|
|
| Line 1: |
Line 1: |
| {{Adams | | {{Adams |
| | number = ML24099A191 | | | number = ML24242A217 |
| | issue date = 04/08/2024 | | | issue date = 08/29/2024 |
| | title = Information Request for the Cybersecurity Baseline Inspection, Notification to Perform Inspection (05000313/2024404 and 05000368/2024404) | | | title = Cybersecurity Inspection Report 05000313/2024404 and 05000368/2024404 |
| | author name = Graves S | | | author name = Taylor N |
| | author affiliation = NRC/RGN-IV/DORS/EB2 | | | author affiliation = NRC/RGN-IV/DORS/EB2 |
| | addressee name = Pehrson D | | | addressee name = Pehrson D |
| | addressee affiliation = Entergy Operations, Inc | | | addressee affiliation = Entergy Operations, Inc |
| | docket = 05000313, 05000368 | | | docket = 05000313, 05000368 |
| | license number = DPR-051 , NPF-006 | | | license number = DPR-051, NPF-006 |
| | contact person = | | | contact person = |
| | document report number = IR 2024404 | | | document report number = IR 2024404 |
| | document type = Inspection Plan, Letter | | | document type = Inspection Report, Letter |
| | page count = 10 | | | page count = 9 |
| }} | | }} |
|
| |
|
| Line 18: |
Line 18: |
|
| |
|
| =Text= | | =Text= |
| {{#Wiki_filter:April 08, 2024 | | {{#Wiki_filter:August 29, 2024 |
|
| |
|
| ==SUBJECT:== | | ==SUBJECT:== |
| ARKANSAS NUCLEAR ONE -- INFORMATION REQUEST FOR THE CYBERSECURITY BASELINE INSPECTION, NOTIFICATION TO PERFORM INSPECTION (05000313/2024404 AND 05000368/2024404) | | ARKANSAS NUCLEAR ONE - CYBERSECURITY INSPECTION REPORT 05000313/2024404 AND 05000368/2024404 |
|
| |
|
| ==Dear Doug Pehrson:== | | ==Dear Doug Pehrson:== |
| On August 19, 2024, the U.S. Nuclear Regulatory Commission (NRC) will begin a baseline inspection in accordance with Inspection Procedure (IP) 71130.10 Cybersecurity, at your Arkansas Nuclear One, Units 1 and 2. The inspection will be performed to evaluate and verify your ability to meet the requirements of the NRCs Cybersecurity Rule, Title 10, Code of Federal Regulations (CFR), Part 73, Section 54, Protection of Digital Computer and Communication Systems and Networks. | | On August 22, 2024, the U.S. Nuclear Regulatory Commission (NRC) completed an inspection at Arkansas Nuclear One. On August 22, 2024, the NRC inspectors discussed the results of this inspection with Brian Patrick, Director, Regulatory & Performance Improvement and other members of your staff. The results of this inspection are documented in the enclosed report. |
|
| |
|
| Experience has shown that baseline inspections are extremely resource intensive, both for the NRC inspectors and licensee staff. In order to minimize the inspection impact on the site and to ensure a productive inspection for both parties, we have enclosed a request for documents needed for the inspection. These documents have been divided into four groups.
| | No findings or violations of more than minor significance were identified during this inspection. |
|
| |
|
| The first group specifies information necessary to assist the inspection team in choosing the focus areas (i.e., sample set) to be inspected by the IP 71130.10. This information should be made available either in an online repository (preferred) or digital media (CD/DVD) and delivered/available to the regional office no later than May 24, 2024. The inspection team will review this information and, by June 21, 2024, will request the specific items that should be provided for review.
| | This letter, its enclosure, and your response (if any) will be made available for public inspection and copying at http://www.nrc.gov/reading-rm/adams.html and at the NRC Public Document Room in accordance with Title 10 of the Code of Federal Regulations 2.390, Public Inspections, Exemptions, Requests for Withholding. |
|
| |
|
| The second group of requested documents will assist the inspection team in the evaluation of the critical systems and critical digital assets (CSs/CDAs), defensive architecture, and the areas of your cybersecurity program selected for review. This information will be requested for review in the regional office prior to the inspection by July 19, 2024, as identified above. The third group of requested documents consists of additional items that the inspection team will review, or need access to, during the inspection. Please have this information available by the first day of the onsite inspection, August 19, 2024.
| | Sincerely, Nicholas H. Taylor, Chief Engineering Branch 2 Division of Operating Reactor Safety Docket Nos. 05000313, 05000368 License Nos. DPR-51, NPF-6 |
|
| |
|
| The fourth group of information aids the inspection team in tracking issues identified during the inspection. It is requested that this information be provided to the lead inspector as the information is generated during the inspection. It is important that all requested documents are up to date and complete to minimize the number of additional documents requested during the preparation and/or the onsite portions of the inspection.
| | ===Enclosure:=== |
| | As stated |
|
| |
|
| The lead inspector for this inspection is Sam Graves. We understand that our regulatory contact for this inspection is Michael Hall of your organization. If there are any questions about the inspection or the material requested, please contact the lead inspector at 817-200-1102 or via e-mail at samuel.graves@nrc.gov.
| | ==Inspection Report== |
| | Docket Numbers: 05000313 and 05000368 |
|
| |
|
| Paperwork Reduction Act Statement This letter contains mandatory information collections that are subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). The Office of Management and Budget (OMB)
| | License Numbers: DPR-51 and NPF-6 |
| approved these information collections under approval number 3150-0011. The burden to the public for these information collections is estimated to average 40 hour(s) per response. Send comments regarding this information collection to the FOIA, Library and Information Collection Branch, Office of the Chief Information Officer, Mail Stop: T6-A10M, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001, or by email to Infocollects.Resource@nrc.gov, and to the Desk Officer, Office of Information and Regulatory Affairs, NEOB-10202, (3150-0011)
| |
| OMB, Washington, DC 20503.
| |
|
| |
|
| Public Protection Notification The NRC may not conduct or sponsor, and a person is not required to respond to, a request for information or an information collection requirement unless the requesting document displays a currently valid Office of Management and Budget control number.
| | Report Numbers: 05000313/2024404 and 05000368/2024404 |
|
| |
|
| In accordance with 10 CFR 2.390, Public Inspections, Exemptions, Requests for Withholding, of the NRC's "Rules of Practice," a copy of this letter and its enclosure will be available electronically for public inspection in the NRCs Public Document Room or from the Publicly Available Records (PARS) component of the NRC's Agencywide Documents Access and Management System (ADAMS). ADAMS is accessible from the NRC Web site at http://www.nrc.gov/reading-rm/adams.html (the Public Electronic Reading Room).
| | Enterprise Identifier: I-2024-404-0010 |
|
| |
|
| Sincerely, Sam Graves, Senior Reactor Inspector Engineering Branch 2 Division of Operating Reactor Safety Signed by Graves, Samuel on 04/08/24 Docket Nos. 05000313, 05000368 License Nos. DPR-51, NPF-6 Enclosure: Arkansas Nuclear One, Units 1 And 2 Cybersecurity Inspection Document Request
| | Licensee: Entergy Operations, Inc. |
|
| |
|
| ML24099A191 SUNSI Review: ADAMS: Non-Publicly Available Non-Sensitive Keyword:
| | Facility: Arkansas Nuclear One |
| By: STG Yes No Publicly Available Sensitive NRC-002 OFFICE RIV:SRI/DORS/EB2
| |
|
| |
|
| NAME S. Graves
| | Location: Russellville, AR |
|
| |
|
| SIGNATURE /RA/
| | Inspection Dates: August 19, 2024, to August 22, 2024 |
|
| |
|
| DATE 04/08/24
| | Inspectors: J. Drake, Senior Reactor Inspector S. Graves, Senior Reactor Inspector |
|
| |
|
| ARKANSAS NUCLEAR ONE CYBERSECURITY INSPECTION DOCUMENT REQUEST
| | Approved By: Nicholas H. Taylor, Chief Engineering Branch 2 Division of Operating Reactor Safety |
|
| |
|
| Inspection Report: 05000313/2024404; 05000368/2024404
| | Enclosure |
|
| |
|
| Inspection Dates: Week of August 19, 2024
| | =SUMMARY= |
| | The U.S. Nuclear Regulatory Commission (NRC) continued monitoring the licensees performance by conducting a cybersecurity inspection at Arkansas Nuclear One, in accordance with the Reactor Oversight Process. The Reactor Oversight Process is the NRCs program for overseeing the safe operation of commercial nuclear power reactors. Refer to https://www.nrc.gov/reactors/operating/oversight.html for more information. |
|
| |
|
| Inspection Procedure: IP 71130.10, CYBERSECURITY
| | ===List of Findings and Violations=== |
| | No findings or violations of more than minor significance were identified. |
|
| |
|
| Reference: ML21330A088, Guidance Document for Development of the Request for Information (RFI) and Notification Letter for IP 71130.10 Cyber Security Inspection, Revision 2
| | ===Additional Tracking Items=== |
| | None. |
|
| |
|
| NRC Inspectors:
| | =INSPECTION SCOPES= |
|
| |
|
| Sam Graves, Lead James Drake 817-200-1102 817-200-1558 samuel.graves@nrc.gov james.drake@nrc.gov
| | Inspections were conducted using the appropriate portions of the inspection procedures (IPs) in effect at the beginning of the inspection unless otherwise noted. Currently approved IPs with their attached revision histories are located on the public website at http://www.nrc.gov/reading-rm/doc-collections/insp-manual/inspection-procedure/index.html. Samples were declared complete when the IP requirements most appropriate to the inspection activity were met consistent with Inspection Manual Chapter (IMC) 2201, Security Inspection Program for Commercial Nuclear Power Reactors. The inspectors reviewed selected procedures and records, observed activities, and interviewed personnel to assess licensee performance and compliance with Commission rules and regulations, license conditions, site procedures, and standards. |
|
| |
|
| CSB Liaison:
| | ==SAFEGUARDS== |
| Mario Fernandes mario.fernandez@nrc.gov
| | ==71130.10 - Cybersecurity== |
| | ===Cybersecurity (1 Sample)=== |
| | : (1) The team reviewed implementation of Arkansas Nuclear Ones Cybersecurity Plan (CSP) and focused on evaluating changes to the program, critical systems, and critical digital assets (CDAs). |
|
| |
|
| NRC Contractors:
| | The following IP sections were completed and constitute completion of 1 sample: |
| | * 03.01, Review Ongoing Monitoring and Assessment Activities |
| | * 03.02, Verify Defense-in-Depth Protective Strategies (Partial) |
| | * 03.03, Review of Configuration Management Change Control (Partial) |
| | * 03.04, Review of Cyber Security Program (Partial) |
| | * 03.05, Evaluation of Corrective Actions |
|
| |
|
| Justin Bowden Trace Coleman 301-415-7000 301-415-7000 justin.bowden@nrc.gov trace.coleman@nrc.gov
| | The inspection reviewed the following cybersecurity program change: |
| | * EC-54065725 Sallyport Security and Cybersecurity Upgrades |
|
| |
|
| I. Information Requested for In-Office Preparation
| | The team reviewed boundary device configurations, procedures and processes, staff training, and incident response implementation procedures. |
| | * C619-DD 4 (Canary CT20SD) |
| | * C629-NIDS-0000626856 (M920 IPS-NS3200 /M920) |
| | * SIEM (Level 2) SPLUNK |
|
| |
|
| This initial request for information (i.e., Table RFI #1) concentrates on providing the inspection team with information necessary to select appropriate components and cybersecurity program elements to develop a site-specific inspection plan. The first RFI is used to identify the critical digital assets or systems to be chosen as the sample set required to be inspected by the cybersecurity IP. The first RFIs requested information is specified below in Table RFI #1.
| | The team also reviewed the following CDAs and their coverage by the cybersecurity plan. |
| | * C618-ADA (PA Active Directory Server) |
| | * 2C324-IDS1 (Level 3 NIDS McAfee IPS-NS3200 Dell R610) |
|
| |
|
| Please provide the information requested in Table RFI #1 to the regional office by May 24, 2024, or sooner, to facilitate the selection of the specific items for review.
| | ==INSPECTION RESULTS== |
| | No findings were identified. |
|
| |
|
| The inspection team will examine the documentation from the first RFI and select specific systems and equipment to provide a more focused follow-up request to develop the second RFI. | | ==EXIT MEETINGS AND DEBRIEFS== |
| | The inspectors verified no proprietary information was retained or documented in this report. |
| | * On August 22, 2024, the inspectors presented the cyber security inspection results to Brian Patrick, Director, Regulatory & Performance Improvement and other members of the licensee staff. |
|
| |
|
| The inspection team will submit the specific systems and equipment list to your staff by June 21, 2024, which will be utilized to evaluate the equipment, defensive architecture, and the areas of the licensees cybersecurity program for review.
