NG-09-0635, License Amendment Request (TSCR-121), Request for Approval of the Cyber Security Plan: Difference between revisions
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
||
| Line 18: | Line 18: | ||
=Text= | =Text= | ||
{{#Wiki_filter:NEXTera ENERG-7Y, 41 ARNOLD SECURITY RELATED INFORMATION WITHHOLD FROM PUBLIC DISCLOSURE UNDER 10 CFR 2.390 November 19, 2009 NG-09-0635 10 CRF 50.90 10 CFR 50. | {{#Wiki_filter:NEXTera M | ||
Request for Approval of the Duane Arnold Enerqy Center/NextEra | NEXTera ENERG-7Y,41 ENERGV~ | ||
~ DUANE """" | |||
ARNOLD SECURITY RELATED INFORMATION RELATED INFORMATION WITHHOLD WITHHOLD FROM PUBLIC DISCLOSURE UNDER PUBLIC DISCLOSURE UNDER 10 CFR 2.390 2.390 November November 19, 2009 NG-09-0635 NG-09-0635 10 CRF 50.90 50.90 10 CFR 50.4 50.4 U. S. Nuclear Nuclear Regulatory Regulatory Commission ATTN: Document Control Desk Washington, Washington, DC 20555-0001 Duane Arnold Energy Energy Center Docket No. 50-331 DPR-49 License No. DPR-49 Amendment Request License Amendment Request (TSCR-121): | |||
(TSCR-121): Request for Approval of the Duane Arnold Arnold Enerqy Center/NextEra Energy Center/NextEra EnergyEnerqV Duane Duane Arnold, Arnold, LLC Cyber Security Plan In accordance In accordance with the provisions of 10 CFR 50.4 and 10 CFR 50.90, NextEra NextEra TM | |||
' Energy Energy Duane Arnold, LLC (hereafter NextEra NextEra Energy Duane Arnold) hereby submitting Duane Arnold) is hereby submitting aa request for amendment amendment to the Operating Operating License (OL) for the Duane Arnold Energy License (OL) Energy Center (DAEC)/NextEra Energy Center (DAEC)/NextEra Energy Duane Arnold. This proposed amendment amendment requests NRC approval of the NextEra Energy Energy Duane Arnold Cyber SecuritySecurity Plan, provides provides an implementation schedule, and adds a sentence implementation sentence to the existing Protection existing OL Physical Protection license condition condition to require NextEra EnergyEnergy Duane Arnold to fully implement and maintain in effect all provisions of the Commission Commission approved approved Cyber Security Plan. | |||
Enclosure 3 to this letter contains sensitive information information Withhold from public disclosure under under 10 CFR 2.390. | |||
2.390. | |||
Upon removal of Enclosure Enclosure 3, this letter is decontrolled. | |||
letter decontrolled. | |||
NextEra Energy Duane Arnold, Arnold, LLC, 3277 DAEC Road, Palo, IA IA52324 | |||
SECURITY RELATED SECURITY RELATED INFORMATION INFORMATION WITHHOLD FROM WITHHOLD DISCLOSURE UNDER PUBLIC DISCLOSURE FROM PUBLIC UNDER 10 10 CFR CFR 2.390 2.390 Document Control Desk Document Control NG-09-0635 NG-09-0635 Page 22 of 3 Enclosure 1 provides Enclosure proposed change evaluation of the proposed provides an evaluation change and contains the following and contains following attachments: | |||
** Attachment Attachment 1 provides provides the the existing OL page page marked marked up to show the proposed change. | |||
change. | |||
** Attachment Attachment 2 provides provides the the proposed proposed OL changes changes in final typed format. | |||
Enclosure 2 provides Enclosure copy of the DAEC/NextEra provides a copy Energy Duane DAEC/NextEra Energy Duane Arnold Cyber Security Security Plan Implementation Implementation Schedule. | |||
Enclosure 3 provides Enclosure provides a copy of the DAEC/NextEra DAEC/NextEra Energy Duane Arnold, LLC Cyber Energy Duane Cyber Security Security Plan which is a stand alone alone document incorporated by reference document that will be incorporated reference into into DAEC/NextEra Energy the DAEC/NextEra Security Plan after Energy Duane Arnold Physical Security after approval. NextEra approval. NextEra Energy Duane Arnold requests that Enclosure Enclosure 3, which contains be information, be contains sensitive information, withheld from public accordance with 10 CFR 2.390. | |||
disclosure in accordance public disclosure application has been This application been reviewed NextEra Energy Duane Arnold Onsite Review reviewed by the NextEra Review Group. The proposed amendmentamendment presents presents no significant hazards consideration significant hazards consideration under the standards set forth in 10 CFR 50.92(c). A copy of this submittal, along with the 10 evaluation of "No Significant CFR 50.92 evaluation Hazards Consideration," is being forwarded Significant Hazards forwarded to our appointed official pursuant appointed state official pursuant to 1010 CFR 50.91. | |||
50.91. | |||
implementation period NextEra Energy Duane Arnold requests an implementation NextEra months period of 36 months following NRC approval license amendment. | |||
approval of the license amendment. | |||
If you should If additional information, should have any questions or require additional information, please contact contact Steve Catron, Licensing Manager, at (319) 851-7234. | |||
declare under penalty of perjury that the foregoing is true and correct. | |||
II declare Executed on November 19, 2009. | |||
~Zi:&009 Christopher R. Costanzo Vice President, DuaneDuane Arnold Energy Center NextEra Energy Duane Arnold, LLC LLC information Enclosure 3 to this letter contains sensitive information Withhold from public disclosure under 10 CFR 2.390. | |||
Upon removal of Enclosure 3, this letter is decontrolled. | |||
SECURITY RELATED SECURITY INFORMATION RELATED INFORMATION WITHHOLD FROM PUBLIC DISCLOSUREDISCLOSURE UNDER UNDER 10 CFR 2.390 2.390 Document Control Desk NG-09-0635 NG-09-0635 Page 3 of 3 - Evaluation of Proposed Change Change Attachment Attachment 1 - Proposed Proposed Facility Operating Operating License Change (Mark-up) | |||
(Mark-up) | |||
Attachment Attachment 2 - Proposed Proposed Facility Operating Operating License Change (Re-typed) | |||
(Re-typed) - Cyber Security Plan Implementation Enclosure Implementation Schedule Schedule - DAEC/NextEra Enclosure DAEC/NextEra Energy Energy Duane Arnold Cyber Security Plan cc: Administrator, Region III, Ill, USNRC Project Project Manager, DAEC, USNRC Resident Inspector, DAEC, USNRC McGhee (State of Iowa) | |||
D. McGhee Iowa) | |||
Enclosure Enclosure 3 to this letter letter contains sensitive information sensitive information Withhold from public disclosure disclosure under 10 CFR 2.390. | |||
2.390. | |||
Upon Upon removal decontrolled. | |||
removal of Enclosure 3, this letter is decontrolled. | |||
ENCLOSURE ENCLOSURE 1 EVALUATION EVALUATION OF PROPOSED CHANGECHANGE | |||
! | |||
==SUBJECT:== | |||
License Amendment | |||
== | ==SUBJECT:== | ||
Amendment Request Request (TSCR-121): Request for Approval of the the Duane Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan Duane Arnold Energy Center/NextEra 1.0 | |||
==SUMMARY== | |||
DESCRIPTION | |||
== | ==SUMMARY== | ||
2.0 DETAILED DESCRIPTION | |||
== | ==3.0 TECHNICAL EVALUATION== | ||
TECHNICAL EVALUATION | |||
==4.0 REGULATORY EVALUATION== | ==4.0 REGULATORY EVALUATION== | ||
4.1 APPLICABLE REGULATORY REQUIREMENTS/CRITERIA 4.2 SIGNIFICANT HAZARDS CONSIDERATION | REGULATORY EVALUATION APPLICABLE REGULATORY 4.1 APPLICABLE REQUIREMENTS/CRITERIA REGULATORY REQUIREMENTS/CRITERIA 4.2 SIGNIFICANT SIGNIFICANT HAZARDS CONSIDERATION HAZARDS CONSIDERATION | ||
==4.3 CONCLUSION== | ==4.3 CONCLUSION== | ||
5.0 ENVIRONMENTAL CONSIDERATION | 5.0 ENVIRONMENTAL CONSIDERATION ENVIRONMENTAL CONSIDERATION | ||
==6.0 REFERENCES== | ==6.0 REFERENCES== | ||
ATTACHMENTS: | REFERENCES ATTACHMENTS: | ||
NG-09-0635 Enclosure 1 Page 1 of 6 1.0 | ATTACHMENTS: - PROPOSED FACILITY Attachment OPERATING LICENSE FACILITY OPERATING CHANGE (MARK-UP) | ||
LICENSE CHANGE (MARK-UP) - PROPOSED FACILITY Attachment OPERATING LICENSE FACILITY OPERATING CHANGE (RE-TYPED) | |||
LICENSE CHANGE (RE-TYPED) | |||
NG-09-0635 NG-09-0635 Enclosure 1 Page 1 of 6 1.0 | |||
==SUMMARY== | ==SUMMARY== | ||
==SUMMARY== | ==SUMMARY== | ||
DESCRIPTION | DESCRIPTION proposed license amendment The proposed amendment request (LAR) (LAR) includes the proposed proposed DAEC/NextEra DAEC/NextEra Energy Duane Arnold Cyber Security Energy Implementation Schedule, and a Security Plan (Plan), an Implementation proposed sentence to be added to the existing proposed existing OL Physical Protection license condition. | ||
2.0 DETAILED DESCRIPTION | 2.0 DETAILED DETAILED DESCRIPTION proposed LAR includes three parts: the proposed Plan, an Implementation The proposed Implementation | ||
* Schedule, and | ** Schedule, and aa proposed sentence sentence to be added to the existing OL PhysicalPhysical Protection NextEra Energy Duane Arnold to fully implement license condition to require NextEra license implement and maintain provisions of the Commission approved Cyber Security effect all provisions maintain in effect Security Plan as as required by 1010 CFR 73.54. Federal Register notice 74 FR 13926 FederalRegister 13926 issued issued the final rule rule that amended 10 CFR Part 73. The regulations in 10 CFR 73.54, "Protection of digital computer and communication systems and networks," | ||
