ML14202A372
| ML14202A372 | |
| Person / Time | |
|---|---|
| Site: | FitzPatrick  |
| Issue date: | 12/01/2014 |
| From: | Pickett D Plant Licensing Branch 1 |
| To: | Coyle L Entergy Nuclear Operations |
| Pickett D | |
| References | |
| TAC MF3456 | |
| Download: ML14202A372 (14) | |
Text
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 December 1, 2014 Vice President, Operations Entergy Nuclear Operations, Inc.
James A. FitzPatrick Nuclear Power Plant P.O. Box 110 Lycoming, NY 13093
SUBJECT:
JAMES A. FITZPATRICK NUCLEAR POWER PLANT -ISSUANCE OF AMENDMENT RE: CYBER SECURITY PLAN IMPLEMENTATION SCHEDULE MILESTONE 8 (TAC NO. MF3456)
Dear Sir or Madam:
The Commission has issued the enclosed Amendment No. 308 to Renewed Facility Operating License No. DPR-59 for the James A. FitzPatrick (JAF) Nuclear Power Plant. The amendment consists of changes to the JAF Cyber Security Plan Milestone 8 full implementation date in response to your application dated January 31, 2014, as supplemented by your letter dated July 2, 2014.
The amendment revises the date of the Cyber Security Plan Implementation Milestone 8 to June 30, 2016. The amendment also revises the associated Physical Protection license condition regarding full implementation of the Cyber Security Plan.
A copy of the related Safety Evaluation is enclosed. A Notice of Issuance will be included in the Commission's next regular biweekly Federal Register notice.
Docket No. 50-333
Enclosures:
- 1. Amendment No. 308 to DPR-59
- 2. Safety Evaluation cc w/encls: Distribution via Listserv Sincerely, Douglas V. Pickett, Senior Project Manager Plant Licensing Branch 1-1 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 ENTERGY NUCLEAR FITZPATRICK. LLC AND ENTERGY NUCLEAR OPERATIONS, INC.
DOCKET NO. 50-333 JAMES A. FITZPATRICK NUCLEAR POWER PLANT AMENDMENT TO RENEWED FACILITY OPERATING LICENSE Amendment No. 308 Renewed Facility Operating License No. DPR-59
- 1.
The Nuclear Regulatory Commission (the Commission) has found that:
A.
The application for amendment by Entergy Nuclear Operations, Inc. (the licensee) dated January 31, 2014, as supplemented on July 2, 2014, complies with the standards and requirements of the Atomic Energy Act of 1954, as amended (the Act) and the Commission's rules and regulations set forth in 10 CFR Chapter I; B.
The facility will operate in conformity with the application, the provisions of the Act, and the rules and regulations of the Commission; C.
There is reasonable assurance (i) that the activities authorized by this amendment can be conducted without endangering the health and safety of the public, and (ii) that such activities will be conducted in compliance with the Commission's regulations; D.
The issuance of this amendment will not be inimical to the common defense and security or to the health and safety of the public; and E.
The issuance of this amendment is in accordance with 10 CFR Part 51 of the Commission's regulations and all applicable requirements have been satisfied.
- 2.
Accordingly, the license is amended by changes to paragraphs 2.C.(2) and 2.D of Renewed Facility Operating License No. DPR-59.
Paragraph 2.C.(2) is hereby amended to read as follows:
(2)
Technical Specifications The Technical Specifications contained in Appendix A, as revised through Amendment No. 308, are hereby incorporated in the renewed operating license.
The licensee shall operate the facility in accordance with the Technical Specifications.
Paragraph 2.0 is hereby amended to read as follows:
ENO shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822), and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contain Safeguards Information protected under 10 CFR 73.21, is entitled:
"James A. FitzPatrick Nuclear Power Plant Physical Security, Training &
Qualification and Safeguards Contingency Plan, Revision 0: submitted by letter dated October 26, 2004, as supplemented by letter dated May 17, 2006.
ENO shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). ENO CSP was approved by License Amendment No. 300, as supplemented by changes approved by License Amendment Nos. 303 and 308.
- 3.
This license amendment is effective as of the date of its issuance and sh.all be implemented within 30 days.
Attachment:
Changes to the Renewed Facility Operating License Date of Issuance: December 1, 2014 FOR THE NUCLEAR REGULA TORY COMMISSION Benjamin G. Beasley, Chief Plant Licensing Branch 1-1 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation
ATTACHMENT TO LICENSE AMENDMENTS AMENDMENT NO. 308 RENEWED FACILITY OPERATING LICENSE NO. DPR-59 DOCKET NO. 50-333 Replace the following pages of the Renewed Operating License with the attached revised pages. The revised pages are identified by amendment number and contain marginal lines indicating the areas of change.
Remove Page 3
5 Insert Page 3
5 (4)
ENO pursuant to the Act and 10 CFR Parts 30, 40, and 70 to receive, possess, and use, at any time, any byproduct, source and special nuclear material without restriction to chemical or physical form, for sample analysis or instrument calibration; or associated with radioactive apparatus, components or tools.
(5)
Pursuant to the Act and 10 CFR Parts 30 and 70, to possess, but not separate, such byproduct and special nuclear materials as may be produced by the operation of the facility.
C.
This renewed operating license shall be deemed to contain and is subject to the conditions specified in the following Commission regulations in 10 CFR Chapter 1: Part 20, Section 30.34 of Part 30, Section 40.41 of Part 40, Sections 50.54 and 50.59 of Part 50, and Section 70.32 of Part 70; and is subject to all applicable provisions of the Act and to the rules, regulations, and orders of the Commission now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:
(1)
Maximum Power Level ENO is authorized to operate the facility at steady state reactor core power levels not in excess of 2536 megawatts (thermal).
(2)
Technical Specifications The Technical Specifications contained in Appendix A, as revised through Amendment No. 308, are hereby incorporated in the renewed operating license. The licensee shall operate the facility in accordance with the Technical Specifications.
(3)
Fire Protection ENO shall implement and maintain in effect all provisions of the approved fire protections program as described in the Final Safety Analysis Report for the facility and as approved in the SER dated November 20, 1972; the SER Supplement No. 1 dated February 1, 1973; the SER Supplement No.2 dated October 4, 1974; the SER dated August 1, 1979; the SER Supplement dated October 3, 1980; the SER Supplement dated February 13, 1981; the NRC Letter dated February 24, 1981; Technical Specification Amendments 34 (dated January 31, 1978), 80 (dated May 22, 1984), 134 (dated July 19, 1989), 135 (dated September 5, 1989), 142 (dated October 23, 1989) 164 (dated August 10, 1990), 176 (dated January 16, 1992), 177 (dated February 10, 1992), 186 (dated February 19, 1993), 190 (dated June 29, 1993), 191 (dated July 7, 1993),
206 (dated February 28, 1994) and 214 (dated June 27, 1994); and NRC Exemptions and associated safety evaluations dated April 26, 1983, July 1, 1983, January 11, 1985, April 30, 1986, September 15, 1986 and September 1 0, 1992 subject to the following provision:
Amendment 308 Renewed License No. DPR-59 Safeguards Contingency Plan, Revision 0: submitted by letter dated October 26, 2004, as supplemented by letter dated May 17, 2006.
ENO shall fully implement and maintain in effect all provisions of the Commission approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). ENO CSP was approved by License Amendment No. 300, as supplemented by changes approved by License Amendment Nos. 303 and 308.
E.
Power Uprate License Amendment Implementation The licensee shall complete the following actions as a condition of the approval of the power uprate license amendment.
( 1)
Recirculation Pump Motor Vibration Perform monitoring of recirculation pump motor vibration during initial Cycle 13 power ascension for uprated power conditions.
