ML20058H443
| ML20058H443 | |
| Person / Time | |
|---|---|
| Site: | Monticello  |
| Issue date: | 12/06/1993 |
| From: | Belanger J, Creed J NRC OFFICE OF INSPECTION & ENFORCEMENT (IE REGION III) |
| To: | |
| Shared Package | |
| ML20058H421 | List: |
| References | |
| 50-263-93-020, 50-263-93-20, 50-263-93-20-EC, NUDOCS 9312130081 | |
| Download: ML20058H443 (21) | |
See also: IR 05000263/1993020
Text
.
.
..
.
. _ -
.
l
-
U.S. NUCLEAR REGULATORY COMMISSION
1
REGION III
l
\\
Report No. 50-263/93020(DRSS)
Docket No. 50-263
License No. DPR-22
.
.
Licensee: Northern States Power Company
414 Nicollet Mall
Minneapolis, MN 55401
i
Facility Name: Monticello Nuclear Generating Station, Monticello, MN
i
!
Meeting Conducted:
December 2, 1993
,
Meeting At: NRC Region III Office, Glen Ellyn, Illinois
1
Type of Meeting:
Enforcement Conference
j
.
!
9Cwm2-.OM yf
/d - d ~ 9.3
Inspector:
Ja6es L. Belanger
Date
Senior Physical Security Inspector
[f3
Approved By:
/
-
mes R. Creed, Chief
Date
feguards and IRC Section
!
.!
Meetina Summary
l
Enforcement Conference on December 2. 1993 (Report No. 50-263/93020(DRSS))
Areas Discussed:
Included a review and discussion of the circumstances
l
4
surrounding and corrective actions in response to a licensee identified
incident of inadequate storage and. marking of safeguards information at the
Monticello Nuclear Generating Plant.
Results: The licensee agreed with the apparent violations. The lice-~~'-
I
corrective actions were comprehensive and should prevent recurrence.
-
.I
1
9312130001 931207
ADOCK 05000263"
G
.-
.
_
_
__
.- .
. -
..
.
..
_.
,
,
i
1
-
I
DETAILS
j
,
1.
Persons Present at the Conference
'
Northern States Power Company
D. D. Antony, Vice President, Nuclear Generation
i
C. L. Lesher, Vice President Human Resources
L. H. Waldinger, General Manager, Monticello Site
1
G. T. Miserendino, Manager, Corporate Security
l
B. K. Anderson, Superintendent, Security - Monticello
J. Bittner, Security Consultant
,
,
U.S. Nuclear Reoulatory Commission
W. L. Axelson, Director, Division of Radiation Safety and Safeguards .
'
P. Ting, Acting Deputy Director, Division of Radiation Safety and
j
Safeguards
J. Creed, Chief, Safeguards and IRC Section
C. H. Weil, Enforcement Specialist
B. Berson, Regional Counsel
i
S. P. Ray, NRC Senior Resident Inspector, Monticello
J. L. Belanger, Senior Physical Security Inspector
B. A. Wetzel, NRC Project Manager for Monticello, Office of Nuclear
Reactor Regulation
!
2.
Enforcement Conference
i
An Enforcement Conference was held in Region III office on December 2,
1993. This conference was conducted as a result of findings in a
!
reactive physical security inspection conducted on October 26-29, 1993,
4
in which two apparent violations of the safeguards information rule were
identified.
Inspection findings were documented in Inspection Report
'
No. 50-263/93019(DRSS) and transmitted to the licensee by letter dated
i
November 16, 1993.
The purpose of the conference was to:
(1) discuss the apparent.
violations, causes, and the licensee's corrective actions;' (2) determine
,
if there were any escalating or mitigating circumstances; and (3) obtain
any information which would help determine the appropriate enforcement
action.
'{
Regional representatives presented a brief description of the pertinent
facts that led to the apparent violations, regulatory requirements,
apparent violations, and potential safety significance of the event.
The licensee's representatives described the event chronology and
immediate response actions taken. Additionally, the licensee provided a-
-1
detailed description of their formal investigation to include
j
investigation goals, methodology, and findings. This discussion
j
2
l
!
i
V
-r+-
~
. -
- -
--- -.-- - - --
.
.
followed a review of the licensee's followup corrective actions which
included:
Heightened Security Awareness
Safeguards Information Consolidation / Reduction
e
e
All SGI Moved Within Protected Area
Creation of SGI Classification Guide
e
Superintendent, Security is Responsible for
e
Classification / Declassification of SGI
Drafting Personnel Trained on SGI Control
e
Revision of Response Procedures
e
Plant Personnel Awareness
e
A SGI Checkout Procedure
e
The licensee representatives did not contest the apparent violations.
