|
|---|
Category:Inspection Report
MONTHYEARIR 05000263/20230042024-01-31031 January 2024
Integrated Inspection Report 05000263/2023004
IR 05000263/20244012024-01-22022 January 2024
Information Request for the Cyber-Security Baseline Inspection, Notification to Perform Inspection 05000263/2024401
IR 05000263/20234022023-12-13013 December 2023
Security Baseline Inspection Report 05000263/2023402
IR 05000263/20230032023-11-13013 November 2023
Integrated Inspection Report 05000263/2023003 and 07200058/2023001
IR 05000263/20230102023-09-0707 September 2023
Commercial Grade Dedication Inspection Report 05000263/2023010
IR 05000263/20230052023-08-30030 August 2023
Updated Inspection Plan for Monticello Nuclear Generating Plant (Report 05000263/2023005)
IR 05000263/20230022023-08-0707 August 2023
Plantintegrated Inspection Report 05000263/2023002
IR 05000263/20235012023-07-13013 July 2023
Emergency Preparedness Inspection Report 05000263/2023501
IR 05000263/20230012023-05-0404 May 2023
Integrated Inspection Report 05000263/2023001
IR 05000263/20234012023-05-0404 May 2023
Security Baseline Inspection Report 05000263/2023401
IR 05000263/20220062023-03-0101 March 2023
Annual Assessment Letter for Monticello Nuclear Generating Plant, Unit 1 (Report 05000263/2022006)
IR 05000263/20220042023-01-17017 January 2023
Integrated Inspection Report 05000263/2022004
IR 05000263/20220122022-12-15015 December 2022
Triennial Inspection of Evaluation of Changes, Tests and Experiments Baseline Inspection Report 05000263/2022012
IR 05000263/20220132022-11-21021 November 2022
Biennial Problem Identification and Resolution Inspection Report 05000263/2022013
IR 05000263/20223012022-11-21021 November 2022
NRC Initial License Examination Report 05000263/2022301
IR 05000263/20220032022-11-17017 November 2022
Reissue - Monticello Nuclear Generating Plant - Integrated Inspection Report 05000263/2022003
ML22307A1822022-11-14014 November 2022
Integrated Inspection Report 05000263/2022003
IR 05000263/20224032022-10-19019 October 2022
Security Baseline Inspection Report 05000263/2022403 (Public)
IR 05000263/20220052022-08-29029 August 2022
Updated Inspection Plan for Monticello Nuclear Generating Plant (Report 05000263/2022005)
IR 05000263/20220022022-07-28028 July 2022
Integrated Inspection Report 05000263/2022002
IR 05000263/20220012022-05-10010 May 2022
Generation Plant - Integrated Inspection Report 05000263/2022001
IR 05000263/20224022022-05-0505 May 2022
Security Baseline Inspection Report 05000263/2022402; Independent Spent Fuel Storage Installation Security Inspection Report 07200058/2022401
IR 05000263/20224012022-03-28028 March 2022
Generation Plant - Cyber Security Inspection Report 05000263/2022401
IR 05000263/20210062022-03-0202 March 2022
Annual Assessment Letter for Monticello Nuclear Generating Plant, Unit 1 (Report 05000263/2021006)
IR 05000263/20210042022-01-28028 January 2022
Integrated Inspection Report 05000263/2021004 and 07200058/2021001
IR 05000263/20214022021-12-16016 December 2021
Triennial Material Control and Accounting Report 05000263/2021402
IR 05000263/20214202021-11-15015 November 2021
Security Baseline Inspection Report Cover Letter 05000263 2021420
IR 05000263/20210032021-10-27027 October 2021
Plan, Integrated Inspection Report 05000263/2021003
IR 05000263/20210102021-10-0808 October 2021
Design Basis Assurance Inspection (Teams) Inspection Report 05000263/2021010
IR 05000263/20210112021-09-29029 September 2021
Plan - Temporary Instruction 2515/194 Inspection; Ibspection Report 05000263/2021011
IR 05000263/20215012021-09-0101 September 2021
Emergency Preparedness Biennial Exercise Inspection Report 05000263/2021501
IR 05000263/20210052021-09-0101 September 2021
Updated Inspection Plan for Monticello Nuclear Generating Plant 2 (Report 05000263/2021005)
IR 05000263/20210022021-08-0303 August 2021
Integrated Inspection Report 05000263/2021002
IR 05000263/20210012021-04-30030 April 2021
Integrated Inspection Report 05000263/2021001
IR 05000263/20200062021-03-0404 March 2021
