NLS2010059, Withdrawal and Resubmission of License Amendment Request for Approval of the Cyber Security Plan

From kanterella
(Redirected from ML102070034)
Jump to navigation Jump to search

Withdrawal and Resubmission of License Amendment Request for Approval of the Cyber Security Plan
ML102070034
Person / Time
Site: Cooper Entergy icon.png
Issue date: 07/20/2010
From: Dori Willis
Nebraska Public Power District (NPPD)
To:
Document Control Desk, Office of Nuclear Reactor Regulation
References
NLS2010059
Download: ML102070034 (13)
v  d  e


Text

SECURITY-RELATED INFORMATION - WITHHOLD UNDER 10 CFR 2.390 N

Nebraska Public Power District Always there when you need us NLS2010059 50.90 July 20, 2010 U.S. Nuclear Regulatory Commission Document Control Desk Washington, D.C. 20555-0001

Subject:

Withdrawal and Resubmission of License Amendment Request for Approval of the Cyber Security Plan Cooper Nuclear Station, Docket No. 50-298, License No. DPR-46

References:

1. Letter from Carl F. Lyon, U.S. Nuclear Regulatory Commission, to Brian J.

O'Grady, Nebraska Public Power District, dated May 24, 2010, "Cooper Nuclear Station - License Amendment Request for Approval of the Cyber Security Plan (TAC No. ME2643)"

2. Letter from Stewart B. Minahan, Nebraska Public Power District, to U.S.

Nuclear Regulatory Commission, dated November 19, 2009, "License Amendment Request for Approval of the Cyber Security Plan, Cooper Nuclear Station, Docket No. 50-298, License No. DPR-46" (NLS2009084)

3. Letter from Jack W. Roe, Nuclear Energy Institute, to Scott A. Morris, U.S. Nuclear Regulatory Commission, dated April 28, 2010, "NEI 08-09, Revision 6, Cyber Security Plan for Nuclear Power Reactors, April 2010"
4. Letter from Richard P. Correia, U.S. Nuclear Regulatory Commission, to Jack Roe, Nuclear Energy Institute, dated May 5, 2010, "Nuclear Energy Institute 08-09, Cyber Security Plan Template, Rev. 6"

Dear Sir or Madam:

The purpose of this letter is for the Nebraska Public Power District (NPPD) to submit a revision to the License Amendment Request (LAR) previously submitted per Reference 2 for approval of the Cyber Security Plan for Cooper Nuclear Station (CNS). Concurrent with submittal of this revised LAR, NPPD is withdrawing the LAR submitted per Reference 2. This revised request addresses Nuclear Regulatory Commission (NRC) generic issues as discussed in Reference 1 and supersedes the previous submittal in its entirety.

NOTE: Attachments 4, 5, and 6 to this letter contain Security-Related Information. Upon separation from Attachments 4, 5, and 6, the cover letter and Attachments 1, 2, and 3 are decontrolled.

COOPER NUCLEAR STATION P.O. Box 98 / Brownville, NE 68321-0098 Telephone: (402) 825-3811 / Fax: (402) 825-5211 www.nppd.com k

SECURITY-RELATED INFORMATION - WITHHOLD UNDER 10 CFR 2.390 NLS2010059 July 20,2010 H

Nebraska Public Power District Always there when you need us 50.90 u.s. Nuclear Regulatory Commission Document Control Desk Washington, D.C. 20555-0001

Subject:

Withdrawal and Resubmission of License Amendment Request for Approval of the Cyber Security Plan Cooper Nuclear Station, Docket No. 50-298, License No. DPR-46

References:

1. Letter from Carl F. Lyon, U.S. Nuclear Regulatory Commission, to Brian J.

O'Grady, Nebraska Public Power District, dated May 24,2010, "Cooper Nuclear Station - License Amendment Request for Approval ofthe Cyber Security Plan (TAC No. ME2643)"

2. Letter from Stewart B. Minahan, Nebraska Public Power District, to U.S.

Nuclear Regulatory Commission, dated November 19, 2009, "License Amendment Request for Approval of the Cyber Security Plan, Cooper Nuclear Station, Docket No. 50-298, License No. DPR-46" (NLS2009084)

3. Letter from Jack W. Roe, Nuclear Energy Institute, to Scott A. Morris, U.S. Nuclear Regulatory Commission, dated April 28, 2010, "NEI 08-09, Revision 6, Cyber Security Plan for Nuclear Power Reactors, April 2010"
4. Letter from Richard P. Correia, U.S. Nuclear Regulatory Commission, to Jack Roe, Nuclear Energy Institute, dated May 5,2010, "Nuclear Energy Institute 08-09, Cyber Security Plan Template, Rev. 6"

Dear Sir or Madam:

The purpose of this letter is for the Nebraska Public Power District (NPPD) to submit a revision to the License Amendment Request (LAR) previously submitted per Reference 2 for approval of the Cyber Security Plan for Cooper Nuclear Station (CNS). Concurrent with submittal ofthis revised LAR, NPPD is withdrawing the LAR submitted per Reference 2. This revised request addresses Nuclear Regulatory Commission (NRC) generic issues as discussed in Reference I and supersedes the previous submittal in its entirety.

NOTE: Attachments 4,5, and 6 to this letter contain Security-Related Information. Upon separation from Attachments 4, 5, and 6, the cover letter and Attachments 1, 2, and 3 are decontrolled.

