ML25052A163

From kanterella
Revision as of 23:20, 9 March 2025 by StriderTol (talk | contribs) (StriderTol Bot insert)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Determination Process; Draft - IP 71130.03 Contingency Response - Force-on-Force Testing; Draft - IP
ML25052A163
Person / Time
Issue date: 02/21/2025
From: Jeffrey Bream
NRC/NSIR/DSO/SOSB
To:
References
IP 71130.03
Download: ML25052A163 (1)
v  d  e


Text

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 1

71130.03 (U)NRC INSPECTION MANUAL NSIR/DSO (U) INSPECTION PROCEDURE 71130.03 (U) CONTINGENCY RESPONSE - FORCE-ON-FORCE TESTING (U) Effective Date: January 1, 2026 (U) PROGRAM APPLICABILITY: IMC 2201 A 71130.03-01 (U) INSPECTION OBJECTIVES 01.01 (U) To gather sufficient information related to the licensees physical protection program to develop and conduct a performance-based force-on-force (FOF) exercise that appropriately challenges the licensee security force against security threats in accordance with the design basis threat (DBT) of radiological sabotage.

01.02 (U) To assess the ability of the licensee security force, through an NRC-conducted performance-based FOF exercise, to provide reasonable assurance of adequate protection against the DBT of radiological sabotage.

01.03 (U) To verify and assess the licensees ability to identify and correct failures, deficiencies, or other findings in performance, plans, equipment, or strategies associated with the licensees physical protection program or performance of FOF exercises in accordance with the licensees problem identification and resolution program (PI&R) and regulatory requirements.

71130.03-02 (U) INSPECTION REQUIREMENTS (U) General Guidance (U) The Office of Nuclear Security and Incident Response (NSIR) is the lead office for this inspection effort and will coordinate with the regional offices to determine the schedule and agenda.

(U) The NRC staff uses FOF exercises, which are performance-based inspection activities, to verify a licensees ability to meet the general performance objective and requirements of Title 10 of the Code of Federal Regulations (10 CFR) 73.55 and to ensure the NRC complies with the Atomic Energy Act of 1954 as amended, Section 170D, Security Evaluations. Inspectors are responsible for ensuring that the objectives of the inspection procedure (IP) are completed and evaluated to a level that provides assurance that licensees meet the NRC regulatory requirements and that the sample is complete.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 2

71130.03 (U) This guidance is being provided as a tool that recommends certain methods and techniques to inspectors for determining a licensees security program compliance and effectiveness for an inspection requirement; and clarifies certain aspects of a regulatory requirement for a particular inspection requirement. When minimum sampling numbers are indicated, inspectors should adhere as closely as possible to the numbers identified in the guidance. When compliance concerns arise, inspectors may expand the minimum number of samples to aid in determining the extent of the condition. Should questions arise regarding procedural requirements or guidance, inspectors should consult with NSIR.

(U) The inspectors should familiarize themselves with relevant documentation which may include, but is not limited to, the licensees site schematics; target sets; protective strategy procedure and brief; blast analyses; barrier placement; physical security plan, safeguards contingency plan, training and qualification plan, and cyber security plan (collectively referred to as the security plans); site-specific or corporate implementing procedures; security post orders; and security program reviews and audits. The inspectors should conduct a review of results from past security inspection reports for the facility.

(U) Scheduled tours with the licensee are considered site familiarization; however, inspectors may conduct additional detailed walkdowns and assessments, as needed.

(U) This inspection uses advisors from the U.S. Special Operations Command (USSOCOM) serving as representatives of the NRC who will adhere to the guidance provided by the inspection team lead. USSOCOM advisors to the NRC are expected to participate in all aspects of the inspection, provide subject matter expertise to the inspectors, and are expected to know and comply with all licensee and NRC rules and regulations regarding industrial safety, radiological safety, and FOF exercise protocols. The USSOCOM advisors will also be used to provide tactics, techniques, and procedures (TTP) consistent with the DBT and adversary characteristics identified in 10 CFR 73.1 and Regulatory Guide (RG) 5.69, Guidance for the Application of the Radiological Sabotage Design Basis Threat in the Design, Development, and Implementation of a Physical Security Program that meets 10 CFR 73.55 Requirements. This information could include explosive weights and breaching techniques for barriers and or obstacles that the adversaries may encounter enroute to the exercise target(s). During FOF inspections, the USSOCOM advisors may provide immediate direction to the mock adversary force (MAF) on utilization of available equipment/explosives as long as such information is within the DBT. The USSOCOM advisors will assist in exercise evaluation as part of the inspection team, and, specifically, will evaluate MAF performance for the NRC.

