Applications and Amendments to Facility Operating Licenses Involving Proposed No Significant Hazards Considerations and Containing Sensitive Unclassified Non-Safeguards Information and Order Imposing Procedures for Access to Sensitive Unclassified Non-Safeguards Information, 62592-62610 [2010-25144]

Agencies

• NUCLEAR REGULATORY COMMISSION

[Federal Register Volume 75, Number 196 (Tuesday, October 12, 2010)]
[Notices]
[Pages 62592-62610]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2010-25144]


=======================================================================
-----------------------------------------------------------------------

NUCLEAR REGULATORY COMMISSION

[NRC-2010-0308]


Applications and Amendments to Facility Operating Licenses 
Involving Proposed No Significant Hazards Considerations and Containing 
Sensitive Unclassified Non-Safeguards Information and Order Imposing 
Procedures for Access to Sensitive Unclassified Non-Safeguards 
Information

I. Background

    Pursuant to section 189a. (2) of the Atomic Energy Act of 1954, as 
amended (the Act), the U.S. Nuclear Regulatory Commission (the 
Commission or NRC staff) is publishing this notice. The Act requires 
the Commission publish notice of any amendments issued, or proposed to 
be issued and grants the Commission the authority to issue and make 
immediately effective any amendment to an operating license upon a 
determination by the Commission that such amendment involves no 
significant hazards consideration, notwithstanding the pendency before 
the Commission of a request for a hearing from any person.
    This notice includes notices of amendments containing sensitive 
unclassified non-safeguards information (SUNSI).

Notice of Consideration of Issuance of Amendments to Facility Operating 
Licenses, Proposed No Significant Hazards Consideration Determination, 
and Opportunity for a Hearing

    The Commission has made a proposed determination that the following 
amendment requests involve no significant hazards consideration. Under 
the Commission's regulations in Title 10 of the Code of Federal 
Regulations (10 CFR), Section 50.92, this means that operation of the 
facility in accordance with the proposed amendment would not (1) 
involve a significant increase in the probability or consequences of an 
accident previously evaluated; or (2) create the possibility of a new 
or different kind of accident from any accident previously evaluated; 
or (3) involve a significant reduction in a margin of safety. The basis 
for this proposed determination for each amendment request is shown 
below.
    The Commission is seeking public comments on this proposed 
determination. Any comments received within 30 days after the date of 
publication of this notice will be considered in making any final 
determination.
    Normally, the Commission will not issue the amendment until the 
expiration of 60 days after the date of publication of this notice. The 
Commission may issue the license amendment before expiration of the 60-
day period provided that its final determination is that the amendment 
involves no significant hazards consideration. In addition, the 
Commission may issue the amendment prior to the expiration of the 30-
day comment period should circumstances change during the 30-day 
comment period such that failure to act in a timely way would result, 
for example in derating or shutdown of the facility. Should the 
Commission take action prior to the expiration of either the comment 
period or the notice period, it will publish in the Federal Register a 
notice of issuance. Should the Commission make a final No Significant 
Hazards Consideration Determination, any hearing will take place after 
issuance. The Commission expects that the need to take this action will 
occur very infrequently.
    Written comments may be submitted by mail to the Chief, Rules, 
Announcements and Directives Branch (RADB), TWB-05-B01M, Division of 
Administrative Services, Office of Administration, U.S. Nuclear 
Regulatory Commission, Washington, DC 20555-0001, and should cite the 
publication date and page number of this Federal Register notice. 
Written comments may also be faxed to the RADB at 301-492-3446. 
Documents may be examined, and/or copied for a fee, at the NRC's Public 
Document Room (PDR), located at One White Flint North, Public File Area 
O1 F21, 11555 Rockville Pike (first floor), Rockville, Maryland.
    Within 60 days after the date of publication of this notice, any 
person(s) whose interest may be affected by this action may file a 
request for a hearing and a petition to intervene with respect to 
issuance of the amendment to the subject facility operating license. 
Requests for a hearing and a petition for leave to intervene shall be 
filed in accordance with the Commission's ``Rules of Practice for 
Domestic Licensing Proceedings'' in 10 CFR Part 2. Interested person(s) 
should consult a current copy of 10 CFR 2.309, which is available at 
the Commission's PDR, located at One White Flint North, Public File 
Area O1F21, 11555 Rockville Pike (first floor), Rockville, Maryland, or 
at https://www.nrc.gov/reading-rm/doc-collections/cfr/part002/part002-0309.html. Publicly available records will be accessible from the 
Agencywide Documents Access and Management System's (ADAMS) Public 
Electronic

[[Page 62593]]

