Part III

Federal Register: March 27, 2009 (Volume 74, Number 58)

Rules and Regulations

Page 13925-13993

From the Federal Register Online via GPO Access [wais.access.gpo.gov]

DOCID:fr27mr09-16

Page 13925

Part III

Nuclear Regulatory Commission

10 CFR Parts 50, 52, 72 et al.

Power Reactor Security Requirements; Final Rule

Page 13926

NUCLEAR REGULATORY COMMISSION 10 CFR Parts 50, 52, 72, and 73

NRC-2008-0019

RIN 3150-AG63

Power Reactor Security Requirements

AGENCY: Nuclear Regulatory Commission.

ACTION: Final rule.

SUMMARY: The Nuclear Regulatory Commission (NRC) is amending its security regulations and adding new security requirements pertaining to nuclear power reactors. This rulemaking establishes and updates generically applicable security requirements similar to those previously imposed by Commission orders issued after the terrorist attacks of September 11, 2001. Additionally, this rulemaking adds several new requirements not derived directly from the security order requirements but developed as a result of insights gained from implementation of the security orders, review of site security plans, implementation of the enhanced baseline inspection program, and NRC evaluation of force-on-force exercises. This rulemaking also updates the NRC's security regulatory framework for the licensing of new nuclear power plants. Finally, it resolves three petitions for rulemaking (PRM) that were considered during the development of the final rule.

DATES: Effective Date: This final rule is effective on May 26, 2009.

Compliance Date: Compliance with this final rule is required by March 31, 2010, for licensees currently licensed to operate under 10 CFR Part 50.

ADDRESSES: You can access publicly available documents related to this document using the following methods:

Federal e-Rulemaking Portal: Go to http://www.regulations.gov and search for documents filed under Docket ID [NRC-2008-0019]. Address questions about NRC Dockets to Carol Gallagher at 301-492-3668; e-mail

Carol.Gallagher@nrc.gov.

NRC's Public Document Room (PDR): The public may examine and have copied for a fee publicly available documents at the NRC's PDR, Public

File Area O1 F21, One White Flint North, 11555 Rockville Pike,

Rockville, Maryland.

NRC's Agency Wide Documents Access and Management System (ADAMS):

Publicly available documents created or received at the NRC are available electronically at the NRC's Electronic Reading Room at http:/

/www.nrc.gov/reading-rm/adams.html. From this page, the public can gain entry into ADAMS, which provides text and image files of the NRC's public documents. If you do not have access to ADAMS or if there are problems in accessing the documents located in ADAMS, contact the NRC's

PDR reference staff at 1-800-397-4209, 301-415-4737 or by e-mail to pdr.resource@nrc.gov.

FOR FURTHER INFORMATION CONTACT: Ms. Bonnie Schnetzler, Office of

Nuclear Security and Incident Response, U.S. Nuclear Regulatory

Commission, Washington, DC 20555-0001; telephone 301-415-7883; e-mail:

Bonnie.Schnetzler@nrc.gov, or Mr. Timothy Reed, Office of Nuclear

Reactor Regulation, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001; telephone 301-415-1462; e-mail: Timothy.Reed@nrc.gov.

SUPPLEMENTARY INFORMATION:

I. Background

II. Petitions for Rulemaking

III. Discussion of Substantive Changes and Responses to Significant

Comments

IV. Section-by-Section Analysis

V. Guidance

VI. Criminal Penalties

VII. Availability of Documents

VIII. Voluntary Consensus Standards

IX. Finding of No Significant Environmental Impact

X. Paperwork Reduction Act Statement

XI. Regulatory Analysis

XII. Regulatory Flexibility Certification

XIII. Backfit Analysis

XIV. Congressional Review Act

I. Background

  1. Historical Background and Overview

    Following the terrorist attacks on September 11, 2001, the

    Commission issued a series of orders to ensure that nuclear power plants and other licensed facilities continued to have effective security measures in place given the changing threat environment.

    Through these orders, the Commission supplemented the design basis threat (DBT) as well as mandated specific training enhancements, access authorization enhancements, and enhancements to defensive strategies, mitigative measures, and integrated response. Additionally, through generic communications, the Commission specified expectations for enhanced notifications to the NRC for certain security events or suspicious activities. The four following security orders were issued to licensees:

    EA-02-026, ``Interim Compensatory Measures (ICM) Order,'' issued February 25, 2002 (March 4, 2002; 67 FR 9792);

    EA-02-261, ``Access Authorization Order,'' issued January 7, 2003 (January 13, 2003; 68 FR 1643);

    EA-03-039, ``Security Personnel Training and Qualification

    Requirements (Training) Order,'' issued April 29, 2003, (May 7, 2003; 68 FR 24514); and

    EA-03-086, ``Revised Design Basis Threat Order,'' issued

    April 29, 2003, (May 7, 2003; 68 FR 24517).

    Nuclear power plant licensees revised their physical security plans, access authorization programs, training and qualification plans, and safeguards contingency plans in response to these orders. The

    Commission completed its review and approval of the revised security plans on October 29, 2004. These plans incorporated the enhancements required by the orders. While the specifics of these enhancements are protected as Safeguards Information consistent with 10 CFR 73.21, the enhancements resulted in measures such as increased patrols; augmented security forces and capabilities; additional security posts; additional physical barriers; vehicle checks at greater standoff distances; enhanced coordination with law enforcement authorities; augmented security and emergency response training, equipment, and communication; and more restrictive site access controls for personnel including expanded, expedited, and more thorough employee background investigations.

    The Energy Policy Act of 2005 (EPAct 2005), signed into law on

    August 8, 2005, contained several provisions relevant to security at nuclear power plants. Section 653, for instance, added Section 161A. to the Atomic Energy Act of 1954, as amended (AEA). This provision allows the Commission to authorize certain licensees to use, as part of their protective strategies, an expanded arsenal of weapons including machine guns and semi-automatic assault weapons. Section 653 also requires certain security personnel to undergo a background check that includes fingerprinting and a check against the Federal Bureau of

    Investigation's (FBI) National Instant Criminal Background Check System

    (NICS) database. Section 161A, however, is not effective until guidelines are completed by the Commission and approved by the Attorney

    General. More information on the NRC's implementation of Section 161A can be found below.

  2. The Proposed Rule

    As noted to recipients of the post-September 11, 2001, orders, it was

    Page 13927

    always the Commission's intent to complete a thorough review of the existing physical protection program requirements and undertake a rulemaking that would codify generically-applicable security requirements. This rulemaking would be informed by the requirements previously issued by orders and includes an update of existing power reactor security requirements, which had not been significantly revised for nearly 30 years. To that end, on October 26, 2006, the Commission issued the proposed Power Reactor Security rulemaking (71 FR 62663).

    The proposed rule was originally published for a 75-day public comment period. In response to several requests for extension, the comment period was extended on two separate occasions (January 5, 2005; 72 FR 480; and February 28, 2007; 72 FR 8951), eventually closing on March 26, 2007. The Commission received 48 comment letters. In addition, the

    Commission held two public meetings to solicit public comment in

    Rockville, MD on November 15, 2006, and Las Vegas, NV on November 29, 2006. The Commission held a third public meeting in Rockville, MD, on

    March 9, 2007, to facilitate stakeholder understanding of the proposed requirements, and thereby result in more informed comments on the proposed rule provisions.

    In addition to proposing requirements that were similar to those that had previously been imposed by the various orders, the proposed rule also contained several new provisions that the Commission determined would provide additional assurance of licensee capabilities to protect against the DBT. These new provisions were identified by the

    Commission during implementation of the security orders while reviewing the revised site security plans that had been submitted by licensees for Commission review and approval, while conducting the enhanced baseline inspection program, and through evaluation of the results of force-on-force exercises. As identified in the proposed rule, these new provisions included such measures as cyber security requirements, safety/security interface reviews, functional equivalency of the central and secondary alarm stations, uninterruptable backup power for detection and assessment equipment, and video image recording equipment

    (See 71 FR 62666-62667; October 26, 2006).

    The Commission also published a supplemental proposed rule on April 10, 2008, (73 FR 19443) seeking additional stakeholder comment on two provisions of the rule for which the Commission had decided to provide additional detail. The supplemental proposed rule also proposed to move these requirements from appendix C to part 73 in the proposed rule to

    Sec. 50.54 in the final rule. More detail on those provisions and the comments received is provided in section III of this document.

    Three petitions for rulemaking (PRM) (PRM-50-80, PRM-73-11, PRM-73- 13) were also considered as part of this rulemaking. Consideration of these petitions is discussed in detail in section II of this document.

  3. Significant New Requirements in the Final Rule

    This final rulemaking amends the security requirements for power reactors. The following existing sections and appendices in 10 CFR Part 73 have been revised as a result: 10 CFR 73.55, Requirements for physical protection of licensed activities in nuclear power reactors against radiological sabotage. 10 CFR 73.56, Personnel access authorization requirements for nuclear power plants. 10 CFR Part 73, appendix B, section VI, Nuclear Power

    Reactor Training and Qualification Plan for Personnel Performing

    Security Program Duties. 10 CFR Part 73, appendix C, Licensee Safeguards

    Contingency Plans.

    The amendments also add two new sections to part 73 and a new paragraph to 10 CFR Part 50: 10 CFR 73.54, Protection of digital computer and communication systems and networks (i.e., cyber security requirements). 10 CFR 73.58, Safety/security interface requirements for nuclear power reactors. 10 CFR 50.54(hh), Mitigative strategies and response procedures for potential or actual aircraft attacks.

    Specifically, this rulemaking contains a number of significant new requirements listed as follows:

    Safety/Security Interface Requirements. These requirements are located in new Sec. 73.58. The safety/security interface requirements explicitly require licensees to manage and assess the potential conflicts between security activities and other plant activities that could compromise either plant security or plant safety. The requirements direct licensees to assess and manage these interactions so that neither safety nor security is compromised. These requirements address, in part, PRM-50-80, which requested the establishment of regulations governing proposed changes to the facilities which could adversely affect the protection against radiological sabotage.

    Mixed-Oxide (MOX) Fuel Requirements. These requirements are codified into new Sec. 73.55(l) for reactor licensees who propose to use MOX fuel in concentrations of 20 percent or less. These requirements provide enhancements to the normal radiological sabotage- based physical security requirements by adding the requirement that the

    MOX fuel be protected from theft or diversion. These requirements reflect the Commission's view that the application of security requirements for the protection of formula quantities of strategic special nuclear material set forth in Part 73, which would otherwise apply because of the MOX fuel's plutonium content, is, in part, unnecessary to provide adequate protection for this material because of the weight and size of the MOX fuel assemblies. The MOX fuel security requirements are consistent with the approach implemented at Catawba

    Nuclear Station through the MOX lead test assembly effort in 2004-2005.

    Cyber Security Requirements. These requirements are codified as new

    Sec. 73.54 and designed to provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks up to and including the design basis threat as established by Sec. 73.1(a)(1)(v). These requirements are substantial improvements upon the requirements imposed by the February 25, 2002 order. In addition to requiring that all new applications for an operating or combined license include a cyber security plan, the rule will also require currently operating licensees to submit a cyber security plan to the Commission for review and approval by way of license amendment pursuant to Sec. 50.90 within 180 days of the effective date of this final rule. In addition, applicants who have submitted an application for an operating license or combined license currently under review by the Commission must amend their applications to include a cyber security plan. For both current and new licensees, the cyber security plan will become part of the licensee's licensing basis in the same manner as other security plans.

    Mitigative Strategies and Response Procedures for Potential or

    Actual Aircraft Attacks. These requirements appear in new Sec. 50.54(hh). Section 50.54(hh)(1) establishes the necessary regulatory framework to facilitate consistent application of Commission requirements for preparatory actions to be taken in the event of a potential or

    Page 13928

    actual aircraft attack and mitigation strategies for loss of large areas due to fire and explosions. Section 50.54(hh)(2) requires licensees to develop guidance and strategies for addressing the loss of large areas of the plant due to explosions or fires from a beyond- design basis event through the use of readily available resources and identification of potential practicable areas for the use of beyond- readily-available resources. Requirements similar to these were previously imposed under section B.5 of the February 25, 2002, ICM order; specifically, the ``B.5.a'' and the ``B.5.b'' provisions.

    Access Authorization Enhancements. Section 73.56 has been substantially revised to incorporate lessons learned from the

    Commission's implementation of the January 7, 2003 order requirements and to improve the integration of the access authorization and security program requirements. The final rule includes an increase in the rigor for many elements of the pre-existing access authorization program requirements. In addition, the access authorization requirements include new requirements for individuals who have electronic means to adversely impact facility safety, security, or emergency preparedness; enhancements to the psychological assessments requirements; requires information sharing between reactor licensees; expanded behavioral observation requirements; requirements for reinvestigations of criminal and credit history records for all individuals with unescorted access; and 5-year psychological reassessments for certain critical job functions.

    Training and Qualification Enhancements. These requirements are set forth in appendix B to part 73 and include modifications to training and qualification program requirements based on insights gained from implementation of the security orders, Commission reviews of site security plans, implementation of the enhanced baseline inspection program, and insights gained from evaluations of force-on-force exercises. These new requirements include additional requirements for unarmed security personnel to assure these personnel meet minimum physical requirements commensurate with their duties. The new requirements also include a minimum age requirement of 18 years for unarmed security officers, enhanced minimal qualification scores for testing required by the training and qualification plan, enhanced qualification requirements for security trainers, armorer certification requirements, program requirements for on-the-job training, and qualification requirements for drill and exercise controllers.

    Physical Security Enhancements. The rule imposes new physical security enhancements in the revised Sec. 73.55 that were identified by the Commission during implementation of the security orders, reviews of site security plans, implementation of the enhanced baseline inspection program, and NRC evaluations of force-on-force exercises.

    Significant new requirements in Sec. 73.55 include a requirement that the central alarm station (CAS) and secondary alarm station (SAS) have functionally equivalent capabilities so that no single act in accordance with the design basis threat of radiological sabotage could disable the key functions of both CAS and SAS. Additions also include requirements for new reactor licensees to locate the SAS within a site's protected area, ensure that the SAS is bullet resistant, and limit visibility into the SAS from the perimeter of the protected area.

    Revisions to Sec. 73.55 also include requiring uninterruptible backup power supplies for detection and assessment equipment, video image recording capability, and new requirements for protection of the facility against waterborne vehicles.

  4. Significant Changes in the Final Rule

    A number of significant changes were made to the proposed rule as a result of public comments, and they are now reflected in the final rule. Those changes are outlined as follows:

    Separation of Enhanced Weapons and Firearms Background Check

    Requirements. As noted previously, Section 161A of the AEA permits the

    Commission to authorize the use of certain enhanced weapons in the protective strategies of certain designated licensees once guidelines are developed by the Commission and approved by the Attorney General.

    In anticipation of the completion of those guidelines and the Attorney

    General's approval, the Commission had included in the proposed rule several provisions that would implement its proposed requirements concerning application for and approval of the use of enhanced weapons and firearms background checks. However, because the guidelines had not yet received the approval of the Attorney General as the final rule was submitted to the Commission, the Commission decided to address that portion of the proposed rule in a separate rulemaking. Once the final guidelines are approved by the Attorney General and published in the

    Federal Register, the Commission will take appropriate action to codify the Section 161A. authorities.

    Cyber Security Requirements. Another change to this final rulemaking is the relocation of cyber security requirements. Cyber security requirements had been located in the proposed rule in Sec. 73.55(m). These requirements are now placed in new Sec. 73.54 as a separate section within part 73. These requirements were placed in a stand-alone section to enable the cyber security requirements to be made applicable to other types of facilities and applications through future rulemakings.

    Establishing these requirements as a stand-alone section also necessitated creating accompanying licensing requirements. Because the cyber security requirements were originally proposed as part of the physical security program and thus the physical security plan, a licensee's cyber security plan under the proposed rule would have been part of the license through that licensing document. Once these requirements were separated from proposed Sec. 73.55, the Commission identified the need to establish separate licensing requirements for the licensee's cyber security plan that would require the plan to be part of a new application for a license issued under part 50 or part 52, as well as continue to be a condition of either type of license.

    Conforming changes were therefore made to sections Sec. Sec. 50.34, 50.54, 52.79, and 52.80 to address this consideration. As noted previously and in Sec. 73.54, for current reactor licensees, the rule requires the submission of a new cyber security plan to the Commission for review and approval within 180 days of the effective date of the final rule. Current licensees are required to submit their cyber security plans by way of a license amendment pursuant to 10 CFR Sec. 50.90. In addition, applicants for an operating license or combined license who have submitted their applications to the Commission prior to the effective date of the rule are required to amend their applications to the extent necessary to address the requirements of

    Sec. 73.54.

    Performance Evaluation Program Requirements. The Performance

    Evaluation Program requirements that were in proposed appendix C to part 73, are moved in their entirety to appendix B to part 73 as these requirements describe the development and implementation of a training program for training the security force in the response to contingency events.

    Mitigative Strategies and Response Procedures for Potential or

    Actual Aircraft Attacks. Another significant change to this rulemaking is the

    Page 13929

    relocation of and the addition of clarifying rule language to the beyond-design basis mitigative measures and potential aircraft threat notification requirements that were previously located in proposed part 73, appendix C. Those requirements are now set forth in 10 CFR 50.54(hh). This change was made, in part, in response to stakeholder comments that part 73, appendix C, was not the appropriate location for these requirements because the requirements were not specific to the licensee's security organization. The Commission agreed and relocated the requirements accordingly and provided more details to the final rule language to ensure that the intent of these requirements is clear.

    As noted previously, the Commission issued a supplemental proposed rule seeking additional stakeholder comment on these proposed changes to the rule. More detail on this provision is provided in Section III of this document.

    Section 73.71 and Appendix G to Part 73. The proposed power reactor security rulemaking contained proposed requirements for Sec. 73.71 and appendix G to part 73. Based on public comments, the Commission intended to make few changes to these regulations. However, these provisions are not contained in this final rulemaking. Because the enhanced weapons rulemaking (discussed previously) will include potential changes to Sec. 73.71 and appendix G to part 73, the

    Commission decided that revisions to these regulations were better suited for that rulemaking.

    Security Plan Submittal Requirements. The proposed rule would have required current licensees to revise their physical security plan, training and qualification plans, and safeguards contingency plan to incorporate the new requirements and to submit these security plans for

    Commission review and approval. The final rule no longer requires these security plans (with the exception of the cyber security plan as discussed previously) to be submitted for prior Commission review and approval and instead allows licensees to make changes in accordance with existing licensing provisions such as Sec. 50.54(p) or Sec. 50.90, as applicable. The Commission determined that this was an acceptable approach because most of the requirements established by this rule are substantially similar to the requirements that had been imposed by the security orders and because all licensee security plans were recently reviewed and approved by the Commission in 2004 following issuance of those orders. Additionally, many of the additional requirements in the final rule are already current practices that were implemented following an industry-developed, generic, security plan template that was reviewed and approved by the Commission. For the requirements that go beyond current practices, the Commission does not expect that changes required by this rule would result in a decrease of effectiveness in a licensee's security plan. For implementation of those new requirements, licensees should, therefore, consider whether their plans could be revised in accordance with the procedures described in Sec. 50.54(p). However, if a licensee believes that a plan change may reduce the effectiveness of a security plan or if the licensee desires Commission review and approval of the plan change, then the proposed plan revision should be submitted to the NRC for review and approval as a license amendment per Sec. 50.90.

    With respect to applicants who have already submitted an application to the Commission for an operating license or combined license as of the effective date of this rule, those applicants are required by this rule to amend their applications to the extent necessary to address the requirements of the new rule.

    Implementation of the Final Rule. The final rule is effective 30 days following date of publication. This permits applicability of the rule's requirements to new reactor applicants at the earliest possible date. Current licensees are required to be in compliance with the rule requirements by March 31, 2010.

    Definitions. The proposed rule contained a number of definitions, primarily related to the proposed enhanced weapons requirements. As noted previously, the enhanced weapons provisions and firearms backgrounds checks have been separated into a separate rulemaking so codifying those definitions is no longer appropriate in this rulemaking. Regarding the other proposed rule definitions of safety/ security interface, security officer, and target sets, these terms are addressed in guidance, and accordingly the final rule does not contain these definitions.

    EPAct 2005 Provisions. As noted above, the proposed rule contained a number of proposed requirements that were designed to address security-related provisions of the EPAct 2005. With respect to Section 653 of the EPAct 2005, enhanced weapons and firearms background check requirements have been moved to a separate rulemaking. The only other provisions of the EPAct 2005 that the Commission had considered during this rulemaking were in Section 651, which concerns matters related to the triennial Commission-evaluated, force-on-force exercises, the NRC's mitigation of potential conflicts of interest in the conduct of such exercises, and the submission of annual reports by the NRC to Congress.

    Because the statute requires the NRC to be directly responsible for implementation of those requirements, the Commission has determined that there is no need for them to be specifically reflected in the

    NRC's regulations. The NRC has fully complied with all of the requirements of Section 651 in its conduct of force-on-force evaluations since the EPAct 2005, and has submitted three annual reports to Congress during that time. Further discussion of and the

    Commission's response to a comment on this issue are provided below in

    Section III.

  5. Conforming and Corrective Changes

    Conforming changes to the requirements listed below are made to ensure that cross-referencing between the various security regulations in part 73 is preserved, implement cyber security plan submittal requirements, and preserve requirements for licensees who are not within the scope of this final rule. The following requirements contain conforming changes:

    Section 50.34, ``Contents of construction permit and operating license applications; technical information,'' is revised to align the application requirements with appendix B to 10 CFR part 73, the addition of Sec. 73.54 to part 73, and the addition of Sec. 50.54(hh) to part 50.

    Section 50.54, ``Conditions of licenses,'' is revised to conform with the revisions to sections in appendix C to 10 CFR Part 73.

    In accordance with the introductory text to Sec. 50.54, revisions to this section are also made applicable to combined licenses issued under part 52.

    Section 52.79, ``Contents of applications; technical information in the final safety analysis report,'' is revised to align the application requirements with the revisions to appendix C to 10 CFR

    Part 73 and the addition of Sec. 73.54 to Part 73.

    Section 52.80, ``Contents of applications; additional technical information,'' is revised to add the application requirements for Sec. 50.54(hh) to part 50.

    Section 72.212, ``Conditions of general license issued under Sec. 72.210,'' is revised to reference the appropriate revised paragraph designations in Sec. 73.55.

    Section 73.8, ``Information collection requirements: OMB approval,'' is revised to add the new

    Page 13930

    requirements (Sec. Sec. 73.54 and 73.58) to the list of sections with

    Office of Management and Budget (OMB) information collection requirements. A corrective revision to Sec. 73.8 is made to reflect

    OMB approval of existing information collection requirements for NRC

    Form 366 under existing Sec. 73.71.

    Section 73.70, ``Records,'' is revised to reference the appropriate revised paragraph designations in Sec. 73.55 regarding the need to retain a record of the registry of visitors.

    Additionally, Sec. 73.81, ``Criminal penalties,'' which sets forth the sections within part 73 that are not subject to criminal sanctions under the AEA, remains unchanged because willful violations of the new

    Sec. Sec. 73.54 and 73.58 may be subject to criminal sanctions.

    Appendix B to part 73 and appendix C to part 73 require special treatment in this final rule to preserve, with a minimum of conforming changes, the current requirements for licensees and applicants who are not within the scope of this final rule, such as Category I strategic special nuclear material licensees and research and test reactor licensees. Accordingly, Sections I through V of appendix B to part 73 remain unchanged to preserve the current training and qualification requirements for all applicants, licensees, and certificate holders who are not within the scope of this final rule, and the new language for power reactor security training and qualification (revised in this final rule) is added as Section VI. Part 73, appendix C, is divided into two sections, with Section I maintaining all current requirements for licensees and applicants not within the scope of this final rule, and Section II containing all new requirements related to power reactor contingency response.

    II. Petitions for Rulemaking

    Three petitions for rulemaking were considered during the development of the final rule requirements consistent with previous petition resolution and closure process for these petitions (i.e., PRM- 50-80, PRM-73-11, and PRM-73-13). All three petitions are closed, and the discussion that follows provides the Commission's consideration of the issues raised in each petition as part of the development of the final power reactor security requirements.

  6. PRM-50-80

    PRM-50-80, submitted by the Union of Concerned Scientists (UCS) and the San Luis Obispo Mothers for Peace (SLOMFP), was published for public comment on June 16, 2003, (68 FR 35568). The petition requested that the Commission take two actions. The first action was to amend 10

    CFR 50.54(p), ``Conditions of licenses,'' and 10 CFR 50.59, ``Changes, tests, and experiments,'' to require licensees to evaluate whether proposed changes, tests, or experiments cause protection against radiological sabotage to be decreased and, if so, to conduct such actions only with prior Commission approval. The second action requested that the Commission amend 10 CFR Part 50 to require licensees to evaluate their facilities against specified aerial hazards and make necessary changes to provide reasonable assurance that the ability of the facility to reach and maintain safe shutdown would not be compromised by an accidental or intentional aerial assault. The second action (regarding aerial hazards) was previously considered and resolved as part of the final design basis threat (DBT) (Sec. 73.1) rulemaking (March 19, 2007; 72 FR 12705). On November 17, 2005, (70 FR 69690), the Commission decided to consider the petitioner's first request for rulemaking (i.e., evaluation of proposed changes, tests, or experiments to determine whether radiological sabotage protection is decreased). Proposed language addressing the issues raised in the petition was published as proposed Sec. 73.58, ``Safety/security interface requirements for nuclear power reactors.'' This section remains in the final rule. Refer to the section-by-section analysis in this document, supporting Sec. 73.58 for further discussion of the safety/security interface requirements.

  7. PRM-73-11

    PRM-73-11, submitted by Scott Portzline, Three Mile Island Alert, was published for public comment on November 2, 2001 (66 FR 55603). The comment period closed on January 16, 2002. Eleven comment letters were received. Of the 11 comments filed, 7 were from governmental organizations, 2 were from individuals, and 2 were from industry organizations. The majority of the comments support the petitioner's recommendation.

    The petitioner requested that the NRC regulations governing physical protection of plants and materials be amended to require NRC licensees to post at least one armed guard at each entrance to the

    ``owner controlled areas'' (OCA) surrounding all U.S. nuclear power plants. The petitioner stated that this should be accomplished by requiring the addition of armed site protection officers (SPO) to the total number of SPOs--not by simply shifting SPOs from their protected area (PA) posts to the OCA entrances. The petitioner believes that the proposed amendment would provide an additional layer of security that would complement existing measures against radiological sabotage and would be consistent with the long-standing principle of defense-in- depth.

    In a Federal Register Notice published December 27, 2006 (72 FR 481), the Commission informed the public that PRM-73-11 and the public comments filed on the petition would be considered in this final rule.

    Consideration of PRM-73-11 and the associated comments was undertaken as part of the effort to finalize the requirements governing security in the OCA.

    The Commission has concluded that prescriptively requiring armed security personnel in the OCA is not necessary. Instead, the final physical security requirements in Sec. 73.55(k) allows licensees the flexibility to determine the need for armed security personnel in the

    OCA, as a function of site-specific considerations, such that the licensee can defend against the DBT with high assurance. In reaching this determination, the Commission recognized that the requirements governing protective strategies must be more performance-based to enable licensees to adjust their strategies to address the site- specific circumstances and that a prescriptive requirement for armed security personnel in the owner controlled area may not always be the most effective approach for every licensee in defending against the

    DBT. The Commission constructed the final physical security requirements, recognizing the range of site-specific circumstances that exist, to put in place the performance objectives that must be met, and where possible, provided flexibility to licensees to construct strategies that meet the objectives.

  8. PRM-73-13

    PRM-73-13, submitted by David Lochbaum, Union of Concerned

    Scientists, was published for public comment on April 9, 2007 (72 FR 17440) and the comment period closed June 25, 2007.

    The petitioner requested that the Commission amend part 73 to require that licensees implement procedures to ensure that, when information becomes known to a licensee about an individual seeking access to the protected area that would prevent that individual from gaining unescorted access to the protected area of a nuclear power plant, the licensee will implement measures to ensure the individual does not enter the protected area, whether escorted or not. Further, the petitioner requested that the NRC's regulations be amended to

    Page 13931

    require that, when sufficient information is not available to a licensee about an individual seeking access to the protected area to determine whether the criteria for unescorted access are satisfied, the licensee will implement measures to allow that individual to enter the protected area only when escorted at all times by an armed member of the security force who maintains communication with security supervision.

    The Commission determined that the issues raised in PRM-73-13 were appropriate for consideration and were in fact issues already being considered in the Power Reactor Security Requirements rulemaking.

    Accordingly, the issues raised by PRM-73-13 and the public comments received were considered as part of the effort to finalize the requirements that govern escort and access within the protected area

    (refer to requirements in Sec. 73.55(g) and Sec. 73.56(h) for the specific final rule requirements).

    The Nuclear Energy Institute (NEI) commented on PRM-73-13, with 11 other industry organizations agreeing (hereafter referred to collectively as commenters). The commenters agreed that the petitioner's first request (with regard to preventing an individual to have access to the protected area when derogatory information becomes known) should be issued as a notice of proposed rulemaking. Neither NEI nor any of the other commenters commented on any of the specific language proposed by the petitioner. With regard to the second provision proposed by the petitioner (requiring armed escorts for certain visitors), the commenters did not agree with the proposal. The commenters argued that the use of trained individuals, though not necessarily armed, in conjunction with search equipment and techniques as well as the limitation placed on visitors (i.e., that visitors must have a ``work-related need'' for entry into the PA) have resulted in no incidents that warrant imposing this new requirement.

    The Commission has decided not to adopt either proposal. Regarding the petitioner's second proposal, the Commission agrees with the commenters that the current protective measures for escorted personnel are sufficient to protect against the scenario presented by the petitioner. Licensee escorted access programs have been in place for years without incident, and the petitioner has not provided a basis that raises questions about their sufficiency.

    With respect to the petitioner's first proposal, the Commission does not agree that the NRC's unescorted access requirements described in Sec. 73.56 and Sec. 73.57 need to contain prescriptive disqualifiers for access. Licensees are required by Sec. 73.56(h) in this final rule to consider all of the information obtained in the background investigation for determining whether an individual is trustworthy and reliable before granting unescorted access. With the exception of individuals who have been denied access to another facility, the regulation does not specify types of information obtained during a background investigation that would automatically disqualify an individual from access. The final rule Sec. 73.55(g)(7), however, does have several restrictions on escorted access (visitors) including verification of identity, verification of reason for business inside the protected area, and collection of information (visitor control register) pertaining to the visitor. In addition, there are several conditions that individuals who escort the visitor must adhere to including continuous monitoring of the visitor while inside the protected area, having a means of timely communication with security, and having received training on escort duties. Lastly, licensees may not allow any individual who is currently denied access at any other facility to be a visitor.

    Furthermore, the petitioner's suggested language that a licensee must act to deny escorted access when such information ``becomes known to the licensee'' is unworkable from a regulatory perspective. It is unclear what the NRC could impose on licensees as an enforceable standard for such a scenario. In order to avoid potential enforcement action, a licensee would be put in a position to conduct a full background investigation on a visitor each time access is requested, which would undermine the entire purpose behind having the ability to escort visitors on site, or, in accordance with the petitioner's second suggestion, assign an armed security officer to escort that individual.

    The Commission does not have a basis to impose either measure, and the petitioners have not provided a basis in support of it. Section 73.55(g), however, does not allow individuals currently denied access at other facilities to be a visitor.

    III. Discussion of Substantive Changes and Responses to Significant

    Comments

  9. Introduction

    A detailed discussion of the public comments submitted on the proposed power reactor security rule and supplemental proposed rule as well as the Commission's responses are contained in a separate document

    (see Section VII, ``Availability of Documents,'' of this document).

    This section discusses the more significant comments submitted on the proposed power reactor security provisions and the substantive changes made to develop the final power reactor security requirements.

    The changes made to the power reactor security requirements are discussed by part, with changes to part 50 requirements being discussed first, followed by the changes to part 73 requirements, and proceeding in numerical order according to the section number. General topics are discussed first, followed by discussion of changes to individual sections as necessary. In addition to the substantive changes, rule language was revised to make conforming administrative changes, correct typographic errors, adopt consistent terminology, correct grammar, and adopt plain English. These changes are not discussed further.

    Note that some of the final rule requirements were relocated. An example is the cyber security requirements that were issued as proposed

    Sec. 73.55(m) and now reside in Sec. 73.54.

    Comments on the three PRMs are not explicitly addressed in the detailed comments response document, beyond those discussed earlier in

    Section II of this document, as this document addresses only the comments submitted on the proposed rule. However, the petitioner's comments were considered as part of the Commission's decision-making process and final determination of the rule requirements for each of the areas of concern.

    Comments on the supporting regulatory analysis of the proposed rule are also contained in the detailed comment response document. Revisions to the final rule regulatory analysis were made consistent with the comment responses and these comments are not addressed further in this section.

    The Commission solicited public comment on a number of specific issues but received input on only one of these specific issues.

    Specifically, the Commission requested stakeholders to provide insights and estimates on the feasibility, costs, and time necessary to implement the proposed rule changes to existing alarm stations, supporting systems, video systems, and cyber security. A commenter stated that the feasibility of establishing a cyber security program for industrial control systems has been demonstrated by various electric utilities, chemical plants, refineries, and other facilities with systems similar, if not identical, to those used in the balance- of-plant in commercial nuclear plants. The

    Page 13932

    commenter stated that the time and cost necessary to implement a cyber security program is dependent on the scope and discussed the technologies and programmatic approaches that can be pursued to augment current industry-proposed generic recommendations. The Commission focused significant attention on the cyber requirements and supporting guidance during development of the final cyber security requirements in

    Sec. 73.54 as discussed below.

    In general, there was a range of stakeholder views concerning this rulemaking, some supporting the rulemaking, others opposing the rulemaking. Some stakeholders viewed this rulemaking as an effort to codify the insufficient status quo while others described the new requirements as going well beyond the post-September 11, 2001, order requirements. The Commission believes that commenters who suggested that the Commission had no basis to go beyond the requirements that were imposed by the security orders misunderstood the relationship of those orders and the rulemaking. The security orders were issued based on the specific knowledge and threat information available to the

    Commission at the time the orders were issued. The Commission advised licensees who received those orders that the requirements were interim and that the Commission would eventually undertake a more comprehensive re-evaluation of current safeguards and security programs. As noted in the proposed rule, there were a number of objectives for the rulemaking beyond simply making generically applicable security requirements similar to those that were imposed by Commission orders. The Commission intended to implement several new requirements that resulted from insights it gained from implementation of the security orders, review of site security plans, implementation of the enhanced baseline inspection program, and evaluation of force-on-force exercises. These insights were obviously not available to the Commission when it issued the original security orders in 2002 and 2003.

    In addition, another key objective of this rulemaking was to update the regulatory framework in preparation for receiving license applications for new reactors. The current security regulations in part 73 have not been substantially revised for nearly 30 years. Before

    September 11, 2001, the NRC staff had already undertaken an effort to revise these dated requirements, but that effort was delayed (See SECY- 01-0101, June 4, 2001). Thus, this rulemaking addresses a broader context of security issues than the focus of the security orders of 2002 and 2003. One significant issue in particular was the need for clearly articulated security requirements and a logical regulatory framework for new reactor applicants. The revisions to part 73 were also intended to provide it with needed longevity and predictability for current and future licensees with a measured attempt to anticipate future developments or needs in physical protection.

  10. Section 50.54(hh), Mitigative Strategies and Response Procedures for

    Potential or Actual Aircraft Attacks

    As noted previously, a significant change to this final rule is the relocation of and provision of more detailed requirements for the beyond-design basis mitigative measures and potential aircraft attack notification requirements from proposed part 73, appendix C, to 10 CFR 50.54(hh). The Commission received several stakeholder comments that the proposed part 73, appendix C, was not the appropriate location for these requirements. During consideration of these comments, the

    Commission also decided to add additional detail to the aircraft attack notification portion of the requirements now located in Sec. 50.54(hh)(1). In response, the Commission issued a supplemental proposed rule seeking additional stakeholder comment on these proposed revisions on April 10, 2008, (73 FR 19443) for a 30 day comment period.

    The Commission received six sets of comments on the supplemental proposed rule. The responses to those comments are discussed as follows.

    The Commission revised the final rule language for Sec. 50.54(hh)(1)(ii) in response to comments that the final rule should only require periodic updates to applicable entities or that communications should be maintained ``as necessary and as resources allow.'' The Commission intended the continuous communication requirement to apply to licensees only with respect to aircraft threat notification sources and not to all offsite response or government organizations. The Federal Aviation Administration (FAA) local, regional, or national offices; North American Aerospace Defense Command

    (NORAD); law enforcement organizations; and the NRC Headquarters

    Operations Center are examples of threat notification sources with which licensees would be required to maintain a continuous communication capability. If a licensee encounters a situation in which multiple threat notification sources (e.g., FAA, NORAD, and NRC

    Headquarters Operations Center) are providing the same threat information, the licensee would only be required to maintain continuous communication with the NRC Headquarters Operations Center. Because licensees need to be aware when they can cease or must accelerate mitigative actions, it is important that licensees do not lose contact with aircraft threat notification sources. Periodic updates to entities other than threat notification sources are permitted by this final rule.

    In response to comments that Sec. Sec. 50.54(hh)(1)(iii), 50.54(hh)(1)(iv), and 50.54(hh)(1)(vi) requirements were redundant to those found in the NRC's existing emergency preparedness rules, the

    Commission revised the final rule language for each of those paragraphs to clarify the Agency's intent and to eliminate the appearance of redundant requirements vis-[agrave]-vis the emergency preparedness rules, which are also currently being revised. The intent of Sec. 50.54(hh)(1)(iii) is to ensure that licensees contact offsite response organizations as soon as possible after receiving aircraft threat notifications. There is no expectation that licensees will complete and disseminate notification forms as the previous rule text implied.

    Section 50.54(hh)(1)(iv) pertains to operational actions that licensees can take to mitigate the consequences of an aircraft impact; the

    Commission did not intend this requirement to include emergency preparedness-related protective actions. In Sec. 50.54(hh)(1)(vi), the

    Commission intended to require licensees to disperse essential personnel and equipment to pre-identified locations after receiving aircraft threat notifications, but before actual aircraft impacts, when possible. Also, the requirement for licensees to facilitate rapid entry into their protected areas applies only to those onsite personnel and offsite responders who are necessary to mitigate the event and not to everyone who was initially evacuated from the protected areas.

    The Commission revised the statements of consideration for Sec. 50.54(hh)(1)(vi) in response to a comment that meeting the rule might require licensees to suspend security measures under 10 CFR 50.54(x).

    The Commission elaborated on the specific intent of the protected area evacuation timeline assessment and validation, which is to require licensees to establish a decision-making tool for use by shift operations personnel to assist them in determining the appropriate onsite protective action for site personnel for various warning times and site population conditions. The Commission

    Page 13933

    expects that licensees will incorporate this tool into applicable site procedures to reduce the need to make improvised decisions that would necessitate a suspension of safeguards measures during the pre-event notification period. However, the Commission wishes to make clear that the suspension of security measures to protect the health and safety of security force personnel during emergencies is now governed by Sec. 73.55(p)(1)(i) as codified in this final rule. Previously, there was no specific provision in the Commission's regulations that would have permitted such a departure, because under Sec. 50.54(x), licensees are only permitted to suspend security measures if the health and safety of the public was at risk. Note that, in a Sec. 50.54(hh) scenario, either Sec. Sec. 50.54(x) or 73.55(p) could be applicable depending on the circumstances.

    The Commission revised the final rule requirements in Sec. 50.54(hh) in response to a comment that the final rule should include an applicability statement that removes the requirements of Sec. 50.54(hh) from reactor facilities currently in decommissioning and for which the certifications required under Sec. 50.82(a)(1) have been submitted. The commenter indicated that it is inappropriate that Sec. 50.54(hh) should apply to a permanently shutdown and defueled reactor where the fuel was removed from the site or moved to an independent spent fuel storage installation (ISFSI). The NRC agrees with this comment and revised the final requirements in Sec. 50.54(hh) so they do not apply to facilities for which certifications have been filed under Sec. 50.82(a)(1) or Sec. 52.110(a)(1). The Commission notes that Sec. 50.54(hh) does not apply to any current decommissioning reactor facilities that have already satisfied the Sec. 50.82(a) requirements.

    The Commission requested stakeholder feedback on two questions in the supplemental proposed rule. Regarding the first question in the supplemental proposed rule notice where the Commission requested input on whether there should be additional language added to the proposed

    Sec. 50.54(hh) requirements that would limit the scope of the regulation (i.e., language that would constrain the requirements to a subset of beyond-design basis events such as beyond-design basis security events), commenters indicated that the Commission should constrain the requirements to a subset of beyond-design basis events; namely beyond design basis security events. The feedback suggested that, by limiting the rule requirements to strategies that address a generic set of beyond-design basis security events, the strategies could then be developed and proceduralized to focus on the restoration capabilities needed to mitigate the effects from these events. After careful consideration, the Commission decided to maintain the language from the supplemental proposed rule that recognizes that the mitigative strategies can address losses of large areas of a plant and the related losses of plant equipment from a variety of causes including aircraft impacts and beyond-design basis security events. The Commission also requested comments on whether applicants should include, as part of a combined license or operating license application, the Sec. 50.54(hh) procedures, guidance, and strategies. Commenters indicated that this information will not be needed until fuel load, when an aircraft threat would be present. The most appropriate and efficient process for the

    Commission is to review these procedures as part of the review of operations procedures and beyond-design basis guidelines. The

    Commission views the mitigative strategies as similar to those operational programs for which a description of the program is provided and reviewed by the Commission as part of the combined license application and subsequently the more detailed procedures are implemented by the applicant and inspected by the NRC before plant operation. Because the Commission finds that the most effective approach is for the mitigative strategies, at least at the programmatic level, to be developed before construction and reviewed and approved during licensing, a requirement for information has been added to Sec. 52.80, ``Contents of applications; additional technical information,'' and Sec. 50.34, ``Contents of construction permit and operating license applications; technical information.''

  11. Section 73.2, Definitions

    The proposed rule contained a number of definitions, primarily related to the proposed enhanced weapons requirements. As noted earlier, the enhanced weapons provisions and firearms backgrounds checks have been separated into a separate rulemaking, so codifying those definitions is no longer appropriate here. Regarding the other definitions of safety/security interface, security officer, and target sets; the Commission has determined that those terms are better defined through guidance.

  12. Section 73.54, Protection of Digital Computer and Communication

    Systems and Networks

    General Comments. Proposed Sec. 73.55(m) is relocated in the final rule to a stand-alone section (10 CFR 73.54). The Commission received several comments that the inclusion of a cyber security program within the proposed Sec. 73.55(m) is not appropriate because cyber security is not implemented by physical security personnel. The Commission agrees that the cyber security program would not necessarily be implemented by security personnel and recognizes that a uniquely independent technical expertise and knowledge is required to effectively implement the cyber security program. Additionally, these requirements were placed into a stand alone section to enable the cyber security requirements to be made applicable to other types of facilities and applications through future rulemakings. The rule now requires that these requirements apply to nuclear power plant licensees in the same manner as the access authorization program required by

    Sec. 73.56; the cyber security plan is subject to the same licensing requirements as the licensee's physical security, training and qualification, and safeguards contingency plans. In relocating these requirements, the Commission concluded that certain administrative requirements, otherwise applied by inclusion in Sec. 73.55, must be brought forward for consistency. As a result, conforming changes were made to the pre-existing Sec. Sec. 50.34(c) and 50.34(e) to establish the appropriate regulatory framework for Commission review and approval of the cyber security plan required by Sec. 73.54(e). These conforming changes require nuclear power reactor applicants to provide a cyber security plan as part of the security plans currently required by

    Sec. Sec. 50.34(c) or 52.79(a)(36), as applicable. Additionally, conforming changes were made to Sec. 50.54(p), applicable to both operating and combined licensees, to require a cyber security plan as a condition of the license. Conforming changes were also made to

    Sec. Sec. 50.34(e) and 52.79(a)(36) to require applicants to review this plan against the criteria for Safeguards Information established in Sec. 73.21. Consistent with Sec. 73.54(b)(3), the cyber security program is a part of the physical protection program subject to the same review and approval mechanisms as the physical security plan, training and qualification plan, and safeguards contingency plan.

    Page 13934

    The Commission has also added three (3) administrative requirements to the final rule (Sec. Sec. 73.54(f), 73.54(g), and 73.54(h)) to require written policies and procedures, program review, and records retention, respectively.

    In addition to the previously mentioned conforming changes, the

    Commission added an undesignated paragraph at the beginning of this section to require current licensees subject to Sec. 73.54 to submit a cyber security plan and implementation schedule for Commission review and approval. The licensee's cyber security plan must be submitted by way of a license amendment pursuant to 10 CFR 50.90.

    Section 73.54(a), Protection. The Commission received a comment suggesting that the term ``emergency preparedness,'' as it appears in the proposed Sec. 73.55(m)(1), should be replaced with the term

    ``emergency response.'' In the final rule, the term ``emergency preparedness'' is replaced with the more generic term ``emergency preparedness functions.'' The equipment embodied within these preparedness functions as described in 10 CFR Part 50, appendix E, usually includes a wide variety of plant monitoring systems, protection systems, and the onsite and offsite emergency communications systems used during an emergency event.

    The term ``emergency response'' suggested by the commenter is used more specifically to refer only to the ``emergency response data system'' or ERDS, which provides a data link that transmits key plant parameters. Therefore, using the term ``emergency preparedness functions'' is considered the most appropriate term as it holistically addresses the equipment used during an emergency.

    The Commission revised the proposed Sec. 73.55(m)(1) which is renumbered in the final rule as Sec. 73.54(a). This paragraph has been expanded to provide a more detailed list of the types of systems and networks that are intended to be included consistent with the proposed rule. The language in Sec. 73.54(a)(1)(ii) is revised to clarify that

    ``digital computer and communications systems and networks'' must be considered for protection. It is important to note that the Commission does not intend that CAS or SAS operators be responsible for cyber security detection and response but rather that this function will be performed by technically trained and qualified personnel.

    Section 73.54(b), Analysis of Digital Computer and Communication

    Systems and Networks. The requirement to document a site-specific analysis that identifies site-specific conditions has been brought forward from Sec. 73.55(b)(4). The rule is clarified to require that each licensee analyze the digital computer and communication systems and networks in use at their facility to identify those assets that require protection against the design basis threat.

    The proposed Sec. 73.55(m)(1) requirement to establish, implement, and maintain a cyber security program is renumbered in the final rule as Sec. 73.54(b)(2). The rule requires that the cyber security program will include measures for the adequate protection of the digital computer and communication systems and networks identified by the licensee through the required site-specific analysis stated in Sec. 73.54(b)(1).

    The proposed Sec. 73.55(m)(1)(ii) is renumbered in the final rule as Sec. 73.54(b)(3). The Commission received several comments that the cyber security program is not appropriate for incorporation into the physical security program and, therefore, should not be implemented through the security organization. The Commission agrees in part. Cyber security, like physical security, focuses on the protection of equipment and systems against attacks by those individuals or organizations that would seek to cause harm, damage, or adversely affect the functions performed by such systems and networks. Cyber security and physical security programs are intrinsically linked and must be integrated to satisfy the physical protection program design criteria of Sec. 73.55(b). The Commission recognizes that a uniquely independent technical expertise and knowledge is required to implement the cyber security program effectively, and therefore, the specific training and qualification requirements for the program must focus on ensuring that the personnel are trained, qualified, and equipped to perform their unique duties and responsibilities.