(U) Licensees may provide insider information in any method agreed to by the inspection team lead including, but not limited to, the use of multiple personnel to provide information, the use of a knowledgeable individual, or the use of a point of contact who can expeditiously gather information for the MAF.

(U) Unless requested by the licensee, neither lead controller nor the lead adversary controller will be used as the individual insider; however, licensees may request that either, or both, controllers be utilized as the point of contact for all information requests.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 3

71130.03 (U) Although the insider will be expected to gain information within the bounds of their work assignments, if it is reasonable that they could gather particular intelligence over this period, then that information will be made available to the MAF by the most expeditious means possible. The MAF has approximately 8 hours9.259259e-5 days <br />0.00222 hours <br />1.322751e-5 weeks <br />3.044e-6 months <br /> to collect, understand, and incorporate information. Therefore, immediacy and clarity are essential to the planning process. The use of an individual who must routinely enter the plant to collect what should be immediately available information will delay the planning process and may require inspection team intervention. In addition, at no time will the collection of information be done under circumstances which could reasonably be construed as surreptitious testing of the licensees insider mitigation program.

The objective of not announcing the identity of an individual insider is to prevent loss of control of information specific to mission planning, thereby compromising the inspection effort.

(U) The inspection team lead will brief the insider(s) on the responsibilities of the position with particular attention paid to the potential for information spills related to the exercise scenarios to personnel not authorized to know details of the exercise scenario (i.e., non-trusted agents).

Additionally, the inspection team lead will inform the insider(s) of their responsibility to be a willing participant, forthright with all information, and readily available to the MAF during the scenario planning process.

(OUO-SRI) REDACTED (OUO-SRI) REDACTED (U) MAF Preparation: To achieve a level of realism commensurate with a team that has trained for several years on a scale model of the nuclear facility destined for attack, the MAF must be familiar with the most advantageous routes to the target sets and each target.

(OUO-SRI) REDACTED (U) MAF director attendance at the protective strategy brief and tabletop drill has been an observed best practice for improving MAF information that would otherwise need to be provided by the insider. The inspectors should consider MAF director attendance during these activities to better facilitate mission planning.

(U) Scenario Development: Identification of target sets, site tours, and tabletop drills are necessary precursors to the development and selection of an attack scenario. The inspectors will identify entry points into the owner controlled area (OCA), protected area (PA), or vital area (VA) as necessary, and will specify adversary characteristics to be exercised using the information gleaned during the site tours and tabletop drills.

(U) The NRC will provide this information to the MAF but will be attentive to requests from the MAF to modify these specifications based on additional information provided by the insider. This information will be given to the adversary team and the insider, provided that they have signed the trusted agent (TA) form, during the preliminary visit to allow time for the following:

1. (OUO-SRI) REDACTED
2. (OUO-SRI) REDACTED

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 4

71130.03 (U) After final approval, the scenario sequence of events should not be changed unless necessary. The inspection team lead must determine whether proposed late changes (i.e.,

changes made after final approval) to the sequence of the events would add significant value to the evaluation of the effectiveness of the site protective strategy. For any changes to be implemented they must meet the three following criteria:

1. (U) The change must be within the scope of the DBT and rules of engagement,
2. (U) The change must not have the potential to introduce an unfavorable safety condition,
3. (U) The change must be effectively controlled and simulated without the potential for causing indeterminate exercise results.

(U) Effective Exercise - An exercise where the licensees protective strategy successfully protected the selected target set from simulated destruction and compromise by the mock adversary force in order to prevent significant core damage and spent fuel sabotage in accordance with implementation procedures, regulatory requirements, or other Commission requirements.

(U) Ineffective Exercise - An exercise where the licensees protective strategy failed to adequately protect the selected target set from simulated destruction and compromise by the mock adversary force in accordance with implementation procedures, regulatory requirements, or other Commission requirements such that all components of the selected target set were simulated destroyed or compromised.

(U) Indeterminate Exercise - Exercises where the results were significantly skewed by an anomaly or anomalies, resulting in the inability to determine the outcome of the exercise (e.g.,

site responders neutralize the mock adversary force using procedures or practices unanticipated by the design of the site protective strategy or training of security personnel to implement the site protective strategy, or significant exercise control failures to include controller performance failures). The inability to reliably determine the outcome of the exercise can also create an indeterminate exercise.

02.01 (U) NRC-conducted Force-on-Force Preparation, Mission Planning, and Scenario Development

a. (U) Perform in-office inspection coordination and licensee inspection notification.

