Q&A:
Nuclear Security Regulations Amendments
RISK
1. What is a threat and risk assessment? Is it a public document?
The amended Nuclear Security Regulations require licensees to carry out a
threat and risk assessment of their facility. It is an assessment that serves
to identify the local threats to a specific site or facility. Licensees are
required to take any credible threats identified in a threat and risk assessment
into account in the design of their physical protection system.
A threat and risk assessment is not a public document. Information related
to the security of Canadian nuclear facilities is prescribed information and
access is restricted (refer to Sections 21 – 23 of the General Nuclear Safety and Control Regulations).
2. What is a design basis threat (DBT) analysis? Is it available?
The design basis threat (DBT) analysis is the national threat established
by the CNSC. The amended Nuclear Security Regulations require licensees to
take this analysis into account in the design of their physical protection
systems.
A design basis threat analysis is not a public document. Information related
to the security of Canadian nuclear facilities is prescribed information and
access is restricted (refer to Sections 21 – 23 of the General Nuclear Safety and Control Regulations).
3. Are some nuclear power plants and major facilities more vulnerable to
threats than others? Have any received specific threats?
In drafting the amendments to the regulations, facilities were categorized
according to risk with the highest risk facilities being nuclear power plants
and nuclear research test establishments. The amended Nuclear Security Regulations
stipulate the general requirements for facilities of a similar level of risk.
While some nuclear power plants and major facilities may be more vulnerable
to threats than others, this is addressed through the requirement for a threat
and risk assessment and, where appropriate, through facility-specific licence
conditions. Threat and risk assessments performed by licensees serve to identify
potential local threats that may be specific to that facility. All credible
threats identified in a threat and risk assessment must be taken into account
in the design of their physical protection system. All facilities are inspected
by the CNSC on a regular basis.
The possibility of a facility receiving a threat has increased significantly
since the terrorist events of September 2001. The CNSC works closely with licensees,
Public Safety Canada, the Canadian Security Intelligence Service, the Royal
Canadian Mounted Police and the United States Nuclear Regulatory Commission
to share any intelligence information which may indicate a potential threat
to a Canadian nuclear facility.
ACCESS / PROTECTION
4. In the amended Nuclear Security Regulations, what new requirements do nuclear
power plants have to prevent unlawful access and protect against the threat
of a terrorist attack?
The principal security requirements contained in the amended Nuclear Security
Regulations to increase security at nuclear power plants (and nuclear research
test establishments) are listed below.
- On-site nuclear response force - to establish an armed response
force available at all times and capable of making an immediate and effective
intervention
to counter threats to nuclear facilities and nuclear substances.
- Predetermination
of trustworthiness - to require unescorted employees
to have a security clearance or an authorization appropriate to their level
of access.
- Responsibility for granting authorizations - to require
licensees to grant certain access authorizations (transferred this responsibility
from
the
CNSC, recognizing that the licensee is responsible for nuclear security).
- Access control - to have appropriate procedures and devices in place
to positively identify and screen persons entering a nuclear facility.
- Design
basis threat analysis - to take account of, in the design of
a licensee’s physical protection system, the national threat established
by the CNSC, to protect against the unauthorized removal of nuclear substances
and sabotage of nuclear facilities and nuclear substances.
- Threat and risk
assessment - to identify local threats to a licensee’s
facility and to take any credible threats into account in the design of their
physical protection system.
- Identification and protection of vital areas - to
identify and apply physical protection measures to areas which contain equipment,
systems or
devices, or nuclear substances where sabotage could directly or indirectly
lead to unacceptable
radiological consequences.
- Uninterrupted power supply (UPS) - to have
an uninterrupted power supply (i.e., back-up battery power) in place to maintain
the operation of
alarm systems,
alarm assessment systems and the various essential monitoring functions of
the security monitoring room.
- Contingency planning, drills and exercises - to
test physical protection systems through regular drills, and develop and
exercise contingency plans
to manage anticipated security related emergencies.
- Vehicle barriers and
portals - to take measures to reduce the risk
of forced vehicle penetration into a nuclear facility.
- Supervisor awareness
program – to train supervisors to recognize
behavioural changes in all facility personnel, including contractors, that
may indicate
an increase in risk to the security of the facility.
These additional security upgrades bring Canada’s security requirements
in line with international physical protection recommendations and practices.
5. What modifications have nuclear power plants made to their physical protection
systems and security procedures as a result of the design basis threat analysis?
Licensees of nuclear power plants have made a number of upgrades to their
physical protection systems and security procedures as a result of the design
basis threat analysis. This information is related to the security of the facility
and is prescribed information which cannot be released to the public (refer
to Sections 21 – 23 of the General Nuclear Safety and Control Regulations).
6. What modifications have other nuclear facilities made to their physical
protection systems and security procedures as a result of the design basis
threat analysis?
