CNL-14-076, Redacted Version of License Amendment Request (WBN-TS-14-02) to Change the Completion Date of Cyber Security Plan Implementation Milestone 8
| ML14149A318 | |
| Person / Time | |
|---|---|
| Site: | Watts Bar  |
| Issue date: | 05/27/2014 |
| From: | James Shea Tennessee Valley Authority |
| To: | Document Control Desk, Office of Nuclear Reactor Regulation |
| References | |
| CNL-14-076, WBN-TS-14-02 | |
| Download: ML14149A318 (18) | |
Text
Tennessee Valley Authority, 1101 Market Street, Chattanooga, Tennessee 37402 CNL-14-076 May 27, 2014 10 CFR 50.90 ATTN: Document Control Desk U.S. Nuclear Regulatory Commission Washington, D.C. 20555-0001 Watts Bar Nuclear Plant, Unit 1 Facility Operating License No. NPF-90 NRC Docket No. 50-390
Subject:
Redacted Version of License Amendment Request (WBN-TS-14-02) to Change the Completion Date of Cyber Security Plan Implementation Milestone 8
Reference:
Letter from WVA to NRC, "License Amendment Request (WBN-TS-14-02) to Change the Completion Date of Cyber Security Plan Implementation Milestone 8 (TAC NO, ME4951)," dated April 29, 2014.
(ADAMS Accession Number ML14133A406)
By letter dated April 29, 2014, Tennessee Valley Authority (TVA) submitted a license amendment request pertaining to the Cyber Security Plan implementation schedule, including a proposed revision to the existing Physical Protection license condition for the associated operating license. Enclosures 1 and 3 of the referenced letter were marked as Security-Related Information (SRI) to be withheld under 10 CFR 2.390(d)(1). Enclosure 2 is not an SRI document and was not marked as such in the referenced letter. Subsequent to that submittal, Mr. Andrew Hon, NRC, made a verbal request for TVA to provide a redacted version of Enclosures 1 and 3 to the referenced letter. With this submittal, TVA provides a complete, redacted version of Enclosures 1 and 3 to the referenced letter.
This submittal does not affect the conclusion of the referenced license amendment request that the proposed changes involve no significant hazards consideration.
There are no new regulatory commitments associated with this submittal. Please address any questions regarding this request to Edward D. Schrull at (423) 751-3850.
- 9ýr99V
ý_4ýL
U. S. Nuclear Regulatory Commission Page 2 May 27, 2014 I declare under penalty of perjury that the foregoing is true and correct. Executed on this 2 7 1h day of May 2014.
Respectfully, J. W.
Vice I
Enclosures:
1.
3.
Evaluation of Proposed Change (Redacted)
Revised Watts Bar Unit 1 Cyber Security Plan Implementation Schedule (Milestone 8) (Redacted)
Enclosures cc (Enclosures):
NRC Regional Administrator - Region II NRC Senior Resident Inspector - Watts Bar Nuclear Plant Director, Division of Radiological Health - Tennessee State Department of Environment and Conservation
U. S. Nuclear Regulatory Commission Page 3 May 27, 2014 JJC:TAH Enclosures bcc (Enclosures):
NRC Project Manager - Watts Bar Nuclear Plant, Unit 1 G. P. Arent M. A. Balduzzi T. J. Bradshaw (NSRB Coordinator)
R. H. Bryan C. R. Church D. M. Czufin M. A. Fencl J. P. Grimes C. E. Glover D. H. Gronek N. T. Henrich T. A. Hess E. D. Schrull J. W. Shea B. A. Wetzel P. R. Wetzel EDMS
rGIC URITY RATrD INSlRM'*D-kAA'TlN WITHHOlDW I 61 1 INDER 410 CFR.390 TENNESSEE VALLEY AUTHORITY WATTS BAR NUCLEAR PLANT UNIT I EVALUATION OF PROPOSED CHANGE (Redacted)
Subject:
License Amendment Request (WBN-TS-14-02) to Change the Completion Date of Cyber Security Plan Implementation Milestone 8
- 1.
SUMMARY
DESCRIPTION
- 2.
