Text

Joseph M Farley Nuclear Plant - Cyber Security Inspection Report 05000348/2024402 and 05000364/2024402
	ML24347A237
Person / Time
Site:	Farley
Issue date:	12/13/2024
From:	Daniel Bacon; Division of Operating Reactors
To:	Dean E; Southern Nuclear Operating Co
References
	IR 2024402
	Download: ML24347A237 (9)
	v • d • e

SUBJECT:

JOSEPH M. FARLEY NUCLEAR PLANT - CYBER SECURITY INSPECTION REPORT 05000348/2024402 AND 05000364/2024402

Dear Edwin Dean:

On December 5, 2024, the U.S. Nuclear Regulatory Commission (NRC) completed a cyber-security inspection at Joseph M. Farley Nuclear Plant and discussed the results of this inspection with Mr. Josh Carroll and other members of your staff. The results of this inspection are documented in the enclosed report.

No findings or violations of more-than-minor significance were identified during this inspection.

This letter, its enclosure, and your response (if any) will be made available for public inspection and copying at http://www.nrc.gov/reading-rm/adams.html and at the NRC Public Document Room in accordance with Title 10 of the Code of Federal Regulations 2.390, Public Inspections, Exemptions, Requests for Withholding.

Sincerely, Daniel M. Bacon, Chief Engineering Branch 2 Division of Operating Reactor Safety Docket Nos. 05000348 and 05000364 License Nos. NPF-2 and NPF-8

Enclosure:

As stated

Inspection Report

Docket Numbers:

05000348 and 05000364

License Numbers:

NPF-2 and NPF-8

Report Numbers:

05000348/2024402 and 05000364/2024402

Enterprise Identifier:

I-2024-402-0040

Licensee:

Southern Nuclear Operating Co., Inc.

Facility:

Joseph M. Farley Nuclear Plant

Location:

Columbia, AL

Inspection Dates:

December 02, 2024 to December 05, 2024

Inspectors:

T. Coleman, Cyber Contractor

J. Hartman, Cyber Contractor

W. Monk, Senior Reactor Inspector (Team Lead)

Approved By:

Daniel M. Bacon, Chief

Engineering Branch 2

Division of Operating Reactor Safety

SUMMARY

The U.S. Nuclear Regulatory Commission (NRC) continued monitoring the licensees performance by conducting a cyber security inspection at Joseph M. Farley Nuclear Plant, in accordance with the Reactor Oversight Process. The Reactor Oversight Process is the NRCs program for overseeing the safe operation of commercial nuclear power reactors. Refer to https://www.nrc.gov/reactors/operating/oversight.html for more information.

List of Findings and Violations

No findings or violations of more-than-minor significance were identified.

Additional Tracking Items

None.

INSPECTION SCOPES

Inspections were conducted using the appropriate portions of the inspection procedures (IPs) in effect at the beginning of the inspection unless otherwise noted. Currently approved IPs with their attached revision histories are located on the public website at http://www.nrc.gov/reading-rm/doc-collections/insp-manual/inspection-procedure/index.html. Samples were declared complete when the IP requirements most appropriate to the inspection activity were met consistent with Inspection Manual Chapter (IMC) 2201, Security Inspection Program for Commercial Nuclear Power Reactors. The inspectors reviewed selected procedures and records, observed activities, and interviewed personnel to assess licensee performance and compliance with Commission rules and regulations, license conditions, site procedures, and industry standards.

SAFEGUARDS

71130.10 - Cybersecurity

The inspectors reviewed implementation of Farley Nuclear Plants Cyber Security Plan (CSP) and focused on evaluating changes to the program, selected critical systems, and CDAs.

Cybersecurity (1 Sample)

(1) The following IP sections were completed and constitute completion of 1 sample:

03.01, Review Ongoing Monitoring and Assessment Activities

03.02, Verify Defense-in-Depth Protective Strategies

03.03, Review of Configuration Management Change Control

03.05, Evaluation of Corrective Actions In addition to the systems and programs that have been added or modified since the last cyber security inspection, the following critical systems and engineering changes were selected for inspection.

