ML17052A136
| ML17052A136 | |
| Person / Time | |
|---|---|
| Site: | Browns Ferry  |
| Issue date: | 03/16/2017 |
| From: | Farideh Saba Plant Licensing Branch II |
| To: | James Shea Tennessee Valley Authority |
| Saba F DORL/LPL2-2 301-415-1447 | |
| References | |
| CAC MF8125, CAC MF8126, CAC MF8127 | |
| Download: ML17052A136 (25) | |
Text
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 Mr. Joseph W. Shea Vice President, Nuclear Licensing Tennessee Valley Authority 1101 Market Street, LP 3R-C Chattanooga, Tennessee 37402-2801 March 16, 2017
SUBJECT:
BROWNS FERRY NUCLEAR PLANT, UNITS 1, 2, AND 3 - ISSUANCE OF AMENDMENTS TO CHANGE THE COMPLETION DATE OF CYBER SECURITY PLAN IMPLEMENTATION MILESTONE 8 (CAC NOS. MF8125, MF8126, AND MF8127)
Dear Mr. Shea:
The Nuclear Regulatory Commission (Commission) has issued the enclosed Amendment Nos. 297, 321, and 281 to Renewed Facility Operating License (FOL) Nos. DPR-33, DPR-52, and DPR-68 for the Browns Ferry Nuclear Plant, Units 1, 2, and 3, respectively. These amendments are in response to your application dated July 14, 2016.
These amendments approve the revised schedule for full implementation of the cyber security plan (CSP) from July 31, 2017, to December 31, 2017, and revise all three Renewed FOL Nos. DPR-33, DPR-52 and DPR-68 to incorporate the revised CSP implementation schedule.
A copy of the related Safety Evaluation is also enclosed. The Notice of Issuance will be included in the Commission's biweekly Federal Register notice.
Docket Nos. 50-259, 50-260 and 50-296
Enclosures:
- 1. Amendment No. 297 to DPR-33
- 2. Amendment No. 321 to DPR-52
- 3. Amendment No. 281 to DPR-68
- 4. Safety Evaluation cc w/enclosures: Distribution via Listserv Sincerely, Farideh E. Saba, Senior Project Manager Plant Licensing Branch 11-2 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 TENNESSEE VALLEY AUTHORITY DOCKET NO. 50-259 BROWNS FERRY NUCLEAR PLANT. UNIT 1 AMENDMENT TO RENEWED FACILITY OPERATING LICENSE Amendment No. 297 Renewed License No. DPR-33
- 1.
The Nuclear Regulatory Commission (the Commission) has found that:
A The application for amendment by Tennessee Valley Authority (the licensee) dated July 14, 2016, complies with the standards and requirements of the Atomic Energy Act of 1954, as amended (the Act), and the Commission's rules and regulations set forth in 10 CFR Chapter I;
- 8.
The facility will operate in conformity with the application, the provisions of the Act, and the rules and regulations of the Commission; C.
There is reasonable assurance (i) that the activities authorized by this amendment can be conducted without endangering the health and safety of the public, and (ii) that such activities will be conducted in compliance with the Commission's regulations; D.
The issuance of this amendment will not be inimical to the common defense and security or to the health and safety of the public; and E.
The issuance of this amendment is in accordance with 10 CFR Part 51 of the Commission's regulations and all applicable requirements have been satisfied.
- 2.
Accordingly, the renewed license is amended by changes as indicated in the attachment to this license amendment and to the following paragraphs:
Paragraph 2.C.(2) of Renewed Facility Operating License No. DPR-33 is hereby amended to read as follows:
(2)
Technical Specifications The Technical Specifications contained in Appendices A and B, as revised through Amendment No. 297, are hereby incorporated in the renewed operating license. The licensee shall operate the facility in accordance with the Technical Specifications.
Paragraph 2.C.(11 )(b) of Renewed Facility Operating License No. DPR-33 is hereby amended to read as follows:
(b)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The licensee CSP was approved by License Amendment No. 279, as amended by changes approved by License Amendment Nos. 286 and 297.
- 3.
The license amendment is effective as of its date of issuance and shall be implemented within 30 days of the date of issuance. The implementation of the CSP, including the key intermediate milestone dates and the full implementation date, shall be in accordance with the implementation schedule submitted by the licensee on July 14, 2016, and approved by the NRC staff with this license amendment. All subsequent changes to the NRG-approved CSP implementation schedule will require prior NRC approval pursuant to 10 CFR 50.90.
Attachment:
Changes to the Renewed Facility Operating License FOR THE NUCLEAR REGULA TORY COMMISSION Benjamin G. Beasley, Chief Plant Licensing Branch 11-2 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation Date of Issuance: March 1 6, 2O1 7
ATTACHMENT TO LICENSE AMENDMENT NO. 297 BROWNS FERRY NUCLEAR PLANT. UNIT 1 TO RENEWED FACILITY OPERATING LICENSE NO. DPR-33 DOCKET NO. 50-259 Replace the following pages of Renewed Facility Operating License DPR-33 with the attached revised pages. The revised pages are identified by amendment number and contain marginal lines indicating the areas of change.