| | =DOCUMENTS REVIEWED= |
|
| |
|
| Please provide the information requested by the second RFI to the regional office by
| | Inspection Type Designation Description or Title Revision or |
| | | Procedure Date |
| Enclosure July 19, 2024. All requests for information shall follow the guidance document referenced above. For information requests that have more than ten (10) documents, please provide a compressed (i.e., Zip) file of the documents.
| | 71130.10 Corrective Action CR-ANO-C-2022-02184, C-2023-00106, C-2023-00386, C-2023- |
| | | Documents 00390, C-2023-00425, C-2023-00427, C-2023-00429, C- |
| The required Table RFI #1 information shall be provided in an online document repository or on digital media (CD/DVD) to the lead inspector by May 24, 2024. The preferred file format for all lists is a searchable Excel spreadsheet file. The information should be indexed and hyper-linked to facilitate ease of use. If you have any questions regarding this information, please contact the inspection team leader as soon as possible
| | 23-00432, C-2023-00433, C-2023-00434, C-2023-00435, |
| | | C-2023-00436, C-2023-00437, C-2024-00580, C-2024- |
| Table RFI #1
| | 00581, C-2023-00109, C-2024-01401, C-2024-01402, C- |
| | | 24-01403, C-2024-01404, C-2024-01407, C-2024-01415, |
| Section 3,
| | CR-HQN-2022-01377, 2023-00042, 2023-00146, 2023-00161, 2023- |
| | | 00486, 2023-03651, 2024-00285, 2024-00893 |
| Paragraph Number/Title: IP Ref. Items
| | Corrective Action CR-ANO-C-2024-01428, C-2024-01429, C-2024-01442, C-2024- |
| | | Documents 01444 |
| 1 A list of all Identified Critical Systems and Critical Digital Assets, - Overall highlight/note any additions, deletions, reclassifications due to new guidance from white papers, changes to NEI 10-04, 13-10, etc. since the last cybersecurity inspection.
| | Resulting from CR-HQN-2024-00907, 2020-00908, 2024-00914, 2024-00915 |
| | | Inspection |
| 2 A list of EP and Security onsite and offsite digital communication systems Overall (Provide EP asset list only if you have NOT reclassified items)
| | Miscellaneous EN-IT-103-08 Attachment 2 for L3 Kiosk (Unannounced drill)1/11/2023 |
| | | ANO-CDA-1902-NEI 13-10 Indirect CDA Assessment - Level 3 Remediation |
| 3 Network Topology Diagrams to include information and data flow for critical Overall systems in levels 2, 3 and 4 (If available)
| | 00009 Rack CDAs |
| | | ANO-CDA-1905-C619-DD PA Security Data Diode (SEC ANO1) |
| 4 Ongoing Monitoring and Assessment program documentation 03.01(a)
| | 00017 |
| | | ANO-CDA-2007-SIEM white paper and assessment combined document. |
| 5 The most recent effectiveness analysis and self-assessments of the 03.01(b)
| | 00006 |
| Cybersecurity Program
| | CDA-1701-00204 Technical Controls 08-09 Assessment |
| | | CDA-2211-00003 Plant Monitoring Computer System NEI 13-10 EP and |
| 6 Portable Media and Mobile Device control documentation, including kiosk 03.02(e)
| | Indirect Combined Assessment |
| security control assessment/documentation
| | CDA-2311-00001 Sally Port Security Equipment NEI 08-09 Direct Assessment |
| | | Checklist OIT-Employee Off Boarding - Account Management 08/28/2023 |
| 7 Design change/modification program documentation and a list of all cyber- 03.03(a)
| | F-BIT-SQA Software Quality Assurance (SQA} Training 0 |
| related design changes completed since the last two cybersecurity inspections, including either a summary describing the design change or the 50.59 documentation for the change.
| | FCBT-BIT-SQA Software Quality Assurance (SQA} Training 0 |
| | | FCBT-CSG-Generic Cyber Security Awareness 2 |
| 8 Supply Chain Management documentation including any security impact 03.03(a), (b)
| | CSCNAN |
| analysis for new acquisitions and (c)
| | FCBT-ESPP-Maintain Cyber Security Technical Controls 0 |
| | | CYBRINV |
| 9 Cybersecurity Plan and any 50.54(p) analysis to support changes to the plan 03.04(a)
| | FCBT-ESPP-Cyber Security Walkdowns 0 |
| since the last inspection
| | WLKDWN |
| | | Inspection Type Designation Description or Title Revision or |
| 10 Cybersecurity Metrics tracked (if applicable) 03.06 (b)
| | Procedure Date |
| | | FCBT-GET-PDM Control of Portable Digital Media 9 |
| ARKANSAS NUCLEAR ONE CYBERSECURITY INSPECTION DOCUMENT REQUEST
| | FCBT-IT-CSAT Security Assessment Team (CSAT) Activities 0 |
| | | FCBT-lT-NCIRT Nuclear Cyber Incident Response Team 0 |
| Table RFI #1
| | FCBT-SEC-CSGI Protection Of Unclassified Safeguards & Safeguards 9 |
| | | Information-Modified Handling |
| Section 3,
| | FFAM-IT-CDAA Job Familiarization Guide for Perform CDA Assessor 0 |
| | | Activities |
| Paragraph Number/Title: IP Ref. Items
| | FFAM-IT-Portable Digital Media Lap11op Hardening and Scanning 1 |
| | | LAPHARDN |
| 11 Provide copies of all cybersecurity program related procedures and policies Overall with their descriptive name and associated number (if available)
| | FFAM-IT-Portable Digital Media Kiosk Maintenance and Media 1 |
| | | MEDIASCAN Scanning |
| 12 Performance testing report (if applicable) 03.06 (a)
| | FLP-ESP-CDA Critical Digital Asset Assessor 2 |
| | | LO-ALO-2023-Cyber Security Program Effectiveness Review |
| 13 Corrective actions taken as a result of cybersecurity incidents/issues to 03.05 include previous NRC violations and Licensee Identified Violations since two previous cybersecurity inspections
| | 00040 |
| | | SIEM White White paper describing Entergys site Cyber Security |
| In addition to the above information please provide the following:
| | Paper Monitoring System (CSMS) |
| | | Whitepaper Vulnerability Management Recovery Plan - 2024 ANO |
| (1) Electronic copy of the UFSAR, technical specifications, and Operating Licenses.
| | Inspection |
| | | Whitepaper XR-Actions taken on Northpoint Receiving Warehouse X-Ray |
| (2) Name(s) and phone numbers for the regulatory and technical contacts.