Reading Room on the Internet at the NRC Web site, https://www.nrc.gov/reading-rm.html. If a request for a hearing or petition for leave to 
intervene is filed within 60 days, the Commission or a presiding 
officer designated by the Commission or by the Chief Administrative 
Judge of the Atomic Safety and Licensing Board Panel, will rule on the 
request and/or petition; and the Secretary or the Chief Administrative 
Judge of the Atomic Safety and Licensing Board will issue a notice of a 
hearing or an appropriate order.
    As required by 10 CFR 2.309, a petition for leave to intervene 
shall set forth with particularity the interest of the petitioner in 
the proceeding, and how that interest may be affected by the results of 
the proceeding. The petition should specifically explain the reasons 
why intervention should be permitted with particular reference to the 
following general requirements: (1) The name, address, and telephone 
number of the requestor or petitioner; (2) the nature of the 
requestor's/petitioner's right under the Act to be made a party to the 
proceeding; (3) the nature and extent of the requestor's/petitioner's 
property, financial, or other interest in the proceeding; and (4) the 
possible effect of any decision or order which may be entered in the 
proceeding on the requestor's/petitioner's interest. The petition must 
also set forth the specific contentions which the requestor/petitioner 
seeks to have litigated at the proceeding.
    Each contention must consist of a specific statement of the issue 
of law or fact to be raised or controverted. In addition, the 
requestor/petitioner shall provide a brief explanation of the bases for 
the contention and a concise statement of the alleged facts or expert 
opinion which support the contention and on which the requestor/
petitioner intends to rely in proving the contention at the hearing. 
The requestor/petitioner must also provide references to those specific 
sources and documents of which the petitioner is aware and on which the 
requestor/petitioner intends to rely to establish those facts or expert 
opinion. The petition must include sufficient information to show that 
a genuine dispute exists with the applicant on a material issue of law 
or fact. Contentions shall be limited to matters within the scope of 
the amendment under consideration. The contention must be one which, if 
proven, would entitle the requestor/petitioner to relief. A requestor/
petitioner who fails to satisfy these requirements with respect to at 
least one contention will not be permitted to participate as a party.
    Those permitted to intervene become parties to the proceeding, 
subject to any limitations in the order granting leave to intervene, 
and have the opportunity to participate fully in the conduct of the 
hearing.
    If a hearing is requested, and the Commission has not made a final 
determination on the issue of no significant hazards consideration, the 
Commission will make a final determination on the issue of no 
significant hazards consideration. The final determination will serve 
to decide when the hearing is held. If the final determination is that 
the amendment request involves no significant hazards consideration, 
the Commission may issue the amendment and make it immediately 
effective, notwithstanding the request for a hearing. Any hearing held 
would take place after issuance of the amendment. If the final 
determination is that the amendment request involves a significant 
hazards consideration, any hearing held would take place before the 
issuance of any amendment.
    All documents filed in NRC adjudicatory proceedings, including a 
request for hearing, a petition for leave to intervene, any motion or 
other document filed in the proceeding prior to the submission of a 
request for hearing or petition to intervene, and documents filed by 
interested governmental entities participating under 10 CFR 2.315(c), 
must be filed in accordance with the NRC E-Filing rule (72 FR 49139, 
August 28, 2007). The E-Filing process requires participants to submit 
and serve all adjudicatory documents over the internet, or in some 
cases to mail copies on electronic storage media. Participants may not 
submit paper copies of their filings unless they seek an exemption in 
accordance with the procedures described below.
    To comply with the procedural requirements of E-Filing, at least 
ten (10) days prior to the filing deadline, the participant should 
contact the Office of the Secretary by e-mail at 
hearing.docket@nrc.gov, or by telephone at (301) 415-1677, to request 
(1) a digital ID certificate, which allows the participant (or its 
counsel or representative) to digitally sign documents and access the 
E-Submittal server for any proceeding in which it is participating; and 
(2) advise the Secretary that the participant will be submitting a 
request or petition for hearing (even in instances in which the 
participant, or its counsel or representative, already holds an NRC-
issued digital ID certificate). Based upon this information, the 
Secretary will establish an electronic docket for the hearing in this 
proceeding if the Secretary has not already established an electronic 
docket.
    Information about applying for a digital ID certificate is 
available on NRC's public Web site at https://www.nrc.gov/site-help/e-submittals/apply-certificates.html. System requirements for accessing 
the E-Submittal server are detailed in NRC's ``Guidance for Electronic 
Submission,'' which is available on the agency's public Web site at 
https://www.nrc.gov/site-help/e-submittals.html. Participants may 
attempt to use other software not listed on the Web site, but should 
note that the NRC's E-Filing system does not support unlisted software, 
and the NRC Meta System Help Desk will not be able to offer assistance 
in using unlisted software.
    If a participant is electronically submitting a document to the NRC 
in accordance with the E-Filing rule, the participant must file the 
document using the NRC's online, Web-based submission form. In order to 
serve documents through EIE, users will be required to install a Web 
browser plug-in from the NRC Web site. Further information on the Web-
based submission form, including the installation of the Web browser 
plug-in, is available on the NRC's public Web site at https://www.nrc.gov/site-help/e-submittals.html.
    Once a participant has obtained a digital ID certificate and a 
docket has been created, the participant can then submit a request for 
hearing or petition for leave to intervene. Submissions should be in 
Portable Document Format (PDF) in accordance with NRC guidance 
available on the NRC public Web site at https://www.nrc.gov/site-help/e-submittals.html. A filing is considered complete at the time the 
documents are submitted through the NRC's E-Filing system. To be 
timely, an electronic filing must be submitted to the E-Filing system 
no later than 11:59 p.m. Eastern Time on the due date. Upon receipt of 
a transmission, the E-Filing system time-stamps the document and sends 
the submitter an e-mail notice confirming receipt of the document. The 
E-Filing system also distributes an e-mail notice that provides access 
to the document to the NRC Office of the General Counsel and any others 
who have advised the Office of the Secretary that they wish to 
participate in the proceeding, so that the filer need not serve the 
documents on those participants separately. Therefore, applicants and 
other participants (or

[[Page 62594]]

their counsel or representative) must apply for and receive a digital 
ID certificate before a hearing request/petition to intervene is filed 
so that they can obtain access to the document via the E-Filing system.
    A person filing electronically using the agency's adjudicatory E-
Filing system may seek assistance by contacting the NRC Meta System 
Help Desk through the ``Contact Us'' link located on the NRC Web site 
at https://www.nrc.gov/site-help/e-submittals.html, by e-mail at 
MSHD.Resource@nrc.gov, or by a toll-free call at (866) 672-7640. The 
NRC Meta System Help Desk is available between 8 a.m. and 8 p.m., 
Eastern Time, Monday through Friday, excluding government holidays.
    Participants who believe that they have a good cause for not 
submitting documents electronically must file an exemption request, in 
accordance with 10 CFR 2.302(g), with their initial paper filing 
requesting authorization to continue to submit documents in paper 
format. Such filings must be submitted by: (1) First class mail 
addressed to the Office of the Secretary of the Commission, U.S. 
Nuclear Regulatory Commission, Washington, DC 20555-0001, Attention: 
Rulemaking and Adjudications Staff; or (2) courier, express mail, or 
expedited delivery service to the Office of the Secretary, Sixteenth 
Floor, One White Flint North, 11555 Rockville Pike, Rockville, 
Maryland, 20852, Attention: Rulemaking and Adjudications Staff. 
Participants filing a document in this manner are responsible for 
serving the document on all other participants. Filing is considered 
complete by first-class mail as of the time of deposit in the mail, or 
by courier, express mail, or expedited delivery service upon depositing 
the document with the provider of the service. A presiding officer, 
having granted an exemption request from using E-Filing, may require a 
participant or party to use E-Filing if the presiding officer 
subsequently determines that the reason for granting the exemption from 
use of E-Filing no longer exists.
    Documents submitted in adjudicatory proceedings will appear in 
NRC's electronic hearing docket which is available to the public at 
https://ehd.nrc.gov/EHD_Proceeding/home.asp, unless excluded pursuant 
to an order of the Commission, or the presiding officer. Participants 
are requested not to include personal privacy information, such as 
social security numbers, home addresses, or home phone numbers in their 
filings, unless an NRC regulation or other law requires submission of 
such information. With respect to copyrighted works, except for limited 
excerpts that serve the purpose of the adjudicatory filings and would 
constitute a Fair Use application, participants are requested not to 
include copyrighted materials in their submission.
    Petitions for leave to intervene must be filed no later than 60 
days from the date of publication of this notice. Non-timely filings 
will not be entertained absent a determination by the presiding officer 
that the petition or request should be granted or the contentions 
should be admitted, based on a balancing of the factors specified in 10 
CFR 2.309(c)(1)(i)-(viii).
    For further details with respect to this amendment action, see the 
application for amendment which is available for public inspection at 
the Commission's PDR, located at One White Flint North, Public File 
Area 01F21, 11555 Rockville Pike (first floor), Rockville, Maryland. 
Publicly available records will be accessible electronically from the 
ADAMS Public Electronic Reading Room on the Internet at the NRC Web 
site, https://www.nrc.gov/reading-rm/adams.html. If you do not have 
access to ADAMS or if there are problems in accessing the documents 
located in ADAMS, contact the PDR Reference staff at 1-800-397-4209, 
301-415-4737, or by e-mail to pdr.resource@nrc.gov.

