GNRO-2012/00062, Grand Gulf, Unit 1, License Amendment Request - Cyber Security Plan Implementation Schedule Milestones. (Need a Publicly Available Version of ML122120350 Excludes Sections 1, 2 & 3 of Attachment 1 (Page 1 of 5 & Page 2 of 5) & Attach

From kanterella
Revision as of 09:57, 13 October 2018 by StriderTol (talk | contribs) (Created page by program invented by StriderTol)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Grand Gulf, Unit 1, License Amendment Request - Cyber Security Plan Implementation Schedule Milestones. (Need a Publicly Available Version of ML122120350 Excludes Sections 1, 2 & 3 of Attachment 1 (Page 1 of 5 & Page 2 of 5) & Attachment 4.
ML12215A381
Person / Time
Site: Grand Gulf Entergy icon.png
Issue date: 06/27/2012
From: Mike Perito
Entergy Operations
To:
Document Control Desk, Office of Nuclear Reactor Regulation
References
GNRO-2012/00062
Download: ML12215A381 (13)
v  d  e


Text

'c En tergy Enterf Opeatons, Inc-P.O. Box 756 Por¢t Giso. MbAo 39150 Port Wxon Wnhoicd 39150 Mike PwttoPresKent Opau Grand Gulf Nud, r Swaon Tel. (801) 4374o0 10 CFR 2.390 Attachments Withheld GNRO-2012/00062 June 27, 2012 U.S. Nuclear Regulatory Commission Attn: Document Control Desk Washington, DC 20555

SUBJECT:

References:

License Amendment Request -Cyber Security Plan Implementation Schedule Milestones Grand Gulf Nuclear Station -Unit 1 Docket Nos. 50-416 License No. NPF-29 1. NRC letter to Entergy, Issuance of Amendment Re: Approval of Cyber Security Plan, dated July 27, 2011 (GNRI-201 1/00088)2. Entergy letter to NRC, Response to Additional Requests for Additional Information and Revision to the GGNS Cyber Security Plan, dated April 4,2011 (GNRO-2011/00020)

Dear Sir or Madam:

In Reference 1, the NRC issued license Amendment No. 186 to the Facility Operating License for Grand Gulf Nuclear Station (GGNS) that approved the GGNS Cyber Security Plan-and associated implementation milestone schedule.

The Cyber Security Plan Implementation Schedule contained in Reference 2 was utilized, as a portion of the basis for the NRC's safety evaluation report provided by Reference

1. Entergy Operations, Inc.(Entergy) is planning to implement the requirements of Implementation Schedule Milestone 6 in a slightly different manner than described in the approved Implementation Schedule.Although no change to the Implementation Schedule date is proposed, the change to the description of the milestone activity is conservatively considered to be a change to the Implementation Schedule, and in accordance with the provisions of 10 CFR 50.4 and 10 CFR 50.90, Entergy is submitting this request for an amendment to the Facility Operating License for GGNS. The GGNS Cyber Security Plan, Revision 0 was previously provided in Reference 2.Attachment 1 provides an evaluation of the proposed change. Attachment 2 contains proposed marked-up operating license pages for the Physical Protection license condition for GGNS to reference the commitment change provided in this submittal.

Attachment 3 contains the proposed revised operating license pages. Attachment 4 contains a change to This letter contains security-related information

-Attachments I and 4 are withheld from public disclosure per 10 CFR 2.390 3,coi~be~ct1xcateA GNRO-2012/00062 Page 2 of 3 This letter contains security-related information

-Attachments I and 4 are withheld from public disclosure per 10 CFR 2.390 the scope of Implementation Milestone

6. Entergy requests that Attachments 1 (Sections 1, 2, and 3) and 4 which contain security-related information (SRI) be withheld from public disclosure in accordance with 10 CFR 2.390.The proposed changes have been evaluated in accordance with 10 CFR 50.91 (a)(1) using criteria in 10 CFR 50.92(c), and it has been determined that the changes involve no significant hazards consideration.

The bases for these determinations are included in Attachment 1.Entergy requests this license amendment be effective as of its date of issuance.

Although this request is neither exigent nor emergency, your review and approval Is requested prior to December 31, 2012.The revised commitment contained in this submittal is summarized in Attachment

5. Should you have any questions concerning this letter, or require additional information, please contact Christina Perino at 601-437-6299.