(2)
Startup Test Program The licensee will follow a startup testing program, during Cycle 13 power ascension, as described in GE Licensing Topical Report NEDC 31897P-1, "Generic Guidelines for General Electric Boiling Water Reactor Power Uprate." The Startup test program includes system testing of such process control systems as the feedwater flow and main steam pressure control systems. The licensee will collect steady-state operational data during various portions of the power ascension to the higher licensed power level so that predicted equipment performance characteristics can be verified. The licensee will do the startup testing program in accordance with its procedures. The licensee's approach is in conformance with the test guidelines of GE licensing Topical Report NEDC 31897P*1, "Generic Guidelines for General Electric Boiling Water Reactor Power Uprate." June 1991
{proprietary), GE licensing Topical Report NEDO 31897, "Generic Guidelines for General Electric Boiling Water Reactor Power Uprate." February 1992 (nonproprietary), and NEDC-31897P-AA, Class Ill (proprietary), May 1992.
(3)
Human Factors The licensee will review the results of the Cycle 13 startup test program to determine any potential effects on operator training. Training issues identified will be incorporated in Licensed Operator training during 1997. Simulator discrepancies identified will be addressed in accordance with simulator Configuration Management procedural requirements.
F.
Additional Conditions The Additional Conditions contained in Appendix C, as revised through Amendment No.
289, are herby incorporated into this renewed operating license. ENO shall operate the facility in accordance with the Additional Conditions.
Amendment No. 308
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 SAFETY EVALUATION BY THE OFFICE OF NUCLEAR REACTOR REGULATION RELATED TO AMENDMENT NO. 308 ENTERGY NUCLEAR FITZPATRICK, LLC AND ENTERGY NUCLEAR OPERATIONS, INC.
DOCKET NO. 50-333 JAMES A. FITZPATRICK NUCLEAR POWER PLANT TO RENEWED FACILITY OPERATING LICENSE NO. DPR-59
1.0 INTRODUCTION
By application dated January 31, 2014 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML14036A363), as supplemented by letter dated July 2, 2014 (ADAMS Accession No. ML14183B073), Entergy Nuclear Operations Inc., (ENO or the licensee) requested a change to the renewed facility operating license (FOL) for the James A.
FitzPatrick Nuclear Power Plant (JAF). The proposed change would revise the date of Cyber Security Plan (CSP) Implementation Schedule Milestone 8 and the existing license conditions in the facility operating license. Milestone 8 of the CSP implementation schedule concerns the full implementation of the CSP.
The supplemental letter dated July 2, 2014, provided additional information that clarified the application, did not expand the scope of the application as originally noticed, and did not change the Nuclear Regulatory Commission (NRC or the Commission) staff's original proposed no significant hazards consideration determination as published in the Federal Register on May 6, 2014 (79 FR 25901).
2.0 REGULATORY EVALUATION
The NRC staff reviewed and approved the licensee's existing CSP implementation schedule by JAF License Amendment No. 300, dated August 19, 2011 (ADAMS Accession No. ML11152A011 ), concurrent with the incorporation of the CSP into JAF's current licensing basis. The NRC staff considered the following regulatory requirements and guidance in its review of the current license amendment request to modify the existing CSP implementation schedule:
Title 10 of the Code of Federal Regulations (CFR), section 73.54 states:
Each [CSP] submittal must include a proposed implementation schedule.
Implementation of the licensee's cyber security program must be consistent with the approved schedule.
Amendment No. 300 dated August 19, 2011, which approved the licensee's CSP and implementation schedule, included the following statement:
ENO shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p).
ENO CSP was approved by License Amendment No. 300.
In a publicaly available NRC memorandum dated October 24, 2013 (ADAMS Accession No. ML13295A467), the NRC staff listed 8 criteria that it would consider during its evaluations of licensees' requests to postpone their cyber security programs implementation dates (commonly known as Milestone 8).
The NRC staff does not regard the CSP milestone implementation dates as regulatory commitments that can be changed unilaterally by the licensee, particularly in light of the regulatory requirement at 10 CFR 73.54, that "[i]mplementation of the licensee's cyber security program must be consistent with the approved schedule." As the staff explained in its letter to all operating reactor licensees dated May 9, 2011 (ADAMS Accession No. ML110980538), the implementation of the plan, including the key intermediate milestone dates and the full implementation date shall be in accordance with the implementation schedule submitted by the licensee and approved by the NRC. All subsequent changes to the NRC-approved CSP implementation schedule, thus, will require prior NRC approval as required by 10 CFR 50.90.