COOPER NUCLEAR STATION P.D. Box 98/ Brownville, NE 68327-0098 Telephone: (402) 825-3811 / Fax: (402) 825-5211 www.nppd.com

SECURITY-RELATED INFORMATION - WITHHOLD UNDER 10 CFR 2.390 NLS2010059 Page 2 of 3 NPPD requests an amendment to the Facility Operating License (FOL) for CNS in accordance with the provisions of 10 CFR 50.4 and 10 CFR 50.90. This proposed amendment requests NRC approval of the Cyber Security Plan for CNS, provides an implementation schedule, and revises the existing FOL Physical Protection license condition to require NPPD to fully implement and maintain in effect all provisions of the Commission-approved Cyber Security Plan. The proposed Cyber Security Plan previously submitted by Reference 2 was based on Nuclear Energy Institute (NEI) 08-09, Revision 3, Cyber Security Plan for Nuclear Power Reactors. Per Reference 3, NEI subsequently submitted NEI 08-09, Revision 6, to the NRC, which contains changes that address NRC staff generic concerns with the previous version. Per Reference 4, the NRC concluded that submission of a cyber security plan using the template provided in NEI 08-09, Revision 6, would be acceptable for use by licensees to comply with the requirements of 10 CFR 73.54, with one exception. The revised Cyber Security Plan provided in Attachment 4 is consistent with NEI 08-09, Revision 6, and also addresses the one noted exception. provides NPPD's evaluation of the proposed change, including the no significant hazards consideration and environmental consideration. Attachment 2 provides the existing FOL pages marked up to show the proposed change. Attachment 3 provides the FOL changes in final typed format. Attachment 4 provides the CNS Cyber Security Plan, which is a stand-alone document that will be incorporated by reference into the CNS Physical Security Plan upon approval. Attachment 5 provides the CNS Cyber Security Plan implementation schedule. provides the associated regulatory commitments. NPPD requests that Attachments 4, 5, and 6, which contain security-related information, be withheld from public disclosure in accordance with 10 CFR 2.390.

In accordance with 10 CFR 50.91(b)(1), a copy of this application, with attachments, is being provided to the designated State of Nebraska Official. Copies are also being provided to the NRC Region IV Office and the CNS Resident Inspector in accordance with 10 CFR 50.4(b)(2).

The proposed license amendment has been reviewed by the necessary Safety Review Committees (Station Operations Review Committee and Safety Review and Audit Board).

Should you have any questions regarding this submittal, please contact David Van Der Kamp, Licensing Manager, at (402) 825-2904.

I declare under penalty of erjury that the foregoing is true and correct.

Executed On:

"120/20))

General Manager of Plant Operations NOTE: Attachments 4, 5, and 6 to this letter contain Security-Related Information. Upon separation from Attachments 4, 5, and 6, the cover letter and Attachments 1, 2, and 3 are decontrolled.

SECURITY-RELATED INFORMATION:- WITHHOLD UNDER 10 CFR 2.390 NLS2010059 Page 2 of3 NPPD requests an amendment to the Facility Operating License (FOL) for CNS in accordance with the provisions of 10 CFR 50.4 and 10 CFR 50.90. This proposed amendment requests NRC approval of the Cyber Security Plan for CNS, provides an implementation schedule, and revises the existing FOL Physical Protection license condition to require NPPD to fully implement and maintain in effect all provisions of the Commission-approved Cyber Security Plan. The proposed Cyber Security Plan previously submitted by Reference 2 was based on Nuclear Energy Institute (NEI) 08-09, Revision 3, Cyber Security Plan for Nuclear Power Reactors. Per Reference 3, NEI subsequently submitted NEI 08-09, Revision 6, to the NRC, which contains changes that address NRC staff generic concerns with the previous version. Per Reference 4, the NRC concluded that submission of a cyber security plan using the template provided in NEI 08-09, Revision 6, would be acceptable for use by licensees to comply with the requirements of 10 CFR 73.54, with one exception. The revised Cyber Security Plan provided in Attachment 4 is consistent with NEI 08-09, Revision 6, and also addresses the one noted exception. provides NPPD's evaluation of the proposed change, including the no significant hazards consideration and environmental consideration. Attachment 2 provides the existing FOL pages marked up to show the proposed change. Attachment 3 provides the FOL changes in final typed format. Attachment 4 provides the CNS Cyber Security Plan, which is a stand-alone document that will be incorporated by reference into the CNS Physical Security Plan upon approval. Attachment 5 provides the CNS Cyber Security Plan implementation schedule. provides the associated regulatory commitments. NPPD requests that Attachments 4,5, and 6, which contain security-related information, be withheld from public disclosure in accordance with 10 CFR 2.390.

In accordance with 10 CFR 50.91(b)(I), a copy ofthis application, with attachments, is being provided to the designated State of Nebraska Official. Copies are also being provided to the NRC Region IV Office and the CNS Resident Inspector in accordance with 10 CFR 50.4(b )(2).

The proposed license amendment has been reviewed by the necessary Safety Review Committees (Station Operations Review Committee and Safety Review and Audit Board).

Should you have any questions regarding this submittal, please contact David VanDer Kamp, Licensing Manager, at (402) 825-2904.

I declare under penalty of erjury that the foregoing is true and correct.

