NSS No. 35-G Security during the Lifetime of a Nuclear Facility

Sekce Odstavec Text
Main
Main 1.1. The lifetime of a nuclear facility extends from the earliest planning stages through to its decommissioning. It is important to consider nuclear security early in the design of new facilities and during partial redesigns or modifications, as it can result in nuclear security for these facilities that is more efficient, more effective and better integrated with other safety, safeguards, operational and other measures. Nuclear security measures are also important during commissioning and operation; and they should not cease at decommissioning, as they are important in addressing the protection of the remaining quantities of nuclear material or other radioactive material, which has accumulated during the operations stage.
Main 1.2. The essential elements of a State’s nuclear security regime and the physical protection measures for nuclear material and nuclear facilities consistent with those essential elements are described in the following IAEA Nuclear Security Series publications:

  • No. 20, Objective and Essential Elements of a State’s Nuclear Security Regime [1];

  • No. 13, Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Revision 5) [2];

  • No. 27-G, Physical Protection of Nuclear Material and Nuclear Facilities (Implementation of INFCIRC/225/Revision 5) [3].
Main 1.3. While Refs [1–3] indicate that nuclear security measures should be planned and introduced as early as possible in the lifetime of a nuclear facility, they focus primarily on security during the operation of a facility, and not on nuclear security measures during all stages in the lifetime of a nuclear facility.
Main 1.4. The objective of this publication is to provide guidance to States, competent authorities and operators on appropriate nuclear security measures during each stage in the lifetime of a nuclear facility, from initial planning of the facility through to its final decommissioning. This publication also addresses effective nuclear security in the transition between the stages.
Main 1.5. This publication applies to the nuclear security of nuclear material and nuclear facilities throughout the lifetime of all types of nuclear facility.
Main 1.6. Although focused on nuclear power, the guidance contained in this publication may be useful for States developing nuclear programmes with other types of nuclear facility, including those for research and development.
Main 1.7. This publication does not specifically address the security of nuclear material in transport, which is addressed in other guidance within the IAEA Nuclear Security Series (see Refs [3–8]). This publication also does not address the security of radioactive sources; however, the general concepts and guidance may be applicable, using a graded approach.
Main 1.8. This publication discusses stages of the lifetime of a nuclear facility that correspond — but are not necessarily identical — to those described in other publications. Notably, the IAEA publication Milestones in the Development of a National Infrastructure for Nuclear Power [9] defines three phases in the development of a national nuclear power programme, with associated actions and milestones leading up to the operation of the first nuclear power plant. These three phases generally correspond to the early stages of the lifetime of a nuclear facility discussed in this publication. The three phase structure has also been used in IAEA Nuclear Security Series No. 19, Establishing the Nuclear Security Infrastructure for a Nuclear Power Programme [10], to address security concerns during the development of a national nuclear power programme. In this publication, it is assumed that the actions set out in Ref. [10] to be taken during Phase 1 have either been completed or are in progress. As defined in Ref. [2], the term nuclear security includes all of the elements of a State’s physical protection regime1. Other terms used throughout this document are consistent with Ref. [2] and other publications of the IAEA Nuclear Security Series. In addition, it is assumed the requirements in IAEA Safety Standards Series No. GSR Part 7, Preparedness and Response for a Nuclear or Radiological Emergency [11], are included in emergency preparedness and response processes.
Main 1.9. Safety and safeguards measures to be taken during the lifetime of a nuclear facility are not addressed in this publication.
Main 1.10. Section 2 provides a description of the concept of security during the lifetime of a nuclear facility and describes the stages in its lifetime. Section 3 details actions for implementing nuclear security measures during each stage.
Main 2.1. Nuclear facilities have often been designed without giving sufficient consideration to nuclear security until late in the design stage or after operational and safety features had already been determined. Nuclear security measures were added later, often resulting in the application of measures that were not integrated or fully compatible with measures relating to safety, safeguards, and operations. Moreover, implementing new or additional security measures after a nuclear facility is in operation may be difficult and costly. Considering security requirements early in new designs, partial redesigns and modifications can result in nuclear security that is more efficient and effective as well as better integrated with other measures in the facility.
Main 2.2. Various requirements apply to a nuclear facility during all stages in its lifetime, including nuclear safety, nuclear security, safeguards and operational requirements. As stated in para. 1.2 of Ref. [1], “Security measures and safety measures have to be designed and implemented in an integrated manner to develop synergy between these two areas and also in a way that security measures do not compromise safety and safety measures do not compromise security.” A balance should be achieved between these various requirements. Ideally, the measures implemented to meet these requirements should complement each other, but in some cases, the measures implemented may conflict with one another. Equal consideration should be given to these different requirements from the outset in order to minimize such conflicts.
Main 2.3. In this Implementing Guide, the lifetime of a nuclear facility is divided into the following eight stages: planning, siting, design, construction, commissioning, operation, cessation of operation and decommissioning.
