Home > Electronic Reading Room > Document Collections > Commission Documents > Commission Papers (SECY) > 2005 > SECY-05-0106

POLICY ISSUE
Notation Vote

SECY-05-0106

June 14, 2005

• PURPOSE
• SUMMARY
• BACKGROUND
• DISCUSSION
• RESOURCES
• COORDINATION
• RECOMMENDATIONS

PURPOSE:

To obtain Commission approval to publish the proposed rule for public comment and to approve the staff’s recommendation concerning Petition for Rulemaking (PRM) PRM-73-12 and the associated letter to the petitioner.

SUMMARY:

The staff has prepared a proposed rule that would consolidate the supplemental requirements established by the April 29, 2003, design basis threat (DBT) orders with the existing DBT requirements in 10 CFR 73.1(a). Specific details of the attributes of the DBT to be protected against, which include both safeguards information (SGI) and classified information, are consolidated in adversary characteristics documents (ACDs). The proposed rule would revise the DBT requirements both for radiological sabotage and for theft or diversion of Strategic Special Nuclear Material (SSNM). Additionally, the staff considered and proposes disposition of a PRM filed by the Committee to Bridge the Gap (PRM-73-12) on July 23, 2004.

BACKGROUND:

The DBT requirements in 10 CFR 73.1(a) describe general adversary characteristics that designated licensees must defend against with high assurance. The Nuclear Regulatory Commission (NRC) requirements include protection against radiological sabotage (generally applied to power reactors and Category I fuel cycle facilities) and theft or diversion of NRC-licensed SSNM (generally applied to Category I fuel cycle facilities). Radiological sabotage specifically applies to facilities that use special nuclear material. However, current Category I facilities do not typically possess or use nuclear/radioactive materials that would constitute a radiological sabotage threat. Possession of these materials would require a licensing action. Theft or diversion applies to facilities that receive, acquire, possess, use, or transfer formula quantities of SSNM. The DBTs are used by these licensees to form the basis for site-specific defensive strategies implemented through security plans, safeguards contingency plans,

Following the terrorist attacks on September 11, 2001, the NRC conducted a thorough review of security to ensure that nuclear power plants and other licensed facilities continued to have effective security measures in place for the changing threat environment. In so doing, the NRC recognized that some elements of the DBTs required enhancement due to the escalation of the domestic threat level. After soliciting and receiving comments from Federal, State, local agencies, and industry stakeholders, the NRC imposed by order supplemental DBT requirements which contained additional detailed adversary characteristics. The balance between licensee responsibilities and the responsibilities of the local, State and Federal Governments was considered during the development of the April 29, 2003, DBT orders.

The Commission’s decision was based on the analysis of intelligence information regarding the trends and capabilities of the potential adversaries and discussions with Federal, law enforcement, and intelligence community agencies. These enhanced adversary characteristics are reflective of the new threat environment and are described in the April 29, 2003 DBT orders. In general terms, DBTs are subsets of attributes selected from the overall threat environment. The ACDs set forth the specific details of the attributes of the DBTs. The DBT technical basis document contains a basis for the specific adversary characteristics. These supplemental documents contain safeguards and classified information, and therefore, are withheld from public disclosure and only distributed on a need-to-know basis to persons with authorized access. The NRC’s DBT is not based on worst-case scenarios but rather on actual adversary characteristics demonstrated worldwide and a determination as to those characteristics against which a private security force could reasonably be expected to provide protection. The staff’s analysis of DBT adversary characteristics is documented in SECY-03-0052, “Staff Recommendations for Revisions to the Design Basis Threat Statements (U),” April 7, 2003, SECRET//NOFORN.

The April 29, 2003, DBT orders required nuclear power reactors and Category I fuel cycle licensees to revise their physical security plans, security personnel training and qualification plans, and safeguards contingency plans to defend against the supplemental DBT requirements. The orders resulted in licensee security enhancements such as increased patrols; augmented security forces and capabilities; additional security posts; additional physical barriers; vehicle checks at greater standoff distances; better coordination with law enforcement and military authorities; augmented security and emergency response training, equipment, and communication; and more restrictive site access controls for personnel, including expanded, expedited, and more thorough worker initial and follow-on screening. Currently, all power reactor and Category I fuel facilities have received NRC approval of security plans consistent with the DBTs imposed by the April 2003 orders.

