NRC Presentation Subpart F - Emergency Preparedness and Security Part 73 - Physical Protection, Cyber Security, and Access Authorization Preliminary Proposed Rule Language

ML21148A059
Person / Time
Issue date:	06/10/2021
From:	Robert Beall NRC/NMSS/DREFS/RRPB
To:
Beall, Robert
References
10 CFR Part 53, NRC-2019-0062, RIN 3150-AK31
Download: ML21148A059 (83)
v • d • e

Text

10 CFR Part 53 Licensing and Regulation of Advanced Nuclear Reactors 10 CFR Part 53, Subpart F and 10 CFR Part 73 Emergency Preparedness and Security Preliminary Proposed Rule Language June 10, 2021 1

Agenda 10:00am - 10:15am Welcome / Introductions / Logistics / Goals 10:15am - 11:30am Subpart F - Section 53.820, Emergency Preparedness and Section 53.830, Security Program 11:30am - 12:15pm Part 73 - Section 73.100, Technology Neutral Requirements for Physical Protection of Licensed Activities at Advanced Nuclear Plants Against Radiological Sabotage 12:15pm - 1:15pm Lunch Break 1:15pm - 2:00pm Part 73 - Section 73.110, Technology Neutral Requirements for Protection of Digital Computer and Communication Systems and Networks 2:00pm - 2:45pm Part 73 - Section 73.120, Access Authorization 2:45pm - 3:00pm Break 3:00pm - 3:30pm Part 26 - Overview of Fitness for Duty Requirements 3:30pm - 4:15pm Manufacturing Licenses and Other Topics 4:15pm - 5:00pm Additional Public Comments/Closing Remarks 2

Welcome/Introductions Welcome:

• Rob Taylor, Office of Nuclear Reactor Regulation (NRR)

Speakers/Presenters:

• Bob Beall, Office of Nuclear Materials Safety and Safeguards - Rulemaking PM

& Meeting Facilitator

• Brad Baxter, Office of Nuclear Security and Incident Response (NSIR)

• Paul Harris, NSIR

• Juris Jauntirans, NSIR

• Eric Schrader, NSIR

• Steve Vitto, NSIR

• Bill Reckley, NRR - Technical Lead

• Nanette Valliere, NRR - Technical Lead

• Nuclear Energy Institute (NEI)

• U.S. Nuclear Industry Council (USNIC)

• Union of Concerned Scientists Public Meeting Slides: ADAMS Accession No. ML21148A059 3

Purpose of Todays Meeting

• Review preliminary proposed rule language for Part 53 and Part 73.

o Subpart F - Emergency Preparedness and Security Program o Part 73 - Physical Protection, Cyber Security, Access Authorization, Overview of Fitness for Duty (FFD)

• Todays meeting is a Comment-Gathering meeting, which means that public participation is actively sought in the discussion of the regulatory issues during the meeting.

o This meeting is being held in a workshop format to facilitate the discussion of todays topics.

o The meeting is being transcribed and the transcription will be available with the meeting summary by July 10, 2021.

• No regulatory decisions will be made at todays meeting.

4

Security and Emergency Preparedness Objectives

• The staff aims to develop a technology-inclusive regulatory program for advanced reactors that applies a performance-based, graded approach for both emergency preparedness and a comprehensive range of security areas, including physical security, cyber security, information security, fitness for duty, access authorization.

o This regulatory framework will offer applicants flexibility to right-size their program by providing performance-based requirements that are commensurate with the risk to public health and safety.

o This regulatory framework is being developed in coordination with other current rulemaking activities, including the proposed Emergency Preparedness Requirements for Small Modular Reactors and Other New Technologies rulemaking and the Rulemaking for Physical Security for Advanced Reactors.

o Operating experience from power reactors and other NRC-regulated facilities (e.g., non-power reactors and fuel cycle facilities) were used to develop the graded approach.

o Stakeholder input is very important to facilitate our ability to develop this regulatory program.

5

Subpart F -

Emergency Preparedness 6

Subpart F - § 53.820 Emergency Preparedness (EP)

• Each licensee must develop and maintain an emergency response plan that provides reasonable assurance that adequate protective measures can and will be taken in the event of a radiological emergency.

• The emergency plan must contain information needed to demonstrate compliance with the elements set forth in:

o Section 50.160, or o the requirements in appendix E to 10 CFR part 50 and the planning standards in § 50.47.

7

Subpart F - Emergency Preparedness Discussion 8

Subpart F -

Security Program 9

Subpart F - § 53.830 Security Program

• Develop and implement security programs o Physical security o Cyber security o Access authorization o Information security o FFD 10

Subpart F - § 53.830(a)

Security Program

• Each licensee must establish, maintain, and implement a physical protection program meeting the following requirements:

o Protection of special nuclear material based on the form, enrichment, and quantity in accordance with 10 CFR part 73, as applicable, and o Implement security requirements for the protection of Category 1 and Category 2 quantities of radioactive material in accordance with 10 CFR part 37, as applicable.

