No. S-01-029

PDF Version (45 KB)

NUCLEAR SECURITY ISSUES IN THE POST-SEPTEMBER 11 ENVIRONMENT

Dr. Richard A. Meserve
Chairman
United States Nuclear Regulatory Commission
before the
Institute of Nuclear Power Operations
Atlanta, Georgia
November 8, 2001

I. Introduction

I appreciate the opportunity to address this gathering again. As you know, this is my third appearance here since joining the NRC. Two years ago, when I first spoke to you, I had been in office less than a week, and this event largely provided an opportunity to get acquainted. Last year, there were numerous issues to discuss, including safety, plant security, the evolution toward risk-informed and performance-based regulation, the license renewal process, and more. All those issues continue to require the NRC's attention. But today, for reasons that are self-evident, one issue stands out -- nuclear power plant security. This is the issue on which I will concentrate in my remarks to you today.

The protection of licensed facilities against sabotage is by no means a new issue for the NRC or its licensees, as you well know. For decades, security against sabotage has been an important part of the NRC's regulatory activities and our licensee's responsibilities, applying defense in depth as the guiding principle. This begins at the design stage, with facilities that are capable of withstanding many of the challenges that either safety events or safeguards events, such as armed assaults, might bring to bear. Nuclear facilities are among the most robustly built structures in existence. Secondly, we require careful background checks to minimize the risk of insider assistance and have access controls, delay barriers, and intrusion detection systems to detect and deter potential attackers. Thirdly, we require that licensees be able to respond with force to a group of armed attackers using protective strategies involving layers of defense.

This system of multiple protections has long been in place. But that is not sufficient reason for assuming that "business as usual" is an acceptable response to the events of September 11. What occurred on that date was an attack by suicidal terrorists bent on maximizing damage in the course of their own self-destruction. September 11 has served as a wake-up call to America about the threat of terrorist attacks. I am sure that all of you in the nuclear industry are particularly aware of the heightened public sensitivity to the possible vulnerability of nuclear plants in this changed environment.

As a result, there is now intense pressure to bolster defenses and to establish new anti-terrorism strategies. But this is not a time for hasty and unreasoned overreaction, much less for panic. We need to approach the issues systematically and thoughtfully. At the same time, this is not the occasion for any of us to put our heads in the sand and to ignore the ruthlessness and destructiveness of our terrorist adversaries or their capacity to attack in strength. In short, we need to be willing in these uncommon times to follow the path of common sense, without alarmism on the one hand or complacency on the other. That means being realistic and prudent in assessing both the dimensions of the potential threat and the strength of our system of defenses. It also requires vigilance by all concerned, including the federal government, licensees, and state and local authorities. None of us can afford to declare the problem to be someone else's responsibility.

Let me say at the outset on behalf of the Commission that you have responded to the call by augmenting the defense of your plants and by maintaining an aggressive security posture. We have asked you to undertake additional measures and you have responded. Thank you. But, as they say, no good deed goes unpunished: the NRC will place continuing reliance on your efforts in the weeks and months ahead.

My aim today is both to reflect on the events of the past two months and to look forward to matters that will unfold over the coming months. I will first provide a quick overview of the activities of the NRC arising from the terrorist attacks. I will then turn to a discussion of certain of the policy issues with which we and other nuclear stakeholders must grapple.

II. NRC Response to the September 11 Events

Shortly after the second crash into the World Trade Center on September 11, the NRC activated its Emergency Operations Center and the Regions activated their Incident Response Centers. We immediately issued a notice to advise our major licensees to go to the highest level of security, which we have maintained since that time. We have sought to maintain a steady information flow with our licensees through some 20 threat advisories, regular communications between the Regional Administrators and licensees, audits of licensee activities, and numerous interactions with various stakeholders. The NRC's Executive Team meets, as a minimum, once a day to discuss our interactions with other government agencies, the threat environment and actions that should be considered. And all of my fellow Commissioners are fully engaged in the process; they receive daily briefings and provide me with the benefit of their views.