| | Machine |
| | | WT-WTANO-Level Specific Firmware Protected Devices 05/20/2023 |
| (3) Current management and engineering organizational charts.
| | 23-00152 |
| | | Procedures 0CAN021802 ANO Cyber Security Plan Arkansas Nuclear One - Units 1 2 |
| Based on this information, the inspection team will identify and select specific systems and equipment (e.g., CSs/CDAs) from the information requested by Table RFI #1 and submit a list of specific systems and equipment to your staff by June 21, 2024, for the second RFI (i.e., RFI #2).
| | and 2 Docket Nos. 50-313 and 50-368 |
| | | CSWI-1250 Change CDA Passwords Work Instructions 12/20/2018 |
| II. Additional Information Requested to be Available Prior to Inspection.
| | CSWI-1255 Review of Audit Log Records (Logical) Work Instructions 3 |
| | | CSWI-1270 Account Management Work Instructions 4 |
| As stated in Section I above, the inspection team will examine the returned documentation requested from Table RFI #1 and submit the list of specific systems and equipment to your staff by June 21, 2024, for the second RFI (i.e., RFI #2). The second RFI will request additional information required to evaluate the CSs/CDAs, defensive architecture, and the areas of the licensees CSP selected for the cybersecurity inspection. The additional information requested for the specific systems and equipment is identified in Table RFI #2. All requested information shall follow the guidance document referenced above.
| | CSWI-1280 Monthly Operational Review and Verification of the SIEM 10/8/2020 |
| | | Infrastructure Work Instructions |
| The Table RFI #2 information shall be provided in an online document repository or on digital media (CD/DVD) to the lead inspector by July 19, 2024. The preferred file format for all lists is a searchable Excel spreadsheet file. The information should be indexed and hyper-linked to facilitate ease of use. If you have any questions regarding this information, please contact the inspection team leader as soon as possible
| | EN-EP-202-01 ANO EITER (Equipment Important To Emergency 2 |
| | | Response) Matrix |
| ARKANSAS NUCLEAR ONE CYBERSECURITY INSPECTION DOCUMENT REQUEST
| | EN-IT-103-01 Control of Portable Digital Media Connected to Critical Digital 14 |
| | | Assets |
| Table RFI #2
| | EN-IT-103-02 Cyber Security Periodic Activities 8 |
| | | Inspection Type Designation Description or Title Revision or |
| Section 3, IP Ref.
| | Procedure Date |
| | | EN-IT-103-06 Audit & Accountability 1 |
| Paragraph Number/Title: Items
| | EN-IT-103-12 Cyber Security Configuration and Change Management 4 |
| | | EN-IT-103-14 Vulnerability Management 2 |
| For the system(s) chosen for inspection provide:
| | EN-IT-104 Software Quality Assurance Program 16 |
| | | EN-TQ-131 Nuclear Cyber Security Training & Qualifications 3 |
| 1 Ongoing Monitoring and Assessment activity performed on the selected 03.01(a)
| | Work Orders 54137012, 54126919, 54115753, 54067379 |
| system(s)
| |
| | |
| 2 All Security Control Assessments for the selected system(s) 03.01(a)
| |
| | |
| 3 All vulnerability screenings/assessments associated with, or scans 03.01(c)
| |
| performed on the selected system(s) since the last cybersecurity inspection
| |
| | |
| Documentation (including configuration files and rules sets) for Network-4 based Intrusion Detection/Protection Systems (NIDS/NIPS), Host-based Intrusion Detection Systems (HIDS), and Security Information and Event 03.02(b)
| |
| Management (SIEM) systems for system(s) chosen for inspection
| |
| | |
| Documentation (including configuration files and rule sets) for intra-security 5 level firewalls and boundary devices used to protect or isolate the selected 03.02(c)
| |
| system(s)
| |
| | |
| 6 Copies of all periodic reviews of the access authorization list for the selected 03.02(d)
| |
| systems since the last inspection
| |
| | |
| 7 Baseline configuration information for the selected CDAs 03.03(a)
| |
| | |
| 8 Documentation of any changes, including Security Impact Analyses, 03.03(b)
| |
| performed on the selected system(s) since the last inspection
| |
| | |
| 9 Copies of the purchase order documentation for any new equipment 03.03(c)
| |
| purchased for the selected systems since the last inspection
| |
| | |
| 10 Copies of any reports/assessment for cybersecurity drills performed since 03.02(a)
| |
| the last inspection. 03.04(b)
| |
| | |
| 11 Copy of the individual recovery plan(s) for the selected system(s) including 03.02(a)
| |
| documentation of the results the last time the backups were executed. 03.04(b)
| |
| | |
| 12 Vulnerability screening/assessment and scan program documentation 03.01(c)
| |
| | |
| 13 Cybersecurity Incident response documentation, including incident 03.02(a)
| |
| detection, response, and recovery documentation as well as contingency and plan development, implementation and including any program 03.04(b)
| |
| documentation that requires testing of security boundary device functionality
| |
| | |
| 14 Device Access and Key Control documentation 03.02(c)
| |
| | |
| 15 User Account/Credential documentation 03.02(d)
| |
| | |
| ARKANSAS NUCLEAR ONE CYBERSECURITY INSPECTION DOCUMENT REQUEST
| |
| | |
| Table RFI #2
| |
| | |
| Section 3, IP Ref.
| |
| | |
| Paragraph Number/Title: Items
| |
| | |
| 16 Password/Authenticator documentation 03.02(c)
| |
| | |
| 17 Portable Media and Mobile Device control documentation, including 03.02(e)
| |
| Scanning Station/Kiosk security control assessment/documentation | |
| | |
| 18 Configuration Management documentation including any security impact 03.03(a)
| |
| analysis performed due to configuration changes since the last inspection and (b)
| |
| | |
| 19 Provide documentation describing any cybersecurity changes to the access Overall authorization program since the last cybersecurity inspection.
| |
| | |
| III. Information Requested to be Available on First Day of Inspection
| |
| | |
| For the specific systems and equipment identified in Section II above, provide the following RFI (i.e., Table - Onsite Week) to the team by August 19, 2024, the first day of the inspection. All requested information shall follow the guidance document referenced above.
| |
| | |
| The preferred file format for all lists is a searchable Excel spreadsheet file. The information should be indexed and hyper-linked to facilitate ease of use. If you have any questions regarding this information, please contact the inspection team leader as soon as possible.
