|
|---|
Category:Inspection Report
MONTHYEARIR 05000483/20240032024-10-23023 October 2024
Integrated Inspection Report 05000483/2024003
IR 05000483/20240132024-10-21021 October 2024
Design Basis Assurance Inspection (Programs) Inspection Report 05000483/2024013
IR 05000483/20244012024-10-0909 October 2024
Material Control and Accounting Program Inspection Report 05000483/2024401 Public
IR 05000483/20244032024-08-28028 August 2024
Security Baseline Inspection 05000483-2024-403
IR 05000483/20240052024-08-14014 August 2024
Updated Inspection Plan for Callaway Plant (Report 05000483/2024005)
IR 05000483/20253012024-08-0505 August 2024
Notification of NRC Initial Operator Licensing Examination 05000483/2025301
IR 05000483/20240022024-07-18018 July 2024
And Independent Spent Fuel Storage Installation Integrated Inspection Report 05000483/2024002 and 07201045/2024001
IR 05000483/20244022024-05-0606 May 2024
Security Baseline Inspection Report 05000483/2024402 (Full Report)
IR 05000483/20240112024-05-0101 May 2024
NRC Post-Approval Site Inspection for License Renewal (Phase 2) Report 05000483/2024011
IR 05000483/20240012024-04-16016 April 2024
Integrated Inspection Report 05000483/2024001
IR 05000483/20244042024-04-0909 April 2024
Cyber Security Inspection Report 05000483/2024404
IR 05000483/20230062024-02-28028 February 2024
Annual Assessment Letter for Callaway Plant Report 05000483/2023006
IR 05000483/20230042024-01-19019 January 2024
– Integrated Inspection Report 05000483/2023004
IR 05000483/20230102023-11-15015 November 2023
NRC License Renewal Phase 1 Inspection Report 05000483 2023010
IR 05000483/20233012023-11-0909 November 2023
NRC Examination Report 05000483-2023301
ML23293A2652023-10-24024 October 2023
3rd Quarter 2023 Integrated Inspection Report
IR 05000483/20240122023-10-24024 October 2023
Information Request for the Cybersecurity Baseline Inspection, Notification to Perform Inspection (05000483/2024012)
IR 05000483/20234012023-09-13013 September 2023
NRC Security Baseline Inspection Report 05000483/2023401
IR 05000483/20230052023-08-23023 August 2023
Updated Inspection Plan for Callaway Nuclear Power Plant, Unit 1 (Report 05000483/2023005) - Mid Cycle Letter 2023
IR 05000483/20230022023-07-10010 July 2023
Integrated Inspection Report 05000483/2023002
IR 05000483/20230112023-06-15015 June 2023
Comprehensive Engineering Team Inspection (CETI) Inspection Report 05000483/2023011
ML23122A3172023-05-0808 May 2023
Review of the Spring 2022 Steam Generator Tube Inservice Inspections
IR 05000483/20230012023-04-12012 April 2023
Integrated Inspection Report 05000483/2023001
IR 05000483/20234022023-03-29029 March 2023
NRC Security Baseline Inspection Report 05000483/2023402
IR 05000483/20220062023-03-0101 March 2023
Annual Assessment Letter for Callaway Plant (Report 05000483/2022006)
ML23019A0802023-01-19019 January 2023
Notification of Comprehensive Engineering Team Inspection (05000483/2023011) and Request for Information
IR 05000483/20220042023-01-12012 January 2023
Integrated Inspection Report 05000483/2022004
IR 05000483/20220132022-11-15015 November 2022
Design Basis Assurance Inspection (Programs) Inspection Report 05000483/2022013
IR 05000483/20220032022-10-17017 October 2022
Integrated Inspection Report 05000483/2022003
IR 05000483/20220102022-10-12012 October 2022
Biennial Problem Identification and Resolution Inspection Report 05000483-2022010 - Draft
IR 05000483/20224032022-09-27027 September 2022
Security Baseline Inspection Report 05000483/2022403
IR 05000483/20220052022-08-23023 August 2022
