|
---|
Category:Inspection Report
MONTHYEARIR 05000336/20234022024-01-30030 January 2024 Security Baseline Inspection Report 05000336/2023402 and 05000423/2023402 (Cover Letter Only) IR 05000336/20234402024-01-11011 January 2024 Special Inspection Report 05000336/2023440 and 05000423/2023440 (Cover Letter Only) IR 05000336/20230032023-11-0606 November 2023 Integrated Inspection Report 05000336/2023003 and 05000423/2023003 IR 05000336/20234202023-10-0404 October 2023 Security Inspection Report 05000336/2023420 and 05000423/2023420 IR 05000245/20230012023-09-19019 September 2023 Safstor Inspection Report 05000245/2023001 IR 05000336/20230102023-09-0808 September 2023 Commercial Grade Dedication Report 05000336/2023010 and 05000423/2023010 IR 05000336/20230052023-08-31031 August 2023 Updated Inspection Plan for Millstone Power Station, Units 2 and 3 (Report 05000336/2023005 and 05000423/2023005) IR 05000336/20230022023-08-0909 August 2023 Integrated Inspection Report 05000336/2023002 and 05000423/2023002 IR 05000336/20234012023-07-17017 July 2023 Material Control and Accounting Program Inspection Report 05000336/2023401 and 05000423/2023401 - (Cover Letter Only) IR 07200047/20234012023-06-0808 June 2023 NRC Independent Spent Fuel Storage Installation Security Inspection Report No. 07200047/2023401 IR 05000336/20230012023-05-0808 May 2023 Integrated Inspection Report 05000336/2023001 and 05000423/2023001 IR 05000336/20234032023-05-0202 May 2023 Public - Millstone Power Station, Units 2 and 3 Final Significance Determination of Green Finding; Inspection Report 05000336/2023403 and 05000423/2023403 IR 05000336/20233022023-03-0707 March 2023 Operator Licensing Retake Examination Report 05000336/2023302 IR 05000336/20220062023-03-0101 March 2023 Annual Assessment Letter for Millstone Power Station, Units 2 and 3 (Reports 05000336/2022006 and 05000423/2022006) IR 05000336/20220042023-02-13013 February 2023 Integrated Inspection Report 05000336/2022004 and 05000423/2022004 IR 05000336/20224012023-01-26026 January 2023 Security Baseline Inspection Report 05000336/2022401 and 05000423/2022401 and Preliminary Finding(S) of Greater than Very Low Significance and Apparent Violation(S) (Cover Letter Only) IR 05000245/20220012023-01-0909 January 2023 Safstor Inspection Report 05000245/2022001 IR 05000336/20224032023-01-0505 January 2023 Cyber Security Inspection Report 05000336/2022403 and 05000423/2022403 IR 05000336/20225012022-12-14014 December 2022 Reissued Emergency Preparedness Biennial Exercise Inspection Report 05000336/2022501 and 05000423/2022501 IR 05000336/20223012022-11-22022 November 2022 Initial Operator Licensing Examination Report 05000336/2022301 ML22325A1042022-11-21021 November 2022 Emergency Preparedness Biennial Exercise Inspection Report 05000336/2022501 and 05000423/2022501 IR 05000336/20220032022-11-14014 November 2022 Integrated Inspection Report 05000336/2022003 and 05000423/2022003 IR 05000336/20220102022-11-0101 November 2022 Biennial Problem Identification and Resolution Inspection Report 05000336/2022010 and 05000423/2022010 IR 05000336/20220112022-09-0808 September 2022 Triennial Fire Protection Inspection Report 05000336/2022011 and 05000423/2022011 IR 05000336/20220052022-08-31031 August 2022 Updated Inspection Plan for Millstone Power Station, Units 2 and 3 (Report 05000336/2022005 and 05000423/2022005) IR 05000336/20220022022-08-11011 August 2022 Integrated Inspection