Annual Assessment Letter for the Monticello Nuclear Generating Plant (Report 05000263/2020006)
IR 05000263/20200102021-03-0202 March 2021
Reissue - Monticello Nuclear Generating Plant - Biennial Problem Identification and Resolution Inspection Report 05000263/2020010
IR 05000263/20200042021-01-20020 January 2021
Integrated Inspection Report 05000263/2020004
ML21013A4222021-01-13013 January 2021
Biennial Problem Identification and Resolution Inspection Report 05000263/2020010
IR 05000263/20203012020-12-0909 December 2020
NRC Initial License Examination Report 05000263/2020301
IR 05000263/20204022020-12-0303 December 2020
Security Baseline Inspection Report 05000263/2020402 (Cover Letter Only)
IR 05000263/20200152020-11-0909 November 2020
NRC Inspection Report 05000263/2020015
IR 05000263/20200032020-11-0909 November 2020
Integrated Inspection Report 05000263/2020003
IR 05000263/20200132020-10-13013 October 2020
Design Basis Assurance Inspection (Programs) Inspection Report 05000263/2020013
IR 05000263/20204012020-09-22022 September 2020
Security Baseline Inspection Report 05000263/2020401 (Cover Letter Only)
IR 05000263/20200052020-09-0101 September 2020
Updated Inspection Plan for Monticello Nuclear Generating Plant (Report 05000263/2020005)
IR 05000263/20200022020-08-0303 August 2020
Integrated Inspection Report 05000263/2020002
IR 05000263/20200142020-06-30030 June 2020
License Renewal Phase IV Report 05000263/2020014
IR 05000263/20200122020-05-26026 May 2020
Inspection of the Implementation of EA-13-09: Order Modifying Licenses with Regard to Reliable Hardened Containment Vents Capable of Operation Under Severe Accident Conditions Report 05000263/2020012
IR 05000263/20200012020-05-0404 May 2020
Integrated Inspection Report 05000263/2020001
IR 05000263/20200112020-03-31031 March 2020
Triennial Fire Protection Inspection Report 05000263/2020011
2024-01-31
[Table view]
Category:Letter
MONTHYEARML24025A9362024-01-31031 January 2024
Exemption from Select Requirements of 10 CFR Part 73 (EPID L-2023-LLE-0055 (Security Notifications, Reports, and Recordkeeping and Suspicious Activity Reporting))
IR 05000263/20230042024-01-31031 January 2024
Integrated Inspection Report 05000263/2023004
ML24024A0722024-01-24024 January 2024
Independent Spent Fuel Storage Installation, Onticello, Supplement to Request for Exemption from Enhanced Weapons, Firearms Background Checks, and Security Event Notifications Implementation
IR 05000263/20244012024-01-22022 January 2024
Information Request for the Cyber-Security Baseline Inspection, Notification to Perform Inspection 05000263/2024401
L-MT-23-054, Subsequent License Renewal Application Supplement 82024-01-11011 January 2024
Subsequent License Renewal Application Supplement 8
L-MT-23-047, License Amendment Request: Revision to the MNGP Pressure Temperature Limits Report to Change the Neutron Fluence Methodology and Incorporate New Surveillance Capsule Data2023-12-29029 December 2023
License Amendment Request: Revision to the MNGP Pressure Temperature Limits Report to Change the Neutron Fluence Methodology and Incorporate New Surveillance Capsule Data
L-MT-23-056, Subsequent License Renewal Application Response to Request for Additional Information and Request for Confirmation of Information - Set 1 Part 22023-12-18018 December 2023
Subsequent License Renewal Application Response to Request for Additional Information and Request for Confirmation of Information - Set 1 Part 2
ML23349A0572023-12-15015 December 2023
and Independent Spent Fuel Storage Installation, Revision to Correspondence Service List for Northern States Power - Minnesota
IR 05000263/20234022023-12-13013 December 2023
Security Baseline Inspection Report 05000263/2023402
L-MT-23-042, 2023 Annual Report of Changes in Emergency Core Cooling System Evaluation Models Pursuant to 10 CFR 50.462023-12-11011 December 2023
2023 Annual Report of Changes in Emergency Core Cooling System Evaluation Models Pursuant to 10 CFR 50.46