Main 2.4. The planning stage for a nuclear facility includes activities such as conceptual design and obtaining required approvals prior to receiving authorization to begin formal siting and design stages.
Main 2.5. The siting stage for a nuclear facility generally comprises the consideration of candidate sites, taking into account various factors such as available infrastructure and workforce as well as geographical and security considerations. This would then be followed by a detailed evaluation of the candidate sites. The evaluation may culminate in a request for, and approval of, a selected site.
Main 2.6. In some cases, the design stage is an iterative process — from conceptual design through to final design — that ultimately results in a request for approval to construct a nuclear facility. In other cases, generic designs may be developed and approved prior to the siting stage.
Main 2.7. The construction stage comprises site preparation, the manufacture, acquisition and assembly of the components of the nuclear facility, the installation of components and equipment, and the performance of associated tests.
Main 2.8. The commissioning stage comprises the process of making systems and components of facilities operational, along with initiating associated nuclear security activities, and verifying that the systems, components and activities are in accordance with the design and have fulfilled the required criteria.
Main 2.9. The operation stage includes all routine and emergency operations of the facility once it is commissioned.
Main 2.10. The cessation of operation stage describes a planned condition at a nuclear facility in which facility operations have ceased either permanently in preparation for decommissioning or for an extended period of time for major modifications, maintenance or repair.
Main 2.11. The decommissioning stage includes the administrative and technical actions taken to remove the nuclear material and other assets from the facility.
Main 2.12. Nuclear security measures can be removed from the facility when no nuclear material and other radioactive material remain and there is no longer the potential for unauthorized removal of nuclear material or an act of sabotage that causes unacceptable radiological consequences.
Main 2.13. Although not explicitly defined as a stage in this publication, there are periods during the lifetime of a nuclear facility when it could be undergoing some type of modification during one of the stages. This typically occurs during the operation stage but may occur in other stages as well. These modifications could lead to a need for increased or altered nuclear security measures.
Main 2.14. In addition, the stages are presented in this publication as clearly separated and sequential, as if only one facility with a single operation existed on a site. In practice, however, a nuclear facility may be in multiple different stages simultaneously. For example, stages may overlap or be merged, or facilities on a site may transition from one stage to another. A facility might also undergo modifications during a given stage that could affect physical protection measures at a co-located nuclear facility.
Main 2.15. One such example is if the operator of a site with three nuclear power plants were to receive approval to construct a fourth power plant on the same site while continuing operation of the original three. During construction, part of the site would be in the design stage through to the commissioning stage, while the other three would remain in the operation stage. Ultimately, when the new plant enters operation, the facility would enter a stage in which all four power plants were in the operation stage.
Main 2.16. A second example is if, during the operation stage of a nuclear facility, modifications affecting physical protection measures were to be completed, such as changing a security boundary, addition of new target locations, removal of a target location, or installation of a new perimeter intrusion detection system. While the facility remained in the operation stage, the modifications to the physical protection equipment may be designed, constructed, tested and implemented.
Main 3.1. In this section, the major nuclear security actions for each stage of the lifetime of a nuclear facility for the State, the competent authority and the operator are set out. These actions apply to new facilities as well as existing ones, although existing facilities may already have completed some of these actions. In addition, some actions assigned in this section to the State could be delegated to the competent authorities, as appropriate. All aspects of nuclear security, including information security and computer security (see Refs [7, 12] for more detail on these topics), should be maintained during all relevant stages in the lifetime of a nuclear facility.
Main 3.2. Actions associated with each stage are included in its description but are not in any specific order. Some activities may be implemented at any time within a stage, or are performed throughout the stage, while others would need to be implemented at a specific time. In addition, some actions associated with a particular stage may be initiated in a prior stage, and thus are listed as actions under this prior stage. The State, the competent authority and the operator should adapt the timing of activities according to facility circumstances and requirements.
Main 3.3. In addition, some actions should be implemented in multiple stages. For clarity and completeness, these actions are repeated in each of the relevant stages.
Main 3.4. For the actions described in this section, recommendations and further detailed information on implementation can be found in other publications in the IAEA Nuclear Security Series.
Planning stage goals 3.5. Measures to address applicable regulatory nuclear security requirements for the new nuclear facility should be identified during the planning stage. Major decisions will be made during this stage, and the importance of nuclear security should be recognized and reflected in these decisions. Various competent authorities as well as other organizations might be involved in these decisions to ensure that all the requirements of the State for the secure operation of the nuclear facility are identified and met.
Planning stage goals 3.6. In addition, a new nuclear facility can affect, and be affected by, the national and local security situation, including threats. This should be adequately considered in the planning stage of the facility.
Planning stage goals 3.7. Nuclear security goals at this stage for the State, the competent authority and the operator include:

  • Ensuring that the nuclear security requirements are met that are set out in the State’s legal and regulatory framework, as applicable to the proposed facility and the type and quantity of nuclear material and other radioactive material expected to be in use or storage at the facility;

  • Ensuring the integration of nuclear security requirements with operational goals and safety requirements in the facility design specifications;

  • Identifying nuclear security roles and responsibilities and assigning them to the various competent authorities and organizations involved in nuclear security at the facility;

  • Establishing a framework for communication among all relevant stakeholder organizations (e.g. those responsible for nuclear safety, nuclear security, safeguards and facility operations);

  • Identifying and developing nuclear security competencies (e.g. human resources and technical capabilities) needed to implement nuclear security measures;

  • Raising awareness of security issues among all relevant stakeholder organizations.
Planning stage actions 3.8. The following actions should be completed during the planning stage of a nuclear facility.
State actions Action 1-1: The State should establish legislation to provide appropriate legal authority to competent authorities with nuclear security responsibilities.
State actions Action 1-2: The State should define and assign roles and responsibilities for all organizations involved in nuclear security, including evaluating applications, granting licences or authorizations, and inspecting nuclear facilities and related activities, and should define the relationships between these organizations.
State actions Action 1-3: The State should conduct a threat assessment and, if appropriate, a design basis threat or representative threat statement.
State actions Action 1-4: The State should develop a trustworthiness policy.
State actions Action 1-5: The State should establish requirements for protecting the confidentiality of information. These requirements should address limiting access to sensitive information to those whose trustworthiness has been established, appropriate to the sensitivity of the information, and those who have a need to know to perform their duties.
State actions Action 1-6: The State should define thresholds for unacceptable radiological consequences from sabotage and determine appropriate levels of nuclear security to be implemented, using a graded approach.
State actions Action 1-7: The State should establish a policy for nuclear security culture for the competent authority and the operators.
State actions Action 1-8: The State should establish a sustainability programme to ensure that its nuclear security regime remains effective over time.
Competent authority actions Action 1-9: The competent authority should develop regulatory requirements for nuclear security during the planning stage, including for computer security, sustainability, contingency planning, emergency preparedness, incident reporting, trustworthiness, quality assurance, nuclear security culture and nuclear materials accounting and control, as applicable.
Competent authority actions Action 1-10: The competent authority should recruit, train and qualify staff with the goal of ensuring that adequate nuclear security knowledge and expertise are available to regulate nuclear facilities and associated activities and to implement a sustainability programme.
Competent authority actions Action 1-11: The competent authority should develop requirements to protect against unauthorised removal of nuclear material and sabotage of nuclear facilities and nuclear material. These requirements should set out the stages in which they should be applied. If nuclear security requirements are determined to conflict with other requirements, such as those for safety, the competent authorities should reconcile the conflicts.
Competent authority actions Action 1-12: The competent authority should develop nuclear security requirements for incident reporting, including investigation and analysis.
Competent authority actions Action 1-13: The competent authority should develop plans and procedures for licensing and inspections that address each stage of the lifetime of a nuclear facility.
Competent authority actions Action 1-14: The competent authority should ensure that operators receive relevant information from the design basis threat or representative threat statement to enable them to develop nuclear security measures for each stage of the lifetime of a nuclear facility.
Operator actions Action 1-15: The operator should determine the expected quantity and type of nuclear material at the facility as well as its associated category, in order to establish which requirements for protection against unauthorized removal will apply to the facility.
Operator actions Action 1-16: The operator should conduct a preliminary analysis of the nuclear material proposed to be used or stored at the facility, in order to determine the potential radiological consequences from sabotage.
Operator actions Action 1-17: The operator should develop a nuclear security strategy that meets State requirements.
Operator actions Action 1-18: The operator should promote awareness of nuclear security among, as well as conduct nuclear security training for, organizations and individuals involved in facility planning, with the goal of ensuring that they fully understand security policies and responsibilities.
Operator actions Action 1-19: The operator should involve all organizations with nuclear security responsibilities associated with the facility in all facility planning activities, including off-site organizations (i.e. response), as appropriate.
Operator actions Action 1-20: The operator should coordinate its nuclear security planning activities with the planning activities associated with nuclear safety, safeguards and facility operations in order to avoid or resolve conflicts and to find synergies.
Operator actions Action 1-21: The operator should identify the resources and organizational structure needed to implement its nuclear security strategy.
Operator actions Action 1-22: The operator should plan for measures to protect sensitive information consistent with State and competent authority requirements, including confidentiality measures and procedures to limit access to sensitive information to those who have a need to know to perform their duties.
Operator actions Action 1-23: The operator should account for applicable regulatory requirements for nuclear security during the planning stage, including for computer security, sustainability, contingency planning, emergency preparedness, incident reporting, trustworthiness, quality assurance, nuclear security culture and nuclear materials accounting and control, as applicable.
Siting stage goals 3.9. The location of the nuclear facility is identified during the siting stage. The siting of a nuclear facility has the potential to increase or decrease its vulnerability to external security threats as well as to increase or decrease the potential consequences that could result from malicious acts. During site selection, nuclear security considerations should be evaluated alongside safety and other considerations, such as seismic activity, geology, meteorology and hydrology, as discussed in IAEA Safety Standards Series No. NS-R-3 (Rev. 1), Site Evaluation for Nuclear Installations [13]. The siting of a nuclear facility can require agreements with neighbouring States.
Siting stage goals 3.10. Nuclear security goals at this stage for the State, the competent authority and the operator include evaluating:

  • Any local or regional threats that could impact the facility;

  • Security interfaces and interdependencies with existing nearby nuclear facilities;

  • Topography that may enhance or increase the vulnerability of the security of site;

  • Potential impact of radiological releases to the environment or populated areas (e.g. population centres, critical infrastructure, airports and other transport assets, and international borders);

  • The availability of sufficient response forces2 to respond in a timely manner to a nuclear security event;

  • Free space for site reconfiguration, including expansion, if security needs increase.
Siting stage actions 3.11. The following actions should be completed during the siting stage of a nuclear facility.
State actions Action 2-1: The State should examine treaties, agreements, security conditions and relationships with neighbouring States to determine their potential impact on site selection.
State actions Action 2-2: The State should establish arrangements and protocols for response forces, and provide information with regard to these arrangements and protocols to the competent authority and the operator to aid in site selection decisions.
State actions Action 2-3: The State should approve the final site selection if required, taking into account nuclear security considerations.
Competent authority actions Action 2-4: The competent authority should require that nuclear security considerations, including information on national and local threats, be considered during site selection.
Competent authority actions Action 2-5: The competent authority should train and qualify relevant personnel within the competent authority in nuclear security.
Operator actions Action 2-6: The operator should take into account nuclear security considerations, such as information on national and local threats, in the site selection process.
Operator actions Action 2-7: The operator should develop an information security programme, including confidentiality measures and procedures to limit access to sensitive information to those who have a need to know to perform their duties. This programme should be based on applicable regulatory requirements for information security.
Operator actions Action 2-8: The operator should evaluate the availability of infrastructure for effective nuclear security, including the availability of response forces for a nuclear security event.
Operator actions Action 2-9: The operator should develop programmes for selection, qualification and training of security personnel who will support the design effort.
Operator actions Action 2-10: The operator should account for applicable regulatory requirements for nuclear security during the siting stage, including for computer security, sustainability, contingency planning, emergency preparedness, incident reporting, trustworthiness, quality assurance, nuclear security culture and nuclear materials accounting and control, as applicable.
Design stage goals 3.12. Measures required to meet applicable regulatory nuclear security requirements should be integrated into the overall design during the design stage.
Design stage goals 3.13. Potential conflicts between safety and security measures should be identified and minimized during the design stage, and measures should be implemented in a manner to strengthen synergy between these two areas where possible. For example, access control measures for sensitive areas in the facility need to account for both safety and security considerations. Potential conflicts with other design specifications (e.g. safeguards and facility operations) should also be minimized during this stage, and designers should take advantage of opportunities for synergistic design. The design team should include security personnel to ensure that conflicts between nuclear safety, nuclear security and safeguards are identified and resolved appropriately.
Design stage goals 3.14. Nuclear security goals at this stage for the State, the competent authority and the operator include:

  • Developing nuclear security designs that meet regulatory requirements for nuclear security and accounting for the national design basis threat or representative threat statement as well as the preliminary facility analyses;

  • Characterizing and evaluating the nuclear facility to determine the required protection levels for the facility for the protection of nuclear material and the possible radiological consequences of sabotage;

  • Planning for nuclear security areas in the facility (e.g. limited access area, protected area, inner area and vital area) in order to provide defence in depth;

  • Identifying locations and types of critical nuclear security asset, such as the central alarm station and guard stations;

  • Identifying and resolving conflicts between regulatory requirements for nuclear security and those for other disciplines as early in the design stage as practicable.
Design stage actions 3.15. The following actions should be considered during the design stage of a nuclear facility.
State actions Action 3-1: The State should review the design basis threat or representative threat statement and evaluate the implications of any changes, as necessary.
Competent authority actions Action 3-2: The competent authority should ensure that a design basis threat or representative threat statement and relevant regulatory requirements for nuclear security are provided to the operator for development of nuclear security input for use during the design of the facility, if required.
Competent authority actions Action 3-3: The competent authority should ensure that any design modifications remain in compliance with applicable regulatory requirements for nuclear security and safety.
Competent authority actions Action 3-4: The competent authority should conduct a technical assessment of the final design of a facility to ensure that it meets applicable requirements for nuclear security and safety before licensing activities or granting authorization.
Competent authority actions Action 3-5: The competent authority should ensure that trustworthiness checks are implemented for personnel with access to sensitive information.
Operator actions Action 3-6: The operator should determine the nuclear security measures to be included in the design. This determination should be based on the number and type of security areas included in the design.
Operator actions Action 3-7: The operator should implement an information security programme for sensitive information used or generated during the nuclear facility design stage. This programme should be based on applicable regulatory requirements for information security.
Operator actions Action 3-8: The operator should identify the category of nuclear material to be protected against unauthorized removal as well as the possible radiological consequences of sabotage in order to ensure that nuclear security design requirements are met.
Operator actions Action 3-9: The operator should ensure that all organizations with nuclear security responsibilities relating to the facility should participate in facility design activities.
Operator actions Action 3-10: The operator should coordinate nuclear security measures to be incorporated in the design with measures to be incorporated for other disciplines (e.g. safety, safeguards and operations) in order to compare relevant regulatory requirements, identify synergies and resolve potential conflicts.
Operator actions Action 3-11: The operator should identify technologies and components (e.g. barriers, sensors and assessment systems) best suited to meet applicable regulatory requirements for nuclear security. This information should be used to develop detailed design requirements for nuclear security measures.
Operator actions Action 3-12: The operator should review all aspects of the design to ensure the appropriate inclusion of nuclear security measures.
Operator actions Action 3-13: The operator should assess the final design to ensure that it meets applicable regulatory requirements for nuclear security, as well as assess any proposed subsequent facility design changes that would affect nuclear security.
Operator actions Action 3-14: The operator should provide the final design of the systems and components that contribute to nuclear security (e.g. physical protection equipment, security related sensitive digital assets, computer hardware, and network and power equipment) to the competent authority for assessment and approval.
Operator actions Action 3-15: The operator should provide the competent authority with any subsequent design changes affecting the systems that contribute to nuclear security, as required, incorporating the concept of configuration management as discussed in Ref. [2].
Operator actions Action 3-16: The operator should account for applicable regulatory requirements for nuclear security during the design stage, including for computer security, sustainability, contingency planning, emergency preparedness, incident reporting, trustworthiness, quality assurance, nuclear security culture and nuclear materials accounting and control, as applicable.
Construction stage goals 3.16. During the construction stage of a nuclear facility, the operator should take measures to ensure that the facility nuclear security measures are implemented as designed during the various stages of construction.
Construction stage goals 3.17. At or near the end of construction, nuclear security measures should be tested to determine that they are installed and operate in a manner that addresses the applicable regulatory requirements and the design basis threat or representative threat statement. The three types of test commonly conducted for this purpose are functional, operational and performance tests. Functional tests are conducted to determine whether systems and components operate as designed. Operational tests are conducted to determine whether personnel use the systems and equipment correctly. Performance tests are conducted to determine whether an overall system or a component meets its design objectives.
Construction stage goals 3.18. Nuclear security goals at this stage for the State, the competent authority and the operator include:

