Brunswick, Units 1 & 2, Crystal River, Unit 3, Shearon Harris, Unit 1 and H. B. Robinson, Unit 2 - Response to Request for Additional Information on the Carolina Power and Light Company and Florida Power Corporation Cyber Security Plan, Rev| ML110670686 |
| Person / Time |
|---|
| Site: |
Harris, Brunswick, Crystal River, Robinson  |
|---|
| Issue date: |
02/28/2011 |
|---|
| From: |
Geoffrey Miller
Progress Energy Co |
|---|
| To: |
Document Control Desk, Office of Nuclear Reactor Regulation |
|---|
| References |
|---|
| RA-11-005 |
| Download: ML110670686 (5) |
|
|
|---|
Category:Letter type:RA
MONTHYEARRA-24-0217, End of Cycle 25 (H1 R25) Inservice Inspection Program Owners Activity Report2024-09-0909 September 2024
End of Cycle 25 (H1 R25) Inservice Inspection Program Owners Activity Report
RA-24-0180, Submittal of Updated Final Safety Analysis Report (UFSAR) Revision 29, 10 CFR 54.37 Update, Technical Requirements Manuals, Technical Specification Bases, 10 CFR 50.59 and 10 CFR 72.48 Evaluation Summaries, and Commitment Change2024-08-29029 August 2024
Submittal of Updated Final Safety Analysis Report (UFSAR) Revision 29, 10 CFR 54.37 Update, Technical Requirements Manuals, Technical Specification Bases, 10 CFR 50.59 and 10 CFR 72.48 Evaluation Summaries, and Commitment Change
RA-24-0165, Response to Request for Additional Information (RAI) Regarding Proposed Alternative for the Fifth Ten-Year Inservice Inspection Interval Limited Examinations2024-07-26026 July 2024
Response to Request for Additional Information (RAI) Regarding Proposed Alternative for the Fifth Ten-Year Inservice Inspection Interval Limited Examinations
RA-24-0183, Automatic Reactor Trip Due to Main Generator Lock-Out2024-07-22022 July 2024
Automatic Reactor Trip Due to Main Generator Lock-Out
RA-24-0178, Independent Spent Fuel Storage Installation (ISFSI) Docket No. 72-06 - Registration for Use of General License Spent Fuel Casks2024-07-10010 July 2024
Independent Spent Fuel Storage Installation (ISFSI) Docket No. 72-06 - Registration for Use of General License Spent Fuel Casks
RA-24-0172, Supplement to a Request for Additional Information Response Regarding License Amendment Request to Align Certain Technical Specification Requirements with Industry Standards Provided in Improved Standard Technical Specifications2024-07-0808 July 2024
Supplement to a Request for Additional Information Response Regarding License Amendment Request to Align Certain Technical Specification Requirements with Industry Standards Provided in Improved Standard Technical Specifications
RA-24-0173, Renewed License Number DPR-23 Request Review of White Papers to Determine Fracture Toughness-based Reference Temperature of Heat Number W5214 Weld2024-06-28028 June 2024
Renewed License Number DPR-23 Request Review of White Papers to Determine Fracture Toughness-based Reference Temperature of Heat Number W5214 Weld
RA-24-0166, Revision to Emergency Plan Implementing Procedure2024-06-27027 June 2024
Revision to Emergency Plan Implementing Procedure
RA-24-0163, Registration for Use of General License Spent Fuel Casks2024-06-19019 June 2024
Registration for Use of General License Spent Fuel Casks
RA-24-0164, Inservicee Inspection Program Owners Activity Report Refueling Outage 252024-06-19019 June 2024
Inservicee Inspection Program Owners Activity Report Refueling Outage 25
RA-24-0154, Supplemental Information Supporting the Request for Exemption from Certain Requirements in 10 CFR 50.55a(h)(2) Using Risk-Informed Process for Evaluations2024-06-0707 June 2024
Supplemental Information Supporting the Request for Exemption from Certain Requirements in 10 CFR 50.55a(h)(2) Using Risk-Informed Process for Evaluations
RA-23-0028, Application to Revise Technical Specifications to Adopt TSTF-234-A, Revision 1, Add Action for More than One (D)Rpi Inoperable2024-05-23023 May 2024
Application to Revise Technical Specifications to Adopt TSTF-234-A, Revision 1, Add Action for More than One (D)Rpi Inoperable
RA-24-0110, Response to Request for Additional Information Regarding License Amendment Request to Align Certain Technical Specification Requirements with Industry Standards Provided in Improved Standard Technical.2024-05-0909 May 2024
Response to Request for Additional Information Regarding License Amendment Request to Align Certain Technical Specification Requirements with Industry Standards Provided in Improved Standard Technical.