    Section 73.54(c), Cyber Security Program. The proposed Sec. 73.55(m)(1)(iii) is renumbered in the final rule as Sec. 73.54(c) and

    (c)(1), and is revised to clarify appropriate design requirements for the cyber security program. The cyber security program must be designed to implement security controls to protect the digital assets identified by the paragraph (b)(1) analysis. To accomplish this, the final rule

    Sec. 73.54(c)(2), (3), and (4) are added to clarify the performance criteria to be met through implementation of the cyber security program.

    The Commission received a comment that the term ``protected computer system'' in the proposed Sec. 73.55(m)(1)(iii) is not defined and urged a more specific description. The Commission has deleted the term ``protected computer system'' from the final rule and provided a more detailed description of digital computer and communication systems and networks in Sec. 73.54(a)(1).

    The Commission received a comment that the high assurance requirement of the proposed Sec. 73.55(m)(1) does not allow a licensee to implement measures designed to ensure continued functionality.

    Section 73.54(c)(4) has been revised to require the cyber security program to be designed to ensure that the intended function of the assets identified by Sec. 73.54(b)(1) are maintained.

    The proposed Sec. 73.55(m)(5) is renumbered in the final rule as

    Sec. 73.54(c)(2). The Commission received a comment to the proposed

    Sec. 73.55(m)(5) that questioned whether the phrase ``defense-in- depth'' in computer terminology was intended to include real-time backup data. The Commission concluded that defense-in-depth for digital computer and communication systems and networks includes technical and administrative controls that are integrated and used to mitigate threats from identified risks. The need to back-up data as part of a defense-in-depth program is dependent upon the nature of the data relative to its use within the facility or system.

    Defense-in-depth is achieved when (1) a layered defensive model exists that allows for detection and containment of non-authorized activities occurring within each layer, (2) each defensive layer is protected from adjacent layers, (3) protection mechanisms used for isolation between layers employ diverse technologies to mitigate common cause failures, (4) the design and configuration of the security architecture and associated countermeasures creates the capability to sufficiently delay the advance of an adversary in order for preplanned response actions to occur, (5) no single points of failure exist within the security strategy or design that would render the entire security solution invalid or ineffective, and (6) effective disaster recovery capabilities exist for protected assets.

    The commenter also questioned how this requirement impacts the video image recording system, which is a computer system required by

    Sec. 73.55(e)(7)(i)(C). Based upon the licensee's site-specific analysis, the video image recording system may be subject to this requirement if it meets

    Page 13935

    the criteria stipulated in Sec. 73.54(a)(2), but it is not required to be included by the final rule.

    Section 73.54(d), Cyber-Related Training, Risk, and Modification

    Management. The Commission has consolidated the proposed requirements from Sec. Sec. 73.55(m)(2), (m)(6), and (m)(7) into one paragraph of the Sec. 73.54(d) to require the development, implementation, and maintenance of supporting programs within the cyber security program.

    The Commission has moved proposed Sec. 73.54(m)(6) to Sec. 73.54(d)(3) and clarified it to require that an evaluation be performed prior to modifications to protected digital assets to ensure that the cyber performance objectives of Sec. 73.54 are maintained.

    The Commission received a comment to the proposed rule Sec. 73.55(m)(2) requesting clarification of what is meant by

    ``assessment.'' The term ``assessment'' has been removed from the final rule. To ensure that the measures used to protect digital computer and communication systems and networks remain effective and continue to meet high assurance expectations, the cyber security program must evaluate and manage cyber risks. Licensees must evaluate changes to systems and networks when (1) modifications are proposed for previously analyzed systems and (2) new technology-related vulnerabilities, not previously analyzed in the original analysis, that would act to reduce the cyber security environment of the system are identified.

    Section 73.54(e), Cyber Security Plan. The proposed Sec. 73.55(m)(1)(i) is renumbered in the final rule as Sec. 73.54(e). The

    Commission added a new Sec. 73.54(e)(1) generically addressing the content of the cyber security plan. The plan must describe and account for any site-specific conditions that affect how Commission requirements are implemented.

    The proposed Sec. 73.55(m)(4)(ii) is deleted from the final rule.

    Consistent with the removal of this section from the proposed Sec. 73.55(m), the Commission concluded that it is appropriate to address the cyber security incident response and recovery plan in the cyber security plan required by this section. The rule requires that the cyber security incident response and recovery plan will be part of the cyber security plan which in turn will be a component of the physical security program.

    The proposed Sec. Sec. 73.55(m)(4)(i) and (m)(4)(iii) are combined and renumbered to the final rule Sec. 73.54(e)(2). The Commission received a comment to the proposed Sec. 73.54(m)(4)(i) that there should be a rule requirement prescribing the timeframe in which a licensee must determine that a cyber attack is occurring or has occurred and suggested that it be within minutes of the attack. The

    Commission agrees with the commenter's concerns. The proposed Sec. 3.54(m)(4)(iii) is renumbered in the final rule as Sec. 73.54(e)(2)(i) and is revised to require a description in the cyber plan of how the licensee will maintain the capability for timely detection and response to cyber attacks. Licensees are required to develop, implement, and maintain a methodology for detecting cyber attacks; however, they are not required to meet deterministic time limits for discovery of a cyber attack. The cyber security program must be designed to ensure that cyber attacks are detected and an appropriate response is initiated to prevent the attack from adversely affecting the systems and networks that must be protected. The Commission has concluded that the Sec. 73.54 performance-criteria and requirements ensure that detection and response are appropriate.

    Section 73.54(f), Policies and Procedures. The proposed Sec. 73.55(m)(3) is renumbered in the final rule as Sec. 73.54(f). The

    Commission added Sec. 73.54(f) to clarify that policies, implementing procedures, site-specific analysis, and other supporting technical information used by the licensee need not be submitted for Commission review and approval as part of the cyber security plan. However, this information must be made available upon request by an authorized representative of the Commission.

    Section 73.54(g), Reviews. The Commission added the final rule

    Sec. 73.54(g). The requirement for the review of the cyber security program is subject to the same processes stipulated in Sec. 73.55(m),

    ``Security program reviews.''

    Section 73.54(h), Records. The Commission added the final rule

    Sec. 73.54(h). Consistent with establishing Sec. 73.54 as a stand- alone 10 CFR section, this requirement for the retention of the cyber security program records is brought forward from the final rule Sec. 73.55(q), ``Records.'' The expectation is that each licensee will maintain the technical information associated with the assets identified by the final rule Sec. 73.54(b)(1) that is pertinent to compliance with Sec. 73.54.

  13. Section 73.55, Requirements for Physical Protection of Licensed

    Activities in Nuclear Power Reactors Against Radiological Sabotage

    General Comments. The Commission received several general comments which stated that the proposed Sec. 73.55 does not include requirements for protection against aircraft attacks. As the Commission recently stated in the final design basis threat rulemaking (72 FR 12705; March 19, 2007), the protection of NRC-regulated facilities against aircraft attacks is beyond the scope of a licensee's obligations. Accordingly, requiring specific measures for the protection against aircraft attacks is beyond the scope of the requirements presented in this section and, therefore, is not addressed. The Commission nevertheless notes that there are requirements in this rulemaking that address licensee actions that are required to minimize the potential consequences of an aircraft impact on a nuclear power plant. As noted previously, those requirements are now located in Sec. 50.54(hh) as conditions of license.

    Section 73.55(a), Introduction. The proposed Sec. 73.55(a) would have required each licensee to submit, in their entirety, a revised physical security plan, training and qualification plan, and safeguards contingency plan for NRC review and approval within 180 days after the effective date of the final rule. The Commission received several comments stating that 180 days is not sufficient time to review and understand the modifications that may be required for compliance with the amended rule and to revise and submit amended security plans. In response to the comments, the Commission determined that, with the exception of the cyber security plan required by the new Sec. 73.54, the majority of plan changes needed for compliance with the amended requirements of this section are likely to be minimal and are not anticipated to decrease the effectiveness of any particular licensee's current security plan. Because the current NRC-approved security plans already address the Commission's orders and pre-existing 10 CFR requirements, the greatest impact of this final rule will be focused primarily on those changes to plans and procedures needed to satisfy the requirements that are identified as ``new.'' The rule requires that by March 31, 2010, each currently operating reactor licensee must evaluate, on a site-specific basis, what security plan changes are needed to comply with the amended requirements of the rule. Those changes must be incorporated

    Page 13936

    into their security plans, as necessary, by March 31, 2010. In doing so, licensees are expected to follow the appropriate change processes described currently in Sec. Sec. 50.54(p), 50.90, or 73.5. The

    Commission acknowledges that based on site-specific conditions, a limited number of plan changes may require Commission review and approval before implementation and must be made through a license amendment pursuant to 10 CFR Sec. 50.90 or a request for an exemption per 10 CFR 73.5.

    The Commission deleted the proposed requirements in Sec. 73.55(a)(2) and (a)(3) for consistency with the determination that revised plans need not be submitted to the Commission for review and approval.

    The Commission added a requirement in Sec. 73.55(a)(2) that licensees must identify, describe, and account for site-specific conditions that affect the licensee's ability to satisfy the requirements of this section in the NRC-approved security plans. This requirement is added for consistency with revisions made to Sec. 73.55(b)(4) which requires each licensee to conduct a site-specific analysis to identify such conditions.

    The proposed Sec. 73.55(a)(4) is renumbered in the final rule as

    Sec. 73.55(a)(3) with minor revision to delete reference to Commission orders. One commenter asked the NRC to clarify its position with respect to the ``legally-controlling document'' once it approves a licensee security plan. Once a licensee has an approved security plan, both the licensee's security plan and the Commission's regulations are legally controlling. Regulations are legally controlling to the extent that they set forth the regulatory framework and general performance objectives of a licensee's security plan. The NRC-approved security plan, in contrast, describes a licensee's method of complying with those regulations including exemptions and approved alternatives.

    However, that the NRC specifically approved a licensee's security plan does not relieve the licensee from compliance with regulations.

    To the extent that there are differences in a licensee's security plan and the regulatory requirements, the Commission expects that those differences would be specifically approved by the NRC, either in the form of an NRC-granted exemption, or an NRC-approved ``alternative measure'' as set forth in Sec. 73.55(r). The NRC recognizes that generic regulations cannot always account for site-specific conditions.

    Some degree of regulatory flexibility is necessary to ensure that each licensee is capable of meeting the general performance objective of

    Sec. 73.55(b)(1) to provide ``high assurance'' of public health and safety and common defense and security despite site specific conditions or situations that may interfere with or prevent the effective implementation of a given NRC requirement. Therefore, these regulations provide several mechanisms through which the NRC may approve a licensee's plan to implement alternative measures or exempt a licensee from compliance with any one or more NRC requirements, provided the licensee documents and submits sufficient justification. Once those exemptions or alternative measures are specifically reviewed and approved by the NRC and are incorporated into the licensee's security plan, they then become legally binding through the licensee's security plan required as a condition of its license.

    In the rare situation in which a licensee's security plan conflicts with NRC regulations and the NRC has not reviewed and approved the conflicting measures, the Commission expects that the staff would work with the licensee to ensure that the security plan is revised to comply with the regulatory requirement. That the security plan may have been approved with a deficiency does not excuse the licensee from compliance with the Commission's regulations.

    Section 73.55(a)(4) establishes when an applicant's physical protection program must be implemented. The Commission concluded that the receipt of special nuclear material (SNM) in the form of fuel assemblies onsite, i.e. in the licensee's protected area, is the event that subjects a licensee to the requirements of Sec. 73.55. It is the responsibility of the applicant/licensee to implement an effective physical protection program before SNM in the form of fuel assemblies is received in the protected area.

    The Commission has added a new requirement in Sec. 73.55(a)(5) to address the Tennessee Valley Authority (TVA) facility at Watts Bar. TVA is in possession of a current construction permit for Watts Bar Nuclear

    Plant, Unit 2, and is treated as a current licensee for purposes of satisfying the requirements of this rule. These requirements reflect

    Commission support of a licensing review approach for Watts Bar Nuclear

    Plant, Unit 2, that employs the current licensing basis for Unit 1 as the reference basis for review and licensing of Unit 2, as stated in a

    July 25, 2007, Staff Requirements Memorandum (ML072060688).

    The Commission has revised the final rule Sec. 73.55(a)(6) to clarify that certain requirements in this section apply only to applicants for an operating license under the provisions of 10 CFR part 50 of this chapter, or holders of a combined license under the provisions of 10 CFR part 52 of this chapter. Specifically, the requirements to design, construct, and equip both the CAS and SAS to the same standards are addressed in the final rule as Sec. 73.55(i)(4)(iii). The Commission views this as a prudent safety enhancement for future nuclear power plants but not an enhancement that is necessary for the adequate protection of pre-existing operating reactors. Unless otherwise specifically approved by the Commission, pre-existing power reactor licensees choosing to construct a new reactor inside an existing protected area are subject to the new CAS/

    SAS requirements in Sec. 73.55(i)(4)(iii).

    Section 73.55(b), General Performance Objective and Requirements.

    The Commission received several comments requesting that the term

    ``radiological sabotage'' be used in lieu of the phrase ``significant core damage'' and ``spent fuel sabotage'' because the term

    ``radiological sabotage'' is defined in Sec. 73.2. The Commission agrees in part and has revised the final rule in Sec. 73.55(b)(2) to clearly retain, without modification, the pre-existing requirement for licensees to provide protection against the design basis threat of radiological sabotage and has revised Sec. 73.55(b)(3) to clarify that the design of the physical protection program must ensure the capability to prevent ``significant core damage'' and ``spent fuel sabotage.'' It was not the Commission's intent in the proposed rule to delete the requirement for protection against radiological sabotage but rather to establish the prevention of significant core damage and spent fuel sabotage as the criteria to measure a licensee's performance to protect against ``radiological sabotage.'' The final rule has been revised to reflect this intent. The achievement of ``significant core damage'' and ``spent fuel sabotage'' can be measured by the licensee through accepted engineering standards, and the use of these terms provides measurable performance criteria that are essential to understanding the definition of radiological sabotage. Additionally, the Commission believes that continued use of the terms ``significant core damage'' and ``spent fuel sabotage'' to enhance the understanding of radiological sabotage is warranted because these terms are now well established and have been used consistently by the

    Page 13937

    Commission and industry relative to force-on-force testing before and after September 11, 2001.

    The Commission received several comments regarding the proposed rule Sec. 73.55(b)(2), the introduction of six performance-criteria: detect, assess, intercept, challenge, delay, and neutralize. Upon consideration, the Commission concluded that the four terms, ``detect, assess, interdict, and neutralize,'' more concisely represent the intended performance-criteria and this change has been made throughout the final rule. The terms ``intercept, challenge, and delay'' are subsumed in the term ``interdict.''

    The Commission received a comment that the proposed rule Sec. 73.55(b)(3) delineation of requirements for the design of the physical protection program should be clarified. The Commission agrees and Sec. 73.55(b)(3) has been revised to clarify Commission expectations. The requirement for the protection of personnel, equipment, and systems against the design basis threat vehicle bomb assault is addressed in the Sec. 73.55(e)(10)(i)(A). The requirement for protection against a single act, within the capabilities of the design basis threat of radiological sabotage, is based upon the pre-existing Sec. 73.55(e) and is addressed in the final rule Sec. 73.55(i)(4)(i). Section 73.55(i)(4)(i) requires licensees to protect either the CAS or SAS against a single act by ensuring the survival of at least one alarm station in order to maintain the ability to perform required functions.

    Section 73.55(b)(4) is renumbered in the final rule as Sec. 73.55(b)(3)(ii). The Commission received a comment that the scope of the proposed Sec. 73.55(b)(4) regarding the term ``defense-in-depth'' was not clearly understood. Section 73.55(b)(3)(ii) is revised to clarify that defense-in-depth is accomplished through the integration of systems, technologies, programs, equipment, supporting processes, and implementing procedures as needed to ensure the overall effectiveness of the physical protection program.

    Section 73.55(b)(4) is added to specifically require that each licensee perform a site-specific analysis for the purpose of identifying and analyzing site-specific conditions that affect the design of the onsite physical protection program. Commission regulations are generic and cannot in all instances account for site- specific conditions, and therefore, it is the licensee's responsibility to identify and account for site-specific conditions relative to meeting Commission requirements, subject to NRC inspection.

    Section 73.55(b)(8) is added to require the development and maintenance of a cyber security program that meets the performance objectives of the new Sec. 73.54. Section 73.54 incorporates the proposed Sec. 73.55(m) in its entirety, and the associated public comments were addressed previously within the new Sec. 73.54.

    Section 73.55(b)(10) is revised to clarify the Commission's expectation that each licensee will enter physical protection program findings and deficiencies into the site corrective action program so that they can be tracked, trended, corrected, and prevented from recurring.

    Section 73.55(b)(11) is repeated from the pre-existing appendix C to part 73, ``Introduction,'' to delineate the Commission's expectation that security plans and implementing procedures must be complementary to other site plans and procedures.

    Section 73.55(c), Security Plans. The Commission received several comments stating that the requirements in Sec. 73.55(c) are redundant to the requirements in Sec. 50.34(c) and (d). The Commission disagrees. While these requirements appear to be redundant, conforming changes have been made to Sec. 50.34(c) and (e) to include cyber security plans and training and qualification plans. In addition, Sec. 73.55 establishes a paragraph dedicated to security plans to consolidate the regulatory framework for each plan, describe the general content of each plan, and clarify the relationship between

    Commission regulations, NRC-approved security plans, and site-specific implementing procedures. The primary focus of the security plans is to describe how the licensee will satisfy Commission requirements including how site-specific conditions affect the measures needed at each site to ensure that the physical protection program is effective.

    The Commission received a comment that the proposed Sec. 73.55(c)(2) appeared to require that all security plans be protected as

    Safeguards Information (SGI). The Commission disagrees with the comment. Licensees are required by Sec. 73.55(c)(2) only to review the information contained in the security plans against the criteria contained in Sec. 73.21 to determine the existence of SGI and to protect that information appropriately.

    The Commission has added a conforming requirement to Sec. Sec. 73.55(c)(6) and 50.34(c) for licensees to provide a cyber security plan in accordance with the new Sec. 73.54 for Commission review and approval.

    The proposed Sec. Sec. 73.55(c)(3)(ii), 73.55(c)(4)(ii), and 73.55(c)(5)(ii) are deleted from the final rule. The Commission's expectation is that each licensee will address Commission requirements in their approved plans and implementing procedures and, where the

    Commission requires a specific detail to be included in the plans, that requirement is stated in applicable paragraphs of the final rule.

    Section 73.55(d), Security Organization. The Commission received several comments that the proposed requirement of Sec. 73.55(d)(1) to provide ``early detection, assessment, and response to unauthorized activities within any area of the facility'' was too broad and could result in unnecessary regulatory burden. The Commission agrees with the comment and has deleted these terms and revised the language to clarify the primary responsibility of the security organization. The intent is that the security organization will focus upon the effective implementation of the physical protection program which in turn is designed to protect the facility from the design basis threat of radiological sabotage with high assurance.

    The Commission received a comment that proposed Sec. 73.55(d)(3) was not clearly understood as it appeared this requirement may pertain to any individual within the security organization. The Commission agrees, and the final rule text in Sec. 73.55(d)(3) is revised to clarify that individuals assigned to perform physical protection and/or contingency response duties must be trained, equipped, and qualified in accordance with appendix B to part 73 to perform those assigned duties and responsibilities whether that individual is a member of the security organization or not. This clarification is made to account for those instances where the licensee uses facility personnel other than members of the security organization to perform duties within the physical protection program, such as a vehicle escort or warehouse personnel inspecting/searching deliveries. The rule requires that facility personnel who are not members of the security organization will be trained and qualified for the specific physical protection duties that they are assigned, which includes possessing the knowledge, skills, abilities, and the minimum physical qualifications such as sight, hearing, and the general health needed to perform the assigned duties effectively.

    The proposed Sec. 73.55(d)(4) is deleted from the final rule because the reference to meeting the requirements of Sec. 73.56

    Page 13938

    (Access authorization program) is redundant.

    The Commission received several comments indicating that the requirements in the proposed Sec. 73.55(d)(5) pertaining to contracted security forces were redundant to other requirements addressed in the proposed rule. The Commission agrees. These requirements were retained from pre-existing requirements for the licensee to explicitly include these requirements as written statements in contracts between the licensee and a contract security force. Upon review, the Commission has determined that specifying these requirements in written contracts is unnecessary. The enforceability of NRC regulatory requirements is not dependent on whether they are implemented by the licensee or by a licensee contractor; therefore, specifically requiring the contract between these parties to contain these requirements is unnecessary. The

    Commission has, however, retained the requirement in the final rule

    Sec. 73.55(q)(3), ``Records,'' (formally described in proposed Sec. 73.55(d)(5)) that a copy of the contract be retained by the licensee.

    Additionally, the requirement in the proposed Sec. 73.55(d)(5)(vi) that ``any license for possession and ownership of enhanced weapons will reside with the licensee'' has been deleted from this section. The

    Commission intends, however, that this requirement will be reflected in its regulations codifying requirements related to the use of enhanced weapons. The Commission's plan for that rulemaking was stated previously in this document. The remaining proposed requirements of

    Sec. 73.55(d)(5) are deleted from this paragraph and are retained in other paragraphs of the final rule.

    Section 73.55(e), Physical Barriers. The Commission received several comments that the proposed Sec. 73.55(e) would result in unnecessary regulatory burden by expanding protected area physical barrier requirements into the owner controlled area (OCA). The

    Commission agrees in part and Sec. 73.55(e) is revised to clarify the generic and specific requirements for the design, construction, placement, and function of each physical barrier. Section 73.55(e)(6) specifically addresses requirements for physical barriers in the OCA.

    Physical barriers can be used to fulfill many functions within the physical protection program, and therefore, each physical barrier must be designed and constructed to serve its predetermined function within the physical protection program. Consistent with Sec. 73.55(b) for design of the physical protection program, the rule requires that each licensee will analyze site-specific conditions to determine the specific use, type, function, construction, and placement of physical barriers needed for the implementation of the physical protection program.

    The Commission received comments on the proposed Sec. 73.55(e)(3)(i), which would have required the delineation of the boundaries of areas for which the physical barrier provides protection, requesting that this provision be deleted because it lacked performance criteria. The Commission agrees, and the requirement is deleted from the final rule because it is more appropriate to be specified in regulatory guidance.

    The proposed Sec. 73.55(e)(3)(ii) is renumbered in the final rule as Sec. 73.55(e)(3)(i) and is broken into subparagraphs Sec. 73.55(e)(3)(i)(A) through (C). The Commission received a comment to clarify the proposed rule statements of consideration pertaining to the performance criteria for physical barriers. The Commission agrees in part. The pre-existing Sec. 73.55(c)(8) introduced design goals relative to the use of vehicle barriers but did not address other physical barriers. The statements of consideration in the proposed rule attempted to incorporate other physical barriers and explain that the generic performance-criteria for physical barriers are not limited to vehicle barriers. The criterion for physical barriers is that ``each barrier be designed to satisfy the function it is intended to perform.'' The Commission agrees with the comment stating that the performance of all three functions (i.e., visual deterrence, delay, and support access control measures) is not always required of each barrier, and the final rule addresses the barrier design requirements generically in Sec. 73.55(e)(3)(i)(A) through (C).

    The Commission received several comments requesting clarification of the proposed rule Sec. 73.55(e)(4) for physical protection measures in the OCA. The proposed Sec. 73.55(e) attempted to establish a generic requirement for the design, construction, placement, and function of physical barriers based on a site specific analysis. This generic requirement was misunderstood to mean that PA barriers were now required in the OCA. As such, the Commission revised the proposed Sec. 73.55(e) and (e)(6) to clarify the scope and intent of this requirement. Consistent with the final rule Sec. 73.55(b)(4), it is the responsibility of each licensee to identify, analyze, and account for site-specific conditions in the design and implementation of its physical protection program. Section 73.55(e)(6) is revised to clarify that the application of physical barriers in the OCA is determined by each licensee through site-specific analysis and must satisfy the physical protection program design requirements of Sec. 73.55(b). The rule requires that the licensee will design and construct appropriate barriers in those areas to meet the identified site-specific need.

    The Commission received comments requesting clarification of the term ``unobstructed observation'' as used in Sec. 73.55(e)(5)(i)(A).

    The Commission agrees that this term can be misunderstood, and therefore, Sec. 73.55(e)(7)(i)(A) is revised to delete the term

    ``unobstructed.'' This term was used to emphasize that a clear field of observation be provided in the isolation zone. However, the

    Commission's expectation is not the complete elimination of obstruction but that the licensee implement measures needed to negate the effects of any obstructions such as the relocation of non-permanent objects or the strategic placement of cameras to enable observation around an obstruction.

    The Commission received several comments to clarify the proposed

    Sec. 73.55(e)(5)(ii) pertaining to the performance of isolation zone assessment equipment and agrees that clarification is necessary. The proposed Sec. 73.55(e)(5)(ii) is renumbered in the final rule as Sec. 73.55(e)(7)(i)(C) and provides a performance-based description for specific isolation zone assessment equipment. The Commission has concluded that the requirement for this equipment is consistent with current licensee practices, therefore, it is an appropriate update for this final rule.

    The proposed Sec. 73.55(e)(5)(iii) is renumbered in the final rule as Sec. 73.55(e)(7)(ii). The Commission received a comment that this requirement would preclude the use of areas inside the protected area as equipment lay-down/staging areas. The Commission agrees in part. The final rule does not preclude the use of lay-down areas/staging areas.

    However, this requirement does explicitly preclude such activities where the action constitutes an obstruction that prevents observation on either side of the protected area perimeter. This rule requires the licensee to take appropriate actions to negate any adverse effects that lay-down/staging areas may have to prevent observation on either side of the protected area perimeter.

    The Commission received several comments to clarify the proposed requirement in Sec. 73.55(e)(6)(i) to secure penetrations through the protected area barrier. The Commission agrees that

    Page 13939

    clarification is necessary. The proposed requirement is separated and renumbered as Sec. 73.55(e)(8)(ii). Section 73.55(e)(8)(ii) is revised to clarify that penetrations must be secured and monitored to prevent exploitation. Where the size of an opening in any barrier is large enough to be exploited or otherwise defeat the intended function of that barrier, then such openings must be secured and monitored to prevent or detect attempted or actual exploitation.

    The proposed Sec. 73.55(e)(6)(v) is renumbered to Sec. 73.55(e)(5). The Commission received several comments to clarify the term ``bullet-resisting.'' The Commission agrees in part that additional clarification is needed but does not believe that such clarification is necessary in the rule text. The Commission has determined that it is not appropriate to publicly reference site specific bullet-resisting standards in the rule because such specificity may lead to the identification of specific vulnerabilities.

    Specific bullet resisting standards that meet the requirements in Sec. 73.55(e)(5) are described in regulatory guidance and would be further reflected in a licensee's NRC-approved security plans. The Commission acknowledges, however, that in addition to manufactured bullet- resisting materials, a level of bullet-resistance that meets the intent of this regulation might be provided by distances and angles combined with standard construction materials and designs.

    The proposed Sec. 73.55(e)(6)(vi) is renumbered in the final rule as Sec. 73.55(e)(8)(v). The Commission received several comments requesting that the NRC delete the word ``all'' with respect to its modification of the term ``exterior areas.'' The Commission agrees that clarification is necessary. Section 73.55(e)(8)(v) retains and updates the pre-existing requirement in Sec. 73.55(c)(4) to periodically check all exterior areas within the protected area but has revised the requirement to clarify that some areas may be excepted from this requirement where safety concerns prevent the licensee from physically checking that area. The Commission's expectation is that licensee procedures will account for these areas by another means that ensures the safety of personnel while assuring the integrity of the area and the requirement is met.

    Section Sec. 73.55(e)(9)(v)(D) is added to include the SAS among the types of areas and equipment that must be afforded protection as a vital area/equipment the same as the CAS, only for applicants for new reactor licenses. Current licensees are not subject to this requirement as they have been found to provide adequate protection within current configurations. The requirement to treat SAS as a vital area is an enhancement that provides equivalency and redundancy for the alarm stations.

    The Commission received a comment that proposed Sec. 73.55(e)(7)(iii), renumbered to the final rule as Sec. 73.55(e)(9)(vi)(A), expands the requirement for secondary power systems from just ``alarm annunciator equipment'' to all ``intrusion detection and assessment equipment'' and that this is a significant expansion that is not explained or supported by NRC force-on-force inspections.

    The Commission agrees that the scope of the proposed paragraph appears to have been expanded to require all intrusion detection and assessment equipment employed by the licensee to be connected to a secondary power supply and for all secondary power supplies to be treated as vital areas. Section 73.55(e)(9)(vi)(A) is revised to retain the pre-existing

    Sec. 73.55(e)(1) to locate the secondary power supply for alarm annunciation equipment in a vital area. The Commission has added Sec. 73.55(i)(3)(vii) to address uninterruptible power supplies for intrusion detection and assessment equipment at the protected area perimeter. The uninterruptible power supply discussed in Sec. 73.55(i)(3)(vii) is not required to be located in a vital area because it is a short-term measure utilized to provide service until secondary power sources are operable and the Commission recognizes that uninterruptible power supplies are physically dispersed across the site. Making each uninterruptable power supply a vital area is considered a safety enhancement and implementation would be an unnecessary regulatory burden on the licensee based on the level of protection that would be provided versus the cost.

    The Commission has determined that the proposed Sec. 73.55(e)(7)(iv) was redundant to Sec. 73.58 and has deleted this requirement from the final rule to avoid unintended duplication and impact beyond current requirements.

    The Commission received multiple comments stating that the proposed

    Sec. 73.55(e)(8) significantly expands the requirements for controlling vehicles inside the OCA. The pre-existing Sec. 73.55(c)(7) requires the licensee to provide vehicle control measures, including vehicle barrier systems, to protect against use of a land vehicle as a means of transportation to gain unauthorized proximity to vital areas.

    The Commission's intent is not to expand the requirements for controlling vehicles in the OCA and has revised and consolidated the proposed rule Sec. 73.55(e)(8) to clarify scope and intent of this requirement. The proposed Sec. 73.55(e)(8) is renumbered in the final rule as Sec. 73.55(e)(10) and provides general vehicle control requirements. In addition, the rule requires that licensees implement security measures to prevent unauthorized access to the protected area by rail.

    The Commission received several comments on proposed Sec. 73.55(e)(8)(ii) that to control vehicle approach routes is broader in scope than protecting against vehicle bomb attacks and preventing vehicle use as a means of adversary transportation as was stated in the proposed rule. In lieu of a specific requirement to control vehicle approach routes, Sec. 73.55(e)(10) provides general vehicle control requirements. The Commission acknowledges that the control of vehicle approach routes is generally accomplished through the establishment of vehicle control measures such as a vehicle barrier system designed for protection against vehicle bomb assaults or a protected area barrier that prevents unauthorized personnel from gaining proximity to protected areas or vital areas.

    The proposed Sec. 73.55(e)(8)(iii) is modified and renumbered as

    Sec. 73.55(e)(10)(i)(A). The Commission received several comments to clarify protection requirements against land vehicle bombs and the protection of personnel, systems, and equipment. The Commission agrees, and Sec. 73.55(e)(10)(i)(A) is revised to clarify the protection of personnel, systems, and equipment relative to land vehicle bomb assaults rather than the design basis threat in its entirety. This requirement does not include an obligation to protect all plant personnel from such an attack but rather focuses on the protection of those personnel whose job functions make them necessary to prevent significant core damage and spent fuel sabotage through the implementation of the protective strategy.

    The proposed Sec. 73.55(e)(8)(v) is renumbered as Sec. 73.55(e)(10)(i)(B). The Commission received a comment to clarify whether loss of power testing is subject to this requirement. The

    Commission concluded that specific testing criteria and periodicity are site-specific and must be addressed in procedures. The rule requires that each licensee will develop and implement procedures that will ensure that active vehicle barriers can be electronically, manually, or mechanically placed in the denial position to perform their intended function for protection against

    Page 13940

    the vehicle bomb in the event of a power failure.

    The proposed Sec. 73.55(e)(8)(vi) is renumbered as Sec. 73.55(e)(10)(i)(C). The Commission received several comments that if the proposed Sec. 73.55(e)(8)(vi) is intended to address tampering then the term ``tampering'' should be used. The Commission agrees and

    Sec. 73.55(e)(10)(i)(C) is revised to remove the term ``integrity,'' and clarified to require that the licensee implement measures to identify indications of tampering with vehicle barriers and barrier systems and to ensure that barriers are not degraded. The rule requires that the licensee will implement appropriate surveillance and observation measures for vehicle barriers, barrier systems, and railway barriers.

    Section 73.55(e)(10)(i)(D) was specifically added, based on a comment, to address vehicle control measures for sites that have rail access to the protected area.

    The proposed Sec. 73.55(e)(9) is renumbered as Sec. 73.55(e)(10)(ii). Section 73.55(e)(10)(ii)(B) is revised to require licensees to provide periodic surveillance and observation of waterway approaches and adjacent areas. Section 73.55(e)(10)(ii) is also revised to delete reference to early detection, assessment, and response, consistent with revisions made to the proposed Sec. 73.55(d)(1).

    The proposed Sec. 73.55(e)(10) is deleted. The Commission received several comments that this provision is inconsistent with the existing regulations and associated regulatory guidance for openings in the protected or vital areas. The Commission agrees and furthermore determined that ``Unattended Openings'' are adequately addressed in regulatory guidance and, therefore, need only be addressed through a more generic requirement within this rulemaking. Section 73.55(e)(8)(ii) and Sec. 73.55(i)(5)(iii) generically address penetrations through the PA barrier and unattended openings that intersect a security boundary. The rule requires that such penetrations and unattended openings will be secured and monitored consistent with the intended function of the barrier to ensure the penetration or unattended opening can not be exploited.

    Section 73.55(f), Target Sets. The Commission received multiple comments that the NRC should require licensees to identify certain bridges as ``targets.'' The commenter stated in part, that certain bridges, if lost, would adversely affect or even negate the offsite responders' capabilities and because numerous emergency scenarios rely upon offsite responder's capability to cross these bridges to gain access to the facility during an emergency. The Commission disagrees.

    The requirements of this section focus on the physical protection of target set equipment against the design basis threat of radiological sabotage. Target sets include, in part, the combination of equipment or operator actions which, if all are prevented from performing their intended safety function or prevented from being accomplished, would likely result in significant core damage barring extraordinary action by plant operators. Clearly, geographical features such as bridges or other ingress or egress routes are not included in this concept of target set equipment. Further, a licensee's ability to defend against the design basis threat of radiological sabotage is not dependent on the availability of offsite responders.

    The Commission received a comment that proposed Sec. 73.55(f)(1) which would have required licensees to document their target set development process in ``site procedures'' is not appropriate because other site documents (e.g., engineering calculations) are used to document this process. The Commission agrees and final rule Sec. 73.55(f)(1) is revised to generically require that this information be documented, rather than written into site procedures, to provide the necessary regulatory flexibility. The word ``maintain'' is added to ensure availability of this information upon request by an authorized representative of the NRC. The specific information needed to satisfy this requirement may be contained in engineering records or other documents.

    The Commission received two comments pertaining to the proposed requirement Sec. 73.55(f)(2) which stated that the requirement for licensees to consider the effects of cyber attacks on target sets is not appropriate. The Commission disagrees, concluding that Sec. 73.55(f)(2) is appropriate and consistent with Commission requirements for protection against the design basis threat of radiological sabotage stated in Sec. 73.1 and the cyber security requirements stated in the new Sec. 73.54.

    The Commission received a comment that the proposed Sec. 73.55(f)(3) requirement to list target set equipment or elements that are not within a protected or vital area in the approved security plan is an unnecessary regulatory burden that could require plan changes whenever site-conditions change. The Commission agrees that targets sets must be adjusted consistent with changes to site-specific conditions, and therefore, Sec. 73.55(f)(3) is revised to require that target set elements not contained in a protected or vital area be identified through the documentation required in Sec. 73.55(f)(1) rather than security plans to ensure that they can be appropriately updated and modified to account for changes to site-specific conditions without prior Commission approval.

    The Commission received comments that the proposed Sec. 73.55(f)(4), which would have required implementation of a program to ensure that changes to the configuration of equipment that was identified as target set equipment in the licensee's security plan, was not appropriate due to the increased burden of oversight identified by the requirement. The Commission agrees in part. Section 73.55(f)(4) is revised to clarify the Commission's expectation that each licensee implement a process for the oversight of target set equipment, systems, and configurations using existing processes. This requirement ensures that changes made to the configuration of target set equipment and modes of operation are considered in the licensee's protective strategy. Reference to ``significant core damage and spent fuel sabotage'' is deleted to clarify that the focus of this requirement is on the licensee's process to identify changes made to such equipment that could potentially affect the implementation of the protective strategy. The licensee is expected to periodically review target sets for completeness and continued applicability consistent with the requirements in the final rule Sec. 73.55(m), ``Security program reviews.'' The Commission has determined that such reviews are needed to ensure target sets are complete and accurate at all times.

    Section 73.55(g), Access Controls. The Commission received a comment that the proposed Sec. 73.55(g) does not close a dangerous loophole in current search requirements for law enforcement personnel and security officers which allows bona fide Federal, State, and local law enforcement personnel on official duty and licensee security personnel who have exited the protected area (PA) to reenter the PA without being searched for firearms. The commenter argued that such exceptions could provide insiders or corrupt law enforcement personnel collaborating with adversaries with significant opportunities to introduce contraband, silencers, ammunition, or other unauthorized equipment that could be used in an attack. The commenter stated that this practice should be explicitly forbidden in the rules except under

    Page 13941

    extraordinary circumstances. The Commission disagrees with this comment. On-duty law enforcement personnel may be granted access by licensees when there is a need for such access and are escorted while inside the PA. With respect to licensee security personnel, they are searched for firearms, explosives, and incendiary devices upon reporting for duty and are under the observation of other security personnel who are subject to the licensee's continuous behavioral observation program when performing duties. Upon assuming their duties, armed security officers must continue to be subject to the search criteria for explosives and incendiary devices upon re-entry to the PA.

    Both law enforcement personnel and licensee armed security personnel have been determined, through rigorous background investigations, to be trustworthy and reliable before being issued a firearm as part of their assigned duties. The Commission concluded that this exception to the required search criteria is necessary and appropriate to avoid unnecessary regulatory burden associated with these operating conditions.

    The proposed rule attempted to address all access controls equally without addressing specific implementing differences for access to the owner controlled area, PA, or vital areas (VA). The Commission received several comments to clarify these differences in access controls for each area regarding processing of materials, personnel, and vehicles.

    The Commission agrees and the final rule is revised to address access control requirements for each area. The Commission also revised Sec. 73.55(g)(1)(ii), (A), (B), and (C) to clarify generic control measures for controlling vehicle access through a vehicle barrier. Section 73.55(g)(2) is revised to specifically address PA access controls, and

    Sec. 73.55(g)(4) is revised to specifically address VA access controls.

    The proposed Sec. 73.55(g)(1)(iv) to monitor and ensure the integrity of the licensee's access control systems is deleted from the final rule because it is sufficiently addressed by Sec. Sec. 73.55(n)(1)(i) and (g)(1)(i)(C). The rule requires that the licensee will ensure that all access controls are working as intended and have not been compromised such that a person, vehicle, or material is able to gain unauthorized access beyond a barrier.

    The proposed Sec. 73.55(g)(5) is renumbered as Sec. 73.55(g)(3).

    The Commission received a comment that the proposed Sec. 73.55(g)(3)(ii) would have relaxed the requirement for armed security escorts for all vehicles inside a nuclear power plant's PA or VAs, unless the vehicle was specifically designated for use in such areas.

    The commenter further stated that the provision provides no explanation for the proposed change to this requirement, particularly given that there appears to have been no change in the threat environment that might warrant this change in security.

    The Commission disagrees that requirements for control of vehicles inside the PA are relaxed by this requirement. The pre-existing requirement Sec. 73.55(d)(4) did not require an armed escort for all vehicles but rather required only that the escort be a member of the security organization who may have been an unarmed watchman. The requirement has been revised, however, to permit the use of non- security-organization personnel as escorts for vehicles except that armed security personnel must escort vehicles containing hazardous materials and unsearched bulk items. Vehicle escorts, however, must be trained in accordance with the licensee's training and qualification plan as required by Sec. 73.55(g)(8)(iii).

    The pre-existing requirement for licensees to designate certain vehicles for use inside the PA has been deleted from the final rule.

    The Commission concluded that simply designating a vehicle for use inside the PA is an unnecessary regulatory burden and, therefore, is not necessary. Section 73.55(g)(3)(iii) requires that vehicle use inside the PA must be limited to plant functions or emergencies and that keys must be removed or the vehicle otherwise disabled when not in use. All vehicles and personnel must be searched before entering the

    PA. Vehicles operated by individuals who are authorized unescorted access to the PA are not required to be escorted.

    The proposed Sec. 73.55(g)(4)(ii)(C), which would have required licensees to implement procedures during an emergency to ensure that the licensee's capability to prevent significant core damage and spent fuel sabotage was maintained, is deleted because it is sufficiently addressed by Sec. 73.55(b)(3).

    The proposed Sec. 73.55(g)(4)(iii) is subsumed by Sec. Sec. 73.55(g)(5)(ii) and 73.55(b)(11). These provisions require that consideration be given to how access to and egress from the site will be controlled during an emergency, which is a function assigned to the security organization consistent with site emergency procedures.

    The Commission received comments that passwords are not access control devices and, therefore, are not appropriate for the requirements of the proposed Sec. 73.55(g)(6). The Commission disagrees. The Commission has determined that in physical security, passwords are a form of access control device because they are used to control access to security computer or electronic systems and may be used to control access to secured areas. The rule requires that the licensee will control passwords/passcodes used for security computers, electronic systems, or secured areas.

    Section 73.55(g)(7)(i)(F) is added to require the licensee to deny access (escorted or unescorted) to any individual for whom access is currently denied at another NRC-licensed nuclear power reactor facility.

    The Commission received several comments that the requirements described in proposed Sec. 73.55(g)(7)(ii) regarding the specific information to be included on photo-identification badges issued to non-employee personnel who require frequent or extended unescorted access to a facility are an unnecessary regulatory burden. The

    Commission agrees in part, and Sec. 73.55(g)(7)(ii) is revised to retain only the requirement for badges to visually reflect that the individual is a non-employee and that no escort is required. The proposed Sec. Sec. 73.55(g)(7)(ii)(B) through (D) are deleted. The

    Commission's expectation is for licensees to electronically record the individual's access level, period of unescorted access, and employer within security databases. The Commission concluded that current badge technology is predicated upon computerized access control methodologies that store much of this information electronically on badges or keycards and in associated databases. Therefore, the need to visually display such information on badges is unnecessary. The proposed Sec. 73.55(g)(7)(ii)(E) requirement for the designation of assigned assembly areas on badges is also deleted as it is determined to be an unnecessary regulatory burden.

    The Commission received a comment to clarify the proposed Sec. 73.55(g)(8) relative to the training of personnel assigned to perform escort duties. The rule requires that all escorts will be trained to perform escort duties and that this training may be accomplished through existing processes such as the General Employee Training

    (personnel escort) and/or the security Training and Qualification Plan

    (vehicle escorts). This training requirement ensures that any individual assigned to escort duties understands their responsibilities and the activities the person(s) to be escorted are authorized to perform. For

    Page 13942

    those instances where the licensee uses facility personnel other than a member of the security organization to perform escort duties within the physical protection program, such as a vehicle escort, these individuals must be trained, equipped, and qualified in accordance with the security Training and Qualification Plan to perform this specific duty. The rule requires that facility personnel who are not members of the security organization will be trained and qualified for the specific physical protection duties that they are assigned which includes possessing the knowledge, skills, abilities, and the minimum physical qualifications such as sight, hearing, and their general health needed to perform the assigned duties effectively.

    The Commission received another comment that the proposed Sec. 73.55(g)(8) allows escorts to take multiple visitors with no background checks into PAs and VAs, but does not require that the escorts meet even minimal physical and visual capabilities. The commenter stated that, unlike the proposed new requirement in Part 73, appendix B, paragraph B.2.a(2) that unarmed members of the security organization meet specified physical capabilities, the proposed regulations in Sec. 73.55(g)(8) would not prevent licensees from assigning blind, deaf, and mute persons as escorts. The commenter urged that the regulation define minimally acceptable physical attributes for escorts. The Commission disagrees with this comment. The final rule does not require personnel escorts to be subjected to medical qualifications to perform escort duties but does require escorts to meet the requirements of Sec. 73.55(g)(8), which establishes training and qualification requirements for personnel escorts. Further, personnel escorts are required to be capable of performing the assigned duty and maintain communication with the security organization when performing escort duties to summon assistance if needed. The NRC has never imposed minimum physical qualifications on licensee personnel escorts and the commenter has supplied no basis to impose such requirements now.

    Section Sec. 73.55(g)(8)(i) through (v) updates pre-existing requirements consistent with Commission expectations and current licensee practices for performing escort duties. The Commission received several comments that the proposed Sec. 73.55(g)(8)(ii), which would have required that individuals assigned escort duties be provided a means of ``timely communication,'' was without basis because current communications capabilities at facilities are sufficient for escorts to make notifications or requests for assistance. Therefore, the commenter asserted that the NRC should delete this provision from the final rule. The Commission disagrees. The rule requires that escorts be able to call for assistance when needed. The ``timely communication'' language in the final rule does not require a specific form of communication media. It is the responsibility of each licensee to determine the appropriate communication media for their site which may or may not include the use of hand-held radios, public address systems, intercoms, etc. The Commission has concluded that timely communication capability is an appropriate update to pre-existing requirements and current licensee practices. Therefore, the Commission retains this requirement in Sec. 73.55(g)(8)(ii).

    The Commission received several comments that the proposed Sec. 73.55(g)(8)(iii) for continuous communication is a new requirement without basis. The Commission disagrees. Section 73.55(g)(8)(iii) is an appropriate update to the pre-existing requirement described in Sec. 73.55(f)(1), which required security personnel to maintain continuous communication capability with the central and secondary alarm stations and the pre-existing Sec. 73.55(d)(4) which required vehicles to be escorted by security personnel while inside the PA. Section 73.55(g)(3)(ii) relieves the licensee from the pre-existing Sec. 73.55(d)(4) and allowed non-security personnel, who are trained and qualified in accordance with the security Training and Qualification

    Plan, to escort vehicles inside the PA. In providing this relief, the

    Commission concluded that it is prudent to ``retain'' the pre-existing

    Sec. 73.55(f)(1) requirement for vehicle escorts to maintain a continuous communication capability that was otherwise present through the use of security personnel escorting vehicles. It is also important to note that Sec. 73.55(g)(8)(iii) is revised to permit vehicle escorts to directly contact members of the security organization other than the CAS or SAS for assistance. The proposed requirement would have limited this communication to only the CAS or SAS.

    The Commission received a comment that the proposed Sec. 73.55(g)(8)(iv) phrase ``knowledgeable of those activities that are authorized to be performed within the areas'' is broad and impracticable and that escorts should only be responsible for observing obvious indications of inappropriate behavior. The Commission agrees in part and revised Sec. 73.55(g)(8)(iv) to clarify that the level of knowledge required is general and that general knowledge of authorized activities is a fundamental requirement for an effective escort.