(U) Specific Guidance (U) Licensee notification of the inspection and inspection document request will be performed in accordance with Inspection Manual Chapter 0620, Inspection Documents and Records. Notification should be performed by the Security Performance Evaluation Branch (SPEB) Chief or their designated inspection team lead, 15 weeks before the on-site planning week. Following confirmation from the licensee that the email notification has been received, the following activities should take place:

(U) Provide the inspectors with expectations and assignments.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 5

71130.03 (U) Coordinate travel logistics with all team members.

(U) Coordinate a time to conduct a logistics phone call with the licensee.

(U) Exchange key points of contact between NRC and licensee personnel.

(U) Coordinate site access and badging with the appropriate regional and licensee personnel.

(U) Coordinate the planning week schedule with NRC and licensee personnel.

(U) Exchange pretty good privacy (PGP) key between inspection team members and site point of contact.

(U) Coordinate with the senior resident inspector or resident inspector at the site to ensure awareness of the inspection activities, and to ensure the functionality of the Safeguards Local Area Network and Electronic Safe (SLES) equipment on-site.

b. Review inspection documents provided by the licensee in-office and begin mission planning.

(U) Specific Guidance (U) Upon receipt of the licensees submittal of the requested documents the team should review the following areas:

(U) OCA, PA, and VA review of targets, pathways, barriers, intrusion detection system (IDS), cameras, patrols, and response.

(U) Command and control structure and responsibilities, alarm station locations, communications, assessment capabilities, and response timelines.

(U) All target sets to determine which target sets appear vulnerable to attack based on site layout.

(U) Potential pathways and preliminary methods to compromise or destroy target set equipment.

(U) If necessary, coordinate with a security risk analyst to discuss target set specifics and clarifying questions.

(U) The inspection team lead and/or inspector should ensure that all appropriate documentation is prepared for the entrance meeting, exit meeting, FOF inspection sign-in roster; adversary briefing worksheet; and FOF planning week schedule.

c. (U) Conduct on-site mission planning with information gained during protective strategy briefing, site tours, and tabletop drills.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 6

71130.03 (U) Specific Guidance

1. (U) Protective Strategy Brief: The inspectors should review the licensee's security plans, site protective strategy and implementing procedures, and applicable blast analysis data to understand the sites protective strategy in support of scenario development and mission planning.

(U) Inspector in-office document reviews and the protective strategy briefing provided by the licensee should provide the inspectors with an understanding of the basis for the licensees protective strategy, how the licensee has considered elements of the DBT within the design of its strategy, and how the licensee implements its protective strategy.

(U) The inspectors should also request that the licensee provide a protective strategy overview/briefing that details its protective strategy and all supporting physical protection measures that the licensee employs in support of its strategy from the outermost layer of defense to target sets within the inner most areas of the site. The protective strategy brief should provide a detailed overview of the entire defense-in-depth program and allow for inspectors to gather additional information and insight pertaining to the design of the licensee's protective strategy that can support the inspectors in scenario development.

2. (OUO-SRI) REDACTED (OUO-SRI) REDACTED (U) During the OCA and PA walkdowns, the inspectors may identify areas of the PA barrier (or other barrier system) that may be advantageous points of entry for the adversary. The inspectors may request the licensee conduct performance or operability testing of the IDS in these areas to verify assumptions or observations.

Additionally, the inspectors may request USSOCOM challenge the IDS in the identified locations in accordance with the adversary characteristics of the DBT. One inspector should observe the testing in the field to verify the characteristic is properly demonstrated and one inspector should observe the testing from the alarm station to validate licensee detection and assessment. Results of this IDS testing can be considered in the development of the exercise scenario. However, licensee corrective actions for any deficiencies in IDS performance should also be factored into the consideration for exercise scenario development.

(U) Inspectors should coordinate with the licensee to ensure only trusted agents participate in the tours. At a minimum, the inspectors should evaluate potential protective strategy vulnerabilities and areas that would be advantageous for an adversary to exploit to gain access to target set equipment. Areas determined to be exploitable or attractive should be presented to the inspection team lead for evaluation to determine if the areas should be incorporated into the NRC-developed scenario. The areas to evaluate include, at a minimum:

(U) OCA and PA boundaries.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 7

71130.03 (OUO-SRI) REDACTED (U) Buildings and structures connected to OCA, PA, and VA boundaries.

(U) Roads, waterways, pedestrian paths, and key avenues of approach into the OCA, PA, and VA.

(OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (U) Access control points and processes.

(OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (U) Search requirements and processes.

(U) Physical barrier types and locations (e.g., delay, fences, active and passive vehicle barriers, etc.).