RA-24-0030, Duke Energy - Annual Radioactive Effluent Release Report - 20232024-04-29029 April 2024
Duke Energy - Annual Radioactive Effluent Release Report - 2023
RA-24-0083, Annual Report of Changes Pursuant to 10 CFR 50.462024-04-25025 April 2024
Annual Report of Changes Pursuant to 10 CFR 50.46
RA-24-0031, Annual Radiological Environmental Operating Report - 20232024-04-23023 April 2024
Annual Radiological Environmental Operating Report - 2023
RA-24-0094, Request for Approval of Duke Energy Corporation Transition to ANSI/ANS3.1-2014, American National Standard for Selection and Training of Nuclear Power Plant Personnel and Revision 4 of Regulatory Guide 1.8, Rev. 4 Qualification and Traini2024-04-17017 April 2024
Request for Approval of Duke Energy Corporation Transition to ANSI/ANS3.1-2014, American National Standard for Selection and Training of Nuclear Power Plant Personnel and Revision 4 of Regulatory Guide 1.8, Rev. 4 Qualification and Training
RA-24-0117, Cycle 26 Core Operating Limits Report, Revision O2024-04-16016 April 2024
Cycle 26 Core Operating Limits Report, Revision O
RA-24-0099, Reactor and Senior Reactor Operator Initial Examination Outlines2024-04-10010 April 2024
Reactor and Senior Reactor Operator Initial Examination Outlines
RA-24-0075, Re Automatic Start of Emergency Diesel Generator Due to Emergency Bus De-energization2024-04-10010 April 2024
Re Automatic Start of Emergency Diesel Generator Due to Emergency Bus De-energization
RA-24-0074, Primary Containment Penetration Local Leak Rate Testing Failure2024-04-10010 April 2024
Primary Containment Penetration Local Leak Rate Testing Failure
RA-24-0106, Annual Environmental (Non-Radiological) Operating Report2024-04-0909 April 2024
Annual Environmental (Non-Radiological) Operating Report
RA-24-0097, Response to Request for Supplemental Information Supporting the Request for Exemption from Certain Requirements in 10 CFR 50.55a(h)(2) Using Risk-Informed Process for Evaluations2024-04-0303 April 2024
Response to Request for Supplemental Information Supporting the Request for Exemption from Certain Requirements in 10 CFR 50.55a(h)(2) Using Risk-Informed Process for Evaluations
RA-24-0093, Response to NRC Regulatory Issue Summary 2024-01 Preparation and Scheduling of Operator Licensing Examinations2024-04-0202 April 2024
Response to NRC Regulatory Issue Summary 2024-01 Preparation and Scheduling of Operator Licensing Examinations
RA-24-0085, Onsite Property Insurance Coverage2024-04-0101 April 2024
Onsite Property Insurance Coverage
RA-24-0086, 10 CFR 140.21 Licensee Guarantees of Payment of Deferred Premiums2024-04-0101 April 2024
10 CFR 140.21 Licensee Guarantees of Payment of Deferred Premiums
RA-24-0080, Duke Energy Progress, LLC - Request for Review of Master Curve Methodology to Determine the Fracture Toughness-based Reference Temperature Topical Reports2024-03-28028 March 2024
Duke Energy Progress, LLC - Request for Review of Master Curve Methodology to Determine the Fracture Toughness-based Reference Temperature Topical Reports
RA-23-0244, Application for Technical Specification Improvement to Extend a Completion Time of Technical Specification 3/4.5.1, Accumulators, Using the Consolidated Line Item Improvement Process2024-03-20020 March 2024
Application for Technical Specification Improvement to Extend a Completion Time of Technical Specification 3/4.5.1, Accumulators, Using the Consolidated Line Item Improvement Process
RA-24-0062, 10 CFR 50 .54(q) Evaluation2024-03-0404 March 2024
10 CFR 50 .54(q) Evaluation
RA-24-0058, Cycle 25 Core Operating Limits Report (COLR)2024-03-0101 March 2024
Cycle 25 Core Operating Limits Report (COLR)
