1 1 UNITED STATES OF AMERICA 2 NUCLEAR REGULATORY COMMISSION 3 OFFICE OF THE SECRETARY 4 *** 5 BRIEFING ON SAFEGUARDS PERFORMANCE ASSESSMENT 6 *** 7 PUBLIC MEETING 8 9 Nuclear Regulatory Commission 10 Commission Meeting Room 11 11555 Rockville Pike 12 Rockville, MD 13 14 Wednesday, May 5, 1999 15 16 The Commission met, pursuant to notice, at 10:10 17 a.m., the Honorable Shirley Jackson, Chairman of the 18 Commission, presiding. 19 20 COMMISSIONERS PRESENT: 21 SHIRLEY JACKSON, Chairman 22 GRETA DICUS, Commissioner 23 NILS DIAZ, Commissioner 24 EDWARD MCGAFFIGAN, Commissioner 25 JEFFREY MERRIFIELD, Commissioner 2 1 STAFF AND PRESENTERS SEATED AT THE COMMISSION TABLE: 2 PANEL 1 3 WILLIAM TRAVERS, EDO 4 SAM COLLINS, NRR 5 WILLIAM KANE, NRR 6 RICHARD ROSANO, NRR 7 DAVID ORRIK, NRR 8 9 PANEL 2 10 RALPH BEEDLE, NEI 11 JOHN R. McGAHA, ENTERGY 12 WILLIAM A. JOSIGER, NYPA 13 PAUL LEVENTHAL, NCI 14 ELDON V.C. GREENBERG, NCI 15 16 17 18 19 20 21 22 23 24 25 3 1 P R O C E E D I N G S 2 [10:10 a.m.] 3 CHAIRMAN JACKSON: Good morning. 4 On behalf of the Commission, I would like to 5 welcome all of you to this briefing on the NRC safeguards 6 and performance assessment program. 7 I would like to remind all participants at the 8 outset that this is a public meeting, and given that our 9 topic today involves security and safeguards issue, we 10 should be careful not to discuss -- not to discuss or to 11 disclose information that is considered sensitive or 12 classified. 13 Let me repeat. This is a public meeting, and 14 given that our topic today involves security and safeguards 15 issues, we should be careful not to discuss or to disclose 16 information that is considered sensitive or classified, 17 including references to specific details of the design basis 18 threat or vulnerabilities at any particular facility. 19 As you may know, NRC regulations require nuclear 20 reactor licensees to establish a physical protection system 21 and a security organization to protect against the design 22 basis threat of radiological sabotage. 23 Licensees also are required to establish physical 24 security plans to ensure that specific physical protection 25 capabilities are met. 4 1 NRC security inspections at power reactors are 2 designed to evaluate licensee compliance with plan 3 commitments and to assess the capabilities of licensee 4 security programs. 5 For the past seven years, the NRC staff also has 6 conducted operational safeguards response evaluations, known 7 as OSREs, an acronym, as a supplemental performance 8 evaluation of licensee response capabilities. 9 In the fall of 1998, a series of events brought 10 the OSRE program into the spotlight, including, first, the 11 cancellation of the program by NRC management; second, 12 differing professional views submitted by various members of 13 the NRC staff; third, subsequent reinstatement of the 14 program at my direction; and fourth, the formation of the 15 Safeguards Performance Assessment task for to review the 16 OSRE program and to develop recommendations for improvement. 17 In recent months, the OSRE program has undergone a 18 great deal of scrutiny by the task force, by the Commission, 19 and by external stakeholders, including members of the 20 Congress. 21 This scrutiny, I believe, has been beneficial in 22 all respects and should result in a much improved program. 23 The Commission currently is considering recommendations by 24 the NRC task force for improvements in assessing safeguards 25 performance. 5 1 Today, the Commission will be briefed by two 2 panels on this topic of safeguards performance assessment. 3 The first panel will be comprised of those at the 4 table, the NRC EDO, Dr. Bill Travers, and several 5 contributors from our Office of Nuclear Reactor Regulation, 6 Mr. Bill Kane, who's associate director of inspections and 7 programs, Mr. Dick Rosano, who's chief of the reactor 8 safeguards section, and Mr. David Orrik, a security 9 specialist in the reactor safeguards section. 10 The second panel will include various individuals 11 from NEI, led by Mr. Ralph Beedle. It will also include Mr. 12 Paul Leventhal, I believe is here, from -- who's president 13 of the Nuclear Control Institute, and is there a Mr. John 14 McGaha, who is executive vice president and chief operating 15 officer of Entergy Operations, Inc. 16 I'm told there may be others, and if so, they can 17 identify themselves when they come to the table. 18 Let me thank each of you for your participation in 19 this meeting at the outset, and without further 20 introduction, unless my colleagues have additional comments, 21 let me invite panel one. 22 Yes. 23 COMMISSIONER MERRIFIELD: I was just going to ask 24 -- I was just wondering whether it was your intention to 25 have -- we've got two presentations, one by sort of the 6 1 staff and then a separate one by Mr. Orrik. Does it make 2 sense to wait until both have had an opportunity to speak 3 and then ask questions? 4 CHAIRMAN JACKSON: I think if there are clarifying 5 questions after the staff presentation, you know, one should 6 ask those questions. 7 Again, we'll try to let them get as far as they 8 can, but I think if there are clarifying questions that 9 people feel they want to ask, we should ask. I think we've 10 allotted enough time to allow for that, but we'll try to 11 have a structured presentation and let you go through, and 12 then -- recognizing that if -- there may be questions after 13 the second panel that may relate to what we've heard from 14 the NRC staff. 15 And so, Dr. Travers, why don't you begin? 16 MR. TRAVERS: Thank you, Chairman, and good 17 morning. 18 As you've indicated, we are here in this first 19 part of the meeting as the staff to discuss with you the 20 status of the safeguards performance assessment program with 21 a particular focus on the operational safeguards response 22 evaluation, or OSRE program. 23 I think you've already introduced the staff 24 members. 25 I would just point out just one additional piece 7 1 of information for people who might be interested. 2 The details of the Safeguards Performance 3 Assessment task force are contained in SECY 99-024, and with 4 that, I'd just like to turn the meeting over to Bill Kane, 5 who's going to begin the presentation. 6 MR. KANE: Good morning. 7 CHAIRMAN JACKSON: Good morning. 8 MR. KANE: The centerpiece of our discussion today 9 will be the recommendations of the Safeguards Performance 10 Assessment task force. 11 We'll try to compare the recommendations going 12 forward with the past OSREs and also the ones that we are 13 currently conducting and will be conducting until April of 14 next year. 15 I would point out that these remaining 10, at this 16 point, OSREs -- we do expect to pilot many of the things 17 that we can from the new process, the new recommendations, 18 and to attempt to learn from each of these going forward 19 some of the lessons that we can then adjust and apply to 20 subsequent OSREs. 21 So, at this point, I would like to turn it over to 22 Richard Rosano, who is chief of our safeguards section. 23 MR. ROSANO: Good morning. 24 CHAIRMAN JACKSON: Good morning. 25 MR. ROSANO: We have a number of slides that have 8 1 to do with background, and in the interests of time, I will 2 cover them only briefly, unless you have questions about 3 them. 4 The first slide is on the chronology of the 5 operational safeguards response evaluation program, and it 6 tracks the history from 1992, when it was formed, through 7 some recent events, going through last year, when there was 8 a planned elimination of the program and its reinstatement. 9 Again, I don't plan to spend very much time on 10 that, unless you have questions on it. 11 The next slide refers to 10 plants remaining in 12 the first cycle. 13 As Mr. Kane pointed out, when the OSRE was 14 reinstated last fall, there were 11 plants remaining. We 15 had made some changes for the modified program and restarted 16 it as of last week. There was an OSRE conducted at Watts 17 Bar last week, and so, the 11 is now down to 10. 18 This is the proposed schedule. It may be subject 19 to some changes, obviously, but this is what we're expecting 20 at this point. 21 Unless we have any questions on the schedule, I'd 22 like to go on to the recommendations. 23 The next two slides, the recommendations, 24 safeguards performance -- 25 CHAIRMAN JACKSON: Are you going to talk to us 9 1 about any kind of general conclusions that come out of the 2 Watts Bar OSRE? 3 MR. ROSANO: I would be happy to do that. In 4 fact, this might be the best time. 5 There were some changes implemented in the 6 program, and now that I've said it's the best time, I'm 7 going to have to talk about this later, because some of the 8 changes are reflected in later slides. 9 CHAIRMAN JACKSON: Why don't you circle back? 10 MR. ROSANO: You want to circle back to Watts Bar 11 later on? That's fine. 12 Okay. 13 The recommendations of the task force set as its 14 goal to study the lessons learned from the OSRE program to 15 make recommendations as to the alternative means of testing 16 the response capability in the future. 17 CHAIRMAN JACKSON: It's not focused. 18 MR. ROSANO: I hope you meant the slide, Madam 19 Chairman. 20 CHAIRMAN JACKSON: Beg your pardon? 21 MR. ROSANO: I hope you meant the slide and not my 22 comments. 23 [Laughter.] 24 CHAIRMAN JACKSON: Well, let me think about that. 25 MR. ROSANO: Okay. Well, I'll wait while he 10 1 focuses it, but I'm going to continue. 2 Our goal was to learn something from the past but 3 to keep in place our performance assessment program and look 4 for new ways to do in the future, so that we can instill new 5 realism in the scenarios as well as to ensure that we 6 maintain a higher level of capability of the licensees' 7 response over time. 8 On the next slide, as to the exact 9 recommendations, the SECY paper outlines four 10 recommendations by the staff. 11 SECY paper 99-024, which were the recommendations 12 of the Safeguards Performance Assessment task force, 13 suggested that there would be a regulation required that 14 would require periodic drills and exercises of the 15 licensees, the specifics on that I'll get into on the next 16 slide, but that the drills and exercises would be designed 17 to test the licensee's response capability but also train 18 them through regular testing to maintain a higher level of 19 response capability through time rather than the more 20 infrequent tests that they were subject to under OSRE. 21 The OSRE cycle, because of time involved, was an 22 eight-year cycle, and so, plants only got a visit about 23 every eight years. The drills and exercises are designed to 24 occur quarterly, small scale, and biennially on the large 25 scale. 11 1 This regulation would also require that the 2 licensees upgrade security when vulnerabilities are 3 identified in these tests and that it wouldn't leave it 4 simply as testing but that they'd be required under 5 regulation to make some improvements, to upgrade. 6 The second recommendation is that guidance be 7 given to the industry. The guidance would reach into areas 8 like designing the target sets, which are the sets of 9 equipment thought to be necessary to defeat before a 10 successful sabotage event could occur. 11 So, they would receive guidance on designing 12 target sets. They would receive guidance on designing their 13 tactical response capability, and the guidance would also 14 include how to run the drills, how to run the exercises. It 15 would go into the details that the regulation couldn't reach 16 in terms of how to conduct these exercises, and also, the 17 periodicity of the exercise would be in the regulation 18 itself, though. 19 The third recommendation of the task force was 20 that there be an inspection procedure, either a revised -- 21 the revision of an existing procedure or a new procedure, 22 and quite frankly, it would likely be a new procedure, to 23 guide the inspectors in overseeing and observing, inspecting 24 these exercises, and the inspection procedure would be 25 geared to both the quarterly drills and the biennial 12 1 exercises, although it's as yet undecided what level of 2 involvement the NRC would have in quarterly drills. 3 That's a matter of resources, a matter of the 4 performance of the licensee. All of this would be key to 5 the baseline inspection program, and so, our involvement in 6 quarterly drills might be less necessary where licensees 7 appear to maintain a high level of performance. 8 The fourth recommendation has to do with training 9 of NRC regional inspectors. 10 The OSRE team and its contractors bring to bear a 11 lot of expertise that is unique and it is specialized 12 experience. The inspectors are well trained in physical 13 security. Not necessarily all of them are well trained in 14 tactical response. 15 Clearly, we would have to raise the level of 16 training for these inspectors as they become more involved 17 in an oversight function for drills and exercises. 18 In the next slide, we begin to examine the former 19 program and the staff's recommendations for the new program. 20 There have been some questions about the adequacy of the new 21 recommendations versus the old program, and so, this was set 22 out to try to demonstrate how we expect the new program to 23 cover all of the aspects of the old program and add some 24 more. 25 You'll notice there are four columns. In the 13 1 first -- well, actually the second column, it's current OSRE 2 has run from 1992 to 1998. We are currently functioning in 3 the third column, is the modified OSRE. This is modified to 4 include several improvements. 5 One of the things in the modified program is that 6 licensees will no longer be allowed to run their drills with 7 more than -- more guards than they are committed to in their 8 security plan. 9 There have -- to clarify that, licensees often 10 have what's called a running force -- that is, a number of 11 guards that -- in excess of their commitments, and many 12 licensees have committed to themselves that they will always 13 carry that guard force, for a variety of reasons, including 14 to back up for sick call-ins or whatever, just to have more 15 guards on force, and the OSREs have been conducted allowing 16 them to use this running force. 17 That is not, however, what they're committed to in 18 their security plan, and so, under the modified program -- 19 and by that, I mean the licensees that are necessary to 20 complete the first cycle, that being 11 more -- they -- all 21 the licensees will be required to stick to what they've 22 committed to in their plan. 23 Using hypothetical figures, if they commit to five 24 immediate responders and five back-up responders, they are 25 tested now so that they may only use the five immediate 14 1 responders, and if they commit to five back-up responders, 2 when the drill begins, there is a radio contact made with 3 those back-up responders to find out where they're placed. 4 They may be randomly placed based on other duties 5 or other assignments at that time, and as the drill begins, 6 they would be, in a sense, locked in at that place, so that 7 the drill could run as if they're reporting from the 8 cafeteria or the coffee shop or wherever they happen to have 9 drifted during that period, and they'll be tested 10 accordingly. 11 They won't be allowed to be poised ready to 12 respond. 13 We are also in the modified program piloting some 14 important new concepts that will become part of the 15 recommendations for the future, the most important of which 16 is the incorporation of operational solutions to the 17 judgement of the success of the licensee. 18 Operational solutions have been considered in the 19 past an OSRE, and there have been -- it's certainly been a 20 big part of the development of target sets, because a target 21 set can only be defined based on what ops can or cannot do. 22 However, in the future, what we're going to be 23 doing -- in this modified program, what we're going to be 24 doing is testing how these operational concepts inter-link 25 with the security response, and so, for the next 10 -- and 15 1 we began this last week with Watts Bar -- we will be 2 requiring licensees to participate with ops individuals to 3 play in the table-top drills and the exercises to describe 4 what they would be doing during the running of the drill, 5 what actions would they be taking and what are the likely 6 effects on the plan if they take those actions. 7 The fourth column -- and I know I dwelled quite 8 long on the third column, but the fourth column would be 9 what the staff recommends for the future, and it 10 incorporates things that we've learned from the past as well 11 as some of the piloted concepts in the modified program and 12 then some. 13 I'm going to get ahead and step through the 10 14 points now and would be happy to take questions at the time 15 I bring up each of the issues, because they are somewhat 16 specific, as you like. 17 The first one is on frequency of tests. As I 18 mentioned before, the OSRE cycle was an eight-year cycle. 19 We believe that we could achieve more by having more 20 frequent tests at the sites, and our goal with the 21 recommendation was to achieve that. 22 In the modified OSRE, we're simply going to 23 complete the first cycle, but the SPA task force recommends 24 that there be quarterly drills, drills being defined as 25 single-shift exercises, relatively simple, perhaps not with 16 1 a lot of NRC involvement. 2 Regional inspectors may attend on occasion to see 3 how they're performing. 4 The results of these quarterly drills will become 5 part of the performance indicator program and feed into the 6 risk-informed baseline inspection program. 7 We also recommend biennial exercises of a larger 8 scaler involving more than a single shift, single scenarios, 9 and those would be more frequently looked at by NRC 10 inspectors and headquarters individuals, as necessary. 11 In item number two -- 12 MR. COLLINS: Excuse me, Dick. 13 MR. ROSANO: Yes, sir. 14 MR. COLLINS: Philosophically, this is a part of 15 shifting -- I'm going to call it a burden, but really, it's 16 an obligation with an up-front clarification of what is 17 required as far as expectations, with some clarity in the 18 requirements, and shifting that role from a response to the 19 NRC periodically once every eight years with an OSRE to 20 ingraining it into the processes that licensees would 21 utilize to surveil any process or program that they may have 22 that meets a regulatory requirement, very similar to the way 23 that we handle other attributes of defense-in-depth, if you 24 will. 25 MR. ROSANO: Okay. 17 1 Item number two has to do with the size of the NRC 2 team at exercises. Currently, the OSRE team has one or two 3 regional inspectors, three headquarters individuals, and 4 three contractors who attend, and during the modified 5 program, we intend to continue that. 6 In the SPA task force recommendations, we believe 7 that we can get more visits, perhaps, out of that same 8 number of people, and in fact, increasing the number of 9 visits without increasing resources is one of the goals of 10 the task force, and by doing so, what we would recommend is 11 that these -- the attendants at biennial exercises be by, 12 again, one or two regional inspectors, likely no more than 13 one often, and one to two headquarters staffers and one to 14 two contractors. 15 COMMISSIONER MERRIFIELD: Madam Chairman? 16 CHAIRMAN JACKSON: Please. 17 COMMISSIONER MERRIFIELD: I had a question about 18 resource requirements, because we're going from a cycle 19 where we visit the plants once every eight years to, in 20 essence, as a result of the exercises, visiting them once 21 every two years, and I'm wondering what the -- if you've 22 done an analysis of the resource implications, and I'll just 23 layer on top of that, we're also going to have resource 24 implications as it relates to all of the training we're 25 going to have to do of our resident inspectors to be 18 1 available to do the quarterly drills. 2 CHAIRMAN JACKSON: Are they resident or 3 region-based? 4 MR. ROSANO: Region-based, likely. 5 COMMISSIONER MERRIFIELD: I'm sorry. Thank you 6 for the clarification. 