3.0 TECHNICAL EVALUATION
3.1 Licensee's Requested Change Amendment No. 300 to Renewed FOL DPR-59 for JAF was issued on August 19, 2011. This amendment approved the licensee's Cyber Security Plan (CSP), implementation schedule, and added a license condition requiring the licensee to fully implement and maintain the Commission-approved CSP. The implementation schedule had been submitted by the licensee based on a template prepared by Nuclear Energy Institute, which the NRC staff found acceptable for licensees to use to develop their CSP implementation schedules (ADAMS Accession Nos. ML110070348 and ML110600218). The licensee's proposed implementation schedule for the Cyber Security Program identified completion dates and bases for the following eight milestones:
- 1) Establish the Cyber Security Assessment Team (CSAT);
- 2) Identify Critical Systems and Critical Digital Assets (CDAs);
- 3) Install a data diode device between lower level devices and higher level devices;
- 4) Implement the security control "Access Control For Portable And Mobile Devices";
- 5) Implement observation and identification of obvious cyber related tampering to existing insider mitigation rounds;
- 6) Identify, document, and implement cyber security controls in accordance with "Mitigation of Vulnerabilities and Application of Cyber Security Controls" for CDAs that could adversely impact the design function of physical security target set equipment;
- 7) Ongoing monitoring and assessment activities for those target set CDAs whose security controls have been implemented; and
- 8) Fully implement the CSP.
Currently, Milestone 8 of the JAF CSP requires the licensee to fully implement the CSP by December 15, 2014. In its January 31, 2014, application, Entergy proposed to change the Milestone 8 completion date to June 30, 2016.
The licensee provided the following information pertinent to each of the 8 criteria identified in the NRC guidance memorandum of October 24, 2013:
- 1) Identification of the specific requirement or requirements of the CSP that the licensee needs additional time to implement.
The licensee stated that it needs additional time to implement CSP Section 3, Analyzing Digital Computer Systems and Networks, and Section 4, Establishing, Implementing and Maintaining the Cyber Security Program. It further noted that these sections describe requirements for application and maintenance of cyber security controls and described the process of addressing security controls. The licensee described specific activities needing additional time including determining the need for automated security information and event management (SIEM) systems to provide for: audit and accountability; monitoring tools and techniques; analyzing security alerts and advisories; and to assist personnel performing maintenance and testing activities. It also described time needed for additional physical controls for CDAs outside the security protected area.
- 2) Detailed justification that describes the reason the licensee requires additional time to implement the specific requirement or requirements identified.
The licensee's application stated that the cyber security assessment process was scheduled to be completed by the second quarter of 2014. Considering that the number of CDAs and existing procedures is in the hundreds and the number of individual cyber security control attributes is also in the hundreds, the total of physical, logical and programmatic changes needed constitutes a significant project involving plant components and systems and substantial planning and resources. As a result, insufficient time will remain in 2014 to conduct modification and change management planning activities and execution. The licensee intends to complete planning for the specific security feature mentioned in (1) above in 2014 and implement it in the following 18 months. The complexity of producing the CDA assessment, and the amount of time and resources it would take to complete, are discussed in the NRC Staff Evaluation below.
- 3) A proposed completion date for Milestone 8 consistent with the remaining scope of work to be conducted and the resources available.
The licensee proposed a Milestone 8 completion date of June 30, 2016. The revised completion date will prevent costly rework and by extending the Milestone 8 date allows the necessary time to fully integrate cyber controls into the plant processes, provide all the necessary training and change management, and reinforce behavior changes of the entire organization around nuclear cyber security.
- 4) An evaluation of the impact that the additional time to implement the requirements will have on the effectiveness of the licensee's overall CSP in the context of milestones already completed.