11

Subpart F - § 53.830(a)(2)

Security Program

• The licensee is required to meet the provisions set forth in

§ 73.55 or § 73.100 unless the licensee meets the following criterion.

o The radiological consequences from a hypothetical, unmitigated event involving the loss of engineered systems for decay heat removal and possible breaches in physical structures surrounding the reactor, spent fuel, and other inventories of radioactive materials result in offsite doses below the values in §§ 53.210(b)(1) and (2).

o Analysis. The licensee must perform a site-specific analysis to demonstrate that this criterion is met. The licensee must maintain the analysis until the permanent cessation of operations.

Section 53.210(b)(1): 25 rem (250 mSv) total effective dose equivalent (TEDE) at any point on the boundary of the exclusion area for any 2-hour period following.

Section 53.210(b)(2): 25 rem TEDE at outer boundary of the low population zone.

12

Subpart F - § 53.830(a)

Security Program Advanced Reactor Applicant Consequence Based Criterion (Developed from Criterion A in Rulemaking on Alternative Physical Security Requirements for Advanced Reactors)

Criterion Not Met Criterion Met

• Consequences could endanger public (radiological

• Consequences are below the values defined in sabotage as defined in § 73.2) §§ 53.210(b)(1) and (2)

• Required to protect against the Design Basis Threat (DBT) of radiological sabotage Apply § 73.55 or § 73.100 Apply 10 CFR part 73 and 10 CFR part 37 Section 73.55: existing performance/prescriptive 10 CFR part 73: commensurate with the protection of requirements on design of physical protection special nuclear material (SNM) and strategic special program to protect against the DBT nuclear material (SSNM) (Cat III, Cat II, and Cat I),

based on the form, enrichment, and quantity, as or applicable Section 73.100: performance requirements for design and of physical protection program to protect against the DBT 10 CFR part 37: Apply requirements for the protection of Category 1 and Category 2 quantities of radioactive material, as applicable 13

Subpart F - § 53.830(b)-(e)

Security Program

• Each licensee under this part must establish, maintain, and implement:

o FFD program that meets the requirements in 10 CFR part 26.

o Access authorization program that meets the requirements in § 73.120 if the criterion in

§ 53.830(a)(2)(1) is met, or § 73.56, if the criterion is not met.

o Cyber Security program that meets the requirements in

§ 73.110.

o Information protection system that meets the requirements of §§ 73.21, 73.22, and 73.23, as applicable.

14

Subpart F - Security Program Discussion 15

Part 73 - Section 73.100:

Physical Security for Advanced Nuclear Reactors 16

10 CFR 73.100 Physical Security for Advanced Reactors

• Proposed new section within Part 73

• Provides a technology inclusive regulatory framework based on performance requirements

• Allows licensees flexibility to determine how to protect against the DBT and security of the plant for possession and activities involving nuclear material In alignment with the Advanced Reactor Policy Statement and the preliminary proposed Part 53, security should be incorporated early in the design to achieve a more robust and effective security posture with less reliance on human actions.

17

10 CFR 73.100(a) & (b) Introduction and General Performance Objectives and Requirements

• Paragraph (a): requirements are implemented through the security plans which must identify, describe, and account for site specific conditions

• Paragraph (b)(1): the design and implementation of the physical protection program must achieve and maintain at all time the capabilities for meeting the following performance requirements:

o Intrusion detection systems o Intrusion assessment systems o Security communication systems o Security delay systems o Security response o Control measures protecting against land and waterborne vehicle bomb assaults o Access control portals The designs must apply the principles of redundancy, diversity, and appropriately layer for defense-in-depth (DID).

18

10 CFR 73.100(b)(2) General Performance Objectives and Requirements (Cont.)

• Paragraph (b)(2): To satisfy the general performance objective and requirements, the physical protection program must protect against the DBT of radiological sabotage as stated in § 73.1. Specifically, the licensee must:

o (i) Ensure that the physical protection program capabilities are maintained at all times.

o (ii) Provide DID.

DID is achieved by providing multiple layers of protection, systems, and/or barriers to avoid (or provide the capability to tolerate) failures that would prevent the accomplishment of a function.

Operational requirements (i.e., security responses providing interdiction and neutralization functions) provide DID by using layers of protection and by accounting for uncertainties (e.g., equipment malfunction, human factors, neutralized or operationally ineffective responses, etc.) to perform required interdiction and neutralization function at all plant areas.

