[House Hearing, 108 Congress]
[From the U.S. Government Publishing Office]
HOMELAND SECURITY: MONITORING NUCLEAR POWER PLANT SECURITY
=======================================================================
HEARING
before the
SUBCOMMITTEE ON NATIONAL SECURITY,
EMERGING THREATS AND INTERNATIONAL
RELATIONS
of the
COMMITTEE ON
GOVERNMENT REFORM
HOUSE OF REPRESENTATIVES
ONE HUNDRED EIGHTH CONGRESS
SECOND SESSION
__________
SEPTEMBER 14, 2004
__________
Serial No. 108-265
__________
Printed for the use of the Committee on Government Reform
Available via the World Wide Web: http://www.gpo.gov/congress/house
http://www.house.gov/reform
______
U.S. GOVERNMENT PRINTING OFFICE
98-358 WASHINGTON : 2005
_____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; (202) 512�091800
Fax: (202) 512�092250 Mail: Stop SSOP, Washington, DC 20402�090001
COMMITTEE ON GOVERNMENT REFORM
TOM DAVIS, Virginia, Chairman
DAN BURTON, Indiana HENRY A. WAXMAN, California
CHRISTOPHER SHAYS, Connecticut TOM LANTOS, California
ILEANA ROS-LEHTINEN, Florida MAJOR R. OWENS, New York
JOHN M. McHUGH, New York EDOLPHUS TOWNS, New York
JOHN L. MICA, Florida PAUL E. KANJORSKI, Pennsylvania
MARK E. SOUDER, Indiana CAROLYN B. MALONEY, New York
STEVEN C. LaTOURETTE, Ohio ELIJAH E. CUMMINGS, Maryland
DOUG OSE, California DENNIS J. KUCINICH, Ohio
RON LEWIS, Kentucky DANNY K. DAVIS, Illinois
TODD RUSSELL PLATTS, Pennsylvania JOHN F. TIERNEY, Massachusetts
CHRIS CANNON, Utah WM. LACY CLAY, Missouri
ADAM H. PUTNAM, Florida DIANE E. WATSON, California
EDWARD L. SCHROCK, Virginia STEPHEN F. LYNCH, Massachusetts
JOHN J. DUNCAN, Jr., Tennessee CHRIS VAN HOLLEN, Maryland
NATHAN DEAL, Georgia LINDA T. SANCHEZ, California
CANDICE S. MILLER, Michigan C.A. ``DUTCH'' RUPPERSBERGER,
TIM MURPHY, Pennsylvania Maryland
MICHAEL R. TURNER, Ohio ELEANOR HOLMES NORTON, District of
JOHN R. CARTER, Texas Columbia
MARSHA BLACKBURN, Tennessee JIM COOPER, Tennessee
PATRICK J. TIBERI, Ohio BETTY McCOLLUM, Minnesota
KATHERINE HARRIS, Florida ------
------ ------ BERNARD SANDERS, Vermont
(Independent)
Melissa Wojciak, Staff Director
David Marin, Deputy Staff Director/Communications Director
Rob Borden, Parliamentarian
Teresa Austin, Chief Clerk
Phil Barnett, Minority Chief of Staff/Chief Counsel
Subcommittee on National Security, Emerging Threats and International
Relations
CHRISTOPHER SHAYS, Connecticut, Chairman
MICHAEL R. TURNER, Ohio
DAN BURTON, Indiana DENNIS J. KUCINICH, Ohio
STEVEN C. LaTOURETTE, Ohio TOM LANTOS, California
RON LEWIS, Kentucky BERNARD SANDERS, Vermont
TODD RUSSELL PLATTS, Pennsylvania STEPHEN F. LYNCH, Massachusetts
ADAM H. PUTNAM, Florida CAROLYN B. MALONEY, New York
EDWARD L. SCHROCK, Virginia LINDA T. SANCHEZ, California
JOHN J. DUNCAN, Jr., Tennessee C.A. ``DUTCH'' RUPPERSBERGER,
TIM MURPHY, Pennsylvania Maryland
KATHERINE HARRIS, Florida JOHN F. TIERNEY, Massachusetts
DIANE E. WATSON, California
Ex Officio
TOM DAVIS, Virginia HENRY A. WAXMAN, California
Lawrence J. Halloran, Staff Director and Counsel
J. Vincent Chase, Chief Investigator
Robert A. Briggs, Clerk
Andrew Su, Minority Professional Staff Member
C O N T E N T S
----------
Page
Hearing held on September 14, 2004............................... 1
Statement of:
Matthiessen, Alex, Director, Hudson Riverkeeper, Garrison,
NY; David Lochbaum, Union of Concerned Scientists,
Washington, DC; and Marvin Fertel, vice president and chief
nuclear officer, Nuclear Energy Institute, Washington, DC.. 115
Reyes, Luis, Executive Director of Operations, Nuclear
Regulatory Commission, accompanied by Roy P. Zimmerman,
Director, Office of Nuclear Security and Incidence
Response, Nuclear Regulatory Commission.................... 32
Wells, Jim, Director, Natural Resources and Environment,
Government Accountability Office, accompanied by Raymond H.
Smith, Jr. Assistant Director; and Kenneth E. Lightner,
Jr., Senior Analyst........................................ 73
Letters, statements, etc., submitted for the record by:
Fertel, Marvin, vice president and chief nuclear officer,
Nuclear Energy Institute, Washington, DC, prepared
statement of............................................... 149
Kucinich, Hon. Dennis J., a Representative in Congress from
the State of Ohio:
Letter dated August 18, 2004............................. 30
Letter dated August 19, 2004............................. 22
Prepared statement of.................................... 4
Lochbaum, David, Union of Concerned Scientists, Washington,
DC, prepared statement of.................................. 141
Maloney, Hon. Carolyn B., a Representative in Congress from
the State of New York, prepared statement of............... 13
Matthiessen, Alex, Director, Hudson Riverkeeper, Garrison,
NY, prepared statement of.................................. 119
Reyes, Luis, Executive Director of Operations, Nuclear
Regulatory Commission, prepared statement of............... 35
Shays, Hon. Christopher, a Representative in Congress from
the State of Connecticut, prepared statement of............ 19
Wells, Jim, Director, Natural Resources and Environment,
Government Accountability Office, prepared statement of.... 77
Zimmerman, Roy P., Director, Office of Nuclear Security and
Incidence Response, Nuclear Regulatory Commission:
Information concerning force-on-force exercises.......... 110
Information concerning licensee employees................ 108
HOMELAND SECURITY: MONITORING NUCLEAR POWER PLANT SECURITY
----------
TUESDAY, SEPTEMBER 14, 2004
House of Representatives,
Subcommittee on National Security, Emerging Threats
and International Relations,
Committee on Government Reform,
Washington, DC.
The subcommittee met, pursuant to notice, at 10:05 a.m., in
room 2247, Rayburn House Office Building, Hon. Christopher
Shays (chairman of the subcommittee) presiding.
Present: Representatives Shays, Platts, Duncan, Kucinich,
Sanders, Maloney, Ruppersberger, Tierney, and Watson.
Staff present: Lawrence Halloran, staff director and
counsel; J. Vincent Chase, chief investigator; Robert A.
Briggs, clerk; Andrew Su, minority professional staff member;
and Jean Gosa, minority assistant clerk.
Mr. Shays. A quorum being present, the Subcommittee on
National Security, Emerging Threats and International Relations
entitled Homeland Security: Monitoring Nuclear Power Plant
Security is called to order.
I have a statement. I am going to catch my breath, and I am
going to ask the ranking member to start, and then I will make
my opening statement.
Mr. Kucinich. I want to thank the chairman, as always, for
his diligence in matters of security in calling these hearings
and indicate my appreciation for the attention that you pay to
these matters.
Good morning to the Chair and members of the subcommittee
and to our witnesses here today. I welcome this opportunity to
discuss nuclear security in open session. As both Congress and
the public have been stymied for far too long and getting
truthful answers to many questions we have about nuclear safety
and security.
Three years ago, two incidents shook the faith of the
American people in our security. The first, of course, was the
tragic attack on our country by terrorists on September 11.
The other less-known incident was the hidden problem going
on at the Davis-Besse nuclear reactor in Ohio. These are the
facts.
In February 2001 the Nuclear Regulatory Commission began
investigating an aging mechanism that often caused cracking in
reactors. As a result of these findings in late 2001, the NRC
determined that the Davis-Besse plant was at risk and should
shut down by December 31, 2001. FirstEnergy, the plant owner,
resisted the order, claiming it should stay open without
incident until March 2002. FirstEnergy argued that a shutdown
would cause an unnecessary financial burden.
Rather than following its own safety procedures and
shutting down Davis-Besse, the NRC relented and allowed the
plant to operate until February 2002. After the Davis-Besse
plant had been shut down, workers repairing one of five cracked
control rod nozzles discovered extensive damage to the reactor
vessel head. The workers found a large corroded hole the size
of a football in the reactor vessel head next to one of the
nozzles. The GAO concluded in a scathing report on May 2004
that the risk estimate used by the NRC to decide whether the
plant needed to be shut down was flawed.
The NRC severely underestimated the risk Davis-Besse posed,
even exceeding risk levels generally considered acceptable by
the Agency. The GAO report shows that the NRC was ill-equipped,
ill-informed, and far too slow to react. The NRC's reaction to
Davis-Besse was inadequate, irresponsible and left the public
at great risk.
The NRC later reported that the plant might have been as
close as 60 days to bursting its rust, damaged lid.
Fortunately, the health of tens of thousands of Ohio residents
was not harmed, but this was a disaster waiting to happen.
Let's talk about security.
So, Mr. Chairman, it's very difficult for me to sit here
today and to listen without objectivity as the NRC and the
nuclear industry lobbyists tell us how much has been spent, how
much security has improved in the last 3 years. The facts and
independent experts tell us differently.
For example, we know that one security firm, Wackenhut,
provides nearly half of the guard forces at our Nation's
nuclear sites. Yet, as was documented by the Department of
Energy's Inspector General, the report in January of this year
questions surround Wackenhut's competency and objectivity to
fulfill this crucial mission. The DOE Inspector General found
that in simulation attack drills, Wackenhut attackers told the
Wackenhut guard defenders the buildings that were being
attacked, the targets at those buildings and whether a
diversionary tactic would be used.
The IG also noted an industry-funded study found that as
many as 50 percent of the guard forces in a New York plant did
not meet physical fitness requirements, guards reported for
duty drunk, worked 70 to 80 hours per week and were allowed to
repeat weapons qualifying tests until they passed them.
In spite of this poor record, and obvious conflict of
interest, the commercial industry still decided to hire
Wackenhut to provide the attack teams in force-on-force drills
at NRC commercial sites. This could be called a case of the fox
guarding the hen house and anyone with a shred of common
sense--it's a poor decision. It undermined public trust and
raises serious questions on who is making the decisions at the
NRC. Understandably, the NRC has decided that the less it says
the better. It has polled public security information from its
Web site. It has restricted public access by public interest
groups to information by requiring none disclosure forms or
thorough reclassification, even if the information was
previously unclassified.
Mr. Chairman, I would like to submit two documents for the
record. The first is a letter from Public Citizen to the NRC
dated August 19th; and the second is a Freedom of Information
Act request submitted by a coalition of public interest groups
dated August 18th. Both documents question the rational behind
the NRC's announcement in August 2004 that ``certain security
information formally included in the reactor oversight process
will no longer be publicly available and will no longer be
updated in the NRC's Web site.''
The same information, including performance indicators and
physical inspection information, was available on the NRC Web
site after September 11. It was temporarily pulled from the Web
site for review and returned to it after it was deemed to have
no value to potential terrorists.
What has changed to make this information unacceptable for
public review? Since the NRC won't hold public hearings, it's
up to this subcommittee to find out. Mr. Chairman, we all know
that these nuclear plants are decades old and they are
decaying. Yet despite the billions of dollars spent to upgrade
security at these nuclear plants, the NRC clearly has a long
ways to go before it can restore public trust in its position.
I have to wonder if an incident such as if this happened at
Davis-Besse in Ohio happened today, whether the NRC would tell
us about it. The NRC should work to allay public fears about
public safety not to foster them. I really look forward to
hearing your testimony. Thank you.
[The prepared statement of Hon. Dennis J. Kucinich
follows:]
[GRAPHIC] [TIFF OMITTED] T8358.001
[GRAPHIC] [TIFF OMITTED] T8358.002
[GRAPHIC] [TIFF OMITTED] T8358.003
[GRAPHIC] [TIFF OMITTED] T8358.004
[GRAPHIC] [TIFF OMITTED] T8358.005
[GRAPHIC] [TIFF OMITTED] T8358.006
Mr. Shays. Thank you, gentlemen. At this time the Chair
would recognize Mr. Turner.
Mr. Turner. Thank you, Mr. Chairman.
Mr. Chairman, I want to thank you for your leadership in
reviewing the issues of our terrorist attack preparedness, both
at our nuclear weapons facilities and our power plants; in your
efforts in reviewing our terrorist attack preparedness both of
in our nuclear weapons facilities and our power plants; and
your efforts in reviewing terrorist attack preparedness of
making America's families safer.
The security of nuclear facilities--both weapons facilities
and power plants, is an issue this committee has examined
through several hearings. In dealing with the security of
nuclear weapons facilities, the subcommittee has learned that
DOE needs to update its designed basis threat to meet the
current security situation, including upgrading equipment,
training and its security force.
Our nuclear power plants, though they don't contain
weapons, are just as important to protect. They are designed
and built to withstand many natural disasters. But we must make
sure as a Nation that we do all we can to protect these energy
sources from foreseeable attack.
In earlier hearings, we found that DOE has not developed as
strong a relationship with DOD in regard to the sharing of
resources and information. I look forward from hearing from our
witnesses today concerning issues of coordinations of their
efforts with DOD and other Federal agencies, and whether they
are taking all available steps and precautions to ensure that
the proper equipment is available to secure these nuclear power
plants.
