Text

Supplement to License Amendment Request (LAR) for Cyber Security Plan Implementation Date Extension
	ML14126A727
Person / Time
Site:	Monticello, Prairie Island ; (DPR-022, DPR-042, DPR-060)
Issue date:	05/05/2014
From:	Murphy M; Northern States Power Co, Xcel Energy
To:	; Document Control Desk, Office of Nuclear Reactor Regulation
Shared Package
ML14126A726	List: ML14126A727;
References
	L-XE-14-001
	Download: ML14126A727 (20)
	v • d • e

ENCLOSURE 1 (EXCLUDING ATTACHMENTS) CONTAINS SECURITY RELATED INFORMATION: WITHHOLD UNDER 10 CFR 2.390

&XcelEnergy@

414 Nicollet Mall - MP4 Minneapolis, MN 55401 May 5, 2014 L-XE-14-001 10 CFR 50.90 ATTN: Document Control Desk U S Nuclear Regulatory Commission Washington, DC 20555-0001 Prairie Island Nuclear Generating Plant, Units 1 and 2 Dockets 50-282 and 50-306 Renewed Facility Operating License Nos.

DPR-42 and DPR-60 Monticello Nuclear Generating Plant Docket 50-263 Renewed Facility Operating License No. DPR-22 Supplement to License Amendment Request (LAR) for Northern States Power Company, Minnesota (NSPM) Cyber Security Plan Implementation Date Extension

References:

1. James E. Molden, NSPM, Letter to Document Control Desk, "Supplement to License Amendment Request (LAR) for Approval of the Northern States Power Company - Minnesota Cyber Security Plan," dated April 1, 2011 (TAC Nos.

ME4294, ME4295, and ME4272) (Agencywide Documents Access and Management System (ADAMS) Accession No. ML110940096).

2. Thomas J. Wengert, NRC, Letter to Mark A. Schimmel, "Prairie Island Nuclear Generating Plant, Unit 2 - Correction to License Page Included with Amendment No. 189 Regarding Cyber Security Plan," dated August 11, 2011 (TAC No.

ME4295) (ML112220090).

3. Thomas J. Wengert, NRC, Letter to Mark A. Schimmel, "Prairie Island Nuclear Generating Plant, Units 1 and 2 Issuance of Amendment RE: Cyber Security Plan," dated July 29, 2011 (TAC NOS. ME4294 AND ME4295) (ML11187A231).

4. Peter S. Tam, NRC, Letter to Timothy J. O'Connor, "Monticello Nuclear Generating Plant - Issuance of Amendment RE: Cyber Security Plan," dated July 29, 2011 (TAC No. ME4272) (ML11186A992).

5. Martin C. Murphy, NSPM, Letter to Document Control Desk, "License Amendment Request (LAR) for Northern States Power Company, Minnesota

Document Control Desk Page 2 (NSPM) Cyber Security Implementation Date Extension," dated November 27, 2013.

This letter provides supplemental information in support of the LAR submitted in Reference 5 by the Northern States Power Company, a Minnesota Corporation (NSPM) doing business as Xcel Energy. Reference 5 requested an amendment to the Facility Operating Licenses (FOLs) for Prairie Island Nuclear Generating Plant (PINGP) Unit 1 and Unit 2 and Monticello Nuclear Generating Plant (MNGP) and proposed a change to the NSPM Cyber Security Plan (CSP) Milestone 8 (M8) full implementation date as set forth in the Reference 1. provides a detailed description of the proposed changes, a technical analysis of the proposed changes, NSPM's regulatory analysis of the proposed changes, and an environmental evaluation. provides NSPM's determination that the proposed changes do not involve a significant hazard consideration.

NSPM requests approval of the proposed License Amendment by December 1, 2014, to be implemented within 90 days of the issuance of the license amendment.

In accordance with 10 CFR 50.91(b), NSPM is providing the State of Minnesota with a copy of this letter.