We have maintained 24-hour per day operation of the Emergency Operations Center since September 11. This effort has principally involved our safeguards team. This group receives a steady flow of information from the intelligence community, law enforcement, and licensees which is evaluated to determine whether to revise the threat advisory for licensees in general or for particular plants. The flow of information is substantial and constant attention to it is necessary.
Let me provide you with an example. Some of you are aware that the NRC received information in the early evening a few weeks ago about an impending air attack on Three Mile Island that could not be discounted by the intelligence community. This resulted in an immediate advisory to TMI about the threat, the establishment of a no-fly zone by the Federal Aviation Administration, and the deployment of military assets. Although a determination was made that this threat was not credible by early the next morning, NRC, other Federal agencies, and the licensee were obliged to act because no one was able initially to discredit the threat. The continuous operation of the Emergency Operations Center has allowed the real-time evaluation of such potential threats, as well as the numerous suspicious events (flyovers, surveillance activities, threats, etc.) that have been reported to us by licensees, local law enforcement, or others.

We have also worked closely with the Federal Bureau of Investigation, the Federal Emergency Management Agency, the Department of Energy, the Federal Aviation Administration, the military, and others in order to coordinate our activities. The NRC has had a staff person assigned to the FBI's Strategic Information Operations Center (or SIOC) since September 11. SIOC has provided a means for Government-wide review of our threat advisories and for rapid communication among Federal agencies. For example, the evaluation of the constant flow of law enforcement information among a variety of agencies is coordinated through SIOC.

The President has also now created the Office of Homeland Security under the leadership of Governor Ridge. Although this office is not yet completely staffed and is operating out of temporary quarters, it is now serving as the central focus for the Government's policy response to domestic terrorism. For example, the decision on November 1 to establish no-fly zones in the vicinity of NRC and DOE facilities was coordinated through this office. Governor Ridge also placed a call to the Governors to discuss the escalation of the threat environment, which resulted in the increase in state police and National Guard at many nuclear facilities. It seems clear that the role and importance of the Office of Homeland Security will continue to grow in the months ahead.

As I mentioned, the NRC placed its licensees on the highest security level on September 11. I had expected that the situation would become better defined within a week or two, at which time I contemplated we would then find it appropriate to relax the heightened security posture. My expectations could not have been more wrong. In fact, the assessment of the threat has escalated since those early days, leading to Attorney General Ashcroft's announcement last week that there were credible reports of another major terrorist attack in the days ahead. In addition, Governor Ridge announced last Friday that the heightened security level should continue "indefinitely."

At this juncture, I cannot estimate when it will be appropriate to relax our security posture. There is no credible threat directed at a nuclear power plant at this time. However, there is a steady flow of information to indicate that terrorist attacks directed at the United States are likely, although the precise targets and the precise timing are unspecified or ill-defined. You need only read the newspapers to appreciate the fluidity of the situation that we confront. I know that this creates a difficult situation for NRC's licensees. I can only say that it also poses a challenge to the NRC, although I suspect that fact provides scant comfort to you.

Shortly after the attacks, I directed the staff to undertake a top-to-bottom review of every aspect of our security requirements. I am pleased to report that I had the unanimous support of the Commission in this undertaking. Nothing is off the table. To those who may question the need for a comprehensive reevaluation, I would simply respond that we must assure ourselves that our security regime is appropriate to the new circumstances presented by the current terrorist threat. Fortunately, we are not starting with a blank slate; the NRC has always taken security very seriously. This review is something that all should welcome.

Although the review has only just started, there are certain overarching policy issues that I believe will be central to its completion. Let me spend a few moments to discuss three fundamental issues with which we -- and you -- must grapple. The Commission has not yet had the opportunity to address these issues, so these comments should be seen as my own.

III. Three Fundamental Policy Issues.

A. Risk Avoidance and Risk Mitigation

First, I will discuss risk avoidance and risk mitigation. As you know, in the weeks since September 11, there have been numerous and visible comments in the press about the vulnerability of nuclear power plants to terrorist attack. I am sure that most of these comments have reflected a sincere effort to inform the public about important policy issues, although I have sometimes feared that some of the comments might invite attacks on nuclear facilities. Nonetheless, even if the current struggle against terrorism should come to a successful conclusion without any evidence that nuclear plants were ever a target, some may argue that the only acceptable response to the risk of nuclear terrorism is to shut down and decommission the Nation's reactors. Others will be prepared to continue with nuclear power so long as they are satisfied that prudent security steps have been taken.

One way of characterizing the difference between the two points of view is by comparing "risk mitigation" with "risk avoidance." Risk mitigation looks at an activity that has inherent hazards -- including all kinds of travel, and virtually all kinds of electrical generation -- and asks how those risks can reasonably be limited. That means preventing harm in the first place; minimizing any harm that does occur; and having adequate means of assisting those who have been harmed. The activity is allowed to proceed if, by the exercise of reasonable prudence, the risks are acceptably small in light of the benefits from the activity. Risk avoidance, by contrast, seeks the absolute protection that comes only from eliminating an activity, disregarding any benefits that it provides.