Thank you, Mr. Chairman.
Mr. Shays. I thank the gentleman.
The Chair would recognize Carolyn Maloney.
Mrs. Maloney. Thank you.
Well, first of all, Chairman Shays, I want like to thank
you for your consistent oversight on terrorism and ways to make
our country safer. I think you have really done an outstanding
job. I thank you on behalf of my constituents.
I would like to welcome all of our witnesses, particularly
Mr. Alex Matthiessen, director of the Hudson Riverkeeper from
the State of New York.
The purpose of this hearing is to discuss how adequate are
the security measures recommended by the Nuclear Regulatory
Commission to protect power plants from terrorist attacks. We
know that since September 11, there have been some positive
steps, but 3 years later, many still have serious and well-
founded concerns about the safety of our nuclear power plants.
Required preparations for attacks are specified in the
classified design basis threat, the DBT. And a new DBT for
nuclear plants is set to be implemented by the end of next
month by updating requirements are welcomed. There are several
concerns about the thoroughness and implementation of the DBT.
One of the greatest concerns is that these new security
requirements do not include an analysis on the impact of an
attack similar to the one on the World Trade Center. The NRC
has announced that this review is underway, but no analysis has
been completed. This is 3 years later, and I want to know why.
I absolutely do not understand why it has not been done
when we know that after the September 11 attacks and after the
9/11 Commission reported, that on the list of initial targets
proposed by al Qaeda leaders, included planes attacking and
flying into nuclear power plants. Khalid Shaikh Mohammed
recommended that, and that's spelled out in the 9/11 Commission
report.
I would like to hear from our witnesses on the status this
analysis. It's a very serious threat to our country. Not only
does this plan not include the threat of an aviation attack.
The GAO found that it will take several more years before the
NRC will have assurances that the plants are protected against
the terrorist threats--included in the new DBT--and they will
not have detailed knowledge about security at individual
facilities to insure that these plants provide the protections
included in the DBT.
My understanding, based on the submitted testimony of the
GAO, that this is caused because the NRC's review of the new
security plans has been rushed largely superficial and because
the NRC reviewers are not visiting the plants to obtain details
about the plants and view how they work with the plants
facilities.
Additionally, I am told it will take up to 3 years for the
NRC to test implementation of all the new plans through the
force-on-force exercises. And I would like to hear more from
the witnesses on these shortcomings.
Regarding the force-on-force exercises, I am interested to
hear from the NRC and the Nuclear Energy Institute on the
implementation of these exercises.
Earlier this year NEI chose Wackenhut security to provide
the attack teams in the force-on-force drills at NRC commercial
sites. And we just heard from Mr. Kucinich, an outline of many
of the problems there. They did provide security at Indian
Point No. 2 nuclear power plant, which is less than 35 miles
from the district that I represent.
The utility Interenergy, that had recently acquired the
plant, hired a consultant to conduct a probe of security at the
facility and found Wackenhut lacking dramatically. I have a
list of problems they had. Only 19 percent of the security
officers stated that they could adequately defend the plant.
And I would like to place all of them in the record.
But they have not improved from there, and Interenergy
subsequently terminated Wackenhut's contract as a result of
their findings. I would like to put the findings in the record
to save time----
Additionally, Wackenhut provides security for close to half
of all of the nuclear power plants now. And by allowing them to
provide the attack teams on a company with a troubling record
will be basically having Wackenhut police themselves--and I
refer again to the testimony of Mr. Kucinich--where they were
telling them where they were going to attack and etc.
So I think that this is worse than the so-called fox
guarding the hen house that Mr. Kucinich referenced. It is not
an apparent conflict of interest, but a blatant conflict of
interest. And they definitely should not be the ones doing the
attack.
Finally, the testimony submitted by GAO states, and it was
very, very troubling, ``the NRC does not plan to make
improvement to their inspection program that GAO previously
recommended and still believes is absolutely necessary. So
first of all, I want to know why they are not going to make the
improvements that GAO recommended. For example, NRC is not
following up to verify that all violations of security
requirements are corrected.''
And I would like an explanation from the NRC on this
important question, and why they do not plan to follow some of
the recommendations that the GAO believes is so necessary. So I
thank the chairman for this oversight hearing. It's important
and I yield back the balance of my time.
[The prepared statement of Hon. Carolyn B. Maloney
follows:]
[GRAPHIC] [TIFF OMITTED] T8358.007
[GRAPHIC] [TIFF OMITTED] T8358.008
Mr. Shays. I thank the gentlelady.
At this time the Chair would recognize John Duncan from
Tennessee.
Mr. Duncan. Thank you, Mr. Chairman.
I remember a few days after the original and horrible
events of September 11, I was eating dinner and meeting with
several Members of the House. And Congressman Callahan, who at
that point was a senior member of the Appropriations Committee,
estimated that we would spend--he said over $1\1/2\ trillion
over the next 5 years on security measures. I thought then that
his estimate was extremely high. No one challenged him on it.
But I know that just a couple of months ago, Federal
Express--just one company--said they spent an extra $200
million on security that they wouldn't have spent.
After the last hearing on this subject, I sent letters to
five Department of Energy laboratories and BWXTY 12 just to ask
them how much their security measures had increased. I got back
these responses. And a 40 percent increase in security spending
on Oak Ridge National Laboratory, a 51 percent increase at the
Savannah River National Laboratory, 50 percent increases at
Argon and a separate 50 percent increase at BWXTY-12.
In addition, we checked with the Tennessee Valley
Authority, and their security spending has gone up by 60
percent since September 11, and that doesn't count $30 million
extra that they spent after some Nuclear Regulatory Commission
ordered some special measures after April 2003.
Security is very, very important, and I don't know if
Congressman Callahan was way off on his $1\1/2\ trillion, but
there are always companies, there are all kinds of security
companies now that have gotten into this market and are doing
everything they can to sensationalize and scandalize these
matters and exaggerate the problem so that they can make more
money.
And I am not saying not do anything with regard to
security. But if you stop to think about it, if we do--if
Congressman Callahan was anywhere close to being right--that's
$1 trillion or $1\1/2\ trillion that we are not spending on
schools, medical research, highways to cut down on the deaths
on our Nation's highways, or many, many other good things,
whether you might like libraries, national parks or whatever.
And I think back to former Governor Gilmore of Virginia,
who was the chairman of the Commission on Terrorism that the
President appointed. After his Commission studied the issue of
terrorism, he sent this in a cover letter with their reporting,
and Governor Gilmore said there will never be 100 percent
guarantee of security for our people, the economy and our
society. We must resist the urge to seek total security. It is
not achievable and drains our attention from those things that
can be accomplished.
I just think that we have to make sure that we take serious
steps about security, but we also have to make sure that we
don't give terrorists undeserved victories by going totally
ridiculously overboard on this and that we don't do it simply
because there's some companies out here that want to make some
more money.
So, with that, I think it's good to keep holding these
hearings to make sure that we do have a reasonable and rational
response to some of these problems.
Thank you, Mr. Chairman.
Mr. Shays. I thank the gentleman.
At this time the Chair would recognize Mr. Ruppersberger
from Maryland.
Mr. Ruppersberger. First, Chairman Shays, I agree with Mrs.
Maloney that you have done an excellent job as leader this
committee and brings a lot of problems as it relates to
national security to the attention of this committee. I just
hope that as a body of Congress we can hope implement some of
the issues that we have learned in these hearings.
The issue of security with respect to nuclear plants, we
know that it's very, very important. Our intelligence shows
that al Qaeda clearly has made our nuclear plants a target and
that was also confirmed in the 9/11 Commission. Now, one of my
areas of concern is, first, the issue of privatization and how
we manage privatization. I don't have an issue with
privatization. It works sometimes. Other times, it is not
necessary when we deal with government.
If you are going to privatize, whether it's Wackenhut's
name has been mentioned today or anyone else. If we are going
to pay to have someone other than government deal with the
issue, we want efficiency and we want accountability.
It seems to me that part of the NRC's responsibility is to
hold all privatization, such as Wackenhut, accountable for
performance. You read in here that people are coming to work
intoxicated or they are not prepared or they don't have the
physical standards, that concerns me. That's our fault too as
the government or NRC because we have not held them liable.
Now, one of my concerns is the issue of consistency in
national policies and the regulation of nuclear power plants.
This seems to be some conflict between the NRC regulatory
abilities versus the privatized operations of the nuclear and
commercial entities themselves.
The security standards have already been changed, for
example. We have a new design-based threat. DBT formula, which
should be a good thing. The required force-on-force exercises
have been increased to once every 3 years instead of every 8
years. That's a good thing. The NRC has also issued more orders
regarding augmenting barricades, security forces, patrols and
restrict plant access.
The Nuclear Energy Institute has claimed an increase of $16
million per site toward security. Despite these changes,
however, the reality of lapses in the security provided by and
controlled through private industry remains.
And I believe it will take real partnerships to resolve
many of the critical changes we face in protecting nuclear
sites. We must work toward resolving this situation without
putting undue cost pressure upon the industry itself. I believe
we as the government need to do better and working with the
nuclear industry regarding threats and intelligence
information. We need a true working partnership that provides a
more thorough examination of how information is classified by
NRC.
We must not compromise secure security for public
disclosure, but there must remain a balance for the industry to
help keep industries secure these nuclear sites.
Thank you.
Mr. Shays. I thank the gentleman.
At this time, Ambassador Watson, you have the floor.
Ms. Watson. I just want to emphasize our role, Mr.
Chairman, as the overseers, and I think that oversight has been
lagging in the last session. I thank you for bringing to our
attention this subject matter, but we are failing in our
responsibility if we don't call in our witnesses, raise the
right questions, and be sure they are performing in a
responsible way. So thank you so very much.
I think that our national security depends on the
protection of our nuclear power plants, and what I have heard
thus far in other hearings, tells us we have a lot to be
worried about. So I hope that we will get new information in
this hearing that will be helpful.
Thank you, Mr. Chairman.
Mr. Shays. I thank the gentlelady and appreciate her
comments as well as all of the other Members.
I would like to put my statement on the record as well and
say that 3 years ago, the vulnerability of high-value
structures to low-tech attack was seared in our national
memory. Images of the collapsing Twin Towers and a smoldering
hole in the Pentagon forced an assessment of safeguards and
vulnerabilities at other critical facilities, including nuclear
power plants.
That assessment prompted some immediate steps by the
Nuclear Regulatory Commission, the NRC, to strengthen security
at the Nation's 65 reactor sites. Last year, we heard testimony
from the NRC, the Government Accountability Office, GAO and
others describing post-September 11 efforts to update security
policies and practices to meet a dynamic new threat
environment. But much of that testimony raised as many
questions as were answered about the rigor of the NRC
regulatory process, the realism of emergency response planning,
the willingness of reactor operators to meet new security
mandates and the pace of needed change.
So we asked the GAO to monitor implementation of nuclear
counterterrorism enhancements, including some recommended in
earlier GAO reviews. Their initial findings depict a lengthy
process that risk becoming more theoretical than actual. A new
protection standard--or design basis threat--was not issued
until April 2003. A rushed review of facility plans
implementing the DBT could be completed next month. But that
has been formulaic, wholly paper exercise. The NRC will not
have complete, site-specific data, from force-on-force
exercises to validate upgraded security plants for 3 more
years. Even then, there may be no reasonable assurance plants
are adequately protected.
Suddenly--I think I am even one of them--the new DBT
understates the true level of risk, meaning that security
plants will have to be modified and tested again. Despite
persistent efforts by reactor operators and regulators to
minimize the risks of containment breach or spent fuel
sabotage, surrounding communities and those further down wind,
take little comfort from a cosy indulgent regulatory process
that looks and acts very much like business as usual.
Findings of security violations, illicit promises of,
correction, but little NRC followup. Emergency response plans
may not be current. Lessons learned are not shared. And a
proposal to hire an attacking force from the same company used
to protect several plants raises legitimate concerns about the
integrity of future mandatory force-on-force exercises. There
is no question nuclear power plants remain of abiding interest
to terrorists.
However, real questions remain. How and when the
seriousness of that threat will be fully reflected in the
substance and speed of critical countermeasures.
As we continue to pursue these questions, the subcommittee
sincerely appreciates the experience and expertise brought to
the discussion by all our witnesses. We look forward to their
testimony.
Taking care of some general business, I ask unanimous
consent that all members of the subcommittee be permitted to
place an opening statement in the record and that the record
remain open for 3 days for that purpose.
Without objection, so ordered.
I ask further unanimous consent that all witnesses be
permitted to include their written statements in the record and
without objection, so ordered.
[The prepared statement of Hon. Christopher Shays follows:]
[GRAPHIC] [TIFF OMITTED] T8358.009
[GRAPHIC] [TIFF OMITTED] T8358.010
Mr. Kucinich. Mr. Chairman.
Mr. Shays. Yes.
Mr. Kucinich. These are the letters I would ask to be
entered into the record.
Mr. Shays. This is from the Union of Concerned Scientists
without objection dated August 19th. We will add that to the
record.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T8358.011
[GRAPHIC] [TIFF OMITTED] T8358.012
[GRAPHIC] [TIFF OMITTED] T8358.013
[GRAPHIC] [TIFF OMITTED] T8358.014
[GRAPHIC] [TIFF OMITTED] T8358.015
[GRAPHIC] [TIFF OMITTED] T8358.016
[GRAPHIC] [TIFF OMITTED] T8358.017
Mr. Kucinich. There is a letter right behind the it.
Mr. Shays. There is a letter right behind it. Let's get
that one.
Mr. Shays. And then a letter from Public Citizen dated
August 18th. Both will be put in the record and without
objection so ordered.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T8358.018
[GRAPHIC] [TIFF OMITTED] T8358.019
Mr. Shays. We have and we are grateful to have our first
panel, Mr. Luis Reyes, executive director of operations of the
Nuclear Regulatory Commission and Mr. Roy P. Zimmerman,
director, Office of Nuclear Security and Incidence Response,
Nuclear Regulatory Commission.
