|
---|
Category:E-Mail
MONTHYEARML24032A2442024-02-0101 February 2024 OEDO-24-00011 - 10 CFR 2.206 Petition Holtec Misuse Decommissioning Fund- Email to Petitioner ML24005A1262024-01-0505 January 2024 Permanently Defueled Emergency Plan Implementation Notification ML23055A1532023-02-24024 February 2023 Request for Additional Information Related to the Post-Shutdown Decommissioning Activities Report ML22343A2282022-12-0909 December 2022 Acceptance Review: Palisades Proposed Exemption from 10 CFR 50.54(w)(1) - Onsite Property Damage Insurance ML22343A1902022-12-0909 December 2022 Acceptance Review: Palisades Proposed Exemption from 10 CFR 140.11 (a)(4) Primary and Secondary Liability Insurance ML22284A0502022-10-0707 October 2022 Acceptance Review: License Amendment Request to Revise License Condition to Eliminate Cyber Security Plan Requirements ML22227A0082022-08-12012 August 2022 Acceptance Review: Exemption Request from 10CFR50.47(b), 10 CFR 50.47(c)(2), and 10 CFR Part 50, Appendix E, Section IV ML22227A0092022-08-12012 August 2022 Acceptance Review: License Amendment Request to Revise Emergency Plan and Emergency Action Level Scheme (L-2022-LLA-0099) ML22179A0752022-06-28028 June 2022 E-mail from Entergy Dated June 28, 2022, Notification of Palisades and Big Rock Point License Transfer (EPIDs L-2022-LLM-0002 and L-2020-LLM-0003) ML22159A2672022-06-0202 June 2022 Answers to Your Questions on Palisades ML22159A2652022-05-0303 May 2022 Questions Asked at Palisades Plant Performance Public Meeting April 26, 2022 ML21328A0062021-11-18018 November 2021 NRR E-mail Capture - (External_Sender) State of Michigan Response - Palisades Nuclear Plant and Big Rock Point Plant - Application for Order Consenting to Transfers of Licenses and Conforming License Amendments ML22208A1052021-11-16016 November 2021 NRR E-mail Capture - (External_Sender) State of Michigan Response - Palisades - Preparation for Issuance of Final Environmental Assessment and Finding of No Significant Impact Holtec Exemption Request to Use Dtf ML21309A5152021-11-0505 November 2021 NRR E-mail Capture - Palisades Nuclear Plant - Preparation for Issuance of Final Environmental Assessment and Finding of No Significant Impact Holtec Exemption Request to Use Dtf ML21309A2982021-11-0505 November 2021 NRR E-mail Capture - Palisades Nuclear Plant and Big Rock Point Plant - Application for Order Consenting to Transfers of Licenses and Conforming License Amendments ML21209A9802021-07-28028 July 2021 NRR E-mail Capture - Palisades Nuclear Plant - Acceptance of Requested Licensing Action, Rescission of Interim Compensatory Measure from Order EA-02-026 ML21189A2462021-07-0606 July 2021 NRR E-mail Capture - Palisades Nuclear Plant - Acceptance of Requested Licensing Action, Proposed Partial Exemption from Record Retention Requirements ML21189A0432021-07-0606 July 2021 NRR E-mail Capture - Palisades Nuclear Plant - Acceptance of Requested Licensing Action, Permanently Defueled Technical Specifications ML21054A1822021-02-23023 February 2021 NRR E-mail Capture - Regarding Public Comment on Palisades Request for Relief RR 5-8 ML21028A4092021-01-27027 January 2021 NRR E-mail Capture - Palisades Nuclear Plant - Acceptance of Holtec Exemption Request from 10CFR50.82(a)(8)(i)(A) and 10CFR50.75(h)(1)(iv) ML21028A0552021-01-27027 January 2021 NRR E-mail Capture - Palisades Nuclear Plant - Acceptance of License Transfer Application ML21007A3752021-01-0707 January 2021 NRR E-mail Capture - Regarding Public Comment on Palisades Nuclear Plant License Transfer (Sierra Club Nuclear Free Michigan) ML21054A1812021-01-0606 January 2021 NRR E-mail Capture - (External_Sender) Regarding Public Comment on Palisades Request for Relief RR 5-8 ML20275A3432020-10-0101 October 2020 Verbal Authorization for Proposed Alternative (RR 5-8) Reactor Vessel Closure Head Penetration Repairs ML20272A0112020-09-26026 September 2020 Request for Additional Information - Palisades Relief Request RR 5-8 (Proposed Alternative) for Reactor Pressure Vessel Head Penetration Repairs ML20262G9622020-09-17017 September 2020 Acknowledgement to Mr. Muhich e-mail, Dated September 15, 2020 (e-mail) ML20241A1802020-08-27027 August 2020 NRR E-mail Capture - Palisades Nuclear Plant- Upcoming Steam Generator Tube Inservice Inspection ML20162A4522020-04-0808 April 2020 Lake Mich Level Correspondence with Ipotter ML19344C7162019-08-25025 August 2019 Response from NEIMA Local Community Advisory Board Questionnaire 08-25-2019 C Ferry ML19344C8072019-08-16016 August 2019 Scanned Response 09-29-2019 I Potter ML19226A2932019-08-14014 August 2019 NRR E-mail Capture - Request for Additional Information Re License Amendment Request to Adopt TSTF-425, Revision 3 for the Palisades Nuclear Plant ML19226A2922019-08-0505 August 2019 NRR E-mail Capture - Draft Request for Additional Information for Palisades License Amendment Request to Adopt TSTF-425 ML19122A4852019-04-29029 April 2019 NRR E-mail Capture - Request for Additional Information for Palisades License Amendment Request to Revise License Conditions Related to NFPA 805 Modifications ML19095A6572019-04-0505 April 2019 NRR E-mail Capture - Acceptance for Review of Application to Revise the Palisades Nuclear Plant License Renewed Facility Operation License Regarding Full Compliance Implementation Date for the Fire Protection Program ML19059A1782019-02-28028 February 2019 Acceptance Review Results for Relief Request No. EN-19-RR-1 to Use ASME Code Case N-831-1 for Entergy Fleet ML19059A0292019-02-27027 February 2019 NRR E-mail Capture - Acceptance Review Results for License Amendment Request to Adopt TSTF-529, Revision 4, Clarify Use and Application Rules, for Entergy Fleet ML19009A5392019-01-0909 January 2019 NRR E-mail Capture - Request for Additional Information for Palisades License Amendment Request to Revise Emergency Diesel Generator Degraded Voltage Surveillance Requirement 3.3.5.2a ML19009A5382018-12-12012 December 2018 NRR E-mail Capture - Draft Request for Additional Information for Palisades License Amendment Request to Revise Emergency Diesel Generator Degraded Voltage Surveillance Requirement 3.3.5.2a ML18337A1382018-11-30030 November 2018 NRR E-mail Capture - Request for Additional Information Related to Palisades Relief Request Number RR 5-7 ML18337A1352018-11-30030 November 2018 NRR E-mail Capture - Acceptance for Review of Application to Revise the Palisades Nuclear Plant License Renewed Facility Operation License Regarding Changes to the Fire Protection Plan ML18337A1402018-11-29029 November 2018 NRR E-mail Capture - Draft Request for Additional Information Related to Palisades Relief Request 5-7 ML18184A2402018-07-0303 July 2018 NRR E-mail Capture - Acceptance for Review of Application to Revise Technical Specification Surveillance Requirement 3.3.5.2a for the Diesel Generator Undervoltage Start ML18101A1132018-04-11011 April 2018 NRR E-mail Capture - Palisades Nuclear Plant - Request for Additional Information Regarding Proposed Alternative for Relevant Condition ML18081A2962018-03-22022 March 2018 NRR E-mail Capture - Palisades Nuclear Plant - Request for Additional Information Regarding Proposed Changes to Site Emergency Plan for Permanently Defueled Condition (CAC MG0198: EPID L-2017-LLA-0305) ML18059A8202018-02-28028 February 2018 NRR E-mail Capture - Palisades Nuclear Plant - Request for Additional Information Regarding Proposed Alternative for Relevant Condition ML17355A0092017-12-20020 December 2017 NRR E-mail Capture - Palisades Nuclear Plant: Acceptance Review for Relief Request No. RR 5-6 - Alternative to the Reexamination Frequency for a Relevant Condition ML17345A0142017-12-0808 December 2017 NRR E-mail Capture - Acceptance Review Results Entergy Request No. EN-17-RR-1 ML17338B1242017-11-30030 November 2017 NRR E-mail Capture - (External_Sender) Palisades Nuclear Plant Flood Hazard Reevaluation Report FHRR Staff Assessment Input ML17335A1042017-11-30030 November 2017 NRR E-mail Capture - Palisades Nuclear Plant - RAI Regarding Proposed Changes to Administrative Controls Section of the Technical Specifications for Permanently Defueled Condition (CAC MG0021; EPID L-2017-LLA-0266) ML17317A0042017-11-0909 November 2017 NRR E-mail Capture - Palisades Nuclear Plant - Acceptance Review for License Amendment Request to Change the Full Compliance Implementation Date for the Fire Protection Transition License Condition 2024-02-01
[Table view] |
Text
From: Chawla, Mahesh Sent: Thursday, February 24, 2011 2:14 PM To: KUEMIN, JAMES L; Anderson, Paula Cc: Erlanger, Craig; Wengert, Thomas; Pascarelli, Robert; Singal, Balwant; Pederson, Perry
Subject:
Palisades Cyber Security Plan - ME4355 - Generic Request for Additional Information (RAI)
This is in reference to your revised application dated July 26, 2010 (ADAMs Accession No. ML102110090). On January 7, 2011 (ADAMS Accession No. ML103410025), a request for additional information was sent to you requesting plant specific information for Palisades Cyber Security Plan. The following RAIs is in addition to the previous request. A letter documenting this additional request will be sent to you shortly. Please review the information request below and let us know if you need to have a teleconference with the staff:
RAI 1: Records Retention Title 10 of the Code of Federal Regulations (10 CFR) Paragraph 73.54(c)(2) requires licensees to design a cyber security program to ensure the capability to detect, respond to, and recover from cyber attacks. Furthermore, 10 CFR 73.54(e)(2)(i) requires licensees to maintain a cyber security plan that describes how the licensee will maintain the capability for timely detection and response to cyber attacks. The ability for a licensee to detect and respond to cyber attacks requires accurate and complete records and is further supported by 10 CFR 73.54(h), which states that the licensee shall retain all records and supporting technical documentation required to satisfy the requirements of 10 CFR Section 73.54 as a record until the Commission terminates the license for which the records were developed, and shall maintain superseded portions of these records for at least 3 years after the record is superseded, unless otherwise specified by the Commission.