Updated Inspection Plan for Callaway Plant (Report 05000483/2022005)
IR 05000483/20220112022-08-0202 August 2022
Triennial Fire Protection Inspection Report 05000483/2022011
IR 05000483/20220022022-07-27027 July 2022
Integrated Inspection Report 05000483/2022002
ML22157A0572022-06-0606 June 2022
Notification of NRC Design Bases Assurance Inspection (Programs) (05000483/2022013) and Request for Information
IR 05000483/20220402022-05-0606 May 2022
95001 Supplemental Inspection Report 05000483/2022040 and Follow-Up Assessment Letter
IR 05000483/20224012022-05-0505 May 2022
Cyber Security Inspection Report 05000483/2022401
IR 05000483/20220012022-04-26026 April 2022
Integrated Inspection Report 05000483/2022001
IR 05000483/20223012022-04-12012 April 2022
NRC Examination Report 05000483/2022301
ML22082A2012022-03-28028 March 2022
Notification of an NRC Fire Protection Baseline Inspection (NRC Inspection Report 05000483/2022011) and Request for Information
IR 05000483/20224042022-03-24024 March 2022
Final Security Baseline Inspection Report 05000483/2022404 (Letter)
IR 05000483/20210062022-03-0202 March 2022
Annual Assessment Letter for Callaway Plant (Report 05000483/2021006)
IR 05000483/20210042022-01-0707 January 2022
Integrated Inspection Report - 05000483/2021004
IR 05000483/20224022021-11-30030 November 2021
Information Request for the Cyber Security Baseline Inspection, Notification to Perform Inspection 05000483/2022402
IR 05000483/20210032021-11-0808 November 2021
Integrated Inspection Report 05000483/2021003
IR 05000483/20214202021-10-29029 October 2021
NRC Security Baseline Inspection Cover Letter 050004832021420
IR 05000483/20214022021-10-26026 October 2021
Security Baseline Inspection Report 05000483/2021402
IR 05000483/20210052021-09-0101 September 2021
Mid-Cycle Inspection Plan Transmittal Letter for Callaway Plant (Report 05000483/2021005)
IR 05000483/20210022021-08-0505 August 2021
Integrated Inspection Report 05000483/2021002 and Independent Spent Fuel Storage Installation Report 07201045/2021001
IR 05000483/20214012021-05-26026 May 2021
Security Baseline Inspection Report 05000483/2021401
2024-08-05
[Table view]
Category:Letter
MONTHYEARIR 05000483/20240032024-10-23023 October 2024
Integrated Inspection Report 05000483/2024003
IR 05000483/20240132024-10-21021 October 2024
Design Basis Assurance Inspection (Programs) Inspection Report 05000483/2024013
IR 05000483/20244012024-10-0909 October 2024
Material Control and Accounting Program Inspection Report 05000483/2024401 Public
ULNRC-06901, Concurrent Inoperability of Control Room Air Conditioning System Train and Opposite Train Emergency Diesel Generator Results in Condition Prohibited by Technical Specifications Limiting (Letter)2024-10-0101 October 2024
Concurrent Inoperability of Control Room Air Conditioning System Train and Opposite Train Emergency Diesel Generator Results in Condition Prohibited by Technical Specifications Limiting (Letter)
ML24247A3042024-09-11011 September 2024
Regulatory Audit Questions for License Renewal Commitments 34 and 35 (EPID L-2024-LRO-0009) - Non-Proprietary
IR 05000483/20244032024-08-28028 August 2024
Security Baseline Inspection 05000483-2024-403
IR 05000483/20240052024-08-14014 August 2024
Updated Inspection Plan for Callaway Plant (Report 05000483/2024005)
IR 05000483/20253012024-08-0505 August 2024
Notification of NRC Initial Operator Licensing Examination 05000483/2025301
ML24212A2822024-08-0202 August 2024
Regulatory Audit Summary Concerning Review of Request No. C3R-01 for Proposed Alternative to ASME Code, Section XI Requirements for Containment Building Inspections
