if a basic event is importance value is unity. To obtain scenario represented by a descriptor importance of the descriptor event Probability.

contained in every min cut set, its the probability of a particular load drop event, we simply take the product of

(expression 3) and the Top Event

In the following sections we discuss the importance analysis for Plants X andY.

4.5.6.1 IMPORTANCE ANALYSIS- PLANT X

The ranking of events for the separator which includes the initial lift is shown in Table 10. Descriptor events are shown with double asterisks. By simply taking the importance value times the Top Event probability, we get probabilities of various load drop scenarios, as shown in Table 11. Similar rankings are generated for the other load lists except that load hangup events are not relevant for the lift of the cask and recirculation pump motor. As noted in Table 8, the results listed in Table 10 indicate that:

o load hangup events dominate probabilistically for the initial lift

o overspeed events dominate probabilistically above the critical lift height.

To confirm the above rankings, we examine the most important min cut sets in Table 12.

Min cut sets, Nos. 31 and 10 of rank 1 and 2, refer to a load hangup event and structural failure of the separator sling during initial lift. Min cut sets, Nos. 19 and 14 of rank 3, refer to an open circuit in either 3 ohm resistor, de-exciting the magnetorque load brake, followed by failure of the hoisting

4-26

motor to regenerate. Since the probability of failure of the hoisting motor to regenerate is an integral over time (i.e., linear function of the critical lifting time given in Table 2) overspeed events have a greater probability for movement of loads down the southeast equipment hatch (as evidenced by the load drop probabilities in Table 8).

4.5.6.2 IMPORTANCE ANALYSIS- PLANT Y

The ranking of basic events for the drop of the reactor vessel head, including all three lift phases in the lift cycle, is given in Table 13. We see that overspeed events are of significant importance due to the five single-event min cut sets that cause overspeed. Structural failures during initial lift and load hangup also dominate.

The ranking of basic events for the drop of the upper internals, including all three lift phases, is given in Table 14. We see that the same events dominate as with the drop of the head, except that the ordering of events is different. We see that structural failures of the internals lifting device dominate (excluding descriptor events, which are shown by double asterisks).

By simply taking the importance value of descriptor events times the Top Event probability, we get the probabilities of various load drop scenarios as shown in Table 15 for drop of the reactor vessel head. Table 16 displays the scenario probabilities for drop of the upper internals.

We see from Tables 15 and 16 that overspeed is the dominant cause for drops after the lift and hold procedure.

Table 17 lists the most important min cut sets for the reactor head drop. The min cut sets involving structural failures and load hangup dominate. The remaining dominant min cut sets involve overspeed in which armature current is lost to the hoisting motor.

The dominant min cut sets for drop of the upper internals are identical to those for drop of the head, except that the ordering of one min cut set is different. The most dominant min cut set involves drop due to failure of the internals lifting device. This min cut set is displayed in Table 18.

4.5.7 UNCERTAINTY ANALYSIS

It was assumed that the error in the estimate of the basic event probabilities were log normally distributed. A Monte Carlo sampling procedure obtained confidence levels for the frequency of the following Top Events:

4-27

Plant X (See Table 8)

o Drop of reactor vessel head including initial lift and hold

o Drop of reactor vessel head excluding initial lift and hold

o Drop of steam separator including initial lift and hold

o Drop of steam separator excluding initial lift and hold

o Drop of shipping cask including initial lift and hold

o Drop of shipping cask excluding initial lift and hold

o Drop of recirculation motor including initial lift and hold

o Drop of recirculation motor excluding initial lift and hold

o Drop of spent fuel shipping cask including initial lift and hold

o Drop of spent fuel shipping cask excluding initial lift and hold

Plant Y (See Table 9)

o Drop of reactor vessel head including initial lift and hold

o Drop of reactor vessel head excluding initial lift and hold

o Drop of upper internals including initial lift and hold

o Drop of upper internals excluding initial lift and hold.

The computer code MONTE (Ref. 28) was used to perform the Monte Carlo simulation. One thousand simulation trials were used for each MONTE run.

4-28

5.0 INTERPRETATION OF RESULTS

5.1 PLANT X RESULTS

The results of the analysis indicate that the dominant failure mechanisms for the lifts evaluated are those related to the occurrence of a load drop during initial lift and hold. For initial lifting of the reactor vessel head and steam separator, load hangup events dominate in the w-4 probability range. However, because the initial lift height is limited to small distances, the consequences of a load drop at this stage are considered acceptable as demonstrated by structural methodology described in Section 4.1.

The probability of failure after initial lift is about a factor of 2.5 less than the probability during initial lift, with overspeed events dominating.

5.2 PLANT Y RESULTS

Table 19 shows annual probability of the various load drop scenarios. It is observed that Load Hangup, Overspeed, and Structural Failure events contribute nearly equally in the initial phase of the lifts. After the initial lift phase, overspeed events dominate probabilistically.

Table 20 summarizes the annual probability of the head and upper internals drop events. This shows that for each of the two load drop cases, the annual drop probability is less than w-4 per year.

5.3 PROPOSED SAFETY UPGRADES

We see that for both plants, overspeed events dominate for load drops that are risk significant (i.e., above critical lift heights). Safety upgrades were proposed for both plants which would reduce the probability of an overspeed event. We first discuss the safety upgrade for Plant X.

5.3.1 SAFETY UPGRADE - PLANT X

When lowering at rated load, loss of the magnetorque load brake causes the hoisting motor to exceed synchronous speed and regenerates power. A proposed safety upgrade is the incorporation of a magneguard relay in the control circuit. This relay senses loss of the current through the load brake and de-energizes the electric brake circuit which causes the brakes to engage. This feature is similar in function to an overspeed switch. The incorporation of this relay ensures that the load brake circuit is working prior to lift (assuming that the magneguard relay is working properly).

5-1

Probabilities in Table 8 are recomputed with the inclusion of the magneguard relay. The results are shown Table 21. As before, load hangup events dominate during initial lift for the reactor head and separator. However, above the critical lift height, structural failures now dominate. This is shown in Table 22, which is the listing of the probabilities of various load drop scenarios and in Table 23, which is the listing of the most important cut sets. Again, the separator drop is presented as the illustrative example. We see that the probability of an overspeed event is reduced to a level of nonconcern (i.e., 5 x 10-ll per lift).

5.3.2 SAFETY UPGRADE - PLANT Y

A proposed safety upgrade for Plant Y is the incorporation of an overspeed switch in the control circuit for the holding brakes. This switch has contacts which would open if the shaft to the hoisting motor exceeds a specified limit, which in turn would de-energize the electric brake circuit and cause the brakes to engage. The incorporation of an overspeed switch reduces the probability of drops of the reactor head and upper internals to the order of 1 o-6/lift.

These examples point to the usefulness of a probabilistic analysis. It allows quantitative assessments of the impact of design changes, which are difficult with a deterministic analysis.

In summary, drop of the various loads during the initial lift and hold is the dominant failure mode for each lift at each plant. The probability of failures subsequent to the initial lift can be significantly reduced with the incorporation of a magneguard circuit for Plant X and an incorporation of an overspeed switch for Plant Y. The probabilities of drops above the critical lift height are thus sufficiently small that specific analyses of a load drop are not necessary. This added protection provided by the proposed design changes is a worthwhile investment, both in terms of ultimately achieving NRC acceptance of the probabilistic approach, as specified in NUREG-0612, and in terms of protecting the utility's financial investment.

5.4 STUDY LIMITATIONS

Both studies were conducted in the early 1980's. Failure rate data regarding electrical components was not taken from actual plant but was instead taken from WASH 1400 (see Table 7). However, this data agrees with data given in the IREP procedures guide (Ref. 29), published in 1983. Elaborate human reliability assessments were not conducted since human actions were relatively simple in nature; basic human error probabilities were taken from Swain Guttmann (Ref. 26).

5-2

6.0 PEER REVIEW

Peer reviews were conducted by utility personnel. In addition, an outside contractor conducted a peer review of the Plant Y fault tree analysis. Their recommendation was that a structural analysis based upon the stress-strength interference principle be conducted for drops above the critical lift height (see Section 4.5.2). In addition, the contractor pointed to the need to include the failure mode of binding on the guide studs which was incorporated into the fault tree analysis.

6-1

7.0 REFERENCES

1. U.S. Nuclear Regulatory Commission, Control of Heavy Loads at Nuclear Power Plants, Report NUREG-0612, 1980.

2. "Safety Goals for the Operations of Nuclear Power Plants; Policy Statement," U.S. Nuclear Regulatory Commission, Federal Register, Vol. 51, No. 149, pps. 28044-28049, August 4, 1986.

3. Civil Engineering and Nuclear Power, Report of the ASCE Committee on Impactive and Impulsive Loads, Vol. V, American Society of Civil Engineers, September 1980.

4. Effects of Impact and Explosion, Summary Technical Report of Division 2, National Defense Research Committee, Vol. 1, Washington, D.C., 1946.

5. VASSALLO, F.A., Missile Impact Testing of Reinforced Concrete Panels, HC-5609-D-1, Calspan Corporation, January 1975.

6. STEPHENSON, A.E., "Full Scale Tornado Missile Impact Tests," Electric Power Research Institute, Final Report NP-440, July 1977.

7. BETH, R.A., and STIPE, J.G., "Penetration and Explosion Tests on Concrete Slabs," CPAB Interim Report No. 20, January 1943.

8. BETH, R.A., "Concrete Penetration," OSRD-4856, National Defense Research Committee Report A-319, March 1945.

9. ACI 349-76, Code Requirements for Nuclear Safety-Related Concrete Structures, Appendix C - "Special Provisions for Impulse and Impactive Effects," American Concrete Institute, 1976.

10. KENNEDY, R.P., "A Review of Procedures for the Analysis and Design of Concrete Structures to Resist Missile Impact Effects," Journal of Nuclear Engineering and Design, Vol. 37, No. 2, May 1976.

11. MATTOCK, A.H., "Rotational Capacity of Hinging Region in Reinforced Concrete Beams," Flexural Mechanics of Reinforced Concrete, ASCE 1965-50 (ACP SP-12), American Society of Civil Engineers, 1965.

7-1

12. CORLEY, W.G., "Rotational Capacity of Reinforced Concrete Beams," Journal of Structural Division, ASCE, Vol. 92, No. ST5, Proc. Paper 4939, Oct. 1976, pp. 121-146.

13. AMERICAN CONCRETE INSTITUTE, Building Code Requirements for Reinforced Concrete, ACI 318-77, December 1977.

14. AMERICAN SOCIETY OF CIVIL ENGINEERS, Structural Analysis and Design of Nuclear Plant Facilities, 1980.

15. "Design of Structures for Missile Impact," Topical Report BC-TOP-9A, Bechtel Power Corporation, September 197 4.

16. NEWMARK, N.M., HALL, W.J., "Development of Criteria for Seismic Review of Selected Nuclear Power Plants," NUREG/CR-0098, May 1978.

17. Structures to Resist the Effects of Accidental Explosions, TM5-1300, Department of the Army, Washington, D.C., July 1965.

18. Design of Structures to Resist the Effects of Atomic Weapons - Strength of Materials and Structural Elements, TM5-856-2, Department of the Army, Washington, D.C .. August 1965.

19. UNTRAUER, R.E., SIESS, C.P., "Strength and Behavior in Flexure of Deep Reinforced Concrete Beams Under Static and Dynamic Loading," Civil Engineering Studies Structural Research Series Report No. 230, University of Illinois, Urbana, October 1961.

20. DE PAIVA, H.A.R., SEISS, C.P., "Strength and Behavior of Deep Reinforced Concrete Beams Under Static and Dynamic Loading," Civil Engineering Studies Structural Research Series Report No. 231, University of Illinois, Urbana, October 1961.

21. NEWMARK, N.M., HALTIWANGER, J.D., "Air Force Design Manual-­Principles and Practices for Design of Hardened Structures, AFSWC-TDR-62-138, December 1962.

22. CRAWFORD, R.E., et al, "The Air Force Manual for Design and Analysis of Hardened Structures," AFWL-TR-74-102, October 1974.

23. WILLIE, R., Fault Tree Analysis Program, Operations Research Center Report ORC 78-14, University of California, Berkeley, 1978; Report UCRL-73981, Lawrence Livermore National Laboratory.

7-2

24. U.S. Nuclear Regulatory Commission, Reactor Safety Study, WASH-1400 (NUREG-75/014), October 1975.

25. ELLINGWOOD, B., et al, Development of a Probability Based Load Criterion for American National A58. Building Code Requirements for Minimum Design Loads in Buildings and Other Structures, National Bureau of Standards, SP577, June 1980.

26. SWAIN, A.D., and GUTTMANN, H.E., Handbook of Human Reliability Analysis with Emphasis on Nuclear Power Plant Applications, Report NUREG/CR-1278, Sandia National Laboratories, Albuquerque, New Mexico, 1980.

27. SYREL, System Reliability Service Data Bank, UKAEA, Culcheth, Warrington, W A34NE, United Kingdom.

28. LAMBERT, H.E., and GILMAN, F.M., The IMPORTANCE Computer Code, Lawrence Livermore National Laboratory, Report UCRL-79269, 1977.

29. CARLSON, D.D., et al, Interim Reliability Evaluation Program Procedures Guide, Sandia National Laboratories, SAND 82-1100, Prepared for the U.S. Nuclear Regulatory Commission, Report NUREG/CR-2728, January 1983.

7-3

8.0 FIGURES

00 I ~

CALCQATE ULTIMATE MOMENT

AN> StEAR CAPACITIES

DETERMINE MARGN

TO YIELD

FIG. 1 --

DEVELOP NEW

MOOEI..

INCREASE AN)

REAPPLY DROPPED

LOAD

CALCULATE DEFLECTION AT YIELD X, • SU"ERPOSITION OF OEFLECTIONS CJr

LOADS STEPS WITH RESPECTIVE MODELS

CALCULATE ENERGY A8SORBEO BY STRUCl\JRE FROM ULTIMATE CAPACITY,

OEFLECTION AT YIELD AN> ALLOWABLE DUCTILITY

CALCULATE OR ASSUME ALLOWABLE DUCTILITY

STRUCTURAL EVALUATION METHODOLOGY

COMPARE ENERGY ABSORPTION

CAPABILITES TO ENERGY OF DROP

co I

N

REACTOR t£AD LOAD HANGlf' EVENT

<LOADHANG>

Figure 2

D~OP Dr REACTOR V(SSSL EAD Af"T(R INITIAL LIF

AND HOLD PHAS(

TRUCTURAL FAILURE 0 CRANE SYSTEM DURING

IN$T. <STRUCTAH> <STRUCTI\1>

l SHEET 2

OVERSPEED DURING INITIAL LJF"T <DVERSPED>

Typical

INDING ON GUIDESTUD DURING INITIAL LIFT

<BINDING>

Fault Tree

SHEET 1

OVERSPEED EVENT DURING INSTALLATION

<DVERSPED>

TURAL F"AILURE [F R1CTOR ICE CRANE SYSTEM C S£S [F REACTOR VESSEL EAD

Top Structure

00 I

w jBINDING ABOVE INITIAL

L.fT HEIGHT CAUSES DROP Of LOAD <BINDING>

SHEET 1

UCTURAL fAILURE ABO.,( INITIAL LifT HEIGHT

<STRUCTAH> <STRUCTAI>

OVE~PEED EVENT COUPLED YITH BRA lNG SYSTEM fAILURE L ADS

TO DROP Of REACTOR VESSEL HEAD iQVERSPED>

Figure 2, Continued

SHEET 2

co I

.!:::> EAST

£CJW£RA1.. t«JRTH

~

lr--------, . I I . .. I '·-·-·-·-·_j EOUIPMENTHATCH

I I I

-·-·-• -.;:;;:;;,;~;,;;:;actcs:&;;;t.;;

i , ..

I

AREA A

SPENTF\a POOL

POOL CATES

SOUTH

.. ......___.,

....

AEACTOR CAVITY SHIELD PL.UC LAYDOWN

,~ I I -, ,~ ,AJIE' , '.,.-f"'._._ ' I ,,, .. ,, . , .. "' I

4 I ' '' u, '' HEAD '' ,, •VTHERMAL . -M--..1..-- I Hii.JI.ATION ·•, lr 11 STORACE 't I I It ~ II I .._, I I ,f \ ... •.L ....... , ', , I I

' I I ' ... , ..,,

D CAm.£ '- STEAM SEP. CHJTE STORAGE STORACE

~HEAD STUD lENSIONERS

RIG

·---·--·--·-----~---·-·-·-·-·--·--·-·-·-·-·

FIG. 3 --

NORTH

HEAVY LOAD LA YDOWN AREAS ON REFUELING FLOOR

WEST

00 I

(Jl

""' ..... -.....

... '!I t'

'

.. --··-- . ;r. ' . ._ ....... -. ...

=-~·· -· - - -"-~~'b--+~~~-1 --1-- ·-·--·------- ---- .. ·- ~-~:~~L· .. ~-= 402' (CRANE RAILS)

369' (OPERATING/REFUELING FLOOR)

344' (INCLUDES BA TIERY AND INVERTER ROOM)

l..__.,__,_....a,.. ... 271! GROUND FLOOR

FIG. 4 --

.. '"_ ... r

REACTOR BUILDING CROSS SECTION

\\

~ ~I ~

~ ~ ~ ~

I I

l/'1

tS s

8-6

HOOK BOX----..._

HOOK PINS --------~

AIR CV\.JNOER

DETAIL A (TYPICAL OF 4) -----

LIFTING BAR ----

STEI>.M DRYER ASSEMBL V -----'

CROSS l-&AMS

FIG. 6 -- DRYER AND SEPARATOR SLING

8-7

WIRE ROPE SLING

FIG. 7 --

RPV HEAD

STEAM DRYER

StflOUD HEAD

3&£.31" TOP OF

ACTIVE FUEL

8-8

REACTOR VESSEL ARRANGEMENT

REACTOR VESSEL FLANGE

StflOUD HEAD

C~CTION

1n.ll"

MOTOR BRAKE

/ HOIST DRUM

FIG. 8 --

/

TYPICAL HARNISCHFEGER HOISTING SYSTEM (WITH ONE BRAKE)

8-9

IIIAGHETIC AIR GAP ADJUSTING NUTS

LOCKNUT (1)

FIG. 9 --

TORQUE SPRING ADJUSTING NUT

LOCKNUT (2)

BRAKE COIL

MAGNETIC :..:..t:.J--..-Hf--AIR GAP "S''

n't~.l~==lcF::;- ARMATURE

ADJUSTING SCREW & LOCKNUT (3) SHOE EQUALIZATION

ELECTRIC BRAKE

8-10

REACTOR l-EAD LA YDOWN AREA

/

0 "N [QJ 0 '\ ~~-------\

I

\ UPPER INTERNALS

LAYDOWN AHE.A

\ \

"" LOADPATHS ••••

FIG. 10 --

REACTOR VESSEL

/ / ,

LA YDOWN AREAS PLAN VIEW

8-11

1 I

I I

I I

REACTOR VESSEL HEAD

STORAGE STAND ••••••••••••• \;.....&--

ELEV 140'-0"

ELEV 124' - 4\-2"

UPPERINTERNALS _I STORAGE STAND

• • I I

I • •••••• I I I I I

WATER LEVEL 138'- 8"

ELEV 113'- 1\-2" I r ELEV I 14'- IY2'' ~L-~--~LJtrrr-~--Tmr-

r ELEV I 07'~0"

LOADPATHS ••••

FIG. l1 -- LAYDOWN AREAS ELEVATION

8-12

0,,,.,.,.,1!,., ,,~tl· + ~~~tl· - m:J_ -

~ ,_, fiiiU (If/ _,,.,.,.,, ...,.

b lfleil

Ctt/ftdcr ~~ A:» be~~ ~ too''" .,T d•r~t;,. I!

Ool!~t:U' pole br .. bttl ., .,.,.. At

be -~ ~,..,.., eel•

......... ,,ire/ unt f. t

lkli!_. •

J!J"eJ4,.._~.,,,;, r-~ etN::~!e Ll • Oltd ,..,itlc ,..,,-_,. -' noel! ,.,;'A _,.,,..,., lloolr

----- fr:J·o

d . =£~t -,, ( ott:~ 15&!! I t:.P ~ IF

I .. I : i .~T ...,.~.~~~- ,_.,,_ I I I ~~!!flll-_,, ,__ ' ... ., ftw~~~ 1 M· Lt -~ ,,,_,. I ,.

~ · i ~-r'·i I I

. ' Ji '~' '"===~~L--4~f:!!d-O ----- I N ... 'I I I

Mi1tl"'"~ 1 1 PeMI.,,I

·~ I

1 ~f. mt·O .J. I

]. I

,.,. ~tee~ :

.l ' I I

··r---, ! ,;,; I I J ~,,~

~ ·" ~ ,.,,;t;'"' ,.,.

~L~VATION

...

£,..,.. ,_;n-. ,.,,;,,..,., ,..... ..... tlcfe,.,.,;,..d ll1f ~ t"d """'

~

~

. ""?'#rl' .....,........, ,._ J ,.,.d lll«<-tf

~HfJ VI~W

FIG. 12 -- CONTAINMENT POLAR CRANE

PIN CONNECTION

VESSEL HEAD

FIG. 13 --

0 0 0 0 0

0 0 0 0 0 0 0 0

SLING ASSEMBLY

REACTOR VESSEL HEAD LIFTING DEVICE

8-14

an: .,..

PLAN VIEW Of UPPER CORE SUPPORT STRUCTURE

FIG. 14 --

F

REACJ:OR INTERNALS LIFTING DEVICE

8-15

LIFllleG IIIG

EACTOR V!SSEL I LANGE

.,. ___ __. r>IIB---~·

I

+ "" -

•

8-16 -,

~ ( II

....::! 0

~ 0 u

~ < ~ j:;l;1 ~

I I

l() -~ s

9.0 TABLES

TABLE 1

SLINGS AND LIFTING DEVICES

LOAD

Reactor Vessel Head

Steam Separator

Shipping Cask CNS 4-45

Recirculation Pump Motor

Spent Fuel Shipping Cask

LIFTING DEVICE

Head Strongback

Dryer/Separator Sling Assembly

Lifting Yoke Supplied by Chern Nuclear

Slings and Shackles

Lifting Yoke

9-1

I.D I

tv

Total Lift Distance

O' Reference Point

Critical Lift Interval

Critical Lift Time Actual/ Conservative Estimate

Total Horizontal Distance

Notes

REACTOR HEAD

25 1

reactor vessel flange (Fig. 5)

(12'-25')

3min/15min

N/R

N/R not relevant

TABLE 2

LOAD MOVEMENT DESCRIPTION (PLANT X)

SEPARATOR

32 1

shroud head connection (Fig. 5)

(16'-32 1)

4min/15min

N/R

CASK OPERATING FLOOR

6"

operating refueling floor 369' (Fig. 4)

N/R

4minj15min

40 1

CASK,S.E. EQUIPMENT HATCH

97 1

ground level 272 1

(Fig. 4)

(0 I -97 I)

25minj1hr

N/R

RECIRCULATION PUMP MOTOR

97 1

ground level 272 1

(Fig. 4)

(0 I -97 I)

25minj1hr

N/R

TABLE 3 -- MIN CUT SETS -- PLANT X

REFERENCE TABLE FOR MIN CUT SETS (TOTAL 39)

ORDER 1 2 3 4 5 6

NO. OF MIN CUT SETS 0 0 10 16 5 8

MIN CUT SET NO

1

2

3

4

5

6

7

8

9

10

ORDER 8-DIGIT N~E

FULL BASIC EVENT DESCRIPTION

3

3

3

3

3

3

3

3

3

3

DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** LFTYOKEA LIFTING YOKE FAILURE ABOVE CRITICAL HEIGHT STRUCTA **STRUCTURAL FAILURE ABOVE CRITICAL HEIGHT**

DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** RBCRANEA CRANE FAILURE ABOVE CRITICAL LIFT HEIGHT STRUCTA **STRUCTURAL FAILURE ABOVE CRITICAL HEIGHT**

INITIALF **DROP DURING INITIAL LIFT** STRONGBI STRONGBACK FAILURE INITIAL LIFT STRUCTI **STRUCTURAL FAILURE INITIAL LIFT**

INITIALF **DROP DURING INITIAL LIFT** SPSLINGI SEPARATOR SLING FAILURE DURING INITIAL LIFT STRUCTI **STRUCTURAL FAILURE INITIAL LIFT**

DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** SPSLINGA SEPARATOR SLING FAILURE ABOVE CRITICAL HEIGHT STRUCTA **STRUCTURAL FAILURE ABOVE CRITICAL HEIGHT**

DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** STRONGBA STRONGBACK FAILURE ABOVE CRITICAL HEIGHT STRUCTA **STRUCTURAL FAILURE ABOVE CRITICAL HEIGHT**

INITIALF **DROP DURING INITIAL LIFT** RBCRANEI STRUCTURAL FAILURE CRANE DURING INITIAL LIFT STRUCTI **STRUCTURAL FAILURE INITIAL LIFT**

INITIALF **DROP DURING INITIAL LIFT** LINKASMI LINK ASSEMBLY FAILURE INITIAL LIFT STRUCTI **STRUCTURAL FAILURE INITIAL LIFT**

DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** LINKASMA LINK ASSEMBLY FAILURE ABOVE CRITICAL HEIGHT STRUCTA **STRUCTURAL FAILURE ABOVE CRITICAL HEIGHT**

INITIALF **DROP DURING INITIAL LIFT** LFTYOKEI LIFTING YOKE FAILURE INITIAL LIFT STRUCTI **STRUCTURAL FAILURE INITIAL LIFT**

9-3

TABLE 3 -- CONTINUED

11 4 ANODEOFF ANODE TRANSFORMER FAILURE OFF DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-R HOISTING MOTOR FAILS TO RE-GENERATE OVERSPED **OVERSPEED EVENT**

12 4 3RESIS1 3 OHM RESISTOR NO. 1 OPEN CIRCUIT DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-R HOISTING MOTOR FAILS TO RE-GENERATE OVERSPED **OVERSPEED EVENT**

13 4 ANODEOFF ANODE TRANSFORMER FAILURE OFF DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-L HOISTING MOTOR FAILS DURING LIFT OVERSPED **OVERSPEED EVENT**

14 4 DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** F4FUSE F4 FUSE FAILURE OPEN CIRCUIT HMOTOR-L HOISTING MOTOR FAILS DURING LIFT OVERSPED **OVERSPEED EVENT**

15 4 DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-R HOISTING MOTOR FAILS TO RE-GENERATE LDBRAKEY LOAD BRAKE DE-EXCITES OVERSPED **OVERSPEED EVENT**

16 4 DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-L HOISTING MOTOR FAILS DURING LIFT LL3FUSE LL3 FUSE FAILURE OPEN CURCUIT OVERSPED **OVERSPEED EVENT**

17 4 3RESIS2 3 OHM RESISTOR NO. 2 OPEN CIRCUIT DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-L HOISTING MOTOR FAILS DURING LIFT OVERSPED **OVERSPEED EVENT**

18 4 DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-R HOISTING MOTOR FAILS TO RE-GENERATE LL2FUSE LL2 FUSE FAILURE OPEN CIRCUIT OVERSPED **OVERSPEED EVENT**

19 4 DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-L HOISTING MOTOR FAILS DURING LIFT LL2FUSE LL2 FUSE FAILURE OPEN CIRCUIT OVERSPED **OVERSPEED EVENT**

20 4 DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-L HOISTING MOTOR FAILS DURING LIFT LDBRAKEX LOAD BRAKE FAILS TO EXCITE OVERSPED **OVERSPEED EVENT**

9-4

TABLE 3 -- CONTINUED

21 4

22 4

23 4

24 4

25 4

26 4

27 5

28 5

29 5

DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-L HOISTING MOTOR FAILS DURING LIFT M-MAGOFF M-MAGNETIC AMPLIFIER OFF OVERSPED **OVERSPEED EVENT**

DURINGLF F4FUSE HMOTOR-R OVERSPED

**DROP ABOVE CRITICAL LIFT HEIGHT** F4 FUSE FAILURE OPEN CIRCUIT HOISTING MOTOR FAILS TO RE-GENERATE **OVERSPEED EVENT**

DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-R HOISTING MOTOR FAILS TO RE-GENERATE M-MAGOFF M-MAGNETIC AMPLIFIER OFF OVERSPED **OVERSPEED EVENT**

3RESIS2 DURINGLF HMOTOR-R OVERSPED

3 OHM RESISTOR NO. 2 OPEN CIRCUIT **DROP ABOVE CRITICAL LIFT HEIGHT** HOISTING MOTOR FAILS TO RE-GENERATE **OVERSPEED EVENT**

3RESIS1 3 OHM RESISTOR NO. 1 OPEN CIRCUIT DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** HMOTOR-L HOISTING MOTOR FAILS DURING LIFT OVERSPED **OVERSPEED EVENT**

DURINGLF HMOTOR-R LL3FUSE OVERSPED

**DROP ABOVE CRITICAL LIFT HEIGHT** HOISTING MOTOR FAILS TO RE-GENERATE LL3 FUSE FAILURE OPEN CURCUIT **OVERSPEED EVENT**

HANDSYSX HANDLING SYSTEM FAILURE GIVEN LOAD HANG UP INITIALF **DROP DURING INITIAL LIFT** LOADHANG **LOAD HANGUP EVENT** OPHOISTL OPERATOR CONTINUES TO HOIST DURING HANGUP SEPSTUCK SEPARATOR INITIALLY STUCK IN PLACE

HANDSYSX HANDLING SYSTEM FAILURE GIVEN LOAD HANG UP HEADSTUC REACTOR HEAD INITIALLY STUCK IN PLACE INITIALF **DROP DURING INITIAL LIFT** LOADHANG **LOAD HANGUP EVENT** OPHOISTL OPERATOR CONTINUES TO HOIST DURING HANGUP

DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** GEARLSCL GEAR LIMIT SWITCH CONTACTS FAIL TO OPEN HBLSCLOS HOIST BLOCK L-S CONTACTS FAIL TO OPEN RADIO-TC RADIO TRANSMITTER CONTROL FAILURE TWOBLOCK **TWO BLOCKING EVENT**

9-5

TABLE 3 -- CONTINUED

30 5 DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** GEARLSCL GEAR LIMIT SWITCH CONTACTS FAIL TO OPEN HBLSCLOS HOIST BLOCK L-S CONTACTS FAIL TO OPEN OPHOIST2 OPERATOR CONTINUES TO HOIST TWO BLOCKING TWO BLOCK **TWO BLOCKING EVENT**

31 5 BRAKE1 SPRING BRAKE 1 FAILS TO ENGAGE BRAKE2 SPRING BRAKE 2 FAILS TO ENGAGE DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** NO POWER LOSS OF 575V POWER OVERSPED **OVERSPEED EVENT**

32 6 BRAKE1 SPRING BRAKE 1 FAILS TO ENGAGE BRAKE2 SPRING BRAKE 2 FAILS TO ENGAGE DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** LL2FUSE LL2 FUSE FAILURE OPEN CIRCUIT OPRELEAS OPERATOR RELEASES PUSH BUTTON OVERSPED **OVERSPEED EVENT**

33 6 BRAKE1 SPRING BRAKE 1 FAILS TO ENGAGE BRAKE2 SPRING BRAKE 2 FAILS TO ENGAGE DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** LDBRAKEX LOAD BRAKE FAILS TO EXCITE OPRELEAS OPERATOR RELEASES PUSH BUTTON OVERSPED **OVERSPEED EVENT**

34 6 ANODEOFF ANODE TRANSFORMER FAILURE OFF BRAKE1 SPRING BRAKE 1 FAILS TO ENGAGE BRAKE2 SPRING BRAKE 2 FAILS TO ENGAGE DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** OPRELEAS OPERATOR RELEASES PUSH BUTTON OVERSPED **OVERSPEED EVENT**

35 6 3RESIS2 3 OHM RESISTOR NO. 2 OPEN CIRCUIT BRAKE1 SPRING BRAKE 1 FAILS TO ENGAGE BRAKE2 SPRING BRAKE 2 FAILS TO ENGAGE DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** OPRELEAS OPERATOR RELEASES PUSH BUTTON OVERSPED **OVERSPEED EVENT**

36 6 3RESIS1 3 OHM RESISTOR NO. 1 OPEN CIRCUIT BRAKE1 SPRING BRAKE 1 FAILS TO ENGAGE BRAKE2 SPRING BRAKE 2 FAILS TO ENGAGE DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** OPRELEAS OPERATOR RELEASES PUSH BUTTON OVERSPED **OVERSPEED EVENT**

9-6

TABLE 3 -- CONTINUED

37 6

38 6

39 6

BRAKE1 BRAKE2 DURINGLF F4FUSE OPRELEAS OVERSPED

SPRING BRAKE 1 FAILS TO ENGAGE SPRING BRAKE 2 FAILS TO ENGAGE **DROP ABOVE CRITICAL LIFT HEIGHT** F4 FUSE FAILURE OPEN CIRCUIT OPERATOR RELEASES PUSH BUTTON **OVERSPEED EVENT**

BRAKE1 SPRING BRAKE 1 FAILS TO ENGAGE BRAKE2 SPRING BRAKE 2 FAILS TO ENGAGE DURINGLF **DROP ABOVE CRITICAL LIFT HEIGHT** M-MAGOFF M-MAGNETIC AMPLIFIER OFF OPRELEAS OPERATOR RELEASES PUSH BUTTON OVERSPED **OVERSPEED EVENT**

BRAKE1 BRAKE2 DURINGLF LL3FUSE OPRELEAS OVERSPED

SPRING BRAKE 1 FAILS TO ENGAGE SPRING BRAKE 2 FAILS TO ENGAGE **DROP ABOVE CRITICAL LIFT HEIGHT** LL3 FUSE FAILURE OPEN CURCUIT OPERATOR RELEASES PUSH BUTTON **OVERSPEED EVENT**

9-7

TABLE 4 -- MIN CUT SETS -- PLANT Y

REFERENCE TABLE FOR MIN CUT SETS (TOTAL 79)

ORDER 1 2 3 4 5 6

NO. OF MIN CUT SETS 0 0 2 19 36 18

MIN CUT SET NO

1

2

3

4

5

6

7

8

ORDER 8-DIGIT NAME

FULL BASIC EVENT DESCRIPTION

3

3

4

4

4

4

4

4

DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** INSTALL **DROP DURING INSTALLATION** STRUCTAH STRUCT FAIL OF CRANE, LIFTING HEAD

DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** REMOVAL **REMOVAL OF LOAD** STRUCTAH STRUCT FAIL OF CRANE, LIFTING HEAD

DURINGLF INSTALL OVERSPED SCR-MPA

DURINGLF MOTOR-A OVERSPED REMOVAL

DURINGLF INSTALL OVERSPED TR-GRPA

DURINGLF GRPA INSTALL OVERSPED

GRPA INITIALF OVERSPED REMOVAL

DURINGLF GRPA OVERSPED REMOVAL

**DROP ABOVE INITIAL LIFT HEIGHT** **DROP DURING INSTALLATION** **OVERSPEED EVENT** SCR FAILURE TO MOTOR POWER AMPLIFIER

**DROP ABOVE INITIAL LIFT HEIGHT** OPEN OR SHORT CCT ARMATURE HOIST MOTOR **OVERSPEED EVENT** **REMOVAL OF LOAD**

**DROP ABOVE INITIAL LIFT HEIGHT** **DROP DURING INSTALLATION** **OVERSPEED EVENT** TRANSFORMER FAILURE TO RPA

**DROP ABOVE INITIAL LIFT HEIGHT** REVERSING POWER AMPLIFIER FAILURE OFF **DROP DURING INSTALLATION** **OVERSPEED EVENT**

REVERSING POWER AMPLIFIER FAILURE **DROP DURING INITIAL LIFT** **OVERSPEED EVENT** **REMOVAL OF LOAD**

OFF

**DROP ABOVE INITIAL LIFT HEIGHT** REVERSING POWER AMPLIFIER FAILURE OFF **OVERSPEED EVENT** **REMOVAL OF LOAD**

9-8

7

4

TABLE 4 -- CONTINUED

9 4 HLFSTRCI STRUCTURAL FAIL HEAD LIFT DEVICE INITIALF **DROP DURING INITIAL LIFT** REMOVAL **REMOVAL OF LOAD** STRUCTIL **STRUCTURAL FAILURE DURING INITIAL LIFT**

10 4 DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD** TR-GRPA TRANSFORMER FAILURE TO RPA

11 4 INITIALF **DROP DURING INITIAL LIFT** OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD** SCR-MPA SCR FAILURE TO MOTOR POWER AMPLIFIER

12 4 DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** GENERATR OPEN CIRCUIT IN GENERATOR INSTALL **DROP DURING INSTALLATION** OVERSPED **OVERSPEED EVENT**

13 4 INITIALF **DROP DURING INITIAL LIFT** OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD** TR-GRPA TRANSFORMER FAILURE TO RPA

14 4 INITIALF **DROP DURING INITIAL LIFT** REMOVAL **REMOVAL OF LOAD** RSCRANEI STRUCTURAL FAILURE OF CRANE SYSTEM STRUCTIL **STRUCTURAL FAILURE DURING INITIAL LIFT**

15 4 DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** INSTALL **DROP DURING INSTALLATION** MOTOR-A OPEN OR SHORT CCT ARMATURE HOIST MOTOR OVERSPED **OVERSPEED EVENT**

16 4 INITIALF **DROP DURING INITIAL LIFT** MOTOR-A OPEN OR SHORT CCT ARMATURE HOIST MOTOR OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

17 4 INITIALF **DROP DURING INITIAL LIFT** LNKSTRCI STRUCTURAL FAILURE OF LINK ASSEMBLY REMOVAL **REMOVAL OF LOAD** STRUCTIL **STRUCTURAL FAILURE DURING INITIAL LIFT**

18 4 GENERATR OPEN CIRCUIT IN GENERATOR INITIALF **DROP DURING INITIAL LIFT** OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

9-9

TABLE 4 -- CONTINUED

19 4

20 4

21 4

22 5

23 5

24 5

25 5

26 5

27 5

DURINGLF OVERSPED REMOVAL SCR-MPA

INITIALF LCELSTRI REMOVAL STRUCTIL

DURINGLF GENERATR OVERSPED REMOVAL

1FL-CONT INITIALF MFP OVERSPED REMOVAL

1FL-OCCT 1UV DURINGLF OVERSPED REMOVAL

**DROP ABOVE INITIAL **OVERSPEED EVENT** **REMOVAL OF LOAD** SCR FAILURE TO MOTOR

LIFT HEIGHT**

POWER AMPLIFIER

**DROP DURING INITIAL LIFT** STRUCTURAL FAILURE OF LOAD CELL **REMOVAL OF LOAD** **STRUCTURAL FAILURE DURING INITIAL LIFT**

**DROP ABOVE INITIAL LIFT HEIGHT** OPEN CIRCUIT IN GENERATOR **OVERSPEED EVENT** **REMOVAL OF LOAD**

FIELD LOSS RELAY CONTACTS FAIL TO OPEN **DROP DURING INITIAL LIFT** MOTOR PROGRAMMER OFF **OVERSPEED EVENT** **REMOVAL OF LOAD**

FIELD LOSS RELAY COIL OPEN CIRCUIT UNDER VOLTAGE RELAY CONTACTS FAIL TO **DROP ABOVE INITIAL LIFT HEIGHT** **OVERSPEED EVENT** *.*REMOVAL OF LOAD**

OPEN

1UV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** INSTALL **DROP DURING INSTALLATION** MPA MAGNETIC FIELD AMP FAILS TO FUNCTION OVERSPED **OVERSPEED EVENT**

1FL-CONT 1R5 DURINGLF OVERSPED REMOVAL

1FL-CONT 1R5 DURINGLF INSTALL OVERSPED

1FL-CONT 1FL-OCCT DURINGLF OVERSPED REMOVAL

FIELD LOSS RELAY CONTACTS FAIL TO OPEN 1RS RESISTOR OPEN OR SHORT CIRCUIT **DROP ABOVE INITIAL LIFT HEIGHT** **OVERSPEED EVENT** **REMOVAL OF LOAD**

FIELD LOSS RELAY CONTACTS FAIL TO OPEN 1RS RESISTOR OPEN OR SHORT CIRCUIT **DROP ABOVE INITIAL LIFT HEIGHT** **DROP DURING INSTALLATION** **OVERSPEED EVENT**

FIELD LOSS RELAY CONTACTS FAIL TO OPEN FIELD LOSS RELAY COIL OPEN CIRCUIT **DROP ABOVE INITIAL LIFT HEIGHT** **OVERSPEED EVENT** **REMOVAL OF LOAD**

9-10

TABLE 4 -- CONTINUED

28 5 lFL-CONT FIELD LOSS RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** MFP MOTOR PROGRAMMER OFF OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

29 5 lFL-CONT FIELD LOSS RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD** TR-MPA TRANSFORMER FAILURE TO MPA

30 5 1R5 lRS RESISTOR OPEN OR SHORT CIRCUIT lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

31 5 lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** MFP MOTOR PROGRAMMER OFF OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

32 5 lFL-CONT FIELD LOSS RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** INSTALL **DROP DURING INSTALLATION** MOTOR-SF OPEN OR SHORT CCT SHUNT FIELD HOIST MOTOR OVERSPED **OVERSPEED EVENT**

33 5 lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** MPA MAGNETIC FIELD AMP FAILS TO FUNCTION OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

34 5 1R5 lRS RESISTOR OPEN OR SHORT CIRCUIT lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN INITIALF **DROP DURING INITIAL LIFT** OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

35 5 lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** MOTOR-SF OPEN OR SHORT CCT SHUNT FIELD HOIST MOTOR OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

9-11

TABLE 4 -- CONTINUED

36 5 lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN INITIALF **DROP DURING INITIAL LIFT** MFP MOTOR PROGRAMMER OFF OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

37 5 lFL-CONT FIELD LOSS RELAY CONTACTS FAIL TO OPEN INITIALF **DROP DURING INITIAL LIFT** MOTOR-SF OPEN OR SHORT CCT SHUNT FIELD HOIST MOTOR OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

38 5 lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** INSTALL **DROP DURING INSTALLATION** MFP MOTOR PROGRAMMER OFF OVERSPED **OVERSPEED EVENT**

39 5 lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** INSTALL **DROP DURING INSTALLATION** MOTOR-SF OPEN OR SHORT CCT SHUNT FIELD HOIST MOTOR OVERSPED **OVERSPEED EVENT**

40 5 lFL-CONT FIELD LOSS RELAY CONTACTS FAIL TO OPEN lFL-OCCT FIELD LOSS RELAY COIL OPEN CIRCUIT INITIALF **DROP DURING INITIAL LIFT** OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

41 5 lFL-OCCT FIELD LOSS RELAY COIL OPEN CIRCUIT lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** INSTALL **DROP DURING INSTALLATION** OVERSPED **OVERSPEED EVENT**

42 5 lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN INITIALF **DROP DURING INITIAL LIFT** MPA MAGNETIC FIELD AMP FAILS TO FUNCTION OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

43 5 lUV UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** INSTALL **DROP DURING INSTALLATION** OVERSPED **OVERSPEED EVENT** TR-MPA TRANSFORMER FAILURE TO MPA

9-12

TABLE 4 -- CONTINUED

44 5

45 5

46 5

47 5

48 5

49 5

50 5

51 5

lUV INITIALF MOTOR-SF OVERSPED REMOVAL

lUV DURINGLF OVERSPED REMOVAL TR-MPA

lUV INITIALF OVERSPED REMOVAL TR-MPA

lFL-CONT 1R5 INITIALF OVERSPED REMOVAL

lFL-CONT lFL-OCCT DURINGLF INSTALL OVERSPED

lFL-CONT INITIALF OVERSPED REMOVAL TR-MPA

lFL-CONT DURINGLF MOTOR-SF OVERSPED REMOVAL

lFL-CONT INITIALF MPA OVERSPED REMOVAL

UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN **DROP DURING INITIAL LIFT** OPEN OR SHORT CCT SHUNT FIELD HOIST MOTOR **OVERSPEED EVENT** **REMOVAL OF LOAD**

UNDER VOLTAGE RELAY CONTACTS FAIL TO **DROP ABOVE INITIAL LIFT HEIGHT** **OVERSPEED EVENT** **REMOVAL OF LOAD** TRANSFORMER FAILURE TO MPA

OPEN

UNDER VOLTAGE RELAY CONTACTS **DROP DURING INITIAL LIFT** **OVERSPEED EVENT** **REMOVAL OF LOAD** TRANSFORMER FAILURE TO MPA

FAIL TO OPEN

FIELD LOSS RELAY CONTACTS FAIL TO OPEN lRS RESISTOR OPEN OR SHORT CIRCUIT **DROP DURING INITIAL LIFT** **OVERSPEED EVENT** **REMOVAL OF LOAD**

FIELD LOSS RELAY CONTACTS FAIL TO OPEN FIELD LOSS RELAY COIL OPEN CIRCUIT **DROP ABOVE INITIAL LIFT HEIGHT** **DROP DURING INSTALLATION** **OVERSPEED EVENT**

FIELD LOSS RELAY CONTACTS FAIL **DROP DURING INITIAL LIFT** **OVERSPEED EVENT** **REMOVAL OF LOAD** TRANSFORMER FAILURE TO MPA

TO OPEN

FIELD LOSS RELAY CONTACTS FAIL TO OPEN **DROP ABOVE INITIAL LIFT HEIGHT** OPEN OR SHORT CCT SHUNT FIELD HOIST MOTOR **OVERSPEED EVENT** **REMOVAL OF LOAD**

FIELD LOSS RELAY CONTACTS FAIL TO OPEN **DROP DURING INITIAL LIFT** MAGNETIC FIELD AMP FAILS TO FUNCTION **OVERSPEED EVENT** **REMOVAL OF LOAD**

9-13

TABLE 4

52 5

53 5

54 5

55 5

56 5

57 5

58 6

59 6

CONTINUED

lFL-CONT FIELD LOSS RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** INSTALL **DROP DURING INSTALLATION** MPA MAGNETIC FIELD AMP FAILS TO FUNCTION OVERSPED **OVERSPEED EVENT**

1R5 lUV DURINGLF INSTALL OVERSPED

lFL-CONT DURINGLF INSTALL OVERSPED TR-MPA

lFL-CONT DURINGLF INSTALL MFP OVERSPED

lFL-OCCT lUV INITIALF OVERSPED REMOVAL

lRS RESISTOR OPEN OR SHORT CIRCUIT UNDER VOLTAGE RELAY CONTACTS FAIL TO **DROP ABOVE INITIAL LIFT HEIGHT** **DROP DURING INSTALLATION** **OVERSPEED EVENT**

OPEN

FIELD LOSS RELAY CONTACTS FAIL TO OPEN **DROP ABOVE INITIAL LIFT HEIGHT** **DROP DURING INSTALLATION** **OVERSPEED EVENT** TRANSFORMER FAILURE TO MPA

FIELD LOSS RELAY CONTACTS FAIL TO OPEN **DROP ABOVE INITIAL LIFT HEIGHT** **DROP DURING INSTALLATION** MOTOR PROGRAMMER OFF **OVERSPEED EVENT**

FIELD LOSS RELAY COIL OPEN CIRCUIT UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN **DROP DURING INITIAL LIFT** **OVERSPEED EVENT** **REMOVAL OF LOAD**

lFL-CONT FIELD LOSS RELAY CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** MPA MAGNETIC FIELD AMP FAILS TO FUNCTION OVERSPED **OVERSPEED EVENT** REMOVAL **REMOVAL OF LOAD**

lBlCLOSE lMACLOSE lMSHOIST DURINGLF REMOVAL TWO BLOCK

lBlCLOSE lMACLOSE DURINGLF OPHOIST2 REMOVAL TWO BLOCK

lBl CONTACTS FAIL TO OPEN lMA CONTACTS 'FAIL TO OPEN MS CONTACTS STICK IN HOIST POSITION **DROP ABOVE INITIAL LIFT HEIGHT** **REMOVAL OF LOAD** **TWO BLOCKING EVENT**

lBl CONTACTS FAIL TO OPEN lMA CONTACTS FAIL TO OPEN **DROP ABOVE INITIAL LIFT HEIGHT** OPERATOR CONTINUES TO HOIST DURING TWO BLO **REMOVAL OF LOAD** **TWO BLOCKING EVENT**

9-14

TABLE 4 -- CONTINUED

60 6

61 6

62 6

63 6

64 6

65 6

66 6

1B1CLOSE 1MACLOSE DURINGLF REMOVAL RPA TWO BLOCK

1B1 CONTACTS FAIL TO OPEN 1MA CONTACTS FAIL TO OPEN **DROP ABOVE INITIAL LIFT HEIGHT** **REMOVAL OF LOAD** REVERSING POWER AMPLIFIER FAILS TO FUNCTIO **TWO BLOCKING EVENT**

DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** GLSCLOSE GEAR LIMIT SWITCH CONTACTS FAIL TO OPEN OPHOIST2 OPERATOR CONTINUES TO HOIST DURING TWO BLO REMOVAL **REMOVAL OF LOAD** TWOBLOCK **TWO BLOCKING EVENT** WLSCLOSE WEIGHT LIMIT SWITCH CONTACTS FAIL TO OPEN

BINDING DURINGLF OPBIND REMOVAL RIG BIND STRUCTBH

**BINDING ON GUIDE STUDS** **DROP ABOVE INITIAL LIFT HEIGHT** OPERATOR MOVES CRANE DURING LIFT CAUSES BI **REMOVAL OF LOAD** BOTH RIGGERS FAIL TO OBSERVE BINDING STRUCT FAIL OF CRANE--GIVEN BINDING--HEAD

1MACLOSE 1MA CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** OPHOIST2 OPERATOR CONTINUES TO HOIST DURING TWO BLO REMOVAL **REMOVAL OF LOAD** TWOBLOCK **TWO BLOCKING EVENT** WLSCLOSE WEIGHT LIMIT SWITCH CONTACTS FAIL TO OPEN

BINDING INITIALF OPBIND OPHOISTB REMOVAL STRUCTBH

BINDING DURINGLF OPBIND OPHOISTB REMOVAL STRUCTBH

BRAKE1 BRAKE2 DURINGLF INSTALL OPMSOFF OVERSPED

**BINDING ON GUIDE STUDS** **DROP DURING INITIAL LIFT** OPERATOR MOVES CRANE DURING LIFT CAUSES BI OPERATOR CONTINUES TO HOIST DURING BINDING **REMOVAL OF LOAD** STRUCT FAIL OF CRANE--GIVEN BINDING--HEAD

**BINDING ON GUIDE STUDS** **DROP ABOVE INITIAL LIFT HEIGHT** OPERATOR MOVES CRANE DURING LIFT CAUSES BI OPERATOR CONTINUES TO HOIST DURING BINDING **REMOVAL OF LOAD** STRUCT FAIL OF CRANE--GIVEN BINDING--HEAD

SPRING BRAKE 1 FAILS TO ENGAGE SPRING BRAKE 2 FAILS TO ENGAGE **DROP ABOVE INITIAL LIFT HEIGHT** **DROP DURING INSTALLATION** OPERATOR PLACES MASTER SWITCH OFF **OV~RSPEED EVENT**

9-15

TABLE 4 -- CONTINUED

67

68

69

70

71

72

73

6

6

6

6

6

6

6

HANDSYSX HEADSTUC INITIALF LCRLOW LOAD HANG REMOVAL

HANDSYSX HEADSTUC INITIALF LOADHANG OPLOADHP REMOVAL

HANDSYSX HEADSTUC INITIALF LOADHANG REMOVAL RIGGERS

BRAKE1 BRAKE2 INITIALF OPMSOFF OVERSPED REMOVAL

BRAKE1 BRAKE2 DURINGLF OPMSOFF OVERSPED REMOVAL

1B1CLOSE DURINGLF GLSCLOSE REMOVAL RPA TWO BLOCK

1B1CLOSE DURINGLF GLSCLOSE OPHOIST2 REMOVAL TWO BLOCK

HANDLING SYSTEM FAILURE GIVEN REACTOR HEAD STUCK IN PLACE **DROP DURING INITIAL LIFT** LOW CELL READS LOW

LOAD HANGUP

**LOAD HANGUP** **REMOVAL OF LOAD**

HANDLING SYSTEM FAILURE GIVEN LOAD HANGUP REACTOR HEAD STUCK IN PLACE **DROP DURING INITIAL LIFT** **LOAD HANGUP** OPERATOR CONTINUES TO HOIST DURING HANGUP **REMOVAL OF LOAD**

HANDLING SYSTEM FAILURE GIVEN LOAD HANGUP REACTOR HEAD STUCK IN PLACE **DROP DURING INITIAL LIFT** **LOAD HANGUP** **REMOVAL OF LOAD** BOTH RIGGERS MISREAD LOAD CELL