7 MR. ROSANO: Yes. 8 COMMISSIONER MERRIFIELD: But nonetheless, there 9 will be additional training requirements for them, as well. 10 MR. ROSANO: Yes. We have given that some 11 thought, and I will begin by saying that the arrangement of 12 resources as they're shown in item number two would double 13 the number of visits that we can make, and so, instead of an 14 eight-year cycle, we could reduce it to a four-year cycle. 15 That's the first cut. 16 The second cut on this issue is that, if we use 17 the baseline inspection program and use input from the 18 quarterly drills and performance indicators in this area, we 19 will be able to decide which licensees need more frequent 20 oversight by the NRC during this process and which need 21 perhaps less, and it could be that we could achieve visits 22 at the right frequency, depending on the performance of the 23 licensee, without increasing resources. 24 MR. COLLINS: And I think it's fair to say that 25 we'd look at the rest of the program, as well, to see if 19 1 other adjustments needed to be made. 2 MR. ROSANO: Okay. And Dr. Travers just pointed 3 out -- I don't mean to suggest that we would attend every 4 biennial exercise, and even with my first math, it would 5 double the resources. What I mean to say is we won't to go 6 to everyone, and if we do, it may be that NRC -- or I'm 7 sorry -- regional inspectors go to every one but that a full 8 force, including headquarters and contractors, will go when 9 it's selected, that that licensee has either performed at 10 the level that indicates the need for it or that we 11 determine some larger cycle to make sure that every plant 12 gets the full force, but those are the kinds of 13 considerations. 14 COMMISSIONER MERRIFIELD: Okay. Now I understand, 15 because you have here -- in number one, you refer to 16 biennial exercises by NRC inspectors. That wasn't clear to 17 me. 18 MR. ROSANO: I'm sorry. That is meant that -- we 19 would expect the regions to send someone to all the biennial 20 exercises, but it might not have attendance by the full OSRE 21 team. 22 COMMISSIONER MERRIFIELD: Okay. 23 MR. COLLINS: Again, the intent is not to have the 24 NRC to be the cornerstone or the hinge-pin for these 25 programs to be successful, for us to be in more of an 20 1 oversight role, and that oversight role is graded based on 2 performance and periocity rather than a commitment for 3 everyone. 4 COMMISSIONER MERRIFIELD: But it would still be 5 the expectation we would double the number of visits we'd be 6 able to make. 7 MR. ROSANO: If we changed the resource allocation 8 the way I've suggested here, we could double the visits 9 immediately. 10 COMMISSIONER MERRIFIELD: Okay. Thank you. 11 MR. ROSANO: Item number three refers to target 12 sets, and a cornerstone of the performance assessment 13 process is target sets -- that is, to determine the sets of 14 equipment that, taken as a set, would have to be defeated 15 before a Part 100 release would be realized, and it used to 16 be in the past that the requirement was that they protect 17 all vital equipment, and it was determined over time that 18 that's not necessary, that, in fact, certain pieces of vital 19 equipment could be defeated without reaching a state of 20 emergency at the site. 21 So, these target sets began to be developed 22 site-specifically. These target sets undergo a lot of 23 scrutiny by the NRC in our office, as well as by the site, 24 because the sites are expected to develop their own target 25 sets in order to figure out what their response strategy 21 1 would be. 2 In the OSRE program over time, the target sets 3 were defined by the licensee and coordinated with the NRC 4 team. That is still the way we're doing business. 5 We expect that, by the end of the first cycle, 6 though, a lot of the target sets, essentially all of the 7 target sets would have been defined, and that there may be 8 some changes over time, but the amount of effort necessary 9 to deal with target sets after the first full cycle will 10 reduce considerably and that, in the future, the -- another 11 item is that, in the future, the target sets will be 12 oriented to Part 100 release limits rather than core damage, 13 which has been the goal so far, because we want to take the 14 next step. 15 More than core damage, there has to be evidence of 16 Part 100 release. That will be the design of the target 17 set. 18 The last item is we would incorporate operational 19 solutions, but again, that is part of taking the next step 20 into Part 100 and not simply achieving core damage. 21 Do you have any questions there? 22 Item number four is, thankfully, shorter. The 23 number of target sets during each test -- it has been four, 24 it's continuing to be four, but again, we've changed that 25 slightly for the new program, because the quarterly drills 22 1 will be smaller scale, and the biennial exercises will be 2 larger, and we just intend to have more target sets worked 3 into the drills in biennial exercises. 4 Number five is the make-up of the mock adversary 5 force. I want to make it clear that we do not attack the 6 plants. We rely on licensees to staff a mock adversary 7 force. That has been true, it is true, and unless we're 8 given other direction, that will continue to be true. 9 MR. COLLINS: Dick, just to be clear, though, 10 there is some demonstration, potentially, that takes place 11 with use of the contractors. 12 MR. ROSANO: The contractors work with the 13 licensees through the table-top drills, and the contractors, 14 who have excellent talents in this area, deal with the 15 licensee security organization to define how the attack 16 ought to take place, but the actual carrying out of the 17 attack is done by the licensee or, in some cases, for 18 example, Watts Bar, they brought in an adversary force from 19 another plant. 20 In fact, there was an interesting combative 21 camaraderie going there. So, it was interesting to observe 22 that. 23 Commissioner Dicus had the benefit of being there. 24 I'm sure she would have some comments on it. 25 Item number six, the make-up of the guard force 23 1 during the test -- this is what I mentioned earlier, and I 2 went, perhaps, into too great detail earlier, but it's 3 restated here. 4 Tests have been carried out with more guards and 5 committed to in the security plan because it reflected the 6 running level, the running force at the site. 7 In the modified OSRE and in the SPA task force 8 recommendations, we're going to stick to the security plan. 9 It's whatever they commit to and it's how they commit to it. 10 So, for example, if they have back-up guards, 11 they're only allowed to be located somewhere that they might 12 be in wandering around the plant. They're not allowed to be 13 poised and ready to respond. 14 COMMISSIONER MERRIFIELD: Madam Chairman? 15 CHAIRMAN JACKSON: Please. 16 COMMISSIONER MERRIFIELD: Do you anticipate any 17 modification of licensees' existing makeup of those? Do you 18 expect them to add additional responders as a result of this 19 change in the OSRE testing? 20 MR. ROSANO: I've heard some licensees say that 21 they will want to. 22 I've heard other licensees say they will have to, 23 that licensees -- in fact, one comment I received in the 24 meeting with NEI a couple of months ago was that they've 25 used these guards and they've committed to themselves that 24 1 they would have these guards there. 2 They hadn't put that in the plan, but now that 3 they know it's the rules of engagement, they're going to put 4 it in the plan, and it doesn't seem to bother them, because 5 they're already paying the guards anyway. 6 MR. ORRIK: I'd like to add to that, in all of the 7 57 OSREs, 58 OSREs that we've had so far, typically the 8 response -- or the guard force on duty at any time is a much 9 larger number than the number of responders that they commit 10 to. 11 It is also larger than the number of responders 12 that they actually use. 13 So, I have known of no site that has had to 14 actually increase the number of officers they have on duty 15 at any one time, although they have gone, as we've noted, to 16 a larger response force than they have committed to, but I 17 know of no plant that has actually had to add forces before 18 the OSRE. 19 MR. COLLINS: That's a different issue, I think. 20 Let me try to clarify the issue for you, if I can. 21 The intent of the pilots is to answer just that 22 question. Watts Bar, perhaps, was the first plant wherein 23 the manning requirements of the security, training, and 24 contingency plans were adhered to in response to the 25 modified OSRE. 25 1 As we go through the rest of the pilots, we'll 2 learn more, on a site-by-site basis, which is, I think, 3 contingent on the target set robustness, the equipment 4 that's at the plant, the number of people that's committed 5 to individually their training. There's a lot of variables 6 in this formula. 7 The intent of the pilot is to provide a process by 8 which, after the modified OSRE is complete, there is an 9 evaluation period. That evaluation allows for an assessment 10 of the results of the OSRE against the requirements of the 11 security plan, the equipment, and an operational component. 12 Those three evaluations will result in a 13 reconciliation of the performance of the OSRE, which may end 14 up with the guard force number being modified. It's a 15 double-edged sword, could be up or down. 16 Commitment to additional security equipment which 17 is necessary to pass or is not necessary to pass and 18 therefore can be removed or a confirmation that the 19 operational safeguards, which is redundancy, diversity of 20 engineered safeguards, as well as operator response, is 21 adequate or additional commitments need to be adhered to 22 there. 23 So, that's a long answer, but it will come out of 24 the pilots and it will be a reconciliation of performance. 25 It may be either way. It may up. In some cases, it may be 26 1 down. 2 COMMISSIONER MERRIFIELD: I think when we went 3 through the earlier effort before the chairman required the 4 OSRE program to be continued, there was, I think, some 5 confusion about the activities being undertaken by licensees 6 relating to their guard force. 7 We talk about the number of responders and how 8 that may be modified in these exercises. Mr. Orrik brought 9 up the issue of the -- and to repeat again, to your 10 knowledge, no licensee has reduced the number of total 11 security guards at a plant as a result -- after an OSRE? Is 12 that what you said? 13 MR. ORRIK: No, sir. Actually, some licensees 14 have reduced the number of responders. 15 COMMISSIONER MERRIFIELD: No, total number of 16 security guards employed at the facility. 17 MR. ORRIK: No, sir, I would not know that. I 18 would believe that would be a logical outcome of reducing 19 the number of responders, but I tend to doubt that. I don't 20 know that answer. 21 CHAIRMAN JACKSON: Is the confusion due to the 22 fact that -- each plant has a security force. Within that 23 security force are the responders. 24 COMMISSIONER MERRIFIELD: Individuals who are 25 designated as people who would respond if they were 27 1 attacked. 2 CHAIRMAN JACKSON: That's right. 3 MR. COLLINS: That is correct. 4 CHAIRMAN JACKSON: And that's the number that one 5 is talking about going up or down on and not the overall 6 envelope of the number of security personnel that they have. 7 MR. KANE: And I believe Mr. Orrik's response was 8 that adding additional responders did not increase the 9 overall size of the security force. 10 COMMISSIONER MERRIFIELD: I'm sorry. That is 11 correct. 12 MR. COLLINS: It can be moved but still not 13 increase the total number. 14 COMMISSIONER DICUS: For an exercise or drill, 15 right? Or in general? 16 CHAIRMAN JACKSON: Well, it's the number committed 17 to in their security plan. 18 MR. ROSANO: That's right. 19 COMMISSIONER DICUS: But if they increase the 20 number -- happen to increase the number of responders in 21 their security plan, that implies increasing the guard force 22 or extending into longer overtime. 23 MR. ROSANO: The guard force is made up of armed 24 responders and unarmed individuals in the security 25 organization. The security force is actually considerably 28 1 larger than just the armed responders, and they could add 2 armed responders for tactical response without increasing 3 the total size just by converting some people to the unarmed 4 status who were responsible for other duties and moving them 5 basically out from behind a desk, if you'll use police 6 terms. 7 COMMISSIONER MERRIFIELD: I just wanted to get 8 that clarification, because I think there was some 9 misunderstanding that there was widespread hiring or firing 10 of the total number of security guards at the plant as a 11 result of the OSREs, and that was not the impression you 12 intended to leave. 13 MR. ROSANO: That's not the indication that we get 14 from the sites. 15 COMMISSIONER DICUS: But it does increase cost 16 because of increased training and equipment. 17 MR. ORRIK: Yes. 18 CHAIRMAN JACKSON: And I guess the real 19 terminology should be security personnel, because some are 20 armed and some are unarmed. 21 MR. ROSANO: Yes, that's true. 22 MR. COLLINS: That's correct. 23 MR. ROSANO: Okay. If I may, item number seven, 24 the NRC role during the tests -- throughout the first eight 25 years, seven years, of the OSRE, we were evaluating the 29 1 overall adequacy of licensee performance, and that was 2 designed specifically having to do with tactical response. 3 In the modified OSRE, we want to show the nexus 4 between their performance and their commitments. This is 5 what we've been discussing. During the modified OSRE, we 6 are examining their performance but also the level of their 7 commitments and whether it's adequate to carry out the 8 function. 9 Under the SPA task force recommendations, that 10 would be carried on. 11 We want to make sure that there is a clear nexus 12 to commitments, that performance must be linked to 13 commitments, and that's what we're judging and that's what 14 we're trying to examine during these visits. 15 That has to do with the commitments in the 16 security plan as far as guard force, as well as their 17 commitments, procedural commitments in terms of tactical 18 response and how they would deal with an attack and as far 19 as what they would do in terms of equipment modifications, 20 defensive positions, and so on. 21 Number eight is the use of the operational 22 solutions to sabotage scenarios, not that this is the first 23 time we've discussed it this morning, but operational 24 solutions were considered as part of the target sets in the 25 former OSRE, but it did not -- the OSRE itself, the drill, 30 1 did not assess their actions as mitigating factors. 2 As the drill would run, the operators weren't 3 there advising what steps they would take and what actions 4 they would use to mitigate the consequences. 5 In the pilot -- in the modified OSRE, we're going 6 to pilot the program using that. We're going to get more 7 and more involvement. 8 Just a reflection of what happened last week at 9 Watt's Bar, the operations people were in the room as we ran 10 table-tops and were at least peripheral observers during the 11 drills themselves, and they did take notes, and they 12 informed us later of how they intended to participate and 13 what they would have done. 14 What I want to do is to -- what we want to do is 15 to encourage more of that and not just have them in the room 16 and peripheral observers but to actually make them part of 17 the play of the table-tops in that -- so that we can run 18 time-lines that mesh both the actions of the security force 19 and the actions of operations, and the same time-line will 20 run through both, and we would be able to examine afterwards 21 -- as Mr. Collins says, we would do an operational 22 post-analysis after the visit to examine what would have 23 been the real effect of the operator's actions and how would 24 it have changed the result of the drill, and we can only do 25 that as we get more and more involvement by operations 31 1 people. 2 As a corollary to this, the NRC will be using more 3 operational expertise and individuals to examine this. 4 There will be more work between my group and the project 5 staff. 6 The resident inspectors have been asked to attend 7 these OSRE drills because they intimately know the 8 operations of the plant. They provide a very good source of 9 feedback when we try to develop target sets and table-top 10 drills. 11 The residents -- both of the residents of Watts 12 Bar were in attendance last week and provided a valuable 13 resource as far as that goes. So, we want to try to 14 incorporate more of our own talents in, as well as having 15 the licensee raise their level of involvement in ops. 16 MR. KANE: I would just like to reinforce that 17 this is the difference in this program that -- a major 18 difference in this program, that an evaluation of the 19 operational response, together with the security response, 20 may, as Mr. Collins indicated, be the basis for reducing 21 some of the commitments that are in the current plan. We 22 understand that and -- 23 CHAIRMAN JACKSON: But you're going to let it play 24 out. 25 MR. KANE: But it needs to be played out. But I 32 1 mean that is one of the benefits I see of running it this 2 way, because you can see what you need to do in both 3 directions, not simply as a -- 4 MR. COLLINS: Again, we're going to confirm we 5 maintain safety in this arena and we go into the other 6 output measures, including reducing unnecessary burden. 7 CHAIRMAN JACKSON: In looking at that, you're not 8 going to have -- you know, you have to obviously, then, look 9 at whether the operator's ability to take certain actions is 10 or is not compromised in a certain scenario for that plant. 11 Is that correct? 12 MR. KANE: That's correct. 13 CHAIRMAN JACKSON: Or the likelihood of it. You 14 did not talk about the SPA task force recommendation in that 15 area. 16 MR. ROSANO: Okay. 17 COMMISSIONER McGAFFIGAN: Madam Chairman, just a 18 clarification on that last point. 19 Have you gone back and looked -- since you didn't 20 involve operator action in the past, Mr. Orrik, in his 21 comments and in his DPO, has used statistics about the 22 number of failures to demonstrate they could protect against 23 radiological sabotage. 24 In the past, you assumed, if you got some plastic 25 explosive to position X, you'd have a problem. Is there any 33 1 attempt to look backward and see whether that 53 percent is 2 an accurate number? 3 I don't want you to do everything, because that 4 would be a waste of time, but looking at a few of them and 5 see whether, if operator action had been taken into account, 6 there wouldn't have been a problem? 7 MR. ROSANO: One of the tasks that the task force 8 is taking on is to look at the reports that have been 9 generated by past OSREs and to try to develop some analysis 10 -- operational analysis. The reports are fairly descriptive 11 and do provide a lot of detail and might allow us to do 12 that. 13 There is not a plan currently to revisit the sites 14 and do it by way of that, but the task force does plan to 15 look at the sites, especially those that had some findings, 16 whether significant or less than significant, and to use 17 those as a baseline to figure out whether there are some 18 issues that were not considered during the past OSREs that 19 we could look at and infuse in a backward-looking sense. 20 The task force will do that. That will also be 21 part of the task force's report at the end of this process. 22 COMMISSIONER MERRIFIELD: Madam Chairman, I had a 23 -- 24 CHAIRMAN JACKSON: Yes, please. 25 COMMISSIONER MERRIFIELD: -- further clarifying 34 1 question on that same issue. 2 Commissioner McGaffigan mentioned that the 3 53-percent demonstration that could protect against 4 radiological sabotage -- I'm quoting from Mr. Orrik's draft 5 here, and then 47 percent demonstrated significant -- and 6 that's my emphasis -- significant security weaknesses in 7 their protection capability. 8 Mr. Rosano, is that analysis? Would you agree 9 with that characterization, 47 percent significant security 10 weaknesses? 11 MR. ROSANO: I do not, and the staff does not. 12 I've looked at the reports, and I've read the reports, and 13 as the findings are characterized in the reports, I've also 14 asked some of our regional inspectors to look at the 15 reports, and my findings were that there were significant 16 vulnerabilities and far fewer -- something in the 6 to 7 17 percent range. 