Calvert Cliffs Nuclear Power Plant, LLC, R. E. Ginna Nuclear Power 
Plant, LLC, and Nine Mile Point Nuclear Station, LLC, Docket Nos. 50-
317, 50-318, 50-244, 50-220, and 50-410, Calvert Cliffs Nuclear Power 
Plant, Unit Nos. 1 and 2 (CCNPP), R.E. Ginna Nuclear Power Plant 
(Ginna), Nine Mile Point Nuclear Station, Unit Nos. 1 and 2 (NMPNS), 
Calvert County, Maryland, Wayne County, New York, and Oswego County, 
New York, Respectively

    Date of amendment request: July 16, 2010.
    Description of amendment request: This amendment request contains 
sensitive unclassified non-safeguards information (SUNSI). The proposed 
amendments to the Renewed Facility Operating Licenses include: (1) The 
proposed Cyber Security Plan for CCNPP, Ginna, and NMPNS, (2) an 
implementation schedule, and (3) a proposed sentence to be added to the 
existing physical protection license condition for CCNPP, Ginna, and 
NMPNS requiring the licensee to fully implement and maintain in effect 
all provisions of the Nuclear Regulatory Commission-approved Cyber 
Security Plan for CCNPP, Ginna, and NMPNS as required by 10 CFR 73.54. 
A Federal Register notice dated March 27, 2009, issued the final rule 
that amended 10 CFR Part 73.54. The regulations in 10 CFR 73.54, 
``Protection of Digital Computer and Communication Systems and 
Networks,'' establish the requirements for a cyber security program. 
This regulation specifically requires each licensee currently licensed 
to operate a nuclear power plant under Part 50 of this chapter to 
submit a cyber security plan that satisfies the requirements of the 
Rule. Each submittal must include a proposed implementation schedule, 
and implementation of the licensee's cyber security program must be 
consistent with the approved schedule. The background for this 
application is addressed by the NRC Notice of Availability, Federal 
Register Notice, Final Rule 10 CFR Part 73, Power Reactor Security 
Requirements, published on March 27, 2009, 74 FR 13926.
    Basis for proposed no significant hazards consideration 
determination: As required by 10 CFR 50.91(a), the licensee has 
provided its analysis of the issue of no significant hazards 
consideration, which is presented below:

    1. The proposed change does not involve a significant increase 
in the probability or consequences of an accident previously 
evaluated.
    The proposed change is required by 10 CFR 73.54. The Cyber 
Security Plan conforms to the template provided in NEI 08-09, 
Revision 6, with the exception of the definition of cyber attack, 
and provides a description of how the requirements of the rule will 
be implemented at CCNPP, NMPNS and Ginna. The plan establishes the 
basis for the cyber security program for the three stations.
    The proposed Cyber Security Plan does not require any plant 
modifications, alter the plant configuration, require new plant 
equipment to be installed, alter accident analysis assumptions, add 
any initiators, or affect the function of plant systems or the 
manner in which systems are operated, maintained, modified, tested, 
or inspected. The plan establishes how to achieve high assurance 
that nuclear power plant digital computer and communication systems 
and networks associated with certain systems and functions are 
adequately protected against cyber attacks. This protective function 
has no impact on the probability or consequences of an accident 
previously evaluated.
    The proposed change to the license condition in the licenses of 
CCNPP, NMPNS and Ginna adds a sentence to the existing license 
condition for physical protection to require implementation and 
maintenance of the Cyber Security Plan. This change is 
administrative and has no impact on the probability or consequences 
of an accident previously evaluated.
    Therefore, it is concluded that this change to the CCNPP, NMPNS 
and Ginna license

[[Page 62595]]

conditions does not involve a significant increase in the 
probability or consequences of an accident previously evaluated.
    2. The proposed change does not create the possibility of a new 
or different kind of accident from any accident previously 
evaluated.
    The proposed change is required by 10 CFR 73.54. The Cyber 
Security Plan conforms to the template provided in NEI 08-09, 
Revision 6, with the exception of the definition of cyber attack and 
provides a description of how the requirements of the rule will be 
implemented at CCNPP, NMPNS and Ginna. The plan establishes the 
basis for the cyber security program for the three stations.
    The proposed Cyber Security Plan does not require any plant 
modifications, alter the plant configuration, require new plant 
equipment to be installed, alter accident analysis assumptions, add 
any initiators, or affect the function of plant systems or the 
manner in which systems are operated, maintained, modified, tested, 
or inspected. The plan establishes how to achieve high assurance 
that nuclear power plant digital computer and communication systems 
and networks associated with certain systems and functions are 
adequately protected against cyber attacks. This protective function 
has no impact on the possibility of a new or different kind of 
accident from any accident previously evaluated.
    The proposed change to the license condition in the licenses of 
CCNPP, NMPNS and Ginna adds a sentence to the existing license 
condition for physical protection to require implementation and 
maintenance of the Cyber Security Plan. This change is 
administrative and has no impact on the possibility of a new or 
different kind of accident from any accident previously evaluated.
    Therefore, it is concluded that this change to the CCNPP, NMPNS 
and Ginna license conditions does not create the possibility of a 
new or different kind of accident from any previously evaluated.
    3. The proposed change does not involve a significant reduction 
in a margin of safety.
    The margin of safety in this case is that the implementation of 
the Cyber Security Plan does not adversely affect systems or 
equipment important to the operation of the plant.
    The proposed change is required by 10 CFR 73.54. The Cyber 
Security Plan conforms to the template provided in NEI 08-09, 
Revision 6, with the exception of the definition of cyber attack and 
provides a description of how the requirements of the rule will be 
implemented at CCNPP, NMPNS and Ginna. The plan establishes the 
basis for the cyber security program for the three stations.
    The plan establishes the basis for the cyber security program 
for the three stations and does not require any plant modifications, 
alter the plant configuration, require new plant equipment to be 
installed, alter accident analysis assumptions, add any initiators, 
or affect the function of plant systems or the manner in which 
systems are operated, maintained, modified, tested, or inspected. 
The plan establishes how to achieve high assurance that nuclear 
power plant digital computer and communication systems and networks 
associated with certain systems and functions are adequately 
protected against cyber attacks. This protective function has no 
impact on the operation of vital systems or equipment. Therefore, 
the implementation of the proposed Cyber Security Plan does not 
involve a significant reduction in a margin of safety.
    The proposed change to the license condition in the licenses of 
CCNPP, NMPNS and Ginna adds a sentence to the existing license 
condition for physical protection to require implementation and 
maintenance of the Cyber Security Plan. This change is 
administrative and does not involve a significant reduction in a 
margin of safety.
    Therefore, the proposed change to the CCNPP, NMPNS and Ginna 
license conditions and implementation of the proposed Cyber Security 
Plan do not create a significant reduction in a margin of safety.
    Based on the above, we conclude that the proposed change 
presents no significant hazards consideration under the standards 
set forth in 10 CFR 50.92(c), and accordingly, a finding of no 
significant hazards consideration is justified.

