NRC-10-0075, Clarification of Cyber Security Plan Regarding Balance of Plant Systems within the Scope of the Program

From kanterella
(Redirected from ML103270121)
Jump to navigation Jump to search

Clarification of Cyber Security Plan Regarding Balance of Plant Systems within the Scope of the Program
ML103270121
Person / Time
Site: Fermi DTE Energy icon.png
Issue date: 11/22/2010
From: Plona J
Detroit Edison, DTE Energy
To:
Office of Nuclear Reactor Regulation, Document Control Desk, Office of Nuclear Security and Incident Response
References
NRC-10-0075
Download: ML103270121 (4)
v  d  e


Text

Joseph I. Plona Site Vice President 6400 N. Dixie Highway, Newport, MI 48166 Tel: 734.586.5910 Fax: 734.586.4172 10 CFR 73.54 November 22, 2010 NRC-10-0075 U.S. Nuclear Regulatory Commission Attention: Document Control Desk Washington, D.C. 20555-0001

References:

1) Fermi 2 NRC Docket No. 50-341 NRC License No. NPF-43
2) Detroit Edison Letter to NRC, "Request for Approval of Revised Fermi 2 Cyber Security Plan," NRC-10-0050, dated July 27, 2010
3) Detroit Edison Letter to NRC, "Notification Letter Designating Fermi 2 Balance of Plant Systems within the Cyber Security Rule Scope," NRC-10-0055, dated September 29, 2010

Subject:

Clarification of Fermi 2 Cyber Security Plan Regarding Balance of Plant Systems within the Scope of the Program In Reference 3, Detroit Edison indicated that the Cyber Security Plan provided in Reference 2 would be supplemented to clarify the scope of systems included in the plan. Specifically, Reference 3 stated that Section 2.1, "Scope and Purpose" of the plan would be amended to clarify the balance-of-plant systems, structures and components that will be included in the scope of the plan.

The revision to the plan is limited to Section 2.1, "Scope and Purpose." The following paragraph is being added to Section 2.1 to provide the clarification:

The scopingprovisions of 10 CFR 73.54 encompass certain Structures, Systems, and Components (SSCs) in the Balance of Plant (BOP).

Specifically, includedamong the systems to be protected are those SSCs in the BOP out to the first inter-tie with the offsite distribution system whose compromise could result in a reactorscram or transient.

USNRC NRC- 10-0075 Page 2 The entire revised Section 2.1 of the plan is provided in the enclosure to this letter.

Should you have any questions or require additional information, please contact Mr.

Rodney W. Johnson of my staff at (734) 586-5076.

Sincerely, Enclosure cc: NRC Project Manager NRC Resident Office Reactor Projects Chief, Branch 4, Region III Regional Administrator, Region III Supervisor, Electric Operators, Michigan Public Service Commission

Enclosure to NRC-10-0075 Fermi 2 NRC Docket No. 50-341 Operating License No. NPF-43 Section 2.1, "Scope and Purpose" Of the Fermi 2 Cyber Security Plan

Enclosure to NRC 10-0075 Page 1 2.1 Scope and Purpose This Plan establishes a means to achieve high assurance that digital computer and communication systems and networks associated with the following functions (hereafter designated as Critical Digital Assets (CDAs)) are adequately protected against cyber attacks up to and including the Design Basis Threat (DBT) as described in 10 CFR 73.1:

1. Safety-related and important-to safety functions;
2. Security functions;
3. Emergency preparedness functions including offsite communications; and
4. Support systems and equipment which if compromised, would adversely impact safety, security, or emergency preparedness functions.

The safety-related and important-to safety functions, security functions, and emergency preparedness functions including offsite communications are herein referred to as SSEP functions.

The scoping provisions of 10 CFR 73.54 encompass certain Structures, Systems, and Components (SSCs) in the Balance of Plant (BOP). Specifically, included among the systems to be protected are those SSCs in the BOP out to the first inter-tie with the offsite distribution system whose compromise could result in a reactor scram or transient.

High assurance of adequate protection of systems associated with the above functions from cyber attacks is achieved by:

1. Implementing and documenting the "baseline" cyber security controls described in Section 3.1.6 of this Plan; and
2. Implementing and documenting a cyber security program to maintain the established cyber security controls through a comprehensive life cycle approach as described in Section 4 of this Plan.
Retrieved from "https://kanterella.com/w/index.php?title=NRC-10-0075,_Clarification_of_Cyber_Security_Plan_Regarding_Balance_of_Plant_Systems_within_the_Scope_of_the_Program&oldid=2124400"