U.S. Nuclear Regulatory Commission Testimony on Year 2000 Readiness
June 12, 1998
Introduction
Mr. Chairman, members of the Committee, I am pleased to be here today on behalf of the Commission to discuss with you
the status of the U.S. Nuclear Regulatory Commission (NRC) response to the Year 2000 computer problem for nuclear
power plants. Our efforts can be divided into three basic areas: our actions internal to the NRC, our interactions
with our reactor licensees and the nuclear power industry, and our broader actions to address the issue of a
reliable electrical grid.
The NRC Strategy for Addressing the Year 2000 Problem
Actions Internal to the NRC
With respect to power reactor licensees, the NRC is working to ensure that all of our mission-critical systems (seven
in total) will be Year 2000 compliant so that our communications and data interfaces will continue to function
properly. The one mission-critical system that is directly linked to operating nuclear power plants is our Emergency
Response Data System (ERDS). This application performs the communication and data transmission functions that
provide near real-time data to NRC incident response personnel during declared emergencies. The NRC currently is
upgrading ERDS to be Year 2000 compliant in order to maintain the same communication protocol as the current system.
Once upgraded, either a 2-digit or a 4-digit date field will be accepted. The upgrade is on schedule to be
completed, tested, and implemented by March 4, 1999. This effort is being conducted under the NRC Year 2000 effort
and is overseen by
Mr. Tony Galante, the NRC Chief Information Officer. All of our other mission-critical systems also are on schedule
to be Year 2000 compliant in accordance with OMB guidelines, with three currently being repaired, and three being
replaced.
NRC Interaction With Reactor Licensees
Since 1996, the NRC has been working with industry organizations to address the Year 2000 problem. After discussions
with the Nuclear Energy Institute (NEI) in 1997, NEI agreed to take the lead in developing industry-wide guidance
for addressing the Year 2000 problem at nuclear power reactors. Last November NEI sent a framework document, which
NRC had reviewed, to all power reactor licensees. We believe that the guidance in that framework document, "Nuclear
Utility Year 2000 Readiness" (NEI/NUSMG 97-07), when properly augmented and implemented, presents nuclear power
plant licensees with an acceptable approach for addressing the Year 2000 problem. We will continue to work closely
with other Federal agencies and industry groups, and to participate in interagency working groups, to ensure that we
stay abreast of emerging Year 2000 concerns and that we take appropriate action to protect public health and safety
and the environment. We strongly encourage licensees to share information regarding identified remediation and
implementation activities, so that Year 2000 problems are identified early and addressed in a cost-effective manner.
In order to obtain confirmation that licensees are addressing the Year 2000 problem effectively with regard to
compliance with the terms and conditions of their licenses and NRC regulations, the NRC is requiring that all
operating nuclear power plant licensees submit a written response stating how they plan to address the Year 2000
problem. The written response is required by a Generic Letter issued on May 11, 1998, which has been developed and
refined over the past six months.
A copy of that Generic Letter is being provided for the record. This Generic Letter refers to the NEI guidance
document (NEI/NUSMG 97-07) as an example of an acceptable approach for addressing the Year 2000 issue at nuclear
power plants.
By the middle of August 1998, the initial written response to the Generic Letter is due. In that response, nuclear
power plant licensees will indicate whether they are pursuing a Year 2000 program based on the NEI program or a
different program. Licensees who elect to use a different program are required to present a brief description of
that program, to ensure that the computer systems at their facilities will be ready for the Year 2000. In addition,
all operating nuclear power plants are required to submit a written response no later than July 1, 1999, confirming
that the facility is, or will be, Year 2000 ready by the Year 2000. If their program is incomplete as of July 1,
1999, their response must contain a status report, including completion schedules, for work remaining to ensure Year
2000 readiness.
In addition to the written responses, we plan to conduct inspections, on a sampling basis, to assess licensee
preparedness for the Year 2000. Any Year 2000 program used at a nuclear facility must be tailored to meet the
specific needs and requirements of that facility and should, in general, comprise the following phases: awareness,
assessment, remediation, validation, and implementation. Completion of the Year 2000 program means that the licensee
has attained their program objectives. These program objectives could range from having all computer systems and
applications, including embedded systems, being Year 2000 compliant, to having some systems Year 2000 compliant and
the remaining systems retired or having permanent and/or temporary compensatory measures in place.
Bounding the Year 2000 Concern for Nuclear Power Plants
The potential impact of the Year 2000 problem on nuclear power plants varies with the types of computer systems in
use. Licensees rely upon: (1) software to schedule maintenance and technical specification surveillance,
(2) programmable logic controllers and other commercial off-the-shelf software and hardware, (3) digital
process control systems, such as a feedwater control or valve control, (4) digital systems for collecting operating
data, and (5) digital systems to monitor post-accident plant conditions.
In addition to the reporting requirements in the Generic Letter, NRC regulations (10 CFR Part 21, 10 CFR 50.72, and
10 CFR 50.73) also require licensees to notify the NRC of significant deficiencies, significant non-conformances,
and failures, such as some of those which could result from the Year 2000 problem in safety-related systems. To
date, the NRC staff has not identified or received notification from licensees or vendors that a Year 2000 problem
exists with safety-related initiation and actuation systems. However, some problems have been identified in
computer-based systems that, while non-safety-related, are nonetheless important. Such systems, primarily databases
and data collection processes necessary to satisfy license conditions, technical specifications, and NRC regulations
that are date driven, may need to be modified for Year 2000 compliance.
Some examples of systems and computer equipment that are most likely to be affected by Year 2000 problems include:
- Plant security computers;
- Plant process systems (data scan, log, and alarm and safety parameter display system computers); and
- Radiation monitoring systems.
Because of the limited time remaining in which to address the problem, the majority of the program remediation,
validation, and implementation activities should be completed at a facility by mid -1999, leaving only a few such
activities scheduled for the third and fourth quarters of 1999. In addition, we recognize that despite every
reasonable effort by licensees to identify and correct Year 2000 computer system problems at their facilities, some
software, applications, equipment, and systems may remain susceptible to the problem. Additionally, software, data,
and systems external to the facility could potentially affect the facility adversely. Therefore, to ensure continued
safe operation of the facility into the Year 2000 and beyond, licensees should formulate contingency plans for
affected systems and equipment. The concept of Year 2000 readiness includes the planning, development, and
implementation of appropriate contingency plans or compensatory actions for items that are not expected to be Year
2000 compliant, to address the possible impact that unrecognized problems may have on safe plant operation.
Interactions with the Nuclear Power Industry
The NRC has been involved actively with the nuclear industry in addressing the Year 2000 problem, and we are
reasonably encouraged by industry efforts. We expect continuation of this effort in the response to the NRC Generic
Letter that I mentioned earlier.
To ensure that senior level management at nuclear power plant licensees were aware of the Year 2000 problem, the
first industry-wide NRC action was to issue Information Notice (IN) 96-70, "Year 2000 Effect on Computer System
Software," on December 24, 1996. In that Information Notice, the NRC staff described the potential problems that
nuclear power plant computer systems and software may encounter during the transition to the new century. The NRC
staff also encouraged licensees to examine their uses of computer systems and software well before the turn of the
century, and suggested that licensees consider appropriate actions for examining and evaluating their computer
systems for Year 2000 vulnerabilities.
At the Nuclear Utilities Software Management Group (NUSMG) Year 2000 Workshop, an industry workshop held in July
1997, selected nuclear power plant licensees described their Year 2000 programs and gave examples of areas in which
they had addressed Year 2000 issues in order to ensure the safety and operability of their plants on and after
January 1, 2000. Some of the issues discussed included: (1) the evaluation of the impact of the Year 2000 problem on
plant equipment; (2) the assessment process involved in the identification of components, vendors, and interfaces;
(3) the development of Year 2000 testing strategies; and (4) the identification of budget needs to address the Year
2000 problem.
In August 1997, the NRC staff incorporated recognition of the Year 2000 concern in the updated Standard Review Plan,
NUREG-0800, Chapter 7, "Instrumentation and Control." This document provides guidance to NRC staff reviewers of
computer-based instrumentation and control systems, to ensure that the Year 2000 issue was addressed in any new
systems or modifications proposed by licensees.
Also in August 1997, the Nuclear Energy Institute (NEI) met with NUSMG and nuclear plant utility representatives to
formulate an industry-wide plan to address the Year 2000 issue. On October 7, 1997, representatives of NEI and NUSMG
met with the NRC staff to discuss the actions that NEI was taking to help utilities make their plants "Year 2000
ready." NEI presented the framework document discussed earlier. That document makes a distinction in terminology
between the expressions, "Year 2000 ready," and "Year 2000 compliant." "Year 2000 compliant" is defined as those
computer systems or applications that accurately process date/time data (including but not limited to calculating,
comparing, and sequencing) from, into, and between the 20th and 21st centuries, the years 1999 and 2000, and
leap-year calculations. "Year 2000 ready" is defined as a computer system or application that has been determined to
be suitable for continued use into the year 2000 even though the computer system or application is not fully "Year
2000 compliant."