This LAR supplement incorporates the following changes:

The header for the security related information was changed to identify this Enclosure as Enclosure 1 and added the security related header to each page of to be consistent with 10 CFR 2.390.

was added to include the No Significant Hazards Consideration. This section of the report was moved from section 4.0, REGULATORY ANALYSIS, of the original enclosure to Enclosure 2 which is not marked as security related information.

(License Pages (markups)) and Attachment 3 (License Pages (retyped)) were added to Enclosure 1, which provide the markups and retyped pages for the PINGP and MNGP licenses. to this letter (excluding its attachments) contains security related information (SRI), therefore NSPM requests that the Enclosure 1 be withheld from public disclosure in accordance with 10 CFR 2.390.

If you should have any questions regarding this submittal, please contact Mr. Frank Sienczak at (651) 267-1740.

Summary of Commitments This letter makes no new commitments or changes to any existing commitments.

Document Control Desk Page 3 I certify under penalty of perjury that the foregoing is correct and true.

Executed on May 5, 2014.

Martin C. Murphy Director, Nuclear Licensing and Regulatory Affairs Northern States Power Company - Minnesota Enclosures (2) cc:

Administrator, Region III, USNRC Project Manager, PINGP, USNRC Resident Inspector, PINGP, USNRC Project Manager, MNGP, USNRC Resident Inspector, MNGP, USNRC Department of Commerce, State of Minnesota (letter only)

NSPM Revise CSP Implementation Date Northern States Power Company, Minnesota (NSPM)

Cyber Security Correction Action Program (CAP) Report 4 Pages Follow

Cyber Security-related Corrective Action Program (CAP) Action Requests (ARs)

Type AR Nbr Subject CAP 01150009 Cyber Security Awareness training has not been completed.

CAP 01250366 Cyber Security training is not being completed.

CAP 01297211 Some Cyber Security Program processes being suspended CAP 01319089 Bechtel Power Network Intrusion Cyber Incident (SC-2577201)

CAP 01320990 Accrual error for NEI 08-09 Cyber Security Project-2011 CAP 01321327 No response to request for bid for engineering project CAP 01321367 No response for request for bid for engineering project CAP 01323621 Operator training has not been given on tampering CAP 01324018 Inconsistent Engineering support negatively impacts EC-13638 CAP 01324175 Identify EP equipment in passport CAP 01324253 NEI 08-09 project support lacking CAP 01325860 Resources for CS project were not accurately forecasted CAP 01325873 Cyber Security project behind schedule CAP 01326169 Cyber Security CSAT Team Quals not completed CAP 01332265 CSAT Identifies Potential SGI process issue CAP 01333002 Cyber Security Project exceeds authorized spending for March CAP 01337435 CAP 01332265 assignment went overdue CAP 01338669 Beacon TSM project NEI 08-09 compliance questions CAP 01338676 NEI Amendment to FOL on Cyber Security Plan Changes CAP 01339636 Fleet Guide reference procedure has no number CAP 01341197 T-MOD Required for Supplemental Cooling of MIUX6 CAP 01341437 Placeholders for 2013, 2014 Cyber Security funding removed CAP 01342732 milestone for EC 20107 approval (data diode) will not be met CAP 01343653 Key Project Goal (Cyber Sec) not completed per proc reqts CAP 01344979 cyber security project stop work requested on contract CAP 01348021 Cyber Security Milestone 5 evaluation CAP 01348791 NANTEL training can't be easily used for site programs CAP 01350748 Inconsistent industry guidance for Cyber Security project CAP 01350749 August Actuals for Cyber Security project not as forecast CAP 01352307 Error identified in FP-CY-GWPP-01 CAP 01353934 Safety messages in explosive det - unnecessary cyber risk CAP 01356264 FSA rescheduled without PARB approval CAP 01356692 PC Interface to Heater Level Controllers on Business Network CAP 01357497 October Security MOTs KPI not met CAP 01358071 Cyber Security NSIAC review of seven milestones for 2012 CAP 01358184 SSA credited for USA Peer Cyber Sec Assmt not IAW process CAP 01358979 Cyber assessment revealed CDA Security Controls not in place CAP 01359418 CASF DEV MCR Moore 353 Remediation CAP 01359644 Cyber Security, Critical Group Expansion FSA - AFI 2.1 CAP 01359983 Install data diode milestone for cyber security challenged CAP 01360026 Cyber Security Milestone 3 Track completion of Data Diode EC CAP 01360663 Cyber Security industry uncertainty in milestone positions CAP 01360763 Cyber Security Milestone 3 Track completion of Data Diode EC CAP 01362277 Review of Cyber Security Milestone packages by licensing CAP 01362301 Cyber Security project overspend in December CAP 01363304 Fleet LAN systems not in compliance with FP-IT-CSP-08 CAP 01363746 CAP not processed through Screening CAP 01365722 OE: NRC TI 2201/004 Insp. of Interim Cyber Security Mileston CAP 01366231 Possible non-compliance w/RegGuide 5.71,,Cyber Security" I

