Letter Sequence RAI |
|---|
|
|
MONTHYEARDCL-10-087, License Amendment Request 09-05 for Approval of Cyber Security Plan and Revision to the Facility Operating Licenses2010-07-22022 July 2010
License Amendment Request 09-05 for Approval of Cyber Security Plan and Revision to the Facility Operating Licenses
Project stage: Request
DCL-10-110, Withdrawal of Superseded Cyber Security License Amendment Requests2010-08-19019 August 2010
Withdrawal of Superseded Cyber Security License Amendment Requests
Project stage: Withdrawal
ML1023900992010-08-27027 August 2010
Acceptance Review Email, License Amendment Request for Cyber Security Plan
Project stage: Acceptance Review
ML1101007392011-01-10010 January 2011
Email, Request for Additional Information, License Amendment Request to Revise License Condition and Approve Cyber Security Plan
Project stage: RAI
DCL-11-014, Response to Request for Additional Information, E-mail Dated January 10, 2011, from the U.S. Nuclear Regulatory Commission (ME4290 and ME4291) Concerning Cyber Security Plan License Amendment Request 09-052011-02-0808 February 2011
Response to Request for Additional Information, E-mail Dated January 10, 2011, from the U.S. Nuclear Regulatory Commission (ME4290 and ME4291) Concerning Cyber Security Plan License Amendment Request 09-05
Project stage: Response to RAI
ML1106300712011-03-0404 March 2011
Email, Generic Request for Additional Information, License Amendment Request to Revise License Condition and Approve Cyber Security Plan
Project stage: RAI
ML1110204512011-04-0404 April 2011
Response to Request for Additional Information E-mail Dated March 4, 2011, from the NRC (ME4290 and ME4291) Concerning Cyber Security Plan License Amendment Request 09-05
Project stage: Response to RAI
DCL-11-040, Response to Request for Additional Information E-mail Dated March 4, 2011, from the U.S. NRC Concerning Cyber Security Plan License Amendment Request 09-052011-04-0404 April 2011
Response to Request for Additional Information E-mail Dated March 4, 2011, from the U.S. NRC Concerning Cyber Security Plan License Amendment Request 09-05
Project stage: Response to RAI
ML1116402742011-07-15015 July 2011
Issuance of Amendment Nos. 210 and 212, License Amendment Request to Revise License Condition and Approve Cyber Security Plan and Associated Implementation Schedule
Project stage: Approval
2011-01-10
[Table View] |
|
|---|
Category:E-Mail
MONTHYEARML23334A0912023-11-30030 November 2023
NRR E-mail Capture - Diablo Canyon 1 and 2 - Audit Questions for License Amendment Associated with TSTF-505, Provide Risk-Informed Extended Completion Times - RITSTF Initiative 4b
ML23335A1012023-11-0606 November 2023
OEDO-23-00350-NRR - Screen-in Email - 10 CFR 2.206 Petition from Mother'S for Peace and Change.Org Regarding Diablo Canyon
ML23306A0422023-11-0202 November 2023
NRR E-mail Capture - Acceptance Review Diablo Canyon Request to Adopt 10 CFR 50.69, risk-informed Categorization and Treatment of SSCs
ML23230A0702023-08-18018 August 2023
NRR E-mail Capture - Acceptance Review - Diablo Canyon Request to Revise Technical Specifications to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times RITSTF Initiative 4b
ML23165A2702023-06-14014 June 2023
NRR E-mail Capture - Acceptance Review - Diablo Canyon Revision to the Unit 1 Reactor Vessel Material Surveillance Program Withdrawal Schedule
ML23157A2392023-06-0505 June 2023
Limited Appearance Statement from Nina Babiarz in the Matter of the Diablo Canyon ISFSI License Renewal Application
ML23096A1792023-04-0606 April 2023
NRR E-mail Capture - Request for Additional Information Diablo Canyon Exemption Request Regarding Senior Reactor Operator License Application
ML23094A1032023-04-0404 April 2023