L-MT-23-052, Subsequent License Renewal Application Supplement 72023-11-30030 November 2023
Subsequent License Renewal Application Supplement 7
L-MT-23-051, Update to the Technical Specification Bases2023-11-28028 November 2023
Update to the Technical Specification Bases
L-MT-23-049, Subsequent License Renewal Application Response to Request for Additional Information and Request for Confirmation of Information - Set 12023-11-21021 November 2023
Subsequent License Renewal Application Response to Request for Additional Information and Request for Confirmation of Information - Set 1
ML23319A3182023-11-15015 November 2023
Request for Exemption from Enhanced Weapons, Firearms Background Checks, and Security Event Notifications Implementation
IR 05000263/20230032023-11-13013 November 2023
Integrated Inspection Report 05000263/2023003 and 07200058/2023001
L-MT-23-043, 10 CFR 50.55a(z)(1) Request Regarding OMN-17, Revision 1. VR-092023-11-13013 November 2023
10 CFR 50.55a(z)(1) Request Regarding OMN-17, Revision 1. VR-09
L-MT-23-038, License Amendment Request to Revise Monticello Technical Specification Surveillance Requirement 3.8.6.62023-11-10010 November 2023
License Amendment Request to Revise Monticello Technical Specification Surveillance Requirement 3.8.6.6
L-MT-23-046, Subsequent License Renewal Application Response to Request for Additional Information Round 2 - Set 12023-11-0909 November 2023
Subsequent License Renewal Application Response to Request for Additional Information Round 2 - Set 1
ML23291A1102023-10-23023 October 2023
Environmental Audit Summary and RCIs and RAIs
ML23285A3062023-10-12012 October 2023
Implementation of the Fleet Standard Emergency Plan for the Monticello Nuclear Generating Plant and the Prairie Island Nuclear Generating Plant
L-MT-23-041, Subsequent License Renewal Application Response to Request for Confirmation of Information Set 22023-10-0303 October 2023
Subsequent License Renewal Application Response to Request for Confirmation of Information Set 2
L-MT-23-037, Subsequent License Renewal Application Response to Request for Additional Information Set 32023-09-22022 September 2023
Subsequent License Renewal Application Response to Request for Additional Information Set 3
ML23262B0372023-09-19019 September 2023
Response to NRC Request for Additional Information Regarding the 2023 Monticello and Prairie Island Plant Decommissioning Funding Status Reports
ML23248A2092023-09-18018 September 2023
Proposed Alternative VR-11 to the Requirements of the ASME OM Code Associated with Periodic Verification Testing of MO-2397, Reactor Water Cleanup Inboard Isolation Valve
ML23256A1682023-09-13013 September 2023
Independent Spent Fuel Storage Installation and Monticello Nuclear Generating Plant - Voluntary Security Clearance Program 2023 Insider Threat Program Self-Inspection
IR 05000263/20230102023-09-0707 September 2023
Commercial Grade Dedication Inspection Report 05000263/2023010
L-MT-23-036, Subsequent License Renewal Application Response to Request for Additional Information Set 2 and Supplement 62023-09-0505 September 2023
Subsequent License Renewal Application Response to Request for Additional Information Set 2 and Supplement 6
ML23214A2412023-08-31031 August 2023
Letter: Aging Management Audit - Monticello Unit 1 - Subsequent License Renewal Application
IR 05000263/20230052023-08-30030 August 2023
Updated Inspection Plan for Monticello Nuclear Generating Plant (Report 05000263/2023005)
L-MT-23-035, Subsequent License Renewal Application Supplement 52023-08-28028 August 2023
Subsequent License Renewal Application Supplement 5
ML23241A9732023-08-21021 August 2023
Request for Scoping Comments Concerning the Environmental Review of Monticello Nuclear Generating Plant, Unit 1, Subsequent License Renewal Application (Docket No. 50-263)
L-MT-23-034, Subsequent License Renewal Application Response to Request for Additional Information Set 12023-08-15015 August 2023
Subsequent License Renewal Application Response to Request for Additional Information Set 1