(OUO-SRI) REDACTED (U) Lighting (type, capability, and location).

(OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 8

71130.03 (OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (OUO-SRI) REDACTED (U) The inspectors should review all insights gained during the site tours and inspection preparation to consider those elements and routes which may be advantageous to an adversary to challenge the licensees physical protection program. Insights gained from the OCA, PA, and VA tours should be validated during the tabletop drills.

(U) During evaluations of avenues of approach, the inspectors may request that a limited scope evaluation (LSE) be performed using the USSOCOM advisors acting as the adversary to evaluate how the licensee detects and assesses the areas under evaluation. Before an LSE, the NRC inspectors must coordinate with the USSOCOM advisors and the licensee to identify and discuss methods that could be used to challenge the area(s) identified. This includes discussions related to when the testing will be conducted (e.g., day, night, or both), required equipment, bypass methods, and safety requirements. If an LSE is conducted, at least one inspector is required to observe the areas to be evaluated, while a second inspector reviews timelines for receipt of an alarm, assessment, and communication to appropriate response personnel. If available, a third inspector should observe the testing from a licensee response position that also has assessment capabilities.

(U) In accordance with 29 CFR 1904.3(a), NRC employees and their USSOCOM advisors are not considered to be "covered employees under the licensees occupational safety and health administration program. However, in the performance of an LSE, USSOCOM advisors should make every effort to adhere to licensee safety procedures, and deviations should only be made if needed, and no other means are available, to complete an important evaluation.

3. (U) Tabletop Drills: Following the site tours, the inspectors should identify specific scenarios for tabletop drills and discuss these scenarios and specific DBT attributes with the USSOCOM advisors. The tabletop drills should simulate external assaults, attacks by stealth (covert), and deception tactics (including diversions) to gain detailed insights of the licensees protective strategy, and how the security plans are implemented. The inspectors should consider various starting conditions that may be advantageous to an adversary, including, but not limited to during the hours of darkness, low work periods (e.g., weekends and holidays), and inclement weather.

Insights gained from the tabletop drills should be used to inform FOF scenario development, and may include:

(U) detection and assessment capabilities (U) adversary and response force timelines

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 9

71130.03 (U) protective strategy deployment of response force personnel in response to adversary action (U) protective strategy command and control (U) plant operations response to security events (U) The inspection team lead should brief participants that tabletop drills are not based on a win/lose paradigm and that the NRC may override the results of the simulated engagement so that the effectiveness of inner defenses can be more effectively evaluated. The inspectors should direct tabletop activities with a USSOCOM advisor playing the role of the adversary. Additionally, it is preferred that only trusted agents participate in the tabletop drills since aspects of the tabletop drills may reflect the final FOF exercise scenario.

(U) The USSOCOM advisor should indicate an entry point or entry points along the route to include into the OCA, PA, and VA along with the DBT attributes and tactics the adversaries may employ. A licensee response team leader (RTL) should play the role of the responders. The licensee should indicate how responding armed security force members would be deployed to interdicting positions, as determined by the licensees contingency response. The RTL should be advised that the tabletop drills are to use only the minimum number of ARs and ASOs, as committed to in the site physical security plans. The RTL should be asked to describe any response strategy equipment (e.g., defensive positions, delay barriers, cameras, alarms) that an adversary may encounter along the pathway. Additional licensee personnel, as appropriate for the licensees protective strategy (e.g., central alarm station operator (CAS), secondary alarm station operator (SAS), security shift supervisor (SSS), or licensed reactor operator) should also participate in the tabletop drills.

4. (U) Exercise Scenario Development: The inspectors will develop two challenging exercise scenarios upon completion of protective strategy briefings, site tours, and tabletop assessments. The second exercise scenario will be used in the event the first scenario cannot be performed or if re-visit actions are required to complete this inspection sample. By preparing a second exercise scenario during planning week, a second planning week may not be necessary in the event of an inspection re-visit.

However, a second planning week may be necessary if the licensee response strategy has significant changes that would make the second developed exercise obsolete or not challenging to the licensees protective strategy. The determination of whether the second scenario can be used during the re-visit inspection will be made by the NRC during pre-planning activities in accordance with section 02.01.a of this procedure.

(OUO-SRI) REDACTED

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 10 71130.03 (U) Scenario development should include a discussion of attractive target sets and advantageous methods of destruction or compromise; potential adversary routes and pathways to target sets; security systems, barriers, patrols, and response personnel which must be bypassed or negotiated; and applicable adversary composition, characteristics, tactics, techniques, tools, and procedures to employ.