Cyber Security-related Corrective Action Program (CAP) Action Requests (ARs)

Type AR Nbr Subject CAP 01366467 HQEC Access Will Require Bypass of Data Diodes CAP 01366997 CSAT to remove non-digital asset FTS 2000 System CAP 01367015 CSAT should remove duplicate Passport IDs from Analogic DAS CAP 01367575 Cyber Security CDA Media Protection Actions CAP 01367740 Computer virus found on Bently Nevada System 1 Server CAP 01368371 OE: NRC JA-13-01 Reporting Suspicious Cyber Activity CAP 01369940 Person denied access at OCA Check point CAP 01369941 Training dept limitations require more project costs CAP 01370018 Some Security equipmnt missed during cyber CDA determination CAP 01371712 NEI conference shows disparity between NRC and NEI positions CAP 01373567 Cyber Security CDA Remediation Required Sys. SU CAP 01374509 Cyber Security CDA Remediation Required Sys. SU CAP 01374640 Cyber Security CDA Remediation Required Sys. SU CAP 01374643 Cyber Security CDA Remediation Required Sys. EH CAP 01377122 Digital Assets over looked in Initial CDA Determination CAP 01377684 Cyber Security project March Actuals less than forecast CAP 01378414 Unable to complete 1047-02 monthly step as written.

CAP 01378611 NRC final SFAQ promulgated for Cyber Security Milestones 1-7 CAP 01379261 Potential Cyber Security Issue with respect to KVM\\4 devices CAP 01379426 Possible Cyber security issue identified at T-0 CAP 01380291 EC 19510 was approved without CDA Determination CAP 01381179 Evaluate NRC Memorandum for Effects on Cyber Security CAP 01381193 Computer server MTRS25 does not have CDA Determination done CAP 01382158 Generate Equipment IDs for CDAs that are not in Passport CAP 01382700 OE: NRC Security Advisory 10-09 Universal Serial Bus Malware CAP 01383140 OE: NRC Security Advisory 10-09 Universal Serial Bus Malware CAP 01384634 Quorum not met for CSAT meeting on May 28, 2013 CAP 01385577 No laptop available to obtain Serveron data CAP 01385845 OE: NEI SFAQ 12-17 to 12-23 Cyber Security Milestones 1-7 CAP 01386263 Cyber Security - actions to bring Milestone 4 into alignment CAP 01387135 OE: NEI SA 11-07 Multiple Vulnerabilities Discovered CAP 01388257 Equipment added to Level 3 network without CDA Determination CAP 01388382 WT-ST-1 and WT-ST-2 do not have CDA Determination CAP 01389573 CSAT meeting cancelled due to EP Drill CAP 01389814 Quorum not met for CSAT meeting July 12-2013 CAP 01389866 Document Issuance of NRC SFAQ's issued April 26 CAP 01390154 Dose Management Function in PassPort is not working CAP 01391748 Cyber Security Program Mfilestone 8 Gaps CAP 01392230 Cyber Design Input not provided for EC 20494 early enough CAP 01392231 EC 20494 does not appear to be compliant with Cyber Program CAP 01392971 A cyber "bright line" needs to be established in switchyards CAP 01393049 Possible cyber issue with ERCS-Switchyard data connection CAP 01393781 Sites not aligned with NEI SFAQ 12-21 for cyber Milestone 5 CAP 01400077 Software procurement without SQA requirements in place CAP 01400653 CSP D1.8 SYSTEM USE NOTIFICATION CAP 01400722 CYB SEC PLAN D1.18 INSECURE AND ROGUE CONNECTIONS CAP 01400733 CY B SEC PLAN El0.3 BASELINE CONFIGURATION CAP 01400759 CYB SEC PLAN D1.4 INFORMATION FLOW ENFORCEMENT CAP 01400811 CYB SEC PLAN D5.4 HARDWARE CONFIGURATION 2