REMOVE 3
5 INSERT 3
5 (3)
Pursuant to the Act and 10 CFR Parts 30, 40, and 70, to receive, possess, and use at any time any byproduct, source, and special nuclear material as sealed neutron sources for reactor startup, sealed sources for reactor instrumentation and radiation monitoring equipment calibration, and as fission detectors in amounts as required; (4)
Pursuant to the Act and 10 CFR Parts 30, 40, and 70, to receive, possess, and use in amounts as required any byproduct, source, or special nuclear material without restriction to chemical or physical form for sample analysis or equipment and instrument calibration or associated with radioactive apparatus or components; (5)
Pursuant to the Act and 10 CFR Parts 30 and 70, to possess but not separate, such byproduct and special nuclear materials as may be produced by the operation of the facility.
C.
This renewed operating license shall be deemed to contain and is subject to the conditions specified in the following Commission regulations in 10 CFR Chapter I:
BFN-UNIT 1 Part 20, Section 30.34 of Part 30, Section 40.41 of Part 40, Sections 50.54 and 50.59 of Part 50, and Section 70.32 of Part 70; is subject to all applicable provisions of the Act and to the rules, regulations, and orders of the Commission now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:
(1)
Maximum Power Level The licensee is authorized to operate the facility at steady state reactor core power levels not in excess of 3458 megawatts thermal.
(2)
Technical Specifications The Technical Specifications contained in Appendices A and 8, as revised through Amendment No. 297, are hereby incorporated in the renewed operating license. The licensee shall operate the facility in accordance with the Technical Specifications.
For Surveillance Requirements (SRs) that are new in Amendment 234 to Facility Operating License DPR-33, the first performance is due at the end of the first surveillance interval that begins at implementation of the Amendment 234. For SRs that existed prior to Amendment 234, including SRs with modified acceptance criteria and SRs whose frequency of performance is being extended, the first performance is due at the end of the first surveillance interval that begins on the date the surveillance was last performed prior to implementation of Amendment 234.
Renewed License No. DPR-33 Amendment No. 297 (8)
Deleted.
(9)
Deleted.
(10)
Deleted.
(11 )(a)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled:
BFN-UNIT 1 "Browns Ferry Nuclear Plant Physical Security Plan, Training and Qualification Plan, and Contingency Plan," submitted by letter dated April 28, 2006.
(b)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The licensee CSP was approved by License Amendment No. 279, as amended by changes approved by License Amendment Nos. 286 and 297.
(12)
Deleted.
(13)
TVA Browns Ferry Nuclear Plant shall implement and maintain in effect all provisions of the approved fire protection program that comply with 10 CFR 50 48(a) and 10 CFR 50.48(c), as specified in the license amendment request dated March 27, 2013, as supplemented by letters dated May 16, 2013; December 20, 2013; January 10, 2014; January 14, 2014; February 13, 2014; March 14, 2014; May 30, 2014; June 13, 2014; July 10, 2014; August 29, 2014; September 16, 2014; October 6, 2014; December 17, 2014; March 26, 2015; April 9, 2015; June 19, 2015; August 18, 2015; September 8, 2015; and October 20, 2015, as approved in the Safety Evaluation dated October 28, 2015. Except where NRC approval for changes or deviations is required by 10 CFR 50 48(c), and provided no other regulation, technical specification, license condition or requirement would require prior NRC approval, the licensee may make changes to the fire protection program without prior approval of the Commission if those changes satisfy the provisions set forth in 10 CFR 50.48(a) and 10 CFR 50.48(c), the change does not require a change to a technical specification or a license condition, and the criteria listed below are satisfied.
Risk-Informed Changes that May Be Made Without Prior NRC Approval A risk assessment of the change must demonstrate that the acceptance criteria below are met. The risk assessment approach, methods, and data shall be acceptable to the NRC and shall be appropriate for the nature and scope of the change being evaluated; be based on the as-built, as-operated, and maintained plant; and reflect the operating experience at the plant. Acceptable methods to assess the risk of the change may include methods that have been used in the Renewed License No. DPR-33 Amendment No. 297
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 TENNESSEE VALLEY AUTHORITY DOCKET NO. 50-260 BROWNS FERRY NUCLEAR PLANT, UNIT 2 AMENDMENT TO RENEWED FACILITY OPERATING LICENSE Amendment No. 321 Renewed License No. DPR-52
- 1.
The Nuclear Regulatory Commission (the Commission) has found that:
A.
The application for amendment by Tennessee Valley Authority (the licensee) dated July 14, 2016, complies with the standards and requirements of the Atomic Energy Act of 1954, as amended (the Act), and the Commission's rules and regulations set forth in 10 CFR Chapter I; B.
The facility will operate in conformity with the application, the provisions of the Act, and the rules and regulations of the Commission; C.
There is reasonable assurance (i) that the activities authorized by this amendment can be conducted without endangering the health and safety of the public, and (ii) that such activities will be conducted in compliance with the Commission's regulations; D.
The issuance of this amendment will not be inimical to the common defense and security or to the health and safety of the public; and E.
The issuance of this amendment is in accordance with 10 CFR Part 51 of the Commission's regulations and all applicable requirements have been satisfied.
- 2.