  • Ensuring that the construction and installation of nuclear security measures meet design requirements;

  • Preventing the introduction of contraband to the construction site as well as any tampering with facilities or equipment that could aid in the execution of a malicious act after the facility becomes operational;

  • Isolating construction activities from other operational facilities (e.g. those located on the same site) and addressing interim security vulnerabilities which may be introduced to nearby facilities during the construction stage;

  • Conducting preparatory activities, such as establishing an organization or organizations that will be responsible for nuclear security at the facility during and after construction, training security personnel and developing plans and procedures for nuclear security at the facility;

  • Conducting testing of physical protection equipment and other systems and components that contribute to nuclear security following installation to ensure that they meet functional, operational and performance requirements.
Construction stage actions 3.19. The following actions should be completed during the construction stage of a nuclear facility.
State actions Action 4-1: The State should develop a comprehensive national response plan3 for nuclear security events if this plan does not already exist.
Competent authority actions Action 4-2: The competent authority should review and approve the operator’s security measures and plans, if required, prior to the start of construction.
Competent authority actions Action 4-3: The competent authority should require that the operator have a management system that integrates nuclear security into the overall management system of the facility. Management systems include processes to manage requirements, conduct quality assurance activities, manage resources and provide work direction and control.
Competent authority actions Action 4-4: The competent authority should establish quality assurance requirements for the procurement, installation and acceptance testing of nuclear security systems and equipment.
Competent authority actions Action 4-5: The competent authority should maintain training and qualification programmes for its personnel.
Operator actions Action 4-6: The operator should implement a management system that integrates nuclear security into the overall management system of the facility.
Operator actions Action 4-7: The operator should establish clear relationships between the organizations that will have responsibilities relating to nuclear security at the facility, including by defining roles and responsibilities, developing job descriptions and establishing interfaces with external agencies (e.g. law enforcement).
Operator actions Action 4-8: The operator should implement nuclear security measures approved by the competent authority for the construction stage.
Operator actions Action 4-9: The operator should test the approved security measures for the construction stage.
Operator actions Action 4-10: The operator should implement a configuration management programme to ensure that any design changes undertaken during construction do not affect the facility’s ability to meet regulatory requirements for nuclear security.
Operator actions Action 4-11: The operator should procure physical protection equipment and other systems and components that contribute to nuclear security from trusted sources, and if necessary, keep these items in secure storage until installation to minimize the potential for tampering.
Operator actions Action 4-12: The operator should install physical protection equipment and other systems and components that contribute to nuclear security in a manner that meets the technical specifications and design for the facility.
Operator actions Action 4-13: The operator should implement and conduct nuclear security training activities for all personnel with security responsibilities. All facility personnel should receive basic security awareness training.
Operator actions Action 4-14: The operator should conduct tests of physical protection equipment as well as other systems and components that contribute to nuclear security, after installation in order to ensure they meet functional, operational and performance requirements in preparation for commissioning.
Operator actions Action 4-15: The operator should conduct a final inspection of the facility when the construction stage is complete to ensure that no contraband or other prohibited items were introduced into the facility during construction.
Operator actions Action 4-16: The operator should implement measures to meet regulatory requirements for nuclear security during the construction stage, including for computer security, sustainability, contingency planning, emergency preparedness, incident reporting, trustworthiness, quality assurance, nuclear security culture and nuclear materials accounting and control, as applicable.
Operator actions Action 4-17: Prior to operation of the facility, the operator should document compliance with regulatory requirements in a nuclear security plan, which should include a facility contingency plan.
Operator actions Action 4-18: The operator should develop a human resources management programme, including measures for monitoring an individual’s ability to perform nuclear security functions.
Commissioning stage goals 3.20. During the commissioning stage, the operator should demonstrate that the facility as constructed meets the design specifications, including that the combination of nuclear security measures in place meets the applicable regulatory requirements. This stage also includes administrative and technical actions taken to introduce the nuclear material into the facility.
Commissioning stage goals 3.21. Nuclear security goals at this stage for the State, the competent authority and the operator include:

  • Validating that the facility’s nuclear security plans, operating procedures, assessment procedures, contingency and emergency procedures adequately address applicable regulations, the design basis threat or representative threat statement;

  • Verifying that all physical protection equipment and other systems and components that contribute to nuclear security functions are in place and meet the design requirements;

  • Implementing compensatory nuclear security measures to provide protection for the material until the nuclear security measures are fully operational if nuclear security measures are not fully implemented upon arrival of the nuclear material into the nuclear facility;

  • Familiarizing all facility personnel with nuclear security processes and procedures;

  • Developing a commissioning protocol to provide evidence that the nuclear facility, as constructed, meets the design specifications and complies with applicable regulatory requirements for nuclear security;

  • Describing and evaluating the nuclear security measures described in the nuclear security plan through assessments, including performance testing;

  • Establishing a formal process to evaluate the impacts on nuclear security from proposed operational changes, changes in nuclear safety measures or facility modifications prior to their implementation;

  • Establishing a formal process to evaluate the impacts on facility operations and on nuclear safety from proposed changes to nuclear security measures prior to their implementation;