    The NRC staff has reviewed the licensee's analysis and, based on 
this review, it appears that the three standards of 10 CFR 50.92(c) are 
satisfied. Therefore, the NRC staff proposes to determine that the 
amendment request involves no significant hazards consideration.
    Attorney for licensee: Carey Fleming, Sr. Counsel--Nuclear 
Generation, Constellation Generation Group, LLC, 750 East Pratt Street, 
17th floor, Baltimore, MD 21202.
    NRC Branch Chief: Nancy L. Salgado.

Carolina Power and Light Company, Docket Nos. 50-325 and 50-324, 
Brunswick Steam Electric Plant, Units 1 and 2, Brunswick County, North 
Carolina

Florida Power Corporation, et al., Docket No. 50-302, Crystal River 
Unit No. 3 Nuclear Generating Plant, Citrus County, Florida

Carolina Power & Light Company, Docket No. 50-261, H. B. Robinson Steam 
Electric Plant, Unit No. 2, Darlington County, South Carolina

Carolina Power & Light Company, et al., Docket No. 50-400, Shearon 
Harris Nuclear Power Plant, Unit 1, Wake and Chatham Counties, North 
Carolina

    Date of amendment request: July 8, 2010.
    Description of amendment request: This amendment request contains 
sensitive unclassified non-safeguards information (SUNSI). The proposed 
amendments would establish a fleet Cyber Security Plan in conformance 
with the model Cyber Security Plan contained in Appendix A of Nuclear 
Energy Institute (NEI) document NEI 08-09, ``Cyber Security Plan for 
Nuclear Power Reactors,'' Revision 6, dated April 2010, with one 
deviation regarding the definition of a Cyber Attack as described in 
the licensees' letter. The license amendment requests include the Cyber 
Security Plan, proposed changes to the (Renewed) Facility Operating 
Licenses (FOLs), and a proposed Cyber Security Plan Implementation 
Schedule for each facility. The proposed fleet Cyber Security Plan was 
submitted in accordance with Title 10 of the Code of Federal 
Regulations, Section 73.54, ``Protection of digital computer and 
communication systems and networks.''
    Basis for proposed no significant hazards consideration 
determination: As required by 10 CFR 50.91(a), the licensees provided 
their analysis of the issue of no significant hazards consideration, 
which is presented below:

Criterion 1: The Proposed Change Does Not Involve a Significant 
Increase in the Probability or Consequences of an Accident Previously 
Evaluated

    The proposed change incorporates a new requirement, in the FOL, 
to implement and maintain a Cyber Security Plan as part of the 
facility's overall program for physical protection. The Cyber 
Security Plan itself does not require any plant modifications. 
Rather, the Cyber Security Plan describes how the requirements of 10 
CFR 73.54 are implemented in order to identify, evaluate, and 
mitigate cyber attacks up to and including the design basis threat, 
thereby achieving high assurance that the facility's digital 
computer and communications systems and networks are protected from 
cyber attacks. The proposed change requiring the implementation and 
maintenance of a Cyber Security Plan does not alter the plant 
configuration, require new plant equipment to be installed, alter 
accident analysis assumptions, add any accident initiators, or 
affect the function of plant systems or the manner in which systems 
are operated, maintained, modified, tested, or inspected; therefore, 
the inclusion of the Cyber Security Plan as a part of the facility's 
other physical protection programs specified in the FOL has no 
impact on the probability or consequences of an accident previously 
evaluated.

Criterion 2: The Proposed Change Does Not Create the Possibility of a 
New or Different Kind of Accident From Any Accident Previously 
Evaluated.

    The proposed change incorporates a new requirement, in the FOL, 
to implement and maintain a Cyber Security Plan as part of the 
facility's overall program for physical protection. The creation of 
the possibility of a new or different kind of accident requires 
creating one or more new accident precursors. New accident 
precursors may be created by modifications of the plant's 
configuration, including changes in the

[[Page 62596]]

allowable modes of operation. The Cyber Security Plan itself does 
not require any plant modifications, nor does the Cyber Security 
Plan affect the control parameters governing unit operation or the 
response of plant equipment to a transient condition. Because the 
proposed change does not change or introduce any new equipment, 
modes of system operation, or failure mechanisms, no new accident 
precursors are created. Therefore, the proposed change does not 
create the possibility of a new or different kind of accident from 
any accident previously evaluated.

Criterion 3: The Proposed Change Does Not Involve a Significant 
Reduction in a Margin of Safety

    The proposed change incorporates a new requirement, in the FOL, 
to implement and maintain a Cyber Security Plan as part of the 
facility's overall program for physical protection. Plant safety 
margins are established through Limiting Conditions for Operation, 
Limiting Safety System Settings and Safety Limits specified in the 
Technical Specifications. Because the Cyber Security Plan does not 
require any plant modifications and does not alter the operation of 
plant equipment, the proposed change does not change established 
safety margins. Therefore, the proposed change does not involve a 
significant reduction in a margin of safety.

    The NRC staff has reviewed the licensees' analysis and, based on 
this review, it appears that the three standards of 10 CFR 50.92(c) are 
satisfied. Therefore, the NRC staff proposes to determine that the 
amendment requests involve no significant hazards consideration.
    Attorney for licensee: David T. Conley, Associate General Counsel 
II--Legal Department, Progress Energy Service Company, LLC, Post Office 
Box 1551, Raleigh, North Carolina 27602.
    NRC Branch Chief: Douglas A. Broaddus.