RA-24-0033, Response to Request for Additional Information Regarding the Aging Management Program and Inspection Plan for the Shearon Harris Nuclear Power Plant, Unit 1, Reactor Vessel Internals2024-02-24024 February 2024
Response to Request for Additional Information Regarding the Aging Management Program and Inspection Plan for the Shearon Harris Nuclear Power Plant, Unit 1, Reactor Vessel Internals
RA-23-0300, Fifth Ten-Year Inservice Inspection Interval Limited Examinations2024-02-15015 February 2024
Fifth Ten-Year Inservice Inspection Interval Limited Examinations
RA-23-0008, Request for Exemption from Certain Requirements in 10 CFR 50.55a(h)(2) Using Risk-Informed Process for Evaluations2024-02-0606 February 2024
Request for Exemption from Certain Requirements in 10 CFR 50.55a(h)(2) Using Risk-Informed Process for Evaluations
RA-24-0012, Independent Spent Fuel Storage Installation - Annual Radioactive Effluent Release Report2024-02-0505 February 2024
Independent Spent Fuel Storage Installation - Annual Radioactive Effluent Release Report
RA-24-0015, Submittal of 2023 Sea Turtle Annual Report2024-01-10010 January 2024
Submittal of 2023 Sea Turtle Annual Report
RA-23-0325, Submittal of Procedures CSD-EP-HNP-0101-01, 02, CSD-EP-ONS-0101-01, CSD-EP-RNP-0101-01, and EP-RNP-EPLAN-ANNEX2024-01-0808 January 2024
Submittal of Procedures CSD-EP-HNP-0101-01, 02, CSD-EP-ONS-0101-01, CSD-EP-RNP-0101-01, and EP-RNP-EPLAN-ANNEX
RA-24-0006, 10 CFR 50.54(q) Evaluation2024-01-0404 January 2024
10 CFR 50.54(q) Evaluation
RA-23-0313, Baffle-Former Bolt (Bfb) Subsequent Inspection Interval Evaluation2023-12-14014 December 2023
Baffle-Former Bolt (Bfb) Subsequent Inspection Interval Evaluation
RA-23-0306, Procedures CSD-EP-BNP-0101-01, EAL Technical Basis Document, Revision 006 and CSD-EP-CNS-0101-01, EAL Technical Basis Document, Revision 005, Summary Of.2023-12-12012 December 2023
Procedures CSD-EP-BNP-0101-01, EAL Technical Basis Document, Revision 006 and CSD-EP-CNS-0101-01, EAL Technical Basis Document, Revision 005, Summary Of.
RA-23-0318, Supplement to Request for Exemption from Enhanced Weapons, Firearms Background Checks, and Security Event Notifications Implementation2023-12-0404 December 2023
Supplement to Request for Exemption from Enhanced Weapons, Firearms Background Checks, and Security Event Notifications Implementation
RA-23-0284, RA-23-0284 Request for Exemption from Enhanced Weapons, Firearms Background Checks, and Security Event Notifications Implementation2023-11-16016 November 2023
RA-23-0284 Request for Exemption from Enhanced Weapons, Firearms Background Checks, and Security Event Notifications Implementation
RA-23-0276, Response to Request for Additional Information Regarding License Amendment Request to Align Certain Technical Specification Requirements with Industry Standards Provided in Improved Standard Technical Specific2023-11-0606 November 2023
Response to Request for Additional Information Regarding License Amendment Request to Align Certain Technical Specification Requirements with Industry Standards Provided in Improved Standard Technical Specific
RA-23-0281, Procedure EP-ALL-EPLAN, Duke Energy Common Emergency Plan, Revision 5, Summary of Changes2023-11-0101 November 2023
Procedure EP-ALL-EPLAN, Duke Energy Common Emergency Plan, Revision 5, Summary of Changes
RA-23-0121, License Amendment Request to Adopt TSTF-258-A, Revision 4, Regarding Changes to Technical Specification Section 5.7, High Radiation Area2023-10-0505 October 2023
License Amendment Request to Adopt TSTF-258-A, Revision 4, Regarding Changes to Technical Specification Section 5.7, High Radiation Area
RA-23-0218, Review Request for the Aging Management Program and Inspection Plan for the Shearon Harris Nuclear Power Plant, Unit 1, Reactor Vessel Internals2023-09-21021 September 2023
