Pursuant to section 189a.(2) of the Atomic Energy Act of 1954, as amended (the Act), the U.S. Nuclear Regulatory Commission (the Commission or NRC) is publishing this notice. The Act requires the Commission to publish notice of any amendments issued, or proposed to be issued and grants the Commission the authority to issue and make immediately effective any amendment to an operating license upon a determination by the Commission that such amendment involves no significant hazards consideration, notwithstanding the pendency before the Commission of a request for a hearing from any person.
This notice includes notices of amendments containing sensitive unclassified non-safeguards information (SUNSI).
The Commission has made a proposed determination that the following amendment requests involve no significant hazards consideration. Under the Commission's regulations in Title 10 of the
The Commission is seeking public comments on this proposed determination. Any comments received within 30 days after the date of publication of this notice will be considered in making any final determination.
Normally, the Commission will not issue the amendment until the expiration of 60 days after the date of publication of this notice. The Commission may issue the license amendment before expiration of the 60-day period provided that its final determination is that the amendment involves no significant hazards consideration. In addition, the Commission may issue the amendment prior to the expiration of the 30-day comment period should circumstances change during the 30-day comment period such that failure to act in a timely way would result, for example, in derating or shutdown of the facility. Should the Commission take action prior to the expiration of either the comment period or the notice period, it will publish in the
Written comments may be submitted by mail to the Chief, Rules, Announcements and Directives Branch (RADB), TWB–05–B01M, Division of Administrative Services, Office of Administration, U.S. Nuclear Regulatory Commission, Washington, DC 20555–0001, and should cite the publication date and page number of this
Within 60 days after the date of publication of this notice, any person(s) whose interest may be affected by this action may file a request for a hearing and a petition to intervene with respect to issuance of the amendment to the subject facility operating license. Requests for a hearing and a petition for leave to intervene shall be filed in accordance with the Commission's “Rules of Practice for Domestic Licensing Proceedings” in 10 CFR Part 2. Interested person(s) should consult a current copy of 10 CFR 2.309, which is available at the Commission's PDR, located at One White Flint North, Public File Area 01 F21, 11555 Rockville Pike (first floor), Rockville, Maryland, or at
As required by 10 CFR 2.309, a petition for leave to intervene shall set forth with particularity the interest of the petitioner in the proceeding, and how that interest may be affected by the results of the proceeding. The petition should specifically explain the reasons why intervention should be permitted with particular reference to the following general requirements: (1) The name, address, and telephone number of the requestor or petitioner; (2) the nature of the requestor's/petitioner's right under the Act to be made a party to the proceeding; (3) the nature and extent of the requestor's/petitioner's property, financial, or other interest in the proceeding; and (4) the possible effect of any decision or order which may be entered in the proceeding on the requestor's/petitioner's interest. The petition must also set forth the specific contentions which the requestor/petitioner seeks to have litigated at the proceeding.
Each contention must consist of a specific statement of the issue of law or fact to be raised or controverted. In addition, the requestor/petitioner shall provide a brief explanation of the bases for the contention and a concise statement of the alleged facts or expert opinion which support the contention and on which the requestor/petitioner intends to rely in proving the contention at the hearing. The requestor/petitioner must also provide references to those specific sources and documents of which the petitioner is aware and on which the requestor/petitioner intends to rely to establish those facts or expert opinion. The petition must include sufficient information to show that a genuine dispute exists with the applicant on a material issue of law or fact. Contentions shall be limited to matters within the scope of the amendment under consideration. The contention must be one which, if proven, would entitle the requestor/petitioner to relief. A requestor/petitioner who fails to satisfy these requirements with respect to at least one
Those permitted to intervene become parties to the proceeding, subject to any limitations in the order granting leave to intervene, and have the opportunity to participate fully in the conduct of the hearing. If a hearing is requested, and the Commission has not made a final determination on the issue of no significant hazards consideration, the Commission will make a final determination on the issue of no significant hazards consideration. The final determination will serve to decide when the hearing is held. If the final determination is that the amendment request involves no significant hazards consideration, the Commission may issue the amendment and make it immediately effective, notwithstanding the request for a hearing. Any hearing held would take place after issuance of the amendment. If the final determination is that the amendment request involves a significant hazards consideration, any hearing held would take place before the issuance of any amendment.
All documents filed in NRC adjudicatory proceedings, including a request for hearing, a petition for leave to intervene, any motion or other document filed in the proceeding prior to the submission of a request for hearing or petition to intervene, and documents filed by interested governmental entities participating under 10 CFR 2.315(c), must be filed in accordance with the NRC E-Filing rule (72 FR 49139, August 28, 2007). The E-Filing process requires participants to submit and serve all adjudicatory documents over the Internet, or in some cases to mail copies on electronic storage media. Participants may not submit paper copies of their filings unless they seek an exemption in accordance with the procedures described below.
To comply with the procedural requirements of E-Filing, at least ten (10) days prior to the filing deadline, the participant should contact the Office of the Secretary by e-mail at
Information about applying for a digital ID certificate is available on NRC's public Web site at
If a participant is electronically submitting a document to the NRC in accordance with the E-Filing rule, the participant must file the document using the NRC's online, Web-based submission form. In order to serve documents through EIE, users will be required to install a Web browser plug-in from the NRC Web site. Further information on the Web-based submission form, including the installation of the Web browser plug-in, is available on the NRC's public Web site at
Once a participant has obtained a digital ID certificate and a docket has been created, the participant can then submit a request for hearing or petition for leave to intervene. Submissions should be in Portable Document Format (PDF) in accordance with NRC guidance available on the NRC public Web site at
A person filing electronically using the agency's adjudicatory E-Filing system may seek assistance by contacting the NRC Meta System Help Desk through the “Contact Us” link located on the NRC Web site at
Participants who believe that they have a good cause for not submitting documents electronically must file an exemption request, in accordance with 10 CFR 2.302(g), with their initial paper filing requesting authorization to continue to submit documents in paper format. Such filings must be submitted by: (1) First class mail addressed to the Office of the Secretary of the Commission, U.S. Nuclear Regulatory Commission, Washington, DC 20555–0001, Attention: Rulemaking and Adjudications Staff; or (2) courier, express mail, or expedited delivery service to the Office of the Secretary, Sixteenth Floor, One White Flint North, 11555 Rockville Pike, Rockville, Maryland, 20852,
Petitions for leave to intervene must be filed no later than 60 days from the date of publication of this notice. Non-timely filings will not be entertained absent a determination by the presiding officer that the petition or request should be granted or the contentions should be admitted, based on a balancing of the factors specified in 10 CFR 2.309(c)(1)(i)–(viii).
For further details with respect to this amendment action, see the application for amendment which is available for public inspection at the Commission's PDR, located at One White Flint North, Public File Area 01 F21, 11555 Rockville Pike (first floor), Rockville, Maryland. Publicly available records will be accessible electronically from the ADAMS Public Electronic Reading Room on the Internet at the NRC Web site,
(1) Does the proposed amendment involve a significant increase in the probability or consequences of an accident previously evaluated?
The proposed amendment incorporates a new requirement in the Facility Operating License (FOL) to implement and maintain a Cyber Security Plan as part of the facility's overall program for physical protection. Inclusion of the Cyber Security Plan in the FOL itself does not involve any modifications to the safety-related structures, systems or components (SSCs). Rather, the Cyber Security Plan describes how the requirements of 10 CFR 73.54 are to be implemented to identify, evaluate, and mitigate cyber attacks up to and including the design basis cyber attack threat, thereby achieving high assurance that the facility's digital computer and communications systems and networks are protected from cyber attacks. The Cyber Security Plan will not alter previously evaluated Final Safety Analysis Report (FSAR) design basis accident analysis assumptions, add any accident initiators, or affect the function of the plant safety-related SSCs. Any plant modifications or changes resulting from implementation of the Cyber Security Plan will be evaluated per 10 CFR 50.59 to determine if a License Amendment is required. Changes will be evaluated per 10 CFR 50.54(q) to determine if the effectiveness of the site Emergency Plan is reduced. Changes will be evaluated per 10 CFR 50.54(p) to determine if the effectiveness of the site Security Plan is reduced. Prior NRC approval will be obtained if required by these evaluations.
In addition, an editorial change to correct two typographical errors as part of the Braidwood FOL revisions for Unit 1 and Unit 2 is administrative in nature and has no impact on the probability or consequences of an accident previously evaluated.
Therefore, the proposed amendment does not involve a significant increase in the probability or consequences of an accident previously evaluated.
(2) Does the proposed amendment create the possibility of a new or different kind of accident from any accident previously evaluated?
This proposed amendment provides assurance that safety-related SSCs are protected from cyber attacks. Implementation of 10 CFR 73.54 and the inclusion of a plan in the FOL do not result in the need for any new or different FSAR design basis accident analysis. It does not introduce new equipment that could create a new or different kind of accident, and no new equipment failure modes are created. As a result, no new accident scenarios, failure mechanisms, or limiting single failures are introduced as a result of this proposed amendment. In addition, an editorial change to correct two typographical errors as part of the Braidwood FOL revisions for Unit 1 and Unit 2 is administrative in nature and does not create the possibility of a new or different kind of accident.
Therefore, the proposed amendment does not create a possibility for an accident of a new or different type than those previously evaluated.
(3) Does the proposed amendment involve a significant reduction in a margin of safety?
The margin of safety is associated with the confidence in the ability of the fission product barriers (i.e., fuel cladding, reactor coolant pressure boundary, and containment structure) to limit the level of radiation to the public. The proposed amendment would not alter the way any safety-related SSC functions and would not alter the way the plant is operated. The amendment provides assurance that safety-related SSCs are protected from cyber attacks. The proposed amendment would not introduce any new uncertainties or change any existing uncertainties associated with any safety limit. The proposed amendment would have no impact on the structural integrity of the fuel cladding, reactor coolant pressure boundary, or containment structure. In addition, an editorial change to correct two typographical errors as part of the Braidwood FOL revisions for Unit 1 and Unit 2 is administrative in nature and has no impact on the margin of safety. Based on the above considerations, the proposed amendment would not degrade the confidence in the ability of the fission product barriers to limit the level of radiation to the public.
Therefore, the proposed change does not involve a significant reduction in a margin of safety.
The NRC staff has reviewed the licensee's analysis and, based on this review, it appears that the three standards of 10 CFR 50.92(c) are satisfied. Therefore, the NRC staff proposes to determine that the requested amendments involve no significant hazards consideration.
(1) Does the proposed amendment involve a significant increase in the probability or consequences of an accident previously evaluated?
The proposed amendment incorporates a new requirement in the Renewed Facility Operating License to implement and maintain a Cyber Security Plan as part of the facility's overall program for physical protection. Inclusion of the Cyber Security Plan in the Renewed Facility Operating License itself does not involve any modifications to the safety-related structures, systems, or components (SSCs). Rather, the Cyber Security Plan describes how the requirements of 10 CFR 73.54 are to be implemented to identify, evaluate, and mitigate cyber attacks up to and including the design basis cyber attack threat, thereby achieving high assurance that the facility's digital computer and communications systems and networks are protected from cyber attacks. The Cyber Security Plan will not alter previously evaluated Final Safety Analysis Report (FSAR) design basis accident analysis assumptions, add any accident initiators, or affect the function of the plant safety-related SSCs as to how they are operated, maintained, modified, tested, or inspected.
Therefore, the proposed amendment does not involve a significant increase in the probability or consequences of an accident previously evaluated.
(2) Does the proposed amendment create the possibility of a new or different kind of accident from any accident previously evaluated?
This proposed amendment provides assurance that safety-related SSCs are protected from cyber attacks. Implementation of 10 CFR 73.54 and the inclusion of a plan in the Renewed Facility Operating License do not result in the need of any new or different FSAR design basis accident analysis. It does not introduce new equipment that could create a new or different kind of accident, and no new equipment failure modes are created. As a result, no new accident scenarios, failure mechanisms, or limiting single failures are introduced as a result of this proposed amendment.
Therefore, the proposed amendment does not create a possibility for an accident of a new or different type than those previously evaluated.