Entergy Gulf States Louisiana, LLC, and Entergy Operations, Inc., 
Docket No. 50-458, River Bend Station, Unit 1, West Feliciana Parish, 
Louisiana

    Date of amendment request: July 22, 2010.
    Description of amendment request: This amendment request contains 
sensitive unclassified non-safeguards information (SUNSI). The proposed 
amendment would approve the River Bend Station (RBS) Cyber Security 
Plan, in accordance with 10 CFR 73.54. In addition, the amendment would 
revise the RBS facility operating license to add a sentence to require 
the licensee to fully implement and maintain in effect all provisions 
of the Commission-approved RBS Cyber Security Plan. The proposed change 
is consistent with Nuclear Energy Institute (NEI) 08-09, Revision 6, 
``Cyber Security Plan for Nuclear Power Reactors.''
    Basis for proposed no significant hazards consideration 
determination: As required by 10 CFR 50.91(a), the licensee has 
provided its analysis of the issue of no significant hazards 
consideration, which is presented below:

    1. Does the proposed change involve a significant increase in 
the probability or consequences of an accident previously evaluated?
    Response: No.
    As required by 10 CFR 73.54 Entergy has submitted a cyber 
security plan for NRC review and approval for River Bend Station 
(RBS). The RBS Cyber Security Plan does not alter accident analysis 
assumptions, add any initiators, or affect the function of plant 
systems or the manner in which systems are operated, maintained, 
modified, tested, or inspected. The RBS Cyber Security Plan does not 
require any plant modifications which affect the performance 
capability of the structures, systems, and components relied upon to 
mitigate the consequences of postulated accidents. The RBS Cyber 
Security Plan is designed to achieve high assurance that the systems 
within the scope of the 10 CFR 73.54 Rule are protected from cyber 
attacks and has no impact on the probability or consequences of an 
accident previously evaluated.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for Physical Protection. Both of these 
changes are administrative in nature and have no impact on the 
probability or consequences of an accident previously evaluated.
    Therefore, the proposed change does not involve a significant 
increase in the probability or consequences of an accident 
previously evaluated.
    2. Does the proposed change create the possibility of a new or 
different kind of accident from any accident previously evaluated?
    Response: No.
    As required by 10 CFR 73.54 Entergy has submitted a cyber 
security plan for NRC review and approval for RBS. The RBS Cyber 
Security Plan does not alter accident analysis assumptions, add any 
initiators, or affect the function of plant systems or the manner in 
which systems are operated, maintained, modified, tested, or 
inspected. The RBS Cyber Security Plan does not require any plant 
modifications which affect the performance capability of the 
structures, systems, and components relied upon to mitigate the 
consequences of postulated accidents. The RBS Cyber Security Plan is 
designed to achieve high assurance that the systems within the scope 
of the 10 CFR 73.54 Rule are protected from cyber attacks and does 
not create the possibility of a new or different kind of accident 
from any accident previously evaluated.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for Physical Protection. Both of these 
changes are administrative in nature and do not create the 
possibility of a new or different kind of accident from any accident 
previously evaluated.
    Therefore, the proposed change does not create the possibility 
of a new or different kind of accident from any accident previously 
evaluated.
    3. Does the proposed change involve a significant reduction in a 
margin of safety?
    Response: No.
    As required by 10 CFR 73.54 Entergy has submitted a cyber 
security plan for NRC review and approval for RBS. Plant safety 
margins are established through limiting conditions for operation, 
limiting safety system settings, and safety limits specified in the 
technical specifications. Because there is no change to these 
established safety margins, the proposed change does not involve a 
significant reduction in a margin of safety.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for Physical Protection. Both of these 
changes are administrative in nature and do not involve a 
significant reduction in a margin of safety.
    Therefore, the proposed change does not involve a significant 
reduction in a margin of safety.

    The NRC staff has reviewed the licensee's analysis and, based on 
this review, it appears that the three standards of 10 CFR 50.92(c) are 
satisfied. Therefore, the NRC staff proposes to determine that the 
amendment request involves no significant hazards consideration.
    Attorney for licensee: Joseph A. Aluise, Associate General 
Counsel--Nuclear, Entergy Services, Inc., 639 Loyola Avenue, New 
Orleans, Louisiana 70113.
    NRC Branch Chief: Michael T. Markley.

Entergy Nuclear Operations, Inc., Docket Nos. 50-003, 50-247, and 50-
286, Indian Point Nuclear Generating Unit Nos. 1, 2, and 3, Westchester 
County, New York

    Date of amendment request: July 8, 2010.
    Description of amendment request: This amendment request contains 
sensitive unclassified non-safeguards information (SUNSI). The proposed 
amendment to the Facility Operating Licenses (FOLs) includes: (1) The 
proposed Cyber Security Plan, (2) an implementation schedule, and (3) a 
proposed statement to be added to the existing FOL Physical Protection 
license conditions requiring Entergy to fully implement and maintain in 
effect all provisions of the Commission-approved Cyber Security Plan as 
required by 10 CFR 73.54. The Federal Register notice dated March 27, 
2009, issued the final rule that amended 10 CFR Part 73. The 
regulations in 10 CFR 73.54, ``Protection

[[Page 62597]]

of digital computer and communication systems and networks,'' establish 
the requirements for a cyber security program. This regulation 
specifically requires each licensee currently licensed to operate a 
nuclear power plant under Part 50 of this chapter to submit a cyber 
security plan that satisfies the requirements of the Rule. Each 
submittal must include a proposed implementation schedule, and 
implementation of the licensee's cyber security program must be 
consistent with the approved schedule. The background for this 
application is addressed by the NRC Notice of Availability, Federal 
Register Notice, Final Rule 10 CFR Part 73, Power Reactor Security 
Requirements, published on March 27, 2009, 74 FR 13926.
    Basis for proposed no significant hazards consideration 
determination: As required by 10 CFR 50.91(a), the licensee has 
provided its analysis of the issue of no significant hazards 
consideration, which is presented below:

    1. Does the proposed change involve a significant increase in 
the probability or consequences of an accident previously evaluated?
    Response: No.
    As required by 10 CFR 73.54 Entergy has submitted a cyber 
security plan for NRC review and approval for Indian Point Nuclear 
Generating Unit Nos. 1, 2, and 3. The Indian Point Energy Center 
(IPEC) Cyber Security Plan does not require any plant modifications 
which affect the performance capability of the structures, systems, 
and components relied upon to mitigate the consequences of 
postulated accidents. The IPEC Cyber Security Plan does not alter 
accident analysis assumptions, add any initiators, or affect the 
function of plant systems or the manner in which systems are 
operated, maintained, modified, tested, or inspected. The IPEC Cyber 
Security Plan is designed to achieve high assurance that the systems 
within the scope of the 10 CFR 73.54 Rule are protected from cyber 
attacks and has no impact on the probability or consequences of an 
accident previously evaluated.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for Physical Protection. Both of these 
changes are administrative in nature and have no impact on the 
probability or consequences of an accident previously evaluated.
    Therefore, the proposed change does not involve a significant 
increase in the probability or consequences of an accident 
previously evaluated.
    2. Does the proposed change create the possibility of a new or 
different kind of accident from any accident previously evaluated?
    Response: No.
    As required by 10 CFR 73.54 Entergy has submitted a cyber 
security plan for NRC review and approval for Indian Point Nuclear 
Generating Unit Nos. 1, 2, and 3. The IPEC Cyber Security Plan does 
not require any plant modifications which affect the performance 
capability of the structures, systems, and components relied upon to 
mitigate the consequences of postulated accidents. The IPEC Cyber 
Security Plan does not alter accident analysis assumptions, add any 
initiators, or affect the function of plant systems or the manner in 
which systems are operated, maintained, modified, tested, or 
inspected. The IPEC Cyber Security Plan is designed to achieve high 
assurance that the systems within the scope of the 10 CFR 73.54 Rule 
are protected from cyber attacks and does not create the possibility 
of a new or different kind of accident from any accident previously 
evaluated.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for Physical Protection. Both of these 
changes are administrative in nature and do not create the 
possibility of a new or different kind of accident from any accident 
previously evaluated.
    Therefore, the proposed change does not create the possibility 
of a new or different kind of accident from any accident previously 
evaluated.
    3. Does the proposed change involve a significant reduction in a 
margin of safety?
    Response: No.
    As required by 10 CFR 73.54 Entergy has submitted a cyber 
security plan for NRC review and approval for Indian Point Nuclear 
Generating Unit Nos. 1, 2, and 3. Plant safety margins are 
established through limiting conditions for operation, limiting 
safety system settings, and safety limits specified in the technical 
specifications. Because there is no change to these established 
safety margins as [a] result of the implementation of the IPEC Cyber 
Security Plan, the proposed change does not involve a significant 
reduction in a margin of safety.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for Physical Protection. Both of these 
changes are administrative in nature and do not involve a 
significant reduction in a margin of safety.
    Therefore, the proposed change does not involve a significant 
reduction in a margin of safety.

    The NRC staff has reviewed the licensee's analysis and, based on 
this review, it appears that the three standards of 10 CFR 50.92(c) are 
satisfied. Therefore, the NRC staff proposes to determine that the 
amendment request involves no significant hazards consideration.
    Attorney for licensee: Mr. William C. Dennis, Assistant General 
Counsel, Entergy Nuclear Operations, Inc., 440 Hamilton Avenue, White 
Plains, NY 10601.
    NRC Branch Chief: Nancy L. Salgado.

Entergy Operations, Inc., Docket No. 50-313 and 50-368, Arkansas 
Nuclear One, Unit Nos. 1 and 2, Pope County, Arkansas

    Date of amendment request: July 9, 2010.
    Description of amendment request: This amendment request contains 
sensitive unclassified non-safeguards information (SUNSI). The proposed 
amendment would approve the Arkansas Nuclear One (ANO), Units 1 and 2 
cyber security plan and associated implementation schedule, and revise 
the physical protection license condition to require the licensee to 
fully implement and maintain in effect all provisions of the NRC-
approved Cyber Security Plan. The proposed change is consistent with 
Nuclear Energy Institute (NEI) 08-09, Revision 6, ``Cyber Security Plan 
for Nuclear Power Reactors.''
    Basis for proposed no significant hazards consideration 
determination: As required by 10 CFR 50.91(a), the licensee has 
provided its analysis of the issue of no significant hazards 
consideration, which is presented below:

    1. Does the proposed change involve a significant increase in 
the probability or consequences of an accident previously evaluated?
    Response: No.
    As required by 10 CFR 73.54 Entergy has submitted a cyber 
security plan for NRC review and approval for Arkansas Nuclear One 
(ANO), Units 1 and 2. The ANO Cyber Security Plan does not alter 
accident analysis assumptions, add any initiators, or affect the 
function of plant systems or the manner in which systems are 
operated, maintained, modified, tested, or inspected. The ANO Cyber 
Security Plan does not require any plant modifications which affect 
the performance capability of the structures, systems, and 
components relied upon to mitigate the consequences of postulated 
accidents. The ANO Cyber Security Plan is designed to achieve high 
assurance that the systems within the scope of the 10 CFR 73.54 Rule 
are protected from cyber attacks and has no impact on the 
probability or consequences of an accident previously evaluated.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for Physical Protection. Both of these 
changes are administrative in nature and have no impact on the 
probability or consequences of an accident previously evaluated.
    Therefore, the proposed change does not involve a significant 
increase in the probability or consequences of an accident 
previously evaluated.
    2. Does the proposed change create the possibility of a new or 
different kind of accident from any accident previously evaluated?
    Response: No.
    As required by 10 CFR 73.54[,] Entergy has submitted a cyber 
security plan for NRC

[[Page 62598]]

review and approval for ANO. The ANO Cyber Security Plan does not 
alter accident analysis assumptions, add any initiators, or affect 
the function of plant systems or the manner in which systems are 
operated, maintained, modified, tested, or inspected. The ANO Cyber 
Security Plan does not require any plant modifications which affect 
the performance capability of the structures, systems, and 
components relied upon to mitigate the consequences of postulated 
accidents. The ANO Cyber Security Plan is designed to achieve high 
assurance that the systems within the scope of the 10 CFR 73.54 Rule 
are protected from cyber attacks and does not create the possibility 
of a new or different kind of accident from any accident previously 
evaluated.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for Physical Protection. Both of these 
changes are administrative in nature and do not create the 
possibility of a new or different kind of accident from any accident 
previously evaluated.
    Therefore, the proposed change does not create the possibility 
of a new or different kind of accident from any accident previously 
evaluated.
    3. Does the proposed change involve a significant reduction in a 
margin of safety?
    Response: No.
    As required by 10 CFR 73.54[,] Entergy has submitted a cyber 
security plan for NRC review and approval for ANO. Plant safety 
margins are established through limiting conditions for operation, 
limiting safety system settings, and safety limits specified in the 
technical specifications. Because there is no change to these 
established safety margins as result of the implementation of the 
ANO Cyber Security Plan, the proposed change does not involve a 
significant reduction in a margin of safety.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for Physical Protection. Both of these 
changes are administrative in nature and do not involve a 
significant reduction in a margin of safety.
    Therefore, the proposed change does not involve a significant 
reduction in a margin of safety.

    The NRC staff has reviewed the licensee's analysis and, based on 
this review, it appears that the three standards of 10 CFR 50.92(c) are 
satisfied. Therefore, the NRC staff proposes to determine that the 
amendment request involves no significant hazards consideration.
    Attorney for licensee: Joseph A. Aluise, Assistant General 
Counsel--Nuclear, Entergy Services, Inc., 639 Loyola Avenue, New 
Orleans, Louisiana 70113.
    NRC Branch Chief: Michael T. Markley.

