Regulatory Guide 5.62

From kanterella
Jump to navigation Jump to search
Reporting of Physical Security Events.
ML12187A729
Person / Time
Issue date: 02/28/1981
From:
Office of Nuclear Regulatory Research
To:
References
RG 5.62
Download: ML12187A729 (7)


February 1981 U.S. NUCLEAR REGULATORY COMMISSION

REGULATORY GUIDE

OFFICE OF STANDARDS DEVELOPMENT

REGULATORY GUIDE 5.62 (Task SG 901-4)

REPORTING OF PHYSICAL SECURITY EVENTS

A. INTRODUCTION

organization or any other employee of the licensee that supports a belief that an act of theft or radiological sabotage Paragraph 73.71(c) of 10 CFR Part 73, "Physical Pro- may be attempted.

tection of Plants and Materials," requires that licensees report to appropriate offices within the Nuclear Regulatory Some judgment has to be exercised about when to Commission events that significantly threaten or lessen the report potential threats. A licensee should report a poten- effectiveness of their physical security systems as establish- tial threat as soon as it becomes evident that the threat is ed by safeguards regulations or an approved safeguards plan serious even though a report is not required until 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> or both. As required by 10 CFR Part 50, "Domestic after information of the potential threat is received.

Licensing of Production and Utilization Facilities," and

10 CFR Part 70, "Domestic Licensing of Special Nuclear In some cases, explicit and potential threats have been Material," a safeguards plan must include one or more of addressed in the licensee's contingency plans. If they have the following plans: physical security, contingency, and been addressed and if the contingency plan procedure security personnel qualification and training. requires the event to be reported, the licensee should report the event. However, if after following the procedures of the This regulatory guide provides an approach acceptable to contingency plan for the event it is determined that the the NRC staff for determining whether an event should be event is not reportable, a report need not be made. Typical reported and the time frame during which the event should events and the respective reporting times are included in the be reported and suggests a format that could be used for regulatory position of this guide.

reporting the event.

Loss of Physical Security Effectiveness

B. DISCUSSION

A major loss of physical security effectiveness (see foot- Events of concern may be divided into two categories: note 2 to paragraph 73.71(c) of 10 CFR Part 73) occurs

(1) threat-related events, i.e., those that pose a possible under any one of the following general conditions and threat to a facility or to a shipment, or (2) loss-of-physical- should be reported within the time frame specified:

security-effectiveness events, i.e., those in which the physi- cal security system has failed or has been compromised or 1. The breakdown of security systems designed or degraded. In each of the categories, the reporting routine employed to prevent an unauthorized individual from will vary, depending on the severity of the event. The event entering a vital or material access area (see paragraphs categories and the associated reporting routines are includ- 73.2(h) and (j) of 10 CFR Part 73) is such that access could ed in Table 1 of the regulatory position. have been gained without detection. The reason for report- ing this event within an hour is that the vital and material Threats access areas are the ultimate target for theft or radiologi- cal sabotage and, since the last line of defense to them has Explicit threats are those events in which information has been completely degraded, the physical security system has come to the attention of a member of the licensee's security no protection against an insider.

organization or any other employee of the licensee that an act of theft or radiological sabotage will be attempted. 2. All communication systems used to summon local law enforcement response forces become inoperative. (The Potential threats are those in which information has Emergency Notification System to the NRC is not consid- come to the attention of a member of the licensee's security ered a communication system used to summon local law USNRC REGULATORY GUIDES Comments should be sent to the Secretary of the Commission, U.S. Nuclear Regulatory Commission, Washington, D.C. 20555, Regulatory Guides are issued to describe and make available to the Attention: Docketing and Service Branch.

public methods acceptable to the NRC staff of implementing specific parts of the Commission's regulations, to delineate tech- The guides are issued in the following ten broad divisions:

niques used by the staff In evaluating specific problems or postu- lated accidents, or to provide guidance to applicants. Regulatory 1. Power Reactors 6. Products Guides are not substitutes for regulations, and compliance with 2. Research and Test Reactors 7. Transportation them Is not required. Methods and solutions different from those set 3. Fuels and Materials Facilities 8. Occupational Health out In the guides will be acceptable if they provide a basis for the 4. Environmental and Siting 9. Antitrust and Financial Review findings requisite to the issuance or continuance of a permit or 5. Materials and Plant Protection 10. General license by the Commisslon.

