Year
2019
Abstract
Since the terrorist attacks of September 11, 2001, the U.S. Nuclear Regulatory Commission (NRC) has carried out one of the most (if not the most) rigorous power plant security inspection programs in the world. However, the effectiveness of its security oversight has been diminished by changes over the last decade, and may decline further if additional changes now under consideration are adopted. One pillar of the NRC's security program is the requirement that nuclear power plant licensees are fully responsible for protecting their plants against the design basis threat of radiological sabotage; a second is the use of NRC-run, performance-based force-on-force inspections to assess the ability of licensees to meet that requirement. Both pillars are being weakened. The NRC is considering limiting licensees' regulatory obligations for plant protection by allowing them to take credit for an assumed off-site law enforcement response that is not under their control, and for speculative post-attack operator actions to mitigate damage to key safety systems. Also, the NRC has reduced the number of attack scenarios it runs in triennial force-on-force inspections from three to only one. In addition, the NRC may make changes to the NRC staff's interpretation of the design basis threat that would impose unrealistic limits on certain tactics, techniques, and procedures assumed available for adversary use. These changes are occurring in part due to sustained pressure from nuclear plant licensees who have targeted security as a good place to achieve operating cost reductions. However, they are jeopardizing public health and safety by restricting the NRC's ability to ensure that nuclear plants are sufficiently protected against radiological sabotage attacks. This paper provides the views of an independent observer of these developments.