A central issue in the development of the proposed § 73.1 rule is the question about how much of the design basis threat should be included in the regulation. This is a long-standing issue. In 1977, as the Commission was considering proposed requirements for physical protection in § 73.55, the staff provided an analysis of the linkage between the DBT description and specific force requirements (See memorandum from Rusche and Chapman to the Commission, February 2, 1977). The staff noted that these requirements raised two concerns: (1) the difficulty of explaining why the DBTs vary for different types of facilities (e.g., nuclear power plants and Category I nuclear fuel facilities), and (2) the practice of other agencies (i.e., the Energy Research and Development Administration - predecessor to the Department of Energy) to classify detailed DBT information. In the analysis, the staff identified four basic options for handling design basis threat information: (1) make the DBT information public, (2) reveal a general description of the DBT, (3) withhold the DBT information and inform the licensees on a site-specific basis, and (4) classify the DBT information and provide it to cleared representatives of licensees and the public with a need to know. The staff concluded that the best course would be to adopt a hybrid approach of classifying the DBT information, providing a general description of the DBT in the rule, and specifying minimal and nominal guard force requirements in § 73.55. The Commission adopted the staff’s recommendation with the variation of not classifying the DBT, except for theft or diversion of SSNM, even though a general description of the DBT was included in the rule. The NRC staff communicated specific DBT information to licensees during the licensing and inspection process. As observed by the staff in 1977 and today, inclusion of specific details of the threat that licensees are required to protect against, reveals information that could be of use to a potential adversary.

DISCUSSION:

In a memorandum dated July 19, 2004, the staff informed the Commission of plans to develop a comprehensive rulemaking plan to modify the physical protection requirements for power reactors. This memorandum described previous rulemaking efforts that were preempted by the terrorist attacks of September 11, 2001, and summarized the security-related actions taken after the attack. In response to this memorandum, the Commission directed the staff in an August 23, 2004, SRM to forego the development of a rulemaking plan and provide a schedule for completing the § 73.1, § 73.55, and Part 73 Appendix B rulemakings. The staff provided the schedule to the Commission in a memorandum dated November 16, 2004. The attached proposed rule is being provided to the Commission in accordance with the schedule for the § 73.1 rulemaking in the November 16, 2004, memorandum.

Scope of the Rulemaking

The principal objective of the proposed revision to the § 73.1(a) DBT rule is to consolidate the supplemental requirements put in place by the April 29, 2003, DBT orders with the existing DBTs requirements in § 73.1(a) in an expedited manner. During the development of this rule the staff identified several potential additional changes to the regulations that are not proposed at this time. These changes (related to transportation, alignment of generally licensed and specifically licensed ISFSIs, and elimination of the exemption for fuel reprocessing plants) go beyond incorporation of the DBT and ISFSI orders and therefore are outside the scope of changes requested by the Commission. Additionally, the staff does not consider the changes necessary at this time to assure safety or security.

The proposed changes to § 73.1 do not address ongoing issues associated with the transportation of SSNM and spent fuel.¹ Security for the transportation of SSNM was evaluated in 2003, as documented in SECY-03-0101, “Results of Joint U.S. Nuclear Regulatory Commission and U.S. Department of Energy Comparability Review of Physical Protection for Category II Transportation.” This study identified differences between NRC and DOE which are under consideration by the staff and on which the staff will separately make recommendations to the Commission. This issue is not an immediate priority because SSNM from NRC licensees is being transported by the National Nuclear Security Administration's Office Secure Transportation (OST). Under § 73.6(d), NRC-licensed SSNM transported by OST is exempt from the NRC's transportation security regulations.

To achieve alignment with requirements imposed by order, the proposed rule would revise certain exemptions for independent spent fuel storage installations (ISFSIs). The current DBT rule exempts ISFSIs from the land vehicle transport and land vehicle bomb threats contained in §§ 73.1(a)(1)(i)(E) and (a)(1)(iii), respectively. These exemptions should no longer be retained because the Commission issued orders to ISFSIs on October 16, 2002, requiring ISFSIs to protect against these threats. An exemption from the waterborne threat would be added for ISFSIs so that the proposed rule would be consistent with security requirements previously imposed by Commission order. The Staff evaluated the need for including waterborne requirements in the October 16, 2002, ISFSI orders and concluded that other means in the orders were sufficiently protective that specific requirements for waterborne were not required.

The treatment of specifically-licensed and generally-licensed ISFSIs is an area of inconsistency in the current regulations. Although they have equivalent security measures in place, the source of the requirements are not in alignment. For example, the current regulation in § 73.1(a) contains an exemption for specifically-licensed ISFSIs, subject to 10 CFR § 72.182. However, the physical protection regulations for specifically-licensed ISFSIs, found at 10 CFR §§ 72.180 and 72.182, do not require protection against a DBT, so it is unnecessary to exempt specifically-licensed ISFSIs from the DBT regulation. By contrast, generally-licensed ISFSIs are required to protect against the DBT for radiological sabotage by 10 CFR § 72.212(b)(5), but by the same regulation are granted exceptions to specific requirements for protecting against the DBT. Ultimately, both generally-licensed and specifically-licensed ISFSIs have equivalent protective measures in place, including those imposed by the October 2002, order. The staff may consider future rulemakings to align the generally-licensed and specifically-licensed ISFSI requirements, but that effort is also beyond the scope of this rulemaking, which is focused on the security requirements previously imposed by Commission order.

