IR 05000263/2022401
| ML22083A184 | |
| Person / Time | |
|---|---|
| Site: | Monticello  |
| Issue date: | 03/28/2022 |
| From: | Richard Skokowski Engineering Branch 3 |
| To: | Domingos C Northern States Power Company, Minnesota |
| References | |
| IR 2022401 | |
| Download: ML22083A184 (9) | |
Text
SUBJECT:
MONTICELLO NUCLEAR GENERATING PLANT-CYBER SECURITY INSPECTION REPORT 05000263/2022401
Dear Mr. Domingos:
On February 22, 2022, the U.S. Nuclear Regulatory Commission (NRC) completed an inspection at Monticello Nuclear Generating Plant and discussed the results of this inspection with Mr. K. Nyberg, Director of Site Performance and Support and other members of your staff.
The results of this inspection are documented in the enclosed report.
No findings or violations of more than minor significance were identified during this inspection.
This letter, its enclosure, and your response (if any) will be made available for public inspection and copying at http://www.nrc.gov/reading-rm/adams.html and at the NRC Public Document Room in accordance with Title 10 of the Code of Federal Regulations 2.390, Public Inspections, Exemptions, Requests for Withholding.
Sincerely, Richard A. Skokowski, Chief Engineering Branch 3 Division of Reactor Safety Docket No. 05000263 License No. DPR-22
Enclosure:
As stated
Inspection Report
Docket Number:
05000263
License Number:
Report Number:
Enterprise Identifier:
I-2022-401-0023
Licensee:
Northern States Power Company, Minnesota
Facility:
Monticello Nuclear Generating Plant
Location:
Monticello, MN
Inspection Dates:
February 14, 2022 to February 18, 2022
Inspectors:
A. Dahbur, Senior Reactor Inspector
J. Gilliam, Senior Reactor Inspector
A. Prada, Cyber Security Analyst (Contractor)
C. Priester, Cyber Security Analyst (Contractor)
Approved By:
Richard A. Skokowski, Chief
Engineering Branch 3
Division of Reactor Safety
SUMMARY
The U.S. Nuclear Regulatory Commission (NRC) continued monitoring the licensees performance by conducting a cyber security inspection at Monticello Nuclear Generating Plant, in accordance with the Reactor Oversight Process. The Reactor Oversight Process is the NRCs program for overseeing the safe operation of commercial nuclear power reactors. Refer to https://www.nrc.gov/reactors/operating/oversight.html for more information.
List of Findings and Violations
No findings or violations of more than minor significance were identified.
Additional Tracking Items
None.
INSPECTION SCOPES
Inspections were conducted using the appropriate portions of the inspection procedures (IPs) in effect at the beginning of the inspection unless otherwise noted. Currently approved IPs with their attached revision histories are located on the public website at http://www.nrc.gov/reading-rm/doc-collections/insp-manual/inspection-procedure/index.html. Samples were declared complete when the IP requirements most appropriate to the inspection activity were met consistent with Inspection Manual Chapter (IMC) 2201, Security Inspection Program for Commercial Nuclear Power Reactors. The inspectors reviewed selected procedures and records, observed activities, and interviewed personnel to assess licensee performance and compliance with Commission rules and regulations, license conditions, site procedures, and standards.
SAFEGUARDS
71130.10 - Cybersecurity
The inspectors reviewed implementation of Monticello Generating Plants Cyber Security Plan (CSP) and focused on evaluating changes to the program, critical systems, and Critical Digital Assets (CDAs).
Cybersecurity (1 Sample)
- (1) The following IP sections were completed and constitute completion of 1 sample:
-
03.01, Review Ongoing Monitoring and Assessment Activities
-
03.02, Verify Defense-in-Depth Protective Strategies
-
03.03, Review of Configuration Management Change Control
-
03.04, Review of Cyber Security Program
-
03.05, Evaluation of Corrective Actions In addition to the systems and programs that have been added or modified since the last cyber security inspection, the following systems were selected for inspection.
Unit 1
-
CMP-Computer, Important-to-Safety
-
HPC-High Pressure Coolant Injection, Safety-Related
-
SIN-Security Instrumentation, Security
-
SEL-Security Facility Electrical, Security
INSPECTION RESULTS
No findings were identified.
EXIT MEETINGS AND DEBRIEFS
The inspectors verified no proprietary information was retained or documented in this report.
On February 22, 2022, the inspectors presented the cyber security inspection results to Mr. K. Nyberg, Director of Site Performance and Support and other members of the licensee staff.
