ML15169A261: Difference between revisions

From kanterella
Jump to navigation Jump to search
(Created page by program invented by StriderTol)
(Created page by program invented by StriderTol)
 
(17 intermediate revisions by the same user not shown)
Line 2: Line 2:
| number = ML15169A261
| number = ML15169A261
| issue date = 08/18/2015
| issue date = 08/18/2015
| title = Duane Arnold Energy Center - Issuance of Amendment Concerning Extension of Cyber Security Plan Milestone 8 Completion Date (TAC No. MF4719)
| title = Issuance of Amendment Concerning Extension of Cyber Security Plan Milestone 8 Completion Date
| author name = Chawla M L
| author name = Chawla M
| author affiliation = NRC/NRR/DORL/LPLIII-1
| author affiliation = NRC/NRR/DORL/LPLIII-1
| addressee name = Vehec T A
| addressee name = Vehec T
| addressee affiliation = NextEra Energy Duane Arnold, LLC
| addressee affiliation = NextEra Energy Duane Arnold, LLC
| docket = 05000331
| docket = 05000331
| license number = DPR-049
| license number = DPR-049
| contact person = Chawla M L
| contact person = Chawla M
| case reference number = TAC MF4719
| case reference number = TAC MF4719
| document type = Letter, License-Operating (New/Renewal/Amendments) DKT 50, Safety Evaluation, Technical Specifications
| document type = Letter, License-Operating (New/Renewal/Amendments) DKT 50, Safety Evaluation, Technical Specifications
| page count = 15
| page count = 15
| project = TAC:MF4719
| project = TAC:MF4719
| stage = Approval
}}
}}


=Text=
=Text=
{{#Wiki_filter: Mr. Thomas Vice President NextEra Energy Duane Arnold Energy Center 3277 DAEC Road Palo, IA 52324-9785 A:g;st 18, 2015
{{#Wiki_filter:UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 A:g;st 18, 2015 Mr. Thomas A. Vehec Vice President NextEra Energy Duane Arnold Energy Center 3277 DAEC Road Palo, IA 52324-9785


SUBJECT: DUANE ARNOLD ENERGY CENTER -ISSUANCE OF AMENDMENT CONCERNING EXTENSION OF CYBER SECURITY PLAN MILESTONE 8 COMPLETION DATE (TAC NO. MF4719)
==SUBJECT:==
DUANE ARNOLD ENERGY CENTER - ISSUANCE OF AMENDMENT CONCERNING EXTENSION OF CYBER SECURITY PLAN MILESTONE 8 COMPLETION DATE (TAC NO. MF4719)


==Dear Mr. Vehec:==
==Dear Mr. Vehec:==
The U.S. Nuclear Regulatory Commission has issued the enclosed Amendment No. 291 to Renewed Facility Operating License (FOL) No. DPR-49 for the Duane Arnold Energy Center (DAEC). The amendment consists of changes to the Renewed FOL in response to your application dated August 28, 2014. The amendment revises the DAEC Renewed FOL No. DPR-49, to change the scheduled completion date for Milestone 8 of the Cyber Security Plan (CSP) Implementation Schedule from December 31, 2015 to December 31, 2017. The amendment modifies paragraph 2.C.(5) of the Renewed FOL No. DPR-49, which provides a license condition to require the NextEra Energy Duane Arnold, LLC (the licensee), to fully implement and maintain in effect all provisions of the NRG-approved CSP. A copy of our related Safety Evaluation is enclosed. The Notice of Issuance will be included in the Commission's next biweekly Federal Register notice. Docket No. 50-331


===Enclosures:===
The U.S. Nuclear Regulatory Commission has issued the enclosed Amendment No. 291 to Renewed Facility Operating License (FOL) No. DPR-49 for the Duane Arnold Energy Center (DAEC). The amendment consists of changes to the Renewed FOL in response to your application dated August 28, 2014.
1. Amendment No. 291 to Renewed DPR-49 2. Safety Evaluation cc w/encls: Distribution via Listserv
The amendment revises the DAEC Renewed FOL No. DPR-49, to change the scheduled completion date for Milestone 8 of the Cyber Security Plan (CSP) Implementation Schedule from December 31, 2015 to December 31, 2017. The amendment modifies paragraph 2.C.(5) of the Renewed FOL No. DPR-49, which provides a license condition to require the NextEra Energy Duane Arnold, LLC (the licensee), to fully implement and maintain in effect all provisions of the NRG-approved CSP.
A copy of our related Safety Evaluation is enclosed. The Notice of Issuance will be included in the Commission's next biweekly Federal Register notice.
Sincerely, Mahesh L. Chawla, Project Manager Plant Licensing Branch 111-1 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation Docket No. 50-331


Sincerely,Mahesh L. Chawla, Project Manager Plant Licensing Branch 111-1 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation NEXTERA ENERGY DUANE ARNOLD, LLC DOCKET NO. 50-331 DUANE ARNOLD ENERGY CENTER AMENDMENT TO RENEWED FACILITY OPERATING LICENSE Amendment No. 291 License No. DPR-49 1. The U.S. Nuclear Regulatory Commission (the Commission) has found that: A The application for amendment by NextEra Energy Duane Arnold, LLC dated August 28, 2014, complies with the standards and requirements of the Atomic Energy Act of 1954, as amended (the Act), and the Commission's rules and regulations set forth in 10 CFR Chapter I; B. The facility will operate in conformity with the application, the provisions of the Act, and the rules and regulations of the Commission; C. There is reasonable assurance (i) that the activities authorized by this amendment can be conducted without endangering the health and safety of the public, and (ii) that such activities will be conducted in compliance with the Commission's regulations; D. The issuance of this amendment will not be inimical to the common defense and security or to the health and safety of the public; and E. The issuance of this amendment is in accordance with 10 CFR Part 51 of the Commission's regulations and all applicable requirements have been satisfied. Enclosure 1
==Enclosures:==
-2 -2. Accordingly, paragraph 2.C.5 of Renewed Facility Operating License No. DPR-49 is hereby amended to read, as follows: (5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006. NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by changes approved by license Amendment No. 284 and Amendment No. 291. 3. This license amendment is effective as of the date of issuance and shall be implemented within 60 days from the date of issuance. All subsequent changes to the NRG-approved CSP implementation schedule will require prior NRC approval pursuant to 10 CFR 50.90.
: 1. Amendment No. 291 to Renewed DPR-49
: 2. Safety Evaluation cc w/encls: Distribution via Listserv


