[Federal Register Volume 85, Number 50 (Friday, March 13, 2020)]
[Notices]
[Pages 14658-14671]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-05141]


=======================================================================
-----------------------------------------------------------------------

DEFENSE NUCLEAR FACILITIES SAFETY BOARD


Recommendation 2020-01

AGENCY: Defense Nuclear Facilities Safety Board.

ACTION: Notice; recommendation.

-----------------------------------------------------------------------

SUMMARY: The Defense Nuclear Facilities Safety Board has made a 
Recommendation to the Secretary of Energy concerning the Department of 
Energy's regulatory framework to ensure adequate protection of public 
health and safety at defense nuclear facilities. Pursuant to the 
requirements of the Atomic Energy Act of 1954, as amended, the Defense 
Nuclear Facilities Safety Board is publishing the Recommendation and 
associated correspondence with the Department of Energy and requesting 
comments from interested members of the public.

DATES: Comments, data, views, or arguments concerning the 
recommendation are due on or by April 13, 2020.

ADDRESSES: Send comments concerning this notice to: Defense Nuclear 
Facilities Safety Board, 625 Indiana Avenue NW, Suite 700, Washington, 
DC 20004-2001. Comments may also be submitted by email to 
[email protected].

FOR FURTHER INFORMATION CONTACT: Tara Tadlock at the address above or 
telephone number (202) 694-7000.

SUPPLEMENTARY INFORMATION: 

Recommendation 2020-01 to the Secretary of Energy

Nuclear Safety Requirements, Pursuant to 42 U.S.C. 2286a(b)(5), Atomic 
Energy Act of 1954, as Amended

    Introduction. The Department of Energy's (DOE) defense nuclear 
facilities and associated infrastructure are aging, but DOE will 
continue to use many of the facilities and much of the infrastructure 
for the foreseeable future. Consequently, the safety systems and 
features that were designed into the buildings or installed during 
construction are also aging. At the same time, DOE is proposing, 
designing, and building new defense nuclear facilities to support its 
continued mission. DOE needs to maintain a robust safety posture and 
strong regulatory framework to ensure that both its aging facilities 
and infrastructure and its new facilities provide adequate protection 
of public health and safety. DOE will need clear requirements and 
guidance for its staff to follow and enforce.
    Background. DOE Policy 420.1, Nuclear Safety Policy, states, ``It 
is the policy of the Department of Energy to design, construct, 
operate, and decommission its nuclear facilities in a manner that 
ensures adequate protection of workers, the public, and the 
environment.'' Title 10 Code of Federal Regulations (CFR) 830, Nuclear 
Safety Management, provides a foundation of requirements upon which DOE 
relies to ensure adequate protection of workers, the public, and the 
environment. With this rule, DOE has developed a robust regulatory 
framework--including orders, guides, and standards--to provide the 
requirements and guidance for the safe design, construction, operation, 
and decommissioning of its defense nuclear facilities.
    10 CFR 830 captures the fundamental requirements for nuclear safety 
management to ensure contractors perform work ``with the hazard 
controls that ensure adequate protection of workers, the public, and 
the environment.'' DOE provides additional requirements in orders and 
standards. These additional requirements may be imposed on contractors 
by reference in regulations or by contract. DOE also provides non-
mandatory guidance in guides, handbooks, and manuals.
    In its initial Notice of Proposed Rulemaking creating 10 CFR 
830,\1\ DOE noted:
---------------------------------------------------------------------------

    \1\ 56 FR 64316, December 9, 1991.
---------------------------------------------------------------------------

    The [Price-Anderson Amendments Act of 1988], coupled with DOE 
efforts to improve the assurance of safety in its nuclear operations, 
led DOE to conclude that basic DOE nuclear safety requirements should 
be established through rulemaking. These requirements would revise and 
supplement the existing requirements, and in particular, establish 
specific requirements for applicable DOE

[[Page 14659]]

nuclear facilities and provide a structured means for measuring the 
adequacy of the implementation and compliance on a facility-specific 
basis. Compliance would be measured against specific requirements and 
against provisions of programs required by these requirements and 
approved by DOE.
    As specified in its enabling legislation, the first function of the 
Defense Nuclear Facilities Safety Board (Board) is to ``review and 
evaluate the content and implementation of the standards relating to 
the design, construction, operation, and decommissioning of defense 
nuclear facilities of the Department of Energy (including all 
applicable Department of Energy orders, regulations, and requirements) 
at each Department of Energy defense nuclear facility.'' \2\ Since its 
creation, the Board has provided several recommendations that focus on 
creating a standards-based safety management system for DOE's defense 
nuclear facilities. DOE issued a notice of proposed rulemaking for 10 
CFR 830 in August 2018. In this recommendation, the Board recommends to 
the Secretary of Energy specific measures that DOE should retain or 
adopt as requirements in its regulatory framework, including 10 CFR 830 
and associated orders and standards, to include the implementation 
thereof, to ensure that public health and safety are adequately 
protected.
---------------------------------------------------------------------------

    \2\ 42 United States Code (U.S.C.) 2286a(b)(1).
---------------------------------------------------------------------------

    The Board notes a fundamental principle of responsibility and 
delegation in Recommendation 2004-1, Oversight of Complex, High-Hazard 
Nuclear Operations:
    In any delegation of responsibility or authority to lower echelons 
of DOE or to contractors, the highest levels of DOE continue to retain 
safety responsibility. While this responsibility can be delegated, it 
is never ceded by the person or organization making the delegation. 
Contractors are responsible to DOE for safety of their operations, 
while DOE is itself responsible to the President, Congress, and the 
public.\3\
---------------------------------------------------------------------------

    \3\ Recommendation 2004-1, Oversight of Complex, High-Hazard 
Nuclear Operations. May 21, 2004.
---------------------------------------------------------------------------

    DOE is responsible for designing, constructing, operating, and 
decommissioning its defense nuclear facilities in a manner that ensures 
adequate protection of the public. Therefore, DOE prescribes the 
requirements for its operating contractors to follow and implement, 
approves the facilities' safety bases,\4\ and oversees compliance 
through line management and independent oversight.
---------------------------------------------------------------------------

    \4\ From 10 CFR 830.3, ``Safety basis means the documented 
safety analysis and hazard controls that provide reasonable 
assurance that a DOE nuclear facility can be operated safely in a 
manner that adequately protects workers, the public, and the 
environment.''
---------------------------------------------------------------------------

Analysis

    Aging Infrastructure--When DOE first issued 10 CFR 830, the 
majority of its defense nuclear facilities were already a few decades 
old, and DOE had launched an effort to construct new facilities to 
replace them. The Replacement Tritium Facility at the Savannah River 
Site (now known as Building 233-H) is an example. However, nearly three 
decades after construction and startup of the replacement facility, DOE 
continues to rely on some older facilities to support its tritium 
operations, and will continue to do so for the indefinite future.
    Similarly, DOE has embarked upon the design and construction of the 
Uranium Processing Facility at the Y-12 National Security Complex, but 
intends to operate two associated 50-plus year old facilities for 
another several decades to support its production commitments for 
national security purposes. Also, the time from concept to startup of a 
new defense nuclear facility has increased dramatically in recent 
years, placing further emphasis on the need for continued operation of 
aging facilities.
    As facilities age, concerns develop over whether DOE can still 
safely operate and maintain them. Safety structures, systems, and 
components may degrade and not be able to reliably perform their safety 
functions. Older facilities continue to update their safety bases to 
comply with 10 CFR 830 without ensuring the reliability of safety 
systems, comprehensively evaluating the need for refurbishment or 
replacement of those systems, reconsidering the design or integrity of 
structures, or conducting a backfit analysis of equipment important to 
safety. Aging impacts are especially concerning for passive features 
(e.g., facility structures and fire walls) that are not required to be 
surveilled to ensure they can perform their safety function. While DOE 
performs some upgrades and retrofits at aging facilities, it lacks a 
formal, complex-wide regulatory structure for identifying and 
performing upgrades necessary for the adequate protection of public and 
workers.
    In addition, as the infrastructure supporting safety systems (e.g., 
utilities and site services) ages, the supporting infrastructure may 
also degrade and impact the reliability of safety systems. DOE has 
taken action to address specific issues at particular sites, such as 
the Extended Life Program (ELP) at Y-12. However, the Board's concerns 
about aging infrastructure extend across the complex. Efforts such as 
the Y-12 ELP are laudable, but a much more systematic approach is 
required to address the needs across the complex. The Board has 
previously communicated its concerns regarding age-related degradation 
of infrastructure.
    In a 2018 report,\5\ DOE's Infrastructure Executive Committee noted 
that deferred maintenance had increased by 25 percent between 2013 and 
2017 to a total of $5.9 billion dollars for operational facilities. 
Also, the report noted that 17 of the Department's 79 core capabilities 
\6\ were potentially at risk due to inadequate infrastructure, 
including 5 core capabilities related to defense nuclear facility 
infrastructure and operation.
---------------------------------------------------------------------------

    \5\ Annual Infrastructure Executive Committee Report to the 
Laboratory Operations Board, March 27, 2018.
    \6\ Core capability is defined in DOE Order 430.1C, Real 
Property Asset Management, as the ability to conduct programmatic 
activities that would be degraded should the asset fail to perform 
as intended.
---------------------------------------------------------------------------

    The Administrator for the National Nuclear Security Administration 
(NNSA) recognized the challenges NNSA faces with regards to its aging 
infrastructure in her April 11, 2018, testimony to the Subcommittee on 
Energy and Water Development Senate Committee on Appropriations, 
``NNSA's infrastructure is in a brittle state that requires significant 
and sustained investments over the coming decade to correct. There is 
no margin for further delay in modernizing NNSA's scientific, 
technical, and engineering capabilities, and recapitalizing our 
infrastructure needed to produce strategic materials and components for 
U.S. nuclear weapons.''
    In addition to financial investment, a strong regulatory framework 
is needed to manage aging infrastructure investments and priorities. 
Accordingly, the Board believes that DOE needs to review its priorities 
and establish department-level policy and guidance for managing aging 
infrastructure.
    Hazard Categories--In 10 CFR 830, DOE applies a graded approach to 
the preparation of the safety basis for defense nuclear facilities, 
provides the criteria to be used for such gradation, and defines three 
Hazard Categories grouped by the significance of their consequences to 
different receptors (i.e., offsite/public, onsite/collocated workers, 
and local/facility workers). In its proposed revision to 10 CFR 830,

[[Page 14660]]

DOE proposes to delete the specific definitions of Hazard Categories 
and replace them with a generic definition in the future.
    If it removes the Hazard Category definitions from 10 CFR 830 and 
the rulemaking process, DOE fundamentally undermines important nuclear 
safety processes established in the rule. Hazard categorization is an 
important aspect of 10 CFR 830 because the process determines what 
safety basis requirements are applicable to a facility. When combined 
with the lack of an aging management program, this could enable 
contractors to increase the radiological hazards present in an aging 
facility without an adequate understanding of the ability of the 
facility's safety structures, systems, and components to control the 
higher level of risk.
    DOE Approvals--Both DOE and the Board have observed that the 
current requirement for updating a facility's documented safety 
analysis on an annual basis has been problematic at some defense 
nuclear facilities with complex activities. This is compounded when DOE 
and its contractors defer correcting known deficiencies until the next 
annual update instead of correcting the deficiencies within the current 
cycle. The Board also has observed situations where there have been 
multiple ``review iterations'' by the contractors and their DOE 
approval authorities. This could be a sign of disagreement between DOE 
and its contractor, or the lack of adequate technical quality or 
content in the safety basis documents submitted to DOE for approval. 
Difficulties in the annual update process also could indicate that 
DOE's contractors are not implementing the unreviewed safety question 
(USQ) process consistent with DOE requirements.
    The Notice of Rulemaking does not provide an analysis of the 
problems that DOE is attempting to address, so it is not clear that 
DOE's proposed change to remove the requirement for DOE to approve 
annual documented safety analysis (DSA) updates is an effective 
solution. Removal of this requirement also complicates DOE's ability to 
ensure the configuration of the facility, the processes, and the 
documentation, and to evaluate the cumulative impact of temporary or 
permanent changes on the safety of the facility. The lack of an annual 
approval process could result in increasing latent risks as facilities 
and infrastructure age, due to the reduced frequency of DOE's approval 
of the evaluation of the reliability of their safety structures, 
systems, and components. As the Board noted in Recommendation 2004-1, 
``Contractors are responsible to DOE for safety of their operations, 
while DOE is itself responsible to the President, Congress, and the 
public.''
    Safety Basis Process and Requirements--10 CFR 830 captures the 
fundamental requirements for nuclear safety management to ensure 
contractors perform work ``with the hazard controls that ensure 
adequate protection of workers, the public, and the environment.'' DOE 
provides additional requirements in orders and standards. These 
additional requirements may be imposed on contractors by reference in 
regulations or by contract. DOE also provides non-mandatory guidance in 
guides, handbooks, and manuals.
    DOE uses a number of processes for implementing an approved safety 
basis. The USQ process determines the approval authority for proposed 
changes to DSAs. Technical safety requirements (TSR) ensure that 
important operating parameters are maintained, and that safety 
structures, systems, and components are available and able to perform 
their defined safety functions under all types of conditions. Specific 
administrative controls (SACs) are higher level administrative controls 
that have safety importance equivalent to engineered controls that 
would be classified as safety-class or safety-significant.
    USQs, TSRs, and SACs are all very important aspects of implementing 
and maintaining the safety basis at defense nuclear facilities. 
However, DOE does not provide specific implementation requirements in 
its regulatory framework, including 10 CFR 830, for contractor 
implementation of USQs, TSRs, and SACs. Instead, DOE provides non-
mandatory guidance for USQ and TSR implementation via guidance 
documents and some requirements for SACs via a standard.\7\ This lack 
of implementation requirements leads to inconsistent implementation 
across the complex. Therefore, the Board concludes DOE should 
incorporate specific implementation requirements for USQs, TSRs, and 
SACs, in its regulatory framework, including 10 CFR 830.
---------------------------------------------------------------------------

    \7\ DOE Standard 1186-2016, Specific Administrative Controls, 
contains requirements; however, those requirements are only 
enforceable if Standard 1186-2016 is included in a contract.
---------------------------------------------------------------------------

    The attached Findings, Supporting Data, and Analysis document 
provides the Board's supporting analysis for this recommendation.
    Conclusion. DOE needs to have a robust regulatory framework that 
provides sufficient structure such that both aging and new defense 
nuclear facilities continue to provide adequate protection of workers 
and the public. This recommendation is intended to strengthen DOE's 
regulatory framework in its current form, including DOE's orders, 
standards, and implementation. The Board agrees with DOE that 10 CFR 
830 requires an update, but believes that the Notice of Proposed 
Rulemaking would actually erode the regulatory framework. DOE's nuclear 
enterprise has grown since the original issuance of the rule; however, 
DOE's regulatory framework has not been updated to include requirements 
for key concepts and safety control strategies upon which its defense 
nuclear facilities rely.
    Recommendation. To ensure adequate protection at defense nuclear 
facilities, the Board recommends that DOE revise its regulatory 
framework, to include requirements in 10 CFR 830, Nuclear Safety 
Management, associated orders and standards, and implementation 
thereof, as follows:
    1. Aging Infrastructure.
    a. Develop and implement an approach including requirements to 
aging management that includes a formal process for identifying and 
performing infrastructure upgrades that are necessary to ensure 
facilities and structures, systems, and components can perform their 
safety functions.
    2. Hazard Categories.
    a. Retain qualitative definitions of hazard categories in 10 CFR 
830.
    b. Revise 10 CFR 830 to mandate use of a single version of Standard 
1027 when performing facility hazard categorization.
    3. DOE Approvals.
    a. Conduct a root cause analysis to identify the underlying issues 
prohibiting the current safety basis approval process from working 
efficiently and use the findings to improve DOE's approval process.
    b. Add language to the rule to explain that DOE's review of safety 
basis updates should consider the cumulative effect of changes to the 
safety basis.
    c. Revise the body of 10 CFR 830, Subpart B, to include formal DOE 
approval of justifications for continued operation and evaluations of 
the safety of a situation.
    4. Safety Basis Process and Requirements.
    a. Conduct a root cause analysis to identify the underlying issues 
prohibiting contractors from developing and submitting a documented 
safety analysis on an annual schedule for DOE approval and use the 
findings to improve the submission process.
    b. While conducting the analyses in 3.a. and 4.a. above, retain the

[[Page 14661]]

requirement for contractors to submit a documented safety analysis on 
an annual schedule for DOE approval.
    c. Specify what safety basis documentation a contractor must submit 
when seeking approval for an action involving a USQ (proposed 10 CFR 
830.203(d)).
    d. Establish requirements for USQs and TSRs in 10 CFR 830 and/or 
orders, by elevating key guidance on USQs and TSRs to clearly 
identified requirements.
    e. Establish requirements for and incorporate the concept of 
defense-in-depth and SACs and add a discussion of defense-in-depth and 
SACs to 10 CFR 830 under safety structures, systems, and components.

-----------------------------------------------------------------------

Bruce Hamilton,
Chairman.

Recommendation 2020-1 to the Secretary of Energy

Nuclear Safety Requirements

Risk Assessment for Recommendation 2020-1

    This risk assessment supports the Defense Nuclear Facilities Safety 
Board's (Board) Recommendation 2020-1, Nuclear Safety Requirements. 
Board's Policy Statement 5, Policy Statement on Assessing Risk, states:
    Risk assessments performed in accordance with the Board's revised 
enabling statute will aid the Secretary of Energy in the development of 
implementation plans focused on the safety improvements that are needed 
to address the Board's recommendations.
    This recommendation identifies deficiencies with the Department of 
Energy's (DOE) proposed Nuclear Safety Management rule, 10 CFR 830, and 
with the implementation of the current rule's requirements. Subpart B 
of the rule, Safety Basis Requirements, applies to the highest hazard 
defense nuclear facilities across the complex. The application of the 
changes DOE has proposed will have a far-reaching impact on those 
facilities posing the greatest risks to worker and public health and 
safety.
    The Secretary of Energy is required to ensure adequate protection 
of the public. DOE established 10 CFR 830 as a fundamental part of the 
Secretary of Energy's ability to ensure adequate protection. Given the 
weaknesses in the existing rule and further weaknesses in DOE's 
proposed rulemaking, the Secretary of Energy cannot consistently ensure 
adequate protection. Therefore this recommendation is justified and 
necessary.

