UPDATE: Protecting Commercial Nuclear Facilities from Cyber Attack

James Andersen
Director, Cyber Security Directorate

The NRC has been very forward-thinking in developing cyber security requirements for nuclear power plants. The cyber threat is always evolving, and so is our approach. We first imposed cyber security requirements in Orders issued after the 9/11 terrorist attacks. Drawing on our experience with those steps, we formalized regulations in 2009.

Our “cyber security roadmap” spells out how nuclear plant licensees were implementing our 2009 cyber regulations, as well as our approach to assessing cyber needs of other licensees.

cybersecNuclear plants are meeting these requirements in two phases. During Phase 1, they implemented controls to protect their most significant digital assets from the most prevalent cyber attack vectors. This phase was completed in December 2012, and our inspections of Phase 1 actions were completed in 2015.

During Phase 2, which will be completed by the end of this year, licensees will complete full implementation of their cyber security programs. They will add additional technical cyber controls, cyber security awareness training for employees, incident response testing and drills, configuration management controls, and supply chain protection

Like other NRC programs, cyber security involves “defense in depth.” Crucial safety- or security-related systems (both digital and analog) are isolated from the Internet, giving them strong protection. Such “air gaps” are important, but not sufficient. Licensees must also address wireless threats, portable media such as discs or thumb drives, and other avenues of attack. Physical security and access controls, including guarding against an insider threat to the plant, also add to cyber security, as do cyber intrusion detection and response capability.

The NRC published a new regulation in late 2015 requiring nuclear plant licensees to notify the agency quickly of certain cyber attacks.

With these efforts already accomplished or underway, you can see the NRC takes cyber security seriously, and we’re doing our best to stay flexible and ahead of the ever-changing threat. You can find more information about the NRC’s cyber security program on our website.

This post first ran in October 2015

Update on Quality Assurance Issues in France

David McIntyre
Public Affairs Officer

Today, the NRC is releasing information about large reactor components supplied to U.S. nuclear plants by AREVA’s Creusot Forge in France. This information includes the names of the plants and the reactor components involved.

This blog post discusses the information as well as the NRC’s actions related to ongoing French investigations into potential defects and problems with quality assurance documents regarding the parts’ manufacture.

We are confident at this time that there are no safety concerns for U.S. nuclear power plants raised by the investigations in France. Our confidence is based on the U.S. material qualification process, preliminary structural evaluations of reactor components under scrutiny in France, U.S. material aging-management programs, our participation in a multinational inspection of Creusot Forge, and information supplied by AREVA about the documentation anomalies. Also, the components supplied to U.S. plants have performed well and inspections during their operating life have revealed no safety issues.

Because there are no immediate safety concerns, there is no justification for the NRC to order plants to shut down and inspect components, as some groups have suggested. Should new information raise a specific safety concern, the agency will take appropriate action.

The information released today ML17009a275 was provided to the NRC on Dec. 15 at our request by AREVA, a multinational manufacturer of nuclear plant components.  We informed AREVA on Dec. 30 of our intent to make the information public (ML16364A034). Attachment A lists components with forgings from Creusot Forge supplied to 17 U.S. reactors at 13 sites, directly by AREVA or through third-party vendors. The components are mostly replacement reactor vessel heads, replacement steam generator components or pressurizers. AREVA clarified the list in letters dated Jan. 9 and Jan. 10, which are included in the information.

We posted a piece last June about the investigation by the French Nuclear Safety Agency, ASN, into AREVA’s Creusot Forge. Here is an update:

There are two separate, but related, issues to the investigation in France. The first is called “carbon segregation,” a condition that in certain circumstances could create local areas of reduced toughness in large forged components of nuclear plants. The second is a series of anomalies discovered in the quality assurance documentation of components manufactured at Creusot Forge.

Carbon segregation occurs naturally during the casting of steel ingots. Carbon molecules concentrate as newly forged ingots cool. Most of this excess carbon is cut away and discarded before the actual plant components are formed, but some processes leave small areas of elevated carbon content near the component’s surface. NRC regulations and code requirements by the American Society of Mechanical Engineers account for this condition. Higher-than-expected carbon segregation has been discovered on some reactor components in France that were manufactured using a particular process, though there are no indications it would exceed U.S. limits. We’ve asked AREVA if any components supplied to U.S. reactors were manufactured using that same process, and we expect the company’s answer soon.

While investigating the carbon segregation issue, ASN discovered anomalies in the documents describing how components were manufactured at Creusot Forge. This probe, launched last May, has since expanded to include a review of documents dating back to 1965. (AREVA acquired Creusot Forge in 2006.)

Two NRC inspectors participated in an inspection of the Creusot Forge facility in late November/early December. The inspection team included inspectors from France, the United Kingdom, Finland, China and Canada, and was conducted under the Multinational Design Evaluation Programme, which facilitates information exchanges among nations. During the inspection, AREVA reported that some files on components supplied to U.S. nuclear plants contained anomalies. The company said the anomalies presented no apparent safety concerns.

The NRC inspectors conducted a preliminary review of records for three U.S. plants and agreed that AREVA had made a reasonable assessment of no safety concerns.

The ASN, which led the inspection, is expected to issue a report on its findings in the next several weeks. Meanwhile, AREVA filed an interim report to the NRC on Dec. 7 (ML16344A120), providing more information about document anomalies affecting some U.S. plants. AREVA said it had notified its U.S. customers (including nuclear power plants and vendors) of the documentation issues and its assessment that there are no related safety concerns. The company said it expects to complete its evaluation of Creusot Forge’s documentation processes for U.S. plants by June 30, 2017.

We are not taking this issue lightly. Complete and accurate documentation provides assurance that components were forged to the proper procedures and specifications. As the investigation continues, we remain alert to any indication that the documentation irregularities at Creusot Forge might call into question the safety of these components and U.S. nuclear plants.