Report 05000336/2022002 and 05000423/2022002 IR 05000336/20224022022-05-23023 May 2022 Information Request for the Cyber Security Baseline Inspection, Notification to Perform Inspection 05000336/2022402 and 05000423/2022402 IR 05000336/20220012022-05-10010 May 2022 Integrated Inspection Report 05000336/2022001 and 05000423/2022001 IR 05000423/20223022022-03-0707 March 2022 Operator Licensing Retake Examination Report 05000423/2022302 IR 05000336/20210062022-03-0202 March 2022 Annual Assessment Letter for Millstone Power Station, Units 2 and 3 (Reports 05000336/2021006 and 05000423/2021006) IR 05000336/20210042022-02-10010 February 2022 Integrated Inspection Report 05000336/2021004 and 05000423/2021004 IR 05000336/20210112022-01-20020 January 2022 Post-Approval Site Inspection for License Renewal - Phase 4 Inspection Report 05000336/2021011 IR 05000336/20210032021-11-12012 November 2021 Integrated Inspection Report 05000336/2021003 and 05000423/2021003 IR 05000423/20213012021-11-10010 November 2021 Initial Operator Licensing Examination Report 05000423/2021301 IR 05000336/20210052021-09-0101 September 2021 Updated Inspection Plan for the Millstone Power Station, Units 2 and 3 (Report 05000336/2021005 and 05000423/2021005) IR 05000336/20210022021-08-0909 August 2021 Integrated Inspection Report 05000336/2021002 and 05000423/2021002 and Independent Spent Fuel Storage Installation Inspection Report 07200047/2021002 IR 05000245/20210012021-07-26026 July 2021 Safe Storage Inspection Report 05000245/2021001 IR 05000336/20215012021-06-23023 June 2021 Emergency Preparedness Biennial Exercise Inspection Report 05000336/2021501 and 05000423/2021501 IR 05000336/20210102021-05-17017 May 2021 Design Bases Assurance Inspection (Teams) Inspection Report 05000336/2021010 and 05000423/2021010 IR 05000336/20210012021-04-29029 April 2021 Integrated Inspection Report 05000336/2021001 and 05000423/2021001 IR 05000336/20214012021-03-25025 March 2021 Security Baseline Inspection Report 05000336/2021401 and 05000423/2021401 IR 05000336/20210122021-03-17017 March 2021 Temporary Instruction 2515/194 Inspection Report 05000336/2021012 and 05000423/2021012 IR 05000336/20200062021-03-0303 March 2021 Annual Assessment Letter for Millstone Power Station, Units 2 and 3 (Reports 05000336/2020006 and 05000423/2020006) IR 05000336/20200042021-02-0101 February 2021 Integrated Inspection Report 05000336/2020004 and 05000423/2020004 IR 05000336/20200122021-01-14014 January 2021 Biennial Problem Identification and Resolution Inspection Report 05000336/2020012 and 05000423/2020012 IR 05000336/20203012020-11-12012 November 2020 Initial Operator Licensing Examination Report 05000336/2020301 IR 05000336/20200032020-11-0202 November 2020 Integrated Inspection Report 05000336/2020003 and 05000423/2020003 and Independent Spent Fuel Storage Installation Inspection Report 07200047/2020001 IR 05000336/20204012020-10-14014 October 2020 Material Control and Accounting Program Inspection Report 05000336/2020401 and 05000423/2020401 (Cover Letter Only) IR 05000336/20204202020-10-14014 October 2020 Security Inspection Report 05000336/2020420 and 05000423/2020420 IR 05000336/20200052020-08-31031 August 2020 Updated Inspection Plan for Millstone Power Station, Units 2 and 3 (Inspection Report 05000336/2020005 and 05000423/2020005) 2024-01-30
[Table view] Category:Letter