The proposed rule would also amend the exemption in the current § 73.1(a) for licensees subject to the provisions of § 73.20. The current rule exempts these licensees from the requirements to protect against vehicles transporting adversary personnel and equipment and the land vehicle bomb. The Commission’s DBT orders now, however, require certain licensees subject to § 73.20 (Category I fuel cycle facilities) to protect against such threats, so the exemption must be amended accordingly. The amended exemption would continue for other licensees described in 10 CFR § 73.20 (e.g., fuel reprocessing plants licensed under Part 50) because the Commission has not issued any orders that would require the exemption to be eliminated.²

Approach

The staff’s approach for this rulemaking differs somewhat from the approach outlined in the proposed rulemaking schedule memorandum dated November 16, 2004. The proposed rule text includes more detail than initially envisioned. Originally the staff drafted the proposed rule text with less detail than is in the current § 73.1. However, the staff later determined that the less-detailed language may not provide adequate notice of the changes being made to the DBTs and could hinder external stakeholders’ ability to meaningfully comment on the proposed rule or incorrectly imply that the proposed requirements represent a reduction of the requirements put in place after September 11, 2001.

Meaningful comments on the proposed rule will strengthen the rulemaking record and enable the NRC to better defend the DBTs reflected in the final rule, both in administrative and judicial proceedings. A probing discussion of the DBT upgrades may also have some deterrent effect on would-be adversaries because the NRC can communicate publicly some of the important upgrades it has made to the DBTs since September 11, 2001. Of course, staff responses to specific comments will not delve into safeguards or classified information.

To encourage meaningful comment, and thereby the creation of a sound rulemaking record, the staff revised its initial proposed text to include a level of detail that is generally comparable with the current regulation, while updating the DBT attributes to be consistent with the requirements imposed by the April 29, 2003 DBT orders. The revised approach maintains the current regulatory framework where the rule text includes sufficient detail to enable the public to be informed of the NRC requirements regarding what attributes of the threat need to be protected against while the specific details of the attributes of the DBTs, which are both safeguards and classified information, are contained in separate non-publicly-available documents. Under this approach, it is the staff’s expectation that sufficient detail is provided in the rule such that the staff will be able to respond to comments on the proposed rule addressing the attributes of the DBT without the need to get into tactical and operational capabilities of the DBT adversaries, consistent with the NRC’s 1977 approach.

The ACDs will be made available only to those with a need to know who are otherwise qualified to have access under safeguards information and classified information protection requirements. This approach minimizes the amount of information in the DBT rule itself that could benefit adversaries in planning an attack while still providing members of the public with information concerning the attributes of the DBT. Future changes to the ACDs would not require changes to the regulations provided that the changes would still be within the scope of the rule text.

The ACDs will not be available for public comment or referenced in the rule text. Because they are not referenced in the rule, the ACDs have the same regulatory status as guidance documents. The staff’s intent is that the ACDs would be incorporated into the licensing basis of each plant through the security plans and therefore, become legally binding. Existing licensee security plans reference the detailed characteristics of the DBT as promulgated in the April 29, 2003, DBT orders which include in the order the level of detail that would be captured in the ACDs. Upon completion of this rulemaking, staff would work with licensees to revise the security plan reference to the ACDs, thus establishing the ACDs as legally binding requirements. This process is analogous to the current and past regulatory practice utilized for quality assurance where the plan is updated to reference NRC regulatory guidance and the license is amended accordingly. If, based on the rulemaking process, the final DBT rule essentially incorporates the essence of the previously issued DBT orders and the ACDs conform to the final rule, the staff expects licensees would voluntarily comply with the request to revise the security plan to reference the ACDs, rather than the DBT orders, because the ACDs would not impose new requirements. The DBT orders could then be rescinded for licensees that change the reference in their security plans to the ACDs. The DBT orders would remain in place for licensees that do not make the change.

Future applicants for an operating license would be expected to reference the ACDs in developing their security plans. These security plans must be approved by the NRC as a condition of the license and would be legally binding. 

