NRC-03-0054, Commercial Data Encryption System Required by 10 CFR 73.21 (g)(3)

From kanterella
(Redirected from NRC-03-0054)
Jump to navigation Jump to search
Commercial Data Encryption System Required by 10 CFR 73.21 (g)(3)
ML031700589
Person / Time
Site: Fermi DTE Energy icon.png
Issue date: 06/13/2003
From: O'Connor W
DTE Energy
To:
Document Control Desk, Office of Nuclear Reactor Regulation
References
NRC-03-0054
Download: ML031700589 (3)
v  d  e


Text

William T. O'Connor, Jr.

Vice President, Nuclear Generation Fermi 2 6400 North Dixne Hwy., Newport, Michigan 48166 Tel: 734-586-5201 Fax: 734-5864172 DYE Energy-10 CFR 73.21 June 13, 2003 NRC-03-0054 U. S. Nuclear Regulatory Commission Attention: Document Control Desk Washington D C 20555-0001

References:

1) Fermi 2 NRC Docket No. 50-341 NRC Operating License No. NPF-43
2) NRC Regulatory Issue Summary 2002-15, "NRC Approval of Commercial Data Encryption Systems for the Electronic Transmission of Safeguards Information," dated August 28, 2002.

Subject:

Commercial Data Encryption System Required by 10 CFR 73.21(g)(3)

The NRC provided guidance in Reference 2 for obtaining NRC approval of commercial data encryption systems for the electronic transmission of Safeguards Information (SGI). Based on this guidance, and as required by 10 CFR 73.21(g)(3),

Detroit Edison requests authorization to use the Privatel Model 960 and software v6.01 electronic data encryption device for this purpose. The Privatel Model 960 and software v6.01 are commercially available and have been validated by the National Institute of Standards and Technology (NIST) as conforming to Federal Information Processing Standard (FIPS) 140-1.

Detroit Edison has established and will maintain an information protection system that includes the measures specified in paragraphs (b) through (i) of 10 CFR 73.21.

soS3

NRC-03-0054 June 13, 2003 Page 2 of 3 Written procedures will be developed that will include: access controls; where and when encrypted communications can be made; how encryption keys, codes, and passwords will be protected from compromise; actions to be taken if the encryption keys, codes, or passwords are, or are suspected to have been, compromised; and how the identity and access authorization of the recipient will be verified. These procedures will be approved prior to any use of the requested encryption system.

It is understood that NRC approval to use a commercially available encryption system is contingent upon the system remaining on the NIST list of approved encryption systems; and that it is our responsibility to verify same, prior to each use.

It is further understood that the guidance contained in the Reference 2 does not alter or revise any current regulatory requirements for the protection of SGI.

Should you have any questions or require additional information, please contact Mr. Joseph Korte, Manager, Nuclear Security, at (734) 586-1095.

Sincerely, cc: M. A. Ring J. F. Stang, Jr.

NRC Resident Office Regional Administrator, Region III Supervisor, Electric Operators, Michigan Public Service Commission

NRC-03-0054 June 13, 2003 Page 3 of 3 bcc: G. D. Cerullo D. K. Cobb R. W. Libra N. K. Peterson M. A. Philippon L. D. Sanders S. Stasek Electronic Licensing Library (ELL) (200 TAC)

Information Management (140 NOC)

Michigan Department of Environmental Quality Hazardous Waste and Radiological Protection Section NSRG Secretary/ISEG Coordinator (200 TAC)

NRR Chron File P. D. Kusumawati T. P. Stack

Retrieved from "https://kanterella.com/w/index.php?title=NRC-03-0054,_Commercial_Data_Encryption_System_Required_by_10_CFR_73.21_(g)(3)&oldid=2654836"