Recommendation 2020-1 to the Secretary of Energy

Nuclear Safety Requirements

Findings, Supporting Data, and Analysis

    Background. The Department of Energy (DOE) developed the first 
draft of Subpart B to 10 Code of Federal Regulations (CFR) part 830, 
Safety Basis Requirements, in the mid-1990s using subject matter 
expertise from the Nuclear Regulatory Commission (NRC). DOE designed 
its format and contents similar to NRC's 10 CFR 50, Domestic Licensing 
of Production and Utilization Facilities. To that end, DOE created the 
concept of a safety basis, which is a series of documents comprising a 
documented safety analysis (DSA), a technical safety requirements (TSR) 
document, and a safety evaluation report (SER). DOE would review and 
approve the contractor developed DSA and TSR documents, and issue the 
SER to document its review and approval.
    To maintain configuration control of the DSA while allowing some 
operational flexibility for the contractors, DOE established the 
unreviewed safety question (USQ) process so that contractors could make 
some changes to their activities as long as the changes were within the 
bounds of the DOE-approved DSA. Thus, three distinct sections were 
created in the main body of the rule, with the USQ process dedicated to 
the configuration control of the DSA; and any changes to the TSR 
document were to be submitted to DOE for approval prior to 
implementation. DOE Standard 1104, Review and Approval of Nuclear 
Facility Safety Basis and Safety Design Basis Documents established 
DOE's process for its review and approval activities and the 
development of the SER.
    DOE provided additional details on these concepts in Appendix A to 
Subpart B as ``DOE's expectations for safety basis requirements of 10 
CFR 830, acceptable methods for implementing these requirements, and 
criteria DOE will use to evaluate compliance with these requirements.'' 
This concept was also modeled on NRC's issuance of appendices to 
``establish minimum requirements'' that need to be met in order to 
comply with 10 CFR 50. For example, Appendix A to Part 50 provides the 
general design criteria and Appendix R provides fire protection 
requirements. Neither NRC nor DOE intended to consider the contents of 
an appendix to a Code of Federal Regulations section to be subject to 
the users' discretion. NRC provided additional detailed guidance in the 
regulatory guides that utilities use to comply with Part 50. Similarly, 
DOE provided a list of standards in Appendix A to Part 830 that 
contractors should use as acceptable methodologies for compliance with 
10 CFR 830, Subpart B. These are known as the safe harbor standards.
    Introduction. As part of the DOE's regulatory reform activities 
under Executive Order 13777, Enforcing the Regulatory Reform Agenda, 
DOE directed its Office of Environment, Health, Safety and Security,\8\ 
working with the Office of the General Counsel, to initiate a 
rulemaking to revise 10 CFR 830 to address the following areas (amongst 
others):
---------------------------------------------------------------------------

    \8\ Memorandum from Dan R. Brouillette, Deputy Secretary, to 
heads of elements, Initiate a Rulemaking to Revise 10 CFR 830, dated 
August 15, 2017.
---------------------------------------------------------------------------

    a. Regulatory Treatment of Hazard Category 3 Facilities. 
Differentiate the treatment of Hazard Category 2 and Hazard Category 3 
nuclear facilities by developing a new subpart to 830 for Hazard 
Category 3 that provides an appropriate graded approach to the 
implementation of the requirements in 830 for both contractors and the 
Department.
    b. Safe Harbor Standards. Table 2 of Appendix A of 10 CFR 830, 
Subpart B, should be removed from the rule and become a separate 
standard (or other mechanism) referenced in the Rule.
    c. Standard 1027 (STD) Successor Document. Add the term `or 
successor document' to the 10 CFR 830 requirement to categorize nuclear 
facilities consistent with DOE STD 1027-92. The [working] Team 
recommends that DOE initiate a new revision to DOE STD 1027 (in 
addition to the existing 1027-92 revision effort) that updates the 
hazard categorization methodology and can be synched with the eventual 
revision to 830.
    d. Updates to Documented Safety Analyses (DSAs). Increase the 
periodicity from the existing annual requirement to either 2 or 3 
years; the current (arbitrary) annual requirement is problematic for 
complex facilities (e.g., the DOE review/approval can take several 
months and overlap with contractor delivery of the annual update for 
the subsequent year). In addition, appropriately scoped updates should 
not require DOE approval.
    f. Unreviewed Safety Question (USQ). Set appropriate USQ approval 
levels, improving operational flexibility, and clarifying terminology.
    g. Limiting Analyses of Chemical Hazards. Limiting the requirement 
for

[[Page 14662]]

the analysis of chemical hazards in DSAs, unless the chemicals, for 
example, are an initiator to a nuclear event, or inhibit responses to 
nuclear events. [Note: Chemical hazards are already addressed in 10 CFR 
851, Worker Safety and Health Program.]
    These activities were to ``result in significant improvements in 
efficiency and/or decrease in cost in Laboratory and DOE operations, 
while maintaining accountability and contractor performance standards 
[and] an appropriate level of DOE oversight.''
    Findings. DOE issued the notice of proposed rulemaking for 10 CFR 
830 in August 2018. The following paragraphs provide the Board's 
findings and analysis of DOE's proposed changes to 10 CFR 830, Subpart 
B, Safety Basis Requirements, and its referenced documents.
    1. Aging Infrastructure.
    DOE's memorandum that initiated the rulemaking relied on input and 
proposals from a working group to ``identify internal DOE reforms that 
could result in significant improvements in efficiency and/or decrease 
in cost. . .while maintaining accountability and contractor performance 
standards.'' From the working group's proposal, DOE identified several 
focus areas, including reform of 10 CFR 830, for further development of 
actions that may achieve the goal of improving efficiency and 
decreasing cost. This effort did not identify issues with the aging 
infrastructure, including lack of DOE guidance or requirements for 
maintenance, or the adequacy of safety posture for indefinite continued 
operation.
    It is clear that as defense nuclear facilities age, their safety 
bases will become more complex. In some cases, DOE introduced new 
missions into old facilities, which are dependent upon dated 
technological infrastructure. Complexity has been shown to drive the 
contractors to heavily rely on administrative controls, instead of 
engineered features, to overcome the inherent difficulties involved in 
trying to comply with the requirements of 10 CFR 830, Subpart B.
    At the time when 10 CFR 830 was crafted, the majority of defense 
nuclear facilities were only a few decades old, and DOE had launched an 
aggressive effort to construct new facilities to replace them. 
Facilities such as the Replacement Tritium Facility (RTF, now known as 
Building 233-H) at the Savannah River Site were examples of this vision 
in the early 1990s. However, three decades after the construction and 
startup of RTF, DOE continues to rely on some older facilities to 
support its tritium operations for the indefinite future. Similarly, 
DOE embarked upon design and construction of the Uranium Processing 
Facility at the Y-12 National Security Complex, but plans to continue 
to rely on operation of two other 50-plus year old facilities for 
another several decades to support its production commitments for 
national security purposes.
    A significant number of defense nuclear facilities in the complex 
are now more than 50 years old and have surpassed their design life by 
decades. Concerns over whether facilities can still be operated and 
maintained safely develop as facilities age. Safety structures, 
systems, and components may degrade and be unable to perform their 
safety functions reliably. As the infrastructure supporting those 
safety systems (e.g., passive features, utilities, and site services) 
ages, it may also degrade and impact the reliability of those safety 
systems.
    As facilities age, concerns develop over whether DOE can still 
safely operate and maintain them. Safety structures, systems, and 
components may degrade and not be able to reliably perform their safety 
functions. Older facilities continue to update their safety bases to 
comply with 10 CFR 830 without ensuring the reliability of safety 
systems, comprehensively evaluating the need for refurbishment or 
replacement of those systems, reconsidering the design or integrity of 
structures, or conducting a backfit analysis of equipment important to 
safety. Aging impacts are especially concerning for passive features 
(e.g., facility structures and fire walls) that are not required to be 
surveilled to ensure they can perform their safety functions. While DOE 
performs some upgrades and retrofits at aging facilities, DOE lacks a 
formal, complex-wide regulatory structure for identifying and 
performing upgrades necessary for the adequate protection of public and 
workers.
    In addition, as the infrastructure supporting safety systems (e.g., 
utilities and site services) ages, the supporting infrastructure may 
also degrade and impact the reliability of safety systems. DOE has 
taken action to address specific issues at particular sites, such as 
the Extended Life Program (ELP) at Y-12. However, the Board's concerns 
about aging infrastructure extend across the complex. Efforts such as 
the Y-12 ELP are laudable, but a much more systematic approach is 
required to address the needs across the complex. The Board has 
previously communicated its concerns regarding age-related degradation 
of infrastructure. For example, in prior communications the Board has 
expressed concerns with age-related degradation in:
     General-service water distribution systems that provide 
water to safety-significant or safety-class fire suppression systems;
     General-service electrical distribution systems that could 
impact the reliability of safety-significant confinement ventilation 
systems; and
     Building structures and internal systems that cannot 
withstand the seismic loads required to meet their designated 
performance categories.\9\
---------------------------------------------------------------------------

    \9\ See Board correspondence dated March 13, 2007; February 6, 
2009; September 10, 2010*; September 30, 2011*; March 27, 2012; 
October 31, 2012*; February 25, 2013; October 30, 2013*; February 4, 
2015; October 29, 2015; December 16, 2015; May 11, 2017; September 
7, 2018; and July 2, 2019. The four dates with an asterisk are 
annual aging infrastructure reports the Board issued to Congress and 
forwarded to DOE. The dates are from the cover letter forwarding the 
report to DOE.
---------------------------------------------------------------------------

    In a 2018 report,\10\ DOE's Infrastructure Executive Committee 
noted that deferred maintenance had increased by 25 percent between 
2013 and 2017 to a total of $5.9 billion dollars for operational 
facilities, and that 17 of DOE's 79 core capabilities \11\ were 
potentially at risk due to inadequate infrastructure (see Table 1 for 
examples).
---------------------------------------------------------------------------

    \10\ Annual Infrastructure Executive Committee Report to the 
Laboratory Operations Board; March 27, 2018.
    \11\ Core capability is defined in DOE Order 430.1C, Real 
Property Asset Management, as the ability to conduct programmatic 
activities that would be degraded should the asset fail to perform 
as intended.
    \12\ Data is from Table C of Annual Infrastructure Executive 
Committee Report to the Laboratory Operations Board; March 27, 2018.
    \13\ Replacement Plant Value (RPV) is defined in DOE Order 
430.1C, Real Property Asset Management, as the cost to replace the 
existing structure with a new structure of comparable size using 
current technology, codes, standards, and materials.