MONTHYEARML24030A7522024-01-30030 January 2024 Technical Specification Bases Pages IR 05000336/20234022024-01-30030 January 2024 Security Baseline Inspection Report 05000336/2023402 and 05000423/2023402 (Cover Letter Only) ML23341A0172024-01-12012 January 2024 Issuance of Amendment No. 288 Revision to Applicability Term for Reactor Coolant System Heatup and Cooldown Pressure-Temperature Limitations Figures IR 05000336/20234402024-01-11011 January 2024 Special Inspection Report 05000336/2023440 and 05000423/2023440 (Cover Letter Only) ML24004A1052024-01-0404 January 2024 Request for Information for a Biennial Problem Identification and Resolution Inspection; Inspection Report 05000336/2024010 & 05000423/2024010 ML23361A0942023-12-21021 December 2023 Response to Request for Additional Information Regarding Proposed License Amendment Request to Revise Technical Specifications for Reactor Core Safety Limits, Fuel Assemblies and Core Operating Limits Report . ML23283A3052023-12-20020 December 2023 Review of Appendix F to DOM-NAF2, Qualification of the Framatome ORFEO-GAIA and ORFEO-NMGRID CHF Correlations in the Dominion Energy VIPRE-D Computer Code (EPID L-2022-LLT-0003) (Nonproprietary) ML23361A0312023-12-20020 December 2023 Intent to Pursue Subsequent License Renewal ML23352A0202023-12-18018 December 2023 Senior Reactor and Reactor Operator Initial License Examinations ML23334A2242023-11-30030 November 2023 Request for Exemption from Enhanced Weapons Firearms Background Checks, and Security Event Notifications Implementation ML23324A4222023-11-20020 November 2023 Reactor Vessel Internals Inspections Aging Management Program Submittal Related to License Renewal Commitment 13 ML23324A4302023-11-20020 November 2023 Alloy 600 Aging Management Program Submittal Related to License Renewal Commitment 15 ML23317A2702023-11-13013 November 2023 Core Operating Limits Report, Cycle 23 IR 05000336/20230032023-11-0606 November 2023 Integrated Inspection Report 05000336/2023003 and 05000423/2023003 ML23298A1652023-10-26026 October 2023 Requalification Program Inspection IR 05000336/20234202023-10-0404 October 2023 Security Inspection Report 05000336/2023420 and 05000423/2023420 ML23230A0502023-10-0202 October 2023 5 of the Quality Assurance Topical Report - Review of Program Changes ML23226A0052023-09-26026 September 2023 Issuance of Amendment No. 287 Supplement to Spent Fuel Pool Criticality Safety Analysis IR 05000245/20230012023-09-19019 September 2023 Safstor Inspection Report 05000245/2023001 IR 05000336/20230102023-09-0808 September 2023 Commercial Grade Dedication Report 05000336/2023010 and 05000423/2023010 IR 05000336/20230052023-08-31031 August 2023 Updated Inspection Plan for Millstone Power Station, Units 2 and 3 (Report 05000336/2023005 and 05000423/2023005) ML23248A2132023-08-30030 August 2023 Response to Request for Additional Information Regarding Proposed License Amendment Request to Revise the Applicability Term for Reactor Coolant System Heatup and Cooldown Pressure-Temperature. ML23242A0142023-08-30030 August 2023 Operator Licensing Examination Approval ML23223A0552023-08-18018 August 2023 Request for Withholding Information from Public Disclosure for License Amendment Request to Revise Technical Specifications for Reactor Core Safety Limits, Fuel Assemblies, and COLR Related to Framatome Gaia Fuel ML23223A0482023-08-18018 August 2023 Request for Withholding Information from Public Disclosure for License Amendment Request to Use Framatome Small Break and