|
|---|
Category:General FR Notice Comment Letter
MONTHYEARML24303A0832024-10-28028 October 2024
Comment (2) from Bruce Montgomery on Contamination Control, Radiological Survey, and Dose Modeling Considerations to Support License Termination at Sites with Environmental Discrete Radioactive Particle Contamination
ML24262A0102024-09-17017 September 2024
Comment (1) of Victoria K. Anderson on Level 3 Probabilistic Risk Assessment Project Documentation (Volume 7)
ML24262A0112024-09-13013 September 2024
Comment (2) of Frances A. Pimentel on Design-Basis Floods for Nuclear Power Plants and Guidance for Assessment of Flooding Hazards Due to Water Control Structure Failures and Incidents
ML24234A0892024-08-15015 August 2024
Comment (1) of Mark Richter on Acceptable ASME Section XI Inservice Inspection Code Cases for 10 CFR Part 72
ML24200A1852024-07-17017 July 2024
Comment (1) of Frances A. Pimentel on Draft Regulatory Guides: Design-Basis Floods for Nuclear Power Plants and Guidance for Assessment of Flooding Hazards Due to Water Control Structure Failures and Incidents
ML24173A0042024-06-14014 June 2024
Comment (1) of Individual on Draft NUREG: Event Report Guidelines
ML24173A0052024-06-14014 June 2024
Comment (2) of Tony Brown on Behalf of Nuclear Energy Institute (NEI) on Draft NUREG: Event Report Guidelines
ML24114A0252024-04-0808 April 2024
Comment (4) of Charlotte Shields on DG-5080 Uas Question
ML24093A0392024-03-28028 March 2024
Comment (1) of Thomas Basso on Preparing Probabilistic Fracture Mechanics Submittals
ML24081A0872024-03-14014 March 2024
Comment of Janet R. Schlueter on Behalf of NEI on Information Collection: Material Control and Accounting of Special Nuclear Material
ML24058A0052024-02-23023 February 2024
Comment (5) of Tony Brown on Behalf of Nuclear Energy Institute (NEI) on Notice of Intent to Conduct Scoping Process and Prepare Environmental Impact Statement; Pacific Gas and Electric Company; Diablo Canyon Nuclear Power Plant, Units 1 an
ML24009A0372023-12-13013 December 2023
Comment (2) of Bruce Montgomery on Draft DUWP-ISG-02, Radiological Survey and Dose Modeling of the Subsurface to Support License Termination
ML23353A2442023-12-13013 December 2023
Comment (2) of Bruce Montgomery on Interim Staff Guidance on Subsurface Investigations, Radiological Survey and Dose Modeling of the Subsurface to Support License Termination
ML23348A0732023-12-11011 December 2023
Comment (2) of Charlotte Shields on Behalf of Nuclear Energy Institute on Draft Regulatory Guide: Physical Security Event Notifications, Reports, and Records
ML23348A0772023-12-11011 December 2023
Comment (1) of Charlotte Shields on Behalf of Nuclear Energy Institute on Draft Regulatory Guide: Preemption Authority, Enhanced Weapons Authority, and Firearms Background Checks
ML23349A0442023-12-11011 December 2023
Comment (1) of Charlotte Shields on Draft Regulatory Guide: Suspicious Activity Reports
ML23326A1172023-11-21021 November 2023
Comment (1) of Alan Campbell on Proposed Revision to Standard Review Plan Branch Technical Position 7-19, Guidance for Evaluation of Defense-In-Depth and Diversity to Address Common-Cause Failure Due to Latent Design Defects in Digital Safe
ML23326A0312023-11-17017 November 2023
Comment (2) of Kati R. Austgen on Draft Regulatory Guide: General Site Suitability Criteria for Nuclear Power Stations
ML23284A3892023-10-10010 October 2023
Comment (8) of Ben Holtzman on Guidance for a Technology-Inclusive Content of Application Methodology to Inform the Licensing Basis and Content of Applications for Licenses, Certifications, and Approvals for Advanced Reactors
ML23270B9552023-09-27027 September 2023
Comment (2) of Stewart Yuen on Proposed Revision to Standard Review Plan Section 15.0, Introduction - Transient and Accident Analyses
ML23242A0412023-08-25025 August 2023
Comment (2) of Brett Titus on Behalf of NEI on Draft NUREG: Revision to Subsequent License Renewal Guidance Documents, and Supplement to Associated Technical Bases Document
ML23236A5292023-08-21021 August 2023
Comment (6) of Bruce S. Montgomery on Draft Interim Staff Guidance: Use of the Decommissioning Trust Fund During Operations for Major Radioactive Component Disposal
ML23256A1122023-08-10010 August 2023
Comment (3) of Ben Holtzman on Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications - Roadmap
ML23256A1132023-08-10010 August 2023
Comment (4) of Ben Holtzman on Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications - Roadmap
ML23256A1152023-08-10010 August 2023
Comment (2) of Ben Holtzman on Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications - Roadmap
ML23256A1162023-08-10010 August 2023
Comment (1) of Ben Holtzman on Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications - Roadmap