NRR E-mail Capture - Acceptance Review - Diablo Canyon Exemption Request Regarding Senior Reactor Operator License Application
ML23076A0932023-03-16016 March 2023
16-2023 Email - Estimate of Spent Nuclear Fuel in Tons
ML23067A0202023-03-0808 March 2023
NRR E-mail Capture - Diablo Canyon Nuclear Power Plant Evacuation Time Estimate Analysis Review
ML23046A1132023-02-13013 February 2023
Transmittal Email, Paul Bessette to Gibson, 2/13/23, Filing of Formal Opposition to PG&E Exemption Request
ML23046A1042023-02-13013 February 2023
Transmittal Email, Diane Curran to Gibson, 2/13/23, Filing of Formal Opposition to PG&E Exemption Request
ML23052A2042023-01-10010 January 2023
E-mail from Paul Bessette Dated 01/10/2023 Regarding Diablo Canyon
ML22326A1632022-11-21021 November 2022
Licensee Comment Email on Post-Shutdown Emergency Plan Amendment
ML22266A0012022-09-22022 September 2022
(External Sender) E-Mail Diablo Canyon Power Plant, Unit Nos. 1 and 2 - Total Amount of Spent Nuclear Fuel Stored in Tons
ML22241A1142022-08-29029 August 2022
NRR E-mail Capture - Acceptance Review - Diablo Canyon Application to Revise Technical Specifications to Adopt TSTF-569, Revision of Response Time Testing Definitions
ML22194A8872022-07-11011 July 2022
September 2022 Emergency Preparedness Exercise Inspection - Request for Information Email
ML22187A2652022-07-0606 July 2022
NRR E-mail Capture - Request for Additional Information: Diablo Canyon Exemption Request for Part 73 force-on-force Training Due to COVID-19
ML22105A0702022-04-15015 April 2022
NRR E-mail Capture - Acceptance Review - Diablo Canyon Request to Revise Technical Specifications to Adopt TSTF 577, Revised Frequencies for Steam Generator Tube Inspections
ML22090A0832022-03-31031 March 2022
NRR E-mail Capture - Acceptance Review - Diablo Canyon Request for Approval of a Certified Fuel Handler Training and Retraining Program
ML22089A1672022-03-29029 March 2022
Email - Acknowledgement of NRC Receipt of Diablo Canyon ISFSI Renewal Application
ML22087A0412022-03-25025 March 2022
NRR E-mail Capture - Acceptance Review - Diablo Canyon Request for Approval of Alternative Security Measures for Early Warning System
ML22061A2192022-03-0202 March 2022
NRR E-mail Capture - Request for Additional Information - Diablo Canyon Proposed Changes to Emergency Plan for post-shutdown and Permanently Defueled Condition
ML21323A0652021-11-19019 November 2021
NRR E-mail Capture - Acceptance Review - Diablo Canyon Revision of Emergency Plan for post-shutdown Condition
ML21264A6722021-09-21021 September 2021
NRR E-mail Capture - Revised Schedule: Diablo Canyon Request to Revise Technical Specification to Reflect the Permanent Cessation of Reactor Operation
ML21215A3432021-08-0303 August 2021
NRR E-mail Capture - Request for Additional Information - Diablo Canyon Request to Revise Technical Specification 3.8.1, AC Sources - Operating to Support Diesel Fuel Oil Transfer System Component Planned Maintenance
ML21189A0462021-07-0707 July 2021
NRR E-mail Capture - Draft Request for Additional Information - Diablo Canyon Emergency Amendment Request to Revise Technical Specification 3.7.8, Auxiliary Saltwater (Asw) System
ML21188A0382021-07-0707 July 2021
(External_Sender) DCPP Draft Emergency LAR - Asw
DCL-21-046, Email for Emergency LAR for TS 3.7.8, Auxiliary Saltwater (Asw) System2021-07-0707 July 2021
Email for Emergency LAR for TS 3.7.8, Auxiliary Saltwater (Asw) System
ML21189A0662021-07-0707 July 2021
NRR E-mail Capture - Additional Draft Request for Additional Information - Diablo Canyon Emergency Amendment Request to Revise Technical Specification 3.7.8, Auxiliary Saltwater (Asw) System
ML21189A0442021-07-0707 July 2021