The licensee indicated that there is no significant impact of the requested additional implementation time on the effectiveness of the overall CSP. Milestones 1 through 7 have already been completed and have resulted in a high degree of protection of safety-related, important-to-safety, and security CDAs against common threat vectors. Additionally, extensive physical and administrative measures are already in place for CDAs because they are plant components, pursuant to the Physical Security Plan and Technical Specification Requirements. The licensee then briefly described how it had implemented Milestones 1 through 7. The NRC staff's evaluation of the effectiveness of the licensee's overall CSP is provided in Section 3.2 below.
- 5) A description of the licensee's methodology for prioritizing completion of work for CDAs associated with significant safety consequences and with reactivity effects in the balance of plant.
The licensee stated, because CDAs are plant components, prioritization follows an established work management process that places the highest priority on apparent conditions adverse to quality in system, structure, and component design function and related to factors such as safety risk and nuclear defense-in-depth, as well as threats to continuity of electric power generation.
- 6) A discussion of the licensee's CSP performance up to the date of the license amendment request.
The licensee stated there has been no identified compromise of safety, security, and emergency preparedness (SSEP) functions by cyber means at any Entergy plant. It also noted a formal Quality Assurance (QA) audit in the last quarter of 2013 that included review of the CSP implementation. There were no significant findings related to overall CSP performance and effectiveness.
- 7) A discussion of cyber security issues pending in the licensee's corrective action program (CAP).
The licensee stated there are presently no significant (constituting a threat to a CDA via cyber means or calling into question program effectiveness) nuclear cyber security issues pending in the CAP. Several non-significant issues identified during the QA audit described above have been entered into CAP. Additionally, NRC concerns regarding cyber security Interim Milestone 4 were entered into the CAP for evaluation by the CSA T. Final actions regarding some program activities are pending.
- 8) A discussion of modifications completed to support the CSP and a discussion of pending cyber security modifications.
The licensee provided a discussion of completed modifications and pending modifications.
3.2
NRC Staff Evaluation
The NRC staff has evaluated the licensee's application using the regulatory requirements and the guidance above.
The NRC staff finds that the actions the licensee noted as being required to implement CSP Section 3, Analyzing Digital Computer Systems and Networks, and Section 4, Establishing, Implementing and Maintaining the Cyber Security Program, are reasonable as discussed below.
The licensee indicated that completion of the activities associated with the CSP, as described in Milestones 1 through 7 and completed prior to December 31, 2012, provide a high degree of protection to ensure that the most significant digital computer and communication systems and networks associated with SSEP systems are already protected against cyber attacks. It detailed activities completed for each milestone and noted that several elements of Milestone 8 have already been implemented or will be implemented by the original Milestone 8 date of December 15, 2014. It provided details about the completed milestones and elements. The NRC staff finds that the licensee's site is much more secure after implementation of Milestones 1 through 7 because the activities the licensee completed mitigate the most significant cyber attack vectors for the most significant CDAs. Therefore, the NRC has reasonable assurance that full implementation of the CSP by June 30, 2016, will provide adequate protection of the public health and safety and the common defense and security.
The licensee stated that additional time is needed to conduct modifications and change management planning activities and execution. The staff recognizes that CDA assessment work is much more complex and resource intensive than originally anticipated, in part, due to the NRC expanding the scope of the cyber security requirements to include balance of plant.
As a result, the licensee has a large number of additional tasks not originally considered when developing its CSP implementation schedule. The staff finds that the licensee's request to delay final implementation of the CSP until June 30, 2016, is reasonable given the complexity and volume of the remaining unanticipated work.