DOCUMENTS REVIEWED
Inspection
Procedure
Type
Designation
Description or Title
Revision or
Date
01000060470
Acronis Backups on the Security Computer System
2/10/2022
501000003112
Cyber Kiosk Defense-in-Depth
09/27/2017
501000003132
CDA Media Sanitization
09/08/2017
501000015940
Wrong Level CDA Media
09/20/2018
501000030162
Media Cabinet Unlocked
07/29/2019
501000030182
Feeder Motor Protection Relay Missing
07/30/2019
501000041636
CSAT Evaluation of X-Ray
06/17/2020
501000058604
Unauthorized USB Media Used on CDA
11/23/2021
501000058844
FSA Cyber21-Review SecCompRm Door Access
2/06/2021
501000058971
Corrective Action: Cyber Security Vulnerabilities 2021-11
2/10/2021
501000058971
Condition Evaluation - November 2021 Vulnerabilities
01/06/2022
501000059900
Condition Evaluation - December 2021 Vulnerabilities
01/26/2022
Corrective Action
Documents
501000060137
Spare HGU Order Cancelled
01/27/2022
501000060470
2Cyber - Security Computer Backups
2/11/2022
501000060567
2Cyber - MM WO Lacking Parts Info
2/15/2022
501000060600
2Cyber - Acronis Backup Version on SCS
2/15/2022
501000060601
2Cyber - CP-FWL-07 CDA Assessment
2/15/2022
501000060668
2Cyber - CP-FWL-07 Control D4.3
2/17/2022
Corrective Action
Documents
Resulting from
Inspection
501000060669
2Cyber - CAS Printer Control D5.1
2/17/2022
M-124 NH-36250
High Pressure Coolant Injection System
Drawings
NX-8292-12-6
Shutdown HPCI System
1400858
AT-0175 Action Request Record Report - CYB SEC PLAN
D4.3 PASSWORD REQUIRMENTS
10/09/2016
1401049
AT-0175 Action Request Record Report - CYB SEC PLAN
D4.7 AUTHENTICATOR MGMT
11/23/2016
CASF DEV FEL-
MISC
Compliance Assessment Summary Form - Generator
Electrical
CASF DEV SEL-
HGU
Compliance Assessment Summary Form - Hand Geometry
Units
Miscellaneous
CASF DEV SIN-
APU-20180406
Compliance Assessment Summary Form - Alarm Processing
Units
Inspection
Procedure
Type
Designation
Description or Title
Revision or
Date
CASF DEV SIN-
CAMERA-
210618
Compliance Assessment Summary Form - CCTV Cameras
CASF DEV SIN-
CRDR-20150527
Compliance Assessment Summary Form - Proximity Card
Readers
CASF DEV SIN-
IMUX-20210326
Compliance Assessment Summary Form - Security
Multiplexer
CASF DEV SIN-
KVM-20170911
Compliance Assessment Summary Form - Keyboard Video
Mouse Switch
CASF DEV SIN-
NS-20181112
Compliance Assessment Summary Form - Security Network
Switches
CASF DEV SIN-
PC-20210504
Compliance Assessment Summary Form - Security
Workstations
CASF DEV SIN-
SVR-20181112
Compliance Assessment Summary Form - Security
Computer System Servers
CASF DEV SIN-
VIDEO-20190111
Compliance Assessment Summary Form - CCTV Video
Equipment
CASF DEV-SIN-
CYBER-
20150916
Compliance Assessment Summary Form - Intrusion
Prevention / SIEM / NAS
Test Description
FAT SCS-
CSTDF-202734
Addendum
Letter from Rockwell Collins
11/27/2017
Test Description
FAT SCS-
CSTDF-
2734.01
AIM Security Computer Cyber Security Test Description
(FAT)
July 2014
CYBER-PLN
Xcel Energy, INC. Cyber Security Plan
PBD-KIOSK
Cyber Security Program Basis Document
SCS-CSTDF
2734.01
Security Computer System Hardening
07/01/2014
Inspection
Procedure
Type
Designation
Description or Title
Revision or
Date
SCS-VDD-
203217.08
Rockwell Collins Version Description Document
Switch Config
Switch Configurations of NS1 & NS2
2/15/2022
C.5-3302
Alternate Pressure Control
FG-IT-CSP-06-02
IT Cyber Administrative Maintenance Guide for Kiosk
FP-IT-CSP-05
Cyber Security Audit and Logging Procedure
FP-IT-CSP-06
Cyber Security Malicious Code Protection Procedure
FP-IT-CSP-07
Cyber Security Portable Computing Device Procedure
FP-IT-CSP-11
Cyber Security Incident and Response Procedure
FP-IT-CSP-16
Cyber Security Program Training Procedure
FP-IT-CSP-21
Cyber Security CDA Media Protection Procedure
FP-IT-CSP-22
Cyber Security Vulnerability Assessment Procedure
FP-IT-CSP-24
Cyber Security Ongoing Monitoring Procedure
FP-IT-CSP-25
Cyber Security CDA Management Procedure
FP-IT-CSP-31
Cyber Security Incident Response Exercise / Drill Procedure
FP-IT-CSP-65
Cyber Security CDA Access Control Procedure
FP-IT-SQA-01
Software Quality Assurance (SQA) Program
FP-IT-SQA-05
Computer Work Order
FP-IT-SQA-10
The Software Testing Phase
FP-SC-GEN-08
Supply Chain Requests
Procedures
FP-SC-WHS-07
Material Control
CWO-
611000000786
Computer Work Order - Implement SCS Final Configuration
03/27/2018
CWO-
611000001953
Computer Work Order
CWO-
611000002133
Computer Work Order
CWO-
611000003181
Computer Work Order - SCS VMWare Upgrade
2/25/2021
CWO-
611000003610
Monthly OCA Camera Cyber Maintenance
09/29/2021
Work Orders
CWO-
611000003618
Monthly OCA Camera Cyber Maintenance
11/24/2021
Inspection
Procedure
Type
Designation
Description or Title
Revision or
Date
CWO-
611000003716
Metadefender Core
2/21/2021
CWO-
611000003728
Metadefender Core
01/04/2022
CWO-SCS
611000001974
Service Pack 5
_SP5_
Implementation
Computer Work Order - Service Pack 5 (SP5)
Implementation
07/01/2019
WM-WO-0156
Noble Gas Monitor Work Order
04/23/2020
Task 07
EC22668 Security Card Reader / IMUX Replacement
09/03/2014