If the NRC modifies or updates the ACDs (within the scope of the DBT rule text) as a result of the NRC’s semiannual threat assessments or for other reasons, licensees would then be expected to revise their security plans to account for the change and reference current ACDs. Theoretically, a licensee could refuse to revise its security plan on the basis that a change in the adversary characteristics document is simply a change in regulatory guidance, and therefore, not legally-binding upon the licensee. If this occurs, the NRC could not automatically take enforcement action. The NRC would first have to issue an order requiring compliance with the updated adversary characteristics. In summary, the possibility of the need for issuance of future orders is not precluded by this rulemaking.

Although there are some difficulties with having the detailed adversary characteristics of the DBTs contained in guidance documents, the NRC has experience with this approach. In the Commission’s 1993 vehicle bomb rulemaking while the rule established the requirement to protect against a four-wheel drive land vehicle bomb, the specific vehicle and explosive characteristics of the design basis vehicle bomb were withheld from the public as safeguards information consistent with the 1977 approach. See Proposed Rule, Protection Against Malevolent Use of Vehicles at Nuclear Power Plants, 58 FR 58804, November 4, 1993. The details, while not included in the rule text, are still used by licensees to achieve compliance with the vehicle bomb rule.

The staff proposes a similar approach in this rulemaking, and carefully considered the balance between openness and the protection of sensitive information, as well as the need to comply with the notice-and-comment requirements of the Administrative Procedure Act, in drafting the proposed rule text. The details in the proposed rule would likely be assumed by potential adversaries but would not offer information that would substantially assist adversaries in planning or carrying out an attack. At the same time, the proposed rule would include sufficient detail to enable meaningful comments from external stakeholders on NRC regulatory activities. By placing this information in the rule, the staff concluded that the benefits gained by maintaining more openness in the NRC rulemaking process for § 73.1 exceeded the risks of releasing the information.

Petition for Rulemaking

The staff incorporated into this rulemaking consideration of a Petition for Rulemaking, filed by the Committee to Bridge the Gap (PRM-73-12) on July 23, 2004. The petition requests that NRC conduct a rulemaking to revise the DBT regulations (including numbers, teams, capabilities, planning, willingness to die and other characteristics of adversaries) to a level that encompasses, with a sufficient margin of safety, the terrorist capabilities demonstrated during the attacks of September 11, 2001. The petition also requests that security plans, systems, inspections, and force-on-force exercises be revised in accordance with the amended DBT. Finally, the petition requests that a requirement be added to Part 73 to require licensees to construct shields against air attack (referred to as “beamhenge”) so that nuclear power plants would be able to withstand an air attack from a jumbo jet similar to the September 11, 2001 attacks.

PRM-73-12 was published for public comment in the Federal Register on November 8, 2004 (69 FR 64690). There were 845 comments submitted on PRM-73-12, of which 528 were form letters. Many of the comments were submitted after the comment period expired, however the staff reviewed and considered all of the comments. Comments were received from nine state attorney generals, approximately 20 public interest groups, a U.S. Congressman from Massachusetts, and six industry groups and licensees. In addition, two U.S. Senators and a U.S. Representative (all from New Jersey) requested an extension to the comment period. The bulk of the comments either supported the petition, requested a stronger DBT, or requested that NRC give consideration to the petition. All the comments from industry and licensees opposed the petition and indicated that the supplemental DBT requirements imposed (by order) to date were adequate. The staff reviewed both the petition and the comments on the petition against the supplemental DBTs to determine whether the DBTs should be revised as requested by the petitioner. Based on this review, the NRC staff determined that a number of the requested upgrades in PRM-73-12 have already been implemented (see Section V of the attached proposed rule notice for more details). However, the staff recommends that the Commission partially grant PRM-73-12. This partial granting of PRM-73-12 should be understood to mean that the NRC has considered the issues raised by the petition and the public comments filed on the petition as part of the ongoing rulemaking to revise DBT requirements in § 73.1(a). The staff recommends denial of the petitioner’s request that the DBT regulation be amended to include attacks by air. The reasons for the recommended denial are set forth in the attached Federal Register notice for the proposed rule.

The staff concludes that the proposed revisions to § 73.1(a) would ensure adequate protection of public health and safety and the common defense and security by requiring the secure use and management of radioactive materials. The proposed DBTs would be consistent with the DBTs previously imposed by the April 29, 2003, DBT orders, and used by licensees to develop and implement security measures. The NRC required affected licensees to use the supplemented DBT requirements in the April 29, 2003, orders to revise their security plans. The staff has reviewed and approved all the affected licensees’ security plans, and amended the licenses to ensure that affected licensees fully implement and maintain in effect all provisions of the Commission-approved security plans. Consequently, the proposed DBT, if adopted as a final rule, would not impose new requirements, or require licensees to revise their current security plans. As noted above, the staff will work with licensees to revise the reference from the DBT orders to the ACDs in the security plans.

