United Kingdom Nirex Limited CONTEXT NOTE. 4.5: Security. September 2005 Number:

Transcription

1 United Kingdom Nirex Limited CONTEXT NOTE 4.5: Security September 2005 Number:

2

3 CONTEXT NOTE 4.5: Security September 2005 Number:

4 Conditions of Publication This technical note is made available under Nirex s Transparency Policy. In line with this policy, Nirex is seeking to make information on its activities readily available, and to enable interested parties to have access to and influence on its future programmes. This document may be freely used for non-commercial purposes. However, all commercial uses, including copying and re-publication, require Nirex s permission. All copyright, database rights and other intellectual property rights reside with Nirex. Applications for permission to use this technical note commercially should be made to the Nirex Business Development Manager. Although great care has been taken to ensure the accuracy and completeness of the information contained in this publication, Nirex can not assume any responsibility for consequences that may arise from its use by other parties. United Kingdom Nirex Limited All rights reserved Bibliography If you would like to see other publications available from Nirex, a complete listing can be viewed at our website or please write to Corporate Communications at the address below, or info@nirex.co.uk. Feedback Readers are invited to provide feedback to Nirex on the contents, clarity and presentation of this report and on the means of improving the range of Nirex reports published. Feedback should be addressed to: Corporate Communications Administrator United Kingdom Nirex Limited Curie Avenue Harwell Didcot Oxfordshire OX11 0RH UK Or by to: info@nirex.co.uk

5 FOREWORD This Context Note is one in a series, prepared by United Kingdom Nirex Limited (Nirex), that summarises the issues, experience and status in each of 30 topic areas that are relevant to the phased development of a geological facility for the long-term management of intermediate-level and certain low-level radioactive waste in the UK the Nirex Phased Geological Repository Concept (PGRC). It is the view of Nirex that sufficient work has been done to demonstrate the viability of the generic Nirex Phased Geological Repository Concept: to support packaging advice; and to provide enough confidence to proceed with a site selection process in the UK. The aim of the Context Notes is to provide the documentation to support this view. The starting point for the notes has been an identification of issues based on extensive examination of reviews and published scrutiny of Nirex work and programmes over the past 20 years. This has been supplemented by more recent discussion meetings with knowledgeable and concerned organisations and discussion meetings within Nirex. The issues have been analysed according to their importance with respect to the future implementation of a geological repository in the UK, screened and sorted into topic areas. Then, for each topic, a Context Note has been prepared that presents the key issues, relevant experience, directions for further development and overall status in the topic area. The Context Notes are intended to provide a focus for discussion of issues and priorities of future work within Nirex, and as a means of communication to stakeholders. The Notes provide support to Nirex Report N/122, which presents an overview of the viability of the Nirex Phased Geological Repository Concept. 1

6 CONTENTS FOREWORD 1 1 INTRODUCTION 3 2 SECURITY TOPICS How is Security Regulated Nirex Generic PGRC Security Plan Why most security measures cannot be disclosed to the general public? How threats to security are identified and countered The current status of development of Security Plans Future Security 5 2

