ML13119A545
ML13119A545 | |
Person / Time | |
---|---|
Site: | Palo Verde ![]() |
Issue date: | 04/29/2013 |
From: | Geoffrey Miller NRC/RGN-IV/DRS/EB-2 |
To: | Edington R Arizona Public Service Co |
References | |
IR-13-405 | |
Download: ML13119A545 (8) | |
See also: IR 05000528/2013405
Text
UNIT E D S TATE S
NUC LEAR RE GULATOR Y C OM MI S SI ON
R E G IO N I V
1600 EAST LAMAR BLVD
AR L I NGTON , TEXAS 7 60 1 1 - 4511
April 29, 2013
Randall K. Edington, Executive
Vice President, Nuclear/CNO
Arizona Public Service Company
P.O. Box 52034, Mail Stop 7602
Phoenix, AZ 85072-2034
SUBJECT: PALO VERDE NUCLEAR GENERATING STATION - NOTIFICATION TO
PERFORM INSPECTION OF TEMPORARY INSTRUCTION 2201/004,
INSPECTION OF IMPLEMENTATION OF INTERIM CYBER SECURITY
MILESTONES 1-7, AND REQUEST FOR INFORMATION (05000528/2013405,
05000529/2013405, 05000530/2013405)
Dear Mr. Edington:
On June 17, 2013, the U.S. Nuclear Regulatory Commission (NRC) will begin an inspection of
Arizona Public Service Companys cyber security program implementation for Palo Verde
Nuclear Generating Station, Units 1, 2, and 3 using the guidance in Temporary
Instruction 2201/004, Inspection of Implementation of Interim Cyber Security Milestones 1-7.
As previously discussed with members of your staff, the inspection will be performed to assess
and verify that the cyber security program interim implementation milestones have been
implemented in accordance with the regulatory requirements of 10 CFR 73.54 and NRC-
approved cyber security plans and implementation schedules.
In accordance with 10 CFR 73.54, each nuclear power plant licensee was required to submit a
proposed cyber security plan and implementation schedule for NRC approval.
On February 28, 2011, NEI provided a revised Template for the Cyber Security Plan
Implementation Schedule, for the purpose of providing licensees with a generic template to aid
in the development of their cyber security plan and implementation schedule. Based on NRC
review (ML110070348), the template was found acceptable to develop cyber security plans and
implementation schedules.
With a variety of valid operational and technical issues, full implementation dates varied among
the operating fleet of nuclear power reactors. The NRC staff worked with the nuclear industry to
devise seven interim implementation milestones to ensure a level of protection against cyber
security threats at each power reactor until full implementation of 10 CFR 73.54 is achieved. In
its NRC-approved implementation schedule, each licensee committed to meet these seven
interim milestones by December 31, 2012. These seven milestones are: (1) establishment of a
Cyber Security Assessment Team (CSAT); (2) identification and documentation of critical
R. Edington -2-
systems (CSs) and critical digital assets (CDAs); (3) installation of protective devices between
lower and higher security levels as described in the Cyber Security Plan; (4) implementation of
access control for portable mobile devices; (5) observation for and identification of obvious
cyber related tampering; (6) implementation of cyber security controls for CDAs that could
adversely impact the design function of target set equipment; and (7) implementing and
commencing on-going monitoring and assessment activities.
By letter dated July 22, 2010 (Agencywide Documents Access and Management System
(ADAMS) Accession No. ML102150229) supplemented by letters dated September 29, 2010,
November 30, 2010, January 20, 2011, and March 31, 2011 (ADAMS Accession Nos.
ML102810308, ML103420060, ML110320077, and ML111030028), Arizona Public Service
Company submitted a license amendment request for approval of a Cyber Security Plan and
Implementation Schedule for the Palo Verde Nuclear Generating Station, Units 1, 2, and 3 as
required by Title 10 of the Code of Federal Regulations (10 CFR) 73.54. The inspection of the
interim cyber security program at Palo Verde Nuclear Generating Station will be limited to the
verification of implementation of milestones one through seven. Temporary
Instruction 2201/004, Inspection of Implementation of Interim Cyber Security Milestones 1-7,
provides a programmatic level review and verification of the site-specific implementation of
these milestones. Milestone 8 will be inspected on a future date.