Accordingly, the renewed license is amended by changes as indicated in the attachment to this license amendment and to the following paragraphs:
Paragraph 2.C.(2) of Renewed Facility Operating License No. DPR-52 is hereby amended to read as follows:
(2)
Technical Specifications The Technical Specifications contained in Appendices A and B, as revised through Amendment No. 321, are hereby incorporated in the renewed operating license. The licensee shall operate the facility in accordance with the Technical Specifications.
Paragraph 2.C.(11)(b) of Renewed Facility Operating License No. DPR-52 is hereby amended to read as follows:
(b)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP}, including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The licensee CSP was approved by License Amendment No. 306, as amended by changes approved by License Amendment Nos. 312 and 321.
- 3.
The license amendment is effective as of its date of issuance and shall be implemented within 30 days of the date of issuance. The implementation of the CSP, including the key intermediate milestone dates and the full implementation date, shall be in accordance with the implementation schedule submitted by the licensee on July 14, 2016, and approved by the NRC staff with this license amendment. All subsequent changes to the NRG-approved CSP implementation schedule will require prior NRC approval pursuant to 10 CFR 50.90.
Attachment:
Changes to the Renewed Facility Operating License FOR THE NUCLEAR REGULATORY COMMISSION Benjamin G. Beasley, Chief Plant Licensing Branch 11-2 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation Date of Issuance: March 1 6, 2O1 7
ATTACHMENT TO LICENSE AMENDMENT NO. 321 BROWNS FERRY NUCLEAR PLANT, UNIT 2 TO RENEWED FACILITY OPERATING LICENSE NO. DPR-52 DOCKET NO. 50-260 Replace the following pages of Renewed Facility Operating License DPR-52 with the attached revised pages. The revised pages are identified by amendment number and contain marginal lines indicating the areas of change.
REMOVE 3
5 INSERT 3
5 sealed neutron sources for reactor startup, sealed sources for reactor instrumentation and radiation monitoring equipment calibration, and as fission detectors in amounts as required; (4)
Pursuant to the Act and 10 CFR Parts 30, 40, and 70, to receive, possess, and use in amounts as required any byproduct, source, or special nuclear material without restriction to chemical or physical form for sample analysis or equipment and instrument calibration or associated with radioactive apparatus or components; (5)
Pursuant to the Act and 10 CFR Parts 30 and 70, to possess but not separate, such byproduct and special nuclear materials as may be produced by the operation of the facility.
C.
This renewed operating license shall be deemed to contain and is subject to the conditions specified in the following Commission regulations in 10 CFR Chapter I:
BFN UNIT 2 Part 20, Section 30.34 of Part 30, Section 40.41 of Part 40, Sections 50.54 and 50.59 of Part 50, and Section 70.32 of Part 70; is subject to all applicable provisions of the Act and to the rules, regulations, and orders of the Commission now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:
(1)
Maximum Power Level The licensee is authorized to operate the facility at steady state reactor core power levels not in excess of 3458 megawatts thermal.
(2)
Technical Specifications (3)
The Technical Specifications contained in Appendices A and 8, as revised through Amendment No. 321, are hereby incorporated in the renewed operating license. The licensee shall operate the facility in accordance with the Technical Specifications.
For Surveillance Requirements (SRs) that are new in Amendment 253 to Facility Operating License DPR-52, the first performance is due at the end of the first surveillance interval that begins at implementation of the Amendment 253. For SRs that existed prior to Amendment 253, including SRs with modified acceptance criteria and SRs whose frequency of performance is being extended, the first performance is due at the end of the first surveillance interval that begins on the date the surveillance was last performed prior to implementation of Amendment 253.
The licensee is authorized to relocate certain requirements included in Appendix A and the former Appendix B to licensee-controlled documents.
Implementation of this amendment shall include the relocation of these requirements to the appropriate documents, as described in the licensee's Renewed License No. DPR-52 Amendment No. 321 (8)
Deleted.
(9)
Deleted.
(10)
Deleted.
(11 )(a)
The licensee shall fully implement and maintain in effect all provisions of the commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled:
"Browns Ferry Nuclear Plant Physical Security Plan, Training and Qualification Plan, and Contingency Plan," submitted by letter dated April 28, 2006.
(b)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The licensee CSP was approved by License Amendment No. 306, as amended by changes approved by License Amendment Nos. 312 and 321.
(12)
Deleted.
(13)
Deleted.
(14)
TVA Browns Ferry Nuclear Plant shall implement and maintain in effect all provisions of the approved fire protection program that comply with BFN UNIT 2 10 CFR 50.48(a) and 10 CFR 50.48(c), as specified in the license amendment request dated March 27, 2013, as supplemented by letters dated May 16, 2013; December 20, 2013; January 10, 2014; January 14, 2014; February 13, 2014; March 14, 2014; May 30, 2014; June 13, 2014; July 10, 2014; August 29, 2014; September 16, 2014; October 6, 2014; December 17, 2014; March 26, 2015; April 9, 2015; June 19, 2015; August 18, 2015; September 8, 2015; and October 20, 2015, as approved in the Safety Evaluation dated October 28, 2015. Except where NRC approval for changes or deviations is required by 10 CFR 50.48(c), and provided no other regulation, technical specification, license condition or requirement would require prior NRC approval, the licensee may make changes to the fire protection program without prior approval of the Commission if those changes satisfy the provisions set forth in 10 CFR 50.48(a) and 10 CFR 50.48(c), the change does not require a change to a technical specification or a license condition, and the criteria listed below are satisfied.
Risk-Informed Changes that May Be Made Without Prior NRC Approval A risk assessment of the change must demonstrate that the acceptance criteria below are met. The risk assessment approach, methods, and data shall be Renewed License No. DPR-52 Amendment No. 321
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 TENNESSEE VALLEY AUTHORITY DOCKET NO. 50-296 BROWNS FERRY NUCLEAR PLANT, UNIT 3 AMENDMENT TO RENEWED FACILITY OPERATING LICENSE Amendment No. 281 Renewed License No. DPR-68
- 1.
The Nuclear Regulatory Commission (the Commission) has found that:
A.
The application for amendment by Tennessee Valley Authority (the licensee) dated July 14, 2016, complies with the standards and requirements of the Atomic Energy Act of 1954, as amended (the Act), and the Commission's rules and regulations set forth in 10 CFR Chapter I; B.
The facility will operate in conformity with the application, the provisions of the Act, and the rules and regulations of the Commission; C.
There is reasonable assurance (i) that the activities authorized by this amendment can be conducted without endangering the health and safety of the public, and (ii) that such activities will be conducted in compliance with the Commission's regulations; D.
The issuance of this amendment will not be inimical to the common defense and security or to the health and safety of the public; and E.
The issuance of this amendment is in accordance with 10 CFR Part 51 of the Commission's regulations and all applicable requirements have been satisfied.
- 2.
Accordingly, the renewed license is amended by changes as indicated in the attachment to this license amendment and to the following paragraphs:
Paragraph 2.C.(2) of Renewed Facility Operating License No. DPR-68 is hereby amended to read as follows:
(2)
Technical Specifications The Technical Specifications contained in Appendices A and B, as revised through Amendment No. 281, are hereby incorporated in the renewed operating license. The licensee shall operate the facility in accordance with the Technical Specifications.
Paragraph 2.C.(6)(b) of Renewed Facility Operating License No. DPR-68 is hereby amended to read as follows:
(b)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The licensee CSP was approved by License Amendment No. 265, as amended by changes approved by License Amendment Nos. 271 and 281.
- 3.
The license amendment is effective as of its date of issuance and shall be implemented within 30 days of the date of issuance. The implementation of the CSP, including the key intermediate milestone dates and the full implementation date, shall be in accordance with the implementation schedule submitted by the licensee on July 14, 2016, and approved by the NRC staff with this license amendment. All subsequent changes to the NRG-approved CSP implementation schedule will require prior NRC approval pursuant to 1 O CFR 50.90.
Attachment:
Changes to the Renewed Facility Operating License FOR THE NUCLEAR REGULATORY COMMISSION Benjamin G. Beasley, Chief Plant Licensing Branch 11-2 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation Date of Issuance: March 1 6, 2O1 7
ATTACHMENT TO LICENSE AMENDMENT NO. 281 BROWNS FERRY NUCLEAR PLANT, UNIT 3 TO RENEWED FACILITY OPERATING LICENSE NO. DPR-68 DOCKET NO. 50-296 Replace the following pages of Renewed Facility Operating License DPR-68 with the attached revised pages. The revised pages are identified by amendment number and contain marginal lines indicating the area of change.
REMOVE 3
4 INSERT 3
4 (3)
Pursuant to the Act and 10 CFR Parts 30, 40, and 70, to receive, possess, and use at any time any byproduct, source, and special nuclear material as sealed neutron sources for reactor startup, sealed sources for reactor instrumentation and radiation monitoring equipment calibration, and as fission detectors in amounts as required; (4)
Pursuant to the Act and 10 CFR Parts 30, 40, and 70, to receive, possess, and use in amounts as required any byproduct, source, or special nuclear material without restriction to chemical or physical form for sample analysis or equipment and instrument calibration or associated with radioactive apparatus or components; (5)
Pursuant to the Act and 10 CFR Parts 30 and 70, to possess but not separate, such byproduct and special nuclear materials as may be produced by the operation of the facility.
C.
This renewed operating license shall be deemed to contain and is subject to the conditions specified in the following Commission regulations in BFN-UNIT 3 10 CFR Chapter I: Part 20, Section 30.34 of Part 30, Section 40.41 of Part 40, Sections 50.54 and 50.59 of Part 50, and Section 70.32 of Part 70; is subject to all applicable provisions of the Act and to the rules, regulations, and orders of the Commission now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:
(1)
Maximum Power Level The licensee is authorized to operate the facility at steady state reactor core power levels not in excess of 3458 megawatts thermal.
(2)
Technical Specifications The Technical Specifications contained in Appendices A and B, as revised through Amendment No. 281, are hereby incorporated in the renewed operating license. The licensee shall operate the facility in accordance with the Technical Specifications.
