High-Level Waste Testimony
February 24, 1999
Mr. Chairman, members of the Committee, I am pleased to be here today on behalf of the Commission to discuss with you the status of the U.S. Nuclear Regulatory Commission (NRC) response to the potential Year 2000 computer problem, particularly as it pertains to nuclear power plants. Our efforts can be divided into three basic areas: our actions internal to the NRC, our interactions with our licensees and the nuclear power industry, and our broader interactions, both nationally and internationally.
All 88 of NRC's mission-critical, business essential and non-critical systems have been examined and as needed, fixed with regard to the Year 2000 problem. In all, a total of 42 of 103 operating nuclear power plant units were associated with the Y2K readiness program audits of 12 utility licensees. Based on the results of these audits, we have concluded that the audited licensees are effectively addressing the Y2K problem and are taking the actions necessary to achieve Y2K readiness per the Generic Letter 98-01 target date. Further, the audits have verified that the NEI/NUSMG guidance is sufficient. We have not identified any issues that would preclude licensees from achieving Y2K readiness. Finally, we are actively involved in promoting awareness of the Year 2000 problem internationally.
Actions Internal to the NRC
I am pleased to tell you that as of February 5, 1999, all 88 of NRC's mission-critical, business-essential and non-critical systems have been examined and, as needed, fixed with regard to the Year 2000 (Y2K) problem. This work was accomplished more than a month ahead of OMB's established milestone and well under budget.
As part of this effort, we analyzed and identified embedded chip systems at the NRC and made necessary upgrades or replacements to make them Y2K compliant. Also, we worked with our data exchange partners and repaired, validated, and implemented those systems requiring changes.
All work necessary to ensure that 100 percent of our telecommunications infrastructure is compliant or not affected by Year 2000 issues has been completed. Our telecommunications service providers have been contacted to determine their plans to achieve Year 2000 compliance. All have responded that they are compliant or will be compliant by mid-1999. The one (NRC) mission-critical system that is directly linked to operating nuclear power plants is our Emergency Response Data System (ERDS). This application performs the communication and data transmission functions that provide near real-time data to NRC incident response personnel during declared emergencies. We have verified that this system has been made Y2K compliant and that the interface of the system with licensed facilities is functional.
NRC Actions With Licensees
Since 1996, the NRC has been working with nuclear industry organizations and licensees to address the Y2K problem. To ensure that senior level management at operating U.S. nuclear facilities was aware of the Y2K problem, the NRC issued Information Notice (IN) 96-70, "Year 2000 Effect on Computer System Software," on December 24, 1996. The Notice 96-70 described the potential problems that nuclear facility computer systems and software might encounter during the transition to the new century. All U.S. nuclear power plants, fuel cycle facilities, and other material licensees were provided with copies of this document.
In 1997, the Nuclear Energy Institute (NEI) agreed to take the lead in developing industry-wide guidance for addressing the Y2K problem at nuclear power reactors. In November 1997, NEI issued a guidance document to all U.S. nuclear power plant licensees, entitled "Nuclear Utility Year 2000 Readiness" (NEI/NUSMG 97-07).
In Generic Letter 98-01, issued May 11, 1998, the NRC accepted the NEI/NUSMG 97-07 guidance as an appropriate program for nuclear power plant Year 2000 readiness and requested that all operating U.S. nuclear power plant licensees submit written responses regarding their facility-specific Y2K readiness programs in order to obtain confirmation that licensees are addressing the Y2K problem effectively. Thus far, all licensees have responded to GL 98-01 stating that they have adopted plant-specific programs, similar to that outlined in the NEI/NUSMG 97-07 guidance document, that are intended to make the plants Y2K ready by July 1, 1999.
Similarly, Generic Letter 98-03 was sent to fuel cycle licensees and certificate holders requesting written confirmation of implementation of their Year 2000 Readiness Program. Further, facilities were requested to provide written confirmation that the facilities are Y2K ready and in compliance with the terms and conditions of their license/certificate and NRC regulations. All facilities have confirmed implementation of their Year 2000 Readiness Program. All facilities are scheduled to be Y2K ready in October 1999.