===Attachment:===
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 NEXTERA ENERGY DUANE ARNOLD, LLC DOCKET NO. 50-331 DUANE ARNOLD ENERGY CENTER AMENDMENT TO RENEWED FACILITY OPERATING LICENSE Amendment No. 291 License No. DPR-49
Changes to the Renewed Facility Operating License No. DPR-49 Date of Issuance: Aup:;t 18, 2015 Davi L. P Ito , Chief Plant Licensing Branch 111-1 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation ATTACHMENT TO LICENSE AMENDMENT NO. 291 RENEWED FACILITY OPERATING LICENSE NO. DPR-49 DOCKET NO. 50-331 Replace the following page of Renewed Facility Operating License No. DPR-49 with the attached revised page. The revised page is identified by amendment number and contains a marginal line indicating the area of change. Renewed Facility Operating License REMOVE INSERT 6 6
: 1. The U.S. Nuclear Regulatory Commission (the Commission) has found that:
-6 -and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006. NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Eriergy Duane Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by changes approved by license Amendment No. 284 and Amendment No. 291. (6) Deleted (7) Additional Conditions The Additional Conditions contained in Appendix B, as revised through Amendment No. 279, are hereby incorporated into this license. NextEra Energy Duane Arnold, LLC shall operate the facility in accordance with the Additional Conditions. (8) The licensee is authorized to revise the Updated Final Safety Analysis Report by deleting the footnote for Section 9.1.4.4.5 which states: "*The NRG has not endorsed the reactor building crane as single-failure proof (Reference 9)," and by deleting Reference 9 of the references for Section 9.1. (9) Mitigation Strategy License Condition Develop and maintain strategies for addressing large fires and explosions and that include the following key areas: (a) Fire fighting response strategy with the following elements: 1. Pre-defined coordinated fire response strategy and guidance 2. Assessment of mutual aid fire fighting assets 3. Designated staging areas for equipment and materials 4. Command and control 5. Training ofresponse personnel (b) Operations to mitigate fuel damage considering the following: 1. Protection and use of personnel assets 2. Communications 3. Minimizing fire spread 4. Procedures for implementing integrated fire response strategy 5. Identification of readily-available pre-staged equipment 6. Training on integrated fire response strategy 7. Spent fuel pool mitigation measures (c) Actions to minimize release to include consideration of: 1. Water spray scrubbing 2. Dose to onsite responders ( 10) The licensee shall implement and maintain all Actions required by Attachment 2 to NRG Order EA-06-137, issued June 20, 2006, except the last action that requires incorporation of the strategies into the site security plan, contingency plan, emergency plan and/or guard training and qualification plan, as appropriate. Renewed License No. DPR-49 Amendment 291 SAFETY EVALUATION BY THE OFFICE OF NUCLEAR REACTOR REGULATION RELATED TO AMENDMENT NO. 291 TO RENEWED FACILITY OPERATING LICENSE NO. DPR-49 1.0 INTRODUCTION NEXTERA ENERGY DUANE ARNOLD. LLC DUANE ARNOLD ENERGY CENTER DOCKET NO. 50-331 By application dated August 28, 2014 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML 14245A375), NextEra Energy Duane Arnold, LLC (the licensee), requested a change to the renewed facility operating license (FOL) for the Duane Arnold Energy Center (DAEC). The proposed change would revise the date of Cyber Security Plan (CSP) Implementation Schedule Milestone 8 and the existing license condition in the renewed FOL. Milestone 8 of the CSP implementation schedule concerns the full implementation of the CSP. Portions of the letter dated August 28, 2014, contain sensitive unclassified non-safeguards information and, those portions are withheld from public disclosure in accordance with Title 10 of the Code of Federal Regulations (10 CFR), Part 2, paragraph 2.390(d)(1 ). 2.0 REGULATORY EVALUATION The NRC staff reviewed and approved the licensee's existing CSP implementation schedule by License Amendment No. 278 dated July 29, 2011 (ADAMS Accession No. ML 111940224), to Renewed FOL No. DPR-49 for the DAEC, concurrent with the incorporation of the CSP into the facility's current licensing basis. The NRC staff considered the following regulatory requirements and guidance in its review of the current license amendment request to modify the existing CSP implementation schedule:
A    The application for amendment by NextEra Energy Duane Arnold, LLC dated August 28, 2014, complies with the standards and requirements of the Atomic Energy Act of 1954, as amended (the Act), and the Commission's rules and regulations set forth in 10 CFR Chapter I; B. The facility will operate in conformity with the application, the provisions of the Act, and the rules and regulations of the Commission; C. There is reasonable assurance (i) that the activities authorized by this amendment can be conducted without endangering the health and safety of the public, and (ii) that such activities will be conducted in compliance with the Commission's regulations; D. The issuance of this amendment will not be inimical to the common defense and security or to the health and safety of the public; and E. The issuance of this amendment is in accordance with 10 CFR Part 51 of the Commission's regulations and all applicable requirements have been satisfied.
* 1 O CFR 73.54, "Protection of digital computer and communication systems and networks," states, in part, that: "Each [CSP] submittal must include a proposed implementation schedule. Implementation of the licensee's cyber security program must be consistent with the approved schedule."
Enclosure 1
* The licensee's facility operating license includes a license condition that requires the licensee to fully implement and maintain in effect all provisions of the Enclosure 2
: 2. Accordingly, paragraph 2.C.5 of Renewed Facility Operating License No. DPR-49 is hereby amended to read, as follows:
-2 -Commission-approved CSP (License Condition 2.C.5) including changes made pursuant to the authority of 1 O CFR 50.90, "Application for amendment of license, construction permit, or early site permit," and 10 CFR 50.54(p). The amendment dated July 29, 2011, which approved the licensee's existing CSP implementation by License Amendment No. 278 (ADAMS Accession No. ML 111940224), included the following statement: "The implementation of the CSP, including the key intermediate milestone dates and the full implementation date, shall be in accordance with the implementation schedule submitted by the licensee on April 5, 2011, and approved by the NRC staff with this license amendment. All subsequent changes to the NRG-approved CSP implementation schedule will require prior NRC approval pursuant to 10 CFR 50.90."
(5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006.
* In a publically available NRC memorandum, "Review Criteria for Title 10 of the Code of Federal Regulations Part 73.54, Cyber Security Implementation Schedule Milestone 8 License Amendment Requests," dated October 24, 2013 (ADAMS Accession No. ML 13295A467), the NRC staff listed criteria to consider during evaluations of licensees' requests to postpone their cyber security program implementation date (commonly known as Milestone 8). The NRC staff does not regard the CSP milestone implementation dates as regulatory commitments that can be changed unilaterally by the licensee, particularly in light of the regulatory requirements of 10 CFR 73.54, that state, in part, "[i]mplementation of the licensee's cyber security program must be consistent with the approved schedule." As the NRC staff explained in its letter to all operating reactor licensees dated May 9, 2011 (ADAMS Accession No. ML 110980538), the implementation of the plan, including the key intermediate milestone dates and the full implementation date shall be in accordance with the implementation schedule submitted by the licensee and approved by the NRC staff. All subsequent changes to the NRG-approved CSP implementation schedule, thus, will require prior NRC approval as required by 10 CFR 50.90. 3.0 TECHNICAL EVALUATION 3.1 Licensee's Requested Change The NRC staff issued Amendment No. 278 to Renewed FOL DPR-49 for DAEC on July 29, 2011. The NRC staff also approved the licensee's CSP implementation schedule, as discussed in the safety evaluation issued with Amendment No. 278. The implementation schedule had been submitted by the licensee based on a template prepared by the Nuclear Energy Institute (ADAMS Accession No. ML 110600206), which the NRC staff found acceptable for licensees to use to develop their CSP implementation schedules (ADAMS Accession No. ML 110070348). The licensee's proposed implementation schedule for the Cyber Security Program identified completion dates and bases for the following eight milestones: 1) Establish the Cyber Security Assessment Team; 2) Identify Critical Systems and Critical Digital Assets (CDAs);
NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP),
-3 -3) Install a deterministic one-way device between lower level devices and a firewall between higher level devices; 4) Implement the security control "Access Control For Portable And Mobile Devices"; 5) Implement observation and identification of obvious cyber related tampering to existing insider mitigation rounds; 6) Identify, document, and implement cyber security controls in accordance with "Mitigation of Vulnerabilities and Application of Cyber Security Controls" for CDAs that could adversely impact the design function of physical security target set equipment; 7) Commence ongoing monitoring and assessment activities for those target set CDAs whose security controls have been implemented; and 8) Fully implement the CSP for all safety, security and emergency preparedness functions. Currently, Milestone 8 of the licensee's CSP requires the licensee to fully implement the CSP by December 31, 2015. In its August 28, 2014, application, the licensee requested to change the Milestone 8 completion date to December 31, 2017. The licensee's application addressed the eight criteria in the NRC's October 24, 2013, guidance memorandum. The licensee provided the following information pertinent to each of the criteria identified in the NRC's October 24, 2013, guidance memorandum. 1) Identification of the specific requirement or requirements of the cyber security plan that the licensee needs additional time to implement. The licensee identified the CSP requirement requiring additional time to implement. In CSP, Section 3.1, "Analyzing Digital Computer Systems and Networks and Applying Cyber Security Controls," the challenges the licensee identified as associated with this section are: CDA assessment work is resource intensive; remediation activities, which must be carefully considered; change management; and training required on new programs, processes and procedures. The NRC staff has reviewed Section 3.1 of the CSP and the licensee's application and concludes that the challenges to implementation of this section are as the licensee identified. 2) Detailed justification that describes the reason the licensee requires additional time to implement the specific requirement or requirements identified. The licensee stated that it is experiencing major challenges with full implementation of Milestone 8 and provided details about each of the challenges as identified in Criterion 1 above. The licensee provided the following details:
including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by changes approved by license Amendment No. 284 and Amendment No. 291.
-4-CDA assessment work is resource intensive.
: 3. This license amendment is effective as of the date of issuance and shall be implemented within 60 days from the date of issuance. All subsequent changes to the NRG-approved CSP implementation schedule will require prior NRC approval pursuant to 10 CFR 50.90.
Davi L. P Ito , Chief Plant Licensing Branch 111-1 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation
 
==Attachment:==
 
Changes to the Renewed Facility Operating License No. DPR-49 Date of Issuance: Aup:;t 18, 2015
 