ML23256A1192023-08-10010 August 2023
Comment (4) of Ben Holtzman on Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications - Roadmap
ML23256A1202023-08-10010 August 2023
Comment (2) of Ben Holtzman on Behalf of Nuclear Energy Institute on Draft Interim Staff Guidance: Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications-Roadmap
ML23256A1222023-08-10010 August 2023
Comment (5) of Ben Holtzman on Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications - Roadmap
ML23256A1232023-08-10010 August 2023
Comment (4) of Ben Holtzman on Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications - Roadmap
ML23256A1252023-08-10010 August 2023
Comment (4) of Ben Holtzman on Behalf of Nuclear Energy Institute on Draft Interim Staff Guidance: Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications—Roadmap
ML23234A0392023-08-10010 August 2023
Comment (4) of Ben Holtzman on Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications - Roadmap
ML23181A0292023-06-29029 June 2023
Comment (2) of Rod Mccullum on Draft Regulatory Guide: Weather-Related Administrative Controls at Independent Spent Fuel Storage Installations
ML23174A0492023-06-16016 June 2023
Comment (2) of Ben Holtzman on Behalf of Nuclear Energy Institute on Draft Interim Staff Guidance: Review of Risk-Informed, Technology Inclusive Advanced Reactor Applications—Roadmap
ML23158A2162023-06-0202 June 2023
Comment (2) of Alan Campbell on Draft Regulatory Guide: Guidelines for Lightning Protection for Production and Utilization Facilities
ML23159A2472023-05-22022 May 2023
Comment (4) of William Gross on Perimeter Intrusion Alarm Systems
ML23143A1982023-05-18018 May 2023
Comment (1) of Richard Mogavero on Behalf of Nuclear Energy Institute on Draft Regulatory Guide: Cybersecurity Event Notifications
ML23130A2082023-05-0808 May 2023
Comment (9) of Mark A. Richter on Behalf of Nuclear Energy Institute on Material Compatibility for Non-Light Water Reactors
ML23115A0152023-04-0707 April 2023
Comment (1) of Alan Campbell on Draft Regulatory Guide: Criteria for Programmable Digital Devices in Safety-Related Systems of Nuclear Power Plants
ML24120A2702023-04-0404 April 2023
Melody Rodridguez NEI Comment on Controlled Unclassified Information
ML23089A0012023-03-28028 March 2023
OMB 3150-0035, NEI Comment on 10 CFR Part 21 Information Collection Renewal 2023
ML23094A0632023-03-28028 March 2023
NRC-2022-0145- NEI Official Comment Attachment on 10 CFR Part 21 Information Collection Renewal
ML23115A0172023-03-23023 March 2023
Comment (3) of Alan Campbell on Draft Regulatory Guide: Criteria for Programmable Digital Devices in Safety-Related Systems of Nuclear Power Plants
ML23074A0472023-03-14014 March 2023
Comment (2) of A. J. Clore on Perimeter Intrusion Alarm Systems
ML22354A2422022-12-19019 December 2022
Comment (4) of Thomas Basso on Behalf of Nuclear Energy Institute on Performance-Based Containment Leak Test Program
ML23005A2412022-12-16016 December 2022
Comment (1) of Janet R. Schlueter on Report on Waste Burial Charges: Changes in Decommissioning Waste Disposal Costs at Low-Level Waste Burial Facilities
ML22244A1732022-08-31031 August 2022
Comment (1) of Tony Brown on Behalf of Nuclear Energy Institute on Industry Comments on Draft Appendices to NUREG/BR-0058, Revision 5, Regulatory Analysis Guidelines of the U.S. Nuclear Regulatory Commission
ML22242A0302022-08-29029 August 2022
Comment (1) of Victoria K. Anderson on High Energy Arcing Fault Hazard Frequency and Consequence Modeling
ML22231B0532022-08-19019 August 2022
Comment (6) of James E. Slider on NRCs Fiscal Years 2023-2027 Artificial Intelligence Strategic Plan
ML22230A0402022-08-15015 August 2022
Comment (4) of William R. Gross on Behalf of NEI on Update of Facility Security Clearance
2024-09-17
[Table view] |
Text
WILLIAM R. GROSS Director, Incident Preparedness 1201 F Street, NW, Suite 1100 Washington, DC 20004 P: 202.739.8123 wrg@nei.org nei.org SUNSI Review Complete Template = ADM-013 E-RIDS=ADM-03 ADD= Jazel Parks, Bayssie Mekonen October 19, 2018 COMMENT (12)
PUBLICATION DATE: 8/23/2018 CITATION # 83 FR 42623 Ms. May Ma Office of Administration Mail Stop: ON 2A13 U.S. Nuclear Regulatory Commission Washington, DC 20555-0001
Subject:
Comments on Draft Regulatory Guide 5061, Proposed Revision 1 to Regulatory Guide 5.71, Cyber Security Programs for Nuclear Power Reactors (NRC Docket ID NRC-2018-0182)
Project Number: 689
Dear Ms. Ma:
On behalf of the Nuclear Energy Institutes (NEI)1 members (hereinafter referred to as industry), we provide the following comments on Draft Regulatory Guide (DG)-5061, Proposed Revision 1 to Regulatory Guide 5.71, Cyber Security Programs for Nuclear Power Reactors, as requested in the Federal Register (83FR42623), dated August 23, 2018.