I declare under penalty of perjury that the foregoing is true and correct. Executed on June 27, 2012.Sincerely, MP/rrj Attachments:

1. Analysis of Proposed Operating License Change (contains SRI)2. Proposed GGNS Operating License Changes (mark-up)3. Revised GGNS Operating License Pages 4. Revised Cyber Security Plan Implementation Schedule (contains SRI)5. List of Regulatory Commitments This letter contains security-related information

-Attachments 1 and 4 are withheld from public disclosure per 10 CFR 2.390 GNRO-2012/00062 Page 3 of 3 This letter contains security-related information

-Attachments 1 and 4 are withheld from public disclosure per 10 CFR 2.390 cc: U. S. Nuclear Regulatory Commission ATTN: Mr. Elmo E. Collins, Jr.Region Administrator, Region IV 1600 East Lamar Boulevard Arlington, TX 76011-4511 NRC Senior Resident Inspector Grand Gulf Nuclear Station Port Gibson, MS 39140 U. S. Nuclear Regulatory Commission ATTN: Mr. Alan Wang, NRR/DORL Mail Stop OWFN 8 G14 11555 Rockville Pike Rockville, MD 20852-2378 Dr. Mary Currier, M.D., M.P.H.State Health Officer Mississippi Department of Health P.O. Box 1700 Jackson, MS 39215-1700 This letter contains security-related information

-Attachments 1 and 4 are withheld from public disclosure per 10 CFR 2.390 Sections 1, 2, and 3 of this attachment contain security-related information and are withheld from public disclosure per 10 CFR 2.390 Attachment 1 GNRO-2012100062 Analysis of Proposed Operating License Change Sections 1, 2, and 3 of this attachment contain security-related information and are withheld from public disclosure per 10 CFR 2.390 Attachment I to GNRO-2012/00062 Page 3 of 5

4.0 REGULATORY EVALUATION

4.1 Applicable

Regulatorv Reqguirements/Criteria 10 CFR 73.54 requires licensees to maintain and Implement a cyber security plan. Grand Gulf Nuclear Station (GGNS) Facility Operating License No. NPF-29 include a Physical Protection license condition that requires Entergy Operations, Inc. (Entergy) to fully implement and maintain in effect all provisions of the Commission-approved cyber security plan, including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p).4.2 Precedent Amendment No. 203 for the Callaway Plant (Reference

5) approved an implementation schedule using the Nuclear Energy Institute (NEI) template (Reference 3), with the exception of Milestone
6. The Callaway Plant deviated from the template for Milestone 6 to address only the NEI 08-09, Revision 6, Appendix D technical controls, excepting for the operational and management controls, on the basis that implementing the technical controls for the target set critical digital assets provides a high degree of protection against cyber related attacks that could lead to radiological sabotage.The changes being proposed by Entergy in this amendment request are similar to those approved in the Callaway Plant Amendment No. 203.4.3 Significant Safety Hazards Consideration Entergy is requesting an amendment to the GGNS Facility Operating License to revise the Physical Protection license condition as it relates to the cyber security plan. This change includes a proposed deviation to the scope of a Cyber Security Plan Implementation Schedule milestone and a proposed revision to the GGNS Facility Operating License to include the proposed deviation.

Specifically, Entergy proposes a change to the scope of Implementation Milestone 6 to apply to only technical cyber security controls.Entergy has evaluated whether or not a significant hazards consideration is involved with the proposed amendment by focusing on the three standards set forth in 10 CFR 50.92, "Issuance.of Amendment," as discussed below: 1. Does the proposed change involve a significant increase in the probability or consequences of an accident previously evaluated?

Response:

No.The proposed change to the Cyber Security Plan Implementation Schedule is administrative In nature. This change doespnot alter accident analysis assumptions, add any initiators, or affect the function of plant systems or the manner in which systems are operated, maintained, modified, tested, or inspected.

The proposed change does not require any plant modifications which affect the performance capability of the structures, systems,'and components relied upon to mitigate the consequences of postulated accidents and has no impact on the probability or consequences of an accident previously evaluated.

Attachment I to GNRO-2012/00062 Page 4 of 5 Therefore, the proposed change does not involve a significant Increase in the probability or consequences of an accident previously evaluated.

2. Does the proposed change create the possibility of a new or different kind of accident from any accident previously evaluated?

