Advance Act Section 507: NRC Recommendations for Security

ML25027A321
Person / Time
Issue date:	01/29/2025
From:	Jeremiah Rey NRC/NSIR/DSO/SOSB
To:
References
Download: ML25027A321 (27)
v • d • e

Text

ADVANCE ACT Section 507:

NRC Recommendations for Security January 29, 2025 ROP Bi-Monthly Public Meeting

Section 507 of the ADVANCE ACT:

Implications for Security?

In response to Section 507 of the ADVANCE ACT, the Office of Nuclear Security and Incident Response (NSIR) is conducting a thorough review and assessment of the physical security oversight and inspection program to identify efficiencies, eliminate redundancies, and standardize routine processes while ensuring a risk-informed, performance-based approach to security oversight and inspection functions.

2

NSIR Physical Security Crosswalk Matrix 3

Section 507 Action Action Action Action Action Action (b) REPORT. Not later than 1 year after the date of enactment of this Act, the Commission shall develop and submit to the appropriate committees of Congress a report that identifies specific improvements to the nuclear reactor and materials oversight and inspection programs carried out pursuant to the Atomic Energy Act of 1954 (42 U.S.C. 2011 et seq.) that the Commission may implement to maximize the efficiency of such programs through, where appropriate, the use of risk-informed, performance-based procedures, expanded incorporation of information technologies, and staff training.

Project team is developing (c) STAKEHOLDER INPUT. In developing the report under subsection (b), the Commission shall, as appropriate, seek input from (1) other Federal regulatory agencies that conduct oversight and inspections; (2) the nuclear energy industry; (3) nongovernmental organizations; and (4) other public stakeholders.

Project team has solicited feedback from other federal agencies, NEI, nongovernmental organizations; and public stakeholders (d) CONTENTS. The report submitted under subsection (b) shall (1) assess specific elements of oversight and inspections that may be modified by the use of technology, improved planning, and continually updated risk-informed, performance-based assessment, including (A) use of travel resources; (B) planning and preparation for inspections, including entrance and exit meetings with licensees; (C) document collection and preparation, including consideration of whether nuclear reactor data are accessible prior to onsite visits or requests to the licensee and that document requests are timely and within the scope of inspections; and Initiative #1-(d)(1)(A), (B), and (C) Revise the inspection frequency for IP 71130.07 Security Training from biennial to triennial.

Initiative #3, (d)(1)(A),(B) and (C), Develop an inspection schedule for security baseline inspections to reduce travel costs and maximize time on-site.

Initiative #4, (d)(1)(B) and (C),

Develop a standard request for information list for each IP.

Initiative #6, (d)(1)(A) and (B),

SRM-COMSECY 19-0006 (FOF Revisions)

Reduces inspection procedure (IP) 71130.03 Force-on-Force inspection program from 2 NRC conducted exercises to 1 exercise.

Initiative #7, (d)(1)(B) and (C),

Revise the Baseline Security Significance Determination Process (BSSDP).

FF Initiative #1, (d)(1)(A),(B),and (C),

Evaluate all CAT I physical security IPs to identify and remove any redundancies.

Additionally, Keep IP 81700.05 and 81700.11 and eliminate 81700.06.

4

Section 507 Action Action Action Action Action Action Action (d) CONTENTS. The report submitted under subsection (b) shall (1) assess specific elements of oversight and inspections that may be modified by the use of technology, improved planning, and continually updated risk-informed, performance-based assessment, including (D) the cross-cutting issues program; This item is being developed by the project team.

(d)(2) identify and assess measures to improve oversight and inspections, including (A) elimination of areas of duplicative or otherwise unnecessary activities; (B) increased use of templates in documenting inspection results; and Initiative #6, (d)(2)(A), SRM-COMSECY 19-0006 (FOF Revisions)

Reduces inspection procedure (IP) 71130.03 Force-on-Force inspection program from 2 NRC conducted exercises to 1 exercise.