SPRING BRAKE 1 FAILS TO ENGAGE SPRING BRAKE 2 FAILS TO ENGAGE **DROP DURING INITIAL LIFT** OPERATOR PLACES MASTER SWITCH OFF **OVERSPEED EVENT** **REMOVAL OF LOAD**

SPRING BRAKE 1 FAILS TO ENGAGE SPRING BRAKE 2 FAILS TO ENGAGE **DROP ABOVE INITIAL LIFT HEIGHT** OPERATOR PLACES MASTER SWITCH OFF **OVERSPEED EVENT** **REMOVAL OF LOAD**

1B1 CONTACTS FAIL TO OPEN **DROP ABOVE INITIAL LIFT HEIGHT** GEAR LIMIT SWITCH CONTACTS FAIL TO OPEN **REMOVAL OF LOAD** REVERSING POWER AMPLIFIER FAILS TO FUNCTIO **TWO BLOCKING EVENT**

1B1 CONTACTS FAIL TO OPEN **DROP ABOVE INITIAL LIFT HEIGHT** GEAR LIMIT SWITCH CONTACTS FAIL TO OPERATOR CONTINUES TO HOIST DURING **REMOVAL OF LOAD** **TWO BLOCKING EVENT**

9-16

OPEN TWO BLO

TABLE 4 -- CONTINUED

74 6

75 6

76 7

77 7

78 7

79 7

BINDING INITIALF OPBIND REMOVAL RIG BIND STRUCTBH

**BINDING ON GUIDE STUDS** **DROP DURING INITIAL LIFT** OPERATOR MOVES CRANE DURING LIFT CAUSES BI **REMOVAL OF LOAD** BOTH RIGGERS FAIL TO OBSERVE BINDING STRUCT FAIL OF CRANE--GIVEN BINDING--HEAD

lBlCLOSE lBl CONTACTS FAIL TO OPEN lMSHOIST MS CONTACTS STICK IN HOIST POSITION DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** GLSCLOSE GEAR LIMIT SWITCH CONTACTS FAIL TO OPEN REMOVAL **REMOVAL OF LOAD** TWOBLOCK **TWO BLOCKING EVENT**

lMACLOSE lMA CONTACTS FAIL TO OPEN lMSHOIST MS CONTACTS STICK IN HOIST POSITION DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** OPEMER2B OPERATOR FAILS TO PRESS EMERGENCY STOP REMOVAL **REMOVAL OF LOAD** TWOBLOCK **TWO BLOCKING EVENT** WLSCLOSE WEIGHT LIMIT SWITCH CONTACTS FAIL TO OPEN

lMSHOIST DURINGLF GLSCLOSE OPEMER2B REMOVAL TWO BLOCK WLSCLOSE

MS CONTACTS STICK IN HOIST POSITION **DROP ABOVE INITIAL LIFT HEIGHT** GEAR LIMIT SWITCH CONTACTS FAIL TO OPEN OPERATOR FAILS TO PRESS EMERGENCY STOP **REMOVAL OF LOAD** **TWO BLOCKING EVENT** WEIGHT LIMIT SWITCH CONTACTS FAIL TO OPEN

lMACLOSE lMA CONTACTS FAIL TO OPEN DURINGLF **DROP ABOVE INITIAL LIFT HEIGHT** OPEMER2B OPERATOR FAILS TO PRESS EMERGENCY STOP REMOVAL **REMOVAL OF LOAD** RPA REVERSING POWER AMPLIFIER FAILS TO FUNCTIO TWOBLOCK **TWO BLOCKING EVENT** WLSCLOSE WEIGHT LIMIT SWITCH CONTACTS FAIL TO OPEN

DURINGLF GLSCLOSE OPEMER2B REMOVAL RPA TWO BLOCK WLSCLOSE

**DROP ABOVE INITIAL LIFT HEIGHT** GEAR LIMIT SWITCH CONTACTS FAIL TO OPEN OPERATOR FAILS TO PRESS EMERGENCY STOP **REMOVAL OF LOAD** REVERSING POWER AMPLIFIER FAILS TO FUNCTIO **TWO BLOCKING EVENT** WEIGHT LIMIT SWITCH CONTACTS FAIL TO OPEN

9-17

TABLE 5"'

SURVEY OF CRANE

LER EVENTS

(July 1969 - July 1979)

Cause Category No. of Events Percentage

A. Failure during plant construction phase 2 6

B. Failure due to design or fabrication errors 9 26

c. Failure due to lack of adequate inspection 2 6

D. Failure due to operator error or lack of training 8 24

E. Failure due to random mechanical component failures 5 15

F. Failure due to random failures of control system components 3 9

G. Events due to lack of operating procedures 4 12

H. Events due to crane overloading (including load hang up) 1 3

Total 34

* Table 4-3 NUREG-0612

9-18

1.

2.

3.

* **

Cause Category

Crane failure

TABLE 6

CAUSES OF CRANE ACCIDENTS U.S. DEPARTMENT OF THE NAVY

(1) (2) number of load Upper* drop bound events estimate reported

10 20

Crane operator failure 30 60

Rigging failure 3 6

Total 43 86

Assumes only one-half of the events are reported.

Estimated** mean probability

1.7 X 10-5 /lift

5.1 X 10-5 /lift

5.1 X 10-6 /lift

7.4 X 10-5 /lift

Calculated as the average of columns (1) and (2) divided by the estimated mean number of lifts, 8.75 x 105.

9-19

TABLE 7

FAILURE RATE DATA TAKEN FROM WASH 1400

Component Failure Mode Assessed Median Error Factor

Relay Fails to energize 1 x 10-4;demand 3

Limit Switch Fails to Operate I x 10-4/demand 3

Manual switch Fails to transfer 1 x 10-5/demand 3

Electric motors/ 1 x 10-5/hour generators Fails to run 3/10

Solid state devices--high power

3 X 1 o-6/hour applications Fails to function 3

9-20

TABLE 8

PROBABILITY OF LOAD DROP PER LIFT (PLANT X) MEAN (90% CONFIDENCE INTERVAL)

Reactor Head

Separator

Cask Operating Floor

Cask S.E. Equipment Hatch

Recirculation Pump Motor N.E. Equipment Hatch

NOTES

Top Event Probability Per Lift Including Initial Lift

1.8 X 10-4 L (5.9 X 10-5, 3.5 X 10-3)

2.3 X 10-4 L (1.1 X 10-4, 1.7 X 10-3)

8.2 X 10-5 0 5-(2.9 X 10- ,

1.1 X 10-3)

N/R

N/R

Top Event Probability Per Lift Above Critical Lift Height

6.9 X 10-5 0 5-(1.2 X 10- ,

1.0 X 10-3)

6.8 X 10-5 0 5-(1.0 X 10- ,

9.3 X 10-4)

6.9 X 10-5 0 5-(1.2 X 10- ,

1.0 X 10-3)

3.3 X 10-4 0 5-(9.0 X 10- ,

4.2 X 10-3)

3.3 X 10-4 0 5-(9.0 X 10- ,

4.2 X 10-3)

L means Load Hangup Events dominate probabilistically 0 means that overspeed events dominate probabilistically N/R means not relevant

9-21

TABLE 9

MEAN ANNUAL FREQUENCY OF LOAD DROPS (PLANT Y)

Load

Head Drop

MEAN and 90% CONFIDENCE INTERVAL (i.e., 5TH AND 95TH PERCENTILE)

Lift Phases

Considered

3*

Mean Estimate

7.41 x w-5

Upper Internals 3* 9.20 x w-5

Head Drop 2** 2.87 x w-5

Upper Internals 2** 2.86 x w-5

* **

includes all three lift phases in lift cycle. includes two lift phases: (i) drop above initial lift height during removal (ii) drop during installation

9-22

90% Confidence

Interval

2.02 x w-5, 1.85 x w-4

2.47 x w-5, 1.75 x w-4

7.61 x w-6, 6.8 x w-5

7.93 x w-6, 7.25 x w-5

"' I N w

TABLE 10 -- RANKING OF BASIC EVENTS FOR SEPARATOR DROP (PLANT X)

*•**********•*•••••• SEPARATOR DROP INCLUDING INITIAL LIFT BEST ESTit-1AlE -- ···~··············~· FUSSELL-VESELY MEASURE OF BASIC EVENT IMPORTANCE (MEASURE OF SYSTEM UNAVAILABILITY) STEADY STATE CALCULATIONS

Ll"ITINQ SYSTEM UNAYAILIBILITY• 0.~~523E-03

RANK 1 ~ 2 2 2 3 3 4 5 6 7 7 8 9

10 10 10 11 12 12 12 13 14 15 16 16 16 16 16 17

BASIC EVENT INITIALF SEPSTUCK HANOSYSII: LOAOHANC OPHOISTL DU.RINGLF OVER SPED HMO TOR-R STRUCTI SPSLINGI 3RESIS2 3RESIS1 RBCRANEI HMOTOR-L TWOBLOCK GEARLSCL HBLSCLOS OPHOIST2 BRAKE2 BRAKE1 OPRELEAS RADIO-TC LDBRAKEX LDBRAKEY "-MAG OFF F4FUSE LL2FUSE LL3FUSE ANODEOFF NOPOWER

I"PORTANCE 0. 708 0.444 0.444 0.444 0.444 0.292 0.292 0.289 0.264 0.226 0. 146 0. 146 0.377E-01 0.289E-02 0.~33E-03

0.~33E-03

0.233E-03 0.222E-03 0. 196E-03 0. 196E-03 0. 196E-03 0. lllE-04 0.356E-05 0.~77E-05

0.280E-06 0.~80E-06 0.280E-06 0.280E-06 0.280E-06 0.377E-OB

PROBABILITY 1. 00

0. 100E-01 1. 00 1. 00

0. 100E-D1 1. 00 1. 00

0.250E-03 1. 00

0. SIOE-04 0. 130 0. 130 0.8SOE-05 0.250E-05

1. 00 0. SOOE-02 0. lOOE-01 0. 100E-02 0. lOOE-01 0. 170E-04

1. 00 0.500E-D4 0.300E-03 O.~SOE-05 O.~SOE-06 0.~50E-06 0.250E-06 0.2SOE-06 0.250E-06 0.:500E-OS

ERROR FACTOR 0. 000 0.000 0.000 0.000

10.0 0.000 0.000

10.0 0.000 0.000

7.00 7.00 10.0 3.00

0.000 2.00 10.0 10.0 10.0 10.0

0.000 10. 0 3.00 10.0 10.0 10.0 10.0 10.0 10.0 10.0

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT ++DROP DURING INITIAL LIFT++ CONSTANT SEPERATDR INITIALLY STUCK IN PLACE CONSTANT HANDLING SYSTE" FAILURE GIVEN LOAD HANGUP CONSTANT ++LOAD HANGUP EVENT++ LOGNORML OPERATOR CONTINUES TO HOIST DURING HANGUP CONSTANT ++DROP ABOVE CRITICAL LIFT HEIGHT++ CONSTANT ++OVERSPEED EVENT++ LOGNORML HOISTJNQ MOTOR FAILS TO RE-GENERATE CONSTANT ++STRUCTURAL FAILURE INITIAL LIFT++ CONSTANT SEPERATOR SLING FAILURE INITIAL LIF1 LOGNORML 3 OHM RESISTOR NO. 2 OPEN CIRCUIT LOGNORML 3 DH" RESISTOR NO. 1 OPEN CIRCUIT LOGNORML STRUCTURAL FAILURE CRANE INITIAL LIF1 LOGNORML HOISTING "OTOR FAILS DURING LIFT CONSTANT ++TWO BLOCKING EVENT++ LOGNORML GEAR LIMIT SWITCH CONTACTS FAIL TO OPEN LOGNORML HOIST BLOCK L-S CONTACTS FAIL TO OPEN LOGNORML OPERATOR CONTINUES TO HOIST DURING TWO BLOCKING LOGNORML SPRING BRAKE 2 FAILS TO ENGAGE LOGNORML SPRING BRAKE 1 FAILS TO ENGAGE CONSTANT OPERATOR RELEASES PUSH BUTTON LOGNORML RADIO TRANSMITTER CONTROL FAILURE LOGNORML LOAD BRAKE FAILS TO EXCITE LOGNORML LOAD BRAKE DE-EXCITES LOGNDRML M-MAGNETIC AMPLIFIER FAILURE OFF LOGNORML F4 FUSE FAILURE OFF LOGNORML LL2 FUSE FAILURE LOGNORML LL3 FUSE FAILURE LOGNOR"L ANODE TRANSFORMER FAILURE OFF LOGNORML LOSS OF 575Y POWER

TABLE 11

MEAN PROBABILITIES OF VARIOUS SEPARATOR DROP SCENARIOS PER LIFT (PLANT X)

LOAD DROP SCENARIO

Drop During Initial Lift

Load Hangup Event

Structural Failure During Initial Lift

Drop Above Critical Lift Height

Overspeed Event

Two Blocking Event

Structural Failure Above Critical Lift Height

9-24

MEAN PROBABILITY

1.6 X 10-4

1.0 X 10-4

6.0 X 10-5

6.8 X 10-5

6.6 X 10-5

5.0 X 10-8

NIL

1..0 I

N U'l

TABLE 12 -- RANKING OF THE MOST IMPORTANT MIN CUT SETS FOR THE SEPARATOR DROP (PLANT X)

•••••••••••••••••••• SEPARATOR DROP INCLUDING INITIAL LIFT BEST ESTIMATE -- •••••••••••••••••••• FUSSELL-VESELY MEASURE OF CUT SET IMPORTANCE (MEASURE OF SYSTEM UNAVAILABILTY)

LtMITINO SYSTEM UNAVAILABILITY• 0.~27E-03 RANK IMPORTANCE

1 0.4 .. 0E 00 CUT SET 31 BASIC EVENT PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION HANDSYSX 0. lOOE 01 0.000 CONSTANT HANDLING SYSTEM FAILURE GIVEN LOAD HANGUP INITIALF 0. IOOE 01 0.000 CONSTANT ••DROP DURING INITIAL LIFT•• LOADHANQ 0. lOOE 01 0.000 CONSTANT ••LOAD HANGUP EVENT•* OPHOISTL 0. lOOE-01 10 0 LOGNORML OPERATOR CONTINUES TO HOlST DURINO HANGUP SEPSTUCK 0. 100E-Ol 0.000 CONSTANT SEPERATOR INITIALLY STUCK IN PLACE

2 0. 22.4E 00 CUT SET 10 8A'5IC EVENT PROBAIJILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESr.RIPTION lNITIALF 0. lOOE 01 0.000 CONSTANT ••DROP DURING INITIAL LIFT•* SPSLINGI 0. 51\iE-04 0. 000 CONSTANT SEPERATOR SLINQ FAILURE INITIAL LIFT STRUCTI 0. 100E 01 0.000 CONSTANT ••STRUCTURAL FAILURE INITIAL LIFT••

3 0. 143E 00 CUT SET . ., BASIC EVENT PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION 3RESIS2 0 l::JOE 00 7.00 LOGNORML 3 OHM RESISTOR NO 2 OPEN CIRCUIT DURINCLF 0 100E 01 0.000 CONSTANT ••DROP ABOVE CRITICAL LIFT HEIGHT•• HMO TOR-R 0.2~0E-03 10.0 LOGNORML HOISTING MOTOR FAILS TO RE-GENERATE OYER SPED 0. lOOE 01 0.000 CONSTANT ••OYERSPEED EVENT••

3 0. 143£ 00 CUT SET 14 BASIC EVENT PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION :lRESISl 0. I:JOE 00 7.00 LOQNORI'It.. 3 OHM RESISTOR NO. I OPEN CIRCUIT DURINOLF 0 100E 01 0.000 CONSTANT ••DROP ABOVE CRITICAL LIFT HEIGHT•• HI'IOTOR-R 0 ;!'jOE-03 10.0 LOGNORML HOISTING MOTOR FAILS TO RE-GENERATE OYER SPED 0. lOOE 01 0.000 CONSTANT ••OYERSPEED EVENT••

4 0.374E-Ol CUT SET 2 BASIC EVENT PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION INITIALF 0 lOOE 01 0. 000 CONSTANT ••DROP DURING INITIAL LIFT•• ROCRANEI 0 8~0E-O~ 10 0 LOGNORML STRUCTURAL FAILURE CRANE INITIAL LIFT STRUCTI 0 lOOE 01 0.000 CONSTANT ••STRUCTURAL FAILURE INITIAL LIFT••

1..0 I

N 0'1

TABLE 13 -- RANKING OF BASIC EVENTS HEAD DROP INCLUDING ALL THREE LIFT PHASES (PLANT Y)

1 •••••••••••••••••••• DROP OF REACTOR VESSEL HEAD INCLUD1NG INITIAL LIFT -- . • ••••••••••••••••••• FUSSELL-VESELY "EASURE OF BASIC EVENT I"PORTANCE <"EASURE OF SYSTE" UNAVAILABILITY) STEADY STATE CALCULATIONS

TOP EVENT F·ROBAliiLITY :a 0.74164£-04

RANK BASIC EVENT I"PORTANCE "EAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION 1 REttOVAL 0.807 t.oo o.ooo CONSTANT tt RE"OVAL OF LOAD tt 2 INITIALF 0.613 1.oo o.ooo CONSTANT tt DROP DURING INITIAL LIFT tt 3 OVER SPED 0.578 t.oo o.ooo CONSTANT tt OVERSPEED EVENT tt 4 DURINGLF 0.387 1.oo o.ooo CONSTANT tt DROP ABOVE INITIAL LIFT HEIGHT tt 5 HANDSYSX 0.271 1.oo o.ooo CONSTANT HANDLING SYSTE" FAILURE GIVEN LOAD HANGUP 5 LOADHANO 0.271 t.oo o.ooo CONSTANT ** LOAD HANGUP ** 5 HEIII'DSTUC 0.271 0.100E-01 to.o LOGNOR"L REACTOR HEAD STUCK IN PLACE 6 GENERATR 0.269 0.666[-05 to.o LOGNOR"L OPEN CIRCUIT IN GENERATOR 7 INSTALL 0.193 1.oo o.ooo CONSTANT tt DROP DURING INSTALLATION tt •• STRUCTJL 0.150 loOO o.ooo CONSTANT tt STRUCTURAL FAILURE DURING INITI~ LIFT 81 9 C.LOADHP 0.135 O,JOOE-02 to.o LOONORML OPERATOR CONTINUES TO HOIST DURING HANOU~

" RID6£R9 0.135 OolOOE-02 to.o LOONORHL 80TH RIOOERS "ISREAD LOAD CELL 10 "OTOR-A 0.126 0,312£-0' 3.oo LOONORHL OPEN OR SHORT CCT AMARAlURE HOIST MOTOR 11 RSCRANEI 0,115 0.850[-05 10.0 LOONOR"L STRUCTURAL FAILURE OF CRANE SYSTE" 12 9CR-MPA O.BOBE-01 0.200£-05 10.0 LOGNOR"L SCR FAILURE TO "OTOR POWER AMPLIFIER 12 ORPA O,BOBE-01 0.200E-05 to.o LOGNOR"L REVERSING POWER AMPLIFIER FAILURE OFF 13 HLFSTRCI 0.351E-01 0.260E-05 10.0 LOGNOR"L STRUCTURAL FAIL HEAD LIFT DEVICE 14 TR-GRPA o.t26E-01 o.312E-06 3,00 LOONOR"L TRANSFOR"ER FAILURE TO RPA 15 8RAkE2 0.688E-02 O.tOOE-01 to.o LOGNOR"L SPRING BRAkE 2 FAILS TO ENGAGE 15 BRAKE! 0.688E-02 o.170E-04 10.0 LOGNOR"L SPRING BRAKE l FAILS TO ENGAGE 15 OP"SOFF 0.688E-02 1.oo o.ooo CONSTANT OPERATOR PLACES "ASTER SWITCH OFF 16 lFL-OCCT o.126E-02 0.125E-03 3.oo LOGNOR"l FIELD LOSS RELAY COIL OPEN CIRCUIT 17 LCRLOW o.849E-03 0.630£-05 10.0 lOGNOR"L LON CELl READS LOW 18 STRUCTAH 0.809E-03 O.JOOE-07 10.0 LOGNOR"L STRUCT FAIL OF CRANEr liFTING HEAD 19 TWO BLOCK o.764E-03 t.oo o.ooo CONSTANT tt TWO BLOCKING EVENT t$ 19 OPHOIST2 o.763E-03 O.lOOE-02 to.o LOGNOR"L OPERATOR CONTINUES TO HOIST DURING TWO ILOCK 20 WLSCLOSE o.754E-03 0.100E-01 2.00 LOGNOR"L WEIGHT LI"IT SWITCH CONTACTS FAIL TO OPEN 21 GLSCLOSE o.746E-03 o.546E-02 2.00 LOGNOR"L GEAR LIHIT SWITCH CONTACTS FAIL TO OPEN 22 lUV 0.671E-03 0.125E-03 J.oo LOGNOR"L UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN 22 IFL-CDNT 0.671E-03 0.125E-OJ 3.oo LOGNOR"L FIElD LOSS RELAY CONTACTS FAIL TO OPEN 23 STRUCTBH o.539E-04 0.100E-03 10.0 LOGNOR"L STRUCT FAll OF CRANE -- GIVEN BINDING -- HEAD 23 OPBIND o.539E-04 0.100E-01 10.0 LOGNOR"L OPERATOR "OVES CRANE DURING LIFT CAUSES BIND 23 BINDING o.539E-04 1.oo o.ooo CONSTANT tt BINDING ON GUIDE STUDS at 24 "OTOR-SF o.J16E-o4 o.Jt2E-o5 J.oo LOGNOR"L OPEN OR SHORT CCT SHUNT FIELD HOIST "OTOR 25 RIGBIND 0.270E-04 O.tOOE-02 10.0 LOGNOR"L BOTH RIGGERS FAIL TO OBSERVE BINDING 25 OPHOISTB 0.270E-04 0.100E-02 10.0 LOGNOR"L OPERATOR CONTINUES TO HOIST DURING BINDING 26 "FP 0.202E-04 o.200E-05 to.o lOGNOR"L "OTOR PROGRA""ER OFF 26 "PA 0.202E-04 0.200£-05 to.o lOGNOR"L "AGNETIC FI~LD A"P FAILS TO FUNCTION

1..0 I

N -.....]

TABLE 14 -- RANKING OF BASIC EVENTS INTERVALS DROP INCLUDING ALL mREE LIFT PHASES (PLANT Y)

1 tttttttttttttttttttt DROP OF UPPER INTERNALS WITH INITIAL LIFT -- •••••••••••••••••••• FUSSELL-VESELY NEASURE OF BASIC EVENT IMPORTANCE <MEASURE OF SYSTEM UNAVAILABILITY) STEADY STATE CALCULATIONS

TOP EVENT PROPABILITY • 0.91599E-04

RANk 1 2 3 4 5 6 7 7 7 8 9

10 10 11 12 12 1l 14 15 15 15 16 17 18 18 19 20 21 21 22 23 23 24 25 26 27 29 29

8A9IC EVENT RENOVAL INITIALF OVER SPED DURINGLF STRUCTIL I,.,.ROPRC HANDSYSX LOADHANG INTERNST OENERATR INSTALL RIGGERS OPLOADHP NO TOR-A GRPA SCR-NPA ILFSTRCI TR-GRPA 8RAkE2 JRAKE1 OPMSOFF lFL-OCCT LCRLOY TWO BLOCK OPHOIST2 YLSCLOSE GLSCLOSE 1UV lFL-COHT MOTOR-SF NPA NFP lNACLOSE lfi1CL09E TR-MPA IRS lMSHOIST Of"EHER2R

IMPORTANCE 0.944 0.687 0.468 0.313 o.J12 0.284 0.219 0.219 0.219 0.218 0.156 0.109 0.109 0.102 0.654[-01 0.654£-01 0.284E-01 o.1o2E-o1 0.557£-02 o.557E-02 Oo557E-02 0.102E-02 0.688E-03 Oo619E-03 Oo619E-03 0.610E-03 0.604[-03 o.54lE-OJ 0.54JE-OJ o.256E-04 0.164E-04 0.164E-04 O.tJBE-04 o.784E-os 0.256E-05 o.205E-05 0.366£-06 o. 168£-06

MEAN PROBABILITY 1.00 t.oo 1.oo t.oo 1.oo

0.260£-04 t.oo t.oo

0.100E-01 0.666E-05

1.oo 0.100£-02 0.100E-02 o.J12E-os 0.200E-05 0.200E-05 0.260£-05 o.J12E-o6 o.tOOE-01 o.t7oE-o4

1.oo O.t25E-OJ 0.630E-05

1.00 Oo100E-02 O.lOOE-01 o.546E-02 O.l25E-03 0.125E-OJ o.3t2E-o5 0.200E-05 0.200£-05 0.125£-03 0.125E-OJ o.312E-06 O.:ZSOE-06 0.266£-04 0.100£-01

ERROR FACTOR o.ooo o.ooo o.ooo o.ooo o.ooo

1o.o o.ooo o.ooo

10.0 10.0

o.ooo 10.0 10.0 J.oo 10.0 10.0 to.o J.oo to.o 10.0

o.ooo J.oo 10.0

o.ooo to.o 2.00 2.00 3.oo J.oo J.oo 10.0 10.0· 3.oo J.oo 3.oo 10.0 10.0 10.0

DISTRIJUTIOH BASIC EVENT DESCRIPTION CONSTANT tt REHOVAL OF LOAD tt CONSTANT te DROP DURING INITIAL LIFT tt CONSTANT te OVERSPEED EVENT ee CONSTANT et DROP ABOVE INITIAL LIFT HEIGHT tt CONSTANT tt STRUCTURAL FAILURE DURING INITIAL LIFT tt LOONORML IMPROPER CONNECTION OF INTERNALS RIO CONSTANT HANDLING SYSTEM FAILURE GIVEN LOAD HANGUP CONSTANT tt LOAD HANOUP tt LOGNORNL INTERNALS STUCK IN PLACE LOGNORNL OPEN CIRCUIT IN GENERATOR CONSTANT tt DROP DURING INSTALLATION tt LOGNORML 80TH RIGGERS NISREAD LOAD CELL LOGNORHL OPERATOR CONTINUES TO HOIST DURING HAH0UP LOGNORNL OPEN OR SHORT CCT AftARATURE HOIST MOTOR LOGNORNL REVERSING POYER AMPLIFIER FAILURE OFF LOONORML SCR FAILURE TO NOTOR POYER ANPLIFIER LOONORNL STRUCTURAL FAIL INTERNALS LIFT DEVICE LOGNORML TRAHSFORNER FAILURE TO RPA LOGNORNL SPRING BRAKE 2 FAILS TO ENGAGE LOONORNL SPRING BRAKE 1 FAILS TO ENGAGE CONSTANT OPERATOR PLACES HASlER SWITCH OFF LOGNORHL FIELD LOSS RELAY COIL OPEN CIRCUIT LOGNORML LOY CELL READS LOY CONSTANT tt TWO BLOCKING EVENT te LOBNORML OPERATOR CONTINUES TO HOIST ~INO TWO BLOCK LOONORML WEIGHT LIMIT SWITCH CONTACTS FAIL TO OPEN LOGNORML GEAR LIMIT SWITCH CONTACTS FAIL TO OPEN LOONORML UNDER VOLTAGE RELAY CONTACTS FAIL TO OPEN LOONORML FIELD LOSS RELAY CONTACTS FAIL TO OPEN LOONORML OPEN OR SHORT CCT SHUNT FIELD HOIST MOTOR LOONOkHL MAGNETIC FIELD ANP FAILS TO FUNCTION LOGNORML MOTOR PROGRAMMER OFF LOONORML 1MA CONTACTS FAIL TO OPEN LOGNURML 181 CONTACTS FAIL TO OPEN LOGNORML TRANSFORMER FAILURE TO MPA LOGNORML 1R5 RESISTOR OPEN OR SHORT CIRCUIT lOGNORHL MS CONTACTS STICK IN HOIST POSITION LOGNORHL OPERATOR FAilS TO PRESS EMERGENCY STOP

TABLE 15

MEAN PROBABILITY OF VARIOUS HEAD DROP SCENARIOS PER YEAR (PLANT Y)

(Parentheses indicate the lifting phase in which the scenario can occur)*

LOAD DROP SCENARIO MEAN PROBABILITY

Drop During Initial Lift (I)

Overspeed Event (I t II t III)

Drop After Initial Lift (II t III)

Load Hangup Event (I)

Drop During Installation (III)

Structural Failure During Initial Lift (I)

Structural Failure After Initial Lift (II t III)

Two-blocking Event (II)

Binding On Guide Studs (I + II)

4.5 X 10-5

4.3 X 10-5

2.9 X 10-5

2.0 X 10-5

1.4 X 10-5

1.1 X 10-5

6.0 X 10-8

5.7 X 10-8

4.0 X 10-9

* Phase I is initial lift phase. Phase II is removal after initial lift phase. Phase III is installation phase.