  • Identifying and correcting deficiencies in nuclear security processes and procedures.
Commissioning stage actions 3.22. The following actions should be completed during the commissioning stage of a nuclear facility.
State actions Action 5-1: The State should conduct exercises to assess and validate the comprehensive national response plan for nuclear security events.
Competent authority actions Action 5-2: The competent authority should ensure that response forces are familiar with the facility and its contingency plan.
Competent authority actions Action 5-3: The competent authority should require the operator to develop plans that describe the testing processes and test acceptance criteria for the physical protection equipment as well as other systems and components that contribute to nuclear security.
Competent authority actions Action 5-4: The competent authority should perform inspections and assessments of the nuclear security measures as detailed in the nuclear security plan, and approve these measures prior to operation of the facility.
Competent authority actions Action 5-5: The competent authority should review and approve the operator’s analyses of the nuclear material categorization as well as potential radiological consequences from sabotage, as appropriate.
Competent authority actions Action 5-6: The competent authority should review and approve the operator’s nuclear security plan, including any compensatory measures and the facility contingency plan. Implementation of the nuclear security plan should be a part of the licence conditions for operating the facility.
Operator actions Action 5-7: The operator should ensure that the organizational structure for nuclear security is in place.
Operator actions Action 5-8: The operator should be prepared to implement compensatory measures approved by the competent authority in case of a security system failure.
Operator actions Action 5-9: The operator should conduct functional, operational and performance testing of the physical protection equipment as well as other systems and components that contribute to nuclear security, including response and sensitive digital assets (e.g. instrumentation and control systems, network hardware and computer hardware), to ensure that they meet nuclear security requirements.
Operator actions Action 5-10: The operator should verify the category of nuclear material and the potential radiological consequences that are used to determine the effects of sabotage, as required by the applicable regulations.
Operator actions Action 5-11: Prior to operation of the facility, the operator should submit the nuclear security plan for approval to the competent authority.
Operator actions Action 5-12: The operator should ensure that the necessary resources for the operations stage (e.g. personnel, support systems, emergency preparedness, infrastructure, financing and materials) are available during commissioning.
Operator actions Action 5-13: The operator should test the validity of operational plans and procedures and ensure that security personnel are trained to operate the security systems, as appropriate.
Operator actions Action 5-14: The operator should implement a human resources management programme, including measures for monitoring an individual’s ability to perform nuclear security functions.
Operator actions Action 5-15: The operator should implement measures to meet regulatory requirements for nuclear security during the commissioning stage, including for computer security, sustainability, contingency planning, emergency preparedness, incident reporting, trustworthiness, quality assurance, nuclear security culture and nuclear materials accounting and control, as applicable.
Operation stage goals 3.23. During the operation stage, sustained, effective nuclear security should be maintained. The elements of nuclear security are described in a nuclear security plan, the development of which was mentioned in the previous two stages. The nuclear security plan should form the basis for oversight by the competent authority and is part of the licence or authorization of the facility. Any major modifications to the facility’s nuclear security measures should be subject to review and approval by the competent authority.
Operation stage goals 3.24. Nuclear security goals at this stage for the State, the competent authority and the operator include:

  • Ongoing evaluations of nuclear security measures through inspections and performance testing, including exercises;

  • Maintaining a formal process to evaluate the impacts on nuclear security from proposed operational changes, changes in nuclear safety measures or facility modifications prior to their implementation;

  • Maintaining a formal process to evaluate the impacts on facility operations and on nuclear safety from proposed changes to nuclear security measures prior to their implementation;

  • Ensuring that any compensatory measures are implemented to address noncompliance with requirements or failure of nuclear security measures;

  • Maintaining a strong nuclear security culture;

  • Responding to changes in the threat environment, as appropriate, through changes to the nuclear security system;