[[Page 14663]]



  Table 1--Core Capabilities Potentially at Risk Due to Infrastructure
                            Deficiencies \12\
------------------------------------------------------------------------
                                                            Replacement
                                                            plant value
                     Core capability                       \13\ assessed
                                                           as inadequate
                                                                (%)
------------------------------------------------------------------------
Decontaminate and Decommission Facilities and                         74
 Infrastructure.........................................
Uranium.................................................              45
Nuclear Material Accountability, Storage, Protection,                 43
 and Handling...........................................
Plutonium...............................................              40
Weapons Assembly/Disassembly............................              36
------------------------------------------------------------------------

    In recognition of the general situation of aging infrastructure in 
DOE and its potential impacts on the defense nuclear facilities, the 
Board is concerned that DOE needs to review its priorities and 
establish department-level policy and guidance for managing the aging 
infrastructure supporting those facilities.
    DOE has not conducted a comprehensive analysis of the difficulties 
facing its aging infrastructure at defense nuclear facilities. Without 
this analysis, DOE's efforts will not address the fundamental reasons 
for increased cost or other difficulties of maintaining old facilities 
in operational condition; nor will it assess the reduction in their 
margin of safety that may occur as the facilities age.
    DOE needs to evaluate the state of its aging facilities, identify 
their required operational life to meet their mission needs, and 
develop an integrated plan for replacement or refurbishment of those 
facilities to maintain their safety posture and ensure adequate 
protection of the public, the workers, and the environment. DOE does 
not have any DOE-wide policies, directives, or requirements in place 
for implementing an effective aging management program. Accordingly, 
DOE needs to develop requirements and criteria for dealing with its 
aging infrastructure.
    2. Hazard Categories.
    Definition of Hazard Categorization--In 10 CFR 830, DOE requires 
application of a graded approach to the preparation of DSAs and 
provides the criteria to be used for such gradation in Section 830.3 of 
Subpart B. Table 1 in Appendix A to Subpart B defines three hazard 
categories that are grouped by the significance of their consequences 
to different receptors (i.e., offsite/public, onsite/collocated 
workers, and local/facility workers).
    In the proposed revision to 10 CFR 830, DOE deletes Table 1 and the 
specific definitions of hazard categorization, and states that it 
intends to provide a generic definition in the future that is not 
described at this time. DOE Standard 3009, safe harbor for preparation 
of a DSA, is formulated using the concept provided in Table 1 of the 
existing Subpart B. By removing the definitions of hazard categories 
from Part 830 and the rulemaking process, DOE's proposed revisions 
fundamentally undermine important nuclear safety processes established 
in the rule.
    Hazard categorization is a fundamental element of the safety basis 
requirements of 10 CFR 830 because the process determines whether the 
safety basis requirements of Subpart B are applicable to a facility. 
Based on the definition of hazard categories provided in Table 1, DOE 
referred to Standard 1027 \14\ and mandated its use in Section 830.202 
of the rule because ``DOE want[ed] contractors to be consistent when 
determining the hazard classification for its nuclear facilities, hence 
we are requiring the consistent use of DOE-STD-1027 which has an 
established history for this purpose.'' \15\ DOE's proposed action to 
delete Table 1, without any detailed discussion regarding hazard 
categorization, and deferring to a future document to be developed:
---------------------------------------------------------------------------

    \14\ DOE-STD-1027-92, Hazard Categorization and Accident 
Analysis Techniques for compliance with DOE Order 5480.23, Nuclear 
Safety Analysis Reports; Change Notice 1, September 1997.
    \15\ Preamble to 10 CFR 830, Section III, Response to Comments 
on the Interim Final Rule, response to Comment N.
---------------------------------------------------------------------------

     Lacks the ``established history'' and a roadmap for 
preparation and implementation of the replacement approach;
     Does not provide the rationale for such a significant 
change in approach, which has been practiced for more than two decades 
without known degradation or deficiencies in implementation of nuclear 
safety requirements;
     Creates an ambiguous and unclear domain of standards to be 
developed for compliance with nuclear safety requirements; and
     Undermines the fundamental principles of the graded 
approach and its implementation as described in the rule.
    Reference to Standard 1027 Within the Rule--DOE's memorandum to 
initiate the rulemaking recommended adding the phrase ``or successor 
document'' to 10 CFR 830.202(b)(3) and to ``initiate a new revision [to 
Standard 1027] that updates the hazard categorization methodology.''
    DOE prepared Standard 1027 in 1992 to provide guidance on hazard 
categorization and on the performance of hazard analyses for 
preparation of safety bases for nonreactor nuclear facilities. It used 
the available technical information to develop screening criteria and 
grouping of the nuclear facilities based on their potential 
consequences to the immediate workers, site area, and offsite members 
of the public. DOE also based Standard 1027 on a survey of all DOE 
nuclear facilities and their potential hazards to arrive at a set of 
parameters that would realistically categorize those facilities based 
on their potential consequences. More updated technical information and 
recommendations by the International Commission on Radiological 
Protection (ICRP) 16 17 has resulted in some changes to 
those parameters. It would be prudent, and technically justified, to 
use the most up to date information in a DOE standard that is 
fundamental for graded implementation of nuclear safety requirements at 
defense nuclear facilities.
---------------------------------------------------------------------------

    \16\ ICRP 68, 1994, Dose Coefficients for Intakes of 
Radionuclides by Workers, Replacement of ICRP Publication 61, 
International Commission on Radiological Protection, Pergamon Press, 
Oxford, Great Britain.
    \17\ ICRP 72, 1995, Age-Dependent Doses to Members of the Public 
from Intake of Radionuclides, Part 5, Compilation of Ingestion and 
Inhalation Dose Coefficients, International Commission on 
Radiological Protection, Pergamon Press, Great Britain.
---------------------------------------------------------------------------

    This DOE action, combined with the deletion of Table 1 from the 
rule that defines hazard categories, and deferring a new definition to 
be provided outside the rulemaking process, will create an uncertain, 
ambiguous, and unclear methodology for implementation of 10

[[Page 14664]]

CFR 830 at the defense nuclear facilities; and consequently, a 
potential for eroding the level of protection currently provided by 
those facilities.
    Additionally, both the existing version and the proposed revision 
of 10 CFR 830 state that a contractor must ``categorize the facility 
consistent with'' Standard 1027 rather than ``in accordance with'' 
Standard 1027. The words ``consistent with'' introduce flexibility in 
implementation to not actually follow the requirements in Standard 
1027. This language has already led to the National Nuclear Security 
Administration (NNSA) issuing supplemental guidance to its facilities 
to use a modification \18\ to Standard 1027 that is not cited by the 
rule and, therefore, not used by the Office of Environmental 
Management; resulting in an inconsistent gradation of defense nuclear 
facilities in the complex.
---------------------------------------------------------------------------

    \18\ NNSA Supplemental Guidance 1027, Guidance on Using Release 
Fraction and Modern Dosimetric Information Consistently with DOE STD 
1027-92, Hazard Categorization and Accident Analysis Techniques for 
Compliance with DOE Order 5480.23, Nuclear Safety Analysis Reports.
---------------------------------------------------------------------------

    The safety basis requirements in Subpart B apply to Hazard Category 
1, 2, or 3 nuclear facilities. With DOE's proposed revisions, 830 would 
not include any language that defines these terms, and DOE can change 
the definitions of these terms outside the rulemaking process.
    3. Submission and Approval of Safety Bases.
    Need for Root Cause Analysis and DOE Approval of Annual Updates to 
the DSA--The DOE memorandum that initiated the rulemaking directed DOE 
elements to ``increase the periodicity from the existing annual 
requirement to either two or three years; the current (arbitrary) 
annual requirement is problematic for complex facilities. In addition, 
appropriately scoped updates should not require DOE approval.'' In 
accordance with the memorandum, the notice of proposed rulemaking 
deletes the requirement for DOE review and approval of the annual 
updates to the DSAs. This DOE action weakens the safety basis construct 
created by DOE in establishing Subpart B. DOE required the preparation 
of safety basis for nuclear facilities to ensure that adequate 
protection of the public and the workers is implemented through 
compliance with its safe harbor standards. It also weakens the USQ 
process, which ensures that the safety bases are maintained under a 
defined configuration control program.
    The Board has noted that some defense nuclear facilities with 
complex activities have difficulty meeting the annual update 
commitments. Although this was not anticipated by DOE at the time when 
10 CFR 830 was issued in January 2001,\19\ some sites rely on inter-
related documents that comprise their safety bases and it might be 
difficult to ensure that the various elements of their safety bases are 
updated consistently in the allowed time.\20\
---------------------------------------------------------------------------

    \19\ 66 FR 1810, DOE response to Comment JJ, Section III of the 
final Rule, 10 CFR 830: ``If the USQ process has been followed 
properly, the annual approval of the documented safety analysis 
should require minimal effort.''
    \20\ For example, the Board has corresponded on PF-4 at LANL, 
Pantex, and the Tritium Facilities at the Savannah River Site among 
others.
---------------------------------------------------------------------------