What we are going to do is we are going to have them make
their statements. We will go through a 5-minute round of
questioning. We are then going to have the GAO make their
statement, ask them questions and then do a second round to our
first panel separately afterwards. We appreciate our first
panel being willing to do it. It's to everyone's advantage to
have that kind of dialog, and that makes me feel good that you
recognize that and I appreciate it.
So with that, we would ask you to stand and swear you in as
we swear all our witnesses.
[Witnesses sworn.]
Mr. Shays. Note for the record our witnesses are responding
in the affirmative. Is there anyone I should have asked in your
staff that may need to respond? If so, it may make sense for me
to swear them in.
Mr. Reyes. No, Roy and myself are the ones doing the
testimony.
Mr. Shays. OK. That's fine. That's great.
With that, Mr. Reyes, you have the floor and am happy to
have with your statement.
STATEMENTS OF LUIS REYES, EXECUTIVE DIRECTOR OF OPERATIONS,
NUCLEAR REGULATORY COMMISSION, ACCOMPANIED BY ROY P. ZIMMERMAN,
DIRECTOR, OFFICE OF NUCLEAR SECURITY AND INCIDENCE RESPONSE,
NUCLEAR REGULATORY COMMISSION
Mr. Reyes. Thank you.
Mr. Chairman, members of the subcommittee, it is indeed a
pleasure to appear before you today to discuss some of the
efforts by the Nuclear Regulatory Commission.
Mr. Shays. I am going to have you move that mic a little
more in direct line with you.
Mr. Reyes. OK. Is that any better?
Mr. Shays. Yes. Just turn it this way. Thank you.
Mr. Reyes. To the efforts by the Nuclear Regulatory
Commission and its licensees with respect to security at
nuclear power plants. The NRC has greatly enhanced requirements
of licensees at nuclear power plants and conducted
vulnerability assessments and identified mitigation strategies
in order to improve security and evaluate potential threats.
Nuclear power plants have maintained a strong safety and
security measures and were designed to withstand catastrophic
events including fire, flood, earthquakes and tornados.
Security at nuclear facilities across the country has long
been the subject of NRC regulatory oversight, dating back to
the 1970's. And nuclear power plants have been required to
implement security problems that are capable of defending
against violent assault by well-armed, well-trained
adversaries.
Nuclear power facilities have likely been among the best
protected commercial facilities in the Nation prior to
September 11, 2001 and remain so today. However, the September
11th terrorist attacks on the United States brought to light a
new and more immediate threat to our country.
To cope with these changes in the threat environment, the
NRC undertook a reassessment of its safeguards and security
programs to identify from actions, and long-term enhancements
that will raise the level of security at the nuclear facilities
across the country.
Since the terrorist attacks, the NRC has ordered as
licensee to take specific actions to security at their
facilities and to amend the protection of the nuclear materials
they possess. We believe that this comprehensive act also
effectively addressed major congressional concerns about the
adequacy of security in the new threat environment. We
recognize though that security would be further enhanced in the
five legislative proposals that the Commission has submitted to
Congress which are appended to our testimony are promptly
enacted.
My full statement submitted for the record provides a
summary of the numerous post-September 11 actions and
enhancement to raise the level of security at nuclear
facilities.
This includes a series of orders through all nuclear power
licensees beginning in February 2002 to formally incorporate
specific compensatory measures into the search safeguards and
security programs. This enhancement of security included
increased security patrols, augmented security forces,
additional security posts, increased vehicle span of distances
and improved coordination with law enforcement.
In the months since those orders were issued, there has
been coordination with the regulated industry and
representatives of the Federal, State and local government
agencies that would be called upon to support the licensees
response to a potential terrorist attack.
Also, following the September 11, 2001 attacks, the NRC
began a reassessment of the design basis threat [DBT]. As a
result, the threat characteristic set forth in NRC regulations
were supplemented by orders issued to power reactors and to
certain field cycle facilities.
The NRC's currently reviewing licensee revised security
plants for nuclear power plants and certain nuclear fuel
facilities. Nearly 2,000 plants in all, and expects that all
the plants will be reviewed, revised as appropriate and
approved, and with few exceptions implemented by October 29,
2004 deadline imposed by the Commission's April 29, 2003
orders.
Additionally, the NRC has completed an extensive set of
vulnerability assessments and identified mitigation strategies
for NRC license activities involving radioactive materials and
nuclear facilities. These efforts have continued to affirm the
robustness of the effectiveness of these facilities, the
effectiveness of redundant systems and defense of design
principles and the value of effective programs for operator
training and emergency preparedness.
We have continued to improve our security performance
evaluation program, that is our force-on-force evaluations.
In February 2004 the NRC began a transition force-on-force
program incorporating lessons learned during the pilot. The
transition program uses the characteristics of the DBT as
enhanced as supplemented by our orders to prepare for
resumption of the full security performance assessment program
in November 2004.
In conclusion, my full statement also includes
prescriptions of NRC's revised base line inspection program,
the status of security plan reviews, emergency preparedness and
sharing of information with our stakeholders.
I appreciate the opportunity to appear before you today.
And I look forward to answering any questions you may have.
[The prepared statement of Mr. Reyes follows:]
[GRAPHIC] [TIFF OMITTED] T8358.139
[GRAPHIC] [TIFF OMITTED] T8358.140
[GRAPHIC] [TIFF OMITTED] T8358.141
[GRAPHIC] [TIFF OMITTED] T8358.142
[GRAPHIC] [TIFF OMITTED] T8358.143
[GRAPHIC] [TIFF OMITTED] T8358.144
[GRAPHIC] [TIFF OMITTED] T8358.145
[GRAPHIC] [TIFF OMITTED] T8358.146
[GRAPHIC] [TIFF OMITTED] T8358.147
[GRAPHIC] [TIFF OMITTED] T8358.148
[GRAPHIC] [TIFF OMITTED] T8358.149
[GRAPHIC] [TIFF OMITTED] T8358.150
[GRAPHIC] [TIFF OMITTED] T8358.151
[GRAPHIC] [TIFF OMITTED] T8358.152
[GRAPHIC] [TIFF OMITTED] T8358.153
[GRAPHIC] [TIFF OMITTED] T8358.154
[GRAPHIC] [TIFF OMITTED] T8358.155
[GRAPHIC] [TIFF OMITTED] T8358.156
[GRAPHIC] [TIFF OMITTED] T8358.157
[GRAPHIC] [TIFF OMITTED] T8358.158
[GRAPHIC] [TIFF OMITTED] T8358.159
[GRAPHIC] [TIFF OMITTED] T8358.160
[GRAPHIC] [TIFF OMITTED] T8358.161
Mr. Shays. You may go to the next witness.
Mr. Turner [presiding]. I'm sorry.
Mr. Zimmerman.
Mr. Zimmerman. I have no opening statement. Thank you.
Mr. Turner. We will go to a 5-minute round of questions
from the members of the committee.
I know many of the members of the committee are going to
have questions concerning the design basis threat, their
concern of its insufficiency. The concern of force-on-force
exercises and their lack of reliable training and
effectiveness, also issues concerning equipment and training.
But I am very interested in the relationship between DOD
and the protection of our nuclear power plants. In some of the
information that we have indicates that power plants are not
required as part of their design basis threat to take into
consideration attacks by a foreign power or even perhaps the
type of terrorist organizations that we see with al Qaeda, with
the airborne threat.
Could you talk a little bit about the NRC's coordination
with the DOD and how and where that occurs? Both in the level
of communication, exercises, onsite equipment and response?
Mr. Reyes. OK. Prior to September 11th, the NRC has always
had intelligence analysts. Subsequent to September 11th those
intelligence analysts--even though they are NRC employees--are
collocated with the intelligence agencies. So we have changed
not only the analysis of intelligence information the way we
did it before, but now we have collocated with the intelligence
community. And what that has provided is a more direct feedback
for us--but we now provide the intelligence community,
information we didn't provide it before. We have required our
licensees to report to us activities that may observe around
their facilities that may have some bearing on the national
intelligence information.
Now, in terms of the design basis threat, we have worked
very closely with DOE and DOD in terms of the intelligence to
determine our design basis threat. As somebody stated, we do
not have in the NRC regulatory oversight weapons plans that
have nuclear weapons or plants that have nuclear weapons
components. So our design basis threat takes that into account
and we feel is similar to DOE facilities that are similar to
ours. So we think that the design basis threat is similar now.
Now, I couldn't bring all of the pictures because security
information. It's limited to the public. But some of the
pictures here provide some of the features that the plants
have. They compare to similar facilities with DOE and DOD. What
you don't see here today is technology to detect intrusion and
some of the programs that they have the facilities to make sure
that the individuals that have access to the facility have
security clearance----
Mr. Turner. I am going to interrupt you. Because we have a
limited time period for the answers. I appreciate your giving
us information concerning intelligence gathering and
information with respect to detection.
Mr. Reyes. OK.
Mr. Turner. But obviously my question and my interest
concerns the ability to actually defend these facilities.
Intelligence is only an element that gives you an understanding
of what you are defending against or when defense is necessary.
And detection certainly is way too late. So if you could please
describe with respect to the Department of Defense, NORTHCOM,
where are you drawing the line between the facilities
responsibilities, the DOD's responsibilities and how are those
actually being coordinated in a meaningful way that actually
transcends into defense.
Mr. Reyes. Let me have Mr. Zimmerman give you the details
of our interface with NORTHCOM.
Mr. Zimmerman. Thank you let me provide you with some of
the specifics. With regard to NORAD, we have interactions with
NORAD on a daily basis. We provide them information associated
with the status of our facilities. They know which facilities
are operating, which ones are shut down, which facilities may
be with selected equipment out of service. We have run
exercises with NORAD, where we have Amalgam Virgo or Amalgam
Amigo are examples, for example, of actual interactions we have
had with them on the phone, as well as with licensees.
There is also, have been calls that NORAD has had directly
with our licensees, but we have set up a protocol that happens
very quickly. If there's an anomalous situation in the air that
involves NORAD, NRC and the licensee on a three-way phone
call--and we have been practicing that with our licensees--we
have been involved in many exercises with the Federal
Government and DOD primarily in the lead. We have been involved
with the TOPOFF exercises that have occurred. We are involved
with TOPOFF planning for next year. We have been involved in
Forward Challenge, we have been involved with UDO 4.
We are actively involved in and are interacting both with
NORTHCOM with regard to their ability to respond with quick
response forces. They have been out to the sites. We have taken
them onsite tours. And they have had an opportunity to walk the
facilities share their thoughts with us.
So we view that we have a very strong relationship with
NORAD, with NORTHCOM and we plan on making it stronger through
an effort we call integrated response planning. And that deals
with recognizing that the design basis threat we view as what
is reasonable for private guard force, where the Federal
Government needs to come in promptly. DOD is an active player
in that effort of integrated response.
Mr. Turner. Mr. Kucinich.
Mr. Kucinich. Thank you very much, Mr. Turner.
Mr. Zimmerman, one of the things the NRC points to on their
Web page is a way that increased security is extending the
perimeter of their facilities. Despite this, there have been
two incursions into nuclear facilities in the last 2 months.
One occurred at Beaver Valley in Pennsylvania and the other
occurred at Pilgrim. If NRC had indeed extended the perimeter,
ostensibly to catch terrorists before they get on the site, how
were these individuals able to get out into plant sites?
Mr. Zimmerman. I think context is very important in this
regard. Without talking to the specific details--I am not sure
I recall the specific details--the area that we are talking
about at these facilities is what is called the owner-
controlled area. This is the area of property that is owned by
the licensee, but in many cases is far removed from where the
protected area where the vital equipment is located. At some
plants, it's miles away from where the actual facility
equipment is located. What we have done subsequent to September
11 is require that licensees conduct surveillance out in their
owner-controlled area to be able to identify the possibility of
surveillance taking place on their site or as well as any
plant, preplanning for an attack.
We also called for licensees to mix up those patrols so
they don't always roll around at 4, you know, hour on the hour.
They mix it up to try to keep any potential surveillance, you
know, at bay. We get daily reports that are made from the
licensees into my office that address the many instances where
individual sightseers are taking pictures of the sites, where
the film is confiscated, explain to the individuals the
sensitive nature of the equipment that they are trying to take
pictures of.
There are close working relationships with the local law
enforcement and the FBI to run license plates to look for any
information in the background of these individuals. It's a very
aggressive program--and addressing one of the other concerns
that was raised earlier, we share this information across the
industry so that if there is some information that somebody
sped away quickly from a particular location, that information
is put on a protected Web server so all sites have access to it
and can be on the lookout for a similar vehicle.
Mr. Kucinich. I have a number of questions here, Mr.
Chairman, that will probably require--you are going to have a
second round of questioning? I know my time isn't up.
Mr. Shays [presiding]. I would be happy to yield to my
colleague some of my time. We would like to go just a 5-minute
round with this, and then they are going to come back after GAO
has testified.
Mr. Kucinich. Well, before----
Mr. Shays. Why don't we go through this. Why don't we----
Mr. Kucinich. My 5 minutes hasn't expired.
Mr. Shays. OK.
Mr. Kucinich. I want to, as a personal matter ask you a
question.
Mr. Zimmerman. Surely.
Mr. Kucinich. What do you think about the failure of your
own agency to provide information to the public about a hole in
the head of a reactor vessel. Is that a security matter that
you have any concern with, or is that somebody else's job?
Mr. Zimmerman. To be candid, it is not in the realm of
responsibilities that I have. I think better justice could be
done to answering your questions in a different setting,
perhaps with different individuals that are closer.
Mr. Kucinich. You really don't know anything about that, is
that what you are saying?
Mr. Zimmerman. No, I am not saying that at all.
Mr. Kucinich. Do you know anything about it at all?
Mr. Zimmerman. Yes.
Mr. Kucinich. What are you aware about it?
Mr. Zimmerman. I am aware of the fact that there was
degradation in the vessel head that was late in being
identified, through a non-destructive examination. I am aware
of the fact that the NRC followed the degradation closely and
had identified a period of time that it was felt that it was
reasonable for that facility to continue to operate based on
the information that was available to them.