DETAILED DESCRIPTION 2.1 Current Cyber Security Plan 2.2 Requested Change 2.3 Bases for Proposed Change
- 3.
TECHNICAL EVALUATION 3.1 Technical Analysis of Eight Review Criteria 3.2 Analysis Concerning WBN Unit 2 Cyber Security Plan
- 4.
REGULATORY EVALUATION 4.1 Applicable Regulatory Requirements/Criteria 4.2 Significant Hazards Consideration 4.3 Conclusions
- 5.
ENVIRONMENTAL CONSIDERATION
- 6.
REFERENCES El-1
rSE-C-URIYrELAT-ED INrORMATIONWTHODUDR1CF239 1.0
SUMMARY
DESCRIPTION This evaluation supports a request to amend the Watts Bar Nuclear Plant (WBN),
Unit 1, Cyber Security Plan (CSP) and Facility Operating License. The proposed change extends the CSP Milestone 8completion date and updates license condition 2.E.(2) in Facility Operating License No. NPF-90. WBN Unit 1 has completed Milestones 1 through 7 and proposes to extend the Milestone 8 completion date to
[redacted]. This change will allow sufficient time to complete the actions required to fully comply with the requirements of 10 CFR 73.54.
2.0 DETAILED DESCRIPTION The proposed change revises the scheduled Milestone 8 completion date of the WBN Unit 1 CSP Implementation Schedule. CSP Milestone 8 addresses the full implementation of the WBN Unit 1 CSP for all safety, security, and emergency preparedness (SSEP) functions.
2.1 Current Cyber Security Plan The current WBN, Unit 1, CSP was approved by NRC to TVA letter, "Watts Bar Nuclear Plant, Unit 1 - Issuance of Amendment Regarding Cyber Security Plan (TAC NO. ME4951)," dated August 30, 2011 (ADAMS Accession Number ML11200A229). The WBN, Unit 1, CSP conforms to the model application provided in NEI 08-09, "Cyber Security Plan for Nuclear Power Reactors" Revision 6. The completion date for Milestone 8 in the approved WBN, Unit 1, CSP is
[redacted]
2.2 Requested Change TVA proposes to change the WBN Unit 1 Milestone 8 completion date from
[redacted]
to [redacted], in order to implement remediation actions, including design changes, resulting from the cyber security assessments. In addition, TVA proposes to update the amendment number in Facility Operating License to reflect the amended license.
2.3 Bases for Proposed Change Assessment preparation efforts, assessment performance, and development of remediation actions have been found to be more resource intensive than previously understood. To meet the requirements of 10 CFR 73.54, design changes will be required to be made to several plant systems. Extending the completion date of Milestone 8 will allow for [redacted]
to methodically design, procure, implement, and test the required design changes.
TVA requires the additional time to complete the necessary actions required to fully comply with the requirements set forth in 10 CFR 73.54. Despite the significant resources assigned to implementation of the CSP, TVA is experiencing challenges to full implementation of Milestone 8 due to the extensive effort associated with Critical Digital Asset (CDA) assessment and analysis and the uncertainty with respect to the interpretation of cyber security controls. The lack of clarity concerning interpretation El-2
rS IIrTV RIT rl RELATERD INll'RIATI'N WITHHD NIDr*R 410 CR I2 ag of security controls, including deterministic methodology in the CSP, leaves many items open to interpretation and could lead to inconsistent implementation of security controls. For instance, NRC guidance for Cyber Security Control Implementation has not yet been published. The guidance, when issued may cause changes to the current Cyber Security Control Assessment Process which has been developed by TVA for the Security Controls described in Nuclear Energy Institute (NEI) 08-09, "Cyber Security Plan for Nuclear Power Reactors," Revision 6.
The proposed change to the Milestone 8 completion date provides no reduction in effectiveness of the CSP. The activities associated with the CSP, as described in Milestones 1 through 7, provide a high degree of protection against radiological sabotage occurring due to cyber attack. These activities were performed first, but an extensive workload will be required to fully implement the CSP.