Executed On: --~--~~~~----

o

'JC=IY, Demetrius L. W is General Manager of Plant Operations NOTE: Attachments 4, 5, and 6 to this letter contain Security-Related Information. Upon separation from Attachments 4, 5, and 6, the cover letter and Attachments 1, 2, and 3 are decontrolled.

SECURITY-RELATED INFORMATION - WITHHOLD UNDER 10 CFR 2.390 NLS2010059 Page 3 of 3

/lb Attachments cc:

Regional Administrator w/attachments USNRC - Region IV Cooper Project Manager w/attachments USNRC - NRR Project Directorate IV-1 Senior Resident Inspector w/attachments USNRC - CNS Nebraska Health and Human Services w/attachments Department of Regulation and Licensure NPG Distribution w/o attachments CNS Records w/attachments NOTE: Attachments 4, 5, and 6 to this letter contain Security-Related Information. Upon separation from Attachments 4, 5, and 6, the cover letter and Attachments 1, 2, and 3 are decontrolled.

SEC*URITY-RELATED INFORMATION - WITHHOLD UNDER 10 CFR 2.390 NLS2010059 Page 3 of3 lIb Attachments cc:

Regional Administrator w/attachments USNRC - Region IV Cooper Project Manager w/attachments USNRC - NRR Project Directorate IV-1 Senior Resident Inspector w/attachments USNRC-CNS Nebraska Health and Human Services w/attachments

. Department of Regulation and Licensure NPG Distribution w/o attachments CNS Records w/attachments NOTE: Attachments 4,5, and 6 to this letter contain Security-Related Information. Upon separation from Attachments 4,5, and 6, the cover letter and Attachments 1,2, and 3 are decontrolled.

NLS2010059 Page 1 of 5 Evaluation of Proposed Change License Amendment Request for Approval of the Cyber Security Plan Cooper Nuclear Station, Docket No. 50-298, DPR-46 1.0 Summary Description 2.0 Detailed Description 3.0 Technical Evaluation 4.0 Regulatory Evaluation 4.1 Applicable Regulatory Requirements/Criteria 4.2 No Significant Hazards Consideration 4.3 Conclusions 5.0 Environmental Consideration 6.0 References NLS20100S9 Page 1 ofS Evaluation of Proposed Change License Amendment Request for Approval of the Cyber Security Plan Cooper Nuclear Station, Docket No. SO-:298, DPR-46 1.0 Summary Description 2.0 Detailed Description 3.0 Technical Evaluation 4.0 Regulatory Evaluation 4.1 Applicable Regulatory Requirements/Criteria 4.2 No Significant Hazards Consideration 4.3 Conclusions

. S.O Environmental Consideration 6.0 References

NLS2010059 Page 2 of 5 1.0

SUMMARY

DESCRIPTION The proposed license amendment request (LAR) includes the proposed Cooper Nuclear Station (CNS) Cyber Security Plan (Plan), an implementation schedule, and a proposed sentence to be added to the existing Facility Operating License (FOL) Physical Protection license condition.

2.0 DETAILED DESCRIPTION The proposed LAR includes three parts: the proposed CNS Cyber Security Plan, an implementation schedule, and a proposed sentence to be added to the existing FOL Physical Protection license condition to require Nebraska Public Power District (NPPD) to fully implement and maintain in effect all provisions of the Commission-approved cyber security plan as required by 10 CFR 73.54 (Rule). A Federal Register notice dated March27, 2009, issued the final rule that amended 10 CFR Part 73. The regulations in 10 CFR 73.54, "Protection of digital computer and communication systems and networks," establish the requirements for a cyber security program. This regulation specifically requires each licensee currently licensed to operate a nuclear power plant under Part 50 of this chapter to submit a cyber security plan that satisfies the requirements of the Rule. Each submittal must include a proposed implementation schedule and implementation of the licensee's cyber security program must be consistent with the approved schedule. The background for this application is addressed by the Nuclear Regulatory Commission (NRC) Notice of Availability published on March 27, 2009, 74 FR 13926 (Reference 1).

NPPD met the Rule requirement by submittal of a LAR dated November 19, 2009, "License Amendment Request for Approval of the Cyber Security Plan, Cooper Nuclear Station, Docket No. 50-298, DPR-46". Per NRC letter dated May 24, 2010, "Cooper Nuclear Station - License Amendment Request for Approval of the Cyber Security Plan",

the NRC requested that NPPD submit a revised application to address NRC generic issues. This revised LAR responds to that request.

3.0 TECHNICAL EVALUATION

Federal Register notice 74 FR 13926 issued the final rule that amended 10 CFR Part 73.

Cyber security requirements are codified in 10 CFR 73.54 and are designed to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks up to and including the design basis threat established by 10 CFR 73.1 (a)(1)(v). These requirements are substantial improvements upon the requirements imposed by EA-02-026 (Reference 2).

This proposed amendment conforms to the model Cyber Security Plan contained in Appendix A of Nuclear Energy Institute (NEI) 08-09, Revision 6, "Cyber Security Plan for Nuclear Power Reactors" (Reference 3). Attachment 1 to the Cyber Security Plan provides one deviation to NEI 08-09, Revision 6. This deviation modifies the definition of "cyber attack" as accepted by the NRC in a letter to NEI dated June 7, 2010 (Reference 4).

NLS2010059 Page 2 of5 1.0

SUMMARY

DESCRIPTION The proposed license amendment request (LAR) includes the proposed Cooper Nuclear Station (CNS) Cyber Security Plan (Plan), an implementation schedule, and a proposed sentence to be added to the existing Facility Operating License (FOL) Physical Protection license condition.

