Text

TRAVIS RYAN LEACH

NRC OVERVIEW OF SECURITY TRAINING PROGRAMS AT NUCLEAR POWER REACTOR SITES

TRAVIS RYAN LEACH United States Nuclear Regulatory Commission Rockville, Maryland, United States Email: travis.leach@nrc.gov

NRC Overview of Security Training Programs at Nuclear Power Reactor Sites

Security training provides the knowledge, skills, and abilities that enable as signed individuals to effectively protect nuclear power plants (NPP) in the United States (U.S.) agai nst the U.S. Nuclear Regulatory Commissions (NRCs) design-basis threat of radiological sabotage. Each NRC power reactor li censee is required to implement a training program as part of its NRC-approved training and qualification plan.

The training and qualification plan provides the basic building blocks for a licensee security organizations capacity to execute its physical protection program, as required. To ensure an effective program to support the licensees security mission, the requirements establish adequately trained, equipped, and qualified individuals to perform their assigned duties and responsibilities. The training program consists of different el ements to deliver instruction ranging from, but not limited to, classroom training, hands-on demonstrations of critical tasks, live weapons handling and qualifications, on-the-job training, and a performance evaluation program that evaluates the capability of the armed response team to carry out its assigned duties and responsibilities during contingency events. The NRC conducts biennial (once every 2 years) inspections of each NRC licensees security training programs to verify that the li censee is complying with the NRC requirements, NRC -approved security plans, and any other applicable requirements.

1. INTRODUCTION

The NRC, as the regulatory authority responsible for licensing and overseeing the nuclear industry in the U.S., plays a critical role in ensuring the safety and security of civilian nuclear facilities. Through an examination of the NRCs regulatory requirements, training methodologies, and compliance mechanisms, the paper provides a comprehensive overview of the security training progr am framework for NPPs in the U.S. It explores the significance of effective training for maintaining robust nuclear security measures and discusses the challenges and advances in this domain.

The protection of NPPs against security threats is of paramount importance to safeguarding public health and safety and the environment. The NRC mandates comprehensive security training programs for personnel involved in the operation and protection of NPPs. Securi ty training provides the building blocks of an NPPs security organization, instilling the necessary knowledge, skills, and abilities for that organization to implement the licensees security policies, procedures, and post orders. An effective training program, demonstrated through successful NRC licensing and oversight, helps to give the NRC high assurance 1 that the NPP licensees activities are not inimical to the common defense and security and do not constitute an unreasonable risk to the public health and safety. Additionally, an effective NPP security training program enables the community surrounding an NPP to be confident that the facility is adequately protecting the public and the environment.

2. REGULATORY FRAMEWORK

Paragraph 73.55(c)(4) of Title 10 of the Code of Federal Regulations (10 CFR) requires every NPP licensee to establish, maintain, and implement a training and qualification plan that describes how it will implement the 1 The Commission stated in Staff Requirements Memorandum (SRM)-SECY-16-0073, Options and Recommendations for the Force-on-Force Inspection Pr ogram in Response to SRM-SECY-14-0088, issued October 5, 2016 (Agencywide Documents Access and Management System (ADAMS) Accession No. ML16279A345), that the concept of high assurance of adequate protection found in the NRC security regulations is equivalent to reasonable assurance when it comes to determining what level of regulation is appropriate. The Commission reiterated this point in SRM-SECY-18-0076, Options and Recommendations for Physical Security for Advanced Reactors, issued November 19, 2018 (ADAMS Accession No. ML18324A469).

1 IAEA-CN-327/00

security training requirements in Section VI, Nuclear Power Reactor Training and Qualification Plan for Personnel Performing Security Program Duties, of Appendix B, General Criteria for Security Personnel, to 10 CFR Part 73, Physical Protection of Plants and Materials. Revision 1 to Regulatory Guide (RG) 5.75, Training and Qualification of Security Personnel at Nuclear Power Reactor Facilities, issued March 2021, provides detailed guidance to help licensees develop and implement security training programs. NRC requirements are legally binding regulations that must be followed by licensees and other entities involved in nuclear activities set forth in the CFR. NRC guidance documents provide recommendations and best practices for complying with the requirements. While not legally binding, following NRC guidance is often considered a prudent approach to ensure compliance and enhance safety.