19

10 CFR 73.100(b)(3)-(9)

Physical Security for Advanced Reactors

• Identify and analyze site-specific conditions

• Establish, maintain, and implement performance evaluation program

• Establish, maintain, and implement access authorization program in accordance with § 73.56

• Establish, maintain, and implement cyber security program in accordance with § 73.110

• Establish, maintain, and implement insider mitigation program (IMP) to protect against an insider (active, passive, or both)

• Corrective action program

• Coordinate implementation of security operations and plans with plant operations 20

10 CFR 73.100(c)

Security Organization

• Security organization composition, equipping, and training to implement physical protection program

• Effective implementation of physical protection program

• Implementing procedures

• Approval process

• Change process to ensure changes continue to satisfy the requirements of this section

• Retention of analyses, assessment, calculations and descriptions of technical basis for meeting the performance requirements

• Training and qualification for individuals who implement the physical protection program 21

10 CFR 73.100(d)

Search Requirements

• Searches to detect and prevent the introduction of firearms, explosives, incendiary devices, or other items and materials which could be used to commit radiological sabotage

• Search of individuals, vehicles, and materials consistent with performance requirements The broad categories of material (explosives, firearms, incendiary devices, etc.) that will be excepted are not prescribed but will be stated in the licensee security plans with detailed descriptions being identified in implementation procedures.

22

10 CFR 73.100(e)

Security Reviews

• Independent security reviews including performance evaluation and maintenance, testing, and calibration of physical protection systems and requirements o Timely identification and documentation of vulnerabilities, improvements, and corrective actions o Assessment of detection, assessment, communication, delay, interdiction, neutralization o Assess capability of passive and active engineering systems to protect against DBT 23

10 CFR 73.100(f)

Performance Evaluation

• Establish methods appropriate and necessary to assess, test, and challenge the integration of the physical protection programs functions to protect against the DBT

• The licensee must establish the appropriate and necessary frequencies for performance evaluations, verifications, and assessments based on the importance, security significance, reliability, and availability

• Document processes and procedures and maintain records, including results, findings, and corrective actions, for implementing the performance evaluations, verifications, and assessments.

24

10 CFR 73.100(g) - Maintenance, Testing, and Calibration and Corrective Actions

• Performance requirements for maintaining security structures, systems, or components (SSCs) relied on to perform security functions to protect against the DBT

• Corrective actions in response to a failure or degradation of security equipment to perform its intended functions and implementation of security programs

• Timely and equivalent compensatory measures

• Documentation of processes and procedures 25

10 CFR 73.100(h)

Suspension of Security Measures

• Suspension of security measures in accordance with

§§ 50.54(x) and 50.54(y) in response to emergency and extraordinary events

• Flexibility to take reasonable actions that depart from an approved security plan to protect the public health and safety

• The suspension of security measures must be reported and documented in accordance with the provisions of § 73.71.

References to § 50.54 serve as a place holder until the corresponding section within Part 53 is developed.

26

10 CFR 73.100(i)

Records

• Licensee must maintain all records required to be kept by Commission until termination of license for which records were developed and superseded records for 3 years

• If a contracted security force is used for the onsite protection program, licensee must retain the written agreement for duration of contract

• Records must be available for inspection for 3 years 27

Part 73 - Physical Security for Advanced Nuclear Reactors Discussion 28

MEETING BREAK Meeting to resume in 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> 29

Part 73 - Section 73.110:

Cyber Security 30

10 CFR 73.110 Cyber Security 31

10 CFR 73.110(a)

Cyber Security

• Establish, implement, and maintain a graded cyber security program commensurate with potential consequences, which:

o Lead to offsite radiation hazards that would endanger public health and safety by exceeding the criterion in § 53.830(a)(2)(i) o Adversely impact the functions performed by the digital assets used by the licensee for implementing the physical security requirements in

§ 53.830(a)(1) for SNM, source material, and byproduct material.

The staff is interested in stakeholder views on whether any additional consequences should be included herein. The graded approach will be explained as part of a new regulatory guidance development effort.

32

10 CFR 73.110(b)

Functions

• Need to protect systems associated with the following functions commensurate with the potential consequences from a cyber attack:

o Safety o Security o EP 33

10 CFR 73.110(c)

Impacts

• The licensee shall meet the confidentiality, integrity, and availability requirements in

§ 73.54(a)(2) for the systems and networks covered by paragraph (b) of this section in a manner that is commensurate with the potential consequences resulting from cyber attacks.

