IR 05000263/2022401

From kanterella
Jump to navigation Jump to search
Generation Plant - Cyber Security Inspection Report 05000263/2022401
ML22083A184
Person / Time
Site: Monticello Xcel Energy icon.png
Issue date: 03/28/2022
From: Richard Skokowski
Engineering Branch 3
To: Domingos C
Northern States Power Company, Minnesota
References
IR 2022401
Download: ML22083A184 (9)


Text

SUBJECT:

MONTICELLO NUCLEAR GENERATING PLANT-CYBER SECURITY INSPECTION REPORT 05000263/2022401

Dear Mr. Domingos:

On February 22, 2022, the U.S. Nuclear Regulatory Commission (NRC) completed an inspection at Monticello Nuclear Generating Plant and discussed the results of this inspection with Mr. K. Nyberg, Director of Site Performance and Support and other members of your staff.

The results of this inspection are documented in the enclosed report.

No findings or violations of more than minor significance were identified during this inspection.

This letter, its enclosure, and your response (if any) will be made available for public inspection and copying at http://www.nrc.gov/reading-rm/adams.html and at the NRC Public Document Room in accordance with Title 10 of the Code of Federal Regulations 2.390, Public Inspections, Exemptions, Requests for Withholding.

Sincerely, Richard A. Skokowski, Chief Engineering Branch 3 Division of Reactor Safety Docket No. 05000263 License No. DPR-22

Enclosure:

As stated

Inspection Report

Docket Number:

05000263

License Number:

DPR-22

Report Number:

05000263/2022401

Enterprise Identifier:

I-2022-401-0023

Licensee:

Northern States Power Company, Minnesota

Facility:

Monticello Nuclear Generating Plant

Location:

Monticello, MN

Inspection Dates:

February 14, 2022 to February 18, 2022

Inspectors:

A. Dahbur, Senior Reactor Inspector

J. Gilliam, Senior Reactor Inspector

A. Prada, Cyber Security Analyst (Contractor)

C. Priester, Cyber Security Analyst (Contractor)

Approved By:

Richard A. Skokowski, Chief

Engineering Branch 3

Division of Reactor Safety

SUMMARY

The U.S. Nuclear Regulatory Commission (NRC) continued monitoring the licensees performance by conducting a cyber security inspection at Monticello Nuclear Generating Plant, in accordance with the Reactor Oversight Process. The Reactor Oversight Process is the NRCs program for overseeing the safe operation of commercial nuclear power reactors. Refer to https://www.nrc.gov/reactors/operating/oversight.html for more information.

List of Findings and Violations

No findings or violations of more than minor significance were identified.

Additional Tracking Items

None.

INSPECTION SCOPES

Inspections were conducted using the appropriate portions of the inspection procedures (IPs) in effect at the beginning of the inspection unless otherwise noted. Currently approved IPs with their attached revision histories are located on the public website at http://www.nrc.gov/reading-rm/doc-collections/insp-manual/inspection-procedure/index.html. Samples were declared complete when the IP requirements most appropriate to the inspection activity were met consistent with Inspection Manual Chapter (IMC) 2201, Security Inspection Program for Commercial Nuclear Power Reactors. The inspectors reviewed selected procedures and records, observed activities, and interviewed personnel to assess licensee performance and compliance with Commission rules and regulations, license conditions, site procedures, and standards.

SAFEGUARDS

71130.10 - Cybersecurity

The inspectors reviewed implementation of Monticello Generating Plants Cyber Security Plan (CSP) and focused on evaluating changes to the program, critical systems, and Critical Digital Assets (CDAs).

Cybersecurity (1 Sample)

(1) The following IP sections were completed and constitute completion of 1 sample:

-

03.01, Review Ongoing Monitoring and Assessment Activities

-

03.02, Verify Defense-in-Depth Protective Strategies

-

03.03, Review of Configuration Management Change Control

-

03.04, Review of Cyber Security Program

-

03.05, Evaluation of Corrective Actions In addition to the systems and programs that have been added or modified since the last cyber security inspection, the following systems were selected for inspection.

Unit 1

-

CMP-Computer, Important-to-Safety

-

HPC-High Pressure Coolant Injection, Safety-Related

-

SIN-Security Instrumentation, Security

-

SEL-Security Facility Electrical, Security

INSPECTION RESULTS

No findings were identified.

EXIT MEETINGS AND DEBRIEFS

The inspectors verified no proprietary information was retained or documented in this report.

On February 22, 2022, the inspectors presented the cyber security inspection results to Mr. K. Nyberg, Director of Site Performance and Support and other members of the licensee staff.