Initiative #8, (d)(2), Enhance the Security Issues Forum (SIF) process.

Initiative #9, (d)(2)(A),

Removed IP 71130.06 Protection of Safeguards Information from the baseline inspection program and placed it in IMC 2201 Appendix C (generic, special, and infrequent inspections).

FF Initiative #1, (d)(2)(A),

Evaluate all CAT I physical security IPs to identify and remove any redundancies.

Additionally, Keep IP 81700.05 and 81700.11 and eliminate 81700.06.

FF Initiative #2, (d)(2)(A),

Redesignate IP 81700.10 Safeguards Information (SGI) to an as needed IP and move select relevant inspection requirements from IP 81700.10 to IP 81700.02 Access Control.

FF Initiative #3, (d)(2)(B),

Revise template language in the reactor program system (RPS) for CAT I fuel facilities to align with power reactor template language.

FF Initiative #4, (d)(2)(B), Revise IMC 0616, Fuel Cycle Safety and Safeguards Inspection Reports to include language that would allow physical security inspection reports to contain different information than non-security reports.

5

Section 507 Action Action Action (d)(2)(C) periodic training of Commission staff and leadership on the application of risk-informed criteria for (i) inspection planning and assessments; (ii) agency decision-making processes on the application of regulations and guidance; and (iii) the application of the Commissions standard of reasonable assurance of adequate protection; The project team is working on this item in conjunction with the Technical Training Center (d)(3) assess measures to advance risk-informed procedures, including (A) increased use of inspection approaches that balance the level of resources commensurate with safety significance (B) increased review of the use of inspection program resources based on licensee performance; Initiative #2- (d)(3)(A) and (B)

Perform a risk informed evaluation of all inspection requirements in security baseline IPs to validate prioritization (i.e., Tier I, II, and III)

Initiative #5, (d)(3)(A), Expand the language in Inspection Manual Chapter (IMC) 0612 for Very Low Safety Significance Issue Resolution (VLSSIR) to add clarity for security related inspection issues of concern.

Initiative #7, (d)(3)(A), Revision of the Baseline Security Significance Determination Process (BSSDP).

(d)(3) assess measures to advance risk-informed procedures, including (C) expansion of modern information technology, including artificial intelligence and machine learning, to risk-inform oversight and inspection decisions; The project team is working on this item.

(d)(3)(D), updating the Differing Professional Views or Opinions process to ensure any impacts on agency decisions and schedules are commensurate with the safety significance of the differing opinion; The project team is working on this item in conjunction with the Office of Enforcement 6

Section 507 Action (d)(4) assess the ability of the Commission, consistent with the mission of the Commission, to enable licensee innovations that may advance nuclear reactor operational efficiency and safety, including the criteria of the Commission for timely acceptance of licensee adoption of advanced technologies, including digital technologies; The project team is working this on this item.

(d)(5) identify recommendations resulting from the assessments described in paragraphs (1) through (4);

The project team will finalize this item by the end of the project (d)(6) identify specific actions that the Commission may take to incorporate into the training, inspection, oversight, and licensing activities, and regulations, of the Commission, without compromising the mission of the Commission, the recommendations identified under paragraph (5); and The project team will finalize this item by the end of the project (d)(7) describe when the actions identified under paragraph (6) may be implemented.

The project team will finalize this item by the end of the project 7

Security Initiatives for Operating Reactors 8

NSIR Oversight and Inspection Initiative 1 for Operating Rx Revise the inspection frequency for IP 71130.07 Security Training from biennial to triennial.

• Inspection finding data supports this proposal.

• Interviews conducted with senior physical security inspectors also support this proposal.

Evaluate the frequency of all security inspection procedures. This would include consideration for inspection frequencies to be greater than triennial.

