ML25344A078
| ML25344A078 | |
| Person / Time | |
|---|---|
| Site: | Palisades  |
| Issue date: | 12/10/2025 |
| From: | Fay K NRC/RGN-III/DORS/EB2 |
| To: | Mlynarek M Palisades Energy |
| References | |
| IR 2026401 | |
| Download: ML25344A078 (0) | |
Text
Michael Mlynarek Site Vice President, Palisades Energy, LLC Palisades Nuclear Plant 27780 Blue Star Memorial Hwy Covert, MI 49043-9530
SUBJECT:
PALISADES NUCLEAR POWER PLANT - INFORMATION REQUEST FOR THE CYBER-SECURITY BASELINE INSPECTION, NOTIFICATION TO PERFORM INSPECTION
Dear Mike Mlynarek:
On January 26, 2026, the U.S. Nuclear Regulatory Commission (NRC) will begin a baseline inspection in accordance with Inspection Procedure (IP) 81000.13 Cyber-Security Restart Inspection - Post-Fuel Load, Revision 0 at your Palisades Nuclear Power Plant. The inspection will be performed to evaluate and verify that the Palisades Nuclear Power Plants cybersecurity program is being properly reestablished to provide reasonable assurance that digital computer and communication systems and networks associated with safety, security, or emergency preparedness (SSEP) functions are adequately protected against cyberattacks in accordance with Title 10 of the Code of Federal Regulations (10 CFR), Part 73, Section 54, Protection of Digital Computer and Communication Systems and Networks, and the U.S. Nuclear Regulatory Commission (NRC) approved cybersecurity plan (CSP). The onsite portion of the inspection will take place January 26-30, 2026 and February 09-13,2026.
Experience has shown that baseline inspections are extremely resource intensive, both for the NRC inspectors and the licensee staff. In order to minimize the inspection impact on the site and to ensure a productive inspection for both parties, we have enclosed a request for documents needed for the inspection. These documents have been divided into two groups.
The first group specifies information necessary to assist the inspection team in planning for the inspection. It is requested that this information be provided to the lead inspector via mail or electronically no later than January 12, 2026.
The second group of information is necessary to aid the inspection team in tracking issues identified as a result of the inspection. It is requested that this information be provided to the lead inspector as the information is generated during the inspection. It is important that all of these documents are up to date and complete in order to minimize the number of additional documents requested during the preparation and/or the onsite portions of the inspection.
December 10, 2025
M. Mlynarek 2
The lead inspector for this inspection is Kevin Fay. We understand that our regulatory contact for this inspection is Ms. Salena Long from your organization. If there are any questions about the inspection or the material requested, please contact the lead inspector at 630-829-9866 or via email at Kevin.Fay@nrc.gov.
This letter does not contain new or amended information collection requirements subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). Existing information collection requirements were approved by the Office of Management and Budget, Control Number 3150-0011. The NRC may not conduct or sponsor, and a person is not required to respond to, a request for information or an information collection requirement unless the requesting document displays a currently valid Office of Management and Budget control number.
In accordance with 10 CFR 2.390, Public Inspections, Exemptions, Requests for Withholding, of the NRCs Rules of Practice, a copy of this letter and its enclosure will be available electronically for public inspection in the NRCs Public Document Room or from the Publicly Available Records (PARS) component of the NRCs Agencywide Documents Access and Management System (ADAMS). ADAMS is accessible from the NRC website at http://www.nrc.gov/reading-rm/adams.html (the Public Electronic Reading Room).
Sincerely, Kevin Fay, Senior Reactor Inspector Engineering Branch 2 Division of Operating Reactor Safety Docket No. 05000255 License No. DPR-20
Enclosure:
Palisades Nuclear Power Station Cyber-Security Inspection Document Request cc w/encl: Distribution via LISTSERV Signed by Fay, Kevin on 12/10/25
M. Mlynarek 3
Letter to Michael Mlynarek from Kevin Fay dated December 10, 2025.