Mr. Kucinich. Mr. Chairman, I just want to point something
out. And I don't think this is tangential. We have a witness in
front of us whose job deals with nuclear security. I would
submit that there is a lack of communication within the NRC on
issues of security that he just made a statement that defies
belief of anyone who claims that they followed this. So I am
just going to take his initial statement that he is really not
responsible for this. And the gentleman is showing a lack of
comprehensive understanding of what the NRC's failings were on
this--and I am not going to attribute that to his problem--I am
going to attribute it to the responsibilities of the people who
had the first obligation to let the public know--should have
also let him know, since he is dealing with nuclear security.
So I think one of the things the committee has already been
able to determine here is that you don't have the kind of
communication within the NRC that would protect the public
interest with respect to security lapses of a mechanical kind,
physical kind, inside. So the security problems can come
outside, but they can also come inside.
Thank you, Mr. Chairman.
Mr. Turner [presiding]. Mrs. Maloney.
Mrs. Maloney. What have you done to protect our plants from
the possibility of a plane flying in?
Mr. Reyes. Yes, we have----
Mrs. Maloney. We have read in the 9/11 Commission said that
was one of their plots. So how are we protecting ourselves from
that?
Mr. Reyes. The NRC has done a vulnerability assessment.
That includes a wide variety of aircraft. It includes smaller
aircraft, all the way to a large commercial aircraft loaded
with fuel--an analysis of a limited number of plants that are
typical in the design of the power plants in the United States.
What that analysis has shown is there is a very low probability
that the crash of such a large aircraft into the facility would
cause both damage to the core and a significant radiation
release that will impact the health of the public.
And the reason being is that prior to September 11th, these
plants have severe accident procedures--they were procedures
that were mitigated or strategies that were to cope with events
that could not be foreseen by the design. Our analysis has
identified that more had to be done--and in fact the mitigative
strategies have been enhanced to cope with such an attack. Now
that will be the back end once the attack occurs.
At the front end, I think Mr. Zimmerman talked about our
relationship with NORTHCOM and NORAD and the exercises and
direct communication from NORAD to the control room in the
power plant to advise them if there is a pending attack.
Mrs. Maloney. Do we have any planes in the air that would
shoot down another plane coming? I mean, we never anticipated
that a plane would knock down the Towers. So the main thing is
to prevent it from coming in in the first place. So what do we
have? Are you working with the--you understand the security to
basically shoot down a plane if it ever got into the area?
Mr. Reyes. Yes, our work has been with NORAD who had the
responsibility to intercede the aircraft.
Mrs. Maloney. Now, in the prepared testimony of the GAO,
they say that the NRC does not plan to make improvement to the
inspection program that the GAO previously recommended and
still believes that it is not necessary. For example NRC is not
following up to verify that all the violations of security
requirements have been corrected. Can you explain that? That's
a direct quote from the GAO report that they are very disturbed
that you are not correcting the items that they pointed out to
you. Why not?
Mr. Reyes. The GAO report relates to our followup of the
corrective action--the NRC both on the safety and security
site. And we don't think distinguish them--they work together--
puts their effort on the violations of biggest or higher
significance. Now, what we do is we put--confirm all the
corrective actions for violations of higher level, and for low
level violations we do it in a sample basis. Now that doesn't
mean we don't know what was done.
What it means is for security specialists to confirm
whether that minor violation or violation of low risk was not
corrected. But we have an NRC office in every power plant. We
have inspectors there, and we are aware of the corrective
action on small, low-risk violations. But we follow all
significant violations with subject matter experts, whether
security or safety.
On the lower level, we do a sampling process. It's a matter
of resources.
Mrs. Maloney. So, then, you are not following up to verify
that the violations of security requirements have been
corrected for ``smaller violations?''
Mr. Reyes. On a sampling basis we do.
Mrs. Maloney. But you are just correcting the larger
violations. Can you give me an example of a smaller violation
that you are not correcting?
Mr. Reyes. Well, they corrected it. We just don't confirm
specifically that it is corrected. I will have Mr. Zimmerman
maybe give an example of a minor violation.
Mr. Zimmerman. A minor violation could be an isolated case
where an individual had a lapse and didn't record information
within a certain period on a tour or potentially may not have
logged it at all. We would view that as a violation. By
understanding a licensee's program, they have a corrective
action program that they are required to have. Their quality
assurance organization will pursue that, determine whether it
is an isolated case.
We also during our review--if we see something that
indicates it is potentially larger and has programmatic aspects
to it--we would continue to follow that trail. But if we see
that as an isolated case, the corrective action would be taken
by the licensee. And then as Mr. Reyes said, we do come back
for the lower significance items and do a sampling check to see
if we have confidence in the thoroughness of the review of the
utility.
Mrs. Maloney. My time is up. Thank you.
Mr. Turner. Mr. Platts.
Mr. Platts. Thank you, Mr. Chairman. I appreciate your
testimony here today. And I question our focus, I know, is
about protecting our facilities from the terrorist threats. And
I would like to at least put on your radar an issue that kind
of relates that if there is an attack and our response and
attentions come to my attention in my local community, I would
go right up against the Susquehanna River where Three Mile
Island is--and certainly as a high school student, remember
1979 very well--living a few miles from the plant.
The issue that has been raised to me is if there would be
an attack how we would respond to the attack, specifically for
children in day care, preschools, nursery schools, and believed
by some of my constituents that NRC's oversight, along with
FEMA, is not insuring that our NRC regulations are being fully
complied by facilities regarding those preschool child care
centers, and the State plans that are in place. My
understanding of NRC is your responsibility is really to
improve the State plans for evacuation if there is an attack or
if there is an incident of whatever kind that requires an
evacuation that NRC looks to the State and approves the State
plans?
Mr. Reyes. FEMA, the Federal Emergency Management Agency
does that.
But if I could address briefly your concern. If there is an
attack at a nuclear power plant--regardless of whether it is
ground, waterborne or air--right away, there is a declaration
of high level emergency. What that does is automatically gives
the local government, the counties and the State, mobilizing
their emergency plan.
And the typical arrangement--and I don't know the one in
Pennsylvania specifically--the typical arrangement is that when
that is declared, the local government already has prearranged
decisionmaking on evacuating children, senior citizens. So the
fact that the facility was attacked without any consequences--
yet in terms of release of radiation and all of that--because
you declare a high level emergency, you are already as a
precautionary measure, very conservative, rolling and the
offsite government agencies are already moving.
Mr. Platts. The concern is that--and then that process, for
it to work, those plants need to be thorough and that the FEMA
reviews the plans.
Mr. Reyes. Right.
Mr. Platts. Based on their finding and you issue a license
that yes they have a plan in place.
Mr. Reyes. Correct.
Mr. Platts. Is that perhaps with some facilities in
Pennsylvania and perhaps elsewhere around the country that
those plans are not as thoroughly guarding these preschool age
children even though the regs require them to, to accomplish
those children as well.
Mr. Reyes. Yes, it is FEMA that has to do the assessment.
And they monitor the exercises and the plant and the fact that
it gets performed adequately. I just couldn't----
Mr. Platts. So NRC basically takes the decision of FEMA and
just ratifies that decision that FEMA says, yes, they are in
compliance, their State plan, their local plan, therefore the
license is issued?
Mr. Reyes. Yes, it's called reasonable assurance. FEMA
sends out a report, and a certification that they have
reasonable assurance that the offsite emergency preparedness
actions, the plans and the actions that they will take by
observing the execution of the plan and the exercises, etc. is
adequate. And we take that certification of reasonable
assurance and accept it.
Mr. Platts. Thank you. Thank you, Mr. Chairman.
Mr. Turner. Ms. Watson.
Ms. Watson. According to the GAO, NRC is not taking
advantage of opportunities to improve the effectiveness of
force-on-force exercises and security oversight in general by
implementing the recommendations.
And I did hear you mention, you have gone so far with a
lack of resources. I would like to elaborate on that and tell
us how is nuclear power plant inspection information shared
with the NRC regional offices and nuclear power plants. So you
can answer collectively.
The other concern that I have is that several months ago,
we heard about traditional procedures and traditional ways of
calculating how an attack would take place on our nuclear
plants. I had problems with traditional. Because I think
whatever enemy out there we are facing is being very creative.
And if we have a traditional procedure or formula that we use
on the ground, what about that comes from the air or over
water? So you might want to address that as well.
Mr. Reyes. OK. I would be glad to do that. Let me talk
first about the information sharing. All the findings, all the
violations, whether they are high or low or of significance,
regarding security, are reviewed by a panel which is composed
of a representative from all of our four regional offices and
our headquarters offices.
And that's to make sure that in fact they are properly
being categorized in terms of their significance and therefore
which ones we need to do followup corrective action in detail
and which ones we do a sampling process. That information is
shared because there's representatives from each one of the
regional office and the program office. So those individuals
share that within their own group.
Then we also have very frequent meetings with the
industry--it's called a security working group--where we share
all the issues that we have identified with them, and the
security working group from the industry then shares that with
their counterparts.
We also have prepared a protected Web page that has those
kindS of information. Not only do we share that with the
licensees, but it gets shared with local governments and other
interested parties that do have the appropriate clearance to
have that information. So we do have a very aggressive way to
share the information.
Now, we haven't adopted every recommendation that GAO has
submitted. We haven't dismissed them; we are considering them,
but we feel there is a very aggressive way that this
information is being shared.
Ms. Watson. When you said lack of resources, would you
elaborate, please?
Mr. Reyes. We feel we have adequate resources, but what you
want to do is you want to put your resources where the more
significance is. So Mr. Zimmerman provided you an example of
where a patrol officer had an oversight to log in as they
conducted the patrol around the facility, and they have to log
in exactly where they were and where they are not going. That
would be a relatively low violation of our requirements, and we
necessarily wouldn't put the resources there. If we were to
find a more significant problem regarding training of the
officers or the weapons not being in good working order or
something like that, we will put very detailed followup on the
more significance, because they do have the more significant
potential to affect security. So there's a matter of grading
where our resources go to; they go to the most significant
findings.
Ms. Watson. I am really troubled by the fact that we are
fighting an enemy of unknown proportion. It could be an
American--I will always remember Oklahoma--or it could be
someone who has merged into our society. They have a very
different mindset than we do. And I'm wondering if there is any
activity going on that tries to get into that mindset, because
I think the September 11 attack was planned a decade in
advance. And certainly we know by the training, the time it
took to train those who flew the planes--and they went in and
said we don't want to learn how to take off or land; that
should have rung a bell. And they paid in cash. But apparently
they were more interested in getting that money than in picking
up the clues. And I am finding out there have been clues along
the way and we haven't done a good job in connecting the dots.
So I am wondering if we have a think tank that might be
looking at the creative ways that people, you know, watching us
in an open society might do us great harm through our nuclear
plants. Pand, finally, how does this fit into homeland
security? How does the NRC, what role do you play in terms of
homeland security?
Mr. Reyes. OK. Let me talk about--the concerns you had
about the potential adversaries and the modes and the planning
all goes into the intelligence community. What we do is we take
that information, and, for example, when we consider the design
basis threat and when we do our exercises, we assume that all
that information in terms of what we call coordinated attacks--
and we assume they are coming from the ground, from the air,
from the water, and that they have an insider that they have.
So all that is considered in both the design basis threat and
the exercises we actually conduct. So also, we don't go out
there to try to do intelligence work. We are the beneficiaries.
And by having our intelligence analyst physically present in
that community, we get that information and we factor that into
our activities.
Now, let me have Mr. Zimmerman explain to you how we work
with DHS, because we are an active participant in that effort.
Mr. Zimmerman. One of the things that we do with the
Department of Homeland Security is we try to maximize our time
that we spend in their operation. And I will explain that.
There may not be a particular issue that is necessarily in our
sector, but we will try to send people to their operations
center, even if there is an issue that they are pursuing that
is unrelated to the nuclear sector, just so that we can get
comfortable, get a chance to meet people, understand what their
protocols are. And we basically have a relatively large number
of people that we are sending down there and getting badged
ahead of time, so that if the bell does ring in our sector, we
have working relationships established. And if we are in a
reactive situation, we know where our desk is, we know what our
responsibilities are.
And when we do our exercises now, we have requested of DHS,
and they have been very supportive, to try a continuous
improvement to make our exercises more realistic, where we want
them to play in our exercises now that they have been stood up.
So we want to send people to them, understand what issues they
would have in this emergency situation during this drill, and
raise those issues directly to us in real time in the exercises
so that we can practice and learn how we can improve our
overall response to the Federal Government.
Ms. Watson. I will just finish up with this. I think
intelligence has failed to provide all of us with the
information that we need to prevent--not respond to an
emergency, to prevent. And I would hope that the NRC would
definitely be looking at strategies, procedures, to prevent a
nuclear kind of emergency, because once there is a nuclear
attack we are done.
Mr. Zimmerman. May I respond?
Mr. Turner. Actually, we need to move on. Mr. Tierney.
Mr. Tierney. Thank you, Mr. Chairman.
You rely on private companies for the securities of the
individual plants. Right?
Mr. Zimmerman. That's correct.
Mr. Tierney. All right. So we have 65 plant sites, 103
nuclear reactors in 31 States.
Mr. Zimmerman. Correct.
Mr. Tierney. And you sort of delegate that responsibility
to private companies, and then rely on their report to you as
to whether or not they are complying with the various standards
that you set.
Mr. Reyes. No. We have direct observation of their
activities.
Mr. Tierney. About once every 3 years, right?
Mr. Reyes. No, no. That's incorrect.
Mr. Tierney. OK.
Mr. Reyes. See, the inspection program--and I think this
is--the GAO auditors are in the process of doing that effort,
and they haven't been able to visit the facilities. So we have
a security inspection program that looks at everything, from
training to performance of the detection system, implementation
of the program for access to individuals, communications. The
portion as far as exercise is on top of all that I just told
you, and that is the final task on the dynamics. That's where
we actually simulate adversaries, and they actually come in and
jump over the fence and actually have access to--and we
simulate the attack. But that's only the culmination of a large
number of inspection hours by a lot of subject matter experts
in security that come in unannounced at all times of the day or
night to check each one of the elements.
Mr. Tierney. Let me interrupt if we can because are limited
in time here. So you are saying that your agency determines the
standards for training, and then you go down and you observe
and make sure that training is in fact occurring and being met
and that people are passing those criteria.
Mr. Reyes. That's correct.
Mr. Tierney. And that's no matter what the turnover there.
Mr. Reyes. Correct.
Mr. Tierney. And then you are telling me that you are also
keeping an eye on how much overtime is involved, how many hours
these people are working on each shift on a regular basis?
Mr. Reyes. We have requirements for that. We review the
records and we interview individuals.
Mr. Tierney. Did you want to add something?
Mr. Reyes. What he was going to tell you is our inspection
program has increased by a factor of five.
Mr. Zimmerman. Since 2000. The amount of hours that we
spend onsite--this is separate from force on force--is we have
gone up fivefold in the amount of inspection hours that we are
currently spending onsite. The design basis threat that we
issued in April 2003 is quite similar to the interim
compensatory measures that we put in place in February 2002.
Our inspectors have already gone out and verified that probably
80 percent of what is in the revised 2002 DBT is already in
place.
Mr. Tierney. Are you subcontracting any of this evaluation
work?
Mr. Reyes. No.
Mr. Zimmerman. It's being done through our regional
offices.
Mr. Tierney. And when you do the force on force, are you
subcontracting any of that attack force work out?
Mr. Reyes. No. The NRC reviews the training for the
adversaries, the NRC decides on the scenario, and the NRC is
there in large numbers to observe the force on force. And we
are the ones who determine whether the performance is
acceptable or not. See, this is a big difference between DOE
and NRC. DOE operates and regulates itself. We have a private
licensee, but we are the ones who do the oversight and we are
the ones who determine the adequacy.
Mr. Tierney. But it is not your personnel that are actually
doing the force on force. You hire somebody to do that, then
oversee them?
Mr. Reyes. The adversaries are not NRC employees. The
people monitoring them and doing the independent assessment
are.
Mr. Zimmerman. We hire contractors that are experts in this
area. They are joined at the hip with the adversary team; they
are in the field with the adversary team as they are trying to
make their approach on the facility. They are involved in the
preparation aspect indicating, based on what we have been able
to determine, this is how I would attack the facility, so this
is how you will attack.
The decision on how the attack is made is made by the NRC
contractor, not by the contractor that's going to carry out the
actual attack. But our contractors will go with them.
Mr. Tierney. So we no longer have Wackenhut watching
Wackenhut.
Mr. Reyes. It never has been. We don't know the
misunderstanding, but it never has been.
Mr. Zimmerman. We do the full assessment. Wackenhut will
pull the trigger, but we will have somebody there to make sure
that person is taking the appropriate action of what he or she
has been instructed to do based on us laying out what the
scenario will be, and then being with them in the field while
they carry it out.
Mr. Tierney. We can maybe revisit that again later. Tell
me, if you would, about spent fuel storage security and why we
should feel comfortable with the way things are going there.
Mr. Reyes. There is two kinds of storage of spent fuel. One
is what we call the pools or the wet pool. And those are inside
all the protected area of the facility, and all the security
features that you have for the reactor, you basically have for
the wet pools. The dry cast storage could be either inside the
protected area or could be sitting by itself within a protected
area. And that also has security features to it. The dry cast
storage is more robust in terms of attacks and all that. So we
feel very secure that it is--the security is adequate.
Mr. Tierney. Thank you.
Mr. Turner. Mr. Sanders.
Mr. Sanders. Thank you very much, Mr. Chairman.
As you know, gentlemen--and thank you very much for being
with us. As you know, we have a nuclear power plant in Vernon,
right at the southern edge of Vermont and right near the
Massachusetts border. Recently there was a scare, as you know,
when two spent fuel rods appeared to be missing, and they were
relocated sometime later. But that raised anxiety in an area
where anxiety is already fairly high.
Let me just ask you just a couple of questions. It seems to
me--and I don't want to disappoint any of my colleagues or
you--that the truth of the matter is there is not an enormous
amount of faith in the U.S. Government; that people do not
believe everything that you say or I say or anyone else says.
And when it comes to nuclear power and the potential danger,
clearly people are very, very concerned as to whether or not
the U.S. Government is in fact protecting them.
As I understand it, earlier in August the NRC announced
that a substantial amount of site-specific security information
would be taken off of its Web site. Now, I can understand that
we do not want to tell al Qaeda all of the methods that we have
to defend nuclear power plants. But the bottom line is that
when people, at least in the past, could critique, could say it
is not enough, now they have virtually nothing. So if I'm
living in Vernon, Vermont or Brodova, Vermont, how do I know
that the kind of security--I don't need to know every detail,
people understand that. But what kind of reassurance do people
have that security is appropriate when they now go to the Web
site and they get far less information than they used to? And
as I understand it, you took that information off kind of
privately, without a lot of public discussion as to whether
that was a good idea.
Mr. Reyes. Prior to September 11th and today, our strategic
plan has safety security and openness as one of the goals. And
we have learned since September 11th, through our feedback with
the intelligence community, that there are people out there
that want to do us harm. And information that we openly share
with everybody as one of our strategic goals could be harm to
the Nation. So what we had to do is, we had to do some soul-
searching and find out what information should we pull out of
the public. And we took out information that could assist
somebody in doing us harm.
What we are going to do is--the remaining of the
information regarding the safety of the facility, all that
information is still there. What we are going to do is we are
going to summarize that security information we have and
present it in a summary fashion without giving details that
somebody can harm us.
Mr. Sanders. We don't have a lot of time. And I think
everybody understands that we do not want to give enemies
information. But on the other hand, I would ask you to keep in
mind, given the fact that people do not necessarily have a lot
of confidence, that they do want to know that they are being
protected. They want the opportunity to critique when they feel
that security is not appropriate. And I fear very much that is
not the situation.
Now, I understand that there was several FOIA requests made
before this policy went into effect; in other words, regarding
the nature of security. What does the NRC plan to do with those
FOIA requests?
Mr. Reyes. Well, we are going to have to process them under
the new guidelines, because regardless of how you put the
information in the public, the details, we now know our
intelligence colleagues are telling us do not put detailed
information out that can assist people to do us harm.
Mr. Sanders. Let me go to another area. And forgive me, we
just have to move fast because there's not a lot of time. I'm
picking up at a point that Mr. Tierney raised a moment ago; and
that is, NRC, as I understand it, has repeatedly stated that
they believe release of radioactive fuel as a result of a
terrorist attack on a spent fuel pool is unlikely. NRC
officials have made that point over and over again, and they
said that as recently as last week.
So what I want to know is why you think that way? Are you
taking additional steps to fortify the many spent fuel pools
around the country, rather than simply dismissing the prospect
of a breach of security there?
Mr. Reyes. We have done analysis of airplane crashes into
the spent fuel pools. Now, it's been a limited number of
details in terms of which ones we have done that, and those are
the conclusions you stated. We are now moving forward to doing
further studies to make sure that we have done a thorough
review in any one of the layouts. The configuration of the
pools are different in different plants, and so we are now
continuing the analysis to make sure that the results we have
are representative of the total population.
Mr. Sanders. Am I correct in remembering, though, that
there are some knowledgeable people who disagree with some of
the conclusions that you have reached about the safety of those
facilities in terms of a plane attack?
Mr. Reyes. There's always people who disagree.
Mr. Sanders. I'm not talking about fringy people; but I'm
talking about intelligent people.
Mr. Reyes. Yeah, there's always intelligent people that
disagree with us.
Mr. Sanders. All right. What about the potential of an air
attack? I understand that there is no longer a no-fly zone in
effect over our Nation's nuclear reactors. And my question is,
why you think that is good policy? And why does the NRC think
it's such an insubstantial threat, especially in light of the
fact that al Qaeda clearly considered nuclear reactors an
attractive target?
Mr. Reyes. After September 11th, we met with the FAA and we
tried to get their insights and their determination on what
should be the airspace around nuclear power plants determined
to be. The FAA determination was that for nuclear power plants
and other critical infrastructure, that it was not advisable in
their mind to put no-fly zones. What they did determine was for
nuclear power plants to put what they call a notice to airmen,
which basically is a notice that goes to all pilots about
limiting their flying around these facilities. But we are just
following, after the meeting with the FAA, what they determined
to be the most wise.
Mr. Sanders. But do you think that makes sense? On the
surface it doesn't make a lot of sense to me, given what we saw
about September 11 and the use of airplanes as missiles.
Mr. Reyes. The rationale of the FAA was that there's other
critical infrastructure, just like nuclear power plants. And if
they were to put no-fly zones over all these facilities and the
infrastructure, you basically stop commerce because you have so
many no-fly zones across the national--chemical plants,
pesticides.
Mr. Sanders. Frankly, a nuclear power plant is different
than many other infrastructures and facilities. We don't think
we should have universal no-fly zones, but I would suggest that
maybe we may want to do a little bit of thinking about that
one.
Mr. Reyes. And we met with the FAA and we tried to convey
that.
Mr. Sanders. I mean, you met with the FAA. You are the
experts on nuclear dangers; they are not. They have other
interests as well. And we need to rely on somebody to protect
us.
Mr. Turner. Mr. Sanders, we need to move on.
Mr. Sanders. Thank you.
Mr. Turner. Chairman Shays.
Mr. Shays. I thank you. We are going to have a second
opportunity to question these witnesses. We do thank them,
because that's a better way for them to make their arguments
and for us to understand the challenges.
The bottom line, it's been 3 years since September 11th,
and 2 years of it was the intelligence community giving us a
postulated threat. You have worked the last year on a design
basis threat, and now that's coming into place. And what's
concerning me is there appears to be 3 years before you really
test at every facility, and so it's going to be like 6 years
from September 11th.
I want to ask, are you aware of the memo, which was
classified, from the Deputy Secretary of Energy to DOE
facilities strengthening the DBT and ordering safeguards beyond
those called for by the initial post-September 11 standard?
Mr. Reyes. We work closely with DOE, and we know exactly
what their DBT is and where the directions are heading. We are
required by the Commission to brief them every 6 months on the
intelligence, and so they can reassess the DBT. We are
scheduled to do that November 16th of this year. At that time,
we will brief them not only with the intelligence information
we have, but with all the DOE--DBT changes that they are
considering or perhaps they have implemented by the time we
meet with the Commission.
Mr. Shays. When we met with DOE officials and we toured
certain facilities, they came back to us and said that they
were going to strengthen their design basis threat. We have the
postulated threat up here, we have the Department of Energy
with their DBT here, and we see you lower down on the design
basis threat, that you don't have as strong a standard as what
we see happening for the DOE facilities. That's my reading of
it. And I would like to know, do you anticipate strengthening
your design basis threat based on----
Mr. Reyes. We will share that information with the
Commission. It's a policy decision by the commissioners whether
to increase or not increase the DBT. And, but we have a process
to do that, and November 16th is our next presentation to the
Commission to consider that.
Mr. Shays. One of the biggest criticisms that GAO has is
that they say the NRC's review of the plants, which are not
available to the general public for security reasons, has
primarily been a paper review and is not detailed enough for
NRC to determine if the plans would protect the facility
against the threat presented in the DBT. How do you respond to
that?
Mr. Reyes. The security plans are--they have, but at a
pretty high level. And what you see here, what you have at the
station, then, is what we call implementing procedures, the
strategies of how those individuals will respond to an attack,
where are they located, how will the firing lines, etc., is an
implementing procedure. And the reason you want to have it that
way is, let's assume that the legislative proposal that we
highlighted to you gets approved and we now can give them
better weapons. Then the strategy at the time may change.
Mr. Shays. Well, now that we don't have the assault weapon
ban, are you now able to get--no, I'm serious. Are you
prohibited from giving them assault weapons?
Mr. Reyes. Under State law--see, this, under the State law
they cannot have automatic weapons.
Mr. Shays. Under every State or in some States, or in every
State?
Mr. Zimmerman. Some States have changed.
Mr. Reyes. Recently. Very recently.
Mr. Shays. See, the logic of the assault weapon ban is that
we want the law enforcement folks and the security people to
have every advantage possible. We don't want the bad folks to
have weapons that our people don't have.
Mr. Reyes. We agree.
Mr. Shays. I mean, the government's got it screwed up here.
Mr. Zimmerman. The legislation that we proposed would allow
the security officers to use automatic weapons. Right now they
are using semi-automatic weapons.
Mr. Shays. I want you to use whatever the hell you need to
do the job. You know, our job in government is to make sure
it's never a fair fight. We want our military people to always
have the best.
Mr. Zimmerman. I couldn't agree with you more.
Mr. Tierney. Would the gentleman yield on that for 1
second? The problem is these are not military people and these
aren't public forces on that. The question I would have is, who
is doing the background check on these individuals? Who are
they? How well trained are they? And how confident can we be
that they can be entrusted with this kind of weaponry and are
going to do the job that we might normally expect of our own
forces?
Mr. Zimmerman. The background checks on the security
officers is extremely aggressive. They are viewed to be in
what's called a ``critical group'' because of recognizing that
if they were the insider, what damage they would be able to
cause. So there is a significant background check and
behavioral observation that takes place. The vast majority of
these individuals are prior military or law enforcement.
But the answer to your question, there is a very
significant and appropriate background check being done.
Mr. Tierney. By the NRC?
Mr. Zimmerman. Well, no. We work through the FBI. We pass
the information to various agencies that have a variety of data
bases that you are aware of, and those names are provided to
those data bases. We are a passthrough.
Mr. Reyes. Similar to a clearance, the fingerprinting and
review will be done by the FBI. It's not the licensee if that's
what you're asking.
Mr. Shays. Let me claim my time again. But I do think the
gentleman is right on target. My biggest fear is the person who
does have the weapon on the inside. I think one individual like
that could practically accomplish whatever task they want. And
so I think that is a key factor the gentleman has identified.
The bottom line is you are going to be looking at whether
to revise your new design basis threat. How long would that
take, though, if you then decided to do that?
Mr. Reyes. Once we present that to the Commission,
typically within a few weeks they make a decision one way or
the other. So then if they were to make a change, we will have
to implement it through orders or some mechanism like that.
Mr. Shays. So how long would that take before it actually
were met in the field.
Mr. Reyes. It depends on the size of the increase. If you
are talking about the number of adversaries----
Mr. Shays. Just give me a sense. Are we talking a year
more?
Mr. Reyes. That should be in months we can issue the
orders, and then the implementation will take a little bit
longer, depending on the magnitude.
Mr. Shays. A little bit longer means what? A year?
Mr. Reyes. My guess would be a year.
Mr. Shays. No, no. See, that isn't a little bit longer. I
don't feel like there is an intensity level at NRC, I honestly
don't. But we will get to that later. I think we need to get to
the next.
Ms. Watson. Is this just a followup, or can it wait when
they come back to us?
Mr. Turner. This panel is going to be returning after panel
two. Will you be able to stay for----
Ms. Watson. Yeah. It was just pertinent to----
Mr. Shays. I would be happy to.
Ms. Watson. I was just going to say what is really
bothering me at this moment is that I represent a State that
has a very porous border, and there are people coming across
the Mexican border into the United States that are going to be
able to buy automatic assault weapons in their corner sporting
goods store because the ban has evaporated. And I understand
that there is a constant movement across our border, our
southern border into the United States, where these people can
go in with fictitious names and somebody else's ID and pick up
one of these assault weapons. This will impact on you greatly,
and so I just throw that out.
Mr. Turner. Perhaps when they return that's an issue they
can address at that time, if that's OK.
Ms. Watson. That's fine. So just keep that in mind, my
concern.
Mr. Turner. What I understand is that panel one is going to
remain while panel two testifies, and then return to us for
additional questions after we have heard the testimony of Mr.
Jim Wells. So we will excuse you at this point, with the
understanding that you are going to be remaining.
Mr. Shays. And we thank you for that. That will be helpful.
Mr. Turner. And then we will call forward panel two, which
is Mr. Jim Wells, Director, National Resources and Environment
Government Accountability Office, who will be accompanied by
Mr. Raymond H. Smith, Jr., Assistant Director, and Mr. Kenneth
E. Lightner, Jr., Senior Analyst.
Gentlemen, we do swear in our witnesses for the hearing. If
you would please stand and raise your right arm.
[Witnesses sworn.]
Mr. Turner. Please note for the record that the witnesses
responded in the affirmative.
Mr. Turner. We welcome you, Mr. Wells, and look forward to
your testimony.
STATEMENT OF JIM WELLS, DIRECTOR, NATURAL RESOURCES AND
ENVIRONMENT, GOVERNMENT ACCOUNTABILITY OFFICE, ACCOMPANIED BY
RAYMOND H. SMITH, JR. ASSISTANT DIRECTOR; AND KENNETH E.
LIGHTNER, JR., SENIOR ANALYST
Mr. Wells. Thank you, Mr. Chairman. We are pleased to be
here today to discuss NRC's efforts to improve security at the
Nation's 104 commercial nuclear power plants. Today, it's 3
years after the Twin Towers and Pentagon attacks, and we are
discussing what NRC has done, where they are, and what's left
to do. To NRC's credit they responded immediately, advising the
plants to go to the highest levels of security, and they issued
about 60 advisories and orders.
As an auditor, I am going to stop here and let them take
credit for what they've done. They have, in fact, done a lot of
things, and there is no doubt that security has been enhanced.
But what we get paid to do as auditors is to bring forth
concerns, and that's what I will do today.
While we applaud these efforts, the question is today: Has
it been enough? It will take several more years for NRC to make
an independent determination that each plant has taken
responsibile, reasonable, and appropriate steps to provide
protection.
The first step that NRC chose was to create new security
plans to implement their new DBT. While the original plan was
envisioned to take 2 years, the commissioners decided to use an
industry-developed template with yes-and-no answers to speed up
the process. And, Mr. Tierney, they did hire contractors to
help review the plans, and they wanted to get it done in 6
months.
Now, we have some concerns about how the NRC is doing this
first step. Not that this first step is wrong, it's just the
process they chose to use.
First, NRC's review has been rushed, and is largely a paper
review, in our opinion. NRC reviewers are generally not
visiting the plants to obtain details. However, we have learned
that they are recently beginning to visit some of the plants
and ask some questions relating to their plans. We understand
they may have visited about approximately 4 or 5 of the 65
facilities and the 100 plants that are under consideration.
The plans themselves, and we have reviewed 12 of those
plans, do not detail defensive positions at the site, how the
defenders would be deployed to respond to that attack, or how
long the deployment would take. In addition, NRC is not
requesting the documents and the studies supporting the plan;
so, in our opinion, as a result, NRC today as they are
reviewing these plans, even though when they are approved they
still will not have a lot of detailed knowledge about the
actual security at the individual facilities prior to the
approval of those plans.
Second, as it clearly has already been pointed out, it will
take up to 3 years for the NRC to test these plans through
force-on-force exercises at each facility. Moreover, NRC is
considering action that could potentially compromise the
integrity of these exercises. And I refer, as members of the
subcommittee have already raised, the consideration of using a
private company, Wackenhut, that is a company that the nuclear
industry has selected, a company that clearly has had problems
in the past at Oak Ridge--and, I might add, that NRC was doing
oversight when these problems did happen--and a company that
provides guards for about half the facilities to be tested. We
understand Wackenhut is currently under contract with about 50
percent of the nuclear facilities.
This relationship with the industry also raises questions
about the force's independence. And that's just a question that
needs to continue to be asked in terms of due diligence by the
NRC in terms of assuring that whatever contractor is used, that
there is independence.
We note that the NRC's DBT is similar to DOE, as you have
stated, Mr. Chairman and Mr. Shays. As you know, in April 2004,
DOE officials told this subcommittee that they would have to
rethink its threat assessment that they were using. DOE, we
understand, completed that review last Tuesday and
substantially increased their DBT.
If the NRC, when they consult with their commissioners,
decides to revisit or revise the DBT, NRC will clearly need
more time. How much time I think is a good question, that's
already been asked of the NRC.
Also, funding the cost of any additional protection that
may be required could also be a fairly significant issue for
the industry. NRC has already clearly publicly stated that the
current DBT that they are being required to defend against is
the largest reasonable threat against which a regulated private
guard force should be expected to defend under existing law.
Also, potential vulnerabilities of additional assaults are on
the horizon and currently are being addressed outside of the
existing DBT. Any change in any of these approaches could place
additional requirements on the plants. And I speak here about
the airborne nature over the nuclear power plants.
In conclusion, can the public be assured that NRC's efforts
will protect the plants against attack? Our answer to you today
is not yet. It will still be some time before NRC can provide
the public with full assurances that what has been done is
enough. Some of these enhancements are still being put in
place, and they remain to be tested.
Ms. Maloney and Congresswoman Watson, you have raised
questions about NRC not agreeing to do some of our
recommendations. Yes, we still disagree. Maybe it's an issue of
substantial versus minor. We've found, others have found,
sleeping guards, guards that have falsified records; access has
been granted to individuals in highly secured areas that had no
business being there. We are not sure that's minor.
While NRC may initially disagree with some of the things
that we raise about trying to improve, it's questions like this
raised by this subcommittee that may help the NRC in terms of
seeing the light and moving forward and making some substantial
improvements.
We have a lot more audit work to do, Mr. Chairman. You have
asked us to do a lot of things, including an assessment of the
DBT and a lot of concern about the vulnerabilities, and is the
current DBT actually going to do anything to help protect the
actual vulnerabilities that exist. So we still owe you a report
a year from now or early next year, if we can finish it, on how
NRC defines the threat faced by the nuclear power plants. We
believe, based on what we have seen today--understanding that
we are still preliminarily still doing our audit, we have not
completed our work, and, in fairness to the NRC, have not given
them an opportunity to comment or react to what we have seen
today--that it's important that NRC act quickly and take a
strong leadership role in establishing a worthy adversary team
for these upcoming exercises.
I can't overemphasize how important these exercises are to
test what's being put in place. These improvements are
expensive, and we want to make sure that they are actually
doing what they are intended to do and can in fact defend the
plants. Perhaps NRC needs to consider establishing priorities
for the facilities to be tested.
Quite frankly, we have seen a common general approach that
they take. They tend to look at plants in general, generically.
But clearly when you come to vulnerabilities and you come to
assessment of threats, you need to look much more closely and
individually at plants and perhaps prioritize where you put
your attention first. They need to carefully analyze test
results if they detect any shortcomings in the facility's
security, and, perhaps most importantly, be willing to require
additional security improvements as warranted or as discovered.
Mr. Chairman, this testimony, or the statement, provides
our preliminary reviews. We'll be happy to respond to any
questions you may have. Thank you.
Mr. Turner. Thank you, Mr. Wells.
[The prepared statement of Mr. Wells follows:]
[GRAPHIC] [TIFF OMITTED] T8358.020
[GRAPHIC] [TIFF OMITTED] T8358.021
[GRAPHIC] [TIFF OMITTED] T8358.022
[GRAPHIC] [TIFF OMITTED] T8358.023
[GRAPHIC] [TIFF OMITTED] T8358.024
[GRAPHIC] [TIFF OMITTED] T8358.025
[GRAPHIC] [TIFF OMITTED] T8358.026
[GRAPHIC] [TIFF OMITTED] T8358.027
[GRAPHIC] [TIFF OMITTED] T8358.028
[GRAPHIC] [TIFF OMITTED] T8358.029
[GRAPHIC] [TIFF OMITTED] T8358.030
[GRAPHIC] [TIFF OMITTED] T8358.031
[GRAPHIC] [TIFF OMITTED] T8358.032
[GRAPHIC] [TIFF OMITTED] T8358.033
[GRAPHIC] [TIFF OMITTED] T8358.034
[GRAPHIC] [TIFF OMITTED] T8358.035
[GRAPHIC] [TIFF OMITTED] T8358.036
[GRAPHIC] [TIFF OMITTED] T8358.037
[GRAPHIC] [TIFF OMITTED] T8358.038
Mr. Turner. One of the statements in your written
testimony, it says NRC has already stated that the current
design basis threat is the largest reasonable threat against
which a regulated private guard force should be expected to
defend under existing law.
Now, we have been looking at, in addition to power plants,
nuclear weapons facilities, and it has seemed to me that
perhaps we are going about this backward. The design basis
threats are being defined as a result of the resources that are
available rather than the actual threat that exists. The
statement that you have here in your testimony seems to
indicate that the design basis threat is not a full evaluation
of what the actual attack method or threat could be to a
nuclear power plant, but is instead a review of what resources
they have and what maximum capability that they would have to
respond. Could you speak about that for a moment?
Mr. Wells. Yes, sir. NRC in their own words have
characterized their responsibility as a regulator which
presents challenges, and they have used the word ``balance.''
They have a lot of concern for balance in terms of what should
be required, what can be regulated. And they also have a
responsibility to maintain a viable industry to deliver
electricity to this country. Clearly, that involves choices and
decisions.
Our observation, having conducted several audits and
continuing with our work, is that the NRC, as a regulator, has
placed a lot of faith in what the licensees tell them. They
also have to provide some trust level to the licensee. We have
seen examples in doing our Davis-Besse work where that may not
have been as valid as they should have been.
So I think the question being asked today and the question
that continually needs to be asked: What do you expect of the
regulator?
Mr. Turner. The paragraph that I'm referring to goes on to
say that, also, certain potential vulnerabilities such as
airborne assaults are currently being addressed outside of the
DBT.
Now, what it has seemed to me in reviewing the materials,
that there is certainly--the responsibility for it is assigned
outside of the design basis threat, but I'm not confident that
it's currently being really addressed. Do you see any efforts
that, outside the design basis threat, that there is
coordination, that there is sufficient effort to actually
respond to the threats that are beyond the box that they are
currently dealing with with the design basis threat of the
private guard force?
Mr. Wells. Congressman Turner, NRC has given us access to
the design basis threat. We are well aware of what the design
basis threat, what is contained in the design basis threat. We
are dealing with safeguarded security information that prevents
me from actually discussing in terms of what is actually in the
plan or not in the plan. We have asked them what they are doing
in terms of considering airspace over the nuclear power plants.
They have responded to us that they have contracted for, paid
for, and have the results of a fairly significant study that
they have done. They indicate it's classified. I cannot get
into that today.
Mr. Turner. I'm not asking about any information for you to
disclose. I'm asking about the issue of coordination. It seems
to me that the initial statement that we have in your written
testimony is the design basis threat is a box that is based
upon a private guard force and that they are not necessarily
going beyond that.
Then the next statement in the testimony is that with
respect to airborne assaults and certainly, I would think,
other issues that go outside of that box and what the private
guard force would be able to do, which would require
coordination with the DOD, we have also discussed NORTHCOM and
NORAD. Do you see any evidence that coordination is effectively
occurring, or is it just, as you relate, to other reviews, just
a paper coordination going on?
Mr. Wells. Let me respond that, as I said earlier, we are
still conducting our work, we are still asking questions. I
don't have a conclusion or a reaction for you. Factually, we
are aware--as NRC stated this morning, they are talking to the
FAA. We are aware that the nuclear industry themselves is on
public record saying that is a defense that they don't believe
is their responsibility, that is a national responsibility.
So we will continue looking at and assessing the
requirements that are in the DBT or not in the DBT. That is
something we haven't done yet.
Mr. Turner. One real quick followup question. In the
testimony that we heard before, it was dismissed as to whether
or not aircraft attacking these facilities are of any danger.
That doesn't seem reasonable to me. What is your opinion of
that?
Mr. Wells. We had several words in our statement that was
sent to the NRC for classification purposes, and those
sentences and words were removed from the statement because of
the security concern. They do have information on the study
that they have conducted.
Mr. Turner. It is an area that you are concerned with then
also?
Mr. Wells. Absolutely. We will continue our assessment of
the vulnerability versus the design basis threat that's being
put up against it.
Mr. Turner. Thank you, Mr. Wells.
Mr. Kucinich.
Mr. Shays. Would the gentleman yield for a second?
Mr. Kucinich. Sure.
Mr. Shays. This is the statement you were going to give
today?
Mr. Wells. That's correct.
Mr. Shays. Were there a lot of things taken out of your
statement?
Mr. Wells. No, there was not. There was a few word
adjustments. We sent the entire statement, from my opening
statement to the end of my statement, for classification review
because we have a public obligation----
Mr. Shays. I think that makes sense. That's not the issue.
I just was curious if there was just one area.
Mr. Wells. The area involved the airborne attack issue.
Mr. Shays. OK. Thank you.
Mr. Turner. Mr. Kucinich.
Mr. Kucinich. Thank you.
Mr. Wells, as Secretary of Energy, Secretary Abraham
recently announced the formation of an elite specialized
military-type team that would be used to test security at DOE
facilities. Do you believe the NRC should follow suit and turn
this function from what you have described as sleeping
intoxicated guards into a government function?
Mr. Wells. Unfortunately, I haven't done the audit work to
support a conclusion to give you a straight answer. I know
that's something that this chairman has asked us to continue to
do and report on the end of this year, and we are continuing.
Mr. Kucinich. Well, you have done the audit work on one
part of the equation.
Mr. Wells. Yes, we have, but not on the design basis
threat. But clearly we are aware that there are different types
of facilities. There is nuclear material. We are aware that the
DOE has different classifications of types of material and
different guard force versus private guard force. There are
different issues between the agencies that could account for
some differences between what's required. We just don't know
how valid that fact is until we actually have a chance to look
at it.
Mr. Kucinich. I want to go over some territory here. You
stated in your testimony that the October 2004 deadline for
implementing the DBT is on schedule, but that this is based
only on a paper review, and that the NRC cannot determine if
the plans would actually protect the facility against the
threat presented in the DBT.
Mr. Wells. That's correct, sir.
Mr. Kucinich. Is that correct?
Mr. Wells. That's correct. We know that they are 85 percent
complete with approving those or looking at those plants. But
even when they are 100 percent approved, we still take our
position that they only got what they got.
Mr. Kucinich. Well, so then should the NRC be more involved
in the oversight over the DBT implementation process?
Mr. Wells. Absolutely. They have acknowledged to us that
this is a first step, and they have step two and step three and
step four. We just know it's going to take additional time
before they can reach that assurance to the public that
everything that has been put in place will work.
Mr. Kucinich. And what kind of improvements has GAO
recommended to be implemented in the NRC inspection program,
and, why if they have, has the NRC resisted in making those
changes?
Mr. Lightner. There are two open points from our report
from last September that NRC has not taken action on. I believe
they have been discussed earlier. But the one has to do with
followup on security violations that were noted. Particularly
we're concerned with something called noncited violations which
are followed up by NRC only as part of a sampling process. And
as stated earlier, I believe our difference with them is over
what is significant and what isn't.
NRC cites these as noncited violations primarily because
they have occurred less than two times in the prior year. I
believe our concern is that even if they occur once, and they
are significant, such as falsifying records related to guards'
checkpoints or a sleeping guard, that they are significant and
should be followed up on in every case to make sure that this
doesn't happen in the future.
Mr. Kucinich. So you then challenge the underlying
assumption which the NRC has about what's significant?
Mr. Wells. That's correct.
Mr. Kucinich. And let's go a little bit deeper into this.
Are you saying that their assumptions contain within them
potential threats to the security of nuclear power plants?
Mr. Wells. Noncited violations, if a guard is sleeping or
unauthorized individuals are allowed access in secured areas,
falls directly in security. I don't know how else to say that.
Mr. Kucinich. So is that a yes?
Mr. Wells. It certainly raises concern. Yes.
Mr. Kucinich. Thank you.
Mr. Turner. Ms. Watson.
Ms. Watson. I'm going to quote from some information in
your report, and you can tell me if it's accurate or not. And
it says, for example, the plans do not detail defensive
positions at this site, how the defenders would deploy to
respond to an attack, or how long the deployment would take. In
addition, NRC is not requesting and the facilities are
generally not submitting for review the documents and studies
supporting the draft security plans.
Can you comment on that?
Mr. Wells. The best way to comment would be to describe a
plan; a plan is approximately 150 pages long for a single
plant; 80 to 85 percent of the information is a template in
which the licensee responds and checks a box yes or no.
An example is the requirement that lighting be sufficient
so that guards can see someone at night? The licensee would
respond, yes, we have lighting.
I know I'm oversimplifying this a little bit, but I'm
giving you the implication of the template nature of the plan
that's developed. Basically, what the licensee is doing is
certifying to or committing to the NRC that, when they get out
there to look, with all the details, they will find that the
licensee is committing that they will have something in place
that will meet all the template requirements that NRC is
imposing.
That's the nature of the plan that we've looked at. It does
not describe where the guard tower is, the location of the
guard tower. It does not describe that. It just says we have
guard towers.
Ms. Watson. Yeah, but they might be in New York City, you
know. I'm not comfortable with where we are now, and I
definitely am not comfortable with my constituents' security.
And within the State we do have nuclear power plants.
Are you, as an agency that goes in and accounts for
resources and so on, satisfied that we are where we need to be
at this time, this point in time?
Mr. Wells. In regard to the Nuclear Regulatory Commission?
Ms. Watson. Yes.
Mr. Wells. We have issued two reports. We are going on our
third report. And in each of those reports we have surfaced
concerns and made recommendations that we suggest could improve
government operations and regulatory issues with the NRC. So we
are doing what we can to raise these issues and to recommend
fixes.
Ms. Watson. But are you satisfied with where the NRC is?
This is September 2004. Are you satisfied, September 2004, that
we are where we should be?
Mr. Wells. NRC needs to be given a lot of credit. They have
done a lot of things as quickly as they possibly can under
their requirements. I have to be careful in answering that
personally, I would always like things to be done faster. And I
agree with the chairman to say that 14 months to design the
DBT, allowing another year to put it in place, seems like an
awful long time. But we are dealing with a regulatory agency
that has public concerns; they are facing lawsuits about
whether they do rulemaking, whether they do orders.
I understand the challenge they have. Personally, I would
hope that the intensity level, as the chairman referred to,
perhaps could be moved forward. I encourage the NRC to ask the
DOE why they were able to do a revision to their DBT so
quickly. And in lessons learned, if there is something DOE did
that the NRC could use, I would suggest that they pay attention
and try that.
Ms. Watson. And let me just say that I heard the word
``resources,'' but I didn't hear the elaboration. Are they
lacking the resources to work in a more speedy fashion?
Mr. Wells. Clearly, the NRC has gotten a mandate and a
mission to be a regulatory agency that is a commission that's
funded by the industry. So there has always been this fine line
between, we have an obligation to require our regulators to
regulate an industry and how to go about doing that. There has
always been resource constraints and issues involved with the
NRC in terms of how much resources they have to effectively get
the job one. And it's a very tough balance that they face.
Ms. Watson. See, that kind of gives us a hint as to what we
as policymakers, hello, who have the oversight, should be
doing. And we, working with industries, nongovernmental, you
know, ought to realize that they are not going to move unless
they have the resources necessary.
So thank you for your statement. And I will yield back the
balance of my time.
Mr. Turner. Mr. Chairman.
Mr. Shays. Thank you.
I think you are being very fair to the NRC. I mean, you
said they responded quickly and decisively to the September 11,
2001 terrorist attacks, and multiple steps to enhance security
at commercial and nuclear plants. It gives, to me, more
credibility when you point out some of what they aren't doing.
I do think there is some value in looking at parallels
between what DOE is doing. What I'm getting a feeling of--and I
would love you to explain this concept of orders versus
rulemaking. The Secretary of Energy can basically say, damn it,
just do it. And, you know, admittedly bureaucracies take a
while, but doesn't the NRC have the capability to say let's do
it? No more 2 years, no more whatever, just get the job done
and do it quickly. Do they not have that capability?
Mr. Wells. Mr. Chairman, I'm not a lawyer, but I believe
that they do have wide discretion in orders that they can
issue, advisories that they can issue. There is a line between
what's voluntary implementation by the industry and what's
required of the industry. However, I do know that they are
facing several lawsuits challenging the right to issue just-do-
it orders.
Mr. Shays. By these companies?
Mr. Wells. By public interest groups.
Mr. Shays. Well, by public interest groups that are unhappy
that they are not moving quickly. Are the companies taking
challenges to the----
Mr. Wells. I'm not sure who the----
Mr. Shays. Well, I mean, with all due respect, I mean, I
might be one of those people going after the NRC as well if
they are not moving quickly. I mean, we are really talking 6
years from September 11th to when the design basis threat is
going to be shown at least in one experience at each plant. So
your basic point to us is that this is pretty much a paper
review today. Do you stand by that?
Mr. Wells. I do. Step one has been a paper review.
Mr. Shays. I mean, there isn't any real-life stuff going on
to make sure it's happening yet.
Mr. Wells. We have been recently made aware that they
visited four or five places to ask some questions about what
was actually in the document.
Mr. Shays. Well, we have 65 places they could visit, and
they have gone to four or five places?
Mr. Wells. That's correct.
Mr. Shays. So, I mean, we are not even talking about the
efforts to break the integrity of the plant and those
exercises; we are just talking the NRC just going there and
checking it out firsthand.
Mr. Wells. That's correct.
Mr. Shays [presiding]. OK. So they are going to rely on the
force-on-force, but they haven't started that yet.
Now, what I think is pretty stunning is your statement on
page 13, where you talk about instances of security guards
sleeping on duty and security officers falsifying logs to show
that it's been checked--had checked vital areas and barriers
when he was actually in a part of the plant, for example--were
treated as non-cited violations. The whole issue of non-cited
violations that was raised by my colleague, who gets to decide
whether they are noncited violations?
Mr. Wells. The NRC.
Mr. Shays. Now, what would be the logic for making them
noncited? Tell me the logic. What would be their argument?
Mr. Lightner. In a NRC letter responding to our last
report, they wrote to us, ``the use of noncited violation
contributes to an environment that fosters licensee's self-
identification and correction of problems, an important
organizational behavior that NRC encourages.''
It's our understanding that this is the philosophy that
they have and that they want the licensee to identify and
correct the problems that----
Mr. Shays. So you think if they make them cited, they won't
do it? They won't share it? I'm missing the logic.
Mr. Lightner. I believe it's a difference in philosophy
between maybe NRC and the GAO.
Mr. Shays. Well, we'll have them explain the philosophy.
Mr. Lightner. Based on these statements and their response
to our report, I believe they believe that it's the
responsibility of the licensee--they would like the licensee to
find as many problems as they can and correct them. And we
wouldn't disagree that's a good thing for them to be the people
onsite to find and correct them.
Mr. Shays. So what I'm reading in that is if they cite
them, they will be less inclined to share them and disclose
them?
Mr. Lightner. No, I don't think so. I think they just want
them to be aware of the problems and correct them. Our view is
that's fine, except we believe a regulator should be aware of
what the problems are and be right on top of the correction and
followup on those to make sure they do the job.
Mr. Shays. So we basically have a grade; it's either cited
or non-cited. It's either a pass/fail? I don't mean pass/fail,
I mean, a cited violation evidently is significant.
Mr. Wells. It is significant, and they would do followup
and they would verify in fact that it's been corrected. If it's
a noncited violation, they would trust and have faith that the
contractor has said I fixed it, and then the NRC would not
necessarily do a followup to verify. They may do some sampling
a year so later to see if it was.
Mr. Shays. Is that because the commercial enterprise was
the one to find the----
Mr. Wells. It could go either way. The NRC could find it or
the licensee could find it, and it could both be noncited. Part
of it has to do with NRC's regulatory philosophy that they are
to provide oversight, not necessarily to be there on a day-in/
day-out basis critiquing the operation of the nuclear power
plant. There is a reliance on the operators to do a good job
and fix things as they find them.
Mr. Shays. Right. Are they prevented if it's a noncited
violation from verifying that it's been fixed?
Mr. Wells. They are not prevented. If it happened to fall
in their sample and they went out and looked and found that it
was not corrected, I assume that there would be consequences to
the licensee for not fixing it, or to the licensee who might
have said, yeah, we did fix it, but they didn't.
Mr. Shays. Well, it seems to me, as you said, this
classification tends to minimize the seriousness of the
problem, which it certainly does. Non-cited violations do not
require a written response from the licensee and do not require
NRC inspectors to verify that the problem has been corrected.
Mr. Wells. That's correct.
Mr. Shays. But it's really two parts. They don't even have
to do a written response.
Mr. Wells. No. That's correct.
Mr. Shays. I find that very surprising. I mean, really
surprising. The NRC used non-cited violations extensively for
serious problems, thereby allowing the licensee to correct the
problem on their own without NRC verification of the
correction.
So your point to us, which I think is serious, is that
these are serious violations there also. And you stand by that?
Mr. Wells. I do.
Mr. Shays. Consequently, NRC may not be fully aware of the
quality of security at a site, and the lack of followup and
verification reduces assurances that needed improvements have
been made.
I just would totally accept that as logical.
Let me just ask you, could someone find out how much time I
have for the vote? Just check the TV.
That tells me that licensees are commercial
enterprises,correct? And I have nothing against commercial
enterprise. I happen to believe in it. That's one reason I am a
Republican.
Mr. Wells. That's correct.
Mr. Shays. But what I don't quite understand--am I to infer
that they, in a sense, compete, that they view themselves as
competitors and not sharing information? I mean, lessons
learned is what I deeply care about. Are they sharing
information with their competitors about screw-ups they have
done in their own plants?