Planned implementation: Start of 10th ROP triennial cycle CY 2026 Link to ADVANCE Act: Travel resources, inspection planning/preparation, use of technology/data, preparation/documentation time (Section 507 (d)(1)(A), (B), and (C))

9

NSIR Oversight and Inspection Initiative 2* for Operating Rx

• Perform a risk-informed evaluation of all inspection requirements in security baseline IPs to validate prioritization (i.e., Tier I, II, and III)

• This will be covered during the ROP Re-baseline option (as discussed during the 1/15 public meeting).

• Link to ADVANCE Act: Risk-inform procedures, balance level of resources with safety significance, review inspection resources based on licensee performance (Section 507 (d)(3)(A) and (B))

• Commission Approval Required 10

NSIR Oversight and Inspection Initiative 3 for Operating Rx

• Develop an inspection schedule for security baseline inspections to reduce travel costs and maximize time on-site.

• For instance, IPs 71130.02,.05, and.14 would be inspected during the same week, possibly reducing two additional trips to the site.

• Increase consistency across the regions.

IP 71130.02-Access Control IP 71130.05-Protective Strategy Evaluation and Performance Evaluation Program IP 71130.14-Review of Power Reactor Target Sets 11

NSIR Oversight and Inspection Initiative 3 for Operating Rx (cont.)

• Planned implementation: CY 2027

• Inspection schedules and licensee drill dates are already developed for CY 2026. This timeline will allow the regions to coordinate with licensees.

• Link to ADVANCE Act: Travel resources, inspection preparation/documentation time, documentation collection time (Section 507 (d)(1)(A),(B)and (C))

12

NSIR Oversight and Inspection Initiative 4 for Operating Rx

• Develop a standard request for information template for each IP.

• Planned implementation: CY 2025

• Link to ADVANCE Act: Inspection Preparation/documentation time, documentation collection time (Section 507 (d)(1)(B)and (C))

13

NSIR Oversight and Inspection Initiative 5 for Operating Rx

• Expand the language in Inspection Manual Chapter (IMC) 0612 for Very Low Safety Significance Issue Resolution (VLSSIR) to add clarity for security related inspection issues of concern.

• Planned implementation: Late CY 2025

• Link to ADVANCE Act: Level of resources commensurate with the safety significance (Section 507 (d)(3)(A))

14

NSIR Oversight and Inspection Initiative 6* for Operating Rx

• SRM was already underway prior to the release of the ADVANCE ACT; implementation will incorporate the ADVANCE ACT goals.

• SRM-COMSECY 19-0006 (FOF Revisions)

• Reduces inspection procedure (IP) 71130.03 Force-on-Force (FOF) inspection program from 2 NRC conducted exercises to 1 exercise.

• Reduction of hours in IP 71130.03 from 393 hours0.00455 days <br />0.109 hours <br />6.498016e-4 weeks <br />1.495365e-4 months <br /> to 275 hours0.00318 days <br />0.0764 hours <br />4.546958e-4 weeks <br />1.046375e-4 months <br />.

• Planned implementation: Start of Triennial FOF Cycle 9 (CY 2026)

• Commission Approval Received 15

NSIR Oversight and Inspection Initiative 6* for Operating Rx (cont.)

• Incorporated additional enhancements to eliminate inspection redundancies, enhance guidance for inspection planning and performance, reduce impact of licensee and NRC resources.

• Link to ADVANCE Act: Travel resources, inspection planning/preparation, preparation/documentation time, elimination of duplicative activities (Section 507 (d)(1)(A), (B),

and (C) and (d)(2)(A))

• Commission Approval Received 16

NSIR Oversight and Inspection Initiative 7* for Operating Rx

• Revision of the Baseline Security Significance Determination Process (BSSDP)

This will address internal and external feedback and incorporate additional risk insights to achieve a result that more closely aligns with the risk significance of a security finding.

Facilitate uniform application across all regions and achieve consistent, repeatable, and predictable results.

• Commission Approval Required 17

NSIR Oversight and Inspection Initiative 7* for Operating Rx (cont.)

• Commission approval required. Staff will submit a SECY paper in October 2025.