They believed that the information on the disk was not compromised. A
copy of the licensee's presentation material is enclosed.
At the conclusion of the conference, the licensee representatives were
informed that they would be notified in the near future of the final
enforcement actions.
3
__ .
_
. _ - _ _ _
_.
-.
Appendx A
NUCLEAR REGULATORY COMMISSION
.
REGION lli
.
I
UNCONTROLLED
'
SAFEGUARDS INFORMATION
ENFORCEMENT CONFERENCE
!
!
NORTHERN STATES POWER COMPANY
)
DECEMBER 2,1993
1
>
FACT SHEETS
.
-
<
'
!
INTRODUCTION
,
b
AGENDA
b
Introduction and overview
D Antony /
i
.
C Lesher
Event Description & Immediate Action B Anderson
i
.
Event Investigation
J Bittner
!
.
i
t
Other Corrective Actions /
B Anderson
.
.
Mitigating Factors
Corporate / Site SGI interface
G Miserendino
.
Summary
D Antony
.
,
I
a
l
.
-
-
-
-
-
-
.
.
.
.
-
.
i
r
$
Introduction and Overview
!
Introduction
.
,
.
NSP Attendees
?
Doug Antony
VP Nuclear Generation
l
Cyndi Lesher
VP Human Resources
Lon Waldinger
General Manager, Monticello
Site
George Miserendino
Manager, Corporate Security
.
Superintendent, Security
,
Jerry Bittner
Security Consultant
j
,
Event Overview
i
.
i
Planned Proactive SGI Control Measures
.
.
Company Focus and Management involvement
.
,
.
1
i
-)
i
.
..
'
'
1
.
l
.
,
!
l
Event and immediate Actions
i
i
i
Event Chronology and Description
.
Immediate Response Actions
.
-
Made notifications
'
l
Informed Jim Kniceley (on-site for routine inspection) of event.
~
Made one hour reportable to NRC.
.
Contacted Lon Waldinger (General Manager, Monticello Sita) and
discussed event and planned actions.
Patrols of Protected and Owner Controlled Area-
-
Initial patrols of the Protected and Owner Controlled Areas were
l
conducted upon notification of event.
!
-
Briefed security force
Security force was briefed on the event and the potential for
i
compromise of significant SGl.
Heightened awareness measures discussed with on-coming shifts.
Involved Individuals badges on hold
j
-
Individuals that discovered disk were not allowed access to Protected
Area until investigation determined no trustworthiness issues.
!
-
Verification of all personnel on site
Report was generated immediate!y following discovery to review
personnel on site.
l
Requested investigation by Corporate Security
-
Manager, Corporate Security was paged by General Manager,
Monticello site the afternoon of the event investigation assistance was
l
requested.
!
!
l
I
i
I
!
-
l
!
-
-.
_
.
.
.
.
\\
-
!
Investigation
" Background"
i
On August 26,1993, an investigation was requested
.
,
by the \\ ice President, Nuclear Generation.
The investigation was predicated on an allegation that
.
,
an unmarked computer diskette believed to contain
Safeguards Information was found lying unprotected in
j
the Monticello Site Administration Building.
Based on the request and the allegation, an
.
investigative pianning meeting was conducted on
August 27,1993, during which the investigative scope
and goals were identified. This meeting was attended
by a NRC Region 111 representative.
~
!
,
i
-
.
.
i
i
i
Investigation
" Goals"
'
,
Determine if the information contained on the diskette
.
was Safeguards Information.
!
Ascertain the circumstances surrounding the incident
.
... who, what, where, when, why, and how.
If possiole, and appropriate, affix responsibility for the
.
incident.
!
Determine the significance or impact if the information
.
was compromised.
Determine the circumstances surrounding how and
.
why the draftsman destroyed the diskette before
notifying NSP management.
.
4
,
.
l
~
Investigation
-
" Methodology"
li
5
Between August 27 and September 15,1993,
i
.
Corporate Security;
'
Interviewed all identifiable and developed
-
witnesses
Interviewed co-workers
-
.
-
Interviewed potential suspects utilizing the
.
Behavioral Analysis Interview process
i
!
Interviewed technical experts in the area of
!
-
,
l
computer, data recovery, and data transfer
!
technology
Conducted records and administrative procedure
-
reviews
Conducted criminal history checks on likely
-
l
suspects
-
Conducted Access Authorization suitability
determinations for likely suspects
I
l'
Identified and affixed responsibility for incident to
-
two contract draftsmen
l
.