The background for this application is addressed by the NRC Notice of Availability published on March | communication systems requirements for aa networks," establish the requirements cyber security program. This regulation specifically requires currently requires each licensee currently licensed to operate a nuclear licensed power plant under Part 50 of this chapter to submit a nuclear power cyber security security plan that satisfies requirements of the Rule. Each submittal satisfies the requirements submittal must include aa proposed implementation schedule and implementation implementation schedule implementation of the licensee's cyber cyber security program must be consistent consistent with the approved background for approved schedule. The background for this application application is addressed by the NRC Notice Notice of Availability March 27, Availability published on March 2009, 74 FR 13926 13926 (Reference (Reference 1). | ||
EVALUATION | |||
Emergency preparedness 10 CFR 73.54 requires protecting digital computer and communication systems and networks associated | ==3.0 TECHNICAL EVALUATION== | ||
The EP functions within the scope of the Plan are those functions which support implementation of the Risk Significant Planning Standards* (RSPSs) as defined in NRC Inspection Manual | |||
Similarly, there may be system components that are normally installed, modified or maintained by non-licensee personnel (e.g., a telecommunications company technician, and employee of a State agency, etc.).Therefore the systems, and portions of systems, to be protected from cyber attack in accordance with 10 | FederalRegister Federal notice 74 FR 13926 issued the final rule that amended 10 Register notice 10 CFR Part | ||
Only the portion dealing with the development of protective action recommendations (PARs) is integral to protection of public health and safety and is considered to be an RSPS.Senior nuclear | : 73. Cyber security requirements are codified as new 10 CFR 73.54 and are designed to assurance that digital computer and communication provide high assurance communication systems and networksnetworks are adequately protected against adequately protected against cyber attacks including the design basis attacks up to and including basis threat established by § 73.1(a)(1)(v). requirements enhance 73.1 (a)(1 )(v). These requirements enhance upon the the requirements imposed EA-02-026 (Reference imposed by EA-02-026 (Reference 2). | ||
The NEI 08-09 template defines this position | proposed change to the existing OL license condition This LAR includes the proposed "Physical condition for "Physical Protection" (Attachments (Attachments 1 and 2). In In addition, the LAR contains the proposed Implementation Schedule Implementation (Enclosure 2) as required by 10 CFR 73.54. Finally, this LAR Schedule (Enclosure LAR proposed Plan (Enclosure 3) that conforms includes the proposed template provided in NEI conforms to the template 08-09 Revision 3, with the following clarifications: | ||
The position of Vice President Nuclear Plant Support better reflects the duties and responsibilities of the NextEra Energy Duane Arnold Cyber Security Plan.List of Critical Systems NEI 08-09 Revision 3 template included a list of critical systems and included this list as Table 1. Table 1 is not included in this plan. These critical systems will be identified | Emergency preparedness Emergency preparedness 10 CFR 73.54 requires protecting protecting digital computer and communication communication systems and associated with emergency networks associated preparedness (EP) emergency preparedness (EP) functions, including including offsite offsite communications. The EP functions within the scope of the Plan are those functions communications. functions which support implementation of the Risk Significant support implementation Planning Standards* (RSPSs) as Significant Planning as defined in NRC Inspection defined Inspection Manual Appendix B. The RSPSs are the Manual Chapter 0609, Appendix the subset of EP Planning Standards, defined in 10 CFR50.4 CFR50.47(b), | ||
Section 2.2.6 | 7(b), which play the greatest | ||
NG-09-0635 NG-09-0635 Enclosure 1 Enclosure Page 2 of 6 role in protecting protecting public health and safety. In public health In terms of importance, this approach approach aligns aligns the selected EP functions with other system functions functions which are "Safety-Related" or or "Important-to-Safety." | |||
100 CFR 73.56(b 1 73.56(b)(ii) | |||
)(ii) requires individual whose duties and responsibilities permit requires that any individual the individual to take actions by electronic electronic means, either on site or remotely, that could adversely adversely impact licensee's emergency impact the licensee's preparedness be subject to an access emergency preparedness access authorization authorization program. However, some systems, or portions portions of systems, which perform a RSPS-related RSPS-related EP function may be located in offsite locations not under the control of the licensee and/or not staffed by licensee licensee personnel. Similarly, there may be system components components that are normally normally installed, modified or maintained maintained by non-licensee non-licensee personnel (e.g., a telecommunications company telecommunications company technician,technician, and employee of a State agency, etc.). | |||
Therefore the systems, and portions Therefore portions of systems, to be protected from cyber attack in attack in accordance with 10 accordance 73.54(a)(1)(iii) 10 CFR 73.54(a)(1 )(iii) must; | |||
: 1. Perform a RSPS-related EP function, and | |||
: 1. Perform a RSPS-related EP function, and | |||
: 2. Be within the licensee's complete custody and control. | |||
* The RSPSs are 10 CFR 50.47(b)(4), (5), (9), and (10), including the related sections of | |||
* The RSPSs are 10 CFR 50.47(b)(4), (5), (9), and (10), including the related sections of Appendix E to 10 CFR Part 50. 10 CFR 50.47(b)(10) has two aspects aspects that are of differing risk-significance. | |||
differing risk~significance. Only the portion dealing dealing with the development development of protective protective action recommendations (PARs) is integral to protection protection of public public health and safety and is considered to be an RSPS. | |||
nuclear management Senior nuclear management nuclear management Senior nuclear management is defined as Vice President President Nuclear Nuclear Plant Support who is accountable for nuclear plant security. The NEI 08-09 template accountable template defines defines this position asas accountable for nuclear plant operations. The position of Vice President accountable President Nuclear Plant Plant Support better reflects the duties and responsibilities responsibilities of the NextEra Energy Duane Duane Arnold Cyber Security Security Plan. | |||
List of Critical Systems Systems NEI 08-09 Revision 3 template included a list of critical systems and included this list as Table 1. Table 1 is not included in this plan. These critical systems will be identified identified evaluated during the cyber security and evaluated security assessment assessment program development. | |||
2.2.6 Section 2.2.6 reference from 73.54(g) to more appropriate Changed reference appropriate reference reference of 73.54(b 73.54(b)(2). | |||
)(2). | |||
NG-09-0635 NG-09-0635 Enclosure 1 Enclosure Page 33 of 6 Page REGULATORY EVALUATION | |||
4. | ==4.0 REGULATORY EVALUATION== | ||
4.1 APPLICABLE APPLICABLE REGULATORY REGULATORY REQUIREMENTS/CRITERIA REQUIREMENTS/CRITERIA LAR is submitted This LAR submitted pursuant requires licensees pursuant to 10 CFR 73.54 which requires licensees currently currently operate aa nuclear licensed to operate licensed power plant nuclear power plant under 10 CFR Part 50 to submit aa Cyber 10 CFR Cyber specified in 10 CFR 50.4 and Security Plan as specified and 10 CFR CFR 50.90. | |||
SIGNIFICANT HAZARDS 4.2 SIGNIFICANT HAZARDS CONSIDERATION CONSIDERATION NextEra Energy NextEra Energy Duane Arnold has evaluated whether or evaluated whether significant hazards or not a significant hazards consideration involved with the proposed amendment consideration is involved amendment by focusing on the three three standards amendment," as discussed standards set forth in 10 CFR 50.92, "Issuance of amendment," discussed below: | |||
: 1. Does the proposed amendment involve a significant increase in the probability or | |||
: 1. Does the proposed amendment involve a significant increase in the probability or accident previously evaluated? | |||
consequences of an accident consequences evaluated? | |||
===Response=== | |||
Response: | Response: No. No. | ||
No. The proposed change is required by 10 CFR 73.54 and includes three parts. The first part adds a sentence to the existing operating | The proposed change is required by 10 CFR 73.54 and includes three parts. The first proposed change part adds a sentence to the existing operating sentence condition for Physical Protection. | ||
The second part of the proposed change is an Implementation | operating license condition Protection. | ||
These | The second part of the proposed change Implementation Schedule. These change is an Implementation These administrative and have no impact on the probability changes are administrative consequences of probability or consequences an accident accident previously evaluated. | ||
evaluated. | |||
The third part is the submittal of the Plan for NRC review and approval. | The third part is the submittal of the Plan for NRC review and approval. | ||
The Plan conforms to the template provided in NEI 08-09 Revision 3 (with clarifications presented in this submittal) and provides a description | approval. The Plan conforms to the template provided provided in NEI 08-09 Revision 3 (with clarifications clarifications presented in this submittal) and provides a description requirements of the Rule will be description of how the requirements be establishes the licensing basis for the DAEC/NextEra implemented at DAEC. The Plan establishes DAEC/NextEra Energy Duane Arnold Cyber Security Program. The Plan establishes how to achieve nuclear power plant digital computer assurance that nuclear high assurance computer and communication systems communication systems associated with the following are adequately and networks associated adequately protected against cyber cyber attacks up to and including the design basis threat: | ||
The Plan is designed to achieve high assurance that the systems are protected from cyber attacks. The Plan describes how plant modifications | : 1. important-to-safety functions, Safety-related and important-to-safety | ||
: 2. Does the proposed amendment create the possibility of a new or different kind of | : 2. Security functions, | ||
: 3. Emergency preparedness functions including offsite communications, Emergency preparedness communications, and | |||
: 4. equipment which ifif compromised, Support systems and equipment compromised, would adversely impact preparedness functions. | |||
safety, security, or emergency preparedness The Plan is designed to achieve high assurance that the systems are protected from modifications which involve digital cyber attacks. The Plan describes how plant modifications computer systems are reviewed to provide high assurance of adequate protection against cyber attacks, up to and including the design basis threat as defined in in the Rule. | |||
The proposed change does not alter accident analysis assumptions, add any initiators, or affect the function of plant systems. The Plan Plan is designed to achieve highhigh assurance assurance | |||
NG-09-0635 NG-09-0635 Enclosure Enclosure 11 Page 44 of Page of 66 that the systems that the systems within the scope within the scope of of the Rule are the Rule from cyber protected from are protected attacks and cyber attacks and hashas no impact on no impact on the probability or the probability consequences of or consequences of an an accident previously evaluated. | |||
accident previously evaluated. | |||
: | : 2. Does the proposed amendment create the possibility of a new or different kind of | ||
No.The proposed change is required by 10 CFR 73.54 | : 2. Does the proposed amendment create the possibility of a new or different kind of accident from accident from any accident previously any accident previously evaluated? | ||
evaluated? | |||
Response: No. | |||
Response: No. | |||
The proposed change The proposed change is required by is required by 10 CFR 73.54 10 CFR 73.54 and and includes parts. The three parts. | |||
The second part of the proposed change is an Implementation Schedule. | includes three The first first part adds aa sentence part adds sentence to to the existing OL the existing license condition OL license condition for for Physical Protection. The Physical Protection. The second part second part of proposed change the proposed of the change is is an Schedule. Both Implementation Schedule. | ||
Both | an Implementation Both ofof these these changes are changes administrative and are administrative and do create the not create do not possibility of the possibility new or of aa new or different kind of different kind of accident from accident from any previously evaluated. | ||
The third part | any previously evaluated. | ||
The Plan conforms to the template provided by | The The third part isis the third part submittal of the submittal the Plan of the Plan forfor NRC review and NRC review approval. The and approval. The Plan Plan conforms to conforms the template to the provided by template provided by NEINEI 08-09 Revision 33 (with 08-09 Revision (with clarifications clarifications presented in presented in this submittal) and this submittal) and provides description of provides aa description how the of how requirements of the requirements of the the Rule will Rule will be implemented at be implemented DAEC. The at DAEC. establishes the Plan establishes The Plan the licensing basis for the licensing basis for the Energy Duane NextEra Energy NextEra Arnold Cyber Duane Arnold Cyber Security Program. The Security Program. The Plan establishes how Plan establishes how to to achieve high achieve assurance that high assurance nuclear power that nuclear digital computer plant digital power plant computer and and communication communication systems and systems associated with networks associated and networks with the following are the following are adequately protected against adequately protected against cyber attacks up to and including the cyber attacks up to and including the design basis threat:design basis threat: | ||
The Plan is designed | : 1. Safety-related and Safety-related important-to-safety functions, and important-to-safety functions, | ||
: 3. Does the proposed amendment involve a significant reduction in | : 2. Security Security functions, functions, 3. | ||
: 3. Emergency preparedness Emergency preparedness functions including offsite functions including offsite communications, communications, and and | |||
: 4. Support systems Support systems and equipment which and equipment which if compromised, compromised, would would adversely adversely impact impact safety, security, safety, security, or emergency preparedness emergency preparedness functions. | |||
designed to achieve The Plan is designed The achieve high assurance that high assurance the systems that the systems are protected from are protected from cyber attacks. The cyber attacks. The Plan describes how Plan describes how plant modifications which plant modifications which involve involve digital reviewed to provide systems are reviewed computer systems computer provide high assurance of high assurance adequate protection of adequate protection against against cyber attacks, attacks, up to and including the design basis threat as including the design basis threat as defined defined in the Rule. | |||
in the Rule. | |||
The proposed change The proposed change doesdoes not assumptions, add analysis assumptions, accident analysis not alter accident add any any initiators, initiators, or function of plant affect the function or affect systems. The plant systems. The Plan is designed to is designed achieve high to achieve high assurance assurance that the systems that within the scope systems within scope of of the the Rule protected from Rule are protected from cyber attacks and does cyber attacks does not create the possibility of a new or different kind of accident not create the possibility of a new or different kind of accident from any previously from any previously evaluated. | |||
evaluated. | |||
: 3. Does the proposed amendment involve proposed amendment involve a a significant reduction in significant reduction in aa margin margin of of safety? | |||
safety? | |||
== | ===Response=== | ||
Response: No. No. | |||
proposed change is required by 10 CFR 73.54 The proposed 73.54 andand includes three parts. | |||
includes three parts. TheThe first first part adds aa sentence sentence to the existing OL license condition for Physical to the existing OL license condition for Physical Protection. The Protection. The second part of the proposed proposed change change is is an an Implementation Schedule. Both Implementation Schedule. Both ofof these these | |||
NG-09-0635 NG-09-0635 Enclosure 1 Enclosure Page 5 of 66 Page changes are administrative changes involve aa significant administrative and do not involve reduction in aa margin significant reduction margin of of safety. | |||
submittal of the Plan for NRC part is the submittal The third part NRC review and approval. The Plan review and Plan conforms to the template conforms template provided NEI 08-09 Revision provided by NEI Revision 33 (with clarifications clarifications presented in this submittal) presented submittal) and provides provides a description requirements of the description of how the requirements the Rule Rule will be establishes the licensing basis for the implemented at DAEC. The Plan establishes be implemented the NextEra Security Program. The Plan Energy Duane Arnold Cyber Security NextEra Energy establishes how to Plan establishes to achieve high assurance achieve assurance that nuclear nuclear power plant digital computer computer and communication communication systems systems and networks associated with the following are networks associated are adequately protected against adequately protected against cyber attacks up to and cyber including the design basis threat: | |||
NG-09-0635 Enclosure 1 Page 5 of | and including | ||
The Plan conforms to the template provided | : 1. Safety-related and Safety-related and important-to-safety important-to-safety functions, | ||
The Plan is designed | : 2. Security functions, Security | ||
Because there is no change to these established safety margins, the proposed change does not involve a significant reduction in a margin of safety. Based on the above, NextEra Energy Duane Arnold concludes | : 3. Emergency Emergency preparedness including offsite preparedness functions including communications, and offsite communications, | ||
: 4. Support systems and equipment which compromised, would adversely if compromised, adversely impact safety, security, or emergency emergency preparedness preparedness functions. | |||
designed to achieve The Plan is designed assurance that the systems within achieve high assurance scope of within the scope of protected from cyber attacks. Plant safety margins the Rule are protected established through margins are established through Limiting Conditions Operation, Limiting Safety System Settings Conditions for Operation, limits Settings and Safety limits Technical Specifications. | |||
specified in the Technical specified Because there is no change to these Specifications. Because established safety margins, the proposed established proposed change significant change does not involve a significant reduction in a margin of safety. | |||
Based on the above, NextEra concludes that the proposed NextEra Energy Duane Arnold concludes presents change presents change no significant hazards consideration under the standards set forth in hazards consideration significant hazards 10 CFR 50.92(c), and accordingly, aa finding of no significant hazards consideration consideration is justified. | |||
justified. | |||
==4.3 CONCLUSION== | ==4.3 CONCLUSION== | ||
In conclusion, based on the considerations discussed above, (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner, (2) such activities will be conducted in compliance with | considerations discussed In conclusion, based on the considerations In reasonable discussed above, (1) there is reasonable assurance that the health and safety of the public will not be endangered assurance endangered by operation in in the proposed manner, (2) such activities will be conducted in compliance compliance with thethe Commission's Commission's regulations, and (3) the issuance amendment will not be inimical to issuance of the amendment the common defense and security or to the health and safety of the public. | ||
NG-09-0635 Enclosure 1 Page 6 of 6 | ENVIRONMENTAL CONSIDERATION | ||
: 5. 0 ENVIRONMENTAL 5.0 proposed amendment establishes the licensing basis for a Cyber Security Program The proposed for DAEC and will be a part of the Physical Security Plan. This proposed amendment amendment will not involve any significant construction impacts. Pursuant to 10 10 CFR 51.22(c)(12) 51.22(c)(1 2) no environmental no environmental impact environmental assessment need be prepared in impact statement or environmental in connection with the issuance of the amendment. | |||
NG-09-0635 NG-09-0635 Enclosure Enclosure 1 Page 6 of 6 | |||
==6.0 REFERENCES== | ==6.0 REFERENCES== | ||
REFERENCES | |||
: 1. Federal Register Notice, Final Rule 10 CFR Part 73, "Power Reactor Reactor Security Requirements," published published on March 27, 2009, 74 FR 13926. | |||
13926. | |||
: 2. EA-02-026, "Issuance of Order for Interim Safeguards Safeguards and Security Compensatory Measures," issued February 25, 2002. | |||
Compensatory | |||
ENCLOSURE 1 ENCLOSURE ATTACHMENT 1 ATTACHMENT PROPOSED FACILITY PROPOSED FACILITY OPERATING OPERATING LICENSE CHANGE CHANGE (MARK-UP) | |||
(MARK-UP) | |||
Follows 1 Page Follows | |||
(a) Surveillance Requirements (SRs) whose acceptance For Surveillance acceptance criteria are either directly or indirectly, by the increase modified, either increase in authorized maximum power level in 2.C.(1) maximum 2.C.(1) above, in accordance accordance with Amendment Amendment Operating License DPR-49, those SRs are not No. 243 to Facility Operating performed until their next scheduled performance, which required to be performed surveillance interval that begins is due at the end of the first surveillance begins on the date Surveillance was last performed the Surveillance implementation of performed prior to implementation Amendment No. 243. | |||
(b) Deleted. | |||
(3) Fire Protection Protection NextEra Energy Duane Arnold, LLC shall implement and maintain in effect effect all provisions of the approved fire protection program as described described in the Final Safety Analysis Report for the Duane Arnold Energy Energy Center and as approved approved in the SER dated June Supplement dated February 10, 1981, June 1, 1978, and Supplement 1981, subject to the following provision: | |||
Energy Duane Arnold, LLC may NextEra Energy may make changes changes to the approved fire protection program without prior approval of the Commission only if protection program those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire. | |||
(4) The licensee authorized to operate the Duane Arnold Energy licensee is authorized Energy Center following following recirculation system inlet safe-ends on the eight primary recirculation installation of modified safe-ends lines which are described licensee letter dated July described in the licensee 31, 1978, and July 31, and supplemented by letter dated December 8, 1978. | |||
dated December (5) Physical Protection NextEra Next Energy Duane Arnold, LLC shall fully implement Era Energy implement and maintain in effect ;t~ | |||
Commission-approved physical security, training and all provisions of the Commission-approved and qualification, and safeguards qualification, contingency plans including amendments safeguards contingency amendments made made pursuant to provisions proVisions of the Miscellaneous Miscellaneous Amendments Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817and 27817and 27822) and to the the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, authority which contains Safeguards Information protected under 10 CFR 73.21, Safeguards Information 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," Plan,' submitted by letter dated May 16, 2006. | |||
A . | |||
'L/Ve;(+Ef""'- eV\e..-\lj Y1/~&-. ... e. A<- V\.D ') _ | |||
. II I | |||
L i-c.. | |||
. | |||
S""-o..\\ ~\\'1 | |||
' _'" I . | |||
1~'P\e.:..-~* ~M 'I\~\V'.*(.":\V'o. \~ e~e.c.."':t o...\\ ..~*,e~lSIOV\S o-f ~'e... C:~)"''''VI'\';SSIDV\ - ~13'f"i>l/"le..J. VA-Fc.../i\!eX+ 13('0... | |||
P;\eA'"~'-j \)\.\.~;(\e... A--rN:>\d; LLC- c~ be-c- seLlA"{'"~*ty. 'P1C\'I\ | |||
Sv.\~,\~~~ 'p''f \e.+..\-e(' do..-~ NbVev\i\.be, )q) ZObq | |||
. c. d.,;'s c..i l')S'LA'{' e... ','Y'\. | |||
Cl.:.V\.l>.. 'W :l',""" 'h.~\ &. sr-,{,D'I'ro. 'y . . . \o\~ | |||
o...t..ce>.~ b.o.:~ C;..~ W'~Th ID c;::.R. 2".390.:0 Amendment No. -2"5-- | |||
Amendment No. -z.r5- | |||
ENCLOSURE ENCLOSURE 1 ATTACHMENT ATTACHMENT 2 PROPOSED FACILITY PROPOSED FACILITY OPERATING OPERATING LICENSE LICENSE CHANGE CHANGE (RE-TYPED) | |||
(RE-TYPED) | |||
Page Follows 1 Page | |||
(a) For Surveillance Requirements (SRs) whose Surveillance Requirements acceptance criteria are whose acceptance directly or indirectly, by the increase in authorized modified, either directly maximum maximum power level in 2.C.(1) accordance with Amendment 2.C.(1) above, in accordance Amendment No. 243 to Facility Operating License DPR-49, those SRs are not required Operating License performed until their next scheduled performance, which is due at to be performed at the end of the first surveillance interval that begins surveillance interval begins on the date the the performed prior to implementation Surveillance was last performed Surveillance implementation of Amendment Amendment No. 243. | |||
(b) Deleted. | |||
(3) Fire Protection NextEra Energy Duane implement and maintain Duane Arnold, LLC shall implement maintain in effect all provisions of the approved fire protection program as described in the Final Safety Analysis Report for the Duane Arnold Energy Energy Center Center and as approved in the SER dated June 1, dated 1, 1978, and Supplement Supplement dated February 1981, subject to the February 10, 1981, the following provision: | |||
provision: | |||
NextEra Energy Duane Arnold, LLC may make changes to the approved NextEra Energy approval of the Commission fire protection program without prior approval Commission only if those changes would not adversely adversely affect the ability achieve and ability to achieve maintain safe shutdown in the event of a fire. | |||
maintain safe (4) The licensee authorized to operate the Duane Arnold Energy licensee is authorized Energy Center following following installation of modified installation primary recirculation modified safe-ends on the eight primary lines recirculation system inlet lines which are described in in the licensee licensee letter dated July 31,31, 1978, and supplemented supplemented by by letter dated December December 8, 1978.1978. | |||
(S) Physical Protection (5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement NextEra implement and maintain in in effect all provisions Commission-approved physical provisions of the Commission-approved and qualification, and physical security, training and and safeguards safeguards contingency amendments made pursuant to provisions contingency plans including amendments provisions of thethe Miscellaneous Amendments and Search Requirements Miscellaneous Amendments Requirements revisions to 10 CFR 73.SS (51 73.55 (S1 27817and 27822) and to the authority of 10 FR 27817and 50.90 and 10 CFR 50.54(p). | |||