2.0 DETAILED DESCRIPTION The proposed LAR includes three parts: the proposed CNS Cyber Security Plan, an implementation schedule, and a proposed sentence to be added to the existing FOL Physical Protection license condition to require Nebraska Public Power District (NPPD) to fully implement and maintain in effect all provisions of the Commission-approved cyber security plan as required by 10 CFR 73.54 (Rule). A Federal Register notice dated March27, 2009, issued the final rule that amended 10 CFR Part 73. The regulations in 10 CFR 73.54, "Protection of digital computer and communication systems and networks," establish the requirements for a cyber security program. This regulation specifically requires each licensee currently licensed to operate a nuclear power plant under Part 50 of this chapter to submit a cyber security plan that satisfies the requirements of the Rule. Each submittal must include a proposed implementation schedule and implementation ofthe licensee's cyber security program must be consistent with the approved schedule. The background for this application is addressed by the Nuclear Regulatory Commission (NRC) Notice of Availability published on March 27, 2009, 74 FR 13926 (Reference I).

NPPD met the Rule requirement by submittal of a LAR dated November 19, 2009, "License Amendment Request for Approval of the Cyber Security Plan, Cooper Nuclear Station, Docket No. 50-298, DPR-46". Per NRC letter dated May 24, 2010, "Cooper Nuclear Station - License Amendment Request for Approval of the Cyber Security Plan",

the NRC requested that NPPD submit a revised application to address NRC generic issues. This revised LAR responds to that request.

3.0 TECHNICAL EVALUATION

Federal Register notice 74 FR 13926 issued the final rule that amended 10 CFR Part 73.

Cyber security requirements are codified in 10 CFR 73.54 and are designed to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks up to and including the design basis threat established by 10 CFR 73.1 (a}(l }(v). These requirements are substantial improvements upon the requirements imposed by EA-02-026 (Reference 2).

This proposed amendment conforms to the model Cyber Security Plan contained in Appendix A of Nuclear Energy Institute (NEI) 08-09, Revision 6, "Cyber Security Plan for Nuclear Power Reactors" (Reference 3). Attachment 1 to the Cyber Security Plan provides one deviation to NEI 08-09, Revision 6. This deviation modifies the definition of "cyber attack" as accepted by the NRC in a letter to NEI dated June 7, 2010 (Reference 4).

NLS2010059 Page 3 of 5 This LAR includes the proposed Plan (Attachment 4) that conforms to the template provided in NEI 08-09, Revision 6. In addition, the LAR includes the proposed change to the existing FOL license condition for Physical Protection (Attachments 2 and 3). The LAR contains the proposed implementation schedule (Attachment 5) as required by 10 CFR 73.54. A list of associated regulatory commitments is contained in Attachment 6.

4.0 REGULATORY EVALUATION

4.1 APPLICABLE REGULATORY REQUIREMENTS/CRITERIA This LAR is submitted pursuant to 10 CFR 73.54 which requires licensees currently licensed to operate a nuclear power plant under 10 CFR Part 50 to submit a Cyber Security Plan as specified in 10 CFR 50.4 and 10 CFR 50.90.

4.2 NO SIGNIFICANT HAZARDS CONSIDERATION The proposed amendment is required by 10 CFR 73.54 (Rule) and includes three parts. The first part is the submittal of the Cooper Nuclear Station (CNS) Cyber Security Plan (Plan) for Nuclear Regulatory Commission review and approval.

The Plan conforms to the template provided in Nuclear Energy Institute 08-09, Revision 6, and provides a description of how the requirements of the Rule will be implemented at CNS. The Plan establishes how to achieve high assurance that nuclear power plant digital computer and communication systems and networks associated with the following are adequately protected against cyber attacks up to and including the design basis threat:

1.

Safety-related and important-to-safety functions;

2.

Security functions;

3.

Emergency preparedness functions, including offsite communications; and

4.

Support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions.

The second part of the proposed change is an implementation schedule. The third part adds a sentence to the existing Facility Operating License (FOL) license condition for Physical Protection to require Nebraska Public Power District (NPPD) to fully implement and maintain in effect all provisions of the Commission-approved cyber security plan as required by the Rule.

10 CFR 50.91 (a)(1) requires that licensee requests for operating license amendments be accompanied by an evaluation of significant hazard posed by issuance of an amendment. NPPD has evaluated this proposed amendment with respect to the criteria given in 10 CFR 50.92(c), as discussed below.

1.

Does the proposed amendment involve a significant increase in the probability or consequences of an accident previously evaluated?

NLS2010059 Page 3 of5 This LAR includes the proposed Plan (Attachment 4) that confonns to the template provided in NEI 08-09, Revision 6. In addition, the LAR includes the proposed change to the existing FOL license condition for Physical Protection (Attachments 2 and 3). The LAR contains the proposed implementation schedule (Attachment 5) as required by 10 CFR 73.54. A list of associated regulatory commitments is contained in Attachment

6.

4.0 REGULATORY EVALUATION

4.1 APPLICABLE REGULATORY REQUIREMENTS/CRITERIA This LAR is submitted pursuant to 10 CFR 73.54 which requires licensees currently licensed to operate a nuclear power plant under 10 CFR Part 50 to submit a Cyber Security Plan as specified in 10 CFR 50.4 and 10 CFR 50.90.