On or before December 31, 2012, the U.S. Nuclear Regulatory Commission (NRC) power reactor licensees completed implementation of the elements of the cyber security program designed to mitigate the most likely attack pathways and assessed and implemented protective measures for the most risk-significant plant components. Subsequently, on or before December 31, 2017, NRC power reactor licensees completed the remainder of the cyber security program.
Industry experience from the inspections conducted by the NRC following the December 31, 2012, milestone indicated that gaps existed between the NRCs and the industrys interpretation of compliance with the cyber security rule. While progress has been made, the inspections following the December 31, 2017, milestone have demonstrated that this gap continues to exist. NEI believes that the purpose of any revision to Regulatory Guide (RG) 5.71 should bridge that gap. However, a wholesale rewrite of the regulatory guide is simply not needed at this time.
1 The Nuclear Energy Institute (NEI) is responsible for establishing unified policy on behalf of its members relating to matters affecting the nuclear energy industry, including the regulatory aspects of generic operational and technical issues. NEIs members include entities licensed to operate commercial nuclear power plants in the United States, nuclear plant designers, major architect and engineering firms, fuel cycle facilities, nuclear materials licensees, and other organizations involved in the nuclear energy industry.
Ms. May Ma October 19, 2018 Page 2 NEI recognizes the NRCs desire to provide improved guidance for future licensees and appreciates its willingness to invest in that effort, however, in view of the limited number of currently expected new licensees in the near-term, we believe that both the NRCs and the industrys resources would be better utilized by continuing to concentrate on resolving issues related to the existing reactor fleet rather than revising the existing guidance.
While we understand the staffs intent, that the revised guidance will not present any change to the current reactor fleet, the fact that the revised guidance exists may create the potential for some inspectors to believe it supersedes the existing guidance such that the inspectors apply itrather than the existing guidanceduring inspections.
In addition, if new applicants who are part of an existing nuclear utility are scrutinized against this new guidance, existing sites within that fleet may also be expected to comply with the new guidance.
The NEI Cyber Security Task Force has conducted a preliminary review of the draft guide and has identified a number of concerns. Notably, this new guidance does not consider the recommendation from the NRC Advisory Committee on Reactor Safeguards (ACRS) for use of Probabilistic Risk Assessment (PRA) insights in cyber security, particularly those regarding accident sequences. 2 The task force identified changes in staff position. Specifically, the new guidance indicates that certain digital devices that are not currently identified as Critical Digital Assets (CDAs) may need to be considered CDAs for future licensees.
Security definitions in the glossary differ from previously NRC issued definitions contained in NUREG-2203, Glossary of Security Terms for Nuclear Power Reactors. The definitions should be consistent within NRC issued documents.
Additionally, Appendix A, Section A.3.1.6, continues to require application of all of the security controls, allows the use of alternative controls only if the security control could not be applied, and requires that the alternative control countermeasures provide the same or greater protection as the corresponding security control. This section establishes additional requirements over and above the regulation for maintaining the security plan, 3 is not consistent with the existing NRC endorsed guidance 4 for evaluating the use of alternative countermeasures, and does not incorporate risk-based screening of CDAs and application of cyber security protections. 5 NEI understands that the NRC intends to conduct a thorough and aggressive self-assessment of the cyber security inspection process, including the efficacy of the guidance, starting in January 2019. In view of this 2
The U.S. NRC Advisory Committee on Reactor Safeguards letter to G. B. Jaczko, Chairman U.S. NRC, Draft Final Regulatory Guide 5.71, Cyber Security Programs for Nuclear Facilities, dated November 12, 2009 (ADAMS Accession No. ML093130111) 3 10 CFR 50.54(p) 4 Reference NEI 08-09, Revision 6, Addendum 1 5
Reference NEI 13-10, Revision 6
Ms. May Ma October 19, 2018 Page 3 upcoming work scope, which undoubtedly will result in additional desired changes to RG 5.71, NEI urges the NRC to wait until after the self-assessment to revise the regulatory guide. Additionally, the revision should address risk-informing the cyber security plans and should formally endorse the existing NEI guidance documents.
Regulatory activities should be consistent with the degree of risk reduction and regulatory certainty that they achieve, and in that regard, this document revision has no clarifying or beneficial impact on the current reactor fleet. It does, however, have the potential to create an unintended consequence of confusion regarding what changes should apply to the current reactor fleet.
Given the other cyber security issues in which the NRC and NEI are currently productively engaged, the revision of the regulatory guide should not be pursued until after the NRC completes the self-assessment in 2019. Reviewing, commenting on and revising the regulatory guide at this time may detract from the other higher priority resolution of issues identified during the cyber security inspections. NEI suggests that the resolution of these issues, and the results of the 2019 self-assessment, also be included in the revision to the regulatory guide.
If you have any questions concerning these comments, please contact Richard Mogavero at (202) 739-8174 or rm@nei.org, or me.
Sincerely, William R. Gross