34

10 CFR 73.110(d)

Graded Approach

• To accomplish this, the licensee shall:

o Analyze the potential consequences resulting from cyber attacks and identify those assets that must be protected o Establish, implement, and maintain a cyber security program for the protection of the assets identified under paragraph (d)(1) of this section 35

10 CFR 73.110(e)

Cyber Security Program Design

• In a manner that is commensurate with the potential consequences resulting from cyber attacks, the Cyber Security Program must:

o Implement security controls to protect assets from cyber attacks, commensurate with their safety and security significance o Apply and maintain DID protective strategies to ensure the capability to detect, delay, respond to, and recover from cyber attacks capable of causing the consequences identified in paragraph (a) of this section o Mitigate the adverse effects of cyber attacks capable of causing the consequences identified in paragraph (a) of this section, and o Ensure that the functions of protected assets identified under paragraph (d)(1) of this section are not adversely impacted due to cyber attacks capable of causing the consequences identified in paragraph (a) of this section. 36

10 CFR 73.110(f)

Cyber Security Program Management

• The requirement is intended to address the implementation of a cyber security program and the associated security life cycle activities for maintaining it:

o Continuous monitoring and assessment, configuration management o Ongoing assessment of security controls and programs effectiveness o Vulnerability scans/assessments o Cyber security event notification 37

10 CFR 73.110 Cyber Security Discussion 38

Part 73 - Section 73.120:

Access Authorization 39

10 CFR 73.120 Access Authorization Technology Inclusive Personnel Access Authorization Requirements

• The existing regulatory framework for access authorization under

§§ 73.55, 73.56, and 73.57, is sufficient to provide reasonable assurance that individuals subject to this program are trustworthy and reliable such that they do not constitute an unreasonable risk to the public health and safety, common defense and security, regardless of the reactor technology.

• The access authorization requirements proposed in Part 53 are scalable commensurate with the demonstrated safety of the facility, considering security, and provide for the equivalent level of protections afforded by the existing requirements for the operating reactor fleet. (Model current licensed research and test reactors and material licensees, included fuel cycle facilities) 40

10 CFR 73.120 Access Authorization Consequence-Based Criterion

• Applicants meeting the criterion in § 53.830(a)(2)(i) shall establish, maintain and implement an access authorization program under this section.

o Advanced reactor design makes a safety case, considering security, that an offsite release would not exceed certain eligibility criterion

• Those applicants not meeting the criterion shall establish, maintain, and implement an access authorization program in accordance with § 73.56 to include the requirements to implement an IMP, consistent with the current operating nuclear power fleet.

41

10 CFR 73.120 Access Authorization Consequence-Based Criterion Advanced Reactor Applicant Consequence Based Criterion, § 53.830(a)(2)(i)

Commensurate with risk and consequence to public health and safety who demonstrate in a safety analysis (considering security) that the offsite consequences would not exceed certain eligibility criteria Criterion Not Met Criterion Met

• Consequences endanger public (radiological

• Consequences do not endanger public (no sabotage as defined in § 73.2) radiological sabotage as defined in § 73.2)

• Protect against the DBT

• May elect to implement access authorization program or provide exemptions from certain requirements.

Apply Full § 73.56 Safety Related Equipment Access authorization performance requirements to

• Section 53.460 Safety Category and Treatment provide high assurance that individuals are trustworthy (use the scalable designation of equipment required and reliable, and do not constitute an unreasonable for maintaining safety basis/operations to determine risk to public health and safety, the common defense the need for access to equipment and plant areas) and security, or radiological sabotage Apply 10 CFR Part 26, §§ 73.54, 73.55, 73.56, 73.57 requirements Apply § 73.120 IMP - §§ 73.55(b)(7) & 73.55(b)(9) Scalable requirements proposed in § 73.120 Existing performance/prescriptive requirements on

• Criminal History design to protect against the DBT

• Balance of plant elements

• Granting/maintaining unescorted access (UA)/Termination UA Licensee has no safety-related SSCs and only designated NSRSS SSCs must meet the requirements of § 73.120 42

10 CFR 73.120(b)

Applicability

• Consistent with § 73.56(b)

• Five classes of individuals subject to the program:

o Individuals with UA to protected area, vital area, material access area, or controlled access area where the material is used or stored o Individuals with virtual/remote access o Security Personnel and those familiar with sites protective strategy Offsite law enforcement shall not be subject to licensee access authorization program o Reviewing Official (licensee, applicant or contractor/vendor (if applicable) program reviewers) o Other individuals at discretion of licensee or applicant 43

10 CFR 73.120(c)

General Performance Objectives and Requirements

• Applicants meeting the consequence-based criterion under

§ 53.830(a)(2)(i) may elect to implement voluntary access authorization program found within this chapter in lieu of a full access program or opt for an exemption from certain requirements based on technology.

• Applicants applying the performance objectives in the proposed

§ 73.120 will design an access authorization program similar to that required of a non-power or material licensee.

• These performance objectives will scale performance based and risk-informed requirements commensurate with the safety of the facility (considering security).