Review Request for the Aging Management Program and Inspection Plan for the Shearon Harris Nuclear Power Plant, Unit 1, Reactor Vessel Internals
RA-23-0225, Procedure AD-EP-ALL-0109, Offsite Protective Action Recommendations, Revision 9, and the Joint Information Center (JIC) Relocation, Summary of Changes2023-09-20020 September 2023
Procedure AD-EP-ALL-0109, Offsite Protective Action Recommendations, Revision 9, and the Joint Information Center (JIC) Relocation, Summary of Changes
RA-22-0290, License Amendment Request to Exclude the Dynamic Effects of Specific Postulated Pipe Ruptures from the Design and Licensing Basis Based on Leak-Before-Break Methodology2023-08-30030 August 2023
License Amendment Request to Exclude the Dynamic Effects of Specific Postulated Pipe Ruptures from the Design and Licensing Basis Based on Leak-Before-Break Methodology
RA-23-0216, Independent Spent Fuel Storage Installation, Registration of Use of Spent Fuel Casks2023-08-22022 August 2023
Independent Spent Fuel Storage Installation, Registration of Use of Spent Fuel Casks
RA-23-0199, Response to Request for Additional Information (RAI) Regarding Proposed Alternative in Accordance with 10 CFR 50.55a(z)(1) for Inservice Inspection of the Torus Metallic Liner2023-08-18018 August 2023
Response to Request for Additional Information (RAI) Regarding Proposed Alternative in Accordance with 10 CFR 50.55a(z)(1) for Inservice Inspection of the Torus Metallic Liner
RA-23-0122, License Amendment Request to Revise the 10 CFR 50.69, Risk-Informed Categorization and Treatment of Structures, Systems and Components for Nuclear Power Reactors, Categorization Process to .2023-08-17017 August 2023
License Amendment Request to Revise the 10 CFR 50.69, Risk-Informed Categorization and Treatment of Structures, Systems and Components for Nuclear Power Reactors, Categorization Process to .
2024-09-09
[Table view] |
Text
~jj rogrss~nrgy10 CFR 50.4 411 Fayetteville Street Mall Raleigh NC 27602 Serial: RA- 11-005 February 28, 2011 United States Nuclear Regulatory Commission ATTENTION:
Document Control Desk Washington, DC 20555-0001 BRUNSWICK STEAM ELECTRIC PLANT, UNIT NOS. 1 AND 2 DOCKET NOS. 50-325 AND 50-324 / RENEWED LICENSE NOS. DPR-71 AND DPR-62 CRYSTAL RIVER UNIT 3 NUCLEAR GENERATING PLANT DOCKET NO. 50-302 / LICENSE NO. DPR-72 SHEARON HARRIS NUCLEAR POWER PLANT, UNIT NO. 1 DOCKET NO. 50-400 / RENEWED LICENSE NO. NPF-63 H. B. ROBINSON STEAM ELECTRIC PLANT, UNIT NO. 2 DOCKET NO. 50-261 / RENEWED LICENSE NO. DPR-23 RESPONSE TO REQUEST FOR ADDITIONAL INFORMATION ON THE CAROLINA POWER AND LIGHT COMPANY AND FLORIDA POWER CORPORATION CYBER SECURITY PLAN. REVISION 0 Ladies and Gentlemen:
By letter dated July 8, 2010, Carolina Power & Light Company (CP&L), now doing business as Progress Energy Carolinas, Inc., and Florida Power Corporation (FPC), now doing business as Progress Energy Florida, Inc., submitted the fleet Carolina Power and Light Company and Florida Power Corporation Cyber Security Plan (ML1 01950043) for NRC review and approval.A Request for Additional Information (RAI) was received via electronic correspondence on December 20, 2010, (ML 110120041).
The RAI was subsequently discussed with the NRC staff via teleconference on January 11, 2011, (ML 110120023).
CP&L and FPC's response to the RAI is attached.The response to the first question describes a change that must be made to the Carolina Power and Light Company and Florida Power Corporation Cyber Security Plan. An updated Carolina Power and Light Company and Florida Power Corporation Cyber Security Plan will be submitted, by follow-up correspondence, incorporating this change along with other changes that address common industry issues regarding balance of plant equipment, records retention, and implementation schedules.
The date of this follow-up correspondence is dependent upon final resolution of the common industry issues and the NRC staff's issuance of a common industry RAI.No new regulatory commitments have been made in this letter. ta).:.l United States Nuclear Regulatory Commission RA- 11-005 Page 2 If you have questions regarding this submittal, please contact Brian McCabe, Manager, Nuclear Regulatory Affairs, at (919) 546-4579.I declare under the penalty of perjury that the foregoing is true and correct. Executed on February 28, 2011.Sincerely, Garry Miller Vice President
-Nuclear Engineering Progress Energy, Inc.DBM
Attachment:
Response to Request for Additional Information on the Carolina Power and Light Company and Florida Power Corporation Cyber Security Plan, Revision 0.cc USNRC Region II USNRC Resident Inspector
-BSEP, Unit Nos. 1 and 2 USNRC Resident Inspector
-CR3 USNRC Resident Inspector
-SHNPP, Unit No. 1 USNRC Resident Inspector
-HBRSEP, Unit No. 2 F. Saba, NRR Project Manager -BSEP, Unit Nos. 1 and 2; CR3 B. Mozafari, NRR Project Manager -SHNPP, Unit No. 1; HBRSEP, Unit No. 2 United States Nuclear Regulatory Commission Attachment to RA- 11-005 Attachment Response to Request for Additional Information on the Carolina Power and Light Company and Florida Power Corporation Cyber Security Plan, Revision 0 United States Nuclear Regulatory Commission Attachment to RA- 11-005 Page 1 of 2 Response to Request for Additional Information on the Carolina Power and Light Company and Florida Power Corporation Cyber Security Plan, Revision 0 Cyber Security Plan (CSP) Section 4: Establishing, Implementing, and Maintaining the Cyber Security Program RAI 1 RAI Title: Defense-in-Depth Protective Strategies
-Restriction of one-way communications between levels Title 10 of the Code of Federal Regulations (10 CFR) Section 73.54(c)(2) requires the licensee to apply and maintain defense-in-depth protective strategies to ensure the capability to detect, respond to, and recover from cyber attacks. Section 4.3, "Defense-in-Depth Protective Strategies," of the licensee's fleet CSP states in bullet nine "Communications initiated from CDAs [critical digital assets] within the lower-level plant computing network (Level 3) to CDAs within the higher-level plant computing network (Level 4) is restricted as described in engineering design documentation." Question: Explain how one-way communications will be restricted between two different security levels/zones that will prevent any data transmission from the low security level to the higher security level.Answer: The ninth bullet in Section 4.3 will be revised as follows: Communication initiated from CDAs within the lower-level plant computing network (Level 3) to CDAs within the higher-level plant computing network (Level 4) is restricted as desc.-ibed i n e. ring design do.umentation through the use of a firewall and network-based intrusion detection system.RAI 2 RAI Title: Defense-in-Depth Protective Strategies
-Restriction of bi-directional communications between levels Section 73.54(c)(2) of 10 CFR requires the licensee to apply and maintain defense-in-depth protective strategies to ensure the capability to detect, respond to, and recover from cyber attacks. Section 4.3, "Defense-in-Depth Protective Strategies," of the licensee's fleet CSP states in bullet twelve "The communications voice and data networks (Level 3 type network)provide service for emergency preparedness and security functions required to meet United States Nuclear Regulatory Commission Attachment to RA-1 1-005 Page 2 of 2 NUREG-0654 and Section 73.550) of 10 CFR requirements.
Bi-directional communication with less secure domains is required.
Boundary security controls are applied as determined by evaluation performed in accordance with Section 3.1.6 of the Cyber Security Plan." Question: Explain how the bi-directional communications will be secured between communications voice and data networks that will prevent any data transmission to level 3.Answer: Level 3 is a security level designation for digital computer and communication systems and networks.
Progress Energy has multiple Level 3 type networks which have equivalent protective characteristics.
However, based on the functional purpose of the network, different protective equipment may be utilized.
In accordance with the Cyber Security Plan and implementation schedule, Level 3 plant computer networks will be deterministically segregated from business computer networks by unidirectional network communications.
The communications voice and data networks designated as Level 3 type networks provide service for emergency preparedness and security functions required to meet NUREG-0654 and 10 CFR 73.550) requirements.
These voice and data networks require bi-directional communication with less secure networks.
Boundary security controls and interfaces are applied as determined by an evaluation performed in accordance with Section 3.1.6 of the Cyber Security Plan.In summary, the Level 3 communications voice and data networks and the Level 3 plant computer network are separate networks based on the functions they support and are not directly connected to each other. The Level 3 plant computer network will be deterministically segregated from the business computer network by unidirectional network in accordance with the Cyber Security Plan. The communications voice and data networks will be segregated from the business computer network by boundary security devices that permit bi-directional communication as determined by an evaluation performed in accordance with Section 3.1.6 of the Cyber Security Plan.