RIS 2016-12, NRC Employee Access to Switchyards at Licensee Facilities
| ML16154A034 | |
| Person / Time | |
|---|---|
| Issue date: | 11/22/2016 |
| From: | Michael Cheok, Lund A Division of Construction Inspection and Operational Programs, Division of Policy and Rulemaking |
| To: | |
| Schwab A | |
| References | |
| TAC MF7566 RIS-16-012 | |
| Download: ML16154A034 (5) | |
UNITED STATES
NUCLEAR REGULATORY COMMISSION
OFFICE OF NUCLEAR REACTOR REGULATION
OFFICE OF NEW REACTORS
WASHINGTON, DC 20555-0001 November 22, 2016 NRC REGULATORY ISSUE SUMMARY 2016-12 NRC EMPLOYEE ACCESS TO SWITCHYARDS AT LICENSEE FACILITIES
ADDRESSEES
All holders of, and applicants for, an operating license for a nuclear power reactor under Title 10
of the Code of Federal Regulations (10 CFR) Part 50, Domestic Licensing of Production and Utilization Facilities, except those that have permanently ceased operations and have certified that fuel has been permanently removed from the reactor vessel.
All holders of, and applicants for, a power reactor combined license under 10 CFR Part 52, Licenses, Certifications, and Approvals for Nuclear Power Plants.
INTENT
The U.S. Nuclear Regulatory Commission (NRC) is issuing this regulatory issue summary (RIS)
to inform addressees about the North American Electric Reliability Corporation (NERC) position on unescorted physical access by NRC employee(s) to portions of a nuclear power plant that contain NERC-jurisdictional components. This RIS requires no action or written response on the part of an addressee.
BACKGROUND INFORMATION
Section 215 of the Federal Power Act requires NERC, as the Electric Reliability Organization, to develop mandatory and enforceable Reliability Standards, which are subject to Federal Energy Regulatory Commission (FERC) review and approval. NERC Reliability Standards define the reliability requirements for planning and operating the North American bulk electric system (BES). They are developed using a results-based approach that focuses on performance, risk management, and entity capabilities. Reliability Standards are enforceable in all interconnected jurisdictions in North America.
NERCs cybersecurity Critical Infrastructure Protection (CIP) Reliability Standard CIP-004 includes requirements related to the performance of personnel risk assessments (PRAs) before individuals are granted unescorted physical access to BES Cyber Systems. The NERC
Glossary of Terms Used in Reliability Standards, updated August 17, 2016, defines BES
Cyber Systems as one or more BES Cyber Assets logically grouped by a responsible entity to perform one or more reliability tasks for a functional entity. The switchyard of a nuclear power plant is one of the areas in which BES Cyber Systems are located.
SUMMARY OF ISSUE
In 2015, several NRC resident inspectors informed NRC management that they were having issues with gaining unescorted access to the switchyard at their plants. NRC licensees cited NERC Reliability Standard CIP-004 as their basis to deny unescorted access to the switchyard.
(Before the enactment of this standard, NRC inspectors were granted access to the switchyards without the presence of accompanying licensee personnel.) This Reliability Standard requires the performance of a PRA before individuals are granted unescorted physical access to BES
Cyber Systems, which are located at the switchyard, among other places. The PRA would impose the need to perform additional security clearance or access control for NRC staff.
Licensees were informing the resident inspectors that they needed to obtain additional security clearance background checks through the PRA (above the Office of Personnel Management clearance that the NRC inspectors already have).
The NRC staff communicated with NERC staff to clarify this matter. The NRC and NERC have a memorandum of understanding that establishes and coordinates the roles and responsibilities of each organization as they relate to the application of their respective cyber security requirements for the protection of digital assets and physical security at commercial nuclear power plants operating in the United States.
In a letter dated March 10, 2016 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML16084A070), NERC informed NRC of its position on this issue in order for the agency to inform licensees subject to NRC jurisdiction, and provided the following clarification:
For purposes of a licensees compliance with Reliability Standard CIP-004, Requirement R3, the licensee shall not be required to perform a PRA for NRC
employee(s) prior to granting unescorted access per CIP-004-6 Requirement R3, nor shall the licensee be required to maintain records of PRA details for those NRC employees, provided that the licensee has verified that the NRC employee for which unescorted access would be granted (i) holds valid, current NRC
credentials, (ii) holds an L or Q level clearance, and (iii) has successfully undergone an NRC background check. Consistent with Federal Energy Regulatory Commission precedent, the NRC background checks for NRC
inspectors are at least equal to those required by the CIP standards and, in turn, may be accepted in lieu of a separate PRA.
NERC also clarified that the licensees must continue to comply with all other applicable requirements of Reliability Standard CIP-004 to approve unescorted access to NRC employees as discussed below (i.e., these requirements are the same requirements that apply to licensees employees). If the below requirements are not met, NRC employees and contractors may still obtain access to the switchyard if they are escorted by someone who does meet all of the requirements, as designated by the licensee (the escort may be an NRC employee who meets all of the requirements).