10 CFR SO.90 SO.S4(p). The The combined set of plans, which contains combined contains Safeguards Safeguards Information protected under Information protected under 73.21, is entitled: "Duane Arnold Energy 10 CFR 73.21, Physical Security Plan," | |||
Energy Center Physical submitted by letter dated May 16, 2006. | |||
NextEra Energy Duane Arnold, LLC shall fully implement implement and maintain in effect effect all provisions of the Commission - approved DAEC/NextEra Energy Duane approved DAEC/NextEra Duane Arnold, LLC LLC cyber cyber security plan submitted submitted by letter dated November November 19, 2009 and withheld from disclosure in accordance with 10 CFR 2.390. | |||
public disclosure Amendment Amendment No. | |||
ENCLOSURE 2 ENCLOSURE CYBER CYBER SECURITY IMPLEMENTATION SCHEDULE SECURITY PLAN IMPLEMENTATION SCHEDULE Page 1 of 2 | |||
Cyber Security Plan Implementation Implementation Schedule Schedule Commitment* Completion Completion Date | |||
: 1. Establish Establish a cyber cyber security security project project team 3 months after NRC approval approval of Cyber Security Plan | |||
: 2. Establish and maintain cyber security policies 6 months after NRC approval approval of Cyber Security Plan | |||
: 3. Identify Critical Critical Digital Assets (CDAs) within 10 months after NRC approval scope of 73.54(a) of Cyber Security Plan | |||
: 4. Review Review and validate CDA connections connections 24 months after after NRC approval of Cyber Security Plan | |||
: 5. Complete baseline baseline assessments assessments (Operational Security Controls, Management Management Security Security 24 months after after NRC approval Controls, Technical Security Controls) and of Cyber Security Plan actions schedule station mitigation actions Implement defensive | |||
: 6. Implement defensive architecture architecture 30 months months after NRC approval of Cyber Cyber Security Plan Implement cyber security | |||
: 7. Implement security program, procedures, program, procedures, 24 months months after NRC approval and training of Cyber Cyber Security Plan Perform vulnerability and effectiveness | |||
: 8. Perform effectiveness analysis, 36 months months after NRC approval and document document gaps in condition reporting of Cyber Security Plan Plan program | |||
*Any commitment changes will be managed in accordance with NEI 99-04, "Guidelines | |||
*Any commitment changes will be managed in accordance with NEI 99-04, "Guidelines for Managing Commitment Changes." | |||
Managing NRC Commitment Page Page 2 of 2}} | |||
Completion Date 1. Establish a cyber security project team 3 months after NRC approval of Cyber Security Plan 2. Establish and maintain cyber security policies 6 months after NRC approval of Cyber Security Plan 3. Identify Critical Digital Assets (CDAs) within 10 months after NRC approval scope of 73.54(a) of Cyber Security Plan 4. Review and validate CDA connections 24 months after NRC approval of Cyber Security Plan 5. Complete baseline assessments (Operational Security Controls, Management Security 24 months after NRC approval Controls, Technical Security Controls) and of Cyber Security Plan schedule station mitigation actions 6. Implement defensive architecture 30 months after NRC approval of Cyber Security Plan 7. Implement | |||
Revision as of 01:11, 14 November 2019
| ML093270073 | |
| Person / Time | |
|---|---|
| Site: | Duane Arnold  |
| Issue date: | 11/19/2009 |
| From: | Costanzo C NextEra Energy Duane Arnold |
| To: | Document Control Desk, Office of Nuclear Reactor Regulation |
| References | |
| NG-09-0635, TSCR-121 | |
| Download: ML093270073 (16) | |
Text
NEXTera M
NEXTera ENERG-7Y,41 ENERGV~
~ DUANE """"
ARNOLD SECURITY RELATED INFORMATION RELATED INFORMATION WITHHOLD WITHHOLD FROM PUBLIC DISCLOSURE UNDER PUBLIC DISCLOSURE UNDER 10 CFR 2.390 2.390 November November 19, 2009 NG-09-0635 NG-09-0635 10 CRF 50.90 50.90 10 CFR 50.4 50.4 U. S. Nuclear Nuclear Regulatory Regulatory Commission ATTN: Document Control Desk Washington, Washington, DC 20555-0001 Duane Arnold Energy Energy Center Docket No. 50-331 DPR-49 License No. DPR-49 Amendment Request License Amendment Request (TSCR-121):
(TSCR-121): Request for Approval of the Duane Arnold Arnold Enerqy Center/NextEra Energy Center/NextEra EnergyEnerqV Duane Duane Arnold, Arnold, LLC Cyber Security Plan In accordance In accordance with the provisions of 10 CFR 50.4 and 10 CFR 50.90, NextEra NextEra TM
' Energy Energy Duane Arnold, LLC (hereafter NextEra NextEra Energy Duane Arnold) hereby submitting Duane Arnold) is hereby submitting aa request for amendment amendment to the Operating Operating License (OL) for the Duane Arnold Energy License (OL) Energy Center (DAEC)/NextEra Energy Center (DAEC)/NextEra Energy Duane Arnold. This proposed amendment amendment requests NRC approval of the NextEra Energy Energy Duane Arnold Cyber SecuritySecurity Plan, provides provides an implementation schedule, and adds a sentence implementation sentence to the existing Protection existing OL Physical Protection license condition condition to require NextEra EnergyEnergy Duane Arnold to fully implement and maintain in effect all provisions of the Commission Commission approved approved Cyber Security Plan.
Enclosure 3 to this letter contains sensitive information information Withhold from public disclosure under under 10 CFR 2.390.
2.390.
Upon removal of Enclosure Enclosure 3, this letter is decontrolled.
letter decontrolled.
NextEra Energy Duane Arnold, Arnold, LLC, 3277 DAEC Road, Palo, IA IA52324
SECURITY RELATED SECURITY RELATED INFORMATION INFORMATION WITHHOLD FROM WITHHOLD DISCLOSURE UNDER PUBLIC DISCLOSURE FROM PUBLIC UNDER 10 10 CFR CFR 2.390 2.390 Document Control Desk Document Control NG-09-0635 NG-09-0635 Page 22 of 3 Enclosure 1 provides Enclosure proposed change evaluation of the proposed provides an evaluation change and contains the following and contains following attachments:
- Attachment Attachment 1 provides provides the the existing OL page page marked marked up to show the proposed change.
change.
- Attachment Attachment 2 provides provides the the proposed proposed OL changes changes in final typed format.
Enclosure 2 provides Enclosure copy of the DAEC/NextEra provides a copy Energy Duane DAEC/NextEra Energy Duane Arnold Cyber Security Security Plan Implementation Implementation Schedule.
Enclosure 3 provides Enclosure provides a copy of the DAEC/NextEra DAEC/NextEra Energy Duane Arnold, LLC Cyber Energy Duane Cyber Security Security Plan which is a stand alone alone document incorporated by reference document that will be incorporated reference into into DAEC/NextEra Energy the DAEC/NextEra Security Plan after Energy Duane Arnold Physical Security after approval. NextEra approval. NextEra Energy Duane Arnold requests that Enclosure Enclosure 3, which contains be information, be contains sensitive information, withheld from public accordance with 10 CFR 2.390.
disclosure in accordance public disclosure application has been This application been reviewed NextEra Energy Duane Arnold Onsite Review reviewed by the NextEra Review Group. The proposed amendmentamendment presents presents no significant hazards consideration significant hazards consideration under the standards set forth in 10 CFR 50.92(c). A copy of this submittal, along with the 10 evaluation of "No Significant CFR 50.92 evaluation Hazards Consideration," is being forwarded Significant Hazards forwarded to our appointed official pursuant appointed state official pursuant to 1010 CFR 50.91.
50.91.
implementation period NextEra Energy Duane Arnold requests an implementation NextEra months period of 36 months following NRC approval license amendment.
approval of the license amendment.
If you should If additional information, should have any questions or require additional information, please contact contact Steve Catron, Licensing Manager, at (319) 851-7234.
declare under penalty of perjury that the foregoing is true and correct.
II declare Executed on November 19, 2009.
~Zi:&009 Christopher R. Costanzo Vice President, DuaneDuane Arnold Energy Center NextEra Energy Duane Arnold, LLC LLC information Enclosure 3 to this letter contains sensitive information Withhold from public disclosure under 10 CFR 2.390.
Upon removal of Enclosure 3, this letter is decontrolled.
SECURITY RELATED SECURITY INFORMATION RELATED INFORMATION WITHHOLD FROM PUBLIC DISCLOSUREDISCLOSURE UNDER UNDER 10 CFR 2.390 2.390 Document Control Desk NG-09-0635 NG-09-0635 Page 3 of 3 - Evaluation of Proposed Change Change Attachment Attachment 1 - Proposed Proposed Facility Operating Operating License Change (Mark-up)
(Mark-up)
Attachment Attachment 2 - Proposed Proposed Facility Operating Operating License Change (Re-typed)
(Re-typed) - Cyber Security Plan Implementation Enclosure Implementation Schedule Schedule - DAEC/NextEra Enclosure DAEC/NextEra Energy Energy Duane Arnold Cyber Security Plan cc: Administrator, Region III, Ill, USNRC Project Project Manager, DAEC, USNRC Resident Inspector, DAEC, USNRC McGhee (State of Iowa)
D. McGhee Iowa)
Enclosure Enclosure 3 to this letter letter contains sensitive information sensitive information Withhold from public disclosure disclosure under 10 CFR 2.390.
