See also: IR 05000293/1998003

Text

..

a -

U.S. NUCLEAR REGULATORY COMMISSION

REGION I

Docket No:

_50-293

License No:

DPR-35

Report No:

50-293/98-03

Licensee:

Boston Edison Company (BECo)

Facility:

Pilgrim Nuclear P-ower Station, Unit #1

^ Location:

Plymouth, Massachusetts

Dates:

March 2-5 and 11-12,1998

Inspectors:

Edward B. King, Physical Security inspector

Paul R. Frechette, Physical Security inspector

Approved by:

Michael C. Modes, Chief

.

Emergency Preparedness & Safeguards Branch

Division of Reactor Safety

l

l-

l

9804100192 990403

f

PDR

ADOCK 05000293

G

PDR

.

..

EXECUTIVE SUMMARY

Pilgrim Nuclear Power Station

NRC Inspection Report No. 50-293/98-03

In general, the licensee maintained an effective security program.' However, the inspectors

determined that multiple examples of equipment failures associated with the protected area

assessment system existed. Assessment aid concerns were identified in the licensee's

1996 and 1997 quality assurance (QA) audits as well as in the 1995-1997 NRC security

inspection reports.' The failure to address known programmatic weaknesses is a concern.

The 1996 and 1997 security, access authorization, and FFD audits were thorough and in-

depth, alarm station operators were knowledgeable of their duties and responsibilities, and

communication requirements were being performed in accordance with the NRC-approved

physical security plan (the Plan). Personnel search equipment was being tested and

maintained in accordance with licensee procedures and the Plan, personnel and packages

were being properly searched prior to protected area (PA) access and controls were in

place, which included a departmental self-assessment program, for identifying, resolving,

and preventing programmatic problems.

l Security training was being performed in accordance with the NRC-approved training and

qualification (T&O) plan. However, the inspectors noted that the licensee has not

conducted drills associated with tactical response training for over 18 months. Based on

- discussions with security training staff, the licensee was the process of re-evaluating

target sets and time lines to enhance their tactical response capabilities. Additionally, the

- training department was in the process of re-evaluating the licensee's defensive strategy

associated with protecting the facility against the design basis threat as described in

10CFR 73.1. The licensee planned to begin conducting tactical response drills using the

new target sets and defensive strategies in the near future in preparation for the '

Operational Safeguards Response Evaluation (OSRE) scheduled for the week of June 1,

1998.

- As an enhancement to the inspection, the UFSAR initiative, Section 4.5 of the Plan, titled

" Keys, Locks, and Combinations" was reviewed. The inspectors determined, by physical

verification, discussions with security supervision, and procedural reviews, that locks and

keys were being maintained as required in the Plan.

,

ii

i

.

l

Report Details

S1

Conduct of Security and Safeguards Activities

a.

Inspection Scone (81700)

Determine whether the conduct of security and safeguards activities met the

licensee's commitments in the NRC-approved security plan (the Plan) and NRC

regulatory requirements. The security program was inspected during the period of

March 2-5 and 11-12,1998. Areas inspected included: access authorization

program; alarm stations; communications; protected area access control of

personnel and packages.

b.

Observations and Findinos

q

L

Access Authorization Proaram. The inspectors reviewed implementation of the

Access Authorization (AA) program to verify implementation was in accordance

I

with applicable regulatory requirements and Plan commitments. The review

included an evaluation of the effectiveness of the AA procedures, as implemented,

1

and an examination of AA records for 10 individuals. Records reviewed included

both persons who had been granted and had been denied access. The AA program,

as implemented, provided assurance that persons granted unescorted access did not

l

constitute an unreasonable risk to the health and safety of the public. Additionally,

l

L

the inspectors verified by reviewing access denial records and applicable

'

procedures, that appropriate actions were taken when individuals were denied

!'

access or had their access terminated which included a formalized process that

allowed the individuals the right to appeal the licensee's decision.

I

Alarm Stations. The inspectors observed operations of the Central Alarm Station

l

I

(CAS) and the Secondary Alarm Station (SAS) and verified that the alarm stations

were equipped with appropriate alarms and communications capabilities. However,

as noted in Sect 6;: S2 of this report, multiple examples of equipment failures

associated with We assessment program existed which preciudad the alarm station

i

operators ability to assess the cause of an alarm. Interviews with the alarm station

operators found them knowledgeable of their duties and responsibilities. The

)

inspectors also_ verified, through observations and interviews, that the alarm

stations were continuously manned, independent and diverse so that no single act

could remove the plants capability for detecting a threat and calling for assistance

and the alarm stations did not contain any operational activities that could interfere

with the execution of the detection, assessment and response functions.