(OUO-SRI) REDACTED (U) All copies of the completed Addendum 2 and selected target set must be stored in SGI-approved containers which can only be accessed by NRC personnel or licensee trusted agents. Following completion of the inspection, the licensee will mail the stored SGI information to NRC Headquarters. The inspectors must enter the completed Addendum 2 worksheets into the NRC SLES for retention as official agency record.

(OUO-SRI) REDACTED (OUO-SRI) REDACTED (U) Following the OCA tour with the MAF, the MAF director should provide both of the written scenarios to the inspectors for review. The licensee trusted agents should then review the scenario and ask clarifying questions or express concerns. The licensee should only develop an exercise matrix for the scenario being exercised.

The scenarios can continue to be subject to minor adjustments and clarifications, with NRC approval, until the inspectors have completed their review of the exercise matrix during exercise week. Significant changes should follow the process described in the General Guidance section of this procedure.

d. Verify pre-exercise planning.

(U) Specific Guidance (U) The period between the on-site planning and exercise week allows for additional review of scenarios, development of exercise events matrices, and allows for clarifications. During the week prior to exercise week, the licensee should provide an exercise week schedule and a copy of the exercise event matrix for NRC review. The licensee determines the exercise week schedule. The inspection team lead should ensure that the inspectors can cover critical exercise week observations and discuss any concerns with the licensee, as soon as possible.

(U) The inspectors should review the exercise matrix and ensure that it appropriately captures the exercise scenario events and aligns with any applicable guidance. If necessary, the inspectors should schedule a meeting with the licensee trusted agents to discuss any comments, questions, or concerns with the event matrix prior to the exercise week.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 11 71130.03 02.02 (U) NRC-Conducted Force-on-Force Exercise

a. (U) Verify the licensee developed exercise event matrix meets the objectives provided in the Adversary Briefing Worksheet and minimizes the potential number and effects of artificialities in the exercise.

(U) Specific Guidance (U) The inspectors should meet with the appropriate licensee trusted agents to review the licensee-developed written matrix of major scenario events, simulations, and controller directions. The inspectors should verify that the exercise event matrix incorporates specific and adequate guidance for any necessary artificialities or simulations (e.g., simulated explosions, radio jamming, no-play areas, use of dry-fire cables) so licensee controllers can be appropriately prepared to control the exercise scenario. Any identified concerns with the direction provided in the matrix should be brought to the attention of the responsible licensee staff for correction prior to the exercise. Any subsequent corrections or changes to the exercise event matrix should be reviewed by the inspectors.

(U) NRC review of the exercise event matrix does not absolve the licensee of responsibility for developing and implementing the FOF exercise. Any deficiencies in exercise performance associated with inadequate exercise event matrix direction or controller performance should still be assessed for significance in accordance with Inspection Manual Chapter (IMC) 0612, Issue Screening.

b. (U) Verify MAF preparedness for implementing the exercise scenario.

(U) Specific Guidance (U) The inspectors should provide oversight of the MAF to ensure MAF preparedness and identify and mitigate any potential conflict of interest issues. This typically includes reviewing the MAF mission plans and associated documents, MAF equipment (to include props for the exercise), observation of MAF preparation and rehearsal drills, and attendance at MAF exercise briefings.

(U) The USSOCOM advisors, with the consent of the inspection team lead, are expected to provide specific information and TTPs to the MAF during FOF inspections. Any identified questions or concerns with MAF preparation, planned tactics, equipment, or simulations should be brought to the attention of the inspection team lead and the responsible licensee staff for resolution prior to the start of the exercise. If conditions develop related to MAF knowledge or performance during the exercise, the USSOCOM advisor may provide direction to the MAF during a time-out or administrative hold.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 12 71130.03

c. (U) Verify the licensee performs a site safety walkdown to identify potential hazards before initiation of the exercise.

(U) Specific Guidance (U) The inspectors should observe the licensees physical walkdown of the general site area, expected travel path of the adversaries, response positions, and major work areas to ensure all potential industrial and radiological hazards are identified and mitigated, if possible, prior to the start of the exercise. Any remaining hazards should be briefed to the exercise participants prior to the start of the exercise.

(U) During the observation of the licensees walkdown, the inspectors should be mindful of potential flagging of any scenario details to licensee personnel, especially personnel that are participating in the exercise. Care should be taken to avoid directly walking down the expected MAF route of travel or other areas that would be indicative of exercise-specific play areas. One potential method to avoid flagging would be to perform the safety walkdown prior to the arrival of any exercise participants or to include all portions of the protected and vital areas in the walkdown.

d. (U) Observe licensee controller, safety, and shift briefings to verify adequate training and coordination for all exercise participants and on-duty security personnel.