9-28

TABLE 16

MEAN PROBABILITY OF VARIOUS UPPER INTERNALS DROP SCENARIOS PER YEAR (PLANT Y)

(Parentheses indicate the lifting phase in which the scenario can occur)*

LOAD DROP SCENARIO MEAN PROBABILITY

Drop During Initial Lift (I)

Overspeed Event (I + II + III)

Drop After Initial Lift (II + III)

Structural Failure During Initial Lift (I)

Load Hangup Event (I)

Drop During Installation (III)

Two-blocking Event (II)

6.3 X 10-5

4.3 X 10-5

2.9 X 10-5

2.9 X 10-5

2.0 X 10-5

1.4 X 10-5

5.7 X 10-8

* Phase I is initial lift phase. Phase II is removal after initial lift phase. Phase III is installation phase.

9-29

w I

w 0

TABLE 17 -- RANKING OF MOST IMPORTANT MIN CUT SETS REACTOR HEAD DROP (PLANT Y)

1 tt ... tt************* DROP OF REACTOR VESSEL HEAD INCLUDING INITIAL liFT --FUSSELL-VESELY ~ASURE OF CUT SET IMPORTANCE CMEASURE OF SYSTEM UNAVAILABILTY)

TOP EVENT PRO~ABILITY • 0.74164E-04 RANK IMPORTANCE

1 0.135£ 00 CUT SET 70 MIN CUT SET PROBAIIliTY • O.tOOE-04 BASIC EVENT MEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION

••••••••••••••••••••

HANDSYSX O,tOOE 01 0.000 CONSTANT HANDLING SYSTEM FAILURE GIVEN lOAD HANGUP HEADSTUC 0.100E-01 10.0 LOONORHL REACTOR HEAD STUCK IN PlACE INITIALF 0.100E 01 0.000 CONSTANT $$ DROP J)URING INITIAL LIFT ta lOADHANG O.tOOE 01 0.000 CONSTANT $$ LOAD HANGUP ** OPLOADHP 0.100E-02 10.0 LOGNORML OPERATOR CONTINUES TO HOlsT DURINO HANOUP REMOVAL 0.100E 01 0.000 CONSTANT tt REMOVAL OF LOAD tt

1 O.tJSE 00 CUT BET 69 MIN CUT BET PROBABILITY • O.tOOE-04 BASIC EVENT MEAN PROBABILITY ERROR FACTOR HANDSYSX 0.100E 01 0.000 HEADSTUC O.lOOE-01 10.0 INITIALF 0.100E 01 0.000 LOADHANO 0.100E 01 0.000 REMOVAL O.lOOE 01 0.000 RIGGERS o.tOOE-02 10.0

2 O.t15E 00 CUT BET J MIN CUT BET PROBABILITY • 0.850£-05

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT HANDLING SYSTEM FAILURE OIUEN LOAD HANGUP LOGNORHL REACTOR HEAD STUCk IN PLACE CONSTANT ** DROP DURING INITIAL LIFT tt CONSTANT t$ LOAD HANGUP tt CONSTANT tt REMOVAL OF LOAD $8 LOGNORML BOTH RIGGERS MISREAD LOAD CELL

BASIC EVENT MEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION INITIALF O.lOOE 01 0.000 CONSTANT tt DROP DURING INITIAL LIFT tt REMOVAL O.lOOE 01 0.000 CONSTANT tt REHOVAL OF lOAD tt RSCRANEI O.BSOE-05 10.0 lOGNORML STRUCTURAL FAILURE OF CRANE SYSTEM STRUCTIL 0.100E 01 0.000 CONSlANT tt STRUCTURAL FAILURE DURING INITIAL LIFT tt

J 0.899E-01 CUT SET 17 MIN CUT SET PROBABILITY • 0.666E-05 BASIC EVENT MEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION GENERATR 0.666E-05 10.0 LOONORHL OPEN CIRCUIT IN GENERATOR INITIALF 0.100E 01 0.000 CONSTANT tt DROP DURING INITIAL LIFT tt OVERSPED 0.100£ 01 0.000 CONSTANT tt OVERSPEED EVENT tt REMOVAL 0.100E 01 0.000 CONSTANT tt REMOVAL OF LOAD $$

1 tUtUU$U*UtU$U- [tROP OF REACTOR VESSEL HEAlt INt:LUltiNG INITIAL LlrT -- DIABLO CANYON UUUUUtStUttUt

1.0 I

w I-'

TABLE 17 -- RANKING OF MOST IMPORTANT MIN CUT SETS REACTOR HEAD DROP (PLANT Y) (Continued)

1 aa .. aataataaaaaaaaaa DROP OF REACTOR VESSEL HEAD INCLUDING INITIAL LIFT --FUSSELL-VESELY ~ASURE OF CUT SET IHPORTANCE CHEASURE OF SYSTEH UNAVAILAIILTY)

TOP EVENT PROBABILITY 2 0.7~16~E-O~ RANK I~TANCE

J Oo898E-01 CUT SET 18 MIN CUT SET PROBABILITY • 0.666£-05 BASIC EVENT HEAN PROJABILITY ERROR FACTOR DURINOLF O.lOOE 01 0.000 OENERATR Oo666E-05 10.0 OVERSPED O.tOOE 01 0.000 REMOVAL OolOOE 01 OoOOO

J 0.898E-01 CUT SET 12 MIN CUT SET PROJABILITY • Oo666E-05 BASIC EVENT HEAN PROBABILITY ERROR FACTOR DURINOLF 0.100E 01 0.000 OENERATR 0.666E-05 10.0 INSTALL Oo100E 01 0.000 OVERSPED Oo100E 01 0.000

4 0.421E-01 CUT SET 7 MIN CUT SET PROBABILITY • Oo312E-05 BASIC EVENT "EAN PROBABILITY ERROR FACTOR

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT at DROP ABOVE INITIAL LIFT HEIGHT at LOONORHL OPEN CIRCUIT IN GENERATOR CONSTANT aa OVERSPEED EVENT aa CONSTANT at REHOVAL OF LOAD aa

niSTRIBUTION BASIC EVENT DESCRIPTION CONSTANT ta DROP ABOVE INITIAL LIFT HEIGHT tt LOONORHL OPEN CIRCUIT IN GENERATOR CONSTANT tt DROP DURING INSTALLATION ta CONSTANT tt OVERSPEED EVENT tt

••••••••••••••••••••

DURINOLF 0.100E 01 0.000 "OTOR-A 0.312E-05 3.00

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT aa DROP ABOVE INITIAL LIFT HEIOHT LOONORHL OPEN OR SHORT CCT A"ARATURE HOIST CONSTANT aa OVERSPEED EVENT aa

•• HOT OR OVERSPED Oo100E 01 0.000 RE"OVAL O,!OOE 01 0.000 CONSTANT at RE"OVAL OF LOAD ta

4 0.421E-01 CUT SET 5 "IN CUT SET PROBABILITY • o.Jt2E-05 JASIC EVENT HEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION DURINGLF 0,100E 01 0.000 CONSTANT aa DROP ABOVE INITIAL LIFT HEIGHT ta INSTALL O.tOOE 01 OoOOO CONSTANT aa DROP DURINO INSTALLATION at "OTOR-A Oo312E-05 3.00 LOONDRHL OPEN OR SHORT CCT AHARATURE HOIST MOTOR OVERSPED O.tOOE 01 0.000 CONSTANT aa DVERSPEED EVENT at

1 aaaaaaaaaatttattttta DROP OF REACTOR VESSEL HEAD INCLUOINO INITIAL LIFT -- DIABLO CANYON ••••••••••••••••••••

1.0 I

w IV

TABLE 17 -- RANKING OF MOST IMPORTANT MIN CUT SETS REACTOR HEAD DROP (PLANT Y) (Continued)

1 tttttttttttttttttt•t DROP OF REACTOR VESSEL HEAD INCLUDING INITIAl LIFT -- . r-.·· FUSSELL-VESELY HEASURE OF CUT SET IMPORTANCE <MEASURE OF SYSTEM UNAVAILABILTY)

TOP EVENT PROBABiliTY • 0.7~16~E-O~ RANK IMPORTANCE

~ 0.421E-o1 CUT SET 10 NIH CUT SET PROBABILITY • 0.312£-05 BASIC EVENT MEAN PROBABiliTY ERROR FACTOR INITIALF O.tOOE 01 0.000

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT ** DROP DURING INITIAl liFT ••

....................

MOTOR-A O.J12E-05 3.00 OVERSPED o.tOOE 01 0.000

lOGNORHL OPEN OR SHORT CCT AHARATURE HOIST MOTOR CONSTANT ** OVERSPEED EVENT **

REMOVAl O.lOOE 01 0.000 CONSTANT ** REHOVAl OF lOAD ••

5 0.351E-01 CUT SET ~ NIH CUT SET PROBABILITY • 0.260£-05 BASIC EVENT HEAN PROBABiliTY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION HlFSTRCI 0.260E-05 10.0 lOGNORML STRUCTURAl FAIL HEAD LIFT DEVICE INITIALF O.tOOE 01 0.000 CONSTANT ** DROP DURING INITIAL LIFT ** REMOVAL 0.100E 01 0.000 CONSTANT ** REMOVAl OF lOAD ** STRUCTIL o.tOOE 01 0.000 CONSTANT ** STRUCTURAL FAilURE DURING INITIAL liFT **

6 0.269E-01 CUT SET 15 MIN CUT SET PROBABILITY • 0.200£-05 BASIC EVENT MEAN PROBABILITY ERROR FACTOR DURINOLF O.lOOE 01 0.000 GRPA 0.200E-05 10.0 INSTALL O,tOOE 01 0.000 OVERSPED O,lOOE 01 0.000

6 0.269£-01 CUT SET 8 NIH CUT SET PROBABILITY • Oe200E-05

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT ••· DROP ABOVE INITIAL LIFT HEIGHT LOGNORHl REVERSING POWER AMPLIFIER FAILURE CONSTANT t$ DROP DURING INSTALLATION ** CONSTANT t• OVERSPEED EVENT **

BASIC EVENT HEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION

•• OFF

GRPA 0.200E-05 10.0 LOGNORMl REVERSING POWER AMPLIFIER FAILURE OFF INITIAlF O.tOOE 01 0.000 CONSTANT ** DROP DURING INITIAL LIFT ** OVERSPED O.lOOE 01 0.000 CONSTANT ** OVERSPEED EVENT ** REHOVAL O.lOOE 01 0.000 CONSTANT ** REHOVAL or LOAD **

1 •••••••••••••••••••• DROP OF REACTOR VESSEl HEAD INCLUDING INITIAL LIFT -- DIABLO CANYON ••••••••••••••••••••

1..0 I

w w

TABLE 17 -- RANKING OF MOST IMPORTANT MIN CUT SETS REACTOR HEAD DROP (PLANT Y) (Continued)

1 ******************** DROP OF REACTOR VESSEL HEAD INCLUDING INITIAL LIFT FUSSELL-VESELY ~ASURE OF CUT SET I"PORTANCE <"EASURE OF SYSTE" UNAVAILABILTYJ

TOP EVENT PROBABILITY • 0.74164E-04 RANK I~ORTANCE

6 0.269£-01 CUT BET IJ NIN CUT SET PROBABILITY • 0.200£-05 BASIC EVENT NEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION INITIALF 0.100E 01 0.000 CONSTANT 88 DROP DURING INITIAL LIFT ** OVERSPED 0.100E 01 0.000 CONSTANT ** OVERSPEED EVENT** RE"OVAL O.lOOE 01 0.000 CONSTANT 88 RE"OVAL OF LOAD 88 SCR-"PA 0.200E-05 10.0 LOONOR"L SCR FAILURE TO "OTOR POYER A"PLIFIER

6 0.269£-01 CUT SET 14 "IN CUT SET PROIAIILITY • Oo200E-05 JASIC EVENT "EAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION DURINOLF O.IOOE 01 0.000 CONSTANT 88 DROP ABOVE INITIAL LIFT HEIGHT ** OVERSPED 0.100£ 01 0.000 CONSTANT 88 OVERSPEED EVENT 88 RE"OVAL 0.100£ 01 0.000 CONSTANT 88 RE"OVAL OF LOAD 88 9CR-"PA 0.200E-05 10.0 LOONOR"L SCR FAILURE TO "OTOR POYER A~LIFIER

6 0.269£-01 CUT SET 11 "IN CUT SET PROJAJILITY • 0.200£-05 JASIC EVENT "EAN PROBABILITY ERROR FACTOR DURINOLF O.tOOE 01 0.000 INSTALL 0.100E 01 0.000 OVERSPED 0.100E 01 0.000 9CR-"PA 0.200E-05 10.0

6 Oo269E-01 CUT SET 19 "IN CUT SET PROBAIILITY • 0.200E-05

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT 88 DROP AIOVE INITIAL LIFT HEIGHT ** CONSTANT 88 DROP DURING INSTALLATION ** CONSTANT ** OVERSPEED EVENT 88 LOONOR"L SCR FAILURE TO "OTOR POYER A"PLIFIER

BASIC EVENT "EAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION DURINOLF 0.100£ 01 o.ooo CONSTANT ** DROP ABOVE INITIAL LIFT HEIGHT 8t

••••••••••••••••••••

ORPA 0.200£-05 10.0 LOONOR"l REVERSING POWER A"PliFIER FAILURE OFF OVERSPED 0.100£ 01 o.ooo CONSTANT 88 OVERSPEED EVENT ** RE"OVAL 0.100£ 01 o.ooo CONSTANT 88 RE"OVAL OF LOAD 88

1 •••••••••••••••••••• DROP OF REACTOR VESSEL HEAD INCLUDING INITIAL LIFT -- DIABLO CANYON ••••••••••••••••••••

1.0 I

w ,j:::>

TABLE 17 -- RANKING OF MOST IMPORTANT MIN CUT SETS REACTOR HEAD DROP (PLANT Y) (Continued)

1 •••••••••••••••••••• DROP OF REACTOR VESSEL HEAD INCLUDING INITIAL LIFT -- . . FUSSELL-VESELY HEASURE OF CUT SET IHPORTANCE (HEASURE OF SYSTEH UNAVAILABILTY)

TOP EVENT PROBABILITY • 0.7~16~E-O~ RANK IHPORTANCE

7 0.421E-02 CUT SET 9 HJN CUT SET PROBABILITY • 0.312£-06 JASJC EYENT HEAN PROBABILITY ERROR FACTOR DURINOLF o.tOOE 01 OVERSPED O.tOOE 01 REHOVAL 0.100E 01 TR-GRPA 0.312E-06

1 0.421E-02 CUT SET 16 HIN CUT SET PROBABILITY • 0.312E-06

o.ooo o.ooo o.ooo

3.00

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT ** DROP ABOVE INITIAL LIFT HEIGHT ee CONSTANT ** OVERSPEED EVENT ee CONSTANT ** REHOVAL OF LOAD ** LOGNORHL TRANSFORHER FAILURE TO RPA

BASIC EYENT HEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION

....................

DURINGLF O.tOOE 01 0.000 CONSTANT ee DROP ABOVE INITIAL LIFT HEIOHT ee INSTALL O.lOOE 01 0.000 CONSTANT ** DROP DURINO INSTALLATION ** OVERSPED O.tOOE 01 0.000 CONSTANT ** OVERSPEED EVENT ** TR-GRPA 0.312E-06 3.00 LOGNORHL TRANSFORHER FAILURE TO RPA

1 0.421E-02 CUT SET 6 HIN CUT SET PROBABILITY • 0.312E-G6 BASIC EVENT HEAN PROBABILITY ERROR FACTOR DISTRIBUTION BABIC EVENT DESCRIPTION INITIALF O.tOOE 01 0.000 CONSTANT ** DROP DURING INITIAL LIFT ee OVERSPED O.tOOE 01 0.000 CONSTANT ** OVERSPEED EYENT ** REHOVAL O.tOOE 01 0.000 CONSTANT ** REHOVAL OF LOAD ee TR-GRPA 0.312E-06 3.00 LOGNORHL TRANSFORHER FAILURE TO RPA

9 0.229£-02 CUT SET 72 HIN CUT SET PROBABILITY • O.t?OE-06 BASIC EVENT HEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION BRAKE! 0,170£-0~ 10.0 LOGNORHL SPRING BRAKE 1 FAILS TO ENGAGE BRAKE2 O.lOOE-01 10.0 LOGNORHL SPRING BRAKE 2 FAILS TO ENGAGE DURINGLF 0.100E 01 0.000 CONSTANT ** DROP ABOVE INITIAL LIFT HEIGHT ** INSTALL O,tOOE 01 0,000 CONSTANT ** DROP DURING INSTALLATION ** OPHSOFF 0.100E 01 0.000 CONSTANT OPERATOR PLACES HASTER SWITCH OFF OVERSPED O.tOOE 01 0.000 CONSTANT 88 OVERSPEED EVENT **

1 ******************** DROP OF REACTOR VESSEL HFAD INCliJOtNr. INITIAL LIFT -- DIABLO CANYON ********************

1..0 I

w Ul

TABLE 18 -- RANKING OF MOST IMPORTANT MIN CUT SETS UPPER INTERNALS (PLANT Y)

1 ttttttttttt•******** DROP OF UPPER INTERNALS WITH INITIAL LIFT -- •••••••••••••••••••• FUSSELL-VESELY HEASURE OF CUT SEl IMPORTANCE <MEASURE OF SYSTEM UNAVAILABILTY) TOP EVENT PRO~A~ILITY • 0.91599E-O~ RANK IHPORTANCE

1 0.284E 00 CUT SET 4 HIN CUT SET PROBABILITY • 0.260E-04 BASIC EVENT HEAN PROBABILITY ERROR FACTOR IMPROPRC 0.260E-O~ 10.0 INITIALF O.lOOE 01 0.000 REMOVAL O.lOOE 01 0.000 STRUCTIL OolOOE 01 0.000

2 O.J09E 00 CUT SET 69 MIN CUT SET PROBABILITY c O,lOOE-0~ BASIC EVENT MEAN PROBABILITY ERROR FACTOR HANDSYSX O,lOOE 01 0,000 INITIALF O.tOOE 01 OoOOO INTERNST 0.100E-01 10.0 LOADHANG 0,100E 01 0.000 REMOVAL O.tOOE 01 0.000 RIGGERS 0.100E-02 10.0

2 O.l09E 00 CUT SET 70 MIN CUT SET PROBABILITY • O.IOOE-04 BASIC EVENT MEAN PROBABILITY ERROR FACTOR HANDSYSX O.lOOE 01 0,000 INITIALF 0.100E 01 0.000 INTERNST 0.100E-01 10.0 LOADHANG 0.100E 01 0.000 OPLOADHP O,JOOE-02 10.0 REHOVAL O.JOOE 01 0.000

J 0.727E-01 CUT SET 17 MIN CUT SET PROBABILITY = 0.666E-05 BASIC EVENT MEAN PROBABILITY ERROR FACTOR GENERAT~ 0.666E-05 INITIALF 0,100[ 01 OVERSF·ED 0.100[ 01 REMOVAL 0.100E 01

1 tt•ttttttttttttttttt DROP OF UPPER

to.o o.ooo o.ooo o.ooo

INTERNALS

DISTRIBUTION BASIC EVENT DESCRIPTION LOGNORML IMPROPER CONNECTION OF INTERNALS RIG · CONSrANT tt DROP DURING INITIAL LIFT tt CONSTANT tt REMOVAL OF lOAD tt CONSTANT tt STRUCTURAL FAILURE DURING INITIAL LIFT tt

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT HANDLING SYSTEM FAILURE GIVEN LOAD HANGUP CONSTANT tt DROP DURING INITIAL LIFT tt LOGNORHL INTERNALS STUCK IN PLACE CONSTANT tt LOAD HANGUP tt CONSlANT tt REMOVAL OF LOAD •• LOGNORHL BOTH RIGGERS HISREAD LOAD CELL

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT HANDLING SYSTEH FAILURE GIVEN LOAD HANGUP CONSTANT tt DROP (~lNG INITIAL LIFT tt LOGNORHL INTERNALS STUCK IN PLACE CONSlANT tt LOAD HANGUP tt LOGNORML OPERATOR CONTINUES TO HOIST DURING HANGUP CONSTANT tt REHOVAL OF LOAD tt

DISTRt~liTION BASIC EVENT DESCRIPTION LUGNOki1L OPEN CIRCUIT IN GENERATOR CUNSl AN r tt ltkOP [lURING INITIAL LIFT tt l:ON!:ll AN J tt OVERSPEEr• E. VENT U CONSJANT U REMOVAL OF LOA[I tt

WilH INITIAL LIFI -- OIABLO CANYON ••••••••••••••••••••

\.0 I

w ~

TABLE 18 -- RANKING OF MOST IMPORTANT MIN CUT SETS UPPER INTERNALS (PLANT Y) (Continued)

1 tttttttttttttttttttt DROP OF UPPER INT~S WITH INITIAL LIFT --FUSSELL-VESELY "EASURE OF CUT SET IHPORTANCE <"EASURE OF SYSTEH UNAVAILABILTYJ

TOP EVENT PROBAPILITY • 0.91599E-04 RANk IHPORTANCE

4 Ool41E-01 CUT SET 10 "IN CUT SET PROBABILITY • O.J12E-OS BASIC EVENT HEAN PROBAPILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION JNITIALF O.lOOE 01 0.000 CONSTANT tt DROP DURING INITIAL LIFT "OTOR-A OeJ12E-05 J,OO LOGNORHL OPEN OR SHORT CCT AHARATURE OVERSPED 0.100E 01 0,000 CONSTANT tt OVERSPEED EVENT tt REHOVAL 0.100E 01 0.000 CONSTANT tt REHOVAL OF LOAD tt

S Oo284E-01 CUT SET J HIM CUT SET PROBABILITY • 0.260E-05 BASIC EVENT HEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION

....................

.. HOIST HOTOR

ILFSTRCI 0.260E-05 10.0 LOONORHL STRUCTURAL FAIL INTERNALS LIFT DEVICE INJTIALF O.tOOE 01 0.000 CONSTANT tt ~ROP DURINO INITIAL LIFT tt REHOVAL 0.100E 01 O;OOO CONSTANT tt REHOVAL OF LOAD tt STRUCTJL 0.100E 01 0.000 CONSTANT tt STRUCTURAL FAILURE DURING INITIAL LIFT tt

6 0.218E-01 CUT SET 15 NIN CUT SET PROBABILITY • 0.200£-05 BASIC EVENT HEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION DURINOLF 0.100£ 01 0.000 CONSTANT tt DROP ABOVE INITIAL LIFT HEIOHT GRPA 0.200E-05 10.0 LOONORHL REVERSING POWER ANPLIFIER FAILURE INSTALL O.lOOE 01 0.000 CONSTANT tt DROP DURING INSTALLATION tt OVERSPED O.lOOE 01 0.000 CONSTANT tt OVERSPEED EVENT tt

6 Oe21BE-01 CUT SET B HIN CUT SET PROJAJILITY • 0.200E-05 9ASIC EVENT MEAN PROBABILITY ERROR FACTOR GRPA 0.200E-05 INITIALF O.lOOE 01 OVERSF'ED OelOOE 01 REMOVAL O.lOOE 01

1 tttttttttttttttttttt ~ROP OF UPF'ER

10.0 o.ooo o.ooo o.ooo

INTEI<NALS

DISTRIBUTION BASIC EVENT DESCRIPTION LOGNORHL REVERSING POWER AMPLIFIER FAILURE CONSTANT ** DROP DURING INITIAL LIFT tt CONSTANT tt OVERSPEED EVENT tt CONSTANT U RE.HOVAL OF LOAD U

WITH INITIAL LIFT -- DIABLO CANYON

•• OFF

OFF

••••••••••••••••••••

"' I w -.....)