Response:

No.The proposed change to the Cyber Security Plan Implementation Schedule is administrative in nature. This proposed change does not alter accident analysis assumptions, add any initiators, or affect the function of plant systems or the manner in which systems are operated, maintained, modified, tested, or inspected.

The proposed change does not require any plant modifications which affect the performance capability of the structures, systems, and components relied upon to mitigate the consequences of postulated accidents and does not create the possibility of a new or different kind of accident from any accident previously evaluated.

Therefore, the proposed change does not create the possibility of a new or different kind of accident from any accident previously evaluated.

3. Does the proposed change involve a significant reduction In a margin of safety?Response:

No.Plant safety margins are established through limiting conditions for operation, limiting safety system settings, and safety limits specified in the technical specifications.

The proposed change to the Cyber Security Plan Implementation Schedule is administrative in nature. Because there is no change to established safety margins as a result of this change, the proposed change does not involve a significant reduction in a margin of safety.Therefore, the proposed change does not Involve a significant reduction in a margin of safety.Based on the above, Entergy concludes that the proposed change presents no significant hazards consideration under the standards set forth in 10 CFR 50.92(c), and accordingly, a finding of Ono significant hazards consideration" is justified.

4.4 Conluio

In conclusion, based on the considerations discussed above: (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner; (2) such activities will be conducted in compliance with the Commission's regulations; and (3) the issuance of the amendment will not be inimical to the common defense and security or to the health and safety of the public.

Attachment 1 to GNRO-2012/00062 Page 5 of 5 5.0 ENVIRONMENTAL CONSIDERATION The proposed amendment provides a change to the Cyber Security Plan Implementation Schedule.

The proposed amendment meats the eligibility criterion for a categorical exclusion set forth in 10 CFR 51.22(c)(12).

Therefore, pursuant to 10 CFR 51.22(b) no environmental impact statement or environmental assessment need be prepared in connection with the issuance of the amendment.

6.0 REFERENCES

1. NRC letter to Entergy, Issuance of Amendment Re: Approval of Cyber Security Plan, dated July 27, 2011 (GNRI-2011/00088)
2. Entergy letter to NRC, Response to Additional Requests for Additional Information and Revision to the GGNS Cyber Security Plan, dated April 4, 2011 (GNRO-2011/00020)
3. Letter from Chris Earls (NEI) to Richard P. Correia (NRC), Template for the Cyber Security Plan Implementation Schedule, dated February 28, 2011 (ADAMS Accession No. ML110600211)
4. Letter from Richard P. Correia (NRC) to Chris Earls (NEI), Template for the Cyber Security Plan Implementation Schedule, dated March 1, 2011 (ADAMS Accession No.MLI 10070348)5. NRC letter from M. C. Thadani, USNRC, to A. C. Heflin, Union Electric Company,"Callaway Plant, Unit I -Issuance of Amendment Re: Approval of Cyber Security Plan (TAC NO. ME4536)," August 17, 2011 (ADAMS Accession No. ML1 12140087)

Attachment 2 GNRO-2012/00062 Proposed GGNS Operating License Changes (mark-up)

(h) This license condition shall expire upon satisfaction of the requirements in paragraph (f) provided that a visual inspection of the steam dryer does not reveal any new unacceptable flaw or unacceptable flaw growth that is caused by fatigue.D. The facility required exemptions from certain requirements of Appendices A and J to 10 CFR Part 50 and from certain requirements of 10 CFR Part 100. These include: (a) exemption from General Design Criterion 17 of Appendix A until startup following the first refueling outage, for (1)the emergency override of the test mode for the Division 3 diesel engine, (2) the second level undervoltage protection for the Division 3 diesel engine, and (3) the generator ground over current trip function for the Division 1 and 2 diesel generators (Section 8.3.1 of SSER #7) and (b)exemption from the requirements of Paragraph III.D.2(b) (ii) of Appendix J for the containment airlock testing following normal door opening when containment integrity is not required (Section 6.2.6 of SSER #7). These exemptions are authorized by law and will not endanger life or property or the common defense and security and are otherwise in the public interest.

In addition, by exemption dated December 20, 1986, the Commission exempted licensees from 10 CFR 100.11(a)

(1), insofar as it incorporates the definition of exclusion area in 10 CFR 100.3(a), until April 30, 1987 regarding demonstration of authority to control all activities within the exclusion area (safety evaluation accompanying Amendment No. 27 to License (NPF-29).

This exemption is authorized by law, and will not present an undue risk to the public health and safety, and is consistent with the common defense and security.