    The Board has also observed situations where there have been 
multiple ``review iterations'' by contractors and their DOE approval 
authorities. This could be a sign of disagreement between DOE and its 
contractor, or the lack of adequate technical contents of the DSAs 
submitted to DOE for approval. Difficulties in submitting an annual 
update also could indicate that DOE's contractors are not implementing 
the USQ process consistent with the requirements.
    DOE's notice of rulemaking does not identify the problems that DOE 
is attempting to address, so it is not clear that DOE's proposed change 
is an appropriate solution. It would be prudent for DOE to evaluate the 
reasons why contractors and DOE experience significant challenges 
implementing the annual requirement. DOE needs to conduct a root cause 
analysis to determine why DOE and its contractors are having 
difficulties managing the review and approval of annual updates, and 
use the results of that analysis to fix the underlying problems. While 
conducting the analysis, DOE should retain the requirement for 
contractors to develop and submit safety bases on an annual schedule 
for DOE approval.
    In the revised Appendix A to Subpart B, DOE proposes language to 
clarify that it will continue to review the DSA updates in some cases, 
and may even approve the annual update in some cases. The proposed 
language states, ``DOE will review each documented safety analysis . . 
. if DOE has reason to believe a portion of the safety basis has 
substantially changed.'' Another relevant new sentence is: ``If 
additional changes are proposed by the contractor and included in the 
annual update that have not been previously approved by DOE or have not 
been evaluated as a part of the USQ process, DOE must review and 
approve these changes.'' DOE's notice of rulemaking does not include a 
detailed discussion of these changes, and therefore they do not 
alleviate concerns with removing DOE's approval of the annual update.
    Temporary Authorization of Activities--10 CFR 830.202(g)(3) 
requires contractors to ``Submit the evaluation of the safety of the 
situation to DOE prior to removing any operational restrictions 
initiated to meet [safe condition]'' of the facility. Those operational 
restrictions (or other compensatory measures) may continue to be 
required for a long period of time. Per DOE Guide 424.1-1B, 
Implementation Guide for Use in Addressing Unreviewed Safety Question 
Requirements, the vehicle for operating under restrictions for ``an 
extended period of time'' until the next annual update of the DSA is 
issued, is the justification for continued operations (JCO), which is a 
``temporary change to the facility safety basis.'' The DOE guide states 
that the contractor should submit the JCO to DOE for approval. However, 
the rule does not formally require DOE's approval of a JCO.
    In some cases, contractors eventually incorporate the operational 
restrictions and accompanying analyses (or some revised version of 
them) into the DSA via the annual update. In other cases, JCOs continue 
to be a stand-alone part of the safety basis for several years. With 
DOE's proposed revision to the rule, i.e., not requiring DOE approval 
of the annual updates to the DSA, there will be important changes to 
the safety basis with no requirement for their approval by DOE.
    Instead of a JCO, contractors may prepare an evaluation of the 
safety of the situation (ESS) that includes operational restrictions. 
DOE Guide 424.1-1B states that DOE should approve ESSs for potential 
inadequacies of the safety analysis (PISAs) that represent a positive 
USQ; however, the rule does not require DOE approval for this 
situation. Under DOE's proposed revision to the rule, the ESS can 
represent a mechanism for the contractor to make important changes to 
the safety basis without any requirement for DOE approval.
    4. Safety Basis Process and Requirements.
    Fundamental Elements of Safety Bases--Unlike the safe harbors for 
DOE nonreactor nuclear facilities and nuclear explosive facilities for 
compliance with the DSA requirements of the rule, the rule does not 
provide any standards for compliance with USQs or TSRs; instead, it 
refers to DOE guides on those subjects, DOE Guide 424.1-1B and DOE 
Guide 423.1-1B, Implementation Guide For Use In Developing Technical 
Safety Requirements, respectively. DOE guides,

[[Page 14665]]

however, ``describe[s] acceptable, non-mandatory means for meeting 
requirements.'' As a result, contractors' implementation at the sites 
are diverse and inconsistent. The Deputy Secretary identified this 
issue in his memorandum as one to be addressed in the proposed rule. 
The Board has made similar observations that include lack of uniformity 
of implementation, and in some cases, inconsistency of implementation 
with the requirements of the rule.
    Requirements Regarding the USQ Process--DOE Guide 424.1-1B provides 
an example of guidance on USQs that should be examined for elevation to 
a requirement and inclusion in Subpart B. The guide includes 
expectations on the timeliness with which contractors process PISAs:
    It is appropriate to allow a short period of time (hours or days 
but not weeks) to investigate the conditions to confirm that a safety 
analysis is potentially inadequate before declaring a PISA . . . If it 
is immediately clear that a PISA exists, then the PISA should be 
declared immediately.\21\
---------------------------------------------------------------------------

    \21\ DOE Guide 424.1-1B, Section C.2.
---------------------------------------------------------------------------

    This timeliness is important for safety, as it causes the 
contractor to formally declare a PISA and take actions to place the 
facility in a safe condition. Contractors do not always perform this 
step in a timely manner (i.e., within hours or days, but not weeks). 
This leads contractors to delay implementing the necessary compensatory 
measures to place or maintain the facility in a safe condition that 
provides adequate protection of the public. There are instances where 
contractors have delayed a PISA declaration beyond hours or days 
because they deemed the information to be not yet mature enough to 
merit that action. The DOE guidance quoted above already addresses this 
situation, saying that the contractors may take hours or days to 
investigate, but not weeks. It should be noted that a similar statement 
was made in resolution of comments received for the final rulemaking of 
10 CFR 830: ``the contractor's USQ procedure should define the period 
for performance of a USQ determination related to a PISA and that time 
period should be on the order of days, not weeks or months.'' However, 
not all contractors' procedures comply with this expectation.
    DOE should formalize this guidance on timeliness into a 
requirement, to ensure that contractors place facilities into safe 
conditions when they discover PISAs. If DOE believes it is necessary to 
make some allowance for delaying action because the new information is 
immature, DOE should provide the criteria for defining ``information 
maturity.'' Declaring the information as ``immature'' and not declaring 
a PISA should be exceptional and subject to compliance with DOE 
criteria. Such criteria, however, do not exist and need to be 
developed.
    Additionally, the Board has observed that some contractors allow 
themselves a ``grace period'' to take action and return the facility 
into compliance with their safety bases without declaring a PISA.\22\ 
As a result, the facility would be operating outside of its approved 
safety basis for the duration of the grace period without DOE knowledge 
or approval of the situation, and without having to take safety 
precautions to put the facility in a safe configuration. Section 
830.202, Subpart B, does not allow this action, which may result in 
unsafe operation of defense nuclear facilities and a lack of adequate 
protection of the public.
---------------------------------------------------------------------------

    \22\ Board Recommendation 2019-1, Uncontrolled Hazard Scenarios 
and 10 CFR 830 Implementation at the Pantex Plant, February 20, 
2019.
---------------------------------------------------------------------------

    Several of the USQ procedures approved by DOE lack any requirements 
for training and qualification of USQ screeners. These individuals are 
the first line of defense against lack of compliance with the 
requirements of the rule, and their knowledge of the facility and its 
safety basis, as well as the USQ process, is of utmost importance. 
While preparation of safety bases throughout the complex has created a 
wealth of knowledgeable subject matter experts that the contractors 
rely on, implementation of USQ procedures and USQ screening sometimes 
relies on available personnel, making their training and qualification 
an important aspect of the safety of operations.
    The definition of USQ in the rule also warrants clarification. The 
proposed (and also existing) definition for USQ in Section 830.3 uses 
the term ``equipment important to safety.'' This term is not defined in 
10 CFR 830, though it is defined in DOE Guide 424.1-1B. Proper and 
consistent implementation would be better achieved if the definition 
from the guide were also included in the rule.
    Finally, 10 CFR 830 does not specify what documentation a 
contractor is required to submit to DOE prior to obtaining approval for 
planned actions involving a USQ. Specifically, section 830.203(d) 
states, ``A contractor responsible for a Hazard Category 1, 2, or 3 DOE 
nuclear facility must obtain DOE approval prior to taking any action 
determined to involve a USQ.'' This section does not specify whether a 
contractor must submit planned changes to the safety basis, a 
description of planned changes, or if no documentation is required and 
a verbal explanation would suffice. Accordingly, when DOE approves 
contractor action, it is not clear that DOE is specifically approving 
any planned changes to the safety basis.
    Requirements Regarding TSRs--DOE Guide 423.1-1B includes some 
aspect of the content of TSR documents that should be considered for 
elevation to the rule. In Appendix C to the Guide, DOE combines the 
Section 830.201 requirement for the contractor to ``perform work in 
accordance with the DOE-approved safety basis'' with the quality 
assurance requirements in Subpart A of the rule. From these two 
portions of the rule, DOE derives a need for the contractor to 
``independently confirm the proper implementation of new or revised 
safety basis controls.'' This is an important concept for ensuring safe 
operation of the facility, and should be directly included in the rule.
    One area of difficulty for contractors preparing TSRs has been in 
the determination of ``completion times.'' TSRs typically define 
actions the contractor will take when safety structures, systems, and 
components (SSC) do not meet their limiting conditions for operation. 
This scenario can occur intentionally due to a maintenance outage, or 
unintentionally due to degradation of a safety-related SSC. TSRs define 
the required times (completion times) by which the contractor must take 
temporary actions to compensate for the loss of safety SSCs, or by 
which the contractor will restore SSCs. According to the guide, when 
developing completion times, the contractor should consider ``the 
safety importance of the lost safety function'' and ``the risk of 
continued operations.'' In practice, some completion times appear 
excessively long, with no documented consideration of safety risk for 
DOE's review and acceptance. DOE should revise Appendix A to Subpart B 
to include the concept that safety risks should be considered when 
developing completion times.
    Similarly, some contractors have prepared TSR documents that the 
action to be taken, when a safety SSC is inoperable or found to be 
unavailable, is simply to submit to DOE a ``recovery plan.'' Some of 
these recovery plans are open-ended, without any completion date or 
compensatory measures in place to achieve an equivalent level of safety 
as provided in the TSR. As a result, some defense nuclear facilities 
could be operating outside the bounds of their approved safety basis, 
relying on an approved ``recovery plan'' to be

