ML101970359
| ML101970359 | |
| Person / Time | |
|---|---|
| Site: | Pilgrim |
| Issue date: | 07/15/2010 |
| From: | Bronson K Entergy Nuclear Operations |
| To: | Document Control Desk, Office of Nuclear Reactor Regulation |
| References | |
| 2.10.034, TAC ME2138, TAC ME2744, TAC ME2745, TAC ME2747, TAC ME2802, TAC ME2743 | |
| Download: ML101970359 (12) | |
Text
Entergy Nuclear Operations, Inc.
Pilgrim Nuclear Power Station 600 Rocky Hill Road Plymouth, MA 02360 Kevin H. Bronson Site Vice President July 15, 2010 U.S. Nuclear Regulatory Commission Attn: Document Control Desk Washington, DC 20555
SUBJECT:
Entergy Nuclear Operations, Inc.
Pilgrim Nuclear Power Station Docket No. 50-293 License No. DPR-35 License Amendment Request - Pilgrim Nuclear Power Station Cyber Security Plan Submittal
Reference:
- 1. Entergy letter, "License Amendment Request - Pilgrim Nuclear Power Station Cyber Security Plan Submittal", dated November 22, 2009
- 2. NRC letter, D. Pickett to J. McCann, " Entergy Nuclear Operations, Inc. Cyber Security Plan - James A. Fitzpatrick Nuclear Power Plant, Indian Point Generating Units Nos. 1,2, and 3, Pilgrim Nuclear Power Station , and Vermont Yankee Nuclear Power Station (TAC Nos. ME2802,. ME2743, ME2744, ME2745, ME2747, and ME2138)", dated May 17, 2010
- 3. NRC letter to Nuclear Energy Institute (NEI) dated June 7, 2010, NEI 08-09, Revision 6, "Cyber Security Plan for Nuclear Power Reactors" LETTER NUMBER: 2.10.034
Dear Sir or Madam:
Entergy Operations, Inc. (Entergy) is hereby withdrawing the request for an amendment to the operating license for Pilgrim Nuclear Power Station (PNPS) submitted by Reference 1, in accordance with the 60-day request provided in Reference 2, and in accordance with the provisions of 10 CFR 50.4 and 10 CFR 50.90,r Entergy is submitting a new request for an amendment to the operating license for PNPS. The proposed amendment requests NRC approval of the PNPS Cyber Security Plan, provides an implementation schedule, and revises the existing Operating License Physical Protection license condition to require Entergy to fully implement and maintain in effect all provisions of the Commission-approved Cyber Security Plan. Entergy utilized NEI 08-09, "Cyber Security Plan for Nuclear Power Reactors," Revision 6, in development of the PNPS Cyber Security Plan which resolves the NRC's generic issues (Reference 2) with the previous submittal (Reference 1). In addition, This letter contains security-sensitive information -"Attachments 4, 5, and 6 are withheld from public disclosure per 10CFR2.390 SQ'c44
Entergy Nuclear Operations, Inc. Letter Number: 2.10.034 Pilgrim Nuclear Power Station Page 2 Entergy is also providing a detailed milestone implementation schedule as requested.
Therefore, this submittal supersedes, in its entirety, the previous submittal (Reference 1). provides an evaluation of the proposed change. Attachment 2 provides the existing PNPS Operating License pages marked-up to show the proposed change. provides the proposed Operating License changes in final typed format. provides the list of regulatory commitments. Attachment 5 provides the PNPS Cyber Security Plan implementation schedule. Attachment 6 provides a copy of the PNPS Cyber Security Plan, which is a standalone document that has been incorporated by reference into the PNPS Security Plan. In addition, Entergy is utilizing the definition of "cyber attack" as delineated in Reference 3. Entergy requests that Attachments 4, 5, and 6, which contain security-related information, be withheld from public disclosure in accordance with 10 CFR 2.390.
The proposed changes have been evaluated in accordance with 10 CFR 50.91 (a)(1) using criteria in 10 CFR 50.92(c), and it has been determined that the changes involve no significant hazards consideration. The bases for these determinations are included in .
Entergy requests this license amendment be effective as of its date of issuance. Once approved, the amendment will be implemented in accordance with the approved implementation schedule. Although this request is neither exigent nor emergency, your review is requested within approximately one year.