Generic Letter 98-01 also requests a written response, no later than July 1, 1999, confirming that these facilities are Y2K ready. Licensees who are not Y2K ready by July 1, 1999, must provide a schedule for remaining work to ensure timely Y2K readiness. The NRC will assess these responses and, by September 30, 1999, determine the need for further plant-specific regulatory actions. Should the NRC identify a situation where the Y2K problem results in a licensee being in noncompliance with the plant license or NRC regulations, appropriate regulatory action (e.g. a shutdown order) will be taken as necessary.
Based on the results of our audits (as discussed below), licensee management oversight of the Y2K readiness programs has generally been aggressive and is contributing to the success of nuclear power plant Y2K readiness efforts. Licensees are devoting the necessary resources to their programs to meet their readiness schedules. At a recent February 11, 1999 Commission meeting on the Year 2000 issue, the Nuclear Energy Institute (NEI) informed the Commission that all 66 power reactor sites will carry out an audit of their Year 2000 readiness activities. Specifically, NEI stated that 54 sites have completed internal Year 2000 quality assurance audits, 33 sites have completed cross utility audits, and 43 sites have completed third party audits. Moreover, the continued sharing of work and information through owners groups and utility alliances is aiding in proper Y2K readiness program implementation.
As with other aspects of plant operation, we provide independent oversight and respond when appropriate to ensure adequate protection of public health and safety. Our oversight processes rely on the recognized ability of our licensees to complete critical self-assessments and initiate appropriate corrective actions. Notwithstanding the comprehensive industry Y2K efforts, we have recognized the importance of providing an appropriate level of NRC oversight of Y2K preparations at nuclear power plants.
NRC resident inspectors who are assigned to all power reactor sites will carry out reviews of licensee Y2K readiness activities. In addition, since last September, the NRC staff has conducted 12 planned sample audits of nuclear power plant licensee Y2K programs. These audits were completed in January 1999. The results of these audits have been documented in NRC-issued audit reports which are available on the NRC website and have been discussed at industry workshops. We also plan to communicate a summary of our observations and lessons learned through the issuance of an information notice.
The NRC staff selected a variety of types of plants of different ages, vendor design, and locations in this audit sample in order to obtain the necessary assurance that nuclear power industry Y2K readiness programs are being effectively implemented and that licensees are on schedule to meet the readiness target date of July 1, 1999, established in Generic Letter 98-01. The licensee sample audits included large utilities such as Commonwealth Edison and Tennessee Valley Authority as well as small, single reactor licensees such as North Atlantic Energy (Seabrook) and Wolf Creek Nuclear Operating Corporation.
These findings are consistent with those recently reported by the Department of Energy in the January 11, 1999, report prepared by the North American Electric Reliability Council on the status of Y2K readiness of the electric power grid.
To date, the NRC staff has not identified or been apprised of any Y2K problems in nuclear power plant systems that directly impact actuation of safety functions. The majority of commercial nuclear power plants have protection systems that are analog rather than digital or software-based and thus not impacted by the Y2K problem. Errors such as incorrect dates in print-outs, logs or displays have been identified by licensees in some safety-related devices, but the errors do not affect the safety functions performed by the devices or systems. Most Y2K problems are in non- safety systems such as security systems and plant monitoring systems which support day-to-day plant operation but have no functions necessary for reactor safety. In addition, through site visits and surveys NRC continues to monitor the security systems at reactors and does not expect any Y2K problems following licensee actions in this area. These systems are being addressed in the licensee Y2K readiness programs consistent with the industry guidance and the GL 98-01 schedule.
In NRC Generic Letter 98-01, it was also noted that despite the best of efforts to achieve Y2K readiness, unanticipated problems (particularly events external to a plant) could occur and disrupt continued plant operation. Therefore, contingency plans are needed to address potential unanticipated Y2K problems. To address this need, in August 1998 NEI issued another guidance document, "Nuclear Utility Year 2000 Readiness Contingency Planning," (NEI/NUSMG 98-07) which is being incorporated into Y2K readiness programs by all U.S. nuclear power plant licensees. These detailed plant- specific Y2K contingency plans also are scheduled to be completed by July 1, 1999.