4.2 NO SIGNIFICANT HAZARDS CONSIDERATION The proposed amendment is required by 10 CFR 73.54 (Rule) and includes three parts. The first part is the submittal of the Cooper Nuclear Station (CNS) Cyber.

Security Plan (Plan) for Nuclear Regulatory Commission review and approval.

The Plan confonns to the template provided in Nuclear Energy Institute 08-09, Revision 6, and provides a description of how the requirements ofthe Rule will be implemented at CNS. The Plan establishes how to achieve high assurance that nuclear power plant digital computer and communication systems and networks associated with the following are adequately protected against cyber attacks up to and including the design basis threat:

1.

Safety-related and important-to-safety functions;

2.

Security functions;

3.

Emergency preparedness functions, including offsite communications; and

4.

Support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions.

The second part of the proposed change is an implementation schedule. The third part adds a sentence to the existing Facility Operating License (FOL) license condition for Physical Protection to require Nebraska Public Power District (NPPD) to fully implement and maintain in effect all provisions ofthe Commission-approved cyber security plan as required by the Rule.

10 CFR 50.91(a)(I) requires that licensee requests for operating license amendments be accompanied by an evaluation of sigriificant hazard posed by issuance of an amendment. N]?PD has evaluated this proposed amendment with respect to the criteria given in 10 CFR 50.92(c), as discussed below:

1.

Does the proposed amendment involve a significant increase in the probability or consequences of an accident previously evaluated?

NLS2010059 Page 4 of 5

Response

No The proposed amendment incorporates a new requirement in the FOL to implement and maintain a Cyber Security Plan as part of the facility's overall program for physical protection. Inclusion of the Plan in the FOL itself does not involve any modifications to safety-related structures, systems or components (SSCs). Rather, the Plan describes how the requirements of 10 CFR 73.54 are to be implemented to identify, evaluate, and mitigate cyber attacks up to and including the design basis threat, thereby achieving high assurance that the facility's digital computer and communications systems and networks are protected from cyber attacks.

The Plan and any associated plant modifications will not alter previously evaluated design basis accident analysis assumptions, add any accident initiators, or affect the capability of SSCs to perform their design function.

Therefore, the proposed amendment does not involve a significant increase in the probability or consequences of an accident previously evaluated.

2.

Does the proposed amendment create the possibility of a new or different kind of accident from any accident previously evaluated?

Response

No The proposed amendment provides assurance that safety-related SSCs are protected from cyber attacks. Implementation of 10 CFR 73.54 and the inclusion of a Cyber Security Plan in the FOL do not result in the need for any new or different design basis accident analysis. It does not introduce new equipment that could create a new or different kind of accident, and no new equipment failure modes are created. As a result, no new accident scenarios, failure mechanisms; or limiting single failures are introduced as a result of this proposed amendment.

Therefore, the proposed amendment does not create a possibility for an accident of a new or different type than those previously evaluated.

3.

Does the proposed amendment involve a significant reduction in a margin of safety?

Response

No The margin of safety is associated with the ability of the fission product barriers (i.e., fuel cladding, reactor coolant pressure boundary, and containment structure) to limit the level of radiation to the public. The proposed amendment will not alter the way any safety-related SSC functions and will not alter the way the plant is operated. The amendment provides assurance that safety-related SSCs are protected from cyber attacks. The proposed amendment will not introduce any new NLS2010059 Page 4 of5

Response

No The proposed amendment incorporates a new requirement in the FOL to implement and maintain a Cyber Security Plan as part of the facility's overall program for physical protection. Inclusion of the Plan in the FOL itself does not involve any modifications to safety-related structures, systems or components (SSCs). Rather, the Plan describes how the requirements of 10 CFR 73.54 are to be implemented to identify, evaluate, and mitigate cyber attacks up to and including the design basis threat, thereby achieving high assurance that the facility's digital computer and communications systems and networks are protected from cyber attacks.

The Plan and any associated plant modifications will not alter previously evaluated design basis accident analysis assumptions, add any accident initiators, or affect the capability of SSCs to perform their design function.

Therefore, the proposed amendment does not involve a significant increase in the probability or consequences of an accident previously evaluated.

2.

Does the proposed amendment create the possibility of a new or different kind of accident from any accident previously evaluated?

Response

. No The proposed amendment provides assurance that safety-related SSCs are protected from cyber attacks. Implementation of 10 CFR 73.54 and the inclusion of a Cyber Security Plan in the FOL do not result in the need for any new or different design basis accident analysis. It does not introduce new equipment that could create a new or different kind of accident, and no new equipment failure modes are created. As a result, no new accident scenarios, failure mechanisms;' or limiting single failures are introduced as a result of this proposed amendment.

Therefore, the proposed amendment does not create a possibility for an accident of a new or different type than those previously evaluated.

3.

Does the proposed amendment involve a significant reduction in a margin of safety?

Response

No The margin of safety is associated with the ability of the fission product barriers (i.e., fuel cladding, reactor coolant pressure boundary, and containment structure) to limitthe level of radiation to the public. The proposed amendment will not alter the way any safety-related SSC functions and will not alter the way the plant is operated. The amendment provides assurance that safety-related SSCs are protected from cyber attacks. The proposed amendment will not introduce any new

NLS2010059 Page 5 of 5 uncertainties or change any existing uncertainties associated with any safety limit. The proposed amendment has no impact on the structural integrity of the fuel cladding, reactor coolant pressure boundary, or containment structure. Based on the above considerations, the proposed amendment will not degrade the ability of the fission product barriers to limit the level of radiation to the public.

