Response to Request for Additional Information Regarding Revision to Renewed Facility Operating License and Request for Review and Approval of the Cyber Security Plan

ML110910061
Person / Time
Site:	Cooper  (DPR-046)
Issue date:	03/30/2011
From:	O'Grady B Nebraska Public Power District (NPPD)
To:	Document Control Desk, Office of Nuclear Reactor Regulation
References
NLS2011028
Download: ML110910061 (13)
v • d • e

Text

SECURITY-RELATED INFORMATION - WITHHOLD UNDER 10 CFR 2.390 N

Nebraska Public Power District "Always there when you need its" 50.90 NLS2011028 March 30, 2011 U.S. Nuclear Regulatory Commission Attention: Document Control Desk Washington, D.C. 20555-0001

Subject:

Response to Request for Additional Information Regarding Revision to the Renewed Facility Operating License and Request for Review and Approval of the Cyber Security Plan Cooper Nuclear Station, Docket No. 50-298, License No. DPR-46

References:

1.

Letter from Demetrius L. Willis, Nebraska Public Power District, to U.S.

Nuclear Regulatory Commission, dated July 20, 2010, "Withdrawal and Resubmission of License Amendment Request for Approval of the Cyber Security Plan" (NLS2010059)

2.

Letter from Brian J. O'Grady, Nebraska Public Power District, to U.S.

Nuclear Regulatory Commission, dated November 30, 2010, "Revision of Commitment Date to Supplement the Cyber Security Plan Regarding Balance of Plant Systems" (NLS2010104)

3.

Letter from Richard P. Correia, U.S. Nuclear Regulatory Commission, to Chris Earls, Nuclear Energy Institute, dated January 5, 2011, concerning Inclusion of Balance of Plant Equipment in Cyber Security Program

4.

Letter from Christopher E. Earls, Nuclear Energy Institute, to Richard P.

Correia, U.S. Nuclear Regulatory Commission, dated February 28, 2011, "Clarification to NEI 08-09, Revision 6 Regarding Records Retention"

5.

Letter from Christopher E. Earls, Nuclear Energy Institute, to Richard P.

Correia, U.S. Nuclear Regulatory Commission, dated February 28, 2011, "Template for the Cyber Security Plan Implementation Schedule"

6.

Letter from Richard P. Correia, U.S. Nuclear Regulatory Commission, to ChristopherE. Earls, Nuclear Energy Institute, dated March 1, 2011, "Cyber Security Plan Generic Request for Additional Information on Records Retention" NOTE: Attachments 4, 5, and 6 to this letter contain Security-Related Information. Upon separation from Attachments 4, 5, and 6, the cover letter and Attachments 1, 2, and 3 are decontrolled.

COOPER NUCLEAR STATION Human Resources Office PO Box 98 / Brownville, NE 68321-0098 Telephone: (402) 825-2834 / Fax: (402) 825-5714 ww;w. nppd. corn

SECURITY-RELATED INFORMATION - WITHHOLD UNDER 10 CFR 2.390 NLS2011028 Page 2 of 3

7.

Letter from Richard P. Correia, U.S. Nuclear Regulatory Commission, to Christopher E. Earls, Nuclear Energy Institute, dated March 1, 2011, "Template for the Cyber Security Plan Implementation"

8.

Letter from Lynnea E. Wilkins, U.S. Nuclear Regulatory Commission, to Brian J. O'Grady, Nebraska Public Power District, dated March 3, 2011, "Cooper Nuclear Station - Request for Additional Information Regarding Revision to the Renewed Facility Operating License and Request for Review and Approval of the Cyber Security Plan"

Dear Sir or Madam:

The purpose of this letter is to respond to a Nuclear Regulatory Commission (NRC) Request for Additional Information (RAI). Per Reference 1, Nebraska Public Power District (NPPD) submitted a License Amendment Request (LAR) requesting NRC approval of the Cooper Nuclear Station (CNS) Cyber Security Plan and revision of the Facility Operating License (FOL)

Physical Protection license condition. The LAR also included a Cyber Security Plan implementation schedule. Per Reference 8, the NRC provided a RAI related to this LAR. The response to the questions contained in the RAI, a revised Cyber Security Plan, an updated license condition, and an updated implementation schedule are provided in the attachments to this letter.

The revisions made to the Cyber Security Plan do not affect the evaluation of the change, including the no significant hazards consideration evaluation, provided by the LAR submitted in Reference 1. provides the CNS response to the three questions contained in the RAI. provides the existing Renewed FOL page marked up to show the proposed change to the Physical Protection license condition. Attachment 3 provides the updated Renewed FOL change in final typed format. These revised FOL pages replace the pages previously submitted per Reference 1. Attachment 4 provides a revision to the CNS Cyber Security Plan, which replaces, in its entirety, the Cyber Security Plan previously submitted per Reference 1. provides a revised Cyber Security Plan implementation schedule. This implementation schedule supersedes the previous schedule submitted per Reference 1. provides the associated regulatory commitments. These commitments supersede those submitted per Reference 1. NPPD requests that Attachments 4, 5, and 6, which contain security-related information, be withheld from public disclosure in accordance with 10 CFR 2.390.

Should you have any questions concerning this letter, or require additional information, please contact David Van Der Kamp, Licensing Manager, at (402) 825-2904.

NOTE: Attachments 4, 5, and 6 to this letter contain Security-Related Information. Upon separation from Attachments 4, 5, and 6, the cover letter and Attachments 1, 2, and 3 are decontrolled.

SECURITY-RELATED INFORMATION - WITHHOLD UNDER 10 CFR 2.390 NLS2011028 Page 3 of 3 I declare under penalty of perjury that the foregoing is true and correct.

Executed On:

li\\- t (Date)

Sincerely, Bria Brian J. O'Giady Vice President-Nuclear andN Chief Nuclear Officer

/lb Attachments cc:

Regional Administrator w/attachments USNRC - Region IV Cooper Project Manager w/attachments USNRC - NRR Project Directorate IV-1 Senior Resident Inspector w/attachments USNRC - CNS Nebraska Health and Human Services w/attachments Department of Regulation and Licensure NPG Distribution w/o attachments CNS Records w/attachments NOTE: Attachments 4, 5, and 6 to this letter contain Security-Related Information. Upon separation from Attachments 4, 5, and 6, the cover letter and Attachments 1, 2, and 3 are decontrolled.

I

NLS2011028 Page 1 of 4 Response to Request for Additional Information Revision to the Renewed Facility Operating License and Request for Review and Approval of the Cyber Security Plan Cooper Nuclear Station, Docket No. 50-298, DPR-46

1.

Records Retention The regulations in 10 CFR 73.54(c)(2) requires licensees to design a cyber security program to ensure the capability to detect, respond to, and recover from cyber attacks.

Furthermore, 10 CFR 73.54(e)(2)(i) requires licensees to maintain a Cyber Security Plan (CSP) plan that describes how the licensee will maintain the capability for timely detection and response to cyber attacks. The ability for a licensee to detect and respond to cyber attacks requires accurate and complete records and is further supported by 10 CFR 73.54(h), which states that the licensee shall retain all records and supporting technical documentation required to satisfy the requirements of 10 CFR Section 73.54 as a record until the Commission terminates the license for which the records were developed, and shall maintain superseded portions of these records for at least 3 years after the record is superseded, unless otherwise specified by the Commission.

The licensee's CSP in Section 4.13 states that Critical Digital Asset (CDA) audit records and audit data (e.g., operating system logs, network device logs) are retained for a period of time that is less than what is required by 10 CFR 73.54(h).

Please explain the deviation from the 10 CFR 73.54(h) requirement to retain records and supporting technical documentation until the Commission terminates the license (or to maintain superseded portions of these records for at least 3 years) and how that meets the requirements of 10 CFR 73.54.

Response

Cooper Nuclear Station (CNS) has revised Section 4.13, "Document Control and Records Retention and Handling," of the proposed Cyber Security Plan to address this concern.

The new text supersedes the previous text in Section 4.13 in its entirety. The modified text is in accordance with proposed wording provided to the Nuclear Regulatory Commission (NRC) by the Nuclear Energy Institute (NEI) in Reference 4 of the cover letter and accepted by the NRC in Reference 6 of the cover letter. The modified Cyber Security Plan is provided in Attachment 4.

2.

Implementation Schedule The regulations in 10 CFR 73.54 require licensees to submit a CSP that satisfies the requirements of this section for Commission review and approval. Furthermore, each submittal must include a proposed implementation schedule and the implementation of the licensee's cyber security program must be consistent with the approved schedule.

Paragraph 73.54(a) of 10 CFR requires licensees to provide high assurance that digital

NLS2011028 Page 2 of 4 computer and communication systems and networks are adequately protected against cyber attacks, up to and including the design basis threat.

The completion of several key intermediate milestones (items (a) through (g) below) would demonstrate progress toward meeting the requirements of 10 CFR 73.54. The NRC staffs expectation is that the key intermediate milestones will be completed in a timely manner, but no later than December 31, 2012. The key CSP implementation milestones are as follows:

a)

Establish, train and qualify Cyber Security Assessment Team, as described in Section 3.1.2, "Cyber Security Assessment Team, "of the CSP.

b)

Identify Critical Systems and CDAs, as described in Section 3.1.3, "Identification of Critical Digital Assets, " of the CSP.

c)

Implement cyber security defense-in-depth architecture by installation of

[deterministic one-way] devices, as described in Section 4.3, "Defense-In-Depth Protective Strategies, " of the CSP.

d)

Implement the management, operational and technical cyber security controls that address attacks promulgated by use ofportable media, portable devices, and portable equipment as described in Appendix D, Section 1.19, "Access Control for Portable and Mobile Devices, " of Nuclear Energy Institute (NEI) 08-09, Revision 6.

e)

Implement observation and identification of obvious cyber related tampering to existing insider mitigation rounds as described in Appendix E, Section 4.3, "Personnel Performing Maintenance and Testing Activities, " and Appendix E, Section 10.3, "Baseline Configuration," of NEI 08-09, Revision 6.

J9 Identify, document, and implement cyber security controls to physical security target set CDAs in accordance with Section 3.1.6, "Mitigation of Vulnerabilities and Application of Cyber Security Controls," of the CSP.

g)

Ongoing monitoring and assessment activities will commence for those target set CDAs whose security controls have been implemented, as described in Section 4.4, "Ongoing Monitoring and Assessment, "of the CSP.

h)

Full implementation of the CSP for all safety, security, and emergency preparedness fiinctions.

Please provide a revised CSP implementation schedule that identifies the appropriate milestones, completion dates, supporting rationale, and level of detail to allow the NRC to evaluate the licensee's proposed schedule and associated milestone dates which include the final completion date. It is the I

NLS2011028 Page 3 of 4 NRC's intention to develop a license condition incorporating your revised CSP implementation schedule containing the key milestone dates.

Response

CNS has revised the proposed implementation schedule to address the milestones discussed above as recommended by the NRC. The proposed schedule is consistent with the proposed generic template submitted to the NRC by NEI per Reference 5 of the cover letter and accepted by the NRC in Reference 7 of the cover letter. The revised implementation schedule is contained in Attachment 5. This implementation schedule supersedes the schedule previously submitted per Reference 1.

3.

Scope of Systems Paragraph 73.54(a) of 10 CFR requires licensees to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks, up to and including the design basis threat as described in 10 CFR 73.1.

In addition, 10 CFR 73.54(a)(1) states that The licensee shall protect digital computer and communication systems and networks associated with:

(i)

Safety-related and important-to-safety functions; (ii)

Security functions; (iii)

Emergency preparedness functions, including offsite communications; and (ih)

Support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions.

Subsequent to the issuance of the cyber security rule, the NRC stated that 10 CFR 73.54 should be interpreted to include structures, systems, and components (SSCs) in the balance ofplant (BOP) that have a nexus to radiological health and safety (ADAMS Accession No. ML103490344, dated November 19, 2010). The SSCs in the BOP are those that could directly or indirectly affect reactivity of a nuclear power plant and could result in an unplanned reactor shutdown or transient and are, therefore, within the scope of important-to-safety functions described in 10 CFR 73.54(a)(1).

Furthermore, the NRC issued a letter to NEI dated January 5, 2011 (ADAMS Accession No. ML103550480) that provided licensees with additional guidance on one acceptable approach to comply with the Commission's policy determination.

NLS2011028 Page 4 of 4 Please explain how the scoping of systems provided by CSPfor Cooper Nuclear Station, meets the requirements of 10 CFR 73.54 and the additional guidance provided by the NRC.

