Nuclear Power Plant “Bright-Line”Nuclear Power Plant “Bright-Line”
NERC: NERC: Tim Roxey and Jim HughesTim Roxey and Jim Hughes
NRC: NRC: Perry Pederson and Ralph Costello Perry Pederson and Ralph Costello
Charlotte, NCCharlotte, NC April 22, 2010April 22, 2010
Phoenix, AZPhoenix, AZ April 26, 2010April 26, 2010
Philadelphia, PAPhiladelphia, PA May 4, 2010May 4, 2010
Chicago, ILChicago, IL May 6, 2010May 6, 2010
2
Workshop TopicsWorkshop Topics
Bright-Line Requirement
Cyber Security at NRC
Bright-Line Process
NRC’s Position Relative to the MOU
Bright-Line Survey
NERC Point of Contacts
Q & A – Please hold questions and comments to the end of the presentation
3
““Bright-Line” RequirementBright-Line” Requirement
Establish the FERC and NRC jurisdictional delineation of Nuclear Power Plant (NPP) Systems Structures and Components (SSC) through the creation of an exemption process for excluding certain SSCs from the scope of applicable NERC Standards as provided in FERC Order No. 706-B
Bright-LineBright-Line
Cyber Security at NRC
NRC/NERC Bright-Line Workshop
Perry PedersonNSIR Security Specialist (Cyber)
Overview
• 10 CFR 73.54• Regulatory Guide 5.71
10 CFR 73.54
• High-level, Performance-Based, Programmatic− FOCUS: Prevention of Radiological Sabotage− Generic (i.e., not reactor-specific)− Consistent with physical security regulatory approach
• Basic Requirements− Systems that must be protected− Defense-in-Depth protective strategy− Application of security controls− Implementation details maintained on site− Submit Cyber Security Plans to NRC for approval
• Cyber Security Plans− Site-specific processes and criteria
RG 5.71 Overview
• Components− Main Body− Appendix A (generic cyber security plan template)− Appendix B (technical security controls)− Appendix C (operational/management security controls)
• Performance-Based, Programmatic− Consistent with NIST recommendations− Flexible and minimally prescriptive with burden on
licensees to establish effective programs • Alignment with Digital I&C Interim Staff Guidance
− ISG-1− ISG-4− RG 1.152
PublishedJan 2010
RG 5.71 Guideline
Form Cyber Security Team
Identify Critical Digital Assets
Apply Defensive Architecture
Address Security Controls
1. Address each control for each CDA2. Or, apply alternative measures3. Or, explain why a control is N/A
Bright-Line ProcessBright-Line Process
NERC: NERC: Tim RoxeyTim Roxey
Cyber Controls – NPP a Total ViewCyber Controls – NPP a Total View
NRC FERC/NERCSecurity Controls to address
- 10 CFR 73.1 (Design Basis Threat)- 10 CFR 73.54 (Cyber Security)
Performance Objective:PREVENT RADIOLOGICAL
SABOTAGE
Title 10 Scope:
Systems that support
-Safety functions
-Security functions
-Emergency Response functions
- Support Systems that could adversely impact one of the above
functions
NRC REGULATORY GUIDE 5.71
Individual licensee Cyber Security Plan submitted (10 CFR 73.54)
Individual COL Applicant submitted (10 CFR Part 52)
Bulk Power Reliability Controls:
Section 215 of the Federal Power Act18 CFR Conservation of Power and Water
Resources
Regulatory Basis:Grid Reliability
NERC Governance:Rules of Procedures section 400 “Compliance
Enforcement Program”
NERC CIP 002 - 009
FPA Section 215 Scope:
Balance-of-Plant “Support Systems” that do not adversely impact:
-Safety functions
-Security functions
-Emergency Response functions
FERC Order 706/706B:
Identify those SSCs that are exempted from NERC jurisdiction and thereby
MAY not be subject to applicable CIP standards
Fully compliant
Title 10
Fully compliant
Title 10
and
FPA Section 215
Bright-LineBright-Line
NOTE: It should be noted that there
will be some SSCs that will not be
impacted by either NRC or NERC requirements.
