Nuclear Power Plant Security
September 2014 - U.S. Nuclear Regulatory Commission
This fact sheet details the defense-in-depth philosophy used in the construction and operation of nuclear power plants, which provides high levels of protection for public health and safety.
Key Facts:
The nuclear energy industry is one of the few industries with a security program that is regulated by the federal government. “Nuclear power plants continue to be among the best-protected private sector facilities in the nation,” according to the independent U.S. Nuclear Regulatory Commission, which holds nuclear power plants to the highest security standards of any American industry. The NRC’s oversight program includes at least two resident inspectors at each site.
Nuclear power plants are very robust structures that, by design and construction, are very difficult to penetrate. In addition, the nation’s 62 nuclear plant sites—with 100 reactors—are protected by approximately 9,000 highly trained, well-armed security officers, augmented by comprehensive detection and surveillance systems.
The design of each nuclear energy facility ensures the reliability of plant systems, provides redundancy and diversity of key safety systems, and incorporates other safety features to prevent incidents that could pose a threat to public health and safety. The combination of robust structures, a well-armed professional security force and multiple backup safety systems provides layer upon layer of safety.
A cyber attack cannot prevent critical systems in a nuclear energy facility from performing their safety functions. Nuclear plant safety systems are completely isolated from the Internet and, even if cyber security were breached, the reactors are designed to shut down safely if necessary.
Nuclear Plant Security Measures:
The nuclear energy industry maintains very strict security to prevent unauthorized persons from gaining access to critical equipment or approaching close enough to harm the facility with land- or air-borne explosives. Security measures include:
Physical barriers, electronic detection and assessment systems, and illuminated detection zones
Electronic surveillance and physical patrols of the plant perimeter and interior structures
Bullet-resisting protected positions throughout the plant
Robust barriers to critical areas
Background checks and access control for employees
Highly trained, well-armed security officers
Concentric Circles of Escalating Security:
Security measures are based on concentric circles or perimeters, with the level of security increasing as distance to the reactor decreases.
Owner-controlled area. The outer perimeter, called the “owner-controlled area,” is sufficiently distant from the reactor that only minimal security is deemed necessary. Explosives, firearms and alcohol are prohibited in this area.
Protected area. The level of security increases dramatically at the boundary of the “protected area,” which is fenced, protected by sophisticated security systems and guarded by armed security officers. Industrywide, the security force includes some 9,000 officers, many with military or law-enforcement backgrounds.
Individuals who are granted unescorted access to the protected area must first undergo a background check, psychological evaluation and fitness-for-duty testing (drug testing). Once inside the protected area, personnel are subject to behavioral observation and random drug testing. Each day, before entering the plant, they must pass through metal and explosives detectors and biometric screening. Visitors are screened and must be escorted at all times.
Vital area. The innermost circle is called the “vital area,” which contains equipment needed to safely shut down the reactor and keep it in a safe condition. The control room, used fuel pool and main security alarm stations are in this area in addition to the reactor and associated safety equipment. Access is protected by card readers, security doors and sometimes staffed guard stations.
In response to a new NRC rule issued in 2009, the industry increased both the amount of live-fire weapons training and the frequency and scope of drills and exercises. This enhanced training ensures that each officer will participate in numerous security drills and exercises facing a mock adversary each year. While the scenarios are closely held, the drills themselves are announced in advance to ensure that drill participants are not exposed unnecessarily to lethal force.
Each nuclear plant site has developed an integrated security and response plan with federal, state and local law enforcement agencies and emergency responders who can assist in the unlikely event of an attack.
Federal Oversight of Nuclear Plant Security:
The U.S. Nuclear Regulatory Commission holds nuclear power plants to the highest security standards of any American industry, and the industry exceeds those standards.
In response to public concern over nuclear plant security, Congress included in the Energy Policy Act of 2005 several provisions that increase security requirements or capabilities. This included allowing the NRC to authorize security officers to carry certain advanced weaponry and increasing federal penalties for sabotage and for bringing unauthorized weapons onto a nuclear power plant site. The act also directed the NRC to increase the scope of the “design basis threat”—that is, the threat against which nuclear power plants must be protected.
The NRC develops the design basis threat based on its regular interactions with federal intelligence and law enforcement authorities. It is currently characterized as a well-trained and dedicated paramilitary force, armed with automatic weapons and explosives and intent on forcing its way into the plant to commit radiological sabotage. Such a force may have the assistance of an “insider,” who could pass along information and help the attackers. The threat also includes bomb-laden land and waterborne vehicles.
The NRC reviews the design basis threat each year and, since 2001, has revised it twice to reflect a higher number of possible attackers and greater weapons capabilities. In addition, the NRC conducts regular security briefings for senior executives and security managers in the nuclear industry to ensure they are up to date on the latest relevant intelligence.
The terrorist attacks of Sept. 11, 2001, prompted another look at the potential for an airplane crash to cause serious damage. NRC analysis shows that areas of a nuclear power plant housing the reactor and used reactor fuel would withstand the impact of a wide-body commercial aircraft. However, to enhance safety, NRC required nuclear plants to have response procedures to address an aircraft threat or loss of large areas of the facility due to explosions or fire. The agency’s aircraft impact assessment rule requires design features for new plants to mitigate the effects of an airplane crash, and post-9/11 NRC orders require existing plants to implement similar measures.
The NRC provides regulatory oversight of nuclear power plant security through its routine inspection program as well as evaluations in which a specially trained mock adversary attacks the plant. The agency conducts these force-on-force exercises at each nuclear power plant at least once every three years. The NRC also has at least two resident inspectors at each site.
Cyber Security:
Computer systems that help operate nuclear power plants and safety equipment are isolated from the Internet and from internal computer networks to protect against outside intrusion. Strict controls govern the use of portable media, such as thumb drives, CDs and portable computers. In addition, nuclear plants are designed to automatically disconnect from the power grid if there is a disturbance that could be caused by a cyber attack.
The nuclear energy industry established a task force in 2002 to develop guidelines for cyber security programs. The NRC endorsed the guideline in 2005 and, by 2008, every company that operates nuclear power plants had implemented it. The NRC subsequently issued comprehensive regulations governing cyber security. The Federal Energy Regulatory Commission initially proposed cyber security rules to cover portions of a nuclear energy facility but reversed its stance when it found that the NRC’s rule covers the entire facility. For more information, see NEI’s policy brief on cyber security.