ATTACHMENT TO LICENSE AMENDMENT NO. 291 RENEWED FACILITY OPERATING LICENSE NO. DPR-49 DOCKET NO. 50-331 Replace the following page of Renewed Facility Operating License No. DPR-49 with the attached revised page. The revised page is identified by amendment number and contains a marginal line indicating the area of change.
Renewed Facility Operating License REMOVE                              INSERT 6                                  6
 
and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006.
NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Eriergy Duane Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by changes approved by license Amendment No. 284 and Amendment No. 291.
(6) Deleted (7) Additional Conditions The Additional Conditions contained in Appendix B, as revised through Amendment No.
279, are hereby incorporated into this license. NextEra Energy Duane Arnold, LLC shall operate the facility in accordance with the Additional Conditions.
(8) The licensee is authorized to revise the Updated Final Safety Analysis Report by deleting the footnote for Section 9.1.4.4.5 which states: "*The NRG has not endorsed the reactor building crane as single-failure proof (Reference 9)," and by deleting Reference 9 of the references for Section 9.1.
(9) Mitigation Strategy License Condition Develop and maintain strategies for addressing large fires and explosions and that include the following key areas:
(a) Fire fighting response strategy with the following elements:
: 1. Pre-defined coordinated fire response strategy and guidance
: 2. Assessment of mutual aid fire fighting assets
: 3. Designated staging areas for equipment and materials
: 4. Command and control
: 5. Training ofresponse personnel (b) Operations to mitigate fuel damage considering the following:
: 1. Protection and use of personnel assets
: 2. Communications
: 3. Minimizing fire spread
: 4. Procedures for implementing integrated fire response strategy
: 5. Identification of readily-available pre-staged equipment
: 6. Training on integrated fire response strategy
: 7. Spent fuel pool mitigation measures (c) Actions to minimize release to include consideration of:
: 1. Water spray scrubbing
: 2. Dose to onsite responders
( 10) The licensee shall implement and maintain all Actions required by Attachment 2 to NRG Order EA-06-137, issued June 20, 2006, except the last action that requires incorporation of the strategies into the site security plan, contingency plan, emergency plan and/or guard training and qualification plan, as appropriate.
Renewed License No. DPR-49 Amendment 291
 
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 SAFETY EVALUATION BY THE OFFICE OF NUCLEAR REACTOR REGULATION RELATED TO AMENDMENT NO. 291 TO RENEWED FACILITY OPERATING LICENSE NO. DPR-49 NEXTERA ENERGY DUANE ARNOLD. LLC DUANE ARNOLD ENERGY CENTER DOCKET NO. 50-331
 
==1.0      INTRODUCTION==
 
By application dated August 28, 2014 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML14245A375), NextEra Energy Duane Arnold, LLC (the licensee), requested a change to the renewed facility operating license (FOL) for the Duane Arnold Energy Center (DAEC). The proposed change would revise the date of Cyber Security Plan (CSP) Implementation Schedule Milestone 8 and the existing license condition in the renewed FOL. Milestone 8 of the CSP implementation schedule concerns the full implementation of the CSP.
Portions of the letter dated August 28, 2014, contain sensitive unclassified non-safeguards information and, those portions are withheld from public disclosure in accordance with Title 10 of the Code of Federal Regulations (10 CFR), Part 2, paragraph 2.390(d)(1 ).
 
==2.0      REGULATORY EVALUATION==
 
The NRC staff reviewed and approved the licensee's existing CSP implementation schedule by License Amendment No. 278 dated July 29, 2011 (ADAMS Accession No. ML111940224),
to Renewed FOL No. DPR-49 for the DAEC, concurrent with the incorporation of the CSP into the facility's current licensing basis. The NRC staff considered the following regulatory requirements and guidance in its review of the current license amendment request to modify the existing CSP implementation schedule:
* 10 CFR 73.54, "Protection of digital computer and communication systems and networks," states, in part, that: "Each [CSP] submittal must include a proposed implementation schedule. Implementation of the licensee's cyber security program must be consistent with the approved schedule."
* The licensee's facility operating license includes a license condition that requires the licensee to fully implement and maintain in effect all provisions of the Enclosure 2
 
Commission-approved CSP (License Condition 2.C.5) including changes made pursuant to the authority of 10 CFR 50.90, "Application for amendment of license, construction permit, or early site permit," and 10 CFR 50.54(p).
The amendment dated July 29, 2011, which approved the licensee's existing CSP implementation by License Amendment No. 278 (ADAMS Accession No. ML111940224), included the following statement: "The implementation of the CSP, including the key intermediate milestone dates and the full implementation date, shall be in accordance with the implementation schedule submitted by the licensee on April 5, 2011, and approved by the NRC staff with this license amendment. All subsequent changes to the NRG-approved CSP implementation schedule will require prior NRC approval pursuant to 10 CFR 50.90."
* In a publically available NRC memorandum, "Review Criteria for Title 10 of the Code of Federal Regulations Part 73.54, Cyber Security Implementation Schedule Milestone 8 License Amendment Requests," dated October 24, 2013 (ADAMS Accession No. ML13295A467), the NRC staff listed criteria to consider during evaluations of licensees' requests to postpone their cyber security program implementation date (commonly known as Milestone 8).
The NRC staff does not regard the CSP milestone implementation dates as regulatory commitments that can be changed unilaterally by the licensee, particularly in light of the regulatory requirements of 10 CFR 73.54, that state, in part, "[i]mplementation of the licensee's cyber security program must be consistent with the approved schedule." As the NRC staff explained in its letter to all operating reactor licensees dated May 9, 2011 (ADAMS Accession No. ML110980538), the implementation of the plan, including the key intermediate milestone dates and the full implementation date shall be in accordance with the implementation schedule submitted by the licensee and approved by the NRC staff. All subsequent changes to the NRG-approved CSP implementation schedule, thus, will require prior NRC approval as required by 10 CFR 50.90.
 
==3.0    TECHNICAL EVALUATION==
 
3.1    Licensee's Requested Change The NRC staff issued Amendment No. 278 to Renewed FOL DPR-49 for DAEC on July 29, 2011. The NRC staff also approved the licensee's CSP implementation schedule, as discussed in the safety evaluation issued with Amendment No. 278. The implementation schedule had been submitted by the licensee based on a template prepared by the Nuclear Energy Institute (ADAMS Accession No. ML110600206), which the NRC staff found acceptable for licensees to use to develop their CSP implementation schedules (ADAMS Accession No. ML110070348).
The licensee's proposed implementation schedule for the Cyber Security Program identified completion dates and bases for the following eight milestones:
: 1)      Establish the Cyber Security Assessment Team;
: 2)      Identify Critical Systems and Critical Digital Assets (CDAs);
: 3)      Install a deterministic one-way device between lower level devices and a firewall between higher level devices;
: 4)      Implement the security control "Access Control For Portable And Mobile Devices";
: 5)      Implement observation and identification of obvious cyber related tampering to existing insider mitigation rounds;
: 6)      Identify, document, and implement cyber security controls in accordance with "Mitigation of Vulnerabilities and Application of Cyber Security Controls" for CDAs that could adversely impact the design function of physical security target set equipment;
: 7)      Commence ongoing monitoring and assessment activities for those target set CDAs whose security controls have been implemented; and
: 8)      Fully implement the CSP for all safety, security and emergency preparedness functions.
Currently, Milestone 8 of the licensee's CSP requires the licensee to fully implement the CSP by December 31, 2015. In its August 28, 2014, application, the licensee requested to change the Milestone 8 completion date to December 31, 2017. The licensee's application addressed the eight criteria in the NRC's October 24, 2013, guidance memorandum.
The licensee provided the following information pertinent to each of the criteria identified in the NRC's October 24, 2013, guidance memorandum.
: 1)      Identification of the specific requirement or requirements of the cyber security plan that the licensee needs additional time to implement.
The licensee identified the CSP requirement requiring additional time to implement. In CSP, Section 3.1, "Analyzing Digital Computer Systems and Networks and Applying Cyber Security Controls," the challenges the licensee identified as associated with this section are:
CDA assessment work is resource intensive; remediation activities, which must be carefully considered; change management; and training required on new programs, processes and procedures.
The NRC staff has reviewed Section 3.1 of the CSP and the licensee's application and concludes that the challenges to implementation of this section are as the licensee identified.
: 2)      Detailed justification that describes the reason the licensee requires additional time to implement the specific requirement or requirements identified.
The licensee stated that it is experiencing major challenges with full implementation of Milestone 8 and provided details about each of the challenges as identified in Criterion 1 above. The licensee provided the following details:
 