2.390.
Upon Upon removal decontrolled.
removal of Enclosure 3, this letter is decontrolled.
ENCLOSURE ENCLOSURE 1 EVALUATION EVALUATION OF PROPOSED CHANGECHANGE
!
SUBJECT:
License Amendment
SUBJECT:
Amendment Request Request (TSCR-121): Request for Approval of the the Duane Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan Duane Arnold Energy Center/NextEra 1.0
SUMMARY
DESCRIPTION
SUMMARY
2.0 DETAILED DESCRIPTION
3.0 TECHNICAL EVALUATION
TECHNICAL EVALUATION
4.0 REGULATORY EVALUATION
REGULATORY EVALUATION APPLICABLE REGULATORY 4.1 APPLICABLE REQUIREMENTS/CRITERIA REGULATORY REQUIREMENTS/CRITERIA 4.2 SIGNIFICANT SIGNIFICANT HAZARDS CONSIDERATION HAZARDS CONSIDERATION
4.3 CONCLUSION
5.0 ENVIRONMENTAL CONSIDERATION ENVIRONMENTAL CONSIDERATION
6.0 REFERENCES
REFERENCES ATTACHMENTS:
ATTACHMENTS: - PROPOSED FACILITY Attachment OPERATING LICENSE FACILITY OPERATING CHANGE (MARK-UP)
LICENSE CHANGE (MARK-UP) - PROPOSED FACILITY Attachment OPERATING LICENSE FACILITY OPERATING CHANGE (RE-TYPED)
LICENSE CHANGE (RE-TYPED)
NG-09-0635 NG-09-0635 Enclosure 1 Page 1 of 6 1.0
SUMMARY
SUMMARY
DESCRIPTION proposed license amendment The proposed amendment request (LAR) (LAR) includes the proposed proposed DAEC/NextEra DAEC/NextEra Energy Duane Arnold Cyber Security Energy Implementation Schedule, and a Security Plan (Plan), an Implementation proposed sentence to be added to the existing proposed existing OL Physical Protection license condition.
2.0 DETAILED DETAILED DESCRIPTION proposed LAR includes three parts: the proposed Plan, an Implementation The proposed Implementation
- Schedule, and aa proposed sentence sentence to be added to the existing OL PhysicalPhysical Protection NextEra Energy Duane Arnold to fully implement license condition to require NextEra license implement and maintain provisions of the Commission approved Cyber Security effect all provisions maintain in effect Security Plan as as required by 1010 CFR 73.54. Federal Register notice 74 FR 13926 FederalRegister 13926 issued issued the final rule rule that amended 10 CFR Part 73. The regulations in 10 CFR 73.54, "Protection of digital computer and communication systems and networks,"
communication systems requirements for aa networks," establish the requirements cyber security program. This regulation specifically requires currently requires each licensee currently licensed to operate a nuclear licensed power plant under Part 50 of this chapter to submit a nuclear power cyber security security plan that satisfies requirements of the Rule. Each submittal satisfies the requirements submittal must include aa proposed implementation schedule and implementation implementation schedule implementation of the licensee's cyber cyber security program must be consistent consistent with the approved background for approved schedule. The background for this application application is addressed by the NRC Notice Notice of Availability March 27, Availability published on March 2009, 74 FR 13926 13926 (Reference (Reference 1).
EVALUATION
3.0 TECHNICAL EVALUATION
FederalRegister Federal notice 74 FR 13926 issued the final rule that amended 10 Register notice 10 CFR Part
- 73. Cyber security requirements are codified as new 10 CFR 73.54 and are designed to assurance that digital computer and communication provide high assurance communication systems and networksnetworks are adequately protected against adequately protected against cyber attacks including the design basis attacks up to and including basis threat established by § 73.1(a)(1)(v). requirements enhance 73.1 (a)(1 )(v). These requirements enhance upon the the requirements imposed EA-02-026 (Reference imposed by EA-02-026 (Reference 2).
proposed change to the existing OL license condition This LAR includes the proposed "Physical condition for "Physical Protection" (Attachments (Attachments 1 and 2). In In addition, the LAR contains the proposed Implementation Schedule Implementation (Enclosure 2) as required by 10 CFR 73.54. Finally, this LAR Schedule (Enclosure LAR proposed Plan (Enclosure 3) that conforms includes the proposed template provided in NEI conforms to the template 08-09 Revision 3, with the following clarifications:
Emergency preparedness Emergency preparedness 10 CFR 73.54 requires protecting protecting digital computer and communication communication systems and associated with emergency networks associated preparedness (EP) emergency preparedness (EP) functions, including including offsite offsite communications. The EP functions within the scope of the Plan are those functions communications. functions which support implementation of the Risk Significant support implementation Planning Standards* (RSPSs) as Significant Planning as defined in NRC Inspection defined Inspection Manual Appendix B. The RSPSs are the Manual Chapter 0609, Appendix the subset of EP Planning Standards, defined in 10 CFR50.4 CFR50.47(b),
7(b), which play the greatest
NG-09-0635 NG-09-0635 Enclosure 1 Enclosure Page 2 of 6 role in protecting protecting public health and safety. In public health In terms of importance, this approach approach aligns aligns the selected EP functions with other system functions functions which are "Safety-Related" or or "Important-to-Safety."
100 CFR 73.56(b 1 73.56(b)(ii)
)(ii) requires individual whose duties and responsibilities permit requires that any individual the individual to take actions by electronic electronic means, either on site or remotely, that could adversely adversely impact licensee's emergency impact the licensee's preparedness be subject to an access emergency preparedness access authorization authorization program. However, some systems, or portions portions of systems, which perform a RSPS-related RSPS-related EP function may be located in offsite locations not under the control of the licensee and/or not staffed by licensee licensee personnel. Similarly, there may be system components components that are normally normally installed, modified or maintained maintained by non-licensee non-licensee personnel (e.g., a telecommunications company telecommunications company technician,technician, and employee of a State agency, etc.).
Therefore the systems, and portions Therefore portions of systems, to be protected from cyber attack in attack in accordance with 10 accordance 73.54(a)(1)(iii) 10 CFR 73.54(a)(1 )(iii) must;
- 1. Perform a RSPS-related EP function, and
- 1. Perform a RSPS-related EP function, and
- 2. Be within the licensee's complete custody and control.
- The RSPSs are 10 CFR 50.47(b)(4), (5), (9), and (10), including the related sections of
- The RSPSs are 10 CFR 50.47(b)(4), (5), (9), and (10), including the related sections of Appendix E to 10 CFR Part 50. 10 CFR 50.47(b)(10) has two aspects aspects that are of differing risk-significance.
differing risk~significance. Only the portion dealing dealing with the development development of protective protective action recommendations (PARs) is integral to protection protection of public public health and safety and is considered to be an RSPS.
nuclear management Senior nuclear management nuclear management Senior nuclear management is defined as Vice President President Nuclear Nuclear Plant Support who is accountable for nuclear plant security. The NEI 08-09 template accountable template defines defines this position asas accountable for nuclear plant operations. The position of Vice President accountable President Nuclear Plant Plant Support better reflects the duties and responsibilities responsibilities of the NextEra Energy Duane Duane Arnold Cyber Security Security Plan.
List of Critical Systems Systems NEI 08-09 Revision 3 template included a list of critical systems and included this list as Table 1. Table 1 is not included in this plan. These critical systems will be identified identified evaluated during the cyber security and evaluated security assessment assessment program development.
2.2.6 Section 2.2.6 reference from 73.54(g) to more appropriate Changed reference appropriate reference reference of 73.54(b 73.54(b)(2).
)(2).
NG-09-0635 NG-09-0635 Enclosure 1 Enclosure Page 33 of 6 Page REGULATORY EVALUATION
4.0 REGULATORY EVALUATION
4.1 APPLICABLE APPLICABLE REGULATORY REGULATORY REQUIREMENTS/CRITERIA REQUIREMENTS/CRITERIA LAR is submitted This LAR submitted pursuant requires licensees pursuant to 10 CFR 73.54 which requires licensees currently currently operate aa nuclear licensed to operate licensed power plant nuclear power plant under 10 CFR Part 50 to submit aa Cyber 10 CFR Cyber specified in 10 CFR 50.4 and Security Plan as specified and 10 CFR CFR 50.90.