  • Implementing sustainability and quality assurance programmes.
Operation stage actions 3.25. The following actions should be completed during the operation stage of a nuclear facility.
State actions Action 6-1: The State should periodically conduct exercises to assess and validate the comprehensive national response plan for nuclear security events. This plan should be periodically reviewed, exercised and revised.
State actions Action 6-2: The State should review the threat at regular intervals and evaluate the implications of any changes in the threat. The design basis threat or representative threat statement should then be reviewed in the light of the revised threat, as appropriate.
Competent authority actions Action 6-3: The competent authority should verify continued compliance with nuclear security regulations and licence conditions through regular inspections and ensure that corrective action is taken when needed.
Competent authority actions Action 6-4: The competent authority should require that the operator review and update the facility nuclear security plan at regular intervals to ensure that it reflects current conditions on the site and any changes to the nuclear security requirements and the design basis threat or representative threat statement.
Competent authority actions Action 6-5: The competent authority should periodically review the interface between the national response plan, the facility contingency plan and the emergency response plan to ensure that they are consistent and integrated.
Operator actions Action 6-6: The operator should maintain and update the facility nuclear security plan, including the facility contingency plan, and provide updates to the competent authority for approval as part of the licence conditions, as required.
Operator actions Action 6-7: The operator should monitor changes to the nuclear material inventory at the facility in a timely manner, including any associated changes in categorization, as required by the applicable regulations. Changes in categorization should be noted and nuclear security measures should be adjusted as necessary.
Operator actions Action 6-8: Prior to any changes in the inventory of nuclear material and other radioactive material, or modifications to plant equipment, systems or devices, the operator should perform analyses to determine whether the changes have the potential to result in unacceptable radiological consequences from sabotage.
Operator actions Action 6-9: Through its configuration management programme, the operator should ensure that nuclear security plans, procedures and design documentation are developed, assessed and updated as necessary.
Operator actions Action 6-10: The operator should implement the facility contingency plan and coordinate it with the national response plan. The facility contingency plan should also include procedures for coordination with the relevant State agencies.
Operator actions Action 6-11: The operator should ensure that protection measures in place for computer based systems in the facility are consistent with applicable requirements and are in accordance with the computer security portion of the approved nuclear security plan.
Operator actions Action 6-12: The operator should conduct recurring security related training for all personnel with security related responsibilities, as well as basic security awareness training for all facility personnel.
Operator actions Action 6-13: The operator should implement approved compensatory measures when nuclear security measures are determined to be incapable of providing the required level of protection.
Operator actions Action 6-14: The operator should develop and implement a human resources management programme, including measures for monitoring an individual’s ability to perform nuclear security functions.
Operator actions Action 6-15: The operator should develop and implement a programme to maintain functionality of physical protection equipment as well as other systems and components that contribute to nuclear security.
Operator actions Action 6-16: The operator should conduct regular security exercises accounting for all potential operational conditions. These exercises should be coordinated with response forces in order to validate the facility contingency plan and associated procedures.
Operator actions Action 6-17: The operator should conduct regular evaluations, including performance testing, to validate the effectiveness of individual nuclear security measures (e.g. procedures, equipment and personnel) as well as the cost effectiveness of the facility’s nuclear security measures.
Operator actions Action 6-18: The operator should obtain approval of major modifications to nuclear security measures from the competent authority before implementation, as required. Implementing such modifications may involve development and implementation of compensatory measures to be put in place during the modification. The plan for the compensatory measures should be submitted to the competent authority prior to implementation, if required.
Operator actions Action 6-19: The operator should update its nuclear security plan and related procedures to reflect operational changes (e.g. changes in access point hours or new processes), facility modifications or changes in nuclear security measures. The operator should also train personnel impacted by the change.
Operator actions Action 6-20: The operator should implement measures to meet regulatory requirements for nuclear security during the operation stage, including for computer security, sustainability, contingency planning, emergency preparedness, incident reporting, trustworthiness, quality assurance, nuclear security culture and nuclear materials accounting and control, as applicable.
Cessation of operation stage goals 3.26. As long as a risk of unauthorized removal of nuclear material or of sabotage leading to unacceptable radiological consequences remains, nuclear security measures should continue to be implemented on the site, although they should be tailored to the changing nature of operations on the site. This applies whether the facility has ceased operation permanently, in preparation for decommissioning, or for an extended period of time for major modifications, maintenance or repair.
Cessation of operation stage goals 3.27. When the facility has ceased operation for an extended period of time for major modifications, such as to increase capacity of the facility, the actions described for the design, construction and commissioning stages should be followed in the areas in which the modifications are being implemented, as applicable, while the rest of the facility should be protected in accordance with the measures approved in the nuclear security plan. This stage is not intended to cover actions necessary after an unplanned shutdown, such as after an incident or accident, which will require nuclear security measures tailored to the specific situation.
Cessation of operation stage goals 3.28. Nuclear security goals at this stage for the State, the competent authority and the operator include:

  • Modifying nuclear security measures in situations where nuclear material inventories are relocated, removed, increased or otherwise changed, as needed;

  • Accounting for impacts on nuclear security of reduction or reassignment of personnel resources;

  • Supporting cessation activities by bringing in new entities and personnel to the facility, including contractors, as appropriate;

  • Evaluating possible changes to nuclear security measures to account for changes to the facility that may impact the potential for sabotage;

  • Reconfiguring security areas following changes to the facility configuration to ensure that adequate nuclear security measures continue to be in place, as appropriate;

  • Evaluating process operations equipment and structures to identify quantities of nuclear material or other radioactive material accumulated in hold-up during the operations stage.
Cessation of operation stage actions 3.29. The following actions should be completed during the cessation of operation stage of a nuclear facility.
Competent authority actions Action 7-1: The competent authority, in accordance with regulations and based on the reason for the cessation, should ensure that the facility licence addresses the cessation of operation stage.
Competent authority actions Action 7-2: The competent authority should review and approve the operator’s revised nuclear security plan for the facility following cessation of operations, including the facility contingency plan, prior to its implementation, as required.
Competent authority actions Action 7-3: The competent authority should verify that the new configuration of nuclear security on the site is in compliance with regulatory requirements.
Competent authority actions Action 7-4: The competent authority should adapt its inspection activities, including the type and frequency of the inspections, to the cessation of operation stage, based on a graded approach.
Operator actions Action 7-5: The operator should notify the competent authority of the intent to transition to the cessation of operation stage, along with any facility or operational changes that may lead to changes to the nuclear security plan.
Operator actions Action 7-6: The operator should revise the nuclear security plan to take into account changes in operation, facility configuration and revised nuclear security measures, using a graded approach.
Operator actions Action 7-7: The operator should submit the revised nuclear security plan to the competent authority for approval, if required.
Operator actions Action 7-8: The operator should implement measures to meet regulatory requirements for nuclear security during the cessation of operations stage, including for computer security, sustainability, contingency planning, emergency preparedness, incident reporting, trustworthiness, quality assurance, nuclear security culture and nuclear materials accounting and control, as applicable.
Decommissioning stage goals 3.30. The decommissioning stage involves activities that will ultimately lead to the removal of all nuclear material and other radioactive material from the facility. However, as long as a risk of unauthorized removal of nuclear material or of sabotage leading to unacceptable radiological consequences remains, nuclear security measures should be maintained. The application of these measures should be based on a graded approach, taking account of the category of nuclear material and its potential for sabotage leading to unacceptable radiological consequences.
Decommissioning stage goals 3.31. Nuclear security goals at this stage for the State, the competent authority and the operator include:

  • Re-evaluating nuclear security requirements as the inventory of nuclear material and the potential radiological consequences associated with sabotage change;

  • Re-evaluating process operations equipment and structures to identify holdup quantities of nuclear material or other radioactive material accumulated in them during the operations stage;

  • Balancing safety and security objectives during decommissioning, for example, it may be required to delay decommissioning for dose reduction purposes (safety) versus the immediate removal of nuclear material and/or sensitive information for security purposes;

  • Reducing nuclear security measures during the period while nuclear material and contaminated equipment is being removed from the nuclear facility, while continuing to meet regulatory requirements based on a graded approach;

  • Ensuring proper disposal of sensitive information and security related equipment;

  • Managing changes in the workforce or organizations that impact nuclear security at the facility, such as workforce reductions;

  • Encouraging personnel to remain vigilant with regard to security awareness and nuclear security culture during decommissioning.
Decommissioning stage actions 3.32. The following actions should be completed during the decommissioning stage of a nuclear facility.
State actions Action 8-1: The State should modify its comprehensive national response plan, as appropriate, to reflect the status of the facility during the decommissioning stage.
Competent authority actions Action 8-2: The competent authority should issue a modified authorization based on the operator’s revised nuclear security plan, as required.
Competent authority actions Action 8-3: The competent authority should approve the operator’s revised facility contingency plan for the decommissioning stage and confirm its consistency with the national response plan.
Competent authority actions Action 8-4: The competent authority should adapt its inspection activities for the decommissioning stage, including the scope and frequency of inspections, taking into account new organizations and entities involved in the decommissioning stage.
Operator actions Action 8-5: The operator should notify the competent authority of the intent to transition to the decommissioning stage.
Operator actions Action 8-6: The operator should revise the nuclear security plan, prior to the transition to the decommissioning stage, to take into account changes in operation, facility configuration and revised nuclear security measures, using a graded approach. The plan should be coordinated with facility operations, safety and other involved entities to avoid conflicts, and provided to the competent authority for approval.
Operator actions Action 8-7: The operator should revise nuclear security measures for protection of sensitive information assets as those assets are removed from service.
Operator actions Action 8-8: The operator should implement measures to meet regulatory requirements for nuclear security during the decommissioning stage, including for computer security, sustainability, contingency planning, emergency preparedness, incident reporting, trustworthiness, quality assurance, nuclear security culture and nuclear materials accounting and control, as applicable.

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Objective and Essential Elements of a State’s Nuclear Security Regime, IAEA Nuclear Security Series No. 20, IAEA, Vienna (2013).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/ Revision 5), IAEA Nuclear Security Series No. 13, IAEA, Vienna (2011).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Physical Protection of Nuclear Material and Nuclear Facilities (Implementation of INFCIRC/225/Revision 5), IAEA Nuclear Security Series No. 27-G, IAEA, Vienna (2018).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Security of Nuclear Material in Transport, IAEA Nuclear Security Series No. 26-G, IAEA, Vienna (2015).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Nuclear Security Culture, IAEA Nuclear Security Series No. 7, IAEA, Vienna (2008).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Use of Nuclear Material Accounting and Control for Nuclear Security Purposes at Facilities, IAEA Nuclear Security Series No. 25-G, IAEA, Vienna (2015).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Security of Nuclear Information, IAEA Nuclear Security Series No. 23-G, IAEA, Vienna (2015).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Nuclear Security Recommendations on Radioactive Material and Associated Facilities, IAEA Nuclear Security Series No. 14, IAEA, Vienna (2011).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Milestones in the Development of a National Infrastructure for Nuclear Power, IAEA Nuclear Energy Series No. NG-G-3.1 (Rev. 1), IAEA, Vienna (2015).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Establishing the Nuclear Security Infrastructure for a Nuclear Power Programme, IAEA Nuclear Security Series No. 19, IAEA, Vienna (2013).

  • FOOD AND AGRICULTURE ORGANIZATION OF THE UNITED NATIONS, INTERNATIONAL ATOMIC ENERGY AGENCY, INTERNATIONAL CIVIL AVIATION ORGANIZATION, INTERNATIONAL LABOUR ORGANIZATION, INTERNATIONAL MARITIME ORGANIZATION, INTERPOL, OECD NUCLEAR ENERGY AGENCY, PAN AMERICAN HEALTH ORGANIZATION, PREPARATORY COMMISSION FOR THE COMPREHENSIVE NUCLEAR-TEST-BAN TREATY ORGANIZATION, UNITED NATIONS ENVIRONMENT PROGRAMME, UNITED NATIONS OFFICE FOR THE COORDINATION OF HUMANITARIAN AFFAIRS, WORLD HEALTH ORGANIZATION, WORLD METEOROLOGICAL ORGANIZATION, Preparedness and Response for a Nuclear or Radiological Emergency, IAEA Safety Standards Series No. GSR Part 7, IAEA, Vienna (2015).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Computer Security at Nuclear Facilities, IAEA Nuclear Security Series No. 17, IAEA, Vienna (2011).

  • INTERNATIONAL ATOMIC ENERGY AGENCY, Site Evaluation for Nuclear Installations, IAEA Safety Standards Series No. NS-R-3 (Rev. 1), IAEA, Vienna (2016).