ML103550480
| ML103550480 | |
| Person / Time | |
|---|---|
| Issue date: | 01/05/2011 |
| From: | Correia R Division of Security Policy |
| To: | Earls C Nuclear Energy Institute |
| Lee E J, NSIR/DSP, 301- 415-8099 | |
| References | |
| Download: ML103550480 (1) | |
Text
January 5, 2011 Mr. Chris Earls, Director of Security Nuclear Energy Institute 1776 I Street, NW, Suite 400 Washington, DC 20006
Dear Mr. Earls:
In the staff requirements memorandum (SRM), CMWCO-10-0001, Regulation of Cyber Security at Nuclear Power Plants, dated October 21, 2010, the Commission determined as a matter of policy that the U.S. Nuclear Regulatory Commissions (NRCs) cyber security rule at Title 10 of the Code of Federal Regulations (10 CFR) Section 73.54, Protection of Digital Computer and Communication Systems and Networks, is interpreted to include structures, systems, and components in the balance of plant (BOP) that have a nexus to radiological health and safety at NRC-licensed nuclear power plants. On November 19, 2010, the Executive Director for Operations sent a Commission Information Paper (SECY-10-0153) to inform the Commission of the staffs implementation of this policy determination.
In the information paper, the staff committed to developing and providing guidance that licensees could use to supplement their cyber security plans to comply with the Commissions policy determination. In order to meet the Commissions policy decision, the following change is needed to the cyber security plans that are currently under review:
Within the scope of NRCs cyber security rule at Title 10 of the Code of Federal Regulations (10 CFR) 73.54, systems or equipment that perform important to safety functions include structures, systems, and components (SSCs) in the balance of plant (BOP) that could directly or indirectly affect reactivity at a nuclear power plant and could result in an unplanned reactor shutdown or transient. Additionally, these SSCs are under the licensees control and include electrical distribution equipment out to the first inter-tie with the offsite distribution system.
It is our understanding that the Nuclear Energy Institute and the Cyber Security Task Force are working to ensure that operating reactor licensees and new reactor applicants will submit to the NRC a cyber security plan update consistent with the proposed language above. The NRC staff will also communicate the need for this change to individual licensees and applicants.
Should you or your staff have any questions, please contact Craig Erlanger at (301) 415-5374.
Sincerely, Richard P. Correia, Director /RA/
Division of Security Policy Office of Nuclear Security and Incident
Response
January 5, 2011 Mr. Chris Earls, Director of Security Nuclear Energy Institute 1776 I Street, NW, Suite 400 Washington, DC 20006
Dear Mr. Earls:
In the staff requirements memorandum (SRM), CMWCO-10-0001, Regulation of Cyber Security at Nuclear Power Plants, dated October 21, 2010, the Commission determined as a matter of policy that the U.S. Nuclear Regulatory Commissions (NRCs) cyber security rule at Title 10 of the Code of Federal Regulations (10 CFR) Section 73.54, Protection of Digital Computer and Communication Systems and Networks, is interpreted to include structures, systems, and components in the balance of plant (BOP) that have a nexus to radiological health and safety at NRC-licensed nuclear power plants. On November 19, 2010, the Executive Director for Operations sent a Commission Information Paper (SECY-10-0153) to inform the Commission of the staffs implementation of this policy determination.
In the information paper, the staff committed to developing and providing guidance that licensees could use to supplement their cyber security plans to comply with the Commissions policy determination. In order to meet the Commissions policy decision, the following change is needed to the cyber security plans that are currently under review:
Within the scope of NRCs cyber security rule at Title 10 of the Code of Federal Regulations (10 CFR) 73.54, systems or equipment that perform important to safety functions include structures, systems, and components (SSCs) in the balance of plant (BOP) that could directly or indirectly affect reactivity at a nuclear power plant and could result in an unplanned reactor shutdown or transient. Additionally, these SSCs are under the licensees control and include electrical distribution equipment out to the first inter-tie with the offsite distribution system.
It is our understanding that the Nuclear Energy Institute and the Cyber Security Task Force are working to ensure that operating reactor licensees and new reactor applicants will submit to the NRC a cyber security plan update consistent with the proposed language above. The NRC staff will also communicate the need for this change to individual licensees and applicants.
Should you or your staff have any questions, please contact Craig Erlanger at (301) 415-5374.
Sincerely, Richard P. Correia, Director /RA/
Division of Security Policy Office of Nuclear Security and Incident
Response
DISTRIBUTION:
DSP r/f Adams Accession no.: ML103550480, Form 665 ML103550509 OFFICE DSP/ISCPB BC/DSP/ISCPB D/NSIR/DSP NAME E. Lee C. Erlanger R. Correia DATE 12/21 /10 12/24 /10 12/ 22/10 OFFICE RECORD COPY