IR 05000454/2022403
| ML22354A164 | |
| Person / Time | |
|---|---|
| Site: | Byron  |
| Issue date: | 12/28/2022 |
| From: | Richard Skokowski NRC/RGN-III/DORS/EB2 |
| To: | Rhoades D Constellation Energy Generation |
| References | |
| IR 2022403 | |
| Download: ML22354A164 (1) | |
Text
SUBJECT:
BYRON STATION - CYBER SECURITY INSPECTION REPORT 05000454/2022403 AND 05000455/2022403
Dear David Rhoades:
On November 17, 2022, the U.S. Nuclear Regulatory Commission (NRC) completed an inspection at Byron Station and discussed the results of this inspection with Mr. J. Cunzeman, Engineering Director and other members of your staff. The results of this inspection are documented in the enclosed report.
No findings or violations of more than minor significance were identified during this inspection.
This letter, its enclosure, and your response (if any) will be made available for public inspection and copying at http://www.nrc.gov/reading-rm/adams.html and at the NRC Public Document Room in accordance with Title 10 of the Code of Federal Regulations 2.390, Public Inspections, Exemptions, Requests for Withholding.
Sincerely, Richard A. Skokowski, Chief Engineering Branch 2 Division of Operating Reactor Safety Docket Nos. 05000454 and 05000455 License Nos. NPF-37 and NPF-66
Enclosure:
As stated
Inspection Report
Docket Numbers:
05000454 and 05000455
License Numbers:
Report Numbers:
05000454/2022403 and 05000455/2022403
Enterprise Identifier:
I-2022-403-0034
Licensee:
Constellation Energy Generation, LLC
Facility:
Byron Station
Location:
Byron, IL
Inspection Dates:
November 14, 2022 to November 17, 2022
Inspectors:
B. Barro, Cyber Security Analyst
A. Dahbur, Senior Reactor Inspector
J. Gilliam, Senior Reactor Inspector
A. Konkal, Contractor
Approved By:
Richard A. Skokowski, Chief
Engineering Branch 2
Division of Operating Reactor Safety
SUMMARY
The U.S. Nuclear Regulatory Commission (NRC) continued monitoring the licensees performance by conducting a cyber security inspection at Byron Station, in accordance with the Reactor Oversight Process. The Reactor Oversight Process is the NRCs program for overseeing the safe operation of commercial nuclear power reactors. Refer to https://www.nrc.gov/reactors/operating/oversight.html for more information.
List of Findings and Violations
No findings or violations of more than minor significance were identified.
Additional Tracking Items
None.
INSPECTION SCOPES
Inspections were conducted using the appropriate portions of the inspection procedures (IPs) in effect at the beginning of the inspection unless otherwise noted. Currently approved IPs with their attached revision histories are located on the public website at http://www.nrc.gov/reading-rm/doc-collections/insp-manual/inspection-procedure/index.html. Samples were declared complete when the IP requirements most appropriate to the inspection activity were met consistent with Inspection Manual Chapter (IMC) 2201, Security Inspection Program for Commercial Nuclear Power Reactors. The inspectors reviewed selected procedures and records, observed activities, and interviewed personnel to assess licensee performance and compliance with Commission rules and regulations, license conditions, site procedures, and standards.
SAFEGUARDS
71130.10 - Cybersecurity
The inspectors reviewed implementation of Byron Generating Stations Cyber Security Plan (CSP) and focused on evaluating changes to the program, critical systems, and CDAs.
Cybersecurity (1 Sample)
- (1) The following IP sections were completed and constitute completion of 1 sample:
03.01, Review Ongoing Monitoring and Assessment Activities
03.02, Verify Defense-in-Depth Protective Strategies
03.03, Review of Configuration Management Change Control
03.04, Review of Cyber Security Program
03.05, Evaluation of Corrective Actions
In addition to the systems and programs that have been added or modified since the last cyber security inspection, the following systems were selected for inspection.
Unit 0
Security (IS), Security Unit 1 & 2
Feedwater (FW), Important-to-Safety / Balance of Plant Trip
Neutron Monitoring (NR), Safety-Related
Plant Process Computer (CX), Important-to-Safety
INSPECTION RESULTS
No findings were identified.
EXIT MEETINGS AND DEBRIEFS
The inspectors verified no proprietary information was retained or documented in this report.