18 I might point out that, in any case, all of the 19 vulnerabilities have been fixed, but the characterization of 20 significant findings, I disagree with, and I find it to be 21 much lower. 22 MR. ORRIK: May I define the -- the 23 characterization of significant was under the guidelines 24 that we were provided that, if an adversary force 25 realistically reached and sabotaged, simulating sabotaging a 35 1 critical target set, that was the criterion, and by that, we 2 had something like, in 27 plants, something like 40 total 3 times that occurred. 4 We did not look at operational impact. That was 5 not my charter. We looked at the security impact only, and 6 if the target set was reached, destroyed, that was it. 7 Now, some of the target sets -- and I can't go 8 further -- would inevitably have gone to a Part 100 release. 9 Some very likely would not have given operational, 10 mitigation, and prevention measures. 11 But as we indicated to the Commissioner, we did 12 not go back and look at that. It was not within our 13 charter. 14 Now, things change. 15 MR. COLLINS: Again, I certainly don't want to 16 speak for anyone on the staff. 17 We're evolving -- we're using terms that are 18 historical to characterize findings in a program to give it 19 significance that I believe the majority of the staff has 20 moved beyond, acknowledging that there are some shortcomings 21 in the way that we have conducted these exercises in the 22 past, on both sides. 23 I mean they didn't demonstrate some parts of the 24 capability; they didn't take credit for other parts of plant 25 systems and components. 36 1 The numbers are debateable. I'm not sure it's 2 appropriate to use these numbers as an indicator of where we 3 were as much as use them as an example of that program at 4 that point in time, and we're moving forward now to have 5 more realistic insights. 6 COMMISSIONER MERRIFIELD: The reason I point that 7 out, however, is from a public perception standpoint, the 8 use of a number of 47 percent having significant security 9 weaknesses leaves the public with an impression of a great 10 degree of seriousness, and so I want to -- Mr. Rosano, 11 you're saying, at least in your belief, taking an 12 independent analysis from staff's standpoint, that while Mr. 13 Orrik is using the definition that was required to be used, 14 that that 47-percent significant weaknesses isn't an 15 accurate reflection of the true seriousness? 16 MR. ROSANO: That is my conclusion and the 17 conclusion of some of the regional inspectors who helped me 18 with this review. 19 It was said in one of the public statements that 20 was signed out back in November, and that was, that the 21 figure, 47 percent, is perhaps misleading, because it 22 doesn't take into account factors like operational solutions 23 that were not considered in the old program and engineered 24 safety systems that were part of target analysis but not 25 part of the post analysis, and so, it's not a -- my opinion 37 1 is it does not have to do with Mr. Orrik's work, but it has 2 to do with the clarity of what we're saying to the public 3 and the fact that there are certain things in there that -- 4 about those figures that are misleading, because it doesn't 5 account for other factors that we are currently engaged in 6 dealing with. 7 CHAIRMAN JACKSON: How are you all going to 8 integrate these pieces, the operator actions, the engineered 9 safety system? I don't get a sense of kind of a systematic 10 walk-through that's like the kind of accident sequence 11 precursor or, you know, core damage sequence that one runs 12 through if one is postulating accidents. 13 MR. KANE: I think the process would be one in 14 which we would continue to run the exercises as they have 15 been run, as we've described the recent exercises. You get 16 a measure of the security response. 17 You also have to run a post exercise table-top, 18 understanding the time-lines that exist with the security 19 response, also understand the time-lines that exist with an 20 operational response. 21 Understanding those two, then you can understand 22 the significance of the target sets, were they necessarily 23 the right ones? If they were breached in any way, did it 24 affect the outcome? 25 So, that's the process we would use to arrive at 38 1 an overall answer, one, measuring security performance, and 2 then, two, integrating the operational response to measure 3 overall performance of the exercise. 4 So, that would be, as I would envision it, as 5 we're planning to do a post-exercise table-top. 6 CHAIRMAN JACKSON: How do you fold engineered 7 safety systems into that? 8 MR. KANE: Well, being able to understand -- and 9 that's part of the operational response, be able to use 10 other systems that are available to mitigate the 11 consequences of whatever's taking place in front of them. 12 The operators are trained to respond to symptoms. 13 CHAIRMAN JACKSON: So, you're folding in a PRA 14 analysis? 15 MR. COLLINS: You're folding in in a couple of 16 arenas. One is in the target set, acknowledgement of 17 risk-informing the target set for the plant, and then -- I'm 18 not sure we've quite thought through the PRA in the back 19 end. 20 Bill, maybe you're advanced than I am, but if we 21 are, we can elaborate on that. 22 MR. KANE: Not at this point. I think that would 23 be principally used in understanding the target sets, also 24 understanding what equipment was available to be used to 25 mitigate the event. 39 1 CHAIRMAN JACKSON: Well, but in point of face, if 2 you really do a complete PRA analysis, it actually has in 3 it, you know, likely operator actions. It has in it, you 4 know, sequences or -- you know, accident sequences that can 5 go one way or another depending upon whether certain 6 equipment is compromised or not. 7 It starts out a certain way, depending upon the 8 initiating event, if some pipe is broken or whatever it is, 9 and it strikes me -- I don't understand how you can, you 10 know, fold in engineered safety systems unless you have some 11 ability to overlay that kind of analysis, whether it's post 12 or pre. 13 I mean you could do it in the post-sense of, you 14 know, what were the attack points and, you know, what did 15 you see happening, and then that actually informs your 16 accident sequence analysis, and so -- because you can't do 17 it in an ad hoc way, and so, I would just kind of admonish 18 you in that way, that you really need to take advantage of 19 the fact, if you're going to do this, that you do know how 20 to discuss, you know, what happens if in, you know, a 21 structured way. 22 I mean PRA is not just useful because of some 23 probabilities that you come out with but because of the 24 logic of thinking through what can actually happen if, and 25 so, it strikes me that -- I mean you need to get started, 40 1 but it strikes me that, if you're really going to have 2 something that works, that says this offsets this, you 3 really have to do it in a more sophisticated way -- 4 MR. KANE: You're point's well taken. 5 CHAIRMAN JACKSON: -- than has been done 6 heretofore. 7 COMMISSIONER McGAFFIGAN: Madam Chairman? 8 CHAIRMAN JACKSON: Please. 9 COMMISSIONER McGAFFIGAN: I'm not trying to 10 complicated everybody's life, but -- 11 CHAIRMAN JACKSON: I just did. 12 COMMISSIONER McGAFFIGAN: You did. Maybe I will, 13 too. But an obvious way to involve the operators would be 14 to stick operators, an operating crew in the simulator and 15 pretend the simulator is running the plant and have whatever 16 communication exists between the guard force and the 17 operations room, and you would know how that crew, at least, 18 would handle the specific emergency that's happening, but 19 that may be expensive. 20 Has any thought been given to just having the 21 simulator manned? 22 MR. KANE: Yes, we have given thought to that, and 23 at least in the OSREs that are -- that we're conducting here 24 between now and April, we certainly -- if somebody wanted to 25 do that, we could certainly evaluate it, but I think, at 41 1 this point, I think we want to understand through 2 post-exercise table-tops. 3 As I said, we're going to use these future OSREs 4 to learn, and perhaps, if someone wants to do that, 5 volunteers to do that, we would certainly be prepared to 6 accommodate it in our inspections, but I think we'd want to 7 -- we want to move slowly toward that. 8 CHAIRMAN JACKSON: Well, let me just reinforce, 9 because it isn't totally disconnected, and I'm not 10 necessarily pushing the use of the simulator, but you know, 11 if something -- X happens at a certain point in the plant, 12 then one could ask, you know, is that a kind of an initiator 13 that flips you over into some potential accident sequence? 14 If Y happens in a plant, does that affect, you 15 know, some mitigation capability, and there are 16 methodologies that we're using and that licensees are using 17 to be able to do this kind of structured analysis, and to 18 me, in order to have a system that makes sense, you really 19 have to fold the two together. 20 MR. COLLINS: I think it's inevitable, Chairman, 21 as you have discussed, that these exercises, should they 22 mature and have Commission support, will go in the direction 23 similarly to emergency preparedness exercises, which have 24 the attributes that you have mentioned and gain a type of 25 sophistication which involves the simulator, integrated 42 1 views, use of PRA for mitigating events. We just -- we have 2 to get to that point. 3 CHAIRMAN JACKSON: Okay. 4 COMMISSIONER McGAFFIGAN: Can I ask just a general 5 question about procedures at plants? 6 As I understand these exercises, they are, you 7 know, short, bloody, and violent, at least -- not much blood 8 gets spilled yet, but they would -- mock blood. 9 MR. COLLINS: They're rated R. 10 COMMISSIONER McGAFFIGAN: Maybe even X for the 11 gore. 12 But the -- is the standard operating procedure at 13 a plant -- it's never occurred -- mortal shells are going 14 off, small arms fire is being heard around the plant. Do 15 they scream it at that point? Is that in the standard 16 operating procedure at plants, to take that precaution if 17 they know they're under attack, there's a verified attack? 18 MR. COLLINS: That varies. I think perhaps that's 19 a good question for the licensees to answer. My experience 20 -- my direct experience would be as a result of the Three 21 Mile Island intrusion and the IIT that was conducted after 22 that. 23 GPU at that time chose to maintain the plant at 24 steady-state power. 25 They felt, given the potential location of the 43 1 intruder, the ability to affect the plant in those locations 2 could be detected by variables, process variables that could 3 be monitored in the control room, and we reviewed that as a 4 part of the IIT, and we determined that that was the 5 appropriate action under those circumstances, since a plant 6 could be shut down but it could be shut down in a more 7 controlled manner with people out into the plant, and they 8 did not want people out into the plant. 9 COMMISSIONER McGAFFIGAN: My question was, if one 10 of these simulated attacks is underway, with bullets flying 11 and God knows what else going off, at that point -- that 12 wasn't Three Mile Island. Three Mile Island was a guy 13 driving into the -- onto the island, which I guess might 14 have had a bomb on the truck or whatever, but my 15 understanding of these exercises is that you know you're 16 under attack, and so, if bullets are flying -- I'll ask the 17 next panel. 18 COMMISSIONER MERRIFIELD: Chairman, we need to be 19 very careful about the language we use here, and I'm not 20 going to admonish anyone, but -- because that's the 21 Chairman's purview. 22 [Laughter.] 23 COMMISSIONER MERRIFIELD: There was no bomb at 24 Three Mile Island. 25 COMMISSIONER McGAFFIGAN: I agree. 44 1 COMMISSIONER MERRIFIELD: Right. Just so that no 2 one in the audience is left with the idea -- 3 CHAIRMAN JACKSON: This is a simulation. 4 COMMISSIONER McGAFFIGAN: It was a truck. 5 COMMISSIONER MERRIFIELD: Right. I don't know if 6 we want to get into that level of detail. 7 CHAIRMAN JACKSON: I don't think so. 8 COMMISSIONER MERRIFIELD: But there was no -- 9 COMMISSIONER McGAFFIGAN: Right. I agree. 10 COMMISSIONER MERRIFIELD: Can you assure us that 11 there wasn't? 12 MR. KANE: Yes, I can confirm that there wasn't. 13 i was also involved with the front end of that, and it 14 wasn't really known until there was a sweep of the area just 15 who and how many people were involved. The decision was, as 16 I understand it, at the time, was that they had -- were 17 satisfied that all their vital areas were protected, and 18 that was the decision. 19 There was good communication between -- and that's 20 one of the things that has to happen. There has to be very 21 good communication between security and the control room. 22 In fact, it took place there, and that's another thing that 23 we test when we do these exercises, to make sure that the 24 communications are sound, so that operations, when it makes 25 a decision whether to scram the plant or not, understands 45 1 what's going on outside the control room. So, that's a very 2 important aspect. 3 MR. ROSANO: Okay. 4 Item number nine -- and I know, Chairman, you 5 asked that I had not completed task force recommendations on 6 eight, but I think we just discussed it. Is it enough? 7 Okay. 8 Number nine, then, the baseline inspection -- 9 risk-informed baseline inspection program -- obviously, that 10 hasn't been part of the old OSRE and is now coming into 11 form, but -- because the program itself didn't exist, but 12 the SPA task force recommendations would be that the drills 13 and exercises to be conducted under the proposed new rule 14 will provide performance indicators, and they will be used 15 in informing the baseline inspection program. 16 They will be tied together and certainly be part 17 of that. 18 Item number 10 has to do with findings. The 19 results of OSREs before did not deal specifically with 20 compliance, they dealt with performance, and there were no 21 enforcement actions taken in former OSREs. 22 Under the guidance from the Office of the General 23 Counsel, in the new program, however, we will consider 24 whether actions are necessary by licensees to upgrade their 25 security based on findings of an OSRE, including 46 1 vulnerabilities, and this will be more formal in the new -- 2 in the task force recommendations, that the findings would 3 be handled consistent with the new reactor oversight process 4 and the licensees will be required to take actions to 5 upgrade security. 6 CHAIRMAN JACKSON: So, does this mean there could 7 be enforcement or there could not be enforcement? 8 MR. ROSANO: Enforcement in terms of orders, if 9 orders are necessary, to require upgrades and that notices 10 of violation would still be issued if there was a compliance 11 issue involving what their commitments are. 12 CHAIRMAN JACKSON: So, it's a structured approach. 13 COMMISSIONER McGAFFIGAN: Madam Chairman, could 14 you explain, given what Mr. Orrik talks about, these 15 significant security weaknesses, why there was no 16 enforcement? 17 As I understand it from reading his DPO, it comes 18 down to whether 73.55(a) is enforceable in and of itself or 19 just (b) through (h) or whatever the other sections are, but 20 we -- as I understand it, under the current rule, it has 21 been our position that we're into this identifying 22 weaknesses and vulnerabilities which they then -- the 23 licensees correct, and to the public, there would be a 24 disconnect here. 25 MR. ROSANO: Going into this, I would like to say 47 1 that the licensees have corrected the vulnerabilities, even 2 though there haven't been enforcement actions taken, but to 3 answer your question, there -- for several years, for a 4 number of years, the staff acted on guidance from the Office 5 of General Counsel that, when a licensee submits a security 6 plan for approval, that security plan is submitted to comply 7 with sections (b) through (h) of 73.55, and when that plan 8 is approved, it -- basically, it follows a statement in 9 73.55(a) that says that the Commission may approve measures 10 other than those specified in this rule if they demonstrate 11 that they have the same high assurance that the overall 12 level of system performance provides protection against 13 sabotage, and so, the interpretation has been since the 14 early '80s that, when a licensee has an approved security 15 plan -- that is, that it was approved by the NRC -- then we, 16 in effect, said that you are doing all that we would expect 17 you to do to protect against the design basis threat, and if 18 a licensee complies with that security plan, then there is 19 not a compliance issue, and when the OSRE goes out to test 20 performances, to test it against the underpinnings of 73.55, 21 that is the design basis threat, and so, we have not taken 22 enforcement action in the past because it was not a 23 compliance issue. 24 MS. CYR: It's not a compliance issue with respect 25 to compliance with the security plan. 48 1 MR. ROSANO: Right. 2 MS. CYR: There's still the underlying performance 3 objective of 73.55(a). That's still in there, basically, 4 and that's really what the OSRE was testing against, but the 5 focus from an enforcement stand would have been on the plan, 6 not really on compliance with the overall performance 7 objective. 8 I mean our view is you can, you have been able to, 9 you could have been able to, you are able now to take action 10 to ensure conformance with the performance objective, but 11 the enforcement focus in the past has been on the plan, that 12 if they -- if the staff had approved a plan that met (b) 13 through (h), either following (b) through (h) or some 14 equivalent level of protection with respect to those 15 requirements, that that meant that the plant itself had been 16 approved, and I think this is what the staff has talked 17 about before. 18 We've not always gone back and, in a sense, 19 reconfirmed the connection between the plan and the overall 20 performance objective. 21 CHAIRMAN JACKSON: Right. It says, to achieve 22 this general performance objective, the on-site physical 23 protection system and security organization must include but 24 not necessarily be limited to the capabilities to meet the 25 specific requirements contained in paragraph (b) through (h) 49 1 of this section, and so, the -- and so on and so on. 2 Okay. Why don't you go on? 3 MR. COLLINS: Again, Chairman, you know, we're 4 looking at those words carefully as a result of the 5 longer-range plans to be sure that they're clear, and they 6 put the onus and the obligation for the linkage between 7 demonstration and the commitment in the plan in the right 8 place, and we believe that's in the licensee's purview, 9 similar to other programs, and then there's a demonstration 10 and we monitor that. 11 CHAIRMAN JACKSON: That's performance-based. 12 MR. COLLINS: Right. 13 CHAIRMAN JACKSON: Uh-huh. 14 MR. ROSANO: Okay. 15 The last slide is something of a summary of what 16 we've been discussing, and you notice it refers to the 17 modified program for the last 11 OSREs. There are only 10 18 remaining, but we're using this modified program for all of 19 the 11, including last week's visit to Watts Bar. 20 We're going to continue to establish target sets, 21 and in fact, I might point out that, by the end of the first 22 full cycle of OSRE, we will have target sets in the book, so 23 to speak, on all of the sites, a useful resource for future 24 conduct of performance assessment in any case. 25 We're going to run exercises in accordance with 50 1 the security plan plus new commitments. The licensees may 2 commit -- may change their commitments, raising the number 3 of responders or perhaps by, after an operational analysis, 4 lowering them, but the new program will be run according to 5 the new commitments. 6 We'll assess for security performance -- 7 CHAIRMAN JACKSON: I guess the real thing is it's 8 according to the commitments that exist. 9 MR. ROSANO: That's true, yes, ma'am. 10 CHAIRMAN JACKSON: Whether they have been additive 11 or whether it's what's existed heretofore if there has been 12 no change. 13 MR. ROSANO: We will hold them to the security 14 plan, whatever it is at the time we arrive at the site. 15 Assess the security performance and conduct an 16 on-site preliminary exist and summarize the findings -- 17 without going into painful detail, there will be some 18 findings that will suggest vulnerabilities that need to be 19 looked at more carefully afterwards by the licensee and by 20 the NRC, which leads to the next point, that we're going to 21 do a post-exercise analysis. 22 That's precisely why we want the site exist to be 23 a preliminary exit, so that we have more of an opportunity 24 to examine what actions might have changed the result if 25 it's been considered longer, and we will use operational 51 1 engineering components in the assessment of damage relative 2 to the potential for Part 100 release. 3 Finally, we'll conduct a final exit detailing 4 findings from post-exercise analysis. 5 The final exit is proposed to be within two to 6 four weeks after the site visit, probably perhaps two weeks 7 for sites where there don't appear to be any significant 8 findings that require post analysis and four weeks where 9 there might be more analysis necessary, and that would be to 10 give the staff as well as the licensee an opportunity to 11 spend some time examining this. 12 CHAIRMAN JACKSON: Is there clarity with respect 13 to the use of deadly force by security guards? 14 MR. ROSANO: The information notice that is on the 15 books currently was written in 1989, and I believe, at this 16 point, that that information notice is not clear, and we 17 intend to revise that information notice. 18 It will take one of two paths. We are, as you are 19 aware, engaged in an issue involving getting deadly force 20 authority for Part 50 licensees included in the legislative 21 package that's going forward. 22 If we do join that legislation for part 50 23 licensees, we would rewrite the information notice to 24 properly characterize that in accordance with the new 25 legislation. 52 1 If Part 50 licensees are not included in that 2 legislation, we would still rewrite the information notice, 3 but we would write it in a different way, and it would 4 reflect what is, in fact, the true authority and not as it 5 is currently stated in that information notice. 6 COMMISSIONER McGAFFIGAN: Could you explain what's 7 currently in the information notice? 8 MR. ROSANO: The information notice suggests that 9 the NRC interprets its regulations to mean that guards can 10 use deadly force in protection of plant, property, or other 11 systems. 12 That is not consistent with state laws to the 13 contrary, and there is currently no Federal authority on the 14 books to grant employees of Part 50 licensees to use deadly 15 force. 16 CHAIRMAN JACKSON: That's why it's in the 17 legislation. 18 MR. TRAVERS: I think it's clear they have that 19 authority as it relates to protecting themselves or people 20 at the plant, but the question becomes do they have the 21 authority in connection with protecting plant systems. 22 MR. ROSANO: The states traditionally allow the 23 use of deadly force only to protect persons, not property, 24 and so, absent interdiction so that you put yourself in the 25 path of the bullets, guards are not allowed to use deadly 53 1 force to protect the plant. 2 COMMISSIONER MERRIFIELD: In some states, that's 3 not the case. 4 COMMISSIONER McGAFFIGAN: I know it was in our 5 legislative package the last Congress. 6 MS. CYR: It has not been in our legislative 7 package with respect to Part 50 licensees, only with respect 8 to formula quantity, to make it equivalent with DOE 9 facilities. That has been our proposal. 10 COMMISSIONER McGAFFIGAN: That's been the proposal 11 in the past? 12 MS. CYR: Right. 13 COMMISSIONER McGAFFIGAN: And we didn't realize we 14 had this hole? 15 MS. CYR: No. 16 COMMISSIONER McGAFFIGAN: I was just going to ask 17 -- I mean I thought the appropriations committees have taken 18 care of this issue in the interim for the gaseous diffusion 19 plants, and I'm sure they would have done it for the Part 50 20 plants without waiting for authorization legislation if they 21 knew that this was an issue. 22 CHAIRMAN JACKSON: Mr. Orrik, would you care to 23 make a few comments? 24 MR. ORRIK: Yes. 25 CHAIRMAN JACKSON: Could you try to limit it to 54 1 about five minutes? 2 MR. ORRIK: We're here for three reasons, 3 essentially. 4 Terrorism exists. Second point, OSRE is the only 5 performance testing of the anti-terrorist capability of 6 nuclear power plants and that the industry record, even with 7 six to 10 months advanced notice of all of our evaluations 8 still had a track record of, we could say, 53 percent 9 passing, with 47 percent of the plants had -- still had 10 significant security weaknesses in their ability to protect. 11 As I mentioned, in over 40 exercises, terrorists 12 -- mock terrorists realistically reached and simulated 13 sabotaging equipment. 14 Now, we did not consider operation. That was not 15 within our purview. In fact, it was restricted. We were 16 restricted from doing that. 17 Some plants had to use -- spend an awful lot of 18 money to get ready for an OSRE. I would point out that was 19 their decision. We have never made recommendations. All we 20 did was evaluate what they had. 21 The criteria, everything we've used has been the 22 same, and we have not changed the design basis threat. The 23 truck bomb does not come within our purview. That's handled 24 differently. 25 We still have terrorists making overt attack 55 1 against the plant, and I would point out that we have never 2 used the entire design basis threat. 3 CHAIRMAN JACKSON: Why don't you not discuss any 4 details of the design basic threat. 5 MR. ORRIK: Yes, ma'am. 6 But I have come to two conclusions as a result of 7 all of this. 8 One is that, since nuclear plants are an integral 9 part of the American infrastructure and radiological 10 sabotage could cause rather drastic results, that there is a 11 need for an anti-terrorism capability, physical protection 12 capability at nuclear power plants. 13 Secondly, I think, given the increasing pressure 14 to cut costs, including security costs, and the -- as I 15 mentioned, the previous track record of the industry, that 16 there is a need for NRC presence to provide a countervailing 17 pressure against the pressures to reduce costs and make them 18 competitive, redo security. They are, after all, a 19 business. 20 I would, however, like to state something that I 21 think will please the Chairman, the Commissioners. 22 Last year, I objected to NRC staff's decision with 23 respect to NRC's role in performance assessment of nuclear 24 power plants. This year, I have seen the proposed -- SPA 25 task force proposals which you have been -- you have just 56 1 received, and I have seen the proposed baseline inspection 2 program. 3 They are reasonable and responsible. I am 4 encourage by what I see NRC now preparing to do in the 5 future. 6 I would, however, have this cautionary note. The 7 proof of the pudding is in the eating. NRC's commitment to 8 anti-terrorism capabilities will be in the approval and 9 execution of these proposals. 10 So, the ball essentially is still in NRC's court, 11 but I must say that I am very encouraged and am on-board 12 with the efforts being taken by NRC staff. 13 CHAIRMAN JACKSON: Thank you. 14 Commissioner Dicus, any further comments or 15 questions? 16 COMMISSIONER DICUS: A comment and a couple of 17 questions. 18 You made the statement that, when you go out prior 19 to an OSRE and you find vulnerabilities, you call those to 20 the attention to the licensee, but they don't have to do 21 anything about it. 22 But I would caution you, because once we point out 23 vulnerability, they tend to take that as a requirement and 24 are going to do something about, even thought it's not 25 officially transmitted as a requirement. So, I would 57 1 caution that statement. 2 I would also caution, in light of the perhaps 3 changes that you made in the OSRE and these that are going 4 to be done, the 10 remaining ones -- and probably, for most 5 of these, you may have already gone out and looked at 6 vulnerabilities, but for any that you haven't and for future 7 reference, that as we go to risk-informing this activity, if 8 that's what we wind up doing, really evaluate 9 vulnerabilities against the Part 100 release and not against 10 any other criteria, if that's what -- the criteria that 11 we're going to use. That may change the vulnerability a 12 great deal. 13 Now a couple of questions. 14 One of them has to do -- since the OSRE started, 15 what, in 1992 -- and I noticed in your comments you say 16 toward the end we bring in experts experienced in armed 17 defense who provide continuity between OSRE evaluations, but 18 for plants that had OSREs that did theirs in, say, '92 or 19 '93, '94, to the ones that are doing them now, has there 20 been creep? Have we really started requiring more? 21 MR. ORRIK: No, ma'am. 22 COMMISSIONER DICUS: So, it has been constant. 23 MR. ORRIK: Yes, ma'am. 24 COMMISSIONER DICUS: You're comfortable with that. 25 MR. ORRIK: I've been on 56 of the 58 OSREs, and 58 1 there's been no creep. We've used the same criteria, same 2 schedule of events. 3 There has been creep in one sense, in that the 4 licensees have been much more inventive in defining their -- 5 building their defenses, but again, that's their doing. 6 COMMISSIONER DICUS: But maybe -- well, I'm going 7 to ask that question of the licensees, too. 8 MR. COLLINS: Commissioner Dicus, I believe 9 there's been creep. 10 COMMISSIONER DICUS: I think there has been, too. 11 MR. COLLINS: I think there's a difference. 12 Having been in two regions, being a senior resident, a 13 resident, supervising inspectors, there's a difference 14 between saying our regulations haven't changed and how 15 licensees response to our review initiatives. 16 Clearly, in these areas, licensees try to get 17 ahead of the reviews, of the OSRE reviews. They learn from 18 past OSREs. They gather the best attributes of each past 19 plant. 20 They hire consultants to provide for 21 pre-screening, pre-OSRE exercises that bring these 22 attributes to licensees as a methodology of passing an OSRE. 23 There is a area here that has to do with public 24 confidence, and again, I won't profess to speak to 25 licensees, but there is an impact of licensees not passing 59 1 an OSRE, although it may not be a regulatory impact, it's a 2 public confidence issue. 3 COMMISSIONER DICUS: Uh-huh. 4 MR. COLLINS: So, for a lot of reasons, licensees 5 go to extensive means to pass the OSRE. 6 Now, that's different than saying our requirements 7 have changed. So, there's a couple of answers to that 8 question. 9 I think the industry can speak better to that. 10 COMMISSIONER DICUS: Okay. 11 One final question. 12 In order for a licensee to exercise their security 13 plan, to meet whatever challenge there is, I'd like some 14 feedback as to whether or not any of you believe it's really 15 necessary for the licensee to interdict an intruder, or 16 would it be sufficient if the licensee is simply able to 17 detect, to deter, and then delay, particularly taking into 18 account operational responses. 19 MR. ROSANO: I believe that the detection and 20 deterrence -- I'm not sure the delay would be sufficient 21 unless the delay was long enough to provide back-up forces 22 to arrive at LLEA or to take over the situation, but I do 23 think that it would be sufficient for a licensee to 24 demonstrate that they could protect the target sets from 25 damage, and that doesn't necessarily mean terminating the 60 1 attackers, but it simply means that if a licensee could 2 demonstrate that they could fall back to positions or they 3 can ensure protection of the target sets and it wouldn't 4 matter if the attackers were still able to create industrial 5 sabotage or other damage, they would have satisfied their 6 goal. 7 CHAIRMAN JACKSON: Actually, don't you have to be 8 careful in answering her question? 9 MR. ROSANO: I was trying to be. 10 CHAIRMAN JACKSON: Well, but not careful enough. 11 MR. ROSANO: Yes, ma'am. 12 CHAIRMAN JACKSON: Because if you're going down 13 the line of looking at operator actions and operational 14 safeguards, then you have to say that you do this all in 15 analysis, and that's what they have to demonstrate. 16 You talked about the Part 100 limits, etcetera, 17 etcetera. So, if you're going to the analysis that includes 18 operator actions, engineered safeguard systems, and then an 19 ability to keep you from having an event that would exceed 20 Part 100 limits, that the real answer to her question. 21 So, you don't want to ad hoc it when you've 22 already kind of laid out a structured approach here to the 23 Commission. 24 MR. ROSANO: I agree with your answer to her 25 question, but -- 61 1 [Laughter.] 2 MR. ROSANO: But I might add that I didn't think 3 that my answer was inconsistent, because we agree that, if 4 the licensee can demonstrate through engineered safeguards 5 or operational response or fall-back positions, that they 6 can protect the target sets, then they've satisfied it. 7 CHAIRMAN JACKSON: And the target sets, by 8 definition, are those that, if compromised, would lead to a 9 potential -- 10 MR. ROSANO: Yes. 11 CHAIRMAN JACKSON: It could lead to releases in 12 excess of -- 13 MR. ROSANO: Yes, ma'am. 14 CHAIRMAN JACKSON: -- Part 100. 15 It would be very good to kind of talk that way, to 16 be consistent. 17 MR. ROSANO: Yes, ma'am. 18 CHAIRMAN JACKSON: There may be media people or 19 whatever, members of the public -- it would be very nice to 20 just keep talking -- 21 MR. ROSANO: Point well taken. And again, they're 22 all fixed. All the weaknesses have been fixed. 23 CHAIRMAN JACKSON: I'm sorry. 24 COMMISSIONER DICUS: No, that's fine. That was a 25 clarification. I was thinking you've got to add one more 62 1 statement to the answer, and I gave you -- when I asked the 2 question, would it lead to Part 100 release? 3 Anyway -- and finally, I guess, just a comment. 4 I'm still troubled by the amount of fortification that we do 5 have at our nuclear power plants as compared to what you may 6 find at a chemical or industrial facility, troublesome to 7 me. 8 CHAIRMAN JACKSON: Commissioner Diaz. 9 COMMISSIONER DIAZ: I have no questions. 10 CHAIRMAN JACKSON: Commissioner McGaffigan. 11 COMMISSIONER McGAFFIGAN: I have several, so let 12 me get at it. 13 The rule that you're talking about developing -- 14 and apparently there's agreement on -- what is the 15 time-frame for developing that rule, the new rule? 16 MR. ROSANO: Our goal would be to have the new 17 rule written in -- as a proposed rule within six months 18 after getting permission from the Commission to move forward 19 on it. 20 COMMISSIONER McGAFFIGAN: Okay. 21 Are there back-fit issues, potentially, in this 22 rule? 23 MR. ROSANO: I think the back-fit issues have to 24 be considered. We would be issuing a new requirement -- 25 that is, a requirement to conduct drills, and so, it's 63 1 clearly a back-fit, because it's a new requirement. 2 MR. KANE: And evaluations. 3 CHAIRMAN JACKSON: The evaluation is part of 4 developing the rule. 5 COMMISSIONER McGAFFIGAN: Will CRGR look at this 6 rule before -- we've had some issues in recent months where 7 CRGR has looked at things late -- operator licensing was an 8 example -- and had problems at the final rule stage that 9 probably should have been clear at the proposed rule stage. 10 Will part of the process of developing this rule in the next 11 six months involve CRGR review? 12 MR. KANE: Yes. 13 COMMISSIONER McGAFFIGAN: Okay. 14 Have you looked at the issue of graduated 15 responses? At the reg info conference, it was pointed out 16 that we essentially require these folks to be able to 17 instantaneously deal with the design basis threat 24 hours a 18 day, 365 days a year, and the military doesn't do that. 19 They're not -- no other industrial institution 20 does that, and I don't know quite how to -- you know, I 21 don't want to get into design basis threat, but the issue of 22 not having everybody at the highest security level all the 23 time -- how do you intend to deal with that? 24 CHAIRMAN JACKSON: TBD, right? 25 MR. KANE: TBD is the correct answer, but I think 64 1 it is a good point, and I think that's something we need to 2 examine to see if there needs to be a graded approach to our 3 response. You know, whether it can be done, I don't know, 4 but I think it needs to be explored. 5 MR. COLLINS: I think that question and 6 Commissioner Dicus' last comment on the comparison has to do 7 with the arena of the design basis threat, which is out of 8 the staff's control. 9 Commissioner McGaffigan, you're dealing 10 essentially with a probability issue. 11 COMMISSIONER McGAFFIGAN: Right. 12 MR. COLLINS: Right now, the assumption is a 13 probability of one. Therefore, thou shalt always be ready. 14 COMMISSIONER McGAFFIGAN: I'm happy to hear Mr. 15 Orrik's comment. 16 MR. ORRIK: Yes, sir. 17 In 1978, the NRC made an operating assumption, 18 which was -- that is unclassified -- was that there would be 19 no warning, advance warning, and every person that I've 20 spoken to since then, I believe, reaffirms that the 21 terrorism, almost by definition, there would be no warning, 22 and that's the basis on which we have been assuming, but of 23 course, that's within the NMSS purview. 24 MR. ROSANO: May I add that Liz Teneyck is here in 25 the room, the director of safeguards in NMSS, and I know 65 1 that she has a lot of background on it. 2 COMMISSIONER McGAFFIGAN: If I'm getting into 3 dangerous space, I'll just leave the comment. I think it's 4 out there, and I do think it's -- you know, assuming a 5 threat all the time is not what -- a significant threat, you 6 know -- 7 CHAIRMAN JACKSON: Well, I think the real point is 8 that, as he said, in 1978, the Commission made a decision 9 from an operational point of view. Having discussions with 10 Liz and her people theoretically could lead the Commission 11 to make a different operational assumption, and that's 12 something that the Commission needs to look at if it wants 13 to do that. 14 COMMISSIONER McGAFFIGAN: Let me ask Mr. Orrik -- 15 I take your testimony today or your briefing remarks today 16 to essentially say your DPO of February has been resolved to 17 your satisfaction, that -- you know, we had a letter -- I 18 think we just recently answered it -- from Congressman 19 Markey about it, but you raised concerns in your DPO with 20 regard to two of the recommendations and had an alternative, 21 and should I regard your remarks today to mean that you're 22 essentially -- you said you're on-board. Does that mean 23 your DPO -- maybe it isn't formally resolved, but it is 24 resolved in your mind? 25 MR. ORRIK: Yes, sir. Actually, of course, I did 66 1 put the caveat that it has to be executed. 2 COMMISSIONER McGAFFIGAN: Okay. 3 MR. ORRIK: But yes. The answer to your question 4 is yes. 5 MR. COLLINS: Commissioner McGaffigan, if I can 6 just take the liberty here, because I believe there's a 7 point that needs to be clarified based on the statement -- 8 and David, you can choose to think about this if you don't 9 want to answer it at the table. 10 The message here appears to indicate that there's 11 a need for NRC direct involvement, if I read your -- NRC to 12 ensure this capability to provide countervailing pressure. 13 Our program may not require NRC direct 14 involvement. It may set the standards, codify the 15 regulations, and allow licensees on their own to conduct 16 drills and exercises and conduct their own reviews that we 17 may or may not confirm in evaluation. 18 CHAIRMAN JACKSON: But you did talk about having 19 resident inspectors at the quarterly drills. You talked 20 about, in the risk-informed baseline inspection program, 21 having regional inspections based on what you find out 22 relative to those drills, unless I misunderstood something. 23 MR. COLLINS: That is the original approach. 24 CHAIRMAN JACKSON: Right. 25 MR. COLLINS: But based on lessons learned and on 67 1 individual licensee performance, we may not, in the future, 2 have that direct monitoring of every drill and every 3 exercise. 4 CHAIRMAN JACKSON: I understand that, but there 5 must be some periodicity that you intend to maintain. 6 MR. COLLINS: Yes. 7 CHAIRMAN JACKSON: And that could be the 8 countervailing pressure. I mean it doesn't mean that you 9 look at it one time and you don't come back for 20 years. 10 MR. COLLINS: True. Not 20 years. 