    The Commission received comments that proposed Sec. 73.55(g)(8)(v), which described minimum visitor to escort ratios in protected and vital areas, would not have provided sufficient protection against the possibility that visitors could attempt to commit or facilitate acts of radiological sabotage. The Commission disagrees that the requirements reflected in the proposed rule are not sufficient to ensure that visitor activities are adequately controlled, and they are, therefore, reflected in the final rule. The rule requires each licensee to implement visitor observation and control measures that are consistent with the physical protection program design requirements in Sec. 73.55(b) including specific requirements for searches of personnel, escorting of personnel, and escort communications. The Commission has concluded that the visitor control measures required by this paragraph provide an appropriate level of protection and prescribing specific visitor-to-escort ratios is unnecessary. Visitor-to-escort ratios should be specific to each site and visitor based on site conditions and the rationale for the visit.

    Therefore, Sec. 73.55(g)(8)(v) is revised to delete the proposed visitor-to-escort ratios (10 to 1 in the PA and 5 to 1 in VAs) as these ratios are addressed in regulatory guidance and required to be delineated in the licensee's NRC-approved security plans.

    Section 73.55(h), Search Programs. The Commission received several comments that search requirements should be addressed according to facility area (i.e., owner controlled area (OCA) and PA). The

    Commission agrees, and Sec. 73.55(h) has been revised to address search requirements by area. This revision is necessary to clarify the differences of search requirements and implementation for owner controlled and protected areas.

    The Commission received several comments to clarify the proposed

    Sec. 73.55(h)(1) and (1)(i) regarding searches and that searches should be conducted at each physical barrier only for those items that must be excluded beyond the barrier. The Commission agrees that clarification is warranted and has combined and renumbered the proposed

    Sec. 73.55(h)(1) and (h)(1)(i) as Sec. 73.55(h)(1). Consistent with

    Sec. 73.55(b)(4), each licensee must analyze their site-specific conditions to

    Page 13943

    determine what personnel, vehicles, and materials must be prevented from gaining access to specific areas of the facility and will search the personnel, vehicles, and materials to satisfy the design requirements of Sec. 73.55(b).

    The proposed Sec. 73.55(h)(5) is renumbered as Sec. 73.55(h)(2)(iii). Section 73.55(h)(2)(iii) is revised to specify implementing details for the conduct of vehicle searches within the OCA including to the number of personnel required and the duties to be performed by each. The search process applied in the OCA must be performed by two personnel at least one of which must be armed and positioned to observe the search to provide an immediate response if needed. The rule requirement for searches conducted at vehicle checkpoints within the OCA is that one individual will conduct the search function, a second armed individual will be physically located at the checkpoint to provide an immediate armed response if needed, and a third individual, in accordance with Sec. 73.55 (h)(2)(v), will monitor the search function via video equipment at a location from which that individual can initiate an additional response.

    The proposed Sec. 73.55(h)(8) through (h)(8)(iii) are renumbered as Sec. 73.55(h)(3)(v) through (h)(3)(viii). The Commission received a comment that Commission approval of exceptions to search requirements through licensee security plans is unreasonable and unnecessary. The

    Commission agrees in part, and Sec. 73.55(h)(3)(v) is revised to clarify the rule requirement that a general description of the types of exceptions must be stated in the licensee security plans rather than a specific listing of individual exceptions which must be captured in procedures.

    The proposed Sec. 73.55(h)(8)(i) is renumbered as Sec. 73.55(h)(3)(vii). The Commission received a comment that the requirement for an armed escort is not applicable in all cases. The

    Commission agrees in part and has revised Sec. 73.55(h)(3)(vii). The rule requires that bulk items excepted from the search required for access into the PA will be escorted by an armed member of the security organization to ensure that unsearched bulk items are controlled until they can be offloaded and the absence of contraband can be verified to the extent practicable.

    The proposed Sec. 73.55(h)(1)(iii) is subsumed in the final rule in appendix B of part 73.

    The proposed Sec. Sec. 73.55(h)(2)(i) and 73.55(h)(2)(ii) regarding clearly identifying items during a search are subsumed as

    Sec. Sec. 73.55(h)(2)(iv) and 73.55(h)(3)(i).

    Section 73.55(i), Detection and Assessment Systems. Several requirements from proposed Sec. Sec. 73.55(i)(7) and 73.55(i)(10) have been consolidated, revised, relocated, and/or deleted to eliminate redundancy and provide clarification for alarm annunciation and video assessment equipment in both alarm stations and have been designated as

    Sec. 73.55(i)(2) and (3).

    The proposed Sec. Sec. 73.55(i)(4), 73.55(i)(4)(i), and 73.55(b)(3) are combined and renumbered as Sec. 73.55(i)(4)(i). The

    Commission received a comment that the requirements set forth in the proposed Sec. 73.55(i)(4) were significant high-impact requirements that exceed the existing requirements without basis and whose exact scope and impact could not be assessed with the current language. The

    Commission agrees that further clarification of the intent and scope of these requirements is necessary. In the final rule, the pre-existing requirement in Sec. 73.55(e)(1) for protection of at least one alarm station against a single act is retained. Section 73.55(i)(4)(i) of the final rule clarifies the functions that must survive from a single act by requiring licensees to ensure the survivability of either alarm station to maintain the ability to perform the following four functions: Detection and assessment of alarms, initiation and coordination of an adequate response to alarms, summoning offsite assistance, and providing effective command and control. The proposed

    Sec. 73.55(b)(3), which generally addressed the protection of personnel, systems, and equipment from a single act bounded by the design basis threat, is now reflected as Sec. 73.55(e)(10)(i)(A), which generally describes licensee measures for protection against the design basis threat land vehicle bomb assault. A single act does not refer to the number of acts committed during a security contingency event; rather it pertains to any one act that alone could remove the licensee's capability to retain at least one alarm station and/or its functions as required. An example of a single act against which this regulation requires protection would be destruction of security equipment not specifically accounted for in the licensee protective strategy that is accessible from the PA perimeter and that its destruction would remove the capability to retain one alarm station and/or its required functions.

    The proposed Sec. 73.55(i)(4)(ii) is renumbered as Sec. 73.55(i)(3)(vii). The Commission received several comments that proposed Sec. 73.55(i)(4)(ii), which would have required uninterruptable backup power for all alarm station functions, would be a significant high-impact requirement that would exceed the existing requirements without a basis and that the exact scope and impact of the requirement cannot be assessed with the current language. The

    Commission agrees in part, and has revised Sec. 73.55(i)(3)(vii) to clarify the scope of equipment to which this requirement applies. The

    Commission recognizes that because the transfer to secondary power is not an instantaneous event, the maintenance of continuous power to some equipment essential to the initiation of licensees' protective strategies may not be possible and could result in a period of degraded performance. In light of this potential vulnerability, the rule requires uninterrupted power supplies for detection and assessment equipment at the PA perimeter to ensure continued operability in the event of the loss of normal power during the transition between normal power and initiation of secondary power. The Commission determined that a licensee's capability to detect and assess a threat at the PA perimeter is an essential function for all sites, and as such, the equipment needed to satisfy the requirement in Sec. 73.55(i)(1) must remain operable through an uninterruptible power supply. Based on each licensee's site specific considerations, detection and assessment equipment subject to this requirement may, for example, include alarm annunciators and sensors, lighting, closed circuit televisions, and video image recording necessary to provide detection and assessment at the protected area perimeter. However, under this rule, each license must identify which detection and assessment equipment it relies on to initiate its protective strategy. This requirement is based on the pre- existing Sec. 73.55(e)(1), the evaluation of information gained through enhanced baseline inspections and force-on-force exercises.

    Section 73.55(i)(4)(ii)(E) is added to ensure that licensees address events (e.g., trespassing) that may not require a response in accordance with the protective strategy but may require the employment of elements within the licensee's force continuum and legal authority as permitted under applicable State law.

    Section Sec. 73.55(i)(4)(ii)(G) is added for consistency with

    Sec. 73.55(i)(4)(ii)(F) to ensure that operators in both alarm stations are knowledgeable of the final disposition of all alarms, thus minimizing the possibility of assessment errors.

    Page 13944

    The proposed Sec. Sec. 73.55(a)(6), 73.55(a)(6)(i), and 73.55(a)(6)(ii) are consolidated and re-numbered as Sec. 73.55(i)(4)(iii). The Commission received several comments to clarify the applicability and scope of the proposed Sec. 73.55(a)(6) and to relocate this requirement to Sec. 73.55(i). The Commission agrees that additional clarity is needed but declines to relocate the applicability language in Sec. 73.55(a)(6). Sections 73.55(a)(6) and 73.55(i)(4)(iii) specify that the requirement to construct, locate, protect, and equip both the central and secondary alarm stations (CAS and SAS) is applicable to only applicants for an operating license under the provision of part 50 or holders of a combined license under the provisions of part 52 that is issued after the effective date of this rule. The rule requires that both alarm stations for new reactors will be equal and redundant and will meet construction standards previously applied only to the CAS. Specifically, the Commission has deleted the pre-existing provision that otherwise permitted the SAS to be located offsite. Operating power reactors licensed before the effective date of this final rule and the Tennessee Valley Authority's

    Watts Bar Nuclear Plant need not renovate their existing alarm stations to meet this requirement. Applicants for a new operating license or combined license for a reactor that would be constructed inside an existing PA must construct both the CAS and SAS to the requirements of

    Sec. 73.55 for CAS, unless otherwise exempted through established licensing processes.

    The proposed Sec. Sec. 73.55(i)(5), (i)(6), and (i)(7)(i) related to detection and assessment capabilities are deleted because they are subsumed as Sec. 73.55(i)(1) which provides a general description of detection and assessment requirements.

    The proposed Sec. Sec. 73.55(i)(9)(ii), (ii)(A), and (ii)(B) are combined and renumbered as Sec. 73.55(i)(5)(ii). The Commission received a comment that the NRC should delineate the requirements of each of the three areas (OCA, PA, and VA) in the final rule and clarify what is meant by the proposed ``integrity of physical barriers or other components.'' The Commission agrees and the final rule is revised to clarify that this requirement applies to the OCA. The term

    ``integrity'' is retained and is meant to refer to the ability of the barrier to perform its function and that it has not been tampered with.

    The proposed Sec. 73.55(i)(9)(iv) is renumbered as Sec. 73.55(i)(5)(iii). The Commission received several comments to clarify the proposed Sec. 73.55(i)(9)(iv), which concerned licensee obligations for observation of unattended unmonitored openings. The

    Commission agrees that clarification is needed, and Sec. 73.55(i)(5)(iii) is revised to clarify that this requirement focuses on monitoring unattended openings, such as underground pathways, that can be exploited to circumvent the intent of a barrier or otherwise defeat its required function.

    The proposed Sec. 73.55(i)(9)(iii)(B) has been divided and renumbered as Sec. 73.55(i)(5)(v) and (vi). The Commission received a request for clarification of the intent of the proposed requirement specific to ``random intervals.'' The Commission agrees and Sec. 73.55(i)(5)(vi) is revised to clarify the scope of patrols relative to

    PAs, VAs, and target sets. The term ``random'' as used in the final rule is not intended to describe the periodicity of the patrols but to describe the manner in which the patrol is conducted to prevent predictability.

    The proposed Sec. 73.55(i)(9)(iii)(C) is renumbered as Sec. 73.55(i)(5)(vii). The Commission received several comments to add the word ``obvious'' before the word tampering because security personnel generally do not possess the level of specific knowledge that might be necessary to detect the types of tampering that could have been included within the scope of the rule. These commenters noted that other licensee operations personnel who possess detailed engineering knowledge also provide observation of target set equipment and additional assurances that tampering would be identified. The

    Commission agrees and Sec. 73.55(i)(5)(vii) is revised to include the term ``obvious'' consistent with the level of knowledge that security personnel possess regarding plant operations based on training that is provided to them.

    The proposed Sec. Sec. 73.55(i)(10) and (i)(10)(i) are deleted from the final rule because this proposed requirement to maintain video equipment in operable condition is redundant to Sec. Sec. 73.55(b)(3) and 73.55(n)(1)(i).

    The proposed Sec. 73.55(i)(10)(iii) is deleted from the final rule. The NRC received a comment that ensuring personnel assigned to monitor video equipment are alert and able to perform their assigned duties is a licensee management responsibility. The Commission agrees.

    Fitness-for-duty, fatigue, and work-hour controls are covered in 10 CFR part 26.

    The proposed Sec. 73.55(i)(11)(i) is renumbered as Sec. 73.55(i)(6). The Commission received several comments to clarify this lighting requirement. The Commission agrees and Sec. 73.55(i)(6) is revised to clarify the lighting requirements and identify acceptable alternatives. The reference to the OCA is removed from this paragraph as it is duplicative to the reference in Sec. 73.55(b).

    The proposed Sec. 73.55(i)(11)(ii) is renumbered as Sec. 73.55(i)(6)(ii). The Commission received several comments to clarify the pre-existing requirement for 0.2-foot-candle illumination and the application of low-light technology. Consistent with the proposed rule, the current 0.2-foot-candle illumination requirement is explicitly retained as the minimum standard for illumination levels at nuclear power reactor facilities. However, Sec. 73.55(i)(6)(ii) is revised to clarify and introduce the use of low-light technology to supplement the facility lighting scheme and to provide the flexibility needed for licensees to use low-light technology. The rule requires that licensees will ensure that lighting levels either meet the 0.2-foot-candle requirement, or employ low-light technology to ensure the protective strategy can be implemented effectively.

    Section 73.55(j), Communication Requirements. The Commission has made no significant changes to Sec. 73.55(j). The Commission received a comment that proposed Sec. 73.55(j)(1), which would require the maintenance of continuous communication with offsite resources, was without a basis. The commenter argued that the ability to maintain such communication is beyond the ability of licensees. The Commission disagrees. This requirement is retained from the pre-existing Sec. 73.55(f)(3) and remains unchanged. The rule requires that each licensee security organization maintains continuous communication with local law enforcement authorities and onsite personnel.

    The Commission received a comment that proposed Sec. 73.55(j)(4)(iii), regarding the licensee's communication system, is not appropriate for escorts. The Commission agrees and Sec. 73.55(j) is revised to address the specific communication requirements of personnel or entities requiring communications and communication systems to be employed to meet the requirement. The rule requires that vehicle escorts are provided by the licensee with the appropriate means to call for assistance when needed. The final rule does not require a specific form of communication media, and therefore, it is the responsibility of each licensee to determine the appropriate communication media for their site which may or may not include the use of hand-held radios, public address systems, intercoms, etc.

    Page 13945

    The Commission received a comment that proposed Sec. 73.55(j)(6), which would have required the licensee to identify and establish alternative communication methods for areas of its facility where communication could be interrupted or not maintained, was without a basis, and would be virtually impossible to implement given a power plant's reinforced concrete construction and trip sensitive equipment.

    The Commission disagrees and believes that the commenter misinterpreted the Commission's intent. A condition as described in the rule, if present at a site, must be identified and accounted for to satisfy the pre-existing Sec. 73.55(f)(1) requirement for continuous communication. However, the Commission does not intend to require that such conditions be ``fixed'' but rather that the licensee compensate for this condition as needed and appropriate for their site-specific considerations.

    Section 73.55(k), Response Requirements. The proposed Sec. Sec. 73.55(k)(1)(ii) and (iii), regarding the training and qualification of armed responders and the availability of certain equipment, are deleted from the final rule. These requirements are sufficiently addressed in the final rule in appendix B to part 73 and appendix C to part 73 and, therefore, are redundant.

    The proposed Sec. 73.55(k)(1)(iv), regarding training for assigned weapons, is renumbered as Sec. 73.55(k)(2). The Commission determined that the proposed Sec. 73.55(k)(3)(iv) is redundant to this requirement and has revised Sec. 73.55(k)(2) to clarify performance criteria.

    The proposed requirement in Sec. 73.55(k)(1)(v) regarding weapons training and qualification of armed responders is deleted from the final rule because it is redundant to the requirements set forth in appendix B to part 73.

    The proposed Sec. 73.55(k)(3) is renumbered as Sec. 73.55(k)(4).

    The final rule Sec. 73.55(k)(4) is clarified to delineate the duties of armed responders and armed security officers. Section 73.55(k)(5) is added to retain the pre-existing requirement, described in former Sec. 73.55(h)(3), for the minimum number of armed responders required to be immediately available at the facility to fulfill response requirements.

    The rule requires that each licensee will determine the specific minimum number of armed responders needed to protect their facility and that under no circumstances will that minimum number be less than 10 inside the PA and available at all times.

    The proposed Sec. 73.55(k)(3)(iii) and (iv) are deleted from the final rule. The Commission concluded that these proposed requirements are redundant to the final rule appendix B to part 73 and Sec. 73.55(n)(1)(i), respectively.

    The proposed Sec. 73.55(k)(6) regarding licensee personnel being trained to understand their roles during security incidents, is deleted from the final rule. The Commission has determined that this requirement is more appropriate for site procedures and has deleted it from the final rule.

    The proposed Sec. 73.55(k)(7)(iv) is renumbered as Sec. 73.55(k)(8)(iii). The Commission received a comment that it does not have a basis to require licensee notification of offsite agencies other than local law enforcement upon receipt of an alarm or other threat notification. The Commission generally agrees that the requirement is not necessary. Section 73.55(k)(8)(iii) is revised to specify that licensees must notify local law enforcement only in accordance with their site procedures. However, as noted below, some licensees have established liaison with non-local law enforcement agencies including

    State or Federal. To the extent that these arrangements are noted in those licensees' site procedures, the rule would require their notification.

    The proposed Sec. 73.55(k)(8) is renumbered as Sec. 73.55(k)(9).

    The Commission received a comment that it does not have a basis to require licensees to obtain liaison agreements with agencies other than local law enforcement. The Commission disagrees with this comment but has clarified the rule. In some instances, licensees have arrangements with agencies not considered ``local law enforcement'' such as Federal or State law enforcement agencies. It is, therefore, an appropriate update to the regulatory framework to include the possibility of State and Federal law enforcement agencies as well as local law enforcement to account for sites whose local law enforcement are State or Federal agencies. However, such agreements are not required by the rule.

    Further, the Commission acknowledges that in some cases a local, State, or Federal law enforcement agency cannot or will not enter into a written agreement with a licensee, and in such cases the Commission's expectation is that the licensee will make a reasonable effort to pursue liaison with these agencies to the extent practicable and that this liaison is documented.

    The proposed appendix C to part 73, section II, paragraph (k),

    ``Threat Warning System,'' paragraph (k)(1), (k)(2), and (k)(3) are moved and renumbered as Sec. 73.55(k)(10), paragraph (k)(10)(i), and paragraph (k)(10)(ii). The Commission concluded that these requirements are better presented in the regulatory framework for the physical protection program. The rule requires that the licensee will pre-plan specific enhancements to their physical protection program to be taken upon notification by the NRC of a heightened threat environment.

    Section 73.55(l), Facilities Using Mixed-Oxide (MOX) Fuel

    Assemblies Containing up to 20 Weight Percent Plutonium Dioxide

    (PuO2). The Commission received a comment that through this proposed rulemaking, the NRC is ignoring the Atomic Safety and

    Licensing Board's (ASLB) decision in the Catawba case. The commenter stated that, in that case, the ASLB added security conditions to Duke

    Energy's proposed security plan at Catawba and that one of the ASLB's conditions is not in the proposed rule. The Commission disagrees with this assertion. In fact, the Commission specifically rejected the

    ASLB's imposition of additional license conditions for the use of MOX fuel and affirmed the staff's conclusion that the additional security measures provided by the licensee would provide reasonable assurance of the protection of public health and safety in light of the theft risk presented by the use of MOX fuel (Duke Energy Corp. (Catawba Nuclear

    Stations, Units 1 and 2), CLI-05-14, 61 NRC 359 (2005)). The Catawba license amendments were issued on March 3, 2005 (70 FR 11711; March 9, 2005). The requirements described in Sec. 73.55(l) are consistent with the physical protection program enhancements that were applied to the

    Catawba facility. Section 73.55(l) is revised to clarify that those licensees choosing to use MOX fuel assemblies must implement additional measures designed to prevent theft or diversion of un-irradiated MOX fuel assemblies in addition to protecting the power reactor facility against the design basis threat of radiological sabotage.

    The Commission received a comment that the NRC did not define MOX fuel in the proposed rule (with regard to concentration, weight, or any other physical property), and suggested that this is necessary. The

    Commission agrees, and Sec. 73.55(l) is revised to specify the maximum percent weight of plutonium dioxide allowed within a MOX fuel assembly and that the use of MOX fuel assemblies with percent weights greater than 20 weight percent plutonium dioxide require unique and separate approval from the Commission. In such cases, licensees would be required to submit a license amendment

    Page 13946

    request, and the Commission would consider additional security measures as necessary. Section 73.55(l)(3)(v)(B) is also revised to clarify the number of physical barriers required for protection of un-irradiated

    MOX fuel assemblies. Physical protection of un-irradiated MOX fuel assemblies requires three physical barriers of which the water contained within the spent fuel pool is the third barrier.

    Finally, the commenter disagreed with the fact that the proposed rule language did not make a distinction between the security applied to a small number of MOX lead test assemblies and the security applied to a large number of assemblies. The Commission disagrees that such a distinction is necessary in the rule. Because the Commission considers only one part of one assembly to be the goal quantity of a theft scenario and because theft of only a portion of the fuel in one assembly would be considered failure, no additional protection would be added by distinguishing between multiple additional assemblies. The physical protection program requirements specified in Sec. 73.55(l) are appropriate for any quantity of unirradiated MOX fuel assemblies that are less than or equal to 20 weight percent plutonium dioxide and may be on-site at any time.

    Section 73.55(m), Security Program Reviews. The proposed Sec. 73.55(m) for ``Digital computer and communication systems and networks'' is relocated to a stand-alone section (10 CFR 73.54). The

    Commission has determined that these requirements are best addressed as a stand-alone section similar to the requirements for an access authorization program.

    The proposed Sec. 73.55(n) is renumbered as Sec. 73.55(m) to account for the renumbering of the proposed Sec. 73.55(m) as 10 CFR 73.54.

    The proposed Sec. Sec. 73.55(n)(1) and (n)(1)(ii) are combined and renumbered as Sec. 73.55(m)(1). The Commission received a comment to clarify the periodicity of audits and reviews required by proposed

    Sec. 73.55(n)(1). Section 73.55(m)(1) is revised to clarify periodicity. The rule requires that each licensee will review their physical protection program to determine if the programmatic requirements established are being implemented. The rule also requires that each licensee will review the physical protection program to determine if the physical protection program effectively meets

    Commission requirements. The licensee must ensure that all components or elements of the physical protection program are reviewed at intervals no less than every 24 months. However, the Commission has concluded that licensees must also review individual components or elements of the physical protection program no later than 12 months following a significant change to site-specific conditions, equipment, personnel, or other performance indicators.

    The proposed Sec. Sec. 73.55(n)(3) and (4) are deleted because these requirements are redundant to the requirement to review the physical protection program at intervals not to exceed 24 months.

    The proposed Sec. 73.55(n)(5) is deleted because it is redundant to the final rule Part 73, appendix B, Section VI, for the performance evaluation program.

    The proposed Sec. 73.55(n)(8) is deleted because the requirements for the site corrective action program as stated in Sec. 73.55(b)(10) address all issues, not just findings from reviews, audits, etc. as stated in the proposed rule.

    The proposed Sec. 73.55(n)(9) is deleted because this provision does not apply to reviews and audits addressed herein and is limited to only the conduct of training program requirements addressed in part 73, appendix B, Section VI.

    Section 73.55(n), Maintenance, Testing, and Calibration. The proposed Sec. 73.55(o) is renumbered as Sec. 73.55(n) to account for the renumbering of the proposed Sec. 73.55(m) to a stand-alone section

    (10 CFR 73.54).

    The proposed Sec. 73.55(o)(1)(i) is renumbered as Sec. 73.55(n)(1)(i). The Commission received a comment asking who determines the ``predetermined intervals'' in which testing and maintenance are required. The predetermined intervals for maintenance, calibration, and performance testing of equipment are specified by manufacturer specifications and the NRC. The Commission has concluded that specific, pre-determined intervals for operability testing are required to ensure that certain equipment is capable of performing its intended function.

    Section 73.55(o), Compensatory Measures. The proposed Sec. 73.55(p) is renumbered as Sec. 73.55(o) to account for the renumbering of proposed Sec. 73.55(m) for cyber security requirements to a stand- alone Sec. 73.54.

    Section 73.55(p), Suspension of Security Measures. The proposed

    Sec. 73.55(q) is renumbered as Sec. 73.55(p) to account for the renumbering of proposed Sec. 73.55(m) for cyber security requirements to a stand-alone Sec. 73.54.

    The Commission received a comment that proposed Sec. 73.55(q)(1)(ii) requires that a licensed senior operator approve the suspension of safeguards measures. The commenter suggested that approval from a licensed senior operator was excessive and that the rule should be revised to permit approval by the ``on shift operations manager.'' The Commission disagrees and finds that approval by a licensed senior operator is appropriate for all suspensions of security measures pursuant to Sec. 73.55(p). The allowance for suspensions of security measures for severe weather conditions is based on the pre- existing Sec. Sec. 50.54(x) and (y) which explicitly requires, at a minimum, approval by a licensed senior operator. Under this provision, the security supervisor recommends when security measures must be suspended; and, consistent with the pre-existing Sec. Sec. 50.54(x) and (y), a licensed senior operator must, at minimum, approve that decision to ensure that other operational and safety concerns have been fully considered and that there will be no adverse affects or undue risk to the public health and safety as a result of the suspension.

    Refer to NRC Regulatory Issue Summary 2008-26 ``Clarified Requirements of Title 10 of the Code of Federal Regulations (10 CFR) Section 50.54(y) When Implementing 10 CFR Section 50.54(x) to Depart from a

    License Condition or Technical Specification,'' dated October 29, 2008

    (ML080590124), for further discussion of the requirements associated with which licensee personnel may approve licensee departures from license conditions or technical specifications.

    The proposed Sec. 73.55(q)(4) is deleted because the requirement to report the suspension of safeguards measures is redundant to Sec. 73.71 and is sufficiently addressed in Sec. 73.55(p)(3).

    Section 73.55(q), Records. The proposed Sec. 73.55(r) is renumbered as Sec. 73.55(q) to account for the renumber of proposed

    Sec. 73.55(m) for cyber security requirements to a stand-alone section

    (10 CFR 73.54). The proposed Sec. 73.55(d)(5) is renumbered as Sec. 73.55(q)(3) to retain the requirement for retention of security force contracts as a record for the duration of the contract and retention of superseded portions for three years following changes to that contract.

    Section 73.55(r), Alternative Measures. The proposed Sec. 73.55(s) is deleted because it is redundant to Sec. 73.58. The Commission has determined that safety/security interface is a stand-alone section, the applicability of which is adequately addressed in Sec. 73.58 and need not be referenced in Sec. 73.55 to ensure clarity or applicability.

    Page 13947

    The proposed Sec. 73.55(t) is renumbered as Sec. 73.55(r) to account for the renumbering of the proposed Sec. 73.55(m) for cyber security requirements to a stand-alone section (10 CFR 73.54) and the deletion of proposed Sec. 73.55(s) ``Safety/security interface.''

    Section 73.55(r) represents the same set of requirements that were described in former Sec. 73.55(a), which stated, in part, ``the

    Commission may authorize an applicant or licensee to provide measures for protection against radiological sabotage other than those required by this section * * *.'' That provision had been known as the

    ``alternative measures'' provision although that specific phrase did not appear in the rule text. The final rule codifies that phrase as it relates to this process, but the requirements of seeking and obtaining approval for an ``alternative measure'' essentially remains as it had been set forth in the existing rule.

  14. Section 73.56, Personnel Access Authorization Requirements for

    Nuclear Power Plants

    General Comments. Section 10 CFR 73.56, the Commission has revised the proposed rule text and associated statement of considerations to

    (1) address over 180 pages of the comments received on the proposed rule, (2) provide additional clarifications and specifications, and (3) correct errors. The following provides a brief explanation of the significant changes to the proposed rule and the Commission's responses to the comments.

    The Commission received numerous comments on the proposed rule as a result of unclear descriptions or inconsistent use of the roles and responsibilities of licensees, applicants, and contractors or vendors and the phrases ``grant unescorted access'' and ``authorize unescorted access authorization.''

    In response to the comments received and suggestions implicit in the comments received on various provisions in the proposed rule, the

    Commission improved the clarity and precision of the final rule by providing the following clarification in the statement of consideration for Sec. 73.56(a). First, the Commission replaced the phrases

    ``unescorted access authorization'' and ``access authorization'' with the phrases ``unescorted access'' and/or ``unescorted access authorization'' to correct misuse and misinterpretation of the rule.

    Second, the Commission replaced the term ``grant'' associated with

    ``unescorted access authorization'' and ``access authorization'' with the terms ``grant'' and/or ``certify.'' Finally, the Commission made several revisions in order to provide clarification and/or specifications on the roles and responsibilities of licensees, applicants, and contractors or vendors.

    Additionally, the Commission revised paragraphs (a)(4) and deleted

    (a)(5) in the final rule to define and to provide clarification and specification on the roles and responsibilities of licensees, applicants, and contractors or vendors. Throughout the final rule, the

    Commission revised the proposed rule text to reflect the above clarifications and specifications.

    Throughout the proposed rule text, the Commission received comments that some of its statements in the proposed rule regarding the accessibilities and capabilities of the information-sharing mechanism that the industry is currently using to comply with the Commission's requirements were incorrect. Specifically, commenters noted that the information-sharing mechanism used by the industry does not contain records, but rather it contains data representative of the records that are accessed and controlled by licensees, applicants, and certain contractors or vendors. The Commission agrees with the received comments and revised the final rule to clarify that use of an information-sharing mechanism is not a requirement; rather it is the sharing of specific access authorization information with the other licensees subject to this section that is required in accordance with

    Sec. 73.56(o)(6).

    Section 73.56(a), Introduction. The Commission deleted proposed paragraphs (a)(2) and (a)(3) pertaining to the submission of access authorization program amendments for Commission approval and the continued implementation of the access authorization program under current requirements in the final rule as those requirements have been incorporated in Sec. 73.56(a)(1).

    Section 73.56(b), Individuals Subject to the Access Authorization

    Program. Commenters stated that proposed paragraph (b)(1)(ii) does not contain a necessary provision that allows for short-term escorted digital access and addresses access authorization requirements for an individual accessing emergency response components that include commercial facilities that are not subject to access authorization requirements. The Commission disagrees with the recommended rule requirements. The Commission finds that these comments are beyond the scope of this rule because this section specifically provides for requirements for unescorted access and unescorted access authorization for protected and vital areas of nuclear power plants and to these entities only. This section does not cover escorted digital access; however, cyber security requirements are covered in Sec. 73.54.

    Therefore, the NRC did not make any revision to the rule text.

    Section 73.56(c), General Performance Objective. The Commission received comments that the requirements set forth in proposed Sec. 73.56(d)(3) regarding identity verification requirements, did not properly consider the North America Free Trade Agreement, which allows

    Canadian citizens performing certain services to enter the United

    States without either an alien registration or an I-94 Form. The commenters also stated that the proposed rule text incorrectly allowed contractors or vendors to evaluate the results of fingerprinting required under Sec. 73.57. The Commission agrees with the received comments and revised the proposed rule text to allow licensees and applicants to use an alien registration or an I-94 Form to verify the identity of a foreign national. Additionally, the NRC deleted the requirement that required contractors or vendors to evaluate the results of fingerprinting required under Sec. 73.57, and now only licensees or applicants may do so.

    The Commission received comments that the phrase, ``full credit history evaluation'' stated in proposed Sec. 73.56(d)(5) needs additional clarification and specification by providing a time period for credit history. The comments also stated that fraud check should be deleted from credit history checks and that credit history checks, or other financial documentation, should be required for foreign nationals in the final rule. The Commission agrees in part and disagrees in part with the comments. The Commission disagrees with specifying the time period for a credit history evaluation and deleting fraud checks from the credit history check as the Commission notes that the requirements set forth in this paragraph are consistent with the requirements set forth in the 2003 order and with current industry practice. Further, the full credit history evaluation requirements reflect the

    Commission's intent that all financial information available through credit-reporting agencies is to be obtained and evaluated because it has the potential to provide highly pertinent information. However, the

    Commission agrees with the commenter that the requirement should address credit history checks of foreign nationals. The Commission

    Page 13948

    recognizes that certain foreign nationals' host countries may not have routinely accepted credit reporting mechanisms, and therefore, the

    Commission revised the final rule text to allow multiple sources of credit history that could potentially provide information about a foreign national's financial record and responsibility, not limited to routinely accepted credit reporting mechanisms.

    The Commission revised proposed Sec. 73.56(d)(7) to distinguish the criminal history records check requirements for those individuals who are expected to have unescorted access or unescorted access authorization. Individuals who are expected to have unescorted access must have a criminal history records check in accordance with the requirements of 10 CFR 73.57. However, the NRC cannot obtain a criminal history records check in accordance with Sec. 73.57 for individuals not expected to have unescorted access because Section 149 of the AEA limits the NRC's ability to obtain fingerprints from those individuals.

    Instead, a criminal history records check of those individuals not expected to have unescorted access will be obtained in accordance with

    Sec. 73.56(k)(1)(ii).

    Section 73.56(e), Psychological Assessment. The Commission received comments that the term ``clinical'' should be removed from the phrase

    ``a licensed clinical psychologist or psychiatrist'' in proposed Sec. 73.56(e)(1) pertaining to qualifications for psychologists or psychiatrists who conduct psychological assessments for trustworthiness and reliability. The commenter stated that psychologists or psychiatrists are licensed by states. However, some states might not issue licenses using the term ``clinical'' psychologists or psychiatrists. The Commission agrees with the comment and deleted the term ``clinical'' because the focus is on a psychologist or psychiatrist who has adequate experience, and that focus should not be limited by a particular term that some states may not use in their licensing procedures.

    The Commission received comments that because proposed Sec. 73.56(e)(2) would have required psychologists and psychiatrists to follow the ethical principles established by the American Psychological

    Association or American Psychiatric Association, the proposed regulation would limit the pool of available licensed and qualified psychologists and psychiatrists who can perform the required psychological assessments because these ethical principles might deviate from the ethical principles established by the states that license them and conflict with the requirements in proposed Sec. 73.56(e)(3), which requires licensed psychologists and psychiatrists to have a face-to-face interview with an individual only after the individual surpasses predetermined thresholds on a psychological test.

    The commenter stated that Sec. 73.56(e)(3) is, therefore, in conflict with the (e)(2) requirement to follow accepted ethical principles since part of the American Psychological Association's Ethical Principles and

    Code of Conduct mandates that psychologists interview in light of the research on or evidence of the usefulness of interviewing and would deviate from the ethical principles established by the American

    Psychological Association or American Psychiatric Association if it requires a psychological assessment that is not supported by research and for which the assessors are not properly trained.

    The Commission disagrees with these comments. For the first comment, the Commission noted that the ethical principles established by the American Psychological Association or American Psychiatric

    Association specifically address the issues raised. These ethical standards require psychologists and psychiatrists to comply with the requirements of laws, regulations (including the requirements in section 73.56), or other governing legal authorities. Thus, the requirements set forth in this section do not deviate from the States' licensing requirements.

    In response to the second comment, the Commission disagrees that

    Sec. Sec. 73.56(e)(2) and (e)(4) are contradictory because Section 1.02 of ``Ethical Principle of Psychologists and Code of Conduct'' addresses this issue and states that, if a psychologist's ethical responsibilities conflict with law, regulations, or other governing legal authority, psychologists would have to take steps to resolve the conflict but must in any event adhere to the requirements of the law, regulations, or other governing legal authority.

    In response to the third comment regarding sufficient demonstrated ability of psychological tests to help in the trustworthiness and reliability determination, the Commission directed the commenter to the considerable bodies of research in this area and pointed out a long track record of intelligence and other agencies that have used the

    Minnesota Multiphasic Personality Inventory--2 (MMPI-2) as well as other personality tests for this purpose. Additionally, the Commission noted that a psychological assessment is only one of many access authorization program elements that licensees and applicants use for determining an individual's trustworthiness and reliability.

    However, agreeing in part with the last comment, the Commission revised proposed Sec. 73.56(e)(1) in the final rule to require psychologists or psychiatrists to be appropriately trained. Finally, the Commission is confident that the results of psychological testing, combined with the results of other access authorization program elements, will yield high assurance regarding an individual's trustworthiness and reliability.

    The commenters stated that proposed Sec. 73.56(e)(3) should be revised to allow psychiatrists or psychologists to establish predetermined thresholds appropriate to the test and the target population that would be applied in interpreting the results to identify whether an individual shall be interviewed under Sec. 73.56(e)(4)(i) of this section and interview the individual without administering the psychological test.

    However, another commenter stated that establishing predetermined thresholds for the psychological test is not sufficient for establishing consistency among these psychological assessments. That commenter stated that psychologists or psychiatrists who perform psychological assessments must be properly trained. The Commission agrees with the first comment and revised the final rule to state that psychiatrists or psychologists shall establish the predetermined thresholds for each scale to determine whether an individual shall be interviewed. The Commission notes that it is appropriate and consistent with current professional practice for psychiatrists or psychologists, rather than the industry, to establish these threshold levels. However, the Commission disagrees with the second comment because the established thresholds for each scale must be applied equally and fairly to all individuals subject to the psychological assessment requirement, so a psychiatrist or psychologist may not waive this requirement in favor of an interview. Finally, the Commission agrees in part with the last comment and revised Sec. 73.56(e)(1) to require that psychologists and psychiatrists be properly trained to ensure consistency among assessments.

    The Commission received comments that proposed Sec. 73.56(e)(5) would be too limiting and prescriptive in that it would make the reviewing official the focal point of a medical evaluation when licensees or applicants discover pertinent medical-related information about an individual who is being evaluated during an initial psychological assessment. One

    Page 13949

    commenter recommended that the Commission revise the proposed paragraph to avoid premature involvement of reviewing officials and therefore allow knowledgeable professionals to complete their evaluations and develop recommendations regarding the individual before involving the reviewing official. The Commission agrees with the commenters and revised the final rule to allow evaluation of the discovered medical information before reporting to the reviewing official.

    While developing a response to the comments received in item 11 above, the Commission added Sec. 73.56(e)(6) to address situations during a psychological reassessment where a psychologist or psychiatrist discovers any information, including a medical condition, that could adversely impact the fitness for duty, trustworthiness, or reliability of those individuals who are granted unescorted access or certified unescorted access authorization. The psychologist or psychiatrist must promptly inform the reviewing official, or the appropriate medical personnel, of this discovery to ensure that information is evaluated to determine that each person is trustworthy and reliable.

    Section 73.56(f), Behavioral Observation. The Commission received comments that proposed Sec. Sec. 73.56(f)(3) and (g) should be revised to allow individuals to report any concerns arising from a behavioral observation program or reportable legal actions to the reviewing official, the individual's supervisor or other management personnel designated in their site procedures. The Commission agrees. The

    Commission finds that individuals should be given options, with minimal restrictions, regarding to whom they can report any concerns that arise from a behavioral observation program or reportable legal actions by allowing an individual to report to the reviewing official, the individual's supervisor or other management personnel. However, if the recipient of the report is someone other than the reviewing official, that person must promptly convey the report to the reviewing official, who shall determine whether to maintain, administratively withdraw, or unfavorably terminate the reported individual's unescorted access or unescorted access authorization status.

    Section 73.56(h), Granting Unescorted Access and Certifying

    Unescorted Access Authorization. To increase clarity in the organizational structure of the requirements set forth in Sec. 73.56(h), the Commission reorganized Sec. Sec. 73.56(h)(1), (h)(2),

    (h)(8), (h)(9), and (h)(10) to (h)(5), (h)(6), (h)(1), (h)(2), and

    (h)(3), respectively, in the final rule. Additionally, the Commission incorporated proposed Sec. Sec. 73.56(h)(3), (h)(4), (h)(5), (h)(6), and (h)(7) into Sec. 73.56(h)(4). The NRC has added the last two sentences in Sec. 73.56(h)(4)(ii) to correct errors in proposed Sec. 73.56(h)(3), which incorrectly listed reinstatement requirements for those individuals who last held unescorted access or unescorted access authorization that was terminated under favorable conditions within the past 30 days.

    The Commission received two comments that proposed Sec. 73.56(h)(8), stipulating the determination basis, needs to be revised to allow licensees to deny unescorted access to an individual as soon as the reviewing official receives information that would warrant such a decision even if the reviewing official has at that point not acquired all the information required by proposed Sec. 73.56. The

    Commission agrees with the comment and revised Sec. 73.56(h)(1)(ii) to reduce unnecessary regulatory burden by providing licensees and applicants the flexibility to terminate the process upon receipt of disqualifying information.

    The Commission received two comments that proposed Sec. 73.56(h)(10) should be revised to require the initial access authorization process for assessing individuals who have been in an access-denied status and prevent licensees who possess derogatory information about individuals from allowing those individuals any access, whether unescorted or escorted, to their protected areas.

    The Commission agrees with the first comment and revised the final rule to delete reference to a re-instatement procedure by the licensee and to require that the initial access authorization process be used for adjudicating the access denied status consistent with current licensee practices. The Commission disagrees with the second comment.

    The Commission's unescorted access requirements do not contain specific prescriptive disqualifiers for access; nor does the Commission believe it is prudent to add any. Licensees are required by Sec. 73.56(h) to consider all of the information obtained in the background investigation as a whole in determining whether an individual is trustworthy and reliable before granting unescorted access. There is no particular piece of information that would automatically disqualify an individual from access. Furthermore, the commenter's suggestion that when licensees ``possess'' or ``come across'' such derogatory information the individual should be prevented from having any access is unworkable from a regulatory perspective. In order to avoid potential enforcement action, a licensee would be put in a position to conduct a full background investigation on an individual, which would undermine the entire purpose behind having the ability to escort visitors on site. The Commission does not see a basis to impose such a measure. The Commission has concluded that the requirements set forth in this section sufficiently address denial of unescorted access or unescorted access authorization based upon receipt of disqualifying information. The requirements for granting escorted access to visitors are sufficiently addressed in 10 CFR 73.55.

    Section 73.56(i), Maintaining Unescorted Access or Unescorted

    Access Authorization. The Commission received three comments that proposed Sec. 73.56(i)(1)(iv) should be revised. Commenters indicated that the Commission made improper reference to licensees' and applicants' Physical Security Plan for details about the Behavior

    Observation Program, should replace the term ``interview'' with the term ``review'' when referring to the ``annual supervisory review'' under which all individuals must undergo, and should use an ``annual'' supervisory review period rather than the phrase ``nominal 12 months.''

    The Commission agrees with the first comment and revised the final rule to replace reference to the Physical Security Plan with reference to a licensee's Behavior Observation Program because details about the

    Behavior Observation Program, such as the annual supervisory review, are not found in the Physical Security Plan but rather in the licensee's Behavior Observation Program documents. The Commission agrees in part with the second comment regarding the use of the annual supervisory review or interview, when applicable. All individuals must be subject to an annual supervisory review, and the Commission added the requirement that an individual be subject to a supervisory interview if his/her supervisor has not had frequent interaction with and observation of the individual throughout the review period. The

    Commission notes that not all supervisors have sufficient information about all of their employees due to current workforce practices and trends making close interaction between supervisors and their employees less common and difficult to achieve. Therefore, the Commission added the interview requirement to ensure that supervisors have an adequate basis to

    Page 13950

    make an informed and reasoned opinion regarding an individual's behavior, trustworthiness, and reliability. Finally, the Commission agrees that the term ``annual'' should be used instead of ``nominal 12- month'' supervisor review as ``annual'' is the established component of industry practice.

    The Commission received comments that the 5-year psychological reassessment requirements for individuals who are granted unescorted access or certified unescorted authorization in the proposed Sec. 73.56(i)(1)(v)(A) deviates from current practice and imposes significant cost to the licensee with minimal benefits. The Commission agrees in part regarding the proposed 5-year psychological reassessments. The Commission agrees that requiring a psychological re- evaluation as part of the 5-year review for all individuals maintaining unescorted access or unescorted access authorization status will add significant and unnecessary costs, deviates from pre-existing requirements, and provides minimal benefits. Therefore, the Commission revised the final rule to limit the group of individuals who are subjected to 5-year psychological reassessments to those individuals who perform the job functions described in Sec. 73.56(i)(1)(v)(B). The

    Commission believes these individuals should have a re-assessment on a periodic basis.

    The Commission received comments that the requirement set forth in proposed Sec. 73.56(i)(1)(v)(B), requiring the reviewing official to complete an evaluation of the criminal history update, credit history re-evaluation, psychological re-assessment, and the supervisory review within 30 calendar days of initiating any one of these elements, deviates from current practice as industry does not conduct these evaluations concurrently. The Commission agrees in part with the comment and revised Sec. 73.56(i)(1)(v)(C) in the final rule to state that only the credit history review and the criminal history review are to be completed within 30 calendar days of each other to be consistent with current industry practice. Because the purpose of the re- evaluation is to provide a re-assessment based on a collective review of data at a point in time and because a credit history review and a criminal history review can be completed collectively within a small number of days, the Commission has retained this 30 calendar day requirement.

    Section 73.56(k), Background Screeners. The Commission received comments that Sec. 73.56(k)(2)(ii), regarding criminal history checks for access authorization program screening personnel, should be revised to allow licensees and applicants to use the criminal history check required by proposed Sec. 73.56(d)(7) in lieu of a local criminal history review. The Commission agrees with the comments and revised the proposed rule text in the final rule to allow the flexibility of using either criminal history check process for individuals who are subject to the requirement because of a need for unescorted access or unescorted access authorization.

    Section 73.56(m), Protection of Information. The Commission received comments that proposed Sec. 73.56(m)(3), pertaining to providing information on denial or unfavorable termination of access determinations to authorized personnel, did not describe a means for licensees (1) to verify whether a representative who requests the reasons for denying its client's unescorted access is legitimate and

    (2) to protect the sources of the derogatory information. The

    Commission agrees with the received comments and revised Sec. 73.56(m)(2) of the final rule to specify that representatives must be designated by the individual in writing and that personal privacy information, including information pertaining to the source, may be redacted. The Commission concluded that these requirements are necessary to provide the regulatory framework to ensure the protection of personal information.

    Section 73.56(n), Audits and Corrective Action. The Commission received comments that proposed Sec. 73.56(n)(5), which would have required the audit team to include a person who is knowledgeable and practiced with meeting access authorization program performance objectives, is not appropriate for contractors or vendors. The commenters stated that the contractor or vendor audit team may not have such a person who is knowledgeable of and practiced with meeting authorization program performance objectives and requirements. The

    Commission disagrees. This requirement applies to licensees and applicants who are responsible for meeting the requirements of this section. The rule requires that licensees and applicants will perform audits of their access authorization program to include those program elements that are provided by contractors and vendors.

    The Commission received comments on proposed Sec. 73.56(n)(6) that it would not be consistent with appendix B to 10 CFR part 50 of this chapter, regarding who should receive the audit report. The Commission agrees and revised the final rule Sec. 73.56(n)(6) to require that audit results be provided to senior management having responsibility in the area audited and to management responsible for the access authorization program to ensure proper disposition and oversight of issues identified during the conduct of audits.