Cyber Security-related Corrective Action Program (CAP) Action Requests (ARs)

Type AR Nbr Subject CAP 01400815 CYB3 SEC PLAN E3.3 MALICIOUS CODE PROTECTION CAP 01400817 CYB SEC PL-AN E8.5 CDA BACKUPS CAP 01400831 Users overlooked on IT critical user group CAP 01400858 CYB SEC PLAN D4.3 PASSWORD REQUIREMENTS CAP 01401036 CYB SEC PLAN D2.2 AUDITABLE EVENTS CAP 01401040 CYB SEC PLAN D2.3 CONTENT OF AUDIT RECORDS CAP 01401041 CY'B SEC PLAN D2.4 AUDIT STORAGE CAPACITY CAP 01401045 CYB SEC PLAN D2.5 RESPONSE TO AUDIT PROCESSING FAILURES CAP 01401047 CYB SEC PLAN D4.6 IDENTIFIER MANAGEMENT CAP 01401049 CYB SEC PLAN D4.7 AUTHENTICATOR IVIANAGEMENT CAP 01401142 CYB SEC PLAN D1.7 UNSUCCESSFUL LOGIN ATTEMPTS CAP 01401143 CYB SEC PLAN DI.10 SESSION LOCK CAP 01401877 Mvlicrowave Tower does not meet Cyber Security requirements CAP 01404514 OE: NEI 13-10 CAP 01406174 CYB SEC PLAN D1.3 ACCESS ENFORCEMENT CAP 01406187 CYiB SEC PLAN D1.5 SEPARATION OF FUNCTIONS CAP 01406192 CYB SEC PLAN D1.6 LEAST PRIVILEGE CAP 01406224 CYB SEC PLAN D1.12 PERMITTED ACTIONS WITHOUT ID OR AUTH CAP 01406234 CYB SEC PLAN D4.2 USER IDENTIFICATION AND AUTHENTICATION CAP 01406245 CYB SEC PLAN D4.4 NON-AUTHENTICATED HMI SECURITY CAP 01406253 CYB SEC PLAN E5.5 PI-HYSICAL ACCESS CONTROL CAP 01406255 CYB SEC PLAN E10.7 CONFIGURATION SETTINGS CAP 01406359 PEB Network Switches Not Assessed for CDA Determination CAP 01406685 CYB SEC PLAN D1.2 ACCOUNT MANAGEMENT CAP 01408448 CYB SEC PLAN D1.11 Supervision And ReviewjAccess Control CAP 01408453 CYB SEC PLAN D1.16 ýOPEN/INSECUREý PROTOCOL RESTRICTIONS CAP 01408454 CYB SEC PLAN D1.22 USE OF EXTERNAL SYSTEMS CAP 01408472 CYB SEC PLAN D2.9 PROTECTION OF AUDIT INFORMATION CAP 01408473 CYiB SEC PLAN D2.12 AUDIT GENERATION CAP 01408474 CYB SEC PLAN D3.10 UNAUTHORIZED REMOTE ACTIVATION OF SERVICE CAP 01408476 CYB SEC PLAN D5.1 REMOVAL OF UNNECESSARY SERVICES &

PROGRAMS CAP 01408480 CX1B SEC PLAN D5.2 HOST INTRUSION DETECTION SYSTEM (HIDS)

CAP 01408482 CYB SEC PLAN D5.3 CHANGES TO FILE SYSTEM & OS PERMISSIONS CAP 01408483 CYB SEC PLAN E10.8 LEAST FUNCTIONALITY CAP 01410394 CYB SEC PLAN E6 DEFENSE-IN-DEPTH CAP 01412672 PPC14 Connected to Business Network CAP 01414418 Cyber Security Fleet/Site Procedure Conflict CAP 01415724 CSAT Preparedness Issues during 01/21/2014 meeting CAP 01415779 OE: Evaluate need for cyber security data 'transfer station' CAP 01416538 OE: ICES 308413 Computer Virus Found on Online Noble Chem CAP 01416683 Incomplete statement of CDA applicability in Target Sets CAP 01417854 Cyber Sec Plan CDA controls not in place - OCA Locations CAP 01417865 D 1.8 Cyber Sec Plan CDA controls not in place CAP 01417871 D 1.17 Cyber Sec Plan CDA security controls not in place CAP 01417878 E 1.2 - E 1.4 Cyber Sec Plan CDA controls not in place CAP 01418111 OE: NEI 13-10 CAP 01418834 Cyber Sec - NSSS Computer terminal not identified as a CDA CAP 01418838 U2 NSSS comp replaced with Laptop using inadequate controls 3

Cyber Security-related Corrective Action Program (CAP) Action Requests (ARs)

Type AR Nbr Subject CAP 01418933 Cyber Security Meeting Minutes Issues CAP 01418950 Requirements for Cyber Security Checks not Described CAP 01418956 Admin issues Fleet Cyber Security procedure/Milestone 2 pkg CAP 01418958 Requirements for Escorting Personnel with Access to CDA CAP 01418961 Issue with CDA Determination form (QF1521) instructions CAP 01419058 Interim actions not taken to apply cyber controls to CDAs CAP 01419188 Cyber Security Def Strategy Proced inconsistent with RG 5.71 CAP 01419197 Installed bypasses not adhering to Cyber Sec Proc & RG 5.71 CAP 01419258 Newly-hired PINGP Electrical workers not in Critical Group CAP 01419381 Passport CDA entries incomplete/CDA List not visible to all CAP 01419589 No actions/disposition for some deficiencies noted in FSA CAP 01419604 CSAT Operations members lack Ops experience CAP 01419611 Required Cyber Tampering Training not documented 1 SFM CAP 01419675 MT CSAT practices inconsistent w/ FP-IT-CSP-12 CAP 01419682 Cyber security procedures for portable devices not followed CAP 01419688 Examples-Not following Cyber sec proc for portable devices CAP 01419785 WG Gas Analyzers at Prairie Island not identified as a CDA CAP 01419942 CYB SEC PLAN 3.7 SOFTWARE AND INFORMATION INTEGRITY CAP 01420551 Relay Dept. work on CDAs and not memember of critical group CAP 01422170 Fleet Cyber Security policy/procs not aligned or non-exist CAP 01422672 CDA determination not made on some digital plant equipment CAP 01423960 Required target set revision due to cybersecurity impact CAP 01423963 Target set cybersecurity review identified pot vulnerability CAP 01425848 Regulatory Submittal Error Caught Prior to Submittal CAP 01426404 Digital asset 4KV-XFIVIIR-PM CAP 01427774 Engineering resources not assigned to Cyber Security project CAP 01428048 KVM Switch Not Assessed for CDA Determination CAP 01428076 Design Engineering CSAT Member Replacement 4

NSPM Revise CSP Implementation Date License Pages (markups)

PINGP Unit 1, Renewed Operating License No. DPR-42, (page 4)

" PINGP Unit 2, Renewed Operating License No. DPR-60, (page 4)

" MNGP, Renewed Operating License No. DPR-22, (pages 3 - 4) 4 Pages Follow Safeguards Information protected under 10 CFR 73.21, is entitled: "Prairie Island Nuclear Generating Plant Security Plan, Training and Qualification Plan, Safeguards Contingency Plan, and Independent Spent Fuel Storage Installation Security Program," submitted by letters dated October 18, 2006, and January 10, 2007, and as supplemented by letters dated March 18 and June 2, 2011, and approved by NRC Safety Evaluation dated August 16, 2011.