SIGNIFICANT HAZARDS 4.2 SIGNIFICANT HAZARDS CONSIDERATION CONSIDERATION NextEra Energy NextEra Energy Duane Arnold has evaluated whether or evaluated whether significant hazards or not a significant hazards consideration involved with the proposed amendment consideration is involved amendment by focusing on the three three standards amendment," as discussed standards set forth in 10 CFR 50.92, "Issuance of amendment," discussed below:
- 1. Does the proposed amendment involve a significant increase in the probability or
- 1. Does the proposed amendment involve a significant increase in the probability or accident previously evaluated?
consequences of an accident consequences evaluated?
Response
Response: No. No.
The proposed change is required by 10 CFR 73.54 and includes three parts. The first proposed change part adds a sentence to the existing operating sentence condition for Physical Protection.
operating license condition Protection.
The second part of the proposed change Implementation Schedule. These change is an Implementation These administrative and have no impact on the probability changes are administrative consequences of probability or consequences an accident accident previously evaluated.
evaluated.
The third part is the submittal of the Plan for NRC review and approval.
approval. The Plan conforms to the template provided provided in NEI 08-09 Revision 3 (with clarifications clarifications presented in this submittal) and provides a description requirements of the Rule will be description of how the requirements be establishes the licensing basis for the DAEC/NextEra implemented at DAEC. The Plan establishes DAEC/NextEra Energy Duane Arnold Cyber Security Program. The Plan establishes how to achieve nuclear power plant digital computer assurance that nuclear high assurance computer and communication systems communication systems associated with the following are adequately and networks associated adequately protected against cyber cyber attacks up to and including the design basis threat:
- 1. important-to-safety functions, Safety-related and important-to-safety
- 2. Security functions,
- 3. Emergency preparedness functions including offsite communications, Emergency preparedness communications, and
- 4. equipment which ifif compromised, Support systems and equipment compromised, would adversely impact preparedness functions.
safety, security, or emergency preparedness The Plan is designed to achieve high assurance that the systems are protected from modifications which involve digital cyber attacks. The Plan describes how plant modifications computer systems are reviewed to provide high assurance of adequate protection against cyber attacks, up to and including the design basis threat as defined in in the Rule.
The proposed change does not alter accident analysis assumptions, add any initiators, or affect the function of plant systems. The Plan Plan is designed to achieve highhigh assurance assurance
NG-09-0635 NG-09-0635 Enclosure Enclosure 11 Page 44 of Page of 66 that the systems that the systems within the scope within the scope of of the Rule are the Rule from cyber protected from are protected attacks and cyber attacks and hashas no impact on no impact on the probability or the probability consequences of or consequences of an an accident previously evaluated.
accident previously evaluated.
- 2. Does the proposed amendment create the possibility of a new or different kind of
- 2. Does the proposed amendment create the possibility of a new or different kind of accident from accident from any accident previously any accident previously evaluated?
evaluated?
Response: No.
Response: No.
The proposed change The proposed change is required by is required by 10 CFR 73.54 10 CFR 73.54 and and includes parts. The three parts.
includes three The first first part adds aa sentence part adds sentence to to the existing OL the existing license condition OL license condition for for Physical Protection. The Physical Protection. The second part second part of proposed change the proposed of the change is is an Schedule. Both Implementation Schedule.
an Implementation Both ofof these these changes are changes administrative and are administrative and do create the not create do not possibility of the possibility new or of aa new or different kind of different kind of accident from accident from any previously evaluated.
any previously evaluated.
The The third part isis the third part submittal of the submittal the Plan of the Plan forfor NRC review and NRC review approval. The and approval. The Plan Plan conforms to conforms the template to the provided by template provided by NEINEI 08-09 Revision 33 (with 08-09 Revision (with clarifications clarifications presented in presented in this submittal) and this submittal) and provides description of provides aa description how the of how requirements of the requirements of the the Rule will Rule will be implemented at be implemented DAEC. The at DAEC. establishes the Plan establishes The Plan the licensing basis for the licensing basis for the Energy Duane NextEra Energy NextEra Arnold Cyber Duane Arnold Cyber Security Program. The Security Program. The Plan establishes how Plan establishes how to to achieve high achieve assurance that high assurance nuclear power that nuclear digital computer plant digital power plant computer and and communication communication systems and systems associated with networks associated and networks with the following are the following are adequately protected against adequately protected against cyber attacks up to and including the cyber attacks up to and including the design basis threat:design basis threat:
- 1. Safety-related and Safety-related important-to-safety functions, and important-to-safety functions,
- 2. Security Security functions, functions, 3.
- 3. Emergency preparedness Emergency preparedness functions including offsite functions including offsite communications, communications, and and
- 4. Support systems Support systems and equipment which and equipment which if compromised, compromised, would would adversely adversely impact impact safety, security, safety, security, or emergency preparedness emergency preparedness functions.
designed to achieve The Plan is designed The achieve high assurance that high assurance the systems that the systems are protected from are protected from cyber attacks. The cyber attacks. The Plan describes how Plan describes how plant modifications which plant modifications which involve involve digital reviewed to provide systems are reviewed computer systems computer provide high assurance of high assurance adequate protection of adequate protection against against cyber attacks, attacks, up to and including the design basis threat as including the design basis threat as defined defined in the Rule.
in the Rule.
The proposed change The proposed change doesdoes not assumptions, add analysis assumptions, accident analysis not alter accident add any any initiators, initiators, or function of plant affect the function or affect systems. The plant systems. The Plan is designed to is designed achieve high to achieve high assurance assurance that the systems that within the scope systems within scope of of the the Rule protected from Rule are protected from cyber attacks and does cyber attacks does not create the possibility of a new or different kind of accident not create the possibility of a new or different kind of accident from any previously from any previously evaluated.
evaluated.
- 3. Does the proposed amendment involve proposed amendment involve a a significant reduction in significant reduction in aa margin margin of of safety?
safety?
Response
Response: No. No.
proposed change is required by 10 CFR 73.54 The proposed 73.54 andand includes three parts.
includes three parts. TheThe first first part adds aa sentence sentence to the existing OL license condition for Physical to the existing OL license condition for Physical Protection. The Protection. The second part of the proposed proposed change change is is an an Implementation Schedule. Both Implementation Schedule. Both ofof these these
NG-09-0635 NG-09-0635 Enclosure 1 Enclosure Page 5 of 66 Page changes are administrative changes involve aa significant administrative and do not involve reduction in aa margin significant reduction margin of of safety.
submittal of the Plan for NRC part is the submittal The third part NRC review and approval. The Plan review and Plan conforms to the template conforms template provided NEI 08-09 Revision provided by NEI Revision 33 (with clarifications clarifications presented in this submittal) presented submittal) and provides provides a description requirements of the description of how the requirements the Rule Rule will be establishes the licensing basis for the implemented at DAEC. The Plan establishes be implemented the NextEra Security Program. The Plan Energy Duane Arnold Cyber Security NextEra Energy establishes how to Plan establishes to achieve high assurance achieve assurance that nuclear nuclear power plant digital computer computer and communication communication systems systems and networks associated with the following are networks associated are adequately protected against adequately protected against cyber attacks up to and cyber including the design basis threat:
and including
- 1. Safety-related and Safety-related and important-to-safety important-to-safety functions,
- 2. Security functions, Security
- 3. Emergency Emergency preparedness including offsite preparedness functions including communications, and offsite communications,
- 4. Support systems and equipment which compromised, would adversely if compromised, adversely impact safety, security, or emergency emergency preparedness preparedness functions.
designed to achieve The Plan is designed assurance that the systems within achieve high assurance scope of within the scope of protected from cyber attacks. Plant safety margins the Rule are protected established through margins are established through Limiting Conditions Operation, Limiting Safety System Settings Conditions for Operation, limits Settings and Safety limits Technical Specifications.
specified in the Technical specified Because there is no change to these Specifications. Because established safety margins, the proposed established proposed change significant change does not involve a significant reduction in a margin of safety.
Based on the above, NextEra concludes that the proposed NextEra Energy Duane Arnold concludes presents change presents change no significant hazards consideration under the standards set forth in hazards consideration significant hazards 10 CFR 50.92(c), and accordingly, aa finding of no significant hazards consideration consideration is justified.
justified.
4.3 CONCLUSION
considerations discussed In conclusion, based on the considerations In reasonable discussed above, (1) there is reasonable assurance that the health and safety of the public will not be endangered assurance endangered by operation in in the proposed manner, (2) such activities will be conducted in compliance compliance with thethe Commission's Commission's regulations, and (3) the issuance amendment will not be inimical to issuance of the amendment the common defense and security or to the health and safety of the public.
ENVIRONMENTAL CONSIDERATION
- 5. 0 ENVIRONMENTAL 5.0 proposed amendment establishes the licensing basis for a Cyber Security Program The proposed for DAEC and will be a part of the Physical Security Plan. This proposed amendment amendment will not involve any significant construction impacts. Pursuant to 10 10 CFR 51.22(c)(12) 51.22(c)(1 2) no environmental no environmental impact environmental assessment need be prepared in impact statement or environmental in connection with the issuance of the amendment.
