ML25014A205
| ML25014A205 | |
| Person / Time | |
|---|---|
| Issue date: | 01/22/2025 |
| From: | Brooks M NRC/NSIR/DPCP/RSB |
| To: | Desiree Davis NRC/NSIR/DSO/SOSB |
| Shared Package | |
| ML25014A079 | List: |
| References | |
| ML25014A079 | |
| Download: ML25014A205 (1) | |
Text
.
MEMORANDUM TO:
Desiree Davis, Chief Security Oversight and Support Branch Division of Security Operations Office of Nuclear Security and Incident Response FROM:
Maury Brooks, Security Specialist Security Oversight and Support Branch Division of Security Operations Office of Nuclear Security and Incident Response
SUBJECT:
SUMMARY
OF THE BASELINE SECURITY SIGNIFICANCE DETERMINATION PROCESS PUBLIC MEETING HELD ON DECEMBER 18, 2024 Meeting Identifier: ML24339A056 Date of Meeting: December 18, 2024 Type of Meeting: This was an open discussion meeting. Industry and public participation were actively sought for this meeting to fully engage the public in a discussion of regulatory issues.
Purpose of Meeting: The U.S. Nuclear Regulatory Commission (NRC) staff will share the results of the Baseline Security Significance Determination Process (BSSDP) Phase I activities, including an overview of the working groups recommended path forward for revision of the BSSDP in Phase II.
General Details: The meeting was attended by NRC personnel and external stakeholders.
Representatives from the Nuclear Energy Institute, Dominion, Constellation, Entergy, Pacific Gas and Electric Company, and Excel were among the participants that identified themselves and provided comments or questions. The meeting started at 1:00 p.m. EDT and completed by 2:00 p.m. EDT, as scheduled. The meeting was held virtually over the Microsoft Teams application.
Summary of Presentation: The NRC provided a formal presentation for the meeting discussion. This presentation can be located at ML24366A035. No other participants provided a formal presentation.
CONTACT: Maury Brooks, NSIR/DSO/SOSB (301) 415-3075 January 22, 2025 Signed by Brooks,Maury on 01/22/25
D. Davis 3
=
Background===
In calendar year 2023, NRC staff began reviewing the BSSDP to determine whether any aspects of the tool can be improved or further risk-informed. A working group (WG) of subject matter experts from various NRC offices is currently taking a phased approach to reviewing the BSSDP. The WG includes a physical security inspector from each NRC region, staff from the Office of Nuclear Security and Incident Response, the Technical Training Center, the Office of Enforcement, and the Office of Nuclear Reactor Regulation.
The staff solicited feedback on the current BSSDP from NRC security inspectors through an internal survey and discussions during annual security inspector counterpart meetings. In Phase I, the WG analyzed internal survey results, identified areas of perceived subjectivity and inconsistency within the BSSDP, and developed options to address the feedback and further risk-inform the BSSDP. The WG also considered feedback from external stakeholders in the development of its options and recommendations.
Four options were considered in Phase I by the working group:
1.
Develop a new BSSDP 2.
Revise the existing BSSDP 3.
Clarify existing BSSDP guidance (i.e., IMC 0609, Appendix E, Part 1) 4.
Status quo In November 2024, staff began Phase II to revise the BSSDP (Option 2). The NRC presented information at this public meeting that described the staffs approach for revising the BSSDP to include the following:
1.
Discontinue use of figures 7-11 for the processing of physical security findings and increase reliance on the Significance Screen (Figure 4), to include adding more examples.
2.
Explore additional entry criteria for Figure 4 and further define low/medium/high thresholds.
3.
Address the main concerns from the inspector survey results and feedback from external stakeholders (subjectivity and complexity).
4.
Preserve and enhance the assessment tools, such as the significance screen, that are more straightforward and user friendly, to achieve the significance determination that would most closely align with the risk significance Option 2 will also include the improvements described in Option 3 (i.e., clarifying guidance).
The BSSDP working group will use the Principles of Good Regulation, and the Be riskSMART framework to revise the BSSDP.
Industry Input/Comments After the initial introduction and presentation by the NRC, various external stakeholders provided feedback regarding the WGs proposed recommendation. The following information is a high-level summary of the comments and suggestions offered by external stakeholders and are not verbatim:
3 D. Davis Commenter supported the NRCs presentation and specifically noted the positive aspects of further exploring human performance issues versus programmatic issues of concern and the differences related to significance determination.
Commenter asked that the Critical Group, and aspects of that group related to Unescorted Access Authorization be explored further related to determining final significance for issues of concern.
Commenter asked that Exploitability be better defined and assessed more specifically regarding performance deficiencies that could not have been known by the licensee and subsequently were not protected by the licensee such as unattended openings that were not known and/or depicted on a facility drawing.
Commenter asked that the rules of engagement for NRCs Force-on-Force (FOF)
Inspection Program be considered when determining final significance for certain issues of concern identified during other NRC baseline inspections versus during the conduct of the NRCs FOF inspection. For example, during the NRCs FOF inspection the licensee insider element is required to provide the mock adversary force Safeguards Information, including lock and key information, to support the planning of the mock attack on the facility. The licensees protective strategy is evaluated by the NRC during an FOF inspection and must demonstrate adequate protection of the facility with that insider information already known and able to be used by a mock adversary force. The commenter requested that staff consider the significance determination of such issues of concern for a licensees physical security program, and that the significance be adjusted accordingly based on compliance with existing requirements for licensees to demonstrate an adequate protective strategy of the facility.
Commenter requests the NRC consider the use of the Very Low Safety Significance Issues Resolution process in Phase II of the BSSDP Revision.
Commenter wanted to remind the NRC that the proposal to discontinue the use of BSSDP worksheets, specifically figures 7-11, may have an impact on cyber security inspections and identification of certain issues of concern during these inspections.
Next Steps The BSSDP WG will develop and submit specific revisions to the BSSDP for Commission approval at the conclusion of the Phase II effort. Updates to the Phase II WG activities will be provided to the industry and the public during the NRCs Regulatory Information Conference in March 2025 and at the next BSSDP public meeting planned for June 2025.
Conclusion At the end of the meeting, NRC staff and management gave closing remarks.
The enclosure provides the attendance list for this meeting.
Enclosure:
As stated,
ML25014A079; Memo ML25014A205 OFFICE NRC/NSIR/DPCP
/RSB NSIR/DSO/SOSB NRC/NSIR/DPCP
/RSB NAME MBrooks DDavis MBrooks DATE Jan 15, 2025 Jan 17, 2025 Jan 22, 2025