• Proposed performance objectives and requirements would provide for the equivalent level of protection afforded by the existing requirements for the operating reactor fleet.

44

10 CFR 73.120 (c)(1)-(4)

Scalable Program Performance Objectives Design Program Objectives and Requirements

• Includes Alternative Security Measures (ASM) and Licensing Conditions for non-power reactors and material licensees. Licensee may consider important program elements in § 73.56, to include background investigations, criminal history checks, behavioral observation, granting/terminating UA, protecting individual privacy, and record retention.

• Section 73.120(c)(1) Background Investigations - This section is consistent with the background investigation elements under

§ 73.56(d)(1-7). (such as informed consent, personnel history disclosures, criminal history reviews, credit evaluation, verification of true-identity, character & reputation, and employment verification(unemployment/military/education) o This requirement is also consistent with security measures applied to non-power reactor licensees 45

10 CFR 73.120 (c)(2)

Scalable Program Performance Objectives Paragraph (c)(2), Behavioral observation: This paragraph outlines the roles and responsibilities of individuals subject to behavioral observation. This proposed requirement is a scaled version of the full behavioral observation program as required under § 73.56(f).

• This provision does not require the establishment of a full training program for behavioral observation (i.e., initial and refresher training including knowledge checks) as required for power reactors under § 73.56.

• Behavioral observation shall include self-reporting of legal actions in accordance with § 73.56(g) 46

10 CFR 73.120 (c)(3)-(4)

Scalable Program Performance Objectives

• Paragraph (c)(3), UA: UA shall be granted only after the licensee has verified an individual is trustworthy and reliable.

o A list of persons currently approved for UA to a protected area, vital area, material access area, or controlled access area must be maintained at all times.

o UA determinations shall be reviewed annually in accordance with § 73.56(i)(1)(iv).

o Criminal history updates shall be completed within 10 years of the last review.

• Paragraph (c)(4), Termination of UA: UA shall be promptly terminated when a licensee determines this access is no longer required, or a reviewing official determines an individual is no longer trustworthy and reliable in accordance with this section.

47

10 CFR 73.120(c)(5)-(7)

Performance Objectives and Requirements

• Paragraph (c)(5): Determination basis for access [§ 73.56(h)(1)(i)]. Any UA determination shall be made by a reviewing official who will determine whether to permit, deny, unfavorably terminate, maintain, or administratively withdraw an individuals UA based on an evaluation of all of the information collected to meet the requirements of this section.

• Paragraph (c)(6): Review Procedures [§ 73.56(l)]. Review procedures shall be established in accordance with § 73.56(l) of this part, to include provisions for the notification of individuals who are denied UA or who are unfavorably terminated.

• Paragraph (c)(7): Protection of Information [§ 73.56(m)]. A system of files and procedures shall be established and maintained in accordance with § 73.56(m) of this part, to ensure personal information is not disclosed to unauthorized persons.

48

10 CFR 73.120(c)(8)-(9)

Performance Objectives and Requirements

• Paragraph (c)(8): Audits and corrective action [§ 73.56(n)].

Procedures for use of audits and corrective actions shall be established in accordance § 73.56(n) of this part, to ensure the continuing effectiveness of the access authorization program and to ensure that the access authorization program and program elements are in compliance with the requirements of this section.

• Paragraph (c)(9): Records [§ 73.56(o)]. Records used or created to establish an individuals trustworthiness and reliability, or to document access determination must be maintained in accordance with § 73.56(o) of this part.

49

10 CFR 73.120 Access Authorization Discussion 50

MEETING BREAK Meeting to resume in 15 minutes 51

Part 26 - Fitness for Duty 52

10 CFR Part 26 FFD Five Key Messages

1. The existing regulatory framework for FFD programs under 10 CFR part 26 is sufficient to provide reasonable assurance that individuals subject to the program are fit for duty and trustworthy and reliable, such that they do not constitute an unreasonable risk to the public health and safety, and common defense and security. However, as written, the Part 26 requirements would not apply to a Part 53 licensee.

2. The FFD approach leverages the existing requirements in 10 CFR part 26, subpart K, FFD programs for construction, that have been implemented by power reactor licensees over the last 8 years. Operating experience and NRC inspection have demonstrated that application of these requirements will continue to provide reasonable assurance that individuals can safely and competently perform assigned duties.

3. To be inclusive of all potential advanced reactors, the staff is developing a risk-informed and performance-based approach for the application of the Subpart K and fatigue management requirements to Part 53 advanced reactor facilities.

53

10 CFR Part 26 FFD Five Key Messages (continued)

4. The FFD framework is expected to be supplemented with a new performance-based requirement that requires the Part 53 licensee to conduct an annual performance review of its FFD program. The is expected to require the licensee to develop performance objectives/metrics by which to measure program effectiveness and implement timely corrective actions should adverse trends be identified.