| |
| | |
| Table - Onsite Week
| |
| | |
| Section 3, Paragraph Number/Title: Items
| |
| | |
| 1 Any cybersecurity event reports submitted in accordance with 03.04(a) | |
| 10 CFR 73.77 since the last cybersecurity inspection
| |
| | |
| Updated Copies of corrective actions taken as a result of cyber 2 security incidents/issues, to include previous NRC violations and 03.04(d)
| |
| Licensee Identified Violations since the last cybersecurity inspection, as well as vulnerability-related corrective actions
| |
| | |
| In addition to the above information please provide the following:
| |
| | |
| (1) Copies of the following documents do not need to be solely available to the inspection team as long as the inspectors have easy and unrestrained access to them:
| |
| | |
| a. Updated Final Safety Analysis Report, if not previously provided;
| |
| | |
| b. Original SER and Supplements related to cybersecurity;
| |
| | |
| c. FSAR Question and Answers related to cybersecurity;
| |
| | |
| ARKANSAS NUCLEAR ONE CYBERSECURITY INSPECTION DOCUMENT REQUEST
| |
| | |
| d. Quality Assurance Plan;
| |
| | |
| e. Technical Specifications, if not previously provided;
| |
| | |
| f. Operating License(s), if not previously provided.
| |
| | |
| (2) Vendor Manuals, Assessments and Corrective Actions:
| |
| | |
| a. The most recent Cybersecurity Quality Assurance (QA) audit and/or self-assessment; and
| |
| | |
| b. Corrective action documents (e.g., condition reports, including status of corrective actions) generate as a result of the most recent Cybersecurity Quality Assurance (QA) audit and/or self-assessment.
| |
| | |
| IV. Information Requested To Be Provided Throughout the Inspection
| |
| | |
| (1) Copies of any corrective action documents generated as a result of the inspection teams questions or queries during the inspection.
| |
| | |
| (2) Copies of the list of questions submitted by the inspection team members and the status/resolution of the information requested (provided daily during the inspection to each inspection team member).
| |
| | |
| If you have any questions regarding the information requested, please contact the inspection team leader.
| |
|
| |
|
| 7 | | 7 |
| }} | | }} |
|
|---|
Category:Inspection Report
MONTHYEARIR 05000368/20253012024-09-0909 September 2024
Notification of NRC Initial Operator Licensing Examination 05000368/2025301
IR 05000313/20240112024-09-0505 September 2024
Comprehensive Engineering Team Inspection Report 05000313/2024011 and 05000368/2024011
IR 05000313/20240052024-08-21021 August 2024
Updated Inspection Plan for Arkansas Nuclear One – Units 1 and 2 (Report 05000313/2024005, 05000368/2024005)
IR 05000313/20240022024-08-0606 August 2024
Integrated Inspection Report 05000313/2024002 and 05000368/2024002
IR 05000313/20240012024-05-0808 May 2024
Integrated Inspection Report 05000313/2024001 and 05000368/2024001
IR 05000313/20244042024-04-0808 April 2024
Information Request for the Cybersecurity Baseline Inspection, Notification to Perform Inspection (05000313/2024404 and 05000368/2024404)
IR 05000313/20244022024-04-0808 April 2024
Security Baseline Inspection Report 05000313/2024402 and 05000368/2024402 (Full Report)
IR 05000313/20230062024-02-28028 February 2024
Annual Assessment Letter for Arkansas Nuclear One- Units 1 and 2 Report 05000313/2023006 and 05000368/2023006
IR 05000313/20243012024-02-27027 February 2024
NRC Initial Operator Licensing Examination Approval 05000313/2024301
IR 05000313/20230042024-02-0808 February 2024
Integrated Inspection Report 05000313/2023004 and 05000368/2023004 and Independent Spent Fuel Storage Installation Inspection Report 07200013/2023002
IR 05000313/20234202024-01-10010 January 2024
Security Baseline Inspection Report 05000313/2023420 and 05000368/2023420
IR 05000313/20234022024-01-0202 January 2024
Security Baseline Inspection Report 05000313/2023402 and 05000368/2023402
IR 05000313/20234052023-12-12012 December 2023
– Security Baseline Inspection Report 05000313/2023405 and 05000368/2023405
IR 05000313/20230032023-11-21021 November 2023
Revised - ANO Revised Integrated Inspection Report 05000313/2023003 and 05000368/2023003 and Independent Spent Fuel Storage Installation Inspection Report 07200013/ 2023001
ML23313A0962023-11-13013 November 2023
Integrated Inspection Report 05000313/2023003 and 05000368/2023003 and Independent Spent Fuel Storage Installation Inspection Report 07200013/2023001
IR 05000313/20230112023-10-10010 October 2023
Commercial Grade Dedication Inspection Report 05000313/2023011 and 05000368/2023011
IR 05000313/20230102023-09-20020 September 2023
Biennial Problem Identification and Resolution Inspection Report 05000313/2023010 and 05000368/2023010
IR 05000313/20230052023-08-21021 August 2023
Updated Inspection Plan for Arkansas Nuclear One, Units 1 and 2 (Report 05000313/2023005 and 05000368/2023005) - Mid Cycle
IR 05000313/20230022023-08-11011 August 2023
Integrated Inspection Report 05000313/2023002 and 05000368/2023002 and Notice of Violation
IR 05000416/20230022023-08-0808 August 2023
Integrated Inspection Report 05000416/2023002 and Independent Spent Fuel Storage Installation Inspection Report 07200050/2023001
IR 05000313/20234032023-06-28028 June 2023
Security Baseline Inspection Report 05000313/2023403 and 05000368/2023403
IR 05000313/20234012023-06-13013 June 2023
Cyber Security Inspection Report 05000313/2023401 and 05000368/2023401
IR 05000313/20230012023-05-0909 May 2023
Integrated Inspection Report 05000313/2023001 and 05000368/2023001
IR 05000368/20233012023-05-0101 May 2023
NRC Examination Report 05000368/2023301
IR 05000313/20220062023-03-0101 March 2023
Annual Assessment Letter for Arkansas Nuclear One Units 1 and 2 (Report 05000313/2022006 and 05000368/2022006)
IR 05000313/20220042023-01-26026 January 2023
Integrated Inspection Report 05000313/2022004 and 05000368/2022004 - 4th Quarter
IR 05000313/20220032022-11-0909 November 2022
Integrated Inspection Report 05000313/2022003 and 05000368/2022003 and Exercise of Enforcement Discretion