11 CHAIRMAN JACKSON: Well, I mean you have to decide 12 for the proposed periodicity -- 13 MR. COLLINS: What the proposed interval is, 14 that's right. 15 CHAIRMAN JACKSON: -- and the Commission has to 16 agree that it thinks that is, you know, prudent, and then 17 that is what it is. 18 MR. COLLINS: Well, I think the staff -- the staff 19 may not ask unless the Commission directs on what that exact 20 interval is as far as NRC oversight. 21 Certainly, the licensees would have to demonstrate 22 capability, but like any inspection program, the periocity 23 of the review of that capability is really a staff 24 discretion based on licensee performance, resources, and the 25 Commission reserves the right to -- 68 1 CHAIRMAN JACKSON: Well, I think you need to 2 clarify how you posit it in a risk-informed baseline 3 inspection. 4 If you're talking about using performance 5 indicators and having that inform a risk-informed baseline 6 inspection program at whatever periodicity, you know, that 7 may be, then you need to be clear about that, so that you're 8 not putting the Commission in the position where it, 9 quote/unquote, is "de facto" saying, well, you look at it 10 one time and you don't look at for 20 years. 11 MR. COLLINS: I understand that point. 12 COMMISSIONER McGAFFIGAN: Presumably, there would 13 be a performance indicator for the quarterly exercise that 14 you'd develop with -- that would go into the baseline 15 inspection program that isn't there at the moment if this 16 rule change goes into effect. 17 MR. COLLINS: That's correct. 18 MR. KANE: It would be somewhat parallel to what 19 you see under emergency preparedness. 20 COMMISSIONER McGAFFIGAN: Not to totally destroy 21 your next six months, but you're going to go to CRGR during 22 this period. 23 The guidance document strikes me that -- your 24 recommendation two -- industry is going to be very 25 interested in what this guidance document looks like, 69 1 because there's going to be a lot of stuff in the guidance 2 document that is not going to be in the rule and will help 3 people understand the intent of the rule. 4 When does the guidance document catch up with the 5 proposed rule? Is it there with the proposed rule in your 6 minds, or is it catch up by the final rule, or what is the 7 current plan? 8 MR. ROSANO: My plan is that it would be available 9 with the proposed rule. 10 COMMISSIONER McGAFFIGAN: Good answer. 11 MR. ROSANO: The guidance document but not 12 necessarily the inspection procedure and the training. 13 Those would come later. But I think that the rule and the 14 reg guide, if it's a reg guide, go hand in hand. 15 COMMISSIONER McGAFFIGAN: The last couple comments 16 -- I'm just going to agree with Commissioner Dicus. 17 I mean the thing that we hear from some folks and 18 I resonate with -- our European colleagues point out to us 19 that our security requirements are far higher than theirs, 20 and they live in a pretty significant threat environment. 21 The Brits had to worry about the IRA for -- at 22 least since 1969, and the IRA had some pretty significant 23 capabilities. There's terrorism on the continent. 24 Our chemical plants -- you can kill an awful lot 25 of people by blowing up a chemical plant, oftentimes right 70 1 next to an interstate -- are very soft targets, and I think 2 Part 73 itself is a pretty good deterrent. 3 When you read the list of weaponry that you guys 4 require these guys to have at the sites, if I'm choosing 5 between, you know, various places, there's a pretty good 6 deterrent in just reading the words, hopefully fully 7 implemented in the security plans. 8 So, there's this disconnect, and certainly, we 9 need to protect these plants, but when European regulators 10 come in and say, wow, I was just at Palo Verde and I asked 11 them how many guards they had and they had 160 -- you know, 12 that's their total force or something, and it's three big 13 reactors, and they're not all on duty. That's to get a duty 14 force that's much smaller. And they say, well, you know, at 15 our typical plant, we'll have one guard at the gate or 16 something. 17 How do we -- you know, without getting into the 18 design basis threat, how do we justify the enormous 19 disparity between what we require and what the chemical 20 industry requires or what our European and Japanese 21 colleagues require? 22 MR. COLLINS: Do you want to get to that without 23 getting too close to the design basis threat? 24 MR. ROSANO: I can do it without getting close to 25 design basis threat. I'm afraid of getting close to 71 1 something that might be more dangerous. 2 My response to that would be, actually, twofold. 3 I, quite frankly -- this is my opinion. I can't 4 account for what the European power plants do, and I'm not 5 responsible for what they do. I might say that -- having 6 said that, that I don't necessarily agree that what they 7 provide in terms of security. 8 But I would also like to point out that the 9 Federal Government right now and in a lot of different 10 arenas is raising its security consciousness, is increasing 11 security, preparing more for possible terrorist attacks, and 12 I think that other areas, other industries may be coming up 13 to our level, rather than us going down to theirs. 14 COMMISSIONER McGAFFIGAN: I think that's 15 impossible. 16 MR. KANE: But it's impossible to really answer 17 your question without going into first principles and 18 comparing what you're protecting against, and then that gets 19 into something I'd rather not talk about. 20 COMMISSIONER McGAFFIGAN: Again, Mr. Orrik, if you 21 want to -- 22 MR. ORRIK: Yes, sir. We've had numerous 23 countries observe the OSREs or regional assist 24 demonstrations that we conduct at United States plants, and 25 to the best of my knowledge, there are six countries now 72 1 that are copying part or all of the OSRE regional assist 2 program, including Germany, Japan, Russia, Ukraine, 3 Kosokslov -- I've forgot what the sixth was. 4 COMMISSIONER McGAFFIGAN: So, they're copying 5 parts of what we're doing now. So, it can't be all bad. 6 The final issue again goes to a point that 7 Commissioner Dicus made. 8 The notion in these plants, as we arm them, as we 9 weld doors shut in order to, you know, defeat folks and all 10 that, have additional aim points and additional equipment in 11 various places, you end up with a trade-off between security 12 and safety, and I guess it's probably for the next panel, 13 but do the security forces within the plan rule supreme, and 14 if they say a door has to be welded shut, it gets welded 15 shut, or do you guys -- are you guys confident that people 16 think about the safety implications of potentially going and 17 adding a new security bell and whistle? 18 MR. ROSANO: Not only do the licensees on their -- 19 at their own level talk through -- you know, talk with ops 20 and security when changes are suggested, but we, when we go 21 to the plants, in the OSRE visits, have safety safeguards 22 interviews to get a better understanding of what is the 23 impact of security measures on employee safety in the plant, 24 and that's part of the licensee's program, it's also part of 25 our program. 73 1 COMMISSIONER McGAFFIGAN: As I understand it, 2 people are concerned about, you know, just getting to places 3 in the plant. 4 CHAIRMAN JACKSON: Well, in point of fact, that is 5 why this all-in analysis turns out to be important, because 6 if, in fact, you're looking at operator actions, engineered 7 safety systems, etcetera, etcetera, etcetera, that forces 8 you into the land of safety as well as safeguards, and 9 that's why, moving down that kind of path, because you will 10 automatically understand some of those trade-offs, and 11 that's why I was pressing the issue that that kind of 12 analysis has to be done at a sophisticated enough level to 13 allow you to be able to look at this kind of thing. 14 MR. COLLINS: Commissioner McGaffigan, I think 15 there's two aspects. We touched on them both. 16 One was the actual aspect of being able to 17 demonstrate to a plant review committee for a modification 18 that safety isn't impacted, which is one threshold. 19 There's the other impact of are we working in a 20 production facility or are we working in an armed camp, and 21 that's the intangibles, the hygiene issues, if you will, 22 that impact individuals just because of what you see and 23 where they are. 24 The previous question that was answered by Mr. 25 Orrik -- I think we have to be careful when we use foreign 74 1 countries as an example. Many countries look to the NRC to 2 set the standard, and they adopt the NRC's criteria, lacking 3 any other criteria. 4 Additionally, I believe we have to be careful when 5 we are dealing with very focused arenas where security, NRC 6 to security, licensee -- there can be a tendency there to 7 have coexisting goals, and there needs to be some outside 8 tension there that screens those initiatives in a wider 9 picture, and that's where the operations and the engineering 10 come in to provide for that balance. In the past we haven't 11 had that. 12 CHAIRMAN JACKSON: And the wider picture, also, is 13 -- has to do with a sort of stand-by degree of security out 14 on the streets, per se, in different countries, and they are 15 different, and they aren't always obvious, but they are 16 different. 17 COMMISSIONER McGAFFIGAN: I think I've run through 18 my series of questions. 19 CHAIRMAN JACKSON: Commissioner Merrifield. 20 COMMISSIONER MERRIFIELD: Thank you. 21 Two brief questions, and then I want to make a 22 couple of comments. 23 In Mr. Orrik's written comments, there's a 24 statement -- I'm directing this to Mr. Rosano -- the OSRE 25 was -- is the only NRC performance inspection and evaluation 75 1 effort of licensees' capability to protect against 2 terrorism. 3 Is that correct? Is this the only element that we 4 have? 5 MR. ROSANO: It's the only element we have for 6 testing the performance. I don't find it to be the only 7 element we have for inspecting -- that's one of the words in 8 there -- because we have an inspection program that deals 9 specifically with security plan commitments, but licensees 10 also have auditing programs, and they have their own 11 internal inspections. 12 There are actually a number of components in the 13 NRC program to look at what the licensees do in terms of 14 fulfilling their responsibilities in security. The OSRE or, 15 in a larger sense, performance assessment, is the way that 16 we look at their capabilities with respect to responding to 17 attack, but only that portion of it. 18 COMMISSIONER MERRIFIELD: All right. But it's a 19 portion of a much larger program that we have. 20 MR. ROSANO: Yes, sir. 21 COMMISSIONER MERRIFIELD: Okay. 22 Mr. Orrik, there was -- in addition to your DPO, 23 there was also a DPV that was provided to us on August 21st 24 from Mr. Thomas Dexter, Mr. Dennis Schaefer, and Mr. Bruce 25 Earnest, all of whom are physical security specialists in 76 1 Region IV. 2 Have you had an opportunity to talk to them, and 3 do they share your view and encouragement by the 4 recommendations of the task force that they are reasonable 5 and responsible? 6 MR. ORRIK: I can speak for one of them, 7 certainly, Mr. Dexter, who's participating in this task 8 force, and he's, in fact, very substantially involved in 9 running the baseline inspections, and to clarify a previous 10 comment, yes, I understand that the SPA task force 11 requirements -- or recommendations, pardon me -- and the 12 baseline inspection recommendations include a very definite 13 NRC periodicity of inspection. 14 It would be regionalized versus the way it is done 15 by headquarters now, but it does involve an NRC presence, 16 which I feel strongly is required until such time as the 17 Commission determines that the industry can do it by 18 themselves. But I think we haven't reached that time yet. 19 COMMISSIONER MERRIFIELD: That goes to one of the 20 comments I want to make, and I guess this goes to Sam. I 21 think, along the lines of the Chairman, I do believe 22 probably it would be in all of our benefit to make sure that 23 the Commission has an opportunity to closely review the 24 recommendations for periodicity. 25 The issues of terrorism and threat to these plants 77 1 is, from a public perception standpoint, an important one, 2 and I think the higher degree of Commission involvement in 3 assisting you in that regard, I think, would probably be in 4 the benefit of all of us. 5 I also want to agree with Commissioner Dicus. I 6 have visited a number of plants recently. 7 I have some concerns about whether we perhaps may 8 be going overboard, but certainly, as we continue to go 9 through the process of evaluating this program and accepting 10 the recommendations of Safeguards Performance Assessment 11 task force, I think we can continue to evaluate that and 12 move forward. 13 The last thing I'd want to say is a few 14 compliments. 15 One of them -- the Chairman -- her decision to 16 re-implement the OSRE program based on the information 17 provided in Mr. Orrik's DPU and for other reasons -- I 18 supported it at the time. I think it was the right thing to 19 do. 20 I would also compliment Mr. Orrik. I have to say, 21 although there are parts of your DPO I disagree with and, I 22 think, may lead some in the public -- I think left the 23 public with a far greater concern about where we are at the 24 NRC, I think the activities you took in the DPO and the 25 fellow staffers in their DPV to raise this issue to the 78 1 Commission was -- you know, is an important part of our 2 program. 3 I think it is important for our staff to 4 understand that we as a Commission do respond to these, and 5 I think the activities of the Safeguards Performance 6 Assessment task force have been very positive. I think all 7 the staff should be complimented for working together and 8 working through this and coming up with a program that seems 9 to have some merit. 10 We'll get some other views on the next panel, but 11 I think, you know, we shouldn't leave it -- you know, this 12 is an important part of our process. We certainly do want 13 to hear what our staff has to say, and I certainly 14 appreciate the fact that you've brought those comments 15 forward. 16 CHAIRMAN JACKSON: Thank you. 17 Okay. I think we'll hear from the next panel. 18 Thank you very much. 19 We will first hear from Mr. Beedle and the folks 20 from NEI, etcetera. 21 How have you structured your industry 22 presentation, Mr. Beedle? 23 MR. BEEDLE: I would lead off with a few remarks 24 and then turn to John McGaha, who would talk through most of 25 the issues and then make a concluding remark. 79 1 CHAIRMAN JACKSON: And how are you proposing to 2 structure your presentation, Mr. Leventhal? 3 MR. LEVENTHAL: I think I can complete our 4 testimony in about 10 to 15 minutes' time, and I'm going to 5 ask Mr. Greenberg to deal with the legal question that arose 6 with regard to -- 7 CHAIRMAN JACKSON: Okay. So, you would present 8 first and then Mr. Greenberg. 9 MR. LEVENTHAL: -- with regard to 73.55(b) through 10 (h). 11 CHAIRMAN JACKSON: Okay. 12 So, Mr. Beedle. 13 MR. BEEDLE: Good morning, Chairman, 14 Commissioners. 15 With me today is John McGaha, Executive Vice 16 President with Entergy -- he's the Chief Operating Officer 17 for that organization -- Bill Josiger, who is a Vice 18 President with the New York Power Authority, Doug Gipson 19 back here is the Chief Nuclear Officer, Detroit Edison, and 20 we have a number of members of the -- NEI's security task 21 force, and I point out the attendance here today by way of 22 underscoring the importance that the industry places on this 23 subject. 24 It's one that we are certainly committed to. 25 Security of our facilities is something that is extremely 80 1 serious in our minds and one that is protecting the assets 2 of the company. So, it's not something that's undertaken 3 lightly. 4 First slide, please. 5 Our objective is certainly to promote review of 6 the security fundamentals, and I think that's what the 7 Commission has been pointing at this morning with the 8 questions to the staff. 9 We certainly agree with the need to take advantage 10 of this opportunity and time to review the program and make 11 sure that we're focused on the right thing. 12 I was encouraged to hear the staff talking about 13 Part 100 release criteria as one of the fundamental 14 requirements upon which our security forces are predicated, 15 and then certainly the design basis threat, and neither do I 16 want to get into the design basis threat at this point, and 17 again, we believe that the time is ripe to examine these 18 issues, to make sure that we're doing the right thing. 19 I can't help but believe that the dollars we spend 20 in one area detract from dollars available in other areas, 21 and security is no different than any of the other programs 22 that we have to deal with on a day-to-day basis in managing 23 the industry. 24 So, with that, I'd like to turn to Mr. John 25 McGaha, who will cover some more detailed remarks. 81 1 John? 2 MR. McGAHA: Thank you. 3 Good morning, Chairman and Commissioners. 4 CHAIRMAN JACKSON: Good morning. 5 MR. McGAHA: It's a pleasure for me to be here 6 today, mainly because, about seven years ago, I was involved 7 in another NEI initiative very similar to this. 8 In fact, I was really pleased to hear the 9 questions going around the table, because they are all the 10 same types of things we were asking seven years ago, things 11 about use of deadly force, what is the design basis threat, 12 and is that the right thing to do, what are the staffing 13 requirements, and I could go right down the list, pretty 14 much, everything that was being discussed today, we were 15 discussing back then. 16 I'd like to, before I get into my slides, just 17 make a couple of points based on the discussions I heard 18 earlier today. 19 In my opinion and, I think, in the opinion of my 20 colleagues that are here today, there has, in fact, been 21 creep in the industry. I know, at our Entergy plants, we've 22 increased the size of our security force as a result of 23 OSREs and response to the design basis threat. 24 We have also, in fact, reduced the size of the 25 force over the past few years, but that is in other areas 82 1 where we've managed to improve and streamline the way we do 2 business. 3 We are very interested in what the Commission is 4 trying to do. 5 I think this is good that we're taking another 6 look at this area, so much so that some of our people from 7 Entergy were here this week talking to the Commission staff 8 about maybe looking at the new regulatory approach, the risk 9 performance-based approach, and maybe even coming up with 10 one security plan for all of our Entergy sites that would be 11 based on the regulations and not have all these variances 12 that we seem to have evolved to over the years, mostly as a 13 result of the inspection process and responding to some of 14 these things. 15 But I'll tell you this right now. Just last week, 16 we had a security inspection at our Arkansas plant, and at 17 the exit meeting, the inspector asked us if we would commit 18 to increase the size of our security force and put that in 19 our security plan. 20 So, that just gives you one small tidbit of 21 information that shows that there is some creep taking place 22 out there as a result of the inspection process, and I'm 23 hoping this effort we're doing here will help us get our 24 arms around that. 25 I was really pleased to hear the discussion today 83 1 about the integrated approach using the engineering 2 safeguards assessment PRA integrated with operations and 3 looking at the integrated approach rather than just a pure 4 security defense mechanism to try to demonstrate that we're 5 protecting our plants. 6 To get into my slides, one of our objectives is 7 that we'd like to see the security program clearly defined 8 based on realistic and measurable regulations, and this gets 9 into some of the discussion that occurred earlier today, are 10 we regulating to the Part 100 release, are we regulating to 11 the target sets, are we regulating to reactor damage, fuel 12 damage, or are we regulating to theft of nuclear-grade 13 material. 14 This is an area we were discussing seven years 15 ago, and I'm glad to see what we're discussing it again 16 today. 