Copies of issued guides may be purchased at the current Government Comments and suggestions for improvements in these guides are Printing Office price. A subscription service for future guides in spe- encouraged at all times, and guides will be revised, as appropriate, cific divisions is available through the Government Printing Office.

to accommodate comments and to reflect new information or Information on the subscription service and current GPO prices may experience. This guide was revised as a result of substantive com- be obtained by writing the U.S. Nuclear Regulatory Commission, ments received from the public and additional staff review. Washington, D.C. 20555, Attention: Publications Sales Manager.

enforcement response forces.) The reason for reporting this a. The breakdown of security systems designed or event within an hour is that the ability to directly summon employed to prevent an unauthorized individual from offsite response forces has been completely eliminated. entering protected or controlled access areas (see paragraph

73.2(z) of 10 CFR Part 73) is such that access could have

3. Improper personnel procedures occur that lead to been gained without detection.

conditions in which unauthorized or undetected access to vital or material access areas, to a shipment of formula b. Improper personnel procedures occur that lead to quantities (see paragraph 73.2(aa) of 10 CFR Part 73) of the condition in which unauthorized access to protected or strategic special nuclear material, or to a shipment of controlled access areas or to a shipment of special nuclear irradiated reactor fuel is possible or the ability to summon material of moderate strategic significance (see para- response is not available. The effect of procedure violations graph 73.2(x) of 10 CFR Part 73) is possible or the ability that result in this condition is the same as that in the to summon response is not available.

previous two conditions; hence, the event must be reported within an hour. 3. Loss of any one redundant or diverse vital or material access area security system leaves these areas under the Any condition that constitutes a major loss-of-physical- protection of only one security system. This includes loss security-effectiveness event that has been properly compen- of either the central or secondary alarm station. Although sated' for in a timely manner is considered to be a moderate the protection afforded the vital and material access areas event and does not have to be reported within an hour but has been degraded through the loss of one redundant must be reported within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br />. The delay in reporting or diverse system protecting it, a complete loss of protec- is allowed because the physical security effectiveness has tion has not occurred, and the event therefore does not essentially been restored to the required level and the have to be reported as soon.

possibility for compromise of the physical protection system in the interim was minimal. A report, however, has If conditions listed in 2 and 3 under the moderate loss of to be made within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> because of the potential physical security effectiveness result in a moderate event severity of the event and because the NRC needs to be and that event has been properly compensated' for in a informed of the causes of such events and the actions taken timely manner, it does not have to be reported to NRC;

to correct them. however, the event does have to be recorded in the licensee's records.

In contrast to licensees who have to meet the requirements of §§ 73.20, 73.37, 73.50, and 73.55 of 10CFR Part 73,

C. REGULATORY POSITION

licensees who possess, store, transport, or use only special nuclear material of moderate strategic significance or special Licensees should evaluate physical-security-related events nuclear material of low strategic significance (see § 73.67 in accordance with Section 73.71(c) of 10 CFR Part 73 and of 10 CFR Part 73) are not subject to the requirements for the guidelines in the discussion of this guide to determine reporting major loss-of-physical-security-effectiveness events. whether they are reportable. If after application of Table I

and the guidelines it is determined that the event needs to A moderate loss of physical security effectiveness (see be reported or, if any doubt exists about whether the event footnote 5 to paragraph 73.7 1(c) of 10 CFR Part 73) for a should be reported, it should be reported by telephone to physical security system occurs under any one of the the Director of the appropriate NRC Inspection and Enforce- following conditions and should be reported to the NRC ment Regional Office listed in Appendix A to 10 CFR

within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> after discovery: Part 73.