IR 05000483/20240022024-07-18018 July 2024
And Independent Spent Fuel Storage Installation Integrated Inspection Report 05000483/2024002 and 07201045/2024001
ML24185A1032024-07-16016 July 2024
2024 Biennial Problem Identification and Resolution Inspection Report
ULNRC-06892, Independent Spent Fuel Storage Installation Registration of Dry Spent Fuel Storage Canister HGMPC00062024-06-26026 June 2024
Independent Spent Fuel Storage Installation Registration of Dry Spent Fuel Storage Canister HGMPC0006
ULNRC-06891, Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC00052024-06-26026 June 2024
Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC0005
ULNRC-06884, Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC00022024-06-12012 June 2024
Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC0002
ULNRC-06886, Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC00042024-06-12012 June 2024
Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC0004
ULNRC-06885, Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC00032024-06-12012 June 2024
Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC0003
ML24144A0492024-06-11011 June 2024
Requests for Relief from ASME OM Code Pump and Valve Testing Requirements for Fifth 120-Month Inservice Testing Interval
ML24158A5222024-06-0606 June 2024
Application to Revise Technical Specifications to Adopt Tstf-569, Rev. 2, Revise Response Time Testing Definition (LDCN 24-0008)
ML24178A1132024-06-0606 June 2024
Ameren Missouris Intent to Adopt Revision 1 to Amendment 0 of Certificate of Compliance No. 1040 as Applicable to the ISFSI at the Callaway Plant Site
ML24143A1632024-05-23023 May 2024
Independent Spent Fuel Storage Installation Registration of Dry Spent Storage Canister HGMPC0001
ULNRC-06882, Independent Spent Fuel Storage Installation Registration of Dry Spent Fuel Storage Canister HGMPC00122024-05-16016 May 2024
Independent Spent Fuel Storage Installation Registration of Dry Spent Fuel Storage Canister HGMPC0012
ML24137A2342024-05-16016 May 2024
Independent Spent Fuel Storage Installation - Registration of Dry Spent Fuel Storage Canister HGMPC0011
ML24122A1502024-05-0707 May 2024
Audit Plan to Support Review of Steam Generator License Renewal Response to Commitment Nos 34 and 35
ULNRC-06877, Final Safety Analysis Report Revision OL-27 and Technical Specification Bases Revision 252024-05-0606 May 2024
Final Safety Analysis Report Revision OL-27 and Technical Specification Bases Revision 25
IR 05000483/20244022024-05-0606 May 2024
Security Baseline Inspection Report 05000483/2024402 (Full Report)
IR 05000483/20240112024-05-0101 May 2024
NRC Post-Approval Site Inspection for License Renewal (Phase 2) Report 05000483/2024011
ULNRC-06856, CFR 50.59 and 10 CFR 72.48 Summary Report2024-05-0101 May 2024
CFR 50.59 and 10 CFR 72.48 Summary Report
ULNRC-06869, Submittal of Callaway, Unit 1, 2023 Annual Radiological Environmental Operating Report2024-04-30030 April 2024
Submittal of Callaway, Unit 1, 2023 Annual Radiological Environmental Operating Report
ML24122A1132024-04-30030 April 2024
Submittal of Callaway, Unit 1, 2023 Annual Radioactive Effluent Release Report
ULNRC-06876, Registration of Dry Spent Fuel Storage Canister HGMPC00102024-04-25025 April 2024
Registration of Dry Spent Fuel Storage Canister HGMPC0010
ML24108A1082024-04-17017 April 2024
Independent Spent Fuel Storage Installation Registration of Dry Spent Fuel Storage Canister HGMPC0009
ULNRC-06871, Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC00072024-04-17017 April 2024
Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC0007
ULNRC-06872, Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC00082024-04-17017 April 2024
Independent Spent Fuel Storage Installation, Registration of Dry Spent Fuel Storage Canister HGMPC0008
ULNRC-06866, Submittal of Cycle 26 Commitment Change Summary Report2024-04-17017 April 2024
Submittal of Cycle 26 Commitment Change Summary Report
IR 05000483/20240012024-04-16016 April 2024
Integrated Inspection Report 05000483/2024001
IR 05000483/20244042024-04-0909 April 2024
Cyber Security Inspection Report 05000483/2024404
ML24088A3212024-04-0101 April 2024
Notification of Commercial Grade Dedication Inspection (05000483/2024013) and Request for Information
ML24086A5132024-03-26026 March 2024
CFR 50.46 Annual Report Regarding ECCS Evaluation Model Revisions
ULNRC-06863, Submittal of Annual Exposure Report for 20232024-03-20020 March 2024
Submittal of Annual Exposure Report for 2023
ML24079A1622024-03-19019 March 2024
Re Nuclear Property Insurance Reporting
ML24066A1932024-03-0707 March 2024
2024 Callaway Plant Notification of Biennial Problem Identification and Resolution Inspection and Request for Information
ULNRC-06852, Owners Activity Reports (OAR-1 Forms) for Cycle/Refuel 262024-03-0505 March 2024
Owners Activity Reports (OAR-1 Forms) for Cycle/Refuel 26
IR 05000483/20230062024-02-28028 February 2024
Annual Assessment Letter for Callaway Plant Report 05000483/2023006
ML24052A3662024-02-26026 February 2024
Regulatory Audit Plan in Support of Proposed Alternative to ASME Code, Section XI Requirements for Containment Building Inspections
ULNRC-06858, Completion of License Renewal Activities Prior to Entering the Period of Extended Operation2024-02-21021 February 2024
Completion of License Renewal Activities Prior to Entering the Period of Extended Operation
ML24036A1712024-02-20020 February 2024
Exemption from Select Requirements of 10 CFR Part 73 (EPID L-2023-LLE-0079 (Security Notifications, Reports, and Recordkeeping and Suspicious Activity Reporting))
ULNRC-06853, Submittal of 2023 Fitness for Duty Performance Data Per Per 10 CFR 26.7172024-01-29029 January 2024
Submittal of 2023 Fitness for Duty Performance Data Per Per 10 CFR 26.717
ML24008A0552024-01-19019 January 2024
Acceptance of Requested Licensing Action - Proposed Alternative to the Requirements of the ASME Code (EPID L-2023-LLR- 0061)
IR 05000483/20230042024-01-19019 January 2024
– Integrated Inspection Report 05000483/2023004
ML23353A1712024-01-18018 January 2024
Issuance of Amendment No. 237 to Clarify Support System Requirements for the Residual Heat Removal System and Control Room Air Conditioning System Under Technical Specifications 3.4.8, 3.7.11, and 3.9.6
2024-09-11
[Table view] |
Text
April 09, 2024
SUBJECT:
CALLAWAY PLANT - CYBER SECURITY INSPECTION REPORT 05000483/2024404
Dear Fadi Diya:
On March 28, 2024, the U.S. Nuclear Regulatory Commission (NRC ) completed an inspection at Callaway Plant and discussed the results of this inspection with Eric Herr, Vice President &
Chief Informatio n Officer Security, Cyb er Se curity, and other members of your staff. The results of this inspection are documented in the enclosed report.
No findings or violations of more than minor significance were identified during thi s inspection.
This letter, its enclosure, and yo ur response (if any) wil l be made available for publi c inspection and copying at http://www.nrc.gov/reading-rm/adams.html and at the NRC Public Document Room in accordance with Title 1 0 of the Code of Federal Regulations 2.390, Publ ic Inspections, Exemp tions, Requests for Withholding.