(U) Specific Guidance (U) The inspectors should observe the controller briefings with all MAF controllers and all player controllers to ensure that they understand the events of the exercise, exercise flow and anticipated timelines, and to verify that the controllers understand all expected interactions and potential engagements.

(U) The inspectors should verify that the licensee has established an appropriate number of controllers for the exercise to ensure that there is control of both exercise participants and on-duty shift personnel. Exercise participants and on-duty personnel should remain under the direct control of a trained and qualified controller for the duration of the exercise. A controller may be assigned multiple exercise participants or on-duty shift personnel; however, if there is a possibility that the group being controlled could be separated for any reason, additional controllers must be assigned.

(U) As a minimum, each controller should have the knowledge and experience to do the following:

(U) Provide timely and accurate information to the players to ensure consistent and orderly continuation of the drill or exercise in line with the scenario.

(U) Evaluate the application of the no-play areas (to include radiation boundaries) and control measures.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 13 71130.03 (U) Evaluate tactical decisions made by the MAF to include alternate avenues of approach, entry points, targets of opportunity, and control measures and tools required to facilitate entry.

(U) Evaluate the application of the use of cover and concealment to include natural and fabricated defensive positions by all exercise players.

(U) Evaluate the tactical use of exercise weapons including their effective range and capabilities.

(U) Evaluate the application of target identification, acquisition, and engagement by players.

(U) Evaluate the tactical use of hand-carried explosive devices on equipment and personnel and their effects upon detonation.

(U) Evaluate the effectiveness of body armor employed by players and its ballistic protection during the exercise.

(U) All player and adversary controllers need to be aware of the entire exercise scenario, including the actions expected of the participant they are monitoring. The controller should evaluate actions that deviate from the expected scenario to ensure that the intent of the exercise scenario is understood. Safety and general area controllers may not have a need-to-know the entire exercise scenario, but they must be aware of the exercise conditions that they might experience or observe during the exercise.

(U) The inspectors should observe the safety briefings that must be conducted prior to the start of an exercise. All scenarios must have proper control measures in accordance with site safety plans and as required by regulations. Additionally, all controllers, players, and observers must be briefed and aware of all potential hazards, along with associated control measures, to prevent an accident, unsafe condition, or loss of the sites security posture from occurring. These briefings should go over specific safety issues such as MILES engagement safety, slip hazards, and radiation protection requirements. All personnel participating in the exercise should receive the same safety information.

(U) If the licensee implements a computer based training or partial computer based briefing plan for any or all of the pre-exercise briefings, inspectors should review the training plan and attendance verification to ensure the training provides adequate coverage of the subject topics and that all participants received the appropriate pre-exercise briefings. Additionally, the inspectors should assess if staff that participated in the computer-based training activities were offered adequate opportunities to ask clarifying questions before the start of the exercise.

(U) The inspectors should observe the briefing with all on-duty security force members that is conducted to ensure that they understand their role in relation to the conduct of the FOF exercise and specific responsibilities related to safety measures. All communications in this brief should be generic in nature. Specific details of exercise play and the scenario should not be communicated.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 14 71130.03

e. (U) Verify, through the conduct of an NRC-conducted FOF exercise, that the licensees physical protection program is able to detect, assess, interdict, and neutralize threats up to and including the DBT of Radiological Sabotage.

(U) Specific Guidance (U) The NRC inspection team will evaluate the licensees overall ability to demonstrate effectively that its protective strategy and the execution of that strategy meets the general performance objective of 10 CFR 73.55.

(U) In order to successfully demonstrate an effective protective strategy, the licensee must demonstrate that its security systems provide adequate defense-in-depth through the integration of systems, technologies, programs, equipment, supporting processes, and implementing procedures to ensure that the physical protection program can protect against the DBT of radiological sabotage.

(U) The exercise will be used to evaluate the protective strategy, the implementation of the strategy, the timeliness of the response capability, the weapons employed, the overall effectiveness of the security training provided, and the ability of the security organization to defend the site against the DBT adversary force and protect target set equipment necessary to prevent significant core damage and spent fuel sabotage.

(U) One exercise is required to complete this inspection sample. This exercise will normally be scheduled for Wednesday of exercise week. However, the inspectors and the licensee should be mindful of conditions outside of their control, such as hazardous weather that may result in safety or operational conditions that would pose an unacceptable threat to the safety of personnel or the plant. Considerations should be made for postponing or rescheduling the exercise for another day of exercise week for situations beyond the control of the inspectors or licensee that may result in hazardous conditions for personnel or the plant. The inspection team lead and a senior responsible licensee management representative, in coordination with NSIR management, will make the final determination on exercise rescheduling or postponement.