3.0 TECHNICAL EVALUATION
[redacted]
El-3
SECUR.!TY R.EL.ATED !NFOP.MA.T!ON
-WIHHOLD 'J.NDEP. 10 CFR. 2.390 3.1 Technical Analysis of Eight Review Criteria
- 1) Identification of the specific requirements of the cyber security plan that WBN needs additional time to implement.
[redacted]
- 2) Detailed justification that describes the reason the licensee requires additional time to implement the specific requirement or requirements identified.
[redacted]
El-4
RS.CURITY REL ATED INFORMATION ITHH'UO0-LDn I,UNDER 10 CF-R 29*20 Enclosure I
[redacted]
- 3) A proposed completion date for Milestone 8 consistent with the remaining scope of work to be conducted and the resources available.
[redacted]
El-5
J A AI*
A AAA Enclosure I
- 4) An evaluation of the impact that the additional time to implement the requirements will have on the effectiveness of the licensee's overall cyber security program in the context of the milestones already completed.
[redacted]
El-6
SECUR.ITY.RELATED Irog^NTORMATIONb, WITHHOL U
,DER 10 C-,-R *2.0
[redacted]
- 5) A description of the licensee's methodology for prioritizing completion of work for critical digital assets associated with significant safety, security, or emergency preparedness consequences and with reactivity effects in the balance of plant.
[redacted]
El-7
-SECU Ill RITY REl RATED I FIOC'RATI"ON -W/ITHHl in'D 1 rO 4UDR0 CFR 2,1320
- 6) A discussion of the licensee's cyber security program performance up to the date of the license amendment request.
[redacted]
- 7) A discussion of cyber security issues pending in the licensee's corrective action program.
[redacted]
El-8
SECU2RITY. RELATD
-FORM-T-ON W!THHOLD UND.R 10 CFR 2.320 Enclosure I
[redacted]
- 8) A discussion of modifications completed to support the cyber security program and a discussion of pending cyber security modifications.
[redacted]
El-9
SECUR.ITY R.ELATED INFOP.M.ATION WITHHOLD UN*.DER. 1. C.FR 2.!90 Enclosure I 3.2 Analysis Concerning WBN, Unit 2, Cyber Security Plan
[redacted]
4.0 REGULATORY EVALUATION
4.1 Applicable Regulatory RequirementslCriteria 10 CFR 73.54 requires licensees to maintain and implement a cyber security plan.
WBN Facility Operating License No. NPF-90 includes license condition 2.E.(2) that requires WBN to fully implement and maintain in effect all provisions of the Commission approved CSP, including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p).
4.2 Significant Hazards Consideration Tennessee Valley Authority (TVA) proposes to modify the Watts Bar Nuclear Plant (WBN), Unit 1, Cyber Security Plan (CSP) implementation date for Milestone 8.
These changes are being proposed to allow for [redacted]
to methodically plan and schedule the implementation of the required design changes.
TVA has concluded that the change to the WBN, Unit 1, CSP implementation date for Milestone 8 does not involve a significant hazards consideration. TVA's conclusion is based on its evaluation in accordance with 10 CFR 50.91(a)(1) of the three standards set forth in 10 CFR 50.92, "Issuance of Amendment," as discussed below:
- 1.
Does the proposed amendment involve a significant increase in the probability or consequence of an accident previously evaluated?
Response: No.
The proposed change revises the CSP Milestone 8 implementation date. This change does not alter accident analysis assumptions, add any initiators, or affect the function of plant systems or the manner in which systems are operated, maintained, modified, tested, or inspected. The proposed change is an extension to the completion date of implementation Milestone 8, that in El-10
SECURIITY RELOATE 0InFOR.PATION WITHHOLn U InE-R 4.0 CFR 2.3 90 itself does not require any plant modifications which affect the performance capability of the structures, systems, and components relied upon to mitigate the consequences of postulated accidents and have no impact on the probability or consequences of an accident previously evaluated.
Therefore, the proposed change does not involve a significant increase in the probability or consequences of an accident previously evaluated.
- 2.
Does the proposed amendment create the possibility of a new or different kind of accident from any accident previously evaluated?
Response: No.
The proposed change revises the CSP Implementation Schedule. This proposed change to extend the completion date of implementation Milestone 8 does not alter accident analysis assumptions, add any initiators, or affect the function of plant systems or the manner in which systems are operated, maintained, modified, tested, or inspected. The proposed change does not require any plant modifications which affect the performance capability of the structures, systems and components relied upon to mitigate the consequences of postulated accidents. This change also does not create the possibility of a new or different kind of accident from any accident previously evaluated.
Therefore, the proposed change does not create the possibility of a new or different kind of accident from any accident previously evaluated.
- 3.
Does the proposed amendment involve a significant reduction in a margin of safety?
Response: No.
Plant safety margins are established through limiting conditions for operation, limiting safety system settings, and safety limits specified in the technical specifications. The proposed change extends the CSP implementation schedule. Because there is no change to these established safety margins as result of this change, the proposed change does not involve a significant reduction in a margin of safety.
Therefore, the proposed change does not involve a significant reduction in a margin of safety.
Based on the above, TVA concludes that the proposed extension presents no significant hazards consideration under the standards set forth in 10 CFR 50.92(c), and accordingly, a finding of "no significant hazards consideration" is justified.
El-11
SE-CUIRITY REl A-ATED-INF'&OGRhATIlN WITHHIOL36-D UNDER I GI11
,IR 2.2*0 4.3 Conclusions 10 CFR 73.54 requires that each licensee shall provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks up to and including the design basis threat established by 10-CFR 73.1(a)(1)(v).
The proposed change amends the CSP Implementation Schedule and does not change any feature of the CSP that meets the requirements of 10 CFR 73.54 as previously approved by the NRC.
The proposed change has been evaluated in accordance with 10 CFR 50.91 (a)(1) using criteria in 10 CFR 50.92(c), and it has been determined that the changes involve no significant hazards consideration.
In conclusion, based on the considerations discussed above: (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner; (2) such activities will be conducted in compliance with the Commission's regulations; and (3) the issuance of the amendment will not be inimical to the common defense and security or to the health and safety of the public.
5.0 ENVIRONMENTAL CONSIDERATION
The proposed amendment changes the Cyber Security Plan Implementation Schedule for Milestone 8. The proposed amendment meets the eligibility criterion for a categorical exclusion set forth in 10 CFR 51.22(c)(12). Therefore, pursuant to 10 CFR 51.22(b) no environmental impact statement or environmental assessment need be prepared in connection with the issuance of the amendment.
El-12
6ECU.RITy REL.ATED INFORMATION WIATHHuL, U0 1101036r 40FR 2,3"0 Enclosure i
6.0 REFERENCES
- 1. Letter from NRC to TVA, " Watts Bar Nuclear Plant, Unit 1 - Issuance of Amendment Regarding Cyber Security Plan (TAC NO. ME4951)," dated August 30, 2011. (ADAMS Accession Number ML11200A229)
- 2. NRC Internal Memorandum to Barry Westreich from Russell Felts, "Review Criteria for 10 CFR 73.54, Cyber Security Implementation Schedule Milestone 8 License Amendment Requests," dated October 24, 2013.
(ADAMS Accession Number ML13295A467)
El-13
SECURITY R-L=-R ED I.N.'FOR.M^AATIO.N 1
WITHHOLD UN'DER 4 CFR 2.390 Revised Watts Bar Unit I Cyber Security Plan Implementation Schedule (Milestone 8)
E3-1
6'0 IRITY REl A'TED IlF"AORMATIN WAITHHOLDA UN I Ilrtr'DER 410 4'R - 3ago Cyber Security Plan Implementation Schedule Watts Bar Nuclear Plant - Unit 1 I3.
8 Full implementation of Watts Bar Nuclear Plant Cyber Security Plan for all SSEP functions for WBN Unit 1 will be achieved.
[redacted].
By the completion date, Watts Bar Nuclear Plant Cyber Security Plan will be fully implemented for all SSEP functions for WBN Unit 1 in accordance with 10 CFR 73.54. This date also bounds the completion of all individual asset security control design remediation actions including those that require a refuel outage for implementation.
SEC' UPIT RE'LATEDn I.NFO.A.TION WITHHOL-D UHNDER 2.390Pge5o5 Page 5 of 5