ML23047A012
| ML23047A012 | |
| Person / Time | |
|---|---|
| Issue date: | 03/01/2023 |
| From: | Mirela Gavrilas NRC/NSIR/DPCP/CSB |
| To: | Jeff Baran, Annie Caputo, Crowell B, Christopher Hanson, David Wright NRC/OCM/AXC, NRC/OCM/BRC, NRC/OCM/DAW, NRC/OCM/JMB, NRC/Chairman |
| References | |
| RG-5.071, Rev 1, SRM-CTH210414-NSIR | |
| Download: ML23047A012 (2) | |
Text
MEMORANDUM TO:
Chair Hanson Commissioner Baran Commissioner Wright Commissioner Caputo Commissioner Crowell FROM:
Mirela Gavrilas, Director Office of Nuclear Security and Incident Response
SUBJECT:
RESPONSE TO SRM-CTH210414-NSIR, ISSUANCE OF REGULATORY GUIDE 5.71, REVISION 1, CYBERSECURITY PROGRAMS FOR NUCLEAR POWER REACTORS This memorandum informs the Commission that the staff published Regulatory Guide (RG) 5.71, Revision 1, Cybersecurity Programs for Nuclear Power Reactors, (Agencywide Documents Access and Management System (ADAMS) Accession No. ML22258A204) on February 3, 2023. RG 5.71 was revised, in part, to address recommendations from the staffs review of a letter from Advisory Committee on Reactor Safeguards (ACRS) Chairman Sunseri to Chair Hanson dated March 31, 2021, titled Uni-Directional Communications (Not Implemented in Software) From High Safety to Lower Safety Systems and Internal Plant to External Systems Connected to the Internet (ML21085A014).
In this letter, Chairman Sunseri raised concerns regarding unidirectional communication between systems in nuclear power plants. In response, on April 14, 2021, Chair Hanson directed the staff to review the issues raised in the letter and to provide the Commission with information on how the staff addresses the concerns raised by the ACRS (ML21112A190). A team of experts in the Offices of Nuclear Security and Incident Response and Nuclear Reactor Regulation reviewed those concerns and, on June 30, 2021, issued a report (ML21175A332) that included a recommendation to revise RG 5.71 to reference RG 1.152, Criteria for Use of Computers in Safety Systems of Nuclear Power Plants, to increase awareness among design certification applicants of the cybersecurity controls that could be incorporated as part of the nuclear power reactor design. The staffs revision to RG 5.71 includes references to RG 1.152 and discusses how an applicant could use both RGs to address cybersecurity requirements through design features.
CONTACT:
Kim Lawson-Jenkins, NSIR/DPCP 301-287-3656 March 1, 2023 Erlanger, Craig signing on behalf of Gavrilas, Mirela on 03/01/23
Memo ML23047A012 OFFICE NSIR/DPCP/CSB NSIR/DPCP/CSB NSIR/DPCP NSIR NAME BYip KLawson-Jenkins GBowman CErlanger DATE Feb 16, 2023 Feb 16, 2023 Feb 16, 2023 Feb 22, 2023 OFFICE OEDO/AO NSIR NAME MBailey MGavrilas CErlanger for DATE Feb 27, 2023 Mar 1, 2023