TABLE 18 -- RANKING OF MOST IMPORTANT MIN CUT SETS UPPER INTERNALS (PLANT Y) (Continued)

1 aaaaaaaaaa•••••••••• DROP OF UPPER INTERNALS NJTH INITIAL LIFT --FUSSELL-VESELY HEASURE OF CUT SET IHPORTANCE CHEASURE OF SYSTEH UNAVAILABJLTY>

TOP EVENT PRO~A~ILITY • 0.91599£-0~ RANK IHPORTANCE

6 Oo218E-01 CUT SET 1J HIN CUT SET PROBAIILITY • 0.200E-05 BASIC EVENT HEAH PROBABILITY ERROR FACTOR INITIALF O.IOOE 01 0.000 OVERSPED 0,100£ 01 0.000 REHOVAL 0.100E 01 0.000 SCR-HPA 0.200E-05 10,0

6 0.218E-01 CUT SET 14 HIN CUT SET PROBABILITY • 0.200£-05

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT tt DROP DURING INITIAL LIFT aa CONSTANT tt OVERSPEED EVENT tt CONSTANT tt REHOVAL OF LOAD tt LOGNORHL SCR FAILURE TO HOTOR POWER AMPLIFIER

BASIC EVENT HEAH PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION DURINOLF 0,100E 01 0.000 CONSTANT tt DROP ABOVE INITIAL LIFT HEJOHT ta OVERSPED 0,100£ 01 0.000 CONSTANT tt OVERSPEED EVENT ta REHOVAL 0.100E 01 0.000 CONSTANT tt REHOVAL OF LOAD tt SCR-HPA 0,200E-05 10.0 LOONORHL SCR FAILURE TO HOTOR POYER AMPLIFIER

6 0.218£-01 CUT HIN CUT SET BASIC EVENT DURINOLF INSTALL OVERSPED SCR-HPA

SET 11 PROJAJILJTY • 0.200£-05

HEAN PROBABILITY ERROR FACTOR 0.100E 01 0.000 0.100E 01 0.000 0.100E 01 0.000 o.200E-05 10.0

6 o.218E-01 CUT SET 19 HIN CUT SET PROBABILITY • 0,200£-05

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT at DROP ABOVE INITIAL LIFT HEJOHT ta CONSTANT tt DROP DURING INSTALLATION at CONSTANT tt OVERSPEED EVENT tt LOGNORHL SCR FAILURE TO HOTOR POWER AMPLIFIER

~ASIC EVENT HEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION DURINGLF 0.100E 01 o.ooo CONSTANT tt DROP ABOVE INITIAL LIFT HEIGHT **

••••••••••••••••••••

GRPA 0.200£-05 10.0 LOGNORHL REVERSING POWER AHPLIFIER FAILURE OFF OVER SPED o.tOOE 01 o.ooo CONSTANT tt OVERSPEED EVENT ta REHOVAL 0.100E 01 o.ooo CONSTANT tt REHOVAL OF LOAD tt

1 •••••••••••••••••••• [IROP OF UPPER INTERNALS WITH INITIAL liFT -- DIABLO CANYON ••••••••••••••••••••

1..0 I

w 00

TABLE 18 -- RANKING OF MOST IMPORTANT MIN CUT SETS UPPER INTERNALS (PLANT Y) (Continued)

1 ******************** DROP OF UPPER INTERNALS WITH INITIAL LIFT --FUSSELL-VESELY MEASURE OF CUT SET IMPORTANCE <MEASURE OF SYSTEM UNAVAILABILTY)

TOP EVENT PROPAPILITY • 0.91599E-O~ RANK IMPORTANCE

7 0.341E-02 CUT SET 9 MIN CUT SET PROBABILITY • O.Jt2E-06 PASIC EVENT HEAM PROBABILITY ERROR FACTOR DURINOLF 0.100E 01 0.000 OVERSPED 0.100E 01 0.000 REMOVAL O.lOOE 01 0.000 TR-ORPA O.J12E-06 J.OO

7 0.341E-02 CUT SET 16 MIN CUT SET PROIAIILITY • Oo312E-06

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT ** DROP ABOVE INITIAL LIFT HEIGHT ** CONSTANT aa OVERSPEED EVENT aa CONSTANT at REMOVAL OF LOAD ** LOGNORML TRANSFORMER FAILURE TO RPA

BASIC EVENT HEAN PROBABILITY ERROR FACTOR DISTRIBUTION BASIC EVENT DESCRIPTION DURINGLF O.lOOE 01 0.000 CONSTANT ** DROP ABOVE INITIAL LIFT HEIGHT ** INSTALL 0.100E 01 0.000 CONSTANT aa DROP DURING INSTALLATION aa OVERSPED 0.100E 01 0.000 CONSTANT aa OVERSPEED EVENT ** TR-GRPA O.J12E-06 J.OO LOGNORML TRANSFORMER FAILURE TO RPA

7 O.J41E-02 CUT SET 6 MIN CUT SET PROJAIILITY • 0.312E-06 BASIC EVENT HEAN PROBABILITY ERROR FACTOR INITIALF Oe100E 01 0.000 OVERSPED 0.100E 01 0.000 REMOVAL 0.100E 01 0.000 TR-GRPA O.J12E-06 J,OO

8 o.t86E-02 CUT SET 72 MIN CUT SET PROJAJILITY • 0.170E-06 BASIC EVENT MEAN PROBABILITY BRAKE! 0.170E-O~ BRAKE2 O.tOOE-01 DURINGLF 0.100E 01 INSTALL O.lOOE 01 OPHSOFF 0,100[ 01 OVERSPED 0.100E 01

ERROR FACTOR 10.0 10.0

o.ooo o.ooo o.ooo o.ooo

1 attaaatttttttttttttt DROP OF UPPER INTERNALS

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT aa DROP DURING INITIAL LIFT ** CONSTANT ** OVERSPEED EVENT ** CONSTANT tt REMOVAL OF LOAD ** LOGNORML TRANSFORMER FAILURE TO RPA

DISTRIBUTION BASIC EVENT DESCRIPTION LOGNORHL SPRING BRAKE 1 FAILS TO ENGAGE LOGNORHL SPRING BRAKE 2 FAILS TO ENGAGE CONSTANT at DROP APOVE INITIAL LIFT HEIGHT aa CONSTANT tt DROP DURING INSTALLATION aa CONSrANT OPERATOR PLACES MASTER SWITCH OFF CONSTANT ta OVERSPEED EVENT 8t

WITH INITIAL LIFT -- DIABLO r.ANYON

••••••••••••••••••••

••••••••••••••••••••

TABLE 19

ANNUAL FREQUENCY OF LOAD DROP SCENARIOS (PLANT Y)

Scenario Lift Phase Head

Load Hangup Initial 2.0 X 10-5

Overspeed Initial 1.4 X 10-5

Structural Failure Initial 2.6 X 10-6 Of Rig (I)

Structural Failure of Initial 8.5 X 10-6 Crane System (2)

Total Structural Initial 1.1 X 10-5 Failure (1) + (2)

Overspeed After Initial 2.9 X 10-5 Lift (removal and installation)

9-39

Internals

2.0 X 10-5

1.4 X 10-5

2.9 X 10-5 (including improper connection)

Insignificant

2.9 X 10-5

2.9 X 10-5

TABLE 20

ANNUAL FREQUENCY OF LOAD DROPS (PLANT Y)

Lift Phase

Initial Lift Phase

After Lift (Removal and Installation)

Total (All Three Lift Phases)

Annual Frequency of Reactor

Vessel Head Drop

4.5 X 10-5

2.9 X 10-5

L = 7.4 X 10-5

9-40

Annual Frequency of Upper Internals

Drop

6.3 X 10-5

2.9 X 10-5

L = 9.2 X 10-5

TABLE 21

PROBABILITY OF LOAD DROP PER LIFT (PLANT X) WITH INCLUSION OF MAGNEGUARD CIRCUIT

MEAN (90% CONFIDENCE INTERVAL)

Reactor Head

Separator

Cask Operating Floor

Cask S.E. Equipment Hatch

Recirculation Pump Motor N.E. Equipment Hatch

NOTES

Top Event Probability Per Lift Including Initial Lift

1.2 X 10-4 L (2.6 X 10-5, 2.6 X 10-3)

1.6 X 10-4 L (7.8 X 10-5, 1.1 X 10-3)

1.3 X 10-5 S (5.0 X 10-6, 1.1 X 10-4)

N/R

N/R

Top Event Probability Per Lift Above Critical Lift Height

3.2 X 10-6 S (1.5 X 10-6, 3.2 X 10-5)

2.2 X 10-6 S (4.6 X 10-7, 2.5 X 10-5)

2.3 X 10-6 (6.6x10-7, 1.8 X 10-5)

2.3 X 10-6 (6.6 X 10-7, 1.8 X 10-5)

2.3 X 10-6 (6.6 X 10-7, 1.8 X 10-5)

L means Load Hangup Events dominate probabilistically S means that Structural Failure Events dominate probabilistically N/R means not relevant

9-41

TABLE 22

MEAN PROBABILITIES OF VARIOUS SEPARATOR DROP SCENARIOS PER LIFT WITH MAGNEGUARD CIRCUIT

(PLANT X)

LOAD DROP SCENARIO

Drop During Initial Lift

Load Hangup Event

Structural During Initial Lift

Drop Above Critical Lift Height

Two Blocking Event

Overspeed Event

Structural Failure Above Critical Lift Height

9-42

MEAN PROBABILITY

1.6 X 10-4

1.0 X 10-4

6.0 X 10-5

2.2 X 10-6

5.0 X 10-8

5.2 X 10-11

NIL

1..0 I ~ w

TABLE 23 -- RANKING OF MOST IMPORTANT MIN CUT SETS FOR THE SEPARATOR DROP (WITH MAGNEGUARD CIRCUIT) PLANT X

•• .. •••••••••••••••• SEPARATOR DROP INCLUDINO INITIAL LIFT BEST ESTIMATE -- ••••••••••••••• FUSSELL-VESELY MEASURE OF CUT SET IMPORTANCE <MEASURE OF SYSTEM UNAVAILABILTYl

LlMlTINO SYSTEM UNAVAILABILITY• 0. 162E-03 RANK 11'1PORTANCE

l 0. 619E 00 CUT SET :!6 BASIC EVENT PROOADILITY HANDSYSX 0. lOOE 01 INITIALF 0. tOOE 01 LOADHANO 0. lOOE 01 OPHOISTL 0. lOOE-01 SEPSTUCK 0 lOOE-01

2 0.31~E 00 CUT SET 7 BASIC EVENT PROBABILITY lNITlALF 0. lOOE 01 SPSLINCI 0. 510E-04 STRUCTI 0. tOOE 01

3 0.~26E-01 CUT SET ']

BASIC EVENT PROBABILITY lNlTIALF 0. lOOE 01 RDCRANEI 0.8"iOE-O~

STRUCTI 0. lOOE 01

4 o. 10~-o1 CUT SET 6 BASIC EVENT PROBABILITY DURINCLF 0. lOOE Ol RBCRANEA 0. 170E-05 STRUCTA 0. lOOE 01

S O.:JME-02 CUT SET 20 BASIC EVENT PROBABILITY DURINCLF 0. lOOE 01 OEARLSCL 0.500E-02 HBLSCLOS 0. tOOE-01 OPHOIST2 0. lOOE-01 TWODLOCK 0. lOOE 01

ERROR FACTOR 0.000 0.000 0.000

10.0 0.000

ERROR FACTOR 0.000 0 000 0.000

ERROR FACTOR 0.000

10.0 0.000

ERROR FACTOR 0.000

10.0 0.000

ERROR FACTOR 0.000 2.00 10.0 10.0

0.000

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT HANDLINO SYSTEM FAILURE OIVEN LOAD HANOUP CONSTANT ••DROP DURINO INITIAL LIFT•• CONSTANT ••LOAD HANGUP EVENT•• LOCNORML OPERATOR CONTINUES TO HOIST DURINO HANOUP CONSTANT SEPERATOR INITIALLY STUCK IN PLACE

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT ••DROP DURING INITIAL LIFT•• CONSTANT SEPERATOR SLINO FAILURE INITIAL LIFT CONSTANT ••STRUCTURAL FAILURE INITIAL LIFT••

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT ••DROP DURINO INITIAL LIFT•• LOGNORML STRUCTURAL FAILURE CRANE INITIAL LIFT CONSTANT ••STRUCTURAL FAILURE INITIAL LIFT ..

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT ••DROP ABOVE CRITICAL LIFT HEIGHT•• LOGNORML CRANE FAILURE ABOVE CRITICAL HEIGHT CONSTANT ••STRUCTURAL FAILURE ABOVE CRITICAL HEIOHT••

DISTRIBUTION BASIC EVENT DESCRIPTION CONSTANT ••DROP ABOVE CRITICAL LIFT HEIOHT•• LOGNORML GEAR LIMIT SWITCH CONTACTS FAIL TO OPEN LOCNORML HOIST BLOCK L-S CONTACTS FAIL TO OPEN LOGNORML OPERATOR CONTINUES TO HOIST DURINO TWO BLOCMINO CONSTANT ••TWO BLOCKINO EVENT••

APPENDIX A

CRANE TERMINOLOGY

The following definitions are terms which are peculiar to the crane industry. (Refer to Fig. A-1.)

AUXILIARY HOIST - A supplemental hoisting unit consisting of motor, coupling, brakes, gearing, drum, ropes, and block to handle lighter loads at faster speeds than provided for the main hoist.

BOTTOM BLOCK - The assembly of hook, bearing, sheaves, pins, swivel and frame suspended by the hoisting ropes.

BRIDGE - That part of a crane consisting of girders, walk, railing, shafting, drive, and trucks which carries the trolley(s) and travels in a direction parallel to the runway railings.

BRIDGE COLLECTOR Contacting device mounted on the bridge for collecting current from the conductor system mounted on crane runway.

BRIDGE CONDUCTOR - Wires, angles, bars, tees, or special sections mounted on the bridge to transmit current to trolley collectors.

BRIDGE DRIVE - Motor, couplings, brake and gear case(s) to propel bridge.

BRIDGE TRUCK Assembly consisting of wheels, bearings, axles and structural frame supporting bridge girders.

CONTROLLER - A device for regulating in a predetermined way the power delivered to the motor or other equipment.

COUNTER TORQUE - A method of control by which power to the motor is reversed to develop torque in the opposite direction.

DRIVE GIRDER - Front girder on which is mounted the bridge drive, cross­shaft, walk, railing, and usually the operator's cab.

DRUM - The cylindrical member around which the ropes are wound for raising or lowering the load.

DYNAMIC BRAKING - Methods of control in which the motor is connected such that then it is overspeeded, it acts to provide retarding power.

END TRUCK - (See Bridge Truck).

A-1

EQUALIZER - A device which compensates for unequal length or stretch of a hoist rope.

HOLDING BRAKE - A brake that automatically prevents motion when power is off.

HOIST - An apparatus which is part of the crane, exerting a force for lifting or lowering a load.

IDLE GIRDER - Back girder with no drive machinery.

LEFT HAND END - Reference to parts on the viewer's left of centerline of span when facing the drive girder of the crane.

LIFT - Maximum safe vertical distance through which the hook can travel.

LIMIT SWITCH - A switch, whose contacts are part of a control circuit, which trips open and prevents crane movement when the crane is in an unsafe position. Prevents events such as a two-blocking event.

LOAD - The total superimposed weight on the bottom block.

LOAD BLOCK - The assembly of hook, swivel, bearing, sheaves, pins, and frame suspended by the hoisting ropes.

MAIN HOIST - A hoisting unit consisting of motor, coupling, brakes, gearing, drum, ropes, and block to handle maximum rated loads.

OPERA TOR'S CAB - The operator's compartment from which movements of the crane are controlled.

PENDANT - Remote control panel which also controls movement of the crane.

RATED LOAD - The maximum load for which a crane or individual hoist is designed and built by the manufacturer and shown on the equipment nameplate.

REGENERATIVE - A form of dynamic braking in which the electrical energy is fed back into the power system.

RIGHT HAND END - Reference to parts on the viewer's right of centerline of span when facing the drive girder of the crane.

RUNNING SHEAVE - A sheave which rotates as the load block is raised or lowered.

RUNWAY - The assembly of rails, girders, brackets, and framework on which the crane operates.

SPAN - The horizontal distance center to center of runway rails.

A-2

STOP - A device to limit the travel of a trolley or crane bridge.

TROLLEY - The unit consisting of frame, trucks, trolley drive, and hoisting mechanism moving of the bridge rails in a direction at right angles to the crane runways.

A-3

Figure A-1 Overhead Crane

A-4

APPENDIX B

WIRING DIAGRAM AND CONTROL

CIRCUIT DESCRIPTION (PLANT X)

• -10 ...ulli!...~

-JI- 12- 13 - 14 -15 - 16 - 17

I.IMI,. $W

rJ A

D

I~ F

~~ '

I~ H

K

li ·~ HARNISCHFEGER P•H ............... -"' .. ~ --------------

'"' Wt~lt\JC. \'lo\~c:t ~"'\

~~'"~0l~ft'71~7·'~·~~ 10 11 u 14 15 . 16 17

FIG. B.l WIRIN~ DIAGRAM

B-1

B-2

! I

FIG. B.3 -- CONTROL CIRCUIT DESCRIPTION

..._ ___ ..._ ____ HARNISCHFEGER

B- 3

TABLE OF CONTENTS

OPERATION. . . . . General . . . . . . Hoist Motion Traverse Motions . . .

CONTROL SYSTEM COMPONENTS

General Wound Rotor Induction Motor • Motor Brake Saturable Reactor • MAGNETORQUE Load Brake Induction Master

. . . . . . . . . .

. . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . Silicon Controlled RecWiers • Magnetic Amplifier Module Frequency Detector Module Anti-Hunt Module •

. . . .. Plugging Module

'INITIAL mBTALLATION ADJUSTMENTS .•

General Preadjusbnent Inspection Holst Motion Control Adjustment Traverse Motion Control Adjustment

TROUBLE SHOOTING •

General Procedures • Checking SCR's •

. . . . . .

. . . . .

B-4

. ' .

. . . . . .

. . . . . . .

1

1 1 2

4 4 4 4 5 5 9 9

13 15 15

16

16 16 16 18

19

19 20

OPERATION

OPERATION

GENERAL

This man:1al describes the operation, components, adjustments, and maintenance of the AC Static Stepless MAGNETORQUE® Control for hoist motions, Bulletin 565, and the Re\'ersing-Plugging Control for traverse motions, Bulletin 564. The operation of the hoist mo­tion control is somewhat different than the operation of the traverse motion control. For that reason the oper­ation of each control system is described separately below.

The operation and maintenance of the crane is co\'er~d in a sepz.rate instruction manual furnished with the crane.

HOIST MOTION

GENERAL. The MAGNETORQUE Hoist Control pro­vides stet:less control of the hoist speed with any load from no-load to full-load. This is accomplished through the co-orcinated control of saturable reactors in the wound rotor motor secondary circuit, and a MAGNE­TORQUE load brakE' coupled to the motor shaft. The MAG~ETORQUE load brake allows the operator to obtain \'ery slow speeds with overhauling or light loads.

DESCRIPTION. Figure 1 is a simplified block diagram of the MAGNETORQUE Hoist Control system. The operator moves U:e induction master handle from its centered OFF position in either the HOIST or LOWER direction. This initial movement of the induction master handle closes a contact in the induction master, which actu:..tes a reversing contactor to connect the motor primary to line voltage, thereby determining the direct.:.on of motor rotation. Further movement of the induction master handle produces a proportionate increase ~'1 tht> induction master AC output voltage, 'W.•hich represents the speed the operator desires the motor to run. This AC voltagt> after being rectified in a section of the Frequency Detector Module is applied to the magnetic amplifier as the DC Speed Reference Signal.

The Frequency Detector Module input is connected across the secondary of the wound rotor motor, and

B-5

produces a DC output proportional to the rotor fre­quency, which in turn is proportional to motor slip and inversely proportional to nwtor speed. This DC output, like the S};eed Reference signal is applied to the magnetic amplifiers as the Speed Feedback Signal.

The Speed Reference and Speed Feedback Signals, along with internal bias and Anti-hunt signals are compared in the two magnetic amplifiers. One mag­netic amplifier provides the gate control signals for the reactor SCR supply (for motoring), while the other magnetic amplifier provides the gate control signal for the MAGNETORQUE load brake SCR supply (for braking). The output of each magnetic amplifier is determined by the net resultant of its control signals. The two magnetic amplifiers are interconnected to function as a single unit, similar to a push-pull amplifier.

The reactor amplifier furnishes excitation to the saturable reactor when drive speed is less than that selected by the operator and in a magnitude pro­portional to the degree of difference or error. Similarly, when drive speed is greater than se­lected the MAGNETORQUE load brake is excited. The saturable reactors and MAGNETORQUE load brake are not excited simultaneously under nominal loads, and motor current is minimum when driving light and overhauling loads, regardless of speed.

When the induction master handle is returned to its centered OFF position, the control signals turn the reactor magnetic amplifier full OFF and the MAGNE­TORQUE load brake magnetic amplifier full ON in order to provide maximum braking to stop the motion. When the motion has stopped, the off-position circuit a.:ts to reduce the excitatic.n current in the MAGNE­TORQUF.. load brake circuit to minimize heating of the brake, and to reduce the power consumption. However, sufficient MAGNETORQUE load brake excitation cur­rent is maintained so that a load will lower at a safe speed if the motor brake fails to hold.

1

LINE SUPPLY '/

MAINLINE DISCONNECT

I BRANCH

CIRCUIT FUSE!i

REVERSING CONTACT OR

MOTOR BRAKE ~

..._I"""" 4-. r--'

BRAKE RKTIFIER

OPEUTION

WOUND ROTOR MOTOR MAGNETORQUE LOAD BRAKE

-, r t ' ,. ~ C(

i 0 z .. f 0 u

·~ ~~ II'

... 1""1111 .. 1--.., r----L--~1 r ~ r-._1~---..,

AC SPEED FEEDBACK RESISTOR

& REACTORS

ANTI-HUNT MODULE

INDUCTION MASTER

FREQUENCY DETECTOR MODULE

·~ SCR

SUPPLY

... MAGNETIC AMPLIFIER MODULE

·~ .. --t

g _, C( z C> in

~ 7 ~ <

RESISTOR

4~

~ _, C(

SCR I z C> ' SUPPL V in

z ::> :X: .... I

·~ C(

MAGNETIC AMPLIFIER MODULE

4· ~ ·~

Figure 1. Block Diagran1, Hoist Control

1RA VERSE MOTIONS

The control system used on traverse motions is the AC Static SteplE'SS Rev~rsing- Plu~ging Control. From Figure 2, It can be seen that this control system is similar to the hoist motion control system, except that the MAGNETORQUE load brake and related components are omitted. This control system oper­ates to control motor speed during normal operation and motor torque during plugging. As was the case·. lith the hoist motion control system, moving the in­.uction master handle (or depressing the induction

pushbutton) from the OFF position closes a direction contact in the induction master. This in turn operates

2 B-6

a reversing contactor to apply power to the motor, and establish its direction of rotation.

The Rectified Speed Reference Signal from the induc­tion master and the speed feedback signal from the frcq'..lency detector are compared in the magnetic amplifier. When the motor speed is less than that called for by the induction master, the saturable reactor is excited to increase motor current and torque, resulting in an increase 'in n1otor speed. U the motor speed is greater than that called ior by the induction master (as when the induction master has been mcved quickly toward the "OFF" position), the magnetic amplifier shuts off the saturable reactor

OPERATION

LINE SUPPLY y MAINLINE

DISCONNECT

j_ II RANCH

CIRCUIT FUSES

I REVERSING

CONTACT OR

I iii~ z 0

~ c.:

...,.. r-... o AC MASTER G""'c} __ __;;;;,~ REFERENC+

INDUCT! ON ,...F-R-EQ--L.UE_N_C_Y_D_E_T...IEC._T_O_R....,

MASTER MODULE

.... ...

MOTOR BRAKE ,...---

~-,......~ ~~

BRAKE RECTIFIEP.

AC SPEED FEEDBACK

~·

PLUGGING MODULE

~,.

WOUND ROTOR MOTOR

r ~ ~I ~ tS i z ii 0 CL. ~

.4~ VI, J

RESISTOR &

REACTORS

.4~

l SCR I SUPPLY

. ilir.

MAGNETIC AMPLIFIER MODULE

I

Figure 2. Block Diagram, Traverse Control

current, reducing motor torque to a minimum. The drive ·will then coast. If it is desired to slow the mot.ion rapidly, the drive can be plugged. Plugging is energizing the motor in the direction opposite to the direction the motor is running for braking pur­poses.

A plugging module is incorporated in the control cir­cuit to improve pluggin~ characteristics. The input signal to the plugging module is proportional to motor secondary current and approximately pro­portional to motor torque. When the motor is plugged, ·· the control system automatically switches from speed regulation to torque regulation. During plugging, the motor torque is proportional to the induction ma.ster

B-7

position. Thus the operator can control the plugging torque over the full range from minimum to maximum. Not only is the torque exerted proportional to the in­duction master position, but it is regulated or held constant at that value as the drive decelerates.

Tl.e secondary circuit of t11e motor is so designed that there is sufficient fixed resistance to protect the motor against excessive currents, even during ma.ximum plugging effort.

As soon as the motor comes to rest and starts to reverse, speed regulation takes over in the running direction.

3

CONTROL SYSTEM COMPONENTS

CONTROL SYSTEM COMPONENTS

GENERAL

The following is a brief discussion of the major com­ponents of the AC Static Stepless Control System.

WOUND ROTOR INDUCTION MOTOR

The wound rotor induction motors normally supplied for crane applications are either totally enclosed non-ventilated (TENV) or totally enclosed fan-cooled ('I'EFC). In the latter case, a fan is mounted axially on the motor shaft, forcing air over the frame of the totally enclosed motor. The use or these motors pro­vide complete protection against the severe environ­ments found in o1any crane applications.

''he motors furnished on P&H cranes are designed ..., NEM A stand.ud mounting dimensions. They are rugged, reliable units designt>d especially for crane aervice. The horsepower and duty ratings, as well as, the class of insulahcn used are carefully matched to the requirements or each application.

As the name implies, these machines have secondary or rotor windings. These windings are carried to

_ external terminals through slip rings. By t'onnecting a variable impedance to the motor secondary (in this case resistors and a saturable reactor), the speed­torque characteristics of the motor can be controlled over a wide range.

Specific instructions lor the maintenance of the motors are given in the instruction manual furnished with the crane.