..
.
.
.
'
investigation
"Significant Events"
During 1991 NSP QA conducted an audit and
.
identified the poor handling procedures utilized by the
drafting group. Corrective action was taken and all
computerized Safeguards Information was transferred
from diskettes to the Monticello main frame computer.
An interview of the draftsman responsible for
'
.
controlling and processing safeguards information
validated that the information had been transferred to
,
the main frame. However, the interview also validated
that his group had not consistently marked diskettes
containing Safeguards Information.
During the fall of 1991, following the audit, the drafting
.
group was relocated to the site administration building
... it was believed by the draftsmen that no Safeguards
Information had been removed from the P.A.
During the summer of 1993, the draftsman responsible
.
for the groups Safeguards Information resigned and
transferred to another job in Minneapolis. Upon his
departure he left four or five unmarked diskettes lying
on his desk.
During August 1993, while using a centralized
.
computer in the vacated work area, SUBJECT
transferred a drawing to a diskette that had been left
on the desk ... this disk was later determined to
contain Safeguards information.
a
..
.
Investigation
'
"Significant Events"
1
-
.
!
!
During September 1993 attempts were made by a US
.
.
Department of Defense cleared data recovery
company to recover and restore the files and data
'
identified as Safeguards Information on SUBJECT's
hard disk and the floppy destroyed in August 1993.
These efforts were unsuccessful.
!
SUBJECT destroyed the diskette after verifying that
.
the files on the disk were outdated.
,
I
<
- - -
- - - - - - -
,
.
-l
<
.
Investigation
)
" Findings"
1
Between 1991 and 1993 Contract Draftsmen assigned
.
to the Nuclear Projects Department conducted their
i
daily activities with little or no NSP oversight, thus
creating a situation where their operating procedures
and decisions were unchallenged.
The lack of NSP involvement in the contractor's daily
.
operations directly contributed to the poor control and
handling procedures utilized by the draftsmen.
l
Based on witness testimony and descriptions of
.
operational practices employed after the 1991 audit
,
suggested the unmarked diskette had been left
unprotected since the fourth quarter of 1991.
.
Although there were four contract draftsmen assigned
.
to the Nuclear Projects Department, Safeguards
information had been controlled and processed by one
individual, thus eliminating necessary checks and
balances in the process.
Based on witness testimony and analysis of records,it
i
-
appeared the information contained on the diskette
was Safeguards Information developed in 1990 to
support the sites RER evaluation. Witness testimony
also supported the claim by the contract draftsman
that the information was outdated.
l
l
_
j
-.
-
investigation
-
" Findings"
A search of the contract draftsman's work area
.
identified 570 unmarked, program and personal
!
diskettes ... an analysis of these diskettes failed to
identify additional Safeguards Information.
A search of the Site Administrations Document Vault
>
.
disclosed seven additional safeguards diskettes, four
of which had not been marked as Safeguards
Information. While unmarked, these diskettes had
been properly secured.
j
While the actions regarding the destruction of the
.
diskette by the draftsman were questionable, his
.
actions after identifying the diskette as containing
'
safeguards information appeared appropriate ...
protected, destroyed, and notified management.
j
.
.
.
.
..
.
-
Followup Corrective Actions
Heightened Security Awareness
.
t
The evening of the event, the following measures were enacted.
'
Hourly Protected and Owner Controlled Area patrols.
'
o
Pan / tilt / zoom cameras maintained in optimum response locations.
I
o
!
Lock all intermediate barrier fence gates except for main road access
o
points.
i
Eliminate all Owner Controlled Area (OCA) activities (e.g., fishing,
o
hunting, etc).
'
Response personnel maintain high awareness and positioning.
o
These measures were maintained until determination was made that
o
information was not compromised. Measures terminated at 1030 hours0.0119 days <br />0.286 hours <br />0.0017 weeks <br />3.91915e-4 months <br />
l
on 9/16/93.
~
Safeguards Information consolidation / reduction
'
.
All SGI has been consolidated into minimum number of locations.
'
All SGI has been reviewed and any duplicated or unnecessary SGI
'
destroyed.
All SGI has been moved within the Protected Area
l
.
A security SGI room has been created.
All word processing and drafting work will be performed inside the Protected
l
Area.
!
SGI only allowed outside Protected Area when operationally necessary.
j
SGI must be logged out of the security storage area.
Creation of SGI classification guide
.
Guide will be used to consistently classify / declassify SGl.
This will be a corporate document used by both nuclear sites.
