Text

June 10, 2021 10 CFR Part 53 Licensing and Regulation of Advanced Nuclear Reactors 10 CFR Part 53, Subpart F and 10 CFR Part 73 Emergency Preparedness and Security Preliminary Proposed Rule Language 1

Agenda 10:00am - 10:15am Welcome / Introductions / Logistics / Goals 10:15am - 11:30am Subpart F - Section 53.820, Emergency Preparedness and Section 53.830, Security Program 11:30am - 12:15pm Part 73 - Section 73.100, Technology Neutral Requirements for Physical Protection of Licensed Activities at Advanced Nuclear Plants Against Radiological Sabotage 12:15pm - 1:15pm Lunch Break 1:15pm - 2:00pm Part 73 - Section 73.110, Technology Neutral Requirements for Protection of Digital Computer and Communication Systems and Networks 2:00pm - 2:45pm Part 73 - Section 73.120, Access Authorization 2:45pm - 3:00pm Break 3:00pm - 3:30pm Part 26 - Overview of Fitness for Duty Requirements 3:30pm - 4:15pm Manufacturing Licenses and Other Topics 4:15pm - 5:00pm Additional Public Comments/Closing Remarks 2

Welcome/Introductions Welcome:

Rob Taylor, Office of Nuclear Reactor Regulation (NRR)

Speakers/Presenters:

Bob Beall, Office of Nuclear Materials Safety and Safeguards - Rulemaking PM

& Meeting Facilitator Brad Baxter, Office of Nuclear Security and Incident Response (NSIR)

Paul Harris, NSIR Juris Jauntirans, NSIR Eric Schrader, NSIR Steve Vitto, NSIR Bill Reckley, NRR - Technical Lead Nanette Valliere, NRR - Technical Lead Nuclear Energy Institute (NEI)

U.S. Nuclear Industry Council (USNIC)

Union of Concerned Scientists Public Meeting Slides: ADAMS Accession No. ML21148A059 3

Purpose of Todays Meeting Review preliminary proposed rule language for Part 53 and Part 73.

o Subpart F - Emergency Preparedness and Security Program o

Part 73 - Physical Protection, Cyber Security, Access Authorization, Overview of Fitness for Duty (FFD)

Todays meeting is a Comment-Gathering meeting, which means that public participation is actively sought in the discussion of the regulatory issues during the meeting.

o This meeting is being held in a workshop format to facilitate the discussion of todays topics.

o The meeting is being transcribed and the transcription will be available with the meeting summary by July 10, 2021.

No regulatory decisions will be made at todays meeting.

4

Security and Emergency Preparedness Objectives The staff aims to develop a technology-inclusive regulatory program for advanced reactors that applies a performance-based, graded approach for both emergency preparedness and a comprehensive range of security areas, including physical security, cyber security, information security, fitness for duty, access authorization.

o This regulatory framework will offer applicants flexibility to right-size their program by providing performance-based requirements that are commensurate with the risk to public health and safety.

o This regulatory framework is being developed in coordination with other current rulemaking activities, including the proposed Emergency Preparedness Requirements for Small Modular Reactors and Other New Technologies rulemaking and the Rulemaking for Physical Security for Advanced Reactors.

o Operating experience from power reactors and other NRC-regulated facilities (e.g., non-power reactors and fuel cycle facilities) were used to develop the graded approach.

o Stakeholder input is very important to facilitate our ability to develop this regulatory program.

5

6 Subpart F -

Emergency Preparedness

Subpart F - § 53.820 Emergency Preparedness (EP) 7

• Each licensee must develop and maintain an emergency response plan that provides reasonable assurance that adequate protective measures can and will be taken in the event of a radiological emergency.

• The emergency plan must contain information needed to demonstrate compliance with the elements set forth in:

o Section 50.160, or o the requirements in appendix E to 10 CFR part 50 and the planning standards in § 50.47.

Subpart F - Emergency Preparedness Discussion 8

9 Subpart F -

Security Program

Subpart F - § 53.830 Security Program 10

• Develop and implement security programs o Physical security o Cyber security o Access authorization o Information security o FFD

Subpart F - § 53.830(a)

Security Program 11

• Each licensee must establish, maintain, and implement a physical protection program meeting the following requirements:

o Protection of special nuclear material based on the form, enrichment, and quantity in accordance with 10 CFR part 73, as applicable, and o Implement security requirements for the protection of Category 1 and Category 2 quantities of radioactive material in accordance with 10 CFR part 37, as applicable.

Subpart F - § 53.830(a)(2)

Security Program 12

• The licensee is required to meet the provisions set forth in

§ 73.55 or § 73.100 unless the licensee meets the following criterion.

o The radiological consequences from a hypothetical, unmitigated event involving the loss of engineered systems for decay heat removal and possible breaches in physical structures surrounding the reactor, spent fuel, and other inventories of radioactive materials result in offsite doses below the values in §§ 53.210(b)(1) and (2).

o Analysis. The licensee must perform a site-specific analysis to demonstrate that this criterion is met. The licensee must maintain the analysis until the permanent cessation of operations.

Section 53.210(b)(1): 25 rem (250 mSv) total effective dose equivalent (TEDE) at any point on the boundary of the exclusion area for any 2-hour period following.

Section 53.210(b)(2): 25 rem TEDE at outer boundary of the low population zone.

Subpart F - § 53.830(a)

Security Program 13 Consequence Based Criterion (Developed from Criterion A in Rulemaking on Alternative Physical Security Requirements for Advanced Reactors)

Criterion Not Met Consequences could endanger public (radiological sabotage as defined in § 73.2)

Required to protect against the Design Basis Threat (DBT) of radiological sabotage Criterion Met Consequences are below the values defined in

§§ 53.210(b)(1) and (2)

Apply 10 CFR part 73 and 10 CFR part 37 10 CFR part 73: commensurate with the protection of special nuclear material (SNM) and strategic special nuclear material (SSNM) (Cat III, Cat II, and Cat I),

based on the form, enrichment, and quantity, as applicable and 10 CFR part 37: Apply requirements for the protection of Category 1 and Category 2 quantities of radioactive material, as applicable Apply § 73.55 or § 73.100 Section 73.55: existing performance/prescriptive requirements on design of physical protection program to protect against the DBT or Section 73.100: performance requirements for design of physical protection program to protect against the DBT Advanced Reactor Applicant

Subpart F - § 53.830(b)-(e)

Security Program 14

• Each licensee under this part must establish, maintain, and implement:

o FFD program that meets the requirements in 10 CFR part 26.

o Access authorization program that meets the requirements in § 73.120 if the criterion in

§ 53.830(a)(2)(1) is met, or § 73.56, if the criterion is not met.

o Cyber Security program that meets the requirements in

§ 73.110.

o Information protection system that meets the requirements of §§ 73.21, 73.22, and 73.23, as applicable.

Subpart F - Security Program Discussion 15

16 Part 73 - Section 73.100:

Physical Security for Advanced Nuclear Reactors

10 CFR 73.100 Physical Security for Advanced Reactors 17

• Proposed new section within Part 73

• Provides a technology inclusive regulatory framework based on performance requirements

• Allows licensees flexibility to determine how to protect against the DBT and security of the plant for possession and activities involving nuclear material In alignment with the Advanced Reactor Policy Statement and the preliminary proposed Part 53, security should be incorporated early in the design to achieve a more robust and effective security posture with less reliance on human actions.

10 CFR 73.100(a) & (b) Introduction and General Performance Objectives and Requirements 18 Paragraph (a): requirements are implemented through the security plans which must identify, describe, and account for site specific conditions Paragraph (b)(1): the design and implementation of the physical protection program must achieve and maintain at all time the capabilities for meeting the following performance requirements:

o Intrusion detection systems o

Intrusion assessment systems o

Security communication systems o

Security delay systems o

Security response o

Control measures protecting against land and waterborne vehicle bomb assaults o

Access control portals The designs must apply the principles of redundancy, diversity, and appropriately layer for defense-in-depth (DID).

10 CFR 73.100(b)(2) General Performance Objectives and Requirements (Cont.)

19

• Paragraph (b)(2): To satisfy the general performance objective and requirements, the physical protection program must protect against the DBT of radiological sabotage as stated in § 73.1. Specifically, the licensee must:

o (i) Ensure that the physical protection program capabilities are maintained at all times.

o (ii) Provide DID.

DID is achieved by providing multiple layers of protection, systems, and/or barriers to avoid (or provide the capability to tolerate) failures that would prevent the accomplishment of a function.

Operational requirements (i.e., security responses providing interdiction and neutralization functions) provide DID by using layers of protection and by accounting for uncertainties (e.g., equipment malfunction, human factors, neutralized or operationally ineffective responses, etc.) to perform required interdiction and neutralization function at all plant areas.

10 CFR 73.100(b)(3)-(9)

Physical Security for Advanced Reactors 20

• Identify and analyze site-specific conditions

• Establish, maintain, and implement performance evaluation program

• Establish, maintain, and implement access authorization program in accordance with § 73.56

• Establish, maintain, and implement cyber security program in accordance with § 73.110

• Establish, maintain, and implement insider mitigation program (IMP) to protect against an insider (active, passive, or both)

• Corrective action program

• Coordinate implementation of security operations and plans with plant operations

10 CFR 73.100(c)

Security Organization 21

• Security organization composition, equipping, and training to implement physical protection program

• Effective implementation of physical protection program

• Implementing procedures

• Approval process

• Change process to ensure changes continue to satisfy the requirements of this section

• Retention of analyses, assessment, calculations and descriptions of technical basis for meeting the performance requirements

• Training and qualification for individuals who implement the physical protection program

10 CFR 73.100(d)

Search Requirements 22

• Searches to detect and prevent the introduction of firearms, explosives, incendiary devices, or other items and materials which could be used to commit radiological sabotage

• Search of individuals, vehicles, and materials consistent with performance requirements The broad categories of material (explosives, firearms, incendiary devices, etc.) that will be excepted are not prescribed but will be stated in the licensee security plans with detailed descriptions being identified in implementation procedures.

10 CFR 73.100(e)

Security Reviews 23

• Independent security reviews including performance evaluation and maintenance, testing, and calibration of physical protection systems and requirements o Timely identification and documentation of vulnerabilities, improvements, and corrective actions o Assessment of detection, assessment, communication, delay, interdiction, neutralization o Assess capability of passive and active engineering systems to protect against DBT

10 CFR 73.100(f)

Performance Evaluation 24

• Establish methods appropriate and necessary to assess, test, and challenge the integration of the physical protection programs functions to protect against the DBT

• The licensee must establish the appropriate and necessary frequencies for performance evaluations, verifications, and assessments based on the importance, security significance, reliability, and availability

• Document processes and procedures and maintain records, including results, findings, and corrective actions, for implementing the performance evaluations, verifications, and assessments.

10 CFR 73.100(g) - Maintenance, Testing, and Calibration and Corrective Actions 25

• Performance requirements for maintaining security structures, systems, or components (SSCs) relied on to perform security functions to protect against the DBT

• Corrective actions in response to a failure or degradation of security equipment to perform its intended functions and implementation of security programs

• Timely and equivalent compensatory measures

• Documentation of processes and procedures

10 CFR 73.100(h)

Suspension of Security Measures 26

• Suspension of security measures in accordance with

§§ 50.54(x) and 50.54(y) in response to emergency and extraordinary events

• Flexibility to take reasonable actions that depart from an approved security plan to protect the public health and safety

• The suspension of security measures must be reported and documented in accordance with the provisions of § 73.71.

References to § 50.54 serve as a place holder until the corresponding section within Part 53 is developed.

10 CFR 73.100(i)

Records 27

• Licensee must maintain all records required to be kept by Commission until termination of license for which records were developed and superseded records for 3 years

• If a contracted security force is used for the onsite protection program, licensee must retain the written agreement for duration of contract

• Records must be available for inspection for 3 years

Part 73 - Physical Security for Advanced Nuclear Reactors Discussion 28

MEETING BREAK Meeting to resume in 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> 29

30 Part 73 - Section 73.110:

Cyber Security

31 10 CFR 73.110 Cyber Security

10 CFR 73.110(a)

Cyber Security 32 The staff is interested in stakeholder views on whether any additional consequences should be included herein. The graded approach will be explained as part of a new regulatory guidance development effort.

• Establish, implement, and maintain a graded cyber security program commensurate with potential consequences, which:

o Lead to offsite radiation hazards that would endanger public health and safety by exceeding the criterion in § 53.830(a)(2)(i) o Adversely impact the functions performed by the digital assets used by the licensee for implementing the physical security requirements in

§ 53.830(a)(1) for SNM, source material, and byproduct material.

• Need to protect systems associated with the following functions commensurate with the potential consequences from a cyber attack:

o Safety o Security o EP 33 10 CFR 73.110(b)

Functions

• The licensee shall meet the confidentiality, integrity, and availability requirements in

§ 73.54(a)(2) for the systems and networks covered by paragraph (b) of this section in a manner that is commensurate with the potential consequences resulting from cyber attacks.

34 10 CFR 73.110(c)

Impacts

• To accomplish this, the licensee shall:

o Analyze the potential consequences resulting from cyber attacks and identify those assets that must be protected o Establish, implement, and maintain a cyber security program for the protection of the assets identified under paragraph (d)(1) of this section 35 10 CFR 73.110(d)

Graded Approach

• In a manner that is commensurate with the potential consequences resulting from cyber attacks, the Cyber Security Program must:

o Implement security controls to protect assets from cyber attacks, commensurate with their safety and security significance o Apply and maintain DID protective strategies to ensure the capability to detect, delay, respond to, and recover from cyber attacks capable of causing the consequences identified in paragraph (a) of this section o Mitigate the adverse effects of cyber attacks capable of causing the consequences identified in paragraph (a) of this section, and o Ensure that the functions of protected assets identified under paragraph (d)(1) of this section are not adversely impacted due to cyber attacks capable of causing the consequences identified in paragraph (a) of this section.