ML22301A1532022-11-0909 November 2022
Notice of Violation NRC Inspection Report 05000313/2022011 and 05000368/2022011
IR 05000313/20220112022-11-0909 November 2022
Notice of Violation NRC Inspection Report 05000313/2022011 and 05000368/2022011
ML22308A1912022-11-0606 November 2022
Information Request for the Cybersecurity Baseline Inspection, Notification to Perform Inspection 05000313/2023401 and 05000368/2023401
IR 05000313/20224012022-10-20020 October 2022
Security Baseline Inspection Report 05000313/2022401 and 05000368/2022401
IR 05000313/20220502022-09-26026 September 2022
Special Inspection Reactive Report 05000313 2022050 and 05000368 2022050 Cover Letter Only
ML22208A1282022-08-0404 August 2022
(2nd Quarter) Inspection Report 2022 002
IR 05000313/20224032022-06-23023 June 2022
Security Baseline Inspection Report 05000313/2022403 and 05000368/2022403
IR 05000313/20223012022-06-15015 June 2022
NRC Examination Report 05000313/2022301
IR 05000313/20210132022-05-17017 May 2022
License Renewal Phase 4 Inspection Report 05000313/2021013
IR 05000313/20220012022-05-10010 May 2022
Integrated Inspection Report 05000313/2022001 and 05000368/2022001
IR 05000313/20220102022-03-14014 March 2022
Triennial Fire Protection Inspection Report 05000313/2022010 and 05000368/2022010
IR 05000313/20210062022-03-0202 March 2022
Annual Assessment Letter for Arkansas Nuclear One, Units 1 & 2 (Report 05000313/2021006 and 05000368/2021006)
ML22047A2702022-02-23023 February 2022
Security Baseline Inspection Report 05000313/2022403 and 05000368/2022403
IR 05000313/20210042022-02-0404 February 2022
Integrated Inspection Report 05000313/2021004 and 05000368/2021004
ML22011A0992022-01-14014 January 2022
IR 2021012 EOI CO3
IR 05000313/20210102022-01-13013 January 2022
Biennial Problem Identification and Resolution Inspection Report 05000313/2021010 and 05000368/2021010
IR 05000313/20210032021-11-0505 November 2021
Integrated Inspection Report 05000313/2021003 and 05000368/2021003
IR 05000313/20210112021-09-23023 September 2021
Design Basis Assurance Inspection (Teams) Inspection Report 05000313/2021011 and 05000368/2021011
IR 05000313/20214012021-08-10010 August 2021
Security Baseline Inspection Report 05000313/2021401 and 05000368/2021401
IR 05000313/20210022021-08-0909 August 2021
Integrated Inspection Report 05000313/2021002 and 05000368/2021002
IR 05000368/20213012021-05-17017 May 2021
NRC Examination Report 05000368/2021301
IR 05000313/20210012021-05-0606 May 2021
Integrated Inspection Report 05000313/2021001 and 05000368/2021001
ML21095A3162021-04-13013 April 2021
ANO 2021402-Non SGI Rcl
2024-09-09
[Table view]
Category:Letter
MONTHYEARML24295A1202024-10-21021 October 2024
Relief Request ANO2-RR-24-001, Half-Nozzle Repair of Reactor Vessel Closure Head Penetration 71
ML24185A2602024-10-0404 October 2024
Issuance of Amendment No. 335 to Revise Typographical Errors in Technical Specifications
IR 05000368/20253012024-09-0909 September 2024
Notification of NRC Initial Operator Licensing Examination 05000368/2025301
ML24255A8642024-09-0606 September 2024
Rscc Wire & Cable LLC Dba Marmon Industrial Energy & Infrastructure - Part 21 Retraction of Final Notification
IR 05000313/20240112024-09-0505 September 2024
Comprehensive Engineering Team Inspection Report 05000313/2024011 and 05000368/2024011
ML24239A3972024-08-23023 August 2024
Rssc Wire & Cable LLC Dba Marmon - Part 21 Final Notification - 57243-EN 57243
ML24198A0722024-08-21021 August 2024
Correction to Issuance of Amendment No. 333 Revision to Technical Specifications to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times - RITSTF Initiative 4b
IR 05000313/20240052024-08-21021 August 2024
Updated Inspection Plan for Arkansas Nuclear One – Units 1 and 2 (Report 05000313/2024005, 05000368/2024005)
ML24220A2642024-08-20020 August 2024
Entergy Operations, Inc. - Entergy Fleet Project Manager Assignment
ML24185A1522024-08-13013 August 2024
Issuance of Amendment Nos. 334, 235, and 215, Respectively, to Revise TSs to Adopt TSTF-205
IR 05000313/20240022024-08-0606 August 2024
Integrated Inspection Report 05000313/2024002 and 05000368/2024002
ML24208A0962024-07-25025 July 2024
57243-EN 57243 - Rssc Wire & Cable LLC, Dba Marmon - Part 21 Notification
05000313/LER-2024-001, Source Range Nuclear Instrument Failure Resulting in Condition Prohibited by Technical Specifications2024-07-0101 July 2024
Source Range Nuclear Instrument Failure Resulting in Condition Prohibited by Technical Specifications
ML24101A1792024-06-25025 June 2024
Issuance of Amendment No. 333 Revision to Technical Specifications to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times - RITSTF Initiative 4b
ML24143A0632024-05-22022 May 2024
Notification of Inspection (NRC Inspection Report 05000368/2024003) and Request for Information
IR 05000313/20240012024-05-0808 May 2024
Integrated Inspection Report 05000313/2024001 and 05000368/2024001
ML24128A2472024-05-0808 May 2024
Project Manager Assignment
ML24017A2982024-04-18018 April 2024
Summary of Regulatory Audit Regarding the License Amendment Request to Revise Technical Specifications to Adopt TSTF 505, Revision 2, Provide Risk-Informed Extended Completion Times RITSTF Initiative 4b
ML24107A0282024-04-17017 April 2024
Notification of Comprehensive Engineering Team Inspection (05000313/2024011 and 05000368/2024011) and Request for Information
ML24086A5412024-04-10010 April 2024
Authorization of Request for Alternative ANO1-ISI-037 Regarding Extension of Reactor Vessel Inservice Inspection Interval
IR 05000313/20244022024-04-0808 April 2024
Security Baseline Inspection Report 05000313/2024402 and 05000368/2024402 (Full Report)
IR 05000313/20244042024-04-0808 April 2024
Information Request for the Cybersecurity Baseline Inspection, Notification to Perform Inspection (05000313/2024404 and 05000368/2024404)
ML24089A2262024-03-29029 March 2024
Entergy Response to Regulatory Issue Summary 2024-01, Preparation and Scheduling of Operator Licensing Exams
ML24075A1712024-03-15015 March 2024
