IAEA Publication on Assessing Nuclear Security Threats

Table Of Content

• Interagency Security Committee Policies, Standards, Best Practices, Guidance Documents, and White Papers
• Grid Security News
• Public Protection Notification
• XII. Finding of No Significant Environmental Impact: Environmental Assessment: Availability
• Will There be Sufficient Blackstart Resources to Recover from a Major Electric Outage? FERC Needs to Get the Facts
• VIII. Compatibility of Agreement State Regulations
• List of Subjects in 10 CFR Part 73

Part of this program includes conducting Comprehensive Reviews of commercial nuclear site security. Other commenters suggested that the NRC's rationale for limiting the characteristics of the DBTs to the attacks against which a private security force could reasonably be expected to defend appears to be based on cost considerations, which is not permitted for measures that are necessary for the protection of public safety. The Commission concludes that the amendments to § 73.1 will continue to ensure adequate protection of public health and safety and the common defense and security by requiring the secure use and management of radioactive materials. The revised DBTs represent the largest threats against which private sector facilities must be able to defend with high assurance.

Interagency Security Committee Policies, Standards, Best Practices, Guidance Documents, and White Papers

The large aircraft impact studies included structural analyses of the aircraft impact into a single cask and the resulting cask-to-cask interactions. Those evaluations indicate that it is highly unlikely that a significant release of radioactivity would occur from an aircraft impact on a dry spent fuel storage cask. Dry cask storage facilities (e.g., independent spent fuel storage installations (ISFSIs)) at nuclear power plants are designed to protect against external events such as tornados, hurricanes, fires, floods, and earthquakes. The standards in 10 CFR Part 72 Subpart E, “Siting Evaluation Factors,” and Subpart F, “General Design Criteria,” ensure that the dry cask storage designs are very rugged and robust. The casks must maintain structural, thermal, shielding, criticality, and confinement integrity during a variety of postulated external events including cask drops, tip-over, and wind driven missile impacts. After the September 11, 2001 attacks, the NRC has worked with licensees, the DHS, and State and local governments to improve the capabilities of first responders as part of the National Infrastructure Protection Plan.

CARVER Target Analysis Training Course Equips Professionals with Strategic Vulnerability Assessment Skills - University of South Florida

CARVER Target Analysis Training Course Equips Professionals with Strategic Vulnerability Assessment Skills.

Posted: Wed, 28 Feb 2024 08:00:00 GMT [source]

Grid Security News

This final rule does not contain new or amended information collection requirements and, therefore is not subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). Existing information collection requirements were approved by the Office of Management and Budget, approval number 3150–0002. The burden for all future licensees will be covered under 10 CFR Part 52 (3150–0151) as part of the combined operator license applications. (B) Items that could facilitate theft of special nuclear material (e.g., small tools, substitute material, false documents, etc.), or both. Industry commenters suggested that the ACDs and RGs should be incorporated by reference into the DBT rule to ensure adequate stakeholder participation in changes to the specific details of the DBTs. Otherwise, these commenters argue that the use of the ACDs and RGs has the potential for circumventing the APA and Paperwork Reduction Act.

Public Protection Notification

Establishing such a DBT can provide a valuable planning tool for the Transmission Operators and their partners who are responsible for blackstart operations. In particular, as cyber and other threats to blackstart assets and capabilities continue to intensify, DBTs can help system owners and operators target their investments to maintain system resilience. A formal DBT also can provide regulators confidence that those investments are prudent, and deal with ongoing challenges in the availability of gas-fueled cranking-path generators. One significant change to the rule relates to physical threats from the use of vehicles, either as modes of transportation or as vehicle bombs. Section 73.1(a)(1)(i)(E), for example, effectively expands the scope of vehicles available for the transportation of adversaries by deleting the reference to “four-wheel drive” and by adding water-based vehicles. The competent authorities should regularly review the national threat assessment and the DBTs and revise them as needed.