  15. Section 73.58, Safety/Security Interface Requirements for Nuclear

    Power Reactors

    The Commission did not make substantial changes to the final rule requirements for Sec. 73.58. In response to comments, the Commission clarified the supporting section-by-section analysis for Sec. 73.58.

    The principal concern expressed by stakeholders was that the proposed

    Sec. 73.58 provisions appeared to require implementation of broad new programmatic requirements, and that it did not appear that the NRC had sufficiently credited existing Commission required programs. It is not the intent of this new requirement to impose new programmatic requirements on licensees. If current programs and procedures are in place to enable the safety/security interface to be assessed and managed, the Commission expects that licensees would make maximum use of such programs. The Commission does not believe it is necessary to credit these existing programs in the rule. Instead, it intends to address the crediting of existing programs in supporting regulatory guidance. In response to public comment that expressed confusion as to the Commission's basis for imposing the new Sec. 73.58 requirements, the Commission clarified the final rule section-by-section analysis for

    Sec. 73.58 to indicate that the new requirement is being added to part 73 as a cost-justified, substantial, safety enhancement per Sec. 50.109(a)(3) and in response to PRM-50-80.

  16. Appendix B to Part 73, General Criteria for Security Personnel

    The Commission received comments on the proposed title of appendix

    B, section VI, which indicated that the title did not specify the applicability of this appendix to security personnel. The Commission agrees. The title of section VI of this appendix is revised to

    ``Nuclear Power Reactor Training and Qualification Plan for Personnel

    Performing Security Program Duties'' in the final rule to reflect the members of the security organization and other facility personnel that may be trained and qualified to perform security-related duties at an

    NRC-licensed nuclear power reactor facility.

    Appendix B, Section VI.A.I. The Commission received comments on this

    Page 13951

    paragraph that stated the proposed requirement could be broadly interpreted to apply to many varied licensee positions. The Commission agrees. The final rule is revised to clarify that the intent of this requirement is to ensure that all individuals who perform physical protection and/or contingency response duties within the security program meet the minimum training and qualification requirements for their assigned duties as specified within this appendix and the

    Commission-approved training and qualification plan. The word

    ``individuals'' is used to capture members of the security organization as well as those facility personnel who are assigned to perform physical protection and/or contingency response duties within the security program. Facility personnel performing physical protection duties such as vehicle escort and materials search are included in the context of this paragraph and the paragraphs throughout this appendix where the word ``individuals'' is used, and is not preceded or followed by phrasing that specifically identifies members of the security organization. Facility personnel performing physical protection duties need only meet the minimum training and qualification requirements for the specific duty assigned in accordance with this appendix and the

    Commission-approved training and qualification plan. Where requirements of this appendix specifically apply to members of the security organization, the language explicitly identifies this applicability.

    Appendix B, Section VI.A.3. The language in this paragraph, and paragraphs B.2.a(2), B.2.a(4), B.3.c, B.5.a, B.5.b, D.1.a, D.2.a, is revised from ``members of the security organization'' to

    ``individuals.'' This revision is necessary to include facility personnel who are not members of the security organization but have been trained and qualified in accordance with this appendix and the

    Commission-approved training and qualification plan and who are assigned to perform physical protection duties such as vehicle escort or material search.

    Appendix B, Section VI.B.1.a(3). The language in this paragraph is revised to remove the phrase ``an unarmed individual assigned to the security organization'' as the applicability of this requirement is previously specified in section B.1.a.

    Appendix B, Section VI.B.1.a(4). During development of the final regulations implementing the firearms background checks required under section 161A of the AEA (42 U.S.C. 2201a), the Commission recognized that the proposed suitability requirements for security personnel found in appendix B to part 73, criteria VI.B.1, were not inclusive of the list of disqualifying criteria found under the Gun Control Act of 1968

    (GCA) (see 18 U.S.C. 922(g) and (n)). The GCA mandates that it is unlawful for individuals who meet these disqualifying criteria to possess firearms or ammunition. During development of the guidelines required by section 161A of the EPAct (discussed previously in section

    I.D.(a)), the NRC discussed this issue with the U.S. Bureau of Alcohol,

    Tobacco, Firearms, and Explosive (ATF) which has responsibility for regulatory oversight of this statute. The ATF's relevant regulation on these provisions is found in 27 CFR 478.32.

    During these discussions, ATF advised the NRC that it interprets

    ``any person'' under 18 U.S.C. 922(d) very broadly and that the prohibition under this paragraph would apply to NRC licensees and certificate holders. Furthermore, the ATF indicated that this prohibition would apply to typical licensee or certificate holder security practices involving the temporary possession of firearms and ammunition. For example, instances in which a licensee issues firearms and ammunition to a security officer at the beginning of the officer's duty shift and the officer then returns the firearms and ammunition to the licensee at the end of the officer's duty shift would fall under the restrictions of 18 U.S.C. 922(d).

    Consequently, the Commission has revised the language in Criteria

    VI.B.1 to remind licensees of their obligation to comply with this statutory requirement by adding a criterion to the licensee's employment suitability program for armed security officers. However, to account for the possibility that the law may change, or future laws may be enacted affecting this obligation, the final rule is written generically to maintain flexibility and reduce the potential need to revise this requirement in future rulemakings. The Commission is not imposing additional investigatory requirements on licensees. The

    Commission's intent is for licensees to consider information collected as a result of the individual's background investigation for identification of GCA disqualifying criteria.

    In the proposed rule the Commission had set forth proposed requirements for a firearms background check under Sec. 73.18.

    However, and as discussed elsewhere in this document, the Commission is separating the provisions implementing section 161A of the EPAct 2005, into a separate rulemaking and intends to relocate the firearms background check provisions to Sec. 73.19. Consequently, because that rule may not be issued before this rule or because a licensee may not otherwise be subject to the firearms background check requirement, this rule permits a licensee to satisfy the firearms background check requirement by comparing information obtained during their access authorization background investigation process with the disqualifying criteria under the GCA to evaluate whether an individual could be prohibited from possessing firearms and ammunition. The Commission notes that a final determination on whether an individual is, or is not, disqualified from possessing firearms and ammunition can be made via a Federal firearms background check or an applicable State firearms check. Furthermore, because this same issue also exists in criteria

    I.A.1 of appendix B for armed security personnel at other classes of

    NRC licensees and NRC certificate holders, the NRC also is making a conforming change in criteria I.A.1 of this appendix similar to that made to criteria VI.B.1 of this appendix.

    Appendix B, Section VI.B.1.b. The Commission received comments on this proposed paragraph that stated this blanket addition of having a qualified training instructor document the qualifications of individuals assigned to perform physical protection and/or contingency response duties will create a huge administrative burden and add additional cost as processes overseen by other organizations (such as medical) would now require administration by a qualified training instructor. The NRC disagrees with this comment. The intent of this requirement is for the qualified training instructor to be responsible for the final documentation of each security critical task qualification as outlined in the Commission-approved training and qualification plan that is performed by individuals who are assigned physical protection and/or contingency response duties within the security program.

    Appendix B, Section VI.B.2.a(1). The Commission received a comment recommending that the phrase ``of assigned security job duties and responsibilities'' be added to the end of this provision in the final rule to allow the use of personnel in a limited duty position. The

    Commission agrees, and this paragraph is revised in the final rule to add the phrase ``of assigned security duties and responsibilities'' to the end of this provision to enable members of the security organization who are medically disqualified from performing contingency response duties

    Page 13952

    or specific physical protection duties for a period of time to perform other physical protection duties that would not be affected by the medical disqualification.

    Appendix B, Section VI.B.2.a(4). The Commission received comments on this proposed paragraph requesting further clarification as it appears that this requirement for armed and unarmed individuals who are assigned security duties and responsibilities identified in Commission- approved security plans and licensee protective strategy and implementing procedures (to meet the minimum physical requirements identified in this appendix) is more stringent than the existing requirement. The commenter specifically expressed the concern that personnel performing in day-to-day security operations but having little to no responsibility in an actual response to contingency events should not be required to meet an increased physical standard. The

    Commission disagrees with this comment. The physical standards associated with this requirement are identified in paragraphs B.2.b through B.2.f of this appendix within the final rule and reflect the basic physical requirements to ensure that an individual possesses the standard acuity levels associated with vision and hearing and that the individual does not have a medical condition that is detrimental to the individual's health or the performance of assigned duties. The standards identified in paragraphs B.2.b through B.2.f are applicable to all individuals who are assigned to perform physical protection and/ or contingency response duties within the security program to include non-security organization personnel assigned to perform physical protection duties such as vehicle escort or material search.

    Appendix B, Section VI.B.4.a. The Commission received comments on this proposed paragraph which stated that this requirement for armed members of the security organization to be subject to a medical examination before participating in the physical fitness test is redundant to the requirement of paragraph B.2.a(2). The NRC agrees in part. The physical examination discussed in paragraph B.2.a(2) of this appendix may be used to fulfill this requirement. The rule requires that an individual's current health status be verified before engaging in the physical fitness test and that there is no existing medical condition that would be detrimental to the individual's health when placed under the physical stress induced by the physical fitness test.

    Scheduling the physical fitness test for each armed individual as soon as possible after the date of the physical examination required by paragraph B.2.a(2) provides the verification of the individual's current health status minimizes the possibility of the individual incurring a medical condition from the time of examination to the time that the physical fitness test is administered.

    Appendix B, Section VI.B.4.b(4). The Commission received comments that this proposed requirement for a qualified training instructor to document the physical fitness qualifications of the armed members of the security organization should allow for the use of a trained medical professional to attest to the physical fitness qualification. The

    Commission disagrees with the comment. The licensed medical professional is required to conduct the medical examination before the physical fitness test being administered. The purpose of the examination is to verify that the individual's current health status is sufficient to engage in the physical exertion of the test without being detrimental to the individual's health. The licensed medical professional provides a certification of the individual's health before the test but is neither required to administer the physical fitness test nor to document or attest to the successful completion of the test. The rule requires that a qualified training instructor documents the successful completion of the physical fitness test in the individual's training record and that the documentation of the completed requirement be attested to by a security supervisor. The physical fitness test is a performance-based test that is designed to demonstrate an individual's physical ability to perform assigned security duties during a contingency event. The test consists of performing physical activities associated with contingency response duties that replicate site specific conditions that would be encountered in the contingency response environment.

    Appendix B, Section VI.C.2. The Commission received comments requesting clarification of the scope of the on-the-job training requirements. The Commission agrees that the scope of this requirement should be clarified and has revised this paragraph to describe the implementation of on-the-job training. The requirement for on-the-job training is added to ensure that individuals assigned duties to implement the physical security plan and safeguards contingency plan possess practical hands-on knowledge, skills and abilities needed to perform their assigned duties. Beyond the on-the-job training for daily security program duties, the Commission requires an additional 40 hours of on-the-job training specific to response to contingency events. The rule requires that individuals (e.g. response team leaders, alarm station operators, armed responders, and armed security officers designated as a component of the protective strategy) assigned duties and responsibilities to implement the safeguards contingency plan complete a minimum of 40 hours of on-the-job training specifically related to the licensee's protective strategy to demonstrate their ability to apply the knowledge, skills, and abilities required to effectively perform assigned contingency duties and responsibilities before assuming those duties.

    Appendix B, Section VI.C.3. The Commission received various comments requesting the relocation of the performance evaluation program requirements from the proposed part 73, appendix C, section II to part 73, appendix B, section VI. The Commission agrees, and the final rule is revised to include the performance evaluation program requirements that were contained in the proposed part 73, appendix C, section II.

    Due to the merging of requirements within this section of this appendix, many requirements have changed location and are renumbered.

    The following proposed rule paragraphs are removed from the performance evaluation program: the paragraph formerly identified as appendix C, section II.(l)(6)(iv): ``Licensees shall ensure that scenarios used for required drills and exercises are not repeated within any twelve (12) month period for drills and three (3) years for exercises,'' is removed to provide licensees the flexibility to repeat scenarios in conducting tactical response drills and force-on-force exercises. The paragraph formerly identified as appendix B, section VI, C.3.b(2): ``Tabletop exercises may be used to supplement tactical response drills and support force-on-force exercises to accomplish desired training goals and objectives,'' is more appropriate for regulatory guidance, therefore, is removed from this appendix.

    The paragraph formerly identified as appendix C, paragraph (l)(5), stating that ``members of the mock adversary force used for NRC- observed exercises shall be independent of both the security program management and personnel who have direct responsibility for implementation of the security program, including contractors, to avoid the possibility for a conflict of interest'' has been deleted. As noted in the statements

    Page 13953

    of consideration to the proposed rule, the intent of adding this provision to the rule was to address Section 651 of the EPAct 2005. (71

    FR 62837) However, as noted above, the NRC does not normally subject itself to its own regulatory requirements codified in the Code of

    Federal Regulations. Section 651 imposes an obligation on the NRC to implement the requirements of Section 651, which it has done. Licensees are not responsible for this requirement. In light of this, the

    Commission has determined that removing this provision from the final rule is necessary and is therefore deleted.

    Appendix B, Section VI.C.3(a). The Commission received a comment on this paragraph that stated that the requirements in appendix B, section

    VI, C.3 do not address Section 651 of the EPAct 2005, which requires that not less often than once every 3 years, the Commission shall conduct security evaluations (to include force-on-force exercises) at each licensed facility that is part of a class of licensed facilities, as the Commission considers to be appropriate, to assess the ability of a private security force of a licensed facility to defend against any applicable design basis threat. Additionally, the commenter stated that this paragraph is not consistent with the current regulations, specifically Sec. 73.46(b)(9) for Category I fuel cycle facilities which clearly states the requirement for a Commission role in the force-on-force exercise program. The Commission disagrees. Although the

    Commission has the discretion to issue regulations that govern its own practices (e.g. 10 CFR part 2), the Commission is not required to reflect a requirement in the form of its own regulations. If the NRC were required to implement an obligation in a particular way in a regulation, then direction would come from Congress in the authorizing statute. Unlike some other provisions of the EPAct 2005 (see, e.g.,

    Section 170E requiring the NRC to conduct a rulemaking to revise the design basis threat), the EPAct 2005 did not require the Commission to implement the requirements of Section 651 by any particular method. In light of this, the Commission has the discretion to implement its statutory obligations as it sees fit.

    The commenter references paragraph Sec. 73.46(b)(9) (regarding force-on-force exercises for Category I strategic special nuclear material (SSNM) fuel cycle facilities) as an example of a regulation that imposes an obligation on the NRC to conduct force-on-force evaluations, and the commenter argues that the power reactor regulations should take a consistent approach. Section 73.46(b)(9), however, does not reflect the proposition claimed by the commenter.

    This provision requires that, during each 12-month period commencing on the anniversary of the date specified in Sec. 73.46(i)(2)(ii) of this section, an exercise must be carried out at least every 4 months for each shift, one third of which are to be force-on-force and that during each of the 12-month periods, the NRC shall observe one of the force- on-force exercises. Thus, the regulation imposes an obligation on the licensee to organize and conduct a force-on-force exercise to meet the requirement and for the licensee to coordinate with the NRC who would

    ``observe'' one of those exercises. In contrast, the NRC is responsible for the conduct of force-on-force exercises for power reactor licenses mandated by Section 651 of the EPAct 2005. That this requirement is not specifically reflected in a regulation is therefore not inconsistent with the requirements of Sec. 73.46 and is consistent with the agency's long-established practices.

    The Commission notes, however, that it has strictly complied with the requirements of Section 651. Since the enactment of Section 651, which added Section 170D of the AEA, the NRC has conducted over 80 force-on-force inspections at nuclear power plants. In addition, the

    NRC has submitted three annual reports to Congress describing the results of its security inspections, as required by Section 170D.e of the AEA. (See, e.g., the Commission's second annual report to Congress, available at http://www.nrc.gov/security/2006-report-to-congress.pdf).

    The Commission is, therefore, in full compliance with Section 170D of the AEA and does not see the need to codify requirements to impose an obligation on itself to meet this obligation.

    Appendix B, Section VI.C.3.b. This proposed paragraph is revised to reflect the overall program scope that is the basis for its design, and the content of the necessary implementing procedures to conduct tactical response drills and force-on-force exercises. The periodicity requirement for the conduct of tactical response drills and force-on- force exercises is removed from this paragraph as it is specified in paragraph C.3.l(1) of this appendix.

    Appendix B, Section VI.C.3.c. A commenter stated this section does not comply with the EPAct 2005 because this section does not state whether these exercises will be evaluated by NRC or even if the results of the drills will be required to be submitted to the NRC. As noted earlier, the Commission does not agree that it is appropriate to place a requirement on the NRC in this rule text. This proposed requirement

    (formerly paragraph C.3.b of this appendix) is renumbered and moved to the performance evaluation program section of this appendix. The text within this paragraph, as well as all of the other paragraphs within this appendix that include the specific text of ``tactical response team drills and exercises,'' has been changed to ``tactical response drills and force-on-force exercises'' for accuracy and consistency of language.

    Appendix B, Section VI.C.3.d. The proposed paragraph C.3.b(1) was renumbered and moved to the performance evaluation program section of this appendix. The Commission received comments that stated that, in the context of this paragraph, the rule language should focus on the scope of drills and exercises and not solely on the performance of individual participants. The Commission agrees and the final rule text was revised to address both the scope of conducting tactical response drills and force-on-force exercises as well as the importance of individual performance by the members of the security response organization.

    Appendix B, Section VI.D.1.b. The Commission received comments which requested that this paragraph, pertaining to the annual written exam and performance demonstrations, be revised to be consistent with the current regulatory requirements. The Commission also received a comment recommending that the requirement for the annual written exam be relocated to paragraph F.7 of this appendix as it applies to armed security officers. The Commission agrees in part and has revised the requirement by replacing the phrase ``annual written exam'' with the phrase ``written exams'' to cover all written exams that may be administered to armed and unarmed individuals to demonstrate their proficiency. The requirement for the annual written exam is now addressed in paragraph D.1.b(3) and identifies the specific applicability of the annual written exam to armed members of the security organization.

    Appendix B, Section VI.D.1.b(3). This paragraph is added to provide clarification on the specific applicability of the requirement for an annual written exam to be administered to armed members of the security organization.

    Appendix B, Section VI.E.1.d. The Commission received comments requesting that the list of prescribed proficiency standards be revised so that it remains consistent with the standards outlined in the April 2003 training and qualification order (EA-03-039). The

    Page 13954

    Commission disagrees that a revision is necessary. Most of the elements in this requirement are retained from the pre-existing rule and reflect new elements that had been imposed by Commission orders. The additional items listed were not intended to be bound solely by the elements contained in the pre-existing list of order EA-03-039. The additions to the list reflect the Commission's expectation for training and the experience gained through nearly 30 years of security program inspections and observations. It is the Commission's view that these proficiency standards represent the minimal common firearms practices that must be followed to ensure the safe handling, operation, and appropriate training and qualification is achieved for weapons employed by a licensee. Nonetheless, this requirement has been revised to reflect accurate language consistent to what is used in the firearms community for the performance elements identified.

    Appendix B, Section VI.F.1.c. The Commission received comments that recommended deleting the proposed requirement for individuals to be requalified annually as it is duplicative of the requirement stated in paragraph F.5 (proposed rule paragraph F.6). The Commission agrees and this requirement is removed in the final rule.

    Appendix B, Section VI.F.2. The proposed rule paragraph F.2 is removed as the requirements for firearms qualification courses are clearly identified in paragraphs F.2, F.3, and F.4 (proposed rule paragraphs F.3, F.4, and F.5) of this appendix.

    Appendix B, Section VI.F.3.a. This requirement has been renumbered due to the removal of other requirements under this paragraph. The

    Commission received comments on proposed rule paragraph F.4.a stating that the requirement for daytime shotgun proficiency has increased by 20 percent above the current requirement with no rationale provided.

    The Commission disagrees. The shotgun qualification score was upgraded from 50 percent in the current rule to a score of 70 percent to demonstrate an acceptable level of proficiency which is now reflected in this appendix. The Commission found 70 percent to be a professionally accepted minimum qualification score for daytime shotgun proficiency in the firearms training community (local, State, and

    Federal law enforcement, National Rifle Association (NRA),

    International Association of Law Enforcement Firearms Instructors

    (IALEFI), etc.).

    Appendix B, Section VI.F.3.b. This requirement has been renumbered from proposed rule paragraph F.4.b due to the removal of other requirements under this paragraph. The Commission received comments that stated nighttime shotgun proficiency has increased by 20 percent above the current requirement with no rationale provided. The

    Commission disagrees. The Commission found 70 percent to be a professionally accepted minimum qualification score for nighttime shotgun proficiency in the firearms training community (local, State, and Federal law enforcement, NRA, IALEFI, etc.). The ``night fire'' requirement is upgraded from being an element of familiarization fire in the current rule to a qualification requirement in the final rule.

    This upgrade is necessary to ensure armed members of the security organization possess and maintain a standard level of proficiency during nighttime conditions. A score of 70 percent for handgun and shotgun and 80 percent for the semi-automatic rifle and/or machine gun must be achieved to demonstrate an acceptable level of proficiency.

    Appendix B, Section VI.F.5. The NRC received comments on proposed rule paragraphs F.5.a(2), F.5.b(2), F.5.c(2), and F.5.d(2) that recommended deleting these requirements as they are duplicative of the requirements in paragraphs F.3.a, b, and c (formerly paragraphs F.4.a, b, and c). The Commission agrees that these requirements are duplicative and has therefore removed them from the final rule. The minimum qualification score for these weapons are stated in the re- numbered paragraphs F.3.a and F.3.b of this appendix.

    Appendix B, Section VI.F.5.a. The Commission received a comment on proposed rule paragraph F.6.a that recommended adding the phrase ``and the results documented and retained as a record'' to the end of the provision. The Commission agrees and this requirement is revised to include the recommended phrase. The rule requires licensees to document the successful completion of qualifications for each weapon system fired and that records of qualifications be maintained.

    Appendix B, Section VI.G.2.b. The Commission received a comment stating that the rule should not require that security officers carry body armor with them but rather that body armor be readily available should the security officers choose to wear it. The commenter also noted that every security officer is already required to have access to body armor. The commenter, therefore, suggested that the rule be revised to permit the pre-staging of body armor at assigned response positions as appropriate. The commenter also noted that duress alarms are not personal equipment required for security officers and should not be listed as such. The Commission agrees with the commenter and has revised this paragraph in the final rule to clarify the specific applicability of the required equipment listing to those armed security personnel who are responsible for the implementation of the safeguards contingency plan, protective strategy, and associated implementing procedures. This revision permits a licensee to pre-stage equipment

    (such as body armor) at designated locations consistent with their protective strategy. The required equipment listing under this paragraph is also revised to remove ``(4) Duress alarms'' as this piece of equipment is not personal equipment associated with the specific duties of armed security personnel. It is added, however, to paragraph

    G.2.c as an optional piece of equipment that may be made available for use in accordance with the protective strategy and implementing procedures.

    Appendix B, Section VI.G.2.c. The Commission received a comment that the listing of personal equipment should not prescriptively identify particular pieces of equipment as either optional or required but rather the rule should permit licensees to designate required personal equipment based on individual protective strategy requirements. The commenter recommended that the term ``as appropriate'' be inserted after the text ``should provide'' within the paragraph. The Commission agrees in part, and this paragraph is revised in the final rule to include the recommended phrase to further clarify the suggested employment and distribution of the identified equipment that should be provided in accordance with licensee policy and implementing procedures. The equipment listing under this paragraph is revised to include ``duress alarms'' as the equipment identified in this listing is based upon what may be deemed by the licensee as appropriate to fulfill specific physical protection and/or contingency response duties as well as provide enhanced capabilities to the security organization during day-to-day security operations and contingency events.

    Appendix B, Section VI.G.3.a. The NRC received a comment that the requirement for armorer certification is new and not well-defined by the proposed rule. The commenter believes that the requirement that the armorer be certified is unnecessary because it limits licensee flexibility to use experienced but uncertified personnel. The

    Commission disagrees. The rule requires that only those individuals who are

    Page 13955

    certified by the weapons manufacturer or a contractor working on behalf of the manufacturer shall be used to perform maintenance and repair of licensee firearms. Licensees may use a manufacturer's armorer and certification process or use a contractor certified by the manufacturer as an armorer to perform maintenance and repair of licensee firearms.

    The proposed language of this requirement is maintained in the final rule text.

  17. Appendix C to Part 73, Licensee Safeguards Contingency Plans

    General. The Commission received comments on this appendix that the proposed changes would expand focus of the safeguards contingency plan

    (SCP) by requiring specifics on non-security response efforts to prevent significant core damage. In addition, the commenters stated that the level of detail that would be required in the SCP would be inappropriately increased. The Commission agrees in part. It is the

    Commission's intent that licensee's SCP focus on the predetermined actions of the site security force, and the final rule has been revised to clarify this focus. The intent is not to incorporate other site emergency plans into the SCP but to ensure that the licensee has considered these other plans to avoid potential conflict. To accomplish this, the NRC retained rule language in a format similar to the current regulation, included requirements similar to those that had been imposed by the Commission orders, reorganized the requirements, and modified the language for a more concise understanding.

    Appendix C, Section II.B Contents of the Plan. The Commission received comments that the proposed appendix C inappropriately included a licensee's entire integrated response for all postulated events including those beyond the DBT. The commenters were also concerned that portions of these requirements were not security related and, therefore, should not be included in the security rule. The Commission agrees in part with these comments and has revised the final rule accordingly. Appendix C, section II has been revised to more clearly reflect what the Commission expects to be included in a licensee's SCP.

    The following proposed rule categories of information have been moved to the licensee's planning basis: (5) ``Primary Security Functions,''

    (6) ``Response Capabilities,'' and (7) ``Protective Strategy.''

    The proposed rule category of information (8) ``Integrated Response

    Plan'' is also removed from this appendix. The requirements associated with this paragraph have been removed, modified, and/or relocated to other applicable areas within this appendix to reduce confusion related to the redundancy and duplication of information. In addition, the proposed rule category of information (9) ``Threat Warning System'' is removed from this appendix and included in 10 CFR 73.55(k)(10). The proposed rule category of information (9) requirement regarding

    `imminent threat' is relocated to new 10 CFR 50.54(hh)(1).

    The Commission received comments that the requirements of the performance evaluation program be moved to part 73, appendix B. As explained earlier, the Commission agrees. The proposed rule category of information (10) ``Performance Evaluation Program'' is removed from this appendix in its entirety and has been incorporated in part 73, appendix B, as these requirements describe the development and implementation of a training program for the security force in response to contingency events.

    IV. Section-by-Section Analysis

  18. Introduction

    The purpose of this section is to identify what sections are being affected by this final rulemaking and to provide explanations of the purpose, scope, and intent of each section.

  19. Section 50.34, Contents of Construction Permit and Operating License

    Applications; Technical Information

    Paragraph (c) of Sec. 50.34 is revised to require applicants for an operating license to submit a training and qualification plan (in accordance with appendix B to part 73) and a cyber security plan (in accordance with the criteria in Sec. 73.54). These plans are in addition to the licensee's physical security plan. Paragraph (c) is revised such that the submittal requirements for applicants for licenses that are subject to Sec. Sec. 73.50 and 73.60 remain unchanged.

    Paragraph (d) of Sec. 50.34 is revised to require applicants for an operating license to submit a safeguards contingency plan in accordance with section II of appendix C to part 73. Section II of appendix C is revised to contain the requirements limited to power reactor licensees. Additionally, paragraph (d) is revised so that the safeguards contingency plan submittal requirements for applicants for licenses that are subject to Sec. Sec. 73.50 and 73.60 remain unchanged by requiring that these applicants follow section I of appendix C to part 73.

    Paragraph (e) of Sec. 50.34 is revised to require the cyber security plan, which is a new plan required by this rulemaking and which contains Safeguards Information, to be protected against unauthorized disclosure consistent with Sec. 73.21.

    Paragraph (i) is added to Sec. 50.34 to require submittal of a description and plans for implementation of the guidance and strategies intended to maintain or restore core cooling, containment, and spent fuel pool cooling capabilities under the circumstances associated with the loss of large areas of the plant due to explosions or fire as required by Sec. 50.54(hh)(2). Regarding the requirements of Sec. 50.54(hh)(2), the NRC views the mitigative strategies as similar to those operational programs for which a description of the program is provided as part of the license application and that will be implemented before plant operation. The Commission plans to review the program description provided in the application as part of the licensing process and perform subsequent inspections of procedures and plant hardware to verify implementation. Because the Commission finds that the most effective approach is for the mitigative strategies, at least at the programmatic level, to be developed before construction and reviewed and approved during licensing, a requirement for information has been added to Sec. Sec. 50.34 and 52.80.

  20. Section 50.54, Conditions of Licenses

    Section 50.54(p)(1) is revised to add the cyber security plan to the list of plans for which the plan changes need to be controlled by

    Sec. 50.54(p).

  21. Section 50.54(hh), Mitigative Strategies and Response Procedures for

    Potential or Actual Aircraft Attacks

    The mitigative strategies and response procedure requirements for potential or actual aircraft attacks are located in new Sec. 50.54(hh) so that these requirements are a condition of an operating or combined license. This approach was chosen to ensure consistency with the method by which the 2002 ICM order B.5.b mitigative strategies requirements have been implemented for currently operating reactors. (See Orders

    Modifying Licenses, 71 FR 36554; June 27, 2006).

    Section 50.54(hh)(1) establishes the necessary regulatory framework and clarifies current expectations to facilitate consistent application of Commission requirements for preparatory actions to be taken in the event of a potential aircraft threat to a

    Page 13956

    nuclear power reactor facility. Because aircraft threats are significant, rapidly evolving events and because licensees may only receive threat notifications a short time before potential onsite impacts, the NRC has determined that it is not prudent for licensees to attempt to identify and accomplish ad hoc mitigative actions in the midst of such circumstances and employing a reactive approach would significantly limit the effectiveness of onsite and offsite responses.

    To cope effectively with potential aircraft threats, the rule requires licensees to develop specific procedures, whether in a single procedure or among several procedures, that describe the pre-identified actions licensees intend to take when they are provided with pre-event notification. These pre-event preparations provide the most effective responses possible to aircraft threats and demonstrate systematic onsite and offsite planning, coordination, communication, and testing.

    To the extent possible, the rule requires licensees to develop, implement, and maintain procedures for verifying the authenticity of aircraft threat notifications to avoid taking actions in response to hoaxes that may adversely impact licensees or the health and safety of the public. Depending on the source of a threat notification, licensees may or may not be able to establish contact with appropriate entities to confirm the accuracy of the threat information received.

    Consequently, if the threat information is not received from the NRC

    Headquarters Operations Center, licensees are required to at least contact the NRC Headquarters Operations Center for assistance with verifying callers' identities or the veracity of threat information.

    The national protocol for dealing with aircraft threats is designed to be proactive with respect to threat identifications and notifications. However, threat information sources may not be able to identify specific targets, and given the dynamic nature of potential aircraft threats, any associated notifications to licensees may necessarily be reactive in nature. Additionally, licensees must rely on sources which are external to their control rooms for potential aircraft threat notifications and updates when available. As a result, the rule requires licensees to develop, implement, and maintain procedures for the maintenance of continuous communication with threat notification sources because it is imperative that licensees establish and maintain this capability throughout the duration of the pre-event notification period. With such a capability, licensees will be able to receive accurate and timely threat information upon which to base decisions concerning the most effective actions that need to be taken.

    For example, licensees would be aware that they may be able to cease mitigative actions if it is determined a threat no longer exists, or licensees may accelerate their protective actions if the threat notification sources relate the aircraft may impact sooner than originally projected. The local, regional or national FAA offices;

    NORAD; law enforcement organizations; and the NRC Headquarters

    Operations Center are examples of threat notification sources with which licensees would be required to maintain a continuous communication capability. If a licensee encounters a situation where multiple entities are providing the same threat information (e.g., FAA,

    NORAD and NRC Headquarters Operations Center), the licensee would only be required to maintain continuous communication with the NRC

    Headquarters Operations Center. The goal is to communicate pertinent information to licensees and not to unnecessarily burden their personnel with redundant requirements.

    The rule also requires that licensees develop, implement, and maintain procedures for contacting all onsite personnel and appropriate offsite response organizations (e.g., fire departments, ambulance services, emergency operations centers) in a timely manner following the receipt of potential aircraft threat notifications. These notifications ensure that onsite personnel have as much time as possible to execute established procedures and provide offsite response organizations the opportunity to perform the following:

    Initiate, where possible, mutual aid assistance agreements based on the perceived threat;

    Commence the near-site mustering of offsite fire-fighting and medical assistance for sites where these organizations are not proximately located; or

    Mobilize personnel for volunteer organizations or hospital staffs when appropriate.

    Licensees are expected to provide periodic updates to offsite response organizations during the pre-event notification period as appropriate. During the pre-event notification period, the rule requires licensees to develop procedures to continuously assess plant conditions and take effective actions to mitigate the consequences of an aircraft impact. Examples include maximizing makeup water source inventories, isolating appropriate plant areas and systems, ceasing fuel-handling operations and equipment testing, starting appropriate electrical generation equipment, and charging fire-service piping headers. By taking these actions, licensees can better posture their sites to minimize the potential public health and safety effects of an aircraft crash at their facilities.

    The rule also requires licensees to develop, implement, and maintain procedures for making site-specific determinations of the amount of lighting required to be extinguished, if any, to prevent or reduce visual discrimination of sites relative to their immediate surroundings and distinction of individual buildings within protected areas. For example, it may make sense to turn off all the lights at an isolated site but not for a site situated in an industrial area where ambient lighting from surrounding industries is sufficient for target discrimination. Licensees are expected to use centralized lighting controls or develop prioritized routes that allow personnel to turn off different sets of lights depending on available time when appropriate.

    The safety of licensee personnel and contractors is paramount to the successful response and implementation of mitigative measures after an onsite aircraft impact. To the maximum extent possible after an imminent aircraft threat notification, the rule also requires licensees to develop, implement, and maintain procedures for dispersing appropriate personnel and equipment (e.g., survey vehicles and emergency kits) to locations throughout their sites. Such actions will increase the chance that critical personnel and equipment will be available to address the consequences of an onsite aircraft impact and reduce the need to make improvised decisions during the pre-event notification period. The decision whether to shelter the remaining personnel in-place or evacuate them in response to an imminent aircraft threat should be based on the physical layout of the site and the time available to conduct an effective evacuation. It is expected that licensees will conduct an analysis and develop a decision-making tool for use by shift operations personnel to assist them in determining the appropriate onsite protective action for site personnel for various warning times and site population conditions (e.g., normal hours, off normal hours, and outages). This decision-making tool shall be incorporated into appropriate site procedures. It is expected that this tool will be routinely used in drills and exercises and that any deficiencies or weaknesses identified will be corrected

    Page 13957

    in accordance with Sec. 50.47(b)(14) and appendix E to part 50, section IV.F.2.g. Depending upon the methodology used to determine evacuation times, it may not be necessary for a licensee to suspend security measures under Sec. Sec. 50.54(x) or 73.55(p), as applicable.

    Licensees are required to develop procedures to facilitate the rapid entry of appropriate onsite personnel as well as offsite responders into their protected areas to deal with the consequences of an aircraft impact.

    Because the most well-considered plans and procedures do not guarantee that critical on-shift personnel will survive an aircraft impact, the rule requires licensees to develop, implement, and maintain procedures for an effective recall process for appropriate off-shift personnel. Those procedures shall describe the licensee's process for initiating off-shift recalls during the pre-event notification period and for directing responding licensee personnel to pre-identified assembly areas outside the site protected areas. When possible, the assembly area locations should be coordinated with offsite response organizations to facilitate offsite response plans and to ensure that off-shift licensee personnel will not be delayed access to the site onsite when needed.

    Section 50.54(hh)(2) requires licensees to develop guidance and strategies for addressing the loss of large areas of the plant due to explosions or fires from a beyond-design basis event through the use of readily available resources and by identifying potential practicable areas for the use of beyond-readily-available resources. These strategies are to address a licensee's responses to events that are beyond the design basis of the facility. The requirements in the final rule are based on similar requirements originally found in the ICM order of 2002. Ultimately, these mitigative strategies were further developed and refined through extensive interactions with licensees and industry. The NRC recognizes that these mitigative strategies are beneficial for the mitigation of all beyond-design basis events that result in the loss of large areas of the plant due to explosions or fires. Current reactor licensees comply with these requirements through the use of the following 14 strategies that have been required through an operating license condition. These strategies fall into the three general areas identified by Sec. Sec. 50.54(hh)(2)(i), (ii), and

    (iii). The fire-fighting response strategy reflected in Sec. 50.54(hh)(2)(i) encompasses the following elements: 1. Pre-defined coordinated fire response strategy and guidance. 2. Assessment of mutual aid fire fighting assets. 3. Designated staging areas for equipment and materials. 4. Command and control. 5. Training of response personnel.

    The operations to mitigate fuel damage provision in Sec. 50.54(hh)(2)(ii) includes consideration of the following: 1. Protection and use of personnel assets. 2. Communications. 3. Minimizing fire spread. 4. Procedures for implementing integrated fire response strategy. 5. Identification of readily-available, pre-staged equipment. 6. Training on integrated fire response strategy. 7. Spent fuel pool mitigation measures.

    The actions to minimize radiological release provision in Sec. 50.54(hh)(2)(iii) includes consideration of the following: 1. Water spray scrubbing. 2. Dose to onsite responders.

    The Commission considered specifically including these 14 strategies in Sec. 50.54(hh)(2). However, the Commission decided that the more general performance-based language in Sec. 50.54(hh)(2) was a better approach to account for future reactor facility designs that may contain features that preclude the need for some of these strategies.

    New reactor licensees are required to employ the same strategies as current reactor licensees to address core cooling, spent fuel pool cooling, and containment integrity. The mitigative strategies employed by new reactors as required by this rule would also need to account for, as appropriate, the specific features of the plant design, or any design changes made as a result of an aircraft assessment that would be performed in accordance with the proposed Aircraft Impact Assessment rule (72 FR 56287; October 3, 2007).

    Section 50.54(hh) is applicable to both current reactor licensees and new applicants for and holders of reactor operating licenses under either part 50 or part 52. Current reactor licensees have already developed and implemented procedures that comply with the Sec. 50.54(hh)(2) requirements, and do not require any additional action to comply with these rule provisions. New applicants for, and new holders of, operating licenses under part 50 and combined licenses under part 52 are required to develop and implement procedures that employ mitigative strategies similar to those now employed by current licensees to maintain or restore core cooling, containment, and spent fuel pool cooling capabilities under the circumstances associated with loss of large areas of the plant due to explosions or fire. The requirements described in Sec. 50.54(hh) relate to the development of procedures for addressing certain events that are the cause of large fires and explosions that affect a substantial portion of the nuclear power plant and are not limited or directly linked to an aircraft impact. The rule contemplates that the initiating event for such larges fires and explosions could be any number of beyond-design basis events.

    In addition, the Commission regards Sec. 50.54(hh) as necessary for reasonable assurance of adequate protection to public health and safety and common defense and security; this is consistent with the NRC's designation of the orders on which Sec. 50.54(hh) is based as being necessary for reasonable assurance of adequate protection.

    As discussed previously, the Commission has proposed in a separate rulemaking to require designers of new nuclear power plants (e.g., applicants for standard design certification under part 52, and applicants for combined licenses under part 52) to conduct an assessment of the effects of the impact of a large commercial aircraft on a nuclear power plant. Based upon the insights gained from this assessment, the applicant will be expected to include a description and evaluation of design features and functional capabilities to avoid or mitigate, to the extent practical and with reduced reliance upon operator actions, the effects of the aircraft impact. New reactor applicants would be subject to both the requirements of the aircraft impact rule and the requirements Sec. 50.54(hh). The overall objective of the Commission with both rulemakings is to enhance a nuclear power plant's capabilities to withstand the effects of a large fire or explosion, whether caused by an aircraft impact or other event, from the standpoints of both design and operation. The impact of a large aircraft on the nuclear power plant is regarded as a beyond-design basis event. In light of the Commission's view that effective mitigation of the effects of events causing large fires and explosions

    (including the impact of a large commercial aircraft) should be provided through operational actions, the Commission believes that the mitigation of the effects of such impacts through design should be regarded as a safety enhancement which is not necessary for adequate protection. Therefore, the aircraft impact rule--unlike the

    Page 13958

    Sec. 50.54(hh)--is regarded as a safety enhancement which is not necessary for adequate protection.

    The Commission regards the two rulemakings to be complementary in scope and objectives. The aircraft impact rule will focus on enhancing the design of future nuclear power plants to withstand large commercial aircraft impacts, with reduced reliance on human activities (including operator actions). Section 50.54(hh)(2) focuses on ensuring that the nuclear power plant's licensees will be able to implement effective mitigative measures for large fires and explosions including (but not explicitly limited to) those caused by the impacts of large commercial aircraft. Thus, these revisions to the Commission's regulatory framework for future nuclear power plants provide more regulatory certainty, stability, and increased public confidence.

    Section 50.54(hh) requirements do not apply to decommissioning facilities for which the certifications required under Sec. 50.82(a)(1) or Sec. 52.110(a)(1) have been submitted. The NRC believes that it is inappropriate that Sec. 50.54(hh) should apply to a permanently shutdown defueled reactor where the fuel was removed from the site or moved to an ISFSI. The Commission notes that the Sec. 50.54(hh) do not apply to any current decommissioning facilities that have already satisfied the Sec. 50.82(a) requirements.

    The Commission issued guidance (Safeguards Information) to current reactor licensees on February 25, 2005, and additionally endorsed NEI 06-12, Revision 2, by letter dated December 22, 2006, as an acceptable method for current reactor licensees to comply with the mitigative strategies requirement. These two sources of guidance provide an acceptable means for developing and implementing the mitigative strategies. The Commission is currently developing a draft regulatory guide that consolidates this guidance and addresses new reactor designs.

  22. Section 52.79, Contents of Applications; Technical Information in

    Final Safety Analysis Report

    Section 52.79(a)(36) is revised to require the cyber security plan, developed in accordance with the criteria set forth in Sec. 73.54, to be included amongst the security plans that are required to be included in the final safety analysis report for a combined license under part 52. In addition, the cyber security plan is added to the list of plans which must be handled as Safeguards Information in accordance with

    Sec. 73.21.

  23. Section 52.80, Contents of Applications; Additional Technical

    Information

    Section 52.80(d) is added to Sec. 52.80 to require a combined license applicant to submit a description and plans for implementation of the guidance and strategies intended to maintain or restore core cooling, containment, and spent fuel pool cooling capabilities under the circumstances associated with the loss of large areas of the plant due to explosions or fire as required by Sec. 50.54(hh)(2) of this chapter. The Commission views the mitigative strategies required by

    Sec. 50.54(hh)(2) as similar to those operational programs for which a description of the program is provided as part of the combined license application and subsequently implemented before plant operation. The

    Commission reviews the program description provided in the application as part of the licensing process and performs subsequent inspections of procedures and plant hardware to verify implementation.

  24. Section 72.212, Conditions of General License Issued Under Sec. 72.210

    Conforming changes were made to Sec. 72.212 to reference the appropriate revised paragraph designations in Sec. 73.55. No change to the substantive requirements of this section is intended. Conforming changes were made to preserve the current requirements for general licenses issued per Sec. 72.210 for the storage of spent fuel in an

    ISFSI. The Commission has initiated a separate rulemaking to revise the requirements for the security of ISFSIs and thus prefers to maintain the current regulatory structure until that rulemaking is completed.

    Section 72.212(b)(5) requires that spent fuel stored in an ISFSI be protected against the design basis threat of radiological sabotage with conditions and exceptions. The changes made to Sec. 72.212 are intended to preserve those conditions and exceptions since these ISFSI licensees are not the subject of the rulemaking. Specifically, Sec. 72.212(b)(5)(ii) is revised to reference Sec. 73.55(e) because Sec. 73.55(e) provides the protected area criteria, within which the spent fuel must be stored, while preserving the exception that spent fuel is not required to be within a separate vital area.

    Section 72.212(b)(5)(iii) is revised to reference Sec. 73.55(h) because Sec. 73.55(h) provides the personnel search criteria for Sec. 72.212. Section 72.212 provides an exception allowing a physical pat- down search of persons to be performed in lieu of the use of firearms and explosives detection equipment. Section 72.212(b)(5)(iv) is revised to reference Sec. 73.55(i)(3) since Sec. 73.55(i)(3) provides the intrusion detection and assessment requirements for which Sec. 72.212 provides an exception allowing a guard or watchman on patrol to provide this observational capability. Section 72.212(b)(5)(v) is revised to exempt ISFSI licensees from the requirements in Sec. 73.55 to interdict and neutralize threats preserving this exception. Due to the restructuring of Sec. 73.55, a specific reference to a paragraph in

    Sec. 73.55 was no longer possible, and a more general exception was written into Sec. 72.212. The Commission intends for the same exception to continue.

  25. Section 73.8, Information Collection Requirements: OMB Approval

    Section 73.8 is revised to add Sec. 73.54 and Sec. 73.58 to the list of part 73 sections, which contain collection requirements that have been approved by the Office of Management and Budget.

    I. Section 73.54, Protection of Digital Computer and Communication

    Systems and Networks

    This new section describes the requirements for nuclear power plant licensees to establish a cyber security program.

    Section 73.54, General. This section requires current nuclear power plant licensees to submit a cyber security plan within 180 days of the effective date of the rule for NRC review and approval. The cyber security plan must be submitted to the NRC as a license amendment pursuant to Sec. 50.90. Current applicants for an operating license or combined license who have submitted their applications to the NRC prior to the effective date of this rule are required to amend their applications to include a cyber security plan consistent with this rule.

    Section 73.54(a), Protection. This paragraph establishes the regulatory framework and requirements for the cyber security program in meeting the requirement for protection against the design basis threat of cyber attack identified in Sec. 73.1. This paragraph has been expanded from the proposed rule to provide a more detailed list of the types of systems and networks that are intended to be protected.

    Section 73.54(b), Analysis of Digital Computer and Communication

    Systems and Networks. This paragraph establishes requirements for an analysis. The rule requires that each licensee will analyze the digital computer and communication systems and networks in use at their facility to identify those

    Page 13959

    assets that require protection and that the licensee's cyber security program will include measures for the protection of the digital computer and communication systems and networks identified by the licensee through the required analysis. Cyber security, like physical security, focuses on the protection of equipment, systems, and networks against attacks by those individuals or organizations that would seek to cause harm, damage, or adversely affect the functions performed by such equipment, systems, and networks. Cyber security and physical security programs are intrinsically linked and must be integrated to satisfy the physical protection program design criteria of Sec. 73.55(b). The Commission recognizes that a uniquely independent technical expertise and knowledge is required to effectively implement the cyber security program, and therefore, the specific training and qualification requirements for the program must focus on ensuring that the personnel who implement the cyber security program are trained, qualified, and equipped to perform their unique duties and responsibilities.

    Section 73.54(c), Cyber Security Program. This paragraph describes the design components of the cyber security program including controls, prevention, defense-in-depth, and system functionality. The cyber security program must be designed to implement security controls for protected digital assets; apply and maintain defense-in-depth protective strategies to ensure the capability to detect, respond, and recover from cyber attacks; and ensure the functions of protected digital assets are not adversely impacted due to cyber attacks. With regard to Sec. 73.54(c)(4), the NRC requires that the cyber security program be designed to ensure that the intended function of the assets identified by Sec. 73.54(a)(1) and the analysis required by Sec. 73.54(b)(1) are maintained.