Realistic Large Break LOCA Evaluation Methodologies for Establishing COLR Limits IR 05000336/20230022023-08-0909 August 2023 Integrated Inspection Report 05000336/2023002 and 05000423/2023002 ML23188A0432023-07-31031 July 2023 Authorization and Safety Evaluation for Alternative Request No. IR-04-11 ML23208A0922023-07-26026 July 2023 Request for Approval of Appendix F of Fleet Report DOM-NAF-2-P Qualification of Framatome ORFEO-GAIA and OORFE-NMGRID CHF Correlations in the Dominion Energy Vipre-D Computer Code Response ML23188A0202023-07-26026 July 2023 Closeout of Generic Letter 2004-02, Potential Impact of Debris Blockage on Emergency Recirculation During Design Basis Accidents at Pressurized-Water Reactors ML23207A1102023-07-26026 July 2023 NRC Regulatory Issues Summary 2023-01 Preparation and Scheduling of Operator Licensing Examinations IR 05000336/20234012023-07-17017 July 2023 Material Control and Accounting Program Inspection Report 05000336/2023401 and 05000423/2023401 - (Cover Letter Only) ML23175A0052023-07-12012 July 2023 Alternative Request P-07 for Pump Periodic Verification Testing Program for Containment Recirculation Spray System Pumps ML23193A8562023-06-28028 June 2023 Submittal of Updates to the Final Safety Analysis Reports ML23178A1682023-06-26026 June 2023 2022 Annual Report of Emergency Core Cooling System (ECCS) Model Changes Pursuant to the Requirements of 10 CFR 50.46 ML23153A1732023-06-16016 June 2023 Correction to Amendment Nos. 346 & 286 Millstone, 294 & 277 North Anna, 311 & 311 Surry, and 225 Summer to Revise Technical Specifications to Adopt TSTF-554,Rev Reactor Coolant Leakage Requirement ML23151A0742023-06-12012 June 2023 Review of the Spring 2022 Steam Generator Tube Inspection Report ML23159A2202023-06-0808 June 2023 Associated Independent Spent Fuel Storage Installation Revision to Emergence Plan - Report of Changes IR 07200047/20234012023-06-0808 June 2023 NRC Independent Spent Fuel Storage Installation Security Inspection Report No. 07200047/2023401 2024-01-04
[Table view] |
Text
January 5, 2023
SUBJECT:
MILLSTONE POWER STATION, UNITS 2 AND 3 - CYBER SECURITY INSPECTION REPORT 05000336/2022403 AND 05000423/2022403
Dear Daniel Stoddard:
On December 9, 2022, the U.S. Nuclear Regulatory Commission (NRC) completed an inspection at Millstone Power Station, Units 2 and 3 and discussed the results of this inspection with William Bessette, Acting Plant Manager and other members of your staff. The results of this inspection are documented in the enclosed report.
No findings or violations of more than minor significance were identified during this inspection.
This letter, its enclosure, and your response (if any) will be made available for public inspection and copying at http://www.nrc.gov/reading-rm/adams.html and at the NRC Public Document Room in accordance with Title 10 of the Code of Federal Regulations 2.390, Public Inspections, Exemptions, Requests for Withholding.
Sincerely, Digitally signed by Glenn T.
Dentel Glenn T. Dentel Date: 2023.01.05 14:01:45-05'00'
Glenn T. Dentel, Chief Engineering Branch 2 Division of Operating Reactor Safety Docket Nos. 05000336 and 05000423 License Nos. DPR-65 and NPF-49
Enclosure:
As stated
Inspection Report
Docket Numbers: 05000336 and 05000423 License Numbers: DPR-65 and NPF-49 Report Numbers: 05000336/2022403 and 05000423/2022403 Enterprise Identifier: I-2022-403-0031 Licensee: Dominion Energy Nuclear Connecticut, Inc.