Therefore, the proposed change does not involve a significant reduction in a margin of safety.

Based on the above, NPPD concludes that the proposed amendment presents no significant hazards consideration under the standards set forth in 10 CFR 50.92(c), and accordingly, a finding of no significant hazards consideration is justified.

4.3 CONCLUSION

S In conclusion, based on the considerations discussed above: (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner; (2) such activities will be conducted in compliance with the Commission's regulations; and (3) the issuance of the amendment will not be inimical to the common defense and security or to the health and safety of the public.

5.0 ENVIRONMENTAL CONSIDERATION

The proposed amendment establishes the licensing basis for a Cyber Security program for CNS and will be a part of the Physical Security Plan. The proposed amendment meets the eligibility criterion for a categorical exclusion set forth in 10 CFR 51.22(c)(12).

Therefore, pursuant to 10 CFR 51.22(b), no environmental impact statement or environmental assessment need be prepared in connection with the issuance of the amendment.

6.0 REFERENCES

1.

Federal Register Notice, Final Rule 10 CFR Part 73, Power Reactor Security Requirements, published on March 27, 2009, 74 FR 13926.

2.

EA-02-026, Order Modifying Licenses, Safeguards and Security Plan Requirements, issued February 25, 2002.

3.

NEI 08-09, Revision 6, Cyber Security Plan for Nuclear Power Reactors, April 2010.

4.

NRC Letter to NEI dated June 7, 2010, Nuclear Energy Institute 08-09, Cyber Security Plan Template, Rev. 6.

NLS2010059 Page 5 of5 uncertainties or change any existing uncertainties associated with any safety limit. The proposed amendment has no impact on the structural integrity of the fuel cladding, reactor coolant pressure boundary, or containment structure. Based on the above considerations, the proposed amendment will not degrade the ability of the fission product barriers to limit the level of radiation to the pUblic.

Therefore, the proposed change does not involve a significant reduction in a margin of safety.

Based on the above, NPPD concludes that the proposed amendment presents no significant hazards consideration under the standards set forth in 10 CFR 50.92(c), and accordingly, a finding of no significant hazards consideration is justified.

4.3 CONCLUSION

S In conclusion, based on the considerations discussed above: (1) there is reasonable assurance that the health and safety of the public will not be endangered by operation in the proposed manner; (2) such activities will be conducted in compliance with the Commission's regulations; and (3) the issuance of the amendment will not be inimical to the common defense and security or to the health and safety of the public.

5.0 ENVIRONMENTAL CONSIDERATION

The proposed amendment establishes the licensing basis for a Cyber Security program for CNS and will be a part of the Physical Security Plan. The proposed amendment meets the eligibility criterion for a categorical exclusion set forth in 10 CFR 51.22(c)(12).

Therefore, pursuant to 10 CFR 51.22(b), no environmental impact statement or environmental assessment need be prepared in connection with the issuance of the amendment.

6.0 REFERENCES

1.

Federal Register Notice, Final Rule 10 CFR Part 73, Power Reactor Security Requirements, published on March 27,2009, 74 FR 13926.

2.

EA-02-026, Order Modifying Licenses, Safeguards and Security Plan Requirements, issued February 25, 2002.

3.

NEI 08-09, Revision 6, Cyber Security Plan for Nuclear Power Reactors, April 2010.

4.

NRC Letter to NEI dated June 7, 2010, Nuclear Energy Institute 08-09, Cyber Security Plan Template, Rev. 6.

NLS2010059 Page 1 of 2 Proposed Facility Operating License Change (Mark-Up)

Cooper Nuclear Station, Docket No. 50-298, DPR-46 Revised Facility Operating License Page Page 3 of 5 NLS2010059 Page 1 of2 Proposed Facility Operating License Change (Mark-Up)

Cooper Nuclear Station, Docket No. 50-298, DPR-46 Revised Facility Operating License Page Page 3 of5

(5)

Pursuant to the Act and 10 CFR Parts 30, 40, and 70, to possess, but not separate, such byproduct and special nuclear materials as may be produced by operation of the facility.

C.

This license shall be deemed to contain and is subject to the conditions specified in the following Commission regulations in 10 CFR Chapter I: Part 20, Section 30.34 of Part 30, Section 40.41 of Part 40, Sections 50.54 and 50.59 of Part 50, and Section 70.32 of Part 70; is subject to all applicable provisions of the Act and to the rules, regulations, and orders of the Commission now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:

(1)

Maximum Power Level The licensee is authorized to operate the facility at steady state reactor core power levels not in excess of 2419 megawatts (thermal).

(2)

Technical Specifications The Technical Specifications contained in Appendix A as revised through Amendment No. 236, are hereby incorporated in the license. The licensee shall operate the facility in accordance with the Technical Specifications.

I (3)

Physical Protection The licensee shall fully implement and maintain in effect all provisions of the Commission-approved Cooper Nuclear Station cyber security plan submitted by letter dated July 20, 2010, and withheld from public disclosure in accordance with 10 CFR 2.390..

The licensee shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contain Safeguards Information protected under 10 CFR 73.21, are entitled: "Cooper Nuclear Station Safeguards Plan," submitted by letter dated May 17, 2006.