The licensees Cyber Security Plan (CSP) in Section [4.13] states that Critical Digital Asset (CDA) audit records and audit data (e.g., operating system logs, network device logs) are retained for a period of time that is less than what is required by 10 CFR 73.54(h).
Explain the deviation from the 10 CFR 73.54(h) requirement to retain records and supporting technical documentation until the Commission terminates the license (or to maintain superseded portions of these records for at least 3 years) and how that meets the requirements of 10 CFR 73.54.
RAI 2: Implementation Schedule The regulation at 10 CFR 73.54, Protection of digital computer and communication systems and networks, requires licensees to submit a CSP that satisfies the requirements of this section for Commission review and approval. Furthermore, each submittal must include a proposed implementation schedule and the implementation of the licensees cyber security program must be consistent with the approved schedule. Paragraph 73.54(a) of 10 CFR requires licensees to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks, up to and including the design basis threat.
The completion of several key intermediate milestones (Items (a) through (g) below) would demonstrate progress toward meeting the requirements of 10 CFR 73.54. The Nuclear
Regulatory Commission (NRC) staffs expectation is that the key intermediate milestones will be completed in a timely manner, but no later than December 31, 2012. The key CSP implementation milestones are as follows:
(a) Establish, train and qualify Cyber Security Assessment Team, as described in Section 3.1.2, Cyber Security Assessment Team, of the CSP.
(b) Identify Critical Systems and CDAs, as described in Section 3.1.3, Identification of Critical Digital Assets, of the CSP.
(c) Implement cyber security defense-in-depth architecture by installation of [deterministic one-way] devices, as described in Section 4.3, Defense-In-Depth Protective Strategies of the CSP.
(d) Implement the management, operational and technical cyber security controls that address attacks promulgated by use of portable media, portable devices, and portable equipment as described in Appendix D Section 1.19 Access Control for Portable and Mobile Devices, of Nuclear Energy Institute (NEI) 08-09, Revision 6.
(e) Implement observation and identification of obvious cyber related tampering to existing insider mitigation rounds as described in Appendix E Section 4.3, Personnel Performing Maintenance and Testing Activities, and Appendix E Section 10.3, Baseline Configuration of NEI 08-09, Revision 6.
(f) Identify, document, and implement cyber security controls to physical security target set CDAs in accordance with Section 3.1.6, Mitigation of Vulnerabilities and Application of Cyber Security Controls, of the CSP.
(g) Ongoing monitoring and assessment activities will commence for those target set CDAs whose security controls have been implemented, as described in Section 4.4, Ongoing Monitoring and Assessment, of the CSP (h) Full implementation of the CSP for all safety, security, and emergency preparedness functions.
Provide a revised CSP implementation schedule that identifies the appropriate milestones, completion dates, supporting rationale, and level of detail to allow the NRC to evaluate the licensees proposed schedule and associated milestone dates which include the final completion date. It is the NRCs intention to develop a license condition incorporating your revised CSP implementation schedule containing the key milestone dates.
RAI 3: Scope of Systems Paragraph 73.54(a) of 10 CFR requires licensees to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks, up to and including the design basis threat as described in 10 CFR 73.1. In addition, 10 CFR 73.54(a)(1) states that the licensee shall protect digital computer and communication systems and networks associated with:
(i) Safety-related and important-to-safety functions;
(ii) Security functions; (iii) Emergency preparedness functions, including offsite communications; and (iv) Support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions.
Subsequent to the issuance of the cyber security rule, the NRC stated that 10 CFR 73.54 should be interpreted to include structures, systems, and components (SSCs) in the balance of plant (BOP) that have a nexus to radiological health and safety (Agencywide Documents Access and Management System (ADAMS) Accession No. ML103490344, dated November 19, 2010). The SSCs in the BOP are those that could directly or indirectly affect reactivity of a nuclear power plant and could result in an unplanned reactor shutdown or transient and are therefore, within the scope of important-to-safety functions described in 10 CFR 73.54(a)(1).
Furthermore, the NRC issued a letter to NEI dated January 5, 2011 (ADAMS Accession No. ML103550480) that provided licensees with additional guidance on one acceptable approach to comply with the Commissions policy determination.
Explain how the scoping of systems provided by [site/licensee]s CSP meets the requirements of 10 CFR 73.54 and the additional guidance provided by the NRC.