Entergy Operations, Inc., Docket No. 50-382, Waterford Steam Electric 
Station, Unit 3, St. Charles Parish, Louisiana

    Date of amendment request: July 15, 2010.
    Description of amendment request: This amendment request contains 
sensitive unclassified non-safeguards information (SUNSI). The proposed 
amendment would approve the Waterford Steam Electric Station, Unit 3 
(Waterford 3) cyber security plan and associated implementation 
schedule, and revise the physical protection license condition to 
require the licensee to fully implement and maintain in effect all 
provisions of the NRC-approved Cyber Security Plan. The proposed change 
is consistent with Nuclear Energy Institute (NEI) 08-09, Revision 6, 
``Cyber Security Plan for Nuclear Power Reactors.''
    Basis for proposed no significant hazards consideration 
determination: As required by 10 CFR 50.91(a), the licensee has 
provided its analysis of the issue of no significant hazards 
consideration, which is presented below:

    1. Does the proposed change involve a significant increase in 
the probability or consequences of an accident previously evaluated?
    Response: No.
    As required by 10 CFR 73.54[,] Entergy has submitted a cyber 
security plan for NRC review and approval for Waterford 3. The 
Waterford 3 Cyber Security Plan does not require any plant 
modifications which affect the performance capability of the 
structures, systems, and components relied upon to mitigate the 
consequences of postulated accidents. The Waterford 3 Cyber Security 
Plan does not alter accident analysis assumptions, add any 
initiators, or affect the function of plant systems or the manner in 
which systems are operated, maintained, modified, tested, or 
inspected. The Waterford 3 Cyber Security Plan is designed to 
achieve high assurance that the systems within the scope of the 10 
CFR 73.54 Rule are protected from cyber attacks and has no impact on 
the probability or consequences of an accident previously evaluated.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for physical protection. Both of these 
changes are administrative in nature and have no impact on the 
probability or consequences of an accident previously evaluated.
    Therefore, the proposed change does not involve a significant 
increase in the probability or consequences of an accident 
previously evaluated.
    2. Does the proposed change create the possibility of a new or 
different kind of accident from any accident previously evaluated?
    Response: No.
    As required by 10 CFR 73.54[,] Entergy has submitted a cyber 
security plan for NRC review and approval for Waterford 3. The 
Waterford 3 Cyber Security Plan does not require any plant 
modifications which affect the performance capability of the 
structures, systems, and components relied upon to mitigate the 
consequences of postulated accidents. The Waterford 3 Cyber Security 
Plan does not alter accident analysis assumptions, add any 
initiators, or affect the function of plant systems or the manner in 
which systems are operated, maintained, modified, tested, or 
inspected. The Waterford 3 Cyber Security Plan is designed to 
achieve high assurance that the systems within the scope of the 10 
CFR 73.54 Rule are protected from cyber attacks and does not create 
the possibility of a new or different kind of accident from any 
accident previously evaluated.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for physical protection. Both of these 
changes are administrative in nature and do not create the 
possibility of a new or different kind of accident from any accident 
previously evaluated.
    Therefore, the proposed change does not create the possibility 
of a new or different kind of accident from any accident previously 
evaluated.
    3. Does the proposed change involve a significant reduction in a 
margin of safety?
    Response: No.
    As required by 10 CFR 73.54[,] Entergy has submitted a cyber 
security plan for NRC review and approval for Waterford 3. Plant 
safety margins are established through limiting conditions for 
operation, limiting safety system settings, and safety limits 
specified in the technical specifications. Because there is no 
change to these established safety margins as result of the 
implementation of the Waterford 3 Cyber Security Plan, the proposed 
change does not involve a significant reduction in a margin of 
safety.
    The second part of the proposed change is an implementation 
schedule, and the third part adds a sentence to the existing 
operating license condition for physical protection. Both of these 
changes are administrative in nature and do not involve a 
significant reduction in a margin of safety.
    Therefore, the proposed change does not involve a significant 
reduction in a margin of safety.

    The NRC staff has reviewed the licensee's analysis and, based on 
this review, it appears that the three standards of 10 CFR 50.92(c) are 
satisfied. Therefore, the NRC staff proposes to determine that the 
amendment request involves no significant hazards consideration.
    Attorney for licensee: Joseph A. Aluise, Assistant General 
Counsel--Nuclear, Entergy Services, Inc., 639 Loyola Avenue, New 
Orleans, Louisiana 70113.
    NRC Branch Chief: Michael T. Markley.

[[Page 62599]]

FirstEnergy Nuclear Operating Company, et al., Docket Nos. 50-334 and 
50-412, Beaver Valley Power Station, Unit Nos. 1 and 2, Beaver County, 
Pennsylvania

    Date of amendment request: July 22, 2010.
    Description of amendment request: This amendment request contains 
sensitive unclassified non-safeguards information (SUNSI). The proposed 
amendment to the Renewed Facility Operating License (FOL) includes: (1) 
The proposed Beaver Valley Power Station, Unit Nos. 1 and 2 (BVPS-1 and 
2) Cyber Security Plan, (2) an implementation schedule, and (3) a 
proposed sentence to be added to the existing renewed FOL Physical 
Protection license condition for BVPS-1 and 2 requiring FirstEnergy 
Nuclear Operating Company (FENOC, the licensee) to fully implement and 
maintain in effect all provisions of the Commission-approved BVPS-1 and 
2 Cyber Security Plan as required by Section 73.54 of Part 73 of Title 
10 of the Code of Federal Regulations (10 CFR). Federal Register notice 
dated March 27, 2009, issued the final rule that amended 10 CFR Part 
73. The regulations in 10 CFR 73.54, ``Protection of digital computer 
and communication systems and networks,'' establish the requirements 
for a cyber security program. This regulation specifically requires 
each licensee currently licensed to operate a nuclear power plant under 
Part 50 of this chapter to submit a cyber security plan that satisfies 
the requirements of the Rule. Each submittal must include a proposed 
implementation schedule and implementation of the licensee's cyber 
security program must be consistent with the approved schedule. The 
background for this application is addressed by the Nuclear Regulatory 
Commission (NRC) Notice of Availability, Federal Register Notice, Final 
Rule 10 CFR Part 73, Power Reactor Security Requirements, published on 
March 27, 2009 (74 FR 13926).
    Basis for proposed no significant hazards consideration 
determination: As required by 10 CFR 50.91(a), the licensee has 
provided its analysis of the issue of no significant hazards 
consideration, which is presented below:

Criterion 1: The Proposed Change Does Not Involve a Significant 
Increase in the Probability or Consequences of an Accident Previously 
Evaluated

    The proposed change is required by 10 CFR 73.54 and includes 
three parts. The first part is the submittal of the Plan for NRC 
review and approval. The Plan provides a description of how the 
requirements of the rule will be implemented at the BVPS Unit Nos. 1 
and 2. The Plan establishes the licensing basis for the FENOC cyber 
security program for the BVPS Unit Nos. 1 and 2. The Plan 
establishes how to achieve high assurance that nuclear power plant 
digital computer and communication systems and networks associated 
with the following are adequately protected against cyber attacks up 
to and including the design basis threat:
    1. Safety-related and important-to-safety functions,
    2. Security functions,
    3. Emergency preparedness functions including offsite 
communications, and
    4. Support systems and equipment which if compromised, would 
adversely impact safety, security, or emergency preparedness 
functions.
    Part one of the proposed change is designed to achieve high 
assurance that the systems are protected from cyber attacks. The 
Plan itself does not require any plant modifications. However, the 
Plan does describe how plant modifications which involve digital 
computer systems are reviewed to provide high assurance of adequate 
protection against cyber attacks, up to and including the design 
basis threat as defined in the rule. The proposed change does not 
alter the plant configuration, require new plant equipment to be 
installed, alter accident analysis assumptions, add any initiators, 
affect the function of plant systems, or affect the manner in which 
systems are operated. The first part of the proposed change is 
designed to achieve high assurance that the systems within the scope 
of the rule are protected from cyber attacks and has no impact on 
the probability or consequences of an accident previously evaluated.
    The second part of the proposed change is an implementation 
schedule. The third part adds a sentence to the existing FOL license 
condition 2.D for BVPS Unit No. 1 and 2.E for BVPS Unit No. 2 for 
Physical Protection. Both of these changes are administrative and 
have no impact on the probability or consequences of an accident 
previously evaluated.
    Therefore, it is concluded that this change does not involve a 
significant increase in the probability or consequences of an 
accident previously evaluated.

Criterion 2: The Proposed Change Does Not Create the Possibility of a 
New or Different Kind of Accident From Any Accident Previously 
Evaluated

    The proposed change is required by 10 CFR 73.54 and includes 
three parts. The first part is the submittal of the Plan for NRC 
review and approval. The Plan provides a description of how the 
requirements of the rule will be implemented at the BVPS Unit Nos. 1 
and 2. The Plan establishes the licensing basis for the FENOC cyber 
security program for the BVPS Unit Nos. 1 and 2. The Plan 
establishes how to achieve high assurance that nuclear power plant 
digital computer and communication systems and networks associated 
with the following are adequately protected against cyber attacks up 
to and including the design basis threat:
    1. Safety-related and important-to-safety functions,
    2. Security functions,
    3. Emergency preparedness functions including offsite 
communications, and
    4. Support systems and equipment which if compromised, would 
adversely impact safety, security, or emergency preparedness 
functions.
    Part one of the proposed change is designed to achieve high 
assurance that the systems within the scope of the rule are 
protected from cyber attacks. The Plan itself does not require any 
plant modifications. However, the Plan does describe how plant 
modifications which involve digital computer systems are reviewed to 
provide high assurance of adequate protection against cyber attacks, 
up to and including the design basis threat defined in the rule. The 
proposed change does not alter the plant configuration, require new 
plant equipment to be installed, alter accident analysis 
assumptions, add any initiators, affect the function of plant 
systems, or affect the manner in which systems are operated. The 
first part of the proposed change is designed to achieve high 
assurance that the systems within the scope of the rule are 
protected from cyber attacks and does not create the possibility of 
a new or different kind of accident from any previously evaluated.
    The second part of the proposed change is an implementation 
schedule. The third part adds a sentence to the existing FOL license 
condition 2.D for BVPS Unit No. 1 and 2.E for BVPS Unit No. 2 for 
Physical Protection. Both of these changes are administrative and do 
not create the possibility of a new or different kind of accident 
from any previously evaluated.
    Therefore, the proposed change does not create the possibility 
of a new or different kind of accident from any previously 
evaluated.

Criterion 3: The Proposed Change Does Not Involve a Significant 
Reduction in a Margin of Safety

    The proposed change is required by 10 CFR 73.54 and includes 
three parts. The first part is the submittal of the Plan for NRC 
review and approval. The Plan provides a description of how the 
requirements of the rule will be implemented at the BVPS Unit Nos. 1 
and 2. The Plan establishes the licensing basis for the FENOC cyber 
security program for the BVPS Unit Nos. 1 and 2. The Plan 
establishes how to achieve high assurance that nuclear power plant 
digital computer and communication systems and networks associated 
with the following are adequately protected against cyber attacks up 
to and including the design basis threat:
    1. Safety-related and important-to-safety functions,
    2. Security functions,
    3. Emergency preparedness functions including offsite 
communications, and
    4. Support systems and equipment which if compromised, would 
adversely impact safety, security, or emergency preparedness 
functions.
    Part one of the proposed change is designed to achieve high 
assurance that the systems within the scope of the rule are 
protected from cyber attacks. Plant safety

[[Page 62600]]

margins are established through Limiting Conditions for Operation, 
Limiting Safety System Settings and Safety Limits specified in the 
Technical Specifications, methods of evaluation that establish 
design basis or change Updated Final Safety Analysis. Because there 
is no change to these established safety margins, the proposed 
change does not involve a significant reduction in a margin of 
safety.
    The second part of the proposed change is an implementation 
schedule. The third part adds a sentence to the existing FOL license 
condition 2.D for BVPS Unit No. 1 and 2.E for BVPS Unit No. 2 for 
Physical Protection. Both of these changes are administrative and do 
not involve a significant reduction in a margin of safety.
    Therefore, the proposed change does not involve a significant 
reduction in a margin of safety.

    The NRC staff has reviewed the licensee's analysis and, based on 
this review, it appears that the three standards of 10 CFR 50.92(c) are 
satisfied. Therefore, the NRC staff proposes to determine that the 
amendment request involves no significant hazards consideration.
    Attorney for licensee: David W. Jenkins, FirstEnergy Nuclear 
Operating Company, FirstEnergy Corporation, 76 South Main Street, 
Akron, OH 44308.
    NRC Branch Chief: Nancy L. Salgado.

Florida Power and Light Company, et al., Docket Nos. 50-335 and 50-389, 
St. Lucie Plant, Unit Nos. 1 and 2, St. Lucie County, Florida

    Date of amendment request: August 2, 2010.
    Description of amendment request: This amendment request contains 
sensitive unclassified non-safeguards information (SUNSI). The proposed 
amendment includes three parts: The proposed Plan, an Implementation 
Schedule, and a proposed sentence to be added to the existing renewed 
facility operating licenses (FOL) Physical Protection license condition 
to require Florida Power and Light Company to fully implement and 
maintain in effect all provisions of the Commission approved cyber 
security plan as required by amended 10 CFR Part 73. The proposed Cyber 
Security Plan was submitted in accordance with Title 10 of the Code of 
Federal Regulations, Section 73.54, ``Protection of digital computer 
and communication systems and networks.''
    Basis for proposed no significant hazards consideration 
determination: As required by 10 CFR 50.91(a), the licensees provided 
their analysis of the issue of no significant hazards consideration, 
which is presented below:

    1. Does the proposed change involve a significant increase in 
the probability or consequences of an accident previously evaluated?
    Response: No.
    T