The schedule for the onsite inspection for Milestones 1 through 7 is as follows:
- Information Gathering Visit: June 4 - 6, 2013
- Milestone Inspection: June 17 - 21, 2013
The purpose of the information gathering visit is to: (1) obtain information and documentation
needed to support the TI inspection; (2) become familiar with the Palo Verde Nuclear
Generating Station Cyber Security Program, personnel, and plant layout; and (3) arrange
logistical details, such as office space, availability of knowledgeable staff, and to ensure
unescorted site access privileges.
In order to assure an efficient inspection, we have enclosed a request for information describing
documents needed to aid the inspectors in preparing for and conducting the temporary
instruction inspection. These documents have been divided into four groups. The first group
lists information necessary to aid the inspectors in planning for the TI inspection. It is requested
that this information be provided to the lead inspector via mail or electronically by
May 20, 2013 of possible. The second group also lists information and possible areas for
discussion necessary to assist the inspectors during the inspection. It is requested this
information be available during the information gathering visit (June 4 - 6, 2013). The third
group of requested documents consists of those items that the inspectors will review, or need
access to, during the inspection. Please have this information available by the first day of the
onsite inspection week (June 17, 2013). The fourth group lists the information necessary to aid
the inspectors in tracking questions and answers identified as a result of the inspection. It is
requested that this information be provided to the lead inspector as the information is generated
during the inspection. It is important that all of these documents are up to date and complete in
order to minimize the number of additional documents requested during the preparation and/or
the onsite portions of the TI inspection.
R. Edington -3-
The lead inspector is Sam Graves. We understand that our contact for this inspection is
Nawaporn AaronsCooke of your Regulatory Affairs organization. If there are any questions
about the inspection or the material requested, please contact the lead inspector at
(817) 200-1102, or via e-mail at samuel.graves@nrc.gov.
This letter does not contain new or amended information collection requirements subject to the
Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). Existing information collection
requirements were approved by the Office of Management and Budget, control
number 3150-0011. The NRC may not conduct or sponsor, and a person is not required to
respond to, a request for information or an information collection requirement unless the
requesting document displays a currently valid Office of Management and Budget control
number.
In accordance with 10 CFR 2.390 of the NRCs Rules of Practice, a copy of this letter will be
available electronically for public inspection in the NRC Public Document Room or from the
Publicly Available Records (PARS) component of the NRCs Agencywide Document Access
and Management System (ADAMS). ADAMS is accessible from the NRC Website at
http://www.nrc.gov/reading-rm/adams.html (the Public Electronic Reading Room).
Sincerely,
/RA/
Geoffrey Miller, Chief
Engineering Branch 2
Division of Reactor Safety
Dockets: 50-528; 50-529; 50-530
Licenses: NPF-41; NPF-51; NPF-74
Enclosure:
Cyber Security Temporary Instruction (TI) 2201/004 (Milestones 1 - 7) Request for Information
cc w/Enclosure: Distribution via ListServe
R. Edington -4-
Electronic distribution by RIV:
Regional Administrator (Art.Howell@nrc.gov)
Deputy Regional Administrator (Robert.Lewis@nrc.gov)
DRP Director (Kriss.Kennedy@nrc.gov)
Acting DRP Deputy Director (Michael.Scott@nrc.gov)
DRS Director (Tom.Blount@nrc.gov)
Acting DRS Deputy Director (Jeff.Clark@nrc.gov)
Senior Resident Inspector (Tony.Brown@nrc.gov)
Resident Inspector (Dustin.Reinert@nrc.gov)
Administrative Assistant (Revonna.Stuart@nrc.gov)
Branch Chief, DRP/E (Don.Allen@nrc.gov)
Senior Project Engineer, DRP/E (Ray.Azua@nrc.gov)
Project Engineer, DRP/E (Jim.Melfi@nrc.gov)