MOTOR IRAKE

Three basic types of motor brakes are used on elec­tric overhead cranes. They are the spring applied­magnetically released electric brake; the hydraulically applied-spring released hydraulic brDke; and the electric-hydraulic brake which combines the functions of the electric brake and the hydraulic brake. The hydraulic and electric-hydraulic brakes are normally us~d with the traverse motion (bridge or trolley) w~1ch carries the operator's cab so that it is relatively ·1mple to connect the hydraulic line required for .rak~ operation. The electric-hydraulic bra~e has the

ad\'antage c..f acting as an t:lectric: parking brake as well as a hydraulic service brake,

B· [B

The spring applied electric brake sen•es as the hold­ing brake on hoist applications. Specific instructions for the maintenance of the brakes are furnished with each crane.

Since these brakes are friction de\'ices, wear· and beating are associated with their use. With many older types of control, excessive brake lining wear and heating was a problem. With the MAGNETORQVE Control this problem is eliminated. The MAGNE­TORQUE load brake applies braking torque to the motor before the motor brake sets, and continues to apply braking torque until the motion stops, This action occurs regardless of the speed with which the operator returns the induction master handle to the OFF position.

SATURABLE REACTOR

The saturable reactor is a device, similar in appeaJ·­ance and reliability to a transformer, which is used to control the amount of power delivered to an AC load. It consists of AC coils whose impedance \'aries as a function of the control current flowing in its DC control coil.

Figure 3 illustrates the basic construction, The flux due to current in the AC load coils flows through the outer legs but cancels out in the center leg, hence no AC voltage is induced in the control coil center

AC LOAD COIL

DC DC CONTROL COIL

+ WINDING-

Figure 3. Schematic Diagram. Saturable Reactor

CONTROL SYSTEM COMPONENTS

leg. The DC nux produced by the current in the con­trol coil flows through both iron cores. The current which flows in the AC load coils is directly propor­tional to the DC control current. This relationship holds with increasing control current until the load current is limited by the load impedance itself, at which time the reactor saturates and increasing the control current cannot further increase the load current.

MAGNETORQUE LOAD BRAKE

Figures 4 and 5 show the construction and character­istics of the MAGNETORQUE load brake. It is a silnple, rugged device that consists of an iron rotor mounted inside a stationary field aS'Sembly. The rotor is supported on anti-friction bearings so that very little maintenance is required. The field assembly consists of coils and an iron structure arranged in such a way that, when direct current flows through the coils, alternate magnetic poles are produced in the iron structure. That is, a north poles next to a south pole and so on. When the iron rotor moves past the stationary poles, alternate fields are induced in the rotor, causing eddy currents to flow in the rotor. The interaction of the stationary fields and the fields induced by the eddy currents in the rotor produce retarding torque.

The braking energy produces heat in the rotor and this is dissipated as air is drawn past the rotor fins. Since thE-re is no mechanical friction involved, there is no abrasion of either the rotor or stationary field, and the brak£: torque is not effected by normal en­vironmental conditions of temperature and humidity. All electrical connections are made to the field, thus eliminating the need for slip rings.

IRON STRUCTURE

IIU

Figure 4. Typical MAGNETORQUE Loa.d Brake

B-9

I i

SPEED

Figure 5. MAGNETORQUE Load Brake Speed - Torque Characteristics

INDUCTION MASTER

The induction master is shown diagrammatically in Figure 6. It performs two separate functions in the

SECONDARY COIL PRIMARY COIL

STATOR

ROTOR

Figure 6. Induction Master (Off Position)

5

t=;.;. !.

~I~ -·· r ., .• ·~/· 'J.J!JJ~

; I

1 . ~ 1 .

CONTROL SYSTEM COMPONENTS

"·~ .··:t

~ .... n,..·-=-· --·.-WI

Figure '1. Types or Induction Masters

operation of the control system. First, the contacts operated by a cam on the shaft of the imluction master actuate the reversing contactors. Second, it furnishes a continuously variable AC voltage which increases linearly as the handle is moved from the centered OFF position. This signal, \l,rhen rectified to DC is used as the Master Reference Signal.

Figure '1 illustrates the types of induction masters used with Secondary Reactor Stepless Control Systems.

The following description refers to figures 8 and 9. Contact SO is a part of SIR master (not a part of the push button master). It is closed only when the induc­tion master handle is in the of! position. If power is applied to the crane with the induction master handle in the on position, control system operation cannot begin until thE' induction master handle has first been returned to the OFF position. The samf:' pro­tection against unexpected starting is obtamed when ·the power fails with the induction master handle in the on position.

doth types or induction masters function as a variable transformer with both the primary and flecondary windings on the stator. The position of the spht rotor determines the magnetic coupling between the

6 B-10

windings. This provides a variable voltage signal without slip rings or contacts or any kind. See Figure 6.

Movement or the induction master handle from the OFF position to the "just ON" position opens con­tact SO and closes either contact Sl or 52, depend­ing on the direction of handle movement. The closed contact (51 or S2) energizes the coil (H or L) of the corresponding reversing contactor, thus connecting the drive motor primary to line voltage.

This "just ON" position of the induction master is called the "first point" position. The operated con­tact (Sl or 52) remains closed in any position of the induction master handle beyond the "first point" position.

On lever operated induction master, a detent mechan­ism indicates the OFF position and the "first point" position on each side of the OFF position. This detent mechanism, together with the mechanical stops at each end of the induction master handle travel, make it easy for the operator to locate the minimum and maximum speed positions.

lJj I

f-l f-l

~

I

BRANCH FUSES

UNE SUPPlY U ... -lL -l~

F-"'fF==I~

t::::l l=:::l 1-

MOTOR WOUND ROTOR MAGNETORQUE

BRAKE MOTOR LOAD BRAKE I ~" urHur DRAKE 1--­

RECTIFIER I

r--tflflr

Ef]·.::t r· - _:_--,

tl-f~ ...---- O.L.

.. 11 H3 H2 H4 ANODE ~ TRANSFORMER

H ~ ' I yi~-.-+-""-X~- '---­

'----){.

~ 1 I l(ff: ·~~

L O.l.

Fl F2

~--;::---1 0 .l. 0 .l. s:o. - I Jf JF HOIST LOWERi l

~·"I JF@-Sl

S2 ' I H tl IIJF@-cPt _ _LCP2'

i I' :\ ' 'i REVERSING CONTACTOR

@ MASTER SIGNAl

A ___,;;.,__., 1 -

r-t...;.;=_...-02 +

l@'M BIAS

~ 1 2 2 3 F2 o 3 4 4 so .5 0 6o 6 o RED 7 M2 7

lo 8 o 90 9 0 BLACK

100 10 110 11 0

o3 120 CONNECT 12 0 WHITE

79U62 FOR FREQUENCY PROPER MOTOR DETECTOR SECONDARY MODULE VOLTAGE

79U61 (M) MAGNEriC AMPliFIER

MODULE

Figure 8. Schematic Diagram, MAGNETORQUE Holst Control

~··~

4 @ to-i---s R 2

716 @3 M

ANTI-HUNT MODUlE 100E4225

I~' ~ R@M F4 0~ BIAS

4 s 0

RED _6 0

R87 7

RBS R89

I :BlACK _, 1l

0 WHITE rtm 12 0

79U61 (R}

MAGNETIC AMP[IFIER MODUlE

, 0 z ... "" 0 ... .,. -< ... ... ... !: n 0 !: ., 0 z ... z ... ...

CD

IJj I ~

rv

i - - I L. .-.J MOTOR WOUND ROTOR r· ,.:=1

BRAKE MOTOR 1 • 1 LINE SUPPLY r== [P M4

1

r • _ 1

ll l2 l3 h( ~ '-- , --' / f\.. ~ tL r'-_.....,.......

--1-I-IH-+-t-,~ Hl H3 H2 H4

!RANCH ~ ~ !, r.:~~~~~ER ~~1~~~ FUSES 'i ';[ NOT USED .lf F1 ~. ~ ~ ~ ~ ~

PLUGGING MODULE 100E4287 _

I::; b; ~t-ot o.t. ,..ro2 r,;... ,

~-----. 4+ M2 3 & • ~· > .J~ ..Y"- M4 4 SENSITIVITY ~~ 7 1'- ~> '---+--~ ~ RB12 _... 5 POT. _j~ RBll 6 L-------+--/~~~F • L---------~

Fl F2 • /vF~~ +--4-------, O.l.O.L ~ O.l. I I

~ -:IF JF Yt- , r.::. •1<>-f-l FWD REV It 'L: It J I & 2o-l- RB9

n {~ -{!)- _j MASTER ! RBIO "• '-f-<> 1 ~M 51 , ·--- SIGNAL " --2 ~ , j f.._ __fa\__. REVERSING So F2

0 3

BIAS :: 1 ~ ~ CONTACTOR 6~ M2 -

4 0 52 .____ 7 -s o RED

Cl'T_ L CP2 ,_ • Bo Ll- 6 V R88 I'- 90 C: -

1 100 I- -~· 0 11lACk CSl ._f-o 2 110

13 f-o 8 o • ( RB7 · f-A - 9

j ' F'-i-<>3 120 -10 • 'l J RB1l ~

0 WHITE

19U62 n 4 CS2 FREQUENCY RB12 _.. 12

.__t-· DETECTOR MODULE LMA..:...:G;.::N_ET_IC_A_M-Pl-1-FI-'ER

{R) 79U61

Figure 9. Schematic Diagram, Traverse Control

ft 0 z ~ ,. 0 .. .. ~ .,. ~ ... ~ n 0 ~ .. 0 z ... z ~ .,.

CONTROL SYSTEM COMPONENTS

In order to always hoist full load when in the first point HOIST position, the hoist induction master has its rotor positioned to give a slightly higher signal when in the first point HOIST position. With traverse motion controls, the output signal is symmetrical about the OFF position.

SILICON CONTROLLED RECTIFIERS

The DC excitation for both the saturable reactors and the MAGNETORQUE load brake is supplied by 1111ilicon control rectifiers (SCR's). Figure 11 illustrates aiJ SCR and the electrical symbol for an SCR. The appearance of the assemblies and the individual SCR's varies between units of various size as well as those produced by different manufacturers.

The operation of the silicon controlled rectifier is described in detail in the following paragraphs.

Like a rectifier, the silicon controlled rectifier always blocks current flow in the reverse direction. However, unlike a rectifier, it also blocks in the forward di­rection until a positive gate signal voltage, with re­spect to the cathode, is applied. When the gate signal causes the rectifier to conduct or "fire", it will con­tinue to conduct even if the gate signal is removed until the anode current ialls to nearly zero. With the AC anode supply, this occurs as the supply voltage goes through zero and reverses. The silicon controlled rectifier rate should never have an appreciable nega­tive voltar;e applied.

To ensure consistent firing in this control system the gate signal has a steep wave front. Figure 10 shows the relation between anode supply voltage, anode current, and gate signal. The gate signal is supplied by the magnetic ampli.!iers.

MAGNETIC AMPLIFIER INPUT

MAXIMUM ANODE CURRENT

GATE SIGNAL. FOR LARGE CONDUCTION ANGLE

Figure 10. Silicon Controlled Rectifier Wave Forms

B-13

CATHODE

ANODE

Figure 11. Typical Silicon Controlled Rectifier

The silicon controlled rectifier is a relatively small device, with little thermal inertia. It is very efficient with a forward voltage drop, when conductin~, of ap­proximately one volt and a reverse current of a few milliamperes. The heat produced by these losses is conducted away by the heat sink (metal plate) to \\'hich it is attached. Precautions zr.ust be observed, when connecting or checl~ing, that the anode current does not exceed rated values, or the SCR will be destroyed.

When correctly connected, the load impedance will limit the anode current to a safe value when the rectifiers are firing· full ON. The SCR's may also be destroyed if the reverse voltage ratings are ex­ceeded. Protection against high transient voltage is incorporated in the equipment. A surge suppression network consisting of a resistor and capacitor are connected across the secondarv of the anode trans­former to dissipate the sharp high transients.

MAGNETIC AMPLIFIER MODULI

Mai!Jletic amplifiers and saturable reactors are related devices in that both uses the saturation character­istics of an iron core for control purposes. Physically, the magnetic parts of the magnetic amplifier circuit. consists of insulated coils of wire wound on doughnut­shaped iron cores. The coils are arranged and con­nected so that the induced voltage from the AC in the output windings are cancelled in the control windings. Therefore, these induced voltages do not appear at the control winding terminals. The entire magnetic amplifier is assembled and potted in a container with terminrls for making external connections. See Figure 12.

Jn Figures 13 and 14 the magnetic amplifiers and controlled rectifiers circuits are shovm in detail. A supply of 115 volts AC of the correct phase relation­ship is transformer coupled to the AC windings of the

9

11 12

w '

CONTROL SYSTEM COMPONENTS

CONTROL WINDINGS

115 VAC COMMON

~------+-4------.--+-----+-_.~.-------~~----~~------os

2

•*:SO , I

TO SCR GATE

Figure 12. Magnetic Amplifier Module ('79U61)

magnetic amplifier. The magnetic amplifier output is coupled through a saturating transformer to the gates and cathodes of the silicon controlled rectifiers.

Small rectifiers are connected in series with each AC winding allowing current to now in only one direction. The magnetic amplifier is self-saturating. This means that if no other excitation were supplied to this device. lt would saturate and provide a signal to turn the sill­con controlled rectifiers full ON. When the iron core ls saturated, the reactance is very low and almost the entire AC output voltage supplied to the magnetic amplifier AC windings appears at the output terminals (4 thr·ough 6).

To control a magnetic amplifier 1 a control current must be provided in one or more of the control wind­ings which will reset the magnetic amplifier. This control current produces a ma!;netizing force that opposes the n:agnetizir:g force of the current in the AC winding.

By regulating this control current, the magnetic mplifier can be made to saturate over the entire

1'\C half cycle, for a partial cycle, or not at all. The acbon of the magnetic amplifier circuit is determined by the total control winding ampere turns. It i.s this characteristic of the magnetic amplifier that

10 B-14

allows it to function as an error detector, by con­tinuously comparing the desired speed (Master Ref­erence) with the actual speed (Speed Feedback). Each winding is electrically isolated. Figure 10 illustrates the gate signal variations and its effect on the anode current.

Refer again to Figures 13 and 14. A supply of 115 volts AC is connected to terminals 1 and 2. The silicon controlled rectifiers gates are connected to terminals 4 and 6 with 5 common. The red, black, and white test jacks which are mounted on the module cover are connected to the resistors in series with the control windings. These 100 ohm res1stors are provided so that a DC voltmeter can be used to meas­ure the current through these windings. A one volt indication is the equivalent of 10 milliamperes cur­rent through the control winding.

Terminals '1 through 12 are connections to the control windings. When the odd numbered terminal n> of a control winding is positive with respect to its even numbered terminal (8) 1 the current in the control wind­ing tends to turn the output pulse on. The reverse is true when the odd numbered terminal ('7) is negative with respect to its even numbered terminal (8). All of the control signals are or constant polarity except the

IJj I

!--> U1

... ...

lOAD BRAKE (M) MAGNETIC AMPLIFIER

.------- --. --1

Fl 4 • I e I I

115 VAC

F2 4 • I I

F3 4-l---t I

115 VAC

•

(\ r\ 4 • " - __.,._ ........ "' '--et-...--vv·--..-...--1-----~

. . . . I --~-----1r-"' I

.. ..,.,. 1_..

s CD 0.~ =~

I 6 ~ ....__

-'\IV'¥ ~A A A A A..& A. .&~.L.A. .l l.tla a a a -'-•

T ~· - ..

-----· ---

FREQUENCY DETECTOR MODULE

1 ...

~.J u<{ ~z OC) w_ w"" u.

of.

w oeU wz .... w ""a::

~it 0::

'\)

_L_

v .~ I

~'CC

..

ANTI-HUNT MODUlE

-~

\~ I _:l_3 =-..'-===~~~~

-II 11--+---- • r ~

~aJ - ........ • "TT~ ""T~ -Y' ----.-- vv v

I I s

I I 6 F4 .__-4---'

REACTOR (R) MAGNETIC AMPLIFIER

Figure 13. Schematic Diagram, MAGNETORQUE Firing Control

Hl

[ H2

L H4

n 0 z ~ lllll 0 .... ... -< "' ~ ... ~ n 0 ~ ., 0 z ... z -4 ...

... ~

trJ I

I-' 0"\

2 F2.

L r

REACTOR (R) MAGNETIC AMPLIFIER

-

n II I ~ ~ !I mg w 0<:

l• ~ I I I I I; ri

FEEDBACK MASTER SIGNAL SIGNAL (SPEED)

FREQUENCY DETECTOR MODULE

FEEDBACK SIGNAL

(CURRENT)

PLUGGING MODULE

4 ,..,.. l"''lllf

a A A

"VVV

5

Figure 14. Schematic Diagram, Reversing Firing Control

ANODE TRANSFORMER

X4

.

ft 0 z ... ,. 0 ... Ml -c

"' ... ... ~ n 0 ~ ... 0 z ... z ... "'

CONTROL SYSTEM COMPONENTS

Anti-hunt signal. The values may vary from zero to a maximum, but never reverses in polarity. The Anti-hunt signal is not constant, but allows current to Jlow in its control windir.g only under transient conditions.

Refer to Figure 13 when following this example of magnetic amplifier operation. To make this con­trol system operate three control signals are nec­essary, the Master Reference, Speed Feedback, and Bias. The input signal from the Anti-hunt circuit supplies transient signal which provides additional refinements.

The following fundamentals are basic to the operation of the magnetic amplifiers: ·

1. The magnetic amplifier modules (Rand M, Figure 12) are identical.

2. All the control windings have the samf.' number of turns so that a given amount of current in any winding has the same effect as an equal current in any other winding.

3. The output of the magnetic amplifier is determined by the algebraic sum of the currents in the control winding.

4. A total current in the control windings of a negative 1. 5 milliamperes (approximately) will bias the magnetic amplifier at the "no output" condition. Any decrease of negative control current or in­crease of positive control current will result in output from the magnetic amplifier controls.

5. A change of 0. 5 milliamperes in the control wind­ing cu.rrent is sufficient to turn the magnetic amplifier from OFF to full ON or vice versa.

With the foregoing in mind we \\'ill examine the oper­ation of the magnetic amplifiers on the hoist motion more closely. Assume that the induction master has been set to the· first point LOWER position, thus calling for minimum lowering speed. The motor is energized but the rotor is locked. Both magnetic amplifiers would be just OFF and neither the satur­able reactor nor the MAGNETORQUE load brake will be excited. Typical signals supplied to the control windings would be as follows:

Master Signal = 1 milliampere

Frequency De.tector Signal = 10 milliamperes

To. meet the requirement that both magnetic ampli­fiers be just OFF requires a net control current of minus 1. 5 ·milliamperes. In algebraic terms then for the saturable reactor magnetic amplifier (R) for which the polar:ity of the master and frequency detector •ignals is positive.

Fixed Bias + Master Signal + Frequency De­tector Signal = 1. 5 rna or, Fixed Bias + (+1) + (+10) = -1.5 rna therefore, saturable reactor ·fixed bias = 12.5 rna

B-17

Similarly, for the MAGNETORQUE load brake mag­netic amplifier (M) for which the polarity of the ma.c;ter and frequency detector signals is negative:

Fixed Bias + (-1) + (-10) = -1.5 ma

Therefore. MAGNETORQUE load brake fixed bias = +9.5 ma.

Then, with the fixed biases adjusted to these values, neither magnetic amplifier would be ON. Suppose, that the motor is now allowed to turn. All signals re­main constant except that from the frequency detector. Since the output of the frequency detector is maximum at stall and decreases as the motor speed increases until at synchronous speed it becomes zero, this sig­nal will decrease. Suppose the speed reaches 5% of the synchronous value. The frequency detector signal would then be 9. 5 milliamperes. If we add the signals in each magnetic amplifler, we will find that the satur­able reactor magnetic amplifier (R) is biased OFF by 0. 5 milliamperes (n~t control current of -2 milli­amperes) and the MAGNETORQUE load brake mag­netic amplifier (M) is biased ON by 0. 5 milliamperes (net control current of -1 milliamperes).

Since this is enough to cause nearly full excitation current to flow in the MAGNETORQUE load brake, full braking effort of the unit would be exerted. In an installation the speed under this assumed condi­tion would be held t9 approximately 5 percent or synchronous speed even with a full load on the hook. The preceding figures are for illustrative purposes only.

By the same process it could be shov:n that whenever the speed is less than that called for by the induction master, the reactor magnetic amplifier (R) is turned ON and the MAGNETORQUE load brake magnetic amplifier (M) is turned OFF. Also note that a rela­tively small speed error is sufficient to bring about maximum corrective effort. This in turn means that the speed-load curves obtained with this con­trol system are very nat, indicating excellent regu­lation.

An analysis, similar to the foregoing could be made for the Static Stepless Reversing-Plubging control. It operates in the same manner except that the MAGNETORQUE load brake and associated magnetic amplifier are not used.

FREQUENCY DETECTOR MODULE

GENERAL. The frequency detector module performs two functions. One is to produce a DC Speeu Feedback Signal and the other is to rectify the AC Mo..r;ter Reference Signal from the induction master.

Figure 15, illustrates the frequency detector and master reference rectifier circuits. The operation of each portion of the frequency detector module is described in the following paragraphs.

13

C:ONTIIIOL SYSTEM COMPONENTS

r-.;;------------- ------, I FREQUENCY DETECTOR

I I I I I I I-I I

CJI 1-

G SATURATIN TRANSFORM ER

INPUT TRANSFORMER

... ...

... .... : ? \ ~

I 11-----~ L _______ ---- ---::~

,-- a7"- ---- - "W.sriR REFERENCE -,1 ~

I RECTIFIER I I I I I I

I 83 l I I I 1

I I I I

I I I OUTPUT' IAl I - + ~,

A2 A3

1 e2 1 I I 841 I L _____________ _j L ______ _j

Figure 15. Frequency Detector Module (79U62)

FREQUENCY DETECTION. The frequency detector portion of the frequency detector module furmshf:s the Speed Feedback Signal to the magnetic amplifiers, and is factory calibrated to produce 10 milliamperes (600 ohm load) output under motor locked rotor con­ditions (60 cycles - 1800 synchronous RPM). The wound rotor drive motor induces an AC voltage in its secondary windings, the frequency of which is inversely proportional to the speed of the motor. With a 60 Hertz machine, when the rotor is at zero speed, the rotor frequency is 60 Hertz. As the motor speed increases, the rotor frequency decreases until at synchronous speed the frequency is zero. If an over­hauling load drives the motor faster than synchron­ous speed the rotor frf:quency again increases. WhE'n the motor is plugged (exerting torque in a direction opposite to rotation) the rotor frequency is greater than 60 Hertz. The magnitude of the voltage induced in the rotor windings \'aries directly with the fre­quency. However, the rotor has appreciable impedance so the slip ring or terminal voltage varies consider­ably with load. Therefore, the rotor frequency is a true indication of motor speed.

B-18

The frequency detector saturating transformer is operated with the primary saturated by the rotor volt­age. When operated in this manner, a transformer with square hysteresis loop cores tends to produce con­stant volt second pulses in the secondary for each half cycle of input. These pulses, 11•hen rectified o.nd filtered produce a DC voltage directly proportional to frequency, even with wide variations in input \'Olt­age. When fed to the magnetic ampliiier control wind­in~s this DC voltage becomes th~ Speed Feedback Signal.

There is a considerable variation in the secondary voltage ratings of wound rotor motors of ~ifferent sizes and manufacture. To accommodate these varia­tions in a standard module, a tapped input transformer is used. The common input terminal B7 together 11·ith terminals BB through Bl2 are tap connections to ihe transformer primary. The specific connections to these taps will be found under the topic INITIAL IN­STALLATJOf': CHECKOUT.

CONTROL SYSTEM COMPONENTS

MASTER REFERENCE RECTIFICATION. Thefunction of this portion of the module is to rectify and adjust the level of the AC Master Reference Signal from the induction master.

The AC Master Reference Signal is applied to the rectifier portion of the module, where a full wave rectifier converts the AC Master Reference Signal to a DC Master Reference Signal. The DC Master Reference Signal is adjusted by the potentiometer and applied to the magnetic amplifiers as the Master Reference Signal.

ANTI-HUNT MODULE

The Anti-Hunt Module, Fig. 16, is to be used on Hoist Motion onlv. It contains two identical circuitries, Terminals ·1 and 3 are connected to reactor SCR supply while terminals 4 and 6 are connected to MAGNETORQUE load brake SCR supply. Thevariable and filtered DC output obtained at terminals 2 and 3, 5 and 6 are fed to reactor and MAGNETORQUE Magnetic Amplifiers respectively. The Anti-Hunt module' therefore, provides transient signals which compensate for system response delays which could result in hunting between the reactor and MAGNE­·TORQUE supplies.

REACTOR SCR SUPPLY

MAGNETORQU SCR SUPPLY

E

•

-

..

-

1

I 3

4

I 6

--

$ ~>

4~ I/ ... 1\ ~

~ ... • I' I/

~· 1\

-Figure 16. Anti-Hunt Module (100E4225)

2

I 3

I 5

6

B-19

3 ....... ---........,

I SENSITIVITY 5

t±-=..-_-_----+--+--+-P-O_T_ENTIDMETE: I

Figure 17. Plugging Module (100E4287)

PLUGGING MODULE

Plugging Module is only used on tra\•erse motion. Its function is to improve the plugging character­istics. See Fig. 17.

The input to terminals 3 and 4 is supplied toter­minals 5 and 6 through a bridge rectifier, filtering network and the sensitivity control rheostat. Terminal 1 and 2 are connected to output terminals Al and A2 of Frequency detector Module 79U62. The zener diode between terminals 1 and 2 regulates the maximum frequency detector output.

The voltage appearing across a part of the external resistance, in one phase of the motor secondary, is the input to terminals 3 and 4. This signal is propor­tional to motor secondary current and approximately proportional to motor torque. When the motor is plugged, this signal is fed to terminals 11, and 12 of the magnetic amplifier control winding. In the mag­netic amplifier it is compared with the induction master signal. This, plus limiting the frequency detector output to the stall value, allows the desired torque to be selected during plugging by properly positioning the induction master handle.

15

INITIAL INSTALLATION ADJUSTMENTS

INITIAl INSTAllATION ADJUSTMENTS

GENERAL

Prior to the initial operation of the control system, it must be adjusted according to the following procedure. Control systems that are furnished on complete cranes are adjusted prior to shipping. However, it is recom­mended that all adjustments be checked using the following procedure.