NRR E-mail Capture - Request for Additional Information - Diablo Canyon Emergency Amendment Request to Revise Technical Specification 3.7.8, Auxiliary Saltwater (Asw) System
ML21124A0612021-05-0404 May 2021
NRR E-mail Capture - Acceptance Review - Diablo Canyon Request to Revise Technical Specification 3.8.1, AC Sources - Operating to Support Diesel Fuel Oil Transfer System Component Planned Maintenance
ML21104A3642021-04-14014 April 2021
NRR E-mail Capture - Request for Additional Information - Diablo Canyon Proposed Technical Specifications and Revised License Conditions for the Permanently Defueled Condition
ML21062A0642021-03-0202 March 2021
NRR E-mail Capture - Request for Additional Information for Diablo Canyon Generic Letter 2004-02 Submittal (L-2017-LRC-0000)
ML21054A3112021-02-23023 February 2021
NRR E-mail Capture - Acceptance Review: Diablo Canyon Request for One-Time Exemption from Select 10 CFR 55.59 Requirements
ML21012A4432021-01-12012 January 2021
NRR E-mail Capture - Acceptance Review - Diablo Canyon Request to Revise Technical Specification to Reflect the Permanent Cessation of Reactor Operation
ML20328A3002020-11-23023 November 2020
Email from Cgnp to the NRC - Comment Diablo Canyon Nuclear Power Plant, Units 1 and 2 - Dcdep Public Meeting - November 24, 2020
ML20329A0692020-11-23023 November 2020
NRR E-mail Capture - Request for Additional Information: Diablo Canyon COVID-19 Exemption Request to Extend force-on-force Exercise
ML20323A4532020-11-18018 November 2020
NRR E-mail Capture - Request for Additional Information: Diablo Canyon COVID-19 Exemption Request to Extend Firearms Requalification
ML20261H4232020-09-17017 September 2020
NRR E-mail Capture - Request for Additional Information: Diablo Canyon Unit 2 Fall 2019 Steam Generator Tube Inspection Report
ML20239A9492020-08-26026 August 2020
(External Sender) E-Mail Comment by D. Lochbaum Regarding Diablo Canyon Unit 1 AFW System Piping
ML20239A7282020-08-24024 August 2020
(External-Sender) E-mail Comments on No Significant Hazards Determination for Diablo Canyon LAR
ML20239A7752020-08-24024 August 2020
(External-Sender) E-mail Comments on No Significant Hazards Determination for Diablo Canyon LAR
ML20240A2302020-08-23023 August 2020
(External-Sender) E-mail Public Comment by D. Lochbaum Regarding Diablo Canyon Safety Issue
ML20234A2422020-08-20020 August 2020
NRR E-mail Capture - Diablo Canyon Additional Request for Additional Information: Exigent License Amendment Request for Application to Provide a New Technical Specification 3.7.5, Auxiliary Feedwater System, Condition G EPID: L-2020-LLA-017
ML20233A8592020-08-19019 August 2020
Mothers for Peace Public Comment on Exigent LAR to Modify TS 3.7.5, Auxiliary Feedwater System
ML20233A3222020-08-18018 August 2020
Comment (4) e-mail from D. Lochbaum Regarding Diablo Canyon Exigent LAR
ML20231A2372020-08-17017 August 2020
NRR E-mail Capture - Diablo Canyon Additional Request for Additional Information: Exigent License Amendment Request for Application to Provide a New Technical Specification 3.7.5, Auxiliary Feedwater System, Condition G EPID: L-2020-LLA-017
ML20232C6482020-08-17017 August 2020
Lochbaum Public Comment 1 on Exigent LAR to Modify TS 3.7.5, Auxiliary Feedwater System
ML20230A0732020-08-14014 August 2020
NRR E-mail Capture - Diablo Canyon Request for Additional Information: Exigent License Amendment Request for Application to Provide a New Technical Specification 3.7.5, Auxiliary Feedwater System, Condition G
2023-08-18
[Table view]
Category:Request for Additional Information (RAI)
MONTHYEARML24024A2072024-01-24024 January 2024
Inservice Inspection Request for Information
IR 05000275/20240152023-10-10010 October 2023