NPPs licensed by the NRC must ensure that security personnel, weapons, and equipment meet the requirements in Appendix B. Those requirements can be categorized into three general areas: (1) employment suitability and qualifications; (2) duty and weapons training; and (3) weapons, personal equipment, and maintenance. From a strategic perspective, those security training requirements are designed to ensure that licensee security personnel possess three primary attributes so that they can adequately perform their assigned duties: (1) general mental and physical abilities, (2) job knowledge and proficiency in the skills and abilities needed to perform their duties in the relevant environment(s) and defend against the design-basis threat adversary, and (3) appropriate and serviceable weapons and equipment.

2.1. Employment suitability and qualifications

Individuals must meet minimum suitability requirements before licensees assign them to their security organizations. Suitability requirements in Appendix B include a prospective security officers education level, age, criminal history, and successful completion of a background check. Potential security officers are also screened medically (i.e., physically, psychologically, and for fitness) to verify that they do not have any conditions that would limit their ability to perform their assigned security functions.

Consistent with Appendix B, NPP licensees are required to identify in the NRC-approved training and qualification plans the knowledge, skills, and abilities required by personnel who are assigned to perform security duties and responsibilities. There are 28 minimum critical tasks outlined in RG 5.75 that represent one acceptable method of meeting that requirement. Security personnel qualify on these critical tasks using up to four different methods: Must Perform, Perform, Simulate, and Discuss as described below:

(1) Must Perform: The individual must actually perform the indicated task under the supervision of a qualified individual. This element or critical task must be performed annually and is not subject to the SAT analysis process.

(2) Perform: The individual performs the actual task. However, where there is an alternate approach listed, then that may be used to demonstrate adequate ability to perform the task (e.g., written examinations).

(3) Simulate: The individual simulates, under realistic conditions, the completion of the indicated task.

(4) Discuss: The individual must be orally examined to determine the adequacy of knowledge to perform the indicated task.

Understanding that knowledge, skills, and abilities are perishable, licensees training and qualification plans are required to provide periodic requalification and remedial training, as needed, whether it be quarterly, annually, or on a triennial basis. Licensees security training programs also include site-specific information based on any strategies or tactics employed, and the guidance in RG 5.75 may not address this information. Examples include methodologies unique to a sites physical protection program, such as State laws regarding use of deadly force, remotely operated weaponry, or armored vehicles.

2.2. Duty and weapons training

The duty and weapons training required by Appendix B includes on-the-job training (OJT), written exams, hands-on performance demonstrations, tactical response drills, force-on-force (FOF) exercises, and firearms TRAVIS RYAN LEACH

training and qualifications. Security personnel who are re sponsible for implementing an NPPs protective strategy are required to successfully complete a minimum of 40 hours4.62963e-4 days <br />0.0111 hours <br />6.613757e-5 weeks <br />1.522e-5 months <br /> of OJT, score at least 80 percent on written exams, and perform hands-on demonstrations to validate that they have the knowledge, skills, and abilities to effectively respond to security contingency events. These activities cover topics such as use of force, cover and concealment, tactical movement, communications, command and control, and potential adversary targets.

Tactical response drills and FOF exercises are components of contingency response training and are required to be conducted under conditions that simulate, as closely as practicable, the site-specific conditions under which security force members may be required to perform assigned duties and responsibilities during an attack. The mock adversary force used during licensees FOF exercises must replicate, as closely as possible, the adversary characteristics and capabiliti es of the NRCs design -basis threat of radiological sabotage. Those mock adversary forces replicate, as closely as possible, the adversary characteristics and capabilities of the design -basis threat, so they can challenge and attempt to exploit licensees protective strategies, personnel, command and control, and other physical protection program elements.

Armed security personnel must complete firearms training to demonstrate basic skills and the safe handling of assigned firearms. The objective is to conduct firearms training drills and courses of fire to teach the necessary skills and abilities to armed security personnel. Certain elements must be incorporated in the weapons training program including, but not limited to, combat firing (day and reduced light), safe weapons handling, firing under stress, and weapons malfunctions. Each member of an NP Ps security force must participate in weapons range activities at least three times per year.

For training to be as realistic as possible, the NRC requires licensees to qualify their security personnel with each assigned weapon using live ammunition. Security officers must score a minimum of 80 percent on all three annual rifle qualification courses: daylight, night fire, and tactical. When security personnel qualify with handguns, they must score at least 70 percent on the daylight and night fire courses. Consistent with the guidance in Revision 1 to RG 5.75, the NRC expects an NPP licensees night-fire qualification course(s) to replicate the expected loss-of-lighting conditions at the site and its tactical rifle qualification course to reflect specific implementation aspects that the licensee identifies in its contingency plan, licensee Training and Qualification plan, and implementing procedures. For example, if a licensees protective strategy incorporates movement, cover and concealment, and bullet-resisting enclosures or other defensive fighting positions, the NRC expects the licensee to include those tactics and elements in its tactical rifle qualification course.

2.2.1 Firearms training simulators

Firearms training simulators (FATS) are computer-based systems designed to simulate shooting scenarios for law enforcement, military, and civilian training purposes. These simulators use realistic graphics, audio effects, and sometimes even recoil simulation, haptic feedback, or breachable doors to create immersive training experiences. They allow trainees to practice marksmanship, decision-making, and situational awareness in a controlled environment, improving their skills without the need for live ammunition. Additionally, these simulators can provide immediate feedback and performance metrics to help users track their progress and identify areas for improvement.

Licensees can employ two types of FATS (i.e., firearms-based and non-firearms-based) 2 and use FATS to satisfy two types of requirements: skills training and firearms proficiency (i.e., range activities). Depending on 2 Firearms-based FATS use actual firearms that (1) meet the definition of a firearm in Title 18 of the United States Code, section 921(a)(3)(A), and (2) are modified so that they function safely with the FATS while remaining capable of being readily restored to their original configurations. Non-firearms-based FATS use weapons that are referred to by several names, including inert, replica, or simulated fir earms, and they exist in a variety of forms. One end of the spectrum is represented by molded weapons with no functi oning components other than triggers that control the FATS lasers. The other end of the spectrum includes advanced FATS weapons that may look and perform exactly like actual firearms, but at least one internal component (e.g., firing pin, gas system, chamber) has been modified to render them permanently incapable of firing live ammunition.

3 IAEA-CN-327/00

the type of FATS licensees use and the extent to which licensees can demonstrate that they meet the firearms and weapons training requirements in Appendix B, the NRC staff determined in 2019 that FATS may be an acceptable method for NPP licensees to satisfy use-of-force and ot her firearms or weapons-related training requirements, including day and night combat firing, target identification and engagement, sight adjustments, firearms handling drills, and cover and concealment. The NRC also determined that licensees may be able to use FATS to expand the scope of their firearms training. For example, FATS can minimize the risk of training security personnel to shoot while moving, which licensees may consider too dangerous with live ammunition. The NRC concluded that licensees may be able to use firearms-based FATS to satisfy one of the three range activities required annually. It is important to note, however, that the NRC does not consider FATS to be an acceptable method for meeting the firearms qualification requirements in Appendix B, regardle ss of the type of FATS that NPP licensees use. Figure 1 depicts the NRCs policy on the acceptable uses of FATS and firearms.

Requirement Non-Firearms-Based FATS Firearms-Based FATS Firearms

Familiarization Acceptable Acceptable Acceptable (to the extent demonstrated) (to the extent demonstrated)

Other firearms & Acceptable Acceptable Acceptable weapons training (to the extent demonstrated) (to the extent demonstrated)

Use of force Acceptable Acceptable Acceptable (to the extent demonstrated) (to the extent demonstrated)

Range activity Not acceptable Acceptable Acceptable (once per year)

Qualification Not acceptable Not acceptable Acceptable

FIG 1. Comparison of the uses that the NRC finds acceptable for FATS and firearms.

2.3 Weapons, personal equipment, and maintenance

The NRC requires licensees to equip each member of the security organization with, or ensure that those individuals have ready access to, all personal equipment or devices required by their duties to effectively implement Commission-approved security plans and protective strategies. Consistent with Appendix B, the licensee must provide armed personnel with contingency weapons and ammunition for use in implementing the site protective strategy. Licensees typically identify in their security plans the type and quantity of weapons and ammunition that they intend to use. Other devices that licensees may opt to employ as part of their protective strategies include full-face gas masks, body armor (e.g., bullet-resistant vests), ammunition/equipment belts, and two-way portable radios. If using any of these additiona l devices or equipment, the licensees typically develop and implement written programs that outline the specific procedures and elements required for their use.

3. FIREARMS AND SECURITY TRAINING INSTRUCTORS

The NRC requires licensees to have certified firearms instructors and armorers. Firearms instructors must be trained and certified by a State or nationally recognized entity for each weapon type (e.g., handgun, rifle, shotgun) that they use to teach, familiarize, or qualify licensee security personnel. Firearms instructors are required to recertify at least every three years. The NRC also requires armorers to be certified before performing maintenance on any weapon that is used by a licensees security organization to defend against the design -basis threat of radiological sabotage.

Security training instructors at the licensee sites play a crucial role in educating personnel on security protocols related to nuclear security. Their role involves developing and delivering training programs related to security measures, emergency response, and regulatory compliance. They instruct personnel on maintaining the security of nuclear facilities, preventing unauthorized access, and responding effectively to potential threats. The NRC has no requirements for the certification of security training instructors, but licensees typically assign such TRAVIS RYAN LEACH

duties to individuals who have strong nuclear security or military backgrounds, knowledge of relevant regulations, experience with lesson plan design and delivery, effective communication skills, and the ability to adapt training to evolving security concerns.

4. REGULATORY GUIDANCE

The NRC issued guidance in RG 5.75 to describe approaches and methodologies that the staff considers acceptable for licensees to use to meet the Commissions security training and qualification requirements. There are currently two active revisions of RG 5.75, Revision 0 and Revision 1, and licensees must document in their physical security plans which revision they follow to develop, implement, and maintain their training and qualification plans. The most current revision of this RG provides comprehensive guidance to licensees regarding their performance evaluation programs, including tactical response drills, FOF exercises, and mock adversary forces; weapons training; and training and qualification for individuals who are assigned to, or support, licensees security organizations.

5. SYSTEMATIC APPROACH TO TRAINING

The Systematic Approach to Training (SAT) is an example of an acceptable approach that licensees can use to develop, implement, and maintain their security Trai ning and Qualification Plans. As stated in 10 CFR 55.4, Definitions, the term Systems [or Systematic] Approach to Training means a training program that includes the following five elements:

(1) Systematic analysis of the jobs to be performed.

(2) Learning objectives derived from the analysis which describe desired performance after training.

(3) Training design and implementation based on the learning objectives.

(4) Evaluation of trainee mastery of the objectives during training.

(5) Evaluation and revision of the training based on the performance of trained personnel in the job setting.

While 10 CFR Part 55, Operators Licenses, applies sp ecifically to licensed operator training, the NRC encourages licensees to use these same elements to satisfy the Commissions security training requirements for all personnel assigned duties and responsibilities directly associated with the effective implementation of Commission-approved security plans and protective strategies. The SAT process typically involves assessing needs, designing a program, delivering content, and evaluating effectiveness. Revision 1 to RG 5.75 describes a SAT model that was included in the Institute of Nuclear Power Operations document INPO-AP-921, Principles of Training System Development, issued June 1997 (no longer available). That model comprised five phases in what was referred to as the ADDIE concept (i.e., analysis, design, development, implementation, and evaluation) to ensure a comprehensive and effective training process. The flow chart in Figure 2 depicts the ADDIE model.

5 IAEA-CN-327/00

FIG. 2. Analysis, Design, Development, Implementation, and Evaluation (ADDIE) Model

6. ON-THE-JOB TRAINING

OJT helps to ensure that security officers will be able to effectively apply the knowledge, skills, and abilities that may be required to perform assigned duties and responsibilities associated with licensees security and safeguards contingency plans and implementing procedures. Licensee training and qualification programs must include OJT performance standards and criteria to ensure that individuals demonstrate the requisite knowledge, skills, and abilities to effectively carry out assigned duties and responsibilities before they are assigned. The NRC requires licensees to use OJT to ensure that individuals have adequate hands-on experience with, and knowledge of, security functions before they are considered qualified or assigned security duties and responsibilities. For all individuals who are responsible for implementing licensees safeguards contingency plans (e.g., armed security officers, armed responders, alarm station operators, response team leaders, security shift supervisors, alarm station operators), NRC requirements mandate a minimum of 40 hours4.62963e-4 days <br />0.0111 hours <br />6.613757e-5 weeks <br />1.522e-5 months <br /> of OJT that covers at least the specific topics listed in Appendix B.

7. PERFORMANCE EVALUATION PROGRAMS

The NRC requires licensees to develop, implement, and maintain performance evaluation programs that describe how the licensees demonstrate and assess the effectiveness of their physical protection programs and protective strategies, including the capability of the armed personnel to carry out their assigned duties and responsibilities during safeguards contingency events. Performance evaluation programs involve periodic drills, scenario-based exercises, and objective assessments to me asure the effectiveness of licensee security measures.

Two vital components of licensees security performance evaluation programs are tactical response drills and FOF exercises, which licensees design and conduct to demons trate and assess the effectiveness of their physical protection programs and contingency event response. Licensees often implement continuous improvement strategies based on evaluation outcomes to enhance overall security performance.

Tactical response drills provide licensees with a structured process to train their security personnel and evaluate key elements of their protective strategies by focusing on specific aspects of a strategy without conducting more resource -intensive FOF exercises. The N RC requires licensees to conduct tactical response drills at least quarterly with every member of their security organizations, and the drills must be one of three types:

tabletop, timeline, or limited scope. Tabletop drills are discussion-based exercises, typically involving facility models, and are intended to demonstrate the validity of protective strategies. Tabletop drills allow security force TRAVIS RYAN LEACH

members to verbally demonstrate their understanding of a site protective strategy, as well as their individual contingency response requirements that contribute to the strategy. Licensees use timeline drills to demonstrate the security responder timelines required for implementation of their protective strategies. Timeline drills enable licensees to test the validity of (1) individual responder timelines or (2) the ability of all armed security personnel to respond to their assigned contingency positions within an established protective strategy implementation timeline. Licensees conduct limited-scope tactical response drills to evaluate the ability of one or more security response force members to effectively implement protective strategy-related responsibilities when faced with a partial or full mock adversary force.

FOF exercises are integrated response drills that enable licensee security forces to implement site protective strategies against a mock adversary force with the characteristics and attributes of the NRCs design-basis threat of radiological sabotage. Licensees design FOF exercises to train or evaluate their armed security force personnel on the complete implementation of site protective strategies and to evaluate and improve those strategies when necessary. FOF exercises can be one of three types: fully integrated, security response, or limited scope. Fully integrated FOF exercises involve onsite and offsite departments or entities (e.g., security, reactor operations, emergency preparedness, local law enforcement). Licensees use this type of FOF exercise to validate the minimum number of dedicated response force personnel needed to demonstrate that a sites protective strategy is effective against a mock adversary force with the full characterist ics and attributes of the design-basis threat. The NRC requires licensees to conduct at least one fully integrated FOF exercise annually to ensure that the licensees are prepared for an actual safeguards contingency event. S ecurity response FOF exercises are the same as fully integrated FOF exercises, except that security response FOF exercises do not involve other onsite or offsite departments or entities. The NRC requires all members of licensees security organizations to participate in a fully integrated or security response FOF exercise at least once per year. Licensees can conduct limited-scope FOF exercises with fewer than the dedicated number of security force personnel or less than a full complement of mock adversaries to execute limited scenarios that licensees may want to test. The NRC permits licensees to conduct limited scope FOF exercises in lieu of fully integrated FOF exercises only for those security personnel who are unable to participate in fully integrated or security response exercises because of illness, family leave, military deployment, or other unavoidable circumstances.

Various mock adversary forces are used during licensee-conducted FOF exercises and NRC-graded triennial FOF exercise inspections. RG 5.75 outlines the training and qualification guidelines for licensees mock adversary force members. Prospective members of the mock adversary force successfully complete initial and annual physical qualifications before they complete position-specific training or serve as mock adversary force members during licensee-conducted tactical response drills or FOF exercises. Physical qualification for mock adversary force members includes a medical evaluation by a licensed physician, a 1-mile run in 81/2 minutes or less, and a 40-yard prone-to-run dash in 8 seconds or le ss. Training and qualification topics include, but are not limited to, weapons and explosives capabilities, cover and concealment, individual and team tactical movements, physical security systems and barriers, combat simulation equipment, and other specialized equipment.

Security controllers are an integral part of licensees FOF exercise processes. Security controllers are individuals or teams responsible for planning, coordinating, and overseeing security exercises; they also design scenarios, simulate security threats, and manage the exercises to evaluate the effectiveness of licensees security measures. However, the primary roles of security controllers are to maintain the integrity and safety of FOF exercises. Their roles are crucial for creating realistic and challenging scenarios with which licensees can assess the readiness and response capabilities of sites and their personnel.

8. NRC OVERSIGHT OF LICENSEES SECURITY TRAINING PROGRAMS

The NRC staff uses the Reactor Oversight Process (ROP) 3 to collect information about licensee performance, assess the information for its safety or security significance, and ensure appropriate licensee and 3 Additional information about the NRCs Reactor Oversight Process can be found on the NRCs public website,

7 IAEA-CN-327/00

NRC responses. Security is one of seven cornerstones of the ROP. The objective of the security cornerstone is to ensure that licensees security systems and programs provide defense in depth and can protect against the design-basis threat of radiological sabotage. The security cornerstone includes various security inspection activities that the NRC staff uses to verify licensee compliance with Commission regulations and thus ensure public health and safety. As part of the security cornerstone, the NRC staff conducts compliance and performance-based security inspections and assesses the outcomes to en sure that licensees adequately comply with the security training requirements in Appendix B.

8.1. Compliance-based inspections

The NRC conducts compliance-based security inspections to ensure that licensees adhere to established regulations and standards. These inspections focus on a ssessing whether licensees comply with specific security requirements, protocols, and procedures. They cover the fu ll range of security programs, including access control; target sets; information protection; fitness for duty; equipment performance, testing, and maintenance; and personnel training. For each compliance-based security inspection, the NRC staff prioritizes the focus areas and determines sample sizes based on considerations such as the risk significance of a focus area, the status of licensee-provided performance indicators, whether a licensee made any changes in an area after the last inspection, and whether a licensee has an unresolved corrective action(s) in an area.

8.2. Performance-based inspections

The NRC also conducts performance-based inspections to evaluate the performance of licensees security organizations, identify areas for improvement, and ensure that licensees correct any performance deficiencies that adversely affect their ability to defend against the design-basis threat. Through performance-based inspections, the NRC staff gains a comprehensive understanding of the capabilities and effectiveness of licensees physical protection programs and protective strategies and the personnel who implement them.

The best example of an NRC performance-based secu rity inspection is the NRC-graded FOF exercise program. An NRC inspection team conducts an FOF inspection over several days in two separate visits to a licensee site. An FOF inspection begins with a week-long visit to a licensee site during which the licensee briefs the NRC inspection team on its physical protection program and protective strategy. The inspection team also conducts plant walkdowns to identify potential mock adversary force targets and routes and any potential exercise control challenges, and to become familiar with the plant and its routines. NRC security and operations specialists conduct tabletop drills on a mockup of the facility to evaluate the effectiveness of licensee security plans against a series of attack scenarios. Drill coordinators explor e the number of defenders, their protective positions, and their protective strategy-related actions. The roles of State, local, and Federal law enforcement and emergency planning officials are also discussed during the tabletop drills.

Armed with the information obtained during the briefings, walkdowns, and tabletop drills, the NRC inspection team develops detailed plans for a number of commando-style attacks that will probe potential deficiencies in the licensees protective strategy. During a second site visit, a mock adversary force performs these attacks, attempting to reach and simulate destroying enough safety equipment to set in motion an event that would damage a reactor core or spent fuel. The licensees security force seeks to interdict the mock adversary force and prevent it from reaching the safety equipment. These exercises provide the most realistic evaluation of the proficiency of the licensees security force, short of an actual attack.

9. NRC INSIGHTS

Historically, firearms training for armed responders at NPPs was designed to teach the basics of weapons nomenclature, handling, and shooting fundamentals such as sight picture, sight alignment, and trigger control.

https://www.nrc.gov/reactors/operating/oversight.html, and in Revision 6 to NUREG-1649, Reactor Oversight Process, issued July 2016 (ADAMS Accession No. ML16214A274).

