Text

July 25, 2017 Note From William Reckley, Senior Project Manager NRO/DSRA/ARPB SUJECT:

Feedback on NEI Paper on Clarifying Major Portions for Standard Design Approvals The attached email provided feedback to the Nuclear Energy Institute (NEI) on the paper Proposed Physical Security Requirements for Advanced Reactor Technologies, dated December 2016 (Agencywide Documents Access and Management System (ADAMS)

Accession No ML17026A474). The feedback was provided to support ongoing discussions on the issue and a public meeting to be scheduled in the near future. Address any questions to Bill Reckley at (301) 415-7490.

From:

To:

Subject:

Date:

Attachments:

Reckley, William David Young (NEI), Marc Nichol (NEI); Tom Zachariah (NEI); Mike Tschiltz (NEI)

NRC Staff Comments/Questions on Advanced Reactor Physical Security White Paper Friday, July 21, 2017 1:36:00 PM NRC Staff Comments-Questions NEI Adv Rx Security Requirements.pdf Attached are some comments and questions from the NRC staff related to the NEI white paper Proposed Physical Security Requirements for Advanced Reactor Technologies.

Our primary focus has been on the scope and related criteria for the suggested changes to security requirements for advanced reactors. Please feel free to give me a call if you have any questions about the attached comments/questions.

In addition, we previously discussed having a public meeting to discuss our comments/questions and the NEI plans to prepare a revision to the white paper. Please let me know what would be a good date/time for such a meeting.

As we discussed during our May 3, 2017, public meeting - the NRC staff is proposing to prepare a Commission Paper on this topic (possible rulemaking related to security requirements for advanced reactors) and will consider the suggestions from the NEI white papers as well as input from other stakeholders. Our expectation is that we will begin preparing the Commission Paper in the next several months and would continue to have public meetings during our development of the paper.

William D. Reckley Advanced Reactor Program william.reckley@nrc.gov (301) 415-7490 NRC Staff Comments/Questions: NEI White Paper on Proposed Physical Security Requirements for Advanced Reactor Technologies

Background

Advanced reactor designs, including light-water small modular reactors (SMRs) and non-light-water reactors (non-LWRs), can differ significantly from the current fleet of large LWRs assumed in the formation of current NRC requirements and guidance related to physical security and safeguards. Potential releases from non-LWRs may differ in both magnitude and timing in comparison to current plants. NEI has suggested that potential uncertainties related to physical security requirements for light-water SMRs and non-LWRs be addressed by rulemaking similar to the staffs actions for emergency planning. NEI has provided a possible approach in the white paper Proposed Physical Security Requirements for Advanced Reactor Technologies (ADAMS Accession No. ML17026A474). This paper, "...proposes an approach to security that appropriately considers the enhanced safety and security incorporated into these designs and provides a more effective and efficient means to protect the public health and safety." In the transmittal letter, NEI requests that "...the NRC establish regulatory positions on this approach and the associated policy and technical issues."

The NRCs Policy Statement on the Regulation of Advanced Reactors defines several attributes that could assist in establishing the acceptability of advanced reactor designs. These attributes include:

highly reliable and less complex decay heat removal systems; longer time constants to reaching safety system challenges; simplified safety systems that reduce required operator actions; Designs that minimize the potential for severe accidents and their consequences; and Designs that incorporate the defense-in-depth philosophy by maintaining multiple barriers against radiation release.

The policy statement was updated in 2008 to include attributes related to physical security and theft and diversion of radioactive materials. An example is the following attribute:

Designs that include considerations for safety and security requirements together in the design process such that security issues (e.g., newly identified threats of terrorist attacks) can be effectively resolved through facility design and engineered security features, and formulation of mitigation measures, with reduced reliance on human actions.

In addition to defining favorable attributes for advanced reactor designs, the Commission provided the following observations on the possible implementation of the policy statement:

To provide for more timely and effective regulation of advanced reactors, the Commission encourages the earliest possible interaction of applicants, vendors, other government agencies, and the NRC to provide for early identification of regulatory requirements for advanced reactors and to provide all interested parties, including the public, with a timely, independent assessment of the safety and security characteristics of advanced reactor designs. Such licensing interaction and guidance early in the design process will contribute towards minimizing complexity and adding stability and predictability in the licensing and regulation of advanced reactors. And, Finally, the NRC also believes that it will be in the interest of the public as well as the design vendors and the prospective license applicants to address security issues early in the design stage to achieve a more robust and effective security posture for future nuclear power reactors.

NEI White Paper The NEI white paper Proposed Physical Security Requirements for Advanced Reactor Technologies suggests that the NRC establish new regulations related to physical security requirements in advance of a design-or site-specific application. The white paper includes possible criteria for determining if an advanced reactor design could be eligible for an approach for physical security less reliant on on-site armed responders. The paper further outlines possible regulatory requirements for an advanced reactor design meeting the criteria and recommends that the NRC staff initiate a rulemaking action to develop such an approach. The paper was discussed at a public meeting on May 3, 2017, and the NRC staff agreed to provide initial comments and questions to better understand the NEI suggestions and support a subsequent Commission paper on the topic of physical security requirements for advanced reactors.