[[Page 14666]]

completed by some unspecified date. Such situations warrant explicit 
requirements in the rule to prevent nuclear facilities from operating 
with less than adequate levels of safety.
    Fundamental Nuclear Safety Principles--10 CFR 830 provides the 
requirements for identification and analysis of hazards, identification 
of controls, and the quality assurance that must be applied to all 
stages of nuclear facility operations. However, it does not require 
implementation of the most fundamental nuclear safety principle, 
defense-in-depth, to ensure that no one layer of control is solely 
relied on for safety.
    In a letter to the Deputy Secretary of Energy, dated July 8, 1999, 
the Board stated:
    Current requirements for nuclear safety design, criticality safety, 
fire protection and natural hazards mitigation are set forth in DOE 
Order 420.1, Facility Safety. This Order (Section 4.1.1.2), when 
contractually invoked, requires that:
    `Nuclear facilities shall be designed with the objective of 
providing multiple layers of protection to prevent or mitigate the 
unintended release of radioactive materials to the environment.'
    This ``defense-in-depth'' approach is the hallmark of nuclear 
facility and process designs.
    DOE Order 420.1C, Facility Safety, includes an expanded discussion 
of what the defense-in-depth concept entails. However, the requirements 
of Order 420.1C are not applied to the operation of existing defense 
nuclear facilities unless DOE's contract with the management and 
operating contractor has specifically identified and stipulated its 
application. As a result, DOE does not routinely implement the defense-
in-depth concept to ensure safe operation of nuclear activities. The 
controls identified in DSAs for existing facilities are usually a 
compilation of the existing controls, and rarely have led to the 
identification of new controls for ensuring that multiple layers of 
protection exist to defend against the release of radioactive 
materials. This weakness is more common when contractors rely on SACs 
to compensate for the lack of a safety-related engineered feature to 
prevent or mitigate an event.
    10 CFR 830, Subpart B, needs to require the defense-in-depth 
construct to ensure that all nuclear facilities and activities meet 
this fundamental nuclear safety construct, and provide adequate 
protection of the public and the workers such that no one failure of a 
layer of protection would lead to the release of radioactive materials.
    Specific Administrative Controls--DOE created the concept of the 
SAC in response to the Board's Recommendation 2002-3, Requirements for 
the Design, Implementation, and Maintenance of Administrative Controls. 
To provide guidance on this topic, DOE created a new standard, Specific 
Administrative Controls, and revised several other standards and guides 
to ensure consistency. SACs are a higher level administrative control 
that have safety importance equivalent to engineered controls that 
would be classified as safety-class or safety-significant. For this 
reason, SACs are an important tool for DOE to ensure adequate 
protection.
    Although DOE created a new standard for SACs, DOE did not revise 10 
CFR 830 to reflect the concept of implementing SACs as an equivalent 
TSR control. As a result, the discussion in 10 CFR 830 on safety 
controls is incomplete and does not fully reflect current DOE 
terminology and practice. Accordingly, DOE should include the concept 
of SACs within the requirements of 10 CFR 830, Subpart B.

Correspondence With the Secretary of Energy

Department of Energy Request for Extension of Time

November 13, 2019
The Honorable Bruce Hamilton
Chairman
Defense Nuclear Facilities Safety Board
625 Indiana Avenue NW, Suite 700
Washington, DC 20004

    Dear Chairman Hamilton:
    The Department of Energy (DOE) received the Defense Nuclear 
Facilities Safety Board (DNFSB) Draft Recommendation 2020-1, Nuclear 
Safety Management, on October 16, 2019, and is currently coordinating 
its review among the relevant offices. On behalf of the Secretary, and 
in accordance with 42 U.S.C. 2286d(a)(2), the Department requests a 60-
day extension to provide comments.
    DOE is committed to a robust nuclear safety regulatory framework 
that ensures adequate protection of public health and safety. A 60-day 
extension will afford DOE sufficient time to assess the Draft 
Recommendation's findings, supporting data, and analyses.
    If you have any questions, please contact Mr. Matthew Moury, 
Associate Under Secretary for Environment, Health, Safety and Security, 
at (202) 586-5175.

Sincerely,
Dan Brouillette

Defense Nuclear Facilities Safety Board Response to Extension Request

November 26, 2019
The Honorable James Richard Perry
Secretary of Energy
U.S. Department of Energy
1000 Independence Avenue SW
Washington, DC 20585-1000

    Dear Secretary Perry:
    We are in receipt of your November 13, 2019, letter requesting a 
60-day extension to provide comments on the Board's Draft 
Recommendation 2020-1, Nuclear Safety Management.
    The Board's practice has been to grant a 30-day extension to 
comment on a draft Recommendation if you request an extension. In 
accordance with 42 U.S.C. 2286d(a)(2), the Board grants an extension to 
December 16, 2019.

Yours truly,
Bruce Hamilton
Chairman

Department of Energy Comments on Draft Recommendation

December 17, 2019
The Honorable Bruce Hamilton, Chairman
Defense Nuclear Facilities Safety Board
625 Indiana NW, Suite 700
Washington, DC 20004

    Dear Chairman Hamilton:
    The Department of Energy (DOE) appreciates the opportunity to 
review the Defense Nuclear Facilities Safety Board (DNFSB) Draft 
Recommendation 2020-1, Nuclear Safety Requirements, issued on October 
16, 2019. We appreciate the Board's perspective and look forward to 
continued positive interactions with you and your staff on this 
important topic.
    Continuous improvement is a core value in maintaining a robust 
nuclear safety regulatory framework to ensure reasonable assurance of 
adequate protection of public and worker health and safety. DOE's 
recent actions include proposing to modify and improve Title 10 Code of 
Federal Regulations (CFR) part 830, Nuclear Safety Management, 
improving the associated DOE nuclear safety Directives and Technical 
Standards, and conducting oversight to ensure effective implementation 
throughout the DOE Complex.
    DOE does not agree with the DNFSB's assertion in Draft 
Recommendation 2020-1 that the revisions proposed in the August 8, 
2018, Notice of Proposed Rulemaking (NOPR) for 10 CFR part 830 will 
erode our nuclear safety regulatory framework. Rather, we believe that 
DOE's completed and ongoing activities related to the nuclear safety 
regulatory framework will improve the effectiveness and efficiency of 
the

[[Page 14667]]

framework. In addition to the requirements in 10 CFR part 830, 
requirements or guidance within DOE's orders, standards, and guides, 
are an important and necessary component of the regulatory framework. 
We continue to believe that, taken as a whole, this regulatory 
framework provides a sound framework for effective implementation at 
our sites.
    For your consideration, the enclosure provides specific comments on 
many elements of the draft recommendation and discusses specific 
ongoing efforts the Department has taken, including actions to address 
aging infrastructure and strengthen the oversight model.
    The DNFSB draft recommendation contains elements related to the 
scope of the ongoing 10 CFR part 830 rulemaking. Many of these comments 
were previously submitted in the October 5, 2018 DNFSB letter that 
contained the DNFSB's public comments on DOE's 10 CFR part 830 
rulemaking. These comments are being evaluated and considered as part 
of the Department's process in developing any final rule.
    While the Department understands that there is no prohibition 
against appropriate sharing of information regarding the proposed 
rulemaking (since the DNFSB is a Federal Agency), substantive 
information regarding how DOE is addressing comments and topics related 
to the ongoing rulemaking should not be made publicly available prior 
to the issuance of the final rule. Discussions between DOE and DNFSB 
staff indicate that, if the Board issues Final Recommendation 2020-1, 
the DNFSB will publish the Final Recommendation and related 
correspondence with the DOE in the Federal Register. Therefore, 
discussion regarding recommendations related to ongoing rulemaking are 
not included in the Enclosure.
    DOE remains committed to share information about the rulemaking 
with the DNFSB and offers to brief the Board and/or Board staff on the 
status of the final NOPR. Similarly, given the importance of ongoing 
efforts to address aging infrastructure and strengthen the oversight 
model, DOE would appreciate the opportunity to provide the Board with a 
detailed briefing on the improvement actions taken. In addition, the 
Office of Enterprise Assessments (EA) senior leadership would be 
pleased to meet with the Board and technical staff for dialogue 
regarding EA's current nuclear safety basis oversight strategy.
    If you have any questions, please contact Mr. Matthew Moury, 
Associate Under Secretary for Environment, Health, Safety and Security, 
at (202)586-1285.

Sincerely,
Dan Brouillette

Enclosure

Enclosure--Comments on DNFSB Draft Recommendation 2020-1

Nuclear Safety Requirements

    Title 10 Code of Federal Regulations (CFR) part 830, Nuclear Safety 
Management, provides requirements upon which the Department of Energy 
(DOE) relies to ensure adequate protection of workers, the public, and 
the environment. In addition to this rule, DOE has developed a robust 
regulatory framework including policies, orders, guides, and standards 
to support the 10 CFR 830 requirements by providing additional detailed 
requirements and implementation guidance for the safe design, 
construction, operation, and decommissioning of its defense nuclear 
facilities.
    DOE issued a Notice of Proposed Rulemaking (NOPR) to amend 10 CFR 
part 830 in August 2018 as a first step to the regulatory reform 
activities designed to improve the rule. Specifically, the purpose of 
the proposed changes, as published in the NOPR, are as follows: ``The 
proposed revisions reflect the experience gained in the implementation 
of the regulations over the past seventeen years, with specific 
improvements to the process for facility hazard categorization, the 
unreviewed safety question process, and the review and approval of 
safety documentation. The proposed revisions are intended to enhance 
operational efficiency while maintaining robust safety performance.''
    DOE does not agree with the DNFSB's assertion in Draft 
Recommendation 2020-1 that the revisions proposed in the NOPR will 
erode DOE's nuclear safety regulatory framework. DOE believes that the 
proposed changes in the NOPR are a first step to improving the nuclear 
safety framework and is open to considering further changes in a future 
rulemaking. DOE values the input provided and will consider any 
concerns as they relate not just to the addition of requirements to 10 
CFR part 830, but also the opportunity to enhance the requirements and 
guidance in the broader regulatory framework including DOE orders, 
guides, and standards.
    The Draft Recommendation includes specific sub-recommendations 
related to two of the proposed revision topics identified in the NOPR: 
Hazard categorization and the review and approval of safety 
documentation. As noted in the letter transmitting this enclosure, a 
number of these comments were previously submitted in the October 5, 
2018, DNFSB letter that contained the DNFSB's public comments on DOE's 
10 CFR part 830 rulemaking. These comments are being evaluated and 
considered as part of the Department's process in developing the final 
rule. Substantive information regarding how DOE is addressing comments 
and topics related to the ongoing rulemaking should not be made 
publicly available prior to the issuance of the final rule. Therefore, 
discussion regarding recommendations related to ongoing rulemaking are 
not included in the Enclosure.
    The Draft Recommendation also provides a number of sub-
recommendations not related to the proposed revisions identified in the 
NOPR. Additional perspectives regarding the topics discussed in these 
sub-recommendations are included below.

Aging Infrastructure

DOE Regulatory Framework

    The Draft Recommendation asserts that DOE lacks a formal regulatory 
structure for identifying and performing upgrades necessary for the 
adequate protection of workers and the general public. In the following 
discussion, DOE provides perspectives regarding how its regulatory 
framework ensures adequate protection of workers, the public, and the 
environment despite aging facilities and infrastructure.
    Safety requirements are found in 10 CFR part 830, and additional 
requirements and guidance are provided in DOE Order 433.1B, Maintenance 
Management Program for DOE Nuclear Facilities, and DOE G 433.1-lA Chg. 
1, Nuclear Facility Maintenance Management Program Guide for Use with 
DOE O 433.1B.
    Compliance with 10 CFR part 830, including the requirement in 
830.204(b)(4) to `` . . . demonstrate the adequacy of these [hazard] 
controls to eliminate, limit, or mitigate identified hazards . . . '' 
is required for all Hazard Category (HC) 1, 2, and 3 nuclear 
facilities, and does not distinguish between new or aging facilities. 
Title 10 CFR 830.204(b)(5) identifies nine safety management programs 
necessary to ensure safe operations for the facility which are required 
to be addressed where applicable, one of them being maintenance. There 
is no relaxation of requirements based on the age of the facility.
    DOE has expectations for the performance of safety structures,

[[Page 14668]]

systems, and components (SSCs) in multiple policy documents. DOE O 
420.1C, Facility Safety, includes requirements for the reliability in 
the design of safety SSCs. Both DOE-STD-3009-94, CN 3, Preparation 
Guide for US Department of Energy Nonreactor Nuclear Facility 
Documented Safety Analyses, and DOE-STD-3009-2014, Preparation 
ofNonreactor Nuclear Facility Documented Safety Analysis, which 
together are used for the development of the Documented Safety Analyses 
at the vast majority of DOE nuclear facilities, include expectations 
and requirements to evaluate the adequacy of safety SSCs to ensure 
designated functional requirements can be met and for documenting this 
evaluation. As part of the development of Technical afety Requirements 
(TSRs), surveillance requirements are derived from the DSA to assure 
that the necessary operability and quality of safety SSCs is 
maintained, that facility operations are within safety limits, and that 
limiting control settings and limiting conditions for operation are 
met.
    In instances where a degraded or nonconforming SSC is discovered to 
not conform with the safety basis design description and specifications 
(discrepant as-found state) and is not replaced or repaired to return 
it to conformance (e.g., a use-as-is disposition) , the need to declare 
a Potential Inadequacy of the Safety Analysis (PISA) would be evaluated 
under the Unreviewed Safety Question (USQ) process pursuant to the 
requirements of 10 CFR 830.203. An SSC determined to be incapable of 
performing its intended safety function(s), would be declared 
inoperable.
    DOE O 433.1B defines the safety management program required by 
830.204(b)(5) for maintenance and the reliable performance of SSCs. The 
Order requires that Federal and contractor organizations responsible 
for Hazard Category (HC) 1, 2, and 3 nuclear facilities must develop 
and implement a nuclear maintenance management program (NMMP) 
addressing seventeen topics, one of which ``the process for conducting 
inspections to evaluate aging-related degradation and technical 
obsolescence to determine whether the performance of SSCs is 
threatened.'' An acceptable NMMP consists of processes to ensure that 
SSCs are capable of fulfilling their intended function as identified in 
the facility safety basis. The accompanying Guide 433.1-1A, Chg. 1 
identifies nine topics on aging-related degradation and technical 
obsolescence that the NMMP should directly address. Consistent with 
requirements in the Order, DOE conducts assessments of NMMP 
implementation at least every three years to evaluate whether the 
contractor is appropriately implementing requirements.
    Within DOE orders, standards, and guides there are clear 
expectations and requirements to ensure that safety SSCs are able to 
perform their designated safety functions. However, in an effort to 
improve the regulatory framework and acknowledging that the management 
of aging infrastructure and technical obsolescence are areas for 
improvement, DOE approved a Project Justification Statement in 2018 to 
``develop a new DOE handbook entitled Maintenance Management Program 
for DOE Nuclear Facilities that would replace the current DOE Guide 
433.1-lA, Nuclear Facility Maintenance Management Preparation Guide for 
Use with DOE O 433.1B. The new handbook will cover all the topics that 
are currently covered in the Guide 433.1-lA with expanded coverage of 
aging degradation and technical obsolescence, currently addressed in 
Guide section III.M.'' To support expansion of this topic, a minor 
change would be needed to Order 433.1B, Chg. 1, Maintenance Management 
Program for DOE Nuclear Facilities.

Program-Specific Aging Infrastructure Management

    Within DOE's regulatory framework, the program offices have 
individually taken on initiatives to address aging infrastructure. The 
National Nuclear Security Administration (NNSA) uses a science-based 
infrastructure stewardship approach to evaluate the state of its aging 
facilities, identify their required operational life to meet mission 
needs, and develop an integrated plan for replacement or refurbishment 
of those facilities to maintain their safety posture and ensure 
adequate protection of the public, the workers, and the environment. 
Specifically, NNSA has deployed holistic, data-driven, risk-informed 
tools and metrics to assess infrastructure conditions and prioritize 
investments.
    Key parts of the science-based infrastructure stewardship approach 
include:
     The Mission Dependency Index. A measure of each 
infrastructure asset's impact to the mission by combining the 
consequences if the asset was lost, the difficulty to replace it, and 
the interdependency of it to other assets;
     The BUILDER Sustainment Management System. An 
infrastructure condition assessment management system that provides 
enterprise-level tracking and analysis of the condition and probability 
of failure of infrastructure assets and their systems, components, and 
sub-components;
     Enterprise Risk Management. A combination of the condition 
of the infrastructure, or likelihood of loss, with the mission impact, 
to focus attention on key facilities and improve prioritization of 
investments;
     The Excess-facility Risk Index. A measure of the risk 
posed by the structural and safety condition of the potential impact of 
contaminants and the proximity of the excess asset to workers, the 
public, environmental receptors;
     The Master Asset Plan and Deep Dives. NNSA's long-term 
planning process that leverages enterprise condition and risk data to 
support decision making and prioritization; and
     The Project Prioritization Process. This process uses the 
compiled data from each of the above metrics and processes, which is 
analyzed by subject matter experts to prioritize infrastructure 
projects that provide the greatest risk reduction per dollar.
    NNSA's science-based infrastructure stewardship approach ensures 
investments are aligned with reducing the greatest infrastructure risks 
and ensuring alignment to program requirements.
    The Draft Recommendation points to the Y-12 National Security 
Complex (Y-12) as an example of a DNFSB concern that DOE continues to 
utilize older facilities without ensuring the reliability of their 
safety systems; evaluating the need for refurbishment or replacement of 
those systems; reconsidering the design or integrity of their 
structures; or conducting a back-fit analysis of equipment important to 
safety. This concern overlooks Y-12's Extended Life Program (ELP) 
Safety Strategy, which specifically addresses the aging infrastructure 
concerns the proposed sub-recommendation highlights. This Safety 
Strategy was developed in alignment with DOE-STD-1189, Integration of 
Safety Into the Design Process, to identify and address potential areas 
of concern related both to aging infrastructure as well as gaps to 
modern nuclear standards (e.g., seismic). NNSA's approach to these 
facilities is well within the framework described earlier (i.e., 10 CFR 
part 830 and associated DOE orders, guides, and standards).
    In achieving its mission, the DOE Office of Environmental 
Management (EM) is committed to the safety and protection of workers 
and communities, the public, and the environment. The

[[Page 14669]]

overall EM goal is risk reduction through achieving agreed upon end 
state criteria in a safe manner. EM has an ongoing process to evaluate 
infrastructure stewardship site-by-site to achieve overall risk 
reduction.
    Most of the EM portfolio includes older facilities that are not 
part of an enduring mission and require innovative solutions, sound 
business practices, and science and technology to reduce risks and cost 
within the regulatory framework. Unlike enduring facilities, the EM 
solution for aging infrastructure is a blend between infrastructure 
stewardship and innovative control selection to ensure reliable 
controls are established. Application of nuclear safety fundamentals; 
clear understanding of the state of structures, systems, and 
components; assurance that the overall control strategy ensures 
adequate protection; and effective implementation of controls provides 
the platform for safe operations and accomplishment of the EM mission.
    At the DOE Office of Science's (SC) defense nuclear facility, a 
facility life extension project was completed during the transition 
from EM to SC in 2007. SC continues to maintain the current 
infrastructure and evaluate the existing aging infrastructure for 
replacement in the facility in accordance with applicable DOE Orders 
and Standards.