SUBJECT:
PALISADES NUCLEAR POWER PLANT - INFORMATION REQUEST FOR THE CYBER-SECURITY BASELINE INSPECTION, NOTIFICATION TO PERFORM INSPECTION DISTRIBUTION:
Rodney Clagg RidsNrrPMPalisades Resource RidsNrrDorlLpl3 RidsNrrDroIrib Resource Jack Giessner Mohammed Shuaibi Diana Betancourt-Roldan John Pelchat Jared Heck Jennifer Dalzell R3-DORS ADAMS Accession Number: ML25344A078
SUNSI Review
Non-Sensitive
Sensitive
Publicly Available
Non-Publicly Available OFFICE RIII NAME KFay:anm DATE 12/10/2025 OFFICIAL RECORD COPY
Enclosure Inspection Report: 05000255/2026401 Inspection Dates (Onsite): January 26-30, 2026 February 09-13, 2026 Inspection Procedure:
IP 81000.13, Cyber-Security Restart Inspection - Post-Fuel Load, Revision 0 NRC Inspectors:
Kevin Fay, Lead 630-829-9866 Kevin.Fay@nrc.gov Musab AbuHamdan 630-829-9633 Musab.Abuhamdan@nrc.gov I.
RFI #1: Information Requested for In-Office Preparation The initial request for information concentrates on information required to evaluate the CSs/CDAs, defensive architecture, and the areas of the licensees CSP selected for the cyber-security inspection. The Table RFI #1 information is requested on the selected systems to be provided to the regional office by January 12, 2026, or sooner, to facilitate the selection of the specific items that will be reviewed and discussed during the onsite inspection weeks.
If a compact disk (CD) is provided, please provide four copies (one for each inspector/contactor). The preferred file format for all lists is a searchable Excel spreadsheet file. These files should be indexed and hyper-linked to facilitate ease of use. If you have any questions regarding this information, please contact the inspection team lead as soon as possible.
2 Table RFI #1 Request Items For the samples chosen for inspection provide:
1 Ongoing Monitoring and Assessment activity performed on the system(s) 03.01(a) 2 All Security Control Assessments for the selected system(s) 03.01(a) 3 The most recent effectiveness analysis of the Cyber-Security Program 03.01(b) 4 All vulnerability screenings/assessments associated with or scans performed on the selected system(s) since the last cyber-security inspection including vulnerability screening and assessments completed prior to putting new equipment into service as part of the select design changes.
03.01(c) 5 Provide the Network Architecture Diagram.
03.01(c) 6 Copies of the purchase order documentation for any new equipment purchased for the selected systems since the last inspection 03.01(c) 7 Documentation (including configuration files and rules sets) for Network-based Intrusion Detection/Protection Systems (NIDS/NIPS), Host-based Intrusion Detection Systems (HIDS),
and Security Information and Event Management (SIEM) systems for system(s) chosen for inspection 03.01(d) 8 Documentation (including configuration files and rule sets) for intra-security level firewalls and boundary devices used to protect the selected system(s) 03.01(e) 9 Access Control Procedures as required by Cyber-Security Program.
03.01(f)
3 In addition to the above information please provide the following:
(1) Name(s) and phone numbers for the regulatory and technical contacts.
(2) Current management and engineering organizational charts.
II.
RFI #2: Information Requested to Be Provided Throughout the Inspection (1) Copies of any corrective action documents generated as a result of the inspection teams questions or queries during the inspection.
(2) Copies of the list of questions submitted by the inspection team members and the status/resolution of the information requested (provided daily during the inspection to each inspection team member).
If you have any questions regarding the information requested, please contact the inspection team lead.
10 Baseline configuration data sheets for the selected CDAs 03.02(a) 11 Documentation on any changes, including Security Impact Analyses, performed on the selected system(s).
03.02(b) 12 Copy of any changes to CSP since Pre-Fuel Load inspection.
03.03(a) 13 Copies of any cyber-security drills performed since the last inspection, along with any reports or assessments generated.
03.03(b) 14 Copy of the individual recovery plan(s) for the selected system(s) including documentation of the results the last time the backups were executed.
03.03(b) 15 Corrective actions taken as a result of cyber-security incidents/issues to include previous NRC violations and Licensee Identified Violations since the last cyber-security inspection.
03.03(b) 16 Copies of training established as described in the CSP.
03.03(c)