Facility: Millstone Power Station, Units 2 and 3 Location: P.O. Box 128, Waterford, CT 06385 Inspection Dates: December 5, 2022 to December 9, 2022 Inspectors: C. Hobbs, Reactor Inspector, Team Leader L. Manning, Information Systems Security Analyst M. Patel, Senior Reactor Inspector C. Priester, Cyber Security Contractor Observers: K. Lawson-Jenkins, IT Specialist (NSIR/CSB)
J. Rady, Senior Reactor Inspector Approved By: Glenn T. Dentel, Chief Engineering Branch 2 Division of Operating Reactor Safety Enclosure
SUMMARY
The U.S. Nuclear Regulatory Commission (NRC) continued monitoring the licensees performance by conducting a cyber security inspection at Millstone Power Station, Units 2 and 3, in accordance with the Reactor Oversight Process. The Reactor Oversight Process is the NRCs program for overseeing the safe operation of commercial nuclear power reactors. Refer to https://www.nrc.gov/reactors/operating/oversight.html for more information.
List of Findings and Violations
No findings or violations of more than minor significance were identified.
Additional Tracking Items
None.
INSPECTION SCOPES
Inspections were conducted using the appropriate portions of the inspection procedures (IPs) in effect at the beginning of the inspection unless otherwise noted. Currently approved IPs with their attached revision histories are located on the public website at http://www.nrc.gov/reading-rm/doc-collections/insp-manual/inspection-procedure/index.html. Samples were declared complete when the IP requirements most appropriate to the inspection activity were met consistent with Inspection Manual Chapter (IMC) 2201, Security Inspection Program for Commercial Nuclear Power Reactors. The inspectors reviewed selected procedures and records, observed activities, and interviewed personnel to assess licensee performance and compliance with Commission rules and regulations, license conditions, site procedures, and standards.
SAFEGUARDS
Cybersecurity (1 Sample)
- (1) The inspectors reviewed implementation of Millstone's Cyber Security Plan and focused on evaluating changes to the program, critical systems, and critical digital assets. The following IP sections were completed and constitute completion of one sample:
- 03.01, Review Ongoing Monitoring and Assessment Activities
- 03.02, Verify Defense-in-Depth Protective Strategies
- 03.03, Review of Configuration Management Change Control
- 03.05, Evaluation of Corrective Actions In addition to the systems and programs that have been added or modified since the last cyber security inspection, the following systems were selected for inspection:
- System 2721, Plant Security System - Common (Security)
- System 2415, Inadequate Core Cooling System (ICCS) - Unit 2 (Safety Related)
- System 3346C, Station Blackout Diesel (SBO) - Unit 3 (Important to Safety)
- System 3410A, Saturation Monitoring (Incore Thermocouples) - Unit 3 (Safety Related)
INSPECTION RESULTS
No findings were identified.
EXIT MEETINGS AND DEBRIEFS
The inspectors verified no proprietary information was retained or documented in this report.
- On December 9, 2022, the inspectors presented the cyber security inspection results to William Bessette, Acting Plant Manager and other members of the licensee staff.