2
3
Bright-Line HistoryBright-Line History
January 18, 2008: FERC issued Order No. 706 adopting CIP-002 – 009 standards • CIP-002 - 009 Standards exempt facilities regulated by the NRC
March 19, 2009: FERC issued Order No. 706-B, certain balance of plant (BOP) SSCs are subject to compliance with NERC CIP Reliability Standards • No “dual regulation” i.e., Bright-Line
September 14, 2009: NERC’s NPP CIP Implementation Plan for each NPP, by requirement, filed to FERC• R = FERC Effective Date,
• S = Scope of Systems Determination and,
• RO = Next Refueling Outage beyond 18 months (R+6)
Bright-Line History (Cont’d)Bright-Line History (Cont’d)
December 17, 2009: FERC Order directing NERC to present a process on how SSCs are exempted from NERC Reliability Standards by January 19, 2010 (Bright-Line)
December 30, 2009: Historic MOU executed between the NRC and NERC identifying their roles and responsibilities
January 19, 2010: NERC filing to FERC the details on the exemption process for NPP Coordinated with the NRC to determine those SSCs subject to NERC
jurisdiction and those SSCs subject to NRC jurisdiction – Generic List
March 18, 2010: FERC Order approving NERC’s Bright-Line & Implementation plan (R = March 18, 2010)
4
5
Confidential InformationConfidential Information
NERC’s Handling of Confidential Information
• The information provided by the NPPs to NERC will be handled in accordance with the NERC Rules of Procedure (RoP) section 1500 “Confidential Information” if that information is so designated by the NPP
• NERC and regional staff that review information that is SGI will be Safeguard Authorized per 10 CFR §73.21 & §73.22
• NERC will establish “Reviewing Officials” for SGI per the MOU
6
Collection of InformationCollection of Information
NERC Authority to Collect Bright-Line Information
▪ Section 215 of the Federal Power Act (16 U.S.C. §824o):
• Established NERC as the ERO to enforce NERC Standards
▪ Title 18 C.F.R §39.2(d) (FERC’s Regulations):
• User, owner or operator of the bulk power system shall provide such information as is necessary to implement section 215 of the Federal Power Act to FERC/ERO/Region
▪ NERC Rule of Procedure 400, Section 10.1:
• Information Submittal - Each Regional Entity has the authority to collect the necessary information to determine compliance
1
North American Energy Reliability Corporation and
Nuclear Regulatory Commission Memorandum of Understanding
Ralph CostelloTeam Leader
Office of Nuclear Security and Incident ResponseNuclear Regulatory Commission
2
NRC - NERC MOU
• Cooperation –NERC’s disposition of exceptions– Brightline processe.g. Safety and Important to safety systems,Security systems, and Emergency Preparedness systems
FERC Order 706B permits licensees to seek “exceptions” to compliance withNERC CIPs for digital systems subject to both FERC and NRC regulations
e.g. Systems, structures, and components subject to FERC requirements
3
NRC - NERC MOU Cont.
• Share information relative to digital assets governed by the other party’s cyber security requirements
• Coordinate to maximum extent on the process for conducting inspections
4
NRC - NERC MOU Cont.
• Sharing of all information necessary to carry out the intent of the MOU
• Coordinate on all public announcements of enforcement actions relative to cyber security requirements and coordinate the resolution of issues involving enforcement actions
5
Memorandum of Understanding
http://www.nrc.gov/reading-rm/doc-collections/news/2010/10-005.html
http://edocket.access.gpo.gov/2010/2010-229.htm
NRC - NERC MOU Cont.
Nuclear Power Plant “Bright-Line" SurveyNuclear Power Plant “Bright-Line" Survey
Jim HughesJim Hughes
2
Workshop ObjectivesWorkshop Objectives
Terminal Objective: • Identify the requirements to complete the NERC
Bright-Line Survey
Enabling Objectives:• Identify where to find the Bright-Line documentation
• Identify the critical attributes of the Bright-Line Survey
3
Bright-Line DocumentationBright-Line Documentation
Provided on the NERC Web site:
• FERC Orders
• NERC/NRC MOU
• Presentation Materials
• Bright-Line Survey
http://www.nerc.com/page.php?cid=3|23|347
4
Bright-Line Survey OverviewBright-Line Survey Overview
Introduction & Scope
Due Date and Contact Data
Survey Items 1 and 2
Company Information and Approval
Generic SSC lists• Attachment I (SSCs under NERC Jurisdiction)
• Attachment II (SSCs Excluded from Attachment I)
5
Bright-Line SurveyBright-Line Survey
Survey Item 1 Does Attachment I include all SSCs in your power
plant that could impact reliable delivery of electricity to the Bulk Power System or manage critical energy infrastructure information? Exclude those SSCs in Attachment II
6
Bright-Line SurveyBright-Line Survey
Survey Item 2 If the answer to Survey Item 1 is “No” please
revise the list to add to or remove SSCs from Attachment I • All changes to Attachment I must be accompanied with the
basis for those changes
7
Next StepsNext Steps
Special Registration for NPPs
Surveys will be e-mailed to each CC/NPP on or before June 25, 2010
Surveys shall be completed by NPPs and returned to NERC on or before July 23, 2010
NERC to review and approve, with NRC coordination, the completed Bright-Line surveys on or before October 15, 2010
“S” Date
8
Important TakeawaysImportant Takeaways
Do not provide information such as IP Addresses, and asset/network vulnerabilities
Recommended that System Engineering complete Survey Items 1&2
Need accurate subject matter expert point of contact data
The Bright-Line Attachment 1 is complete after NERC review (October 15, 2010)
9
NERC Contact DataNERC Contact Data
E-mail completed survey to [email protected]
• Phone: 609-203-2288
Secondary contact: [email protected]
• Phone: 410-474-9240
Alternate contact: [email protected]
• Phone: 609-524-7073
If mailing completed survey:
North American Electric Reliability Corporationc/o Jim Hughes116-390 Village BoulevardPrinceton, New Jersey 08540-5721
Questions?