Project Engineer, DRP/E (Dan.Bradley@nrc.gov)
Public Affairs Officer (Victor.Dricks@nrc.gov)
Public Affairs Officer (Lara.Uselding@nrc.gov)
Project Manager (Balwant.Singal@nrc.gov)
Branch Chief, DRS/TSB (Ray.Kellar@nrc.gov)
RITS Coordinator (Marisa.Herrera@nrc.gov)
ACES (R4Enforcement.Resource@nrc.gov)
Regional Counsel (Karla.Fuller@nrc.gov)
Technical Support Assistant (Loretta.Williams@nrc.gov)
Congressional Affairs Officer (Jenny.Weil@nrc.gov)
RIV/ETA: OEDO (Doug.Huyck@nrc.gov)
S:\DRS\REPORTS\Reports Drafts\PV2013405 RFI-STG TI2202-004.docx ML13119A545
ADAMS: No Yes SUNSI Review Complete Reviewer Initials: STG
Publicly Available Non-Sensitive
Non-publicly Available Sensitive
SRI:DRS/EB2 C:DRP/PBE C:DRS/EB2
STGraves DAllen GBMiller
/RA/ /RA/ /RA/
4/29/13 4/29/13 4/29/13
OFFICIAL RECORD COPY T=Telephone E=E-mail F=Fax
CYBER SECURITY TEMPORARY INSTRUCTION (TI) 2201/004 (MILESTONES 1 - 7)
REQUEST FOR INFORMATION
Inspection Report: 05000528/2013405, 05000529/2013405, 05000530/2013405
Onsite Dates: June 4 - 6, 2013 (Information Gathering Visit)
June 17 - 21, 2013 (Cyber Security TI Inspection)
Procedure: Temporary Instruction 2201/004, Inspection of Implementation of Interim Cyber
Security Milestones 1 - 7
NRC Inspectors: Sam Graves, Lead Inspector
(817) 200-1102
samuel.graves@nrc.gov
Greg Pick, Reactor Inspector
(817) 200 - 1270
Greg.Pick@nrc.gov
Security Contractor: Jeffery Knight
I. Information Requested Prior to the Information Gathering Visit
The following information is requested by May 20, 2013. Electronic media is preferred. Where
information is provided that includes tables and/or lists of data or other such information, please
do not scan such tables and/or lists as images. The preferred file format is a searchable
portable document format (pdf) file on transportable media (CD/DVD). The information should
be indexed and hyperlinked to facilitate use. Please provide three copies of each CD submitted
(one for each inspector and for a cyber security contractor). Do not include Safeguards-related
(SGI) material on the media. This material will be reviewed while onsite.
A. Cyber Security TI Documentation
1. Please provide a list of all documents necessary to support verification of the TI
requirements for each of the Cyber Security Milestones (1 through 7) identified in
Enclosure 3 - Cyber Security Plan Implementation Schedule. Identify and describe
each milestone in a separate folder on the media (e.g., Milestone 1, Milestone 2,
etc.). If the milestone description differs from those described in the Temporary
Instruction, provide a cross-reference between them. Each milestone document
should be listed in a table as follows:
MILESTONE X (where X equals 1 through 7)
Document Title Description Revision Status
Number
No. 1
No. 2
No. 3
etc
-1- Enclosure
Based on the list of documents identified in I. A.1 above, for each milestone document where
the Status is identified as completed, place the completed document in its associated folder
and hyperlink the associated document number to the completed document. For each
document, the Status should be identified as not started, in-progress or completed.
Please ensure the documents identified in I.A.1 above include the documents identified below
(I.A.2 - I.A.8) for MILESTONES 1 - 7 and are included in the I.A.1 table.
2. MILESTONE 1 - Provide the following documentation for the Cyber Security
Assessment Team (CSAT):
a. Procedures establishing the CSAT team.
b. List of CSAT members noting primary areas of responsibility.
c. Procedures detailing qualification requirements for CSAT members.
d. Supporting documentation that demonstrates each CSAT member meets the
requirements to fulfill their respective position on the team. For example,
member resumes; evaluation of previous education and experience; training
required by your implementing procedures and supporting documentation which
shows training was completed; or industry certifications).
3. MILESTONE 2 - Provide the following documentation:
a. List of plant systems noting which systems have been identified as critical
systems (CSs).
b. Procedure documenting the process by which CSs and Critical Digital Assets
(CDAs) are identified in accordance with your CSP.