Critical Systems:

C23, Turbine Control System (1 CDA)

C41, Plant Computer System (5 CDAs)

P45, Plant Security System (7 CDAs)

R59, Security Emergency Diesel Generator System (1 CDA)

Engineering Changes:

SNC 1083455 - Ovation Upgrade, U2 7300 Control Replacement and SGFP Speed Control System

SNC 1499912 - U1&2 Digital Gateway Upgrade Boundary Isolation Device

SNC 1167383 - Replace Security X-Ray Machines

SNC 1091429 - DRPI ADS or DADS

INSPECTION RESULTS

No findings were identified.

EXIT MEETINGS AND DEBRIEFS

The inspectors verified no proprietary information was retained or documented in this report.

On December 5, 2024, the lead inspector presented the Cyber Security Inspection Exit Meeting results to Mr. Josh Carroll, Acting Plant Manager and other members of the licensee staff.

THIRD PARTY REVIEWS No third-party reports were reviewed during the inspection period.

DOCUMENTS REVIEWED

Inspection

Procedure

Type

Designation

Description or Title

Revision or

Date

CR 10868065

22 Cyber Security Inspection Issue

03/21/2022

CR 10868974

22 Cyber Security Inspection Gap Identified

03/24/2022

CR 11089847

24 Cyber Security Program CISA - Controls Deficiency

07/01/2024

CR 11089854

24 Cyber Security Program CISA - Controls Deficiency

07/01/2024

CR 11099698

24 Cyber Security Program CISA Deficiency

08/07/2024

CR 11106721

Cyber Security Boundary Device Component Failure

08/30/2024

Corrective Action

Documents

CR 11161226

Cyber Security CSIRT Drill Gap

09/03/2024

CR 11133234

24 NRC Cyber Security Observation

2/05/2024

CR 11133236

24 NRC Cyber Security Observation

2/05/2024

CR 11133238

24 NRC Cyber Security Observation

2/05/2024

Corrective Action

Documents

Resulting from

Inspection

CR 11133272

24 NRC Cyber Security Observation

2/05/2024

Farley Cyber Security Network Pathways

Rev. 3

Drawings

Farley Cyber Security Network Pathways Future State

Rev. 1

SNC 1083455

OVATION UPGRADE

Rev. 1

SNC 1091429

DRPI ADS or DADS

Rev. 1

SNC 1167383

Replace Security X-Ray Machines

09/23/2024

Engineering

Changes

SNC 1499912

DIGITAL GATEWAY UPGRADE

Rev. 1

Engineering

Evaluations

TE 1151159

Warehouse A CDA Storage Evaluation

04/01/2024

CDA-FNP-2C23-

2

CRITICAL DIGITAL ASSET (CDA) FUNCTIONAL GROUP

ASSESSMENT - OSC - SIEM

Rev. 1.2

CDA-FNP-2C25-

001

CRITICAL DIGITAL ASSET (CDA) FUNCTIONAL GROUP

ASSESSMENT - OVATION CONTROL SYSTEM

Rev. 3

CDA-FNP-SP45-

011

CRITICAL DIGITAL ASSET (CDA) FUNCTIONAL GROUP

ASSESSMENT CYBER SECURITY LEVEL 4: 2

BOUNDARY ISOLATION DEVICE

Rev. 2

CDA-FNP-SP45-

2

CRITICAL DIGITAL ASSET (CDA) FUNCTIONAL GROUP

ASSESSMENT LEVEL 3 BID

Rev. 5.1

NMP-GM-014-004-

F01

24 CSIRT Drill - Plant Farley

09/11/2024

71130.10

Miscellaneous

NMP-GM-014-004-

23 CSIRT Drill - Plant Farley

08/28/2023

Inspection

Procedure

Type

Designation

Description or Title

Revision or

Date

F01

NMP-GM-014-004-

F01

22 CSIRT Drill - Plant Farley

09/20/2022

NMP-GM-014-020-

F04

Kiosk Control Group Baseline

Rev. 1

NMP-GM-014-020-

F04

Kiosk Control Group Baseline

Rev. 1

SNC1167383J001

CDA Functional Group Assessment CDA-FNP-SP45-003

Rev. 2

SNC1410148W004

CRITICAL DIGITAL ASSET (CDA) FUNCTIONAL GROUP

ASSESSMENT LEVEL 4 BID

Rev. 1

SNC1499912J104

CDA Functional Group Assessment

CDA-FNP-1P45-001

10/14/2024

SNC1499912J105

CDA Functional Group Assessment CDA-FNP-2P45-001

10/14/2024

SNC1499912J106

CDA Functional Group Assessment CDA-FNP-SP45-012

10/14/2024

SNC1499912J107

CDA Functional Group Assessment CDA-FNP-SC41-004

10/14/2024

NMP-GM-014

SECURITY CONTROL IMPLEMENTATION STRATEGY

(SCIS) FOR TECHNICAL CONTROLS

Rev. 10

NMP-GM-014-009

Cyber Security Procurement Requirements

Rev. 8.4

NMP-GM-014-010

CDA Access Control

Rev. 8.8

NMP-GM-014-015

CDA AUDIT AND ACCOUNTABILITY

Rev. 7.4

NMP-GM-014-015-

F01

CDA AUDIT AND ACCOUNTABILITY REVIEW

Rev. 2

NMP-GM-014-015-

F02

CDA AUDIT CONFIGURATION

Rev. 1.2

NMP-GM-014-018

CDA VULNERABILITY MANAGEMENT

Rev. 10.7

NMP-GM-014-019

CDA CONFIGURATION MANAGEMENT AND CYBER

HARDENING CONTROLS

Rev. 3

NMP-GM-014-020

CONTROL OF PORTABLE MEDIA AND MOBILE

DEVICES

Rev. 12

NMP-GM-014-020-

F01

PORTABLE MEDIA OR MOBILE DEVICE (PMMD) USE

FORM

Rev. 10

NMP-GM-014-020-

F02

PMMD AUTHORIZATION FORM

Rev. 5

Procedures

NMP-GM-014-

CYBER SECURITY DEFENSIVE STRATEGY GUIDELINE

Rev. 7

Inspection

Procedure

Type

Designation

Description or Title

Revision or

Date

GL01

NMP-GM-014-

GL02

SECURITY CONTROL IMPLEMENTATION STRATEGY

(SCIS) FOR TECHNICAL CONTROLS

Rev. 10.3

NMP-GM-014-

GL05

ROGUE WIRELESS ACCESS POINT SCANNING

GUIDELINE

Rev. 1.3

Self-Assessments TE 1131216

Pre NRC Inspection CISA - Cyber Security

09/01/2024

IR 05000348/2024402

Text

SUBJECT:

Dear Edwin Dean:

Enclosure:

Inspection Report

SUMMARY

List of Findings and Violations

Additional Tracking Items

INSPECTION SCOPES

SAFEGUARDS

71130.10 - Cybersecurity

Cybersecurity (1 Sample)

INSPECTION RESULTS

EXIT MEETINGS AND DEBRIEFS

DOCUMENTS REVIEWED

Navigation menu

v t e Inspection Report - Farley - 2024402 (Security)
80 \| 81 \| 82 \| 83 \| 84 \| 85 \| 86 \| 87 \| 88 \| 89 \| 90 \| 91 \| 92 \| 93 \| 94 \| 95 \| 96 \| 97 \| 98 \| 99 00 \| 01 \| 02 \| 03 \| 04 \| 05 \| 06 \| 07 \| 08 \| 09 \| 10 \| 11 \| 12 \| 13 \| 14 \| 15 \| 16 \| 17 \| 18 \| 19 \| 20 \| 21 \| 22 \| 23 \| 24 \| 25 \| 26 \|
2024 Quarterly Integrated 1Q (0) 2Q (0) 3Q (0) 4Q (0) Assessments Mid Cycle End of Cycle 10(0) 11(0) 12(0) Security 401(0) 402(0) 403(0) Operator Exams Emergency Planning Other

IR 05000348/2024402

Text

SUBJECT:

Dear Edwin Dean:

Enclosure:

Inspection Report

SUMMARY

List of Findings and Violations

Additional Tracking Items

INSPECTION SCOPES

SAFEGUARDS

71130.10 - Cybersecurity

Cybersecurity (1 Sample)

INSPECTION RESULTS

EXIT MEETINGS AND DEBRIEFS

DOCUMENTS REVIEWED

Navigation menu

Search