Nuclear Onsite Property Damage Insurance (10 CFR 50.54(w)(3))
ML24031A6442024-03-14014 March 2024
Issuance of Amendment No. 282 to Modify Technical Specification 3.3.1, Reactor Pressure System (RPS) Instrumentation, Turbine Trip Function on Low Control Oil Pressure
ML24074A2892024-03-14014 March 2024
Proof of Financial Protection (10 CFR 140.15)
ML24102A1342024-03-12012 March 2024
AN1-2024-03 Post Exam Submittal
IR 05000313/20230062024-02-28028 February 2024
Annual Assessment Letter for Arkansas Nuclear One- Units 1 and 2 Report 05000313/2023006 and 05000368/2023006
IR 05000313/20243012024-02-27027 February 2024
NRC Initial Operator Licensing Examination Approval 05000313/2024301
IR 05000313/20230042024-02-0808 February 2024
Integrated Inspection Report 05000313/2023004 and 05000368/2023004 and Independent Spent Fuel Storage Installation Inspection Report 07200013/2023002
ML24012A0502024-02-0202 February 2024
Exemption from Select Requirements of 10 CFR Part 73 (EPID L-2023-LLE-0054 (Security Notifications, Reports, and Recordkeeping and Suspicious Activity Reporting))
ML23326A0392024-01-24024 January 2024
Issuance of Amendment No. 281 Revision to Technical Specifications to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times - RITSTF Initiative 4b
ML24017A1582024-01-17017 January 2024
Submittal of Emergency Plan Revision 50
IR 05000313/20234202024-01-10010 January 2024
Security Baseline Inspection Report 05000313/2023420 and 05000368/2023420
IR 05000313/20234022024-01-0202 January 2024
Security Baseline Inspection Report 05000313/2023402 and 05000368/2023402
ML23354A0022023-12-21021 December 2023
Request for Withholding Information from Public Disclosure
ML23349A1672023-12-21021 December 2023
Request for Withholding Information from Public Disclosure
ML23348A3572023-12-14014 December 2023
Application to Revise Technical Specifications to Use Online Monitoring Methodology – Slides and Affidavit for Pre-Submittal Meeting
ML23340A1592023-12-13013 December 2023
Entergy Operations, Inc. - Entergy Fleet Project Manager Assignment
ML23352A0292023-12-13013 December 2023
Entergy - 2024 Nuclear Energy Liability Evidence of Financial Protection
IR 05000313/20234052023-12-12012 December 2023
– Security Baseline Inspection Report 05000313/2023405 and 05000368/2023405
ML23341A0832023-12-11011 December 2023
– Material Control and Accounting Program Inspection Report 05000313/368/2023404- Cover Letter
ML23305A0922023-12-0707 December 2023
Summary of Regulatory Audit Regarding License Amendment Request to Revise Technical Specifications to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times RITSTF Initiative 4b
ML23333A1362023-11-29029 November 2023
Supplement to Request for Exemption from Enhanced Weapons, Firearms Background Checks, and Security Event Notifications Implementation
ML23275A2072023-11-28028 November 2023
Issuance of Amendment No. 280 Removal of Technical Specification Condition Allowing Two Reactor Coolant Pump Operation
ML23325A1412023-11-21021 November 2023
Request for Exemption from Enhanced Weapons, Firearms Background Checks, and Security Event Notifications Implementation
IR 05000313/20230032023-11-21021 November 2023
Revised - ANO Revised Integrated Inspection Report 05000313/2023003 and 05000368/2023003 and Independent Spent Fuel Storage Installation Inspection Report 07200013/ 2023001
ML23243B0452023-11-13013 November 2023
Request for Withholding Information from Public Disclosure
ML23313A0962023-11-13013 November 2023
Integrated Inspection Report 05000313/2023003 and 05000368/2023003 and Independent Spent Fuel Storage Installation Inspection Report 07200013/2023001
ML23311A2082023-11-0909 November 2023
Reassignment of U.S. Nuclear Regulatory Commission Branch Chief in the Division of Operating Reactor Licensing for Plant Licensing Branch IV
2024-09-09
[Table view] |
Text
August 29, 2024
SUBJECT:
ARKANSAS NUCLEAR ONE - CYBERSECURITY INSPECTION REPORT 05000313/2024404 AND 05000368/2024404
Dear Doug Pehrson:
On August 22, 2024, the U.S. Nuclear Regulatory Commission (NRC) completed an inspection at Arkansas Nuclear One. On August 22, 2024, the NRC inspectors discussed the results of this inspection with Brian Patrick, Director, Regulatory & Performance Improvement and other members of your staff. The results of this inspection are documented in the enclosed report.
No findings or violations of more than minor significance were identified during this inspection.
This letter, its enclosure, and your response (if any) will be made available for public inspection and copying at http://www.nrc.gov/reading-rm/adams.html and at the NRC Public Document Room in accordance with Title 10 of the Code of Federal Regulations 2.390, Public Inspections, Exemptions, Requests for Withholding.
Sincerely, Nicholas H. Taylor, Chief Engineering Branch 2 Division of Operating Reactor Safety Docket Nos. 05000313, 05000368 License Nos. DPR-51, NPF-6
Enclosure:
As stated
Inspection Report
Docket Numbers: 05000313 and 05000368
License Numbers: DPR-51 and NPF-6
Report Numbers: 05000313/2024404 and 05000368/2024404
Enterprise Identifier: I-2024-404-0010
Licensee: Entergy Operations, Inc.
Facility: Arkansas Nuclear One
Location: Russellville, AR
Inspection Dates: August 19, 2024, to August 22, 2024
Inspectors: J. Drake, Senior Reactor Inspector S. Graves, Senior Reactor Inspector
Approved By: Nicholas H. Taylor, Chief Engineering Branch 2 Division of Operating Reactor Safety
Enclosure
SUMMARY
The U.S. Nuclear Regulatory Commission (NRC) continued monitoring the licensees performance by conducting a cybersecurity inspection at Arkansas Nuclear One, in accordance with the Reactor Oversight Process. The Reactor Oversight Process is the NRCs program for overseeing the safe operation of commercial nuclear power reactors. Refer to https://www.nrc.gov/reactors/operating/oversight.html for more information.
List of Findings and Violations
No findings or violations of more than minor significance were identified.
Additional Tracking Items
None.
