ML20136D400
ML20136D400 | |
Person / Time | |
---|---|
Issue date: | 03/08/1985 |
From: | NRC |
To: | |
Shared Package | |
ML20136C160 | List:
|
References | |
FOIA-85-361 REGGD-05.062, REGGD-5.062, NUDOCS 8511210296 | |
Download: ML20136D400 (13) | |
Text
. . . . - -
- .._ ,. .2, .t. sn-....m.;- ~ ' G.A -^ "-"
^
' ~ '~ ~~'
, , ?.AR 8 793 l
t l
\
i REGULATORY GUIDE 5.62, REV. 1 REPORTING OF PHYSICAL SECURITY EVENTS t
I A. INTRODUCTION In 10 CFR Part 73, " Physical Protection of Plants and Materials,"
paragraphs 73.71(a)-(c) require licensees to report to the Operations Center of the Nuclear Regulatory Com.aission or record for quarterly transmittal to the NRC, certain safeguards events. These events are those which threaten nuclear activities or lessen the effectiveness of a security system as established by safeguards regulations or an approved security and/or contingency plan.
This regulatory guide provides an approach acceptable to the NRC staff for determining when and how an event should be reported. Examples are provided that represent the types of events that should be reported. These examples are not intended to be all-inclusive. The applicability of events may vary from site to site depending on the site layout.
B. DISCUSSION I
The NRC requires the information reportable under S 73.71 to keep the NRC informed of events with potential to endanger public health and safety. or
- - national security and to monitor trends in safeguards systems effectiveness.
Because certain significant safeguards events warrant immediate involve-ment by the NRC and possibly other government agencies, such as the FBI, these reports must be telephonically reported to the NRC within one hour of occur-rence and followed by a written, detailed report within thirty (50) days.
Certain other safeguards events which could not allow unauthorized or undetected access to a facility, either due to their nature or because they have been properly compensated, are required to be recorded in a log and copies of the recorded log submitted to the NRC every three months.
1 Attachment 2 8511210296 851022 PDR FOIA pg BELL 85-361
. = . ...u . .:w.~.- . - - - - -. ~- - - - - - ' - -
3 '*
. o P.!!R 8 35 A chart of reportable events and reporting times is included as Table 1, to this guide.
Reports of events are required to be legible and reproducible. Licensees subject to the provisions of 10 CFR 50.73 should prepare their written reports on NRC Forms 366 and 366A. Licensees not subject to these provisions should not use these forms but prepare their reports using a letter format. In both
- cases, the information requested in the Appendix to this* guide is considered sufficient for NRC analysis and evaluation and should be included as a minioum.
, Events of a dual nature, i.e. , having both safety and safeguards implica-
- tions and, therefore, subject to the requirements of SS 50.73 and 73.71, do not require duplicate reports. However, the licensee should indicate in the written I
report under what requirement the report is being made, i.e., S 50.73, S 73.71, or SS 50.73 and 73.71.
For the purposes of this guide the following definitions apply:
,t Safecuards system: The equipment, personnel, and procedures that ccmprise f the physical protection program necessary to meet the performance objectives of 10 CFR SS 73.20(a), 73.37(a), 73.50,.73.55(a), 73.60 or 73.67.
Safeguards events: Any incident representing an attempted, threatened, or actual breach of the safeguards system or a reduction of the operational effec-tiveness of that system.
Procerly comoensated: Establishing measures for particular safeguards events as specified in a security or contingency plan or security procedures.
If the safeguards event is not described in these plans, then " properly compen-sated" means measures implemented within 10 minutes of an event's discovery that provide a level of security essentially equivalent to that existing before the event. Guidance on acceptable compensatory measures may be found in NUREG 1045. Guidance on the Application of compensatory Safeguards Measures for Power Reactor Licensees.