PRM–73–12 requests that the NRC amend its regulations to revise the DBT regulations (in terms of the numbers, teams, capabilities, planning, willingness to die, and other characteristics of adversaries) to a level that encompasses, with a sufficient margin of safety, the terrorist capabilities evidenced by the attacks of September 11, 2001. The NRC partially granted PRM–73–12 in the proposed rule, but deferred action on other aspects of the petition to the final rulemaking. The Commission is confident that a licensee's security force would respond to any threat no matter the size or capabilities that may present itself.

Will There be Sufficient Blackstart Resources to Recover from a Major Electric Outage? FERC Needs to Get the Facts

Sufficient blackstart resources, located in specific locations within each interconnection, are the last line of defense against a prolonged blackout. In an earlier blog,[1] I discussed the need to create a Design Basis Threat (“DBT”) for blackstart in the face of new and emerging threats, and then conduct the necessary planning studies to ensure there is sufficient and operable blackstart generation available. In addition, there is a need to include flexible blackstart processes to restart the electric grid following interconnection-wide blackouts. The Design-Basis Threat (DBT) Report is a profile of the type, composition, capabilities, methods (tactics, techniques, and procedures), and the goals, intent, and motivation of an adversary upon which the security engineering and operations of a facility are based. A profile of the type, composition, capabilities, methods (tactics, techniques, and procedures), and the goals, intent, and motivation of an adversary upon which the security engineering and operations of a facility are based.

The Commission expects that licensees and State and Federal authorities will use whatever resources are necessary in response to both DBT and beyond-DBT events. The NRC also initiated a program in 2002 to assess the capability of nuclear facilities to withstand a terrorist attack. As the results of that program became available, the NRC provided power reactor licensees additional guidance in February 2005 on the implementation of the February 2002 Order regarding spent fuel mitigation measures. Mitigating measures that are being or have been established include those specifically recommended in the NAS study regarding fuel distribution and enhanced cooling capabilities. Though the following topics and comments are pertinent to the security issues of nuclear facilities, they are not directly relevant to the DBT rulemaking. The DBT rule identifies general threat characteristics, but does not require specific protective strategies and security measures to defend against and thwart attacks.

Thus, they suggest that because the proposed rule did not contain specifics of the DBTs, the NRC is free to change the specific requirements without notice to the public, effectively conducting a secret rulemaking in violation of the APA. National Guard, local law enforcement and other non-licensee security personnel already stationed at the owner-controlled boundary or entry portals of some licensee facilities are not part of the licensee workforce and not subject to NRC regulatory authority; hence, they are considered beyond the scope of the DBTs. Typically, these organizations have their own internal screening procedures to determine reliability and trustworthiness. The NRC recognizes that those processes exist and provide an appropriate level of assurance against an insider threat to that organization. Furthermore, first responders, law enforcement, and National Guard personnel are not given unescorted access to the Protected Area (PA).

The NRC believes that individual fire protection exemptions have had a small impact on plant risk. The NRC agrees that a credible, well-trained, and consistent mock adversary force is vital to the NRC's FOF program. Therefore, the NRC has worked with the nuclear industry to develop a composite adversary force (CAF) that is trained to the standards issued by the Commission.

The NRC has taken numerous actions to enhance the security of spent nuclear fuel, and will take appropriate additional action as necessary as a result of on-going evaluations. Before September 11, 2001, spent fuel was well protected by physical barriers, armed guards, intrusion detection systems, area surveillance systems, access controls, and access authorization requirements for employees working inside the plants. After September 11, 2001, the NRC has enhanced its requirements, and licensees have increased their resources to improve security at nuclear power plants. For example, the NRC's February 25, 2002 Order to power reactor licensees dealt with spent fuel pool cooling capabilities in the event of a terrorist attack. As a result of the supplemented DBT, the security of spent fuel pools has been enhanced at operating power reactors. In addition, PRM–73–12 was filed by the Committee to Bridge the Gap on July 23, 2004, and was published for comment (69 FR 64690; November 8, 2004).