DOCUMENTS REVIEWED
Inspection Type Designation Description or Title Revision or
Procedure Date
71130.10 Corrective Action CR 1210808 Unable to Perform Cyber Security Procedure as Written 10/20/2022
Documents CR 1211802 Cyber Security - Data Diode Baseline Configuration not 11/02/2022
Transmitted to Records
CR 1212344 Cyber Security - Counterfeit or Fraudulent Cisco Equipment 11/08/2022
CR 1212376 Cyber Security - WOs Needed to walkdown CDAs and 11/08/2022
Update Gaps in Vulnerability Assessment Tool
CR 1213003 Cyber Security - CSIRT Activation 11/15/2022
Corrective Action CR 1214247 Cyber Security - SBO Computer Panel Lock Configuration 12/01/2022
Documents Not Maintained
Resulting from CR 1214551 Cyber Security Inspection - Inaccuracy in MP-REPORT- 12/05/2022
Inspection SCA-MP2-2415-Terminal Server
CR 1214639 Cyber Security Inspection - Warehouse Pallet X-Ray 12/06/2022
Observation
CR 1214642 Cyber Security Inspection - Cyber Security Kiosk NRC 12/06/2022
Observation
CR 1214671 Cyber Security Inspection - SBO Diesel Keys 12/07/2022
CR 1214748 Cyber Security Inspection - CSIRT Drill Observation 12/07/2022
CR 1214833 NRC Identified: Key Issue Not Documented in Key Issue Log 12/08/2022
CR 1214854 Cyber Security Inspection - Password Changes for 12/08/2022
Personnel Transfers, NRC Observation
CR 1214856 Cyber Security Inspection - Alternate Periodicities for Cyber 12/08/2022
Security Controls, NRC Observation
CR 1214909 Cyber Security Inspection - NRC Observation for SCM / 12/09/2022
Cyber Procedure Improvements
Engineering PDCR 89-015 Millstone Unit 3, System No. 3410A, Inadequate Core Revision 0
Changes Cooling System (ICCS) - Software Modification for Broadcast
Mode
Engineering MP-REPORT- Cyber Security Controls Assessment - MP3 ICCMS / RVLMS 08/24/2017
Evaluations CBF-MP3-3410-
ICCMS
MP-REPORT- Cyber Security Controls Assessment - MP2 Inadequate Core 11/03/2017
SCA-MP2-2415- Colling Monitoring System Terminal Server
Inspection Type Designation Description or Title Revision or
Procedure Date
Terminal Server
MP-REPORT- Cyber Security Controls Assessment - MP3 SBO Diesel HSI 07/24/2019
SCA-MP3-3346C- computer
Computer-HSI
MP-REPORT- Cyber Security Controls Assessment - MP3 SBO Diesel 10/20/2017
SCA-MP3-3346C- Control Logix PLC
Controller-PLC
MP-REPORT- Cyber Security Controls Assessment - MP3 ICCMS / RVLIS 09/26/2018
SCA-MP3-3410-
Computer
MP-REPORT- Cyber Security Controls Assessment - Millstone Security 07/22/2020
SCA-MPS-2721- Computer X-Field Processor
IDS-XFIELD
MP-REPORT- Cyber Security Controls Assessment - Millstone Intake 07/15/2021
SCA-MPS-2721- Structure Security Network ISS Switch
ISS-SWITCH
Miscellaneous Lesson Plan MP3 Operator Training - Inadequate Core Cooling Monitor / Revision 4
ICC017C Reactor Vessel Level Monitoring System
Procedures CM-AA-CYB-10 Cyber Security Program Revision 3
ER-AA-102 Preventive Maintenance Program Revision 16
IT-AA-CYB-101 Cyber Security Configuration Control Revision 5
IT-AA-CYB-102 Nuclear Cyber Security Incident Response and Recovery Revision 6
IT-AA-CYB-103 Cyber Security Critical Digital Asset Identification Revision 8
IT-AA-CYB-106 Control and Protection of Portable Media Devices Revision 9
IT-AA-CYB-108 Cyber Security Controls Analysis Revision 8
IT-AA-CYB-113 Cyber Security Identification and Authentication Revision 4
IT-AA-CYB-118 Cyber Security Systems and Services Acquisition Revision 2
IT-AA-CYB-121 Cyber Security Risk Assessment and Patch Management Revision 2
IT-AA-CYB-125 Cyber Security Incident Response Drill Revision 1
MP-14-OPS- Operations Key Control Revision 1
FAP400.KEY
MS-AA-CYB-201 SCM Generation Cyber Security Revision 1
OP 3353.MB4C Millstone Unit 3 - Main Board 4C Annunciator Response Revision 25
SY-AA-120-XRAY X-Ray Search and Screening Revision 12
Inspection Type Designation Description or Title Revision or
Procedure Date
Work Orders 53203256609 06/17/2021
203314812 01/03/2022
203320322 03/02/2022
203337632 06/30/2022
203358452 11/26/2022
6