The crimes of September 11 were designed to shock and stun the American people in part by the very fact that they involved such large and imposing targets. In the effort to ensure that no such horror ever occurs again, there is a danger of drawing the wrong lesson from the terrorist attacks: of blaming the victim, so to speak. The destruction of a skyscraper does not prove that it was a mistake to build skyscrapers, any more than the dissemination of anthrax spores through the mails proves that it is an error to operate a postal service. No one can seriously think that if the World Trade Center had never been built, the terrorists would have been at a loss to come up with some other target symbolic of America's status in the world.

If we allow the threats of terrorists to determine what we build and what we operate, we would be headed back into the past, toward an era without suspension bridges, harbor tunnels, stadiums, or hydroelectric dams, let alone skyscrapers, liquid natural gas terminals, chemical factories, or nuclear power plants. Even then it would be an exercise in futility to try to eliminate all possible targets of terrorism. The problem, as the President has made clear, is not the terrorists' targets, but the terrorists themselves. It is they who need to be eliminated, not necessarily the myriad creations of a modern, democratic, industrial society. It is thus my view that a strategy of risk avoidance -- the elimination of the threat by the elimination of potential targets -- does not reflect a sound response to terrorists.

Rather, the evaluation of the terrorist threat to infrastructure, including nuclear plants, should include a careful and realistic examination of risks and benefits. I acknowledge that the events of September 11 may have changed the perception of the risks to our society, including the risks of nuclear power. But, as Vice-President Cheney announced in the Administration's energy plan, there are benefits from nuclear power that also should be weighed in the balance: the output of nuclear plants represents not only an economic bulwark, but also an important element of national security. In following a strategy of risk mitigation, society should undertake a careful examination of both risks and benefits. It is not the NRC's role to make judgments about this balance. But it is reasonable for the NRC to seek to assure that any such decisions are made with a clear understanding of nuclear risks.

In the coming weeks and months, we can expect to see many proposals directed at bolstering public safety and security in the face of the threat of terrorism. Quite justifiably, the American people and their representatives are looking for assurance that the Nation will never again endure the suffering imposed on us on September 11. But we should be wary of acting too precipitately, for fear that we will cross the line from risk mitigation to risk avoidance. We should avoid absolute prescriptions while the struggle against terrorism is still in progress.

Just to make myself entirely clear, I am not endorsing the continuation of "business as usual." Rather, I am saying that the problem needs to be defined before it can be solved. At this point, we are still in the definition stage in our evaluation of the terrorist threat. Any policy regarding the defense of nuclear facilities should be integrated in the overall response to the threat to infrastructure of all kinds.

B. Public and Private Roles.

The second policy issue that I would like to discuss relates to public and private roles in the defense against terrorism. This is an issue that the events of September 11 have brought clearly to the fore.

As you know, the obligations of NRC licensees in the defense of nuclear power plants are defined by the "design basis threat" (or DBT). The DBT is specified in general terms in our regulations (73.1) and in greater detail in sensitive documents. The DBT was established by the Commission with the assistance of safeguards experts who, with help from the Department of Energy and the intelligence community, evaluate terrorist-related information both abroad and in the United States. As it happens, in the pre-September 11 world, the DBT served both as the definition of our licensees' defense obligation and as the NRC's assessment of the reasonably likely sabotage threat. Although it was perhaps implicit that Government bears the responsibility for defense against attacks that exceed the DBT¹, serious preparations had not been undertaken for defense against a threat larger than or different from the DBT. This is understandable because the need for governmental resources was not viewed as very likely.

September 11 obviously revealed a type of attack -- a kamikaze assault using a large commercial aircraft -- that has not been part of the NRC's planning (or that of any other agency with similar responsibilities). Moreover, there are other aspects of the September 11 attack and the subsequent assessments that require the NRC and its licensees to reevaluate the type of assault that might be mounted against a nuclear plant. As a result, on an interim basis, the defensive capacity at nuclear plants has been upgraded.

There are limits, however, to what should be expected from a private guard force. Even if it were determined, for example, that nuclear power plants should be defended against aircraft attack, I doubt that the NRC would ever expect licensees to acquire and operate anti-aircraft weaponry. Rather, this obligation would be one for the military. Similarly, there might be other types of attacks which should properly involve Governmental response because of the size of the assumed attacking force or the equipment that must be employed in defense. As a result, in its development of policy, the NRC must be prepared to differentiate the defensive obligation that is borne by licensees from the threat against which the facility must be defended. Any gap between a licensee capability and the assumed threat would reflect a recognition of obligations that must be assumed by the Government and for which the Government must prepare.

As part of the top-to-bottom review that I mentioned earlier, the NRC will reexamine the DBT and modify it, as appropriate. As in the past, the NRC will coordinate its evaluation with various other agencies of Government. But for the first time there may also have to be a discussion with the military, the States, and local law enforcement about the commitment of governmental assets. I do not expect that the definition of the appropriate boundary between the private and public sector in the defense of nuclear facilities to be easy, particularly in light of the budgetary obligations that might be associated with any new governmental responsibilities. The Office of Homeland Security will no doubt have to be a central player in this discussion, while at the same time it has a variety of other matters with which it must deal. Exactly how this debate will unfold remains uncertain. I will merely predict that this will be a difficult policy issue that will not be subject to the NRC's sole control.

C. The Balance Between Security and Openness.

The third policy issue relates to the balance between security and openness. One of NRC's four performance goals is the maintenance of public confidence in NRC decision-making. We have sought to achieve this goal through a variety of means, but perhaps the most central tool has been the NRC's policy of openness. We recognize that decisions made behind closed doors are viewed with suspicion. We have therefore sought to assure open decision processes that would enable the public to be informed of the issues that are before us, and to have access to the information on which we base our decisions. In short, we have struggled to achieve transparency in our activities. We cannot aspire to a world in which all will be satisfied by our decisions, but we have hoped that all would appreciate that our decisions were reached through fair and open processes.

One of the tools that we used to achieve openness was our website. In the aftermath of the September 11 attacks, we became aware that we had substantial information on our website that might be of interest to terrorists. We now recognize that NRC's policy of openness requires reconsideration at least as it relates to information that bears on the physical security of nuclear power plants. As a result, we brought our website entirely down. We have been restoring information only after a careful review to assure that the provision of the information does not create security risks.

As a general matter, we need to rethink just how open we can and should be with respect to physical security issues. In the past, when the adequacy of security plans was an issue in licensing proceedings, parts of hearings were closed to the general public, and non-disclosure agreements were required from the parties and their attorneys. If, as seems likely, security will play an increasing role in NRC deliberations, it may be necessary to consider more such in camera discussions. It would be premature to make recommendations at this time about our general approach to public access to information. I can only say that we will give due regard to two vital but competing interests. The first is the public's right to know, a right that is grounded in law and is one of the most cherished principles of our democracy. The other is the need to keep sensitive information away from those whose purpose is to destroy that democracy. We will strive to strike an appropriate balance between them.

V. Conclusion

Let me note in conclusion that we live in very uncertain times and it is difficult at this juncture to predict how these various policy issues I have discussed will be resolved. We appreciate your cooperation so that we can jointly develop with you and our other stakeholders a sound and appropriate security regime.

President Bush described the September 11 attacks as an act of war. Plainly, those vicious attacks far exceeded anything that the NRC had contemplated as a threat to our licensees. Nor had we seriously considered the possibility that a terrorist threat might affect all U.S. nuclear facilities simultaneously. In principle, of course, it is the responsibility of the Federal Government to protect the nation against threats from abroad; but the reality of the present crisis is that all of us, organizations and individuals, public and private, have a responsibility as citizens to do our part to protect the American people. On behalf of the Commission, I want to say that we recognize, and appreciate, the efforts and the sacrifices that licensees throughout the industry have made to maintain and improve security in this critical period.

This is not a time for panic or doomsaying. Rather, it is a time for all of us, in government and the industry, to stick to the task at hand. The national interest requires vigilance at a high level; it requires close cooperation and communication between Government and licensees; and it requires coolness and clear-sightedness in analyzing and correcting problems. We all bear an enormous responsibility. At the same time, we have the opportunity -- and obligation -- to provide vital service to our country. Thank you for your efforts.

And thank you for allowing me to join you again.

¹The limitation on licensee responsibility was explicitly recognized in 10 CFR 50.13, which provides that a licensee need not provide defense for attacks from an "enemy of the United States."

Privacy Policy | Site Disclaimer
Thursday, February 22, 2007