NSPM shall fully implement and maintain in effect all provisions of the Commission-approved Northern States Power Company - Minnesota (NSPM)

Cyber Security Plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The NSPM CSP was approved by License Amendment No. 202 and supplemented by License Amendment No.

(4) Fire Protection NSPM shall implement and maintain in effect all provisions of the approved fire protection program as described and referenced in the Updated Safety Analysis Report for the Prairie Island Nuclear Generating Plant, Units 1 and 2, and as approved in Safety Evaluation Reports dated February 14, 1978, September 6, 1979, April 21, 1980, December 29, 1980, July 28, 1981, October 27, 1989, and October 6, 1995, subject to the following provision:

NSPM may make changes to the approved Fire Protection Program without prior approval of the Commission only if those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.

(5) Additional Conditions The Additional Conditions contained in Appendix B, as revised through Amendment No. 206, are hereby incorporated into this license. NSPM shall operate the facility in accordance with the Additional Conditions.

(6) Mitigation Strategy License Condition Develop and maintain strategies for addressing large fires and explosions and that include the following key areas:

(a) Fire fighting response strategy with the following elements:

1. Pre-defined coordinated fire response strategy and guidance

2. Assessment of mutual aid fire fighting assets

3. Designated staging areas for equipment and materials

4. Command and control

5. Training of response personnel Renewed Operating License No. DPR-42 Amendment No. 206 Safeguards Information protected under 10 CFR 73.21, is entitled: "Prairie Island Nuclear Generating Plant Security Plan, Training and Qualification Plan, Safeguards Contingency Plan, and Independent Spent Fuel Storage Installation Security Program," submitted by letters dated October 18, 2006 and January 10, 2007, and as supplemented by letters dated March 18 and June 2, 2011, and approved by NRC Safety Evaluation dated August 16, 2011.

NSPM shall fully implement and maintain in effect all provisions of the Commission-approved Northern States Power Company - Minnesota (NSPM)

Cyber Security Plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The NSPM CSP was approved by License Amendment No. 189 and supplemented by License Amendment No.

(4) Fire Protection NSPM shall implement and maintain in effect all provisions of the approved fire protection program as described and referenced in the Updated Safety Analysis Report for the Prairie Island Nuclear Generating Plant, Units 1 and 2, and as approved in Safety Evaluation Reports dated February 14, 1978, September 6, 1979, April 21, 1980, December 29, 1980, July 28, 1981, October 27, 1989, and October 6, 1995, subject to the following provision:

NSPM may make changes to the approved Fire Protection Program without prior approval of the Commission only if those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.

(5) Additional Conditions The Additional Conditions contained in Appendix B, as revised through Amendment No. 193, are hereby incorporated into this license. NSPM shall operate the facility in accordance with the Additional Conditions.

(6) Mitigation Strategy License Condition Develop and maintain strategies for addressing large fires and explosions and that include the following key areas:

(a) Fire fighting response strategy with the following elements:

1. Pre-defined coordinated fire response strategy and guidance

2. Assessment of mutual aid fire fighting assets

3. Designated staging areas for equipment and materials

4. Command and control

5. Training of response personnel (b) Operations to mitigate fuel damage considering the following:

1. Protection and use of personnel assets

2. Communications

3. Minimizing fire spread

4. Procedures for implementing integrated fire response strategy

5. Identification of readily-available pre-staged equipment

6. Training on integrated fire response strategy

7. Spent fuel pool mitigation measures Renewed Operating License No. DPR-60 Amendment No. 4-W Corrected by letter dated February 20, 2013

2.

Pursuant to the Act and 10 CFR Part 70, NSPM to receive, possess, and use at any time special nuclear material as reactor fuel, in accordance with the limitations for storage and amounts required for reactor operations, as described in the Final Safety Analysis Report, as supplemented and amended, and the licensee's filings dated August 16, 1974 (those portions dealing with handling of reactor fuel);

3.

Pursuant to the Act and 10 CFR Parts 30, 40 and 70, NSPM to receive, possess, and use at any time any byproduct, source and special nuclear material as sealed neutron sources for reactor startup, sealed sources for reactor instrumentation and radiation monitoring equipment calibration, and as fission detectors in amounts as required;

4.