As a result of the 12 sample audits, we have concluded that, in general, licensees began to develop contingency plans late in the Y2K preparation process. As a consequence, we have decided to conduct six additional, differently focused reviews, involving licensees other than those that comprised the original 12, to determine the effectiveness of industry contingency planning guidance. We will begin these reviews in April 1999 and conclude them in June 1999. These reviews will focus on the licensees' approach to addressing both internal and external Y2K risks to safe plant operations based on the guidance in NEI/NUSMG 98- 07. Resident inspectors at all power reactor sites will also carry out reviews of licensee's contingency plans.
NRC has conducted one Y2K inspection at each of the ten major fuel facilities. The inspections determined that all facilities are adequately addressing Year 2000 issues and will be Year 2000 Ready by December 31, 1999. The Y2K readiness program implemented by each fuel facility is intended to identify and repair software, hardware, and embedded systems that could degrade, impair, or prevent operability of the facility.
Broader National Focus
Although the primary focus of the NRC with our licensees has been on public health and safety, related to reactor operations, we recognize the concern that the Year 2000 problem could affect the reliability of electrical grids. Our regulatory focus on electrical grid reliability has related primarily to the challenges to plant safety systems that might result from a grid transient, such as a loss of offsite power.
However, the Y2K problem has presented the NRC with a unique challenge because NRC regulatory oversight and authority does not extend to the U.S. offsite electrical grid system. Nonetheless, we recognize the national importance of a broader focus that helps to ensure that potential concerns with electrical grid reliability are identified and resolved. The NRC supports the efforts of the President's Council on Year 2000 Conversion. As members of the Energy/Electric Power Sector Working Group, we understand the importance not only of maintaining nuclear power plant safety, but of enhancing safe grid operation in the face of the Y2K problem as well.
With respect to electric power distribution, in May 1998, the U.S. Secretary of Energy requested that the North American Electric Reliability Council (NERC) coordinate efforts within the electric power industry to assure a smooth Year 2000 transition. The NERC is a voluntary industry reliability group, made up of 10 regional councils, whose membership includes nearly every major provider of electricity generation and transmission within the Eastern, Western, and Texas interconnections that form the backbone of the electricity supply system for the United States, Canada, and a small portion of Mexico.
The NERC has established recommended industry-wide milestones for ensuring that U.S. electric systems are ready for the Year 2000. The recommended completion date for the remediation/testing phase of Y2K preparations is May 1999. Mission-critical systems and components (e.g., power production, energy management systems, telecommunications, substation controls and system protection, and distribution systems) are to be made Y2K ready by June 30, 1999.
The NERC has worked in partnership with trade associations representing investor-owned utilities (Edison Electric Institute), municipal utilities (American Public Power Association), rural electric cooperatives (National Rural Electric Cooperatives Association), nuclear power plant operators (Nuclear Energy Institute), and the Canadian electric power industry (Canadian Electricity Association) to ensure the most complete coverage of the industry in the surveys and assessments of Y2K readiness.
The U.S. electric power industry is placing considerable emphasis on contingency planning for the Year 2000 transition. The NERC is targeting June 1999 for completion of contingency plans.
The NRC also is developing a Y2K contingency plan to enable us to respond rapidly to potential events at licensed U.S. facilities resulting from unanticipated Y2K problems. The draft plan includes provisions to collect and disseminate information on Y2K-related events that occur in countries in time zones ahead of the U.S. Continued safe operation of nuclear power plants during the transition to the Year 2000 is important to help maintain reliable electrical power supplies. As such, the draft NRC Y2K contingency plan includes considerations for rapid decision-making under circumstances where a Y2K problem might result in licensee non-compliance, but would not affect continued safe plant operation. The draft NRC Y2K contingency plan is being coordinated with the U.S. nuclear power industry, other Federal agencies (including the Federal Emergency Management Agency), State governments, and international nuclear regulatory organizations. The public comment on the draft Y2K contingency plan recently concluded and the final plan is scheduled to be forwarded to the Commission in April.
In early October the NRC plans to conduct a "Y2K Exercise." In this dry run we will attempt to ensure that all aspects of our Y2K contingency plan are in place. Regulators from Taiwan, Japan, Finland, Sweden and the United Kingdom have all expressed an interest in participating in this exercise. We also hope to have participation from several of our licensees.