1. Any one of the conditions listed under a major The telephone report should include, as a minimum, the loss of physical security effectiveness that has been proper- information requested in the appendix to this guide. The ly compensated' for in a timely manner. written report should include, as a minimum, the informa- tion requested in the appendix to this guide as well as any

2. In the following two conditions, the protected area is additional information that the licensee is requested to considered one of the redundant systems for protection of furnish the NRC. Written information requested in the the vital or material access areas. However, unlike vital area appendix should be supplemented, as needed, by additional and material access area systems, a breakdown of the narrative material to provide a complete explanation of the protected area security system does not leave the material circumstances surrounding the event. Threat-related events access or vital area without protection. Therefore, this type affecting plants under construction should be reported event does not have to be reported as soon. under paragraph 73.71(c) of 10 CFR Part 73 only if the plant under construction has a license, i.e., the plant is licensed to have fuel on site. It is not expected that events

1

"Properly compensated [for event] " is defined in footnote 4 to involving loss of physical security effectiveness would occur paragraph 73.71(c) of 10 CFR Part 73 as measures specified in a security or contingency plan that provide a level of security equiva- for plants under construction. However, defects or deficien- lent to that existing before the event, or, if the event is not specified cies in security equipment or its installation are reportable in either of these plans, it means measures implemented within 10

minutes of an event's occurrence that provide a level of security either under 10 CFR Part 21 or paragraph 50.55(e) of 10 CFR

equivalent to that existing before the event. Part 50.

5.62-2

3 Threat-Related and Physical-Security-Effectiveness Events g. Loss of both central and secondary alarm stations.

Time frames for reporting the various categories of h. Loss of all capability for 3offsite communication to threat-related and physical-security-effectiveness events are the local law enforcement agency.

shown in Table 1.

i. Loss or degradation of power for the physical secu- Table 1 rity system below that level required to keep the security

3 system operating at rated capacity.

REPORTING TIMES FOR VARIOUS TYPES OF EVENTS

j. Failure or loss of operability of any alarm or intrusion detection system or portion thereof that could be directly exploited to allow undetected access to vital or Loss-of-Physical- material access areas such as (1) card reader access control Threat-Related Security-Effectiveness system malfunction so that unauthorized personnel could Events Events gain access to vital areas or (2) simultaneous failure of vital or material access area intrusion detection and threat Explicit Potential Major Moderate assessment equipment. 3 Uncom- k. Unavailability of minimum number of security pensated 1 hr 24 hr 1 hr 24 hr personnel. 3 Compen- 2. Events to be reported within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> after a member sated 1 hr 24 hr 24 hr login of the licensee's security organization or any other employee licensee's of the licensee is made aware of their occurrence include the records following:

For reporting purposes, any such events involving special nuclear a. Theft of security weapon at the site.

material of moderate strategic significance or associated facilities should be reported within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> or, if properly compensated, logged in a licensee's records. Such events involving special nuclear b. Confirmed tampering with security equipment.

material of low strategic significance or associated facilities need only be logged for reporting purposes.

c. Discovery of spurious identification badges, key Some events that have been identified as reportable by cards, or security locks and keys.

the NRC staff after application of the procedures of this guide are listed below. d. Theft of documents containing proprietary or classified security information.

1. Events to be reported within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after a member of the licensee's security organization or any other employee e. Unexplained fire or explosion within the isolation of the licensee becomes aware of the event include the zone, protected area, or controlled access area that could following: affect plant security.

a. Attempted or confirmed intrusions at vital material f. Sudden retirement, discharge, or resignation of key access, protected, or controlled access areas. security personnel if the event4 results in a moderate loss of physical security effectiveness.

b. Attempted intrusions into protected area by pro- testing groups. g. Security-related injury to a member of the security organization such as that caused by malfunctioning security c. Discovery of or attempted introduction of unau- equipment.

thorized weapons, explosives, or incendiary 2 devices inside the protected or controlled access areas. h. Sickouts or other labor problems affecting the

2 readiness of the security forces.

d. Bomb threats or extortion threats.

i. Any event that reduces the capability for offsite e. Mass demonstrations,

2 picketing, or other job actions communication to the local law enforcement agencies.

at the plant site. (This would not include loss of service of any one regular

2 telephone, even from an alarm station. However, it would f. Civil disturbances near the plant site.

3 These events do not have to be reported within one hour if properly compensated for in a timely manner; however, they have

2 to be reported within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br />.

These events should be evaluated and reported in accordance 4 with contingency plans. If the threat is more potential in character These events do not have to be reported if properly compensated than explicit, it can be reported within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> from the time it for in a timely manner; however, they do have to be recorded in the has been estimated to be in existence. licensee's records.

5-62.3

include loss or malfunction

4 of an alarm station radio or Classification and Transmittal of Sensitive Information hotline equipment.)

A report of a physical security event may contain information that is sensitive; such an event needs to be j. Failure or loss of operability of any alarm or intrusion protected from disclosure. Sensitive information can be detection system or portion thereof that could be directly proprietary, classified, or both. The licensee should review exploited to allow undetected access to the protected area an event to determine whether the information associated such as (1) simultaneous failure of any one perimeter intru- with the event is classified, proprietary, or unclassified. The sion alarm segment and threat assessment equipment or (2) determination of whether information is classified should undetected 4 failure of any one perimeter intrusion alarm be made by the licensee after referring to the NRC Classifi- segment. cation Guide for Safeguards Information (Appendix A to

10 CFR Part 95) and other applicable classification guides issued by other government agencies. The licensee is respon- k. Failure of perimeter 4lighting to an extent that sible for determining what information is categorized would impair threat assessment. proprietary.

If an event is categorized as proprietary, all the informa-

1.4 Loss of either the central or secondary alarm tion regarding the event can be transmitted to the NRC by station. an unsecured telephone and by first-class mail.

If an event is categorized as classified, the telephone m. Number of guards at transfer points of a shipment report to the NRC should convey only that an event that fewer4 than that required by the regulation or security meets the criteria of paragraph 73.71(c) of 10 CFR Part 73 plan. has occurred. The written report should be marked with the appropriate classification markings and handled accordingly.

Section 95.39, "External Transmission of Documents and n. Unexplainable security situations impeding the Materials," of 10 CFR Part 95 (45 FR 14488, March 5, 1980)

effectiveness of security to the limit defined in the physical contains the requirements for transmittal of classified docu- security plan. ments and material.

5.62-4

APPENDIX

REPORT OF SERIOUS PHYSICAL SECURITY EVENT

Date of Occurrence* Time of Occurrence*

Facility and Location Docket No.

Reporting Identification Symbol I License No.

Licensee's Occurrence Report No.

Brief Title (Subject)

Description of Event:

Response by Licensee:

Consequences at Facility:

Licensee Employee Reporting (Name) (Title) (Telephone)

NRC Staff Employee Receiving Phone Call (Name) (Title)

Time of Phone Call Date of Phone Call If Component Failed - Name of component supplier firm

- Number of similar components in use at licensee's facilities or in transportation system If date and time of occurrence are not known, indicate the date and time a member of the licensee's security organization or any other employee of the licensee became aware of the event.

5.62-5

VALUE/IMPACT STATEMENT*

The revision to Section 73.7 1, "Reports of Unaccounted- As a result, more explicit reporting requirements than For Shipments, Suspected Thefts, Unlawful Diversion, Indus- presently exist for certain physical security events are trial Sabotage or Events Which Significantly Threaten or Less- clearly needed. These explicit reporting requirements, as en the Effectiveness of Safeguards," of 10 CFR Part 73 described in Regulatory Guide 5.62 (Task SG 901-4),

includes the requirement that licensees report events that include the reporting of events that may not have been could significantly threaten or lessen the effectiveness of reported in the past under the requirements of 10 CFR

their physical security systems as established by regulations Part 21 as leading to a substantial safety hazard and put or by their NRC-approved physical security, contingency, NRC into an improved overview position from the stand- and security personnel qualification and training plans. point of maintenance of physical security effectiveness and reaction to physical security events.

  • Theoriginal draft valuejimpact statement for Draft Guide SG 9014, published in October 1979, and the value/impact and report justifica- tion analysis prepared for proposed amendments to Part 73, "Physical Protection of Plants and Materials," of 10 CFR Part 73, which have This guide provides guidance for identifying physical been revised to change .safeguards" events to "physical security" events security events that should be reported and recommends the but otherwise are still valid, are available for inspection at the NRC

Public Document Room, 1717 H Street NW., Washington, D.C. procedures for reporting them.

5.62-6

UNITED STATES

NUCLEAR REGULATORY COMMISSION

WASHINGTON, D. C. 20555 POSTAGE AND FEES PAID

OFFICIAL BUSINESS U.S. NUCLEAR REGULATORY

PENALTY FOR PRIVATE USE, $300 COMMISSION

I 194JbUUZ OU I I WILI

US NRC REGION I

OFFICE OF INSPECTION & ENFORCE

R J BORES

631 PARK AVENUE

REGION I

KING OF PRUSSIA PA 19406