36 10 CFR 73.110(e)

Cyber Security Program Design

• The requirement is intended to address the implementation of a cyber security program and the associated security life cycle activities for maintaining it:

o Continuous monitoring and assessment, configuration management o

Ongoing assessment of security controls and programs effectiveness o

Vulnerability scans/assessments o

Cyber security event notification 37 10 CFR 73.110(f)

Cyber Security Program Management

10 CFR 73.110 Cyber Security Discussion 38

39 Part 73 - Section 73.120:

Access Authorization

10 CFR 73.120 Access Authorization 40 Technology Inclusive Personnel Access Authorization Requirements The existing regulatory framework for access authorization under

§§ 73.55, 73.56, and 73.57, is sufficient to provide reasonable assurance that individuals subject to this program are trustworthy and reliable such that they do not constitute an unreasonable risk to the public health and safety, common defense and security, regardless of the reactor technology.

The access authorization requirements proposed in Part 53 are scalable commensurate with the demonstrated safety of the facility, considering security, and provide for the equivalent level of protections afforded by the existing requirements for the operating reactor fleet. (Model current licensed research and test reactors and material licensees, included fuel cycle facilities)

10 CFR 73.120 Access Authorization Consequence-Based Criterion 41

• Applicants meeting the criterion in § 53.830(a)(2)(i) shall establish, maintain and implement an access authorization program under this section.

o Advanced reactor design makes a safety case, considering security, that an offsite release would not exceed certain eligibility criterion

• Those applicants not meeting the criterion shall establish, maintain, and implement an access authorization program in accordance with § 73.56 to include the requirements to implement an IMP, consistent with the current operating nuclear power fleet.

10 CFR 73.120 Access Authorization Consequence-Based Criterion 42 Consequence Based Criterion, § 53.830(a)(2)(i)

Commensurate with risk and consequence to public health and safety who demonstrate in a safety analysis (considering security) that the offsite consequences would not exceed certain eligibility criteria Criterion Not Met Consequences endanger public (radiological sabotage as defined in § 73.2)

Protect against the DBT Criterion Met Consequences do not endanger public (no radiological sabotage as defined in § 73.2)

May elect to implement access authorization program or provide exemptions from certain requirements.

Safety Related Equipment Section 53.460 Safety Category and Treatment (use the scalable designation of equipment required for maintaining safety basis/operations to determine the need for access to equipment and plant areas)

Apply § 73.120 Scalable requirements proposed in § 73.120 Criminal History Balance of plant elements Granting/maintaining unescorted access (UA)/Termination UA Licensee has no safety-related SSCs and only designated NSRSS SSCs must meet the requirements of § 73.120 Apply Full § 73.56 Access authorization performance requirements to provide high assurance that individuals are trustworthy and reliable, and do not constitute an unreasonable risk to public health and safety, the common defense and security, or radiological sabotage Apply 10 CFR Part 26, §§ 73.54, 73.55, 73.56, 73.57 requirements IMP - §§ 73.55(b)(7) & 73.55(b)(9)

Existing performance/prescriptive requirements on design to protect against the DBT Advanced Reactor Applicant

10 CFR 73.120(b)

Applicability 43

• Consistent with § 73.56(b)

• Five classes of individuals subject to the program:

o Individuals with UA to protected area, vital area, material access area, or controlled access area where the material is used or stored o Individuals with virtual/remote access o Security Personnel and those familiar with sites protective strategy

Offsite law enforcement shall not be subject to licensee access authorization program o Reviewing Official (licensee, applicant or contractor/vendor (if applicable) program reviewers) o Other individuals at discretion of licensee or applicant

10 CFR 73.120(c)

General Performance Objectives and Requirements 44 Applicants meeting the consequence-based criterion under

§ 53.830(a)(2)(i) may elect to implement voluntary access authorization program found within this chapter in lieu of a full access program or opt for an exemption from certain requirements based on technology.

Applicants applying the performance objectives in the proposed

§ 73.120 will design an access authorization program similar to that required of a non-power or material licensee.

These performance objectives will scale performance based and risk-informed requirements commensurate with the safety of the facility (considering security).

Proposed performance objectives and requirements would provide for the equivalent level of protection afforded by the existing requirements for the operating reactor fleet.

10 CFR 73.120 (c)(1)-(4)

Scalable Program Performance Objectives 45 Design Program Objectives and Requirements Includes Alternative Security Measures (ASM) and Licensing Conditions for non-power reactors and material licensees. Licensee may consider important program elements in § 73.56, to include background investigations, criminal history checks, behavioral observation, granting/terminating UA, protecting individual privacy, and record retention.

Section 73.120(c)(1) Background Investigations - This section is consistent with the background investigation elements under

§ 73.56(d)(1-7). (such as informed consent, personnel history disclosures, criminal history reviews, credit evaluation, verification of true-identity, character & reputation, and employment verification(unemployment/military/education) o This requirement is also consistent with security measures applied to non-power reactor licensees

10 CFR 73.120 (c)(2)

Scalable Program Performance Objectives 46 Paragraph (c)(2), Behavioral observation: This paragraph outlines the roles and responsibilities of individuals subject to behavioral observation. This proposed requirement is a scaled version of the full behavioral observation program as required under § 73.56(f).

• This provision does not require the establishment of a full training program for behavioral observation (i.e., initial and refresher training including knowledge checks) as required for power reactors under § 73.56.

• Behavioral observation shall include self-reporting of legal actions in accordance with § 73.56(g)

10 CFR 73.120 (c)(3)-(4)

Scalable Program Performance Objectives 47 Paragraph (c)(3), UA: UA shall be granted only after the licensee has verified an individual is trustworthy and reliable.

o A list of persons currently approved for UA to a protected area, vital area, material access area, or controlled access area must be maintained at all times.

o UA determinations shall be reviewed annually in accordance with § 73.56(i)(1)(iv).

o Criminal history updates shall be completed within 10 years of the last review.

Paragraph (c)(4), Termination of UA: UA shall be promptly terminated when a licensee determines this access is no longer required, or a reviewing official determines an individual is no longer trustworthy and reliable in accordance with this section.

10 CFR 73.120(c)(5)-(7)

Performance Objectives and Requirements 48 Paragraph (c)(5): Determination basis for access [§ 73.56(h)(1)(i)]. Any UA determination shall be made by a reviewing official who will determine whether to permit, deny, unfavorably terminate, maintain, or administratively withdraw an individuals UA based on an evaluation of all of the information collected to meet the requirements of this section.

Paragraph (c)(6): Review Procedures [§ 73.56(l)]. Review procedures shall be established in accordance with § 73.56(l) of this part, to include provisions for the notification of individuals who are denied UA or who are unfavorably terminated.

Paragraph (c)(7): Protection of Information [§ 73.56(m)]. A system of files and procedures shall be established and maintained in accordance with § 73.56(m) of this part, to ensure personal information is not disclosed to unauthorized persons.

10 CFR 73.120(c)(8)-(9)

Performance Objectives and Requirements 49

• Paragraph (c)(8): Audits and corrective action [§ 73.56(n)].

Procedures for use of audits and corrective actions shall be established in accordance § 73.56(n) of this part, to ensure the continuing effectiveness of the access authorization program and to ensure that the access authorization program and program elements are in compliance with the requirements of this section.

• Paragraph (c)(9): Records [§ 73.56(o)]. Records used or created to establish an individuals trustworthiness and reliability, or to document access determination must be maintained in accordance with § 73.56(o) of this part.

10 CFR 73.120 Access Authorization Discussion 50

MEETING BREAK Meeting to resume in 15 minutes 51

52 Part 26 - Fitness for Duty

10 CFR Part 26 FFD 53 Five Key Messages 1.

The existing regulatory framework for FFD programs under 10 CFR part 26 is sufficient to provide reasonable assurance that individuals subject to the program are fit for duty and trustworthy and reliable, such that they do not constitute an unreasonable risk to the public health and safety, and common defense and security. However, as written, the Part 26 requirements would not apply to a Part 53 licensee.

2.

The FFD approach leverages the existing requirements in 10 CFR part 26, subpart K, FFD programs for construction, that have been implemented by power reactor licensees over the last 8 years. Operating experience and NRC inspection have demonstrated that application of these requirements will continue to provide reasonable assurance that individuals can safely and competently perform assigned duties.

3.

To be inclusive of all potential advanced reactors, the staff is developing a risk-informed and performance-based approach for the application of the Subpart K and fatigue management requirements to Part 53 advanced reactor facilities.

10 CFR Part 26 FFD 54 Five Key Messages (continued) 4.

The FFD framework is expected to be supplemented with a new performance-based requirement that requires the Part 53 licensee to conduct an annual performance review of its FFD program. The is expected to require the licensee to develop performance objectives/metrics by which to measure program effectiveness and implement timely corrective actions should adverse trends be identified.

5.

The FFD framework is also expected to include: (1) flexibilities with licensee implementation of the drug and alcohol testing requirements that enable the licensee to use advanced biological testing methods (e.g., oral fluid and hair specimens) and (2) requirements that help ensure FFD program effectiveness and integration of the Part 53 licensed facility with the rest of the commercial power reactor community (e.g., authorization requirements, recordkeeping, and reporting).

10 CFR Part 26 FFD 55 FFD Risk-Informed Criterion A.

The radiological consequences from a hypothetical, unmitigated bounding event, unmitigated by human actions, involving the loss of engineered systems for decay heat removal and possible breaches in physical structures surrounding the reactor, spent fuel, and other inventories of radioactive materials result in offsite doses below the values defined in §§ 53.220(b)(1) and (2).

Drug and alcohol testing will not be required; however, a behavioral observation program will be required.

B.

Plant technologies, engineered safety features, and controls provide reasonable assurance that without operator action the plant can achieve and maintain a safe stable condition, remove decay heat, and the radiological consequences resulting from design basis accidents are as described in the final safety analysis report (FSAR) [criterion under development].

Program will be tiered and based on current requirements in Part 26, Subpart K, FFD programs for construction of commercial power reactor facilities.

10 CFR Part 26 FFD 56 The staff is interested in stakeholder views on Criterion B.

For example, is the scope of the criterion appropriate, should a radiation dose limit be proposed, and are there additional considerations that should be evaluated?

FFD Risk-Informed Criterion B (§ 26.YYY)

10 CFR Part 26 FFD 57 Current Part 26 FFD Programs Subparts A-I, N, and O operational program Subpart K, construction program Decommissioning program (TBD)

Part 53 Licensees Part 26, Subpart M - §26.XXX FFD Program

1. Describe FFD program in FSAR

2. Meet Part 26 administrative requirements

3. Implement a program that meets the FFD performance objectives

4. Implement behavioral observation

5. Enable, but not required, a corporate-based drug/alcohol testing program Part 26, Subpart M - §26.YYY FFD Program

1. Implements items 1 through 4 above

2. Requires a corporate-based drug and alcohol testing program that meets requirements that were developed from those in Subpart K, FFD Program for Construction

3. Prior to reactor operation, the licensee or other entity must implement an FFD program that meets the Part 26 FFD authorization, fatigue management, recordkeeping, and reportability requirements Neither criteria met Criterion B met Criteria A met NEW Subpart M, FFD Program for Advanced Reactors Risk-informed Technology inclusive Leverages existing Part 26 requirements

10 CFR Part 26 FFD 58 Administrative Requirements Subpart A - Administrative Provisions

§ 26.1 Purpose.

§ 26.3 Scope.

§ 26.4 FFD program applicability to categories of individuals.

§ 26.5 Definitions.

§ 26.7 Interpretations.

§ 26.8 Information collection requirements: OMB approval.

§ 26.9 Specific exemptions.

§ 26.11 Communications.

Subpart O - Inspections, Violations, and Penalties

§ 26.821 Inspections.

§ 26.823 Violations.

§ 26.825 Criminal penalties.

10 CFR Part 26 FFD 59 New Performance-based Requirement FFD Program Performance Monitoring and Review Monitor the effectiveness of its FFD program against licensee or other entity established performance objectives and associated metrics, in a manner sufficient to provide reasonable assurance that individuals subject to the program can safely and competently perform assigned duties and responsibilities and are trustworthy and reliable to maintain the types of access making them subject to this subpart.

Designed to indicate whether adverse trends are occurring, including number and rate of change of FFD policy violations Trending shall be timely updated as data is received and enable year-to-year comparisons.

Annual program review

10 CFR Part 26 FFD Discussion 60

61 Manufacturing Licenses and Other Topics

©2021 Nuclear Energy Institute NRC Meeting on Part 53 Marc Nichol Senior Director, New Reactors Manufacturing Licenses June 10, 2021

©2021 Nuclear Energy Institute 63

• Historical

• First introduced in Part 50 in 1973 - regulate off-shore power systems Approve preliminary reactor design for a CP, final design approved with OL Licensed some floating reactors (never built)

• 2007 revision in Part 52 Approve final design (equivalent to DC or COL)

Also addresses shipping to the site

• Part 53 Considerations - What is the role of the ML?

• Clarify which activities can be performed with a DC or SDA (without a COL)

• Clarify which activities can be performed only with a CP or COL

• Clarify which activities can only be performed by establishing ML provisions

• Clarify which activities draw in requirements from other Parts (e.g., Parts 30, 70)

• Determine whether requirements in other Parts need revision (e.g., Part 71)

Establishing the role of the ML

©2021 Nuclear Energy Institute 64

• Enablers of new business models (smaller sizes)

• High degree of factory construction

• Customers as energy users and not sellers

• Lower costs conducive to building for off the shelf orders

• Novel activities related to new business models 1.

Speculative Manufacture of Reactor Modules without a Customer Order 2.

Fully Assemble an Operable Reactor at the Factory 3.

Testing a Fully Assembled Reactor at the Factory 4.

Fuel a Fully Assembled Reactor at the Factory 5.

Transporting a Fueled Reactor from the Factory 6.

Multiple Operating Locations 7.

Defueling and Refurbishing Operated Reactor at a Factory 8.

Alternative Siting Pathways (longer term consideration)

New business models

©2021 Nuclear Energy Institute 65 Speculative Manufacture of Reactor Modules without a Customer Order No customer identified at time reactor is manufactured Reduce deployment time by having ready off-the-shelf reactors Later (months or more): customer (with a CP or COL) places order Fully Assemble an Operable Reactor at the Factory Assemble all SSCs of a reactor such that it could be brought to power By definition, does not rely on significant on-site construction work No fuel loaded into reactor, no fuel in the factory May be multiple manufacturing facilities, and may change over time Activities that may be permitted for DC, CP or COL

©2021 Nuclear Energy Institute 66 Testing a Fully Assembled Reactor at the Factory Perform criticality and power ascension testing at factory More efficient for high volume of reactor production Fuel is removed after testing, reloaded after arrival at operating site Fuel a Fully Assembled Reactor at the Factory Fuel loaded in reactor at factory and will remain fueled Eliminates infrastructure need to load fuel at operating site Currently performed by at least one licensee Defueling and Refurbishing Operated Reactor at a Factory Return fueled reactor to refurbishment center (remove used fuel and load new fuel)

Factory may also provide long-term used fuel storage and reactor decommissioning Activities that require fuel at the factory

©2021 Nuclear Energy Institute 67 Transporting a Fueled Reactor from the Factory Direct result of activity to fuel reactor at factory Desire to minimize testing and inspection at operating site Shipment of used fuel after use at operating site Multiple Operating Locations Flexibility for reactors with very little site infrastructure needs Operate at Site #1 (e.g., 20 years, 5 years) then move to Site #2 Site #2 would have NRC issued COL or OL before receiving reactor Activities related to transportation and operating sites

©2021 Nuclear Energy Institute 68

• Focused on the safety of the reactor:

• Design (as-fabricated condition)

• Process (QA, Codes and Standards, Part 21)

• Operations (operating conditions and envelope of site conditions)

• Should not specify detailed requirements related to manufacturing (consistent with requirements for CP/OL, DC/SDA and COL)

• Reactor can be manufactured at any facility within the control of ML holder/contractors (including movement between facilities)

• Factory activities involving use of fuel:

• Subject to Parts 30, 40, 73, 74, and 75

• Need to determine approach toward Parts 70

• Part 51 environmental considerations only for factory where fuel is located

• Transportation Activities - Part 71 may need revision if not incorporated into Part 53

• Storage Activities - Part 72 license needed if not incorporated into Part 53 Conceptual Approach to ML in Part 53

©2021 Nuclear Energy Institute 69 All Options

• Part 53 Scope: design, process, operations, decommissioning

• For fuel at factory: Materials requirements in Parts 30, 40, 73, 74 and 75 1.

Part 53 Only Option

• Part 53 fuel related scope: testing, fueling, transportation, refueling, storage

• Incorporates relevant requirements of Parts 70, 71 and 72 2.

Part 53 Centric Option

• Part 53 fuel related scope: testing and fueling

• Incorporates specific aspects of Parts 70 for fuel and criticality

• Part 71 and 72 licenses for transport and storage; Part 71 may need revision 3.

Part 53 Limited Option

• Part 53 fuel related scope : none

• Part 70 license for activities with fuel at factory; Part 71 and 72 licenses Options for Part 53 Requirements

Manufacturing Licenses and Other Topics Discussion 70

Rulemaking Stakeholder Engagement 71 Future stakeholder interactions will emphasize broadening engagement and bolstering forward progress by focusing on the following activities:

o Optimizing future public and ACRS meetings to be more topic-specific to enable richer focused dialogue on specific issues (e.g.,

security, staffing) and engagement with other stakeholders (e.g.,

NGOs);

o Releasing preliminary proposed rule language for the remaining Part 53 Subparts to enable stakeholder comments on an integrated rule; o

Further considering stakeholder comments on previously released preliminary proposed rule language; and o

Releasing new iterations on previously released preliminary proposed rule language.

The NRC staff will continue to accept written comments on the preliminary proposed rule language via regulations.gov. (85 FR 71002)

Final Discussion and Questions 72

Part 53 Rulemaking Schedule Milestone Schedule Major Rulemaking Activities/Milestones Schedule Public Outreach, ACRS Interactions and Generation of Proposed Rule Package Present to April 2022 (10 months)

Submit Draft Proposed Rule Package to Commission May 2022 Publish Proposed Rule and Draft Key Guidance October 2022 Public Comment Period - 60 days November and December 2022 Public Outreach and Generation of Final Rule Package January 2023 to February 2024 (14 months)

Submit Draft Final Rule Package to Commission March 2024 Office of Management and Budget and Office of the Federal Register Processing July 2024 to September 2024 Publish Final Rule and Key Guidance October 2024 73

Future Public Meetings The NRC staff will continue to announce public meetings to discuss and receive feedback on various regulatory topics and preliminary proposed rule text.

o Preliminary proposed rule text will be posted on regulations.gov under docket ID NRC-2019-0062 before the public meetings.

The NRC staff is scheduled to meet with the ACRS Future Plants Subcommittee on July 21, 2021.

74

Closing Remarks Rulemaking Contacts Robert.Beall@nrc.gov 301-415-3874 William.Reckley@nrc.gov 301-415-7490 Regulations.gov docket ID: NRC-2019-0062 Please provide feedback on this public meeting using this link:

https://www.nrc.gov/public-involve/public-meetings/contactus.html 75

Acronyms and Abbreviations 76 ACRS Advisory Committee on Reactor Safeguards ADAMS Agencywide Document Access Management System BOP Balance of plant CFR Code of Federal Regulations COL Combined operating license DBT Design basis threat DC Design certification DID Defense-in-depth EP Emergency preparedness FFD Fitness for Duty FR Federal Register IMP Insider mitigation program mSv Millisievert ML Manufacturing license NEI Nuclear Energy Institute NGO Non-governmental organization NRC U.S. Nuclear Regulatory Commission NRR Office of Nuclear Reactor Regulation NSIR Office of Nuclear Security and Incident Response NSRSS Non-safety related but safety significant OL Operating license OMB U.S. Office of Management and Budget QA Quality assurance Rem Roentgen-equivalent man

Acronyms and Abbreviations (contd.)

77 SDA Standard design approval SNM Special nuclear material SSCs Structures, systems, and components SSNM Strategic special nuclear material TEDE Total effective dose equivalent UA Unescorted access USNIC U.S. Nuclear Industry Council

Background Slides 78

First Principles 79 See: SECY-18-0096, Functional Containment Performance Criteria for Non-Light-Water-Reactors, and INL/EXT-20-58717, Technology-Inclusive Determination of Mechanistic Source Terms for Offsite Dose-Related Assessments for Advanced Nuclear Reactor Facilities

Integrated Approach Consequence Based Security EP for SMRs and ONTs Functional Containment Insurance and Liability Siting near densely populated areas Environmental Reviews Licensing Modernization Project 80

Part 53 Rulemaking 81 The Part 53 Rulemaking Process*

• The process depicted in this schematic is unique to the Part 53 rulemaking and varies in some ways compared to a similar A Typical Rulemaking Process schematic available on the NRCs public website.

=

Background===

Nuclear Energy Innovation and Modernization Act (NEIMA; Public Law 115-439) signed into law in January 2019 requires the NRC to complete a rulemaking to establish a technology-inclusive, regulatory framework for optional use for commercial advanced nuclear reactors no later than December 2027 o

(1) ADVANCED NUCLEAR REACTORThe term advanced nuclear reactor means a nuclear fission or fusion reactor, including a prototype plant with significant improvements compared to commercial nuclear reactors under construction as of the date of enactment of this Act, 82

Plant Documents (Systems, Procedures, etc.)

Analyses (Prevention, Mitigation, Compare to Criteria)

Plant/Site (Design, Construction, Configuration Control)

Retirement Staffing &

Human Factors Configuration Control Surveillance Maintenance Operation Construction/

Manufacturing Construction Siting Design and Analysis LB Documents (Applications, SAR, TS, etc.)

NRC Staff Plan to Develop Part 53 Project Life Cycle System

& Component Design Analysis Requirements Subpart B Subpart C Subpart D Subpart E Subpart F Subpart G Subparts H & I Safety Categorization

& Special Treatment External Hazards Site Characteristics Environmental Considerations Ensuring Capabilities/

Reliabilities Change Control Environmental Considerations Programs Security, EP Facility Safety Program 83 Requirements Definition Safety Objectives Safety Criteria Safety Functions Other Subpart A General Provisions Subpart J Admin & Reporting Clarify Controls and Distinctions Between Other 10 CFR Parts