ML080380186
| ML080380186 | |
| Person / Time | |
|---|---|
| Site: | Oconee  |
| Issue date: | 01/30/2008 |
| From: | Baxter D Duke Energy Carolinas, Duke Power Co |
| To: | Document Control Desk, Office of Nuclear Reactor Regulation |
| References | |
| Download: ML080380186 (6) | |
Text
,Duke DAVE BAXTER Vice President E~nergy.
Oconee Nuclear Station Duke Energy Corporation ON01 VP17800 Rochester Highway Seneca, SC 29672 864-885-4460 864-885-4208 fax dabaxter@dukeenergy.com January 30, 2008 U. S. Nuclear Regulatory Commission Attn:
Document Control Desk Washington, DC 20555-0001
Subject:
Duke Power Company LLC d/b/a Duke Energy Carolinas, LLC Oconee Nuclear Station, Units 1, 2, and 3 Docket Nos. 50-269, 50-270, 50-287 Cyber Security Features Associated with the Digital Upgrade of Oconee Nuclear Station Reactor Protective System and Engineered Safeguards Protective System Duke Power Company LLC d/b/a Duke Energy Carolinas, LLC (Duke) plans to replace the current analog based Reactor Protective System (RPS) and Engineered Safeguards Protective System (ESPS) with a digital computer based RPS/ESPS. This letter addresses cyber security aspects of the RPS/ESPS design change and supplements the License Amendment Request (LAR) associated with this design change. Duke requests the U.S. Nuclear Regulatory Commission (NRC) review and approve this information in conjunction with the RPS/ESPS LAR.
During a May 1, 2007, meeting on RPS/ESPS cyber security, Duke and NRC staff agreed that this type of information is security sensitive and should be provided separate from the RPS/ESPS LAR. Enclosure 1 contains a description of design features that secure the ONS RPS/ESPS from electronic vulnerabilities and Duke considers Enclosure 1 to be sensitive information and requests that it be withheld from public disclosure pursuant to 10 CFR 2.390.
Regulatory Guide 1.152, Revision 2 describes a method that the NRC staff deems acceptable for complying with the Commission's regulations for promoting high functional reliability, design quality, and cyber security for the use of digital computers in safety systems of nuclear power plants. Enclosure 1 demonstrates how the ONS design complies with NRC regulations by addressing the cyber security aspects of RG 1.152, Revision 2. Commitments being made as a result of this submittal are listed at the end of the Enclosure.
Duke requests that the NRC complete its review of the Enclosure 1 and issue a Safety Evaluation Report by January 31, 2009, in conjunction with the SER for the RPS/ESPS design change. Duke plans to submit the LAR for the RPS/ESPS design change by January 31, 2008, and request approval by January 31, 2009, to support implementation of this design change on Unit 1 during the fall 2009 refueling outage.
www. duke-energy. corn
U. S. Nuclear Regulatory Commission January 30, 2008 Page 2 This request hasbeen reviewed and approved by the Plant Operations Review Committee and Nuclear Safety Review Board.
If there are any questions regarding this submittal, please contact Boyd Shingleton at (864) 885-4716.
Very truly yours, D. A.
axter. Vice President Oco ee N~uclear Stationi
Enclosures:
- 1.
Cyber Security Features
- 2.
List of Regulatory Commitments contains Sensitive Information-Withhold under 10 CFR 2.390
U. S. Nuclear Regulatory Commission January 30, 2008 Page 3 xc:
V. M. McCree, Region II Administrator U.S. Nuclear Regulatory Commission Sam Nunn Atlanta Federal Center, 23 T85 61 Forsyth St., SW Atlanta, GA 30303-8931 L. N. Olshan, Senior Project Manager (ONS)
U.S. Nuclear Regulatory Commission 11555 Rockville Pike Mail Stop 0-8 G9A Rockville, MD 20852-2738 D. W. Rich NRC Senior Resident Inspector Oconee Nuclear Station H. J. Porter, Assistant Director Division of Radioactive Waste Management Bureau of Land and Waste Management South Carolina Department of Health and Environmental Control 2600 Bull St.
Columbia, SC 29201 contains Sensitive Information-Withhold under 10 CFR 2.390
U. S. Nuclear Regulatory Commission January 30, 2008 Page 4 D. A. Baxter, affirms that he is the person who subscribed his name to the foregoing statement, and that all the matters and facts set forth herein are true and correct to the best of his knowledge.
D. A.-Baxter, Vice
'ident Oco nee NucleartSt~e' Subscribed and sworn to me:
ýate 262&4F Nota'ry Public My Commission Expires:
6?
Date SEAL contains Sensitive Information-Withhold under 10 CFR 2.390
Cyber Security Features of the ONS RPS/ESPS Digital Upgrade January 2008 List of Regulatory Commitments
- List of Regulatory Commitments Cyber Security Features of the ONS RPS/ESPS Digital Upgrade January 30, 2008 List of Regulatory Commitments The following commitment table identifies those actions committed to by Duke Power Company LLC d/b/a Duke Energy Carolinas, LLC (Duke) in this submittal. Other actions discussed in the submittal represent intended or planned actions by Duke. They are described to the Nuclear Regulatory Commission (NRC) for the NRC's information and are not regulatory commitments.
Commitment Completion Date
- 1.
Duke will perform a cyber security risk evaluation Prior to completing the first installation of the (CSRE) on the ONS RPS/ESPS to identify possible RPS/ESPS at Oconee potential security vulnerabilities as required by the Cyber Security for Digital Process Systems program (CSP). The risk evaluation will be performed in accordance with the CSRE requirement.
- 2. Duke will ensure the operating procedures are Prior to completing the first installation of the validated as part of the design change process RPS/ESPS at Oconee including the cyber security features during the risk evaluation.
- 3.
Duke will ensure that system specific cyber security Prior to completing the first installation of the incident and recovery plans are provided for the RPS/ESPS at Oconee RPS/ESPS. The response plan will address:
The capability to identify, contain, and eradicate cyber security events
" The capability to recover from the event and mitigate reoccurrence of similar events.
Contingencies for ensuring minimal disruption to critical services in these instances.