5. The FFD framework is also expected to include: (1) flexibilities with licensee implementation of the drug and alcohol testing requirements that enable the licensee to use advanced biological testing methods (e.g., oral fluid and hair specimens) and (2) requirements that help ensure FFD program effectiveness and integration of the Part 53 licensed facility with the rest of the commercial power reactor community (e.g., authorization requirements, recordkeeping, and reporting).

54

10 CFR Part 26 FFD FFD Risk-Informed Criterion A. The radiological consequences from a hypothetical, unmitigated bounding event, unmitigated by human actions, involving the loss of engineered systems for decay heat removal and possible breaches in physical structures surrounding the reactor, spent fuel, and other inventories of radioactive materials result in offsite doses below the values defined in §§ 53.220(b)(1) and (2).

Drug and alcohol testing will not be required; however, a behavioral observation program will be required.

B. Plant technologies, engineered safety features, and controls provide reasonable assurance that without operator action the plant can achieve and maintain a safe stable condition, remove decay heat, and the radiological consequences resulting from design basis accidents are as described in the final safety analysis report (FSAR) [criterion under development].

Program will be tiered and based on current requirements in Part 26, Subpart K, FFD programs for construction of commercial power reactor facilities.

55

10 CFR Part 26 FFD FFD Risk-Informed Criterion B (§ 26.YYY)

The staff is interested in stakeholder views on Criterion B.

For example, is the scope of the criterion appropriate, should a radiation dose limit be proposed, and are there additional considerations that should be evaluated?

56

10 CFR Part 26 FFD Part 53 Licensees NEW Subpart M, FFD Program for Advanced Reactors Risk-informed Part 26, Subpart M - §26.XXX FFD Program Technology inclusive Leverages existing Part 26 requirements 1. Describe FFD program in FSAR

2. Meet Part 26 administrative requirements

3. Implement a program that meets the FFD performance objectives Criteria A

4. Implement behavioral observation met

5. Enable, but not required, a corporate-based drug/alcohol testing program Criterion B Part 26, Subpart M - §26.YYY FFD Program met

1. Implements items 1 through 4 above

2. Requires a corporate-based drug and alcohol testing program that Neither meets requirements that were developed from those in Subpart K, criteria met FFD Program for Construction

3. Prior to reactor operation, the licensee or other entity must implement an FFD program that meets the Part 26 FFD authorization, Current Part 26 FFD Programs fatigue management, recordkeeping, and reportability requirements Subparts A-I, N, and O operational program Subpart K, construction program Decommissioning program (TBD) 57

10 CFR Part 26 FFD Administrative Requirements Subpart A - Administrative Provisions

§ 26.1 Purpose.

§ 26.3 Scope.

§ 26.4 FFD program applicability to categories of individuals.

§ 26.5 Definitions.

§ 26.7 Interpretations.

§ 26.8 Information collection requirements: OMB approval.

§ 26.9 Specific exemptions.

§ 26.11 Communications.

Subpart O - Inspections, Violations, and Penalties

§ 26.821 Inspections.

§ 26.823 Violations.

§ 26.825 Criminal penalties.

58

10 CFR Part 26 FFD New Performance-based Requirement FFD Program Performance Monitoring and Review Monitor the effectiveness of its FFD program against licensee or other entity established performance objectives and associated metrics, in a manner sufficient to provide reasonable assurance that individuals subject to the program can safely and competently perform assigned duties and responsibilities and are trustworthy and reliable to maintain the types of access making them subject to this subpart.

Designed to indicate whether adverse trends are occurring, including number and rate of change of FFD policy violations Trending shall be timely updated as data is received and enable year-to-year comparisons.

Annual program review 59

10 CFR Part 26 FFD Discussion 60

Manufacturing Licenses and Other Topics 61

Manufacturing Licenses NRC Meeting on Part 53 Marc Nichol Senior Director, New Reactors June 10, 2021

©2021 Nuclear Energy Institute

Establishing the role of the ML

• Historical

• First introduced in Part 50 in 1973 - regulate off-shore power systems

• Approve preliminary reactor design for a CP, final design approved with OL

• Licensed some floating reactors (never built)

• 2007 revision in Part 52

• Approve final design (equivalent to DC or COL)

• Also addresses shipping to the site

• Part 53 Considerations - What is the role of the ML?