The new commitment contained in this letter is provided in Attachment 4. If you have any questions or require additional information, please contact Joseph R. Lynch, Licensing Manager, at 508-830-8403.
I declare under penalty of perjury that the foregoing is true and correct. Executed on July 15 ,2010.
Sincerely, Kevin H. Bronson Site Vice President Attachments: 1. Analysis of Proposed Operating License Change
- 2. Proposed PNPS Operating License Changes (mark-up)
- 3. Revised PNPS Operating License Pages
- 4. List of Regulatory Commitments
- 5. Implementation Schedule
- 6. PNPS Cyber Security Plan This letter contains security-sensitive information - Attachments 4, 5, and 6 are withheld from -public disclosure per 10 CFR 2.390
Entergy Nuclear Operations, Inc. Letter Number: 2.10.034 Pilgrim Nuclear Power Station Page 3 cc:
Regional Administrator, Region 1 Mr. James S. Kim, Project Manager U.S. Nuclear Regulatory Commission Division of Operating Reactor Licensing 475 Allendale Road Office of Nuclear Reactor Regulation King of Prussia, PA 19406-1415 U.S. Nuclear Regulatory Commission (w/o Attachments) Mail Stop O-8-C2 Washington, DC 20555 Sr. Resident Inspector, Pilgrim Station Mr. John Giarrusso, Jr.
Nuclear Preparedness Manager Massachusetts Emergency Management Agency 400 Worcester Road Framingham, MA 01702 This letter contains security-sensitive information - Attachments 4, 5, and 6 are withheld from public disclosure per 10CFR2.390
- Attachment 1 to Letter No. 2.10.034 Analysis of Proposed Operating License Change This letter contains security-sensitive information- Attachments 4, 5, and 6 are withheld from public disclosure per 10 CFR 2.390
Attachment 1 to Letter No. 2.10.034 Page 1 of 4 1.0
SUMMARY
DESCRIPTION The proposed license amendment request (LAR) includes the proposed Pilgrim Nuclear Power Station (PNPS) Cyber Security Plan, an implementation schedule, and a proposed sentence to be added to the existing operating license Physical Protection license condition.
2.0 DETAILED DESCRIPTION The proposed LAR includes three parts: the proposed PNPS Cyber Security Plan, an implementation schedule, and a proposed sentence to be added to the existing operating license Physical Protection license condition for PNPS to require Entergy to fully implement and maintain in effect all provisions of the Commission-approved PNPS Cyber Security Plan as required by 10 CFR 73.54. FederalRegister notice dated March 27, 2009, issued the final rule that amended 10CFR Part 73. The regulations in 10 CFR 73.54, "Protection of Digital Computer and Communication Systems and Networks," establish the requirements for a cyber security program. This regulation specifically requires each licensee currently licensed to operate a nuclear power plant under Part 50 of this chapter to submit a cyber security plan that satisfies the requirements of the Rule. Each submittal must include a proposed implementation schedule and implementation of the licensee's cyber security program must be consistent with the approved schedule. The background for this application is addressed by the NRC Notice of Availability published on March 27, 2009, 74FR13926 (Reference 1).
3.0 TECHNICAL EVALUATION
FederalRegister notice 74FR1 3926 issued the final rule that amended 10 CFR Part 73.
Cyber security requirements are codified as new 10 CFR 73.54 and are designed to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks up to and including the design basis threat established by 10 CFR 73.1(a)(1)(v). These requirements are more in depth than the requirements imposed by NRC Order EA-02-026 (Reference 2).
This proposed amendment conforms to the model Cyber Security, Plan contained in Appendix A of Nuclear Energy Institute (NEI) 08-09, "Cyber Security Plan for Nuclear Power Reactors," Revision 6, dated April 2010, for use by licensees in development of their own cyber security plans. A deviation to Appendix B of NEI 08-09, Revision 6 is the use of a revised definition of "cyber attack" as delineated in NRC letter dated June 7, 2010 (Reference 3). The revised definition of cyber attack is "any event in which there is reason to believe that an adversary has committed or caused, or attempted to commit or cause, or has made a credible threat to commit or cause malicious exploitation of a critical digital asset."