Test jacks are provided on the magnetic amplifier modules so that the measurements needed to adjust the control systems are easily obtained. The test jacks have built-in meter shunts to provide 1 volt for each 10 milliamperes applied to the control winding.

Wherever possible, the control voltages in the modules are regulated to minimize the effects of line voltage

. variations on the control systems.

The equipment required to adjust the control system is: a screwdriver, a good multimeter having no less than 5000 ohms per volt, and a small adjustable wrench to loosen and tighten the potentiometer lock­nuts.

PREADJUSTMENT INSPECTION

Prior to applying power and testing the control sys­tem, the following items must be inspected:

I WARNING I Do not use a megger, vibrotest, or ringing device to check static components or circuits. An ohmmeter or multimeter which uses less than a 50 volt battery, with the ma.x1mum cur­rent limited to less than 0.05 amperes, is auitable.

(1) Check all wiring and connections to be sure that they conform to the wiring diagram furnished with the control system, and that all connections are tight.

(2) Check the anode transforn-.er connections to en­sure that the proper voltages are applied to the transformer primary, silicon controlled rectifiers and static control circuits. The proper voltages are shown on the wiring diagram furnished with each control system. For quick analysis, see table 1.

16

5 H.P. and above Below 5 H.P.

Size Motors Size Motors

Anode SCR Supply 230 VAC 115 VAC Voltage cY1-Y4) or CX1-X4)

SCR DC Output 100 VDC 50VDC Voltage (across the 500 ohms or 50 ohm resistor located in the panel)

SCR load resistor 500 ohms 50 ohms

Table I.

(3) Check the input connections of the frequency detector module to ensure that the motor second­ary voltage is applied to the proper input termin­als. The motor secondary must be connected across terminal 87 (common) and the terminal (88 through 812) which is nearest the motor aecondary voltage rating, but less than the motor pecondary voltage rating. To determine the motor aecondary voltage rating, refer to the motor name­plate. The voltage rating of each frequency detec­tor input is shown in Table ll.

Motor Frequency Secondary Detector

Volts Terminal

60-99V 88 100-149V 89

B7 (common) 150-199V BlO 200-299V Bll 300-400V 812

Table n. Frequency Detector Input Ratings.

HOIST MOTION CONTROl ADJUSTMENT

The layout of the hoist control pane! is shown in Fig­ure 18. In making the adjustments, it must be re-

B-20

INITIAL INSTALLATION ADJUSTMENTS

REVERSING CONTACT OR

\

@ MASTER

ANTI­HUNT

MODULE

100E4225

REF ADJ.

\

-~ (M)

FREQ. DET. MAG. AMP MODULE MODULE

79U62 79U61

BRANCH FUSES

SCR(M) SCR(R)

f 1

~ a@M

FUSES FUSES

(ft)

SCR SCR

MAG. AMP. ASSEMBLY ASSEMBLY

(M) (R) MODULE 75Z465 75Z465

79U61

TERMINAL BLOCK

Figure 18. Magnetorque Panel Layout

membered that those adjustments having to do with speed control (Speed Feedback, Master Reference, and Bias) are all interdependent. Any change in one affects all the others. Indiscriminate adjustment of the poten­tiometers will throv.: the whole system out of adjust­ment and makes resetting more difficult. Once the control system has been properly set up, no further adjustments will be required unless a failure occurs in the system. If the control system does not respond properly, do not try to correct it by readjusting the potentiometers until the cause of the trouble has been located.

1. Adjust both potentiometers on the Anti-Hunt Module to the center (mid range) position.

2. Turn the Bias Adjustment potentiometer on both magnetic amplifier modules to their fully counter­clockwise positions.

:s: Open the main line disconnect switch on the crane anc'. remove the branch circuit fuses on the hoist control panel.

4. Connect a 0-3 VDC voltmeter to the .white test jacks on either o! the magnetic amplifier modules. Close the main line disconnect switch on the crane. Place the induction master handle in the full ON-HOIST position and adjust the Master Ref­.erence Signal potentiometer on the Frequency

B-21

Detector Module until 0.95 VDC is read on the meter.

5. Connect the meter to the black test jacks on the MAGNETORQUE Magnetic Amplifier Module (M). Turn the Bias Adjustment potentiometer on the MAGNETORQUE Magnetic Amplifier Module to its fully clockwise position. Then turn the same potentiometer slowly counterclockwise until 1.0 VDC is read on the meter.

6. Connect the meter to the black test jacks on the Reactor Magnetic Amplifier Module (R). Turn the Bias Adjustment potentiometer on the Reactor Magnetic Amplifier Module slowly clockwise until 1.05 VDC is read on the meter.

'1. Open the main line disconnect switch on the crane and replace the branch circuit fuses removed in Step 3.

(WARNING I After the branch circuit fuses are replaced, and the disconnect switch is closed, the hoist will run whenever the induction master handle is moved from the OFF position.

8. Connect the meter to the red test jacks on either of the magnetic amplifier modules. Close the

1'1

main line discoMect switch on the crane. and place the induction master handle in either the first point raise or lower position and observe the meter reading. The meter should read 1.0 VDC. There is no adjustment for this check. 1f approximately 0.85 to 1.0 VDC is not present, the module is defective and should be replaced.

0. Fine adjustments for speed can be made by adjusti'lg the Bias Adjustment potentiometer on the Reactor Magnetic Amplifier Module. Turning the potentiometer clockwise will increase the apeed and turning the potentiomE'ter counterclock­wise will decrease the speed.

10. Fine adjustments for stability can be made by turn­ing the Bias Adjustment potentiometer on the MAGNETORQUE Magnetic Amplifier Module counterclockwise slightly.

U. If there is a noticeable bunting condition in either direction, adjust the Anti-Hunt Module as follows:

(a) Place the induction master handle in the first point hoist position. Turn the (r) Anti-Hunt potentiometer slightly clockwise until the bunting condition disappears.

(b) Place the induction master handle in the first point lower position. Turn the (M) Anti-Hunt potentiometer slightly clockwise until the bunting condition disappears.

~2. A final adjustment can be made by placing a rated load on the hook and lifting the load a few inches off the floor. Repeat Steps 9 and 10 above until the desired minimum speed is obtained.

TRAVERSE MOTION CONTROL ADJUSTMENT

The arrangement of the traverse motion control mod­ules is shown in Figure 19. As was the case with the hoist motion control, the Speed Feedback, Torque Feedback, Master Reference, and Bias adjustments are interdependent. The procedure for adjusting the traverse motion control is as follows:

1. Open the main line disconnect switch on the crane. Remove the branch circuit fuses for the motion control to be adjusted.

2. Close the main line disconnect switch on the crane and adjust the Sensitivity potentiometer on the Plugging Module to the center (mid range) posi­tion.

3. Connect a 0-3 VDC voltmeter to the white test jacks on the magnetic amplifier module. Place the induction master handle in either full ON position. Then adjuJt the Master Reference sigr~al on the Frequency Detector Module until 1.05 VDC is read on the meter.

4. Connect the meter to the black test jacks on the magnetic amplifier module. Turn the Bias Adjust­ment potentiometer counterclockwise until 1.15 VDC is read on the meter. Return the induchon master handle to the OFF position.

18

@ MASTER

REF. ADJ.

FREQ. DET. MODULE

79U62

MAG, AMP. MODULE

79U61

INITIAL INSTALLATION ADJUSTMENTS

PLUG. MODULE 100E4287

SCR ASSEMBLY

75Z465

ITO REVERSING

CONTACTOR

SCR FUSES

rn TERMINAL BLOCK

Figure 19. Traverse Panel Layout

5. Open the main line disconnect switch on the crane and replace the branch circuit fuses removed in Step 1.

l WARNING I After the branch circuit fuses are replaced and the disconnect switch on the crane is closed, that particular traverse motion will run when~ ever the induction master handle is moved from the OFF position.

6. Connect the meter to the red test jacks on the magnetic amplifier module. Close the main line disconnect switch on the crane and place the in­duction master handle in either first point posi­tion. Observe the meter reading. The meter should read 1.0 VDC. There is no adjustment for this check. If approximately 0.85 to 1.0 VDC is not present, the module is defective and should be replaced.

'l. Fine adjustment for the desired minimum speed can be obtained by adjusting the Bias Adjustment potentiometer on the magnetic amplifier module with the induction master handle in the first position.

8. The Sensitivity potentiometer limits the amount of drift during the plugging cycle. Turning the potentiometer clockwise will reduce the drifting distance when the motion is plugged. Turning the potentiometer counterclockwise will increase the drifting distance. This adjustment will vary per application.

B-22

'.

'flltQUIIU SHOOTING

TROUBLE SHOOTING

GENERAL PROCEDURES

Correct operation is dependent on correct adjustment. The devices incorporated in the control systems are etable, so readjustment is generally not required. Do not start turning the potentiometer when a mal­function occurs. The motors can single phase, span connection can open, etc. A goOd multimeter and clamp-on ammeter will expedite servicing. Generally trouble area can be easily isolated by going through an adjustment procedure.

I WARNING I Do not use a megger, vibrotest, or any ringing device to check static components or circuits. An ohmmeter or multimeter which uses less than a SO volt battery, with the maximum cur­rent limited to less than 0.05 amperes is suit­able.

Generally, aervice problems can be divided into two categories: ·

1. When a new installation is being placed in service, follow the procedure outlined in INSTALLATION ADJt:STMEI\'TS. Refer to the diagrams furnished '9.ith each control system. There are variations in the applications of control circuit limit switch (es) for both slowdown and stopping.

2. On a crane which has been operating satisfactorily, the analysis should be started on the basis that generally one malfunction develops at one time, unless there is some catastrophic failure. Rarely ~11 the trouble be complicated. 122....!12! start changing the ~justments.

3. A fast observation will indicate if the entire crane ·or only on motion is affected. This immediately indicates the possibility of a failure in the main power aupply circuit, or the trouble is localized to one motion.

Make the following observations:

1. A static sub-panel malfunction will generally not immobilize a motion. However, it may be impos-

eible to control the speed and the motor torque may be weak. ·

I. The static sub-panel does not affect the operation of the reversing contactora.

21. If a motion operates normally in one direction only, the trouble is probably in the reversing contactor circuit. Check the connections, limit switch settings and all other components in the reversing contactor circuit. Observe the opera­tion of the reversing contactors.

4. If the reversing contactors operate properly, determine if the motor brake is releasing.

5. If the motion appears dead when the reversing contactor operates, use a voltmeter to check the load side of the reversing contactor.

6. When the motor circuit is correct, one or more of the following indications will aid in localizing the static sub-panel troubles:

A. No slow speed lowering--MAGNETORQUE load brake excitation has failed.

B. Weak motor torque on any motion--reactor excitation has failed.

C. If either the MAGNETORQUE load brake and/ or the reactor excitation has failed, check the anode supply. U the anode fuses areblown, it may indicate shorted SCR's. Check the load side of the SCR assembly for a short circuit. Replace the anode fuses once. If they blow immediately, check further, and if necessary replace the SCR assembly with one known to be operating properly.

'1. With the basic control signals correct and lUAtlde aupply voltage at the AC terminals of the SCR assembly, check the SCR assembly DC output voltage. With voltage present but no current, there must be an opening somewhere in the MAGNE­TORQUE load brake or saturable reactor DC coU circuit. Check the apan conductor and collector connections.

B-23 19

''· There should be a DC output from the SCR usem:­bly when the correct slgnals are applied--reactor excitation current 'When the induction master handle is in the full ON-HOIST position and IIIAGNETORQUE load brake excitation current 11fhen the induction master handle is in the first point LOWER position. If there is no DC output from the SCR's under these conditions, the SCR assembly or magnetic amplifier modules may be defective. The best check is to substitute a unit kriown to be good. If this checking procedure does not aolve the problem, review the detailed des­criptive -material in this manual to assist in determining the problem. Only a fraction of a percent of the trouble occurring on operating cranes will not be correctec! before the preceding checking procedure is completed.

20

TIOUIU SHOOTING

CHECKING ICR'a

Generally, silicon devices do not deteriorate graduiuly 11fith age. The most likely defect to develop during operation of a silicon device is a shorted junction. This condition can be checked with an ohmmeter. by disconnecting the external leads from the SCR assem­bly and verifying that a high resistance is present even when the ohmmeter leads are reversed.

B-24

l::r!~:l It is recommended that complete modules and rectifier assemblies be replaced when a defect develops. If it seems advisable to repair recti­fier assemblies, follow the procedure recom~ mended by semiconductor manufacturers when making solder connections. Use heatsink.s. Do Dot overheat junctions.

, .. '"' F :\'Att: • [lll~tl:: .J

AND W .A R E H 0 U S E S

SERVICE STATIONS MILWAUKEE 46, WIS •• . . . . . 4400 W. NATIONAL AVE.

ATLANTA, GA. • • 359-361 E. PACES FERRY ROAD

NORWALK, CALIF. . . . . . 14420 S. BLOOMFIELD AVE.

PHOENIX, ARIZ ••••• o o • • • • • 130 S. 29TH STREET

SEATTLE, WASH. . .. •••• 135 S. BRANDON STREET

TETERBORO, N.J. . . • • • • • • • • 100 NORTH STREET

ATLANTA, G-', a OS TON, MASS. aUFFAL.O, N,Y, all'tMINGHAM 0 AL.A, CHICAGO, IL.L.,

CINCINNATI, OHIO CL.EVEL.AND, OHIO DAL.L.AS, TEXAS

BRANCH OFFICES ..HIL.AD£L.PHIA 0 PA,

.. HDENIX, ARIZ,

..ITT&BURGH, PA, DENVER, COL.O, DETROIT, MICH. NORWAL-K, CAL.IF, MIAMI 0 f"L.A,

MIL-WAUKEE, WIS, NEW YORK, N,Y,

.AN f"RANCISCO, CAL.IF,

.EATTL.E, WASH,

.T. LOUIS, MD, TETERBORO, N,J,

WASHINGTON, D,C,

AGENTS AND SERVICE STATIONS IN ALL PRINCIPAL COUNTRIES OF THE WORLD

B-25

l I.

INDEX FOR HEVI-LIFT HOIST c-23306-501

MECHANICAL SECTION mustraU.on

Number

Hoist Frame - Drum - Motor Support .............. Gear Case llllld Gearing •••• o ••••• . . . . . . . . . . . . . . . . . . Gear Case Cover llllld Brake ••••••• . . . . . . . . . . . . . . . . . . Reeving Assembly •••••••••••••••••••••••••••

Limit Switch Lever, .............................. Limit Switch Drive, ••••••••••••• ................. ~Holst Cable ••• o ••••••••• • • • • ·s t:!l!"

HL-701! HL-71C HL-728

-----HL-74

HL-70A Stabilizer Assembly • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • ..., ......

Yoke Assembly ••••••••• ·• • • • • • • • • • • • • • • • • • • • • • • • .. .........

Plain Trolley. • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • .... .........

Geared Trolley • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • .. ..........

ELECTRICAL SECTION

Hoist Motor •••• . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . XX-1 Trolley Motor •• . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Bridge Motor • . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -----Limit Switch • . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . HL-38A

Limit Switch Application •••••••••••••• • • • • • • • • • • • • • ----

Rectifier •••• . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . CC-75-2

Holst Control. .............................. ------Trolley Control • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • ----

Bridge Control ••••••••••••••••••••••••••• • • • • • • • -----

Additional Control • . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ----Hoist Resistor •••• . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -----Trolley Resistor • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • ~-

Bridge Resistor • • • • • • • • • • • • • • • • • • • • • • • • • -----

Push Button Station. .............................. -----Collectorll. • •••• ............................... ---

See Dwg. 100A5491 in Section . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . s of Parte Wiring Diagram ••

CARE AND OPERATION SECTION

Lubrication and Maintenance JnstrucUona •••••••••• . . . . . . T-100

HARNISCHFEGER ~ Mllw•w'••• Wln•••lll IUU

H-26

Book

APPENDIX C

WIRING DIAGRAM (PLANT Y)

Ill ...

•

• • 14

II .. 11

• • • a

• • ..

"' •

•

. $(. :.EDl'L£

Ill :; ~Ol POI.'ER

;·1010~ SPACE :i£A1'£RS

1 ~. 'rr •••r• .. P •.na •

PA.:El f.O:;v, OUTlETS

IWAIIIW ..... Lie.-·

FLOOI> LII:Nr

" .. .. , H " .. .. •• " •• .,

IIICOI'lii'Kr I"'::WI.It 4G(Jt1·.8</>·60Hlr

A e c

ruv W"'e I '"

Ill I

$1J3.,

•s .... ., ., ""

aPL II 182

t..•)

f72iJ

,,,/i

rn11

I« Jr

178~111b, 2 -·· Ql(~

IDAl.l AKP

.S~'IA N

lU 1vi KV 7n .. ..

20 .. " h.rto 20 .. .. ''·-" ~n •• •• ., 11..5' 20 .. .. .,4-II s 20 • • .. .IS ..s 20

•. s 20

'.s 20

'·" 20

. -:­Bo KVA, ~'! eoTiY/IIoV

.. , 6'

•ror'

IIOC Jt,Y.-Jt

TO aci "" -w:a P»l-w~-M ~ ~-~

..

'ja •7D lr'L '~ II

lt4 o40C

J'

&'-T PI? Pll _,

II· OUT

172 toe!~ ~~ I

lll:JJBRVOLTA()t a!lAY I m. 244, ,, •• :ne

.,, fr1•1

...... OIIAW ·i IIIIIUO lliCTIII I'OLAI\ cwm,y CIAia: t i

Ill

II

• • • • Ill

• • • ll

u

!.1

u

II .. 11

18 .. • D

I!

D

II

II•

2'6

rr

B

• • •

·-.... -· .. o-ca t=:....---.-..... -. --.l:;:;:=..,;;; .. :;i,;;.-;;;;-----1~ c»MwntucnoN =~~ A..O A17XILW1 CIICDl'l' . ..., -

!N

C-1

,_

·-·-

J.

.. RINTS AJtE PO,.: "'"'Noor.t.~

t;;;;_-------'.,..,...-------10 .... ovAL J_. O •anu.Ncr 1==-------t'lmll'""!',_ ____ --j t;f')HIUIUCTI0"4 , .• I MilOt

'''"''"

C-2

IH

UIUALOILICTRIC

1711Dten 5

191 OftllCUIUIIT lilA\' w HD1'01l VDLTADI li1A'f 320, Q, o, 1

~\ IIIIRAD 12 eot. n

. aaAD •• (ll)~"ft t!!..oJll

~

lii.All Allll liLA Y Sl6, Jll, .l • .II

J'ii~,H~fu. m c

J:DI;U Ill lAY J18 1 ,,,, !!!o 0

toll (n'Jl

E:Lt:NINTAJtY OIAO .. AM

tl

• Ill .. .. .. " .. .. II

u

18

14

IS .. ., .. II

10

II

D

II ,. 21-.. F7 •

" • II

IZ

-SI ,. • •

.J1 .. -P

to

41

u .,

·•i

<o ~~ -

·'

'Ill

r----:-----1 I

I I I

·' :I :a

il db: I i8"! I

I~~~

;':! ·-~~-~:, •;.· .a '-

( ....

• a·; :a

F~~~s~...l-------'-~!::!.!t"'~~-----, 1"\A.•.PQ~ I

(!)P41"1 I 2.§ CCl<' ., ~ [0 r-;1

{[~!:'!. MIL == ,... I

:s,._ :( s . Cl 1i = -~ a'a lli • a • • •• • • ; C·llll· 11.1& le •·· • • .. . • . L • Ill II

· ... g •

4 --'= ·- 5 ~

~ ~1;. ...:

"' " • ll ~ ~ < .. 2 -

*G._,..., 1 I ~w ~ ~ ... FL.D .. ;:..

(·)uP .

• ~ a

~ -.. .. -.. -• .. c ---.. -

·~ L-~~ I I~ ~;

~ 11 ! i I ~ .. • A

t a

I j

(V)

I C)

I (!I) I L-----..J

r;::.-------1-,.,.,,.. .. =, • ..-------fO •""•<>vAL ..!J 0 ••rr .. Nco 1=:....---,-----t';'o•~. •r'. ,;o::o.;:,.:\";,.,.,.~----1m CON.YJIIUCTION

c- 4

'~~-AA MO'rollt

tH

UIIUL. EUCTIIC

178 PitHS

Hit OVDC:UIUUlllr lilA Y 1£1 14DTOR 'ftiLTAO£ IUIIAY ~Mo, 2 .. o , a

r.'WI.£ AU UIA' '51~. !Ill, .2 • j

!l>\1£~ RILAY ~\8, S)l, ill• I)

£LEMENTAA'f' OfAO .. Al4

l'lll .1R r. .. ~;n,; l"RA".E

.II'X .:nt,·r ro::nnt

" ,. ~ ~

G'

II

Ill

.,

.. ·05

II$

6'

-U

::J {)) OJ o; CD l}l

i,Vt

"~ r I• ,. ~ . "' ,._ ...

r-------1

I

I I I

·I :I ~I aiL~ .J I.Ja. ~

'® l i .

~~·, o-0 . . • • - ... ""'. 09- (tolt

. -·r · L '

~q. ! ,;·, ·~ l : .. : ~:

- ... _ • ..J6. ' .. -

CON"'S.'TIO""'-- !l<o1>1174""9 ')HI ""'-T- -.c.xq'7&4""',.-' r-=--==;:.;:;:p.,~""'-'-.-------"' ~--~....,.,_ __ ---, I (j)P41"1 I

%~~~ 18 Cd<' :~~ ~ ' # ,'~ff M~ =~ . I ..... -~ l3il I

lll :, ·- ., ~ " ~ ll .. c ~

E ::: :t i I~ ~

(·)- I r-.. iii ~

;: ... • ;: = -.. -

I I I . ---------· I~ L----- •

i I I ir ~ i I u ~ ~ g

...

j I ~ 1 oona

,L••.r"'(

t·· I•:

I :5;~;:· .. ~. ~~~-:·:~:.~.._ ... ~~.·. •'r- .. :.~.~~--·:j,:-.~:\·':::/:······.::·~~ .. y·, .. ·,;··-...... -· !·.-::.-.. ~. , .. ,.\.· ... -- --~--· .. :,.

..... , " . • >. -.... .. .• -.. ·. :-' . . ..... -.~,--· .;.1· r_,---w--t : .·•. 'r:· ,__~...;........~....._....._"'--.l..-.l..-J..-.....__..L..-....__....__J..--..I...-..I...-..I....-.I....-..I.._J....._........,..~-...1::!!:1

7

(II"') ~~~.;:;-e- C. !IM'5 r----------,

jRIC.14T LI.F'T

14 !!> l. ' *I L~ ~ II I I lo) TT I

C-6

,.

..

PORWA:'lD •:o,. W _723, 1J_8

PWG<i 'NG 1'.::£~

)3•!, l

n:vtqu co;.;a m. 121

A 't.EL I..CI• 01 11 'Ill' 734

1\CCIL CONTR 12 738

ACCIL IIU.Y f) 138, J.

nCCIL .;or:n< 13 0

-1 . I TRDLL6Y

TA I\ C. TOll

I ' .*-" Nl

-- -[e•e.)J

IIUUL .IUCTRIC

...... .. •.

ea

Ill

03

04

OS

OS

!11

01!

16

II

12

14

15

-ra

17

II .. lt

I ' :GI!

·IS

1111

01

·: II

.'u

i2

u

'l4.

Jf

~~-­;: rJ

:.·a i:u. ;{14 ;­.. ~~~

;.',.. ?~n-' •• ;

Jll .;. .)~

~- 11 ;. ·:>

.· ...

.;.-

... ..... ..

... • ..

·=·t~.r-~ :: -.-: ,:\,::

. *·.:.

.. .,.

' . ~.

. ;'·>

{iz-i) • ....OV-~·&OHZ

1~~1!> ~~

'·:

t'ORWARD CO:.T.;("l'OR 823, !2~. 842

pu:r.c; t~IG l'D!ER 83U, Q

!lEVER SE CO':Ti.f. '01\ m. el7. ~4)

ACCEL CO:rrACTOR #l 831, 814

ACCEL RSU.'I Ill 834, Q

ACf.El COlll"ArTOR r2 838

ACC£L RE!.A\' 13 8.l8. Q

~,-------~:-:::=:--------------r::~;;--------r----------r.[:";"I";;EC:,..;-;;r.-.; r .... qy ~A(UU.'-4

,_RHH '"- ARf': ~~·A· f,!IIIRAl Q ll!trAIC

·-· 1-:,...------+.T"l;r.::-----..:...--,· t ....... ~\lolL ' .. ~ ......... ,

• •• ~'f.. I ,,.._

C-7

·~.

- •.!

,,

··:·

J.

I 1

.. )'

·• . !I

·"''

... . -·~ -

.A

·ll

- Jl

-ll

.:).I

l7

-ll

. J' -40

. .. - •z

.. . _ .. ..:. ::•1-·•-'

. ·­\0-

·n-·

:. U-'

·····-

,11 ,.

'" '• l;lJ-

·'u

·., .: ·~ + ·:.~· -·:'- ..

·.~

I I.

J!(!!El!CU. T\JR! ,· .. ,~ . ' ·.

' . . ~ . . :' ~· A-•·•·ACCEU:RATlNO CONTActoJ. AX·-····ACC&L&RAnt.e I!L\Y B--- ••BIIAD COHTACTOil

·LT-···-'•LIGifriill D.ANSPOJI..'IER HA•······H-G SET CONTACTOJI

' ...... ··. ... IX_..;. •••IIRAICB TIHD. . C••••·•·-cAPAClTOI ca~ ... -·CDICUIT III\!AlaiR CDS·····..()ONTROL lllSCONNECT SWITCH en• -···OCimiDL POWER '11WlSPOR.HI!R D-•-···•DIODE 'F••••••••JORWARD CONTAC10R FL-••·•••PliLD LOSS RELAY FU·••••••FUSI . CPT···--GEN!mATOR POWER TIW4Sl'OIUiER H·····•••UOIST t!LAY HTR···--·SPAC£ HBATKR L-·••••••lDWER RILlY LR•••••••LOOP I!SlSTOR

UVIIISOO ·. •IM••••••POIIIAill LIMIT &'WlTCII DIIVIII. AND I'OWU LSII·-·•·liOirr LIMIT SWITCH AMPLIFUP. J.SL-··-·IIlWD LIMU SWITCII • Gll.-92010 l.SJI··-·-·UV!RSI LIMlT SWlTCII

MPA• • • • • •MD'l'OII l'OWI!R AMPLIFIER MPT••••••K>TOl PQ/J!R TI!ANSFORMER Ms-_;-··HASTiR SWITCH Oc•••.••••INSTANV.l\'EOUS OVEJICl1RREm' R!LAY Ol.•· • • •• • t11ERMAL O\'ER1.0A D RELAY OUT••····CONV£NIZNCE OUTLBT PI-••••••PUSH&UTTOY M··-~••••IESIStoR I•·······IIIVEli.S£ CO!!TACTOR RB·······liiCTIPII!R ASSEMBLY

'RPA······IEVBRSING POWER AMPLifiER RS·--····S!OOWDARY IESISTOR T·- ,-••TliAl~.iiSTOlt

TU·······THYRITE RESISTOR Tli•••••••TIIEIKlSTAT TY••••·•·Tlfri£CTOR IIV··-·••\IIIIDiiiVOLTAGE RELAY ft•-·-·VOLTAGI RE.LIIY

· l·--··•ZIW!R DIODB · • ' LIUI-··~ 6 BOlB1' liON! LUUT SWl'l'ql ' ' ' ·' LSTTR·· raNtJAHT T~AVI'L- Rl~.,r /..S.

