EA-97-585 - San Onofre 2 & 3 (Southern California Edison Co.)

February 18, 1998

EA 97-585

Harold B. Ray, Executive Vice President
Southern California Edison Company
San Onofre Nuclear Generating Station
P.O. Box 128
San Clemente, California 92674-0128

SUBJECT:

NOTICE OF VIOLATION (NRC Inspection Report No. 50-361/97-24; 50-362/97-24)

Dear Mr. Ray:

This refers to the predecisional enforcement conference conducted in the NRC's Region IV office in Arlington, Texas on January 20, 1998, and to the supplemental information Southern California Edison Company (Edison) provided in its letter dated February 3, 1998. The conference was held to discuss the results of a routine inspection conducted on November 17 through December 5, 1997, at the San Onofre Nuclear Generating Station. The findings from the inspection were discussed with your staff during a telephonic exit briefing on December 18, 1997, and documented in the subject inspection report dated December 24, 1997.

Based on the information developed during the inspection and the information that Edison provided during the conference and in its February 3 letter, the NRC has determined that violations of NRC requirements occurred. These violations are cited in the enclosed Notice of Violation (Notice) and the circumstances surrounding them are described in detail in the subject inspection report. The most significant violation involves a failure to protect safeguards information. Specifically, a Safeguards Contingency Plan was lost and has not been recovered.

During the conference, Edison's position was that there is sufficient justification to believe the loss of the Safeguards Contingency Plan was an inadvertent act, and not a deliberate attempt by an unauthorized person to gather information about the Edison security contingency plans. Edison noted that although the plan contains much information about how the security organization would respond to various events, the plan does not contain every key detail. Edison also stated that its program for the control of safeguards information substantially exceeds regulatory requirements and that the loss of the plan was an anomaly. As a result, Edison concluded that the violation should be classified at Severity Level IV because it was an isolated personnel error, aggressive corrective action was taken, the loss was not indicative of a programmatic breakdown or a loss of safety function, and it was not willful.

Notwithstanding Edison's position, the circumstances involving the location, duration (until identification), and the importance of the information are significant. The plan was lost from a building located outside the protected area, up to one month had passed before Edison discovered that the plan was missing, the plan has not yet been recovered, and the plan contains significant safeguards information. These factors create the potential for security to be compromised; and a violation of this type is considered significant. Therefore, this violation has been categorized at Severity Level III in accordance with the "General Statement of Policy and Procedure for NRC Enforcement Actions" (Enforcement Policy), NUREG-1600.

In accordance with the Enforcement Policy, a civil penalty with a base value of $55,000 is considered for a Severity Level III violation. Because your facility has not been the subject of escalated enforcement action within the last 2 years, the NRC considered whether credit was warranted for Corrective Action in accordance with the civil penalty assessment process in Section VI.B.2 of the Enforcement Policy. Edison's corrective actions included immediately initiating a significant investigation, taking aggressive measures to find the plan, immediately implementing security compensatory measures, notifying the NRC, enhancing requirements for controlling safeguards information, soliciting the assistance of the entire site population, revising the plan, and relocating some key security contingency equipment. The NRC has concluded that Edison's corrective actions were sufficiently prompt and comprehensive, and that Edison is deserving of corrective action credit.

Therefore, to encourage prompt and comprehensive correction of violations, and in recognition of the absence of previous escalated enforcement action, I have been authorized not to propose a civil penalty in this case. However, significant violations in the future could result in a civil penalty.

The attached Notice contains three additional violations involving failures to: (1) secure contingency weapons in two instances, (2) report to the NRC the discovery of weapons that were out of the control or physical custody of security personnel, and (3) provide emergency power supply to a small portion of the intrusion detection system. In accordance with the enforcement policy, each of these four violations has been classified at Severity Level IV. During the conference, Edison stated that these remaining violations were either not violations or, for those issues which Edison agreed were violations, satisfied the enforcement policy criteria for non-cited violations (NCV). Edison's arguments are addressed below.

Regarding the failure to secure contingency weapons, Edison agreed that a severity level IV violation occurred but that it met the enforcement policy criteria for NCV. However, the NRC has determined that the corrective actions for the first instance of this violation (July 30, 1997) could reasonably be expected to have prevented the second instance (November 7, 1997). Therefore, this does not meet the criteria for treatment as an NCV.

Regarding the failure to report the loss of the security computers, Edison's position was that its compensatory measures taken were adequate, and therefore the failure of the security computer did not have to be reported consistent with Edison's reporting procedure. While the NRC still has questions about the adequacy of the compensatory measures, Section IV.D of the Enforcement Policy states that a licensee will not normally be cited for a failure to report a condition or event unless the licensee was actually aware of the condition or event that it failed to report. As such, no violation is being cited for this issue.

Regarding the failure to report the discovery of the unlocked and unattended contingency weapons, Edison argued that insufficient guidance exists for what constitutes the "loss" of a weapon. The NRC's position is that the weapons were out of the control and physical custody of security personnel inside the protected area on July 30, 1997, and therefore, in accordance with Edison's reporting procedure, required a 1-hour report.

Regarding the failure to provide emergency power supply to one portion of the intrusion detection system, Edison's position was that this violation satisfied the enforcement policy criteria for and should be characterized as an NCV. The NRC's position is that, although Edison's long term corrective action (a permanent engineered fix) was appropriate, the immediate corrective actions were inadequate in that no interim measures were taken to immediately return to compliance (i.e., to provide backup power supply or uninterruptible power, or implement compensatory measures) until the permanent engineered fix could be implemented. As a result, the violation continued to exist for several weeks after discovery. Therefore, this violation does not meet the enforcement policy criteria for an NCV.

Regarding the improper implementation of compensatory measures during times when the security computers were not functioning, Edison's position was that no regulatory violation occurred because compensatory measures were properly implemented. However, during the inspection, the NRC inspector requested that security personnel demonstrate satisfactory performance of three different patrol routes for a simulated computer outage. Edison security personnel did not properly complete two of the three patrol routes within the allotted time. During the conference, Edison did not adequately show that these failures were isolated and the NRC requested further information regarding the control of the security procedures and guidance that ensure compensatory measures are adequately implemented. In its February 3, 1998, letter, Edison provided further information regarding the adequacy of its procedures and the adequacy of the compensatory measures taken during the computer outages. However, the NRC does not have sufficient information to determine whether a violation occurred, and this issue will be tracked as an Unresolved Item pending further review.

Edison's February 3 letter also provided comments to the inspection report. The comments reasserted Edison's perspective on the issues discussed during the predecisional enforcement conference. We acknowledge Edison's position, and we provided the NRC's position in the inspection report and, where appropriate, we are responding to Edison's positions in this enforcement action. We have determined that there were no factual errors in the inspection report; therefore, a revision to the report will not be issued.

You are required to respond to this letter and should follow the instructions specified in the enclosed Notice when preparing your response. The NRC will use your response, in part, to determine whether further enforcement action is necessary to ensure compliance with regulatory requirements.

In accordance with 10 CFR 2.790 of the NRC's "Rules of Practice," a copy of this letter, its enclosure, and your response will be placed in the NRC Public Document Room.

 

Sincerely, James E. Dyer for Ellis W. Merschoff Regional Administrator

Docket Nos.: 50-361; 50-362
License Nos.: NPF-10; NPF-15

Enclosure: Notice of Violation

cc:
Chairman, Board of Supervisors
County of San Diego
1600 Pacific Highway, Room 335
San Diego, California 92101

Alan R. Watts, Esq.
Woodruff, Spradlin & Smart
701 S. Parker St. Suite 7000
Orange, California 92868-4720

Sherwin Harris, Resource Project Manager
Public Utilities Department
City of Riverside
3900 Main Street
Riverside, California 92522

R. W. Krieger, Vice President
Southern California Edison Company
San Onofre Nuclear Generating Station
P.O. Box 128
San Clemente, California 92674-0128

Stephen A. Woods, Senior Health Physicist
Division of Drinking Water and
Environmental Management
Nuclear Emergency Response Program
California Department of Health Services
P.O. Box 942732, M/S 396
Sacramento, California 94334-7320

Mr. Gary D. Cotton, Sr. Vice President
Energy Supply
San Diego Gas & Electric Company
P. O. Box 1831
San Diego, California 92112-4150

Mr. Steve Hsu
Radiological Health Branch
State Department of Health Services
P.O. Box 942732
Sacramento, California 94234

Mayor
City of San Clemente
100 Avenida Presidio
San Clemente, California 92672

Mr. Truman Burns\Mr. Robert Kinosian
California Public Utilities Commission
505 Van Ness, Rm. 4102
San Francisco, California 94102

---

NOTICE OF VIOLATION

Southern California Edison Co. San Onofre Nuclear Generating Station

Docket Nos.: 5O-361; 5O-362 License Nos.: NPF-10; NPF-15 EA 97-585

During an NRC inspection conducted on November 17 through December 5, 1997, violations of NRC requirements were identified. In accordance with the "General Statement of Policy and Procedure for NRC Enforcement Actions," NUREG-1600, the violations are listed below:

A. 10 CFR 73.21(b)(1)(viii) requires that the composite safeguards contingency plan for the facility or site will be protected as safeguards Information. 10 CFR 73.21(d)(1) and (2) require that safeguards information shall be under the control of an authorized individual or if in storage, shall be locked in an a locked security storage container.