(U) The inspectors must evaluate the effectiveness of the licensees physical protection program, protective strategy, and contingency event response by personnel with responsibilities for implementing the safeguards contingency plan.

(OUO-SRI) REDACTED (U) A time-out or administrative hold must be taken during an exercise at any time that the safety of any person or plant equipment is in question. All personnel involved in the exercise are responsible for requesting an administrative hold if they encounter such a situation. After evaluating the condition of the personnel or plant equipment, an exercise may be terminated, if appropriate to the specific situation.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 15 71130.03 (U) The licensee, with concurrence from the inspection team lead, will normally terminate an exercise when either the MAF have reached or simulated sabotaging/eliminating all elements of a target set or when the MAF has been neutralized or otherwise rendered incapable of completing its mission. The inspection team lead has the authority to terminate an exercise, impose a restart or administrative hold, and override a controllers call at any time for reasons the inspection team lead considers appropriate.

(U) In those cases where an exercise provides potentially indeterminate results (e.g., it is not an effective or ineffective exercise outcome) the inspection team lead should implement one or more of the below operational control measures to allow the inspectors to gather appropriate information to make a final determination related to adequacy of target set protection.

1. (U) Continuing the exercise by resurrecting or repositioning adversaries or a combination of both.
2. (U) Conduct walkdowns during timeouts or following the closure of the exercise window to assess player and MAF locations, routes of travel, site defensive characteristics, and potential MAF and site security personnel responses.
3. (U) Perform tabletops reflective of the conditions experienced in the exercise to understand the location of responders and adversaries along the intended path to the target locations.
4. (U) Conduct post-exercise interviews with players and licensee controllers to gain additional insights into exercise conditions.

(U) The inspectors should consider all information identified when making its final determination related to the overall exercise outcome. For example, the inspectors should consider the information and data received during the FOF inspection planning weeks, information identified by inspection team member observations, scenario development assumptions, and any observed actions of the FOF participants during the evaluated exercise. Any performance issues should be assessed for significance in accordance with IMC 0612, Issue Screening.

(U) Alternatively, if an exercise outcome of effective or ineffective cannot be made, the NRC will expand the sample and conduct a re-visit action of an NRC-conducted exercise in accordance with IMC 0609, Security Significance Determination Process for Power Reactors, Appendix E, Part II Force on Force Significance Determination Process.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 16 71130.03

f. (U) Verify, through observation of licensee hot wash that the licensee identifies deficiencies in the defensive strategy or performance of the exercise and enters them into the problem identification and resolution program.

(U) Specific Guidance (U) At the termination of the exercise, inspectors should observe the licensee conducted hot washes for controllers, players, and MAF. This process should involve evaluation of player performance through self-assessment and controller observations. NRC inspectors should ask any necessary clarifying questions. Observation of hot washes allows the inspector to ensure the licensee is identifying deficiencies and capturing them for corrective actions.

02.03 (U) Identification and Resolution of Problems

a. (U) Verify that the licensee identifies issues related to the Contingency Response -

FOF Testing program at an appropriate threshold and enters them into the licensees problem identification and resolution program.

(U) Specific Guidance (U) The licensee must handle deficiencies identified during the planning and conduct of exercises consistent with the sites problem identification and resolution program procedures, self-assessment, or training program. The training program may address some deficiencies (i.e., those related to training and human performance) as long as the licensees evaluation demonstrates that the deficiencies do not adversely affect or decrease the effectiveness of the protective strategy and physical protection program.

The licensee must enter into the sites problem identification and resolution program deficiencies that it determines adversely affect or decrease the effectiveness of the protective strategy and physical protection program. For example, the licensee will enter into its problem identification and resolution program the failure of any of the following key performance evaluation program elements:

1. (U) responding with sufficient numbers of security personnel. The licensee has the required number of response personnel to implement effectively the protective strategy and protect the target sets against the DBT.
2. (U) responding within appropriate timelines. Response personnel have adequate time to reach their response positions in advance of adversary timelines.
3. (U) responding to protected positions. Response personnel use appropriate protection and cover.
4. (U) responding with appropriate armament. Response personnel are supplied with, or have readily available, the weapons and equipment necessary to execute their responsibilities and are appropriately trained and qualified in the use of the weapons and equipment.

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 17 71130.03

5. (U) providing target set protection. Response plan and response personnel prevent the DBT from completing sabotage of all components of any target set.

(U) The inspectors should request from the licensee any reports that document drill and exercise deficiencies associated with the inspection exercise. The inspectors should review the documentation pertaining to the licensees evaluation of the deficiencies to understand fully whether or not the deficiencies adversely affect or decrease the effectiveness of the protective strategy and physical protection program. The inspectors should also query site personnel to determine how the licensee dispositions deficiencies.

The inspectors should review the associated documentation indicating that the failure was entered into the sites problem identification and resolution program.

b. (U) Verify the licensee performs a documented post-exercise critique in which failures, deficiencies, and other findings related to performance, plans, equipment, and strategies are identified and entered into the licensees problem identification and resolution program.

(U) Specific Guidance (U) After the conduct of the NRC-conducted FOF exercise, the inspectors should evaluate the licensees ability to identify, capture, and enter deficiencies into its problem identification and resolution program. These must include all deficiencies and failures that adversely affect or decrease the effectiveness of the protective strategy and physical protection program identified during the planning or conduct of evaluated exercises. The licensee will present the observations, lessons learned, and identified deficiencies that were entered into its problem identification and resolution program to licensee senior management during a formal exercise critique held after the final exercise. The inspectors must observe this formal exercise critique.

(U) Prior to the formal exercise critique, the inspectors will capture observations from the exercises and inspection, to include those of the MAF team, to assist in the evaluation of the formal critique. The inspection team lead will ensure that the MAF director, MAF team member(s), and USSOCOM advisor(s) are available as needed to observe the formal exercise critique.

(U) This formal exercise critique will be in addition to the licensee hot-wash conducted immediately after each exercise is completed.

02.04 (U) Re-Visit Actions

a. (U) Perform Re-Visit action inspection in response to an Ineffective or Indeterminate exercise outcome in accordance with IMC 0609, Appendix E, Part II, Force-on-Force Significance Determination Process.

(U) Specific Guidance (U) The inspectors must evaluate indeterminate or ineffective exercise results for appropriate Re-Visit Actions in accordance with IMC 0609, Appendix E, Part II. Re-Visit Actions should be performed as follows:

This document is being provided for information only for the sake of the March 3, 2025, public meeting related to this topic. The content of this inspection procedure is draft and is subject to change prior to final issuance. The NRC is not soliciting official comments.

Any comments provided to the NRC during or after the public meeting may or may not be considered prior to issuance.

Issue Date: DRAFT 18 71130.03

1. (U) Corrective Action Measure (CAM) Review: Inspectors should review the licensees corrective actions for the identified deficiencies and verify the actions are reasonable. Completed CAMs should include training or validation records from which the inspectors can make an independent assessment of the effectiveness of the licensees corrective actions. Inspectors can refer to IP 71152, Problem Identification and Resolution, section 03.03 for guidance in completing this Re-Visit Action.
2. (U) Observe Licensee-Conducted Exercise: Inspectors should observe a licensee conduct an FOF exercise that demonstrates correction of the deficiencies in performance that lead to the ineffective or indeterminate NRC-conducted FOF exercise. Inspectors can refer to IP 71130.05, Protective Strategy Evaluation and Performance Evaluation Program, sections 02.04, 02.07, 02.11 for guidance in completing this Re-Visit Action.

(U) To the extent practicable, this Re-Visit Action should coincide with the licensees schedule for the conduct of their own internal FOF exercises. A minimum of two inspectors should be used to perform the necessary observations of the licensee-conducted exercise. HQ Inspectors may be supported by regional inspectors in order to complete the observations; however, this Re-Visit Action cannot be used as a sample for completion of IP 71130.05.

3. (U) NRC Conducted Exercise: To the extent practicable, this Re-Visit Action should utilize the second exercise scenario that was developed during the original planning week. However, a second planning week may be necessary if the licensee response strategy has significant changes that would make the second developed exercise obsolete or not challenging to the licensees protective strategy. The inspectors should assess if the second developed scenario should be revised, modified, or replaced in favor of a scenario that more directly reflects the as found state of the licensees defensive strategy at the time of the Re-Visit Action. The inspectors should utilize all applicable guidance in this IP, as necessary, in completing this Re-Visit Action.

71130.03-03 (U) RESOURCE ESTIMATE (U) The resource estimate for this section is approximately 275 hours0.00318 days <br />0.0764 hours <br />4.546958e-4 weeks <br />1.046375e-4 months <br /> of direct inspection effort on site every 3 years. This IP will be conducted as a team inspection. The team will generally consist of one NRC HQ team lead, two NRC HQ inspectors, one regional inspector, and USSOCOM advisor support.

(U) END

Retrieved from "https://kanterella.com/w/index.php?title=ML25052A163&oldid=5456415"