The design basis threat analysis applies only to high-security sites such
as nuclear power plants and research and test establishments. These licensees
have made a number of upgrades to their physical protection systems and security
procedures as a result of the design basis threat analysis. This information
is related to the security of these facilities and is prescribed information
which cannot be released to the public (refer to Sections 21 – 23 of
the General Nuclear Safety and Control Regulations).
7. What security measures are in place for university research reactors?
University research reactor security requirements depend on the type of fuel
they use (i.e. Category I, II or III nuclear material). Research reactors are
assessed on a case-by-case basis and if any additional requirements are necessary,
they are imposed through facility-specific licence conditions.
8. What armed response force arrangements have been made for each of the nuclear
power plants (both onsite and offsite)?
On-site armed response forces capable of immediate effective intervention
are available twenty-four hours a day, seven days a week at each nuclear power
plant. All nuclear power plants have made arrangements with jurisdictional
police agencies to provide additional tactical off-site response as required.
9. What type of events have armed response forces responded to at nuclear
power plants since Sept. 11?
This type of information relates to the security of these facilities and is
considered prescribed information which cannot be released to the public (refer
to Sections 21 – 23 of the General Nuclear Safety and Control Regulations).
10. At nuclear power plants, are there nuclear security officers in addition
to the armed response force? If so, how many?
Yes, there are unarmed nuclear security officers at every high-security site
(nuclear power plants and nuclear research and test establishments). These
unarmed nuclear security officers carry out a variety of security related tasks
including personnel and vehicle screening, access control, patrols, investigations
as well as alarm monitoring and assessment.
Details on the number of nuclear security officers and armed response force
members at each nuclear power plant relates to the security of these facilities
and is considered prescribed information which cannot be released to the public
(refer to Sections 21 – 23 of the General Nuclear Safety and Control Regulations).
11. The amendments are very specific about records of access to keys and lists
of authorized people – have the existing regulations been inadequate?
Have there been breaches of access?
No, before the amendments came into force and under the regulations at the
time, licensees were required to submit security plans and procedures in which
information concerning records of access to keys and lists of authorized people
would be expected. The amended Nuclear Security Regulations make these requirements
explicit.
Any information on breaches to access is related to the security of the facility
and is considered prescribed information which cannot be released to the public
(refer to Sections 21 – 23 of the General Nuclear Safety and Control Regulations).
12. Does the imposition of these amended measures now suggest the plants and
other nuclear facilities were unprotected in the past?
No, the imposition of these amended measures is primarily in response to an
elevated global threat environment post September 11, 2001.
In the past, these facilities were protected to the degree necessary with
the global threat environment in place at that time. Following the events of
September 11, 2001, the CNSC issued two orders in the fall of 2001. The requirements
of these orders have been incorporated into the amended Nuclear Security Regulations
to ensure adequate physical protection measures are in place.
13. Will these amendments prevent inadvertent “fly-overs” of nuclear
power plants?
There are restrictions imposed by Transport Canada in section 602.14(2) of
the Canadian Aviation Regulations where it specifies a minimum aircraft ceiling
of 1000 ft. over any built up area which would include a nuclear power reactor
site as well as the research reactor site at AECL. In addition, Transport Canada
issued an airspace advisory in January 2004 to civilian flying agencies and
pilots in regards to loitering or circling aircraft in the vicinity of nuclear
power plants.
OTHER
14. What is the cost of implementing these regulations?
While licensees have already expended the majority of cost through implementing
the requirements of the 2001 CNSC orders, some licensees still have some outstanding
expenditures.
The total capital costs for all licensees to implement the physical protection
requirements of the orders and the amended Nuclear Security Regulations are
in the range of $300 million. Annual recurring costs to all licensees will
be in the range of $60 million per year. Further cost breakdown cannot be made
available to the public due to the sensitivity of this security information.
The CNSC’s Nuclear Security Division has had to increase its staff to
ensure licensee compliance. Compliance monitoring costs are recovered from
licensees according to the CNSC Cost Recovery Fees Regulations. This will be
a recurring cost for licensees.
15. Which measures are already in place at nuclear power plants and which
ones remain to be implemented?
Most of the measures required in the amended Nuclear Security Regulations
have been implemented at all nuclear power plants. The physical protection
requirements of the CNSC’s post-September 11 orders have been implemented.
A number of licensees, on their own initiative, have gone beyond the requirements
of the old regulations and Orders and implemented a number of additional requirements
found in the amended Nuclear Security Regulations.
Information on which measures have been implemented or not is considered to
be information related to the security of the facility and is considered prescribed
information which cannot be released to the public (refer to Sections 21 – 23
of the General Nuclear Safety and Control Regulations).
16. Who will be paying for the upgrades?
Licensees will be paying for the upgrades.
|