|
|---|
Category:Letter
MONTHYEARML24304A3482024-10-29029 October 2024
10-29-24 NEI Letter to NRC Status and Way Forward on NEI 99-04 Revision 1
ML24274A3112024-09-30030 September 2024
Request for NRC Review and Endorsement of NEI 99-01, Development of Emergency Action Levels for Non-Passive Reactors, Revision 7
ML24255A0702024-09-0909 September 2024
09-09-24_NRC_Industry Timeliness Request Regarding Items Relied Upon for Safety
ML24204A2082024-07-22022 July 2024
07-22-24_NRC_NEI Withdrawal of Fee Exemption Request for Wp Selection of Seismic Scenario for EPZ Determination
ML24204A2162024-07-22022 July 2024
Withdrawal of Fee Exemption Request for Endorsement of NEI White Paper, Selection of a Seismic Scenario for an EPZ Boundary Determination
ML24187A0552024-07-0303 July 2024
Fee Exemption Request for NEI White Paper Selection of Seismic Scenario for EPZ Determination
ML24184C1212024-07-0202 July 2024
NEI - Request for NRC Endorsement of NEI 24-05 Revision 0, an Approach for Risk-Informed Performance-Based Emergency Planning
ML24173A2712024-06-14014 June 2024
NEI - Proposed Changes to Inspection Procedure (IP) 71130.10, Cybersecurity
ML24165A0852024-06-13013 June 2024
NEI White Paper - Impact of Higher Source Term Fractions on EQ Doses
ML24165A0862024-06-13013 June 2024
NEI White Paper - Proposed Control Room Dose Acceptance Criteria Supporting RG 1.183 R2
ML24165A0872024-06-12012 June 2024
NEI White Papers Supporting NRC Workshop Discussions Regarding Nuclear Regulatory Commissions (NRC) Potential Changes to Regulatory Guide 1.183
ML24152A3242024-05-31031 May 2024
NEI Concept Paper: Regulation of Rapid High-Volume Deployable Reactors in Remote Locations
ML24159A7312024-05-23023 May 2024
05-23-24 Nuclear Energy Institute Letter to the U.S. Nuclear Regulatory Commission Re Industry Comments on Buildings as Items Relied on for Safety
ML24135A1982024-04-23023 April 2024
SFAQ No 2022-02, SAE Program Requirements - NEI Withdrawal Letter
ML24078A2212024-03-15015 March 2024
3-15-24 NEI Letter Aveil from Juhle on Pur
ML24061A0572024-02-29029 February 2024
Endorsement of NEI 08-09, Revision 7, Changes to NEI 08-09 Cyber Security Plan for Nuclear Power Reactors
ML24023A0392024-01-22022 January 2024
NEI Comments on the Information Collection Renewal for Domestic Licensing of Special Nuclear Material, Docket Id NRC-2023-0118
ML23355A1972023-12-14014 December 2023
NEI, Comments on NRC Draft Resolution of SFAQ 2022-02, SAE Program Requirements
ML23219A1672023-10-25025 October 2023
Response Letter to Fee Exemption Request for Pre-Submittal Activities, Review, and Endorsement of NEI 20-07
ML23270B9002023-09-27027 September 2023
NEI Letter Request for an Extension of Comment Period on Proposed Revision to Standard Review Plan Section 15.0, Introduction - Transient and Accident Analyses, Docket Id NRC 2023 0079
ML23268A0102023-09-22022 September 2023
NEI, Fee Exemption Request for Endorsement, Review and Meeting to Discuss Draft Nuclear Energy Institute Technical Report NEI 23-01, Operator Cold License Training Plan for Advanced Nuclear Reactors
ML23241A8612023-08-25025 August 2023
Consolidated Industry Comments to NRC Regulatory Issue Summary 2023-02, Scheduling Information for the Licensing of Accident Tolerant, Increased Enrichment, and Higher Burnup Fuels
ML23236A4992023-08-24024 August 2023
Industry Feedback on Region II Fuel Cycle Facility Construction Oversight Workshop Held August 15, 2023, and Suggested Topics for Additional Public Meetings in Fall 2023
ML23256A1622023-08-0101 August 2023
Incoming NEI Letter Dated August 1, 2023 Regarding Increase in Fees 2023-2025
ML23206A0292023-07-24024 July 2023
Incoming Fee Exemption Request for Pre-Submittal Activities, Review, and Endorsement of NEI 20-07
ML23143A1232023-06-22022 June 2023
NRC Fee Waiver Request for Draft NEI 23-01
ML23200A1662023-05-30030 May 2023
NEI Proposed Metrics for a Performance-Based Emergency Preparedness Program
ML23116A0732023-05-25025 May 2023
Letter to Hillary Lane in Response to a Request for a Fee Exemption for NEI 23-03
ML23135A7332023-05-0909 May 2023