    With regard to Sec. 73.54(c)(2), defense-in-depth for digital computer and communication systems and networks includes technical and administrative controls that are integrated and used to mitigate threats from identified risks. The need to back up data as part of a defense-in-depth program is dependent upon the nature of the data relative to its use within the facility or system.

    Defense-in-depth is achieved when (1) a layered defensive model exists that allows for detection and containment of non-authorized activities occurring within each layer, (2) each defensive layer is protected from adjacent layers, (3) protection mechanisms used for isolation between layers employ diverse technologies to mitigate common cause failures, (4) the design and configuration of the security architecture and associated countermeasures creates the capability to sufficiently delay the advance of an adversary in order for preplanned response actions to occur, (5) no single points of failure exist within the security strategy or design that would render the entire security solution invalid or ineffective, and (6) effective disaster recovery capabilities exist for protected systems.

    The Commission's intent for a licensee's cyber security program is that a licensee or applicant implements operational elements to address the requirements of this rule but not necessarily address such requirements through the design of its facility. However, as with other elements of a licensee's physical security program, an applicant or licensee could consider how these requirements could be addressed through the design of its facility, to the extent practicable, but this is not required by the rule.

    Section 73.54(d), Cyber-Related Training, Risk and Modification

    Management. This paragraph requires licensees to develop, implement, and maintain supporting programs within the cyber security program. The

    Commission requires licensees to perform an analysis as identified in

    Sec. 73.54(b)(1) for any newly installed digital computer and communication systems and network equipment whether the new equipment is stand-alone or is installed to replace outdated equipment.

    To ensure that the measures used to protect digital computer and communication systems and networks remain effective and continue to meet high assurance expectations, the licensee's cyber security program must evaluate and manage cyber risks. Licensees must evaluate changes to systems and networks when modifications are proposed for previously assessed systems and new technology-related vulnerabilities not previously analyzed in the original baseline or periodic assessments that would act to reduce the cyber security environment of the system are identified.

    Section 73.54(e), Cyber Security Plan. This paragraph establishes the requirements for a written cyber security plan that outlines the licensee's implementation of their program to include incident response and recovery, detection, response, mitigation, vulnerabilities, and restoration. The plan must describe how the Commission requirements of this section are implemented and must account for site-specific conditions that affect implementation. Applicants for combined license under part 52 of this chapter should have sufficient information available to prepare and submit a plan as required by Sec. 52.79. Such plans will likely require updates and revisions in accordance with

    Sec. 50.54(p) as digital networks and systems are better defined during a plant's specific design and construction. The rule requires that the cyber security incident response and recovery measures will be part of the cyber security plan.

    Section 73.54(f), Policies and Procedures. This paragraph establishes requirements for licensees to have and maintain written policies and procedures for the implementation of the cyber security plan. The Commission does not intend for licensees to submit policies, implementing procedures, site-specific analysis, and other supporting technical information used by the licensee in development of their cyber security plan; however, such information must be made available upon request by an authorized representative of the NRC.

    Section 73.54(g), Reviews. This paragraph establishes the licensee review requirements for the cyber security program. The rule requires that the cyber security program be reviewed by the licensee on a periodic basis in accordance with Sec. 73.55(m).

    Section 73.54(h), Records. This paragraph establishes record retention requirements for the cyber security program. The rule requires that each licensee will retain the technical information associated with the assets identified by Sec. 73.54(b)(1) pertinent to compliance with Sec. 73.54.

  26. Section 73.55, Requirements for Physical Protection of Licensed

    Activities in Nuclear Power Reactors Against Radiological Sabotage

    Section 73.55(a), Introduction. This paragraph outlines the implementation, plans, program, scope and applicability of this section. The rule requires that each licensee shall evaluate the security plan changes needed to comply with the amended requirements of the final rule. Licensees are expected to make any changes necessary to comply with the final rule by March 31, 2010. It is up to the licensee to determine the appropriate mechanism to make those changes whether it be as a change under Sec. 50.54(p) or as a license amendment pursuant to Sec. 50.90. As noted earlier, it is the Commission's view that current licensees are largely already in compliance with the requirements in this rule, and any changes that would be

    Page 13960

    necessitated by this final rule would not decrease the effectiveness of current licensee security plans, so in most instances a change under

    Sec. 50.54(p) would be appropriate. However, the Commission also acknowledges that, based on site-specific conditions, a limited number of plan changes might require Commission review and approval before implementation. In such instances, licensees would be expected to submit security plan changes through license amendments or requests for exemptions under Sec. 73.5. With respect to applicants who have already submitted an application to the Commission for an operating license or combined license as of the effective date of this rule, those applicants are required to amend their applications to the extent necessary to address the requirements in this section.

    Licensees are responsible for maintaining physical protection in accordance with Commission regulations through the approved security plans. Any departures from the Commission's regulations must be specifically approved by the Commission in accordance with Sec. Sec. 73.55(r) or 73.5. Upon the Commission's written approval, the approved alternative measure or exemption becomes legally binding as a license condition in lieu of the specific 10 CFR requirement.

    This paragraph establishes when an applicant's physical protection program must be implemented. The receipt of special nuclear material

    (SNM) in the form of fuel assemblies onsite, (i.e. , within the licensee's protected area) is the event that subjects a licensee or applicant to the requirements of this rule, and it is the responsibility of the applicant or licensee to complete the preliminary and preparatory actions required to implement an effective physical protection program at the time SNM is received onsite (within the protected area).

    Section 73.55(b), General Performance Objective and Requirements.

    This paragraph outlines the general performance objective and design requirements of the licensee physical protection program. Licensees are required to provide protection against the design basis threat of radiological sabotage. To accomplish this, the physical protection program is designed to prevent significant core damage and spent fuel sabotage. Significant core damage and spent fuel sabotage can be measured through accepted engineering standards, and provide measurable performance criteria that are essential to understanding the definition of radiological sabotage. The design requirement of this section also requires licensees to conduct a site-specific analysis that accounts for site conditions and utilizes the integration of systems, technologies, programs, equipment, supporting processes, and implementing procedures. The physical protection program is supported by the access authorization, cyber security, and insider mitigation programs to meet the performance object of this section. The effectiveness of the physical protection program specific to the licensee protective strategy is measured through implementation of the performance evaluation program.

    Section 73.55(c), Security plans. This paragraph outlines the requirements for, contents of, and protection of security plans and implementing procedures. The primary focus of the security plans is to describe how the licensee will satisfy Commission requirements to include how site-specific conditions affect the measures needed at each site to ensure that the physical protection program is effective.

    Security plans include the physical security plan, training and qualification plan, safeguards contingency plan, and cyber security plan. The cyber security plan is subject to the same review and approval process as the physical security plan, training and qualification plan, and safeguards contingency plan.

    Section 73.55(d), Security Organization. This paragraph outlines the requirements for the composition, equipping, and training of the security organization. The intent is that the security organization will focus upon the effective implementation of the physical protection program. Individuals assigned to perform physical protection or contingency response duties must be trained, equipped, and qualified in accordance with appendix B to perform those assigned duties and responsibilities whether that individual is a member of the security organization or not. The rule requires that facility personnel, who are not members of the security organization, will be trained and qualified for the specific physical protection duties that they are assigned which includes possessing the knowledge, skills, abilities, and the minimum physical qualifications.

    Section 73.55(e), Physical Barriers. This paragraph outlines the generic and specific requirements for the design, construction, placement, and function of physical barriers. Physical barriers are used to fulfill many functions within the physical protection program, and therefore, each physical barrier must be designed and constructed to serve its predetermined function within the physical protection program. The rule requires that each licensee will analyze site- specific conditions to determine the specific use, type, function, construction, location, and placement of physical barriers needed for the implementation of the physical protection program. This paragraph also describes the requirements to maintain the integrity of physical barriers through the implementation of maintenance and observation measures.

    Section 73.55(f), Target Sets. This paragraph provides requirements for the development, documentation, and periodic re-evaluation of target sets. Target sets are a minimum combination of equipment or operator actions which, if prevented from performing their intended safety function or prevented from being accomplished, would likely result in significant core damage (e.g. , non-incipient, non-localized fuel melting, and/or core destruction) or a loss of coolant and exposure of spent fuel barring extraordinary actions by plant operators. Credit for operator actions will be given only if the following criteria are met: (1) sufficient time is available to implement these actions, (2) environmental conditions allow access where needed, (3) adversary interference is precluded, (4) any equipment needed to complete these actions is available and ready for use, (5) approved procedures exist which have entering conditions outside of severe accident mitigation guidelines (SAMG) or equivalent, and (6) training is conducted on the existing procedures under conditions similar to the scenario assumed. This rule requires each licensee to implement a process for the oversight of target set equipment, systems, and configurations using existing processes. This ensures that changes made to the configuration of target set equipment and modes of operation are considered in the licensee's protective strategy. Target set requirements include consideration of the effects of cyber attacks and is consistent with Commission requirements for protection against the design basis threat of radiological sabotage stated in Sec. 73.1.

    Section 73.55(g), Access Controls. This paragraph outlines the requirements regarding access control systems, devices, processes, and procedures for personnel, vehicles, and materials during normal and emergency conditions. Access controls relative to the owner controlled area, protected area, and vital areas are specifically addressed within this paragraph including visitor and escort requirements. The rule requires that the licensee will ensure that all access

    Page 13961

    controls are performing as intended and have not been compromised such that no person, vehicle, or material is able to gain unauthorized access beyond a barrier.

    With regard to escorts, the rule requires that all escorts will be trained to perform escort duties and that this training may be accomplished through existing processes, such as the General Employee

    Training (personnel escort) and/or the security Training and

    Qualification Plan (vehicle escorts). Personnel escorts are required to maintain timely communication with the security organization when performing escort duties to summon assistance if needed. Vehicle escorts are required to maintain continuous communication with the security organization when performing escort duties to summon assistance if needed.

    Section 73.55(h), Search Programs. This paragraph prescribes the search requirements of personnel, vehicles, and materials before granting access to the owner controlled and protected areas during normal and emergency conditions. The rule requires that a general description of the broad categories of material that will be excepted will be stated in the licensee security plans with detailed descriptions being identified in implementation procedures.

    Section 73.55(i), Detection and Assessment Systems. This paragraph delineates the requirements for detection and assessment for operating reactors and applicants as applied to the physical protection program.

    Detection and assessment are addressed together as a consequence of their importance for ensuring that an adequate response can be initiated and completed as a result of an alarm or through surveillance observation and monitoring by security personnel. Alarm stations are required to possess the equipment needed for detection, assessment, and communication or otherwise implement the protective strategy and maintain these capabilities through uninterruptible and secondary power sources. In addition, the survivability requirements for alarm stations pertaining to a single act within the capabilities of the design basis threat are addressed in this paragraph. The requirement to construct, locate, protect, and equip both the central and secondary alarm stations is applicable to only applicants for an operating or combined license that is issued after the effective date of this final rule. The rule requires that both alarms stations at future facilities will be equal and redundant.

    Section 73.55(j), Communication Requirements. This paragraph stipulates the communication requirements for the security organization during normal and emergency conditions. The rule requires that the licensee security organization possesses and maintains the capability for continuous communication with internal security personnel, vehicle escorts, local law enforcement authorities, and the control room.

    Section 73.55(k), Response Requirements. This paragraph outlines the provisions regarding the security response organization's structure, liaison with local law enforcement authorities, and measures to increase the security posture under heightened threat conditions.

    The rule requires that each licensee will determine the specific minimum number of armed responders and armed security officers needed to protect their facility and will document this minimum number in security plans. The threat warning system is intended to provide pre- planned enhancements to the licensee physical protection program to be taken upon notification by the NRC of a heightened threat. The specific details regarding response requirements are addressed in appendix C of this part.

    Section 73.55(l), Facilities Using Mixed-Oxide (MOX) Fuel

    Assemblies Containing Up to 20 Weight Percent Plutonium Dioxide (PuO2).

    This paragraph establishes the requirements for the physical protection of MOX used at nuclear power reactor facilities in addition to the physical protection program requirements addressed by this section.

    These protective measures are necessary to account for the type of special nuclear material contained in MOX fuel assemblies. These additional requirements include measures for the search and inspection of MOX fuel assemblies, storage MOX fuel assemblies, material control and accounting, and controls for the use of fuel handling equipment used for the movement of MOX fuel assemblies.

    Section 73.55(m), Security Program Reviews. This paragraph establishes requirements for the licensee's review of its physical protection programs. The rule requires that each licensee will review the physical protection program, in its entirety, at least every 24 months or less when significant changes are made. The conduct of reviews, to include audits is intended to provide a level of assurance that each element of the physical protection program is performing as intended to satisfy Commission requirements. Reviews also ensure that any changes to site specific conditions do not adversely impact the capability of a given element to perform the intended function within the physical protection program.

    Section 73.55(n), Maintenance, Testing, and Calibration. This paragraph establishes requirements for the maintenance, testing, and calibration security equipment required to implement the physical protection program. The rule requires that each licensee will perform maintenance, testing, and calibration activities at intervals required to ensure the equipment is operating as intended. The conduct of maintenance, testing, and calibration activities is intended to provide a level of assurance that security equipment is performing within acceptable parameters established to support the physical protection program and satisfy Commission requirements. Specific intervals for maintenance, testing, and calibration are determined by the NRC and manufacturer specifications.

    Section 73.55(o), Compensatory Measures. This paragraph establishes requirements for the actions to be taken by a licensee in response to a failure or degradation of security equipment to perform intended functions within the physical protection program. The rule requires that the licensee will identify conditions where security equipment has failed or is not operating as required and initiates timely actions that ensure the failure or degradation cannot be exploited.

    Section 73.55(p), Suspension of Security Measures. This paragraph establishes requirements for the suspension of security measures in response to emergency and extraordinary conditions. Section 73.55(p)(1)(i) represents no change from the previous suspension provision that was described in former Sec. 73.55(a). The requirements of this paragraph are intended to provide flexibility to a licensee for taking reasonable actions that depart from an approved security plan in an emergency when such actions are immediately needed to protect the public health and safety and no action consistent with license conditions and technical specifications that can provide adequate or equivalent protection is immediately apparent in accordance with Sec. 50.54(x) and (y). Therefore, the focus of Sec. 73.55(p)(1)(i) is on the suspension of security measures for the protection of the public health and safety.

    In contrast, Sec. 73.55(p)(1)(ii) has been added to provide similar flexibility for situations, such as during severe weather incidents like hurricanes, tornados, or floods when these actions are immediately needed to protect the personal health and safety of security

    Page 13962

    force personnel when no action consistent with the license condition is immediately apparent. Formerly, suspensions of security measures to protect security force personnel during severe weather incidents would not have been permitted by the regulations. However, the same control mechanisms apply to suspension invoked under Sec. 73.55(p)(1)(ii) as described in Sec. 50.54(y), including approval of, at a minimum, a licensed senior operator.

    Section 73.55(q), Records. This paragraph establishes requirements for the retention of documentation (reports, records, and documents) associated with licensee actions to satisfy Commission requirements.

    Section 73.55(r), Alternative Measures. This paragraph establishes provisions that allow the licensee the ability to develop measures for the protection against radiological sabotage other than those specifically stated in Commission requirements. Licensee requests to employ such alternative measures must be submitted to the Commission for review and approval as a license amendment in accordance with Sec. 50.90.

  27. Section 73.56, Personnel Access Authorization Requirements for

    Nuclear Power Plants

    Section 73.56 (a), Introduction. This paragraph outlines the implementation, scope and applicability of the access authorization program and requires that this program be described in the licensee's physical security plan. Current licensees must be in compliance with the requirements described in this rule by March 31, 2010, including updating their site-specific security plans as applicable. Current licensees should update their plans using one of the processes described in 10 CFR 50.54(p), 10 CFR 50.90, or 10 CFR 73.5 as applicable. In addition, current applicants for an operating license or combined license as of the effective date of this rule must update their applications, as appropriate, to address the requirements of this section. Section 73.56 retains the intent of the pre-existing requirements that licensees have the authority to grant or deny an individual unescorted access, certify or deny an individual unescorted access authorization, or permit an individual to maintain or terminate unescorted access or unescorted access authorization. Additionally, the

    Commission allows applicants to certify or deny an individual unescorted access authorization status prior to receiving its operating license under part 50 of this chapter or before the Commission makes its finding under 10 CFR 52.103(g).

    A licensee or applicant may allow a contractor or vendor to maintain certain elements of the licensee's or applicant's access authorization program if the contractor or vendor complies with the requirements of this section. Additionally, a licensee or applicant may permit a contractor or vendor to maintain an individual's unescorted access authorization status if the contractor's or vendor's access authorization program includes the licensee's or applicant's approved behavioral observation program. However, licensees and applicants are responsible for meeting all of the requirements set forth in this section before granting an individual unescorted access or certifying an individual unescorted access authorization.

    Applicants for an operating license or a combined license must incorporate their access authorization program in their physical security plan and implement the access authorization program before the receipt of special nuclear material in the form of fuel assemblies on site (i.e., within the licensee's protected area.)

    Section 73.56(b), Individuals Subject to the Access Authorization

    Program. This paragraph identifies individuals who shall be subject to the requirements of an access authorization program to ensure that each person granted unescorted access and/or certified unescorted access authorization is trustworthy and reliable. The rule requires that any individual who has unescorted access to nuclear power plant protected and vital areas shall be subject to an access authorization program that meets the requirements of this section.

    Section 73.56(c), General Performance Objective. This paragraph stipulates that the licensee's or applicant's access authorization program must provide high assurance that the individuals subject to this section are trustworthy and reliable such that they do not constitute an unreasonable risk to public health and safety or the common defense and security including the potential to commit radiological sabotage.

    Section 73.56(d), Background Investigation. This paragraph outlines the responsibilities and elements of the background investigation process including consent; personal, employment, credit, and criminal history; identity verification; and character evaluation. As addressed with respect to Sec. 73.56(h)(5) and (h)(6), the Commission permits licensees and applicants to meet the requirements of this section by relying on certain background investigation elements, psychological assessments, and behavioral observation training conducted by other licensees, applicants, or contractor access programs.

    This provision reduces regulatory burden by eliminating the need to replicate access authorization program elements that are still current according to the time conditions specified in Sec. Sec. 73.56(h) and

    (i)(1).

    Additionally, this paragraph requires individuals to disclose personal history information pertaining to the access authorization program and associated processes and requires licensees, applicants, and contractors or vendors to take steps to access information from reliable sources to ensure that the personal identifying information the individual has provided is authentic and accurate.

    The rule requires licensees, applicants, and contractors or vendors to make available and disclose information that they have collected if contacted by another licensee, applicant, or contractor or vendor who has a release signed by the individual who is applying for unescorted access or unescorted access authorization.

    Section 149 of the AEA provides the Commission authority to require individuals to be fingerprinted and to obtain the FBI criminal history records of only those individuals who are seeking unescorted access to protected or vital areas of a nuclear power plant. For other individuals, the Commission expects licensees and applicants to obtain those individual's criminal records in accordance with requirements set forth in Sec. 73.56(k)(1)(ii).

    Section 73.56(e), Psychological Assessment. This paragraph outlines requirements within the access authorization program for conducting psychological assessments on individuals seeking unescorted access or unescorted access authorization. The purpose of the paragraph is to evaluate the implications of an individual's psychological character on his or her trustworthiness and reliability. The rule requires that

    Individuals who are applying for initial unescorted access or unescorted access authorization, or who have not maintained unescorted access or unescorted access authorization for greater than 365 days, be subjected to a psychological assessment.

    This paragraph establishes requirements, standards, roles, and responsibilities for individuals who perform psychological assessments.

    A

    Page 13963

    licensed psychologist or psychiatrist with proper clinical training and experience must conduct the psychological assessment in accordance with the American Psychological Association or the American Psychiatric

    Association standards. This paragraph establishes the responsibilities of those conducting psychological assessments to report the discovery of any information, including a medical condition, which could adversely impact the fitness for duty or trustworthiness and reliability of the individual being accessed.

    Section 73.56(f), Behavioral Observation. This paragraph outlines the roles and responsibilities of licensees, applicants, contractors, vendors, and individuals under the behavioral observation program. The purpose of the behavioral observation program is to increase the likelihood that potentially adverse behavior patterns and actions are detected, communicated, and evaluated before there is an opportunity for such behavior patterns or acts to result in detrimental consequences. The rule requires individuals under this program to be trained to identify and report questionable behavior patterns or activities to his or her supervisor, other management personnel, or the reviewing official as designated in site procedures and that this report be promptly conveyed to the reviewing official for evaluation.

    Section 73.56(g), Self-Reporting of Legal Actions. This paragraph outlines the responsibilities for individuals to self-report legal actions taken by a law enforcement authority or court of law to which the individual has been subject that could result in incarceration or a court order or that requires a court appearance. This paragraph requires the recipient of the report, if the recipient is not the reviewing official, to promptly convey the report to the reviewing official who will then evaluate the implications of those actions with respect to the individual's trustworthiness and reliability.

    Section 73.56(h), Granting Unescorted Access and Certifying

    Unescorted Access Authorization. This paragraph defines the regulatory standard that must be used by a licensee or applicant for a determination of granting or certifying unescorted access or unescorted access authorization as well as for reinstatement of unescorted access or unescorted access authorization. The requirements in this paragraph, in part, are based upon whether an individual has previously been granted unescorted access or certified unescorted access authorization under a program subject to the requirements of Sec. 73.56 and the elapsed time since the individual's unescorted access or unescorted access authorization status was last favorably terminated.

    Additionally, this paragraph provides requirements for re-establishing trustworthiness and reliability of those individuals whose unescorted access or unescorted access authorization was denied or terminated unfavorably. Sections 73.56(h)(5) and (6) permit licensees and applicants to rely on other access authorization programs that meet the requirements of this section. In addition, these provisions eliminate redundancies in the steps required for granting unescorted access or certifying unescorted access authorization or maintaining unescorted access or unescorted access authorization.

    Section 73.56(i), Maintaining Unescorted Access or Unescorted

    Access Authorization. This paragraph delineates the conditions and requirements for maintaining unescorted access or unescorted access authorization status. Important elements of maintaining unescorted access or unescorted access authorization status are the behavioral observation program, the reevaluation of criminal history and credit history, and, for select individuals who perform specific job functions identified in Sec. 73.56(i)(1)(B), a psychological assessment.

    To confirm each individual's continued trustworthiness and reliability determination, the rule requires licensees and applicants to conduct updates and reevaluations every five (5) years for individuals granted unescorted access or certified unescorted access authorization and every three (3) years for selected individuals. For selected individuals, the rule requires licensees and applicants to conduct psychological reassessments every five (5) years. Additionally, all individuals are required to be subject to the licensee's behavioral observation program on a daily basis to detect an individual's abnormal emotional and/or psychological state through monitoring and/or supervisory evaluation.

    Section 73.56(j), Access to Vital Areas. This paragraph requires that access to vital areas be controlled through the use of access authorization lists to ensure that no one may enter these vital areas without having a work-related need and, when the need no longer exists, access to the vital areas is terminated.

    The rule requires that access authorization lists will be updated at least every 31 days to minimize insider threats by ensuring that personnel listed have a continued need to access vital areas to perform their official duties and not just a possibility of needing access sometime in the future.

    Section 73.56(k), Background Screeners. This paragraph outlines requirements to ensure that individuals who collect, process, or have access to sensitive personal information required under this section are trustworthy and reliable.

    Background checks for these individuals must be conducted in accordance with the requirements of this paragraph. The Commission recognizes that licensees and applicants may not, under Section 149 of the AEA, obtain a fingerprint-based FBI criminal history records check for an individual who does not have or is not expected to have unescorted access. In such cases, local criminal history information about the individual will be obtained from the State or local court system to satisfy this requirement.

    Section 73.56(l), Review Procedures. This paragraph outlines requirements for responding to an individual's request for review of a determination to deny unescorted access or unescorted access authorization or unfavorable termination of an individual's unescorted access or unescorted access authorization.

    Section 73.56(m), Protection of Information. This paragraph outlines requirements for the protection and release of personal information collected by a licensee, applicant, contractor, or vendor to authorized personnel. The rule requires that the licensee, applicant, contractor, or vendor possessing personal records will promptly provide personal information as authorized by the individual's signed consent. This may include an individual's representative and other licensees or applicants. With regard to revealing the sources of the information, the rule requires that licensees, applicants, contractors, and vendors will maintain confidentiality of sources.

    Section 73.56(n), Audits and Corrective Action. This paragraph outlines requirements for audits and corrective action to confirm compliance with the requirements of this section and that comprehensive corrective actions are taken in response to any violations of the requirements of this section identified from an audit. The rule requires that licensees and applicants will perform an audit of their access authorization program at intervals nominally every 24 months.

    With regard to Sec. 73.56(n)(1), the Commission uses the term

    ``nominally'' which allows a 25 percent margin

    Page 13964

    consistent with the definition of nominal in Sec. 26.5, which provides limited flexibility in meeting the scheduled due date for completing this recurrent activity. Completing a recurrent activity at a nominal frequency means that the activity may be completed within a period that is 25 percent longer (30 months) or shorter (18 months) than the period required, with the next scheduled due date no later than the current scheduled due date plus the required frequency for completing the activity.

    With regard to the independence of audit team members, the rule requires that at least one person on an audit team possess the requisite knowledge to evaluate the holistic implications of individual requirements or the complexities associated with meeting the final rule's performance objective and, therefore, can adequately evaluate program effectiveness and is independent of management having responsibility for day-to-day operation of the access authorization program.

    In regard to Sec. 73.56(n)(7), the rule permits licensees and other entities to jointly conduct audits as well as to rely on one another's audits, if the audits upon which they are relying address the services obtained from the contractor or vendor by each of the sharing licensees or applicants. The rule requires that licensees, applicants, and contractors or vendors relying on a shared audit to ensure that all services and elements upon which they rely have been adequately audited and to make clear that the licensees, applicants, and contractors or vendors are responsible for ensuring that an adequate audit is conducted of any services or elements upon which they rely that are not adequately covered by the shared audit.

    Section 73.56(o), Records. This paragraph outlines requirements for the retention, storage, and protection of records required by this section. Licensees, applicants, contractors, and vendors must retain, store, and protect records to ensure their availability and integrity.

    In addition, this paragraph provides requirements for how long the licensee shall retain these records according to the type of record or until the completion of legal proceedings that may arise as a result of an adjudication of an application for unescorted access, whichever is later. These requirements also allow contractors and vendors to retain records for which they are responsible. Upon termination of a contract between a contractor and a licensee or applicant, the licensee or applicant must retrieve all relevant records that were accumulated by the contractor throughout the period of the contract. The rule requires that corrected or new information will be actively communicated by the recipient to other licensees.

    L. Section 73.58, Safety/Security Interface Requirements for Nuclear

    Power Reactors

    Section 73.58 is a new requirement added to part 73. This requirement makes explicit, what was previously implicitly required by the regulations including that plant activities should not adversely affect security activities and that security activities should not adversely affect plant safety (otherwise licensees would fail to comply with the governing requirements in the applicable area). The new section is added as a cost-justified, safety enhancement per Sec. 50.109(a)(3). As discussed previously in Section II of this document, the new requirements were developed in response to a petition for rulemaking (PRM-50-80) submitted by the Union of Concerned Scientists and the San Luis Obispo Mothers for Peace that requested, in part, that the Commission promulgate requirements for licensees to evaluate proposed changes, tests, or experiments to determine whether such changes cause a decrease in the protection against radiological sabotage and to require prior Commission approval for such situations.

    Additionally, it stems from the Commission's comprehensive review of its safeguards and security programs and requirements and from the

    Commission's awareness that the increased complexity of licensee security measures now required in the post September 11, 2001, security environment could potentially increase adverse interactions between safety and security. Additionally, it is based on plant events discussed in Commission Information Notice 2005-33, ``Managing the

    Safety/Security Interface,'' that demonstrated that changes made to a facility, its security plan, or implementation of the plan can have adverse effects if the changes are not adequately assessed and managed.

    The regulations, prior to Sec. 73.58, did not explicitly require communication about the implementation and timing of facility changes.

    The Commission believes that Sec. 73.58 promotes an increased awareness of the effects of changing conditions and results in appropriate assessment and response.

    The introductory text indicates this section applies to power reactors licensed under 10 CFR parts 50 or 52. Paragraph (b) of this section requires licensees to assess proposed changes to plant configurations, facility conditions, or security to identify potential adverse effects on the capability of the licensee to maintain either safety or security before implementing those changes. The assessment would be qualitative or quantitative. If a potential adverse effect is identified, the licensee is required to take appropriate measures to manage the potential adverse effect. Managing the potential adverse effect is further described in paragraph (d). The requirements of Sec. 73.58 are in addition to requirements to assess proposed changes and to manage potential adverse effects contained in other Commission regulations, and are not intended to substitute for them. The

    Commission recognizes that implementation of Sec. 73.58 would rely to some extent on these existing programs that manage facility changes and configuration, and expects licensees to incorporate Sec. 73.58 into this structure. The primary function of this rule is to explicitly require that licensees consider the potential for changes to cause adverse interaction between security and safety and to appropriately manage any adverse results. Documentation of assessments performed per paragraph (b) is not required so as not to delay plant or security actions unnecessarily.

    Section 73.58(c) requires changes identified by either planned or emergent activities to be assessed by the licensee. This requirement is not intended to require licensees to assess all the day-to-day activities that are controlled by facility work processes and configuration management processes. The Commission expects that licensees would instead revise these processes to preclude, to the extent practicable, potential adverse interactions. Paragraph (c) of this section provides a description of typical activities for which changes must be assessed and for which resultant adverse interactions must be managed.

    Section 73.58(d) requires that, when potential adverse interactions are identified, licensees communicate the potential adverse interactions to appropriate licensee personnel. The licensee is also required to take appropriate compensatory and mitigative actions to maintain safety and security consistent with the applicable Commission requirements. The compensatory and/or mitigative actions taken must be consistent with existing requirements for the affected activity.

  28. Part 73, Appendix B, General Criteria for Protection

    The title of this appendix reflects training and qualification requirements for the members of the security organization and other facility personnel who perform security related

    Page 13965

    duties at a nuclear power reactor facility. The rule requires that individuals who perform security functions are trained and qualified prior to performing security-related duties and the training and qualification is documented.

    Part 73, Appendix B, Section VI.A, General Requirements and

    Introduction. This paragraph highlights the minimum employment suitability and training and qualification program requirements for individuals selected to perform security related functions. All individuals who perform physical protection and/or contingency response duties within the security program must meet the minimum training and qualification requirements for their assigned duties as specified within this appendix and the Commission approved training and qualification plan. The word ``individuals'' is used to identify members of the security organization and those facility personnel who are assigned to perform physical protection or contingency response duties within the security program. Facility personnel performing physical protection duties need only meet the minimum training and qualification requirements specified within this appendix and the

    Commission approved training and qualification plan for the specific duty assigned. Where requirements under this appendix specifically apply to members of the security organization the language explicitly identifies this applicability.

    Part 73, Appendix B, Section VI.B, Employment Suitability and

    Qualification. This paragraph outlines the minimum criteria that must be evaluated by licensees for individuals being considered for and performing security-related duties. The minimum criteria include education, criminal history, and physical and psychological standards.

    The physical standards associated with this paragraph reflect the basic physical requirements that ensure an individual possesses the standard acuity levels associated with vision and hearing and that the individual does not have a medical condition that is detrimental to the individual's health or the performance of assigned duties. The standards posed are applicable to all individuals who are assigned to perform physical protection or contingency response duties within the security program, to include non-security personnel assigned to perform physical protection duties (such as vehicle escort or material search).

    A licensed medical professional is required to conduct a medical examination before the assignment of individuals to perform security duties and/or the physical fitness test being administered.

    The physical fitness test, which is required for armed individuals implementing the contingency response plan, is a performance-based test that must be designed to demonstrate an individual's physical ability to perform assigned security duties during contingency events. Before engaging in the physical fitness test, the individual's current health status must be verified by the licensee. The licensee is also required to confirm that there are no existing medical conditions which would be detrimental to the individual's health when placed under the physical stress induced by the physical fitness test. The licensed medical professional provides a certification of the individual's health before the test, but is not required to administer the physical fitness test or document or attest to the successful completion of the test.

    Scheduling the physical fitness test for each armed individual as soon as possible after the date of the physical examination required by paragraph B.2.a(2) minimizes the possibility of the individual incurring a medical condition from the time of examination to the time that the physical fitness test is administered.

    The Commission recognized that the proposed suitability requirements for security personnel found in appendix B to part 73, criterion VI.B.1, were not inclusive of the disqualifying criteria found under the Gun Control Act of 1968 (GCA) (see 18 U.S.C. 922(g) and

    (n)). This section describes a licensee's obligations to take those prohibitions into account prior to permitting an individual to serve as an armed security officer.

    The rule requires that a qualified training instructor is responsible for the final documentation of each security critical task qualification that is performed by individuals who are assigned physical protection and/or contingency response duties within the security program. This paragraph also enables members of the security organization who are medically disqualified from performing contingency response duties or specific physical protection duties for a period of time, to perform other physical protection duties that would not be affected by the medical disqualification.

    Part 73, Appendix B, Section VI.C, Duty Training. This paragraph outlines duty training and on-the-job training requirements and focuses on the knowledge, skills, and abilities needed by individuals selected to perform security duties. On the job training for daily security duties may be conducted as a part of basic qualification training that provides the individual with the basic knowledge, skills and abilities of assigned securities duties. In addition to the on-the-job training previously described, this paragraph describes the development and implementation of 40 hours of on-the-job training to train the security force in the response to contingency events. It also captures both the scope of conducting tactical response drills and force-on-force exercises as well as the importance of individual performance by the members of the security response organization. The requirement is added to ensure that individuals implementing the safeguards contingency plan possess first-hand knowledge of individual and team response duties in accordance with the licensee protective strategy.

    Part 73, Appendix B, Section VI.C.3, Performance Evaluation

    Program. This paragraph outlines the establishment of the performance evaluation program including individual and group requirements for security personnel participation. The Commission's intent is that the licensee's performance evaluation program be evaluated during the conduct of NRC security baseline inspections including force-on-force evaluations. The rule allows force-on-force exercises conducted to satisfy the NRC triennial evaluation requirement to be used to satisfy the annual force-on-force requirement for the personnel that participate in the capacity of the security response organization.

    Part 73, Appendix B, Section VI.D, Duty Qualification and Re- qualification. This paragraph outlines the qualification, re- qualification, and periodicity requirements for armed and unarmed individuals performing security duties. The rule requires that qualifications include written exams, hands-on performance demonstrations, and annual written exams where applicable.

    Part 73, Appendix B, Section VI.E, Weapons Training. This paragraph outlines the requirements for firearms training, firearms instructor qualifications, firearms familiarization training, training program elements, deadly force instruction, and weapons training periodicity.

    The Commission's intent is to make generically applicable requirements similar to those that were contained in the 2003 training and qualification order (EA-03-039) and experience gained through security program inspections and observations and to apply language consistent with the professional firearms community more accurately. Additionally, a list of common firearms practices are provided to ensure appropriate weapons training

    Page 13966

    and qualification, safe handling, and operations are achieved.

    Part 73, Appendix B, Section VI.F, Weapons Qualification and

    Requalification Program. This paragraph outlines the requirements for general and tactical weapons qualification, the types of qualification courses, courses of fire, and firearms requalification. These requirements are substantially similar to the weapons proficiency requirements that were stipulated in the 2002 training and qualification order and the commonly-accepted minimum qualification scores found in the firearms training community for shotguns, hand guns, semi-automatic and/or enhanced weapons during both day and night courses of fire.

    Part 73, Appendix B, Section VI.G, Weapons, Personal Equipment, and

    Maintenance. This paragraph outlines the weapons, as well as required and optional personal equipment, for individuals performing security- related duties. The rule requires that the equipment required by paragraph G.2.b be readily accessible. The Commission does not intend that the required equipment necessarily be carried or worn but intends that it be readily available should the security officer choose to wear it during a safeguards contingency event. The Commission's intent is that the optional equipment listed in paragraph G.2.c be considered for implementation consistent with the licensee's protective strategy. The paragraph also discusses the weapons maintenance program and certified armorer requirements. The armorer must be certified by the weapons manufacturer (or a contractor working on behalf of the manufacturer) to perform maintenance and repair of licensee firearms. Licensees may use a manufacturer's armorer and certification process or use a contractor certified by the manufacturer as an armorer to perform maintenance and repair of licensee firearms.

    Part 73, Appendix B, Section VI.H, Records. This paragraph outlines the documentation and records retention requirements for security- related training. The Commission's intent is to be consistent with the record keeping and documentation requirements set forth in Sec. 73.55(r).

    Part 73, Appendix B, Section VI.I, Reviews. This paragraph outlines the required reviews of security-related training as set forth in Sec. 73.55(n).

    Part 73, Appendix B, Section VI.J, Definitions. This paragraph is consistent with the terms and definitions outlined in parts 50, 70, and 73.

  29. Part 73, Appendix C, Section II, Nuclear Power Plant Safeguards

    Contingency Plans

    This section is revised to address nuclear power reactor safeguards contingency plan requirements without impacting other licensees who are also required to maintain safeguards contingency plans (SCP).

    Part 73, Appendix C, Section II.A Introduction. This paragraph describes the content of the SCP for nuclear power reactors. Licensees must complete the coordination of the predetermined security force actions and non-security response efforts to ensure that the predetermined actions of the security force can be effectively implemented without conflict with the actions of other onsite or offsite support agencies responding to a safeguards contingency event.

    The scope of the SCP is specific to the security organization. However, the safeguards contingency plan must be integrated with other onsite and offsite response plans and procedures. It is not the Commission's intent for the security organization to be responsible for the integrated response plan but rather to ensure coordination with the integrated response plan and other licensee organizational elements.

    Part 73, Appendix C, Section II.B, Contents of the Plan. This paragraph specifies the categories of information required in a safeguards contingency plan to be consistent with and complement the requirements of Sec. 50.34(d). The intent is to build a common approach to documenting SCP requirements and to improve the usefulness and applicability of the SCP, and to ensure that the SCP is coordinated with non-security response plans. The Commission does not intend that the SCP include the details of other site plans but rather intends to ensure that the licensee has considered these other plans and that potential conflicts have been identified and resolved.

    Part 73, Appendix C, Section II.B.1, Background. This category of information requires licensees to identify perceived dangers, purpose, scope, and general information in the development and implementation of the SCP. The intent is to document the types of incidents that the plan covers, goals and objectives of the plan for each event, the physical protection elements that support the plan, and the coordination of response efforts by local law enforcement agencies. The NRC does not intend to expand the security organization's role or responsibilities to encompass the functions of other organizational elements. Planning functions and responsibilities of other licensee organizational elements are addressed in Sec. Sec. 50.54(gg), 50.47, and part 50, appendix E.

    Part 73, Appendix C, Section II.B.2, Generic Planning Base. This category of information establishes the criteria for initiating and terminating responses to safeguards contingency events. The generic planning base must define specific decisions, actions, expectations, and supporting information needed to respond to each type of incident.

    This requirement focuses on the types of actions or information that will prompt the licensee to initiate and/or terminate response activities as a result of an actual or perceived threat to the facility.

    Part 73, Appendix C, Section II.B.3, Licensee Planning Base. This category of information focuses on factors that affect safeguards contingency planning specific to each facility. The licensee planning base must document the site-specific organizational structure of the security response organization, site physical layout considerations, safeguards systems, the protective strategy, law enforcement assistance, policy constraints and assumptions and administrative and logistical considerations that could have bearing on the implementation of the licensee's SCP. While implementing details are appropriate for procedures and need not be included in the SCP, licensees are expected to provide a sufficient level of detail in the SCP for the information to be meaningful. Within this category of information, licensees must document coordination with off-site entities and explain how the level of protection required by Sec. 73.55(b) during safeguards contingency events will be maintained. In addition, licensees must ensure that

    Sec. 73.58 information regarding safety and security interface is considered in contingency response planning.

    Part 73, Appendix C, Section II.B.4, Responsibility Matrix. This category of information documents responsibilities and specific actions to be taken by licensee organizations and/or personnel in response to safeguards contingency events. The responsibility matrix must document who will perform what actions and make what decisions during responses to safeguards contingency events. The licensee SCP's must discuss how the matrix is incorporated into site implementing procedures.

    Part 73, Appendix C, Section II.B.5, Implementing Procedures. This category of information provides specific guidance and operating details that identify the actions to be taken and decisions to be made by each member of the security organization who is assigned duties and responsibilities required for the effective

    Page 13967

    implementation of the SCP. The procedures must reflect detailed information that supports the implementation of the SCP. The implementing procedures must contain the tabulated responsibility matrix that addresses each safeguards contingency event outlined in the licensee's generic planning base.

    Part 73, Appendix C, Section II.C, Records and Reviews. This category of information requires licensees to maintain records and to conduct reviews in accordance with the requirements of Sec. 73.55(n).

    V. Guidance

    The Commission is preparing new regulatory guides that will contain detailed guidance on the implementation of the rule requirements. These regulatory guides, currently under development or already issued in draft form for comment will consolidate and update or eliminate previous guidance that was used to develop, review, and approve the power reactor security plans that licensees revised in response to the post-September 11, 2001, security orders. Development of the regulatory guides is ongoing and the publication of the final regulatory guides is planned shortly after the publication of this final rule. Some of these regulatory guides contain Safeguards Information (SGI) or Official Use

    Only--Security Related Information (OUO-SRI) and will only be available to those individuals with a need-to-know and who are qualified to have access to SGI or OUO-SRI as applicable. Where appropriate, the requirements in this final rule are adjusted to account for the lack of final guidance (e.g., if the guidance is needed to support a licensee or applicant submittal, then the submittal requirements are adjusted to account for the lack of final guidance).

    VI. Criminal Penalties

    For the purposes of Section 223 of the Atomic Energy Act of 1954, as amended (AEA), the Commission is amending 10 CFR parts 50, 52, 72, and 73 under Sections 161b, 161i, or 161o of the AEA. Criminal penalties, as they apply to regulations in part 50, are discussed in

    Sec. 50.111. Criminal penalties, as they apply to regulations in part 52, are discussed in Sec. 52.303. Criminal penalties, as they apply to regulations in part 73, are discussed in Sec. 73.81. The new

    Sec. Sec. 50.54(hh), 73.54, and 73.58 are issued under Sections 161b, 161i, or 161o of the AEA, and are not included in Sec. Sec. 50.111, 52.303, and 73.81(b) as applicable.

    VII. Availability of Documents

    The NRC is making the documents identified below available to interested persons through one or more of the following methods:

    Public Document Room (PDR). The NRC Public Document Room is located at 11555 Rockville Pike, Rockville, Maryland.

    Regulations.gov (Web). These documents may be viewed and downloaded electronically through the Federal eRulemaking Portal http:// www.Regulations.gov, Dockets NRC-2006-0016 and NRC-2008-0019.

    NRC's Electronic Reading Room (ERR). The NRC's public electronic reading room is located at www.nrc.gov/reading-rm.html.

    Document

    PDR

    Web

    ERR (ADAMS)

    Environmental Assessment........................

    X

    X ML081640161

    Regulatory Analysis.............................

    X

    X ML083390372

    Regulatory Analysis--appendices.................

    X

    X ML081680090

    Information Collection Analysis.................

    X

    X ML083530022

    Comment Response document.......................

    X

    X ML083390333

    EA-03-086, ``Revised Design Basis Threat

    X

    X ML030740002

    Order,'' issued April 29, 2003 (68 FR 24517;

    May 7, 2003) [withheld as SGI and not publicly available.]*.

    EA-02-026, (Interim Compensatory Measures (ICM)

    X

    X ML020520754

    Order, ( issued February 25, 2002 (67 FR 9792;

    March 4, 2002) [withheld as SGI and not publicly available.]*.

    EA-02-261, (Issuance of Order for Compensatory

    X

    X ML030060360

    Measures Related to Access Authorization,

    (issued January 7, 2003 (68 FR 1643; January 13, 2003) [withheld as SGI and not publicly available.]*.

    EA-03-039, (Issuance of Order for Compensatory

    X

    X ML030980015

    Measures Related to Training Enhancements on

    Tactical and Firearms Proficiency and Physical

    Fitness Applicable to Armed Nuclear Power Plant

    Security Force Personnel,'' issued April 29, 2003 (68 FR 24514; May 7, 2003) [withheld as

    SGI and not publicly available.]*.

    * The NRC references these documents only for purposes of the backfitting discussion in this rule.

    VIII. Voluntary Consensus Standards

    The National Technology Transfer and Advancement Act of 1995,

    Public Law 104-113, requires that Federal agencies use technical standards that are developed or adopted by voluntary consensus standards bodies unless using such a standard is inconsistent with applicable law or is otherwise impractical. The NRC is not aware of any voluntary consensus standard that could be used instead of the regulatory guidance currently under development. The NRC will consider using a voluntary consensus standard if an appropriate standard is identified.

    IX. Finding of No Significant Environmental Impact

    The Commission has determined under the National Environmental

    Policy Act of 1969, as amended, and the Commission's regulations in

    Subpart A of 10 CFR part 51, that this rule is not a major Federal action significantly affecting the quality of the human environment, and therefore, an environmental impact statement is not required.

    The determination of this environmental assessment is that there will be no significant offsite impact to the public as a result of this action. The NRC requested comment on the environmental assessment.

    There were no comments received. Availability of the environmental assessment is provided in section VII of this document.

    X. Paperwork Reduction Act Statement

    This rule imposes new or amended information collection requirements contained in 10 CFR parts 50, 52, 72, and 73, that are subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501, et seq.). These requirements were approved by the Office of Management and

    Budget, approval numbers 3150-0011, 3150-0151, 3150-0132, and 3150- 0002.

    The burden to the public for these information collections is estimated to average 4.38 hours per response. This includes the time for reviewing instructions, searching existing data

    Page 13968

    sources, gathering and maintaining the data needed, and completing and reviewing the information collection. Send comments on any aspect of these information collections, including suggestions for reducing the burden, to the Records and FOIA/Privacy Services Branch (T-5-F53), U.S.

    Nuclear Regulatory Commission, Washington, DC 20555-0001, or by

    Internet electronic mail to INFOCOLLECTS.Resource@NRC.GOV; and to the

    Desk Officer, Office of Information and Regulatory Affairs, NEOB-10202,

    (3150-0011; 3150-0151; 3150-0132; and 3150-0002), Office of Management and Budget, Washington, DC 20503 or by internet electronic mail to

    Nathan J. Frey@omb.eop.gov.

    XI. Regulatory Analysis

    The Commission has prepared a regulatory analysis of this regulation. The analysis examines the costs and benefits of the alternatives considered by the Commission. Availability of the regulatory analysis is provided in Section VII of this document.

    XII. Regulatory Flexibility Certification

    In accordance with the Regulatory Flexibility Act (5 U.S.C. 605(b)), the Commission certifies that this rule does not have a significant economic impact on a substantial number of small entities.

    This rule affects only the licensing and operation of nuclear power plants. The companies that own these plants do not fall within the scope of the definition of ``small entities'' set forth in the

    Regulatory Flexibility Act or the size standards established by the NRC

    (10 CFR 2.810).

