U.S. NRC Blog

Transparent, Participate, and Collaborate

Force-on-Force or Was That a Gunfight at a Nuclear Power Plant?

Clay Johnson
Chief, Security Performance Evaluation Branch
 

They are dressed in camouflage, fit and well-trained, and they creep quietly toward the perimeter of a nuclear power plant under cover of darkness. Their realistic weapons reflect dully in the moonlight, but these weapons fire blank ammunition and lasers that record hits and misses.

Their goal? A particular target set within the plant which, if compromised, could impact the safety of the plant and the community that surrounds it. The target set this night? A closely guarded secret known only to the “armed intruders” and the NRC inspection team that includes active duty military members from the U.S. Special Operations Command.

The attacks will be repeated over the course of three days and nights so that different attack methods and various targets at each nuclear power plant are tested. In each scenario, the plant’s security personnel work to protect specific areas of the plant according to their facility’s individual security plan. Each plant is tested in this manner every three years.

These force-on-force inspections have been part of the NRC inspection regime since 1991, but they were significantly beefed up and the frequency increased to every three years after Sept. 11, 2001. They are designed to assess the plant’s ability to defend itself against the conditions put forth under the “design basis threat” or DBT. These inspections are in addition to the baseline security inspections performed by the NRC’s regional inspectors and the inspections done daily by the NRC’s resident inspectors. NRC security experts routinely review options for further enhancements to the program.

The details of what happens during a force-on-force inspection are not public due to the sensitive nature of security plans at the plants. If a deficiency is found during an inspection, the NRC inspectors stay on site until compensatory measures are put in place, and then the NRC reviews the plant’s long-term plan to rectify the problem, and may issue violations. These violations are only discussed in a general way with the public.

The “bad guys” are part of what is called the Composite Adversary Force and they are contracted by the nuclear industry to perform these mock attacks to NRC specifications. The plant knows the force-on-force will occur at a specific date for safety and logistical purposes and to provide time to coordinate two sets of security offices – one to participate in the inspection and one to maintain the security posture of the plant. The mock attacks are also preceded by significant planning and on-site tabletop drills conducted by the NRC inspection team.

These realistic and physically intensive exercises are but one vehicle by which the NRC ensures the country’s nuclear power plants and Category I fuel facilities are prepared and able to protect themselves. Meetings on possible additional enhancements to this inspection program will be announced in the future.

2 responses to “Force-on-Force or Was That a Gunfight at a Nuclear Power Plant?

  1. Garry Morgan January 15, 2013 at 10:31 am

    Security contractors bottom line is money, not security. Repetitive failures relating to nuclear facility security where contractors are involved are inexcusable and unacceptable. Special physical security military forces and DOD police are the only security which should be utilized at ALL nuclear facilities.

    Security goes further than force on force contractor attacks following a specified contractor attack plan.
    This type of evaluation is not inclusive of all threats and indicative of a real world multi-front threat and attack scenario.

    Three year security test cycles are inadequate; force on force tests should occur annually. Broad scale systems security tests should also involve defenses to terrorism, cyber attacks, threats to the civilian community, engineering weaknesses, personnel reliability weaknesses, aerial attacks and various diversion and deceit tactics to capture or destroy a facility in various scenarios. The attack scenario evaluation should involve a mass attack of all systems and an extended multi-front attack scenario to include guerrilla Special Forces attacks.

    Intentional public deceit by corporations, contractors, employees and the regulator is another security risk and threat not addressed.. Intentionally deceiving the public destroys credibility.

    Nuclear power plant security issues are discussed in this Congressional Research Service (CRS) Report: http://www.fas.org/sgp/crs/homesec/RL34331.pdf What is revealing, the deficiencies noted in a 2008 CRS report still exist in the 2012 report. In the nuclear power industry, money has been placed before the safety and security of citizens.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 1,423 other followers

%d bloggers like this: