Slides from Meeting with Pacific Gas and Electric Company Regarding Diablo Canyon Process Protection System Replacement

ML111640534
Person / Time
Site:	Diablo Canyon
Issue date:	06/07/2011
From:	Pacific Gas & Electric Co
To:	Division of Operating Reactor Licensing
Wang, A B, NRR/DORL/LPLIV, 415-1445
References
Download: ML111640534 (13)
v • d • e

Text

Secu. ity-Related Ii ifo. n ration = 'Nit~~~---;';n-~~~~;;-;;; MiuJ DIABLO CANYON POWER PLANT PROCESS PROTECTION SYSTEM REPLACEMENT NSIR Meeting June 7, 2011 George Hough Pacific Gas and Electric GDH2@pge.com 805-545-4291 Scott B. Patterson Pacific Gas & Electric Co.

sbp1@pge.com 805-545-4082 Ken Schrader Pacific Gas & Electric Co.

kjse@pge.com 805-545-4328 John Hefler Altran Solutions Corp.

jhefler@altransolutions.com 415-543-6111 Ted Quinn Altran Solutions Corp.

tedquinn@cox.net 415-543-6111 Greg Clarkson AHran Solutions Corp.

gretg@rockcreektech.com 415-543-6111 SecUi ily-Related Iilfoll nalioll

'oVitl.liold Uilder It) CPR 2.390

/r8I!J 1

Seccrity-Related Infomlation = Withhold Under 10 erR 2.390 A-P->rJl NSIR Meeting Agenda (1000 to 1200)

• Introductions

• Diablo Canyon Power Plant (DCPP) Cyber Security Program Schedule

• Process Protection System (PPS) Replacement Schedule

• NSIR update on inspection acceptance criteria for meeting RG 5.71

• Programmatic approach to Cyber Security for PPS

• Cyber Security requirements for the PPS o Vendor requirements o PG&E requirements

• Summary

• Discussion Seoi:lFitv Relstefj I AfefmstieA VlithheIa UAaer 10 GrR 2_3QO W~ ~

2

Seeurity Related Information Withhold Under 10 erR 2.390 p..-Q, v.>

DCPP Cyber Security - Implementation Schedule

• Cyber Security Plan Submitted -- April 4, 2011 (J Proposed Implementation Schedule o NRC is Reviewing

• Prioritized Implementation Schedule o Critical Milestones - December 31, 2012 o Full Implementation ~ Plant Specific o Dates viewed as commitments by the NRC SscLirity Rslated Infommtion

'Nithhold UFlder 10 erR 2.390

~ &w 3

Seeurit)-Related Inforl'lation Withhold Ulldel 10 CFR 2.390

~ lJ)

DCPP Process Protection Systetn Replacetnent-Impletnentation Schedule

• Two vendors o Westinghouse/CS Innovations Topical Report submitted and being reviewed Will not be approved before LAR Submittal Per ISG-06 the Westinghouse/CSI scope will be Tier 3 o I nvensyslTriconex Topical Report submitted and being reviewed Will be approved before LAR Submittal Per ISG-06 the IOMlTriconex scope will be Tier 1

• LAR Submittal - July 2011 (30 days after Triconex v1 0 Topical Report is approved)

• LAR Approval-March 2013 (-20 months after submittal)

• Unit 1 Installation - February 2014

• Unit 2 Installation - October 2014 Seeuffly Related Informatien Y/ithheld Under 10 erR 2.390 4 ~ \\f-.)

4

Seouritv Related IAffirmation

~Nithhold Under 1 e CFR 2.Sg0 jJf>cJ NSIR update on inspection acceptance criteria for meeting RG 5.71

• To be provided by NRC NSIR Sesblrity ~elatea IAfeFfflstieA

\\'Vithhold Under 10 erR 2.390

~(;-J 5

• Programmatic Approach I

• Critical Digital Asset (CDA) Determination

• CDA Multilayered Defense

• Full CS Involvement in CDA Life Cycle

• Periodic Program Review SfaJeuFitv RII!I"t~t'f Il"Imrm"tit"m -

""~ithh~ld Undp.f 1A P.FR 5) ~~A IJ ~ LV 6

~

~

I 4-J

~

0

~

~

C/)

~

0

~

q I

0

.~

~

~

U

~

C/)

~

~

...c U

~

~

U Q

Q)

J en en.

U co

+-'e:

0 (J

CO en.

Q)

(J e:

co.c..

E 0

(.,)

0

"'C e:

~

"'C Q)

-0 Q)

Q)

Z en en Q) 0 0

0....

c:

0 CO

(.)

'I

~

Q)

()

3

~ DCPP CybeS;CS~R~:i;:"pW;SdU"def19CFR2.399 ~bV

• CS Involved in all project phases I

• Full Protection for PPS o Physical Protections o Network Protections o Operation and Maintenance Procedures eeUFh' Reletea IFlfeFmstieFl u'itAAela U 6 s

.~

h FI eF 10 erR 2.390 fJr[3 vJ 8

• CS Program Implementation in progress Some Milestones Complete o

o Budgets Allocated D Senior management support

• DCPP Involved with Industry CJ NEI, INPO, STARS, USA,

• DCPP Connected to National CS Support I

Seeurity Related IRfeffl'latieR Witht'leld URder 10 erR 2.390 V~ t;0 9

en 4-Jc:

QJ 8

QJ

~

.~

~

~

QJ

~

C

.~

~

~

U QJ C/)

~

QJ

~

~

u en Q)

-c

-:J u

c -

• en

+-'

c CD E

CD L

J c-CD L

L 0

-c c

Q) 0 en c

CD E

CD L

J c-CD L..

W

~

(9 c..

0

SOSUFity Related InfoFmation

'liithhoid Under 10 CFR 2.390 tyl)0 Cyber Security Requirements

• Vendor Requirements:

~

o What is the expectation for vendors with respect to providing assurance of a secure development and operating environment?

• Some vendors will not release specific information

• Legacy software/firmware - How to address?

• Operating Systems SeeuFity Related Information

¥/itl'll'lold Under 10 CFR 2.390

~vu 11

J C'"

Q) 0:::

w O(!S C9 a..

LI N-en

+-'c:

Q)

E

~

J C'"

Q)a::

en a..

a..

~ cae Information WitAAol~ U' ~

r Seol:Jril\\-' R I t ~

ummary R ef 19 GrR 2.399

.).;-0..)

S

• PG&E committed to cyber security compliance in accordance with the DCPP Cyber Security Plan.

• PPS will be evaluated to the same acceptance criteria applicable to all systems for cyber security.

Seeuritv..Rel~ted Inmm,atioli

'/o'ithliold Ulidel 10 CFR 2.9§0

'A ~\\?

13