Information Request for the Cybersecurity Baseline Inspection, Notification to Perform Inspection (050002752024015 and 050003232024015)
ML23249A2782023-09-0606 September 2023
Inservice Inspection Request for Information
ML23159A2382023-07-25025 July 2023
Request for Additional Information for the Technical Review of the Application for Renewal of the Diablo Canyon Independent Spent Fuel Storage Installation (Cac/Epid Nos. 001028/L-2022-RNW-0007)
ML23159A2372023-07-25025 July 2023
ISFSI Renewal RAI Transmittal Letter Enclosure
ML23096A1792023-04-0606 April 2023
NRR E-mail Capture - Request for Additional Information Diablo Canyon Exemption Request Regarding Senior Reactor Operator License Application
ML23047A0062023-02-21021 February 2023
Request for Additional Information Alternative Security Measures for Early Warning System (EPID: L-2022-LLA-0029) (Public Version)
ML23041A1862023-02-17017 February 2023
Request for Information Regarding Diablo Canyon Power Plant, Units 1 and 2 - December 8, 2022, Public Meeting
ML22258A1112022-09-14014 September 2022
2022 Diablo Canyon PIR Request for Information
ML22200A2572022-07-19019 July 2022
Notification of In-service Inspection (Inspection Report 05000323/2022004) and Request for Information
ML22187A2652022-07-0606 July 2022
NRR E-mail Capture - Request for Additional Information: Diablo Canyon Exemption Request for Part 73 force-on-force Training Due to COVID-19
ML22152A1502022-06-21021 June 2022
Request for Additional Information Regarding License Amendment Request for Technical Specifications and Revised License Conditions for the Permanently Defueled Condition
ML22122A1412022-05-0505 May 2022
.02 Doc Request
ML22068A2312022-03-17017 March 2022
Notification of NRC Design Bases Assurance Inspection (Team) 05000275/2022011 and 05000323/2022011 and Initial Request for Information
ML22061A2192022-03-0202 March 2022
NRR E-mail Capture - Request for Additional Information - Diablo Canyon Proposed Changes to Emergency Plan for post-shutdown and Permanently Defueled Condition
ML21363A1692021-12-29029 December 2021
Inservice Inspection Request for Information
ML22019A0412021-12-29029 December 2021
RFI
ML21215A3432021-08-0303 August 2021
NRR E-mail Capture - Request for Additional Information - Diablo Canyon Request to Revise Technical Specification 3.8.1, AC Sources - Operating to Support Diesel Fuel Oil Transfer System Component Planned Maintenance
ML21130A3642021-06-21021 June 2021
DC 2021401 Information Request
ML21104A3642021-04-14014 April 2021
NRR E-mail Capture - Request for Additional Information - Diablo Canyon Proposed Technical Specifications and Revised License Conditions for the Permanently Defueled Condition
ML21062A0642021-03-0202 March 2021
NRR E-mail Capture - Request for Additional Information for Diablo Canyon Generic Letter 2004-02 Submittal (L-2017-LRC-0000)
ML20329A0692020-11-23023 November 2020
NRR E-mail Capture - Request for Additional Information: Diablo Canyon COVID-19 Exemption Request to Extend force-on-force Exercise
ML20323A4532020-11-18018 November 2020
NRR E-mail Capture - Request for Additional Information: Diablo Canyon COVID-19 Exemption Request to Extend Firearms Requalification
ML20301A2212020-10-27027 October 2020
Notification of an NRC Fire Protection Baseline Inspection (NRC Inspection Report 05000275/2021010 and 05000323/2021010) and Request for Information
ML20261H4232020-09-17017 September 2020
NRR E-mail Capture - Request for Additional Information: Diablo Canyon Unit 2 Fall 2019 Steam Generator Tube Inspection Report
ML20231A2372020-08-17017 August 2020
NRR E-mail Capture - Diablo Canyon Additional Request for Additional Information: Exigent License Amendment Request for Application to Provide a New Technical Specification 3.7.5, Auxiliary Feedwater System, Condition G EPID: L-2020-LLA-017