CDA assessment work is resource intensive.
* DAEC has approximately 450 CDAs.
* DAEC has approximately 450 CDAs.
* Assessment of CDAs is challenging.
* Assessment of CDAs is challenging.
* DAEC will have to increase capacity (combination of time and resources) to cope with magnitude of work identified.
* DAEC will have to increase capacity (combination of time and resources) to cope with magnitude of work identified.
* Rework is a major concern since budgets are approved in advance on a defined scope of work. Remediation activities need to be carefully considered.
* Rework is a major concern since budgets are approved in advance on a defined scope of work.
Remediation activities need to be carefully considered.
* Security controls modifications are unique and new to the plant and suppliers.
* Security controls modifications are unique and new to the plant and suppliers.
* Plant modifications must be carefully implemented to ensure they do not impact plant safety and operation. Change Management Challenges
* Plant modifications must be carefully implemented to ensure they do not impact plant safety and operation.
Change Management Challenges
* Cyber security integrates into day to day plant operations, maintenance, engineering, and procurement activities.
* Cyber security integrates into day to day plant operations, maintenance, engineering, and procurement activities.
* Integration of cyber security controls is taking longer than expected due to impacts on the work control process and maintenance activities.
* Integration of cyber security controls is taking longer than expected due to impacts on the work control process and maintenance activities.
Line 50: Line 130:
* Cyber security for plant CDAs is new, and the security controls being implemented on the plant CDAs are new to Maintenance, System Engineering, and Operations.
* Cyber security for plant CDAs is new, and the security controls being implemented on the plant CDAs are new to Maintenance, System Engineering, and Operations.
* The Work Control Planners are challenged by the nuances associated with cyber security controls.
* The Work Control Planners are challenged by the nuances associated with cyber security controls.
* Training the maintenance technicians is a challenge. Training on new programs, processes and procedures
* Training the maintenance technicians is a challenge.
* Need to revise site training and schedules. Training resources need to be addressed. 3) A proposed completion date for Milestone 8 consistent with the remaining scope of work to be conducted and the resources available. The licensee proposed a Milestone 8 completion date of December 31, 2017, to complete CDA assessments, implement design modifications based on assessment results, update existing procedures, and develop new program procedures to complete full implementation of the CSP. The licensee also stated that changing the completion date of Milestone 8 will encompass two additional refueling outages and provide adequate time to plan and schedule the implementation of the modifications identified as the result of CDA assessments.
Training on new programs, processes and procedures
* Need to revise site training and schedules. Training resources need to be addressed.
: 3)     A proposed completion date for Milestone 8 consistent with the remaining scope of work to be conducted and the resources available.
The licensee proposed a Milestone 8 completion date of December 31, 2017, to complete CDA assessments, implement design modifications based on assessment results, update existing procedures, and develop new program procedures to complete full implementation of the CSP.
The licensee also stated that changing the completion date of Milestone 8 will encompass two additional refueling outages and provide adequate time to plan and schedule the implementation of the modifications identified as the result of CDA assessments.


-5 -The NRC staff finds that delaying final implementation of the cyber security program will provide opportunities to get more work done safely during the outages and to plan the work well. 4) An evaluation of the impact that the additional time to implement the requirements will have on the effectiveness of the licensee's overall cyber security program in the context of milestones already completed. The licensee provided details about the implementation of Milestones 1 through 7. The licensee indicated that based on the cyber security implementation activities already completed (Milestones 1 through 7), and activities already in progress, that the DAEC is secure and will continue to ensure that digital computer and communication systems and networks are adequately protected against cyber-attacks during implementation of the remainder of the program by the requested Milestone 8 date of December 31, 2017. The NRC staff concludes that the licensee's progress toward full implementation is reasonable and that impact of the requested additional implementation time on the effectiveness of the overall cyber security program is being effectively managed. The NRC staff further concludes that completion of Milestones 1 through 7 provides significant protection against cyber-attacks. 5) A description of the licensee's methodology for prioritizing completion of work for critical digital assets associated with significant safety, security, or emergency preparedness consequences and with reactivity effects in the balance of plant. The licensee stated that its methodology for prioritizing Milestone 8 activities is centered on considerations for safety, security, emergency preparedness and balance of plant (continuity of power) consequences. The methodology is based on defense-in-depth, installed configuration of the CDA, and susceptibility to commonly identified threat vectors. Prioritization for CDA assessment begins with safety-related CDAs and continues through the lower priority nonsafety and emergency preparedness CDAs:
The NRC staff finds that delaying final implementation of the cyber security program will provide opportunities to get more work done safely during the outages and to plan the work well.
: 4)       An evaluation of the impact that the additional time to implement the requirements will have on the effectiveness of the licensee's overall cyber security program in the context of milestones already completed.
The licensee provided details about the implementation of Milestones 1 through 7.
The licensee indicated that based on the cyber security implementation activities already completed (Milestones 1 through 7), and activities already in progress, that the DAEC is secure and will continue to ensure that digital computer and communication systems and networks are adequately protected against cyber-attacks during implementation of the remainder of the program by the requested Milestone 8 date of December 31, 2017.
The NRC staff concludes that the licensee's progress toward full implementation is reasonable and that impact of the requested additional implementation time on the effectiveness of the overall cyber security program is being effectively managed. The NRC staff further concludes that completion of Milestones 1 through 7 provides significant protection against cyber-attacks.
: 5)       A description of the licensee's methodology for prioritizing completion of work for critical digital assets associated with significant safety, security, or emergency preparedness consequences and with reactivity effects in the balance of plant.
The licensee stated that its methodology for prioritizing Milestone 8 activities is centered on considerations for safety, security, emergency preparedness and balance of plant (continuity of power) consequences. The methodology is based on defense-in-depth, installed configuration of the CDA, and susceptibility to commonly identified threat vectors. Prioritization for CDA assessment begins with safety-related CDAs and continues through the lower priority nonsafety and emergency preparedness CDAs:
* Safety-Related CDAs
* Safety-Related CDAs
* Physical Security CDAs
* Physical Security CDAs
* Important to Safety CDAs (including BOP CDAs that directly impact continuity of power) and control system CDAs
* Important to Safety CDAs (including BOP CDAs that directly impact continuity of power) and control system CDAs
* Nonsafety-Related CDAs and Emergency Preparedness CDAs The NRC staff has reviewed the licensee's methodology for prioritizing Milestone 8 activities, and finds it is appropriate. 6) A discussion of the licensee's cyber security program performance up to the date of the license amendment request. The licensee stated that completed and ongoing activities provide a high degree of protection against cyber security related attacks during implementation of the full program. The licensee provided discussions about implementing various milestones and then stated self-assessment issues have been entered into the CAP and are being addressed for program improvement.
* Nonsafety-Related CDAs and Emergency Preparedness CDAs The NRC staff has reviewed the licensee's methodology for prioritizing Milestone 8 activities, and finds it is appropriate.
: 6)       A discussion of the licensee's cyber security program performance up to the date of the license amendment request.
The licensee stated that completed and ongoing activities provide a high degree of protection against cyber security related attacks during implementation of the full program. The licensee provided discussions about implementing various milestones and then stated self-assessment issues have been entered into the CAP and are being addressed for program improvement.