NEI Comments on NRC Safety Culture Program Effectiveness Review
ML23110A6762023-04-18018 April 2023
04-18-23_NRC_NEI 23-03 Review + Endorse
ML23110A6752023-04-18018 April 2023
04-18-23_NRC_Fee Waiver for NEI 23-03
ML23110A6782023-04-18018 April 2023
Request for Review and Endorsement of NEI 23-03, Supplemental Guidance for Application of 10 CFR 50.59 to Digital Modifications at Non-Power Production or Utilization Facilities
ML24120A2702023-04-0404 April 2023
Melody Rodridguez NEI Comment on Controlled Unclassified Information
ML23107A2302023-03-31031 March 2023
NEI Letter, to Andrea Veil, NRC, Regarding Industry Recommendations for a 10 CFR 50.46a/c Combined Rulemaking
ML23083B4622023-03-24024 March 2023
Transmittal of NEI 22-05 Revision a, Technology Inclusive Risk Informed Change Evaluation (Tirice) Guidance for the Evaluation of Changes to Facilities Utilizing NEI 18-04 and NEI 21-07
ML23138A1662023-03-24024 March 2023
Transmittal of NEI 22-05 Revision a, Technology Inclusive Risk Informed Change Evaluation (Tirice) Guidance for the Evaluation of Changes to Facilities Utilizing NEI 18-04 and NEI 21-07
ML23060A3272023-03-0101 March 2023
NEI, Wireless Cyber Security Guidance
ML23060A2142023-03-0101 March 2023
NEI, Request for NRC Endorsement of NEI White Paper, Enabling a Remote Response by Members of an Emergency Response Organization, Revision 0
ML23023A2752023-01-23023 January 2023
Request for Extension of Comment Period from the Nuclear Energy Institute on PRM-50-124 - Licensing Safety Analysis for Loss-of-Coolant Accidents
ML22348A1122023-01-17017 January 2023
Letter to Richard Mogavero Response to Fee Exemption NEI 08-09 Revision 7
ML22353A6082023-01-11011 January 2023
U.S. Nuclear Regulatory Commission Report of the Regulatory Audit of the NEI-Proposed Aging Management Program Revision to Selective Leaching Program (XI.M33)
ML22349A1012022-12-12012 December 2022
LTR-22-0343 Ellen Ginsberg, Sr. Vice President, General Counsel and Secretary, Nuclear Energy Institute, Expresses Concerns Related to Issuance of Regulatory Issue Summary 2022-02; Operational Leakage
ML22336A0372022-11-16016 November 2022
Fee Exemption Request for NEI 08-09 Revision 7 - Changes to NEI 08-09 Cyber Security Plan for Nuclear Power Reactors
ML22321A3152022-11-16016 November 2022
NEI Letter with Comments on Significance Determination Process Timeliness Review
ML22298A2262022-10-25025 October 2022
Endorsement of NEI 15-09, Cyber Security Event Notifications, Revision 1, Dated October 2022
ML22298A2302022-10-17017 October 2022
Submittal of NEI 22-03, Draft Revision 0, Nuclear Generation Quality Assurance Program Description
ML22207B6512022-07-26026 July 2022
NEI, Full Fee Exemption Request for Industry Guidance Proposal - Weather Related Administrative Controls During Transient Outdoor Dry Cask Operations
ML22195A1662022-07-14014 July 2022
NEI, Draft G of NEI 99-01, Development of Emergency Action Levels for Non-Passive Reactors, Revision 7
ML22195A0672022-07-13013 July 2022
Fee Exemption Request for Review and Meeting to Discuss Draft Nuclear Energy Institute Technical Report NEI 21-05, Reporting Guidance for Licensees with Risk-Informed Licensing Bases
ML22195A0202022-07-13013 July 2022
07-13-22 NRC Fee Exemption Request for NEI 21-05 Review
2024-09-09
[Table view] |
Text
Richard Mogavero Phone: 202.739.8174 Director, Incident Preparedness Email: rm@nei.org Technical & Regulatory Services
February 29, 2024
Mr. Jeffrey Bream Cybersecurity Branch Chief, Office of Nuclear Security and Incident Response U.S. Nuclear Regulatory Commission Washington, DC 20555-0001
Subject:
Endorsement of NEI 08-09 Revision 7, Changes to NEI 08-09 Cyber Security Plan for Nuclear Power Reactors
Project Number: 689
Dear Mr. Bream:
By letters dated May 5, 20101 and June 7, 20102, the Nuclear Regulatory Commission (NRC) found the Nuclear Energy Institute (NEI)3 guidance document NEI 08-09, Cyber Security Plan for Nuclear Power Reactors, Revision 6, dated April 2010, acceptable for use by licensees to comply with the requirements of 10 CFR 73.54.
Lessons learned through the implementation of cyber security programs over the years indicated that guidance improvements were necessary to enhance clarity, enable efficient and consistent implementation, and to support NRC oversight activities. Accordingly, NEI, on behalf of our members, submitted, and NRC approved, several addenda to NEI 08-09, Revision 64 and processed a number of Security Frequently Asked Questions (SFAQs). Additionally, NEI revised, and NRC approved NEI 10-04,
1 ML101190371, NEI 08-09, Revision 6, Inclusion of definition of Cyber Attack
2 ML101550052, NEI 08-09, Revision 6, Cyber Security Plan for Nuclear Power Reactors
3 The Nuclear Energy Institute (NEI) is responsible for establishing unified policy on behalf of its members relating to matters affecting the nuclear energy industry, including the regulatory aspects of generic operational and technical issues. NEIs members include entities licensed to operate commercial nuclear power plants in the United States, nuclear plant designers, major architect and engineering firms, fuel cycle facilities, nuclear materials licensees, and other organizations involved in the nuclear energy industry.
4 NEI 08-09, Revision 6, Cyber Security Plan for Nuclear Power Reactors (ML101190371)
NEI 08-09, Revision 6, Inclusion of definition of Cyber Attack (ML10550052)
NEI 08-09, Revision 6, Addendum 1, Cyber Security Plan for Nuclear Power Reactors (ML17079A379)
NEI 08-09, Revision 6, Addendum 2, Detection, Response, Elimination (ML17212A630)
NEI 08-09, Revision 6, Addendum 3, System and Services Acquisition (ML17249A798)
NEI 08-09, Revision 6, Addendum 4, Physical and Operational Environment Protection (ML17212A630)
NEI 08-09, Revision 6, Addendum 5, Vulnerability Identification, Scoring and Screening (ML18226A004)
TVM Whitepaper, Remediation of Vulnerabilities Identified in CDAs (ML23072A063)
OMA Whitepaper, Ongoing Monitoring and Assessment (ML23205A200)
Mr. Jeffrey Bream Nuclear Energy Institute February 29, 2024 Page 2
Identifying Systems and Assets Subject to the Cyber Security Rule, Revision 3; and to NEI 13-10, Cyber Security Control Assessments, Revision 75.
NEI 08-09, Revision 7 incorporates previously approved guidance and aligns with approved changes in NEI 10-04 and NEI 13-10. Also included in this revision are several conforming and clarifying updates associated with cybersecurity fundamentals in threat and vulnerability management, wireless communication technologies, critical group criteria, and ongoing monitoring and assessment.
NEI requests that the NRC review and endorse NEI 08-09, Revision 7, dated February 2024, by August 1, 2024, under the fee exemption request approved January 17, 20236. While each licensee must review changes to their NRC staff approved Cyber Security Plan in accordance with the requirements of 10 CFR 50.54(p), NEI requests that NRCs review confirm that the changes proposed in NEI 08-09, Revision 7 do not decrease the effectiveness of the cyber security plan provided in NEI 08-09, Revision 6.
If any revisions to this document are desired, please include suggested wording and the technical data to support the proposed change(s).
If you have any questions or require additional information, please contact David Feitl at (202) 739-8115 or dff@nei.org, or me.
Sincerely,
Rich Mogavero Director, Security & Incident Preparedness
c: Mr. Brian Yip, NSIR/DSO, NRC Mr. Greg Bowman, NSIR/DPCP, NRC NRC Document Control Desk
Attachment(s):
NEI 08-09, Revision 7 NEI 08-09, Rev 7 Control Families with Attack Vector Classifications
5 NRC approval for NEI 10-04 Revision 3 and NEI 13-10 Revision 7 was completed in October 2021 and December 2021 respectively.
NEI 10-04, Revision 3, Identifying Systems and Assets Subject to the Cyber Security Rule (ML22112A072)
NEI 13-10, Revision 7, Cyber Security Control Assessments (ML22112A139)
6 Fee Exemption Request for NEI 08-09 Revision 7, Changes to NEI 08-09 Cyber Security Plan for Nuclear Power Reactors (ML22348A112)