ML20230A0732020-08-14014 August 2020
NRR E-mail Capture - Diablo Canyon Request for Additional Information: Exigent License Amendment Request for Application to Provide a New Technical Specification 3.7.5, Auxiliary Feedwater System, Condition G
ML20280A5432020-06-0303 June 2020
DC 2020 PIR Request for Information
ML20041E6012020-02-10010 February 2020
NRR E-mail Capture - Diablo Canyon Nuclear Power Plant, Units 1 and 2 - Request for Additional Information for Post -Shutdown Decommissioning Activities Report (PSDAR)
ML19262G7482019-08-0909 August 2019
Request for Information
ML19149A6012019-05-28028 May 2019
NRR E-mail Capture - Request for Additional Information (Supplemental) - License Amendment Request (LAR) to Revise Emergency Plan Response Organization Staffing and Augmentation
ML19123A2162019-05-0202 May 2019
NRR E-mail Capture - Diablo Canyon Nuclear Power Plant -Request for Exemption from Operator Written Examination and Operating Test - Request for Additional Information
ML19084A2572019-03-21021 March 2019
NRR E-mail Capture - Request for Additional Information - License Amendment Request (LAR) to Revise Emergency Plan Response Organization Staffing and Augmentation
ML19043A9452019-02-20020 February 2019
Notification of Inspection (NRC Inspection Report 05000275/2019002, 05000323/2019002 and Request for Information
ML17306A9382017-11-0202 November 2017
NRR E-mail Capture - Request for Additional Information - Request for Approval for Application of Full Weld Overlay REP-RHR-SWOL, Diablo Canyon Power Plant, Units 1 and 2
ML17152A3192017-06-0101 June 2017
NRR E-mail Capture - Request for Additional Information (RAI)- Relief Requests NDE-SLH U2, NDE-LSL U2, NDE-LHC U2, NDE-LHM U2, and NDE-ONV U2 (CAC Nos. MF9386 Through MF9390)
ML17102B6072017-04-12012 April 2017
NRR E-mail Capture - Request for Additional Information (RAI) - Revised Emergency Action Level Schemes Pursuant to Nuclear Energy Institute (NEI) 99-01, Revision 6
ML16347A0032016-12-0909 December 2016
NRR E-mail Capture - Request for Additional Information (RAI) - Diablo Canyon Power Plant License Amendment Request for Adoption of NEI 94-01
ML16326A3562016-11-21021 November 2016
NRR E-mail Capture - Request for Additional Information - License Amendment Request to Adopt Nuclear Energy Institute (NEI) 94-01, Revision 2-A for Diablo Canyon Power Plant, Units 1 and 2 - CAC Nos. MF7731 and MF7732
ML16048A2322016-02-17017 February 2016
NRR E-mail Capture - Diablo Canyon 1 and 2 - Met Data Second Round of Requests for Additional Information for License Amendment Request 15-03 to Adopt the Alternative Source Term Per 10 CFR 50.67 (TAC Nos. MF6399 and MF640
ML16011A3652016-02-0202 February 2016
Requests for Additional Information for the Review of the Diablo Canyon Power Plant, Units 1 and 2, License Renewal Application - Set 39 (TAC Nos. ME2896 and ME2897)
ML16011A3172016-01-11011 January 2016
NRR E-mail Capture - Diablo Canyon 1 and 2 - Requests for Additional Information for License Amendment Request 15-03 to Adopt the Alternative Source Term Per 10 CFR 50.67
ML15358A0022015-12-23023 December 2015
Request for Additional Information Email (Follow-up Pra), Request to Adopt National Fire Protection Association NFPA 805, Performance-Based Standard for Fire Protection for LWR Generating Plants (2001 Edition)
ML15357A3822015-12-23023 December 2015
Request for Additional Information, Round 4 - Amendment Request to Replace Digital Process Protection System for Reactor Protection System and Engineered Safety Features Actuation System Functions
ML15295A3732015-11-0505 November 2015
Requests for Additional Information Related to the Diablo Canyon LRA Environmental Review
ML15287A1652015-10-23023 October 2015
Requests for Additional Information Related to the Diablo Canyon LRA Environmental Review - SAMA
ML15267A7742015-10-0101 October 2015
Request for Additional Information Associated with Near-Term Task Force Recommendation 2.1 Seismic Evaluations
ML15217A4812015-09-24024 September 2015
Requests for Additional Information for the Review of the Diablo Canyon Power Plant, Units 1 and 2, License Renewal Application Set-38 TAC Nos. ME2896 and ME2897
ML15238B7742015-08-27027 August 2015
Request for Additional Information Associated with Near-Term Task Force Recommendation 2.1, Seismic Reevaluations
ML15153A0332015-06-29029 June 2015
Request for Additional Information Associated with Near-Term Task Force Recommendation 2.1, Seismic Reevaluations
2024-01-24
[Table view] |
Text
From: Wang, Alan Sent: Friday, March 04, 2011 8:37 AM To: 'Baldwin, Thomas (DCPP)'; 'Soenen, Philippe R' Cc: Lent, Susan; Burkhardt, Janet
Subject:
Diablo Canyon Cyber Security Plan Request for Additional Information (ME4290 and ME4291)
Tom and Larry, By letter dated July 22, 2010 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML102150081), Pacific Gas and Electric Company (PG&E) submitted PG&E Letter DCL-10-087, License Amendment Request 09-05, Request for Approval of the Diablo Canyon Power Plant Cyber Security Plan and Revision to the Facility Operating Licenses, which superseded the previous submittal on January 20, 2010. PG&E submitted a request for revision to the Facility Operating License Nos. DPR-80 and DPR-82 and review and approval of the Cyber Security Plan (CSP) for the Diablo Canyon Power Plant, Unit Nos. 1 and 2 (DCPP), in accordance with Title 10 of the Code of Federal Regulations (10 CFR), Section 73.54, Protection of digital computer and communication systems and networks.
The U.S. Nuclear Regulatory Commission (NRC) staff has reviewed the information provided in your application and determined that the following additional information is required in order to complete its review. This request for additional information (RAI) was discussed with Mr.
Larry Parker of your staff on March 2, 2011, and it was agreed that a response would be provided by April 4, 2011. If circumstances result in the need to revise the requested response date, please contact me at (301) 415-1445 or via e-mail at Alan.Wang@nrc.gov. The NRC staff has determined that no security-related or proprietary information is contained herein.
- 1. Records Retention The regulations in 10 CFR 73.54(c)(2) requires licensees to design a cyber security program to ensure the capability to detect, respond to, and recover from cyber attacks.
Furthermore, 10 CFR 73.54(e)(2)(i) requires licensees to maintain a CSP plan that describes how the licensee will maintain the capability for timely detection and response to cyber attacks. The ability for a licensee to detect and respond to cyber attacks requires accurate and complete records and is further supported by 10 CFR 73.54(h),
which states that the licensee shall retain all records and supporting technical documentation required to satisfy the requirements of 10 CFR Section 73.54 as a record until the Commission terminates the license for which the records were developed, and shall maintain superseded portions of these records for at least 3 years after the record is superseded, unless otherwise specified by the Commission.
The licensees CSP in Section 4.13 states that Critical Digital Asset (CDA) audit records and audit data (e.g., operating system logs, network device logs) are retained for a period of time that is less than what is required by 10 CFR 73.54(h).
Please explain the deviation from the 10 CFR 73.54(h) requirement to retain records and supporting technical documentation until the Commission terminates the license (or to maintain superseded portions of these records for at least 3 years) and how that meets the requirements of 10 CFR 73.54.
- 2. Implementation Schedule The regulations in 10 CFR 73.54 require licensees to submit a CSP that satisfies the requirements of this section for Commission review and approval. Furthermore, each submittal must include a proposed implementation schedule and the implementation of the licensees cyber security program must be consistent with the approved schedule.
Paragraph 73.54(a) of 10 CFR requires licensees to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks, up to and including the design basis threat.
The completion of several key intermediate milestones (items (a) through (g) below) would demonstrate progress toward meeting the requirements of 10 CFR 73.54. The NRC staffs expectation is that the key intermediate milestones will be completed in a timely manner, but no later than December 31, 2012. The key CSP implementation milestones are as follows:
a) Establish, train and qualify Cyber Security Assessment Team, as described in Section 3.1.2, Cyber Security Assessment Team, of the CSP.
b) Identify Critical Systems and CDAs, as described in Section 3.1.3, Identification of Critical Digital Assets, of the CSP.
c) Implement cyber security defense-in-depth architecture by installation of
[deterministic one-way] devices, as described in Section 4.3, Defense-In-Depth Protective Strategies, of the CSP.
d) Implement the management, operational and technical cyber security controls that address attacks promulgated by use of portable media, portable devices, and portable equipment as described in Appendix D, Section 1.19, Access Control for Portable and Mobile Devices, of Nuclear Energy Institute (NEI) 08-09, Revision 6.
e) Implement observation and identification of obvious cyber related tampering to existing insider mitigation rounds as described in Appendix E, Section 4.3, Personnel Performing Maintenance and Testing Activities, and Appendix E, Section 10.3, Baseline Configuration, of NEI 08-09, Revision 6.
f) Identify, document, and implement cyber security controls to physical security target set CDAs in accordance with Section 3.1.6, Mitigation of Vulnerabilities and Application of Cyber Security Controls, of the CSP.
g) Ongoing monitoring and assessment activities will commence for those target set CDAs whose security controls have been implemented, as described in Section 4.4, Ongoing Monitoring and Assessment, of the CSP.
h) Full implementation of the CSP for all safety, security, and emergency preparedness functions.
Please provide a revised CSP implementation schedule that identifies the appropriate milestones, completion dates, supporting rationale, and level of detail to allow the NRC
to evaluate the licensees proposed schedule and associated milestone dates which include the final completion date. It is the NRCs intention to develop a license condition incorporating your revised CSP implementation schedule containing the key milestone dates.
- 3. Scope of Systems Paragraph 73.54(a) of 10 CFR requires licensees to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks, up to and including the design basis threat as described in 10 CFR 73.1.
In addition, 10 CFR 73.54(a)(1) states that The licensee shall protect digital computer and communication systems and networks associated with:
(i) Safety-related and important-to-safety functions; (ii) Security functions; (iii) Emergency preparedness functions, including offsite communications; and (iv) Support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions.
Subsequent to the issuance of the cyber security rule, the NRC stated that 10 CFR 73.54 should be interpreted to include structures, systems, and components (SSCs) in the balance of plant (BOP) that have a nexus to radiological health and safety (ADAMS Accession No. ML103490344, dated November 19, 2010). The SSCs in the BOP are those that could directly or indirectly affect reactivity of a nuclear power plant and could result in an unplanned reactor shutdown or transient and are, therefore, within the scope of important-to-safety functions described in 10 CFR 73.54(a)(1).
Furthermore, the NRC issued a letter to NEI dated January 5, 2011 (ADAMS Accession No. ML103550480) that provided licensees with additional guidance on one acceptable approach to comply with the Commissions policy determination.
Please explain how the scoping of systems provided by CSP for DCPP, meets the requirements of 10 CFR 73.54 and the additional guidance provided by the NRC.