7 CONTEXT NOTE 4.5: SECURITY 1 INTRODUCTION The aim of this Context Note is to inform the reader that Nirex takes security very seriously and considers that integrated and well planned security measures are essential to counter a number of perceived threats which range from the malicious, through theft to irresponsible interference of radioactive waste at a planned radioactive waste repository. Security considerations are built into the design process and the operational planning, although specific details are not revealed since this would defeat their object. At each stage of security planning the Office for Civil Nuclear Security (OCNS) is consulted, for their approval and guidance, in their role as nuclear industry security regulator. The keys security issues and their evaluation are shown in Table 1. 2 SECURITY TOPICS 2.1 How is Security Regulated OCNS, which is part of the DTI, regulates the civil nuclear industry. On a day-to-day basis we are required to have a Company Security Policy, an IT Security Policy and Company Security Instructions in place as well as a Business Continuity Plan. These are routinely inspected by OCNS. Nirex is directed under Regulation 22(3)(b) and (c) of the Nuclear Industries Security Regulations 2003 SI 2003/403 by the Secretary of State for the Department of Trade & Industry (DTI) to: Adopt the security procedures and standards in force from time to time for the purpose of safeguarding sensitive nuclear information. This entails reference to the Classification Guide: The Physical Protection of Nuclear Materials (CWP/G8) issued by OCNS when originating protectively marked information. Also ensuring that all protectively marked information is safeguarded in accordance with the Manual of Protective Security issued by DCNSy (prior to becoming OCNS) in Apr 95. The Nuclear Industries Security Regulations 2003 were made under powers provided in the Anti-terrorism, Crime & Security Act 2001, an Act introduced as a direct result of the events in the USA on 11 Sep 01, as a result security requirements and standards were considerably tightened. This has had a corresponding impact on the release of and content of nuclear and security related information available to the general public. Nirex staff have all received briefings on the impact of the above legislation and its impact on our Transparency Policy. Nirex continues to publish as much information as possible and regularly challenges itself, its contractors and its shareholders on the need for a protective marking on information. The publication in June 2004 by OCNS of the document "Finding a Balance - Guidance on the Sensitivity of Nuclear and Related Information and its Disclosure" will go a long way to inform the general public and members of the industry of what can and cannot be released, more importantly the document gives reasons for non-disclosure. 3

8 2.2 Nirex Generic PGRC Security Plan The Company has a Security Plan for a Generic PGRC Design which has received interim approval by OCNS, it is being used now to ensure that: Basic security designs and measures are incorporated in the generic drawings and documents. Our generic document set remains within the law by not disclosing sensitive security information. Practical security measures required to counter known threats to a repository can be debated, researched and properly incorporated into the design. Markers are placed in the road map to prevent key security issues i.e. necessary security actions and appointments of security staff, from being overlooked. Security costings becoming more visible at an earlier stage. The different levels of physical security required for protecting Categories III, II and I waste are visible. Suitable assurance is given that security planning is advanced, designed in, stringently regulated and counters all perceived threats. 2.3 Why most security measures cannot be disclosed to the general public? In order to produce a Security Plan for a site holding a given type of radioactive waste, a threat assessment is carried out using information provided by OCNS (which is usually protectively marked SECRET). This information is obviously on limited dissemination. The specific security counter measures employed on a site attract a protective marking and would be rendered useless if disclosed to the general public. 2.4 How threats to security are identified and countered The potentially catastrophic consequences of malicious activity at civil nuclear facilities make it vitally important that security measures are both appropriate to the threat and fully effective. It is also important that resources are not wasted on ineffective or nugatory security measures. There is, therefore, a requirement for a definitive statement of the possible hostile activity and capability that could be faced by civil nuclear facilities. The Design Basis Threat (DBT), issued by the DTI s Office for Civil Nuclear Security (OCNS), meets this requirement for the United Kingdom. As the UK s independent regulator for civil nuclear security, the DTI s Director of Civil Nuclear Security (DCNS) has sole responsibility for establishing the DBT. However, if it is to be an effective guide to the operators, the DBT and the regulatory process that it supports must be reasonable and proportionate. The DBT should also, in so far as this is possible, reflect the concerns of all stakeholders. However, it is the responsibility of the DCNS to decide which hostile groups, types of activity and capabilities have to be countered by civil nuclear facilities subject to regulation. OCNS have a DBT as recommended in INFCIRC/225/Rev4. This document is a definitive compilation of physical protection measures for nuclear material drawn up by member States under the auspices of the International Atomic Energy Authority (IAEA). 4

9 The DBT: provides the basis for the design, implementation and management of security measures and systems by the regulated civil nuclear operators and site licensees; is used by OCNS to develop security standards and guidance, to evaluate the security plans of civil nuclear facilities, and to monitor compliance. The paper incorporates the comments on an earlier draft circulated widely within the industry and Government. The main body of the paper provides the rationale for the DBT. Its purpose is to set a framework, particularly of language, within which the DBT can be understood and accepted by all interested parties. The paper includes assessments of the threats produced by the Security Service, the police and other agencies, including information provided by foreign counterparts of OCNS. The paper considers: the consequences of malicious activity that are unacceptable to stakeholders; the threats that might create those unacceptable consequences; the risks to be managed. The DCNS, drawing on these assessments, decides which specific capabilities the operators and licensees must be able to counter. This is the Design Basis Threat proper. The DBT excludes hostile groups or capabilities that are judged by the DCNS not to be relevant to the civil nuclear industry in the UK, and takes account of the availability of countermeasures and other precautions provided by other, usually national, authorities (e.g. contingency arrangements to intercept hijacked aircraft) The current status of development of Security Plans Nirex has a Security Plan for a Generic PGRC which has received interim approval from OCNS. However, any change to the PGRC concept will result in the requirement to revise the existing Security Plan or, if necessary, the writing of a new one. Any such changes to the Security Plan will require approval from OCNS. The Security Plan follows a formula outlined at Annex A, Part One of the Nuclear Industries Security Regulations 2003, Guidance Document, issued by OCNS (which is protectively marked). Work is now underway to integrate the security measures in the approved Security Plan into the Generic PGRC layout drawings. 2.6 Future Security During the care and maintenance period, following emplacement and before closure, the waste may be easier to protect underground than in a surface store. This approach has several key advantages: An underground facility is more robust than a surface facility in respect of certain malicious threats, e.g. firing weapons at or attempting to steal waste or sabotage the facility. 1 Whole of Para 2.4 is the Management Summary of the OCNS, DTI paper on National Security & Civil Nuclear Facilities Developing the Design Basis Threat (protectively marked SECRET). 5

10 By placing the waste several hundred metres underground, the geological barrier created provides effective long term security resulting in a reduced need for an active security presence. If a future repository were to remain open this would detract from the security measures in place and considerably increase the running costs for the repository. In addition it would leave the repository vulnerable to human intrusion should there be a natural or man-made catastrophe or a breakdown in society. The level of cost of security (e.g. increased terrorism threat or issues of protest/reaction to decisions or activities) for all options would need to be continually assessed and revised as appropriate. Also security costs for all options need to be addressed in isolation of overall site security for active facilities as this will highlight the true cost of security when sites are being used purely for waste storage. 6

11 Table 1 Key Issues and Their Evaluation Issue Security is mandatory and therefore taken seriously Countering the threat of Terrorism/Theft/Sabotage Security of a deep repository versus surface storage Regulation of Security Evaluation The public need to be given assurances that the minimum security measures are planned into the Generic PGRC in order to secure the waste from misuse/theft/terrorism etc. Very real threats are countered by the Nirex Generic PGRC Security Plan. Detailed security measures are not published for obvious reasons. Access to radioactive waste stored underground is made very difficult due to the few number of controlled access points. Many more threats are viable to surface stores. Security of civil nuclear establishments is now governed by the NISR 2003 and regulated by OCNS Status The security measures required are in the NISR 2003 Technical Guidance Manual (Protectively marked RESTRICTED). Security measures factored into the Nirex Generic PGRC Security Plan are approved by OCNS. Reasoning is given in NISR 2003 and clarified to the public in the OCNS Finding A Balance guidance document on disclosure and non-disclosure of information. Another argument for accelerated implementation of deep geological repository projects has focused on national security, due to the reduced vulnerability of underground facilities to possible terrorist threats. Security measures are embedded in the generic design planning. 7

12

13 United Kingdom Nirex Limited Curie Avenue Harwell, Didcot Oxfordshire OX11 0RH t +44 (0) f +44 (0) e nirex.co.uk w