ML23222A0122023-08-10010 August 2023
Independent Spent Fuel Storage Installation and Monticello Nuclear Generating Plant - Changes in Foreign Ownership, Control or Influence
ML23215A1312023-08-0909 August 2023
License Renewal Regulatory Audit Regarding the Environmental Review of the Subsequent License Renewal Application
IR 05000263/20230022023-08-0707 August 2023
Plantintegrated Inspection Report 05000263/2023002
L-MT-23-028, 2023 Refueling Outage 90-Day Inservice Inspection (ISI) Summary Report2023-07-31031 July 2023
2023 Refueling Outage 90-Day Inservice Inspection (ISI) Summary Report
L-MT-23-032, 10 CFR 50.55a(z)(2) Request Regarding MO-2397, VR-112023-07-31031 July 2023
10 CFR 50.55a(z)(2) Request Regarding MO-2397, VR-11
ML23198A0412023-07-28028 July 2023
LRA Availability Letter
ML23206A2342023-07-25025 July 2023
Independent Spent Fuel Storage Installation, and Monticello Nuclear Generating Plant, Changes in Foreign Ownership, Control or Influence
ML23201A0352023-07-24024 July 2023
Notification of an NRC Biennial Licensed Operator Requalification Program Inspection and Request for Information
ML23202A0032023-07-21021 July 2023
Independent Spent Fuel and Independent Spent Fuel Storage Installation, Monticello Nuclear Generating Plant, Submittal of Quality Assurance Topical Report (NSPM-1)
L-MT-23-031, Subsequent License Renewal Application Supplement 4 and Responses to Request for Confirmation of Information - Set 12023-07-18018 July 2023
Subsequent License Renewal Application Supplement 4 and Responses to Request for Confirmation of Information - Set 1
ML23195A1732023-07-14014 July 2023
Revision of Standard Practice Procedures Plan
IR 05000263/20235012023-07-13013 July 2023
Emergency Preparedness Inspection Report 05000263/2023501
2024-01-31
[Table view] |
Text
March 28, 2022
SUBJECT:
MONTICELLO NUCLEAR GENERATING PLANT-CYBER SECURITY INSPECTION REPORT 05000263/2022401
Dear Mr. Domingos:
On February 22, 2022, the U.S. Nuclear Regulatory Commission (NRC) completed an inspection at Monticello Nuclear Generating Plant and discussed the results of this inspection with Mr. K. Nyberg, Director of Site Performance and Support and other members of your staff.
The results of this inspection are documented in the enclosed report.
No findings or violations of more than minor significance were identified during this inspection.
This letter, its enclosure, and your response (if any) will be made available for public inspection and copying at http://www.nrc.gov/reading-rm/adams.html and at the NRC Public Document Room in accordance with Title 10 of the Code of Federal Regulations 2.390, Public Inspections, Exemptions, Requests for Withholding.
Sincerely, Signed by Skokowski, Richard on 03/28/22 Richard A. Skokowski, Chief Engineering Branch 3 Division of Reactor Safety Docket No. 05000263 License No. DPR-22
Enclosure:
As stated
Inspection Report
Docket Number: 05000263 License Number: DPR-22 Report Number: 05000263/2022401 Enterprise Identifier: I-2022-401-0023 Licensee: Northern States Power Company, Minnesota Facility: Monticello Nuclear Generating Plant Location: Monticello, MN Inspection Dates: February 14, 2022 to February 18, 2022 Inspectors: A. Dahbur, Senior Reactor Inspector J. Gilliam, Senior Reactor Inspector A. Prada, Cyber Security Analyst (Contractor)
C. Priester, Cyber Security Analyst (Contractor)
Approved By: Richard A. Skokowski, Chief Engineering Branch 3 Division of Reactor Safety Enclosure
SUMMARY
The U.S. Nuclear Regulatory Commission (NRC) continued monitoring the licensees performance by conducting a cyber security inspection at Monticello Nuclear Generating Plant, in accordance with the Reactor Oversight Process. The Reactor Oversight Process is the NRCs program for overseeing the safe operation of commercial nuclear power reactors. Refer to https://www.nrc.gov/reactors/operating/oversight.html for more information.
List of Findings and Violations
No findings or violations of more than minor significance were identified.
Additional Tracking Items
None.
