IR 05000369/2024403
| ML24206A236 | |
| Person / Time | |
|---|---|
| Site: | McGuire, Mcguire  (NPF-009, NPF-017) |
| Issue date: | 07/25/2024 |
| From: | Daniel Bacon NRC/RGN-II/DRS/EB2 |
| To: | Pigott E Duke Energy Carolinas |
| References | |
| IR 2024403 | |
| Download: ML24206A236 (6) | |
Text
SUBJECT:
MCGUIRE NUCLEAR STATION, UNITS 1 & 2 - CYBER SECURITY INSPECTION REPORT 05000369/2024403 AND 05000370/2024403
Dear Edward Pigott:
On June 27, 2024, the U.S. Nuclear Regulatory Commission (NRC) completed an inspection at McGuire Nuclear Station, Units 1 & 2 and discussed the results of this inspection with you and other members of your staff. The results of this inspection are documented in the enclosed report.
No findings or violations of more than minor significance were identified during this inspection.
This letter, its enclosure, and your response (if any) will be made available for public inspection and copying at http://www.nrc.gov/reading-rm/adams.html and at the NRC Public Document Room in accordance with Title 10 of the Code of Federal Regulations 2.390, Public Inspections, Exemptions, Requests for Withholding.
Sincerely, Daniel M. Bacon, Chief Engineering Branch 2 Division of Reactor Safety Docket Nos. 05000369 and 05000370 License Nos. NPF-9 and NPF-17
Enclosure:
As stated
Inspection Report
Docket Numbers:
05000369 and 05000370
License Numbers:
Report Numbers:
05000369/2024403 and 05000370/2024403
Enterprise Identifier:
I-2024-403-0018
Licensee:
Duke Energy Carolinas, LLC
Facility:
McGuire Nuclear Station, Units 1 & 2
Location:
Huntersville, NC
Inspection Dates:
June 24, 2024 to June 28, 2024
Inspectors:
B. Barro, Cyber Security Analyst (Contractor)
P. Braaten, Senior Reactor Inspector
J. Hartman, Cyber Security Analyst (Contractor)
W. Monk, Senior Reactor Inspector
Approved By:
Daniel M. Bacon, Chief
Engineering Branch 2
Division of Reactor Safety
SUMMARY
The U.S. Nuclear Regulatory Commission (NRC) continued monitoring the licensees performance by conducting a cyber security inspection at McGuire Nuclear Station, Units 1 & 2, in accordance with the Reactor Oversight Process. The Reactor Oversight Process is the NRCs program for overseeing the safe operation of commercial nuclear power reactors. Refer to https://www.nrc.gov/reactors/operating/oversight.html for more information.
List of Findings and Violations
No findings or violations of more than minor significance were identified.
Additional Tracking Items
None.
INSPECTION SCOPES
Inspections were conducted using the appropriate portions of the inspection procedures (IPs) in effect at the beginning of the inspection unless otherwise noted. Currently approved IPs with their attached revision histories are located on the public website at http://www.nrc.gov/reading-rm/doc-collections/insp-manual/inspection-procedure/index.html. Samples were declared complete when the IP requirements most appropriate to the inspection activity were met consistent with Inspection Manual Chapter (IMC) 2201, Security Inspection Program for Commercial Nuclear Power Reactors. The inspectors reviewed selected procedures and records, observed activities, and interviewed personnel to assess licensee performance and compliance with Commission rules and regulations, license conditions, site procedures, and standards.
SAFEGUARDS
71130.10 - Cybersecurity
The inspectors reviewed implementation of McGuire's Cyber Security Plan (CSP) and focused on evaluating changes to the program, critical systems, and CDAs.
Cybersecurity (1 Sample)
- (1) The following IP sections were completed and constitute completion of 1 sample:
- 03.01, Review Ongoing Monitoring and Assessment Activities
- 03.02, Verify Defense-in-Depth Protective Strategies
- 03.03, Review of Configuration Management Change Control
- 03.05, Evaluation of Corrective Actions
INSPECTION RESULTS
No findings were identified.
EXIT MEETINGS AND DEBRIEFS
The inspectors verified no proprietary information was retained or documented in this report.
- On June 27, 2024, the inspectors presented the cyber security inspection results to Edward Pigott and other members of the licensee staff.
DOCUMENTS REVIEWED
Inspection
Procedure
Type
Designation
Description or Title
Revision or
Date
Corrective Action
Documents
NOS Audit: TIMD041 Requirement QA COND Incorrect for
Two WG Analyzer CDAs
04/16/2024
Corrective Action
Documents
Resulting from
Inspection
24 MNS Cyber Security Inspection - Observation about
Common Controls
06/26/2024
Switchyard RTU Firewall Replacement
Rev. 0
AR02374114 - EDB Updates per Cyber Security Eng
Rev. 0
VMICS Firewall Replacement
Rev. 0
DIGITAL DESIGN EVALUATION FOR HOCHIKI SOC-24V
SMOKE DETECTOR TO REPLACE EST 711U SMOKE
DETECTOR IN EFA ZONES 91 (U1) AND 102 (U2)
Rev. 0
Engineering
Changes
MNS MOC WAREHOUSE SECURITY X-RAY DETECTOR
REPLACEMENTS
Rev. 01
MC -1607.32-05-
03. CSA0215
NEI 08-09 ASSESSMENT FOR CDA GROUP: EFA-
Detectors-Non-Intelligent
Rev. 0
MC-1607.32-05-
03-CSA0153
NEI 13-10 Assessment for Group: IKE-NW-RTU-FIREWALL
Rev. 03
MC-1607.32-05-
03. CSA0121
NEI 08-09 Assessment for CDA Group: EXA-Security X-Ray
Machines
Rev. 03
MC-1607.32-05-
03.CSA0157
NEI 08-09 Assessment for CDA Group: EXA-NW-FIREWALL
Rev. 05
Miscellaneous
PO 3180470
SYSTEM, X-RAY MACHINE
04/03/2024
AD-EG-ALL-1502
FIRE PROTECTION IMPACT SCREENING FOR PLANT
DESIGN CHANGES
Rev. 4
AD-EG-ALL-1901
Cyber Security Ongoing Monitoring and Trending
Rev. 06
AD-EG-ALL-1902
Cyber Security Incident Response and Recovery
Rev. 05
AD-EG-ALL-1906
Cyber Security Defensive Architecture
Rev. 07
Procedures
AD-EG-ALL-1908
Cyber Security Acquisition Requirements
Rev. 05