    XIII. Backfit Analysis

    With regard to the governing criteria in Sec. 50.109, this rulemaking contains two different sets of requirements. The first set of requirements in this rulemaking are requirements similar to those that were previously imposed under one of the following orders issued after September 11, 2001:

    EA-02-026, ``Interim Compensatory Measures (ICM) Order,'' issued February 25, 2002 (March 4, 2002; 67 FR 9792);

    EA-02-261, ``Access Authorization Order,'' issued January 7, 2003 (January 13, 2003; 68 FR 1643);

    EA-03-039, ``Security Personnel Training and Qualification

    Requirements (Training) Order,'' issued April 29, 2003 (May 7, 2003; 68

    FR 24514); and

    EA-03-086, ``Revised Design Basis Threat Order,'' issued

    April 29, 2003 (May 7, 2003; 68 FR 24517).

    For this first set of requirements, the NRC has determined that they are not backfitting as defined by Sec. 50.109(a)(1), and therefore, a backfit analysis is unnecessary for these requirements.

    Section 50.109(a)(1) defines backfitting as ``the modification or addition to systems, structures, components or design of a facility * *

    * or the procedures or organization required to design, construct or operate a facility; any of which may result from a new or amended provision in the Commission rules * * *.'' This first set of requirements in the final rule contains numerous requirements substantially similar to those previously imposed by the orders identified above. In some cases, more specific detail may have been provided in this final rule for a particular requirement that corresponds with a requirement that had previously been in an order.

    The provisions in this first set impose requirements that are substantially similar to those previously imposed to current licensees under the orders and are consistent with the implementing guidance that has been issued to licensees subsequent to the orders. Therefore, the first set of requirements do not constitute backfits as defined by the rule because they would not result in a modification or addition to any systems, structures, components or design of an affected facility, or the procedures or organization required to design, construct, or operate an affected facility. In any event, the Commission has also determined that the requirements represented in this first set are those necessary to ensure that these facilities provide adequate protection to the health and safety of the public and are in accord with common defense and security. Therefore, no backfit analysis has been prepared with respect to these requirements.

    The second set of requirements in this rulemaking are additions that do constitute backfits. The NRC evaluated the second set of requirements in the aggregate in accordance with Sec. 50.109 to determine if the costs of implementing the rule would be justified by a substantial increase in public health and safety or common defense and security. The NRC finds that qualitative safety benefits of the provisions that qualify as backfits in this rulemaking, considered in the aggregate, would constitute a substantial increase in protection to public health and safety and the common defense and security and that the costs of this rule would be justified in view of the increase in protection to safety and security provided by the backfits embodied in the proposed rule. The backfit analysis is contained within section 4.2 of the regulatory analysis. Availability of the regulatory analysis is provided in section VII of this document.

    XIV. Congressional Review Act

    Under the Congressional Review Act of 1996, the NRC has determined that this action is a major rule and has verified this determination with the Office of Information and Regulatory Affairs of the Office of

    Management and Budget.

    List of Subjects 10 CFR Part 50

    Antitrust, Classified information, Criminal penalties, Fire protection, Intergovernmental relations, Nuclear power plants and reactors, Radiation protection, Reactor siting criteria, Reporting and recordkeeping requirements. 10 CFR Part 52

    Administrative practice and procedure, Antitrust, Backfitting,

    Combined license, Early site permit, Emergency planning, Fees,

    Inspection, Limited work authorization, Nuclear power plants and reactors, Probabilistic risk assessment, Prototype, Reactor siting criteria, Redress of site, Reporting and recordkeeping requirements,

    Standard design, Standard design certification. 10 CFR Part 72

    Administrative practice and procedure, Criminal penalties, Manpower training programs, Nuclear materials, Occupational safety and health,

    Penalties, Radiation protection, Reporting and recordkeeping requirements, Security measures, Spent fuel, Whistleblowing. 10 CFR Part 73

    Criminal penalties, Export, Hazardous materials transportation,

    Import, Nuclear materials, Nuclear power plants and reactors, Reporting and recordkeeping requirements, Security measures. 0

    For the reasons set out in the preamble and under the authority of the

    AEA, as amended; the Energy Reorganization Act of 1974, as amended; 5

    U.S.C. 552 and 5 U.S.C. 553; the NRC is adopting the following amendments to 10 CFR parts 50, 52, 72, and 73.

    Page 13969

    PART 50--DOMESTIC LICENSING OF PRODUCTION AND UTILIZATION

    FACILITIES 0 1. The authority citation for part 50 continues to read as follows:

    Authority: Secs. 102, 103, 104, 105, 161, 182, 183, 186, 189, 68

    Stat. 936, 937, 938, 948, 953, 954, 955, 956, as amended, sec. 234, 83 Stat. 444, as amended (42 U.S.C. 2132, 2133, 2134, 2135, 2201, 2232, 2233, 2236, 2239, 2282); secs. 201, as amended, 202, 206, 88

    Stat. 1242, as amended, 1244, 1246 (42 U.S.C. 5841, 5842, 5846); sec. 1704, 112 Stat. 2750 (44 U.S.C. 3504 note); Energy Policy Act of 2005, Public Law 109-58, 119 Stat. 194 (2005). Section 50.7 also issued under Public Law 95-601, sec. 10, 92 Stat. 2951 as amended by

    Public Law 102-486, sec. 2902, 106 Stat. 3123 (42 U.S.C. 5841).

    Section 50.10 also issued under secs. 101, 185, 68 Stat. 955, as amended (42 U.S.C. 2131, 2235); sec. 102, Public Law 91-190, 83

    Stat. 853 (42 U.S.C. 4332). Sections 50.13, 50.54(dd), and 50.103 also issued under sec. 108, 68 Stat. 939, as amended (42 U.S.C. 2138).

    Sections 50.23, 50.35, 50.55, and 50.56 also issued under sec. 185, 68 Stat. 955 (42 U.S.C. 2235). Sections 50.33a, 50.55a and appendix Q also issued under sec. 102, Public Law 91-190, 83 Stat. 853 (42 U.S.C. 4332). Sections 50.34 and 50.54 also issued under sec. 204, 88 Stat. 1245 (42 U.S.C. 5844). Sections 50.58, 50.91, and 50.92 also issued under Public Law 97-415, 96 Stat. 2073 (42 U.S.C. 2239). Section 50.78 also issued under sec. 122, 68 Stat. 939 (42

    U.S.C. 2152). Sections 50.80-50.81 also issued under sec. 184, 68

    Stat. 954, as amended (42 U.S.C. 2234). Appendix F also issued under sec. 187, 68 Stat. 955 (42 U.S.C. 2237). 0 2. In Sec. 50.34, footnote 9 is removed and reserved, paragraphs (c),

    (d) and (e) are revised, and paragraph (i) is added to read as follows:

    Sec. 50.34 Contents of construction permit and operating license applications; technical information.

    * * * * *

    (c) Physical security plan. (1) Each applicant for an operating license for a production or utilization facility that will be subject to Sec. Sec. 73.50 and 73.60 of this chapter must include a physical security plan.

    (2) Each applicant for an operating license for a utilization facility that will be subject to the requirements of Sec. 73.55 of this chapter must include a physical security plan, a training and qualification plan in accordance with the criteria set forth in appendix B to part 73 of this chapter, and a cyber security plan in accordance with the criteria set forth in Sec. 73.54 of this chapter.

    (3) The physical security plan must describe how the applicant will meet the requirements of part 73 of this chapter (and part 11 of this chapter, if applicable, including the identification and description of jobs as required by Sec. 11.11(a) of this chapter, at the proposed facility). Security plans must list tests, inspections, audits, and other means to be used to demonstrate compliance with the requirements of 10 CFR parts 11 and 73, if applicable.

    (d) Safeguards contingency plan. (1) Each application for a license to operate a production or utilization facility that will be subject to

    Sec. Sec. 73.50 and 73.60 of this chapter must include a licensee safeguards contingency plan in accordance with the criteria set forth in section I of appendix C to part 73 of this chapter. The

    ``implementation procedures'' required per section I of appendix C to part 73 of this chapter do not have to be submitted to the Commission for approval.

    (2) Each application for a license to operate a utilization facility that will be subject to Sec. 73.55 of this chapter must include a licensee safeguards contingency plan in accordance with the criteria set forth in section II of appendix C to part 73 of this chapter. The ``implementing procedures'' required in section II of appendix C to part 73 of this chapter do not have to be submitted to the Commission for approval.

    (e) Protection against unauthorized disclosure. Each applicant for an operating license for a production or utilization facility, who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan, shall protect the plans and other related Safeguards Information against unauthorized disclosure in accordance with the requirements of Sec. 73.21 of this chapter.

    * * * * *

    (i) A description and plans for implementation of the guidance and strategies intended to maintain or restore core cooling, containment, and spent fuel pool cooling capabilities under the circumstances associated with the loss of large areas of the plant due to explosions or fire as required by Sec. 50.54(hh)(2) of this chapter. 0 3. In Sec. 50.54, paragraph (p)(1) is revised and paragraph (hh) is added to read as follows:

    Sec. 50.54 Conditions of licenses.

    * * * * *

    (p)(1) The licensee shall prepare and maintain safeguards contingency plan procedures in accordance with appendix C of part 73 of this chapter for affecting the actions and decisions contained in the

    Responsibility Matrix of the safeguards contingency plan. The licensee may not make a change which would decrease the effectiveness of a physical security plan, or guard training and qualification plan, or cyber security plan prepared under Sec. 50.34(c) or Sec. 52.79(a), or part 73 of this chapter, or of the first four categories of information

    (Background, Generic Planning Base, Licensee Planning Base,

    Responsibility Matrix) contained in a licensee safeguards contingency plan prepared under Sec. 50.34(d) or Sec. 52.79(a), or part 73 of this chapter, as applicable, without prior approval of the Commission.

    A licensee desiring to make such a change shall submit an application for amendment to the licensee's license under Sec. 50.90.

    * * * * *

    (hh) (1) Each licensee shall develop, implement and maintain procedures that describe how the licensee will address the following areas if the licensee is notified of a potential aircraft threat:

    (i) Verification of the authenticity of threat notifications;

    (ii) Maintenance of continuous communication with threat notification sources;

    (iii) Contacting all onsite personnel and applicable offsite response organizations;

    (iv) Onsite actions necessary to enhance the capability of the facility to mitigate the consequences of an aircraft impact;

    (v) Measures to reduce visual discrimination of the site relative to its surroundings or individual buildings within the protected area;

    (vi) Dispersal of equipment and personnel, as well as rapid entry into site protected areas for essential onsite personnel and offsite responders who are necessary to mitigate the event; and

    (vii) Recall of site personnel.

    (2) Each licensee shall develop and implement guidance and strategies intended to maintain or restore core cooling, containment, and spent fuel pool cooling capabilities under the circumstances associated with loss of large areas of the plant due to explosions or fire, to include strategies in the following areas:

    (i) Fire fighting;

    (ii) Operations to mitigate fuel damage; and

    (iii) Actions to minimize radiological release.

    (3) This section does not apply to a nuclear power plant for which the certifications required under Sec. 50.82(a) or Sec. 52.110(a)(1) of this chapter have been submitted.

    Page 13970

    PART 52--LICENSES, CERTIFICATIONS, AND APPROVALS FOR NUCLEAR POWER

    PLANTS 0 4. The authority citation for part 52 continues to read as follows:

    Authority: Secs. 103, 104, 161, 182, 183, 186, 189, 68 Stat. 936, 948, 953, 954, 955, 956, as amended, sec. 234, 83 Stat. 444, as amended (42 U.S.C. 2133, 2201, 2232, 2233, 2236, 2239, 2282); secs. 201, 202, 206, 88 Stat. 1242, 1244, 1246, as amended (42 U.S.C. 5841, 5842, 5846); sec. 1704, 112 Stat. 2750 (44 U.S.C. 3504 note),

    Energy Policy Act of 2005, Public Law No. 109-58, 119 Stat. 594

    (2005). 0 5. In Sec. 52.79, paragraphs (a)(36)(iii) and (iv) are redesignated as paragraphs (a)(36)(iv) and (v), respectively, and revised, and a new paragraph (a)(36)(iii) is added to read as follows:

    Sec. 52.79 Contents of applications; technical information in final safety analysis report.

    (a) * * *

    (36) * * *

    (iii) A cyber security plan in accordance with the criteria set forth in Sec. 73.54 of this chapter;

    (iv) A description of the implementation of the safeguards contingency plan, training and qualification plan, and cyber security plan; and

    (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan, shall protect the plans and other related

    Safeguards Information against unauthorized disclosure in accordance with the requirements of Sec. 73.21 of this chapter.

    * * * * * 0 6. In Sec. 52.80, paragraph (d) is added to read as follows:

    Sec. 52.80 Contents of applications; additional technical information.

    * * * * *

    (d) A description and plans for implementation of the guidance and strategies intended to maintain or restore core cooling, containment, and spent fuel pool cooling capabilities under the circumstances associated with the loss of large areas of the plant due to explosions or fire as required by Sec. 50.54(hh)(2) of this chapter.

    PART 72--LICENSING REQUIREMENTS FOR THE INDEPENDENT STORAGE OF

    SPENT NUCLEAR FUEL, HIGH-LEVEL RADIOACTIVE WASTE, AND REACTOR-

    RELATED GREATER THAN CLASS C WASTE 0 7. The authority citation for part 72 continues to read as follows:

    Authority: Secs. 51, 53, 57, 62, 63, 65, 69, 81, 161, 182, 183, 184, 186, 187, 189, 68 Stat. 929, 930, 932, 933, 934, 935, 948, 953, 954, 955, as amended, sec. 234, 83 Stat. 444, as amended (42 U.S.C. 2071, 2073, 2077, 2092, 2093, 2095, 2099, 2111, 2201, 2232, 2233, 2234, 2236, 2237, 2238, 2282); sec. 274, Public Law 86-373, 73 Stat. 688, as amended (42 U.S.C. 2021); sec. 201, as amended, 202, 206, 88

    Stat. 1242, as amended, 1244, 1246 (42 U.S.C. 5841, 5842, 5846);

    Public Law 95-601, sec. 10, 92 Stat. 2951 as amended by Public Law 102-486, sec. 7902, 106 Stat. 3123 (42 U.S.C. 5851); sec. 102,

    Public Law 91-190, 83 Stat. 853 (42 U.S.C. 4332); secs. 131, 132, 133, 135, 137, 141, Public Law 97-425, 96 Stat. 2229, 2230, 2232, 2241, sec. 148, Public Law 100-203, 101 Stat. 1330-235 (42 U.S.C. 10151, 10152, 10153, 10155, 10157, 10161, 10168); sec. 1704, 112

    Stat. 2750 (44 U.S.C. 3504 note); Energy Policy Act of 2005, Public

    Law 109-58, 119 Stat. 549 (2005).

    Section 72.44(g) also issued under secs. 142(b) and 148(c), (d),

    Public Law 100-203, 101 Stat. 1330-232, 1330-236 (42 U.S.C. 10162(b), 10168(c), (d)). Section 72.46 also issued under sec. 189, 68 Stat. 955 (42 U.S.C. 2239); sec. 134, Public Law 97-425, 96 Stat. 2230 (42 U.S.C. 10154). Section 72.96(d) also issued under sec. 145(g), Public Law 100-203, 101 Stat. 1330-235 (42 U.S.C. 10165(g)).

    Subpart J also issued under secs. 2(2), 2(15), 2(19), 117(a), 141(h), Public Law 97-425, 96 Stat. 2202, 2203, 2204, 2222, 2224 (42

    U.S.C. 10101, 10137(a), 10161(h)).

    Subparts K and L are also issued under sec. 133, 98 Stat. 2230

    (42 U.S.C. 10153) and sec. 218(a), 96 Stat. 2252 (42 U.S.C. 10198). 0 8. In Sec. 72.212, paragraphs (b)(5)(ii), (b)(5(iii), (b)(5)(iv), and

    (b)(5)(v) are revised to read as follows:

    Sec. 72.212 Conditions of general license issued under Sec. 72.210.

    * * * * *

    (b) * * *

    (5) * * *

    (ii) Storage of spent fuel must be within a protected area, in accordance with Sec. 73.55(e) of this chapter, but need not be within a separate vital area. Existing protected areas may be expanded or new protected areas added for the purpose of storage of spent fuel in accordance with this general license.

    (iii) For purposes of this general license, personnel searches required by Sec. 73.55(h) of this chapter before admission to a new protected area may be performed by physical pat-down searches of persons in lieu of firearms and explosives detection equipment.

    (iv) The observational capability required by Sec. 73.55(i)(3) of this chapter as applied to a new protected area may be provided by a guard or watchman on patrol in lieu of video surveillance technology.

    (v) For the purpose of this general license, the licensee is exempt from requirements to interdict and neutralize threats in Sec. 73.55 of this chapter.

    * * * * *

    PART 73--PHYSICAL PROTECTION OF PLANTS AND MATERIALS 0 9. The authority citation for part 73 continues to read as follows:

    Authority: Secs. 53, 161, 149, 68 Stat. 930, 948, as amended, sec. 147, 94 Stat. 780 (42 U.S.C. 2073, 2167, 2169, 2201): sec. 201, as amended, 204, 88 Stat. 1242, as amended, 1245, sec. 1701, 106

    Stat. 2951, 2952, 2953 (42 U.S.C. 5841, 5844, 2297f); sec.1704, 112

    Stat. 2750 (44 U.S.C. 3504 note): Energy Policy Act of 2005, Public

    Law 109-58, 119 Stat. 594 (2005).

    Section 73.1 also issued under sec. 135, 141, Public Law 97-425, 96 Stat. 2232, 2241 (42 U.S.C, 10155, 10161). Section 73.37(f) also issued under sec. 301, Public Law 96-295, 94 Stat.789 (42 U.S.C. 5841 note). Section 73.57 is issued under sec. 606, Public Law 99- 399, 100 Stat. 876 (42 U.S.C. 2169). 0 10. In Sec. 73.8, paragraph (b) is revised and paragraph (c) is added to read as follows:

    Sec. 73.8 Information collection requirements: OMB approval.

    * * * * *

    (b) The approved information collection requirements contained in this part appear in Sec. Sec. 73.5, 73.20, 73.21, 73.24, 73.25, 73.26, 73.27, 73.37, 73.40, 73.45, 73.46, 73.50, 73.54, 73.55, 73.56, 73.57, 73.58, 73.60, 73.67, 73.70, 73.71, 73.72, 73.73, 73.74, and Appendices

    B, C, and G to this part.

    (c) This part contains information collection requirements in addition to those approved under the control number specified in paragraph (a) of this section. The information collection requirement and the control numbers under which it is approved are as follows:

    (1) In Sec. 73.71, NRC Form 366 is approved under control number 3150-0104.

    (2) [Reserved] 0 11. Section 73.54 is added to read as follows:

    Sec. 73.54 Protection of digital computer and communication systems and networks.

    By November 23, 2009 each licensee currently licensed to operate a nuclear power plant under part 50 of this chapter shall submit, as specified in Sec. 50.4 and Sec. 50.90 of this chapter, a cyber security plan that satisfies the requirements of this section for

    Commission review and approval. Each submittal must include a proposed implementation schedule. Implementation of the licensee's cyber security program must be consistent with the approved schedule. Current applicants for an operating license or combined license who have submitted their applications to the Commission prior to the effective date of this rule

    Page 13971

    must amend their applications to include a cyber security plan consistent with this section.

    (a) Each licensee subject to the requirements of this section shall provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks, up to and including the design basis threat as described in Sec. 73.1.

    (1) The licensee shall protect digital computer and communication systems and networks associated with:

    (i) Safety-related and important-to-safety functions;

    (ii) Security functions;

    (iii) Emergency preparedness functions, including offsite communications; and

    (iv) Support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions.

    (2) The licensee shall protect the systems and networks identified in paragraph (a)(1) of this section from cyber attacks that would:

    (i) Adversely impact the integrity or confidentiality of data and/ or software;

    (ii) Deny access to systems, services, and/or data; and

    (iii) Adversely impact the operation of systems, networks, and associated equipment.

    (b) To accomplish this, the licensee shall:

    (1) Analyze digital computer and communication systems and networks and identify those assets that must be protected against cyber attacks to satisfy paragraph (a) of this section,

    (2) Establish, implement, and maintain a cyber security program for the protection of the assets identified in paragraph (b)(1) of this section; and

    (3) Incorporate the cyber security program as a component of the physical protection program.

    (c) The cyber security program must be designed to:

    (1) Implement security controls to protect the assets identified by paragraph (b)(1) of this section from cyber attacks;

    (2) Apply and maintain defense-in-depth protective strategies to ensure the capability to detect, respond to, and recover from cyber attacks;

    (3) Mitigate the adverse affects of cyber attacks; and

    (4) Ensure that the functions of protected assets identified by paragraph (b)(1) of this section are not adversely impacted due to cyber attacks.

    (d) As part of the cyber security program, the licensee shall:

    (1) Ensure that appropriate facility personnel, including contractors, are aware of cyber security requirements and receive the training necessary to perform their assigned duties and responsibilities.

    (2) Evaluate and manage cyber risks.

    (3) Ensure that modifications to assets, identified by paragraph

    (b)(1) of this section, are evaluated before implementation to ensure that the cyber security performance objectives identified in paragraph

    (a)(1) of this section are maintained.

    (e) The licensee shall establish, implement, and maintain a cyber security plan that implements the cyber security program requirements of this section.

    (1) The cyber security plan must describe how the requirements of this section will be implemented and must account for the site-specific conditions that affect implementation.

    (2) The cyber security plan must include measures for incident response and recovery for cyber attacks. The cyber security plan must describe how the licensee will:

    (i) Maintain the capability for timely detection and response to cyber attacks;

    (ii) Mitigate the consequences of cyber attacks;

    (iii) Correct exploited vulnerabilities; and

    (iv) Restore affected systems, networks, and/or equipment affected by cyber attacks.

    (f) The licensee shall develop and maintain written policies and implementing procedures to implement the cyber security plan. Policies, implementing procedures, site-specific analysis, and other supporting technical information used by the licensee need not be submitted for

    Commission review and approval as part of the cyber security plan but are subject to inspection by NRC staff on a periodic basis.

    (g) The licensee shall review the cyber security program as a component of the physical security program in accordance with the requirements of Sec. 73.55(m), including the periodicity requirements.

    (h) The licensee shall retain all records and supporting technical documentation required to satisfy the requirements of this section as a record until the Commission terminates the license for which the records were developed, and shall maintain superseded portions of these records for at least three (3) years after the record is superseded, unless otherwise specified by the Commission. 0 12. Section 73.55 is revised to read as follows:

    Sec. 73.55 Requirements for physical protection of licensed activities in nuclear power reactors against radiological sabotage.

    (a) Introduction. (1) By March 31, 2010, each nuclear power reactor licensee, licensed under 10 CFR part 50, shall implement the requirements of this section through its Commission-approved Physical

    Security Plan, Training and Qualification Plan, Safeguards Contingency

    Plan, and Cyber Security Plan referred to collectively hereafter as

    ``security plans.'' Current applicants for an operating license under 10 CFR part 50, or combined license under 10 CFR part 52 who have submitted their applications to the Commission prior to the effective date of this rule must amend their applications to include security plans consistent with this section.

    (2) The security plans must identify, describe, and account for site-specific conditions that affect the licensee's capability to satisfy the requirements of this section.

    (3) The licensee is responsible for maintaining the onsite physical protection program in accordance with Commission regulations through the implementation of security plans and written security implementing procedures.

    (4) Applicants for an operating license under the provisions of part 50 of this chapter or holders of a combined license under the provisions of part 52 of this chapter, shall implement the requirements of this section before fuel is allowed onsite (protected area).

    (5) The Tennessee Valley Authority Watts Bar Nuclear Plant, Unit 2, holding a current construction permit under the provisions of part 50 of this chapter, shall meet the revised requirements in paragraphs (a) through (r) of this section as applicable to operating nuclear power reactor facilities.

    (6) Applicants for an operating license under the provisions of part 50 of this chapter, or holders of a combined license under the provisions of part 52 of this chapter that do not reference a standard design certification or reference a standard design certification issued after May 26, 2009 shall meet the requirement of Sec. 73.55(i)(4)(iii).

    (b) General performance objective and requirements. (1) The licensee shall establish and maintain a physical protection program, to include a security organization, which will have as its objective to provide high assurance that activities involving special nuclear material are not inimical to the common defense and security and do not constitute an unreasonable risk to the public health and safety.

    Page 13972

    (2) To satisfy the general performance objective of paragraph

    (b)(1) of this section, the physical protection program must protect against the design basis threat of radiological sabotage as stated in

    Sec. 73.1.

    (3) The physical protection program must be designed to prevent significant core damage and spent fuel sabotage. Specifically, the program must:

    (i) Ensure that the capabilities to detect, assess, interdict, and neutralize threats up to and including the design basis threat of radiological sabotage as stated in Sec. 73.1, are maintained at all times.

    (ii) Provide defense-in-depth through the integration of systems, technologies, programs, equipment, supporting processes, and implementing procedures as needed to ensure the effectiveness of the physical protection program.

    (4) The licensee shall analyze and identify site-specific conditions, including target sets, that may affect the specific measures needed to implement the requirements of this section and shall account for these conditions in the design of the physical protection program.

    (5) Upon the request of an authorized representative of the

    Commission, the licensee shall demonstrate the ability to meet

    Commission requirements through the implementation of the physical protection program, including the ability of armed and unarmed personnel to perform assigned duties and responsibilities required by the security plans and licensee procedures.

    (6) The licensee shall establish, maintain, and implement a performance evaluation program in accordance with appendix B to this part, to demonstrate and assess the effectiveness of armed responders and armed security officers to implement the licensee's protective strategy.

    (7) The licensee shall establish, maintain, and implement an access authorization program in accordance with Sec. 73.56 and shall describe the program in the Physical Security Plan.

    (8) The licensee shall establish, maintain, and implement a cyber security program in accordance with Sec. 73.54.

    (9) The licensee shall establish, maintain, and implement an insider mitigation program and shall describe the program in the

    Physical Security Plan.

    (i) The insider mitigation program must monitor the initial and continuing trustworthiness and reliability of individuals granted or retaining unescorted access authorization to a protected or vital area, and implement defense-in-depth methodologies to minimize the potential for an insider to adversely affect, either directly or indirectly, the licensee's capability to prevent significant core damage and spent fuel sabotage.

    (ii) The insider mitigation program must contain elements from:

    (A) The access authorization program described in Sec. 73.56;

    (B) The fitness-for-duty program described in part 26 of this chapter;

    (C) The cyber security program described in Sec. 73.54; and

    (D) The physical protection program described in this section.

    (10) The licensee shall use the site corrective action program to track, trend, correct and prevent recurrence of failures and deficiencies in the physical protection program.

    (11) Implementation of security plans and associated procedures must be coordinated with other onsite plans and procedures to preclude conflict during both normal and emergency conditions.

    (c) Security plans. (1) Licensee security plans must describe:

    (i) How the licensee will implement requirements of this section through the establishment and maintenance of a security organization, the use of security equipment and technology, the training and qualification of security personnel, the implementation of predetermined response plans and strategies, and the protection of digital computer and communication systems and networks.

    (ii) Site-specific conditions that affect how the licensee implements Commission requirements.

    (2) Protection of Security Plans. The licensee shall protect the security plans and other security-related information against unauthorized disclosure in accordance with the requirements of Sec. 73.21.

    (3) Physical Security Plan. The licensee shall establish, maintain, and implement a Physical Security Plan which describes how the performance objective and requirements set forth in this section will be implemented.

    (4) Training and Qualification Plan. The licensee shall establish, maintain, and implement, and follow a Training and Qualification Plan that describes how the criteria set forth in appendix B, to this part,

    ``General Criteria for Security Personnel,'' will be implemented.

    (5) Safeguards Contingency Plan. The licensee shall establish, maintain, and implement a Safeguards Contingency Plan that describes how the criteria set forth in appendix C, to this part, ``Licensee

    Safeguards Contingency Plans,'' will be implemented.

    (6) Cyber Security Plan. The licensee shall establish, maintain, and implement a Cyber Security Plan that describes how the criteria set forth in Sec. 73.54 ``Protection of Digital Computer and Communication systems and Networks'' of this part will be implemented.

    (7) Security implementing procedures.

    (i) The licensee shall have a management system to provide for the development, implementation, revision, and oversight of security procedures that implement Commission requirements and the security plans.

    (ii) Implementing procedures must document the structure of the security organization and detail the types of duties, responsibilities, actions, and decisions to be performed or made by each position of the security organization.

    (iii) The licensee shall:

    (A) Provide a process for the written approval of implementing procedures and revisions by the individual with overall responsibility for the security program.

    (B) Ensure that revisions to security implementing procedures satisfy the requirements of this section.

    (iv) Implementing procedures need not be submitted to the

    Commission for approval, but are subject to inspection by the

    Commission.

    (d) Security organization. (1) The licensee shall establish and maintain a security organization that is designed, staffed, trained, qualified, and equipped to implement the physical protection program in accordance with the requirements of this section.

    (2) The security organization must include:

    (i) A management system that provides oversight of the onsite physical protection program.

    (ii) At least one member, onsite and available at all times, who has the authority to direct the activities of the security organization and who is assigned no other duties that would interfere with this individual's ability to perform these duties in accordance with the security plans and the licensee protective strategy.

    (3) The licensee may not permit any individual to implement any part of the physical protection program unless the individual has been trained, equipped, and qualified to perform their assigned duties and responsibilities in accordance with appendix B to this part and the

    Training and Qualification Plan. Non-security personnel may be assigned duties and responsibilities required to implement the physical protection program and shall:

    Page 13973

    (i) Be trained through established licensee training programs to ensure each individual is trained, qualified, and periodically re- qualified to perform assigned duties.

    (ii) Be properly equipped to perform assigned duties.

    (iii) Possess the knowledge, skills, and abilities, to include physical attributes such as sight and hearing, required to perform their assigned duties and responsibilities.

    (e) Physical barriers. Each licensee shall identify and analyze site-specific conditions to determine the specific use, type, function, and placement of physical barriers needed to satisfy the physical protection program design requirements of Sec. 73.55(b).

    (1) The licensee shall:

    (i) Design, construct, install and maintain physical barriers as necessary to control access into facility areas for which access must be controlled or denied to satisfy the physical protection program design requirements of paragraph (b) of this section.

    (ii) Describe in the security plan, physical barriers, barrier systems, and their functions within the physical protection program.

    (2) The licensee shall retain, in accordance with Sec. 73.70, all analyses and descriptions of the physical barriers and barrier systems used to satisfy the requirements of this section, and shall protect these records in accordance with the requirements of Sec. 73.21.

    (3) Physical barriers must:

    (i) Be designed and constructed to:

    (A) Protect against the design basis threat of radiological sabotage;

    (B) Account for site-specific conditions; and

    (C) Perform their required function in support of the licensee physical protection program.

    (ii) Provide deterrence, delay, or support access control.

    (iii) Support effective implementation of the licensee's protective strategy.

    (4) Consistent with the stated function to be performed, openings in any barrier or barrier system established to meet the requirements of this section must be secured and monitored to prevent exploitation of the opening.

    (5) Bullet Resisting Physical Barriers. The reactor control room, the central alarm station, and the location within which the last access control function for access to the protected area is performed, must be bullet-resisting.

    (6) Owner controlled area. The licensee shall establish and maintain physical barriers in the owner controlled area as needed to satisfy the physical protection program design requirements of Sec. 73.55(b).

    (7) Isolation zone.

    (i) An isolation zone must be maintained in outdoor areas adjacent to the protected area perimeter barrier. The isolation zone shall be:

    (A) Designed and of sufficient size to permit observation and assessment of activities on either side of the protected area barrier;

    (B) Monitored with intrusion detection equipment designed to satisfy the requirements of Sec. 73.55(i) and be capable of detecting both attempted and actual penetration of the protected area perimeter barrier before completed penetration of the protected area perimeter barrier; and

    (C) Monitored with assessment equipment designed to satisfy the requirements of Sec. 73.55(i) and provide real-time and play-back/ recorded video images of the detected activities before and after each alarm annunciation.

    (ii) Obstructions that could prevent the licensee's capability to meet the observation and assessment requirements of this section must be located outside of the isolation zone.

    (8) Protected area.

    (i) The protected area perimeter must be protected by physical barriers that are designed and constructed to:

    (A) Limit access into the protected area to only those personnel, vehicles, and materials required to perform official duties;

    (B) Channel personnel, vehicles, and materials to designated access control portals; and

    (C) Be separated from any other barrier designated as a vital area physical barrier, unless otherwise identified in the Physical Security

    Plan.

    (ii) Penetrations through the protected area barrier must be secured and monitored in a manner that prevents or delays, and detects the exploitation of any penetration.

    (iii) All emergency exits in the protected area must be alarmed and secured by locking devices that allow prompt egress during an emergency and satisfy the requirements of this section for access control into the protected area.

    (iv) Where building walls or roofs comprise a portion of the protected area perimeter barrier, an isolation zone is not necessary provided that the detection and, assessment requirements of this section are met, appropriate barriers are installed, and the area is described in the security plans.

    (v) All exterior areas within the protected area, except for areas that must be excluded for safety reasons, must be periodically checked to detect and deter unauthorized personnel, vehicles, and materials.

    (9) Vital areas.

    (i) Vital equipment must be located only within vital areas, which must be located within a protected area so that access to vital equipment requires passage through at least two physical barriers, except as otherwise approved by the Commission and identified in the security plans.

    (ii) The licensee shall protect all vital area access portals and vital area emergency exits with intrusion detection equipment and locking devices that allow rapid egress during an emergency and satisfy the vital area entry control requirements of this section.

    (iii) Unoccupied vital areas must be locked and alarmed.

    (iv) More than one vital area may be located within a single protected area.

    (v) At a minimum, the following shall be considered vital areas:

    (A) The reactor control room;

    (B) The spent fuel pool;

    (C) The central alarm station; and

    (D) The secondary alarm station in accordance with Sec. 73.55(i)(4)(iii).

    (vi) At a minimum, the following shall be located within a vital area:

    (A) The secondary power supply systems for alarm annunciation equipment; and

    (B) The secondary power supply systems for non-portable communications equipment.

    (10) Vehicle control measures. Consistent with the physical protection program design requirements of Sec. 73.55(b), and in accordance with the site-specific analysis, the licensee shall establish and maintain vehicle control measures, as necessary, to protect against the design basis threat of radiological sabotage vehicle bomb assault.

    (i) Land vehicles. Licensees shall:

    (A) Design, construct, install, and maintain a vehicle barrier system, to include passive and active barriers, at a stand-off distance adequate to protect personnel, equipment, and systems necessary to prevent significant core damage and spent fuel sabotage against the effects of the design basis threat of radiological sabotage land vehicle bomb assault.

    (B) Periodically check the operation of active vehicle barriers and provide a secondary power source, or a means of mechanical or manual operation in the event of a power failure, to ensure that the active barrier can be placed in the denial position to prevent unauthorized vehicle access beyond the required standoff distance.

    (C) Provide periodic surveillance and observation of vehicle barriers and barrier systems adequate to detect

    Page 13974

    indications of tampering and degradation or to otherwise ensure that each vehicle barrier and barrier system is able to satisfy the intended function.

    (D) Where a site has rail access to the protected area, install a train derailer, remove a section of track, or restrict access to railroad sidings and provide periodic surveillance of these measures.

    (ii) Waterborne vehicles. Licensees shall:

    (A) Identify areas from which a waterborne vehicle must be restricted, and where possible, in coordination with local, State, and

    Federal agencies having jurisdiction over waterway approaches, deploy buoys, markers, or other equipment.

    (B) In accordance with the site-specific analysis, provide periodic surveillance and observation of waterway approaches and adjacent areas.

    (f) Target sets. (1) The licensee shall document and maintain the process used to develop and identify target sets, to include the site- specific analyses and methodologies used to determine and group the target set equipment or elements.

    (2) The licensee shall consider cyber attacks in the development and identification of target sets.

    (3) Target set equipment or elements that are not contained within a protected or vital area must be identified and documented consistent with the requirements in Sec. 73.55(f)(1) and be accounted for in the licensee's protective strategy.

    (4) The licensee shall implement a process for the oversight of target set equipment and systems to ensure that changes to the configuration of the identified equipment and systems are considered in the licensee's protective strategy. Where appropriate, changes must be made to documented target sets.

    (g) Access controls. (1) Consistent with the function of each barrier or barrier system, the licensee shall control personnel, vehicle, and material access, as applicable, at each access control point in accordance with the physical protection program design requirements of Sec. 73.55(b).

    (i) To accomplish this, the licensee shall:

    (A) Locate access control portals outside of, or concurrent with, the physical barrier system through which it controls access.

    (B) Equip access control portals with locking devices, intrusion detection equipment, and surveillance equipment consistent with the intended function.

    (C) Provide supervision and control over the badging process to prevent unauthorized bypass of access control equipment located at or outside of the protected area.

    (D) Limit unescorted access to the protected area and vital areas, during non-emergency conditions, to only those individuals who require unescorted access to perform assigned duties and responsibilities.

    (E) Assign an individual the responsibility for the last access control function (controlling admission to the protected area) and isolate the individual within a bullet-resisting structure to assure the ability of the individual to respond or summon assistance.

    (ii) Where vehicle barriers are established, the licensee shall:

    (A) Physically control vehicle barrier portals to ensure only authorized vehicles are granted access through the barrier.

    (B) Search vehicles and materials for contraband or other items which could be used to commit radiological sabotage in accordance with paragraph (h) of this section.

    (C) Observe search functions to ensure a response can be initiated if needed.

    (2) Before granting access into the protected area, the licensee shall:

    (i) Confirm the identity of individuals.

    (ii) Verify the authorization for access of individuals, vehicles, and materials.

    (iii) Confirm, in accordance with industry shared lists and databases that individuals are not currently denied access to another licensed facility.

    (iv) Search individuals, vehicles, and materials in accordance with paragraph (h) of this section.

    (3) Vehicles in the protected area.

    (i) The licensee shall exercise control over all vehicles inside the protected area to ensure that they are used only by authorized persons and for authorized purposes.

    (ii) Vehicles inside the protected area must be operated by an individual authorized unescorted access to the area, or must be escorted by an individual as required by paragraph (g)(8) of this section.

    (iii) Vehicle use inside the protected area must be limited to plant functions or emergencies, and keys must be removed or the vehicle otherwise disabled when not in use.

    (iv) Vehicles transporting hazardous materials inside the protected area must be escorted by an armed member of the security organization.

    (4) Vital Areas.

    (i) Licensees shall control access into vital areas consistent with access authorization lists.

    (ii) In response to a site-specific credible threat or other credible information, implement a two-person (line-of-sight) rule for all personnel in vital areas so that no one individual is permitted access to a vital area.

    (5) Emergency conditions.

    (i) The licensee shall design the access control system to accommodate the potential need for rapid ingress or egress of authorized individuals during emergency conditions or situations that could lead to emergency conditions.

    (ii) To satisfy the design criteria of paragraph (g)(5)(i) of this section during emergency conditions, the licensee shall implement security procedures to ensure that authorized emergency personnel are provided prompt access to affected areas and equipment.

    (6) Access control devices.

    (i) The licensee shall control all keys, locks, combinations, passwords and related access control devices used to control access to protected areas, vital areas and security systems to reduce the probability of compromise. To accomplish this, the licensee shall:

    (A) Issue access control devices only to individuals who have unescorted access authorization and require access to perform official duties and responsibilities.

    (B) Maintain a record, to include name and affiliation, of all individuals to whom access control devices have been issued, and implement a process to account for access control devices at least annually.

    (C) Implement compensatory measures upon discovery or suspicion that any access control device may have been compromised. Compensatory measures must remain in effect until the compromise is corrected.

    (D) Retrieve, change, rotate, deactivate, or otherwise disable access control devices that have been or may have been compromised or when a person with access to control devices has been terminated under less than favorable conditions.

    (ii) The licensee shall implement a numbered photo identification badge system for all individuals authorized unescorted access to the protected area and vital areas.

    (A) Identification badges may be removed from the protected area only when measures are in place to confirm the true identity and authorization for unescorted access of the badge holder before allowing unescorted access to the protected area.

    (B) Except where operational safety concerns require otherwise, identification badges must be clearly displayed by all individuals while inside the protected area and vital areas.

    (C) The licensee shall maintain a record, to include the name and areas to which unescorted access is granted, of

    Page 13975

    all individuals to whom photo identification badges have been issued.

    (iii) Access authorization program personnel shall be issued passwords and combinations to perform their assigned duties and may be excepted from the requirement of paragraph (g)(6)(i)(A) of this section provided they meet the background requirements of Sec. 73.56.

    (7) Visitors.

    (i) The licensee may permit escorted access to protected and vital areas to individuals who have not been granted unescorted access in accordance with the requirements of Sec. 73.56 and part 26 of this chapter. The licensee shall:

    (A) Implement procedures for processing, escorting, and controlling visitors.

    (B) Confirm the identity of each visitor through physical presentation of a recognized identification card issued by a local,

    State, or Federal government agency that includes a photo or contains physical characteristics of the individual requesting escorted access.

    (C) Maintain a visitor control register in which all visitors shall register their name, date, time, purpose of visit, employment affiliation, citizenship, and name of the individual to be visited before being escorted into any protected or vital area.

    (D) Issue a visitor badge to all visitors that clearly indicates an escort is required.

    (E) Escort all visitors, at all times, while inside the protected area and vital areas.

    (F) Deny escorted access to any individual who is currently denied access in industry shared data bases.

    (ii) Individuals not employed by the licensee but who require frequent or extended unescorted access to the protected area and/or vital areas to perform duties and responsibilities required by the licensee at irregular or intermittent intervals, shall satisfy the access authorization requirements of Sec. 73.56 and part 26 of this chapter, and shall be issued a non-employee photo identification badge that is easily distinguished from other identification badges before being allowed unescorted access to the protected and vital areas. Non- employee photo identification badges must visually reflect that the individual is a non-employee and that no escort is required.

    (8) Escorts. The licensee shall ensure that all escorts are trained to perform escort duties in accordance with the requirements of this section and site training requirements.

    (i) Escorts shall be authorized unescorted access to all areas in which they will perform escort duties.

    (ii) Individuals assigned to visitor escort duties shall be provided a means of timely communication with security personnel to summon assistance when needed.

    (iii) Individuals assigned to vehicle escort duties shall be trained and qualified in accordance with appendix B of this part and provided a means of continuous communication with security personnel to ensure the ability to summon assistance when needed.

    (iv) When visitors are performing work, escorts shall be generally knowledgeable of the activities to be performed by the visitor and report behaviors or activities that may constitute an unreasonable risk to the health and safety of the public and common defense and security, including a potential threat to commit radiological sabotage, consistent with Sec. 73.56(f)(1).

    (v) Each licensee shall describe visitor to escort ratios for the protected area and vital areas in physical security plans. Implementing procedures shall provide necessary observation and control requirements for all visitor activities.

    (h) Search programs. (1) The objective of the search program is to detect, deter, and prevent the introduction of firearms, explosives, incendiary devices, or other items which could be used to commit radiological sabotage. To accomplish this the licensee shall search individuals, vehicles, and materials consistent with the physical protection program design requirements in paragraph (b) of this section, and the function to be performed at each access control point or portal before granting access.

    (2) Owner controlled area searches.

    (i) Where the licensee has established physical barriers in the owner controlled area, the licensee shall implement search procedures for access control points in the barrier.

    (ii) For each vehicle access control point, the licensee shall describe in implementing procedures areas of a vehicle to be searched, and the items for which the search is intended to detect and prevent access. Areas of the vehicle to be searched must include, but are not limited to, the cab, engine compartment, undercarriage, and cargo area.

    (iii) Vehicle searches must be performed by at least two (2) trained and equipped security personnel, one of which must be armed.

    The armed individual shall be positioned to observe the search process and provide immediate response.

    (iv) Vehicle searches must be accomplished through the use of equipment capable of detecting firearms, explosives, incendiary devices, or other items which could be used to commit radiological sabotage, or through visual and physical searches, or both, to ensure that all items are identified before granting access.

    (v) Vehicle access control points must be equipped with video surveillance equipment that is monitored by an individual capable of initiating a response.

    (3) Protected area searches. Licensees shall search all personnel, vehicles and materials requesting access to protected areas.

    (i) The search for firearms, explosives, incendiary devices, or other items which could be used to commit radiological sabotage shall be accomplished through the use of equipment capable of detecting these items, or through visual and physical searches, or both, to ensure that all items are clearly identified before granting access to protected areas. The licensee shall subject all persons except official Federal, state, and local law enforcement personnel on official duty to these searches upon entry to the protected area. Armed security officers who are on duty and have exited the protected area may re-enter the protected area without being searched for firearms.

    (ii) Whenever search equipment is out of service, is not operating satisfactorily, or cannot be used effectively to search individuals, vehicles, or materials, a visual and physical search shall be conducted.

    (iii) When an attempt to introduce firearms, explosives, incendiary devices, or other items which could be used to commit radiological sabotage has occurred or is suspected, the licensee shall implement actions to ensure that the suspect individuals, vehicles, and materials are denied access and shall perform a visual and physical search to determine the absence or existence of a threat.

    (iv) For each vehicle access portal, the licensee shall describe in implementing procedures areas of a vehicle to be searched before access is granted. Areas of the vehicle to be searched must include, but are not limited to, the cab, engine compartment, undercarriage, and cargo area.

    (v) Exceptions to the protected area search requirements for materials may be granted for safety or operational reasons provided the design criteria of Sec. 73.55(b) are satisfied, the materials are clearly identified, the types of exceptions to be granted are described in the security plans, and the specific security measures to be implemented for

    Page 13976

    excepted items are detailed in site procedures.

    (vi) To the extent practicable, excepted materials must be positively controlled, stored in a locked area, and opened at the final destination by an individual familiar with the items.

    (vii) Bulk material excepted from the protected area search requirements must be escorted by an armed member of the security organization to its final destination or to a receiving area where the excepted items are offloaded and verified.

    (viii) To the extent practicable, bulk materials excepted from search shall not be offloaded adjacent to a vital area.

    (i) Detection and assessment systems. (1) The licensee shall establish and maintain intrusion detection and assessment systems that satisfy the design requirements of Sec. 73.55(b) and provide, at all times, the capability to detect and assess unauthorized persons and facilitate the effective implementation of the licensee's protective strategy.

    (2) Intrusion detection equipment must annunciate and video assessment equipment shall display concurrently, in at least two continuously staffed onsite alarm stations, at least one of which must be protected in accordance with the requirements of the central alarm station within this section.

    (3) The licensee's intrusion detection and assessment systems must be designed to:

    (i) Provide visual and audible annunciation of the alarm.

    (ii) Provide a visual display from which assessment of the detected activity can be made.

    (iii) Ensure that annunciation of an alarm indicates the type and location of the alarm.

    (iv) Ensure that alarm devices to include transmission lines to annunciators are tamper indicating and self-checking.

    (v) Provide an automatic indication when the alarm system or a component of the alarm system fails, or when the system is operating on the backup power supply.

    (vi) Support the initiation of a timely response in accordance with the security plans, licensee protective strategy, and associated implementing procedures.

    (vii) Ensure intrusion detection and assessment equipment at the protected area perimeter remains operable from an uninterruptible power supply in the event of the loss of normal power.

