CP-200901720, Supplement to License Amendment Request (LAR) 09-010, for Approval of the Cyber Security Plan

From kanterella
(Redirected from ML093650162)
Jump to navigation Jump to search

Supplement to License Amendment Request (LAR)09-010, for Approval of the Cyber Security Plan
ML093650162
Person / Time
Site: Comanche Peak  Luminant icon.png
Issue date: 12/21/2009
From: Flores R
Luminant Generation Co, Luminant Power
To:
Document Control Desk, Office of Nuclear Reactor Regulation
References
CP-200901720, TXX-09149
Download: ML093650162 (7)


Text

Rafael Flores Luminant Power Senior Vice President P.O. Box 1002

& Chief Nuclear Officer 6322 North FM 56 rafael.flores@luminant.corn Glen Rose, TX 76043 Lum inant T 254 897 5590 C 817 559 0403 F 254 897 6652 CP-200901720 Ref: 10 CFR 50.90 TXX-09149 December 21, 2009 U. S. Nuclear Regulatory Commission Attn: Document Control Desk Washington, DC 20555

SUBJECT:

COMANCHE PEAK STEAM ELECTRIC STATION (CPSES) DOCKET NOS. 50-445 AND 50-446, SUPPLEMENT TO LICENSE AMENDMENT REQUEST (LAR)09-010, FOR APPROVAL OF THE CYBER SECURITY PLAN

REFERENCE:

Letter TXX-09133 from Rafael Flores to USNRC dated November 19, 2009.

Dear Sir or Madam:

The referenced letter, TXX-09133, submitted a request by Luminant Generation Company LLC (Luminant Power) to amend the Facility Operating License (FOL) for CPSES, herein referred to as Comanche Peak Nuclear Power Plant (CPNPP), Unit 1 Operating License (NPF-87) and CPSES Unit 2 Operating License (NPF-89). This change request applied to both Units. The proposed amendment requested NRC approval of the CPNPP Cyber Security Plan, provided a proposed Implementation Schedule, and added a sentence to the existing FOL Physical Protection license condition to require CPNPP to fully implement and maintain in effect all provisions of the Commission approved Cyber Security Plan. The proposed change is consistent with Nuclear Energy Institute (NEI) 08-09, Revision 3, "Cyber Security Plan for Nuclear Power Reactors."

Attachment 1 to the referenced letter provided a detailed description of the proposed change, a technical analysis of the proposed change, Luminant Power's determination that the proposed changes did not involve a significant hazard consideration, a regulatory analysis of the proposed changes, and an environmental evaluation.

As a result of subsequent discussions between the NRC Staff and the Nuclear Energy Institute on December 9, 2009, concerning information in the No Significant Hazards Consideration, Luminant Power is providing an updated Description and Assessment. The attachment to this letter replaces Attachment 1 to TXX-09133. The changes are indicated by a revision bar in the right margin. The final conclusions from the Regulatory Analysis (which includes the No Significant Hazards Considerations) provided in the referenced letter TXX-09133 remain valid and are not changed by this supplement to LAR 09-010. This supplement to LAR 09-010 applies to both Units. The submittal of this supplement was discussed with the NRC Project Manager, Mr. Balwant Singal, on December 15, 2009.

A member of the STARS (Strategic Teaming and Resource Sharing) Alliance Callaway Comanche Peak

  • Diablo Canyon - Palo Verde ' San Onofre ' South Texas Project Wolf Creek

U. S. Nuclear Regulatory Commission TXX-09149 Page 2 of 2 12/21/2009 In accordance with 10CFR50.91(b), Luminant Power is providing the State of Texas with a copy of this supplement to the proposed amendment.

This communication contains no new or revised commitments.

Should you have any questions, please contact Mr. Jim Barnette at (254) 897-5866.

I state under penalty of perjury that the foregoing is true and correct.

Executed on December 21, 2009.

Sincerely, Luminant Generation Company, LLC Rafael Flores By:

F4re W. Madden Director, Oversight and Regulatory Affairs RAS

Attachment:

Revised Attachment 1 to TXX-09133, Description and Assessment c - E. E. Collins, Region IV B. K. Singal, NRR Resident Inspectors, CPNPP, Alice Hamilton Rogers, P.E.

Inspection Unit Manager Texas Department of State Health Services Mail Code 1986 P. 0. Box 149347 Austin TX 78714-9347

ATTACHMENT to TXX-09149 REVISED ATTACHMENT 1 TO TXX-09133, DESCRIPTION AND ASSESSMENT

Attachment to TXX-09149 Page 2 of 5 12/21/2009 LICENSEE'S EVALUATION

1.0 DESCRIPTION

2.0 PROPOSED CHANGE

3.0 BACKGROUND

4.0 TECHNICAL ANALYSIS

5.0 REGULATORY ANALYSIS

5.1 No Significant Hazards Consideration 5.2 Applicable Regulatory Requirements/ Criteria

6.0 ENVIRONMENTAL CONSIDERATION

7.0 PRECEDENTS

8.0 REFERENCES

Attachment to TXX-09149 Page 3 of 5 12/21/2009

1.0 DESCRIPTION

By this letter, Luminant Generation Company LLC (Luminant Power) requests an amendment to the Comanche Peak Steam Electric Station (CPSES) Unit 1 Operating License (NPF-87) and CPSES Unit 2 Operating License (NPF-89) by incorporating the attached change into the CPSES Unit 1 and 2 Facility Operating Licenses. License Amendment Request (LAR)09-010 is a request to revise Facility Operating Licenses (OLs) for Comanche Peak Steam Electric Station (CPSES) Units 1 and 2.

2.0 PROPOSED CHANGE

The proposed LAR 09-010 includes the proposed Luminant Power CPNPP Cyber Security Plan, the CPNPP Cyber Security Plan Proposed Implementation Schedule, and a proposed sentence to be added to the existing FOL Physical Protection license condition.

3.0 BACKGROUND

Federal Register notice 74 FR 13926 issued the final rule that amended 10 CFR Part 73 (Reference 1). Cyber security requirements are codified as new § 73.54 and are designed to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks up to and including the design basis threat established by

§ 73.1(a)(1(v). These requirements are substantial improvements upon the requirements imposed by EA-02-026 (Reference 2).

4.0 TECHNICAL ANALYSIS

Nuclear Energy Institute (NEI) 08-09, Revision 3, September 2009, "Cyber Security Plan for Nuclear Power Plants" (Reference 3) has been issued for use by licensees in development of their own cyber security plans.

This LAR includes a proposed Plan (Enclosure 1) that is consistent with the template provided in NEI 08-09, Revision 3. In addition the LAR includes proposed changes to the existing Facility Operating License conditions for "Physical Protection" (Attachment 2). A proposed Implementation Schedule as required by 10 CFR 73.54 is provided in Enclosure 2. Enclosure 3 provides a description of the changes to the un-bracketed text of NEI 08-09; Revision 3.

5.0 REGULATORY ANALYSIS

5.1 No Significant Hazards Consideration Federal Register Notice 74 FR 13926 issued the final rule that amended 10 CFR Part 73.

Cyber security requirements are codified as new 10 CFR 73.54 and are designed to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks up to and including the design basis threat established by 10 CFR 73.1(a)(1)(v). This application requests NRC approval of the Cyber Security Plan for Comanche Peak Nuclear Power Plant (hereafter referred to as the Cyber Security Plan) in accordance with 10 CFR 73.54 and proposes changes to section 2.H of the Facility Operating License Nos. NPF-87 and NPF-89 for the Comanche Peak Nuclear Power Plant Unit I and Unit 2 respectively to incorporate the provisions for implementing and maintaining in effect the provisions of the approved Cyber Security Plan. The Cyber Security Plan is consistent with the template provided in Nuclear Energy Institute (NEI) 08-09, Revision 3, September 2009, "Cyber Security Plan for

Attachment to TXX-09149 Page 4 of 5 12/21/2009 Nuclear Power Plants," and provides a description of how the requirements of the Rule will be implemented at CPNPP.

Luminant Power has evaluated whether or not a significant hazards consideration is involved with the proposed amendment(s) by focusing on the three standards set forth in 10 CFR 50.92, "Issuance of amendment," as discussed below:

1. Do the proposed changes involve a significant increase in the probability or consequences of an accident previously evaluated?

Response: No The proposed amendment incorporates a new requirement in the Facility Operating License (FOL) to implement and maintain a Cyber Security Plan as part of the facility's overall program for physical protection. Inclusion of the Cyber Security Plan in the FOL itself does not involve any modifications to the safety-related structures, systems or components (SSCs). Rather, the Cyber Security Plan describes how the requirements of 10 CFR 73.54 are to be implemented to identify, evaluate, and mitigate cyber attacks up to and including the design basis cyber attack threat, thereby achieving high assurance that the facility's digital computer and communications systems and networks are protected from cyber attacks. The addition of the Cyber Security Plan to the Physical Security Plan will not alter previously evaluated Final Safety Analysis Report (FSAR) design basis accident analysis assumptions, add any accident initiators, or affect the function of the plant safety-related SSCs as to how they are operated, maintained, modified, tested, or inspected.

Therefore, the proposed changes do not involve a significant increase in the probability or consequences of an accident previously evaluated.

2. Do the proposed changes create the possibility of a new or different kind of accident from any accident previously evaluated?

Response: No This proposed amendment provides assurance that safety-related SSCs are protected from cyber attacks. Implementation of 10 CFR 73.54 and the inclusion of a plan in the FOL do not result in the need of any new or different FSAR design basis accident analysis. It does not introduce new equipment that could create a new or different kind of accident, and no new equipment failure modes are created. As a result, no new accident scenarios, failure mechanisms, or limiting single failures are introduced as a result of this proposed amendment.

Therefore, the proposed change does not create the possibility of a new or different kind of accident from any previously evaluated.

3. Do the proposed changes involve a significant reduction in a margin of safety?

Response: No The margin of safety is associated with the confidence in the ability of the fission product barriers (i.e., fuel cladding, reactor coolant pressure boundary, and

Attachment to TXX-09149 Page 5 of 5 12/21/2009 containment structure) to limit the level of radiation to the public. The proposed amendment would not alter the way any safety-related SSC functions and would not alter the way the plant is operated. The amendment provides assurance that safety-related SSCs are protected from cyber attacks. The proposed amendment would not introduce any new uncertainties or change any existing uncertainties associated with any safety limit. The proposed amendment would have no impact on the structural integrity of the fuel cladding, reactor coolant pressure boundary, or containment structure. Based on the above considerations, the proposed amendment would not degrade the confidence in the ability of the fission product barriers to limit the level of radiation to the public.

Therefore the proposed change does not involve a reduction in a margin of safety.

Based on the above evaluations, Luminant Power concludes that the proposed amendment(s) present no significant hazards under the standards set forth in 10CFR50.92(c) and, accordingly, a finding of "no significant hazards consideration" is justified.

5.2 Applicable Regulatory Requirements/Criteria This LAR is submitted pursuant to 10 CFR §73.54 which requires licensees currently licensed to operate a nuclear power plant under 10 CFR Part 50 to submit a Cyber Security Plan as specified in §50.4 and §50.90.

In conclusion, based on the considerations discussed above, (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner, (2) such activities will be conducted in compliance with the Commission's regulations, and (3) the issuance of the amendment will not be inimical to the common defense and security or to the health and safety of the public.

6.0 ENVIRONMENTAL CONSIDERATION

The proposed amendment establishes the licensing basis for the CPNPP Unit I and Unit 2 Cyber Security Program and will be a part of the Physical Security Plan. This proposed amendment will not involve any significant construction impacts. Pursuant to 10 CFR 51.22(c)(12), no environmental impact statement or environmental assessment need be prepared in connection with the issuance of the amendment.

7.0 PRECEDENTS None

8.0 REFERENCES

8.1 Federal Register Notice, Final Rule.10 CFR Part 73, Power Reactor Security Requirements, published on March 27, 2009, 74 FR 13926.

8.2 EA-02-026, Order Modifying Licenses, Safeguards and Security Plan Requirements, issued February 25, 2002.

8.3 NEI 08-09, Revision 3, September 2009, "Cyber Security Plan for Nuclear Power Reactors."