INSPECTION SCOPES
Inspections were conducted using the appropriate portions of the inspection procedures (IPs) in effect at the beginning of the inspection unless otherwise noted. Currently approved IPs with their attached revision histories are located on the public website at http://www.nrc.gov/reading-rm/doc-collections/insp-manual/inspection-procedure/index.html. Samples were declared complete when the IP requirements most appropriate to the inspection activity were met consistent with Inspection Manual Chapter (IMC) 2201, Security Inspection Program for Commercial Nuclear Power Reactors. The inspectors reviewed selected procedures and records, observed activities, and interviewed personnel to assess licensee performance and compliance with Commission rules and regulations, license conditions, site procedures, and standards.
SAFEGUARDS
The inspectors reviewed implementation of Monticello Generating Plants Cyber Security Plan (CSP) and focused on evaluating changes to the program, critical systems, and Critical
===Digital Assets (CDAs).
Cybersecurity (1 Sample)===
- (1) The following IP sections were completed and constitute completion of 1 sample:
- 03.01, Review Ongoing Monitoring and Assessment Activities
- 03.02, Verify Defense-in-Depth Protective Strategies
- 03.03, Review of Configuration Management Change Control
- 03.04, Review of Cyber Security Program
- 03.05, Evaluation of Corrective Actions In addition to the systems and programs that have been added or modified since the last cyber security inspection, the following systems were selected for inspection.
Unit 1
- CMP- Computer, Important-to-Safety
- HPC- High Pressure Coolant Injection, Safety-Related
- SIN- Security Instrumentation, Security
- SEL- Security Facility Electrical, Security
INSPECTION RESULTS
No findings were identified.
EXIT MEETINGS AND DEBRIEFS
The inspectors verified no proprietary information was retained or documented in this report.
On February 22, 2022, the inspectors presented the cyber security inspection results to Mr. K. Nyberg, Director of Site Performance and Support and other members of the licensee staff.
DOCUMENTS REVIEWED
Inspection Type Designation Description or Title Revision or
Procedure Date
71130.10 Corrective Action 01000060470 Acronis Backups on the Security Computer System 02/10/2022
Documents 501000003112 Cyber Kiosk Defense-in-Depth 09/27/2017
501000003132 CDA Media Sanitization 09/08/2017
501000015940 Wrong Level CDA Media 09/20/2018
501000030162 Media Cabinet Unlocked 07/29/2019
501000030182 Feeder Motor Protection Relay Missing 07/30/2019
501000041636 CSAT Evaluation of X-Ray 06/17/2020
501000058604 Unauthorized USB Media Used on CDA 11/23/2021
501000058844 FSA Cyber21-Review SecCompRm Door Access 12/06/2021
501000058971 Corrective Action: Cyber Security Vulnerabilities 2021-11 12/10/2021
501000058971 Condition Evaluation - November 2021 Vulnerabilities 01/06/2022
501000059900 Condition Evaluation - December 2021 Vulnerabilities 01/26/2022
501000060137 Spare HGU Order Cancelled 01/27/2022
Corrective Action 501000060470 22Cyber - Security Computer Backups 02/11/2022
Documents 501000060567 22Cyber - MM WO Lacking Parts Info 02/15/2022
Resulting from 501000060600 22Cyber - Acronis Backup Version on SCS 02/15/2022
Inspection 501000060601 22Cyber - CP-FWL-07 CDA Assessment 02/15/2022
501000060668 22Cyber - CP-FWL-07 Control D4.3 02/17/2022
501000060669 22Cyber - CAS Printer Control D5.1 02/17/2022
Drawings M-124 NH-36250 High Pressure Coolant Injection System 87
NX-8292-12-6 Shutdown HPCI System 79
Miscellaneous 1400858 AT-0175 Action Request Record Report - CYB SEC PLAN 10/09/2016