Contrary to the above, on October 27, 1997, the licensee discovered and reported that a copy of the composite safeguards contingency plan was lost, i.e., not under the control of an authorized individual or locked in a locked security storage container. The plan was missing from the safeguards storage container in the security operations office, located outside the protected area. A search of the site did not result in the discovery of the safeguards document. (01013)

This is a Severity Level III violation (Supplement III).

B. License Condition 2.E of the San Onofre Nuclear Generating Station Operating License dated August 25, 1988, requires, in part, that the license fully implement and maintain in effect all provisions of the Commission-approved physical security plan. This includes amendments and changes made pursuant to the authority of 10 CFR 50.90 and 10 CFR 50.54(p).

1. Paragraph 9.2 of the physical security plan states, in part, "Additional unloaded weapon locations, secured inside locked storage containers, are described in the security contingency plan." Paragraph 3.4.5 of the security contingency plan states, in part, "Weapons and ammunition are secured in fixed and mobile strategically located containers."

Contrary to the above, on July 30 and November 7, 1997, security officers discovered weapons and ammunition that were not secured. Specifically, in each instance, security officers found that a safeguards contingency cabinet was unlocked and unattended. The contingency cabinets contained weapons and ammunition and were unsecured for several hours. (02014)

This is a Severity Level IV violation (Supplement III).

2. Paragraph 3.2.4 of the physical security plan states, in part, " SCE has established a management system that provides for the development, implementation, and enforcement of security procedures." Paragraph B.14 of Security Procedure SO123-IV-11.2 (Attachment 2, 1-Hour Reportability Criteria), "Loss or Unattended Weapon in the Protected Area, requires that the following be reported to the NRC: "Any weapon which becomes lost or out of the control or physical custody of security personnel for any length of time. The 10 minute rule is not applicable."

Contrary to the above, on July 30, 1997, Security Procedure SO123-IV-11.2 was not adequately implemented when no 1-hour report was made to the NRC upon discovery of a weapon which was out of the control or physical custody of security personnel for several hours. Specifically, a contingency weapon container located inside the protected area, with a weapon and ammunition inside, was unlocked and unattended. The incident was logged in the safeguards event logs instead of being reported within 1-hour to the NRC. (03014)

This is a Severity Level IV violation (Supplement III).

3. Paragraph 6.3.4 of the physical security plan requires that intrusion detection system units will be powered by either station power, with a 4-hour rated, self-contained battery for backup power supply, or station uninterruptible power supply.

Contrary to the above, between July 31 and October 29, 1997, Guardwire GW-645, a portion of the intrusion detection system unit, was powered by station power without a 4-hour rated, self-contained battery for backup power supply. Also, it was not powered by station uninterruptible power supply. (04014)

This is a Severity Level IV violation (Supplement III).

Pursuant to the provisions of 10 CFR 2.201, Southern California Edison (Licensee) is hereby required to submit a written statement or explanation to the U.S. Nuclear Regulatory Commission, ATTN: Document Control Desk, Washington, D.C. 20555 with a copy to the Regional Administrator, Region IV, and a copy to the NRC Resident Inspector at the facility that is the subject of this Notice, within 30 days of the date of the letter transmitting this Notice of Violation (Notice). This reply should be clearly marked as a "Reply to a Notice of Violation" and should include for each violation: (1) the reason for the violation, or, if contested, the basis for disputing the violation or severity level, (2) the corrective steps that have been taken and the results achieved, (3) the corrective steps that will be taken to avoid further violations, and (4) the date when full compliance will be achieved. Your response may reference or include previous docketed correspondence, if the correspondence adequately addresses the required response. If an adequate reply is not received within the time specified in this Notice, an order or a Demand for Information may be issued as to why the license should not be modified, suspended, or revoked, or why such other action as may be proper should not be taken. Where good cause is shown, consideration will be given to extending the response time.

If you contest this enforcement action, you should also provide a copy of your response to the Director, Office of Enforcement, United States Nuclear Regulatory Commission, Washington, DC 20555-0001.

Under the authority of Section 182 of the Act, 42 U.S.C. 2232, this response shall be submitted under oath or affirmation.

Because your response will be placed in the NRC Public Document Room (PDR), to the extent possible, it should not include any personal privacy, proprietary, or safeguards information so that it can be placed in the PDR without redaction. If personal privacy or proprietary information is necessary to provide an acceptable response, then please provide a bracketed copy of your response that identifies the information that should be protected and a redacted copy of your response that deletes such information. If you request withholding of such material, you must specifically identify the portions of your response that you seek to have withheld and provide in detail the bases for your claim of withholding (e.g., explain why the disclosure of information will create an unwarranted invasion of personal privacy or provide the information required by 10 CFR 2.790(b) to support a request for withholding confidential commercial or financial information). If safeguards information is necessary to provide an acceptable response, please provide the level of protection described in 10 CFR 73.21.

Dated at Arlington, Texas
this 18th day of February 1998