17 Our plant management needs to be able to measure 18 our performance against these requirements, and as we said 19 earlier, the requirement should be an integrated 20 defense-in-depth approach, not just reliance on security 21 measures or on a local security force demonstrating 22 interactions with intruders. 23 This means that this approach needs to include 24 some kind of risk analysis, and it has to include 25 operations, engineering, and a lot of other features that 84 1 were discussed earlier today, and the NRC oversight and 2 inspection should be to the same standards that the plant is 3 using, whether it be active NRC involvement or NRC 4 monitoring these exercises that are being discussed as part 5 of the new proposed approach. 6 In the interim, though, what we've had in the past 7 and what we still have today, I feel, I think even with this 8 SECY paper and what it recommends, if we continue with the 9 OSREs, we still have in my opinion and I think in the 10 opinion of the colleagues representing the industry, a 11 variable escalating, expert-driven requirements approach, 12 and if you go from OSRE to OSRE, the requirements end up 13 being different, and they all talked about it. 14 Yes, we go learn from what happened at the other 15 plants, and we make sure that we don't have those same 16 problems recur at our plants based on the inspection 17 results. That's just the nature of the beast. 18 Next slide. 19 CHAIRMAN JACKSON: That's based on the plants to 20 -- the program has it has been implemented to date. 21 MR. McGAHA: Yes. 22 CHAIRMAN JACKSON: Not necessarily this modified 23 approach. 24 MR. McGAHA: Even in the modified approach, I 25 think if you talk to Watts Bar, you'll -- in fact, I think 85 1 -- are those pictures we have from Watts Bar? We're going 2 to show you a couple of pictures. 3 CHAIRMAN JACKSON: That's how Watts Bar prepared 4 for it. 5 MR. McGAHA: Yes. Watts Bar prepared for it, and 6 Comanche Peak is preparing for it, and they're -- I think 7 they're the next one due for an OSRE, and the executives 8 there would agree that it is not a regulatory requirement 9 that they're trying to satisfy. 10 They're trying to satisfy the perceived 11 requirement of the OSRE examining team so that they were not 12 put in a disadvantaged position. So, it's effectively a 13 requirement. 14 CHAIRMAN JACKSON: Right. But my understanding is 15 of what the licensee would be tested to relate to existing 16 commitments, not based on what they put into place. 17 MR. McGAHA: That is correct. The test is their 18 existing commitments. 19 CHAIRMAN JACKSON: Right. 20 MR. McGAHA: But it's heavily weighted toward 21 interpretation of those equipments, and as members of your 22 staff have told you, that it's the vulnerabilities. I 23 perceive a vulnerability, and as a result of that, if I have 24 a vulnerability, I have to do something to solve it, and 25 we'll show you some pictures of what we think are solutions 86 1 to vulnerabilities. 2 CHAIRMAN JACKSON: Are you arguing that it's ad 3 hoc? 4 MR. McGAHA: Beg your pardon? 5 CHAIRMAN JACKSON: It's ad hoc in terms of the 6 discussions of vulnerabilities. 7 MR. McGAHA: Well, no. I think what happens is 8 they look at past OSREs and they find out what that utility 9 did to solve their problem, and then they replicate that at 10 their station. 11 CHAIRMAN JACKSON: Uh-huh. 12 MR. McGAHA: So, it becomes a de facto requirement 13 throughout the industry. 14 CHAIRMAN JACKSON: Well, I guess what I'm trying 15 to understand is, you know, we have an historical approach. 16 The staff has posited that there is a modified approach, and 17 then there are the specific recommendations of the task 18 force which you seem to be endorsing, coupled with, you 19 know, what the Commission itself has been discussing this 20 morning, and I'm trying to understand whether you feel that 21 this high degree of creep and ad hoc-iness is still implicit 22 in the modified approach, or is it that the licensees do 23 things and we kind of say okay? 24 MR. McGAHA: Let me get to the crux of what I 25 think our whole message is here. 87 1 We think it's premature to do even this modified 2 approach until we step back and answer some of these 3 questions that we've been trying to answer for a long time. 4 Is the design basis threat the credible thing to be 5 protecting against? Do we need to interdict rather than 6 interpose and delay and rely on other law enforcement 7 agencies to bring in additional resources? 8 These types of things, right now, are not yet 9 defined, and I'm not sure that the -- this modified 10 inspection approach is going to define those. At least the 11 way I read the letter, it doesn't really say it's going to 12 get into those kinds of things. 13 MR. BEEDLE: Well, let me add that where the staff 14 is going right now on these next 10 OSREs is, I think, an 15 evolutionary effort to try and figure out how to do the 16 OSREs better. 17 CHAIRMAN JACKSON: That's correct. 18 MR. BEEDLE: Okay. I don't think that those 10 19 plants are sufficiently familiar with that process that they 20 would be willing to not make any changes in their plant as 21 they approach the date of their OSRE. 22 CHAIRMAN JACKSON: Well, then you should tell them 23 not to do that. 24 MR. BEEDLE: Well, I can tell them that all day, 25 but they say, Ralph, your license isn't on the line. 88 1 CHAIRMAN JACKSON: Well, we'll ask Sam to tell 2 them not to do that. 3 MR. BEEDLE: Okay. 4 CHAIRMAN JACKSON: Okay. And then we will come in 5 and test based on what is there. Tell them not to do that. 6 COMMISSIONER McGAFFIGAN: The discussion about the 7 OSRE program as it's been conducted over the last 10 years 8 reminds me of Towers Turn to some degree and the notion that 9 we have individual inspectors imposing requirements. 10 Now, is that what you're saying, or you -- 11 back-fitting and whatever -- or are you saying this is sort 12 of self-imposed, that the creep is just you guys trying to 13 anticipate us and you're self-imposing requirements that is 14 the sum total of the best practices of everybody's who's 15 gone before you, because if there are back-fit issues, 16 there's -- you know, I'd be interested in them, and I think 17 you guys should have been raising them, but which is it? Is 18 it self-imposed, or are we imposing back-fits through 19 inspections? 20 MR. BEEDLE: I think it's a combination of some 21 self-imposed requirements, you know, trying to make sure 22 that my program meets muster. It's over-laced with the 23 involvement of contractors that we use that -- saw it happen 24 at one plant. 25 We bring them in and we ask them what do we need 89 1 to do to be successful? You need to do this, and so, we do 2 that, and then we bring the inspection teams in and they add 3 a few vulnerabilities, and we start ratcheting, and I'll 4 tell you, the security programs have increased dramatically. 5 We're seeing plants spend millions of dollars in 6 preparing for these examinations, and when you look at that 7 kind of money being spent without a change in the 8 regulations, you've got to ask why. 9 CHAIRMAN JACKSON: Well, we know that. What I'm 10 trying to do is understand where we are trying to go on a 11 go-forward basis, okay? There's a lot of history here, and 12 there's a history that we all need to learn from. 13 The issue becomes -- we have an interim program, 14 but the issue is where do we want to be on a go-forward 15 basis, and if we could focus our discussion that way, I 16 think it would be very helpful to this Commission, because 17 we can't make up for history, okay? But what we can do is 18 deal with what we do on a go-forward basis. 19 MR. McGAHA: In that case, we can skip my next 20 slide, because I think we just covered all of that, and I 21 think we ought to show the pictures, just two examples. 22 MR. BEEDLE: Slide five. 23 MR. McGAHA: And the top picture is basically a 24 gun turret. I believe five of those were added at the 25 plant, and I believe they're manned full-time. 90 1 MR. BEEDLE: No, they're not manned full-time, but 2 they are there so that, if the -- and this is within the 3 security fence of the plant. We've got these little 4 pillboxes established, and then the one down below is a 5 gate, with a keypad that you have to punch in the right 6 combination, and then we conveniently post the combination 7 right there alongside. 8 I mean anybody looking at that has got to say does 9 this make sense? 10 Now, I understand the rationale for it, but you've 11 got to say does this make sense? 12 Our operators, our plant staff, have to punch -- 13 if they want to go from point A to point B on the other side 14 of that fence, they've got to punch in this thing, and we do 15 this under the guise of 10-second delay. 16 If my plant security and safety rest on 10-second 17 delay, then there is something wrong with my design or my 18 provision for security in that plant. 19 CHAIRMAN JACKSON: Again, how long has this been 20 here? 21 MR. BEEDLE: I don't know. I think this may have 22 been put up for one of the more recent OSREs. 23 COMMISSIONER McGAFFIGAN: So, during the OSREs, 24 they take the combination down. 25 MR. BEEDLE: No, no, they leave it up. 91 1 CHAIRMAN JACKSON: I think there is an issue here 2 on a go-forward basis that has to do with what we require 3 vice what licensees do that we acquiesce to, because that's 4 really what we're talking about. 5 MR. BEEDLE: That is the crux of the issue, 6 Chairman, yes. 7 CHAIRMAN JACKSON: And that is something that I 8 think the acquiescence and what we're going to truly look at 9 can be addressed even in the interim program. 10 Now, if somebody's already built their pillboxes, 11 there's nothing that we can do about that today, okay? But 12 what we can do something about is sending a message relative 13 to beefing up beyond that which you have a committed to. 14 But then you're going to come in and examine based on what 15 that commitment is and try to move to this overall 16 integrated approach, provided the Commission approves that. 17 That's where we need to focus. I understand 18 people's neuralgia, but you know, it's like anybody who's 19 been upset or hurt about something. I can't change the 20 history. He can't change it, she can't change it, he can't 21 change it, and he can't change it. 22 The issue is where do we want to go, and what do 23 you feel from your industry point of view, okay, are 24 important things for us to consider as we go forward, and 25 that's where we can all be most helpful to each other. 92 1 MR. BEEDLE: Chairman, John's going to take us 2 there with slide number six. 3 CHAIRMAN JACKSON: Good. 4 COMMISSIONER McGAFFIGAN: Madam Chairman, if I 5 could just say one thing, and it might be slightly light, 6 but -- I may have seen too many Schwarzenegger films, but 7 I'm not sure that delays Schwarzenegger 10 seconds. 8 CHAIRMAN JACKSON: We need levity. 9 MR. McGAHA: Okay. 10 One of the areas that we need to improve on is in 11 our management oversight, and I'm talking about the industry 12 itself. 13 It's been -- I'll just tell you from my 14 experience, from being in several plants. Safeguards gets 15 into, you know, safeguards information, secretive, nobody's 16 supposed to know what the design basis threat is, and so, 17 you've got the security folks who are going to do whatever 18 they have to do to pass the exam and demonstrate that our 19 security works, and maybe we haven't gotten involved with it 20 enough. 21 CHAIRMAN JACKSON: So, specialist talking to 22 specialist. 23 MR. McGAHA: Yes. 24 COMMISSIONER McGAFFIGAN: Madam Chairman, that 25 went to my point earlier that I asked the staff about. Who 93 1 has the power in the plant to do these trade-offs? If, 2 indeed, one group is this secret fraternity with secret 3 information and a safety operator says, well, god, I guess I 4 can live with that and I'll find a way around it, as opposed 5 to really being able to challenge him and say, you know, 6 tell me what the hell that's doing for you -- you know, it's 7 buying you 10 seconds? Why is that important? Maybe some 8 of the operators have to be cleared so that they can 9 challenge and talk about. 10 CHAIRMAN JACKSON: Well, I also think there has to 11 be some discipline in our approach. I mean I heard some -- 12 admittedly, but since that's what we all use -- anecdotal 13 feedback, you know, relative to even the most recent one, 14 you know, an inspector says, well, you have this 15 vulnerability over here and, you know, you have this 16 vulnerability over here. 17 Well, that's not good on two bases. 18 One, it's not good because obviously it's, you 19 know, some individual inspector, quote/unquote, potentially 20 ratcheting somebody up, but it's not good also from my point 21 of view, because it's ad hoc, and therefore, you know, I 22 don't know -- there's no overall analysis that says this is 23 going to give, you know, the greatest improvement in safety 24 for, you know, what it requires, and so, this issue of 25 moving to this post, you know, analysis that Mr. Collins and 94 1 his folks described and having some kind of coherent 2 picture, even with whatever elements of analysis we have 3 available to us today, you know, is a way to go, and that 4 you don't just kind of, in an ad hoc way, sort of point out 5 that this is what you need to do or this is okay and that's 6 not. That doesn't give me a whole lot of comfort. 7 COMMISSIONER McGAFFIGAN: There's two 8 vulnerabilities and two more pillboxes. 9 CHAIRMAN JACKSON: Well, but I'm saying that those 10 may or may not be the greatest vulnerabilities, right? And 11 so, that's kind of, you know, what's the matter with that, 12 but I think, you know, some of it has to do with some 13 management, oversight, and discipline here, and some of it, 14 you know, has to do with -- you know, as you were discussing 15 Mr. McGaha. 16 MR. McGAHA: I think we're on the right track. I 17 guess what we're saying today is that there are some things 18 that we even have to step back and ask a bigger picture, 19 that as we're doing that, such things as does a several 20 layers of defense posture make sense based on the overall 21 protection and armament and everything that we already have 22 in place? 23 Is the design basis threat the real threat? You 24 heard that we're still going on -- what did he say, a 1979 25 -- anyway there were some assumptions and decisions made 95 1 many years ago I think we as an industry need to revisit, 2 because in fact, nuclear power plants today are probably the 3 most protected -- and maybe rightly so, but they are the 4 most protected industrial facilities in the entire country. 5 CHAIRMAN JACKSON: So that you don't -- aren't 6 confused about this 1978-79 -- just for the record, it does 7 not have to do with the threat being 20 years old. It has 8 to do with an operational assumption, that whatever the 9 threat is, as it comes out of various analyses, being 10 assumed as being constantly present for purposes of 11 regulatory approach, and that was what the gentleman, I 12 believe, was talking about. 13 MR. McGAHA: I understand, and I guess all we're 14 really saying is maybe we should revisit some of those to 15 see if that's still -- if we want to continue with those 16 same assumptions today. In fact, we did talk about that 17 some back in the early '90s, when I was on this previous 18 task force. 19 So, this overhead sort of gets into detail on what 20 I was trying to say earlier about our role to provide better 21 management oversight, and we do need to do that, to put more 22 operational input, more technical, engineering, PRA, all the 23 other inputs into the decisions that are being made. 24 But the fact is people like me aren't really 25 expert on security things, so -- but we have to get better 96 1 at challenging what some of our security people are doing, 2 because they -- even though they feel it is prudent -- and 3 this gets back to Commissioner McGaffigan's question earlier 4 -- they might be doing something they think is fully prudent 5 that we should be challenging because it just doesn't make 6 good sense, and what they may be doing is reacting to 7 something another plant did, who reacted to another plant, 8 who reacted to another plant. 9 Put the next slide up. 10 This one gets into what our recommendations would 11 be, of what an effective program would be, and along those 12 lines, I think we're consistent with what the Commission is 13 doing. 14 Our thoughts is that there are fundamental changes 15 that are needed in the security arena and that -- but we 16 also feel a baseline review of the overall picture is 17 warranted, as well as just the focus on the OSRE, the 18 modified OSRE approach, and we feel that this should be done 19 before we get too far down the road with the modified OSRE 20 approach, because they're still working on some of the same 21 assumptions that we may want to, in fact, reconsider as part 22 of this. 23 So, we should step back and look at the big 24 picture, and to be effective, the program should include, 25 first, regulations with clear requirements and maybe 97 1 risk-informed measures consistent with the approach that 2 we're taking, that the NRC is taking, and the industry is 3 taking in the regulatory environment today. 4 The licensee programs should be based on these 5 requirements. In there, we should be monitored through 6 performance criteria that are measured against the 7 regulations and not by the number of security officers that 8 some plant committed and put a number in the security plan. 9 Once again, we would like to see a response 10 posture appropriate to the threat level so that there are 11 times when we may have to double our security forces on-site 12 and there are times when maybe it would be business as 13 usual, depending on available information, and then, also, 14 we'd like to see a due process or a system to deal with 15 inspection issues in a more open process with senior 16 management -- that was my comment on the previous slide -- 17 to make sure that we're not thinking we're going the right 18 thing and all we're doing is ratcheting ourselves up to some 19 requirement that some other plant has committed to, and in a 20 lot of cases, that doesn't make sense. 21 CHAIRMAN JACKSON: Maybe you might want to think 22 about -- I'm not trying to tell you how to do your business, 23 but you mentioned this issues of the safeguards mantle, and 24 so, a question that arises is, to what extent has 25 management, you know, to whatever degree you think it needs 98 1 to be involved, ensured that it has the capability or 2 clearance or whatever it takes to have equal access to 3 safeguards information that people who work for you have? 4 I mean that puts you at a disadvantage. It's not 5 that everybody in the plant needs necessarily to have that 6 information, but presumably, you know, you and some key 7 people who would work for you would need to be able to have 8 that, and that puts you in the position, as the management, 9 to be able to provide that oversight that you talk about in 10 a more coherent way. 11 MR. McGAHA: I agree, and people in my job and in 12 other jobs, the safety review committees, there are certain 13 people that are cleared for safeguards, and we expect them 14 to review and approve and get involved with the site 15 security plan and that kind of thing, but those people 16 aren't really experts. 17 It's hard for them to interpret some things, 18 because they don't know what the basis is or who came up 19 with what the design basis threat is and whether or not 20 that's a credible thing, and if the security organization 21 comes in and says, look, 15 plants have put gun turrets in 22 because -- we need to do that, because if we don't, we're 23 not going to be able to address the design basis threat, 24 even if we have access to the safeguards, but it's also an 25 easy excuse for us to present, well, we don't know about the 99 1 -- you know, that's secretive stuff that only FBI and the 2 CIA and others know about, and so, it's an easy -- 3 CHAIRMAN JACKSON: Well, to some extent that is 4 true. 5 MR. McGAHA: All I'm saying is we need to take our 6 own excuses away and get -- and we, too, need to get more 7 involved and proactive and intrusive on some of this stuff. 