4. MILESTONE 3 - Provide the following documentation:
a. Procedures establishing your cyber defensive architecture. Explain any
variances from your CSP and tracking documents for their correction.
b. Provide an overview of your cyber defensive architecture, preferably with
overview level diagrams showing the various levels and location of the subject
deterministic one-way device.
c. Provide details of the implementation of the subject deterministic one-way
device.
5. MILESTONE 4 - Provide the following documentation:
Procedures implementing the security control Access Control for Portable and
Mobile Devices. Include any training material or promotional literature distributed to
staff associated with the control.
6. MILESTONE 5 - Provide the following documentation:
a. Procedures implementing the requirements described in Milestone 5.
b. Training materials associated with the changes to plant programs associated with
Milestone 5
-2- Enclosure
7. MILESTONE 6 - Provide the following documentation:
Procedures documenting the process by which technical cyber security controls have
been identified for those CDAs which require the implementation of technical security
controls for Milestone 6.
8. MILESTONE 7 - Provide the following documentation:
Procedures implementing the ongoing monitoring and assessment activities as
described in your CSP.
B. Cyber Security Supporting Documentation
1. Provide a copy of the current version of the updated safety analysis report (USAR),
Technical Specifications (TS), and technical requirements manual (TRM) or
equivalent.
2. Provide a copy of the current cyber security Health Report, if available.
3. Provide a copy of the current plant drawings used for operator training that provide
additional information on system operation, system operating parameters, setpoints,
etc. (e.g., some licensees refer to these drawings as Horse Notes) for identified
cyber security CSs, if available.
4. Provide operator training lesson plans and/or operator training aids for identified
cyber security CSs, if available.
II. Information Requested During the Information Gathering Visit (June 4 - 6,
2013)
The following information is requested to be provided to the inspectors during the onsite
information gathering visit. It is requested that the following information be provided on three
sets of searchable CD/DVDs.
A. General Information:
1. A listing of abbreviations and/or designators for plant systems;
2. Organizational chart for corporate and site personnel involved in establishing,
overseeing, and maintaining the Cyber Security Program and;
3. A phone list for licensee personnel.
B. Facility Information:
1. Provide a presentation/discussion of your CSP, existing cyber security CSs, and
associated CDAs.
2. Provide a list and discussion of currently scheduled or planned cyber security related
modifications to be installed in the plant.
C. Specific Information Associated with the Milestones:
1. Provide a presentation/discussion of your CSP, existing cyber security CSs, and
associated CDAs.
-3- Enclosure
2. MILESTONE 3 - Be prepared to provide an overview walkdown of the cyber
architecture within the plant including safety, security and emergency preparedness
related CDAs.
3. MILESTONE 6 - Be prepared to present information for target set CDAs including a
list of target set CDAs, and documentation of the process for identifying them. For
selected CDAs, be prepared to provide documentation for each of the technical
controls in Appendix D of NEI 08-09, Revision 6, the results of reviews required
under your CSP.
(a) For controls that are implemented, provide the procedures implementing the
control. Common controls for all CDAs may be provided in a separate list with
the procedures implementing each of them.
(b) For alternate controls that have been implemented, provide the documented
basis for employing alternative countermeasures, and the procedures
implementing the alternative measures.
(c) Where controls have been deemed unnecessary, provide the threat vector
analysis supporting the conclusion that the threat vector does not exist.
4. MILESTONE 7 - For the CDAs selected above, be prepared to provide
documentation for each of the technical controls in Appendix D of NEI 08-09,
Revision 6, and the results of immediate activities required under your CSP.
(a) For all controls that are implemented, provide the objective evidence that the
control is effective IAW your CSP. This may be combined with the
documentation provided for Milestone 6.
(b) Documentation for common controls for all CDAs may be provided in a separate
list with the procedures implementing each of them.
(c) Provide governing procedures and results of vulnerability scans performed to
comply with your CSP.
III. Information Requested to be Available on First Day of the Onsite Inspection
Week (June 17, 2013)
Any updates to information previously provided.
IV. Information Requested to be Provided Throughout the Temporary Instruction
Inspection Assessment
Copies of the list of questions/documents requested identified by the inspector and the
status/resolution of the information requested (provided daily during the TI inspection to each
inspector).
If you have questions regarding the information requested, please contact the lead inspector,
Sam Graves, (817) 200-1102, or by email to samuel.graves@nrc.gov.
-4- Enclosure