Licensees were subsequently provided with a cyber security self-assessment methodology and the results of pilot studies, as well as additional guidance issued by the nuclear industry, to facilitate development of site cyber security programs. After the terrorist attacks of September 11, 2001, the Commission initiated a program in 2002 to assess the capability of nuclear facilities to withstand terrorist attacks. As part of the program, the Commission analyzed the performance of ISFSIs under aircraft attacks and has evaluated the results of detailed security assessments involving large commercial aircraft attacks, which were performed on four representative spent fuel casks.

The proposed rule discussion contained, under a section designated “Proposed Regulations,” (70 FR 67381) a detailed listing and clarifying discussion of the 12 factors and a specific request for public comment on “whether or how the 12 factors should be addressed in the DBT rule.” (70 FR 67382). The text of the proposed rule provided ample information to enable meaningful comment on what the current level of protection for nuclear power plants and Category I fuel cycle facilities should entail. Members of the public can and have provided the Commission their views in this rulemaking on the number of attackers, amounts of explosives, and types of weapons that licensees should be required to defend against, even without having access to classified information or SGI. Therefore, access to the ACDs and the RGs was not necessary to enable meaningful public comment on the proposed DBT rule. It is important to note that the Commission was careful to set forth rule text in the final rule that does not compromise licensee security, but also acknowledges the necessity to keep the public informed of the types of attacks against which nuclear power plants and Category I fuel cycle facilities are required to defend. During the course of this rulemaking, the Commission considered if it would be necessary to add some type of airborne threat as part of the DBTs.

The DBT rule has been amended in several significant respects to reflect the current physical, cyber, biochemical, and other terrorist threats. For example, the radiological sabotage DBT has been enhanced to reflect the requirement that the licensees have a capability to defend against attackers with the ability to operate in several modes of attack, including as multiple groups, attacking from multiple entry points. Additionally, in § 73.1(a)(1)(i)(C), the phrase “up to and including” was changed to simply “including” to provide flexibility in defining the range of weapons available to the composite adversary force. However, these limitations on weapons and defensive systems available to private security forces do not undermine the Commission's confidence in those forces to provide adequate protection. The defense of our nation's critical infrastructure is a shared responsibility between the NRC, the DOD, the DHS, Federal and State law enforcement, and other Federal agencies.

NNSA recognizes Design Basis Threat Implementation Team as 2020 Security Team of the Year - Energy.gov

NNSA recognizes Design Basis Threat Implementation Team as 2020 Security Team of the Year.

Posted: Tue, 15 Jun 2021 07:00:00 GMT [source]

Furthermore, transportation of the MOX fuel assemblies to Catawba will be done by the Department of Energy's (DOE's) Office of Secure Transportation, that has legal responsibility for the MOX fuel assemblies until custody is transferred to the licensee. Afterwards, the spent MOX fuel is cooled and stored like other spent fuel on site and is subject to the radiological sabotage DBT while stored in the spent fuel pool inside the Protected Area of the plant. NNSA’s security risk management philosophy is based on establishing and maintaining a graded approach and defense-in-depth safeguards. The DBT policy the team developed is designed to represent a set of goals for the planning and implementation of Departmental safeguards and security programs for the next three to five years. Developing a series of DBTs can help ensure that grid planners have a reasonable basis to plan for blackstart to rapidly recover from successful attacks.

[4] Requirement R4 of CIP provides that the evaluation of potential threats and vulnerabilities should be based on the “unique characteristics” of the transmission substation or control center, prior history of attacks on similar facilities and intelligence information. Requirement R6 provides that those evaluations are subject to verification by an independent qualified third-parties. Today’s range and sophistication of threats to the grid, and the certainty that more will emerge,  strongly suggests that having DOE-developed DBTs, whether they are turned into NERC Reliability Standards or codified through another mechanism, will provide needed certainty on requirements needed for blackstart. And proposed solutions that consider all known and likely threats will provide a more efficient outcome.