8 MR. BEEDLE: Our task force, Chairman, is going to 9 make an effort to try and highlight this as an issue and see 10 what we can do about trying to educate and make people 11 understand the significance of it. I mean it's something 12 that they really need to pay attention to. 13 CHAIRMAN JACKSON: Well, if we take an integrated 14 approach, that allows you to take an integrated approach. 15 MR. BEEDLE: I think that's the real reason we're 16 able to do this and put focus on it, is because the agency's 17 put focus on it. 18 As John indicated, there have been efforts in the 19 past to try and change some of the security programs, and 20 they had relatively little success, because the agency 21 wasn't ready to make any changes. 22 COMMISSIONER McGAFFIGAN: Madam Chairman, I've 23 kept burdening this rule-making process -- 24 CHAIRMAN JACKSON: And there you go again. 25 COMMISSIONER McGAFFIGAN: -- and here I go again, 100 1 right. 2 One thing that's been successful -- and I just 3 would ask these folks -- I think in Part 70 and maybe less 4 so in Part 35, because there wasn't as much interaction in 5 the pre-proposed rule stage, but as we head towards this 6 proposed rule, would it benefit you all if we did stuff like 7 we have done on Part 70, have frequent meetings, put it on 8 the web page, whatever they're coming up with, and interact 9 with the public as well as the industry, so that people see 10 what -- where we might be headed? Would that facilitate the 11 process, you know, once the rule is out there for formal 12 comment? 13 MR. BEEDLE: I think it would do a great deal to 14 remove some of the mystery associated with the security 15 program. I mean it would get it out into the open where we 16 could talk about it, and I'm not suggesting that we talk 17 about the design basis threat or the safeguards information 18 but just how the program -- 19 COMMISSIONER McGAFFIGAN: The documents that are 20 eventually going to be made public, the rule, the reg guide 21 going with the rule, etcetera, if that were relatively open 22 earlier, it might be better. 23 MR. McGAHA: I would sense and feel that, if we 24 could figure out maybe something similar, a similar path in 25 this area, as we're doing with the rest of the regulatory 101 1 process, where we're, I think, truly reinventing, to some 2 extent, the way we do business for the better, I think the 3 same approach needs to be done here, with pilots or whatever 4 and industry input and, once again, management getting more 5 interactive and intrusive into the reasonableness of the 6 decisions that are made. 7 I think the last slide, we sort of touched on most 8 of this already, but this relates to where we think we 9 should go, and these are the four attributes that we feel 10 describe what we were just talking about, that this process 11 needs to include something to ensure that we clearly are 12 understanding the risk, and Chairman Jackson, I think you've 13 touched on that from about three or four different angles 14 already today. 15 We need to evaluate what is a realistic threat. 16 At times, maybe the threat goes up. At times, maybe the 17 threat goes down. 18 We need to employ the full capability, and I think 19 I heard that discussed about four or five times today, not 20 just -- like you said, Chairman Jackson, we need to overlay 21 the engineering and the safeguards and the contingencies and 22 all these things on top of how easy is it to get to and 23 damage a target set. 24 And last but not least, we need an appropriate 25 response posture based on the situation. I would challenge 102 1 the need to have people sitting around posted in the plant 2 with weapons loaded and cocked, assuming that someone's 3 going to attack the plant at any second. 4 I think there might be times when we need to be 5 that ready, but the general sense I based on history is 6 that's sort of the direction that the industry was headed, 7 and we haven't done very well there. 8 I mean I'll admit that plants have staffed up and 9 energized themselves and done some things to get ready for 10 OSREs, especially in the early days, and after the OSRE was 11 over, they backed off on some of those things. 12 CHAIRMAN JACKSON: Would you argue in your view 13 that the top three bullets drive the fourth one? 14 MR. BEEDLE: Yes. 15 CHAIRMAN JACKSON: Okay. So, that's the bottom 16 line. 17 MR. BEEDLE: Yes. 18 CHAIRMAN JACKSON: Okay. 19 MR. BEEDLE: Chairman, that concludes our remarks. 20 I would just like to underscore one thing, that the security 21 of our facility is not the responsibility of the security 22 department at the facility. It's the responsibility of the 23 entire plant, and we need to get it back into that -- on 24 that basis. 25 CHAIRMAN JACKSON: Okay. 103 1 Commissioner Merrifield, you have a comment? 2 COMMISSIONER MERRIFIELD: Yes. I guess there's 3 sort of two comments. 4 I agree with the notion -- some of the attributes 5 you talk about here, clearly understanding the risk, 6 evaluating realistic threats, and employing full capability. 7 I think that's the right direction to go. I think we need 8 to -- we as an agency need to clearly articulate what we 9 require, test on those requirements, and make you live by 10 those requirements. 11 But I think the important caveat to keep in mind 12 is, as we deal with many other things with risk around here, 13 it's not a one-way street. We may very well do a risk 14 analysis and determine that, in some areas, we need to think 15 about having you have more capabilities. 16 Now, I've been to a number of plants. I've seen 17 some things that lead me to believe that we're overdoing it 18 in some areas, but we may very well find down the road that 19 there are areas where we need to bolster your performance 20 that will require additional use of financial resources. 21 The second comment I would make is, you know, I 22 hear about these consultants you've brought in to give you 23 analysis of what they think you need to do in order to pass 24 our exam, and it reminds me of when I was trying to pass the 25 bar exam and become a lawyer, and I had all kinds of people 104 1 come after me -- well, you really need to take this review 2 course and you need to have these review materials, because 3 otherwise you're not going to pass that bar exam, and like 4 anything else, you know, all us good capitalist consumers 5 have to be careful about the things that people try to foist 6 on us, and that's not all our fault. 7 I mean some of it may be, but I think there's a 8 self-interest, perhaps, of some of your consultants in 9 selling you probably very expensive services and 10 demonstrating the need for them to be there. 11 So, I do want to make that comment to 12 counterbalance. 13 MR. BEEDLE: So, we should get rid of all of our 14 consultants. Well, maybe some of them. 15 COMMISSIONER McGAFFIGAN: They should all take law 16 exam prep courses. 17 CHAIRMAN JACKSON: Commissioner Dicus? 18 COMMISSIONER DICUS: One of the things that was 19 brought up in the first panel is the potential or 20 possibility, say, in the biennial exercises, of using the 21 simulator. Do you have any comments about that, 22 particularly if we really go to the criteria, what we're 23 really trying to accomplish is not to have a Part 100 24 release? 25 MR. McGAHA: I really hadn't thought much about 105 1 that. I think that's one of the things that we as an 2 industry need to look at. 3 On the one hand, there's probably -- I can 4 probably sit here and come up with some pros and cons. As 5 was mentioned earlier, we do use the simulator and emergency 6 preparedness exercises, and we found it beneficial there. 7 As I recall, part of the emergency preparedness exercise 8 also includes a security threat. 9 So, who knows? Maybe we can think of a way to 10 combine emergency preparedness and security together. 11 MR. JOSIGER: I think we have to evaluate that and 12 think it through, because there's many ways that we could 13 incorporate the operational aspect into the mitigation of 14 the various scenarios. Using the simulator is one. 15 Table-tops are another. 16 Review of the design basis, the defense-in-depth 17 philosophy that the plants are constructed and operated to 18 -- all that has to be integrated into the functional 19 inspection of security. 20 CHAIRMAN JACKSON: Commissioner Diaz? 21 COMMISSIONER DIAZ: I have no comments. 22 CHAIRMAN JACKSON: Commissioner McGaffigan? 23 COMMISSIONER McGAFFIGAN: No further questions. 24 CHAIRMAN JACKSON: Commissioner Merrifield. 25 Let's hear from Mr. Leventhal, please. 106 1 MR. LEVENTHAL: Thank you, Madam Chairman, and to 2 you and members of the Commission, I -- 3 CHAIRMAN JACKSON: Let me make one comment. 4 If any of you had -- I think, Mr. Rosano, you went 5 around and -- 6 MR. ROSANO: Yes, ma'am. 7 CHAIRMAN JACKSON: -- traded -- there was an 8 original version of Mr. Leventhal's testimony, that if you 9 have the one that you picked up when you came in, we would 10 ask you to exchange it with Mr. Rosano. 11 Please go on. 12 MR. LEVENTHAL: We do appreciate the opportunity 13 to testify before the Commission and your willingness to 14 hear a public interest view on the issues that are before 15 you today. 16 My name is Paul Leventhal, and I'm president of 17 the Nuclear Control Institute. We're a non-profit research 18 and advocacy center concerned with problems of nuclear 19 proliferation and the threat of nuclear terrorism. 20 With me today is our counsel, Eldon Greenberg, a 21 partner in the Washington, D.C., law office of Garvey, 22 Schubert & Barer. 23 Mr. Greenberg will address the legal question that 24 I made reference to in response to your question on 25 73.55(b)-(h) at the conclusion of my testimony. 107 1 I would appreciate the opportunity to begin by 2 establishing some context for the concerns that I have about 3 much of what I've heard today, and so, there is something of 4 a philosophical bent to this, and I hope you'll indulge me, 5 because there is a point to it. 6 Before founding NCI in 1981, I worked on the staff 7 of the U.S. Senate and was responsible for preparing the 8 investigations and the legislation that resulted in 9 enactment of the Energy Reorganization Act of 1974 and the 10 Nuclear Non-proliferation Act of 1978. 11 I was co-director with Jim Asselstine, who later 12 became a commissioner here, of the bi-partisan Senate 13 special investigation of the Three Mile Island nuclear 14 accident, and I helped prepare the lessons learned 15 legislation that was enacted as a consequence of this 16 investigation. 17 For the past 25 years, I've been concerned with 18 various ways -- I've been concerned in various ways with 19 prevention of the misuse and abuse of civilian nuclear 20 energy programs, including prevention of radiological 21 sabotage. 22 I'm particularly interested in the Commission's 23 present engagement in the staff's OSRE program. 24 We are highly supportive of the OSRE program. We 25 think it's actually done a pretty good job, and I think one 108 1 thing that has been absent in the discussion today, at least 2 to my hearing, are what the problems are that need to be 3 fixed. 4 We have a good sense of what the problems are in 5 terms of security performance at the plants that OSRE has 6 run exercises at and the need to improve that performance 7 and keep it improved, but I do not see any problems that 8 require a major reorganization of OSRE, perhaps some 9 upgrading of regulations so that there is enforcement power 10 in terms of grading these exercises and getting improved 11 results. 12 I would say that, given the dire consequences that 13 would result from a successful attack, the consequences that 14 the OSRE exercises are designed to try to prevent -- that 15 is, to successful repel an adversary whose objective is 16 radiological sabotage, the destruction of a plant's vital 17 systems to cause a core meltdown and breach of containment 18 -- given those dire consequences that could result from a 19 successful attack, I cannot think of anything more important 20 for the NRC staff to do and for the Commission to make sure 21 that the staff does well. 22 Among the lessons learned from the TMI accident 23 was that, when a severe accident occurs, the uncertainty 24 among operators and supervisors in the control room can run 25 very high, can contribute to the severity of the accident, 109 1 and that uncertainty itself should be considered a condition 2 of the plant in weighing whether an evacuation of the 3 surrounding population is called for. 4 That was the core finding of the Senate 5 investigation, as I recall it. 6 The lessons learned legislation enacted as part of 7 the NRC Authorization Act of 1980 included a requirement 8 that newly-constructed plants must be denied operating 9 licenses if the Commission cannot determine that the 10 surrounding area can be successfully evacuated. 11 As a consequence, the Shoreham plant was shut down 12 before reaching full power after Federally-supervised local 13 drills demonstrated that Long Island could not be 14 successfully evacuated. 15 The Seabrook plant in New Hampshire came close to 16 suffering a similar fate but was eventually granted an 17 operating license. 18 Now, I review this bit of history to illustrate 19 the overriding importance of protecting a reactor's vital 20 systems so that evacuation is never required. 21 None of the plants operating today were really 22 constructed with evacuation in mind. Emergency planning was 23 an afterthought, considered not before issuance of the 24 construction permit but just prior to granting of the 25 operating license -- that is, after the plant is built. 110 1 The 10-mile inhalation zones and the 50-mile 2 ingestion zones established by the Commission post-TMI will 3 have little meaning to the residents of New York City or 4 Chicago, for example, if one of the plants operating nearby 5 is successfully hit and a radioactive plume is heading their 6 way. 7 There will be a spontaneous desire to evacuate, 8 and it will not be pretty, to say the least. 9 TMI was a close call. A total meltdown was 10 averted after a newly-arrived shift supervisor, Brian 11 Mehler, who, for my money, is the unsung hero of Three Mile 12 Island, figured out two hours into the accident that the 13 pressure-operated relief valve was stuck open and draining 14 coolant from the core. 15 As it turned out, about half the fuel melted as a 16 result of the stuck valve and the confusion that this 17 caused. 18 How likely that a total melt could be averted if 19 the precipitating event were not a mechanical failure, as in 20 the case of TMI, but rather, the failure of security guards 21 to prevent terrorists with explosives from successfully 22 penetrating the protected area of a plant or the failure to 23 prevent a truck bomb the size of the one used against the 24 Federal building in Oklahoma City or the Marine barracks in 25 Dhahran, Saudi Arabia, from being detonated at or near the 111 1 protected area fence. 2 Now, we could, of course, debate what the actual 3 consequences of a successful attack would be, and of course, 4 we have done that today, but I ask, why bother engaging in 5 such a debate? 6 Why not simply give NRC staff the resources and 7 impose the necessary requirements on industry to make it 8 extremely unlikely that such an attack could ever succeed? 9 That, in my view, is the essential question before the 10 Commission today. 11 The public expects that kind of protection. 12 That's what public perception's all about. The public 13 expects that kind of protection and would surely demand it 14 if the current deficiencies became widely known. 15 If there were a successful attack, the human 16 suffering and the property loss that would ensue would 17 almost certainly bring about the downfall of the nuclear 18 industry, something that members of the Commission who 19 regard the industry's survival as a sacred trust should 20 ponder hard. 21 Now, the basic position of the Nuclear Control 22 Institute is, one, current security regulations at nuclear 23 power plants are inadequate to protect against radiological 24 sabotage; two, the design basis threat, 10 CFR 73.1, against 25 which plants are protected, does not correspond to current 112 1 real world dangers and is not even fully applied with regard 2 to the insider threat -- I'll return to the insider threat 3 in a moment; three, the Commission cannot rely on advanced 4 warning to provide the necessary lead time to bolster 5 defenses against an armed assault or vehicle bomb attack. 6 I was interested to hear the discussion today of 7 General Gossick's 1978 -- April 10, 1978, memorandum to the 8 Commission, approved by the Commission at that time, which 9 exhibited wisdom that is as true today as it was then. I'll 10 quote two passages from it. 11 "Operating assumption: A prudent, viable 12 safeguard system should not rely for its effectiveness on 13 the accuracy and timely availability of intelligence 14 information concerning the plans, characteristics, and 15 intentions of a hostile adversary with regard to theft, 16 diversion of SNM, or sabotage of a nuclear facility." 17 I would say that pretty much characterizes the 18 situation with regard to the Oklahoma City bomb, total 19 surprise. 20 "Degree of conservatism: This operating 21 assumption accommodates the conservative perception that, 22 given the manifestation of a significant threat to the 23 nuclear industry, there is a possibility that the U.S. 24 intelligence community would not be able to collect and 25 report that information to the NRC in a sufficiently 113 1 accurate and timely manner so that appropriate safeguards 2 actions might be taken to thwart the threat." 3 I would say that characterizes the situation with 4 the World Trade Center. There was some information, it was 5 not properly processed, the threat was not dealt with before 6 the explosion took place. 7 Now, since 1985, our organization, in 8 collaboration with another organization, the Committee to 9 Bridge the Gap in Los Angeles, has pressed the Commission to 10 upgrade its regulations regarding the design basis threat. 11 The current DBT contemplates several external 12 attackers, in collaboration with one insider, approaching 13 the plant as a single team and employing no more than 14 hand-held weapons and explosives. 15 The design basis threat for the truck bomb rule 16 promulgated in 1994, after both the attack on the World 17 Trade Center and the intrusion at Three Mile Island, which, 18 admittedly, Commissioner Merrifield, did not include a bomb, 19 but for four hours, they didn't know whether it included a 20 bomb, and I would question whether the operator acted 21 prudently with that degree of uncertainty in not scramming 22 the plant. 23 The point, however, is that, with regard to the 24 truck bomb rule promulgated in 1994, we have reason to 25 believe that it is insufficient to protect against the 114 1 larger terrorist bombs used since the time the rule was 2 promulgated in response to the World Trade Center explosion. 3 We have interacted with the Commission a number of 4 times on this, and basically, we have not gotten what we 5 would regard as a definitive response as to whether a bomb 6 as large as the Oklahoma City bomb or the Dhahran bomb could 7 be adequately protected against based on present set-back 8 distances and barriers, and there are other problems, but I 9 agreed with -- when I inquired whether I could raise this 10 issue, not to elaborate on it to the extent of neglecting 11 the subject of the meeting today. 12 Now, the subject of the meeting today is this set 13 of recommendations by the SPA task force, and we did not 14 have the document in hand when we prepared this testimony 15 that was discussed today. So, I had some generalized 16 comments on it to the effect that -- and I think that what 17 I'd like to do at this point is summarize my statement so I 18 allow some time for Mr. Greenberg to deal with the legal 19 question and maybe address some of the specific points that 20 were made today. 21 I want to raise the insider threat, because I find 22 the discussion today about the possibility of operator 23 intervention somehow mitigating the consequences of an 24 accident and thereby implicitly making the security 25 protection of the plant relatively less important -- at 115 1 least that's what I gather the message to be, but as I 2 understand it, based on the discussions that took place 3 between NEI representatives and NRC staff, the full design 4 basis threat is not applied in the OSRE exercises. 