TRAVIS RYAN LEACH

Armed personnel then demonstrated those basic skills during live-fire shooting activities that included engaging stationary targets at various distances for familiarizati on or qualification. Licensees security training programs had no advanced tactical firearms live-fire shooting demonstrations to familiarize armed personnel with what would realistically be expected of them during an emergency situation at a facility in which deadly force was needed to thwart a highly motivated and skilled adversary. The evolving nature of security threats posed challenges to the effectiveness of those historic training programs. To counter those evolving threats, current NRC regulations now require tactical firearms courses of live-fire shooting, including the need to simulate real-life shooting situations, from positions that replicate the defensive positions used by the armed responders at a facility, simulated and realistic cover and concealment positions, and courses of fire to train and test expected tactical maneuvers and moving target engagements, to ensure that armed personnel have an adequate level of realistic training and demonstrate their skills during firearms qualification. Additionally, the NRC allows licensees to use protected area grounds and structures as a range for the purpose of meeting the range activity requirement, because doing so can provide training in the actual environments in which licensee security responders would be expected to defend against the design-basis threat. With the advances of realistic situational firearms training simulations during live-fire demonstrations within the s ecurity training programs, armed responders now have the requisite knowledge, skill, and ability to defend against a highly motivated and skilled adversary force.

Further advances in technology and the NRCs ability to be flexible have also provided valuable insights and increased realism and identified best practices that licensees plan to use in the future. During the COVID-19 pandemic, the NRC offered flexibility regarding FOF inspections by giving licensees the opportunity to deliver versions of briefs as computer-based training modules during the days preceding the exercises and updates to these conditions on exercise days in an abbreviated format. The NRC inspectors maintained appropriate oversight by reviewing computer-based training content and verifying participant completion logs before the start of the exercises. These modifications were effective in reducing the hours that both the licensees and NRC inspectors had to be on site on exercise days, with no reduction in safety margin. With the time the NRC inspection teams saved, they increased their observation of mock adversary force and security controller preparations, which provided greater confidence that both entities were well rehearsed and knowledgeable of the mission plans. The inspection teams also found value in the enhanced opportunities to ensure that the licensees were adequately prepared to implement and control the planned FOF exercise scenarios in ways that supported the NRCs effective assessment of the exercises. The FATS technology described earlier is another example of the flexibility that the NRC offers to support licensees use of security technologies.

10. CONCLUSION

The NRCs security training requirements in Appendix B play a vital role in mitigating security risks and ensuring the resilience of nuclear facilities. By adhering to regulatory requirements, implementing best practices, and embracing technological innovations, NPP licensees can enhance their preparedness and response capabilities.

Continued collaboration between regulators, licensees, and stakeholders is essential for addressing emerging threats and upholding the safety and security of NPPs.

This overview highlights the critical importance of security training to licensees ability to adequately defend against the design-basis threat. Effective training programs are essential to ensure that licensee personnel have the knowledge, skills, and abilities needed to prevent, detect, and respond to security events. By providing comprehensive training that covers a wide array of topics, licensees can enhance their readiness and resilience against potential threats. Additionally, ongoing advances in security training methodologies, including the use of simulations, computer-based software, and experiential learning offer opportunities to improve effectiveness and realism. As the design-basis threat evolves, licensees continuous investment in robust training programs will remain key to their ability to maintain adequate standards and protect against emerging threats.

9 IAEA-CN-327/00

ACKNOWLEDGMENTS

I would like to express my sincere gratitude to Lou Cubellis, Amanda Marshall, and Francis Paul Peduzzi of the Nuclear Regulatory Commission staff for their invaluable contributions and support throughout the development of this paper. Their guidance, assistance, and leadership have been instrumental in the shaping of this work.

REFERENCES

[1] Code of Federal Regulations, Title 10, Energy, Part 73, Physical Protection of Plants and Materials.

[2] Staff Requirements Memorandum on SECY-16-0073, Options and Recommendations for the Force-on-Force Inspection Program in Response to SRM-SECY-14-0088, October 5, 2016.

[3] Staff Requirements Memorandum on SECY-18-0076, Options and Recommendations for Physical Security for Advanced Reactors, November 19, 2018.

[4] Code of Federal Regulations, Title 10, Energy, Part 55, Operators Licenses.

[5] Institute of Nuclear Power Operations, INPO-AP-921, Principles of Training System Development, June 1997.

[6] NUREG-1649, Revision 6, Reactor Oversight Process, July 2016.

[7] U.S. NRC RG 5.75, Revision 0, Training and Qualification of Security Personnel at Nuclear Power Reactor Facilities, July 2009.

[8] U.S. NRC RG 5.75, Revision 1, Traini ng and Qualification of Security Personnel at Nuclear Power Reactor Facilities, March 2021.