(3) Does the proposed amendment involve a significant reduction in a margin of safety?
The proposed amendment would not alter the way any safety-related SSC functions and would not alter the way the plant is operated. The amendment provides assurance that safety-related SSCs are protected from cyber attacks. The proposed amendment would not introduce any new uncertainties or change any existing uncertainties associated with any safety limit. The proposed amendment would have no impact on the structural integrity of the fuel cladding, reactor coolant pressure boundary, or containment structure. Based on the above considerations, the proposed amendment would not degrade the confidence in the ability of the fission product barriers to limit the level of radiation to the public.
Therefore, the proposed change does not involve a significant reduction in a margin of safety.
The NRC staff has reviewed the licensee's analysis and, based on this review, it appears that the three standards of 10 CFR 50.92(c) are satisfied. Therefore, the NRC staff proposes to determine that the amendment request involves no significant hazards consideration.
The proposed change incorporates a new requirement, in the Operating License, to implement and maintain a cyber security plan as part of the facility's overall program for physical protection. The Cyber Security Plan itself does not require any plant modifications. Rather, the Cyber Security Plan describes how the requirements of 10 CFR 73.54 are implemented in order to identify, evaluate, and mitigate cyber attacks up to and including the design basis threat, thereby achieving high assurance that the facility's digital computer and communications systems and networks are protected from cyber attacks. The proposed change requiring the implementation and maintenance of a Cyber Security Plan does not alter the plant configuration, require new plant equipment to be installed, alter accident analysis assumptions, add any accident initiators, or affect the function of plant systems or the manner in which systems are operated, maintained, modified, tested, or inspected.
Therefore, the inclusion of the Cyber Security Plan as a part of the facility's other physical protection programs specified in the facility's operating license has no impact on the probability or consequences of an accident previously evaluated.
The proposed change incorporates a new requirement, in the Operating License, to implement and maintain a cyber security plan as part of the facility's overall program for physical protection. The creation of the possibility of a new or different kind of accident requires creating one or more new accident precursors. New accident precursors may be created by modifications of the plant's configuration, including changes in the allowable modes of operation. The Cyber Security Plan itself does not require any plant modifications, nor does the Cyber Security Plan affect the control parameters governing unit operation or the response of plant equipment to a transient condition. Because the proposed change does not change or introduce any new equipment, modes of system operation, or failure mechanisms, no new accident precursors are created.
Therefore, the proposed change does not create the possibility of a new or different kind of accident from any accident previously evaluated.
The proposed change incorporates a new requirement, in the Operating License, to implement and maintain a cyber security plan as part of the facility's overall program for physical protection. Plant safety margins are established through limiting Conditions for Operation, Limiting Safety System Settings, and Safety limits specified in the Technical Specifications. Because the Cyber Security Plan itself does not require any plant modifications and does not alter the operation of plant equipment, the proposed change does not change established safety margins.
Therefore, the proposed change does not involve a significant reduction in a margin of safety.
The NRC staff has reviewed the licensee's analysis and, based on this review, it appears that the three standards of 10 CFR 50.92(c) are satisfied. Therefore, the NRC staff proposes to determine that the amendment request involves no significant hazards consideration.
(1) Does the proposed amendment involve a significant increase in the probability or consequences of an accident previously evaluated?
The SNC Cyber Security Plan generally conforms to the template provided in [Nuclear Energy Institute] NEI 08–09, Revision 6, and provides a description of how the requirements of § 73.54 will be implemented at Hatch, Farley, and Vogtle. [ * * *]. Accordingly, the SNC Cyber Security Plan establishes the licensing basis for the cyber security program for Hatch, Farley, and Vogtle sites. The SNC Cyber Security Plan provides high assurance that nuclear power plant digital computer and communication systems and networks associated with the following are adequately protected against cyber attacks up to and including the design basis threat:
1. Safety-related and important-to-safety functions;
2. Security functions;
3. Emergency preparedness functions, including offsite communications; and
4. Support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions. These systems include, in part, all non-safety related balance of plant equipment which if compromised, could result in a reactor scram or actuation of a safety-related system and therefore, impact reactivity.
