A New Approach For Assessing Operational Nuclear Security Performance. An Overview

Transcription

1 A New Approach For Assessing Operational Nuclear Security Performance An Overview

2

3 A New Approach for Assessing Operational Nuclear Security Performance - An Overview The Office for Nuclear Regulation has recently published its National Objectives, Requirements and Model Standards (NORMS) approach in the UK. One key development is that there is an increased emphasis on nuclear site operators to ensure their respective security arrangements are effective in mitigating the postulated threat. In parallel, there has been considerable development in security modelling and simulation. This has provided an opportunity to produce more resilient assessments and improved demonstration of active mitigation of threats. This short overview provides information on new techniques in modelling and simulation that have been piloted by the UK s National Nuclear Laboratory (NNL) as an early adopter for the UK nuclear industry and other UK utilisation. We describe current assessment approaches and explains a new approach to threat/vulnerability assessment. A brief summary is given of the outcomes of the NNL pilot study and the next steps that could be undertaken. Significant opportunities exist for the UK to participate in the further development of this area. NNL has recently presented a case study based on this overview to an International Modelling and Simulation Workshop organised by the World Institute for Nuclear Security (WINS), where a number of countries considering new nuclear build were represented. There is therefore considerable international as well as national opportunity for further development in this area. 3

4 Background In the UK, the emphasis of nuclear security compliance has recently changed from prescriptive regulation to outcome-based guidance and demonstration of compliance with continually high levels of operational security performance. On 29th October 2012, the Office for Nuclear Regulation (ONR) launched the new National Objectives, Requirements and Model Standards (NORMS) approach 1. The emphasis now being on Duty Holders to propose, justify, maintain and continually demonstrate their respective security arrangements are effective in mitigating the postulated threat. Current UK nuclear security regulations require nuclear site/tenanted site Duty Holders to undertake a security vulnerability assessment. The aim of the new regulations is to enable the Duty Holder to demonstrate to the regulator that it has adequately mitigated the anticipated threat of theft or sabotage of nuclear material, and/or the sabotage of nuclear facilities 2, 3. Basic processes for fulfilling these requirements have not changed for many years. Recently, particularly in the USA, techniques have been evolving towards an evidence or outcome-based understanding of nuclear security measures and challenging their inherent robustness under attack conditions by utilising computer modelling and simulation techniques to design, review and optimise the Physical Protection System (PPS) and help to improve situational human awareness and operational performance. This overview summarises a recent NNL pilot study to assess the potential for utilisation of a new computer-based quantitative modelling and simulation approach for assessing nuclear security performance and its application to a complex UK nuclear facility. The pilot study clearly demonstrated the benefits of adopting a more co-ordinated approach and a more effective analysis of security threats acknowledged and reviewed by Duty Holders. The study also illustrated how a more quantitative and measurable approach could be delivered to enable regulators to more readily assess Duty Holder s performance, consistency in approach and its successful mitigation of the threat. 1 ONR Press Release 29th October 2013 ONR rolls out new security guidance for industry ( hse.gov.uk/onr/2012/10/onr-rolls-out-new-securityguidance-to-industry/ ) 2 Nuclear Industry Security Regulations (NISR) 2003 Published by the Office for Nuclear Regulation (ONR), UK 3 Parliamentary Office of Science and Technology Assessing the risk of terrorist attacks on nuclear facilities Report 222 July 2004 ( documents/post/postpr222.pdf 4