C. REGULATORY POSITION I. Safeguards Events Reoortable Under S 73.71(a)
_ vents reportable under S 73.71(a) involve incidents in which a theft, loss, or diversion of_ a shipment of special nuclear material or spent fuel has occurred or is believed to have occurred. When a licensee or licensee agent 2 Attachment 2
Q.h L::- 1. -
- - . - - . ~ ^. '
.:~ ~ .~ ' - - ^ ~ ~ ~
~ * ~ ~
- j . .,
1 -
MR 8 1985 tj id discovers an actual or suspected theft, loss, or diversion, a telephonic p notification to the NRC Operations Center listed in Appendix A to Part 73 should be made within one hour of the discovery. Telephone notification should be made via the Emergency Notification System (ENS) if the licensee is party to that system. If the ENS is inoperative or unavailable, commercial telephone should
- first be used to ensure that the required notification is received by the NRC
, Operations center within one hour of discovery of the event. Commercial tele-phone numbers that may be used to contact the NRC Operations Center are:
(202) 951-0550, (301) 427-4056, (301) 427-4259 and (301) 492-8893. Other methods
, that may be used to ensure notification within one hour if commercial telephone is not available include telegram, mailgram, or facsimile. Telegrams and mail-
- grams should be hand delivered to the Operations Officer at the NRC Operations Center, Maryland National Bank Building, 7735 Old Georgetown Rd, Bethesda, MD.
4
, Fcr information concerning facsimiles, contact the NRC Operations Center at
[ (301) 492-8893. The licensee (or agent) should also provide the NRC Operations i
Center with telephonic notification within one hour of the recovery of or account- [
[ ability for the shipment, i.e., information such as: material located, dis-4 covery of reason for loss, e'tc. Telephonic reports made pursuant to S 73.71(a) may be transmitted over unprotected lines as permitted by the exemption in !
! S 73.21(g)(3). A follow-up written report must be submitted within 30 days of
- a telephonic report. Licensees not subject to the provisions of 10 CFR 50.73 l
- should use letter format in preparing their reports and include all the informa-
,}' tion described in the Appendix to this guide within their reports. These licensees shoulci submit one copy each of their written report to the U.S. Nuclear i
{' Regulatory Commission, Occument Control Desk, Washington, DC 20555, the appro-priate Regional Office listed in Appendix A to 10 CFR Part 73, and, if applic-j able, the appropriate NRC Resident Inspector. If pertinent information or errors are uncovered after the initial telephone report or the written report is'sub- ,
I
, mitted, the licensee should telephonically notify the NRC Operations Center of
- the information. If the information is uncovered after ~itten report submittal, the licensee should submit complete revised written reports to the Occument
_ Control Desk, the Regional Office and the NRC Resident Inspector, if applicable.
The revised report should be a complete entity and not contain only the supple-mentary or revised information.
All written recorts must indicate the recuirement under which the report J is submitted, i.e. , 5 50.73, S 73.71, or SS 50.72 and 73.71.
4 l 3 Attachment 2 l
f
ER S Yo5 II.a. Safecuards Event Reportable Under S 73.71(b)
As required by 5 73.71(b) and described in Appendix G the following safe-guards events must be reported within one hour: (1) acts, attempts, or threats to ccmmit: (a) theft or unlawful diversion of SNM or spent fuel, (b) signifi-cant physical damage to a licensed facility possessing SSNM or carrier transport-ing nuclear fuel or spent nuclear fuel, or (c) interruption of normal operation of a licensed nuclear power plant through unauthorized use of or tampering with its machinery, components, or controls; (2) any uncompensated failure or dis-covered vulnerability of the safeguards system that could be exploited to allcw unauthorized or undetected access to an area to which access is controlled by licensees possessing or transporting nuclear fuel, spent fuel, or strategic special nuclear material in quantities greater than 1000 grams of uranium-235 (contained in uranium enriched to 20 percent or more in the U-235 isotope) or more than 500 grams of uranium-233 or plutonium, or in a combination quantity of more than 1000 grams where computed by the equation, grams = (grams contained U-235) + 2 (grams U-233 + grams plutonium), and (3) all unauthorized entries through a required barrier whether the event is properly compensated or not.
