ML18270A155

From kanterella
Revision as of 21:53, 12 June 2019 by StriderTol (talk | contribs) (Created page by program invented by StriderTol)
Jump to navigation Jump to search
OIG-18-A-21 - Audit of Nrc'S Force-on-Force Security Inspections of Fuel Cycle Facilities Dated September 27, 2018
ML18270A155
Person / Time
Issue date: 09/27/2018
From: Baker B
NRC/OIG/AIGA
To: Margaret Doane
NRC/EDO
References
OIG-18-A-21
Download: ML18270A155 (20)
v  d  e


Text

Force-on-Force Security Inspections of Fuel Cycle Facilities OIG-18-A-21 September 27, 2018 All publicly available OIG reports (including this report) Web site at http://www.nrc.gov/reading-rm/doc-collections/insp-gen UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 OFFICE OF THE INSPECTOR GENERAL September 27, 2018 MEMORANDUM TO: Margaret M. Doane Executive Director for Operations FROM: Dr. Brett M. Baker /RA/ Assistant Inspector General for Audits

SUBJECT:

-ON-FORCE SECURITY INSPECTIONS OF FUEL CYCLE FACILITIES (OIG-18-A-21) Force-on-Force Security Inspections of Fuel Cycle Facilities. The report presents the results of the subject audit. Following the September 18, 2018, exit conference, agency staff indicated that they had no formal comments for inclusion in this report. Please provide information on actions taken or planned on each of the recommendation(s) within 30 days of the date of this memorandum. Actions taken or planned are subject to OIG followup as stated in Management Directive 6.1. We appreciate the cooperation extended to us by members of your staff during the audit. If you have any questions or comments about our report, please contact me at (301) 415-5915 or Eric Rivera, Team Leader, at (301) 415-7032.

Attachment:

As stated Office of the Inspector General U.S. Nuclear Regulatory Commission Defense Nuclear Facilities Safety Board Results in Brief Aud-on-Force Security Inspections of Fuel Cycle Facilities What We Found -on-force program for the Category I facilities is generally effective and inspections are conducted in a timely manner. -on-force program for Category I facilities by (1) improving the handling of 3-week force-on-force inspections more efficiently. A 2016 NRC classification bulletin changed the classification of database information from previous inspections and procedures were not developed to implement these changes. NRC has not developed detailed procedures for ensuring that classified information is handled appropriately on force-on-force inspections for Category I facilities. As a result, the lack of procedures could lead to an unauthorized disclosure of classified material. Force-on-force inspections at Category I facilities, consisting of 3 weeks of activities, can be completed more efficiently. The applicable inspection procedure has not been recently updated; thus, NRC may not be using its resources as efficiently as possible. What We Recommend This reports makes recommendations to: (1) develop and implement a procedure to ensure classified information is handled and secured properly on force-on-force inspections, and (2) update Inspection Procedure 96001 to revise how and when the target area inspection is conducted for Category I facilities. Agency management stated their general agreement with the findings and recommendations in this report. Why We Did This Review The Nuclear Regulatory Commission (NRC) has regulatory oversight of the security programs at two Category I fuel cycle facilities: BWX Technologies, Inc. located in Lynchburg, VA and Nuclear Fuel Services, Inc. located in Erwin, TN. Category I facilities are licensed to use and possess a formula quantity of strategic special nuclear material, which must be protected. -on-force inspections simulate combat between a mock adversary force and a inspection is designed to evaluate and improve the security force to defend their facility against a design-basis threat, which is a profile of the type, composition, and capabilities of an adversary. NRC and its licensees use the design basis threat to design systems to protect against acts of radiological sabotage and to prevent the theft or diversion of special nuclear material. The audit objective was to determine the effectiveness of the force-on-force program for fuel cycle facilities. OIG-18-A-21 September 27, 2018

-on-Force Security Inspections of Fuel Cycle Facilities ABBREVIATIONS AND ACRONYMS .......................................................... i I. BACKGROUND ................................................................................ 1 II. OBJECTIVE ...................................................................................... 4 III. FINDINGS ......................................................................................... 4 A. NRC Needs to Improve Handling and Securing Classified Information on Category I Facility Force-on-Force Inspections ............................................................................. 5 B. Category I Facility Force-on-Force 3-Week Inspection Could Be Completed More Efficiently ............................................... 7 IV. CONSOLIDATED LIST OF RECOMMENDATIONS ....................... 11 V. AGENCY COMMENTS ................................................................... 12 APPENDIX A. OBJECTIVE, SCOPE, AND METHODOLOGY ............................... 13 TO REPORT FRAUD, WASTE, OR ABUSE ............................................. 15 COMMENTS AND SUGGESTIONS .......................................................... 15 TABLE OF CONTENTS

-on-Force Security Inspections of Fuel Cycle Facilities i CAT Composite Adversary Team DOE Department of Energy NRC Nuclear Regulatory Commission OIG Office of the Inspector General SSNM Strategic Special Nuclear Material ABBREVIATIONS AND ACRONYMS

-on-Force Security Inspections of Fuel Cycle Facilities 1 Category I Fuel Cycle Facilities The Nuclear Regulatory Commission (NRC) has regulatory oversight of the security programs at two Category I fuel cycle facilities (Category I facilities)1: BWX Technologies, Inc. located in Lynchburg, VA and Nuclear Fuel Services, Inc. located in Erwin, TN. These facilities manufacture fuel for Government reactors and also process uranium for use in commercial nuclear power reactors (power reactors). Category I facilities are licensed to use and possess a formula quantity of strategic special nuclear material (SSNM), which must be protected. Purpose of Force-on-Force -on-force inspections simulate combat between a mock security force to defend their facility against a design-basis threat, which is a profile of the type, composition, and capabilities of an adversary. NRC and its licensees use the design basis threat to design systems to protect against acts of radiological sabotage2 and to prevent the theft or diversion of special nuclear material3. Adversary Force and DOE Equipment The Composite Adversary Team (CAT) is the mock adversary force for the Category I facilities force-on-force inspection. The CAT is composed of voluntary Department of Energy (DOE) security guards who leave their 1 Category I fuel cycle facilities use or possess at least a formal quantity of SSNM (strategic special Code of Federal Regulations 70.4 is = (grams contained in Uranium-235) + 2.5 (grams Uranium- 2 Radiological sabotage is a deliberate act against an NRC licensee that could directly or indirectly endanger the public health and safety by exposure to radiation. 3 Special nuclear material is defined by the Atomic Energy Act of 1954 as plutonium, uranium-233, or uranium enriched in the isotopes uranium-233 or uranium-235. I. BACKGROUND

-on-Force Security Inspections of Fuel Cycle Facilities 2 assigned post, at a DOE facility, to participate in the inspection. CAT members act as tactical operators who play the role of terrorist adversaries in the force-on-force inspection. NRC and DOE have an inequipment during the force-on-force inspections. The equipment uses lasers and blank ammunition to simulate actual battle or attack scenarios. Individuals have small laser sensors scattered on their body, which detect when the person has been illuminated by a firearms laser simulating an injury or death. a database. Classified Information Category I facilities conduct classified activities. Classified information could be used by an adversary to harm the U.S. or its allies and must be protected. classification bulletins identify the subject matter, the information that needs to be protected, and the classification level of the information. Composition of a Force-on-Force Inspection Force-on-force inspections are conducted at both Category I facilities and at commercial nuclear power plants. At Category I facilities, the inspections are conducted in accordance with NRC Inspection Procedure 96001, NRC Force-on-Force Inspections at Category I Fuel Cycle Facilities. At the commercial nuclear power plants, the mock adversary force attempts to reach and simulate damage to significant components of safety-related systems. These components are referand they potentially cause a radioactive release to the environment. At the Category I facilities, a similar process is used to assess the effectiveness ective strategy capabilities relative to the design basis threats of radiological sabotage and theft or diversion of strategic special nuclear material.4 4 10 CFR 73.1 is the regulation that references the design-basis threats for the Category I facilities.

-on-Force Security Inspections of Fuel Cycle Facilities 3 Force-on-force inspections at Category I facilities are conducted every 3 years (triennial), span 3 non-consecutive weeks, and include tabletop drills and simulated combat exercises between a mock adversary and the . Table 1 depicts the three site visits that comprise an inspection. Table 1: Force-on-Force Inspection Source: OIG Generated Each week of the force-on-force inspection has a separate purpose. The target area inspection week is to perform a target information analysis; the force-on-force exercises; and the exercise week is to observe the licensee perform two force-on-force exercises and analyze any findings. The inspection is conducted by a team composed of inspectors from NRC Headquarters, an inspector from Region II, and active duty military advisors. Active duty military advisors provide NRC with technical advice. 5 Although Inspection Procedure 96001 does not state how long target area inspection lasts, one inspector noted that at a recent BWX Technologies, Inc. inspection, a target area inspection took six hours shared between two days and included two days for travel. Inspection Category I Facility Program Power Reactor Program Target Area Inspection5 Planning Week Exercise Week

-on-Force Security Inspections of Fuel Cycle Facilities 4 Responsible NRC Offices The Office of Nuclear Security and Incident Response, Division of Security Operations, is responsible for the force-on-force inspections. Within the Division of Security Operations, the Security Performance Evaluation -based evaluations of licensee security programs, including force-on-force exercises and tabletop drills. In addition, an inspector from Region II is also part of the inspection team, as Region II inspectors conduct the core inspection program6 at BWX Technologies, Inc. and Nuclear Fuel Services, Inc. The audit objective was to determine the effectiveness of the force-on-force program for fuel cycle facilities. Appendix A contains information on the audit scope and methodology. -on-force program for the Category I facilities is generally effective and inspections are conducted in a timely manner. However, -on-force program for Category I facilities by (1) improving the handling of classified information on the inspections, and (2) completing 3-week force-on-force inspections more efficiently. 6 The core inspection program requires physical security areas to be inspected either annually, biennially, or triennially. The physical security areas include the following items: access authorization, access controls, contingency response, equipment performance, fitness for duty, material controls, target area reviews, security training, and protection of sensitive and classified information. The core inspection program also requires two material control and accounting inspections annually and a transportation security inspection once every three years. II. OBJECTIVE III. FINDINGS

-on-Force Security Inspections of Fuel Cycle Facilities 5 A. NRC Needs to Improve Handling and Securing Classified Information on Category I Facility Force-on-Force Inspections secured appropriately and is protected from unauthorized disclosure in accordance with regulations, Executive Orders, and NRC procedures. A 2016 NRC classification bulletin changed the classification of database information from previous inspections and procedures were not developed to implement these changes. NRC lacks clarity and consistency on how classified information is handled and secured because the agency has not developed detailed procedures for ensuring that classified information is handled appropriately on force-on-force inspections for Category I facilities. The lack of procedures could lead to an unauthorized disclosure of classified information. This audit did not detect any unauthorized disclosure of classified information. Classified Information Should Be Appropriately Handled and Protected Federal agencies, including NRC, should appropriately handle and protect classified information. Management Directive and Handbook 12.2, NRC Classified Information Security Programthat classified information is handled appropriately and is protected from unauthorized disclosure in accordance with regulations, Executive Orders, and NRC procedures. Handling and Securing Classified Information Can Be Improved NRC can strengthen handling and securing classified information at Category I facilities during force-on-force inspections. On March 2016, NRC signed an original classification decision and associated What Is Required What We Found

-on-Force Security Inspections of Fuel Cycle Facilities 6 Classification Bulletin CB-DBT-1,7 changing various points of classification and categorized information during the force-on-force inspections at a higher classification level. Currently, there are differing views among the NRC staff on whether the database used during Category I facility force-on-force inspections contain classified information. Some Staff Unclear Whether Classified Information is on the Database Some NRC staff are unclear as to how information is handled and secured for the database that is used to facilitate the Category I facility force-on-force inspections. For example, NRC staff stated that the database has contained classified information during prior Category I facility force-on-force inspections. Yet, other NRC staff members stated the database does not contain any classified information. Consequently, NRC staff have different interpretations on whether there is classified information on the database while the classification bulletin states Category I facilities possess classified information. Lack of Detailed Procedures There is a lack of clarity and consistency on how classified information is handled and secured because NRC has not developed a detailed procedure for the appropriate handling of classified information at Category I facilities during the force-on-force inspections. Unauthorized Access and Potential Leakage of Classified Information If NRC does not have strong effective internal controls with a detailed procedure for handling classified information at Category I facility force-on- 7 CB-DBT-1: Classification Guidance for the U.S. Nuclear Regulatory Commission Theft or Diversion Design-Basis Threat for Category I Fuel Cycle Facilities. Why This Occurred Why This Is Important

-on-Force Security Inspections of Fuel Cycle Facilities 7 force inspections, unauthorized parties may have access to classified information and there could be a potential leakage of classified information to adversaries. Recommendation OIG recommends that the Executive Director for Operations 1. Develop and implement a procedure to ensure classified information is handled and secured properly on force-on-force inspections for Category I fuel cycle facilities. B. Category I Facility Force-on-Force 3-Week Inspection Could Be Completed More Efficiently Principles of Good Regulation states when there are several effective options, the agency should adopt the one that minimizes the use of resources. However, force-on-force inspections at Category I facilities consist of 3 weeks of activities (target area inspection week, planning week, and exercise week), which could be completed more efficiently. This is happening because the applicable inspection procedure has not been recently updated; thus, NRC may not be using its resources as efficiently as possible. NRC Regulations Should Be Efficient Efficiency is one of the principles that guides how NRC carries out its regulatory activities, as stipulated in Principles of Good Regulation. Specifically, this principle states that where several effective alternatives are available, the option which minimizes the use of resources should be adopted. What Is Required

-on-Force Security Inspections of Fuel Cycle Facilities 8 Category I Facility 3-Week Force-on-Force Inspections Can Be Completed More Efficiently Category I Facilities The force-on-force inspections for Category I facilities can be completed more efficiently. Currently, the force-on-force inspection for the Category I facilities is comprised of 3 weeks (target area inspection week, planning week, and exercise week). The target area inspection week is to perform protective strategy and to plan the force-on-force exercises; and the exercise week is to observe the licensee perform two force-on-force exercises and to analyze findings. Notably, in practice, target areas are eek. Power Reactors In comparison, the NRC inspection team for power reactors completes the force-on-force inspection (a) in 2 weeks (planning and exercise) and (b) the target set inspection (power prior to the force-on-force inspection. NRC Staff, Advisors, and Licensee Opinions NRC staff, advisors, and licensee staff noted that dedicating a full week to target area inspection is unnecessary.8 For example, 13 out of 23 of these individuals noted that the target area inspection week is unnecessary and may be completed without having a full week dedicated to a target area inspection. This opinion is further supported by a June 5, 2018, memorandum from the Security Oversight and Support Branch, Division of Security Operations, which concluded that the additional week allotted for 8 Although Inspection Procedure 96001 does not state how long target area inspection lasts, one inspector noted that at a recent BWX Technologies, Inc. inspection target area inspection took six hours shared between 2 days and included 2 days for travel. What We Found

-on-Force Security Inspections of Fuel Cycle Facilities 9 the target area inspection at Category I facility force-on-force inspections was unnecessary. Inspection Procedure 96001 Has Not Recently Been Updated Inspection Procedure 96001 for Category I facility force-on-force inspection has not been recently updated. Inspection Procedure 96001 was last update-on-force Inspection Procedure 71130.039 was last updated in 2016. Cognizant interviewees attributed the difference in the frequency of updates to the -on-force program taking precedence over the -on-force program because there are more power reactors compared to the two Category I facilities that have force-on-force inspections. NRC May Not Be Using Its Resources Efficiently NRC may not be using its resources as efficiently as possible when conducting Category I facility force-on-force inspections. Inspectors use NRC travel funds to travel to the Category I facilities for the force-on-force inspections. The travel cost for three inspectors to attend the target area inspection at BWX Technologies, Inc. in Lynchburg, VA, which is currently performed in a single week, can total $2,093. Additionally, when inspectors travel to conduct the target area inspections, they are taken away from performing other tasks at their normal duty stations. When inspectors are at their normal duty stations, they are able to work on regular work-related tasks. The June 5, 2018, Security Oversight and Support Branch memorandum stated that the target area review week is an unnecessary NRC travel expense and an unnecessary burden on the licensee. As such, if the target area inspection is combined in one of the other 2 remaining weeks 9 Contingency Response Force-on-Force Testing, dated December 22, 2016. Why This Occurred Why This Is Important

-on-Force Security Inspections of Fuel Cycle Facilities 10 or conducted by non-headquarters inspectors, the agency could save resources. Recommendation OIG recommends that the Executive Director for Operations 2. Update Inspection Procedure 96001 to revise how and when the target area inspection is conducted and consider options such as: Allow Region II to conduct target area inspection prior to the force-on-force inspection, or Conduct target area inspection during planning week.

-on-Force Security Inspections of Fuel Cycle Facilities 11 OIG recommends that the Executive Director for Operations 1. Develop and implement a procedure to ensure classified information is handled and secured properly on force-on-force inspections for Category I fuel cycle facilities. 2. Update Inspection Procedure 96001 to revise how and when the target area inspection is conducted and consider options such as: Allow Region II to conduct target area inspection prior to the force-on-force inspection, or Conduct target area inspection during planning week. IV. CONSOLIDATED LIST OF RECOMMENDATIONS

-on-Force Security Inspections of Fuel Cycle Facilities 12 An exit conference was held with the agency on September 18, 2018. After reviewing a discussion draft, agency management provided comments that have been incorporated into this report, as appropriate. As a result, agency management stated their agreement with the findings and recommendations in this report and opted not to provide formal comments for inclusion in this report. V. AGENCY COMMENTS

-on-Force Security Inspections of Fuel Cycle Facilities 13 Appendix A Objective The audit objective was to determine the effectiveness of the force-on-force program for fuel cycle facilities. Scope force-on-force program at Category I fuel cycle facilities. OIG conducted this performance audit from February 2018 to June 2018 at NRC headquarters (Rockville, MD) and BWX Technologies, Inc. (Lynchburg, VA). Internal controls related to the audit objectives were reviewed and analyzed. Methodology To accomplish the audit objective, OIG reviewed relevant Federal laws, regulations, and guidance including Atomic Energy Act of 1954, as amended. Energy Policy Act of 2005. NRC Regulatory Guide: 5.70, Guidance for the Application of the Theft and Diversion Design-Basis Threat for Category I Fuel Cycle Facilities, dated February 10, 2017. Management Directive and Handbook 12.2, NRC Classified Information Security Program, dated June 25, 2014. Principles of Good Regulation. Inspection Manual Chapter 1245, Qualification Program for New and Operating Reactor Programs, dated August 24, 2017. Inspection Manual Chapter 1247, Qualification Program for Fuel Facility Inspectors in the Nuclear Material Safety and Safeguards Program Area, dated October 28, 2014. OBJECTIVE, SCOPE, AND METHODOLOGY

-on-Force Security Inspections of Fuel Cycle Facilities 14 Inspection Procedure 96001, NRC Force-on-Force Inspections at Category I Fuel Cycle Facilities, dated August 24, 2011. Inspection Procedure 71130.03, Contingency Response Force-on-Force Testing, dated December 22, 2016. Naval Nuclear Propulsion Program Composite Adversary Team Qualification Standard, dated April 2018. OIG also reviewed the full inspection reports for Category I fuel facilities force-on-force inspections for the last three cycles and resources associated with facilitating the inspections. OIG conducted interviews of NRC staff and management and licensees to gain an understanding of the roles and responsibilities related to the triennial force-on-force inspection at Category I facilities. Auditors interviewed staff from the Office of Nuclear Security and Incident Response, Region II, and licensee staff at BWX Technologies, Inc. and Nuclear Fuel Services, Inc. OIG auditors also accompanied inspectors on their inspections at BWX Technologies, Inc. in January, March, and April 2018 and observed the target area inspection, planning week, and exercise week. We conducted this performance audit in accordance with generally accepted Government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. Throughout the audit, auditors considered the possibility of fraud, waste, and abuse in the program. The audit was conducted by Beth Serepca, Team Leader; Eric Rivera, Team Leader; Kristen Lipuma, Audit Manager; Jenny Cheung, Senior Auditor; and Magdala Boyer, Auditor.

-on-Force Security Inspections of Fuel Cycle Facilities 15 Please Contact: Email: Online Form Telephone: 1-800-233-3497 TTY/TDD: 7-1-1, or 1-800-201-7165 Address: U.S. Nuclear Regulatory Commission Office of the Inspector General Hotline Program Mail Stop O5-E13 11555 Rockville Pike Rockville, MD 20852 If you wish to provide comments on this report, please email OIG using this link. In addition, if you have suggestions for future OIG audits, please provide them using this link. TO REPORT FRAUD, WASTE, OR ABUSE COMMENTS AND SUGGESTIONS

Retrieved from "https://kanterella.com/w/index.php?title=ML18270A155&oldid=1640329"