5 Current Assessment Approaches Nuclear installations require robust physical protection commensurate with the postulated threat and the nuclear material involved. In nuclear security, the Physical Protection System (PPS) is assessed against a national security threat scenario defined in a document called the Design Basis Threat (or DBT as it is commonly referred to by the IAEA and others). In the UK the DBT is called the NIMCA 1. As part of this demonstration of security effectiveness, the Regulator requires a Vulnerability Assessment (VA) to be undertaken to show that the security arrangement, including facility design, are sufficient to mitigate the threat. In practice, Vulnerability Assessment is achieved via one or more of the following methods: A subject matter expert inspection / visual assessment Basic numerical spreadsheet assessment Utilisation of an Adversary Sequence Diagram (ASD) Another similar basic quantitative approach for assessment Dedicated computer software-based assessment (EASI method, Systematic Analysis of Vulnerability to Intrusion (SAVI), Analytic System and Software for Evaluating Safeguards and Security (ASSESS), Joint Combat and Tactical Simulation (JCATS), or other developing computer-based software offerings that only fulfil some of the criteria of the new approach 2 1 Nuclear Industry Malicious Capabilities (Planning) Assumptions (NIMCA) Published by the Office for Nuclear Regulation (ONR), UK 2 Security Risk Assessment and Management: A Professional Practice Guide for Protecting Buildings and One or more of these techniques could be used to assess the overall security effectiveness of the facility. While any of these alternative approaches can be used, they do not provide the same level of 3D facility visualisation, modelling and simulation and full 3D multipath analysis as the new approach used by the NNL as part of the pilot study. Neither are they based on a comprehensive 3D model/terrain graded numerical approach for dynamic assessment. The approach used by NNL is capable of evaluating the Adversary threat against the PPS and the effectiveness of the Response Force in three dimensions. It also provides an overall graphical and statistical assessment of Security/System Effectiveness and considerable visualisation of tactics, variants, outcomes, and supporting analysis information for oversight, assurance, audit, and comparability purposes. The emphasis of nuclear security compliance has recently changed from prescriptive regulation to outcome-based guidance and demonstration of compliance with continually high levels of operational security. Infrastructures. Betty E. Biringer, Rudolph V. Matalucci, Sharon L. O Connor. John Wiley and Sons 5

6 A New Approach to Threat Assessment Using a new modelling and simulation computer-based approach alongside the traditional approach used to date to evaluate a complex (but typical) nuclear security regulated UK nuclear facility; NNL was able to fulfil the early adopter role. Through this approach the aims were to: Learn how well the approach worked (in embedding UK regulatory requirements, NIMCA and other national criteria alongside a complex 3D model of the facility) what if scenarios (eg the guard numbers, weapons, response forces could be changed, extra physical measures added (doors, camera, alarm, fences) for deriving better accuracy of alternatives and their associated cost/benefit analysis. The cost analysis aspect was not examined in detail in the pilot study. However, it was recognised that given standard costing criteria this could be a relatively straightforward task for the new approach to address. Analyse the facility performance Analyse the results Summarise the study findings of the benefits for wider NNL, nuclear industry and UK utilisation in future The pilot study assembled all the necessary background information into a fully combined and integrated 3D model. Four test threat scenarios were chosen to attempt to challenge the approach from different security design perspectives. After running the overall analysis for the four scenarios and reviewing the results, design parameters were changed and the model scenarios were re-run in order to review the revised results and the impact the changes had made. To examine the approach in more detail, a specific threat scenario from the original four was chosen to be subjected to a more detailed sensitivity analysis review. This is where parameters are only slightly varied to assess the varying impact on overall system effectiveness and could be used to assess and compare The approach followed by NNL in its pilot study could represent a seachange in the way UK nuclear security vulnerability is assessed for compliance in future 6

7 Pilot Study Results Although the Study Team were new to the approach and had previously only had a week of training, the approach was successful in delivering a working 3D facility model of the chosen facility and comparable results to show system effectiveness and its variance across the four threat scenarios chosen. In summary, the new approach could readily use and change the model to: Suit different/new threat scenarios, tactics, guard manning levels Consider facility construction/operational phasing/temporary arrangements (deviation from normal regulatory compliance) of security and its VA impact Address practical changes to physical security measures/guarding/weapons (also assess before you implement may prove extremely helpful for operating sites/facilities assessing planned or potential site change) Analyse for what if variants (or undertaking sensitivity analysis) Provide a focal point for common debate of the approaches/demonstrate compliance, and run live model simulation showing attack/ defence Figure 1: Nuclear security quantitative modelling and simulation process used by the NNL pilot study (Image courtesy of ARES Corporation) 7

8 Pilot Study Results cont. Figure 2: Screenshot of modelling and simulation, approach (Image courtesy of ARES Corporation) Since the pilot study has been completed the study team has also completed a number of further activities to better understand and enhance the prospect of using the modellingbased approach for performance assessment and security compliance at a national level. These activities included: Preparation of further what if physical protection alternatives/evaluation for the pilot study area Preparation of a draft approach for standardisation of National Threat Scenarios Preparation of a draft National Guard Force Performance Specification in partnership with the Civil Nuclear Constabulary Preparation of a 1st draft of a National PPS Performance Specification 8

9 Conclusions and Next Steps The pilot study undertaken by the NNL study team has proven the viability of the new modelling and simulation approach to give both the Duty Holder and the Regulator a new and common methodology for the assessment of nuclear security performance. This will enable the Duty Holder to ensure that the new approach is: Effectively mitigating the defined and changing threats Ensuring security threats are operationally reviewed and effectively demonstrating a continual high state of readiness Identifying the most cost effective solutions to meet its operational responsibilities and regulatory requirements Giving reliable and consistent assurance of all national nuclear activities to the regulator, state and hence to the public The approach followed by the NNL in its pilot study could represent a sea-change in the way UK nuclear security vulnerability is assessed for compliance in future. The NNL pilot study team have successfully demonstrated the application of the modelling and simulation approach on a complex and in nuclear security terms, very challenging UK nuclear facility. This approach could bring real benefits for the security of other UK nuclear installations / critical national infrastructure and further assist the resources who are responsible for their on-going protection. Next Steps The suggested areas of further work identified by the study are: Undertake a wider industry study for a typical nuclear licensed site to further evaluate the applicability and value of the approach and threat mitigation against the NIMCA/NORMS requirements Undertake site trials to obtain and verify performance/input data in the Data Library and re-verify computational results Undertake a series of industry/regulator workshops to further explore methodologies for consolidated reporting of nuclear security performance results from this type of modelling and simulation approach in the national best interest Further develop the excellent work carried out in partnership with the CNC in relation to the National Guard Force Performance Specification and the PPS Performance Specification This approach could bring real benefits for the security of other UK (and international) nuclear installations. 9

10 Further Reading HM Government Industrial Strategy: government and industry in partnership Building Information Modelling (BIM) innovation/docs/b/ buildinginformation-modelling HM Government Industry Strategy: government and industry in partnership The UK s Nuclear Future Pages 44 and system/uploads/attachment_data/file/168048/ bis nuclear-industrial-strategy-the-uksnuclear-future.pdf Bim4nuclear BIM Working Group for the nuclear industry uploads/2013/04/weekly-communications- Update-WE-25th-April-2013.pdf HM Government Reducing regulation made simple Less regulation, better regulation and regulation as a last resort December 2010 Better Regulation Executive Department of Business, Innovation and Skills (BIS) IAEA INFCIRC PDF/Pub1481_web.pdf HM Government Department of Energy and Climate Change (DECC) Nuclear security Mission to Sellafield and Barrow completed Press Notice 11/089 28th October 2011 DECC news/pn11_089/pn11_089.aspx The Royal Society Fuel cycle stewardship in a nuclear renaissance October Royal_Society_Content/policy/ projects/nuclear-non-proliferation/ FuelCycleStewardshipNuclearRenaissance.pdf IAEA Nuclear Security Plan 2010 to 2013 IAEA Ref GOV/2009/54 GC(53)/18 17th August 2009 Page 3 Bullet 1 GC53Documents/English/gc53-18_en.pdf Best Practice in Nuclear Security and the Role of the World Institute for Nuclear Security (WINS), Dr Roger Howsley, Executive Director, WINS. Summary Paper from the Nuclear Industry Summit Seoul, South Korea, Spring 2012 Page 3 Interface between Safety and Security WINS%20TEXT.pdf Time for an Integrated Approach to Nuclear Risk Management, Governance and Safety / Security / Emergency Arrangements WINS 10

11

12 Winner , Highly Commended 2009, th Floor Chadwick House Warrington Road Birchwood Park Warrington WA3 6AE T. +44 (0) E. W.