Contents of the Proposed Rulemaking Package

This proposed rulemaking package includes the proposed rule Federal Register notice, which includes the rule language and statement of considerations (Attachment 1 ), the supporting draft regulatory analysis (Attachment 2 ), a supporting environmental assessment (Attachment 3 ), a summary of the public comments submitted on PRM-73-12 (Attachment 4 ), and a letter informing the petitioner of the proposed Commission’s decision on PRM-73-12 (Attachment 5 ).

The supplemental DBT reflected in the proposed rule is supported by the documents identified below, which are either safeguards information or classified, and therefore are withheld from public disclosure and made available only on a need-to-know basis to those with authorized access:

• Radiological Sabotage Adversary Characteristics Document (Safeguards Information)
• Theft and Diversion Adversary Characteristics Document (Confidential)
• Technical Basis Document (Secret)
• Draft Regulatory Guide (DG)-5017, “Guidance for the Implementation of the Radiological Sabotage Design-Basis Threat” (Safeguards Information)
• DG-5018, “Guidance for the Implementation of the Theft and Diversion Design-Basis Threat (Confidential)

Stakeholders, with authorized access, have been informed regarding the content of the regulatory guidance supporting this proposed rule.

The proposed rule would not amend information collection requirements or impose any new requirements and therefore, is not subject to the requirements of the Paperwork Reduction Act of 1995 (44 U.S.C 3501 et seq.).

RESOURCES:

The staff estimates that the resources needed to complete the rulemaking and supporting guidance is 2.6 FTE, with 1 FTE each for NSIR and NRR, and .6 FTE for NMSS spread across FY 2005 and FY 2006. These resources are budgeted. Inspection of licensee implementation of the proposed DBT requirements is ongoing as part of the baseline inspection program and force-on-force evaluations. The proposed revisions to § 73.1 do not result in the need for additional inspection resources.

COORDINATION:

The Office of the General Counsel has no legal objection to this paper.

The Office of the Chief Financial Officer has reviewed this Commission paper for resource implications and has no objections.

The Advisory Committee on Reactor Safeguards (ACRS) elected not to review the proposed rule requirements.

The Committee to Review Generic Requirements has deferred its review of the rule until the final rule stage.

RECOMMENDATIONS:

That the Commission:

1.  Approve the notice of proposed rulemaking for publication (Attachment 1 ).

2.  Approve the letter to the petitioner stating the Commission decision on PRM-73-12 (Attachment 5 )

3.  Certify that this rule, if promulgated, will not have a negative economic impact on a substantial number of small entities in order to satisfy the requirements of the Regulatory Flexibility Act, 5 U.S.C. 605(b).3.

   Note:

   a. The proposed rule will be published in the Federal Register with a 75-day public comment period.

   b. The Chief Counsel for Advocacy of the Small Business Administration will be informed of the certification regarding economic impact on small entities and the basis for the certification, as required by the Regulatory Flexibility Act.

   c. Copies of the Federal Register notice of the proposed rulemaking will be distributed to all affected Commission licensees. The notice will be sent to other interested parties upon request. Copies of the documents are also available in the NRC’s Agencywide Documents Access and Management System (ADAMS), the Public Document Room and on the NRC rulemaking Web site.

   d. A letter informing the petitioner of the Commission decision on PRM-73-12 is attached for the Secretary’s signature.

   e. A public announcement will be issued.

   f. The appropriate congressional committees will be informed.

1. On June 22, 1999, the State of Nevada filed a petition for rulemaking (PRM-73-10) requesting the Commission to amend § 73.1 to require application of a design basis threat to the transportation of spent nuclear fuel. Because the scope of this rulemaking is limited to the regulatory upgrades imposed by the Commission's April 29, 2003, DBT orders, and because the NRC continues to work on security assessments of spent fuel transportation packages, PRM-73-10 will not be resolved here. Resolution of PRM-73-10 will occur after the completion of the NRC's pending transportation package security assessments and an analysis of the results. If that analysis reveals that further changes to § 73.1 are necessary, the changes would be made through a separate rulemaking process.

2. Elimination of the exemption from the DBTs for fuel reprocessing plants should be considered if, in the near future, it appears a license application for such a facility will be filed. Fuel reprocessing plants would possess types and quantities of material requiring robust security. Elimination of the exemption is not being pursued here because of the limited scope of this rulemaking.

Privacy Policy | Site Disclaimer
Thursday, February 22, 2007