NG-09-0635 NG-09-0635 Enclosure Enclosure 1 Page 6 of 6
6.0 REFERENCES
REFERENCES
- 1. Federal Register Notice, Final Rule 10 CFR Part 73, "Power Reactor Reactor Security Requirements," published published on March 27, 2009, 74 FR 13926.
13926.
- 2. EA-02-026, "Issuance of Order for Interim Safeguards Safeguards and Security Compensatory Measures," issued February 25, 2002.
Compensatory
ENCLOSURE 1 ENCLOSURE ATTACHMENT 1 ATTACHMENT PROPOSED FACILITY PROPOSED FACILITY OPERATING OPERATING LICENSE CHANGE CHANGE (MARK-UP)
(MARK-UP)
Follows 1 Page Follows
(a) Surveillance Requirements (SRs) whose acceptance For Surveillance acceptance criteria are either directly or indirectly, by the increase modified, either increase in authorized maximum power level in 2.C.(1) maximum 2.C.(1) above, in accordance accordance with Amendment Amendment Operating License DPR-49, those SRs are not No. 243 to Facility Operating performed until their next scheduled performance, which required to be performed surveillance interval that begins is due at the end of the first surveillance begins on the date Surveillance was last performed the Surveillance implementation of performed prior to implementation Amendment No. 243.
(b) Deleted.
(3) Fire Protection Protection NextEra Energy Duane Arnold, LLC shall implement and maintain in effect effect all provisions of the approved fire protection program as described described in the Final Safety Analysis Report for the Duane Arnold Energy Energy Center and as approved approved in the SER dated June Supplement dated February 10, 1981, June 1, 1978, and Supplement 1981, subject to the following provision:
Energy Duane Arnold, LLC may NextEra Energy may make changes changes to the approved fire protection program without prior approval of the Commission only if protection program those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.
(4) The licensee authorized to operate the Duane Arnold Energy licensee is authorized Energy Center following following recirculation system inlet safe-ends on the eight primary recirculation installation of modified safe-ends lines which are described licensee letter dated July described in the licensee 31, 1978, and July 31, and supplemented by letter dated December 8, 1978.
dated December (5) Physical Protection NextEra Next Energy Duane Arnold, LLC shall fully implement Era Energy implement and maintain in effect ;t~
Commission-approved physical security, training and all provisions of the Commission-approved and qualification, and safeguards qualification, contingency plans including amendments safeguards contingency amendments made made pursuant to provisions proVisions of the Miscellaneous Miscellaneous Amendments Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817and 27817and 27822) and to the the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, authority which contains Safeguards Information protected under 10 CFR 73.21, Safeguards Information 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," Plan,' submitted by letter dated May 16, 2006.
A .
'L/Ve;(+Ef""'- eV\e..-\lj Y1/~&-. ... e. A<- V\.D ') _
. II I
L i-c..
.
S""-o..\\ ~\\'1
' _'" I .
1~'P\e.:..-~* ~M 'I\~\V'.*(.":\V'o. \~ e~e.c.."':t o...\\ ..~*,e~lSIOV\S o-f ~'e... C:~)"'VI'\';SSIDV\ - ~13'f"i>l/"le..J. VA-Fc.../i\!eX+ 13('0...
P;\eA'"~'-j \)\.\.~;(\e... A--rN:>\d; LLC- c~ be-c- seLlA"{'"~*ty. 'P1C\'I\
Sv.\~,\~~~ 'pf \e.+..\-e(' do..-~ NbVev\i\.be, )q) ZObq
. c. d.,;'s c..i l')S'LA'{' e... ','Y'\.
Cl.:.V\.l>.. 'W :l',""" 'h.~\ &. sr-,{,D'I'ro. 'y . . . \o\~
o...t..ce>.~ b.o.:~ C;..~ W'~Th ID c;::.R. 2".390.:0 Amendment No. -2"5--
Amendment No. -z.r5-
ENCLOSURE ENCLOSURE 1 ATTACHMENT ATTACHMENT 2 PROPOSED FACILITY PROPOSED FACILITY OPERATING OPERATING LICENSE LICENSE CHANGE CHANGE (RE-TYPED)
(RE-TYPED)
Page Follows 1 Page
(a) For Surveillance Requirements (SRs) whose Surveillance Requirements acceptance criteria are whose acceptance directly or indirectly, by the increase in authorized modified, either directly maximum maximum power level in 2.C.(1) accordance with Amendment 2.C.(1) above, in accordance Amendment No. 243 to Facility Operating License DPR-49, those SRs are not required Operating License performed until their next scheduled performance, which is due at to be performed at the end of the first surveillance interval that begins surveillance interval begins on the date the the performed prior to implementation Surveillance was last performed Surveillance implementation of Amendment Amendment No. 243.
(b) Deleted.
(3) Fire Protection NextEra Energy Duane implement and maintain Duane Arnold, LLC shall implement maintain in effect all provisions of the approved fire protection program as described in the Final Safety Analysis Report for the Duane Arnold Energy Energy Center Center and as approved in the SER dated June 1, dated 1, 1978, and Supplement Supplement dated February 1981, subject to the February 10, 1981, the following provision:
provision:
NextEra Energy Duane Arnold, LLC may make changes to the approved NextEra Energy approval of the Commission fire protection program without prior approval Commission only if those changes would not adversely adversely affect the ability achieve and ability to achieve maintain safe shutdown in the event of a fire.
maintain safe (4) The licensee authorized to operate the Duane Arnold Energy licensee is authorized Energy Center following following installation of modified installation primary recirculation modified safe-ends on the eight primary lines recirculation system inlet lines which are described in in the licensee licensee letter dated July 31,31, 1978, and supplemented supplemented by by letter dated December December 8, 1978.1978.
(S) Physical Protection (5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement NextEra implement and maintain in in effect all provisions Commission-approved physical provisions of the Commission-approved and qualification, and physical security, training and and safeguards safeguards contingency amendments made pursuant to provisions contingency plans including amendments provisions of thethe Miscellaneous Amendments and Search Requirements Miscellaneous Amendments Requirements revisions to 10 CFR 73.SS (51 73.55 (S1 27817and 27822) and to the authority of 10 FR 27817and 50.90 and 10 CFR 50.54(p).
10 CFR SO.90 SO.S4(p). The The combined set of plans, which contains combined contains Safeguards Safeguards Information protected under Information protected under 73.21, is entitled: "Duane Arnold Energy 10 CFR 73.21, Physical Security Plan,"
Energy Center Physical submitted by letter dated May 16, 2006.
NextEra Energy Duane Arnold, LLC shall fully implement implement and maintain in effect effect all provisions of the Commission - approved DAEC/NextEra Energy Duane approved DAEC/NextEra Duane Arnold, LLC LLC cyber cyber security plan submitted submitted by letter dated November November 19, 2009 and withheld from disclosure in accordance with 10 CFR 2.390.
public disclosure Amendment Amendment No.
ENCLOSURE 2 ENCLOSURE CYBER CYBER SECURITY IMPLEMENTATION SCHEDULE SECURITY PLAN IMPLEMENTATION SCHEDULE Page 1 of 2
Cyber Security Plan Implementation Implementation Schedule Schedule Commitment* Completion Completion Date
- 1. Establish Establish a cyber cyber security security project project team 3 months after NRC approval approval of Cyber Security Plan
- 2. Establish and maintain cyber security policies 6 months after NRC approval approval of Cyber Security Plan
- 3. Identify Critical Critical Digital Assets (CDAs) within 10 months after NRC approval scope of 73.54(a) of Cyber Security Plan
- 4. Review Review and validate CDA connections connections 24 months after after NRC approval of Cyber Security Plan
- 5. Complete baseline baseline assessments assessments (Operational Security Controls, Management Management Security Security 24 months after after NRC approval Controls, Technical Security Controls) and of Cyber Security Plan actions schedule station mitigation actions Implement defensive
- 6. Implement defensive architecture architecture 30 months months after NRC approval of Cyber Cyber Security Plan Implement cyber security
- 7. Implement security program, procedures, program, procedures, 24 months months after NRC approval and training of Cyber Cyber Security Plan Perform vulnerability and effectiveness
- 8. Perform effectiveness analysis, 36 months months after NRC approval and document document gaps in condition reporting of Cyber Security Plan Plan program
- Any commitment changes will be managed in accordance with NEI 99-04, "Guidelines
- Any commitment changes will be managed in accordance with NEI 99-04, "Guidelines for Managing Commitment Changes."
Managing NRC Commitment Page Page 2 of 2