5 The insider is assumed to be only passive, not 6 active. He provides the attackers information. He in no 7 way participates in the attack. He in no way tries to 8 neutralize the guard force inside the plant. He in no way 9 tries to interfere with control room operations. He is 10 passive. 11 The design basis threat says that he is active as 12 well as passive, and I question -- seriously question how 13 you can reasonably expect to do exercises that presumably 14 mimic real-world attack-type situations, particular when 15 you're going to begin applying Part 100 release standards to 16 this whole process and apply some sort of probabilistic risk 17 assessment, as well, as far as I can gather from the 18 discussion today, if you assume that there is an insider but 19 he's just passive, then clearly you are not making a 20 real-world assumption as to what might actually happen in 21 the event of a concerted attack on a plant, and I question 22 -- this is my one principle criticism of OSRE. 23 I gather from the discussions that I observed that 24 this is sort of an unwritten staff guidance to OSRE not to 25 press the active insider as a player in a mock attack. 116 1 I would ask the Commission to consider that, 2 especially in the context of what you are now about to 3 engage in, this integrated approach, risk-informed 4 assessment. 5 I don't see how you can apply risk assessment to 6 human behavior when it comes to trying to anticipate what a 7 determined group, for whatever reason, might attempt to do 8 to bring down a nuclear power plant. 9 You have to assume that the attack could come as 10 suddenly as the attack on the Oklahoma City Federal 11 building, and the capabilities of the plant must be 12 sufficient to repeal such an attack, because the 13 consequences of a successful attack are unthinkable, 14 absolutely unthinkable. 15 Evacuation must never happen, particularly in a 16 major population center, a major city, because it's 17 unfeasible, and of course, in terms of the potential loss of 18 life and loss of property will be such, as I indicated 19 before, that it could well bring the nuclear industry down. 20 There will not be much tolerance if a nuclear 21 plant has proven to be vulnerable because of an exercise -- 22 and I do regard this as an exercise -- where industry's 23 complaints about the cost, about the inconvenience, about 24 the embarrassment of highly professional physical protection 25 exercises, what this brings to bear on them, as if that 117 1 somehow is more important than the public health and safety 2 and the common defense and security of the United States, 3 and I think the Commission seriously has to weigh that 4 question. 5 I mean all this is happening on your watch, and if 6 the result of this is to give industry more and more 7 discretion to run its own drills, to keep NRC out as much as 8 possible, because I think that's where it's really heading, 9 if that's where it's heading, my concern is that you will 10 not be satisfied with the end result, and our simple 11 solution is beef up OSRE, give it the regulatory authority 12 it needs so that fines and other enforcement actions can be 13 taken, if needed, and Mr. Greenberg, in a moment, will 14 discuss whether you really need a new regulation or whether 15 you just interpret present regulations differently, and I 16 would say that that would be the more useful approach. 17 CHAIRMAN JACKSON: I think Commissioner McGaffigan 18 had a question for you. 19 COMMISSIONER McGAFFIGAN: The question really goes 20 to the -- you know, there's a lot of absolutism in your 21 comments today, and you know, I take an analytical approach 22 to almost everything, so you know, the sort of questions we 23 asked earlier, I'll ask you. 24 I can posit a design basis threat that, you know, 25 a rogue company of special operations forces or battalion 118 1 or, you know, the entire U.S. special operations command 2 going haywire and deciding -- even if I posit that big a 3 threat, why do they go after nuclear plants as opposed to 4 all the other soft targets where they can do even more 5 damage, and why do you not bring the same absolutism to the 6 chemical industry or to various other various soft targets 7 that are available in the United States? 8 There's a tremendous deterrent. I mean this is -- 9 whatever else you say, this is the safest private sector set 10 of institutions in the country from the point of view of 11 being able to repeal terrorist attacks. 12 MR. LEVENTHAL: I would add to that statement the 13 phrase "thus far." 14 I would respond by quoting what the FBI apparently 15 briefed security staff on, which was that there is no such 16 thing as an unlikely target and that any perception of 17 softness might well be exploited, and therefore, if what the 18 public perception is is a ratcheting down of physical 19 protection standards in order to accommodate the complaints 20 of industry over the cost and the inconvenience and the 21 embarrassment, the perception may be that nuclear plants are 22 becoming soft targets. 23 I think security can be improved. There are 24 obviously limitations. 25 COMMISSIONER McGAFFIGAN: But how much is enough? 119 1 I mean where do you draw the line? 2 You're saying the design basis threat isn't high 3 enough in one place -- I mean should I assume that there's a 4 company of rogue special operations forces fully armed to 5 the teeth with whatever weapons they can bring in, with 6 whatever helicopters, etcetera, they have available to 7 themselves? 8 Where do I draw the line? I can defeat anything 9 if you give me enough fire power. 10 MR. LEVENTHAL: Given General Gossick's operating 11 assumption, there are limits as to what you can expect from 12 intelligence, but surely the CAT program, for example, 13 should not have been terminated, if indeed it has been 14 terminated, the program in cooperation with FBI and DOE 15 based at Livermore, which presumably was designed to process 16 information as quickly as possible for the NRC. 17 I think, sure, there are probably upper limits 18 beyond which you could not protect the plant, and I won't 19 get into the scariest of scenarios, which are the nuclear 20 scenarios, but the point is that, even though other 21 industries may be less protected -- that may well be so. 22 Nuclear is different. First of all, there is a 23 certain panache in the minds of terrorists and radical 24 groups, perhaps, in doing something nuclear, and the 25 potential consequences are uniquely insidious. 120 1 If there were a radioactive plume heading for a 2 major city or population center, it would just be terrible, 3 and it's something that, therefore, the Commission should 4 use every resource available to it to prevent. 5 I'm not saying, of course, it can be 100-percent 6 prevented, but I'm saying you can make it extremely unlikely 7 or as unlikely as humanly possible, and the sense that I get 8 of the discussions thus far, the two meetings between NEI 9 and NRC staff that I monitored and the discussion today, is 10 that you're sort of on a slippery slope toward giving 11 industry more discretion and NRC less of a role, to put it 12 in kind of plain language, and I don't think that's in the 13 public interest. 14 CHAIRMAN JACKSON: Can you speak to the SPA task 15 force recommendations? 16 MR. LEVENTHAL: Well, yes, I can, and I do in my 17 statement. 18 The first two show promise. The first two, which 19 speak to the modifications of regulations and the 20 preparation of regulatory guide to develop target sets, 21 protective strategies, and an exercise regimen -- that's all 22 to the good, I would think, because that doesn't exist 23 today, and it could strengthen OSRE in doing its job. 24 But the second two are a clear indication -- the 25 second two being this notion of training NRC regional 121 1 inspectors to -- first of all, identifying their role and 2 observing tactical response exercises and to train them for 3 new responsibilities -- this suggests that what the ultimate 4 objective is here is to eliminate the outside consultants, 5 and by the way, these outside consultants, which their very 6 existence and identification is so sensitive that it's 7 classified, they obviously know their stuff, they're 8 charging the Commission all of about $90,000 a year, which 9 is not prohibitive, it's a bargain for what you're getting, 10 and it is not like prepping -- Commissioner Merrifield, I 11 think the analogy about prepping for the bar exam and 12 prepping for an OSRE exercise doesn't really hold, because I 13 mean you might fail the bar exam and have to take it over 14 again if you get the wrong advice, but presumably these are 15 experts in black hat exercises, in Green Beret tactics. 16 These are the guys who you wouldn't want to have 17 against you and you definitely want to have with you, and I 18 think the kind of review and expert advice they give on 19 correcting inadequacies is invaluable, and nothing should be 20 done to in any way diminish their role. 21 Again, if I could just ask Mr. Greenberg to deal 22 with the final point having to do with a situation where the 23 physical protection plan is just fine but the licensee 24 happens to fail to protect against a design basis threat, 25 how do you enforce that kind of a situation? 122 1 COMMISSIONER MERRIFIELD: Chairman, if I may, 2 before you do that, I just wanted to get a clarification. 3 In response to Commissioner McGaffigan's comments, you 4 mentioned something about soft targets, and I was wondering 5 if you could -- I missed that, if you could go over that 6 again. 7 MR. LEVENTHAL: Yes. It was one of the different 8 professional view papers. They apparently cited a FBI 9 briefing for security staff. I don't have that paper before 10 me, but it was the one that accompanied Captain Orrik's 11 paper back in August, I believe. 12 COMMISSIONER MERRIFIELD: You were quoting the 13 paper, then. 14 MR. LEVENTHAL: Yes. It was characterized in that 15 paper as a briefing in which the FBI said that there is no 16 such thing as au unlikely target and doing nothing that 17 might project the appearance of a hard target becoming a 18 softer target, because if a hard target becomes a softer 19 target, it is more vulnerable to attack and more likely to 20 be attacked. 21 COMMISSIONER MERRIFIELD: I have some other 22 comments, but I'll withhold those till the end. 23 MR. LEVENTHAL: Mr. Greenberg. 24 MR. GREENBERG: Thank you. 25 Madam Chairman and members of the Commission, 123 1 you've been very patient over a long morning. 2 COMMISSIONER MERRIFIELD: Well, this is important 3 stuff. 4 MR. GREENBERG: Contrary to what is usually 5 expected of lawyers, I'll try to be brief nonetheless. 6 CHAIRMAN JACKSON: That's all right. We've got 7 our own. 8 COMMISSIONER MERRIFIELD: And they put up with me, 9 too. 10 MR. GREENBERG: There was a certain amount of 11 discussion this morning about regulatory requirements and 12 enforceability, and I think it was made clear by the staff 13 presentation that, at least insofar as OSRE has been run in 14 the period from 1992 to 1998, the Commission did not 15 consider that a licensee which was otherwise in compliance 16 with 10 CFR 73.55(b) through (h) could be subject to an 17 enforcement action if it failed to demonstrate successfully 18 its capability to defend against the design basis threat. 19 The report of the ad hoc review panel at various points 20 refers to the fact that findings of security weaknesses are, 21 quote, beyond enforceable requirements. 22 As we read the rules, that kind of judgement is 23 not necessary. We believe that the regulations as they now 24 exist can properly be read as requiring licensees to be able 25 actually to defend against the design basis threat, and we 124 1 set out in our written statement the arguments in support of 2 that position, and I won't go over them in depth this 3 morning. 4 It does seem to me that the staff indicated that 5 it does not necessarily interpret the regulations 6 differently than we do insofar as the modified OSRE program 7 from 1999 to 2000 will be one in which the NRC may issue 8 enforceable orders to upgrade security and will not be 9 relying solely upon voluntary actions that might be taken by 10 the licensee in response to OSRE findings. 11 Even so, to the extent that there is any ambiguity 12 in the current regulations, we would favor removing that 13 ambiguity through rule-making to make it clear that 14 compliance, for example, with 73.55(b) through (h) 15 requirements is not a safe haven and that, in fact, the 16 licensee must be able to demonstrate an ability to meet the 17 design requirement to protect against the design basis 18 threat. 19 Mr. Leventhal mentioned in his prepared testimony 20 that the institute supports recommendation number one of the 21 SPA. 22 That recommendation, as stated this morning, would 23 be to modify the rules, quote, "to require licensees to 24 maintain the effectiveness of their contingency plans and to 25 upgrade their security plan commitments whenever these 125 1 exercises reveal weaknesses in their ability to protect 2 against the design basis threat." 3 We think that's a salutary change, we think it's 4 appropriate, and we think it's one that should be made by 5 the Commission when it considers these issues in the 6 upcoming rule-making. 7 Thank you. 8 CHAIRMAN JACKSON: Thank you. 9 Mr. Leventhal, any further comments? 10 MR. LEVENTHAL: That concludes my remarks, and 11 we'd both be happy to respond to any questions. 12 CHAIRMAN JACKSON: Okay. 13 Commissioner Dicus. 14 COMMISSIONER DICUS: I don't have any further 15 questions. 16 CHAIRMAN JACKSON: Commissioner Diaz. 17 COMMISSIONER DIAZ: No further questions. 18 CHAIRMAN JACKSON: Commissioner McGaffigan. 19 COMMISSIONER McGAFFIGAN: I think I had my 20 questions earlier. 21 CHAIRMAN JACKSON: Commissioner Merrifield. 22 COMMISSIONER MERRIFIELD: Yes, a couple of things 23 I would comment on. 24 Mr. Leventhal, you've got some relatively detailed 25 testimony here which I find quite interesting and 126 1 informative. It's not my point to make this, but it would 2 have been helpful for me to get this in advance so that I 3 could have had a chance to go through it and ask -- 4 MR. LEVENTHAL: I apologize for that. 5 COMMISSIONER MERRIFIELD: -- some more detailed 6 and penetrating questions. It makes it very difficult for 7 me not to be able to prepare adequately given what I think 8 is probably some very good testimony. 9 Regarding your comment on my comment on bar review 10 exams, the point that I was simply trying to make with the 11 industry is -- you know, it may be very appropriate 12 activities that they were doing. 13 There is a lot of grumbling among some licensees 14 that these are in response to things that we're forcing on 15 them, and I just wanted them to be aware that it may be -- 16 their consultants may be encouraging them to purchase things 17 that aren't necessary to meet our requirements. 18 Finally, there is a statement that you have in 19 your printed statement I do want to touch on. On the second 20 page, on the last full paragraph, you state, "Members of the 21 Commission who regard the industry's survival as a sacred 22 trust should ponder hard." 23 I'm speaking only for myself. When I swore in as 24 a Commissioner of the Nuclear Regulatory Commission, it was 25 in mind with keeping -- making sure that the health and 127 1 safety of the American people were protected. 2 It was not in my mind that I was swearing in to 3 protect the industry's survival as part of my sacred trust. 4 So, at least for my purposes, I will tell you that is not at 5 all my intention of being a U.S. NRC Commissioner. 6 COMMISSIONER McGAFFIGAN: I second that, and I'm 7 sure there will be a third, fourth, and fifth. 8 MR. LEVENTHAL: Let me say, as a drafter of the 9 Energy Reorganization Act, that was intended -- and I do 10 have this in my testimony elsewhere -- it was intended to 11 essentially fission the AEC into separate promotional and 12 regulatory agencies. 13 Members of the Commission could well be supportive 14 of the nuclear industry in the sense that the feeling is 15 that it's an important and vital industry and it represents 16 an important part of the infrastructure, as Captain Orrik 17 said before, but as an independent regulatory body, you do 18 have to make the tough judgements that sometimes the 19 industry must pay for things that it doesn't want to pay for 20 and that, while this particular industry has difficulties in 21 a more competitive marketplace today, in the context of 22 deregulation, as I indicated before, it is -- nuclear is 23 different, because if something goes wrong, the consequences 24 are grave, and again, Commissioner McGaffigan, not to in any 25 way contest your point that the chemical industry is 128 1 probably a softer target and the consequences could be 2 horrible -- I surely agree with that, but nuclear is 3 different in the sense that the consequences could be 4 long-lasting and result in a -- if not permanent, a 5 long-term evacuation and with very difficult cleanup, I'm 6 sure you're all aware of that, and therefore, that extra 7 measure of conservatism is essential, and I think where 8 there should be no compromise is that these plants are 9 protected against what the experts say is a credible 10 real-world threat, and at the end of my testimony, I 11 suggested that you do revisit the design basis threat to 12 look at whether it does reflect what the experts say is the 13 current threat out there. 14 I mean the design basis threat probably should be 15 revisited on a periodic basis, because the threat does 16 change, and unfortunately, the threat is getting worse and 17 worse. 18 So, I would hope the Commission would take that 19 recommendation seriously. We surely stand ready to interact 20 with you, and we do appreciate this opportunity to be heard, 21 and Commissioner Merrifield, if, after reading the 22 testimony, you want to discuss it further, I'd be happy to. 23 CHAIRMAN JACKSON: Well, I will make three 24 comments. 25 One, you know, I've said in testimony I think that 129 1 the nuclear power industry is an important part of our 2 energy mix, but I probably am the member of the Commission 3 that that nuclear industry likes the least, because you 4 know, I have been willing to make tough calls, etcetera, 5 etcetera. 6 Your comment about soft targets is something that, 7 you know, has played in the back of my mind, or perception 8 of it, and I think it's one that, in a threat environment, 9 one has to keep in mind. 10 And third, I have, in fact, been pushing the staff 11 on the interpretation we've made of 73.55(a) relative to 12 this focus on items (b) through (h) as opposed to the rest 13 of what's in that regulation, but sometimes clarification or 14 further hardening of the clarification is a useful exercise, 15 and I think that one shouldn't misunderstand the integrated 16 approach in terms of the ability to help one understand 17 where all of the vulnerabilities are, including things like 18 what happens if operators are incapacitated because of an 19 insider or blowing up the control room or whatever it is, 20 and that's why one has to do that kind of integrated 21 analysis. 22 But let me just close by thanking each of the 23 panelists today for sharing their insights and concerns 24 regarding the OSRE program and the NRC recommendations 25 overall for the program for safeguards performance 130 1 assessment. 2 As I stated at the outset of the meeting, I 3 believe that the additional scrutiny that we have been 4 giving this program will, in fact, result in a more 5 effective regulatory oversight, a program that is 6 defensible, is consistent, and coherent with clear 7 performance objectives and ultimately providing, you know, a 8 better regulatory approach to all of our stakeholders, and 9 the Commission is evaluating and will continue to evaluate 10 the NRC staff proposals. 11 We will weigh the thoughtful input we've received 12 today from all parties, and we will monitor and assess the 13 results of the program as it evolves. 14 I do not believe we're going to stop the modified 15 OSRE program but we're going to learn from it and try to 16 move along, and I thank all of you for your attention. 17 Unless my colleagues have any comments, we're 18 adjourned. 19 [Whereupon, at 1:02 p.m., the briefing was 20 concluded.] 21 22 23 24 25