The licensee proposed a Milestone 8 completion date of June 30, 2016. The licensee stated that changing the completion date of Milestone 8 will provide sufficient time to conduct modifications and change management planning activities and execution particularly with regards to the SIEM system. The licensee stated its methodology for prioritizing completion of cyber security activities associated with SSEP consequences and reactivity effects in the balance of plant, follows an established work management process. This process places the highest priority on apparent conditions adverse to quality in system, structure, and component design function as well as factors such as safety, risk, defense-in-depth, and threats to the continuity of electric power generation. The licensee stated that the remaining Milestone 8 actions will be completed within 18 months from the end of 2014. The NRC staff finds that based on the large number of digital assets described above and the limited resources with the appropriate expertise to perform these activities, the licensee's methodology for prioritizing work on CDAs is appropriate. The staff further finds that the licensees request to delay final implementation of the CSP until June 30, 2016, is reasonable given the complexity and volume of the remaining unanticipated work.
3.3 Revision to License Condition By letter dated January 31, 2014, the licensee proposed to modify Paragraph 2.0 of Renewed FOL No. DPR-59 for JAF, which provides a license condition to require the licensee to fully implement and maintain in effect all provisions of the NRC-approved CSP.
The license condition in Paragraph 2. D of Renewed FOL No. DPR-59 for JAF is modified as follows:
ENO shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). ENO CSP was approved by License Amendment No. 300, as supplemented by changes approved by License Amendment Nos. 303 and 308.
3.4 Technical Evaluation Conclusion
The NRC staff concludes that the licensee's request to delay full implementation of its CSP until June 30, 2016 is reasonable for the following reasons: (i) the licensee's implementation of Milestones 1 through 7 provides mitigation for significant cyber attack vectors for the most significant CDAs as discussed in the staff evaluation above; (ii) the scope of the work required to come into full compliance with the CSP implementation schedule was much more complicated than anticipated and not reasonably foreseeable when the CSP implementation schedule was originally developed; and (iii) the licensee has reasonably prioritized and scheduled the work required to come into full compliance with its CSP implementation schedule.
Based on its review of the licensee's submittal, the NRC staff concludes that implementation of Milestones 1 through 7 provides significant protection against cyber attacks; that the licensee's explanation of the need for additional time is compelling, and that it is acceptable for JAF to complete implementation of Milestone 8, full implementation of the CSP by June 30, 2016. The staff also concludes that, upon full implementation of the licensee's cyber security program, the requirements of the licensee's CSP and 10 CFR 73.54 will be met. Therefore, the staff finds the proposed change acceptable.
4.0 STATE CONSULTATION
In accordance with the Commission's regulations, New York State officials were notified of the proposed issuance of the amendment. The State officials had no comments.
5.0 ENVIRONMENTAL CONSIDERATION
This is an amendment of a 10 CFR Part 50 license that relates solely to safeguards matters and does not involve any significant construction impacts. This amendment is an administrative change to extend the date by which the licensee must have its cyber security plan fully implemented. Accordingly, this amendment meets the eligibility criteria for categorical exclusion set forth in 10 CFR 51.22(c)(12). Pursuant to 10 CFR 51.22(b), no environmental impact statement or environmental assessment need be prepared in connection with the issuance of this amendment.
6.0 CONCLUSION
The NRC staff has concluded, based on the considerations discussed above, that: (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner, (2) there is reasonable assurance that such activities will be conducted in compliance with the Commission's regulations, and (3) the issuance of the amendment will not be inimical to the common defense and security or to the health and safety of the public.
Principal Contributor: John Rycyna Date: December 1, 2014
OFFICE LPLI-1/PM NAME AChereskin DATE 10/29/2014 OFFICE OGC NAME L.S.Ciark*
DATE 11/25/2014 LPLI-1 R/F RidsAcrsAcnw _MaiiCTR ABurritt, R1 JRycyna, NSIR RidsNrrDorllpll-1 RidsNrrPMFitzPatrick RidsNrrDoriDpr RidsNrrRgn 1 MaiiCenter ML14202A372
- via email
- see attached
- -~- --~-~~-
LPLI-1 \\PM LPLI-1\\LA NSIR/CSD/DD DPickett KGoldstein BWestreich*
11/10/2014 11/05/14 10/27/2014 OGC LPLI-1\\BC BMizuno**- NLO BBeasley(NMorgan for) 08/19/2014 12/01/2014
- ~-**-~"
..