DOCUMENTS REVIEWED

Inspection

Procedure

Type

Designation

Description or Title

Revision or

Date

01000060470

Acronis Backups on the Security Computer System

2/10/2022

501000003112

Cyber Kiosk Defense-in-Depth

09/27/2017

501000003132

CDA Media Sanitization

09/08/2017

501000015940

Wrong Level CDA Media

09/20/2018

501000030162

Media Cabinet Unlocked

07/29/2019

501000030182

Feeder Motor Protection Relay Missing

07/30/2019

501000041636

CSAT Evaluation of X-Ray

06/17/2020

501000058604

Unauthorized USB Media Used on CDA

11/23/2021

501000058844

FSA Cyber21-Review SecCompRm Door Access

2/06/2021

501000058971

Corrective Action: Cyber Security Vulnerabilities 2021-11

2/10/2021

501000058971

Condition Evaluation - November 2021 Vulnerabilities

01/06/2022

501000059900

Condition Evaluation - December 2021 Vulnerabilities

01/26/2022

Corrective Action

Documents

501000060137

Spare HGU Order Cancelled

01/27/2022

501000060470

2Cyber - Security Computer Backups

2/11/2022

501000060567

2Cyber - MM WO Lacking Parts Info

2/15/2022

501000060600

2Cyber - Acronis Backup Version on SCS

2/15/2022

501000060601

2Cyber - CP-FWL-07 CDA Assessment

2/15/2022

501000060668

2Cyber - CP-FWL-07 Control D4.3

2/17/2022

Corrective Action

Documents

Resulting from

Inspection

501000060669

2Cyber - CAS Printer Control D5.1

2/17/2022

M-124 NH-36250

High Pressure Coolant Injection System

Drawings

NX-8292-12-6

Shutdown HPCI System

1400858

AT-0175 Action Request Record Report - CYB SEC PLAN

D4.3 PASSWORD REQUIRMENTS

10/09/2016

1401049

AT-0175 Action Request Record Report - CYB SEC PLAN

D4.7 AUTHENTICATOR MGMT

11/23/2016

CASF DEV FEL-

MISC

Compliance Assessment Summary Form - Generator

Electrical

CASF DEV SEL-

HGU

Compliance Assessment Summary Form - Hand Geometry

Units

71130.10

Miscellaneous

CASF DEV SIN-

APU-20180406

Compliance Assessment Summary Form - Alarm Processing

Units

Inspection

Procedure

Type

Designation

Description or Title

Revision or

Date

CASF DEV SIN-

CAMERA-

210618

Compliance Assessment Summary Form - CCTV Cameras

CASF DEV SIN-

CRDR-20150527

Compliance Assessment Summary Form - Proximity Card

Readers

CASF DEV SIN-

IMUX-20210326

Compliance Assessment Summary Form - Security

Multiplexer

CASF DEV SIN-

KVM-20170911

Compliance Assessment Summary Form - Keyboard Video

Mouse Switch

CASF DEV SIN-

NS-20181112

Compliance Assessment Summary Form - Security Network

Switches

CASF DEV SIN-

PC-20210504

Compliance Assessment Summary Form - Security

Workstations

CASF DEV SIN-

SVR-20181112

Compliance Assessment Summary Form - Security

Computer System Servers

CASF DEV SIN-

VIDEO-20190111

Compliance Assessment Summary Form - CCTV Video

Equipment

CASF DEV-SIN-

CYBER-

20150916

Compliance Assessment Summary Form - Intrusion

Prevention / SIEM / NAS

Cyber Security

Test Description

FAT SCS-

CSTDF-202734

Addendum

Letter from Rockwell Collins

11/27/2017

Cyber Security

Test Description

FAT SCS-

CSTDF-

2734.01

AIM Security Computer Cyber Security Test Description

(FAT)

July 2014

CYBER-PLN

Xcel Energy, INC. Cyber Security Plan

PBD-KIOSK

Cyber Security Program Basis Document

SCS-CSTDF

2734.01

Security Computer System Hardening

07/01/2014

Inspection

Procedure

Type

Designation

Description or Title

Revision or

Date

SCS-VDD-

203217.08

Rockwell Collins Version Description Document

Switch Config

Switch Configurations of NS1 & NS2

2/15/2022

C.5-3302

Alternate Pressure Control

FG-IT-CSP-06-02

IT Cyber Administrative Maintenance Guide for Kiosk

FP-IT-CSP-05

Cyber Security Audit and Logging Procedure

FP-IT-CSP-06

Cyber Security Malicious Code Protection Procedure

FP-IT-CSP-07

Cyber Security Portable Computing Device Procedure

FP-IT-CSP-11

Cyber Security Incident and Response Procedure

FP-IT-CSP-16

Cyber Security Program Training Procedure

FP-IT-CSP-21

Cyber Security CDA Media Protection Procedure

FP-IT-CSP-22

Cyber Security Vulnerability Assessment Procedure

FP-IT-CSP-24

Cyber Security Ongoing Monitoring Procedure

FP-IT-CSP-25

Cyber Security CDA Management Procedure

FP-IT-CSP-31

Cyber Security Incident Response Exercise / Drill Procedure

FP-IT-CSP-65

Cyber Security CDA Access Control Procedure

FP-IT-SQA-01

Software Quality Assurance (SQA) Program

FP-IT-SQA-05

Computer Work Order

FP-IT-SQA-10

The Software Testing Phase

FP-SC-GEN-08

Supply Chain Requests

Procedures

FP-SC-WHS-07

Material Control

CWO-

611000000786

Computer Work Order - Implement SCS Final Configuration

03/27/2018

CWO-

611000001953

Computer Work Order

CWO-

611000002133

Computer Work Order

CWO-

611000003181

Computer Work Order - SCS VMWare Upgrade

2/25/2021

CWO-

611000003610

Monthly OCA Camera Cyber Maintenance

09/29/2021

Work Orders

CWO-

611000003618

Monthly OCA Camera Cyber Maintenance

11/24/2021

Inspection

Procedure

Type

Designation

Description or Title

Revision or

Date

CWO-

611000003716

Metadefender Core

2/21/2021

CWO-

611000003728

Metadefender Core

01/04/2022

CWO-SCS

611000001974

Service Pack 5

_SP5_

Implementation

Computer Work Order - Service Pack 5 (SP5)

Implementation

07/01/2019

WM-WO-0156

Noble Gas Monitor Work Order

04/23/2020

WO-00494225

Task 07

EC22668 Security Card Reader / IMUX Replacement

09/03/2014