    (4) Alarm stations.

    (i) Both alarm stations required by paragraph (i)(2) of this section must be designed and equipped to ensure that a single act, in accordance with the design basis threat of radiological sabotage defined in Sec. 73.1(a)(1), cannot disable both alarm stations. The licensee shall ensure the survivability of at least one alarm station to maintain the ability to perform the following functions:

    (A) Detect and assess alarms;

    (B) Initiate and coordinate an adequate response to an alarm;

    (C) Summon offsite assistance; and

    (D) Provide command and control.

    (ii) Licensees shall:

    (A) Locate the central alarm station inside a protected area. The interior of the central alarm station must not be visible from the perimeter of the protected area.

    (B) Continuously staff each alarm station with at least one trained and qualified alarm station operator. The alarm station operator must not be assigned other duties or responsibilities which would interfere with the ability to execute the functions described in Sec. 73.55(i)(4)(i) of this section.

    (C) Not permit any activities to be performed within either alarm station that would interfere with an alarm station operator's ability to execute assigned duties and responsibilities.

    (D) Assess and initiate response to all alarms in accordance with the security plans and implementing procedures.

    (E) Assess and initiate response to other events as appropriate.

    (F) Ensure that an alarm station operator cannot change the status of a detection point or deactivate a locking or access control device at a protected or vital area portal, without the knowledge and concurrence of the alarm station operator in the other alarm station.

    (G) Ensure that operators in both alarm stations are knowledgeable of final disposition of all alarms.

    (H) Maintain a record of all alarm annunciations, the cause of each alarm, and the disposition of each alarm.

    (iii) Applicants for an operating license under the provisions of part 50 of this chapter, or holders of a combined license under the provisions of part 52 of this chapter, shall construct, locate, protect, and equip both the central and secondary alarm stations to the standards for the central alarm station contained in this section. Both alarm stations shall be equal and redundant, such that all functions needed to satisfy the requirements of this section can be performed in both alarm stations.

    (5) Surveillance, observation, and monitoring.

    (i) The physical protection program must include surveillance, observation, and monitoring as needed to satisfy the design requirements of Sec. 73.55(b), identify indications of tampering, or otherwise implement the site protective strategy.

    (ii) The licensee shall provide continuous surveillance, observation, and monitoring of the owner controlled area as described in the security plans to detect and deter intruders and ensure the integrity of physical barriers or other components and functions of the onsite physical protection program. Continuous surveillance, observation, and monitoring responsibilities may be performed by security personnel during continuous patrols, through use of video technology, or by a combination of both.

    (iii) Unattended openings that intersect a security boundary such as underground pathways must be protected by a physical barrier and monitored by intrusion detection equipment or observed by security personnel at a frequency sufficient to detect exploitation.

    (iv) Armed security patrols shall periodically check external areas of the protected area to include physical barriers and vital area portals.

    (v) Armed security patrols shall periodically inspect vital areas to include the physical barriers used at all vital area portals.

    (vi) The licensee shall provide random patrols of all accessible areas containing target set equipment.

    (vii) Security personnel shall be trained to recognize obvious indications of tampering consistent with their assigned duties and responsibilities.

    (viii) Upon detection of tampering, or other threats, the licensee shall initiate response in accordance with the security plans and implementing procedures.

    (6) Illumination.

    (i) The licensee shall ensure that all areas of the facility are provided with illumination necessary to satisfy the design requirements of Sec. 73.55(b) and implement the protective strategy.

    (ii) The licensee shall provide a minimum illumination level of 0.2 foot-candles, measured horizontally at ground level, in the isolation zones and appropriate exterior areas within the protected area.

    Alternatively, the licensee may augment the facility illumination system by means of low-light technology to meet the requirements of this section or otherwise implement the protective strategy.

    (iii) The licensee shall describe in the security plans how the lighting requirements of this section are met and, if used, the type(s) and application of low-light technology.

    (j) Communication requirements. (1) The licensee shall establish and

    Page 13977

    maintain continuous communication capability with onsite and offsite resources to ensure effective command and control during both normal and emergency situations.

    (2) Individuals assigned to each alarm station shall be capable of calling for assistance in accordance with the security plans and the licensee's procedures.

    (3) All on-duty security force personnel shall be capable of maintaining continuous communication with an individual in each alarm station, and vehicle escorts shall maintain continuous communication with security personnel. All personnel escorts shall maintain timely communication with the security personnel.

    (4) The following continuous communication capabilities must terminate in both alarm stations required by this section:

    (i) Radio or microwave transmitted two-way voice communication, either directly or through an intermediary, in addition to conventional telephone service between local law enforcement authorities and the site.

    (ii) A system for communication with the control room.

    (5) Non-portable communications equipment must remain operable from independent power sources in the event of the loss of normal power.

    (6) The licensee shall identify site areas where communication could be interrupted or cannot be maintained, and shall establish alternative communication measures or otherwise account for these areas in implementing procedures.

    (k) Response requirements. (1) The licensee shall establish and maintain, at all times, properly trained, qualified and equipped personnel required to interdict and neutralize threats up to and including the design basis threat of radiological sabotage as defined in Sec. 73.1, to prevent significant core damage and spent fuel sabotage.

    (2) The licensee shall ensure that all firearms, ammunition, and equipment necessary to implement the site security plans and protective strategy are in sufficient supply, are in working condition, and are readily available for use.

    (3) The licensee shall train each armed member of the security organization to prevent or impede attempted acts of radiological sabotage by using force sufficient to counter the force directed at that person, including the use of deadly force when the armed member of the security organization has a reasonable belief that the use of deadly force is necessary in self-defense or in the defense of others, or any other circumstances as authorized by applicable State or Federal law.

    (4) The licensee shall provide armed response personnel consisting of armed responders which may be augmented with armed security officers to carry out armed response duties within predetermined time lines specified by the site protective strategy.

    (5) Armed responders.

    (i) The licensee shall determine the minimum number of armed responders necessary to satisfy the design requirements of Sec. 73.55(b) and implement the protective strategy. The licensee shall document this number in the security plans.

    (ii) The number of armed responders shall not be less than ten

    (10).

    (iii) Armed responders shall be available at all times inside the protected area and may not be assigned other duties or responsibilities that could interfere with their assigned response duties.

    (6) Armed security officers.

    (i) Armed security officers, designated to strengthen onsite response capabilities, shall be onsite and available at all times to carry out their assigned response duties.

    (ii) The minimum number of armed security officers designated to strengthen onsite response capabilities must be documented in the security plans.

    (7) The licensee shall have procedures to reconstitute the documented number of available armed response personnel required to implement the protective strategy.

    (8) Protective strategy. The licensee shall establish, maintain, and implement a written protective strategy in accordance with the requirements of this section and part 73, appendix C, Section II. Upon receipt of an alarm or other indication of a threat, the licensee shall:

    (i) Determine the existence and level of a threat in accordance with pre-established assessment methodologies and procedures.

    (ii) Initiate response actions to interdict and neutralize the threat in accordance with the requirements of part 73, appendix C, section II, the safeguards contingency plan, and the licensee's response strategy.

    (iii) Notify law enforcement agencies (local, State, and Federal law enforcement agencies (LLEA)), in accordance with site procedures.

    (9) Law enforcement liaison. To the extent practicable, licensees shall document and maintain current agreements with applicable law enforcement agencies to include estimated response times and capabilities.

    (10) Heightened security. Licensees shall establish, maintain, and implement a threat warning system which identifies specific graduated protective measures and actions to be taken to increase licensee preparedness against a heightened security threat.

    (i) Licensees shall ensure that the specific protective measures and actions identified for each threat level are consistent with the security plans and other emergency plans and procedures.

    (ii) Upon notification by an authorized representative of the

    Commission, licensees shall implement the specific threat level indicated by the Commission representative.

    (l) Facilities using mixed-oxide (MOX) fuel assemblies containing up to 20 weight percent plutonium dioxide (PuO2). (1) Commercial nuclear power reactors licensed under 10 CFR parts 50 or 52 and authorized to use special nuclear material in the form of MOX fuel assemblies containing up to 20 weight percent PuO2shall, in addition to meeting the requirements of this section, protect un- irradiated MOX fuel assemblies against theft or diversion as described in this paragraph.

    (2) Commercial nuclear power reactors authorized to use MOX fuel assemblies containing up to 20 weight percent PuO2are exempt from the requirements of Sec. Sec. 73.20, 73.45, and 73.46 for the onsite physical protection of un-irradiated MOX fuel assemblies.

    (3) Administrative controls.

    (i) The licensee shall describe in the security plans the operational and administrative controls to be implemented for the receipt, inspection, movement, storage, and protection of un-irradiated

    MOX fuel assemblies.

    (ii) The licensee shall implement the use of tamper-indicating devices for un-irradiated MOX fuel assembly transport and shall verify their use and integrity before receipt.

    (iii) Upon receipt of un-irradiated MOX fuel assemblies, the licensee shall:

    (A) Inspect un-irradiated MOX fuel assemblies for damage.

    (B) Search un-irradiated MOX fuel assemblies for unauthorized materials.

    (iv) The licensee may conduct the required inspection and search functions simultaneously.

    (v) The licensee shall ensure the proper placement and control of un-irradiated MOX fuel assemblies as follows:

    (A) At least one armed security officer shall be present during the receipt and inspection of un-irradiated MOX fuel assemblies. This armed security officer

    Page 13978

    shall not be an armed responder as required by paragraph (k) of this section.

    (B) The licensee shall store un-irradiated MOX fuel assemblies only within a spent fuel pool, located within a vital area, so that access to the un-irradiated MOX fuel assemblies requires passage through at least two physical barriers and the water barrier combined with the additional measures detailed in this section.

    (vi) The licensee shall implement a material control and accountability program that includes a predetermined and documented storage location for each un-irradiated MOX fuel assembly.

    (4) Physical controls.

    (i) The licensee shall lock, lockout, or disable all equipment and power supplies to equipment required for the movement and handling of un-irradiated MOX fuel assemblies when movement activities are not authorized.

    (ii) The licensee shall implement a two-person, line-of-sight rule within the spent fuel pool area whenever control systems or equipment required for the movement or handling of un-irradiated MOX fuel assemblies must be accessed.

    (iii) The licensee shall conduct random patrols of areas containing un-irradiated MOX fuel assemblies to identify indications of tampering and ensure the integrity of barriers and locks.

    (iv) Locks, keys, and any other access control device used to secure equipment and power sources required for the movement of un- irradiated MOX fuel assemblies, or openings to areas containing un- irradiated MOX fuel assemblies, must be controlled by the security organization.

    (v) Removal of locks used to secure equipment and power sources required for the movement of un-irradiated MOX fuel assemblies or openings to areas containing un-irradiated MOX fuel assemblies must require approval by both the on-duty security shift supervisor and the operations shift manager.

    (A) At least one armed security officer shall be present to observe activities involving the movement of un-irradiated MOX fuel assemblies before the removal of the locks and providing power to equipment required for the movement or handling of un-irradiated MOX fuel assemblies.

    (B) At least one armed security officer shall be present at all times until power is removed from equipment and locks are secured.

    (C) Security officers shall be knowledgeable of authorized and unauthorized activities involving un-irradiated MOX fuel assemblies.

    (5) At least one armed security officer shall be present and shall maintain constant surveillance of un-irradiated MOX fuel assemblies when the assemblies are not located in the spent fuel pool or reactor.

    (6) The licensee shall maintain at all times the capability to detect, assess, interdict and neutralize threats to un-irradiated MOX fuel assemblies in accordance with the requirements of this section.

    (7) MOX fuel assemblies containing greater than 20 weight percent

    PuO2.

    (i) Requests for the use of MOX fuel assemblies containing greater than 20 weight percent PuO2shall be reviewed and approved by the Commission before receipt of MOX fuel assemblies.

    (ii) Additional measures for the physical protection of un- irradiated MOX fuel assemblies containing greater than 20 weight percent PuO2shall be determined by the Commission on a case-by-case basis and documented through license amendment in accordance with 10 CFR 50.90.

    (m) Security program reviews. (1) As a minimum the licensee shall review each element of the physical protection program at least every 24 months. Reviews shall be conducted:

    (i) Within 12 months following initial implementation of the physical protection program or a change to personnel, procedures, equipment, or facilities that potentially could adversely affect security.

    (ii) As necessary based upon site-specific analyses, assessments, or other performance indicators.

    (iii) By individuals independent of those personnel responsible for program management and any individual who has direct responsibility for implementing the onsite physical protection program.

    (2) Reviews of the security program must include, but not be limited to, an audit of the effectiveness of the physical security program, security plans, implementing procedures, cyber security programs, safety/security interface activities, the testing, maintenance, and calibration program, and response commitments by local, State, and Federal law enforcement authorities.

    (3) The results and recommendations of the onsite physical protection program reviews, management's findings regarding program effectiveness, and any actions taken as a result of recommendations from prior program reviews, must be documented in a report to the licensee's plant manager and to corporate management at least one level higher than that having responsibility for day-to-day plant operation.

    These reports must be maintained in an auditable form, available for inspection.

    (4) Findings from onsite physical protection program reviews must be entered into the site corrective action program.

    (n) Maintenance, testing, and calibration. (1) The licensee shall:

    (i) Establish, maintain, and implement a maintenance, testing and calibration program to ensure that security systems and equipment, including secondary and uninterruptible power supplies, are tested for operability and performance at predetermined intervals, maintained in operable condition, and are capable of performing their intended functions.

    (ii) Describe the maintenance, testing and calibration program in the physical security plan. Implementing procedures must specify operational and technical details required to perform maintenance, testing, and calibration activities to include, but not limited to, purpose of activity, actions to be taken, acceptance criteria, and the intervals or frequency at which the activity will be performed.

    (iii) Identify in procedures the criteria for determining when problems, failures, deficiencies, and other findings are documented in the site corrective action program for resolution.

    (iv) Ensure that information documented in the site corrective action program is written in a manner that does not constitute safeguards information as defined in 10 CFR 73.21.

    (v) Implement compensatory measures that ensure the effectiveness of the onsite physical protection program when there is a failure or degraded operation of security-related component or equipment.

    (2) The licensee shall test each intrusion alarm for operability at the beginning and end of any period that it is used for security, or if the period of continuous use exceeds seven (7) days. The intrusion alarm must be tested at least once every seven (7) days.

    (3) Intrusion detection and access control equipment must be performance tested in accordance with the security plans and implementing procedures.

    (4) Equipment required for communications onsite must be tested for operability not less frequently than once at the beginning of each security personnel work shift.

    (5) Communication systems between the alarm stations and each control room, and between the alarm stations and local law enforcement agencies, to include backup communication equipment, must be tested for operability at least once each day.

    Page 13979

    (6) Search equipment must be tested for operability at least once each day and tested for performance at least once during each seven (7) day period.

    (7) A program for testing or verifying the operability of devices or equipment located in hazardous areas must be specified in the implementing procedures and must define alternate measures to be taken to ensure the timely completion of testing or maintenance when the hazardous condition or other restrictions are no longer applicable.

    (8) Security equipment or systems shall be tested in accordance with the site maintenance, testing and calibration procedures before being placed back in service after each repair or inoperable state.

    (o) Compensatory measures. (1) The licensee shall identify criteria and measures to compensate for degraded or inoperable equipment, systems, and components to meet the requirements of this section.

    (2) Compensatory measures must provide a level of protection that is equivalent to the protection that was provided by the degraded or inoperable, equipment, system, or components.

    (3) Compensatory measures must be implemented within specific time frames necessary to meet the requirements stated in paragraph (b) of this section and described in the security plans.

    (p) Suspension of security measures. (1) The licensee may suspend implementation of affected requirements of this section under the following conditions:

    (i) In accordance with Sec. Sec. 50.54(x) and 50.54(y) of this chapter, the licensee may suspend any security measures under this section in an emergency when this action is immediately needed to protect the public health and safety and no action consistent with license conditions and technical specifications that can provide adequate or equivalent protection is immediately apparent. This suspension of security measures must be approved as a minimum by a licensed senior operator before taking this action.

    (ii) During severe weather when the suspension of affected security measures is immediately needed to protect the personal health and safety of security force personnel and no other immediately apparent action consistent with the license conditions and technical specifications can provide adequate or equivalent protection. This suspension of security measures must be approved, as a minimum, by a licensed senior operator, with input from the security supervisor or manager, before taking this action.

    (2) Suspended security measures must be reinstated as soon as conditions permit.

    (3) The suspension of security measures must be reported and documented in accordance with the provisions of Sec. 73.71.

    (q) Records. (1) The Commission may inspect, copy, retain, and remove all reports, records, and documents required to be kept by

    Commission regulations, orders, or license conditions, whether the reports, records, and documents are kept by the licensee or a contractor.

    (2) The licensee shall maintain all records required to be kept by

    Commission regulations, orders, or license conditions, until the

    Commission terminates the license for which the records were developed, and shall maintain superseded portions of these records for at least three (3) years after the record is superseded, unless otherwise specified by the Commission.

    (3) If a contracted security force is used to implement the onsite physical protection program, the licensee's written agreement with the contractor must be retained by the licensee as a record for the duration of the contract.

    (4) Review and audit reports must be maintained and available for inspection, for a period of three (3) years.

    (r) Alternative measures. (1) The Commission may authorize an applicant or licensee to provide a measure for protection against radiological sabotage other than one required by this section if the applicant or licensee demonstrates that:

    (i) The measure meets the same performance objectives and requirements specified in paragraph (b) of this section; and

    (ii) The proposed alternative measure provides protection against radiological sabotage or theft of un-irradiated MOX fuel assemblies, equivalent to that which would be provided by the specific requirement for which it would substitute.

    (2) The licensee shall submit proposed alternative measure(s) to the Commission for review and approval in accordance with Sec. Sec. 50.4 and 50.90 of this chapter before implementation.

    (3) In addition to fully describing the desired changes, the licensee shall submit a technical basis for each proposed alternative measure. The basis must include an analysis or assessment that demonstrates how the proposed alternative measure provides a level of protection that is at least equal to that which would otherwise be provided by the specific requirement of this section.

    (4) Alternative vehicle barrier systems. In the case of vehicle barrier systems required by Sec. 73.55(e)(10), the licensee shall demonstrate that:

    (i) The alternative measure provides protection against the use of a vehicle as a means of transportation to gain proximity to vital areas;

    (ii) The alternative measure provides protection against the use of a vehicle as a vehicle bomb; and

    (iii) Based on comparison of the costs of the alternative measures to the costs of meeting the Commission's requirements using the essential elements of 10 CFR 50.109, the costs of fully meeting the

    Commission's requirements are not justified by the protection that would be provided. 0 13. Section 73.56 is revised to read as follow:

    Sec. 73.56 Personnel access authorization requirements for nuclear power plants.

    (a) Introduction. (1) By March 31, 2010, each nuclear power reactor licensee, licensed under 10 CFR part 50, shall implement the requirements of this section through revisions to its Commission- approved Physical Security Plan.

    (2) The licensee shall establish, implement and maintain its access authorization program in accordance with the requirements of this section.

    (3) Each applicant for an operating license under the provisions of part 50 of this chapter, and each holder of a combined license under the provisions of part 52 of this chapter, shall implement the requirements of this section before fuel is allowed on site (protected area).

    (4) The licensee or applicant may accept, in part or whole, an access authorization program implemented by a contractor or vendor to satisfy appropriate elements of the licensee's access authorization program in accordance with the requirements of this section. Only a licensee shall grant an individual unescorted access. Licensees and applicants shall certify individuals' unescorted access authorization and are responsible to maintain, deny, terminate, or withdraw unescorted access authorization.

    (b) Applicability. (1) The following individuals shall be subject to an access authorization program:

    (i) Any individual to whom a licensee intends to grant unescorted access to nuclear power plant protected or vital areas or any individual for whom a licensee or an applicant intends to certify unescorted access authorization;

    (ii) Any individual whose duties and responsibilities permit the individual to take actions by electronic means, either

    Page 13980

    on site or remotely, that could adversely impact the licensee's or applicant's operational safety, security, or emergency preparedness;

    (iii) Any individual who has responsibilities for implementing a licensee's or applicant's protective strategy, including, but not limited to, armed security force officers, alarm station operators, and tactical response team leaders; and

    (iv) The licensee or applicant access authorization program reviewing official or contractor or vendor access authorization program reviewers.

    (2) Other individuals, at the licensee's or applicant's discretion, including employees of a contractor or a vendor who are designated in access authorization program procedures, are subject to an access authorization program that meets the requirements of this section.

    (c) General performance objective. The licensee's or applicant's access authorization program must provide high assurance that the individuals who are specified in paragraph (b)(1), and, if applicable, paragraph (b)(2) of this section are trustworthy and reliable, such that they do not constitute an unreasonable risk to public health and safety or the common defense and security, including the potential to commit radiological sabotage.

    (d) Background investigation. In order to grant an individual unescorted access to the protected area or vital area of a nuclear power plant or certify an individual unescorted access authorization, licensees, applicants and contractors or vendors shall ensure that the individual has been subject to a background investigation. The background investigation must include, but is not limited to, the following elements:

    (1) Informed consent. Licensees, applicants, and contractors or vendors shall not initiate any element of a background investigation without the informed and signed consent of the subject individual. This consent shall include authorization to share personal information with appropriate entities. The licensee or applicant to whom the individual is applying for unescorted access and unescorted access authorization, respectively, or the contractors or vendors supporting the licensee or applicant shall inform the individual of his or her right to review information collected to assure its accuracy, and provide the individual with an opportunity to correct any inaccurate or incomplete information that is developed by licensees, applicants, or contractors or vendors about the individual.

    (i) The subject individual may withdraw his or her consent at any time. Licensees, applicants, and contractors or vendors shall inform the individual that:

    (A) Withdrawal of his or her consent will remove the individual's application for access authorization under the licensee's or applicant's access authorization program or contractor or vendor access authorization program; and

    (B) Other licensees and applicants shall have access to information documenting the withdrawal. Additionally, the contractors or vendors may have the same access to the information, if such information is necessary for assisting licensees or applicants complying with requirements set forth in this section.

    (ii) If an individual withdraws his or her consent, licensees, applicants, and contractors or vendors may not initiate any elements of the background investigation that were not in progress at the time the individual withdrew his or her consent, but shall complete any background investigation elements that are in progress at the time consent is withdrawn. The licensee or applicant shall record the status of the individual's application for unescorted access or unescorted access authorization, respectively. Contractors or vendors may record the status of the individual's application for unescorted access or unescorted access authorization for licensees or applicants.

    Additionally, licensees, applicants, or contractors or vendors shall collect and maintain the individual's application for unescorted access or unescorted access authorization; his or her withdrawal of consent for the background investigation; the reason given by the individual for the withdrawal; and any pertinent information collected from the background investigation elements that were completed. This information must be shared with other licensees in accordance with paragraph (o)(6) of this section.

    (iii) Licensees, applicants, and contractors or vendors shall inform, in writing, any individual who is applying for unescorted access or unescorted access authorization that the following actions are sufficient cause for denial or unfavorable termination of unescorted access or unescorted access authorization status:

    (A) Refusal to provide a signed consent for the background investigation;

    (B) Refusal to provide, or the falsification of, any personal history information required under this section, including the failure to report any previous denial or unfavorable termination of unescorted access or unescorted access authorization;

    (C) Refusal to provide signed consent for the sharing of personal information with other licensees, applicants, or the contractor or vendors under paragraph (d)(4)(v) of this section; or

    (D) Failure to report any arrests or legal actions specified in paragraph (g) of this section.

    (2) Personal history disclosure.

    (i) Any individual who is applying for unescorted access or unescorted access authorization shall disclose the personal history information that is required by the licensee's or applicant's access authorization program, including any information that may be necessary for the reviewing official to make a determination of the individual's trustworthiness and reliability.

    (ii) Licensees, applicants, and contractors or vendors shall not require an individual to disclose an administrative withdrawal of unescorted access or unescorted access authorization under the requirements of Sec. 73.56(g), (h)(7), or (i)(1)(v) of this section.

    However, the individual must disclose this information if the individual's unescorted access or unescorted access authorization is administratively withdrawn at the time he or she is seeking unescorted access or unescorted access authorization, or the individual's unescorted access or unescorted access authorization was subsequently denied or terminated unfavorably by a licensee, applicant, or contractor or vendor.

    (3) Verification of true identity. Licensees, applicants, and contractors or vendors shall verify the true identity of an individual who is applying for unescorted access or unescorted access authorization in order to ensure that the applicant is the person that he or she has claimed to be. At a minimum, licensees, applicants, and contractors or vendors shall validate that the social security number that the individual has provided is his or hers, and, in the case of foreign nationals, validate the claimed non-immigration status that the individual has provided is correct. In addition, licensees and applicants shall also determine whether the results of the fingerprinting required under Sec. 73.57 confirm the individual's claimed identity, if such results are available.

    (4) Employment history evaluation. Licensees, applicants, and contractors or vendors shall ensure that an employment history evaluation has been completed on a best effort basis, by questioning the individual's present and former employers, and by determining

    Page 13981

    the activities of the individual while unemployed.

    (i) For the claimed employment period, the individual must provide the reason for any termination, eligibility for rehire, and other information that could reflect on the individual's trustworthiness and reliability.

    (ii) If the claimed employment was military service the individual shall provide a characterization of service, reason for separation, and any disciplinary actions that could affect a trustworthiness and reliability determination.

    (iii) If education is claimed in lieu of employment, the individual shall provide any information related to the claimed education that could reflect on the individual's trustworthiness and reliability and, at a minimum, verify that the individual was registered for the classes and received grades that indicate that the individual participated in the educational process during the claimed period.

    (iv) If a previous employer, educational institution, or any other entity with which the individual claims to have been engaged fails to provide information or indicates an inability or unwillingness to provide information within 3 business days of the request, the licensee, applicant, or contractor or vendor shall:

    (A) Document this refusal or unwillingness in the licensee's, applicant's, or contractor's or vendor's record of the investigation; and

    (B) Obtain a confirmation of employment, educational enrollment and attendance, or other form of engagement claimed by the individual from at least one alternate source that has not been previously used.

    (v) When any licensee, applicant, contractor, or vendor is seeking the information required for an unescorted access or unescorted access authorization decision under this section and has obtained a signed release from the subject individual authorizing the disclosure of such information, other licensees, applicants, contractors and vendors shall make available the personal or access authorization information requested regarding the denial or unfavorable termination of unescorted access or unescorted access authorization.

    (vi) In conducting an employment history evaluation, the licensee, applicant, contractor, or vendor may obtain information and documents by electronic means, including, but not limited to, telephone, facsimile, or e-mail. Licensees, applicants, contractors, or vendors shall make a record of the contents of the telephone call and shall retain that record, and any documents or electronic files obtained electronically, in accordance with paragraph (o) of this section.

    (5) Credit history evaluation. Licensees, applicants, contractors and vendors shall ensure that the full credit history of any individual who is applying for unescorted access or unescorted access authorization is evaluated. A full credit history evaluation must include, but is not limited to, an inquiry to detect potential fraud or misuse of social security numbers or other financial identifiers, and a review and evaluation of all of the information that is provided by a national credit-reporting agency about the individual's credit history.

    For individuals including foreign nationals and United States citizens who have resided outside the United States and do not have established credit history that covers at least the most recent seven years in the

    United States, the licensee, applicant, contractor or vendor must document all attempts to obtain information regarding the individual's credit history and financial responsibility from some relevant entity located in that other country or countries.

    (6) Character and reputation evaluation. Licensees, applicants, contractors, and vendors shall ascertain the character and reputation of an individual who has applied for unescorted access or unescorted access authorization by conducting reference checks. Reference checks may not be conducted with any person who is known to be a close member of the individual's family, including but not limited to, the individual's spouse, parents, siblings, or children, or any individual who resides in the individual's permanent household. The reference checks must focus on the individual's reputation for trustworthiness and reliability.

    (7) Criminal history review. The licensee's or applicant's reviewing official shall evaluate the entire criminal history record of an individual who is applying for unescorted access or unescorted access authorization to determine whether the individual has a record of criminal activity that may adversely impact his or her trustworthiness and reliability. A criminal history record must be obtained in accordance with the requirements of Sec. 73.57. For individuals who do not have or are not expected to have unescorted access, a criminal history record of the individual shall be obtained in accordance with the requirements set forth in paragraph (k)(1)(ii) of this section.

    (e) Psychological assessment. In order to assist in determining an individual's trustworthiness and reliability, licensees, applicants, contractors or vendors shall ensure that a psychological assessment has been completed before the individual is granted unescorted access or certified unescorted access authorization. Individuals who are applying for initial unescorted access or unescorted access authorization, or who have not maintained unescorted access or unescorted access authorization for greater than 365 days, shall be subject to a psychological assessment. The psychological assessment must be designed to evaluate the possible adverse impact of any noted psychological characteristics on the individual's trustworthiness and reliability.

    (1) A licensed psychologist or psychiatrist with the appropriate training and experience shall conduct the psychological assessment.

    (2) The psychological assessment must be conducted in accordance with the applicable ethical principles for conducting such assessments established by the American Psychological Association or American

    Psychiatric Association.

    (3) At a minimum, the psychological assessment must include the administration and interpretation of a standardized, objective, professionally-accepted psychological test that provides information to identify indications of disturbances in personality or psychopathology that may have adverse implications for an individual's trustworthiness and reliability. A psychiatrist or psychologist specified in paragraph

    (e) of this section shall establish the predetermined thresholds for each scale, in accordance with paragraph (e)(2) of this section, that must be applied in interpreting the results of the psychological test to determine whether an individual must be interviewed by a licensed psychiatrist or psychologist, under Sec. 73.56(e)(4)(i) of this section.

    (4) The psychological assessment must include a clinical interview:

    (i) If an individual's scores on the psychological test in paragraph (e)(3) of this section identify indications of disturbances in personality or psychopathology that may have implications for an individual's trustworthiness and reliability; or

    (ii) If the individual is a member of the population that performs one or more job functions that are critical to the safe and secure operation of the licensee's facility, as defined in paragraph

    (i)(1)(v)(B) of this section.

    Page 13982

    (5) In the course of conducting a psychological assessment for those individuals who are specified in paragraph (h) of this section for initial unescorted access or unescorted access authorization category, if the licensed psychologist or psychiatrist identifies or discovers any information, including a medical condition, that could adversely impact the individual's fitness for duty or trustworthiness and reliability, the licensee, applicant, or contractor or vendor shall ensure that the psychologist or psychiatrist contact appropriate medical personnel to obtain further information as need for a determination. The results of the evaluation and a recommendation shall be provided to the licensee's or applicant's reviewing official.

    (6) During psychological reassessments, if the licensed psychologist or psychiatrist identifies or discovers any information, including a medical condition, that could adversely impact the fitness for duty or trustworthiness and reliability of those individuals who are currently granted unescorted access or certified unescorted access authorization status, he or she shall inform (1) the reviewing official of the discovery within 24 hours of the discovery and (2) the medical personnel designated in the site implementing procedures, who shall ensure that an appropriate evaluation of the possible medical condition is conducted under the requirements of part 26 of this chapter. The results of the evaluation and a recommendation shall be provided to the licensee's or applicant's reviewing official.

    (f) Behavioral observation. (1) Licensee and applicant access authorization programs must include a behavioral observation program that is designed to detect behaviors or activities that may constitute an unreasonable risk to the health and safety of the public and common defense and security, including a potential threat to commit radiological sabotage. Licensees, applicants and contractors or vendors must ensure that the individuals specified in paragraph (b)(1) and, if applicable, (b)(2) of this section are subject to behavioral observation.

    (2) Each person subject to the behavior observation program shall be responsible for communicating to the licensee or applicant observed behaviors of individuals subject to the requirements of this section.

    Such behaviors include any behavior of individuals that may adversely affect the safety or security of the licensee's facility or that may constitute an unreasonable risk to the public health and safety or the common defense and security, including a potential threat to commit radiological sabotage.

    (i) Licensees, applicants, and contractors or vendors shall ensure that individuals who are subject to this section also successfully complete initial behavioral observation training and requalification behavior observation training as required in paragraphs (f)(2)(ii) and

    (iii) of this section.

    (ii) Behavioral observation training must be:

    (A) Completed before the licensee grants unescorted access or certifies unescorted access authorization or an applicant certifies unescorted access authorization, as defined in paragraph (h)(4)(ii) of this section,

    (B) Current before the licensee grants unescorted access update or reinstatement or licensee or applicant certifies unescorted access authorization reinstatement as defined in paragraph (h)(4)(ii) of this section, and

    (C) Maintained in a current status during any period of time an individual possesses unescorted access or unescorted access authorization in accordance with paragraph (f)(2)(iv) of this section.

    (iii) For initial behavioral observation training, individuals shall demonstrate completion by passing a comprehensive examination that addresses the knowledge and abilities necessary to detect behavior or activities that have the potential to constitute an unreasonable risk to the health and safety of the public and common defense and security, including a potential threat to commit radiological sabotage.

    Remedial training and re-testing are required for individuals who fail to satisfactorily complete the examination.

    (iv) Individuals shall complete refresher training on a nominal 12- month frequency, or more frequently where the need is indicated.

    Individuals may take and pass a comprehensive examination that meets the requirements of paragraph (f)(2)(iii) of this section in lieu of completing annual refresher training.

    (v) Initial and refresher training may be delivered using a variety of media, including, but not limited to, classroom lectures, required reading, video, or computer-based training systems. The licensee, applicant, or contractor or vendor shall monitor the completion of training.

    (3) Individuals who are subject to an access authorization program under this section shall at a minimum, report any concerns arising from behavioral observation, including, but not limited to, concerns related to any questionable behavior patterns or activities of others to the reviewing official, his or her supervisor, or other management personnel designated in their site procedures. The recipient of the report shall, if other than the reviewing official, promptly convey the report to the reviewing official, who shall reassess the reported individual's unescorted access or unescorted access authorization status. The reviewing official shall determine the elements of the reassessment based on the accumulated information of the individual. If the reviewing official has a reason to believe that the reported individual's trustworthiness or reliability is questionable, the reviewing official shall either administratively withdraw or terminate the individual's unescorted access or unescorted access authorization while completing the re-evaluation or investigation. If the reviewing official determines from the information provided that there is cause for additional action, the reviewing official may inform the supervisor of the reported individual.

    (g) Self-reporting of legal actions. (1) Any individual who has applied for unescorted access or unescorted access authorization or is maintaining unescorted access or unescorted access authorization under this section shall promptly report to the reviewing official, his or her supervisor, or other management personnel designated in site procedures any legal action(s) taken by a law enforcement authority or court of law to which the individual has been subject that could result in incarceration or a court order or that requires a court appearance, including but not limited to an arrest, an indictment, the filing of charges, or a conviction, but excluding minor civil actions or misdemeanors such as parking violations or speeding tickets. The recipient of the report shall, if other than the reviewing official, promptly convey the report to the reviewing official. On the day that the report is received, the reviewing official shall evaluate the circumstances related to the reported legal action(s) and re-determine the reported individual's unescorted access or unescorted access authorization status.

    (2) The licensee or applicant shall inform the individual of this obligation, in writing, prior to granting unescorted access or certifying unescorted access authorization.

    (h) Granting unescorted access and certifying unescorted access authorization. Licensees and applicants shall implement the requirements of this paragraph for granting or certifying initial or reinstated unescorted access or unescorted access authorization. The

    Page 13983

    investigatory information collected to satisfy the requirements of this section for individuals who are being considered for unescorted access or unescorted access authorization shall be valid for a trustworthiness and reliability determination by a licensee or applicant for 30 calendar days.

    (1) Determination basis.

    (i) The licensee's or applicant's reviewing official shall determine whether to grant, certify, deny, unfavorably terminate, maintain, or administratively withdraw an individual's unescorted access or unescorted access authorization status, based on an evaluation of all of the information required by this section.

    (ii) The licensee's or applicant's reviewing official may not grant unescorted access or certify unescorted access authorization status to an individual until all of the information required by this section has been evaluated by the reviewing official and the reviewing official has determined that the accumulated information supports a determination of the individual's trustworthiness and reliability. However, the reviewing official may deny or terminate unescorted access or unescorted access authorization of any individual based on disqualifying information even if not all the information required by this section has been collected or evaluated.

    (2) Unescorted access for NRC-certified personnel. Licensees and applicants shall grant unescorted access to any individual who has been certified by the Nuclear Regulatory Commission as suitable for such access.

    (3) Access denial. Licensees or applicants may not permit an individual, who is identified as having an access-denied status by another licensee subject to this section, or has an access authorization status other than favorably terminated, to enter any nuclear power plant protected area or vital area, under escort or otherwise, or take actions by electronic means that could adversely impact the licensee's or applicant's safety, security, or emergency response or their facilities, under supervision or otherwise, except upon completion of the initial unescorted access authorization process.

    (4) Granting unescorted access and certifying unescorted access authorization.

    (i) Initial unescorted access or unescorted access authorization.

    In satisfying the requirements of paragraph (h)(1) of this section, for individuals who have never held unescorted access or unescorted access authorization status or whose unescorted access or unescorted access authorization status has been interrupted for a period of 3 years or more, the licensee, applicant, or contractor or vendor shall satisfy the requirements of paragraphs (d), (e), (f), and (g) of this section.

    In meeting requirements set forth in paragraph (d)(4) of this section, the licensee, applicant, or contractor or vendor shall evaluate the 3 years before the date on which the application for unescorted access was submitted, or since the individual's eighteenth birthday, whichever is shorter. For the 1-year period proceeding the date upon which the individual applies for unescorted access or unescorted access authorization, the licensee, applicant or contractor or vendor shall ensure that the employment history evaluation is conducted with every employer, regardless of the length of employment. For the remaining 2- year period, the licensee, applicant, or contractor or vendor shall ensure that the employment history evaluation is conducted with the employer by whom the individual claims to have been employed the longest within each calendar month.

    (ii) Reinstatement of Unescorted Access. In satisfying the requirements of paragraph (h)(1) of this section, for individuals who have previously been granted unescorted access or unescorted access authorization, but whose access had been terminated under favorable conditions, licensees, applicants or contractors or vendors shall satisfy the requirements of paragraphs (d), (e), (f), and (g) of this section, with consideration of the specific requirements for periods of interruption described below in paragraphs (h)(4)(ii)(A) or

    (h)(4)(ii)(B) of this section, as applicable. However, for individuals whose unescorted access or unescorted access authorization was interrupted for less than or equal to 30 calendar days, licensees, applicants, or contractors or vendors must only satisfy the requirements set forth in paragraphs (d)(1), (d)(2), and (d)(3) of this section. The applicable periods of interruption are determined by the number of calendar days between the day after the individual's access was terminated and the day upon which the individual applies for unescorted access or unescorted access authorization.

    (A) For individuals whose last unescorted access or unescorted access authorization status has been interrupted for more than 30 calendar days but less than or equal to 365 calendar days, the licensee, applicant or contractor or vendor shall complete the individual's employment history evaluation in accordance with the requirements of paragraph (d)(4) of this section, within 5 business days after reinstatement. The licensee, applicant, or contractor or vendor shall ensure that the employment history evaluation has been conducted with the employer by whom the individual claims to have been employed the longest within the calendar month. However, if the employment history evaluation is not completed within 5 business days of reinstatement due to circumstances that are outside of the licensee's, applicant's, or contractor's or vendor's control and the licensee or applicant, contractor or vendor is not aware of any potentially disqualifying information regarding the individual within the past 5 years, the licensee may extend the individual's unescorted access an additional 5 business days. If the employment history evaluation is not completed within this extended 5 business days, the licensee shall administratively withdraw unescorted access and complete the employment history evaluation in accordance with Sec. 73.56(d)(4) of this section. For re-certification of unescorted access authorization, prior to re-certification of unescorted access authorization status of an individual, the licensee or applicant shall complete all the elements stated above including drug screening and employment evaluation.

    (B) For individuals whose last unescorted access or unescorted access authorization status has been interrupted for greater than 365 calendar days but fewer than 3 years the licensee, applicant or contractor or vendor shall evaluate the period of time since the individual last held unescorted access or unescorted access authorization status, up to and including the day the individual applies for re-instated unescorted access authorization. For the 1-year period proceeding the date upon which the individual applies for unescorted access authorization, the licensee, applicant, or contractor or vendor shall ensure that the employment history evaluation is conducted with every employer, regardless of the length of employment.

    For the remaining period, the licensee, applicant or contractor or vendor shall ensure that the employment history evaluation is conducted with the employer by whom the individual claims to have been employed the longest within each calendar month. In addition, the individual shall be subject to the psychological assessment required in Sec. 73.56(e).

    (5) Accepting unescorted access authorization from other access authorization programs. Licensees who are seeking to grant unescorted access or certify unescorted access authorization

    Page 13984

    or applicants who are seeking to certify unescorted access authorization to an individual who is subject to another access authorization program or another access authorization program that complies with this section may rely on those access authorization programs or access authorization program elements to comply with the requirements of this section. However, the licensee who is seeking to grant unescorted access or the licensee or applicant who is seeking to certify unescorted access authorization shall ensure that the program elements to be accepted have been maintained consistent with the requirements of this section by the other access authorization program.

    (6) Information sharing. To meet the requirements of this section, licensees, applicants, and contractors or vendors may rely upon the information that other licensees, applicants, and contractors or vendors who are also subject to this section, have gathered about individuals who have previously applied for unescorted access or unescorted access authorization, and developed about individuals during periods in which the individuals maintained unescorted access or unescorted access authorization status.

    (i) Maintaining unescorted access or unescorted access authorization.

    (1) Individuals may maintain unescorted access or unescorted access authorization status under the following conditions:

    (i) The individual remains subject to a behavioral observation program that complies with the requirements of Sec. 73.56(f) of this section.

    (ii) The individual successfully completes behavioral observation refresher training or testing on the nominal 12-month frequency required in Sec. 73.56(f)(2)(ii) of this section.

    (iii) The individual complies with the licensee's or applicant's access authorization program policies and procedures to which he or she is subject, including the self-reporting of legal actions responsibility specified in paragraph (g) of this section.

    (iv) The individual is subject to an annual supervisory review conducted in accordance with the requirements of the licensee's or applicant's behavioral observation program. The individual shall be subject to a supervisory interview in accordance with the requirements of the licensee's or applicant's behavioral observation program, if the supervisor does not have the frequent interaction with the individual throughout the review period needed to form an informed and reasonable opinion regarding the individual's behavior, trustworthiness, and reliability.

    (v) The licensee's or applicant's reviewing official determines that the individual continues to be trustworthy and reliable. This determination must, at a minimum, be based on the following:

    (A) A criminal history update and credit history re-evaluation for any individual with unescorted access. The criminal history update and credit history re-evaluation must be completed within 5 years of the date on which these elements were last completed.

    (B) For individuals who perform one or more of the job functions described in this paragraph, the trustworthiness and reliability determination must be based on a criminal history update and credit history re-evaluation within three years of the date on which these elements were last completed, or more frequently, based on job assignment as determined by the licensee or applicant, and a psychological re-assessment within 5 years of the date on which this element was last completed:

    (1) Individuals who have extensive knowledge of defensive strategies and design and/or implementation of the plant's defense strategies, including--

    (i) Site security supervisors;

    (ii) Site security managers;

    (iii) Security training instructors; and

    (iv) Corporate security managers;

    (2) Individuals in a position to grant an applicant unescorted access or unescorted access authorization, including site access authorization managers;

    (3) Individuals assigned a duty to search for contraband or other items that could be used to commit radiological sabotage (i.e., weapons, explosives, incendiary devices);

    (4) Individuals who have access, extensive knowledge, or administrative control over plant digital computer and communication systems and networks as identified in Sec. 73.54, including--

    (i) Plant network systems administrators;

    (ii) IT personnel who are responsible for securing plant networks; or

    (5) Individuals qualified for and assigned duties as: armed security officers, armed responders, alarm station operators, response team leaders, and armorers as defined in the licensee's or applicant's

    Physical Security Plan; and reactor operators, senior reactor operators and non-licensed operators. Non-licensed operators include those individuals responsible for the operation of plant systems and components, as directed by a reactor operator or senior reactor operator. A non-licensed operator also includes individuals who monitor plant instrumentation and equipment and principally perform their duties outside of the control room.

    (C) The criminal history update and the credit history re- evaluation shall be completed within 30 calendar days of each other.

    (vi) If the criminal history update, credit history re-evaluation, psychological re-assessment, if required, and supervisory review and interview, if applicable, have not been completed and the information evaluated by the reviewing official within the time frame specified under paragraph (v) of this section, the licensee or applicant shall administratively withdraw the individual's unescorted access or unescorted access authorization until these requirements have been met.

    (2) If an individual who has unescorted access or unescorted access authorization status is not subject to an access authorization program that meets the requirements of this part for more than 30 continuous days, then the licensee or applicant shall terminate the individual's unescorted access or unescorted access authorization status and the individual shall meet the requirements in this section, as applicable, to regain unescorted access or unescorted access authorization.

    (j) Access to vital areas. Licensees or applicants shall establish, implement, and maintain a list of individuals who are authorized to have unescorted access to specific nuclear power plant vital areas during non-emergency conditions. The list must include only those individuals who have a continued need for access to those specific vital areas in order to perform their duties and responsibilities. The list must be approved by a cognizant licensee or applicant manager or supervisor who is responsible for directing the work activities of the individual who is granted unescorted access to each vital area, and updated and re-approved no less frequently than every 31 days.

    (k) Trustworthiness and reliability of background screeners and access authorization program personnel. Licensees, applicants, and contractors or vendors shall ensure that any individual who collects, processes, or has access to personal information that is used to make unescorted access or unescorted access authorization determinations under this section has been determined to be trustworthy and reliable.

    (1) Background screeners. Licensees, applicants, and contractors or vendors who rely on individuals who are not directly under their control to collect and process information that will be used by a reviewing official to make

    Page 13985

    unescorted access or unescorted access authorization determinations shall ensure that a trustworthiness and reliability evaluation of such individuals has been completed to support a determination that such individuals are trustworthy and reliable. At a minimum, the following checks are required:

    (i) Verify the individual's true identity as specified in paragraph

    (d)(3) of this section;

    (ii) A local criminal history review and evaluation based on information obtained from an appropriate State or local court or agency in which the individual resided;

    (iii) A credit history review and evaluation;

    (iv) An employment history review and evaluation covering the past 3 years; and

    (v) An evaluation of character and reputation.

    (2) Access authorization program personnel. Licensees, applicants, and contractors or vendors shall ensure that any individual who evaluates personal information for the purpose of processing applications for unescorted access or unescorted access authorization, including but not limited to a psychologist or psychiatrist who conducts psychological assessments under Sec. 73.56(e), has access to the files, records, and personal information associated with individuals who have applied for unescorted access or unescorted access authorization, or is responsible for managing any databases that contain such files, records, and personal information has been determined to be trustworthy and reliable, as follows:

    (i) The individual is subject to an access authorization program that meets the requirements of this section; or

    (ii) The licensee, applicant, and contractor or vendor determines that the individual is trustworthy and reliable based upon an evaluation that meets the requirements of Sec. 73.56(d)(1) through

    (d)(6) and (e) and either a local criminal history review and evaluation as specified in Sec. 73.56(k)(1)(ii) or a criminal history check that meets the requirements of Sec. 73.56(d)(7).