Sincerely, Nicholas H. Taylor, Chief Engineering Branch 2 Division of Operating Reactor Safety Docket No. 05000483 License No. NPF-30
Enclosure:
As stated
Inspection Report
Docket No. 05000483
License No. NPF-30
Report No. 05000483/2024404
Enterprise Identifier: I-2024-404-0011
Licensee: Ameren Missouri
Facility: Callaway Plant
Location: Steedman, MO
Inspection Dates: March 24, 2024, to March 28, 2024
Inspectors: S. Graves, Senior Reactor Inspector N. Okonkwo, Reactor Inspector T. Siddiky, Information Technology Specialist T. Coleman, Contractor SME
Approved By: Nicholas H. Taylor, Chief Engineering Branch 2 Division of Operating Reactor Safety
Enclosure
SUMMARY
The U.S. Nuclear Regulatory Commission (NRC) continued monitoring the licensees performance by conducting a cyber security inspection at Callaway Plant, in accordance with the Reactor Oversight Process. The Reactor Oversight Process is the NRCs program for overseeing the safe operation of commercial nuclear power reactors. Refer to https://www.nrc.gov/reactors/operating/oversight.html for more information.
List of Findings and Violations
No findings or violations of more than minor significance were identified.
Additional Tracking Items
None.
INSPECTION SCOPES
Inspections were conducted using the appropriate portions of the inspection procedures (IPs) in effect at the beginning of the inspection unless otherwise noted. Currently approved IPs with their attached revision histories are located on the public website at http://www.nrc.gov/reading-rm/doc-collections/insp-manual/inspection-procedure/index.html. Samples were declared complete when the IP requirements most appropriate to the inspection activity were met consistent with Inspection Manual Chapter (IMC) 2201, Security Inspection Program for Commercial Nuclear Power Reactors. The inspectors reviewed selected procedures and records, observed activities, and interviewed personnel to assess licensee performance and compliance with Commission rules and regulations, license conditions, site procedures, and standards.
SAFEGUARDS
The inspectors reviewed implementation of Callaway Plants Cyber Security Plan (CSP) and focused on evaluating changes to the program, critical systems, and CDAs.
Cybersecurity (1 Sample)
- (1) The following IP sections were completed and constitute completion of 1 sample:
- 03.01, Review Ongoing Monitoring and Assessment Activities
- 03.02, Verify Defense-in-Depth Protective Strategies (Partial)
- 03.03, Review of Configuration Management Change Control (Partial)
- 03.05, Evaluation of Corrective Actions
The following systems were modified and reviewed:
- Thermocouple Core Cooling Monitor
- Iris Scan Biometric Identification System
In addition to the systems and programs that have been added or modified since the last cyber security inspection, the following systems were selected for inspection.
- Security Issues and Event Management System (SIEM)
- Boundary Devices, including Scanning Kiosks
INSPECTION RESULTS
No findings were identified.
EXIT MEETINGS AND DEBRIEFS
The inspectors verified no proprietary information was retained or documented in this report.
- On March 28, 2024, the inspectors presented the cyber security inspection results to Eric Herr, Vice President & Chief Information Officer Security, Cyber Security, and other members of the licensee staff.