Communications. The inspectors verified, by document' reviews and discussions

with alarm station operators, that the alarm stations were capable of maintaining

continuous intercommunications, communications with each security force member

(SFM) on duty, and were exercising communication methods with the local law

enforcement agencies as commi'.ted to in the Plan.

1

i

.

.

2

Protected Area (PA) Access Control of Personnel and Hand-Carried Packaaes.

On March 3 and 4,1998, the inspectors observed personnel and package search

activities at the personnel access portal.11e inspectors determined, by

observations, that positive controls were in pl ace to ensure only authorized

individuals were granted access to the PA and that all personnel and hand carried

items entering the PA were properly seamhed. However, on March 4,1998, at

0710 Hours, an individual gained a<, cess into the protected area with an incorrect

identification badge. This occurred when a SFM enrolled an individual, that was

having difficulty with their identification badge at the protected area turnstyle, into

the hand geometry system without verifying that the individual had the correct

identification badge. The inspectors discussed the event with security management

and determined that the event occurred due to the SFM's inattention to detail. The

inspectors reviewed the licensee's corrective actions and determined that the event

was isolated and not indicative of a decline in programmatic performance.

c.

Conclusions

The licensue was conducting its security and safeguards activities in a manner that

protected public health and safety and that this portion of the program, as

implemented, met the licensee's commitments and NRC requirements.

S2

Status of Security Facilities and Equipment

a.

Inspection Scope (81700)

Areas inspected were: Testing, maintenance and compensatory measures; PA

l

assessment aids; and personnel search equipment.

b.

Observations and Findinas

l

Testina, Maintenance and Comoensatorv Measures. The inspectors reviewed

!

testing and maintenance records for security-related equipment and found that

documentation was on file to demonstrate that the licensee was testing and, with

the exception of the assessment aids, maintaining systems and equipment as

committed to in the Plan. A priority status was being assigned to each maintenance

r3 quest and repairs were normally being completed within the same day a

maintenance request necessitating compensatory measures was generated. The

inspectors reviewed security event logs and maintenance work requests generated

over the past six months. These records indicated that the need for establishing

compensatory measures due to equipment failures was minimal and when

implemented, the compensatory measures did not reduce the effectiveness of the

security systems as they existed prior to the failure.

i

l

I

I.

.

3

.

However, the ' inspectors also noted that maintenance requests that were classified

with a low priority status would remain open for an extended period of time.

i

Specifically, requests associated with assessment aids, not requiring compensatory

l

measures, would either remain open for extended periods or the requests were

reissued under a new maintenance request number and placed back into the tracking

system. This resulted in the assessment aids not receiving the necessary level of

l

management attention due to the low priority status of the work requests and

management's failure to redirect the work efforts of the maintenance and l&C

groups.

Assessment Aids. On March 4,1998, the inspectors evaluated the effectiveness of

the assessment aids, by observing on closed circuit television (CCTV), a SFM

conducting a walkdown of the PA. The inspectors determined that multiple

)

examples of equipment failures associated with the assessment program existed.

J

l

RiiS PARAGRAPH CONTAINSSAFEGUARDS

INFORMATION ANDIS NOTFOR PUBUC

1

DISCl0SUREITISINTENTIONALLY

LEFT BLANK.

-

' " Assessment aid concerns were identified in the 1996 and

'

1997 licensee's quality assurance (QA ) security audits as well as in the 1995-1997

NRC security inspection reports. The failure to address known programmatic

weaknesses is a concern. The licensee took immediate action to implement

compensatory measures for the degraded assessment system when it was identified

during this inspection. The licensee failure to maintain the protected area

assessment aids as required in the NRC-approved Plan is an apparent violation of

NRC requiremonts. (eel 50-293/98-03-01)

Personnel and Packaae Search Eauioment. The inspectors observed both the routine

use and the daily performance testing of the licensee's personnel and package

search equipment. The inspectors determined, by observations and procedural

reviews, that the search equipment performs in accordance with licensee

procedures and Plan commitments.

c.

Conclusions

',

The licensee's security facilities and equipment were determined, with the exception

of the assessment aid concerns, to be well maintained and reliable and were able to

meet the licensee's commitments and NRC requirements.

S3

Security and _ Safeguards Procedures and Documentation

a.

Insoection Scoce (81700)

Areas inspected were: implementing procedures and security event logs.

,

e

_

_ - _ - _ - ____ _ ___- -______ -_ - __ __

.

.

4

b.

Observations and Findinas

Security Proaram Procedures. The inspectors verified that the procedures were

consistent with the Plan commitments, and were properly implemented. The

verification was accomplished by reviewing selected implementing procedures

associated with PA access control of personnel and packages and testing and

maintenance of personnel search equipment.

Security Event Loas. The inspectors reviewed the Security Event Log for the

previous eight months. . Based on this review, and discussion with security

management, it was determined that the licensee appropriately analyzed, tracked,

resolved and documented safeguards events that the licensee determined did not

require a report to the NRC within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br />.