The SNC Cyber Security Plan itself does not require any plant modifications. However, the plan describes appropriate configuration management requirements to assure plant modifications involving digital computer systems are reviewed to provide adequate protection against cyber attacks, up to and including the design basis threat as defined in § 73.1. The proposed change does not alter the plant configuration, involve the installation of new plant equipment, alter accident analysis assumptions, add any new initiators, or affect the function of plant systems or the manner in which systems are operated, maintained, modified, tested, or inspected. The SNC Cyber Security Plan is designed to provide high assurance that the systems within the scope of § 73.54 are protected from cyber attacks and does not impact the probability or consequences of an accident previously evaluated.
In addition, the proposed change modifies the existing FOL for each SNC-operated facility to incorporate the SNC Cyber Security Plan into the existing condition for physical protection. This change is administrative in nature and does not impact the probability or consequences of an accident previously evaluated.
Based on the above, the proposed change does not involve a significant increase in the probability or consequences of an accident previously evaluated.
2. Does the proposed change create the possibility of a new or different kind of accident from any accident previously evaluated?
The SNC Cyber Security Plan generally conforms to the template provided in NEI 08–09, Revision 6. [ * * * ]. Accordingly, the SNC Cyber Security Plan provides high assurance that digital computer and communication systems and networks associated with the following are adequately
1. Safety-related and important-to-safety functions;
2. Security functions;
3. Emergency preparedness functions, including offsite communications; and,
4. Support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions. These systems include, in part, all non-safety related balance of plant equipment which if compromised, could result in a reactor scram or actuation of a safety-related system and therefore, impact reactivity.
The proposed SNC Cyber Security Plan does not alter plant configuration, install new plant equipment, alter accident analysis assumptions, add any initiators, or affect the function of plant systems or the manner in which systems are operated, maintained, tested, or inspected. The proposed SNC Cyber Security Plan includes appropriate configuration management controls to assure modifications do not introduce vulnerability to cyber attacks. The SNC Cyber Security Plan provides high assurance that the systems within the scope of § 73.54 are adequately protected from cyber attacks. Accordingly, the proposed change does not create the possibility of a new or different kind of accident from any previously evaluated.
In addition, the proposed change modifies the existing FOL for each SNC-operated facility to incorporate the SNC Cyber Security Plan by reference. This change is administrative in nature and does not create the possibility of a new or different kind of accident previously evaluated.
3. Does the proposed amendment involve a significant reduction in a margin of safety?
The SNC Cyber Security Plan generally conforms to the template provided by NEI 08–09, Revision 6, and provides a description of how the requirements of § 73.54 will be implemented at Hatch, Farley, and Vogtle. [ * * * ]. Accordingly, the SNC Cyber Security Plan establishes the licensing basis for the cyber security program for Hatch, Farley, and Vogtle sites. The SNC Cyber Security Plan provides high assurance that nuclear power plant digital computer and communication systems and networks associated with the following are adequately protected against cyber attacks up to and including the design basis threat:
1. Safety-related and important-to-safety functions;
2. Security functions;
3. Emergency preparedness functions, including offsite communications; and
4. Support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions. These systems include, in part, all non-safety related balance of plant equipment which if compromised, could result in a reactor scram or actuation of a safety-related system and therefore, impact reactivity.
The proposed SNC Cyber Security Plan does not alter plant configuration, install new plant equipment, alter accident analysis assumptions, add any initiators, or affect the function of plant systems or the manner in which systems are operated, maintained, tested, or inspected. Plant safety margins are established through Limiting Conditions for Operation, Limiting Safety System Settings and Safety Limits specified in the Technical Specifications. Because there is no change to these established safety margins, the proposed change does not involve a reduction in a margin of safety.
In addition, the proposed change modifies the existing FOL for each SNC-operated facility to incorporate the SNC Cyber Security Plan by reference. This change is administrative in nature and does not involve a reduction in margin of safety.
Based on the above, the proposed change does not involve a significant reduction in a margin of safety.