    (l) Review procedures. Each licensee and applicant shall include a procedure for the notification of individuals who are denied unescorted access, unescorted access authorization, or who are unfavorably terminated. Additionally, procedures must include provisions for the review, at the request of the affected individual, of a denial or unfavorable termination of unescorted access or unescorted access authorization that may adversely affect employment. The procedure must contain a provision to ensure the individual is informed of the grounds for the denial or unfavorable termination and allow the individual an opportunity to provide additional relevant information and an opportunity for an objective review of the information upon which the denial or unfavorable termination of unescorted access or unescorted access authorization was based. The procedure must provide for an impartial and independent internal management review. Licensees and applicants shall not grant unescorted access or certify unescorted access authorization, or permit the individual to maintain unescorted access or unescorted access authorization during the review process.

    (m) Protection of information. Each licensee, applicant, contractor, or vendor shall establish and maintain a system of files and procedures to ensure personal information is not disclosed to unauthorized persons.

    (1) Licensees, applicants and contractors or vendors shall obtain signed consent from the subject individual that authorizes the disclosure of any information collected and maintained under this section before disclosing the information, except for disclosures to the following individuals:

    (i) The subject individual or his or her representative, when the individual has designated the representative in writing for specified unescorted access authorization matters;

    (ii) NRC representatives;

    (iii) Appropriate law enforcement officials under court order;

    (iv) A licensee's, applicant's, or contractor's or vendor's representatives who have a need to have access to the information in performing assigned duties, including determinations of trustworthiness and reliability and audits of access authorization programs;

    (v) The presiding officer in a judicial or administrative proceeding that is initiated by the subject individual;

    (vi) Persons deciding matters under the review procedures in paragraph (k) of this section; or

    (vii) Other persons pursuant to court order.

    (2) All information pertaining to a denial or unfavorable termination of the individual's unescorted access or unescorted access authorization shall be promptly provided, upon receipt of a written request by the subject individual or his or her designated representative as designated in writing. The licensee or applicant may redact the information to be released to the extent that personal privacy information, including the name of the source of the information is withheld.

    (3) A contract with any individual or organization who collects and maintains personal information that is relevant to an unescorted access or unescorted access authorization determination must require that such records be held in confidence, except as provided in paragraphs (m)(1) through (m)(2) of this section.

    (4) Licensees, applicants, or contractors or vendors and any individual or organization who collects and maintains personal information on behalf of a licensee, applicant, or contractor or vendor, shall establish, implement, and maintain a system and procedures for the secure storage and handling of the information collected.

    (n) Audits and corrective action. Each licensee and applicant shall be responsible for the continuing effectiveness of the access authorization program, including access authorization program elements that are provided by the contractors or vendors, and the access authorization programs of any of the contractors or vendors that are accepted by the licensee or applicant. Each licensee, applicant, and contractor or vendor shall ensure that access authorization programs and program elements are audited to confirm compliance with the requirements of this section and those comprehensive actions are taken to correct any non-conformance that is identified.

    (1) Each licensee and applicant shall ensure that its entire access authorization program is audited nominally every 24 months. Licensees, applicants and contractors or vendors are responsible for determining the appropriate frequency, scope, and depth of additional auditing activities within the nominal 24-month period based on the review of program performance indicators, such as the frequency, nature, and severity of discovered problems, personnel or procedural changes, and previous audit findings.

    (2) Access authorization program services that are provided to a licensee or applicant by contractor or vendor personnel who are off site or are not under the direct daily supervision or observation of the licensee's or applicant's personnel must be audited by the licensee or applicant on a nominal 12-month frequency. In addition, any access authorization program services that are provided to contractors or vendors by subcontractor personnel who are off site or are not under the direct daily supervision or observation of the contractor's or vendor's personnel must be audited by

    Page 13986

    the licensee or applicant on a nominal 12-month frequency.

    (3) Licensee's and applicant's contracts with contractors or vendors must reserve the licensee's or applicant's right to audit the contractors or vendors and the contractor's or vendor's subcontractors providing access authorization program services at any time, including at unannounced times, as well as to review all information and documentation that is reasonably relevant to the performance of the program.

    (4) Licensee's and applicant's contracts with the contractors or vendors, and contractors' or vendors' contracts with subcontractors, must also require that the licensee or applicant shall be provided access to and be permitted to take away copies of any documents or data that may be needed to assure that the contractor or vendor and its subcontractors are performing their functions properly and that staff and procedures meet applicable requirements.

    (5) Audits must focus on the effectiveness of the access authorization program or program element(s), as appropriate. At least one member of the licensee or applicant audit team shall be a person who is knowledgeable of and practiced with meeting the performance objectives and requirements of the access authorization program or program elements being audited. The individuals performing the audit of the access authorization program or program element(s) shall be independent from both the subject access authorization programs' management and from personnel who are directly responsible for implementing the access authorization program or program elements being audited.

    (6) The results of the audits, along with any recommendations, must be documented in the site corrective action program in accordance with

    Sec. 73.55(b)(10) and reported to senior management having responsibility in the area audited and to management responsible for the access authorization program. Each audit report must identify conditions that are adverse to the proper performance of the access authorization program, the cause of the condition(s), and, when appropriate, recommended corrective actions, and corrective actions taken. The licensee, applicant, or contractor or vendor shall review the audit findings and take any additional corrective actions, to include re-auditing of the deficient areas where indicated, to preclude repetition of the condition.

    (7) Licensees and applicants may jointly conduct audits, or may accept audits of the contractors or vendors that were conducted by other licensees and applicants who are subject to this section, if the audit addresses the services obtained from the contractor or vendor by each of the sharing licensees and applicants. The contractors or vendors may jointly conduct audits, or may accept audits of its subcontractors that were conducted by other licensees, applicants, or contractors or vendors who are subject to this section, if the audit addresses the services obtained from the subcontractor by each of the sharing licensees, applicants, and the contractors or vendors.

    (i) Licensees, applicants, and contractors or vendors shall review audit records and reports to identify any areas that were not covered by the shared or accepted audit and ensure that authorization program elements and services upon which the licensee, applicant, or contractor or vendor relies are audited, if the program elements and services were not addressed in the shared audit.

    (ii) Sharing licensees and applicants need not re-audit the same contractor or vendor for the same time. Sharing contractors or vendors need not re-audit the same subcontractor for the same time.

    (iii) Sharing licensees, applicants, and contractors or vendors shall maintain a copy of the shared audits, including findings, recommendations, and corrective actions.

    (o) Records. Licensee, applicants, and contractors or vendors shall maintain the records that are required by the regulations in this section for the period specified by the appropriate regulation. If a retention period is not otherwise specified, these records must be retained until the Commission terminates the facility's license, certificate, or other regulatory approval.

    (1) Records may be stored and archived electronically, provided that the method used to create the electronic records meets the following criteria:

    (i) Provides an accurate representation of the original records;

    (ii) Prevents unauthorized access to the records;

    (iii) Prevents the alteration of any archived information and/or data once it has been committed to storage; and

    (iv) Permits easy retrieval and re-creation of the original records.

    (2) Licensees and applicants who are subject to this section shall retain the following records:

    (i) Records of the information that must be collected under paragraphs (d) and (e) of this section that results in the granting of unescorted access or rtifying of unescorted access authorization for at least 5 years after the licensee or applicant terminates or denies an individual's unescorted access or unescorted access authorization or until the completion of all related legal proceedings, whichever is later;

    (ii) Records pertaining to denial or unfavorable termination of unescorted access or unescorted access authorization and related management actions for at least 5 years after the licensee or applicant terminates or denies an individual's unescorted access or unescorted access authorization or until the completion of all related legal proceedings, whichever is later; and

    (iii) Documentation of the granting and termination of unescorted access or unescorted access authorization for at least 5 years after the licensee or applicant terminates or denies an individual's unescorted access or unescorted access authorization or until the completion of all related legal proceedings, whichever is later.

    Contractors or vendors may maintain the records that are or were pertinent to granting, certifying, denying, or terminating unescorted access or unescorted access authorization that they collected for licensees or applicants. If the contractors or vendors maintain the records on behalf of a licensee or an applicant, they shall follow the record retention requirement specified in this section. Upon termination of a contract between the contractor and vendor and a licensee or applicant, the contractor or vendor shall provide the licensee or applicant with all records collected for the licensee or applicant under this chapter.

    (3) Licensees, applicants, and contractors or vendors shall retain the following records for at least 3 years or until the completion of all related proceedings, whichever is later:

    (i) Records of behavioral observation training conducted under paragraph (f)(2) of this section; and

    (ii) Records of audits, audit findings, and corrective actions taken under paragraph (n) of this section.

    (4) Licensees, applicants, and contractors or vendors shall retain written agreements for the provision of services under this section, for three years after termination or completion of the agreement, or until completion of all proceedings related to a denial or unfavorable termination of unescorted access or unescorted access authorization that involved those services, whichever is later.

    (5) Licensees, applicants, and contractors or vendors shall retain

    Page 13987

    records of the background investigations, psychological assessments, supervisory reviews, and behavior observation program actions related to access authorization program personnel, conducted under paragraphs

    (d) and (e) of this section, for the length of the individual's employment by or contractual relationship with the licensee, applicant, or the contractor or vendor and three years after the termination of employment, or until the completion of any proceedings relating to the actions of such access authorization program personnel, whichever is later.

    (6) Licensees, applicants, and the contractors or vendors who have been authorized to add or manipulate data that is shared with licensees subject to this section shall ensure that data linked to the information about individuals who have applied for unescorted access or unescorted access authorization, which is specified in the licensee's or applicant's access authorization program documents, is retained.

    (i) If the shared information used for determining individual's trustworthiness and reliability changes or new or additional information is developed about the individual, the licensees, applicants, and the contractors or vendors that acquire this information shall correct or augment the data and ensure it is shared with licensees subject to this section. If the changed, additional or developed information has implications for adversely affecting an individual's trustworthiness and reliability, the licensee, applicant, or the contractor or vendor who discovered or obtained the new, additional or changed information, shall, on the day of discovery, inform the reviewing official of any licensee or applicant access authorization program under which the individual is maintaining his or her unescorted access or unescorted access authorization status of the updated information.

    (ii) The reviewing official shall evaluate the shared information and take appropriate actions, which may include denial or unfavorable termination of the individual's unescorted access authorization. If the notification of change or updated information cannot be made through usual methods, licensees, applicants, and the contractors or vendors shall take manual actions to ensure that the information is shared as soon as reasonably possible. Records maintained in any database(s) must be available for NRC review.

    (7) If a licensee or applicant administratively withdraws an individual's unescorted access or unescorted access authorization status caused by a delay in completing any portion of the background investigation or for a licensee or applicant initiated evaluation, or re-evaluation that is not under the individual's control, the licensee or applicant shall record this administrative action to withdraw the individual's unescorted access or unescorted access authorization with other licensees subject to this section. However, licensees and applicants shall not document this administrative withdrawal as denial or unfavorable termination and shall not respond to a suitable inquiry conducted under the provisions of 10 CFR parts 26, a background investigation conducted under the provisions of this section, or any other inquiry or investigation as denial nor unfavorable termination.

    Upon favorable completion of the background investigation element that caused the administrative withdrawal, the licensee or applicant shall immediately ensure that any matter that could link the individual to the administrative action is eliminated from the subject individual's access authorization or personnel record and other records, except if a review of the information obtained or developed causes the reviewing official to unfavorably terminate or deny the individual's unescorted access. 0 14. Section 73.58 is added to read as follows:

    Sec. 73.58 Safety/security interface requirements for nuclear power reactors.

    (a) Each operating nuclear power reactor licensee with a license issued under part 50 or 52 of this chapter shall comply with the requirements of this section.

    (b) The licensee shall assess and manage the potential for adverse effects on safety and security, including the site emergency plan, before implementing changes to plant configurations, facility conditions, or security.

    (c) The scope of changes to be assessed and managed must include planned and emergent activities (such as, but not limited to, physical modifications, procedural changes, changes to operator actions or security assignments, maintenance activities, system reconfiguration, access modification or restrictions, and changes to the security plan and its implementation).

    (d) Where potential conflicts are identified, the licensee shall communicate them to appropriate licensee personnel and take compensatory and/or mitigative actions to maintain safety and security under applicable Commission regulations, requirements, and license conditions. 0 15. In appendix B to part 73: 0 a. Add a new section heading VI to the Table of Contents. 0 b. Amend the Introduction by adding a new paragraph to the beginning of the text, and 0 c. Add section VI to the end of the appendix to read as follows:

    Appendix B to Part 73--General Criteria for Security Personnel

    Table of Contents

    * * * * *

    VI. Nuclear Power Reactor Training and Qualification Plan for Personnel

    Performing Security Program Duties

  30. General Requirements and Introduction

  31. Employment Suitability and Qualification

  32. Duty Training

  33. Duty Qualification and Requalification

  34. Weapons Training

  35. Weapons Qualification and Requalification Program

  36. Weapons, Personal Equipment and Maintenance

  37. Records

    I. Reviews

  38. Definitions

    Introduction

    Applicants and power reactor licensees subject to the requirements of Sec. 73.55 shall comply only with the requirements of section VI of this appendix. All other licensees, applicants, or certificate holders shall comply only with sections I through V of this appendix.

    * * * * *

    VI. Nuclear Power Reactor Training and Qualification Plan for Personnel

    Performing Security Program Duties

  39. General Requirements and Introduction 1. The licensee shall ensure that all individuals who are assigned duties and responsibilities required to prevent significant core damage and spent fuel sabotage, implement the Commission- approved security plans, licensee response strategy, and implementing procedures, meet minimum training and qualification requirements to ensure each individual possesses the knowledge, skills, and abilities required to effectively perform the assigned duties and responsibilities. 2. To ensure that those individuals who are assigned to perform duties and responsibilities required for the implementation of the

    Commission-approved security plans, licensee response strategy, and implementing procedures are properly suited, trained, equipped, and qualified to perform their assigned duties and responsibilities, the

    Commission has developed minimum training and qualification requirements that must be implemented through a Commission-approved training and qualification plan. 3. The licensee shall establish, maintain, and follow a

    Commission-approved training and qualification plan, describing how the

    Page 13988

    minimum training and qualification requirements set forth in this appendix will be met, to include the processes by which all individuals, will be selected, trained, equipped, tested, and qualified. 4. Each individual assigned to perform security program duties and responsibilities required to effectively implement the

    Commission-approved security plans, licensee protective strategy, and the licensee implementing procedures, shall demonstrate the knowledge, skills, and abilities required to effectively perform the assigned duties and responsibilities before the individual is assigned the duty or responsibility. 5. The licensee shall ensure that the training and qualification program simulates, as closely as practicable, the specific conditions under which the individual shall be required to perform assigned duties and responsibilities. 6. The licensee may not allow any individual to perform any security function, assume any security duties or responsibilities, or return to security duty, until that individual satisfies the training and qualification requirements of this appendix and the

    Commission-approved training and qualification plan, unless specifically authorized by the Commission. 7. Annual requirements must be scheduled at a nominal twelve

    (12) month periodicity. Annual requirements may be completed up to three (3) months before or three (3) months after the scheduled date. However, the next annual training must be scheduled twelve

    (12) months from the previously scheduled date rather than the date the training was actually completed.

  40. Employment Suitability and Qualification 1. Suitability.

    (a) Before employment, or assignment to the security organization, an individual shall:

    (1) Possess a high school diploma or pass an equivalent performance examination designed to measure basic mathematical, language, and reasoning skills, abilities, and knowledge required to perform security duties and responsibilities;

    (2) Have attained the age of 21 for an armed capacity or the age of 18 for an unarmed capacity; and

    (3) Not have any felony convictions that reflect on the individual's reliability.

    (4) Individuals in an armed capacity, would not be disqualified from possessing or using firearms or ammunition in accordance with applicable state or Federal law, to include 18 U.S.C. 922. Licensees shall use information that has been obtained during the completion of the individual's background investigation for unescorted access to determine suitability. Satisfactory completion of a firearms background check for the individual under 10 CFR 73.19 of this part will also fulfill this requirement.

    (b) The qualification of each individual to perform assigned duties and responsibilities must be documented by a qualified training instructor and attested to by a security supervisor. 2. Physical qualifications.

    (a) General physical qualifications.

    (1) Individuals whose duties and responsibilities are directly associated with the effective implementation of the Commission- approved security plans, licensee protective strategy, and implementing procedures, may not have any physical conditions that would adversely affect their performance of assigned security duties and responsibilities.

    (2) Armed and unarmed individuals assigned security duties and responsibilities shall be subject to a physical examination designed to measure the individual's physical ability to perform assigned duties and responsibilities as identified in the Commission-approved security plans, licensee protective strategy, and implementing procedures.

    (3) This physical examination must be administered by a licensed health professional with the final determination being made by a licensed physician to verify the individual's physical capability to perform assigned duties and responsibilities.

    (4) The licensee shall ensure that both armed and unarmed individuals who are assigned security duties and responsibilities identified in the Commission-approved security plans, the licensee protective strategy, and implementing procedures, meet the following minimum physical requirements, as required to effectively perform their assigned duties.

    (b) Vision.

    (1) For each individual, distant visual acuity in each eye shall be correctable to 20/30 (Snellen or equivalent) in the better eye and 20/40 in the other eye with eyeglasses or contact lenses.

    (2) Near visual acuity, corrected or uncorrected, shall be at least 20/40 in the better eye.

    (3) Field of vision must be at least 70 degrees horizontal meridian in each eye.

    (4) The ability to distinguish red, green, and yellow colors is required.

    (5) Loss of vision in one eye is disqualifying.

    (6) Glaucoma is disqualifying, unless controlled by acceptable medical or surgical means, provided that medications used for controlling glaucoma do not cause undesirable side effects which adversely affect the individual's ability to perform assigned security duties, and provided the visual acuity and field of vision requirements stated previously are met.

    (7) On-the-job evaluation must be used for individuals who exhibit a mild color vision defect.

    (8) If uncorrected distance vision is not at least 20/40 in the better eye, the individual shall carry an extra pair of corrective lenses in the event that the primaries are damaged. Corrective eyeglasses must be of the safety glass type.

    (9) The use of corrective eyeglasses or contact lenses may not interfere with an individual's ability to effectively perform assigned duties and responsibilities during normal or emergency conditions.

    (c) Hearing.

    (1) Individuals may not have hearing loss in the better ear greater than 30 decibels average at 500 Hz, 1,000 Hz, and 2,000 Hz with no level greater than 40 decibels at any one frequency.

    (2) A hearing aid is acceptable provided suitable testing procedures demonstrate auditory acuity equivalent to the hearing requirement.

    (3) The use of a hearing aid may not decrease the effective performance of the individual's assigned security duties during normal or emergency operations.

    (d) Existing medical conditions.

    (1) Individuals may not have an established medical history or medical diagnosis of existing medical conditions which could interfere with or prevent the individual from effectively performing assigned duties and responsibilities.

    (2) If a medical condition exists, the individual shall provide medical evidence that the condition can be controlled with medical treatment in a manner which does not adversely affect the individual's fitness-for-duty, mental alertness, physical condition, or capability to otherwise effectively perform assigned duties and responsibilities.

    (e) Addiction. Individuals may not have any established medical history or medical diagnosis of habitual alcoholism or drug addiction, or, where this type of condition has existed, the individual shall provide certified documentation of having completed a rehabilitation program which would give a reasonable degree of confidence that the individual would be capable of effectively performing assigned duties and responsibilities.

    (f) Other physical requirements. An individual who has been incapacitated due to a serious illness, injury, disease, or operation, which could interfere with the effective performance of assigned duties and responsibilities shall, before resumption of assigned duties and responsibilities, provide medical evidence of recovery and ability to perform these duties and responsibilities. 3. Psychological qualifications.

    (a) Armed and unarmed individuals shall demonstrate the ability to apply good judgment, mental alertness, the capability to implement instructions and assigned tasks, and possess the acuity of senses and ability of expression sufficient to permit accurate communication by written, spoken, audible, visible, or other signals required by assigned duties and responsibilities.

    (b) A licensed psychologist, psychiatrist, or physician trained in part to identify emotional instability shall determine whether armed members of the security organization and alarm station operators in addition to meeting the requirement stated in paragraph

    (a) of this section, have no emotional instability that would interfere with the effective performance of assigned duties and responsibilities.

    (c) A person professionally trained to identify emotional instability shall determine whether unarmed individuals in addition to meeting the requirement stated in paragraph (a) of this section, have no emotional instability that would interfere with the effective performance of assigned duties and responsibilities. 4. Medical examinations and physical fitness qualifications.

    (a) Armed members of the security organization shall be subject to a medical examination by a licensed physician, to determine the individual's fitness to participate in physical fitness tests.

    Page 13989

    (1) The licensee shall obtain and retain a written certification from the licensed physician that no medical conditions were disclosed by the medical examination that would preclude the individual's ability to participate in the physical fitness tests or meet the physical fitness attributes or objectives associated with assigned duties.

    (b) Before assignment, armed members of the security organization shall demonstrate physical fitness for assigned duties and responsibilities by performing a practical physical fitness test.

    (1) The physical fitness test must consider physical conditions such as strenuous activity, physical exertion, levels of stress, and exposure to the elements as they pertain to each individual's assigned security duties for both normal and emergency operations and must simulate site specific conditions under which the individual will be required to perform assigned duties and responsibilities.

    (2) The licensee shall describe the physical fitness test in the

    Commission-approved training and qualification plan.

    (3) The physical fitness test must include physical attributes and performance objectives which demonstrate the strength, endurance, and agility, consistent with assigned duties in the

    Commission-approved security plans, licensee protective strategy, and implementing procedures during normal and emergency conditions.

    (4) The physical fitness qualification of each armed member of the security organization must be documented by a qualified training instructor and attested to by a security supervisor. 5. Physical requalification.

    (a) At least annually, armed and unarmed individuals shall be required to demonstrate the capability to meet the physical requirements of this appendix and the licensee training and qualification plan.

    (b) The physical requalification of each armed and unarmed individual must be documented by a qualified training instructor and attested to by a security supervisor.

  41. Duty Training 1. Duty training and qualification requirements. All personnel who are assigned to perform any security-related duty or responsibility shall be trained and qualified to perform assigned duties and responsibilities to ensure that each individual possesses the minimum knowledge, skills, and abilities required to effectively carry out those assigned duties and responsibilities.

    (a) The areas of knowledge, skills, and abilities that are required to perform assigned duties and responsibilities must be identified in the licensee's Commission-approved training and qualification plan.

    (b) Each individual who is assigned duties and responsibilities identified in the Commission-approved security plans, licensee protective strategy, and implementing procedures shall, before assignment:

    (1) Be trained to perform assigned duties and responsibilities in accordance with the requirements of this appendix and the

    Commission-approved training and qualification plan.

    (2) Meet the minimum qualification requirements of this appendix and the Commission-approved training and qualification plan.

    (3) Be trained and qualified in the use of all equipment or devices required to effectively perform all assigned duties and responsibilities. 2. On-the-job training.

    (a) The licensee training and qualification program must include on-the-job training performance standards and criteria to ensure that each individual demonstrates the requisite knowledge, skills, and abilities needed to effectively carry-out assigned duties and responsibilities in accordance with the Commission-approved security plans, licensee protective strategy, and implementing procedures, before the individual is assigned the duty or responsibility.

    (b) In addition to meeting the requirement stated in paragraph

    C.2.(a) of this appendix, before assignment, individuals (e.g. response team leaders, alarm station operators, armed responders, and armed security officers designated as a component of the protective strategy) assigned duties and responsibilities to implement the Safeguards Contingency Plan shall complete a minimum of 40 hours of on-the-job training to demonstrate their ability to effectively apply the knowledge, skills, and abilities required to effectively perform assigned contingency duties and responsibilities in accordance with the approved safeguards contingency plan, other security plans, licensee protective strategy, and implementing procedures. On-the-job training must be documented by a qualified training instructor and attested to by a security supervisor.

    (c) On-the-job training for contingency activities and drills must include, but is not limited to, hands-on application of knowledge, skills, and abilities related to:

    (1) Response team duties.

    (2) Use of force.

    (3) Tactical movement.

    (4) Cover and concealment.

    (5) Defensive positions.

    (6) Fields-of-fire.

    (7) Re-deployment.

    (8) Communications (primary and alternate).

    (9) Use of assigned equipment.

    (10) Target sets.

    (11) Table top drills.

    (12) Command and control duties.

    (13) Licensee Protective Strategy. 3. Performance Evaluation Program.

    (a) Licensees shall develop, implement and maintain a

    Performance Evaluation Program that is documented in procedures which describes how the licensee will demonstrate and assess the effectiveness of their onsite physical protection program and protective strategy, including the capability of the armed response team to carry out their assigned duties and responsibilities during safeguards contingency events. The Performance Evaluation Program and procedures shall be referenced in the licensee's Training and

    Qualifications Plan.

    (b) The Performance Evaluation Program shall include procedures for the conduct of tactical response drills and force-on-force exercises designed to demonstrate and assess the effectiveness of the licensee's physical protection program, protective strategy and contingency event response by all individuals with responsibilities for implementing the safeguards contingency plan.

    (c) The licensee shall conduct tactical response drills and force-on-force exercises in accordance with Commission-approved security plans, licensee protective strategy, and implementing procedures.

    (d) Tactical response drills and force-on-force exercises must be designed to challenge the site protective strategy against elements of the design basis threat and ensure each participant assigned security duties and responsibilities identified in the

    Commission-approved security plans, the licensee protective strategy, and implementing procedures demonstrate the requisite knowledge, skills, and abilities.

    (e) Tactical response drills, force-on-force exercises, and associated contingency response training shall be conducted under conditions that simulate, as closely as practicable, the site- specific conditions under which each member will, or may be, required to perform assigned duties and responsibilities.

    (f) The scope of tactical response drills conducted for training purposes shall be determined by the licensee and must address site- specific, individual or programmatic elements, and may be limited to specific portions of the site protective strategy.

    (g) Each tactical response drill and force-on-force exercise shall include a documented post-exercise critique in which participants identify failures, deficiencies or other findings in performance, plans, equipment or strategies.

    (h) Licensees shall document scenarios and participants for all tactical response drills and annual force-on-force exercises conducted.

    (i) Findings, deficiencies and failures identified during tactical response drills and force-on-force exercises that adversely affect or decrease the effectiveness of the protective strategy and physical protection program shall be entered into the licensee's corrective action program to ensure that timely corrections are made to the appropriate program areas.

    (j) Findings, deficiencies and failures associated with the onsite physical protection program and protective strategy shall be protected as necessary in accordance with the requirements of 10 CFR 73.21.

    (k) For the purpose of tactical response drills and force-on- force exercises, licensees shall:

    (1) Use no more than the total number of armed responders and armed security officers documented in the security plans.

    (2) Minimize the number and effects of artificialities associated with tactical response drills and force-on-force exercises.

    (3) Implement the use of systems or methodologies that simulate the realities of armed engagement through visual and audible means, and reflect the capabilities of armed personnel to neutralize a target though the use of firearms.

    (4) Ensure that each scenario used provides a credible, realistic challenge to the

    Page 13990

    protective strategy and the capabilities of the security response organization.

    (l) The Performance Evaluation Program must be designed to ensure that:

    (1) Each member of each shift who is assigned duties and responsibilities required to implement the safeguards contingency plan and licensee protective strategy participates in at least one

    (1) tactical response drill on a quarterly basis and one (1) force- on-force exercise on an annual basis. Force-on-force exercises conducted to satisfy the NRC triennial evaluation requirement can be used to satisfy the annual force-on-force requirement for the personnel that participate in the capacity of the security response organization.

    (2) The mock adversary force replicates, as closely as possible, adversary characteristics and capabilities of the design basis threat described in 10 CFR 73.1(a)(1), and is capable of exploiting and challenging the licensees protective strategy, personnel, command and control, and implementing procedures.

    (3) Protective strategies can be evaluated and challenged through the conduct of tactical response tabletop demonstrations.

    (4) Drill and exercise controllers are trained and qualified to ensure that each controller has the requisite knowledge and experience to control and evaluate exercises.

    (5) Tactical response drills and force-on-force exercises are conducted safely and in accordance with site safety plans.

    (m) Scenarios.

    (1) Licensees shall develop and document multiple scenarios for use in conducting quarterly tactical response drills and annual force-on-force exercises.

    (2) Licensee scenarios must be designed to test and challenge any components or combination of components, of the onsite physical protection program and protective strategy.

    (3) Each scenario must use a unique target set or target sets, and varying combinations of adversary equipment, strategies, and tactics, to ensure that the combination of all scenarios challenges every component of the onsite physical protection program and protective strategy to include, but not limited to, equipment, implementing procedures, and personnel.

  42. Duty Qualification and Requalification 1. Qualification demonstration.

    (a) Armed and unarmed individuals shall demonstrate the required knowledge, skills, and abilities to carry out assigned duties and responsibilities as stated in the Commission-approved security plans, licensee protective strategy, and implementing procedures.

    (b) This demonstration must include written exams and hands-on performance demonstrations.

    (1) Written Exams. The written exams must include those elements listed in the Commission-approved training and qualification plan and shall require a minimum score of 80 percent to demonstrate an acceptable understanding of assigned duties and responsibilities, to include the recognition of potential tampering involving both safety and security equipment and systems.

    (2) Hands-on Performance Demonstrations. Armed and unarmed individuals shall demonstrate hands-on performance for assigned duties and responsibilities by performing a practical hands-on demonstration for required tasks. The hands-on demonstration must ensure that theory and associated learning objectives for each required task are considered and each individual demonstrates the knowledge, skills, and abilities required to effectively perform the task.

    (3) Annual Written Exam. Armed individuals shall be administered an annual written exam that demonstrates the required knowledge, skills, and abilities to carry out assigned duties and responsibilities as an armed member of the security organization.

    The annual written exam must include those elements listed in the

    Commission-approved training and qualification plan and shall require a minimum score of 80 percent to demonstrate an acceptable understanding of assigned duties and responsibilities.

    (c) Upon request by an authorized representative of the

    Commission, any individual assigned to perform any security-related duty or responsibility shall demonstrate the required knowledge, skills, and abilities for each assigned duty and responsibility, as stated in the Commission-approved security plans, licensee protective strategy, or implementing procedures. 2. Requalification.

    (a) Armed and unarmed individuals shall be requalified at least annually in accordance with the requirements of this appendix and the Commission-approved training and qualification plan.

    (b) The results of requalification must be documented by a qualified training instructor and attested by a security supervisor.

  43. Weapons Training 1. General firearms training.

    (a) Armed members of the security organization shall be trained and qualified in accordance with the requirements of this appendix and the Commission-approved training and qualification plan.

    (b) Firearms instructors.

    (1) Each armed member of the security organization shall be trained and qualified by a certified firearms instructor for the use and maintenance of each assigned weapon to include but not limited to, marksmanship, assembly, disassembly, cleaning, storage, handling, clearing, loading, unloading, and reloading, for each assigned weapon.

    (2) Firearms instructors shall be certified from a national or state recognized entity.

    (3) Certification must specify the weapon or weapon type(s) for which the instructor is qualified to teach.

    (4) Firearms instructors shall be recertified in accordance with the standards recognized by the certifying national or state entity, but in no case shall recertification exceed three (3) years.

    (c) Annual firearms familiarization. The licensee shall conduct annual firearms familiarization training in accordance with the

    Commission-approved training and qualification plan.

    (d) The Commission-approved training and qualification plan shall include, but is not limited to, the following areas:

    (1) Mechanical assembly, disassembly, weapons capabilities and fundamentals of marksmanship.

    (2) Weapons cleaning and storage.

    (3) Combat firing, day and night.

    (4) Safe weapons handling.

    (5) Clearing, loading, unloading, and reloading.

    (6) Firing under stress.

    (7) Zeroing duty weapon(s) and weapons sighting adjustments.

    (8) Target identification and engagement.

    (9) Weapon malfunctions.

    (10) Cover and concealment.

    (11) Weapon familiarization.

    (e) The licensee shall ensure that each armed member of the security organization is instructed on the use of deadly force as authorized by applicable state law.

    (f) Armed members of the security organization shall participate in weapons range activities on a nominal four (4) month periodicity.

    Performance may be conducted up to five (5) weeks before, to five

    (5) weeks after, the scheduled date. The next scheduled date must be four (4) months from the originally scheduled date.

  44. Weapons Qualification and Requalification Program 1. General weapons qualification requirements.

    (a) Qualification firing must be accomplished in accordance with

    Commission requirements and the Commission-approved training and qualification plan for assigned weapons.

    (b) The results of weapons qualification and requalification must be documented and retained as a record. 2. Tactical weapons qualification. The licensee Training and

    Qualification Plan must describe the firearms used, the firearms qualification program, and other tactical training required to implement the Commission-approved security plans, licensee protective strategy, and implementing procedures. Licensee developed tactical qualification and re-qualification courses must describe the performance criteria needed to include the site specific conditions (such as lighting, elevation, fields-of-fire) under which assigned personnel shall be required to carry-out their assigned duties. 3. Firearms qualification courses. The licensee shall conduct the following qualification courses for each weapon used.

    (a) Annual daylight qualification course. Qualifying score must be an accumulated total of 70 percent with handgun and shotgun, and 80 percent with semiautomatic rifle and/or enhanced weapons, of the maximum obtainable target score.

    (b) Annual night fire qualification course. Qualifying score must be an accumulated total of 70 percent with handgun and shotgun, and 80 percent with semiautomatic rifle and/or enhanced weapons, of the maximum obtainable target score.

    (c) Annual tactical qualification course. Qualifying score must be an accumulated total of 80 percent of the maximum obtainable score. 4. Courses of fire.

    (a) Handgun. Armed members of the security organization, assigned duties and

    Page 13991

    responsibilities involving the use of a revolver or semiautomatic pistol shall qualify in accordance with standards established by a law enforcement course, or an equivalent nationally recognized course.

    (b) Semiautomatic rifle. Armed members of the security organization, assigned duties and responsibilities involving the use of a semiautomatic rifle shall qualify in accordance with the standards established by a law enforcement course, or an equivalent nationally recognized course.

    (c) Shotgun. Armed members of the security organization, assigned duties and responsibilities involving the use of a shotgun shall qualify in accordance with standards established by a law enforcement course, or an equivalent nationally recognized course.

    (d) Enhanced weapons. Armed members of the security organization, assigned duties and responsibilities involving the use of any weapon or weapons not described previously shall qualify in accordance with applicable standards established by a law enforcement course or an equivalent nationally recognized course for these weapons. 5. Firearms requalification.

    (a) Armed members of the security organization shall be re- qualified for each assigned weapon at least annually in accordance with Commission requirements and the Commission-approved training and qualification plan, and the results documented and retained as a record.

    (b) Firearms requalification must be conducted using the courses of fire outlined in paragraphs F.2, F.3, and F.4 of this section.

  45. Weapons, Personal Equipment and Maintenance 1. Weapons. The licensee shall provide armed personnel with weapons that are capable of performing the function stated in the

    Commission-approved security plans, licensee protective strategy, and implementing procedures. 2. Personal equipment.

    (a) The licensee shall ensure that each individual is equipped or has ready access to all personal equipment or devices required for the effective implementation of the Commission-approved security plans, licensee protective strategy, and implementing procedures.

    (b) The licensee shall provide armed security personnel, required for the effective implementation of the Commission-approved

    Safeguards Contingency Plan and implementing procedures, at a minimum, but is not limited to, the following:

    (1) Gas mask, full face.

    (2) Body armor (bullet-resistant vest).

    (3) Ammunition/equipment belt.

    (4) Two-way portable radios, 2 channels minimum, 1 operating and 1 emergency.

    (c) Based upon the licensee protective strategy and the specific duties and responsibilities assigned to each individual, the licensee should provide, as appropriate, but is not limited to, the following.

    (1) Flashlights and batteries.

    (2) Baton or other non-lethal weapons.

    (3) Handcuffs.

    (4) Binoculars.

    (5) Night vision aids (e.g., goggles, weapons sights).

    (6) Hand-fired illumination flares or equivalent.

    (7) Duress alarms. 3. Maintenance.

    (a) Firearms maintenance program. Each licensee shall implement a firearms maintenance and accountability program in accordance with the Commission regulations and the Commission-approved training and qualification plan. The program must include:

    (1) Semiannual test firing for accuracy and functionality.

    (2) Firearms maintenance procedures that include cleaning schedules and cleaning requirements.

    (3) Program activity documentation.

    (4) Control and accountability (weapons and ammunition).

    (5) Firearm storage requirements.

    (6) Armorer certification.

  46. Records 1. The licensee shall retain all reports, records, or other documentation required by this appendix in accordance with the requirements of Sec. 73.55(r). 2. The licensee shall retain each individual's initial qualification record for three (3) years after termination of the individual's employment and shall retain each re-qualification record for three (3) years after it is superseded. 3. The licensee shall document data and test results from each individual's suitability, physical, and psychological qualification and shall retain this documentation as a record for three (3) years from the date of obtaining and recording these results.

    I. Reviews

    The licensee shall review the Commission-approved training and qualification program in accordance with the requirements of Sec. 73.55(n).

  47. Definitions

    Terms defined in parts 50, 70, and 73 of this chapter have the same meaning when used in this appendix. 0 16. In appendix C to part 73, the heading for appendix C is revised as set out below, a heading for section I and a new introductory paragraph are added before the Introduction section, and section II is added at the end of the appendix to read as follows:

    Appendix C to Part 73--Nuclear Power Plant Safeguards Contingency Plans

    I. Safeguards Contingency Plan

    Licensee, applicants, and certificate holders, with the exception of those who are subject to the requirements of Sec. 73.55 shall comply with the requirements of this section.

    * * * * *

    II. Nuclear Power Plant Safeguards Contingency Plans

  48. Introduction

    The safeguards contingency plan is a documented plan that describes how licensee personnel implement their physical protection program to defend against threats to their facility, up to and including the design basis threat of radiological sabotage. The goals of licensee safeguards contingency plans are:

    (1) To organize the response effort at the licensee level;

    (2) To provide predetermined, structured response by licensees to safeguards contingencies;

    (3) To ensure the integration of the licensee response by other entities; and

    (4) To achieve a measurable performance in response capability.

    Licensee safeguards contingency planning should result in organizing the licensee's resources in such a way that the participants will be identified, their responsibilities specified, and the responses coordinated. The responses should be timely, and include personnel who are trained and qualified to respond in accordance with a documented training and qualification program.

    The evaluation, validation, and testing of this portion of the program shall be conducted in accordance with appendix B of this part, General Criteria for Security Personnel. The licensee's safeguards contingency plan is intended to maintain effectiveness during the implementation of emergency plans developed under appendix E to part 50 of this chapter.

  49. Contents of the Plan

    Each safeguards contingency plan shall include five (5) categories of information:

    (1) Background.

    (2) Generic planning base.

    (3) Licensee planning base.

    (4) Responsibility matrix.

    (5) Implementing procedures.

    Although the implementing procedures (the fifth category of plan information) are the culmination of the planning process, and are an integral and important part of the safeguards contingency plan, they entail operating details subject to frequent changes. They need not be submitted to the Commission for approval, but are subject to inspection by NRC staff on a periodic basis. 1. Background. This category of information shall identify the perceived dangers and incidents that the plan will address and a general description of how the response is organized. a. Perceived Danger--Consistent with the design basis threat specified in Sec. 73.1(a)(1), licensees shall identify and describe the perceived dangers, threats, and incidents against which the safeguards contingency plan is designed to protect. b. Purpose of the Plan--Licensees shall describe the general goals, objectives and operational concepts underlying the implementation of the approved safeguards contingency plan. c. Scope of the Plan--A delineation of the types of incidents covered by the plan.

    (i) How the onsite response effort is organized and coordinated to effectively respond to a safeguards contingency event.

    (ii) How the onsite response for safeguards contingency events has been integrated in other site emergency response procedures. d. Definitions--A list of terms and their definitions used in describing operational and technical aspects of the approved safeguards contingency plan. 2. Generic Planning Base. Licensees shall define the criteria for initiation and

    Page 13992

    termination of responses to security events to include the specific decisions, actions, and supporting information needed to respond to each type of incident covered by the approved safeguards contingency plan. To achieve this result the generic planning base must: a. Identify those events that will be used for signaling the beginning or aggravation of a safeguards contingency event according to how they are perceived initially by licensee's personnel.

    Licensees shall ensure detection of unauthorized activities and shall respond to all alarms or other indications signaling a security event, such as penetration of a protected area, vital area, or unauthorized barrier penetration (vehicle or personnel); tampering, bomb threats, or other threat warnings--either verbal, such as telephoned threats, or implied, such as escalating civil disturbances. b. Define the specific objective to be accomplished relative to each identified safeguards contingency event. The objective may be to obtain a level of awareness about the nature and severity of the safeguards contingency to prepare for further responses; to establish a level of response preparedness; or to successfully nullify or reduce any adverse safeguards consequences arising from the contingency. c. Identify the data, criteria, procedures, mechanisms and logistical support necessary to achieve the objectives identified. 3. Licensee Planning Base. This category of information shall include factors affecting safeguards contingency planning that are specific for each facility. To the extent that the topics are treated in adequate detail in the licensee's approved physical security plan, they may be incorporated by reference in the

    Safeguards Contingency Plan. The following topics must be addressed: a. Organizational Structure. The safeguards contingency plan must describe the organization's chain of command and delegation of authority during safeguards contingency events, to include a general description of how command and control functions will be coordinated and maintained. b. Physical Layout. The safeguards contingency plan must include a site map depicting the physical structures located on the site, including onsite independent spent fuel storage installations, and a description of the structures depicted on the map. Plans must also include a description and map of the site in relation to nearby towns, transportation routes (e.g., rail, water, and roads), pipelines, airports, hazardous material facilities, and pertinent environmental features that may have an effect upon coordination of response activities. Descriptions and maps must indicate main and alternate entry routes for law enforcement or other offsite response and support agencies and the location for marshaling and coordinating response activities. c. Safeguards Systems. The safeguards contingency plan must include a description of the physical security systems that support and influence how the licensee will respond to an event in accordance with the design basis threat described in Sec. 73.1(a).

    The licensee's description shall begin with onsite physical protection measures implemented at the outermost facility perimeter, and must move inward through those measures implemented to protect target set equipment.

    (i) Physical security systems and security systems hardware to be discussed include security systems and measures that provide defense in depth, such as physical barriers, alarm systems, locks, area access, armaments, surveillance, and communications systems.

    (ii) The specific structure of the security response organization to include the total number of armed responders and armed security officers documented in the approved security plans as a component of the protective strategy and a general description of response capabilities shall also be included in the safeguards contingency plan.

    (iii) Licensees shall ensure that individuals assigned duties and responsibilities to implement the safeguards contingency plan are trained and qualified in those duties according to the

    Commission approved security plans, training and qualification plans, and the performance evaluation program.

    (iv) Armed responders shall be available to respond from designated areas inside the protected area at all times and may not be assigned any other duties or responsibilities that could interfere with assigned armed response team duties and responsibilities.

    (v) Licensees shall develop, implement, and maintain a written protective strategy to be documented in procedures that describe in detail the physical protection measures, security systems and deployment of the armed response team relative to site specific conditions, to include but not be limited to, facility layout, and the location of target set equipment and elements. The protective strategy should support the general goals, operational concepts, and performance objectives identified in the licensee's safeguards contingency plan. The protective strategy shall:

    (1) Be designed to meet the performance objectives of Sec. 73.55(a) through (k).

    (2) Identify predetermined actions, areas of responsibility and timelines for the deployment of armed personnel.

    (3) Contain measures that limit the exposure of security personnel to possible attack, including incorporation of bullet resisting protected positions.

    (4) Contain a description of the physical security systems and measures that provide defense in depth such as physical barriers, alarm systems, locks, area access, armaments, surveillance, and communications systems.

    (5) Describe the specific structure and responsibilities of the armed response organization to include:

    The authorized minimum number of armed responders, available at all times inside the protected area.

    The authorized minimum number of armed security officers, available onsite at all times.

    The total number of armed responders and armed security officers documented in the approved security plans as a component of the protective strategy.

    (6) Provide a command and control structure, to include response by off-site law enforcement agencies, which ensures that decisions and actions are coordinated and communicated in a timely manner to facilitate response. d. Law Enforcement Assistance. Provide a listing of available law enforcement agencies and a general description of their response capabilities and their criteria for response and a discussion of working agreements or arrangements for communicating with these agencies. e. Policy Constraints and Assumptions. The safeguards contingency plan shall contain a discussion of State laws, local ordinances, and company policies and practices that govern licensee response to incidents and must include, but is not limited to, the following.

    (i) Use of deadly force.

    (ii) Recall of off-duty employees.

    (iii) Site jurisdictional boundaries.

    (iv) Use of enhanced weapons, if applicable. f. Administrative and Logistical Considerations. Descriptions of licensee practices which influence how the security organization responds to a safeguards contingency event to include, but not limited to, a description of the procedures that will be used for ensuring that equipment needed to facilitate response will be readily accessible, in good working order, and in sufficient supply. 4. Responsibility Matrix. This category of information consists of the detailed identification of responsibilities and specific actions to be taken by licensee organizations and/or personnel in response to safeguards contingency events. a. Licensees shall develop site procedures that consist of matrixes detailing the organization and/or personnel responsible for decisions and actions associated with specific responses to safeguards contingency events. The responsibility matrix and procedures shall be referenced in the licensee's safeguards contingency plan. b. Responsibility matrix procedures shall be based on the events outlined in the licensee's Generic Planning Base and must include the following information:

    (i) The definition of the specific objective to be accomplished relative to each identified safeguards contingency event. The objective may be to obtain a level of awareness about the nature and severity of the safeguards contingency to prepare for further responses, to establish a level of response preparedness, or to successfully nullify or reduce any adverse safeguards consequences arising from the contingency.

    (ii) A tabulation for each identified initiating event and each response entity which depicts the assignment of responsibilities for decisions and actions to be taken in response to the initiating event.

    (iii) An overall description of response actions and interrelationships specifically associated with each responsible entity must be included. c. Responsibilities shall be assigned in a manner that precludes conflict of duties and responsibilities that would prevent the execution of the safeguards contingency plan and emergency response plans. d. Licensees shall ensure that predetermined actions can be completed under the postulated conditions.

    Page 13993

    5. Implementing Procedures.

    (i) Licensees shall establish and maintain written implementing procedures that provide specific guidance and operating details that identify the actions to be taken and decisions to be made by each member of the security organization who is assigned duties and responsibilities required for the effective implementation of the security plans and the site protective strategy.

    (ii) Licensees shall ensure that implementing procedures accurately reflect the information contained in the Responsibility

    Matrix required by this appendix, the security plans, and other site plans.

    (iii) Implementing procedures need not be submitted to the

    Commission for approval but are subject to inspection.

  50. Records and Reviews 1. Licensees shall review the safeguards contingency plan in accordance with the requirements of Sec. 73.55(n). 2. The safeguards contingency plan audit must include a review of applicable elements of the Physical Security Plan, Training and

    Qualification Plan, implementing procedures and practices, the site protective strategy, and response agreements made by local, State, and Federal law enforcement authorities. 3. Licensees shall retain all reports, records, or other documentation required by this appendix in accordance with the requirements of Sec. 73.55.

    Dated at Rockville, Maryland, this 13th day of March 2009.

    For the Nuclear Regulatory Commission.

    Annette L. Vietti-Cook,

    Secretary of the Commission.

    FR Doc. E9-6102 Filed 3-26-09; 8:45 am

    BILLING CODE 7590-01-P

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT