81 FR 34916 - Programmable Logic Computers in Nuclear Power Plant Control Systems
NUCLEAR REGULATORY COMMISSION Federal Register Volume 81, Issue 105 (June 1, 2016)
Federal Register Volume 81, Issue 105 (June 1, 2016)
| Page Range | 34916-34919 | |
| FR Document | 2016-12926 |
[Federal Register Volume 81, Number 105 (Wednesday, June 1, 2016)] [Proposed Rules] [Pages 34916-34919] From the Federal Register Online [www.thefederalregister.org] [FR Doc No: 2016-12926] �======================================================================== �Proposed Rules � Federal Register �________________________________________________________________________ � �This section of the FEDERAL REGISTER contains notices to the public of �the proposed issuance of rules and regulations. The purpose of these �notices is to give interested persons an opportunity to participate in �the rule making prior to the adoption of the final rules. � �======================================================================== � ��Federal Register / Vol. 81, No. 105 / Wednesday, June 1, 2016 / Proposed Rules�� [[Page 34916]] NUCLEAR REGULATORY COMMISSION 10 CFR Part 73 [Docket No. PRM-73-17; NRC-2013-0214] Programmable Logic Computers in Nuclear Power Plant Control Systems AGENCY: Nuclear Regulatory Commission. ACTION: Petition for rulemaking; denial. ----------------------------------------------------------------------- SUMMARY: The U.S. Nuclear Regulatory Commission (NRC) is denying a petition for rulemaking (PRM), filed by Mr. Alan Morris (petitioner) on March 14, 2013, as supplemented most recently on December 19, 2013. The petition was docketed by the NRC on February 7, 2014, and was assigned Docket No. PRM-73-17. The petitioner requested that the NRC require that his ``new-design programmable logic computers [PLCs]'' be installed in the control systems of nuclear power plants to block malware attacks on the industrial control systems of those facilities. In addition, the petitioner requested that nuclear power plant staff be trained ``in the programming and handling of the non-rewriteable memories'' for nuclear power plants. The NRC is denying the petition because the petitioner did not present any significant new information or arguments that would support the requested changes, nor has he demonstrated that a need exists for a new regulation requiring the installation of his new-design PLCs in the control systems of NRC- licensed nuclear power plants. DATES: The docket for the petition for rulemaking PRM-73-17 is closed on June 1, 2016. ADDRESSES: Please refer to Docket ID NRC-2013-0214 when contacting the NRC about the availability of information regarding this petition. You may obtain publicly-available documents related to the petition using any of the following methods:Federal Rulemaking Web site: Go to http://www.regulations.gov and search for Docket ID NRC-2013-0214. Address questions about NRC dockets to Carol Gallagher; telephone: 301-415- 3463; email: [email protected]. For technical questions, contact the individual listed in the FOR FURTHER INFORMATION CONTACT section of this document. NRC's Agencywide Documents Access and Management System (ADAMS): You may obtain publicly-available documents online in the ADAMS Public Documents collection at http://www.nrc.gov/reading-rm/adams.html. To begin the search, select ``ADAMS Public Documents'' and then select ``Begin Web-based ADAMS Search.'' For problems with ADAMS, please contact the NRC's Public Document Room (PDR) reference staff at 1-800-397-4209, 301-415-4737, or by email to [email protected]. The ADAMS accession number for each document referenced in this document (if that document is available in ADAMS) is provided the first time that a document is referenced. In addition, for the convenience of the reader, the ADAMS accession numbers are provided in a table in the section of this document entitled, Availability of Documents. NRC's PDR: You may examine and purchase copies of public documents at the NRC's PDR, Room O1-F21, One White Flint North, 11555 Rockville Pike, Rockville, Maryland 20852. FOR FURTHER INFORMATION CONTACT: Natreon Jordan, Office of Nuclear Reactor Regulation, telephone: 301-415-7410, email: [email protected], U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001. SUPPLEMENTARY INFORMATION: I. The Petition Section 2.802 of title 10 of the Code of Federal Regulations (10 CFR), ``Petition for rulemaking,'' provides an opportunity for any interested person to petition the Commission to issue, amend, or rescind any regulation. A Sec. 2.802 petition was filed by the petitioner on March 14, 2013, and was supplemented several times through December 19, 2013. (ADAMS Accession No. ML14016A458). On February 7, 2014 (79 FR 7406), the NRC published a notice of receipt of PRM-73-17. The petitioner requested that the NRC amend its regulations that protect digital computer and communication systems and networks. The petitioner requested that the NRC specifically require that ``new- design programmable logic computers,'' with his patented write-once, read-many (WORM) media, be installed in the control systems of nuclear power plants in order to ``block malware attacks on the industrial control systems of those facilities.'' The petitioner also requested that nuclear power plant staff ``be trained to maintain and secure records of all memory programming,'' and recommended ``maintenance in secure storage of programmed memories, as specified in this petition, which may be again employed, as the control systems of critical facilities are essentially steady-state.'' The petitioner stated that the proposed action would ``[r]educe impact on quality of the natural and social environments by stopping disastrous events at critical facilities.'' The NRC staff sent a letter to the petitioner on June 12, 2014 (ADAMS Accession No. ML14120A006), asking the petitioner to provide additional information. Staff specifically asked the petitioner: To indicate the inadequacies that he identified in the NRC's current regulatory approach (i.e., performance-based, programmatic) and framework (i.e., NRC's cyber security rule at Sec. 73.54 and Regulatory Guide (RG) 5.71, ``Cyber Security Programs for Nuclear Facilities'') that would be remedied by the proposed rulemaking. Specifically, what cyber threat or vulnerability is not addressed by the current NRC regulations and guidance? If one of the PLCs with his patented WORM media has been installed in any operating facility (nuclear or non-nuclear)? Are these PLCs alone sufficient to protect against cyber threats? What other cyber controls may be required at nuclear power plants if a PLC with his patented WORM media is installed? The petitioner responded to the NRC letter in a series of emails dated June 18, 2014, and June 19, 2014. (ADAMS Accession Nos. ML14181B296, ML14181B276, ML14181B286, and ML14181B270). Based on the petition and the petitioner's responses to requests for additional information, the NRC staff identified three issues raised by the petitioner: [[Page 34917]] Issue 1: PLCs currently installed in U.S. nuclear power plants are vulnerable to malware attacks that could negatively affect or challenge plant safety and control systems. The petitioner stated that malware can ``maliciously reprogram the re-writeable memories of the present programmable logic computers'' in the control systems of nuclear power plants. Issue 2: By using the petitioner's patented PLC design, nuclear power plant safety and control systems would be safe from malware attacks. Issue 3: Nuclear power plant staff should be trained to maintain and secure records of all memory programming, and recommends maintenance in secure storage of programmed memories that may be again employed, as ``the control systems of critical facilities are essentially steady-state.'' The NRC staff decided not to seek public comment on PRM-73-17 because no additional information was needed for the NRC staff's evaluation of the petitioner's claim. II. Reasons for Denial The NRC is denying the petition because the petitioner did not present any significant new information or arguments that would support the requested changes, nor has he demonstrated a need for a new requirement for his new-design of PLCs in nuclear power plant control systems. This section provides detailed responses to the issues raised in the petition. Issue 1: PLCs that are currently installed in nuclear power plant control systems are vulnerable to malware attacks that could negatively affect or challenge plant safety and control systems. NRC Response: The NRC disagrees with Issue 1 because the petitioner does not take into account the comprehensive NRC cyber security program requirements for nuclear power plants in Sec. 73.54. Section 73.54, ``Protection of digital computer and communication systems and networks,'' which is known as the NRC's ``cyber security rule,'' requires licensees to protect digital systems in nuclear power plants from cyber attacks. The cyber security rule presumes that any digital system (including PLC designs) is vulnerable to various cyber attacks. The regulations in Sec. 73.54 establish a series of performance-based requirements to ensure that the functions of digital computers, communication systems, and networks are protected from cyber attack. In particular, Sec. 73.54(a)(1) requires nuclear power plant licensees to protect digital computers, communications systems, and networks associated with the following: Safety-related and important-to-safety functions; security functions; emergency preparedness functions, including offsite communications; and support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness (SSEP) functions. As required by Sec. Sec. 73.54(b)(2) and 73.55(b)(8), a nuclear power plant licensee must establish, implement, and maintain a cyber security program that protects any digital system, network, or communication system associated with SSEP functions. Licensees are required to submit their cyber security plans to NRC for review and approval. Once approved, these plans become part of the licensee's licensing basis, and compliance with the plans is evaluated by the NRC during periodic inspections. Civil penalties may be imposed in the event that licensees are found in violation of their approved cyber security plans. The NRC-approved cyber security plans, which are implemented through the licensee's cyber security programs, significantly reduce the possibility that a PLC installed at a nuclear power plant would be vulnerable to a malware attack that would negatively impact or challenge the plant's safety and control systems. The NRC inspects the implementation of the licensee's cyber security programs, at specified intervals, to confirm that they are being implemented in accordance with the NRC-approved cyber security plans. To properly understand the petitioner's concerns, the NRC staff asked the petitioner to indicate the inadequacies he had identified in the NRC's current regulatory approach and framework that would be remedied by the NRC's undertaking of his proposed action. The NRC staff asked, specifically, ``What cyber threat or vulnerability is not addressed by the current NRC regulations and guidance?'' The petitioner stated ``the inadequacies in the NRC's current regulatory approach are that the regulations do not address correction for the vulnerability to corruption of the rewriteable PLC memories.'' The NRC staff disagrees with the petitioner's assertion because the cyber security rule does, in fact, require licensees to have the capability to detect, prevent, respond to, mitigate, and recover from cyber attacks under Sec. 73.54(c)(2). To comply with this requirement, nuclear power plant licensees must implement an overall site defensive strategy to protect critical digital assets (CDAs) from cyber attacks, as well as implementing operational and management security controls. Issue 2: By using the petitioner's patented PLC design, nuclear power plant safety and control systems would be safe from malware attacks. NRC Response: The NRC staff disagrees with Issue 2 because the proposed vulnerability to malware attacks described in the petition is already addressed in the current NRC regulations. In addition, the ``new-design'' PLCs recommended in the petition have not been proven to offer protection from cyber attacks. The approach recommended in the petition presumes that a ``one size fits all'' solution would be adequate for the wide variety of industrial control systems and safety systems used in nuclear power plants. However, it does not take into account other attacks that could be made (e.g., man-in-the-middle attacks where an attacker inserts malicious commands between the PLC and the controlled devices). The objective of the petitioner's PLC design, which was to correct a proposed vulnerability (i.e., to ``block malware attacks on the industrial control systems of those facilities''), is already accomplished by the defense-in-depth strategy in the current regulatory framework. As required by Sec. 73.54(c)(2), nuclear power plant licensees must design their cyber security programs to apply and maintain an integrated defense-in-depth protective strategy to ensure that licensees have the capability to detect, prevent, respond to, mitigate, and recover from cyber attacks. The approach used by nuclear power plant licensees may vary in that NRC regulations are generally not prescriptive, and allow licensees and applicants to propose different methods for meeting the requirements. To comply with the requirements in Sec. 73.54(c)(2), licensees must implement an overall site defensive strategy to protect CDAs from cyber attacks as well as implementing operational and management security controls. Defense-in-depth strategies are a documented collection of complementary and redundant security controls that establish multiple layers of protection to safeguard CDAs. Under a defense-in-depth strategy, the failure of a single protective strategy would not result in the compromise of an SSEP function. One example of a defense-in- depth strategy involves setting up multiple security boundaries to protect CDAs and networks from cyber attack. In this way, multiple protection levels must fail for a cyber attack to progress and impact a critical system or network. [[Page 34918]] Even if a failure occurred (e.g., such as through a violation of policy), or if a protection mechanism was bypassed (e.g., by a new virus that is not yet identified as a cyber attack), other mechanisms would still be in place to detect and respond to a cyber attack on a CDA, to mitigate the impacts of the cyber attack, and to recover normal operations of the CDA and its system before an adverse impact could happen. In addition to the fact that a need has not been justified for use of the petitioner's new-design PLCs, the approach recommended in the petition has not been proven by the petitioner to be effective in preventing cyber attacks. Based on email correspondence, the petitioner states that the proposed ``new-design programmable logic computers'' currently are not used in any facility (nuclear or otherwise). As such, the petitioner was unable to present any evidence that his PLCs would be effective in preventing cyber attacks. Furthermore, no information was provided by the petitioner as to how the ``new-design programmable logic computers'' would comply with the requirements in Sec. 73.54 for use in the safety systems and control systems of a nuclear power plant. Issue 3: Nuclear power plant licensee staff should be trained to maintain and secure records of all memory programming, and recommends maintenance in secure storage of programmed memories that may be again employed, as ``the control systems of critical facilities are essentially steady-state.'' NRC Response: The NRC staff disagrees with Issue 3 because the petition does not take into account the awareness and training requirements each nuclear power plant licensee must perform as part of their comprehensive cyber security program as required in Sec. 73.54. Under Sec. 73.54(d)(1), each licensee is required to ensure, as part of its cyber security program, that appropriate facility personnel, including contractors, are aware of the cyber security requirements and receive the necessary training to perform their assigned duties and responsibilities. As an example, licensees may comply with the awareness and training requirements by performing the following actions: Develop, disseminate, and periodically review and update the site cyber security training and awareness plan. This plan defines the purpose, scope, roles, responsibilities, and management commitment to provide high assurance that individuals have received training to properly perform their job functions; Perform gap analyses in areas where additional training is needed in cyber security; Establish measures to determine whether cyber security policies and procedures are being followed, and if not, determine whether a training or awareness issue is the cause and develop measures to be taken to correct the deficiency; Develop, disseminate, and periodically review and update procedures that are used to facilitate and maintain the cyber security training and awareness program; and Implement training and awareness security controls. In addition, Sec. 73.54(d)(3) requires each nuclear power plant licensee, as part of its cyber security program, to evaluate all modifications to assets identified in Sec. 73.54(a)(1) (i.e. systems with SSEP functions) before their implementation. This ensures that the cyber security performance objectives are maintained. As stated above, the NRC inspects licensee cyber security programs, at specified intervals, to confirm that the programs are being implemented in accordance with the NRC-approved cyber security plans. III. Conclusion The NRC has reviewed the petition and appreciates the concerns raised by the petitioner. For the reasons described in Section II, ``Reasons for Denial,'' of this document, the NRC is denying the petition under Sec. 2.802. The petitioner did not present any significant new information or arguments, as part of this petition, that would support the requested changes, nor has the petitioner demonstrated that a need exists for a new provision requiring use of the petitioner's new-design PLCs. IV. Availability of Documents The documents identified in the following table are available to interested persons as indicated. For more information on accessing ADAMS, see the ADDRESSES section of this document. ------------------------------------------------------------------------ ADAMS Accession number/ Date Document Federal Register citation ------------------------------------------------------------------------ January 2010................... Regulatory Guide 5.71; ML090340159 ``Cyber Security Programs for Nuclear Facilities''. March 14, 2013, as supplemented Petition for Rulemaking ML14016A458 through December 19, 2013. from Mr. Alan Morris Regarding Programmable Logic Computers in Nuclear Power Plant Control Systems. January 27, 2014............... Letter to Petitioner ML13308A385 Enclosing Federal Register Notice-- Receipt of Petition for Rulemaking. February 7, 2014............... Federal Register 79 FR 7406 Notice--Receipt of Petition for Rulemaking. June 12, 2014.................. Letter to Petitioner; ML14120A006 ``PRM-73-17 Cyber Malware Attacks on Programmable Logic Computers''. June 18, 2014.................. E-mail from Petitioner; ML14181B296 ``PRM-73-17''. June 18, 2014.................. E-mail from Petitioner; ML14181B276 ``RE: PRM-73-17''. June 18, 2014.................. E-mail from Petitioner; ML14181B286 ``RE: PRM-73-17''. June 19, 2014.................. E-mail from Petitioner; ML14181B270 ``RE: PRM-73-17''. ------------------------------------------------------------------------ [[Page 34919]] Dated at Rockville, Maryland, this 25th day of May, 2016. For the Nuclear Regulatory Commission. Annette L. Vietti-Cook, Secretary of the Commission. [FR Doc. 2016-12926 Filed 5-31-16; 8:45 am] BILLING CODE 7590-01-P
![34916
Proposed Rules Federal Register
Vol. 81, No. 105
Wednesday, June 1, 2016
This section of the FEDERAL REGISTER for Docket ID NRC–2013–0214. Address computer and communication systems
contains notices to the public of the proposed questions about NRC dockets to Carol and networks. The petitioner requested
issuance of rules and regulations. The Gallagher; telephone: 301–415–3463; that the NRC specifically require that
purpose of these notices is to give interested email: Carol.Gallagher@nrc.gov. For ‘‘new-design programmable logic
persons an opportunity to participate in the technical questions, contact the computers,’’ with his patented write-
rule making prior to the adoption of the final
individual listed in the FOR FURTHER once, read-many (WORM) media, be
rules.
INFORMATION CONTACT section of this installed in the control systems of
document. nuclear power plants in order to ‘‘block
NUCLEAR REGULATORY • NRC’s Agencywide Documents malware attacks on the industrial
COMMISSION Access and Management System control systems of those facilities.’’ The
(ADAMS): You may obtain publicly- petitioner also requested that nuclear
10 CFR Part 73 available documents online in the power plant staff ‘‘be trained to
ADAMS Public Documents collection at maintain and secure records of all
[Docket No. PRM–73–17; NRC–2013–0214] http://www.nrc.gov/reading-rm/ memory programming,’’ and
Programmable Logic Computers in adams.html. To begin the search, select recommended ‘‘maintenance in secure
Nuclear Power Plant Control Systems ‘‘ADAMS Public Documents’’ and then storage of programmed memories, as
select ‘‘Begin Web-based ADAMS specified in this petition, which may be
AGENCY: Nuclear Regulatory Search.’’ For problems with ADAMS, again employed, as the control systems
Commission. please contact the NRC’s Public of critical facilities are essentially
ACTION: Petition for rulemaking; denial. Document Room (PDR) reference staff at steady-state.’’ The petitioner stated that
1–800–397–4209, 301–415–4737, or by the proposed action would ‘‘[r]educe
SUMMARY: The U.S. Nuclear Regulatory email to pdr.resource@nrc.gov. The impact on quality of the natural and
Commission (NRC) is denying a petition ADAMS accession number for each social environments by stopping
for rulemaking (PRM), filed by Mr. Alan document referenced in this document disastrous events at critical facilities.’’
Morris (petitioner) on March 14, 2013, (if that document is available in The NRC staff sent a letter to the
as supplemented most recently on ADAMS) is provided the first time that petitioner on June 12, 2014 (ADAMS
December 19, 2013. The petition was a document is referenced. In addition, Accession No. ML14120A006), asking
docketed by the NRC on February 7, for the convenience of the reader, the the petitioner to provide additional
2014, and was assigned Docket No. ADAMS accession numbers are information. Staff specifically asked the
PRM–73–17. The petitioner requested provided in a table in the section of this petitioner:
that the NRC require that his ‘‘new- document entitled, Availability of • To indicate the inadequacies that he
design programmable logic computers Documents. identified in the NRC’s current
[PLCs]’’ be installed in the control • NRC’s PDR: You may examine and regulatory approach (i.e., performance-
systems of nuclear power plants to purchase copies of public documents at based, programmatic) and framework
block malware attacks on the industrial the NRC’s PDR, Room O1–F21, One (i.e., NRC’s cyber security rule at § 73.54
control systems of those facilities. In White Flint North, 11555 Rockville and Regulatory Guide (RG) 5.71, ‘‘Cyber
addition, the petitioner requested that Pike, Rockville, Maryland 20852. Security Programs for Nuclear
nuclear power plant staff be trained ‘‘in FOR FURTHER INFORMATION CONTACT: Facilities’’) that would be remedied by
the programming and handling of the Natreon Jordan, Office of Nuclear the proposed rulemaking. Specifically,
non-rewriteable memories’’ for nuclear Reactor Regulation, telephone: 301– what cyber threat or vulnerability is not
power plants. The NRC is denying the 415–7410, email: Natreon.Jordan@ addressed by the current NRC
petition because the petitioner did not nrc.gov, U.S. Nuclear Regulatory regulations and guidance?
present any significant new information Commission, Washington, DC 20555– • If one of the PLCs with his patented
or arguments that would support the 0001. WORM media has been installed in any
requested changes, nor has he operating facility (nuclear or non-
SUPPLEMENTARY INFORMATION:
demonstrated that a need exists for a nuclear)? Are these PLCs alone
new regulation requiring the installation I. The Petition sufficient to protect against cyber
of his new-design PLCs in the control Section 2.802 of title 10 of the Code threats? What other cyber controls may
systems of NRC-licensed nuclear power of Federal Regulations (10 CFR), be required at nuclear power plants if a
plants. ‘‘Petition for rulemaking,’’ provides an PLC with his patented WORM media is
DATES: The docket for the petition for opportunity for any interested person to installed?
rulemaking PRM–73–17 is closed on petition the Commission to issue, The petitioner responded to the NRC
June 1, 2016. amend, or rescind any regulation. A letter in a series of emails dated June 18,
ADDRESSES: Please refer to Docket ID § 2.802 petition was filed by the 2014, and June 19, 2014. (ADAMS
sradovich on DSK3TPTVN1PROD with PROPOSALS
NRC–2013–0214 when contacting the petitioner on March 14, 2013, and was Accession Nos. ML14181B296,
NRC about the availability of supplemented several times through ML14181B276, ML14181B286, and
information regarding this petition. You December 19, 2013. (ADAMS Accession ML14181B270).
may obtain publicly-available No. ML14016A458). On February 7, Based on the petition and the
documents related to the petition using 2014 (79 FR 7406), the NRC published petitioner’s responses to requests for
any of the following methods: a notice of receipt of PRM–73–17. The additional information, the NRC staff
• Federal Rulemaking Web site: Go to petitioner requested that the NRC identified three issues raised by the
http://www.regulations.gov and search amend its regulations that protect digital petitioner:
VerDate Sep<11>2014 17:32 May 31, 2016 Jkt 238001 PO 00000 Frm 00001 Fmt 4702 Sfmt 4702 E:\FR\FM\01JNP1.SGM 01JNP1](https://thefederalregister.org/doc/81_FR_35021/page/1.svg)
![Federal Register / Vol. 81, No. 105 / Wednesday, June 1, 2016 / Proposed Rules 34919
Dated at Rockville, Maryland, this 25th day 9 a.m. and 5 p.m., Monday through Department of Transportation. In 1988,
of May, 2016. Friday, except Federal holidays. the general rulemaking and petition
For the Nuclear Regulatory Commission. • Fax: Fax comments to Docket procedures, under the authority of the
Annette L. Vietti-Cook, Operations at 202–493–2251. Act, were codified in 14 CFR, chapter
Secretary of the Commission. Privacy: In accordance with 5 U.S.C. III, part 404.
[FR Doc. 2016–12926 Filed 5–31–16; 8:45 am] 553(c), DOT solicits comments from the In November 1995, AST was
BILLING CODE 7590–01–P
public to better inform its rulemaking transferred to the FAA as the agency’s
process. DOT posts these comments, only space-related line of business. The
without edit, including any personal FAA’s general rulemaking and petition
DEPARTMENT OF TRANSPORTATION information the commenter provides, to procedures, for which the agency
www.regulations.gov, as described in follows public rulemaking procedures
Federal Aviation Administration the system of records notice (DOT/ALL– under the Administrative Procedure
14 FDMS), which can be reviewed at Act, 5 U.S.C. 553, reside in 14 CFR
14 CFR Parts 11, 404, 405, 420, 431, www.dot.gov/privacy. chapter I, part 11. When AST became
435, 437, 460 Docket: Background documents or part of the FAA, the general rulemaking
comments received may be read at and petition procedures in part 404
[Docket No.: FAA–2016–6761; Notice No. http://www.regulations.gov at any time. were not conformed to those in part 11
16–03]
Follow the online instructions for to remove duplicate and outdated
RIN 2120–AK76 accessing the docket or go to the Docket information, or to clarify those
Operations in Room W12–140 of the provisions that apply specifically to the
Updates to Rulemaking and Waiver West Building Ground Floor at 1200 FAA’s commercial space transportation
Procedures and Expansion of the New Jersey Avenue SE., Washington, regulations. The proposed rule would
Equivalent Level of Safety Option DC, between 9 a.m. and 5 p.m., Monday update parts 404 and 11 to remove
AGENCY: Federal Aviation through Friday, except Federal holidays. duplicate information from part 404 and
Administration (FAA), DOT. FOR FURTHER INFORMATION CONTACT: For add appropriate cross references
questions concerning this proposed between part 11 and part 404. In
ACTION: Notice of proposed rulemaking
rule, contact Shirley McBride, AST–300, addition, the proposal would update
(NPRM).
Office of Commercial Space part 404 to reflect current practice,
SUMMARY: This action would streamline Transportation, Federal Aviation clarify the requirements, and add an
and improve commercial space Administration, 800 Independence option to submit petitions to AST
transportation regulations’ general Avenue SW., Washington, DC 20591; electronically.
rulemaking and petition procedures by telephone (202) 267–7470; email Currently, the option to satisfy a
reflecting current practice; reorganizing Shirley.McBride@faa.gov. commercial space transportation
the regulations for clarity and flow; and regulation by demonstrating an
SUPPLEMENTARY INFORMATION:
allowing petitioners to file their ‘‘equivalent level of safety’’ is limited to
petitions to the FAA’s Office of Authority for This Rulemaking part 417 1 and to some specific sections
Commercial Space Transportation The Commercial Space Launch Act of of chapter III. This restricts the FAA’s
electronically. Further, it would expand 1984, as amended and re-codified at 51 flexibility in approving launch and
the option to satisfy commercial space U.S.C. 50901–50923 (the Act), reentry related activities where the
transportation requirements by authorizes the Department of operator can convincingly demonstrate
demonstrating an equivalent level of Transportation and thus the FAA, that an alternative approach to the
safety. These changes are necessary to through delegations, to oversee, license, requirements of chapter III provides an
ensure the regulations are current, and regulate commercial launch and equivalent level of safety. This proposal
accurate, and are not unnecessarily reentry activities, and the operation of would expand the equivalent level of
burdensome. The intended effect of launch and reentry sites as carried out safety option so that it applies more
these changes is to improve the clarity by U.S. citizens or within the United broadly to chapter III requirements for
of the regulations and reduce burden on States. 51 U.S.C. 50904, 50905. The Act both launch and reentry activities.
the industry and on the FAA. directs the FAA to exercise this The current title of part 405 is
DATES: Send comments on or before responsibility consistent with public ‘‘Investigations and Enforcement.’’
August 1, 2016. health and safety, safety of property, However, part 405 does not relate to
and the national security and foreign investigations. To avoid confusion, the
ADDRESSES: Send comments identified
policy interests of the United States. 51 FAA proposes to revise the title of part
by docket number FAA–2016–6761
U.S.C. 50905. The Act directs the FAA 405 to a title more descriptive of its
using any of the following methods:
• Federal eRulemaking Portal: Go to to regulate only to the extent necessary contents, namely, ‘‘Compliance and
http://www.regulations.gov and follow to protect the public health and safety, Enforcement.’’
the online instructions for sending your safety of property, and national security II. Discussion of the Proposal
comments electronically. and foreign policy interests of the
• Mail: Send comments to Docket United States. 51 U.S.C. 50901(a)(7). 1. General Rulemaking Procedures
Operations, M–30; U.S. Department of The FAA is also responsible for (Part 11)
Transportation (DOT), 1200 New Jersey encouraging, facilitating, and promoting The general rulemaking and petition
sradovich on DSK3TPTVN1PROD with PROPOSALS
Avenue SE., Room W12–140, West commercial space launches by the procedures for commercial space
Building Ground Floor, Washington, DC private sector. 51 U.S.C. 50903. transportation regulations, 14 CFR
20590–0001.
• Hand Delivery or Courier: Take I. Background 1 See § 417.1(g): Equivalent level of safety. The
comments to Docket Operations in The Office of Commercial Space requirements of this part apply to a launch operator
and the launch operator’s launch unless the launch
Room W12–140 of the West Building Transportation (AST) was established operator clearly and convincingly demonstrates that
Ground Floor at 1200 New Jersey under the Act as part of the Office of the an alternative approach provides an equivalent
Avenue SE., Washington, DC, between Secretary of Transportation within the level of safety.
VerDate Sep<11>2014 17:32 May 31, 2016 Jkt 238001 PO 00000 Frm 00004 Fmt 4702 Sfmt 4702 E:\FR\FM\01JNP1.SGM 01JNP1](https://thefederalregister.org/doc/81_FR_35021/page/4.svg)
Document Created: 2018-02-08 07:27:15
Document Modified: 2018-02-08 07:27:15
| Category | Regulatory Information | |
| Collection | Federal Register | |
| sudoc Class | AE 2.7: GS 4.107: AE 2.106: | |
| Publisher | Office of the Federal Register, National Archives and Records Administration | |
| Section | Proposed Rules | |
| Action | Petition for rulemaking; denial. | |
| Dates | The docket for the petition for rulemaking PRM-73-17 is closed on June 1, 2016. | |
| Contact | Natreon Jordan, Office of Nuclear Reactor Regulation, telephone: 301-415-7410, email: [email protected], U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001. | |
| FR Citation | 81 FR 34916 |
2025 Federal Register | Disclaimer | Privacy Policy
USC | CFR | eCFR