Response

CNS has made an addition to Section 2.1, "Scope and Purpose," of the proposed Cyber Security Plan to address the inclusion of structures, systems, and components in the balance of plant that could directly or indirectly affect reactivity and could result in an unplanned reactor shutdown or transient. This addition to the plan is in accordance with the NRC letter of January 5, 2011, referenced above (Reference 3 of the cover letter) that provided proposed language to supplement the Cyber Security Plan. It also fulfills the commitment to supplement the plan in accordance with Reference 2 of the cover letter.

The revised Cyber Security Plan is provided in Attachment 4.

NLS2011028 Page 1 of 2 Proposed Facility Operating License Change (Mark-Up)

Cooper Nuclear Station, Docket No. 50-298, DPR-46 Revised Facility Operating License Page Page 3 of 5 (5) Pursuant to the Act and 10 CFR Parts 30, 40, and 70, to possess, but not separate, such byproduct and special nuclear materials as may be produced by operation of the facility.

C. This license shall be deemed to contain and is subject to the conditions specified in the following Commission regulations in 10 CFR Chapter I: Part 20, Section 30.34 of Part 30, Section 40.41 of Part 40, Sections 50.54 and 50.59 of Part 50, and Section 70.32 of Part 70; is subject to all applicable provisions of the Act and to the rules, regulations, and orders of the Commission now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:

(1) Maximum Power Level The licensee is authorized to operate the facility at steady state reactor core power levels not in excess of 2419 megawatts (thermal).

(2) Technical Specifications The Technical Specifications contained in Appendix A as revised through Amendment No. 237, are hereby incorporated in the license. The licensee shall operate the facility in accordance with the Technical Specifications.

I The licensee shall fully implement and maintain in effect all provisions of the Commission-approved Cooper Nuclear Station Cyber Security Plan pursuant to 10 CFR 73.54 and 10 CFR 73.55(c)(6) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p).

The Cyber Security Plan is withheld from public disclosure in accordance with 10 CFR 2.390.

(3) Physical Protection The licensee shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contain Safeguards Information protected under 10 CFR 73.21, are entitled: "Cooper Nuclear Station Safeguards Plan," submitted by letter dated May 17, 2006.

(4) Fire Protection The licensee shall implement and maintain in effect all provisions of the approved fire protection program as described in the Cooper Nuclear Station (CNS) Updated Safety Analysis Report and as approved in the Safety Evaluations dated November 29, 1977; May 23, 1979; November 21, 1980; April 29, 1983; April 16, 1984; June 1, 1984; January 3, 1985; August 21, 1985; April 10, 1986; September 9, 1986; November 7, 1988; February 3, 1989; August 15, 1995; and July 31, 1998, subject to the following provision:

The licensee may make changes to the approved fire protection program without prior approval of the Commission only if those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.

Amendment No. 237

NLS2011028 Page 1 of 4 Proposed Facility Operating License Change (Re-typed)

Cooper Nuclear Station, Docket No. 50-298, DPR-46 Revised Facility Operating License Pages Page 3 of 5 Page 4 of 5 Page 5 of 5 (5) Pursuant to the Act and 10 CFR Parts 30, 40, and 70, to possess, but not separate, such byproduct and special nuclear materials as may be produced by operation of the facility.

C. This license shall be deemed to contain and is subject to the conditions specified in the following Commission regulations in 10 CFR Chapter I: Part 20, Section 30.34 of Part 30,-Section 40.41 of Part 40, Sections 50.54 and 50.59 of Part 50, and Section 70.32 of Part 70; is subject to all applicable provisions of the Act and to the rules, regulations, and orders of the Commission now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:

(1) Maximum Power Level The licensee is authorized to operate the facility at steady state reactor core power levels not in excess of 2419 megawatts (thermal).

(2) Technical Specifications The Technical Specifications contained in Appendix A as revised through Amendment No. 237, are hereby incorporated in the license. The licensee shall operate the facility in accordance with the Technical Specifications.

(3) Physical Protection The licensee shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contain Safeguards Information protected under 10 CFR 73.21, are entitled: "Cooper Nuclear Station Safeguards Plan," submitted by letter dated May 17, 2006.

The licensee shall fully implement and maintain in effect all provisions of the Commission-approved Cooper Nuclear Station Cyber Security Plan pursuant to 10 CFR 73.54 and 10 CFR 73.55(c)(6) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The Cyber Security Plan is withheld from public disclosure in accordance with 10 CFR 2.390.

(4) Fire Protection The licensee shall implement and maintain in effect all provisions of the approved fire protection program as described in the Cooper Nuclear Station (CNS) Updated Safety Analysis Report and as approved in the Safety Evaluations dated November 29, 1977; May 23, 1979; November 21, 1980; April 29, 1983; April 16, 1984; June 1, 1984; January 3, 1985; August 21, 1985; April 10, 1986; September 9, 1986; November 7, 1988; February 3, 1989; August 15, 1995; and July 31, 1998, subject to the following provision:

Amendment No. 237 The licensee may make changes to the approved fire protection program without prior approval of the Commission only if those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.

(5) Additional Conditions The Additional Conditions contained in Appendix C, as revised through Amendment No. 178, are hereby incorporated into this license. Nebraska Public Power District shall operate the facility in accordance with the Additional Conditions.

(6) Deleted (7) Mitigation StrateQy License Condition Develop and maintain strategies for addressing large fires and explosions and that include the following key areas:

(a)

Fire fighting response strategy with the following elements:

1.

Pre-defined coordinated fire response strategy and guidance

2.

Assessment of mutual aid fire fighting assets

3.

Designated staging areas for equipment and materials

4.

Command and control

5.

Training of response personnel (b)

Operations to mitigate fuel damage considering the following:

1.

Protection and use of personnel assets

2.

Communications

3.

Minimizing fire spread

4.

Procedures for implementing integrated fire response strategy

5.

Identification of readily-available pre-staged equipment

6.

Training on integrated fire response strategy

7.

Spent fuel pool mitigation measures (c)

Actions to minimize release to include consideration of:

1.

Water spray scrubbing

2.

Dose to onsite responders (8) The licensee shall implement and maintain all Actions required by Attachment 2 to NRC Order EA-06-137, issued June 20, 2006, except the last action that requires incorporation of the strategies into the site security plan, contingency plan, emergency plan and/or guard training and qualification plan, as appropriate.

(9) Upon implementation of Amendment No. 230 adopting TSTF-448-A, Revision 3, the determination of control room envelope (CRE) unfiltered air inleakage as required by SR 3.7.4.4, in accordance with Specification 5.5.13.c.(i), the assessment of CRE habitability as required by Specification 5.5.13.c.(ii), and the measurement of CRE pressure as required by Specification 5.5.13.d, shall be considered met. Following implementation:

(a) The first performance of SR 3.7.4.4, in accordance with Specification 5.5.13.c.(i),

shall be within the specified Frequency of 6 years, plus the 18-month allowance of SR 3.0.2, as measured from July 12, 2004, the date of the most recent successful tracer gas test. (The tracer gas test was stated to have been performed in July, 2004, in the September 30, 2004 letter response to Generic Letter 2003-01).

(b) The first performance of the periodic assessment of CRE habitability, Specification 5.5.13.c.(ii), shall be within the next 9 months.

(c) The first performance of the periodic measurement of CRE pressure, Specification 5.5.13.d, shall be within 18 months, plus the 138 days allowed by SR 3.0.2, as measured from May 4, 2007, the date of the most recent successful pressure measurement test.

D. (Not Used)

E. The Updated Safety Analysis Report (USAR) supplement, as revised, submitted pursuant to 10 CFR 54.21(d), shall be included in the next scheduled update to the USAR required by 10 CFR 50.71(e)(4), as appropriate, following the issuance of this renewed operating license. Until this update is complete, the licensee may not make changes to the information in the supplement. Following incorporation of the supplement into the USAR, the need for Commission approval of any changes will be governed by 10 CFR 50.59.

F. The USAR supplement, as revised, describes certain future activities to be completed prior to and/or during the period of extended operation. The licensee shall complete these activities in accordance with Appendix A of NUREG-1944, "Safety Evaluation Report Related to the License Renewal of Cooper Nuclear Station," dated October 2010, as supplemented by letters from the licensee to the U.S. Nuclear Regulatory Commission (NRC) dated November 15 and 18, 2010. The licensee shall notify the NRC in writing when implementation of these activities is complete and can be verified by NRC inspection.

G. This license is effective as of the date of issuance and shall expire at midnight, January 18, 2034.

FOR THE NUCLEAR REGULATORY COMMISSION Eric J. Leeds, Director Office of Nuclear Reactor Regulation Attachments:

Appendices A&B - Technical Specifications Appendix C - Additional Conditions Date of Issuance: November 29, 2010