- Provide the NRC employee for whom unescorted access would be granted security awareness material every 3 months (CIP-004, Requirement R1).
- Provide the NRC employee for whom unescorted access would be granted applicable site-specific or company-specific training before granting the NRC employee unescorted physical access (and repeat the training every 15 months for continued authorization for unescorted access) (CIP-004, Requirement R2).
- Before granting unescorted physical access to any NRC employee, verify that the NRC
employee for whom unescorted access would be granted is performing an official NRC
activity under the agencys statutory authority (CIP-004, Requirement R4).
- Maintain records of access authorization (CIP-004, Requirement R4).
- Review the authorization for NRC employees for whom unescorted access has been granted every calendar quarter (CIP-004, Requirement R4).
- Revoke access authorization, within the specified time period, for NRC employees who were granted unescorted access but no longer meet the criteria for such access (CIP-004, Requirement R5).
In summary, NERC has provided clarification of its position with respect to requiring PRAs for NRC staff prior to granting such staff unescorted physical access to BES Cyber Systems.
NERC has stated that, consistent with FERC precedent, NRC background checks and security clearances for NRC inspectors are at least equal to those required by CIP standards and may, in turn, be accepted in lieu of a separate PRA.
BACKFITTING AND ISSUE FINALITY
This RIS informs nuclear power plant licensees (including holders of combined licenses under Part 52) about the NERC position that unescorted physical access may be provided to NRC
employee(s) to portions of a nuclear power plant that contain NERC-jurisdictional components, including switchyards, under certain conditions as set forth in a March 10, 2016 letter from NERC to the NRC (ADAMS Accession No. ML16084A070).
This RIS requires no immediate action or any written response by licensees. In addition, the subject matter of the RIS is not within the purview of the backfit rule or issue finality provisions in Part 52, inasmuch as: (i) the RIS addresses how the licensees may comply with NERC
requirements governing access, not NRC requirements; and (ii) the guidance on compliance with NERC access requirements was developed by NERC, not the NRC-the NRC is merely conveying the guidance developed by NERC.
For these reasons, the RIS is not subject to further backfitting or issue finality consideration, and no backfit analysis was prepared for this RIS.
FEDERAL REGISTER NOTIFICATION
A notice of opportunity for public comment on this RIS was not published in the Federal Register because this RIS is informational and does not represent a departure from current regulatory requirements.
CONGRESSIONAL REVIEW ACT
This RIS is not a rule as defined in the Congressional Review Act (5 U.S.C. §§ 801-808).
PAPERWORK REDUCTION ACT STATEMENT
This RIS does not contain new or amended information collection requirements that are subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.).
CONTACT
Please direct any questions about this matter to the technical contact or the lead project manager listed below.
/RA/ /RA/
Michael C. Cheok, Director Louise Lund, Director Division of Construction and Division of Policy and Rulemaking Inspection Regional Programs Office of Nuclear Reactor Regulation
Technical Contact:
Tania Martinez-Navedo, NRR
301-415-6561 e-mail: tania.martinez-navedo@nrc.gov Lead Project Manager Contact: Alexander Schwab, NRR
301-415-8539 e-mail: alexander.schwab@nrc.gov Note: NRC generic communications may be found on the NRC public Web site at http://www.nrc.gov, under NRC Library/Document Collections.
ML16154A034 *via email TAC No. MF7566 OFFICE NRR/DE/EEEB/TL* NRR/DE/EEEB/TL* Tech Editor (QTE)* NSIR/DSO/SOSB/BC* NSIR/DSP/RSB/BC*
ARivera NAME TMartinez-Navedo NOtto JDougherty DHuyck (MResner for)
DATE 08/29/2016 08/26/2016 08/29/2016 08/26/2016 08/23/2016 OFFICE NRR/DIRS/IRIB/BC* NRO/DCIP/CIPB* NRR/DE/EEEB/BC* NSIR/DSO/D* NSIR/DSP/D*
MLayton MGalloway NAME CRegan RLukes JZimmerman (APretzello for) (CJohnson for)
DATE 08/30/2016 08/25/2016 08/26/2016 08/26/2016 08/26/2016 OFFICE NSIR/CSD/D* NRR/DIRS/D* NRR/DE/D* OE/EB/BC* OCIO*
JAndersen NAME (JBeardsley for) CMiller JLubinski RFretz DCullison DATE 08/26/2016 09/16/2016 09/01/2016 09/21/2016 09/22/2016 OFFICE NRR/PMDA* OGC* NRR/DPR/PGCB/PM* NRR/DPR/PGCB/LA* NRR/DPR/PGCB/PM*
NAME LHill JMaltese ASchwab ELee SStuchell DATE 09/14/2016 10/28/2016 10/31/2016 11/01/2016 11/02/2016 OFFICE NRO/DCIP/D NRR/DPR/D
NAME MCheok LLund DATE 11/08/2016 11/22/2016