• Clarify which activities can be performed with a DC or SDA (without a COL)

• Clarify which activities can be performed only with a CP or COL

• Clarify which activities can only be performed by establishing ML provisions

• Clarify which activities draw in requirements from other Parts (e.g., Parts 30, 70)

• Determine whether requirements in other Parts need revision (e.g., Part 71)

©2021 Nuclear Energy Institute 63

New business models

• Enablers of new business models (smaller sizes)

• High degree of factory construction

• Customers as energy users and not sellers

• Lower costs conducive to building for off the shelf orders

• Novel activities related to new business models

1. Speculative Manufacture of Reactor Modules without a Customer Order

2. Fully Assemble an Operable Reactor at the Factory

3. Testing a Fully Assembled Reactor at the Factory

4. Fuel a Fully Assembled Reactor at the Factory

5. Transporting a Fueled Reactor from the Factory

6. Multiple Operating Locations

7. Defueling and Refurbishing Operated Reactor at a Factory

8. Alternative Siting Pathways (longer term consideration)

©2021 Nuclear Energy Institute 64

Activities that may be permitted for DC, CP or COL

• Speculative Manufacture of Reactor Modules without a Customer Order

• No customer identified at time reactor is manufactured

• Reduce deployment time by having ready off-the-shelf reactors

• Later (months or more): customer (with a CP or COL) places order

• Fully Assemble an Operable Reactor at the Factory

• Assemble all SSCs of a reactor such that it could be brought to power

• By definition, does not rely on significant on-site construction work

• No fuel loaded into reactor, no fuel in the factory

• May be multiple manufacturing facilities, and may change over time

©2021 Nuclear Energy Institute 65

Activities that require fuel at the factory

• Testing a Fully Assembled Reactor at the Factory

• Perform criticality and power ascension testing at factory

• More efficient for high volume of reactor production

• Fuel is removed after testing, reloaded after arrival at operating site

• Fuel a Fully Assembled Reactor at the Factory

• Fuel loaded in reactor at factory and will remain fueled

• Eliminates infrastructure need to load fuel at operating site

• Currently performed by at least one licensee

• Defueling and Refurbishing Operated Reactor at a Factory

• Return fueled reactor to refurbishment center (remove used fuel and load new fuel)

• Factory may also provide long-term used fuel storage and reactor decommissioning ©2021 Nuclear Energy Institute 66

Activities related to transportation and operating sites

• Transporting a Fueled Reactor from the Factory

• Direct result of activity to fuel reactor at factory

• Desire to minimize testing and inspection at operating site

• Shipment of used fuel after use at operating site

• Multiple Operating Locations

• Flexibility for reactors with very little site infrastructure needs

• Operate at Site #1 (e.g., 20 years, 5 years) then move to Site #2

• Site #2 would have NRC issued COL or OL before receiving reactor

©2021 Nuclear Energy Institute 67

Conceptual Approach to ML in Part 53

• Focused on the safety of the reactor:

• Design (as-fabricated condition)

• Process (QA, Codes and Standards, Part 21)

• Operations (operating conditions and envelope of site conditions)

• Should not specify detailed requirements related to manufacturing (consistent with requirements for CP/OL, DC/SDA and COL)

• Reactor can be manufactured at any facility within the control of ML holder/contractors (including movement between facilities)

• Factory activities involving use of fuel:

• Subject to Parts 30, 40, 73, 74, and 75

• Need to determine approach toward Parts 70

• Part 51 environmental considerations only for factory where fuel is located

• Transportation Activities - Part 71 may need revision if not incorporated into Part 53

• Storage Activities - Part 72 license needed if not incorporated into Part 53

©2021 Nuclear Energy Institute 68

Options for Part 53 Requirements All Options

• Part 53 Scope: design, process, operations, decommissioning

• For fuel at factory: Materials requirements in Parts 30, 40, 73, 74 and 75

1. Part 53 Only Option

• Part 53 fuel related scope: testing, fueling, transportation, refueling, storage

• Incorporates relevant requirements of Parts 70, 71 and 72

2. Part 53 Centric Option

• Part 53 fuel related scope: testing and fueling

• Incorporates specific aspects of Parts 70 for fuel and criticality

• Part 71 and 72 licenses for transport and storage; Part 71 may need revision

3. Part 53 Limited Option

• Part 53 fuel related scope : none

• Part 70 license for activities with fuel at factory; Part 71 and 72 licenses

©2021 Nuclear Energy Institute 69

Manufacturing Licenses and Other Topics Discussion 70

Rulemaking Stakeholder Engagement

• Future stakeholder interactions will emphasize broadening engagement and bolstering forward progress by focusing on the following activities:

o Optimizing future public and ACRS meetings to be more topic-specific to enable richer focused dialogue on specific issues (e.g.,

security, staffing) and engagement with other stakeholders (e.g.,

NGOs);

o Releasing preliminary proposed rule language for the remaining Part 53 Subparts to enable stakeholder comments on an integrated rule; o Further considering stakeholder comments on previously released preliminary proposed rule language; and o Releasing new iterations on previously released preliminary proposed rule language.

• The NRC staff will continue to accept written comments on the preliminary proposed rule language via regulations.gov. (85 FR 71002) 71

Final Discussion and Questions 72

Part 53 Rulemaking Schedule Milestone Schedule Major Rulemaking Activities/Milestones Schedule Public Outreach, ACRS Interactions and Present to April 2022 Generation of Proposed Rule Package (10 months)

Submit Draft Proposed Rule Package to May 2022 Commission Publish Proposed Rule and Draft Key Guidance October 2022 Public Comment Period - 60 days November and December 2022 Public Outreach and Generation of Final Rule January 2023 to February 2024 Package (14 months)

Submit Draft Final Rule Package to Commission March 2024 Office of Management and Budget and Office of July 2024 to September 2024 the Federal Register Processing Publish Final Rule and Key Guidance October 2024 73

Future Public Meetings

• The NRC staff will continue to announce public meetings to discuss and receive feedback on various regulatory topics and preliminary proposed rule text.

o Preliminary proposed rule text will be posted on regulations.gov under docket ID NRC-2019-0062 before the public meetings.

• The NRC staff is scheduled to meet with the ACRS Future Plants Subcommittee on July 21, 2021.

74

Closing Remarks Rulemaking Contacts Robert.Beall@nrc.gov 301-415-3874 William.Reckley@nrc.gov 301-415-7490 Regulations.gov docket ID: NRC-2019-0062 Please provide feedback on this public meeting using this link:

https://www.nrc.gov/public-involve/public-meetings/contactus.html 75

Acronyms and Abbreviations ACRS Advisory Committee on Reactor ML Manufacturing license Safeguards NEI Nuclear Energy Institute ADAMS Agencywide Document Access Management System NGO Non-governmental organization BOP Balance of plant NRC U.S. Nuclear Regulatory CFR Code of Federal Regulations Commission COL Combined operating license NRR Office of Nuclear Reactor Regulation DBT Design basis threat NSIR Office of Nuclear Security and DC Design certification Incident Response NSRSS Non-safety related but safety DID Defense-in-depth significant EP Emergency preparedness OL Operating license FFD Fitness for Duty OMB U.S. Office of Management and FR Federal Register Budget QA Quality assurance IMP Insider mitigation program mSv Millisievert Rem Roentgen-equivalent man 76

Acronyms and Abbreviations (contd.)

SDA Standard design approval SNM Special nuclear material SSCs Structures, systems, and components SSNM Strategic special nuclear material TEDE Total effective dose equivalent UA Unescorted access USNIC U.S. Nuclear Industry Council 77

Background Slides 78

First Principles See: SECY-18-0096, Functional Containment Performance Criteria for Non-Light-Water-Reactors, and INL/EXT-20-58717, Technology-Inclusive Determination of Mechanistic Source Terms for Offsite Dose-Related Assessments for Advanced Nuclear Reactor Facilities 79

Integrated Approach Siting near densely populated Functional areas EP for SMRs Containment and ONTs Licensing Modernization Project Insurance and Liability Environmental Reviews Consequence Based Security 80

Part 53 Rulemaking The Part 53 Rulemaking Process*

• The process depicted in this schematic is unique to the Part 53 rulemaking and varies in some ways compared to a similar A Typical Rulemaking Process schematic available on the NRCs public website.

81

Background

• Nuclear Energy Innovation and Modernization Act (NEIMA; Public Law 115-439) signed into law in January 2019 requires the NRC to complete a rulemaking to establish a technology-inclusive, regulatory framework for optional use for commercial advanced nuclear reactors no later than December 2027 o (1) ADVANCED NUCLEAR REACTORThe term advanced nuclear reactor means a nuclear fission or fusion reactor, including a prototype plant with significant improvements compared to commercial nuclear reactors under construction as of the date of enactment of this Act, 82

NRC Staff Plan to Develop Part 53 Subpart B Subpart C Subpart D Subpart E Subpart F Subpart G Project Life Cycle Design and Siting Construction Operation Retirement Requirements Definition Analysis

• Safety Objectives External Facility Safety

• Safety Criteria System Hazards Construction/ Program

• Safety Functions & Component Manufacturing Design Site Surveillance Characteristics Ensuring Maintenance Analysis Capabilities/

Requirements Environmental Reliabilities Configuration Considerations Control Safety Change Control Categorization Staffing &

& Special Environmental Human Factors Treatment Considerations Programs Security, EP Other Plant/Site (Design, Construction, Configuration Control)

Clarify Subpart A General Provisions Analyses (Prevention, Mitigation, Compare to Criteria) Controls and Subpart J Admin & Reporting Plant Documents (Systems, Procedures, etc.) Distinctions Between Other 10 CFR Parts LB Documents (Applications, SAR, TS, etc.) Subparts H & I 83