• Link to ADVANCE Act: Risk-informed, performance-based assessment, preparation/documentation time, inspection approach with the level of resources commensurate with safety significance (Section 507 (d)(1)(B), (C), and (3)(A))

• Commission Approval Required 18

NSIR Oversight and Inspection Initiative 8 for Operating Rx

• Enhance the Security Issues Forum (SIF) process.

• Assist in facilitating consistency across all regions.

• Reduce hours spent on evaluating inspection issues.

• Planned implementation: CY 2025

• Link to ADVANCE Act: Improve oversight and inspections (Section 507 (d)(2))

19

NSIR Oversight and Inspection Initiative 9 for Operating Rx

• Removed IP 71130.06 Protection of Safeguards Information from the baseline inspection program and placed it in IMC 2201 Appendix C (generic, special, and infrequent inspections).

• Protection of Safeguards Information was redesignated as IP 81822 effective September 1, 2024.

• Link to ADVANCE Act: Improve oversight and inspections (Section 507 (d)(2)(A))

20

NSIR Oversight and Inspection Initiative 10 for Operating Rx

• Cybersecurity Inspections

• Evaluation of Inspection frequency and resources

• Revision of inspection procedure and request for information (RFI) document

• Use of risk informed principles as much as possible

• Adopting modern tools to reduce amount of information requested for inspections

• Cybersecurity Inspections are part of the ROP

• Changes to the ROP will also apply to the cybersecurity inspection program

• Link to ADVANCE Act: Improve oversight and inspections (Section 507 (d)(2)(A))

21

Security Initiatives for Fuel Cycle Facilities 22

NSIR Oversight and Inspection Initiative 1 for Fuel Cycle Facilities Evaluate all CAT I physical security IPs to identify and remove any redundancies.

Evaluate the combination and elimination of three protective strategy-specific IPs.

• Keep IPs 81700.05 and 81700.11.

• Eliminate IP 81700.06.

• Disperse elements of IP 81700.06 into 81700.05 and 81700.11.

• Planned implementation: CY 2027 or sooner.

• Link to ADVANCE Act: Reduction in inspection effort (20+ hours),

preparation/documentation and reduce travel costs. (Section 507 (d)(1)(A), (B), (C) and (d)(2)(A))

IP 81700.05, Category I Fuel Cycle Facility Physical Protection and Protective Strategy IP 81700.06, Licensee Conducted Force-on-Force Exercises at Category I Fuel Cycle Facilities IP 81700.11, Annual Observation of Licensee Conducted Force-on-Force Exercises at Category I Fuel Cycle Facilities 23

NSIR Oversight and Inspection Initiative 2 for Fuel Cycle Facilities

• Redesignate IP 81700.10 Safeguards Information (SGI) to an as needed IP.

• Move select relevant inspection requirements from IP 81700.10 to IP 81700.02 Access Control.

• This will reduce direct inspection effort, inspection preparation and documentation time.

• Planned implementation: CY 2026

• Link to ADVANCE Act: Improve oversight and inspections, eliminate duplicative activities (Section 507 (d)(2)(A))

24

NSIR Oversight and Inspection Initiative 3 for Fuel Cycle Facilities

• Revise template language in the reactor program system (RPS) for CAT I fuel facilities to align with power reactor template language for physical security reports.

• This will reduce documentation time for physical security inspection reports.

• Planned implementation: Mid-CY 2025

• Link to ADVANCE Act: Increase use of templates in documentation (Section 507 (d)(2)(B))

25

NSIR Oversight and Inspection Initiative 4 for Fuel Cycle Facilities

• Revise IMC 0616, Fuel Cycle Safety and Safeguards Inspection Reports to include language that would allow physical security inspection reports to contain different information than non-security reports.

• This would increase consistency across physical security inspections and align fuel cycle physical security inspection reports with power reactor and ISFSI physical security inspection reports.

• Planned implementation: Late CY 2025

• Link to ADVANCE Act: Increase use of templates in documentation (Section 507 (d)(2)(B))

26

Questions?