Nuclear Power Corporation of India Limited (NPCIL) announced on October 30 that the malware “Dtrack” had been found on the administrative network of the Kudankulam Nuclear Power Plant (KKNPP) in early September 2019. KKNPP is the largest nuclear power plant in India, equipped with two Russian-designed VVER pressurized water reactors, each with a capacity of 1,000 megawatts. Both reactor units feed southern India’s power grid.

On November 4, KKNPP issued a press release stating that its reactors are operating normally and emphasizing that all critical systems for KKNPP and other NPCIL plants are “air-gapped and impossible to hack.” The term “air-gapped” is often used in the cybersecurity context to describe isolated control processing technologies or systems that are not connected to the internet or external networks, and are therefore considered safe from cyberthreats.

As noted in this article by Morgan Lewis antitrust lawyers, the role of antitrust laws in labor markets, including in the energy field, remains a key area of focus by enforcers, including the Antitrust Division of the US Department of Justice and the Federal Trade Commission. At a public workshop on competition in labor markets in September 2019, Assistant Attorney General Makan Delrahim reaffirmed “that criminal prosecution of naked no-poach and wage-fixing agreements remains a high priority for the Antitrust Division.”

The Nuclear Regulatory Commission (NRC) and its Advisory Committee on Reactor Safeguards (ACRS) have been busy in recent weeks assessing issues related to the licensing of non-light water reactors (non-LWRs).

First, the NRC’s Division of Advanced Reactors transmitted a draft white paper titled “Non-Light Water Review Strategy” on September 30, 2019. As the title suggests, the white paper will “support the [NRC’s] review of applications for non-LWR designs submitted prior to the development of the technology-inclusive, risk-informed and performance-based regulatory framework . . . in 2027.” In so doing, the white paper describes both the contents of such applications and “an approach NRC staff may use to review the license basis information.”

The US Department of Energy (DOE) published a notice of proposed rulemaking (NOPR) in the October 3 Federal Register to establish procedures for imposing civil monetary penalties for violations of 10 CFR Part 810 (Part 810). Notably, DOE also proposes a maximum penalty, per violation, of $102,522. If DOE views a violation as a continuing one, then each day from when the violating activity began to when it stopped would constitute a separate violation for purposes of computing the penalty. Comments on the NOPR are due by November 4, 2019.

As anticipated in our September 3 blog, the NRC on September 16 published in the Federal Register a proposed rule and request for comment regarding its amendment of 10 CFR Part 26, “Fitness for Duty Programs” (FFD). We reported on the Commission’s approval of the rulemaking and the NRC Staff’s Draft Regulatory Analysis and Backfitting and Issue Finality.

In recap, the purpose of this rulemaking is to align more closely the NRC’s drug testing program with the US Department of Health and Human Services’ (HHS’s) 2008 “Mandatory Guidelines for Federal Workplace Drug Testing” (the 2008 Guidelines). The major provisions of this proposed rule would

Licensees are required to report certain medical events that meet the criteria defined in 10 CFR § 35.3045, Report and Notification of a Medical Event. Such reports allow the NRC to identify the causes of the events so as to prevent their recurrence and to notify other licensees so they can take action to prevent such events at their facilities. The NRC Staff and the Advisory Committee on the Medical Uses of Isotopes (ACMUI) perform annual reviews of medical event reports to identify trends, patterns, generic issues, and generic concerns, and to recognize any shortcomings related to specific equipment or procedures.

NRC Staff has made publicly available copies of Draft Regulatory Guide 1341, Standard Format and Content for Applications to Renew Nuclear Power Plant Operating Licenses, and a supporting Regulatory Analysis. Draft Regulatory Guide 1341 is intended to revise Regulatory Guide 1.188 (as Revision 2 thereto) to update references to other NRC license renewal guidance documents, and to expressly extend the guidance to applications for subsequent license renewal (SLR), i.e., the renewal of a reactor operating license for a second 20-year period, from 60 years to 80 years. The revised guidance document would provide applicants with a method to demonstrate compliance with the 10 CFR Part 54 requirements for both initial license renewal and SLR applications. Three SLR applications currently are under review by the NRC Staff, and others are expected to be submitted in the future.

The NRC will soon issue in the Federal Register a proposed rulemaking to amend the drug testing requirements of the Fitness for Duty (FFD) Program in 10 CFR Part 26. The proposed rule seeks to align the NRC’s drug testing requirements in Part 26 with the US Department of Health and Human Services’ (HHS’s) 2008 Mandatory Guidelines for Federal Workplace Drug Testing Programs (the 2008 Guidelines). The NRC is expected to publish the proposed rule in the coming weeks, but the draft rule with comments from the Commission is available, as well as the NRC Staff’s Draft Regulatory Analysis and Backfitting and Issue Finality.

The NRC last updated its drug testing requirements in March 2008, but HHS did not issue the 2008 Guidelines until November 2008. The NRC Staff decided to forgo another round of rulemaking to align Part 26 with the 2008 Guidelines in such close succession. Instead, the NRC Staff worked with the industry to institute a voluntary reporting system for FFD testing violations. The NRC Staff also began evaluating the effectiveness of the drug testing program changes implemented under the 2008 Guidelines. In February 2017, the NRC Staff sought Commission approval to publish a proposed rule to align the NRC’s FFD drug testing program with the 2008 Guidelines. The Commission approved this request in May 2019, subject to certain changes to the draft rule.

The Nuclear Regulatory Commission’s (NRC’s) Assistant Inspector General for Audits issued a memorandum on August 20 on the status of recommendations based on the Office of Inspector General’s (OIG’s) Audit of NRC’s Cyber Security Inspections at Nuclear Power Plants (OIG-19-A-13). As previously reported on Up & Atom, OIG recommended that the NRC work to close the critical skill gap for future cybersecurity inspection staffing, and develop and implement cybersecurity performance measures for licensees to use to demonstrate sustained program effectiveness. Based on the NRC’s July 3, 2019, response, OIG has issued this status of recommendations.