For Surveillance Requirements (SRs) that are new in Amendment 212 to Facility Operating License DPR-68, the first performance is due at the end of the first surveillance interval that begins at implementation of the Amendment 212. For SRs that existed prior to Amendment 212, including SRs with modified acceptance criteria and SRs whose frequency of performance is being extended, the first performance is due at the end of the first surveillance interval that begins on the date the surveillance was last performed prior to implementation of Amendment 212.
Renewed License No. DPR-68 Amendment No. 281 (3)
The licensee is authorized to relocate certain requirements included in Appendix A and the former Appendix B to licensee-controlled documents.
Implementation of this amendment shall include the relocation of these requirements to the appropriate documents, as described in the licensee's application dated September 6, 1996; as supplemented May 1, August 14, November 5 and 14, December 3, 4, 11, 22, 23, 29, and 30, 1997; January 23, March 12, April 16, 20, and 28, May 7, 14, 19, and 27, and June 2, 5, 1 O and 19, 1998; evaluated in the NRC staff's Safety Evaluation enclosed with this amendment. This amendment is effective immediately and shall be implemented within 90 days of the date of this amendment.
( 4)
Deleted.
(5)
Classroom and simulator training on all power uprate related changes that affect operator performance will be conducted prior to operating at uprated conditions. Simulator changes that are consistent with power uprate conditions will be made and simulator fidelity will be validated in accordance with ANSI/ANS 3.5-1985. Training and the plant simulator will be modified, as necessary, to incorporate changes identified during startup testing. This amendment is effective immediately.
(6)(a)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled:
"Browns Ferry Nuclear Plant Physical Security Plan, Training and Qualification Plan, and Contingency Plan," Revision 4, submitted by letter dated April 28, 2006.
(b)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 1 O CFR 50.54(p). The licensee CSP was approved by License Amendment No. 265, as amended by changes approved by License Amendment Nos. 271 and 281.
(7)
TVA Browns Ferry Nuclear Plant shall implement and maintain in effect all provisions of the approved fire protection program that comply with 10 CFR 50.48(a) and 10 CFR 50.48(c), as specified in the license amendment request dated March 27, 2013, as supplemented by letters dated May 16, 2013; December20, 2013; January 10, 2014; January 14, 2014; February 13, 2014; March 14, 2014; May 30, 2014; June 13, 2014; July 10, 2014; August 29, 2014; September 16, 2014; October 6, 2014; December 17, 2014; March 26, 2015; April 9, 2015; June 19, 2015; August 18, 2015; September 8, 2015; and October 20, 2015, as approved in the Safety Evaluation dated October 28, 2015. Except where NRC approval for changes or deviations is required by 1 O CFR 50.48(c), and provided no other regulation, technical specification, license condition or requirement would require prior NRC approval, the licensee BFN-UNIT 3 Renewed License No. DPR-68 Amendment No. 281
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 SAFETY EVALUATION BY THE OFFICE OF NUCLEAR REACTOR REGULATION RELATED TO AMENDMENT NO. 297 TO RENEWED FACILITY OPERATING LICENSE NO. DPR-33, AMENDMENT NO. 321 TO RENEWED FACILITY OPERATING LICENSE NO. DPR-52.
AND AMENDMENT NO. 281 TO RENEWED FACILITY OPERATING LICENSE NO. DPR-68 TENNESSEE VALLEY AUTHORITY BROWNS FERRY NUCLEAR PLANT. UNITS 1. 2. AND 3 DOCKET NOS. 50-259. 50-260. AND 50-296
1.0 INTRODUCTION
By letter dated July 14, 2016 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML16197A372), the Tennessee Valley Authority (TVA, the licensee) requested a change to the Renewed Facility Operating Licenses (FOL) for the Browns Ferry Nuclear Plant Units (BFN) 1, 2 and 3.
The U.S. Nuclear Regulatory Commission (NRC or the Commission) initially reviewed and approved the licensee's cyber security plan (CSP) implementation schedule by Amendment Nos. 279, 306, and 265, dated July 29, 2011 (ADAMS Accession No. ML11195A124), for BFN Units 1, 2, and 3, respectively. Subsequently, by letter dated September 29, 2014 (ADAMS Accession No. ML14247A536), the NRC approved Amendment Nos. 286, 312, and 271 for BFN Units 1, 2, and 3, respectively, which extended the CSP implementation schedule for Milestone 8. The revised schedule required TVA to fully implement and maintain all provisions of the CSP for BFN Units 1, 2, and 3 no later than July 31, 2017.
The proposed change would revise paragraph 2.C in the renewed FOL for BFN, Units 1, 2, and 3 and the date of CSP implementation schedule Milestone 8 from July 31, 2017, to December 31, 2017. Milestone 8 of the CSP implementation schedule concerns the full implementation of the CSP. Portions of the TVA letter dated July 14, 2016, contain sensitive unclassified non-safeguards (security-related) information and, accordingly, those portions are withheld from public disclosure.
The NRC issued a proposed finding that the amendments involve no significant hazards consideration, published in the Federal Register on November 8, 2016 (81 FR 78666). The NRC has not received any public comments on this determination.
2.0 REGULATORY EVALUATION
The NRC staff considered the following regulatory requirements and guidance in its review of the license amendment request, dated July 14, 2016, to modify the existing CSP implementation schedule:
Title 10 of Code of Federal Regulations (10 CFR) 73.54, "Protection of digital computer and communication systems and networks," which states, in part: "Each [CSP] submittal must include a proposed implementation schedule. Implementation of the licensee's cyber security program must be consistent with the approved schedule."
The BFN, Units 1, 2, and 3 Renewed FOLs includes a license condition that requires the licensee to fully implement and maintain in effect all provisions of the NRG-approved CSP.
NRC memorandum, "Review Criteria for Title 10 of the Code of Federal Regulations Part 73.54, Cyber Security Implementation Schedule Milestone 8 License Amendment Requests," dated October 24, 2013 (ADAMS Accession No. ML13295A467), provided review criteria that the NRC staff would consider during its evaluations of licensees' requests to postpone their cyber security program implementation date (commonly known as Milestone 8).
The NRC staff does not regard the CSP milestone implementation dates as regulatory commitments that can be changed unilaterally by the licensee, particularly in light of the regulatory requirement of 10 CFR 73.54, which sates, in part, that "[i]mplementation of the licensee's cyber security program must be consistent with the approved schedule." As the NRC staff explained in its letter to all operating reactor licensees dated May 9, 2011 (ADAMS Accession No. ML110980538), the implementation of the plan, including the key intermediate milestone dates and the full implementation date shall be in accordance with the implementation schedule submitted by the licensee and approved by the NRC. All subsequent changes to the NRG-approved CSP implementation schedule, thus, will require prior NRC approval as required by 10 CFR 50.90, "Application for amendment of license, construction permit, or early site permit."
3.0 TECHNICAL EVALUATION
3.1 Licensee's Requested Change As noted above, the initial cyber security license amendments for BFN, Units 1, 2, and 3 were issued on July 29, 2011. The NRC approved the licensee's initial CSP implementation schedule, as discussed in the safety evaluation issued with those amendments. The licensee's implementation schedule was based on a template prepared by the Nuclear Energy Institute (NEI), which was transmitted to the NRC by letter dated February 28, 2011 (ADAMS Accession No. ML110600206). By letter dated March 1, 2011 (ADAMS Accession No. ML110070348), the NRC staff found the NEI template acceptable for licensees to use to develop their CSP implementation schedules. The licensee's proposed implementation schedule for the cyber security program identified completion dates and bases for the following eight milestones:
- 1)
Establish the Cyber Security Assessment Team (CSAT);
- 2)
Identify Critical Systems (CSs) and Critical Digital Assets (CDAs);
- 3)
Install a deterministic one-way device between lower level devices and higher level devices;
- 4)
Implement the security control "Access Control for Portable and Mobile Devices";
- 5)
Implement observation and identification of obvious cyber related tampering to existing insider mitigation rounds;
- 6)
Identify, document, and implement cyber security controls in accordance with "Mitigation of Vulnerabilities and Application of Cyber Security Controls" for CDAs that could adversely impact the design function of physical security target set equipment;
- 7)
Ongoing monitoring and assessment activities for those target set CDAs whose security controls have been implemented; and
- 8)
Fully implement the CSP (Milestone 8).
Currently, Milestone 8 of the BFN, Units 1, 2, and 3 CSP requires TVA to fully implement the CSP by July 31, 2017. In its license amendment request dated July 14, 2016, TVA proposed to change the Milestone 8 completion date to December 31, 2017.
The licensee provided the following information pertinent to each of the criteria identified in the NRC guidance memorandum dated October 24, 2013.
- 1.
Identification of the specific requirement or requirements of the cyber security plan that the licensee needs additional time to implement.
The licensee stated that BFN, Units 1, 2, and 3 has completed many of the actions required to address Milestone 8, "Full implementation of Browns Ferry Nuclear Plant Cyber Security Plan for all SSEP [safety, security, or emergency preparedness systems] functions will be achieved."
All actions required for full compliance with the BFN, Units 1, 2, and 3 CSP are scheduled to be completed prior to the current Milestone 8 implementation date with the exception of those associated with industry generic issues and possible lessons learned from the planned Milestone 8 industry workshops. Implementation of these items will require additional time to assess, methodically plan, schedule, and complete remediation actions.
- 2.
Detailed justification that describes the reason the licensee requires additional time to implement the specific requirement or requirements identified.
The licensee stated that during the performance of NRC Milestone 1 through 7 cyber security inspections, a number of issues were identified that were generic in nature. These issues are being resolved by industry and the NRC. While the currently available guidance documents and lessons learned from the NRC Milestone 1 through 7 inspection provide detailed insights into many aspects of a fully compliant cyber security program, there are additional implementation areas that industry and NRC have determined to need additional discussion. Schedules are being developed to perform focused workshops in 2016 to review five specific programmatic areas, and to develop additional guidance based on those reviews. Additionally, NRC endorsed Revision 4 to NEI 13-10, "Cyber Security Control Assessments," by letter to NEI dated December 21, 2015 (ADAMS Accession No. ML15351A065). This revision provides clarification and examples for addressing the required security controls in Appendix D and certain security controls provided in Appendix E of NEI 08-09, "Cyber Security Plan for Nuclear Power Reactors." Based on the recent endorsement, incorporation of this guidance into existing TVA processes and existing control assessments will require additional resource allocation that is not supported by the current Milestone 8 implementation date.
- 3.
A proposed completion date for Milestone 8 consistent with the remaining scope of work to be conducted and the resources available.
The licensee stated that the proposed completion date for Milestone 8 is December 31, 2017.
The licensee noted the revised Milestone 8 date will allow for sufficient time to assess, plan, schedule, and implement any plant or programmatic changes required resulting from the resolution of Milestone 1 through 7 industry generic issues and the completion of planned Milestone 8 industry workshops.
- 4.
An evaluation of the impact that the additional time to implement the requirements will have on the effectiveness of the licensee's overall cyber security program in the context of milestones already completed.
The licensee indicated that the completion of activities associated with the CSP, as described in Milestones 1 through 7 and completed prior to December 31, 2012, provide a high degree of protection to ensure that digital computer and communication systems and networks associated with SSEP systems are sufficiently protected against cyber attacks up to and including the design-basis threat established by 10 CFR 73.1 (a)(1 )(v).
The licensee provided details about each of the completed milestones' activities and noted that several elements of Milestone 8 had been completed.
- 5.
A description of the licensee's methodology for prioritizing completion of work for critical digital assets associated with significant safety consequences and with reactivity effects in the balance of plant.
The licensee stated that TVA's methodology for prioritizing completion of cyber security activities associated with significant SSEP consequences and with reactivity effects in the balance of plant focused on completing Milestones 1 through 7 by December 31, 2012, and implementation of remediation actions for Milestone 8 during available refueling outages consistent with outage planning and design change processes. Work that can be done with the units online is implemented consistent with work management processes and available resources. Prioritization of work was performed per TVA's work scheduling processes and was based on safety significance, required availability of significant systems, and consideration for all aspects and elements of risk management.
- 6)
A discussion of the licensee's cyber security program performance up to the date of the license amendment request.
The licensee stated that implementation of the requirements of Milestones 1 through 7 have been completed and provides a high degree of protection against cyber security-related attacks, including radiological sabotage, during full program implementation. Cyber security assessments for all BFN, Units 1, 2, and 3 CDAs have been completed and remediation actions have been determined for deficient controls. Many of the controls, which do not require a design change, have already been implemented. A Quality Assurance (QA) audit was completed in October 2014 for BFN, Units 1, 2, and 3 cyber security that found no significant deficiencies. The most recent self-assessment of the cyber security program was completed in May 2014 with no significant deficiencies noted. Issues to address program improvements, which were identified during the audit and assessment activities, have been entered into the TVA Corrective Action Program (CAP). Quality Assurance audits will continue to monitor the performance of the cyber security program per the current QA biennial audit schedule. Ongoing monitoring and assessment activities are implemented, with the central logging facility set up and receiving some logs. These activities provide continuing program performance monitoring.
As additional devices are enabled to perform logging, additional monitoring information will be obtained. The NRC performed a Milestone 1 through 7 inspection of BFN, Units 1, 2, and 3 in July 2015. All performance deficiencies were determined to be of very low safety significance.
These deficiencies have been entered into the TVA's CAP. Performance deficiencies and unresolved items noted that were determined to be generic in nature throughout the industry are being addressed through a combined effort with industry and the NRC.
- 7.
A discussion of cyber security issues pending in the licensee's corrective action program.
The licensee indicated that the TVA's CAP is used to document cyber security issues in order to trend, correct, implement, and improve the cyber security program for BFN, Units 1, 2, and 3.
The CAP documents and tracks cyber security required actions, including remediation actions identified during cyber security assessments of CDAs and issues identified during ongoing program surveillances and assessments. Adverse trends are monitored for program improvement and are tracked via the CAP. Examples of activities pending in the CAP were provided.
- 8.
A discussion of modifications completed to support the cyber security program and a discussion of pending cyber security modifications.
The licensee provided a discussion of completed modifications.
3.2
NRC Staff Evaluation
The NRC staff has evaluated the licensee's application using the regulatory requirements and the guidance set forth above. The NRC staff's evaluation is below.
The licensee stated that all actions required for full compliance with the BFN, Units 1, 2, and 3 CSP are scheduled to be completed prior to the current Milestone 8 implementation date with the exception of those associated with industry generic issues and possible lessons learned from planned industry workshops.
The licensee indicated completion of activities associated with the CSP, as described in Milestones 1 through 7 and completed prior to December 31, 2012, provides a high degree of protection to ensure that digital computer and communication systems and networks associated with safety, SSEP are sufficiently protected against cyber-attacks. It detailed activities completed for each milestone and noted that several elements of Milestone 8 have already been implemented. It provided details about the completed milestones and elements. The NRC staff finds that the licensee's site is much more secure after implementation of Milestones 1 through 7 because the activities the licensee completed mitigate the most significant cyber attack vectors for the most significant CDAs.
The licensee stated that during the performance of NRC Milestones 1 through 7 cyber security inspections, a number of issues were identified that were generic in nature. Resolution paths have been determined. The current Milestone 8 implementation date does not allow for sufficient time to adequately plan, schedule, and implement remediation actions. The NRC staff has had extensive interaction with the nuclear industry since licensees first developed their CSP implementation schedules. Based on this interaction, the NRC staff recognizes that CDA security control design remediation actions are much more complex and resource intensive than originally anticipated and that the licensee has a large number of additional tasks not originally considered when developing its current CSP implementation schedule. Accordingly, the NRC staff finds that the licensee's request for additional time to implement Milestone 8 is reasonable given the unanticipated complexity and scope of the work required to come into full compliance with its CSP.
The licensee proposed a Milestone 8 completion date of December 31, 2017. The licensee stated that changing the completion date of Milestone 8 will allow for sufficient time to assess, plan, schedule, and implement any plant or programmatic changes required resulting from the resolution of Milestones 1 through 7 industry generic issues and the completion of planned industry workshops for Milestone 8. The licensee stated its methodology for prioritizing completion of cyber security activities associated with significant SSEP consequences and with reactivity effects in the balance of plant focused on completing Milestones 1 through 7 by December 31, 2012, and implementation of remediation actions for Milestone 8 during the available refueling outages consistent with TVA outage planning and design change processes.
Work that can be done with the units online is implemented consistent with work management processes and available resources. Prioritization of work was performed per TVA's work scheduling processes and was based on safety significance, required availability of significant systems, and consideration for all aspects and elements of risk management. The NRC staff finds that based on the description of work described above and the limited resources with the appropriate expertise to perform these activities, the licensee's methodology for prioritizing work on CDAs is appropriate. The NRC staff further finds that the licensees request to delay final implementation of the CSP until December 31, 2017, is reasonable given the complexity of the remaining unanticipated work.
3.3 NRC Staff Conclusion
Based on the review of the licensee's submittal dated July 14, 2016, the NRC staff concludes that the licensee's request to delay full implementation of its CSP until December 31, 2017, is reasonable for the following reasons: (i) the licensee's implementation of Milestones 1 through 7 provides mitigation for significant cyber attack vectors for the most significant CDAs as discussed in the staff evaluation above; (ii) the scope of the work required to come into full compliance with the CSP implementation schedule was much more complicated than anticipated and not reasonably foreseeable; and (iii) the licensee has reasonably prioritized and scheduled the work required to come into full compliance with its CSP implementation schedule.
The NRC staff also concludes that, upon full implementation of the licensee's cyber security program, the requirements of the licensee's CSP and 10 CFR 73.54 will be met. Therefore, the NRC staff finds the proposed change acceptable.
3.4 Revision to License Condition By letter dated July 14, 2016, the licensee proposed to modify paragraph 2.C.(11)(b) of Renewed FOL No. DPR-33, to modify paragraph 2.C.(11)(b) of Renewed FOL No. DPR-52, and to modify paragraph 2.C.(6)(b) of Renewed FOL No. DPR-68, which provide license conditions to require the licensee to fully implement and maintain in effect all provisions of the NRG-approved CSP.
The license condition in paragraph 2.C.(11)(b) of Renewed FOL No. DPR-33 for BFN Unit 1 is modified as follows:
(b)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p).
The licensee CSP was approved by License Amendment No. 279, as amended by changes approved by License Amendment Nos. 286 and 297.
The license condition in paragraph 2.C.(11)(b) of Renewed FOL No. DPR-52 for BFN Unit 2 is modified as follows:
(b)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 1 O CFR 50.54(p).
The licensee CSP was approved by License Amendment No. 306, as amended by changes approved by License Amendment Nos. 312 and 321.
The license condition in paragraph 2.C.(6)(b) of Renewed FOL No. DPR-68 for BFN Unit 3 is modified as follows:
(b)
The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p).
The licensee CSP was approved by License Amendment No. 265, as amended by changes approved by License Amendment Nos. 271 and 281.
4.0 STATE CONSULTATION
In accordance with the Commission's regulations, the Alabama State official was notified of the proposed issuance of the amendment on February 27, 2017. The State official had no comments.
5.0 ENVIRONMENTAL CONSIDERATION
These amendments to 10 CFR Part 50 licenses relate solely to safeguards matters and do not involve any significant construction impacts. These amendments are of administrative nature to extend the date by which the licensee must have its cyber security plan fully implemented.
Accordingly, the amendments meet the eligibility criteria for categorical exclusion set forth in 1 O CFR 51.22(c)(12). Pursuant to 1 O CFR 51.22(b), no environmental impact statement or environmental assessment need be prepared in connection with the issuance of the amendments.
6.0 CONCLUSION
The Commission has concluded, based on the considerations discussed above, that: (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner, (2) there is reasonable assurance that such activities will be conducted in compliance with the Commission's regulations, and (3) the issuance of the amendments will not be inimical to the common defense and security or to the health and safety of the public.
Principal Contributor: John Rycyna, NSIR Date: March 16, 2017
- via email OFFICE NRR/DORL/LPL2-2/PMiT NRR/DORL/LPL2-2/PM N RR/DORL/LPL2-2/LA NAME A Patel FSaba BClayton (PBlechman for)
DATE 2/27/17 2/27/17 2/23/17 OFFICE OGC-NLO NRR/DORL/LPL2-2/BC NRR/DORL/LPL2-2/PM NAME VHoang BBeasley FSaba DATE 3/8/17 3/14/17 3/16/17