DOCUMENTS REVIEWED
Inspection Type Designation Description or Title Revision or
Procedure Date
71130.10 Corrective Action Condition Report (CR) 202402206, 202400072, 202105183, 202303889,
Documents 202306933, 202201234, 202105572, 202100338,
2001842, 201906506, 202203606, 202305271,
2400712
Corrective Action Condition Report (CR) 202402124, 202402128, 202402125, 202402131,
Documents 202402168, 202402187
Resulting from
Inspection
Drawings 8600-X-90455 IRISCAN Interconnecting Diagram 08
J-373-00029 Met Tower Block Diagram 003
656B3282 Network Topology E
Engineering MP 21-0019 Change MET Tower workstations to meet cyber
Changes security requirements
MP 19-0002 TCCM upgrade
MP 22-0021 Iris Scan Upgrade
Miscellaneous IDS Diode Vendor Documentation - 05.01 GigaTAP
G Series Data Sheet
220331_FinalDrillPackage 3/31/2022 Cyber Security Incident Response Drill 3/31/2022
Executive Summary/ Final Report
230801_FinalDrillPackage Cyber Security Incident Response Drill Package 08/01/2023
2004736.500 CY 26 Upgrade IRIS SCAN Workstations 0
EWUB3001, EWUB3002 and HFSUB3001
AC121 Event Package 2 Incident Status, Activity Log, and Contact Lo Sheet 1/31/2024
for flS190.0014 Event
CA3248 Quarterly Callout Form 003
Callaw-1 Cyber Security Plan for AmerenUE (Union Electric 02
Company) Callaway Plant Unit 1
Inspection Type Designation Description or Title Revision or
Procedure Date
Callaway Cyber Security CLS / SIEM Analysis, Updates, and Patching N/A
Qualification Standard
Configuration CLS SIEM ruleset
OGM Job 22510575.500 Baseline review analysis for Iris Scan 8/2023
SDP-PI-CYBER Cyber Security 14
T25.0015 6 Callaway Energy Center Cyber Security 09/14/2020
Assessment Team Training, Rev. 20200914
135172 Instruction Manual for Iris Access System 005
Whitepaper Items Rescoped as Non-CDA Due to the NEI
Whitepapers
J-2049-00000 Thermocouple Core Cooling Monitor Operations 001
and Maintenance Manual
J-2049-00009 Thermocouple Core Cooling Monitor ALS 009
Communication Protocols
Procedures APA-ZZ-00500 Appendix 15 Adverse Condition - ADCN-4, Administrative 035
Correction.
APA-ZZ-01108 Cyber Security Program 010
APA-ZZ-01108 Addendum A CDA-Related Removable Media and Removable / 13
Portable Device Management.
DTI-CS-002 Virus Scanning Station (Kiosk) DTI 07
DTI-CS-014 Vulnerability Scan and Assessment 007
DTI-CS-018 Non-Engineering Configuration Control CDA 002
Change Process
DTI-CS-020 CLS/SIEM and NIDS Analysis, Updates, and 002
Testing
DTI-CS-026 CDA Baseline Configuration Review 000
EDP-RP-DR001 Thermocouple Cooling Monitor Disaster Recovery 001
EDP-ZZ-01108 Example of SIEM qual standard - specific tool CLS / N/A
SIEM Analysis, Updates, and Patching
EDP-ZZ-01108 Cyber Security Program Implementation. 015
EDP-ZZ-01108 Addendum 1 Digital Assessment Process 016
EDP-ZZ-01108 Addendum 2 Security Control Implementation Strategy 011
Inspection Type Designation Description or Title Revision or
Procedure Date
EDP-ZZ-01108 Addendum 3 Callaway Ongoing Monitoring for Critical Digital 014
Assets
EDP-ZZ-01108 Addendum 3 Callaway Ongoing Monitoring for Critical Digital 013
Assets
EDP-ZZ-01108 Addendum 4 Cyber Security Threat and Vulnerability Notification 006
Assessment Process
EDP-ZZ-01108 Addendum 7 Cyber Security Drill Program 004
EDP-ZZ-01108 Addendum 8 Centralized Cyber Security Monitoring System 005
EDP-ZZ-01108 Appendix A Cyber Security Defensive Strategy 006
EDP-ZZ-01108 Addendum 9 Threat Detection Software Configuration and 003
Update
EDP-ZZ-01108 Addendum 5 Callaway Cyber Security Incident Response 008
Procedure
Self-Control Assessment RDXY0001
Assessments SA 202200120-063 Cyber Security Effectiveness Review (PM1009161) 01/10/2024
Job 23505943
SA-202305963-003 Cyber Security Self-Assessment 10/29/2023
Work Orders Job 22004736/900, 23505943/500, 24000329/500,
24501859/500
7