The Superintendent, Security is responsible for
.
classification / declassification of SGI
Site procedure revised to include this requirement.13rocedure revised on
i
11/30/93.
Drafting personnel have been trained on SGI control
-
.
Draftsmen reviewed appropriate site procedures on SGI control.
,
All drafting will be performed in Security SGI holding area under control of
.
Security.
,
.-
..
.
-
,
Revision of Response procedures
.
.
Dave Axt from American Protective Services reviewed and recommended
changes to response procedures.
Response procedures will be revised, and all training complete by 3/31/94.
Plant personnel awareness
.
Memo to all site personnel on Safeguards Information control on 9/13/93.
<
Site Security Newsletter distributed to site personnel on 10/22/93/
SGI checkout procedure
-
.
A checkout procedure is currently being developed to ensure and document
that personnel are aware of SGI control requirements prior to working with
SGl.
!
<
F
h
h
I
!
t
[
i
j
'
,
.
.
..
e
e
-
.
i
l
Mitigating Factors
-
Discovered by Licensee
.
Licensee identified.
Promptly reported to NRC
.
Reported to NRC Region ill Safeguards inspector immediately.
one hour report made to NRC Headquarters in accordance with regulations.
Properly identified the significance of event
{
.
Prompt comprehensive corrective actions
.
Refer to corrective action section of this document.
Thorough investigation to determine facts
.
Refer to investigation section of this document.
Pending revision to Response procedures
.
Revision will provide a better response plan.
Disk was not marked to draw attention
'
.
The disk was not marked in any way to draw attention to it as containing
SGl.
570 other disks in area
l
.
Difficult for an individual to find an unmarked disk within this volume of disks.
!
.
.
.
-
.
.
..
.
.
n
Compromise issue
,
Computers in drafting area password protected
.
Password is required to use drafting workstations.
Any unauthorized individual would not be able to view disk in the drafting
!
area.
j
Technical knowledge required to access disk
.
information
Knowledge of CAD software needed to view drawings on disk.
No malevolent intent
.
Individuals determined to be trustworthy
.
'
570 disks in area analyzed for SGI
.
Disk not marked to draw attention
.
.
i
l
4
1
4
'
.
.
-
-
- - - - -
--- --- ---- -
-- -
- --
--_
,
.
.
Marking of SGI
i
!,
All SGI has been properly marked
l
.
During the review of all SGI for consolidation / duplication, procer marking of
documents was verified.
Superintendent Security classifies new SGI
.
Site procedure requires the superintendent to make all SGI determinations.
Procedure rcv' sed to address additional marking
.
controls
Additional marking requirements have been introduced for SGI computer
media while in u e.
Drafting personnel trained
.
Drafting personnel have reviewed the site procedure on SGI control and are
fully aware of SGI requirements.
___ ___ - _
.
.
..
.
CORPORATE SECURITY ACTIONS
Awareness
Sensitized entire security team to the issue.
.
-
Topic at staff meetings.
Security generalists as well as nuclear security specialists were on ad hoc
-
committee to locate and procure a room to serve as a SGI depository at
corporate office that:
Met the criteria as a Controlled Area for SGI (1.A.W. NUREG 0794,4.1)
and
Provided adequate space for SGI review (small conferences) and
processing.
Compilation of a Safeguards Information standards
.
guide.
Several documents containing partial explanations of what constitutes SGI
-
researched.
This material was then summarized and outlined in a quick reference guide.
-
Consolidation
>80% Reduction of areas where SGI materials may be
.
kept at Corporate offices.
Plans, drawings, and other SGI materials were stored permanently (or
-
temporarily) in six areas of two buildings: (1) Security Services, (1) PSOA, (1)
Licensing, and (3) Engineering Document Services [EDS).
SGI engineering drawings transferred to sites.
.
All SGI related drawings and microfiche cards now kept in the SGI
-
depositories at our nuclear sites (inside the pas).
Designated SGI custodians.
.
One individual at each site and one individual at corporate office designated
-
as having responsibility for Safeguards Information depositories.
.
..
.
-
.
.
,
,
!
!
,
Reduction
Reduced by >60% physical protection documents
.
maintained outside of plant pas.
Three separate sets of licensed plans and implementing procedures were
-
previously maintained at the corporate offices. Now there is only one.
l
- '
Continuing effort to reduce SGI inventory.
.
Directive to elirninate, by destroying or declassifying, all outdated or
-
otherwise unnecessary SGI materials by 12/31/93.
.
!
l
<
>
f
.
I
I
<
L
I