-6 -On-going monitoring and time-based periodic actions provide continuing program performance monitoring. The NRC staff concludes that completed and ongoing activities provide significant protection against cyber-attacks. The NRC staff concludes that the licensee is using the tools at its disposal to implement, verify, and improve the cyber security program. 7) A discussion of cyber security issues pending in the licensee's corrective action program. The licensee stated that the DAEC CAP is used to document all cyber issues in order to trend, correct, and improve the NextEra Energy Duane Arnold, LLC CSP. The CAP database documents and tracks from initiation through closure, all cyber security required actions including issues identified during on-going program assessment activities and NRC inspection activities. Adverse trends are monitored for program improvement and addressed via the CAP process. ft provides examples of issues and activities in the CAP. The NRC staffs finds that the discussion reflects a functioning CAP and that the examples reflect the implementation and evolution of the cyber security program and reinforce the licensee discussions above. 8) A discussion of modifications completed to support the cyber security program and a discussion of pending cyber security modifications. The licensee provided a brief discussion of completed modifications and stated that there are no pending modifications. 3.2 NRC Staff Evaluation The NRC staff evaluated the licensee's application using the regulatory requirements and the guidance cited in Section 2.0, above. The licensee provided a fist of additional activities required to implement the CSP requirement. The licensee indicated that completion of the activities associated with the CSP, as described in Milestones 1 through 7 and completed prior to December 31, 2012, provide a high degree of protection to ensure that the most significant digital computer and communication systems and networks associated with safety, security, and emergency preparedness systems are already protected against cyber attacks. ft detailed activities completed for each milestone and noted that several elements of Milestone 8 have already been implemented. ft provided details about the completed milestones and elements. On such basis, the NRC staff finds that the licensee's sites are much more secure after implementation of Milestones 1 through 7, because the activities the licensee completed will mitigate the most significant cyber attack vectors for the most significant CDAs. The licensee proposed a Milestone 8 completion date of December 31, 2017. The licensee stated that changing the completion date of Milestone 8 provides adequate time to complete the CDA assessment, implement design modifications based on assessment results, update  
On-going monitoring and time-based periodic actions provide continuing program performance monitoring.
-7 -existing procedures, and develop new procedures to complete full implementation of the CSP. The NRC staff has had extensive interaction with the nuclear industry since licensees first developed their CSP implementation schedules. Based on this interaction, the NRC staff recognizes that CDA assessment work is much more complex and resource-intensive than originally anticipated. The licensee has a large number of CDAs and underestimated the level of effort to address security controls for each of the CDAs when developing its CSP implementation schedule. The NRC staff finds that the licensee's request for additional time to implement Milestone 8 is reasonable, given the unanticipated complexity and scope of the work required to come into full compliance with its CSP. The licensee stated that its methodology for prioritizing the Milestone activities is centered on considerations for safety, security, emergency preparedness, and balance-of-plant (continuity of power) consequences. The methodology is based on defense-in-depth installed configuration of the CDA and susceptibility to five commonly identified threat vectors. Prioritization of CDA assessments begins with safety-related CDAs and continues through the lower priority safety-related CDAs. The NRC staff finds that based on the large number of digital assets described above, and the limited resources with the appropriate expertise to perform these activities, the licensee's methodology for prioritizing work on CDAs is appropriate. The NRC staff further finds that the licensee's request to delay final implementation of the CSP until December 31, 2017, is reasonable, given the complexity of the remaining unanticipated work and the need to perform certain work, including design changes, during scheduled fuel outages. 3.3 Revision to License Condition By letter dated August 28, 2014, the licensee proposed to modify paragraph 2.C.(5) of Renewed FOL No. DPR-49, which provides a license condition to require the licensee to fully implement and maintain in effect all provisions of the NRC-approved CSP. The current license condition in paragraph 2.C.(5) of Renewed FOL DPR-49 for Duane Arnold Energy Center states: (5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006. NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP), including changes made pursuant to the authority of 10 CFR 50. 90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Energy Duane
The NRC staff concludes that completed and ongoing activities provide significant protection against cyber-attacks. The NRC staff concludes that the licensee is using the tools at its disposal to implement, verify, and improve the cyber security program.
-8 -Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by a change approved by license Amendment No. 284. The license condition in paragraph 2.C.(5) of FOL No. DPR-49 for DAEC is modified as follows: (5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006. NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by changes approved by license Amendment No. 284 and Amendment No. 291. 3.4 NRC Staff Technical Evaluation/Conclusion Based on its review of the licensee's submission, the NRC staff concludes: (i) that the licensee's implementation of Milestones 1 through 7 provides significant protection against cyber-attacks; (ii) that the licensee's explanation of the need for additional time is compelling, and (iii) that it is acceptable for DAEC to complete implementation of Milestone 8, full implementation of the CSP by December 31, 2017. The NRC has reasonable assurance that full implementation of the CSP by December 31, 2017, will provide adequate protection of the public health and safety and the common defense and security. The NRC staff also concludes that, upon full implementation of the licensee's cyber security program, the requirements of the licensee's CSP and 10 CFR 73.54 will be met. Therefore, the NRC staff finds the proposed change acceptable. 4.0 STATE CONSULTATION In accordance with the Commission's regulations, Iowa State officials were notified of the proposed issuance of the amendment. The State official had no comments.
: 7)     A discussion of cyber security issues pending in the licensee's corrective action program.
The licensee stated that the DAEC CAP is used to document all cyber issues in order to trend, correct, and improve the NextEra Energy Duane Arnold, LLC CSP. The CAP database documents and tracks from initiation through closure, all cyber security required actions including issues identified during on-going program assessment activities and NRC inspection activities. Adverse trends are monitored for program improvement and addressed via the CAP process. ft provides examples of issues and activities in the CAP.
The NRC staffs finds that the discussion reflects a functioning CAP and that the examples reflect the implementation and evolution of the cyber security program and reinforce the licensee discussions above.
: 8)     A discussion of modifications completed to support the cyber security program and a discussion of pending cyber security modifications.
The licensee provided a brief discussion of completed modifications and stated that there are no pending modifications.
3.2     NRC Staff Evaluation The NRC staff evaluated the licensee's application using the regulatory requirements and the guidance cited in Section 2.0, above.
The licensee provided a fist of additional activities required to implement the CSP requirement.
The licensee indicated that completion of the activities associated with the CSP, as described in Milestones 1 through 7 and completed prior to December 31, 2012, provide a high degree of protection to ensure that the most significant digital computer and communication systems and networks associated with safety, security, and emergency preparedness systems are already protected against cyber attacks. ft detailed activities completed for each milestone and noted that several elements of Milestone 8 have already been implemented. ft provided details about the completed milestones and elements. On such basis, the NRC staff finds that the licensee's sites are much more secure after implementation of Milestones 1 through 7, because the activities the licensee completed will mitigate the most significant cyber attack vectors for the most significant CDAs.
The licensee proposed a Milestone 8 completion date of December 31, 2017. The licensee stated that changing the completion date of Milestone 8 provides adequate time to complete the CDA assessment, implement design modifications based on assessment results, update


-9 -5.0 ENVIRONMENTAL CONSIDERATION This amendment relates solely to safeguards requirements and does not involve any significant construction impacts. This amendment is an administrative change to extend the date by which the licensee must have its CSP fully implemented. Accordingly, this amendment meet the eligibility criterion for categorical exclusion set forth in 10 CFR 51.22(c)(12). Pursuant to 10 CFR 51.22(b), no environmental impact statement or environmental assessment need be prepared in connection with the issuance of this amendment. 6.0 CONCLUSION The Commission has concluded, based on the considerations discussed above, that: (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner, (2) there is reasonable assurance that such activities will be conducted in compliance with the Commission's regulations, and (3) the issuance of the amendment will not be inimical to the common defense and security or to the health and safety of the public. Principal Contributor: John Rycyna Date: Ag.Et 18, 2015 Mr. Thomas Vice President NextEra Energy Duane Arnold Energy Center 3277 DAEC Road Palo, IA 52324-9785 August 18, 2015 SUBJECT: DUANE ARNOLD ENERGY CENTER -ISSUANCE OF AMENDMENT CONCERNING EXTENSION OF CYBER SECURITY PLAN MILESTONE 8 COMPLETION DATE (TAC NO. MF4719)
existing procedures, and develop new procedures to complete full implementation of the CSP.
The NRC staff has had extensive interaction with the nuclear industry since licensees first developed their CSP implementation schedules. Based on this interaction, the NRC staff recognizes that CDA assessment work is much more complex and resource-intensive than originally anticipated. The licensee has a large number of CDAs and underestimated the level of effort to address security controls for each of the CDAs when developing its CSP implementation schedule. The NRC staff finds that the licensee's request for additional time to implement Milestone 8 is reasonable, given the unanticipated complexity and scope of the work required to come into full compliance with its CSP.
The licensee stated that its methodology for prioritizing the Milestone activities is centered on considerations for safety, security, emergency preparedness, and balance-of-plant (continuity of power) consequences. The methodology is based on defense-in-depth installed configuration of the CDA and susceptibility to five commonly identified threat vectors. Prioritization of CDA assessments begins with safety-related CDAs and continues through the lower priority non-safety-related CDAs. The NRC staff finds that based on the large number of digital assets described above, and the limited resources with the appropriate expertise to perform these activities, the licensee's methodology for prioritizing work on CDAs is appropriate. The NRC staff further finds that the licensee's request to delay final implementation of the CSP until December 31, 2017, is reasonable, given the complexity of the remaining unanticipated work and the need to perform certain work, including design changes, during scheduled fuel outages.
3.3      Revision to License Condition By letter dated August 28, 2014, the licensee proposed to modify paragraph 2.C.(5) of Renewed FOL No. DPR-49, which provides a license condition to require the licensee to fully implement and maintain in effect all provisions of the NRC-approved CSP.
The current license condition in paragraph 2.C.(5) of Renewed FOL DPR-49 for Duane Arnold Energy Center states:
(5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006.
NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP),
including changes made pursuant to the authority of 10 CFR 50. 90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Energy Duane


==Dear Mr. Vehec:==
Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by a change approved by license Amendment No. 284.
The U.S. Nuclear Regulatory Commission has issued the enclosed Amendment No. 291 to Renewed Facility Operating License (FOL) No. DPR-49 for the Duane Arnold Energy Center (DAEC). The amendment consists of changes to the Renewed FOL in response to your application dated August 28, 2014. The amendment revises the DAEC Renewed FOL No. DPR-49, to change the scheduled completion date for Milestone 8 of the Cyber Security Plan (CSP) Implementation Schedule from December 31, 2015 to December 31, 2017. The amendment modifies paragraph 2.C.(5) of the Renewed FOL No. DPR-49, which provides a license condition to require the NextEra Energy Duane Arnold, LLC (the licensee), to fully implement and maintain in effect all provisions of the NRC-approved CSP. A copy of our Safety Evaluation is enclosed. The Notice of Issuance will be included in the Commission's next biweekly Federal Register notice. Docket No. 50-331
The license condition in paragraph 2.C.(5) of FOL No. DPR-49 for DAEC is modified as follows:
(5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006.
NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP),
including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by changes approved by license Amendment No. 284 and Amendment No. 291.
3.4      NRC Staff Technical Evaluation/Conclusion Based on its review of the licensee's submission, the NRC staff concludes: (i) that the licensee's implementation of Milestones 1 through 7 provides significant protection against cyber-attacks; (ii) that the licensee's explanation of the need for additional time is compelling, and (iii) that it is acceptable for DAEC to complete implementation of Milestone 8, full implementation of the CSP by December 31, 2017. The NRC has reasonable assurance that full implementation of the CSP by December 31, 2017, will provide adequate protection of the public health and safety and the common defense and security. The NRC staff also concludes that, upon full implementation of the licensee's cyber security program, the requirements of the licensee's CSP and 10 CFR 73.54 will be met. Therefore, the NRC staff finds the proposed change acceptable.
 