All of the events described above should be reported telephonically to the NRC Operations Center listed in Appendix A to Part 73 within one hour of discovery of the event, followed by a written report within 30 days. Reports made pur-suant to S 73.71(b) can be transmitted over unprotected telephone lines as per-mitted by the exemption in S 73.21(g)(3). The written reports required under S 73.71(b) as described in Appendix G to Part 73 should be submitted on NRC Forms 366 and 366A if the licensee is subject to the requirements of 10 CFR 50.73. All other licensees should submit their reports in letter format. All should include the information described in the Appendix to this guide.
Licensees should submit one copy each of reports to the U.S. Nuclear Regula-tory Commission, Document Control Desk, Washington, DC 20555, the appropriate Regional Office listed in Appendix A to 10 CFR Part 73 and the appropriate NRC Resident Inspector, if applicable.
As stated previously, pertinent information or errors uncovered af ter initial telephone notification or written report submittal should be teleph-onically transmitted to the NRC Operations Center. If the information is uncovered after written report submittal complete revised reports should be submitted to the Regional Office, the NRC Headquarter's Document Control Desk ano the appropriate NRC Resident Inspector, if applicable.
4 Attachment 2
c-j .
- i. .
'SR RG If the written report contains restricted data, e.g., unclassified Safe- '
guards Information, the report must be appropriately marked. If NRC Forms 366 and 366A are used, restricted data may be included only in the text section of
- the forms (Item 17). Restricted data should not be included in the abstract section (Item 16) or any other section of the forms other than the text section.
.In addition, the text should clearly indicate the information that is restricted.
, Finally, the requirements of S 73.21(g) must be met when transmitting written proprietary information.
All written reports should indicate the requirements under which the
, report is submitted, i.e. S 50.73, S 73.71, or SS 50.73 and 73.71.
- b. Guidelines for Reasonable Belief i
For events that have been " threatened," the licensee should establish P
reasonable belief that an act of theft, damage or tampering will be attempted.
p; Reasonable belief is established under the following circumstances: (1) when j.' physical evidence exists that such an act may occur, or (2) when information
, I exists that supports a belief that an act of theft, tampering, or damage might
[5 be attempted.
- c. Acts, Attemots and Threats of Theft or Unlawful Diversion f Acts of theft or unlawful diversion reportable under S 73.71(b) include
[
any incident in which an individual has attempted, threatened, or succeeded in stealing 'or unlawfully diverting SNM or spent fuel.
i - d. Acts. Attemots, and Threats of Physical Damace Significant acts,of damage to a ~ licensed facility or carrier include any incident in which a person has attempted threatened, or succeeded in destroy-ing some part of a licensed facility or carrier whether or not the action would j result in a release exceeding the limits of 10'CFR Part 100.11. This may include '
minor incidents of damage when such acts are believed to be indicative of a S
' problem that may result in more significant events.
~5 Attachment 2
~~
~, . . _ ..__
39 81 egg
- e. Interruotion of Normal Ooerations at Nuclear Power Plants Nuclear power reactor licensees should report all events in which an indi-vidual has attempted, threatened, or succeeded in interrupting the normal operations of a licensed nuclear power plant through the tampering or unauthorized use of its machinery, components, or controls. Reports should be made whether or not the action could result in a release exceeding the limits of 10 CFR Part 100.11. Minor incidents should be reported if they are believed to be indicative of a problem that could result in more significant events.
- f. Safecuards System Failures and Vulnerabilities Required by 5 73.71(b) and included in Appendix G to Part 73 as events y that must be reported within one hour are uncompensated safeguards system 1 failures or discovered vulnerabilities which could permit unauthorized and i undetected access to an area to which access is controlled by licensees a possessing or transporting nuclear fuel, spent nuclear fuei, or strategic special nuclear material in quantities greater than 1000 grams of uranium-235 (contained in. uranium enriched to 20 percent or more in the U-235 isotope) or more than 500 grams of uranium-233 or plutonium, or in.a combination quantity of more than 1000 grams where computed by the equation grams = (grams con-tained U-235) + 2 (grams U-233 + grams plutonium). Sufeguards systems failures include not only mechanical or electrical system failures but also improper personnel procedures which could result in any one of the above conditions.
Discovered vulnerabilities include incidents where the security system has not failed; however, some flaw in the security system which had existed without being noticed has been discovered. For example, if a barrier has been designed with an opening to a vital area exceeding the 96 square inch criteria and this flaw is suddenly discovered, it should be immediately compensated, and logged in licensee records. If proper compensatory measures are not implemented within 10 minutes the vulnerability should be reported within one hour. The licensee should proceed with corrective measures.
Also required by 6 73.71(b) and included in Appendix G as events that must be reported within one hour are unauthorized entries through a required barrier whether or not the breach is properly compensated.
6 Attachment 2
SAR 8 $$5
- g. Examoles of Safecuards Events That Should be Recorted Within One Hour The following list provides examples of events to be reported to the NRC within one hour of discovery because of their potential to endanger public health and safety or national security. (This list should not be considered all-inclusive.)
(1) Attempted or confirmed intrusions ihto protected areas, material access areas, controlled access area or vital areas. This includes tailgating by employees / contractors to gain access to an area to which they.are not author-ized. (Note: Any unauthorized entry through a required barrier must always be reported within one hour whether or not the breach has been properly compensated.)
(2) Discovery of an introduc' tion or attempted introduction of unauthor-4 ized weapons, explosives, or incendiary devices into the protected area, con-trolled access areas, material access areas, or vital areas.
4 (3) Creaible bomb threats or extortion threats. In addition, a tele-phonic foliow up report of the results of a bomb search should be made within one hou of completion. If'a bomb threat is made where evidence suggests that.
it is not credible, it need not be reported.
(4) Uncompensated suspension of safeguards controls during emergency conditions which could allow undetected and unauthorized access.
(5) Discovery of a criminal act involving licensee personnel or contrac-tors (e.g., discovery of a conspiracy to bomb the facility or disturb its vital components, falsification of background screening certificates, etc.)
(6) Discovery of falsified identification badges, key cards, or locks and keys.
(7) Discovery of unaccounted for or unassigned key cards, and ID card blanks, keys and lock sets, or any access device that could allow unauthorized and undetected access to protected areas, material access areas, controlled access areas, or vital areas if not properly compensated.
(8) Theft or loss of documents containing Safeguards Information.
(9) Thef t or loss of classified documeets pertaining to facility or transport safeguards. (Note: Also reportable under 10 CFR 95.57).
(10) Fire or explosion of suspicious or unknown origin within the isola-tion zone, protected area, material access area, controlled access area, or vital area.
7 Attachment 2
'dAR 3 235 (11) Discovery of a suspicious vehicle following a licensed carrier.
(12) Mechanical breakdown of transport vehicle carrying SSNM.
(13) Uncompensated loss of both central and secondary alarm station abil-ity to monitor or remotely assess alarms, or communicate with off site sources.
(14) Unavailability of minimum number of security personnel or an actual or imminent strike by the security force.
(15) Uncompensated loss of all electrical power supply to security systems that would allow unauthorized or undetected access.
(16) Complete loss of offsite communications. The licensee should report the complete loss of offsite communications within one hour if possible or immediately after restoration of communications. If communications to off-site are lost and cannot be restored within an hour, then the licensee should use communications located offsite to notify 'the NRC.
(17) Uncompensated loss of a single intrusion detection system zone.
(18) Member of security force found asleep at post, uncompensated.
(19) Mass demonstration at plant site.
(20) Civil disturbance, within one mile of plant site if it is a threat to the facility.
(21) Compromise of safeguards information which would significantly assist an individual in an act of radiological sabotage or theft of special nuclear material.
III.a Safeguards Events Under S 73.71(c)
The safeguards events reportable under S 73.71(c) need only be logged within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> of their occurrence. Licensees should submit one copy each of their log entries to the U.S. Nuclear Regulatory Commission, Occument Control Desk, Washington, DC 20555, and if applicable the appropriate NRC Resident Inspector. Only those log entries not previously submitted should be provided.
The log maintained by licensees must be retained for three years after the last entry is made in each log.
Events reportable under S 73.71(c) may be divided into two categories.
The first contains any properly compensated failure or discovered vulnerability of the safeguards system that if left uncompensated could be exploited to allow unauthorized or undetected access to an area'to which access is controlled by licensees possessing or transporting nuclear fuel, spent nuclear fuel, or 8 Attacnment 2
@R 8U I
strategic special nuclear material in quantities greater than 1000 grams of uranium-235 (contained in uranium enriched to 20 percent or more in the U-235 isotope) or more than 500 grams of uranium-233 or plutonium, or in a combina-tion quantity of more than 1000 grams where, computed by the equation, grams =
(grams contained U-235) + 2(grams U-233 + grams plutonium). Preplanned situa-tions that require compensatory measures, such as special outage work, equip-ment relocation, exercises and drills, and other situations that are not the result of a safeguards system failure, do not require logging.
The other category that needs only to be logged contains. safeguards events involving safeguards systems failures that could not be exploited to allow unauthorized or undetected access, but do reduce the effectiveness of the safeguards system. Improper personnel procedures that result in safeguards systems failures as described in S 73.71(c) should be recorded in the log.
(See examples below.)
- b. Safeouards Event Loc J
~
In maintaining the log required pursuant to S 73.71, it is recommended that the licensee log the information as received and then summarize and update s
the log entry when the event terminates. However, licensees are required to log' entries within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> of the discovery of the event as required in S 73.71(c). Log entries should include as a minimum: date and time (specify duration in military time) of event, brief (one-line) description of event, brief (one-line) description of compensatory or corrective action (s) taken.
Every three months, the licensee is required to submit to the NRC Head-quarters, and if applicable the appropriate Resident Inspector, one copy each 4
of all log entries not previously submitted.
Events of similar nature logged and submitted to the NRC under S 73.71(c) may be consolidated into a single log entry if they occur repeatedly within the quarterly submittal period. Each date and time of the event should be specified for each occurrence. For example, if there is a repeated occurrence of a compensated computer failure and each failure is the result of the same problem, then only one log entry need be made. However, with each occurrence, the date, time, and duration of the event should be recorded in the log.
j As stated previously, the log must be retained for a period of three years after the last entry to each log.
9 Attachment 2
, ,~ , - - - - . - - -
gt s1885
- c. Examoles of Events Reouired to Se Recorded In the Licensee's Log
.i
~(1) . Security computer failures that do not assist in allowing unauthor-ized or undetected access, or are properly compensated.
(2) Card reader failures that have been properly compensated.
l (3) Loss of a single alarm station ability to monitor or remotely assess
- alarms, but dual offsite communication capability remains.
1 (4) CCTV camera failure in a single zone if intrusion detection system remains operational.
(5) Failure of a single perimeter lighting zone if intrusion detection system remains operational.
l (6) Loss of a single intrusion detection system zone that has been properly compensated.
! (7) Tailgating by licensee employee / contractor to gain access to an area that he or she h authorized to be in.
(8) Loss of inter-convoy communications ability.
j (9) Compromise'of safeguards information which would not significantly assist an individual in an act of radi'ological sabotage or theft of special ,
, ' nuclear material.
, (10) . Accidental removal offsite or loss of badge by imployees, if badge i is promptly cancelled.
- j. IV.a. Events Not Recuired to be Logged or Reported q Certain failures of the safeguards system that do not and could not reduce
- the effectiveness of the system have little or no safeguards significance.
i Events having little or no safeguards significance need not be reported or legged.
- b. Examoles of Events Not Required to be legged or Recorted. (This list should not be considered all inclusive.)
(1) Burned out alarm signal bulb which has a functioning annunciator alarm.
(2) If prior approval, coordination with security and proper' compensatory measures have been established, cuts made by authorized maintenance personnel through a vital ~ area barrier for a legitimate reason, for instance to install pipe.
(3) Child attempting to clima protected area fence.
10 Attachment 2
Table 1. Sunuuary of Reporting Requirements i
REQUIRED REPORTS DESCRIPTION OF SAFEGUARDS EVENT One hour telephonic report (1) Lost, unaccounted for, or recovered shipments of SNM or spent fuel. (Required followed by a written report by S 73.71(a).)
within thirty days. (2) Acts, attempts, or threats to commit (a) thef t or diversion of SNM or spent fuel, (b) damage to facility, transport, or fuel, or (c) interruption of normal operation of a licensed power reactor due to tampering. (Required by S 73.71(b)/
Appendix G to 10 CFR Part 73.)
(3) Uncompensated safeguards, system failures that could allow unauthorized or undetected. access into PA's, MAA's, CAA's, or VA's or a transport. (Required by S 73.71(b)/ Appendix,G to 10 CFR Part 73.)
(4) Any unauthorized entry through a required barrier. (Required by S 73.71(b)/
Appendix G to 10 CER Part 73.)
Safeguards event log, submitted (1) Properly compensated safeguards systems failures that if uncompensated could every three months allow unauthorized or. undetected access into PA's, MAA's, CAA's or VA's, or a transport. (Required by 5 73.71(c)/ Appendix G to 10 CFR Part 73.) ;
(2) Safeguards systems failures that degrade the effectiveness of the system but could not allow unauthorized or undetected access, whether compensated or not.
(Required by S 73.71(c)/ Appendix G to 10 CFR Part 73.)
1 it u
at
g3 8 ?!SS l
i Appendix Procedures for Precaring Written Safeouards Reports
- 1. If the facility is subject to 10 CFR 50.73, use of Form NRC 366 and 366A j
are required (see NUREG-1022 and Supplement 1 to NUREG-1022, " Licensee
' Event Report System" for additional information on the use of these forms). Facilities not subject to S 50.73 should not use these forms but should submit their information 'in a letter report.
- 2. For all events include,.as a minimum, the following information in the report. If the facility is subject to S 50.73, this information should be provided in the text area to Form NRC 366A. Multiple sheets of Fora NRC 366A may be used.
- a. Date and time of event, (start and end in military time).
- c. For power reactors, state, whether fuel present on site or not,
- d. Safety systems effected or threatened, directly or indirectly.
- e. ' Type of security force on-site, proprietary or contract.
f.
Number and type of personnel involved, i.e., contractors, security, visitors, NRC personnel,-other'(specify).
g.
Method of discovery of incident, e.g. , routine inspection, test, maintenance, alarm, chance, informant, communicated threat, unusual circumstances (give details).
- h. Procedural errors involved, if applicable.
- i. Immediate action (s) taken in response to event. ,
- j. Corrective action (s) taken or planned.
- k. Local, state, or federal law enforcement agencies contacted.
.l. Description of media interest and/or press release. -
- m. Indication of previous similar events
- n. Knowledgeable contact
- 3. For security system failures provide the following in addition to I Items 2.a.-l.
. a. Description 'of failed or malfunctioned equipment (including manu-
' fact.urer and model number).
- b. Apparent cause of each component / system failure. (For security-ccmputers list specific component (s) affected, e.g., central processor, peripheral / terminal equipment, software, etc.)
.c. Status of equipment prior to event, e.g. , secure, compensatory measures in place, etc.
-l2 Attachment 2
. _ _ _ .-._ __ _ .. . . _ . . __ =. .,
$R 8 35 l
- d. Secondary functions affected (for multiple function components).
- e. Effect on plant safety,
- f. Unusual conditions that may have contributed to failure, e.g.,
environmental extremes.
- 4. For threat related incidents, provide the following in addition to Items 2.a.-i.
- a. Number of perpetratcrs.
- b. Type of threat, e.g. , bomb, extortion, etc.
- c. Means of communication, e.g., letter, telephone, etc.
- d. Text of threat.
- e. Mode of operation.
9 t
f 1
i
)
I j ,
i 13 Attachment 2
= - _ _ _ _ _ _ _ _ _ _ _ _ - - - _ _ _ _ - _ _ _ _ _ _ - _ _ _ _ _ _ _ _ _ - . __