D4.3 PASSWORD REQUIRMENTS
1401049 AT-0175 Action Request Record Report - CYB SEC PLAN 11/23/2016
D4.7 AUTHENTICATOR MGMT
CASF DEV FEL- Compliance Assessment Summary Form - Generator 1
MISC Electrical
CASF DEV SEL- Compliance Assessment Summary Form - Hand Geometry 0
HGU Units
CASF DEV SIN- Compliance Assessment Summary Form - Alarm Processing 0
APU-20180406 Units
Inspection Type Designation Description or Title Revision or
Procedure Date
CASF DEV SIN- Compliance Assessment Summary Form - CCTV Cameras 3
CAMERA-
210618
CASF DEV SIN- Compliance Assessment Summary Form - Proximity Card 0
CRDR-20150527 Readers
CASF DEV SIN- Compliance Assessment Summary Form - Security 3
IMUX-20210326 Multiplexer
CASF DEV SIN- Compliance Assessment Summary Form - Keyboard Video 0
KVM-20170911 Mouse Switch
CASF DEV SIN- Compliance Assessment Summary Form - Security Network 2
NS-20181112 Switches
CASF DEV SIN- Compliance Assessment Summary Form - Security 2
PC-20210504 Workstations
CASF DEV SIN- Compliance Assessment Summary Form - Security 2
SVR-20181112 Computer System Servers
CASF DEV SIN- Compliance Assessment Summary Form - CCTV Video 1
VIDEO-20190111 Equipment
CASF DEV-SIN- Compliance Assessment Summary Form - Intrusion 0
CYBER- Prevention / SIEM / NAS
20150916
Cyber Security Letter from Rockwell Collins 11/27/2017
Test Description
FAT SCS-
CSTDF-202734
Addendum
Cyber Security AIM Security Computer Cyber Security Test Description July 2014
Test Description (FAT)
FAT SCS-
CSTDF-
2734.01
CYBER-PLN Xcel Energy, INC. Cyber Security Plan 0
PBD-KIOSK Cyber Security Program Basis Document 2
SCS-CSTDF Security Computer System Hardening 07/01/2014
2734.01
Inspection Type Designation Description or Title Revision or
Procedure Date
SCS-VDD- Rockwell Collins Version Description Document 8
203217.08
Switch Config Switch Configurations of NS1 & NS2 02/15/2022
Procedures C.5-3302 Alternate Pressure Control 25
FG-IT-CSP-06-02 IT Cyber Administrative Maintenance Guide for Kiosk 3
FP-IT-CSP-05 Cyber Security Audit and Logging Procedure 2
FP-IT-CSP-06 Cyber Security Malicious Code Protection Procedure 7
FP-IT-CSP-07 Cyber Security Portable Computing Device Procedure 6
FP-IT-CSP-11 Cyber Security Incident and Response Procedure 5
FP-IT-CSP-16 Cyber Security Program Training Procedure 5
FP-IT-CSP-21 Cyber Security CDA Media Protection Procedure 6
FP-IT-CSP-22 Cyber Security Vulnerability Assessment Procedure 0
FP-IT-CSP-24 Cyber Security Ongoing Monitoring Procedure 0
FP-IT-CSP-25 Cyber Security CDA Management Procedure 5
FP-IT-CSP-31 Cyber Security Incident Response Exercise / Drill Procedure 1
FP-IT-CSP-65 Cyber Security CDA Access Control Procedure 1
FP-IT-SQA-01 Software Quality Assurance (SQA) Program 20
FP-IT-SQA-05 Computer Work Order 16
FP-IT-SQA-10 The Software Testing Phase 11
FP-SC-GEN-08 Supply Chain Requests 21
FP-SC-WHS-07 Material Control 1
Work Orders CWO- Computer Work Order - Implement SCS Final Configuration 03/27/2018
611000000786
CWO- Computer Work Order 16
611000001953
CWO- Computer Work Order 16
611000002133
CWO- Computer Work Order - SCS VMWare Upgrade 02/25/2021
611000003181
CWO- Monthly OCA Camera Cyber Maintenance 09/29/2021
611000003610
CWO- Monthly OCA Camera Cyber Maintenance 11/24/2021
611000003618
Inspection Type Designation Description or Title Revision or
Procedure Date
CWO- Metadefender Core 12/21/2021
611000003716
CWO- Metadefender Core 01/04/2022
611000003728
CWO-SCS Computer Work Order - Service Pack 5 (SP5) 07/01/2019
611000001974 Implementation
Service Pack 5
_SP5_
Implementation
WM-WO-0156 Noble Gas Monitor Work Order 04/23/2020
WO-00494225 EC22668 Security Card Reader / IMUX Replacement 09/03/2014
Task 07
7