,

c.

Conclusions

Security and safeguards procedures and documentation were being properly

implemented. Event Logs were being properly maintained and effectively used to

analyze, track, and resolve 'feguards events.

84:

Security and Safeguards Staff Knowledge and Performance

a.

Inspection Scone (81700)

Area inspected was security staff requisite knowledge.

b.

Observations and Findings

Security Force Reauisite Knowledae. The inspectors observed a number cf SFM's

in the performance of their routine duties. These observations included alarm

station operations, personnel and package searches, and performance testing of the

personnel search equipment. Additionally, the inspectors interviewed SFMs and

based on the responses to the inspectors' questioning, determined that the SFMs -

were knowledgeable of their responsibilities and duties, and could effectively carry

out their assignments.

c.

[ansjydgnt

' The SFMs adequately demonstrated that they have the requisite knowledge

necessary to effectively implement the duties and responsibilities associated with

their position.

I

r

.. . . . . . ... . . . . .

..

.

.

,

.. . . .

.

.

.

.

.

.

.

.

.

.

.. .

.

..

.. .

...

..

5.

85

Security and Safeguards Staff Training and Qualifications (T&O)

a.

Insoection Scape (81700)

Areas inspected were security training and qualifications and training records,

b.

Observations and Findinas

- Security Tr:4.no and Qualifications. On March 3,1998, the inspectors randomly

selected and reviewed T&Q records of 7 SFMs. Physical and requalification records

were inspected for armed supervisory and non-supervisory personnel. The results

of the review indicated that the security force was being trained in accordance with

the approved T&Q plan. Thi inspectors held discussions with the security training

staff, and was informed that the security training department has not conducted

drills associated w!th tacGcal response training for over 18 months. However,

security with the support of plant operations, was in the process of re-evaluating

target sets and time lines to enhance their tactical response capabilities. The

licensee planned to begin conducting tactical response drills using the new target

_

sets and defensive strategies in the near future in preparation for the Operational

Safeguards Response Evaluation (OSRE) scheduled for the week of June 1,1998.

Trainina Records. The inspectors were able to verify, by reviewing training records,

that the records were properly maintained, accurate and reflected the current

qualifications of the SFMs.

c.

Conclusions

i

Security force personnel were being trained in accordance with the requirements of

the Plan. Training documentation was properly maintained and accurate and the

training provided by the training staff was effective.

S6

Security Organization and Administration

a.

Inspection Scope (81700)

Areas inspected were management support, management effectiveness and staffing

' levels,

b.

Observations and Findinas

Manaaement Suonort. The inspectors reviewed various program enhancements

made since the last program inspection, which was conducted in August 1997.

These enhancements included the procurement of new base station radios for

- enhanced communications in the alarm ctations and new weapons and equipment

. to enhance tactical response capabilities and improve tactical training.

L

w

e e

F

!

6

Manaaement Effectiveness. The inspectors reviewed the management

organizational structure and reporting chain. The Protective Services Department

L

Manager's position in the organizational structure provides a means for making

senior management aware of programmatic needs. However, the inspectors

questioned the involvement of senior management concerning the actions taken to

address long standing protected area assessment aid concerns.

Staffina Levels. The inspectors verified that the total number of trained SFMs

immediately nailable on shift meets the requirements specified in the Plan.

l-

c.

Conclusions. The level of management support, in general, was adequate to ensure

l.

effective implementation of the security program, and was evidenced by adequate

i

staffing levels and the allocations of resources to support programmatic needs.

l

1

S7

Quality Assurance in Security and Safeguards Activities

!

_ a.

Insoection Scone (81700)

Areas inspected were: audits, problem analyses, corrective actions and

effectiveness of management controls.

b.

Observations and Findinas

l

Audits. The inspectors reviewed the 1996 QA audit of the access authorization

- (AA) program, conducted December 18 - 31,1996, (Audit No. 96-12), the 1996

L

combined QA audit of the security and fitness-for-duty (FFD) programs, conducted

February 26 - March 15,1996,(Audit No. 96-02), the 1997 QA audit of the FFD

program, conducted February 24 - 28,1997, (Audit No. 97-01), and the 1997 QA

audit of the security program, conducted March 3 - 14,1997, (Audit 97-02). The

audits were found to have been conducted in accordance with the Plan and FFD

rule. To enhance'the effectiveness of the audits, all of audit teams included an

independent technical specialist.

The 1996 AA audit report identified no deficiency reports (DR) and one

recommendation.. The 1996 combined security and FFD audit report identified one

DR and five recommendations associated with the security program and two DRs

associated with the FFD program. The security DR was associated with l&C and

maintenance's failure to meet procedural requirements for processing security

related maintenance requests. The FFD DRs were associated with the software

4

,

developed to randomly select individuals for FFD testing and for the failure to

l

. implement corrective actions (procedural guidance) in a timely manner for

- establishing a process to control non-safety related computer applications. The

1997 FFD audit report identified four DRs, one problem report, and two

'

o

recommendations. The DRs were associated with the lack of procedural guidance

j-

for the use of the computerized random FFD selection process, failure to generate a

e

FFD self-assessment plan, failure to submit the required number of blind specimens

to the laboratory for the bst quarter of 1996, and failure to perform an audit of the

,.

Health and Human Service. (MHS) certified laboratory used by the licensee. The

r

I

.

t

>

l

' 1997 security audit report identified four DRs and four recommendations. The DRs

were associated with long term record storage, opened security work orders

associated with malfur'ctioning door keepers, inconsistent alarm response by SFMs

in accordance with the Plan, and the licensee's failure to update the security

procedure associated with the hand _ geometry units. The inspectors determined that

L

the findings were not indicative of programmatic weaknesses, and the findings

would enhance program effectiveness. Inspectors' discussions with security

management and FFD staff revealed that the responses to the findings were

completed, and the corrective actions were effective.

Problem Analyses. The inspectors reviewed data derived from the security

department's self-assessment program. Potential weaknesses were being properly

l

identified, tracked, and trended.

Corrective Actions. The inspectors reviewed corrective actions implemented by the

l

'

- licensee in response to the QA audit and self-assessment programs. The corrective

I

actions were effective, evidence by a reduction in personnel performance issues and

l_

loggable safeguards events.

l

Effectiveness of Manaaement Controls. The inspectors verified, by documentation

reviews, that the licensee has programs in place for identifying, analyzing and

resolving problems. They include the performance of annual QA audits, a

departmental self-assessment program and the use of industry data such as

- violations of regulatory requirements identified by the NRC at other facilities, as a

criterion for self-assessment.

c.

Conclusions

The review of the licensee's Audit program indicated that the audits were

comprehensive in scope and depth, that the audit findings were reported to the

appropriate level of management, and that the program was being properly

administered. In addition, a review of the documentation applicable to the self-

assessment program indicated that the program was effectively implemented to

~

identify and resolve potential weakness.

i

,

o

L

i

i

i

r .-

. .

8

l

X1

Exit Meeting Summary

The inspector met with licensee representatives at the conclusion of the inspection on

March 12,1998. At that time, the purpose and scope of the inspection were reviewed,

and the preliminary findings were presented. The licensee acknowledged the preliminary

,

inspection findings.

X2

Review of Updated Final Safety Analysis Report (UFSAR)

A recent discovery of a licensee operating its facility in a manner contrary to the UFSAR

description highlighted the need for a special focused review that compares plant practices,

procedures, and parameters to the UFSAR description. Since the UFSAR does not

specifically include security program requirements, the inspectors compared licensee

activities to the NRC-approved physical security plan, which is the applicable document.

While performing the inspection discussed in this report, the inspectors reviewed Section

.

4.5 of the Plan,' titled " Keys, Locks, and Combinations". The inspectors determined, by

interviews with security force members (SFMs), observations, and procedural reviews, that

' visitor access was being controlled and maintained as required in the Plan,

1

i

I

i

,

.

l

.-

.

,

PARTIAL LIST OF PERSONNEL CONTACTED

Licensee

L.J. Olivier, Vice President Nuclear

j

C.S. Goodard, Plant Manager

'

C.H. Minott, Project Manager

J. Neal, Protection Services Department Manager

N. Desmond, Regulatory Relations Manager

M.T. Lenhart, Senior Regulatory Engineer

J.L.Taomina, Instrumentation and Control Department Manager

E. Neary, Security Operations Supervisor

W. Riggs, Nuclear Services Group Manager

T. Campbell, Security Services Supervisor

J. Keene, Regulatory Affairs Manager

Contractor

R. Wheat, Project Manager, Protection Technology incorporated (PTI)

N. Metcalf, Operations Manager, PTl

'

l

Nuclear Reaulatory Commission - Reaion i

R. Laura, Senior Resident inspector

!

R. Arrighi, Resident inspector

i

.

J

l

l

i

I

t

i

'

l

l

1

j

f

..

O

INSPECTION PROCEDURES USED

IP 81700:

Physical Security Program for Power Reactors

LIST OF ACRONYMS USED

!

!

SFM

security force member

QA

quality assurance

the Plan

NRC-approved physical security plan

PA

protected area

T&Q

training and qualification

CAS

central alarm system

SAS

secondary alarm system

UFSAR

Updated Final Safety Analysis Report

!

DR

deficiency report

CCTV

closed circuit television

HHS

Health and Human Services

l

l

,

i

l