INSPECTION SCOPES
Inspections were conducted using the appropriate portions of the inspection procedures (IPs) in effect at the beginning of the inspection unless otherwise noted. Currently approved IPs with their attached revision histories are located on the public website at http://www.nrc.gov/reading-rm/doc-collections/insp-manual/inspection-procedure/index.html. Samples were declared complete when the IP requirements most appropriate to the inspection activity were met consistent with Inspection Manual Chapter (IMC) 2201, Security Inspection Program for Commercial Nuclear Power Reactors. The inspectors reviewed selected procedures and records, observed activities, and interviewed personnel to assess licensee performance and compliance with Commission rules and regulations, license conditions, site procedures, and standards.
SAFEGUARDS
Cybersecurity (1 Sample)
- (1) The team reviewed implementation of Arkansas Nuclear Ones Cybersecurity Plan (CSP) and focused on evaluating changes to the program, critical systems, and critical digital assets (CDAs).
The following IP sections were completed and constitute completion of 1 sample:
- 03.01, Review Ongoing Monitoring and Assessment Activities
- 03.02, Verify Defense-in-Depth Protective Strategies (Partial)
- 03.03, Review of Configuration Management Change Control (Partial)
- 03.05, Evaluation of Corrective Actions
The inspection reviewed the following cybersecurity program change:
- EC-54065725 Sallyport Security and Cybersecurity Upgrades
The team reviewed boundary device configurations, procedures and processes, staff training, and incident response implementation procedures.
- C619-DD 4 (Canary CT20SD)
- C629-NIDS-0000626856 (M920 IPS-NS3200 /M920)
The team also reviewed the following CDAs and their coverage by the cybersecurity plan.
- C618-ADA (PA Active Directory Server)
- 2C324-IDS1 (Level 3 NIDS McAfee IPS-NS3200 Dell R610)
INSPECTION RESULTS
No findings were identified.
EXIT MEETINGS AND DEBRIEFS
The inspectors verified no proprietary information was retained or documented in this report.
- On August 22, 2024, the inspectors presented the cyber security inspection results to Brian Patrick, Director, Regulatory & Performance Improvement and other members of the licensee staff.
DOCUMENTS REVIEWED
Inspection Type Designation Description or Title Revision or
Procedure Date
71130.10 Corrective Action CR-ANO-C-2022-02184, C-2023-00106, C-2023-00386, C-2023-
Documents 00390, C-2023-00425, C-2023-00427, C-2023-00429, C-
23-00432, C-2023-00433, C-2023-00434, C-2023-00435,
C-2023-00436, C-2023-00437, C-2024-00580, C-2024-
00581, C-2023-00109, C-2024-01401, C-2024-01402, C-
24-01403, C-2024-01404, C-2024-01407, C-2024-01415,
CR-HQN-2022-01377, 2023-00042, 2023-00146, 2023-00161, 2023-
00486, 2023-03651, 2024-00285, 2024-00893
Corrective Action CR-ANO-C-2024-01428, C-2024-01429, C-2024-01442, C-2024-
Documents 01444
Resulting from CR-HQN-2024-00907, 2020-00908, 2024-00914, 2024-00915
Inspection
Miscellaneous EN-IT-103-08 Attachment 2 for L3 Kiosk (Unannounced drill)1/11/2023
ANO-CDA-1902-NEI 13-10 Indirect CDA Assessment - Level 3 Remediation
00009 Rack CDAs
ANO-CDA-1905-C619-DD PA Security Data Diode (SEC ANO1)
00017
ANO-CDA-2007-SIEM white paper and assessment combined document.
00006
CDA-1701-00204 Technical Controls 08-09 Assessment
CDA-2211-00003 Plant Monitoring Computer System NEI 13-10 EP and
Indirect Combined Assessment
CDA-2311-00001 Sally Port Security Equipment NEI 08-09 Direct Assessment
Checklist OIT-Employee Off Boarding - Account Management 08/28/2023
F-BIT-SQA Software Quality Assurance (SQA} Training 0
FCBT-BIT-SQA Software Quality Assurance (SQA} Training 0
FCBT-CSG-Generic Cyber Security Awareness 2
CSCNAN
FCBT-ESPP-Maintain Cyber Security Technical Controls 0
CYBRINV
FCBT-ESPP-Cyber Security Walkdowns 0
WLKDWN
Inspection Type Designation Description or Title Revision or
Procedure Date
FCBT-GET-PDM Control of Portable Digital Media 9
FCBT-IT-CSAT Security Assessment Team (CSAT) Activities 0
FCBT-lT-NCIRT Nuclear Cyber Incident Response Team 0
FCBT-SEC-CSGI Protection Of Unclassified Safeguards & Safeguards 9
Information-Modified Handling
FFAM-IT-CDAA Job Familiarization Guide for Perform CDA Assessor 0
Activities
FFAM-IT-Portable Digital Media Lap11op Hardening and Scanning 1
LAPHARDN
FFAM-IT-Portable Digital Media Kiosk Maintenance and Media 1
MEDIASCAN Scanning
FLP-ESP-CDA Critical Digital Asset Assessor 2
LO-ALO-2023-Cyber Security Program Effectiveness Review
00040
SIEM White White paper describing Entergys site Cyber Security
Paper Monitoring System (CSMS)
Whitepaper Vulnerability Management Recovery Plan - 2024 ANO
Inspection
Whitepaper XR-Actions taken on Northpoint Receiving Warehouse X-Ray
Machine
WT-WTANO-Level Specific Firmware Protected Devices 05/20/2023
23-00152
Procedures 0CAN021802 ANO Cyber Security Plan Arkansas Nuclear One - Units 1 2
and 2 Docket Nos. 50-313 and 50-368
CSWI-1250 Change CDA Passwords Work Instructions 12/20/2018
CSWI-1255 Review of Audit Log Records (Logical) Work Instructions 3
CSWI-1270 Account Management Work Instructions 4
CSWI-1280 Monthly Operational Review and Verification of the SIEM 10/8/2020
Infrastructure Work Instructions
EN-EP-202-01 ANO EITER (Equipment Important To Emergency 2
Response) Matrix
EN-IT-103-01 Control of Portable Digital Media Connected to Critical Digital 14
Assets
EN-IT-103-02 Cyber Security Periodic Activities 8
Inspection Type Designation Description or Title Revision or
Procedure Date
EN-IT-103-06 Audit & Accountability 1
EN-IT-103-12 Cyber Security Configuration and Change Management 4
EN-IT-103-14 Vulnerability Management 2
EN-IT-104 Software Quality Assurance Program 16
EN-TQ-131 Nuclear Cyber Security Training & Qualifications 3
Work Orders 54137012, 54126919, 54115753, 54067379
7