The NRC staff has reviewed the licensee's analysis and, based on this review, it appears that the three standards of 10 CFR 50.92(c) are satisfied. Therefore, the NRC staff proposes to determine that the amendment request involves no significant hazards consideration.
A. This Order contains instructions regarding how potential parties to this proceeding may request access to documents containing Sensitive Unclassified Non-Safeguards Information (SUNSI).
B. Within 10 days after publication of this notice of hearing and opportunity to petition for leave to intervene, any potential party who believes access to SUNSI is necessary to respond to this notice may request such access. A “potential party” is any person who intends to participate as a party by demonstrating standing and filing an admissible contention under 10 CFR 2.309. Requests for access to SUNSI submitted later than 10 days after publication will not be considered absent a showing of good cause for the late filing, addressing why the request could not have been filed earlier.
C. The requestor shall submit a letter requesting permission to access SUNSI to the Office of the Secretary, U.S. Nuclear Regulatory Commission, Washington, DC 20555–0001, Attention:
(1) A description of the licensing action with a citation to this
(2) The name and address of the potential party and a description of the potential party's particularized interest that could be harmed by the action identified in C.(1);
(3) The identity of the individual or entity requesting access to SUNSI and the requestor's basis for the need for the information in order to meaningfully participate in this adjudicatory proceeding. In particular, the request must explain why publicly available versions of the information requested would not be sufficient to provide the basis and specificity for a proffered contention.
D. Based on an evaluation of the information submitted under paragraph C.(3) the NRC staff will determine within 10 days of receipt of the request whether:
(1) There is a reasonable basis to believe the petitioner is likely to establish standing to participate in this NRC proceeding; and
(2) The requestor has established a legitimate need for access to SUNSI.
E. If the NRC staff determines that the requestor satisfies both D.(1) and D.(2) above, the NRC staff will notify the requestor in writing that access to SUNSI has been granted. The written notification will contain instructions on how the requestor may obtain copies of the requested documents, and any other conditions that may apply to access to those documents. These conditions may include, but are not limited to, the signing of a Non-Disclosure Agreement or Affidavit, or Protective Order
F. Filing of Contentions. Any contentions in these proceedings that are based upon the information received as a result of the request made for SUNSI must be filed by the requestor no later than 25 days after the requestor is granted access to that information. However, if more than 25 days remain between the date the petitioner is granted access to the information and the deadline for filing all other contentions (as established in the notice of hearing or opportunity for hearing), the petitioner may file its SUNSI contentions by that later deadline.
G. Review of Denials of Access.
(1) If the request for access to SUNSI is denied by the NRC staff either after a determination on standing and need for access, or after a determination on trustworthiness and reliability, the NRC staff shall immediately notify the requestor in writing, briefly stating the reason or reasons for the denial.
(2) The requestor may challenge the NRC staff's adverse determination by filing a challenge within 5 days of receipt of that determination with: (a) The presiding officer designated in this proceeding; (b) if no presiding officer has been appointed, the Chief Administrative Judge, or if he or she is unavailable, another administrative judge, or an administrative law judge with jurisdiction pursuant to 10 CFR 2.318(a); or (c) if another officer has been designated to rule on information access issues, with that officer.
H. Review of Grants of Access. A party other than the requestor may challenge an NRC staff determination granting access to SUNSI whose release would harm that party's interest independent of the proceeding. Such a challenge must be filed with the Chief Administrative Judge within 5 days of the notification by the NRC staff of its grant of access.
If challenges to the NRC staff determinations are filed, these procedures give way to the normal process for litigating disputes concerning access to information. The availability of interlocutory review by the Commission of orders ruling on such NRC staff determinations (whether granting or denying access) is governed by 10 CFR 2.311.
I. The Commission expects that the NRC staff and presiding officers (and any other reviewing officers) will consider and resolve requests for access to SUNSI, and motions for protective orders, in a timely fashion in order to minimize any unnecessary delays in identifying those petitioners who have standing and who have propounded contentions meeting the specificity and basis requirements in 10 CFR Part 2. Attachment 1 to this Order summarizes the general target schedule for processing and resolving requests under these procedures.
For the Nuclear Regulatory Commission.