On November 17, 2022, the inspectors presented the cyber security inspection results to Mr. J. Cunzeman, Engineering Director and other members of the licensee staff.
DOCUMENTS REVIEWED
Inspection
Procedure
Type
Designation
Description or Title
Revision or
Date
233553
EOC Review for Maintenance Per IR 4227370
03/27/2019
265133
TSC Computer Removed for CS Investigation
07/18/2019
288042
Cyber Security 24-Month SA Gap CC-AA-604-102-F-02 Not
In WP
10/15/2019
04302100
CYBER SECURITY: EP CDA PC Was Replaced with Non-
CDA PC
06/12/2019
04367087
Cyber Follow-Up from JAF Inspection
2/09/2020
04383635
NOS ID: Cyber Incident IR Not Reclassified as Sig Level 3
11/11/2020
04452030
1PL100J Tamper Seals
10/10/2021
25515
Cyber Security Tamper Seals Removed Improperly
03/10/2020
4345187
Cyber - Missed Identification of CDAs
05/22/2020
4511718
Cyber CDA Post Install Walk Down Discrepancy
07/19/2022
Corrective Action
Documents
4519948
Cyber Security-Security CDA Key Issued Without Using Key
Log
08/31/2022
29068
Cyber - NRC Pre-Inspection Issue DRPs
10/12/2022
4536919
OPEX EVALUATION: THREAT ANALYSIS OF CVE-2021-
22 Cisco ASA
11/14/2022
4536920
OPEX EVALUATION: THREAT ANALYSIS OF CVE-2021-
1402 CISCO FTD
11/14/2022
4536947
NRC ID - Cyber - Error Identified on Baseline Data Sheet
11/14/2022
4537052
OPEX EVALUATION: THREAT ANALYSIS CVE-2020-9034
Symmetricon
11/15/2022
4537074
NRC ID Cyber Error Identified on Baseline Data Sheet
11/15/2022
4537088
NRC ID - Cyber-Error Found on CDA Checklist WO 286130-01
11/13/2022
4537184
NRC ID - Cyber - Error Message on 2FW36J
11/15/2022
4537185
NRC ID - Cyber - Error Message on 1FW37J
11/15/2022
4537192
NRC ID - Cyber - Vulnerability Assessment Missing CVE Info
11/15/2022
4537479
NRC ID - Cyber - CDA Subcomponent ID Tag Needs
Removed
11/16/2022
Corrective Action
Documents
Resulting from
Inspection
4537483
NRC ID - Cyber - Observation Vulnerability Assessment
Enhancement
11/17/2022
Inspection
Procedure
Type
Designation
Description or Title
Revision or
Date
4537619
NRC ID - Cyber - Unused Services Found Set to Manual on
IVMS
11/17/2022
4537621
NRC ID -Cyber-Unused Services Found Set to Manual on
Kiosks
11/17/2022
4537725
NRC ID - Cyber - Observation CDA Key Control
11/17/2022
Engineering
Changes
Cyber Defensive Infrastructure (CDI) Refresh
Cyber Security Incident Response Drill Scenario
03/16/2022
CC-AA-601-F-02
BYR_0CP-CX7006_CP - CDA Baseline Data Sheet
CC-AA-601-F-02
BYR_1CP-CX1500_CP - CDA Baseline Data Sheet
CC-AA-601-F-02
BYR_2NCU-CX1041_NCU - CDA Baseline Data Sheet
Miscellaneous
CC-AA-606-1002-
F-01
Data Diode Server Disaster Recovery Plan
BYR-CDI-L3-MAT
Defensive Architecture Enhancement - BYR-CDI L3 Mat
Cyber Security Program Health Performance Indicators and
Criteria
CC-AA-601-1003-
F-01
Supplier Exception Evaluation For SQAD-7
CDA Password Configuration and Control
Cyber Security Incident Response
Scanning for Rogue Wireless Access Point Points
OP-AA-108-103-
1000
CDA Key Control Program
Warehouse Operations
Supply Cyber Security
Procedures
TQ-AA-176-J020
Cyber Security Specialized Training Matrix
05070909
Cyber Defense Infrastructure (CDI) Refresh EC 631318
04/21/2022
276124-01
Monthly DAE Intrusion Detection Functional Testing
07/13/2022
Work Orders
287939-01
Perform Monthly Rogue Wireless Scanning
09/01/2022