B. • PowER ~~IER LST TL·- ,. LV=T *••••••••HDUNT!I>~· ~TELY

Wttll I'OWIR SUPPLY 0£1-955\8

•. t' .

~- . '

~ :~20i~

" . 6---···)DJNTED PENDANT STATION

Q. · • - - rRoiJ.t C 0\0<~

I . :

IICns ·

l, INTERlOCK COUliT •• TilE NUHBERS IN Til£ ltGIIT IIA.'lD MARGIN INDICATE T:-iE 'LOCA1!0ll, 00 TilE ElEMI!!UARY, OF Til£ AUXlLIARY CO~TACTS FOR 'EAL~l f-£U.~ OR COHTACTOR, TilE FIRST D!GIT(S) I'NDtCATES SHEET l!\JI'lJ1£R, Tl!! L\ST NO DtGLTS It-'DlCATE LINE NI1HII£R, liORIII.lLY CLOSilD OONTACTS AI! UND.ERllliED, SPARE CONIACTS ARE ~" :tCAl'ED '5Y "O",

2, NUMBERS lN PAREllTHESES •• INDICATE TI!IHINAL HI\RKU«;S ON A DBVICI!,

l, NUMBERS Ill BRACUTS •• ~ICATE Till! LOCATION, ON TilE ELEHII~'TARr, OF T:JE CO)<TH;!!A· TlON OF A CIRCUIT OR DEVICE. 'tilE FIJIST DIGI'>i J) l!iDICAtES '!!IE ELEIIE1i'TARY SHEET IIUMBER. TilE lAST 'NO l>lGI'rS ll~ICATE TilE !. Dll WMBI!R.

II "', • n ' I~ "T' ~ST POINT

»

,a_:_ 8 ~~~r~~'illK.Et ,,. IS-

,, •

,' . ..

•· •.. ...

-~ PI:TWER ,SurPLY @ CII-92011

C-8

l-10

I-ll

-11

t-Il

1-14

l-IS

t-J•

11

1-18 .

I-ll

·10

I-ll

1- 'l1;

l-24

•Jl

APPENDIX D

FAULT TREE (PLANT X)

APPENDIX D

FAULT TREES

The following notes are provided regarding construction of the trees:

Note (1):

Events involving failures in the circuitry on Sheet B-1, Appendix B, are coded by a letter and number separated by a hyphen enclosed in square brackets. These symbols have the following meaning:

o The letter denotes the row

o The number denotes the column.

This coding makes the event description easier to understand in the fault tree.

Note (2):

Much of the fault tree development for this study describes fault conditions in which current is advertently applied through a series of normally opened contacts. This fault tree development requires the to-and-through philosophy os fault tree construction as advocated by D. Haasl. For example, consider the system given below that consists of two contacts A and B in series.

1 A B 2

··---t) 1-{ --t) l-( --··

Consider . the following hypothetical case -- contacts A and B should be opened, but are closed due to fault conditions. Current at node 1, a fault event requires the following fault tree development:

D-1

current at node 1

I current through contacts A

I AND

I Co7 are closed

fault conditions

current to contacts A

I current through contacts B

I AND

I current to contacts B

current at node 2

Note (3):

To shorten fault tree construction, components th t operate normally and help propagate the fault event are not included in the fault tree. For example, if contacts B shown above were normally closed, then the fault tree development would proceed directly from contact A to node 2 by passing switch B entirely.

Note (4):

Alphanumeric designators for the basic event description. these alphanumeric designators.

the basic events are shown in parentheses below The min cut sets will be defined in terms of

D-2

DROP OF LOAO I

OR I r --- ---.

~~~ DROP~~ BELOW CRITICAL (INITIALF) ABOVE CRITICAL (DURIRF) LIFT tEIGKT LIFf HEIGHT

M ~

I ~· I LOAD HANGUl' SlRUCTURAL FAILURE EVENT (LOADHANG) OF CRANE-SliNG SYSTEPII (SlRUCTI)

I BELOW CRITICAL LIFT AND HEIGHT

I OR

Sf!EET 1

LOAD IS INITIALLY OPERATOR HANOLING STUCK IN PLACE CONTI!tJES SYSTEM

t:1 DURING GIVEN SlRUCTURAL SlRUCTIIRAL SlRUCTURAL FAILURE OF

1 TO HOIST FAILURE

~ LOAD LOAD FAILURE FAILURE REACTOR BUILDING CRANE HANGUP HANGUP OF SLING OF SYSTEM CAUSES DROP

HUMAN ERROR ASSEMBLY LINK OF REACTOR VESSEL 1/LIFT ASSEMBLY HEAD. INCLUDES:

1o-2tlfft

(HEADSTUCK)

OR

(SEPSTUCK)

(OPHOISTL)

1o-Zwto LOAD CELL

to-lwtLOAD CEll

10~/LOAD CEll & INTERLOCK

(HANDSYSX) (STRONGBI) ON

OR

(SPSLINGI)

OR

(LFTYOKEI)

LOAD

(LINKASMI)

1. FAILIIRE OF MAIN HOIST, CABLE, BLOCKS, HOISTING DRUM, GEARS, SHAFT OR COUPLING

Z. FAILURE OF HOOK ON REACTOR SERVICE CRANE

3. BRIDGE FAILURE

4. TROLLEY FAILURE

(RBCRMEI)

-TOP EVENT DEFINITION-

STRUCTURAL FAILURE OF CRANE-SLING SYSTEM ABOVE CRITICAL LIFT (STRUCTA)

HEIGHT I

OR I I - --------~-- -- I

STRUCTURAL STRUCTURAL STRUCT1.IRAl FAILURE FAILURE FAILURE OF OF SLING OF LINK REACTOR ASSEMBLY ASSEMBLY BUILDING

tJ CRANE 1 (STRONGBA) (LINKASMA) SYSTEM ~

OR

(SPSLINGA)

OR

(LFTYOKEA)

(RBCRANEA)

DROP Of LOAD ;;..._ ABOVE CRITICAL--- ill LIFT HE I GilT I SHEET 1

OR

OVERS PEED EVENT LEADS (OVERSPED) TO DROP OF

'1 SHEET 4

LOWER BlOCK REACHES UPPER BLOCK DURING HOISTING

IIOIST mTOII CONTINUES TO OPERATE ABOVE UPPER LIMIT SWITCH POSITION

& SHEET 3

SHEET 2

TWO BLOCKING EVERT CAUSES ('1DLOCK) DROP OF LOAD

I OR

LOVER BLOCK REACHES UPPER BlOCK DURING HOISTII'IG REVERSE REEVING

-DROP FROM CRITICAL HEIGHT-

t::1 I

U1

[E-14]

[E-13]

[F-13]

GEARED LJIUT SWITCH FAILS TO OPEN

(GEARLSCL)

& HOIST l«lTOR CONTINUES TO OPERATE ABOVE UPPER LIMIT SWITCH POSITION SHEET 3

I ~ CURRENT THROUGH H CONTACTS TOO LONG

I H RELAY COIL REMAINS ENERGIZED TOO LONG

I CURRENT THROUGH GEARED LIMIT SWITCH

TOO LONG AND I

~- -- I CURRENT THROUGH HOIST BLOCK CONTACTS

TOO LONG

AND

I -- -,

HOIST BLOCK CURRENT TO LIMIT SWITCH HOIST BLOCK FAILS TO OPEN CONTACTS

TOO LONG (HBLSCLOS) I OR

I I I

RADIO TRANSMITTER- OPERATOR CONTINUES CONTROL FAILURE TO HOIST ABOVE

UPPER LIMIT SWITCH [F-13] POSITION

(RADIO-TC) (OPHOISTZ)

[C-13] SHEET 3

[C-12]

[E-15]

[E-14]

[E-13]

[E-13]

-TWO BLOCK I !IG EVENT-

0 I

0'1

OVERSPEEO EVENT LEA(l) TO DROP __ /).. OF LOAD ~

I SHEET 4

SHEET 4

OR I

LOSS of t«l~STING LOSS l-F 575v . -~--- 1 I«JTOR DURING POWER LEADS LOSS OF LOAD LOSS OF SPRIRG LIFT CAUSES TO OVERSPEEO BRAKE DURING BRAKES CAUSES OVERSPEED AND AND DROP OF LOil:RJNG CAUSES OVERSPEEO AND DROP OF LOAD LOAD OVERSPEEO ANO DROP OF LOAD

1 I ~~~ & AND ! (POWER AVAILABLE)

SHEET 5 I 6 I .....------~- . AND I MET5

LOSS OF BOTH SPRING- 1- OPERATOR BOTH BRAKES LOAD /).. [A-11] 57Sv POWER BRAKES FAIL ~ RELI!ASES FAIL TO ENGAGE BRAKE ill

(NO POWER) TO ENGAGE THIS SHEET RAISE OR LINER 1 . IS SHEET 5 ~ PUSH BUTTON & [11-12] UNAVAILABLE

(A-16]

L___ (OPRELEAS) THIS SHEET ~ .-----~ l/lfft I

SPRJ1 BRAKE 1 SPRING BRAKE 2 I• FAILS TO ENGAGE FAILS TO ENGAGE & LOSS OF POWeR LOAD BRAKE

[A-11] --TO LOAD DEFECTIVE, (BRAKEl) (BRAKE2) 7 BRAKE [11-12] FAILS TO

SHEET 5 I EXCITE

I NO CURRENT NO CURRE!IIT PLUS SIDE LOAD [H-13] NEGATIVE SlOE [G-13] BRAKE, MA 23 OF LOAD BRAKE,

& YCT

SHEET 5

OR I

b. - NO CURRE!IIT FROM ~ ANODE TRANSFORMER [fig. C-2]

SHEET 5 I OR

ANODE TRANSFORMER LL2 FUSE LL3FUSE FAILURE, OFF [ffg. C-2] FAILURE FAILURE

(ANODEOFF) (LL2FUSE) (LL3FUSE)

(LOBRAKEX)

0 I

-...]

&---SHEET 4 NO CURRENT PlUS

SIDE OF,LOAD BRAKE I

MA23

I OR I

[H-13]

-r -- 1

[J-12]

3 ()1M 3 ()1M RESISTOR RESISTOR [K-12] OPEN CCT. OPEN CCT. NO. 1 NO. 2

{JRESISl) {3RESIS2)

LOSS OF LOAD BRAKE DURING LOWERING CAUSES-- 1-0YERSPEED AND ~ DROP OF LOAD SHEET 4

I AND I

~-----1

LOAD BRAKE I«JISTING llmOR DE-EXCITES FAILS TO REGENERATE DURING LOWERING

I {IM}TOR-R) OR

I

NO CURRENT OUTPUT FROM "14• MAGNETIC AMPLIFIER

I OR I

l ? MAGNETIC NO tmRENT F4FUSE AMPLIFIER FROM ANODE FAILURE ~;:LURE [J-15] TRArsFORHER

{M-MAOOFF) & (F4FUSE)

SHEET 4

LOSS OF I«JISTING mTOR DURING LIFT A CAUSES DVERSPEED ill AND DROP OF LOAD SHEET 4

I AND I

I LOSS OF HOISTING LOAD BRAKE

SHEET 5

I MOTOR DURING LIFT . IS UNAVAILABLE

LOSS OF POWER TO LOAD BRAKE

l SHEET 4

LOAD BRAKE DE-EXCITES

{LDBRAKEY)

(IM}TOR-L) & SHEET 4

APPENDIX E

FAULT TREE (PLANT Y)

APPENDIX E

FAULT TREES

See Appendix D regarding fault tree construction approach. Refer to the circuitry on Pages C-1 through C-8, Appendix C, for circuit locations described in the following fault tree.

Events involving failures in the circuitry in Appendix C are coded by two numbers separated by a hyphen enclosed in square brackets. These symbols have the following meaning:

o The first number represents sheet number (lower right hand corner)

o The second number denotes row number.

For example, [3-18] represents sheet 3, (Page C-2), row 18. Sheet numbers are located in the lower right-hand corner on Pages C-1 through C-8.

E--1

tx:l l

N

REACTCJI HEAD IS ·INITIALLY STUCK IN PLAtt

+ IIIJIM ERRO!t

1o-Ztlfft

(IUDSTIJC)

OR

( IlfTERifST)

'·

DROP OF REACTOR VESSEL HEAD DURING REFUELING

I OR I

SHEET 1

r -~ DROP OF REACTOR D110P OF ltEAt'nlft HEAD DlltiNG (ROOYAL) VESSEL HEAD REMOYAI.. OF ltEAt'nlft DlltiNS INSTALUITJOR HEAD I OF REACTOR HEAD

~ ~

DROP OF REACTOR VESSEL HEAD DURING INITIAL LIFT PHASE

(IIIITIALF)

DROP OF REACTOR VESSEL HEAD AFTER INITIAL LIFT AND HOLD PHASE

SHEET 8

A OR ~nz I r·· ------ ·-···-·· 1 --~ -.-- --- 1

REACTOR HEAD OYERSPEED IUJIIG BIIIIItiG OR S11lUCTURAl FAlllli!E LOAD HAN&UP INITIAL LIFT GUIOESTUDS (BIIIDIIIG} DURING IIUTIAI.. LIFT EVENT (LOADHANG) A DURING INITIAL A .

I ~ LIFT tn MD ~n s I SHEET 8

AIID OPERATOR aJIITINUES IIAIIIll I N6 TO HO 1ST DIJIIIIG SYSTEM LOAD HAN6UP FAILURE

I GIVEN LOAD

OR HANG UP I EVENT

I I I t IIIlTH LOAD OPERATCJI RIGGERS CELL ERROR

CRANE OPERATCJI S11lUCTURAl OPERATOR aJIITINUES FAILiliiE OF ERROR TO HOIST THE CRANE (E.G. IIIVEMENT DURING SYSTEPI OF TROlLEY BINDIIIG GIVEN OR GANTRY I B INO IIIG DURING OR Ll FT} (S11WCTIIH)

MISREAD READS (OPLOADIP) l/11ft LOAD LOW

CELL (HAIIDSYSll)

(RIGGEIIS) (LCRLOII} 10-3/event

IIIlTH lUGGERS CRANE (OPI!IIID) FAIL TO OBSERVE OPERATUII OR

BINDING ERROR

10-2/ltft (RIGIIIND) (IIPIIDISTB) (STIWCTIII)

to-3tevent 10-3/dellland 10-3/daaand

!:Ij I

w

(DUIUNGLF)

DIIOP OF REAC'ml VESSEL __A HEAD AFTER INITIAL · ~ ll FT AND HOLD PHASE

I OR I

SHEET 1 SHEET Z

r ---·· 1 ~- I IIIIIIIIC (STliUCTAH) ST11UCTURAL FAILURE I M WICICIIG ABOVE INITIAl ABOVE INITIAl LIFT OYERSPEED EVENT CAUSES

(IIIIIIIIC) LIFT HEIGHT OR HEIGHT EVENT CIM'\.ED ORDP Of REACTOit CAUSES DROP IIITH BRAKING VESSEL HEAD

('NIIIlOCit)

OF LOAD (STRUCTAI) (CALCULATED BY THE SYSTEM FAILURE I I USE OF STRUCTURAL LEADS TO D110P

Alii RELIABILITY) OF REACTOR (OVEIISPED)

I &HEAD -~---------L---~,-------------., SHEET'

CRAIIE­OPERATOR ERROR (E. G. IIIJmiJEIIT OF TROLLEY OR GANTRY

, , DURING liFT)

(OPBIIII)

to-2tlfft

110111 RIGGERS FAIL TO OilS EM IIINDIIIG (RIGBINO)

10-3,.ta.nd

OPERATOR STRUCTURAL CONTINUES FAILURE OF TO I«JIST CRANE DURING SYSTEM BINDING GIVEN I BINDIIC

OR (ST11UCTBH)

CRANE OPERATOR ERROR

( OPIIJ ISTB)

to-3tdelllnd

OR

(STRUCTBI)

LillER WICIC REACJES U'PEII BlOCK DURING l«)lSTING

I IIJIST IIIJTOR CONTI IUS TO OPERATE ABOVE UPPER LIMIT 511 ITCH POSITIOft

& SHEET 3

OR

LillO IILOCK REACHES UPPER BLOCK DURING I«)JSTIIIG REVERSE REEVING

(not ... ,oped fllrtller due to • IIIIlCh l01111r probab11t ty tllan two-b1oclt1ng without reftrse reeving)

1?:1 1

11::>

[4-36]

II)IST JIIJTOR COfrriNIJES & TO OPERATE ABOVE UPPER 2 LIMIT SWITCH POSITION

I ctRREKT TO II)JSTING IIJTOR TOO LONG

I GENEliATOR VOLTAGE TOO LONG

I MD

I r -~

MG SET OOifTINUES GENERATOR FIELD TO OPERATE CURRENT TOO LONG

I I [4-47]

SHEET 2

ctRREJn' Tfi«)UGH lMA CONTACTS TOO LONG

I '""""' """""' [4-36] --RPA-SCR TOO LOIG I lB1 "'"'""'TOO

I [0.16] ,... I •• • I I

A SlEET 4

[4-36]

J RPA-SCR REMAINS. Olf WHEN CIJIREIIT TOO LOifG TO RPA-SCR

I OR I ,.. ----- ---

RPA OUTPUT llf.i CONTACTS • lllTH NO SIGNAl. REMAIN IN II)IST INPUT POSITION

[4-18]

(RPA) I OR

I I OPERATOR COIO'JIIiJES llf.i COifTACTS TO II)IST ABOVE UPPER STICK IN II)IST LIMIT SWITCH POSITION POSITION

(OPII)IST2) (lMSHOIST)

[4-16]

[4-18]

1B1 i.ACTS CURLm. FAIL TO OPEN TIIIIOUGif 1 YR CONTACTS (llllQ.OSE) TOO LONG

I CURitEift' THROUGH lUY CONTACTS TOO LONG

I A

SHEET 4

SHEET 3

00 BloatiNG MilT

J:lj I r 1

lTl

[3-05]

MRENT TlltOOOM & lUV CONTACTS TOO

LONG SHEET 3

I SHEET4 AND I I ---~ ~--~~ ---- --- -1

[3-05]

CIJIRENT TO IUV [3-18] CONTACTS TOO LONG

I [3-18] MRENT 11IIOUGif

lH CONTACTS TOO LONG

I [3-20) CIJIRENT THROUGH

lLSH eotn'ACTS TOO LONG

I WEIGHT LIMIT SIIITCH [3-20] CONTACTS FAIL TO OPEN

(lft..SCLOSE)

A CURRENT THROUGH ~ lMA CONTACTS TOO LONG

SHEET 3 I OR I r--- 1

lMA COwrAm 1M RElAY FAIL TO OPEN COIL R£*1115

ENERGIZED (lMCLOSE) I

CIJIREwr TlllOUGH

[2-38]

GEAR LIMIT SWITCH, GLS, CONTACTS TOO LONG

I Gl.S eotn'Am FAIL TO OPEN

I (Gl.SCLOSE)

[2-38]

lUV RELAY COIL tt~IIIS ENERGIZED TOO LJNG

I [2-47]

CURRm 1MIIOUGH DIERGEltCY STOP COIITACTS TOO LONG

I OR

I I l

OPERATOit CONTIJIIUES OPEMTOit TO HOIST DURING FAILS TO TWO-BLOCKING PRESS .,.EME.,MDC..,.,.""'Y

STOP DURING (OPHOIST2) 00 IILOCICING

( OPE'JIIJER2II )

M IIL.Oall8& EYm

tr:l I

O't r

OYERSPEED 1\ (OYERSPED) EV£NT -L:ll

I OR I

SHEET 1. 2. 8

SHEET 5

I I --. LOSS OF BOTH LOSS OF IIJTOR } ASSIJIE { LOSS OF HOISTIIIG BRAKES LEADS FIELD All> BRAKES II> CREDIT i'IJTOR ARMATURE TO OVERSPEED FAIL TO SET FOR CURRENT

1 LEADS TO OVEASPEED DPERATDft AIIJ I ACTION A

All> 1....0.

I MU7

::C":r"' SPRIIIG SPRIIIG MASTER BRAKE [3-22] BRAKE [3-24] ,..,-......._------------___,~ SWITCH [3-36] 1 FAILS 2 FAILS IN OFF TO ENGAGE TO ENGAGE POSITION (BRAKEl) (BRAKEZ) (OPMSOFF)

LOSS OF HOISTING KITOR FIELD

& SHEET 6

[4-46] BOTH BRAKES* FAIL TO ENGAGE DURING OYERSPEED

I Oft I

~­'. anm THIIOUGM lBJI COIITACTS TOO [3-111]

[3-18]

ctRtEIITTIIIOUGH ."A THE lBJI CONTACTS ---~

roo~ ~rn>£n

QJIREIIT THROUGH THE lUY CONTACTS TOO LONG

I OR

I

[3-18]

[3-18]

,- --------- - .1 lUV mtn'ACTS lUV RELAY REMAINS FAll TO OPEN ENERGIZED TOO LONG

(lUV) I lFL CONTACTS FAIL TO OPEN

(1 FL-COIIT)

[3-18]

[2-45)

LONG & THIS HET

• IIIECIWIICAL FAILIJIE OF llllmt 8IM£S IS fiiDT CONSIDERED FOR THIS EVENT SIIICE FAILURE OF BOTH BRAKES IS A PIINIM. CUT SET.

OYERSPEED EYEftT

t:t1 I

-...]

*CIRCUIT ELEMENTS IN SERIES

[4-46] LOSS OF IIJISTING A IIJT!Jt FIELD - ili

I DR SHEET 5 I

SHEET 6

I 1 1 OPEN 1Jt SIIJRT" NO CURRENT OPEN OR SHORT* RESISTOR" IN IIJTOR FIELD , [4-46] TO MOTOR FIELD IN FIELD LOSS lRS FAILURE WINDING I RELAY COIL OPEN OR

NO CURRENT* SIIJRT CCT. (IIJTOR-SF) [4-38] OUTPUT MOTOR (ln-OCCT)

POWER AMPLIFIER I [4-441

• 0~ J --- -- - 1

MOTOR POWER FAILURE Nf'LIFIER OF IIJTOR FAILURE -- OFF [4-38] FIELD DURING OYERSPEED PROGRAMMER

I TO CONTROL IIJTOR

OR I

FIELD CURREm'

(IRS}

~---~-~-·-- I {PIFP)

[4-38] IIIJTOR POWER MPLlFIER FAILURE -- OFF

(II'A)

NO POWER TO IIJTOR POWER AMPLIFIER

I . TRANSFORPIER TO POWER MPLIFIER SIIJRT OR OPEN CCT.

(TR-PIPA)

[4-38]

OYERSPEED EVENT

[4-44]

I:Ij ., 00

LOSS OF HOISTING _A. IIITOR ARMATURE --ill CURRENT

I SHEET 5

OR

I r- ··-I OPEN OR SHORT NO GENERATOR CCT. IN IIITOR ARMATURE VOLTAGE

A-~ I OR (IIITOR-A) I

I

[4-46] NO VOL TAG£ TO GENERATOR GENERATOR SHUNT FinD ARMATURE

I OPEN DR SHORT CCT.

OR

OPEN J. 5100' NO CURRENT IN SCR [4-38] TO SCR

(SCR-MPA) I

I

NO CURP.ENT OUTPUT-GENERATOR

[4-36) REVERSING POWER AMPLIFIER

I OR

I REYERSING POIIER LOSS OF POIIER

[4-36] NI'LIFJER OFF TO GENERATOR PIPA

(GRPA) ' I TRANSfORIIIER FAILURE TO RPA

(m-GRPA)

(GENERAm)

SHEET 7

[3-46]

OVEIISPEED EmiT

t:r1 I

1..0

{ IISTM.l) DllOP OF IDC1tJt & (IIUIURF) lf£AD IUIIIIG IIISTALLATIOII SHEET 1

I 011

I I ---~, STIUCT'UIW.- CMIISPHII I'AILUIIE Of EYEIIT CRAIE SYSTEM DUIUII8 DUIIIIC IIISTAU.ATIIJI IIISTAU.ATIIJI

(Snu:TAH)

(It

(Snu:TAI)

& SHEET 5

SHEET II

STIIUCTIItAL A (Snu:TJL) FAILURE OOIUIIG ~

INITIAL LIFT I StiEETI ...

~-----~ - I S1'IIOCnM. FAILURE OF AEACTOIII HEAD LIFT INC DEY ICE CAUSES OROP OF AEACTOIII WESSEL

011 I

STIIICT1M. FAILURE OF ltEACTOI SEilYJC£ CliME SYSTDI CAUSES DllOP OF REAClUA WESSEL 1011. IIICUIIES:

1. FAJLIIIE OF Mill HOIST, CMlE, BloatS, IIOISTIIIC IJIIIM, &EMS (It SMFT

2. FAILURE Of 110111 01 III£ACTOR SERYICE CIWIE

3. IIIIRIDE FAillE

r ----- 1 4. TIIILL£1' FAillE

STIIUCT1ItAL FAILURE OF HAIIIIIMIIE

( II.FST11CI )

( ILFST11C I)

FAILURE DUE TO IMPIIOPER COIIIIECT Jill tiiOEA IMTEA

(DIPIIIRC)

(FOil IJIIIP£R t!ITERIW.S LIFT lillY)

(ltSCRRI)

• (ltSCRRII)