NEI/NUSMG issued the framework document to all licensees in November 1997. The document recommends methods for
nuclear utilities to attain Year 2000 readiness and thereby ensure that their facilities remain safe and continue to
operate within the requirements of their licenses. The scope of the document includes software, or software-based
systems or interfaces, whose failure (due to the Year 2000 problem) would (1) prevent the performance of the safety
function of a structure, system, or component, or (2) degrade, impair, or prevent compliance with the nuclear
facility license and/or NRC regulations. After reviewing the document, the NRC has endorsed this document as an
acceptable approach for dealing with the Year 2000 problem at nuclear power plants.
NEI/NUSMG 97-07 also suggests a strategy for developing and implementing a Year 2000 program for nuclear utilities.
The strategy recognizes management, implementation, quality assurance (QA) measures, regulatory considerations, and
documentation as the fundamental elements of a successful Year 2000 project. The document contains examples of
strategies that licensees currently are using, and also recommends that the Year 2000 program be administered
through standard project management techniques.
The recommended components for management planning are as follows: (1) management awareness,
(2) sponsorship, (3) project leadership, (4) project objectives, (5) the project management
team, (6) the management plan, (7) project reports, (8) interfaces, (9) resources, (10) oversight, and (11)
quality assurance. The suggested phases of implementation are awareness, initial assessment (which includes
inventory, categorization, classification, prioritization, and analysis of initial assessment), detailed assessment
(including vendor evaluation, utility-owned or utility-supported software evaluation, interface evaluation, and
remedial planning), remediation, Year 2000 testing and validation, and notification.
The QA measures specified in NEI/NUSMG 97-07 apply to project management QA and implementation QA. Regulatory
considerations include the performance of appropriate reviews, reporting requirements, and documentation.
Documentation of Year 2000 program activities and results includes documentation requirements, project management
documentation, vendor documentation, inventory lists, checklists for initial and detailed assessments, and record
retention. NEI/NUSMG 97-07 also contains examples of various plans and checklists as appendices, which may be used
or modified to meet the licensee-specific needs and/or requirements.
It should be recognized that NEI/NUSMG 97-07 is programmatic, and does not address fully all the elements of a
comprehensive Year 2000 program. In particular, augmented guidance in the area of risk management, business
continuity and contingency planning, and remediation of embedded systems is needed to fully address some Year 2000
issues that may arise in licensee program implementation. The NRC staff believes that the guidance in NEI/NUSMG
97-07, when properly augmented and implemented, presents an example of one acceptable approach for licensees when
addressing the Year 2000 problem at nuclear power plant facilities.
The NRC Role In Ensuring Electrical Grid Reliability
Although the primary focus with our licensees has been on public health and safety related to reactor operations, we
recognize the concern that the Year 2000 problem may potentially affect the reliability of electrical grids. Our
regulatory focus in electrical grid reliability primarily relates to the challenges to plant safety systems that
might result from a transient on the electrical grid, such as a loss of offsite power. Nuclear power reactors have
two independent sources of offsite power, and are designed to safely shut down if a loss of all offsite power were
to occur. In the event of a loss of offsite power, onsite electric power systems provide adequate electrical power
to safely shutdown and cool down the reactors. As you know, NRC regulatory oversight and authority does not extend
to the offsite electrical grid system.
Notwithstanding our regulatory limits, we recognize the national importance of a broader focus that helps to ensure
that potential concerns with electrical grid reliability are identified and resolved. We support the efforts of the
President's Council on Year 2000 Conversion and are members of the Energy Working Group. We are working closely with
representatives from the Federal Energy Regulatory Commission and the Department of Energy to give assistance with,
and share information on, potential problems associated with the Year 2000.
Conclusions
The NRC and the nuclear power industry are addressing the Year 2000 computer problem in a thorough and deliberate
manner. To date, we have not identified or received notification from licensees or vendors that a Year 2000 problem
exists with safety-related initiation and actuation systems. Further, we believe that we have, through Generic
Letter 98-01 and the planned follow-up inspections, established a framework that appropriately assures us that the
Year 2000 problem will not have an adverse impact on the ability of a nuclear power plant to safely operate or
safely shut down. We recognize the importance of maintaining a reliable electrical grid, and we will continue to
work with the President's Council on Year 2000 Conversion Energy Working Group, the Federal Energy Regulatory
Commission, and the Department of Energy to give assistance and share information regarding potential problems
associated with the coming of the Year 2000.
We look forward to working with the Special Committee and welcome your questions.
Page Last Reviewed/Updated Thursday, April 16, 2020