In addition, special circumstances have been found justifying the exemption.

Therefore, these exemptions are hereby granted pursuant to 10 CFR 50.12.with the granting of these exemptions, the facility will operate, to the extent authorized herein, in conformity with the application, as amended, the provisions of the Act and the rules and regulations of the Commission.

E. The licensee shall fully implement and maintain in effect all provision of the Commission-approved physical security, training and qualification, and safeguards, contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p).

The plans, which contain Safeguards Information protected under 10 CFR 73.21, are entitled: "Physical Security, Safeguards Contingency and Training and Qualification Plan," and were submitted to the NRC on May 18, 2006.The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p).

The licensee's CSP was approved by License Amendment No. 186.-: eemo6 16f Amendment No. Xo ALA -I." X~

Attachment 3 GNRO-12/00062 Revised GGNS Operating License Page (h) This license condition shall expire upon satisfaction of the requirements in paragraph (f) provided that a visual inspection of the steam dryer does not reveal any new unacceptable flaw or unacceptable flaw growth that is caused by fatigue.D. The facility required exemptions from certain requirements of Appendices A and J to 10 CFR Part 50 and from certain requirements of 10 CFR Part 100. These include: (a) exemption from General Design Criterion 17 of Appendix A until startup following the first refueling outage, for (1)the emergency override of the test mode for the Division 3 diesel engine, (2) the second level undervoltage protection for the Division 3 diesel engine, and (3) the generator ground over current trip function for the Division 1 and 2 diesel generators (Section 8.3.1 of SSER #7) and (b)exemption from the requirements of Paragraph III.D.2(b)(ii) of Appendix J for the containment airlock testing following normal door opening when containment integrity is not required (Section 6.2.6 of SSER #7). These exemptions are authorized by law and will not endanger life or property or the common defense and security and are otherwise in the public interest.

In addition, by exemption dated December 20, 1986, the Commission exempted licensees from 10 CFR 100.11(a)(1), insofar as it incorporates the definition of exclusion area in 10 CFR 100.3(a), until April 30, 1987 regarding demonstration of authority to control all activities within the exclusion area (safety evaluation accompanying Amendment No. 27 to License (NPF-29).

This exemption is authorized by law, and will not present an undue risk to the public health and safety, and is consistent with the common defense and security.

In addition, special circumstances have been found justifying the exemption.

Therefore, these exemptions are hereby granted pursuant to 10 CFR 50.12.with the granting of these exemptions, the facility will operate, to the extent authorized herein, in conformity with the application, as amended, the provisions of the Act and the rules and regulations of the Commission.

E. The licensee shall fully implement and maintain in effect all provision of the Commission-approved physical security, training and qualification, and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.5 4 (p). The plans, which contain Safeguards Information protected under 10 CFR 73.21, are entitled: "Physical Security, Safeguards Contingency and Training and Qualification Plan," and were submitted to the NRC on May 18, 2006.The licensee shall fully implement and maintain in effect all provisions of the Commission-approved cyber security plan (CSP), including changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.5 4 (p). The licensee's CSP was approved by License Amendment No. 186 as supplemented by a change approved by License Amendment No.XXX.I 16f Amendment No. 4-9+, XXX Attachment 5 GNRO-2012100062 List of Regulatory Commitments Attachment 5 to GNRO-2012/00062 Page 1 of 1 List of Regulatory Commitments The following table identifies those actions committed to by Entergy in this document.

Any other statements in this submittal are provided for information purposes and are not considered to be regulatory commitments.

TYPE SCHEDULED (Check One) COMPLETION COMMITMENT ONE- DATE TIME CONTINUING (If Required)ACTION COMPLIANCE Entergy will implement milestones 1, 2, 3, X December 31, 2012 4, 5, and 7 described in Attachment 4 of letter dated April 4, 2011 (GNRO-2011/00020), and the revised Milestone 6 in Attachment 4 of this submittal.

Retrieved from "https://kanterella.com/w/index.php?title=GNRO-2012/00062,_Grand_Gulf,_Unit_1,_License_Amendment_Request_-_Cyber_Security_Plan_Implementation_Schedule_Milestones._(Need_a_Publicly_Available_Version_of_ML122120350_Excludes_Sections_1,_2_%26_3_of_Attachment_1_(Page_1_of_5_%26_Page_2_of_5)_%26_Attach&oldid=1098792"