We consider public awareness a vital aspect of our Y2K program and have kept the public informed about our Y2K activities through numerous media releases, responses to questions by telephone, electronic mail, and letters, interviews with reporters, participation at workshops, public meetings, and maintenance of current Y2K information on our Web site.
We are actively involved in promoting awareness of the Year 2000 readiness issues internationally. In preparation for the 42nd IAEA General Conference in September 1998, the NRC took the lead in drafting a resolution on the Year 2000 (Y2K) readiness for the safety of nuclear power plants, fuel cycle facilities, and other enterprises using radioactive materials. That resolution urged, among other things, that: Member States submit information to the IAEA on activities underway to inventory and remediate Y2K problems at their nuclear facilities; and that the IAEA act as a central coordination point in disseminating information about Member State Y2K activities.
During its numerous bilateral side meetings with countries such as Argentina, Lithuania, Russia and Ukraine, the NRC presented the draft resolution and urged their support. Ultimately, 28 Member States co-sponsored the resolution, including a number of countries that have nuclear facilities whose safety are of particular concern to the U.S. government.
Since the General Conference, the NRC likewise has worked with the IAEA to formulate a Y2K program that would address nuclear safety aspects of the Y2K problem. We requested that State Department funds be allocated, under the FY98 Voluntary Contribution, to fund a Cost-Free Expert (an individual who would work at the IAEA for one year at no cost to the IAEA) to work specifically on Y2K nuclear safety matters in the Department of Nuclear Safety. The Cost-Free Expert assumed his post in December 1998, and the Department of Nuclear Safety is now developing and implementing a comprehensive program to help Member States address Y2K remediation issues and contingency planning.
In the international arena, our understanding is that the nuclear power industry and its regulators in Canada, Western Europe, and the Far East have undertaken similar efforts and readiness schedules to that of the NRC for addressing the Y2K problem at nuclear power plants. However, some countries have started only recently to focus on the Y2K problem. Last month, at a meeting of the International Nuclear Regulators Association (INRA), which is Chaired by NRC Chairman, Dr. Shirley Ann Jackson, a statement was drafted on the Y2K problem, expressing concern that the results of the recent United Nations Conference indicated that few countries will be Y2K ready, and that few have adopted expert guidance regarding remediation and contingency planning. Contingency planning, while important in itself to all countries, takes on new importance in late-starting countries, due to the short time remaining before the year 2000. In its statement, which was transmitted to appropriate agencies in INRA member governments, to the Nuclear Energy Agency of the Organization for Economic Cooperation and Development, to the International Atomic Energy Agency, and to the Chairman of the first Review Meeting of the Convention on Nuclear Safety for use in the peer review process, the INRA urged governments and their regulatory authorities to take urgent action to diagnose the extent of the Y2K problem in nuclear facilities (including nuclear power plants, fuel cycle facilities, and medical facilities), and to formulate and implement effective remediation programs and contingency planning in the near term for this pre- eminent concern. This remains a key aspect to effective Y2K readiness.
As discussed above, we have been proactive in addressing the Year 2000 problem internal to the NRC and with our licensees. Additionally, we continue to work, both nationally and internationally, to promote awareness and provide assistance in addressing the Year 2000 problem. Ensuring continuity at the interfaces of regulator-to- licensee, regulator-to-public, and regulator-to- government is crucial. It is the recognition that, despite industry efforts and our efforts, something still could go awry that will continue to drive our Y2K readiness efforts.
With that said, it is of paramount importance to note that the NRC and the nuclear power industry are addressing the Year 2000 computer problem in a comprehensive, thorough and deliberate manner. To date, we have not identified or received notification from licensees or vendors that a Year 2000 problem exists with safety-related initiation and actuation systems. Further, we believe that we have--through Generic Letter 98-01, the sample audits and other oversight activities- -established a framework that appropriately assures that the Year 2000 problem will not have an adverse impact on the ability of a nuclear power plant to safely operate or safely shut down.
We look forward to working with the Subcommittee and welcome your questions.