1) Safety analyses shall establish the identification and functions of SACs and the
significance to safety of the functions of the SAC.
2) The ensemble of safety controls including SACs, where designated, shall be designed
and configured to provide multiple layers of protection to prevent or mitigate the
unintended release of radioactive materials.
3) Defense-in-depth, as applied to the formulation of SACs shall include conservative
4) Engineering evaluations, trade-offs, and experience shall be used to develop practical
SACs that achieve the functional safety objectives.
5) Adequacy of SACs to perform effectively their required safety functions shall be
documented in the DSA.
6) SACs shall be formulated so that they can perform their safety functions when called
upon and under a quality assurance program that satisfies 10 CFR 830, Subpart A.
7) Classification of Administrative Controls as SACs shall use the same criteria as used for
Safety SSCs in STD-3009, Preparation Guide For U.S Department Of Energy
Nonreactor Nuclear Facility Documented Safety Analyses.
8) SACs shall be configured with appropriate safety margins to support assurance of safety
9) Appropriate human factors engineering should be integrated with the formulation of
10) In some cases, SACs rely on supporting SSCs to perform their intended safety function.
These SSCs should meet performance requirements consistent with their safety
Considerations and guidance for satisfying these corollaries to SSC design guidance, as
applied to SACs, are provided in sections 2 and 3 of this Standard.
Derivation of Hazard Controls in the DSA
The provisions in 10 CFR 830.204 require a DSA to "Derive the hazard controls necessary to
ensure adequate protection of workers, the public, and the environment, demonstrate the
adequacy of these controls to eliminate, limit, or mitigate identified hazards, and define the
process for maintaining the hazard controls current at all times and controlling their use."