This LAR includes the proposed PNPS Cyber Security Plan (Attachment 6) that conforms to the template provided in Appendix A of NEI 08-09, Revision 6. In addition, the LAR includes the proposed change to the existing operating license condition for "Physical Protection" (Attachments 2 and 3) for PNPS. The LAR contains the proposed implementation schedule (Attachment 5) as required by 10CFR73.54. The LAR also provides a list of regulatory commitments (Attachment 4).
Attachment 1 to Letter No. 2.10.034 Page 2 of 4
4.0 REGULATORY EVALUATION
4.1 Applicable Regulatory Requirements/Criteria This LAR is submitted pursuant to 10CFR73.54 which requires licensees currently licensed to operate a nuclear power plant under 10CFR Part 50 to submit a cyber security plan as specified in 10CFR50.4 and 10CFR50.90.
4.2 Significant Safety Hazards Consideration Entergy has evaluated whether or not a significant hazards consideration is involved with the proposed amendment by focusing on the three standards set forth in 10 CFR 50.92, "Issuance of Amendment," as discussed below:
- 1. Does the proposed change involve a significant increase in the probability or consequences of an accident previously evaluated?
Response: No.
As required by 10 CFR 73.54 Entergy has submitted a cyber security plan for NRC review and approval for Pilgrim Nuclear Power Station (PNPS). The PNPS Cyber Security Plan does not require any plant modifications which affect the performance capability of the structures, systems, and components relied upon to mitigate the consequences of postulated accidents. The PNPS Cyber Security Plan does not alter accident analysis assumptions, add any initiators, or affect the function of plant systems or the manner in which systems are operated, maintained, modified, tested, or inspected. The PNPS Cyber Security Plan is designed to achieve high assurance that the systems within the scope of the 10 CFR 73.54 Rule are protected from cyber attacks and has no impact on the probability or consequences of an accident previously evaluated.
The second part of the proposed change is an implementation schedule, and the third part adds a sentence to the existing operating license condition for Physical Protection. Both of these changes are administrative in nature and have no impact on the probability or consequences of an accident previously evaluated.
Therefore, the proposed change does not involve a significant increase in the probability or consequences of an accident previously evaluated.
- 2. Does the proposed change createthe possibility of a new or different kind of accident from any accident previously evaluated?
Response: No.
As required by 10 CFR 73.54 Entergy has submitted a cyber security plan for NRC review and approval for PNPS. The PNPS Cyber Security Plan does not require any plant modifications which affect the performance capability of the!structures, systems, and components relied upon to mitigate the consequences of postulated accidents.
The PNPS Cyber Security Plan does not alter accident analysis assumptions, add any
Attachment 1 to Letter No. 2.10.034 Page 3 of 4 initiators, or affect the function of plant systems or the manner in which systems are operated, maintained, modified, tested, or inspected. The. PNPS Cyber Security Plan is designed to achieve high assurance that the systems within the scope of the 10 CFR 73.54 Rule are protected from cyber attacks and does not create the possibility of a new or different kind of accident from any accident previously evaluated.
The second~part of the proposed change is an implementation schedule, and the third part adds a sentence to the existing operating license condition for Physical Protection. Both of these changes are administrative in nature and do not create the possibility of a new or different kind of accident from any accident previously evaluated.
Therefore, the proposed change does not create the possibility of a new or different kind of accident from any accident previously evaluated.
- 3. Does the proposed change involve a significant reduction in a margin of safety?
Response: No.
As required by 10 CFR 73.54 Entergy has submitted a cyber security plan for NRC review and approval for PNPS. Plant safety margins are established through limiting conditions for operation, limiting safety system settings, and safety limits specified in the technical specifications. Because there is no change to these established safety margins as result of the implementation of the PNPS Cyber Security Plan, the proposed change does not involve a significant reduction in a margin of safety.
The second part of the proposed change is an implementation schedule, and the third part adds a sentence to the existing operating license condition for Physical Protection. Both of these changes are administrative in nature and do not involve a significant reduction in a margin of safety.
Therefore, the proposed change does not involve a significant reduction in a margin of safety.
Based on the above, Entergy concludes that the proposed change presents no significant hazards consideration under the standards set forth in 10CFR50.92(c), and accordingly, a finding of "no significant hazards consideration" is justified.
4.3 Conclusion In conclusion, based on the considerations discussed above: (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner; (2) such activities will be conducted in compliance with the Commission's regulations; and (3) the issuance of the amendment will not be inimical to the common defense and security or to the health and safety of the public.
Attachment 1 to Letter No. 2.10.034 Page 4 of 4
5.0 ENVIRONMENTAL CONSIDERATION
The proposed amendment establishes the licensing basis for a Cyber Security Program for PNPS and will be a part of the PNPS Cyber Security Plan. The proposed amendment meets the eligibility criterion for a categorical exclusion set forth in 10 CFR 51.22(c)(12). Therefore, pursuant to 10 CFR 51.22(b) no environmental impact statement or environmental assessment need be prepared in connection with the issuance of the amendment.
6.0 REFERENCES
- 1. Federal Register Notice, Final Rule 10 CFR Part 73, Power Reactor Security Requirements,.published on March 27, 2009, 74 FR 13926
- 2. Federal EA-02-026, Order Modifying Licenses, Safeguards and Security Plan Requirements, issued February 25, 2002
- 3. NRC letter to Nuclear Energy Institute (NEI) dated June 7,'2010, NEI 08-09, Revision 6, "Cyber Security Plan for Nuclear Power Reactors"
Attachment 2 to Letter No. 2.10.034 Proposed PNPS Operating License Changes (mark-up)
(1 page)
This letter contains security-sensitive information - Attachments 4, 5, and 6 are withheld from public disclosure per 10 CFR 2.390
B. Technical Specifications Delete The Technical Specifications c tained in Appendix A, as revised through Amendment No. ,are hereby incorporated in the license.
The licensee shall operate the facility in accordance with the Technical Specifications.
C. Records ENO shall keep facility operating records in accordance with the requirements of the Technical Specifications.
D. Equalizer Valve Restriction - DELETED E. Recirculation Loop Inoperable - DELETED F. Fire Protection ENO shall implement and maintain in effect all provisions of the approved fire protection program as described in the Final Safety Analysis Report for the facility and as approved in the'SER dated December 21, 1978 as supplemented subject to the following provision:
ENO may make changes to the approved fire protection program without prior approval of the Commission only if those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.
G. Physical Protection The licensee shall fullyimplement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined'set of plans, which contain Safeguards Information protected under 10 CFR 73.21, is entitled: "Pilgrim Nuclear Power Station Physical Security, Training and Qualification, and Safeguards Contingency Plan, Revision 0" submitted by letter dated October 13, 2004, as supplemented by letter dated May 15, 2006.
~~The licensee shall fully implement in accordance
IAdTxt with an NRC-approved implementation schedule
- Zand maintain in effect all provisions of the Commission-approved Pilgrim Station Cyber Security Plan submitted by letter dated July 15, 2010.
Amendment 225, 226, 227, 228, 229, 2-30, 2-34, 232,
Attachment 3 to Letter No. 2.10.034 Retyped Facility Operation License Page (1 page)
This letter contains security-sensitive information - Attachments 4, 5, and 6 are withheld from public disclosure per 10 CFR 2.390
B. Technical Specifications The Technical Specifications contained in Appendix A, as revised through Amendment No. are hereby incorporated in the license. The licensee shall operate the facility in accordance with the Technical Specifications.
C. Records ENO shall keep facility operating records in accordance with the requirements of the Technical Specifications.
D. Equalizer Valve Restriction - DELETED E. Recirculation Loop Inoperable - DELETED F. Fire Protection ENO shall implement and maintain in effect all provisions of the approved fire protection program as described in the Final Safety Analysis Report for the facility and as approved in the SER dated December 21, 1978 as supplemented subject to the following provision:
ENO may make changes to the approved fire protection program without prior approval of the Commission only if those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.
G. Physical Protection The licensee shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contain Safeguards Information protected under 10 CFR 73.21, is entitled: "Pilgrim Nuclear Power Station Physical Security, Training and Qualification, and Safeguards Contingency Plan, Revision 0" submitted by letter dated October 13, 2004, as supplemented by letter dated May 15, 2006.
The licensee shall fully implement in accordance with an NRC-approved implementation schedule and maintain in effect all provisions of the Commission-approved Pilgrim Station Cyber Security Plan submitted by letter dated July 15, 2010.
Renewed License No. NPF-6 Amendment No.
Re-ised by l .tter February 7, 2007 ,july 18, 2007 dated