==4.0      STATE CONSULTATION==
 
In accordance with the Commission's regulations, Iowa State officials were notified of the proposed issuance of the amendment. The State official had no comments.
 
==5.0      ENVIRONMENTAL CONSIDERATION==
 
This amendment relates solely to safeguards requirements and does not involve any significant construction impacts. This amendment is an administrative change to extend the date by which the licensee must have its CSP fully implemented. Accordingly, this amendment meet the eligibility criterion for categorical exclusion set forth in 10 CFR 51.22(c)(12). Pursuant to 10 CFR 51.22(b), no environmental impact statement or environmental assessment need be prepared in connection with the issuance of this amendment.
 
==6.0      CONCLUSION==


===Enclosures:===
The Commission has concluded, based on the considerations discussed above, that: (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner, (2) there is reasonable assurance that such activities will be conducted in compliance with the Commission's regulations, and (3) the issuance of the amendment will not be inimical to the common defense and security or to the health and safety of the public.
1. Amendment No. 291 to Renewed DPR-49 2. Safety Evaluation cc w/encls: Distribution via Listserv DISTRIBUTION:  
Principal Contributor: John Rycyna Date: Ag.Et 18, 2015


Sincerely,IRA/ Mahesh L. Chawla, Project Manager Plant Licensing Branch 111-1 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation PUBLIC LPL3-1 R/F RidsNrrDorllpl3-1 Resource RidsNrrPMDuaneArnold Resource JRycyna, NSIR RidsAcrsAcnw_MailCTR Resource RidsOgcMailCenter Resource RidsNrrLAMHenderson Resource RidsNrrDorlDpr Resource RidsRgn3MailCenter Resource RFelts, NSIR ADAMS Accession No.: ML 15169A261 *Concurrence via email OFFICE DORL/LPL3-1/PM DORL/LPL3-1 /LA NSIR/CSD* OGC DORL/LPL3-1/BC DORL/LPL3-1/PM NAME MChawla (PB/echman for) Russ Felts DLenehan DPelton MChawla MHenderson DATE 7/31/2015 6/19/2015 5/26/2015 7/27/2015 8/12/2015 8/18/2015 OFFICIAL RECORD COPY}}
ML15169A261                                        *Concurrence via email OFFICE DORL/LPL3-1/PM DORL/LPL3-1 /LA             NSIR/CSD*         OGC       DORL/LPL3-1/BC DORL/LPL3-1/PM NAME         MChawla         (PB/echman for)   Russ Felts     DLenehan           DPelton           MChawla MHenderson DATE         7/31/2015           6/19/2015       5/26/2015     7/27/2015         8/12/2015         8/18/2015}}

Latest revision as of 11:00, 5 February 2020

Issuance of Amendment Concerning Extension of Cyber Security Plan Milestone 8 Completion Date
ML15169A261
Person / Time
Site: Duane Arnold NextEra Energy icon.png
Issue date: 08/18/2015
From: Mahesh Chawla
Plant Licensing Branch III
To: Vehec T
NextEra Energy Duane Arnold
Chawla M
References
TAC MF4719
Download: ML15169A261 (15)


Text

UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 A:g;st 18, 2015 Mr. Thomas A. Vehec Vice President NextEra Energy Duane Arnold Energy Center 3277 DAEC Road Palo, IA 52324-9785

SUBJECT:

DUANE ARNOLD ENERGY CENTER - ISSUANCE OF AMENDMENT CONCERNING EXTENSION OF CYBER SECURITY PLAN MILESTONE 8 COMPLETION DATE (TAC NO. MF4719)

Dear Mr. Vehec:

The U.S. Nuclear Regulatory Commission has issued the enclosed Amendment No. 291 to Renewed Facility Operating License (FOL) No. DPR-49 for the Duane Arnold Energy Center (DAEC). The amendment consists of changes to the Renewed FOL in response to your application dated August 28, 2014.

The amendment revises the DAEC Renewed FOL No. DPR-49, to change the scheduled completion date for Milestone 8 of the Cyber Security Plan (CSP) Implementation Schedule from December 31, 2015 to December 31, 2017. The amendment modifies paragraph 2.C.(5) of the Renewed FOL No. DPR-49, which provides a license condition to require the NextEra Energy Duane Arnold, LLC (the licensee), to fully implement and maintain in effect all provisions of the NRG-approved CSP.

A copy of our related Safety Evaluation is enclosed. The Notice of Issuance will be included in the Commission's next biweekly Federal Register notice.

Sincerely, Mahesh L. Chawla, Project Manager Plant Licensing Branch 111-1 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation Docket No. 50-331

Enclosures:

1. Amendment No. 291 to Renewed DPR-49
2. Safety Evaluation cc w/encls: Distribution via Listserv

UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 NEXTERA ENERGY DUANE ARNOLD, LLC DOCKET NO. 50-331 DUANE ARNOLD ENERGY CENTER AMENDMENT TO RENEWED FACILITY OPERATING LICENSE Amendment No. 291 License No. DPR-49

1. The U.S. Nuclear Regulatory Commission (the Commission) has found that:

A The application for amendment by NextEra Energy Duane Arnold, LLC dated August 28, 2014, complies with the standards and requirements of the Atomic Energy Act of 1954, as amended (the Act), and the Commission's rules and regulations set forth in 10 CFR Chapter I; B. The facility will operate in conformity with the application, the provisions of the Act, and the rules and regulations of the Commission; C. There is reasonable assurance (i) that the activities authorized by this amendment can be conducted without endangering the health and safety of the public, and (ii) that such activities will be conducted in compliance with the Commission's regulations; D. The issuance of this amendment will not be inimical to the common defense and security or to the health and safety of the public; and E. The issuance of this amendment is in accordance with 10 CFR Part 51 of the Commission's regulations and all applicable requirements have been satisfied.

Enclosure 1

2. Accordingly, paragraph 2.C.5 of Renewed Facility Operating License No. DPR-49 is hereby amended to read, as follows:

(5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006.

NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP),

including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by changes approved by license Amendment No. 284 and Amendment No. 291.

3. This license amendment is effective as of the date of issuance and shall be implemented within 60 days from the date of issuance. All subsequent changes to the NRG-approved CSP implementation schedule will require prior NRC approval pursuant to 10 CFR 50.90.

Davi L. P Ito , Chief Plant Licensing Branch 111-1 Division of Operating Reactor Licensing Office of Nuclear Reactor Regulation

Attachment:

Changes to the Renewed Facility Operating License No. DPR-49 Date of Issuance: Aup:;t 18, 2015

ATTACHMENT TO LICENSE AMENDMENT NO. 291 RENEWED FACILITY OPERATING LICENSE NO. DPR-49 DOCKET NO. 50-331 Replace the following page of Renewed Facility Operating License No. DPR-49 with the attached revised page. The revised page is identified by amendment number and contains a marginal line indicating the area of change.

Renewed Facility Operating License REMOVE INSERT 6 6

and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006.

NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Eriergy Duane Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by changes approved by license Amendment No. 284 and Amendment No. 291.

(6) Deleted (7) Additional Conditions The Additional Conditions contained in Appendix B, as revised through Amendment No.

279, are hereby incorporated into this license. NextEra Energy Duane Arnold, LLC shall operate the facility in accordance with the Additional Conditions.

(8) The licensee is authorized to revise the Updated Final Safety Analysis Report by deleting the footnote for Section 9.1.4.4.5 which states: "*The NRG has not endorsed the reactor building crane as single-failure proof (Reference 9)," and by deleting Reference 9 of the references for Section 9.1.

(9) Mitigation Strategy License Condition Develop and maintain strategies for addressing large fires and explosions and that include the following key areas:

(a) Fire fighting response strategy with the following elements:

1. Pre-defined coordinated fire response strategy and guidance
2. Assessment of mutual aid fire fighting assets
3. Designated staging areas for equipment and materials
4. Command and control
5. Training ofresponse personnel (b) Operations to mitigate fuel damage considering the following:
1. Protection and use of personnel assets
2. Communications
3. Minimizing fire spread
4. Procedures for implementing integrated fire response strategy
5. Identification of readily-available pre-staged equipment
6. Training on integrated fire response strategy
7. Spent fuel pool mitigation measures (c) Actions to minimize release to include consideration of:
1. Water spray scrubbing
2. Dose to onsite responders

( 10) The licensee shall implement and maintain all Actions required by Attachment 2 to NRG Order EA-06-137, issued June 20, 2006, except the last action that requires incorporation of the strategies into the site security plan, contingency plan, emergency plan and/or guard training and qualification plan, as appropriate.

Renewed License No. DPR-49 Amendment 291

UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 SAFETY EVALUATION BY THE OFFICE OF NUCLEAR REACTOR REGULATION RELATED TO AMENDMENT NO. 291 TO RENEWED FACILITY OPERATING LICENSE NO. DPR-49 NEXTERA ENERGY DUANE ARNOLD. LLC DUANE ARNOLD ENERGY CENTER DOCKET NO. 50-331

1.0 INTRODUCTION

By application dated August 28, 2014 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML14245A375), NextEra Energy Duane Arnold, LLC (the licensee), requested a change to the renewed facility operating license (FOL) for the Duane Arnold Energy Center (DAEC). The proposed change would revise the date of Cyber Security Plan (CSP) Implementation Schedule Milestone 8 and the existing license condition in the renewed FOL. Milestone 8 of the CSP implementation schedule concerns the full implementation of the CSP.

Portions of the letter dated August 28, 2014, contain sensitive unclassified non-safeguards information and, those portions are withheld from public disclosure in accordance with Title 10 of the Code of Federal Regulations (10 CFR), Part 2, paragraph 2.390(d)(1 ).

2.0 REGULATORY EVALUATION

The NRC staff reviewed and approved the licensee's existing CSP implementation schedule by License Amendment No. 278 dated July 29, 2011 (ADAMS Accession No. ML111940224),

to Renewed FOL No. DPR-49 for the DAEC, concurrent with the incorporation of the CSP into the facility's current licensing basis. The NRC staff considered the following regulatory requirements and guidance in its review of the current license amendment request to modify the existing CSP implementation schedule:

  • 10 CFR 73.54, "Protection of digital computer and communication systems and networks," states, in part, that: "Each [CSP] submittal must include a proposed implementation schedule. Implementation of the licensee's cyber security program must be consistent with the approved schedule."
  • The licensee's facility operating license includes a license condition that requires the licensee to fully implement and maintain in effect all provisions of the Enclosure 2

Commission-approved CSP (License Condition 2.C.5) including changes made pursuant to the authority of 10 CFR 50.90, "Application for amendment of license, construction permit, or early site permit," and 10 CFR 50.54(p).

The amendment dated July 29, 2011, which approved the licensee's existing CSP implementation by License Amendment No. 278 (ADAMS Accession No. ML111940224), included the following statement: "The implementation of the CSP, including the key intermediate milestone dates and the full implementation date, shall be in accordance with the implementation schedule submitted by the licensee on April 5, 2011, and approved by the NRC staff with this license amendment. All subsequent changes to the NRG-approved CSP implementation schedule will require prior NRC approval pursuant to 10 CFR 50.90."

  • In a publically available NRC memorandum, "Review Criteria for Title 10 of the Code of Federal Regulations Part 73.54, Cyber Security Implementation Schedule Milestone 8 License Amendment Requests," dated October 24, 2013 (ADAMS Accession No. ML13295A467), the NRC staff listed criteria to consider during evaluations of licensees' requests to postpone their cyber security program implementation date (commonly known as Milestone 8).

The NRC staff does not regard the CSP milestone implementation dates as regulatory commitments that can be changed unilaterally by the licensee, particularly in light of the regulatory requirements of 10 CFR 73.54, that state, in part, "[i]mplementation of the licensee's cyber security program must be consistent with the approved schedule." As the NRC staff explained in its letter to all operating reactor licensees dated May 9, 2011 (ADAMS Accession No. ML110980538), the implementation of the plan, including the key intermediate milestone dates and the full implementation date shall be in accordance with the implementation schedule submitted by the licensee and approved by the NRC staff. All subsequent changes to the NRG-approved CSP implementation schedule, thus, will require prior NRC approval as required by 10 CFR 50.90.

3.0 TECHNICAL EVALUATION

3.1 Licensee's Requested Change The NRC staff issued Amendment No. 278 to Renewed FOL DPR-49 for DAEC on July 29, 2011. The NRC staff also approved the licensee's CSP implementation schedule, as discussed in the safety evaluation issued with Amendment No. 278. The implementation schedule had been submitted by the licensee based on a template prepared by the Nuclear Energy Institute (ADAMS Accession No. ML110600206), which the NRC staff found acceptable for licensees to use to develop their CSP implementation schedules (ADAMS Accession No. ML110070348).

The licensee's proposed implementation schedule for the Cyber Security Program identified completion dates and bases for the following eight milestones:

1) Establish the Cyber Security Assessment Team;
2) Identify Critical Systems and Critical Digital Assets (CDAs);
3) Install a deterministic one-way device between lower level devices and a firewall between higher level devices;
4) Implement the security control "Access Control For Portable And Mobile Devices";
5) Implement observation and identification of obvious cyber related tampering to existing insider mitigation rounds;
6) Identify, document, and implement cyber security controls in accordance with "Mitigation of Vulnerabilities and Application of Cyber Security Controls" for CDAs that could adversely impact the design function of physical security target set equipment;
7) Commence ongoing monitoring and assessment activities for those target set CDAs whose security controls have been implemented; and
8) Fully implement the CSP for all safety, security and emergency preparedness functions.

Currently, Milestone 8 of the licensee's CSP requires the licensee to fully implement the CSP by December 31, 2015. In its August 28, 2014, application, the licensee requested to change the Milestone 8 completion date to December 31, 2017. The licensee's application addressed the eight criteria in the NRC's October 24, 2013, guidance memorandum.

The licensee provided the following information pertinent to each of the criteria identified in the NRC's October 24, 2013, guidance memorandum.

1) Identification of the specific requirement or requirements of the cyber security plan that the licensee needs additional time to implement.

The licensee identified the CSP requirement requiring additional time to implement. In CSP, Section 3.1, "Analyzing Digital Computer Systems and Networks and Applying Cyber Security Controls," the challenges the licensee identified as associated with this section are:

CDA assessment work is resource intensive; remediation activities, which must be carefully considered; change management; and training required on new programs, processes and procedures.

The NRC staff has reviewed Section 3.1 of the CSP and the licensee's application and concludes that the challenges to implementation of this section are as the licensee identified.

2) Detailed justification that describes the reason the licensee requires additional time to implement the specific requirement or requirements identified.

The licensee stated that it is experiencing major challenges with full implementation of Milestone 8 and provided details about each of the challenges as identified in Criterion 1 above. The licensee provided the following details:

CDA assessment work is resource intensive.

  • Assessment of CDAs is challenging.
  • DAEC will have to increase capacity (combination of time and resources) to cope with magnitude of work identified.
  • Rework is a major concern since budgets are approved in advance on a defined scope of work.

Remediation activities need to be carefully considered.

  • Security controls modifications are unique and new to the plant and suppliers.
  • Plant modifications must be carefully implemented to ensure they do not impact plant safety and operation.

Change Management Challenges

  • Cyber security integrates into day to day plant operations, maintenance, engineering, and procurement activities.
  • Integration of cyber security controls is taking longer than expected due to impacts on the work control process and maintenance activities.
  • Added burden on maintenance to address security control integrity during maintenance work on CDAs.
  • Cyber security for plant CDAs is new, and the security controls being implemented on the plant CDAs are new to Maintenance, System Engineering, and Operations.
  • The Work Control Planners are challenged by the nuances associated with cyber security controls.
  • Training the maintenance technicians is a challenge.

Training on new programs, processes and procedures

  • Need to revise site training and schedules. Training resources need to be addressed.
3) A proposed completion date for Milestone 8 consistent with the remaining scope of work to be conducted and the resources available.

The licensee proposed a Milestone 8 completion date of December 31, 2017, to complete CDA assessments, implement design modifications based on assessment results, update existing procedures, and develop new program procedures to complete full implementation of the CSP.

The licensee also stated that changing the completion date of Milestone 8 will encompass two additional refueling outages and provide adequate time to plan and schedule the implementation of the modifications identified as the result of CDA assessments.

The NRC staff finds that delaying final implementation of the cyber security program will provide opportunities to get more work done safely during the outages and to plan the work well.

4) An evaluation of the impact that the additional time to implement the requirements will have on the effectiveness of the licensee's overall cyber security program in the context of milestones already completed.

The licensee provided details about the implementation of Milestones 1 through 7.

The licensee indicated that based on the cyber security implementation activities already completed (Milestones 1 through 7), and activities already in progress, that the DAEC is secure and will continue to ensure that digital computer and communication systems and networks are adequately protected against cyber-attacks during implementation of the remainder of the program by the requested Milestone 8 date of December 31, 2017.

The NRC staff concludes that the licensee's progress toward full implementation is reasonable and that impact of the requested additional implementation time on the effectiveness of the overall cyber security program is being effectively managed. The NRC staff further concludes that completion of Milestones 1 through 7 provides significant protection against cyber-attacks.

5) A description of the licensee's methodology for prioritizing completion of work for critical digital assets associated with significant safety, security, or emergency preparedness consequences and with reactivity effects in the balance of plant.

The licensee stated that its methodology for prioritizing Milestone 8 activities is centered on considerations for safety, security, emergency preparedness and balance of plant (continuity of power) consequences. The methodology is based on defense-in-depth, installed configuration of the CDA, and susceptibility to commonly identified threat vectors. Prioritization for CDA assessment begins with safety-related CDAs and continues through the lower priority nonsafety and emergency preparedness CDAs:

  • Physical Security CDAs
  • Important to Safety CDAs (including BOP CDAs that directly impact continuity of power) and control system CDAs
  • Nonsafety-Related CDAs and Emergency Preparedness CDAs The NRC staff has reviewed the licensee's methodology for prioritizing Milestone 8 activities, and finds it is appropriate.
6) A discussion of the licensee's cyber security program performance up to the date of the license amendment request.

The licensee stated that completed and ongoing activities provide a high degree of protection against cyber security related attacks during implementation of the full program. The licensee provided discussions about implementing various milestones and then stated self-assessment issues have been entered into the CAP and are being addressed for program improvement.

On-going monitoring and time-based periodic actions provide continuing program performance monitoring.

The NRC staff concludes that completed and ongoing activities provide significant protection against cyber-attacks. The NRC staff concludes that the licensee is using the tools at its disposal to implement, verify, and improve the cyber security program.

7) A discussion of cyber security issues pending in the licensee's corrective action program.

The licensee stated that the DAEC CAP is used to document all cyber issues in order to trend, correct, and improve the NextEra Energy Duane Arnold, LLC CSP. The CAP database documents and tracks from initiation through closure, all cyber security required actions including issues identified during on-going program assessment activities and NRC inspection activities. Adverse trends are monitored for program improvement and addressed via the CAP process. ft provides examples of issues and activities in the CAP.

The NRC staffs finds that the discussion reflects a functioning CAP and that the examples reflect the implementation and evolution of the cyber security program and reinforce the licensee discussions above.

8) A discussion of modifications completed to support the cyber security program and a discussion of pending cyber security modifications.

The licensee provided a brief discussion of completed modifications and stated that there are no pending modifications.

3.2 NRC Staff Evaluation The NRC staff evaluated the licensee's application using the regulatory requirements and the guidance cited in Section 2.0, above.

The licensee provided a fist of additional activities required to implement the CSP requirement.

The licensee indicated that completion of the activities associated with the CSP, as described in Milestones 1 through 7 and completed prior to December 31, 2012, provide a high degree of protection to ensure that the most significant digital computer and communication systems and networks associated with safety, security, and emergency preparedness systems are already protected against cyber attacks. ft detailed activities completed for each milestone and noted that several elements of Milestone 8 have already been implemented. ft provided details about the completed milestones and elements. On such basis, the NRC staff finds that the licensee's sites are much more secure after implementation of Milestones 1 through 7, because the activities the licensee completed will mitigate the most significant cyber attack vectors for the most significant CDAs.

The licensee proposed a Milestone 8 completion date of December 31, 2017. The licensee stated that changing the completion date of Milestone 8 provides adequate time to complete the CDA assessment, implement design modifications based on assessment results, update

existing procedures, and develop new procedures to complete full implementation of the CSP.

The NRC staff has had extensive interaction with the nuclear industry since licensees first developed their CSP implementation schedules. Based on this interaction, the NRC staff recognizes that CDA assessment work is much more complex and resource-intensive than originally anticipated. The licensee has a large number of CDAs and underestimated the level of effort to address security controls for each of the CDAs when developing its CSP implementation schedule. The NRC staff finds that the licensee's request for additional time to implement Milestone 8 is reasonable, given the unanticipated complexity and scope of the work required to come into full compliance with its CSP.

The licensee stated that its methodology for prioritizing the Milestone activities is centered on considerations for safety, security, emergency preparedness, and balance-of-plant (continuity of power) consequences. The methodology is based on defense-in-depth installed configuration of the CDA and susceptibility to five commonly identified threat vectors. Prioritization of CDA assessments begins with safety-related CDAs and continues through the lower priority non-safety-related CDAs. The NRC staff finds that based on the large number of digital assets described above, and the limited resources with the appropriate expertise to perform these activities, the licensee's methodology for prioritizing work on CDAs is appropriate. The NRC staff further finds that the licensee's request to delay final implementation of the CSP until December 31, 2017, is reasonable, given the complexity of the remaining unanticipated work and the need to perform certain work, including design changes, during scheduled fuel outages.

3.3 Revision to License Condition By letter dated August 28, 2014, the licensee proposed to modify paragraph 2.C.(5) of Renewed FOL No. DPR-49, which provides a license condition to require the licensee to fully implement and maintain in effect all provisions of the NRC-approved CSP.

The current license condition in paragraph 2.C.(5) of Renewed FOL DPR-49 for Duane Arnold Energy Center states:

(5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006.

NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP),

including changes made pursuant to the authority of 10 CFR 50. 90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Energy Duane

Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by a change approved by license Amendment No. 284.

The license condition in paragraph 2.C.(5) of FOL No. DPR-49 for DAEC is modified as follows:

(5) Physical Protection NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contains Safeguards Information protected under 10 CFR 73.21, is entitled: "Duane Arnold Energy Center Physical Security Plan," submitted by letter dated May 16, 2006.

NextEra Energy Duane Arnold, LLC shall fully implement and maintain in effect all provisions of the Commission-approved Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC Cyber Security Plan (CSP),

including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The Duane Arnold Energy Center/NextEra Energy Duane Arnold, LLC CSP was approved by License Amendment No. 278, as supplemented by changes approved by license Amendment No. 284 and Amendment No. 291.

3.4 NRC Staff Technical Evaluation/Conclusion Based on its review of the licensee's submission, the NRC staff concludes: (i) that the licensee's implementation of Milestones 1 through 7 provides significant protection against cyber-attacks; (ii) that the licensee's explanation of the need for additional time is compelling, and (iii) that it is acceptable for DAEC to complete implementation of Milestone 8, full implementation of the CSP by December 31, 2017. The NRC has reasonable assurance that full implementation of the CSP by December 31, 2017, will provide adequate protection of the public health and safety and the common defense and security. The NRC staff also concludes that, upon full implementation of the licensee's cyber security program, the requirements of the licensee's CSP and 10 CFR 73.54 will be met. Therefore, the NRC staff finds the proposed change acceptable.

4.0 STATE CONSULTATION

In accordance with the Commission's regulations, Iowa State officials were notified of the proposed issuance of the amendment. The State official had no comments.

5.0 ENVIRONMENTAL CONSIDERATION

This amendment relates solely to safeguards requirements and does not involve any significant construction impacts. This amendment is an administrative change to extend the date by which the licensee must have its CSP fully implemented. Accordingly, this amendment meet the eligibility criterion for categorical exclusion set forth in 10 CFR 51.22(c)(12). Pursuant to 10 CFR 51.22(b), no environmental impact statement or environmental assessment need be prepared in connection with the issuance of this amendment.

6.0 CONCLUSION

The Commission has concluded, based on the considerations discussed above, that: (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner, (2) there is reasonable assurance that such activities will be conducted in compliance with the Commission's regulations, and (3) the issuance of the amendment will not be inimical to the common defense and security or to the health and safety of the public.

Principal Contributor: John Rycyna Date: Ag.Et 18, 2015

ML15169A261 *Concurrence via email OFFICE DORL/LPL3-1/PM DORL/LPL3-1 /LA NSIR/CSD* OGC DORL/LPL3-1/BC DORL/LPL3-1/PM NAME MChawla (PB/echman for) Russ Felts DLenehan DPelton MChawla MHenderson DATE 7/31/2015 6/19/2015 5/26/2015 7/27/2015 8/12/2015 8/18/2015