Observations and questions from the NRC staff are provided below. As outlined in the public meeting of May 3, 2017, the staff understands that NEI will consider the comments and questions and provide a revision to the white paper. It should be understood that the purpose of the staff providing the comments and questions and NEI providing a response are to support a future staff paper and should not be construed as working toward a more formal review of the NEI approach. The staff will consider the initial and revised white paper from NEI, interactions with various stakeholders, and our own evaluations and proposals while developing a future Commission paper on of possible changes to requirements or guidance documents. The NEI white paper and related comments/questions from the staff are primarily related to physical security to address radiological sabotage. As discussed in the meeting on May 3, 2017, the scope of discussion will need to expand at some point to address the related topics of protection against theft and diversion of radioactive materials and cyber security.

o In addition to the suggested criteria, does the approach described in the white paper include assumptions on a likely scope for the applicability of the revised regulations in terms of reactor types, sizes, fuel, fuel enrichments, or other parameters?

NEI Suggested Criteria Much of the discussion at the public meeting of May 3, 2017, related to possible criteria for determining when revised physical security requirements might be warranted for some advanced reactor designs. The NEI white paper suggested the following criteria:

1) Uses a reactor technology that is not susceptible to significant core damage and spent fuel sabotage, or

2) Does not have an achievable target set, or

3) Has engineered safety and security features that allow for implementation of mitigation strategies to prevent significant core damage and spent fuel sabotage if a target set is compromised, destroyed, or rendered nonfunctional.

When taken in the order presented, the above criteria provide for a progressive approach where the applicability of revised physical requirements could be determined first by the inherent safety features of a reactor design, then if needed by assessing the ability of an adversary to compromise safety systems and barriers to the release of radioactive material, and lastly, if needed, by the ability of onsite and offsite responders to recover a facility from adversaries and limit the release of radioactive materials through mitigation strategies. The staffs observations and questions on the logic and criteria are provided below:

(1) Inherent Safety Features (not susceptible to significant core/spent fuel sabotage)

The terminology related to core damage, while consistent with current security requirements related to defining target sets, differs from other advanced reactor activities and recognition that some non-LWR technologies do not involve damage mechanisms and states similar to those used for large LWRs. An NEI white paper from November 2015 (ADAMS Accession No. ML15323A245) discussed a possible approach using offsite dose consequences. If the criteria are considered to involve a logical progression, it might be appropriate to define the first criterion in terms of the radiological consequences from a hypothetical unmitigated event involving the loss of decay heat removal and physical structures surrounding the reactor, spent fuel, and other inventories of radioactive materials. In this context, unmitigated events would consider quantities, form, location, and dispersibility of radioactive materials as well as availability of physical heat sinks and barriers but would not consider those safety features included in the design to prevent or mitigate a release.

o Could such an evaluation replace the first criterion related to susceptibility to significant core damage or spent fuel sabotage? The staff notes that analyses of hypothetical unmitigated events might support other design and regulatory decisions associated with advanced reactor designs.

o In the context of either the 2015 or 2016 physical security white papers, did the NEI working group consider what threshold of radiological consequences from such a hypothetical event might be appropriate for determining which designs could apply revised physical security requirements?

o Does NEI have some confidence that some advanced reactor designs being considered could meet a criterion based on the offsite consequences from an unmitigated event?

o Did the NEI working group consider a graded approach for the suggested requirements in to the white paper based on the progressive nature of the criteria? For example, the overall requirements for a facility meeting criterion 1 might be less than the requirements requiring mitigation strategies (criterion 3). Note that the staff is not at this time providing detailed comments or questions on the suggested requirements in to the white paper.

(2) Achievable target set For those advanced reactor designs for which a hypothetical unmitigated loss of decay heat removal and physical structures could result in an offsite dose exceeding a possible threshold, a second consideration could involve the ability of attackers to cause a loss of safety functions and barriers to the release of fission products from the reactor core, spent fuel, or other on-site sources.

o In terms of the second criterion in the NEI white paper, how does the suggested use of an achievable target set consider the assumptions related to an on-site armed response to an attack during the development of the current design-basis threat (DBT) and the use of that DBT under different scenarios for an advanced reactor without armed responders? Do the different possible scenarios, including longer and less hampered access to facilities, require reconsideration of the DBT for potential advanced reactors without armed responders?

During the meeting held on May 3, 2017, some views were provided related to the role of security assessments using guidance from NUREG/CR-7145, Nuclear Power Plant Security Assessment Guide, and a potentially graded approach to the number of armed responders.

o Would such a performance-based approach to physical security requirements be beneficial to the advanced reactor developers?

o Would it be likely that licensees would have armed responders for asset protection reasons in the absence of NRC requirements? Would it be beneficial to credit some armed response capability to prevent a loss of control of a facility due to an individual or group less equipped than adversaries defined in the DBT?

(3) Mitigation Strategies In theory, safety and security requirements for advanced reactors should reflect inherent design characteristics such as longer time constants before degradation of barriers and release of radioactive material given a loss of safety functions. The third criterion in the NEI white paper suggests that longer reactor/spent fuel time constants could support allowing credit for offsite responders to recover a facility and implement mitigation strategies. The NEI white paper acknowledges that additional guidance would be needed to cover topics associated with this criterion.

o Has the NEI working group formulated an approach or could NEI provide examples of how this criterion might be applied?

The NEI white paper notes that this criterion is related to an ongoing staff activity assessing physical security requirements for operating reactors, and in particular the potential role of crediting local, State, or Federal law enforcement response to establish coping times (see SRM-SECY-16-0073). The staff would appreciate any insights that NEI might offer on how a consistent logic and approach related to crediting offsite support could be developed for current large LWRs and advanced reactor designs.

o Does the NEI working group envision a generic approach or assumption related to offsite support (e.g., it is reasonable to assume offsite security and operational support within a given time period) or a site-specific assessment taking into account design-specific reactor behavior and expected capabilities of offsite agencies (e.g., response times and force sizes)? Would site-specific assessments need to be supported by related operational programs and periodic assessments to verify assumptions related to offsite capabilities?