Pursuant to the Act and 10 CFR Parts 30, 40 and 70, NSPM to receive, possess, and use in amounts as required any byproduct, source or special nuclear material without restriction to chemical or physical form, for sample analysis or instrument calibration or associated with radioactive apparatus or components; and

5.

Pursuant to the Act and 10 CFR Parts 30 and 70, NSPM to possess, but not separate, such byproduct and special nuclear material as may be produced by operation of the facility.

C.

This renewed operating license shall be deemed to contain and is subject to the conditions specified in the Commission's regulations in 10 CFR Chapter I and is subject to all applicable provisions of the Act and to the rules, regulations, and orders of the Commission, now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:

1.

Maximum Power Level NSPM is authorized to operate the facility at steady state reactor core power levels not in excess of 2004 megawatts (thermal).

2.

Technical Specifications The Technical Specifications contained in Appendix A, as revised through Amendment No. 176 are hereby incorporated in the license. NSPM shall operate the facility in accordance with the Technical Specifications.

3.

Physical Protection NSPM shall implement and maintain in effect all provisions of the Commission--approved physical security, guard training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p)(2). The combined Renewed License No. DPR-22 Amendment No. 1-thru set of plans which contain Safeguards Information protected under 10 CFR 73.21, are entitled: "Monticello Nuclear Generating Plant Physical Security, Training and Qualification, and Safeguards Contingency Plan," with revisions submitted through May 12, 2006.

NSPM shall fully implement and maintain in effect all provisions of the Commission-approved Northern States Power Company - Minnesota (NSPM) Cyber Security Plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The NSPM CSP was approved by License Amendment No. 166 and supplemented by License Amendment No.

4.

Fire Protection NSPM shall implement and maintain in effect all provisions of the approved fire protection program as described in the Updated Safety Analysis Report for the facility and as approved in the SER dated August 29, 1979, and supplements dated February 12, 1981 and October 2, 1985, subject to the following provision:

NSPM may make changes to the approved fire protection program without prior approval of the Commission only if those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.

5.

Emergency Preparedness Plan NSPM shall follow and maintain in effect emergency plans which meet the standards of 10 CFR 50.47(b) and the requirements in 10 CFR 50, Appendix E, including amendments and changes made pursuant to the authority of 10 CFR 50.54(q). The licensee shall meet the requirements of 10 CFR 50.54(s), 50.54(t), and 50.54(u).

6.

TMI Action Plan NSPM has satisfactorily met all TMI-2 Lessons Learned Category "A" requirements applicable to the facility. NSPM shall make a timely submittal in response to the letter dated October 31, 1980 regarding post-TMI requirements from Darrell G. Eisenhut, Director, Division of Licensing, Office of Nuclear Reactor Regulation to All Licensees of Operating Plants and Applicants for Operating Licenses and Holders of Construction Permits (NUREG-0737).

7.

Repairs to the Recirculation System Piping The repairs to the recirculation system piping are approved and the unit is hereby authorized to return to power operation, subject to the following condition:

Prior to the startup of Cycle 11, NSPM shall submit by August 1, 1983 for the Commission's review and approval, a. program for inspection and/or modification of the recirculation system piping.

Renewed License No. DPR-22 Amendment No. 166, !75, Revise CSP Implementation Date License Pages (retyped)

" PINGP Unit 1, Renewed Operating License No. DPR-42, (page 4)

" PINGP Unit 2, Renewed Operating License No. DPR-60, (page 4)

" MNGP, Renewed Operating License No. DPR-22, (pages 3 - 4)

NSPM 4 Pages Follow Safeguards Information protected under 10 CFR 73.21, is entitled: "Prairie Island Nuclear Generating Plant Security Plan, Training and Qualification Plan, Safeguards Contingency Plan, and Independent Spent Fuel Storage Installation Security Program," submitted by letters dated October 18, 2006, and January 10, 2007, and as supplemented by letters dated March 18 and June 2, 2011, and approved by NRC Safety Evaluation dated August 16, 2011.