(4)

Fire Protection The licensee shall implement and maintain in effect all provisions of the approved fire protection program as described in the Cooper Nuclear Station (CNS) Updated Safety Analysis Report and as approved in the Safety Evaluations dated November 29, 1977; May 23, 1979; November21, 1980; April 29, 1983; April 16, 1984; June 1, 1984; January 3, 1985; August 21, 1985; April 10, 1986; September 9, 1986; November 7,1988; February 3, 1989; August 15, 1995; and July 31, 1998, subject to the following provision:

The licensee may make changes to the approved fire protection program without prior approval of the Commission only if those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.

Amendment No. 236 Revised by letter dated March 5, 2007 3 of 5

\\

(5)

Pursuantto the Act and 10 CFR Parts 30, 40, and 70, to possess, but not separate, such byproduct and special nuclear materials as may be produced by operation of the facility.

C.

This licens.e shall be deemed to contain and is subject to the conditions specified in the following Commission regulations in 10 CFR Chapter I: Part 20, Section 30.34 of Part 30, Section 40.41 of Part 40,Sections 50.54 and 50.59 of Part 50, and Section 70.32 of Part 70; is subject to aI/ applicable provisions of the Act and to the rules, regulations, and orders of the Commission now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:

The licensee shall fully implement and maintain in effect all provisions of the Commission-approved Cooper Nuclear Station cyber security plan submitted by letter dated July 20,2010, and withheld from public disclosure in accordance with 10 CFR ~}90.

(1)

Maximum Power Level The licensee is authorized to operate the facility at steady state reactor core power levels not in excess of 2419 megawatts (thermal).

(2)

Technical Specifications The Technical SpeCifications contained in Appendix A as revised through Amendment No. 236, are hereby incorporated in the license. The licensee shall operate the facility in accordance with the Technical Specifications.

(3)

Physical Protection The licensee shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contain Safeguards Information protected under 10 CFR 73.21, are entitled: "Cooper Nuclear Station Safeguards Plan," submitted by letter dated May 17, 2006.

r--__

(4) --rire Protection The licensee shall implement and maintain in effect all provisions of the approved fire protection program as described in the Cooper Nuclear Station (CNS) Updated Safety Analysis Report and as approved in the Safety Evaluations dated November 29, 1977; May 23, 1979; November 21, 1980; April 29, 1983; April 16, 1984; June 1, 1984; January 3,1985; August 21,1985; April 10, 1986; September 9, 1986; November 7,1988; February 3,1989; August 15,1995; and July 31, 1998, subj~ctto the following provision:

The licensee may make changes to the approved fire protection program without prior approval of the Commission only if those changes would hot adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.

30f 5 Amendment No. 236 Revised by letter dated March 5, 2007

NLS2010059 Page 1 of 3 Proposed Facility Operating License Change (Re-typed)

Cooper Nuclear Station, Docket No. 50-298, DPR-46 Revised Facility Operating License Pages Page 3 of 5 Page 4 of 5 NLS2010059 Page 1 of3 Proposed Facility Operating License Change (Re-typed)

Cooper Nuclear Station, Docket No. 50-298, DPR-46 Revised Facility Operating License Pages Page 3 of5 Page 4 of5

(5)

Pursuant to the Act and 10 CFR Parts 30, 40, and 70, to possess, but not separate, such byproduct and special nuclear materials as may be produced by operation of the facility.

C.

This license shall be deemed to contain and is subject to the conditions specified in the following Commission regulations in 10 CFR Chapter I: Part 20, Section 30.34 of Part 30, Section 40.41 of Part 40, Sections 50.54 and 50.59 of Part 50, and Section 70.32 of Part 70; is subject to all applicable provisions of the Act and to the rules, regulations, and orders of the Commission now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:

(1)

Maximum Power Level The licensee is authorized to operate the facility at steady state reactor core power levels not in excess of 2419 megawatts (thermal).

(2)

Technical Specifications The Technical Specifications contained in Appendix A as revised through Amendment No. 236, are hereby incorporated in the license. The licensee shall operate the facility in accordance with the Technical Specifications.

(3)

Physical Protection The licensee shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contain Safeguards Information protected under 10 CFR 73.21, are entitled: "Cooper Nuclear Station Safeguards Plan," submitted by letter dated May 17, 2006.

The licensee shall fully implement and maintain in effect all provisions of the Commission-approved Cooper Nuclear Station cyber security plan submitted by letter dated July 20, 2010, and withheld from public disclosure in accordance with 10 CFR 2.390.

(4)

Fire Protection The licensee shall implement and maintain in effect all provisions of the approved fire protection program as described in the Cooper Nuclear Station (CNS) Updated Safety Analysis Report and as approved in the Safety Evaluations dated November 29, 1977; May 23, 1979; November 21, 1980; April 29, 1983; April 16, 1984; June 1, 1984; January 3, 1985; August 21, 1985; April 10, 1986; September 9, 1986; November 7, 1988; February 3, 1989; August 15, 1995; and July 31, 1998, subject to the following provision:

3 of 5 Amendment No. 236 Revised by letter dated March 5, 2007 (5)

Pursuant to the Act and 10 CFR Parts 30, 40, and 70, to possess, but not separate, such byproduct and special nuclear materials as may be produced by operation of the facility.

C.