Safety Basis Process and Requirements

    The Draft Recommendation identifies a number of nuclear safety 
topics that the Board believes are missing from 10 CFR part 830. In 
addition to the requirements in 10 CFR part 830, DOE emphasizes that 
requirements or guidance are also contained in DOE's orders, standards, 
and guides, which are an important and necessary component of the 
regulatory framework. The following discussion describes DOE's current 
framework regarding these topics.
    Concepts identified and recommended for inclusion into IO CFR part 
830, such as defense-in depth, hierarchy of controls, and specific 
administrative controls (SACs) are currently discussed in a number of 
DOE's Orders and Standards. In addition to DOE Order 420.IC, DOE-STD-
1186-2016, Specific Administrative Controls, and DOE-STD-1189-2016, 
Integration of Safety into the Design Process, which the Draft 
Recommendation correctly identifies as not always applicable to 
existing facilities, these concepts are also discussed within DOE's 
primary DSA safe harbor methodology document DOE-STD-3009, both the 
2014 and 1994 Change Notice 3 versions.
    DOE-STD-3009-94 underwent a major revision in 2006 with the 
issuance of Change Notice 3. A major objective of that revision was to 
incorporate expectations for SACs. Since that revision, DOE-STD-3009-94 
has had strong expectations regarding the concepts of defense in depth, 
hierarchy of controls, and SACs, all three being key topics in DSAs. 
Both versions of DOE-STD-3009-94, Change Notice 3, and DOE-STD-3009-
2014 require that the DSA address the significant aspects of defense in 
depth. The hierarchy of controls, which was introduced in DOE-STD-3009-
94 has evolved into a stronger requirement in DOE-STD-3009-2014, 
requiring that DSAs provide a technical basis that supports the 
controls selected when the hierarchy of controls is not used.
    Regarding the topics of USQs and TSRs, requirements in are set 
forth in 10 CFR part 830 specifically, 830.203 Unreviewed safety 
question process, and 830.205 Technical safety requirements. 
Additionally, each has a respective Guide that provides supplemental 
information to the requirements contained in the rule. (DOE G 424.1-lB 
Chg 2, Implementation Guide for Use in Addressing Unreviewed Safety 
Question Requirements; and DOE G 423.1-1B, Implementation Guide for Use 
in Developing Technical Safety Requirements, respectively) DOE O 
420.1C, Chg. 3, Facility Safety, invokes DOE-STD-1104-2016, Review and 
Approval of Nuclear Facility Safety Basis and Safety Design Basis 
Documents, and it is a requirement for DOE elements to review and 
approve safety basis and safety design basis documents in accordance 
with this Standard. DOE-STD-1104-2016 contains requirements and 
expectations for the review and approval of TSRs and USQ documents, 
such as the USQ procedure, Evaluations for the Safety of the Situation 
(ESSs), and Justifications for Continued Operation (JCOs). This 
Standard refers to the expectations provided in DOE G 424.1-lB, 
Implementation Guide for Use in Addressing Unreviewed Safety Question 
Requirements, and DOE G 423.1-1B, Implementation Guide for Use in 
Developing Technical Safety Requirements, and sets the expectation, and 
in some cases requires, that the basis of approval address the 
expectations from the Guides.

Quality Assurance and Document Control

    DOE understands the statements made in the Draft Recommendation 
regarding the importance of ensuring the quality and completeness of 
the contractors' safety basis documents and accomplishes accountability 
through clear requirements and expectations and oversight. The 
following discussion describes DOE's current framework regarding these 
topics and also provides specific actions the individual program 
offices have undertaken.
    DOE's quality assurance requirements are provided in 10 CFR 830, 
Subpart A and DOE 0 414.1D, Chg.I, Quality Assurance. The Order 
includes a Contractor Requirements Document that is a concise set of 
all contractor requirements and responsibilities associated with the 
subject area. DOE oversees Quality Assurance Program (QAP) 
implementation at each site and addresses Quality Assurance (QA) 
deficiencies where needed, In addition, DOE is required to routinely 
assess the contractor's QAP.
    Documentation developed to support development of the safety basis 
is often reviewed at the time of the Safety Basis Review Team (SBRT) 
review of the DSA in accordance with DOE-STD-1104-2016. DOE's Safety 
Basis Approval Authorities (SBAA) approve safety basis documents only 
after a SBRT evaluates the documents per DOE-STD-1104-2016 and all 
issues identified by the SBRT are satisfactorily resolved. Prior to 
recommending the SBAA approve the safety basis documents, SBRTs 
typically have a series of interactions with the contractor to exchange 
information and have a combination of informal and formal comment 
exchanges to ensure QA requirements are satisfied in the development of 
the documents. Contractors are responsive to SBRT comments, and the 
process leading up to SBAA approval ensures that contractors are held 
accountable for the specific documents.
    Outside of DSA review and approval process, DOE continuously 
performs line oversight using the principles of DOE O 226.1B, 
Implementation of Department of Energy Oversight Policy, to ensure that 
the Contractor Assurance Systems (CAS) are identifying and correcting 
issues. Oversight also includes operational awareness activities for 
emergent safety basis/quality assurance weaknesses to ensure the 
resultant safety basis documents support safe execution of work. 
Through oversight DOE line management evaluates contractor and DOE 
programs and management systems for

[[Page 14670]]

effectiveness of performance, and to hold both contractors and federal 
staff accountable for developing, and reviewing and approving safety 
basis documents in accordance with DOE-STD-1104-2016.
    As required by the Order, DOE line management tailors oversight 
processes according to the effectiveness of CASs, the hazards at the 
site/activity, and the degree of risk. DOE oversight relies on the CAS 
and evaluates the CASs as one factor in setting DOE oversight 
priorities. DOE Order 226.1B states, that the issues management process 
is required to be capable of categorizing findings based on risk and 
priority, ensuring relative line management findings are effectively 
communicated to the contractors, and ensuring that problems are 
evaluated and corrected on a timely basis. As part of the line 
management, DOE Headquarters (HQ) communicates its findings/issues to 
the field office and its contractors. Any issues identified by HQ staff 
are turned over to the appropriate field organization for 
identification of corrective actions and to track issues to closure in 
an issues tracking system.
    DOE relies on both federal line and independent, contractor, and 
partnered assessments to evaluate the contractor's performance against 
the requirements. DOE Order 226.1B requires each contractor to perform 
line management oversight according to a defined CAS covering the full 
scope of operations. The CAS must provide reasonable assurance to DOE 
and contractor management that work is being performed safely, 
securely, and in compliance with all requirements; risks are being 
identified and managed and the systems of control are effective and 
efficient while accomplishing assigned missions. The contractor must 
develop, implement, and own their system with a minimum set of key 
attributes, which include metrics and targets to assess performance, 
rigorous self-assessments and improvement processes, identification and 
correction of negative performance trends, and timely communication to 
the DOE Site Office on assurance-related information. The CAS should 
provide each manager with sufficient information to be aware of 
performance and the status of issues so that appropriate action is 
taken before issues become significant events.
    Ultimately, accountability is attained through each program 
office's performance evaluation process. This is a rigorous evaluation 
process that includes all aspects of contract management, including 
quality assurance and nuclear safety, and relies on both the CAS system 
and continuous federal line and independent oversight as inputs into 
the performance of the contractor. Safety basis performance can weigh 
positively or negatively in the contractor's interim and final 
performance evaluations. Outcomes are documented and depending on the 
contract, determines annual incentive awards, performance fees, and the 
option to be granted additional years on the contract through an 
``award term'' extension. As a result of these evaluations, DOE's 
contractors have been responsive to this feedback to initiate specific 
and/or broad management changes to improve safety basis performance.
    Beyond the requirements described above, DOE supports continuous 
improvement in the execution of 10 CFR part 830, and each of the 
program offices continues to take steps to improve federal and 
contractor performance. EM's Office of Safety, Security and Quality 
Assurance has implemented a pilot CAS oversight approach that focuses 
on the prevention, detection, and correction of problems, and uses some 
or all of the CAS oversight attributes published in the Energy Facility 
Contractors Group (EFCOG) best practice, ``EFCOG Best Practice: 
Contractor Assurance System Effectiveness Validation.'' The EM approach 
utilizes contractor corporate resources as part of the review team. 
Corporate executives draw upon experiences from a variety of sources 
and provide valuable insights with respect to the overall effectiveness 
of the CAS and its performance within the organization. The outcome 
resulting from the joint participation of DOE and corporate leadership 
and other experts have focused on areas of concern and helped to 
sustain system improvements. Corporate efforts have been aligned with 
minimizing barriers to mission success and help to design metrics to be 
better leading indicators such that the contractor can manage more 
proactively and stay ahead of the issues.
    NNSA, in seeking to improve and sustain high quality safety basis 
documents, has focused on a number of initiatives. The NNSA Safety 
Roadmap includes two key pillars:
     NNSA corporately manages select Safety Basis Review Team 
(SBRT) evaluations in accordance with DOE STD-1104. Benefits from this 
program include providing a consistent approach for review and approval 
of safety basis documentation, and sharing of safety basis knowledge 
and experience across the NNSA enterprise.
     NNSA is in the final steps of Technical Qualification 
Program (TQP) Accreditation NNSA-wide. Expanding upon earlier 
accreditation from the Sandia Field Office, Nevada Field Office and NA-
50, the NNSA-wide TQP accreditation will ensure the consistent rigorous 
qualification of nuclear safety specialist personnel, quality assurance 
personnel, and other technical qualifications that support the federal 
review and approval of safety basis documentation.
    Additionally, NNSA has supported the DOE National Training Center's 
adaptation of the Safety Basis Professional Program and continuous 
improvement of safety basis curricula for federal and Maintenance and 
Operating partner personnel. NNSA has initiated a safety basis 
Community of Practice (COP) and supports/participates in the DOE QA 
COP. Similar forums are in place for facility representatives and other 
safety professionals. These forums provide a mechanism for sharing and 
discussion of issues and lessons learned, as well as providing a 
mechanism for the leveraging of key resources for emergent events.

Independent Oversight

    In accordance with DOE O 227.lA, Independent Oversight Program, the 
Department's Office of Enterprise Assessments (EA) is charged with 
performing independent assessments of nuclear safety. EA currently 
performs five to six assessments of nuclear facility safety basis 
documents a year. A standard component of these assessments is the 
evaluation of the Federal review and approval of safety basis 
documents. Specifically, EA reviews safety evaluation reports and other 
review documentation and observes selected aspects of the review 
process to determine the level of adherence to DOE-STD-1104-2016. In 
the last several years, EA has not identified any significant issues 
with the Federal review and approval of safety basis documentation.
    These assessments are prioritized first to complete reviews of high 
hazard nuclear project safety design basis documents as mandated by 
Congress, and second to review a sample of safety basis documents 
upgraded to DOE-STD-3009-2014. These assessments are very resource 
intensive, typically taking four to six weeks to review documents and 
an additional four to six weeks to resolve comments and prepare 
reports.
    Sub-recommendation 5.c describes a process that would require a 
significant shift in EA's current priorities and use of highly 
specialized resources and does not consider a holistic view of EA's 
mandate and current priorities.


[[Page 14671]]


    Authority: 42 U.S.C. 2286d(b)(2).

    Dated: March 5, 2020.
Bruce Hamilton,
Chairman.
[FR Doc. 2020-05141 Filed 3-12-20; 8:45 am]
 BILLING CODE 3670-01-P