This license shall be deemed to contain and is subject to the conditions specified in the following Commission regulations in 10 CFR Chapter I: Part 20, Section 30.34 of Part 30, Section 40.41 of Part 40, Sections 50.54 and 50.59 of Part 50, and Section 70.32 of Part 70; is subject to all applicable provisions of the Act and to the rules, regulations, and orders of the Commission now or hereafter in effect; and is subject to the additional conditions specified or incorporated below:

(1)

Maximum Power Level The licensee is authorized to operate the facility at steady state reactor core power levels not in excess of 2419 megawatts (thermal).

(2)

Technical Specifications The Technical Specifications contained in Appendix A as revised through Amendment No. 236, are hereby incorporated in the license. The licensee shall operate the facility in accordance with the Technical Specifications.

(3)

Physical Protection The licensee shall fully implement and maintain in effect all provisions of the Commission-approved physical security, training and qualification and safeguards contingency plans including amendments made pursuant to provisions of the Miscellaneous Amendments and Search Requirements revisions to 10 CFR 73.55 (51 FR 27817 and 27822) and to the authority' of 10 CFR 50.90 and 10 CFR 50.54(p). The combined set of plans, which contain Safeguards Information protected under 10 CFR 73.21, are entitled: "Cooper Nuclear Station Safeguards Plan," submitted by letter dated May 17, 2006.

The licensee shall fully implement and maintain in effect all provisions of the Commission-approved Cooper Nuclear Station cyber security plan submitted by letter dated July 20, 2010, and withheld from public disclosure in accordance with 10 CFR 2.390.

(4)

Fire Protection The licensee shall implement and maintain in effect all provisions of the approved fj're protection program as described in the Cooper Nuclear Station (CNS) Updated Safety Analysis Report and as approved in the Safety Evaluations dated November 29, 1977; May 23, 1979; November 21, 1980;.

April 29, 1983; April 16, 1984; June 1, 1984; January 3, 1985; August 21, 1985; April 10, 1986; September 9, 1986; November 7, 1988; February 3, 1989; August 15, 1995; and July 31, 1998, subject to the following provision:

3 of 5 Amendment No. Z36 Revised by letter dated March 5, 2007

The licensee may make changes to the approved fire protection program without prior approval of the Commission only if those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.

(5)

Additional Conditions The Additional Conditions contained in Appendix C, as revised through Amendment No. 178, are hereby incorporated into this license. Nebraska Public Power District shall operate the facility in accordance with the Additional Conditions.

(6)

Deleted (7)

Mitigation Strategy License Condition Develop and maintain strategies for addressing large fires and explosions and that include the following key areas:

(a)

Fire fighting response strategy with the following elements:

1.

Pre-defined coordinated fire response strategy and guidance

2.

Assessment of mutual aid fire fighting assets

3.

Designated staging areas for equipment and materials

4.

Command and control

5.

Training of response personnel (b)

Operations to mitigate fuel damage considering the following:

1.

Protection and use of personnel assets

2.

Communications

3.

Minimizing fire spread

4.

Procedures for implementing integrated fire response strategy

5.

Identification of readily-available pre-staged equipment

6.

Training on integrated fire response strategy

7.

Spent fuel pool mitigation measures (c)

Actions to minimize release to include consideration of:

1.

Water spray scrubbing

2.

Dose to onsite responders (8)

The licensee shall implement and maintain all Actions required by to NRC Order EA-06-137, issued June 20, 2006, except the last action that requires incorporation of the strategies into the site security plan, contingency plan, emergency plan and/or guard training and qualification plan, as appropriate.

4 of 5 Revised by letter dated August 9, 2007 Amendment No. 2*0 The licensee may make changes to the approved fire protection program without prior approval of the Commission only if those changes would not adversely affect the ability to achieve and maintain safe shutdown in the event of a fire.

(5)

Additional Conditions The Additional Conditions contained in Appendix C, as revised through Amendment No. 178, are hereby incorporated into this license. Nebraska Public Power District shall operate the facility in accordance with the Additional Conditions.

(6)

Deleted (7)

Mitigation Strategy License Condition.

Develop and maintain str;:ltegies for addressing large fires and explosions and that include the following key areas:

(a)

Fire fighting response strategy with the following elements:

1.

Pre-defined coordinated fire response strategy and guidance

2.

Assessment of mutual aid fire fighting assets

3.

Designated staging areas for equipment and materials

4.

Command and control

5.

Training of response personnel (b)

Operations to mitigate fuel damage considering the following:

1.

Protection and use of personnel assets

2.

Communications

3.

Minimizing fire spread

4.

Procedures for implementing integrated fire response strategy

5.

Identification of readily-available pre-staged equipment

6.

Training on integrated fire response strategy

  • 7.

Spent fuel pool mitigation measures (c)

Actions to minimize release to include consideration of:

1.

Water spray scrubbing

2.

Dose to onsite responders (8)

The licensee shall implement and maintain all Actions required by to NRC Order EA-06-137, issued June 20,2006, except the last action that requires incorporation of the strategies into the site security plan, contingency plan, emergency plan and/or guard training and qualification plan, as appropriate.

4 of 5 Revised by letter dated August 9, 2007 Amendment No. 23B

Retrieved from "https://kanterella.com/w/index.php?title=NLS2010059,_Withdrawal_and_Resubmission_of_License_Amendment_Request_for_Approval_of_the_Cyber_Security_Plan&oldid=5295582"