Mr. Wells. That would be an excellent question to ask the
industry folks that are on the third panel. We at GAO haven't
done any specific work to look at sharing of information, but
there is a lot of proprietary information out there. No
question about it.
Mr. Shays. OK. Well, I believe you have done a helpful job.
I sense that you are using your words in a measured way, which
makes me think that we need to pay more attention to them than
we may be. Is there anything you want to put on the record? Is
there anything that we should have asked that we didn't that
you wish we had asked?
Mr. Wells. I think the continuing oversight by the Congress
of the Nuclear Regulatory Agency is something that is
important. They have a very important responsibility that's
greatly increased since September 11, 2001, and I think the
public deserves a lot more openness about where we are and
what's happening. And I understand the security needs, but I
also, you know, am sensitive to even as auditors going into an
agency, a regulatory agency like the NRC, that sometimes I
don't feel like we are getting as much cooperation in terms of
trying to improve government operations as opposed to only
trying to minimize how they answer our questions.
Mr. Shays. Yes.
Mr. Wells. So I would hope that we and the future
Commissioners of the NRC can work something out from an
operating procedure because we are in this together to try to
find out a better way to regulate a commercial nuclear industry
that doesn't share a lot of concern about what may happen in
the future from terrorist attacks. So we are there to help, and
I am looking forward to that improved operation and working
relationship.
Mr. Shays. Well, I think that you have earned that right to
expect that.
Thank you.
Mr. Wells. Thanks, Mr. Chairman.
Mr. Shays. That is a very measured report. I appreciate
that.
I guess I am the chairman now for a second. I would just
say to our first panel, you will be the first that we will call
back as soon as we get back from voting. You really have about
20 minutes, if anybody wants to go downstairs and get something
to eat. I think that it will probably have three more votes. I
don't think we will keep you here that long. So I thank you all
very much.
We stand in recess.
[Recess.]
Mr. Shays. We are back to order.
Both witnesses have been sworn in, and we sincerely
appreciate you all waiting.
We do have some questions we would like to ask you based on
the GAO's report. I would say to you that in my judgment, when
you get into these issues of nuclear security and so on, you
can really make things pretty sensationalized because the
consequences can be quite significant. I view the GAO as
someone who took no cheap shots, just came out with some
concerns. I would like you to address them.
I need to have you explain to me, if you would, Mr. Reyes,
why we are not seeing cited complaints and a written response
to them as discussed in the report by the GAO.
Mr. Reyes. The NRC requirements on violations, whether they
are safety or security, is a graded approach.
Mr. Shays. Are what? I'm sorry.
Mr. Reyes. Graded approach. In other words, for more
significant violations, the licensee is required to provide an
original response if appropriate.
For the noncited violations, which are the violations of
lesser significance, we do not require them to send us a
document. What we do require them is to put in their corrective
action program. They have a program that is required by their
quality assurance program to note any deviation or any
violation of any requirement and to track the corrective action
into full implementation.
Now, for significant violations, we do follow with NRC
inspectors to confirm that all of those actions were taken and
that they are effective. For the minor significant violations--
we call them noncited violations--we do it on a sampling
process.
Now, that doesn't mean that we don't know what's being
done. See, I think there's a misconception that for those
violations that we don't do a complete detailed followup we
don't know what's been done. See, at every power plant in the
country, the NRC has an office and has inspectors that live in
the community and work there every day and interface with all
of the employees at that station. So we do know, in general
terms, what those that we didn't sample, the corrective actions
were and what is being done. But we didn't send any specialist.
We call them----
Mr. Shays. I should have known that, but you are saying you
actually have someone onsite?
Mr. Reyes. We have more--there are two NRC inspectors at
each fuel--nuclear power plant and the field officers NRC----
Mr. Shays. I knew they were there. I didn't know they were
specific onsite.
Mr. Reyes [continuing]. Physically onsite on the facility.
They live on the community. They have unfettered access to any
part of the nuclear power plant.
Mr. Shays. So they don't have any operational
responsibility. They can just walk wherever the hell they want.
Mr. Reyes. Exactly right. At any time of day and night.
Mr. Shays. That sounds like an interesting job.
Mr. Reyes. I used to be one when I earned an honest living,
and I loved it.
Mr. Shays. It doesn't sound like an honest living.
Mr. Reyes. It was. It was protecting public health and
safety. But, at the same time, you have hands on and the real
activity that was going on in a facility.
Mr. Shays. How do you avoid not developing such a personal
relationship that you kind of close your eyes?
Mr. Reyes. Very good question. We have a policy that we
require them--first of all, there be two of. And the maximum
time they can stay at one facility is 7 years, and we force
them to rotate from one facility to another.
Then we have requirements from the supervisors from the
regional offices to visit them at least quarterly to make sure
there is--we call them objectivity reviews to make sure that in
fact they are not being either unfair one way or the other. You
can go either way.
Mr. Shays. OK. It is a strange terminology to call it minor
significant violation, which is what you said. It sounds like
you have three gradations here. But if it's significant, why is
it minor? And if it is minor, why is it significant?
Mr. Reyes. Maybe the terms are confusing. What we do, this
panel that we referred to earlier, which is representative from
all of the field offices and the headquarters program office,
has guidelines in terms of the significance of the violation,
and we--one of the categories, the lowest category, is called
noncited violations, and I believe that's the one that GAO was
referring to.
Mr. Shays. Right.
Mr. Reyes. That we don't specifically follow through by
sending inspectors to check every one of them. We do it in a
sample approach.
Mr. Shays. Is someone who is falsifying papers, is that a
significant violation?
Mr. Reyes. I am going to have to defer----
Mr. Shays. Yes, talk to me a little bit about how you
decide what is a cite, what isn't----
Mr. Zimmerman. Good question.
Mr. Shays [continuing]. And who decides.
Mr. Reyes. We decide.
Mr. Zimmerman. It comes back to the panel that we talked
about.
Mr. Reyes. NRC panel.
Mr. Zimmerman. NRC panel made up of representatives from
each region and from our headquarters in Rockville. And what we
look at, is it an isolated case or does it permeate the
organization?
Mr. Shays. Right.
Mr. Zimmerman. That's one of those factors that can help
determine the significance of the item. How long has this been
going on? Is this the first time it's been done? Or through our
investigations--we have investigators. When we have a concern
that potentially could be problematic in nature, we could use
our investigators to come out and get additional information.
But the length of duration, what could have happened with
the fact that this record of this door was not checked. If the
door is alarmed and this was a belt and suspenders and the
individual didn't check the door, but there is no reason to
suspect the door all of a sudden isn't working properly, does
it work well afterward and before? And you check it afterwards,
and it is still working, and it doesn't have a history of
problems, a reasonable person could likely say that door
probably would have worked, the belt and suspenders weren't
there, but the door was still secure, as was the vital--those
types of dialogs back and forth weighing the significance of
this item is what this panel does.
A comment I didn't make in our earlier session of this is
there was dialog that you had with GAO. Well, maybe this is a
difference of opinion between what is a minor violation----
Mr. Shays. Right.
Mr. Zimmerman [continuing]. And what significance is.
One of the things we are planning on looking at, because we
have a review going on of what we call our significance
determination process, which really is the hierarchy document,
and we are piloting that activity right now. And it's
possible--I don't know what the results will be, but it's
possible that we may change some of our thoughts with regard to
where that break point is between something being minor and
something being more significant. That's an activity that we
started in the July timeframe.
Mr. Shays. Let me yield such time as he may consume--not
yield, let me give him the floor.
Mr. Tierney. Thank you, Mr. Chairman.
I would almost like to ask you a broad question. I would
say that to the end I am still a little concerned with your
force-on-force aspect and the finding that Wackenhut had
knowledge that stand-by personnel had been used in test
performances in the past. It seems that people were sort of
trailing other people just to get the idea of where they might
go and some of the information that would have been held inside
and was not. Tell me why we shouldn't be concerned about that?
Mr. Reyes. Let me give you the three major points; and
then, if you need more details, I know Mr. Zimmerman has a lot
of details.
But I think you need to remember, and I made that point
earlier, DOE operates and regulates itself. In the case of the
nuclear industry, commercial nuclear industry, we are the ones
who do the oversight for those facilities. So when you bring
the adversaries to do the force on force in this case you are
talking about--is employees of this Wackenhut corporation. We,
the NRC, review that in fact those individuals did the right
thing. So we are the ones who are accepting their credentials
and are they ready to do the test. We, the NRC, determine what
the venue is that will be. And we are there in large numbers in
the preparation and conduct of the test, and--as it is the NRC
who decides whether the performance was acceptable or not.
Mr. Tierney. But still, apparently, someone still got the
heads-up of how it was going to be done, what the attack would
look like and be prepared for it.
Mr. Reyes. But that is the Department of Energy example
from the IG findings, and we are aware of those IG findings,
and we have already trained our inspectors to look for those
kinds of issues.
Mr. Zimmerman. I think in the earlier session we talked
about what we do every 3 years, where we will be with the
adversary----
Mr. Tierney. Check that.
Mr. Zimmerman. I will get back to you. Check the miles
front and afterwards and all the things we do, the sensitivity
we have toward it. Then we have the annual exercise that the
licensee does, and I believe that we plan on observing those,
but I want to make that distinction between those two different
types.
The understanding that I have been given is at Y-12 it was
not the DOE standard force on force where this occurred. It
wasn't like our 3-year exercise. It was the off-year activity
being done by the site, so that it had less oversight, less
controls. It doesn't make it right, doesn't make it right. But
I wanted to clarify for you that if in your mind you are
looking at it and saying that equates to the NRC's 3-year force
on force, I am trying to clarify that is not the----
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T8358.039
Mr. Tierney. I understand that. That we don't do those for
every 3 years leads me to believe we ought to be concerned less
about the annual periodic checks, that those don't occur
either.
I am real concerned about these private enterprises
policing themselves even if they aren't monitored by the NRC.
It is like the fox watching the chicken coop here. I have a
real problem with them doing the training and them deciding
what the hours are going to be and them deciding what the force
on force is going to be, even if they have your supervision----
Mr. Zimmerman. They don't decide.
Mr. Tierney [continuing]. Your decisionmaking. There are
examples of that information getting out and not being done
right, and it is troublesome.
Mr. Zimmerman. I understand the perception. They are not
deciding anything. They are not deciding what path they are
going to take. This is scripted by the NRC saying this is the
path that you are going to take. The people doing it are our
contractors.
Mr. Tierney. That's every 3 years.
Mr. Zimmerman. Every 3 years.
Mr. Tierney. The annual ones--which I would imagine are
just as important--that is not the case.
Mr. Zimmerman. And the benefit of having a contract
organization such as Wackenhut organization in place is that if
I am one of the individuals who was selected to be on the
composite adversary force I am going to learn an awful lot. Now
I am going to take it back to my site and enhance the
performance of those annual exercises, and I am going to bring
back best practices associated with where I have been.
Mr. Tierney. I am not sure I buy that, Mr. Zimmerman. But,
you know, I hear what you are saying, and I respect your
opinion on that. But I am not sure I buy it.
Mr. Zimmerman. Let me add one in closure----
Mr. Tierney. Sure.
Mr. Zimmerman [continuing]. That will make you feel a
little bit better. If it turns out the NRC is not satisfied
with the performance of this group, we are going to do it
ourselves. The Commission has told us that.
Mr. Tierney. But that is every 3 years.
Mr. Reyes. He means the whole concept. The Commission is
trying this approach right now. He is talking about the whole
concept of Wackenhut supplying the adversaries. The Commission
hasn't ruled out that we will have this--that this is the only
way to go. We are doing this. The Commission can change their
mind and say, no, we are going to do it differently.
Mr. Zimmerman. The first use of this composite adversary
force is occurring this week. This week is the first time it
will be used in force on force. It will be on strength. If it
doesn't meet our standards, then they will hear about it and
the industry will hear about it. If there is the need for
course corrections, they will be made.
Mr. Tierney. I have serious concerns on that. I would be
interested if you would report to this committee what you find
after that goes on and give us some detail on that.
Mr. Zimmerman. I will do that.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T8358.040
Mr. Tierney. I would greatly appreciate that. That is one
of the overriding concerns that I have, is that we are really
not in charge of every aspect of who is in there providing
security.
I don't want to use up too much of the time here.
Mr. Shays. I would just have a question--the gentleman
yields the question.
Mr. Tierney. Now you have heard other people testifying
here this morning. What do you think are the serious concerns
that they raised and what is your response to those most
serious concerns?
Mr. Reyes. GAO audits are not complete, and they haven't
visited the facilities. We are concerned that you are giving
the impression that all they do is a paper review. We tried to
bring some pictures.
Mr. Tierney. Correct me if I am wrong. You haven't visited
all the facilities either?
Mr. Shays. I have to show you the pictures. The pictures to
me were confusing.
Mr. Reyes. OK. We cannot show you----
Mr. Shays. I don't understand why I should be impressed
with someone who has a gun and a helmet on. Why would I feel
good about this?
Mr. Reyes. The physical barrier?
Mr. Shays. Yes.
Mr. Reyes. See the physical barrier, the pop-up barrier?
Mr. Shays. Yes.
Mr. Reyes. When GAO says that all that is going on is
paper--we are trying to say there are physical changes at these
facilities in the field. Now we couldn't bring pictures of
everything.
Mr. Shays. OK. Tell me this----
Mr. Tierney. I think the concern was that you determined
that those physical things were through a paper review in all
but about four to six instances.
Mr. Shays. And, again, if the gentleman would yield just
for a second. So this is the barrier.
Mr. Zimmerman. A barrier.
Mr. Reyes. Yes. A pop-up barrier.
Mr. Zimmerman. It rolls down and pops up.
Mr. Shays. All right. I am not impressed.
Mr. Reyes. But that is not a paper issue. I mean, there are
physical barriers there.
Mr. Shays. What does this tell me?
Mr. Reyes. You say that--bullet resistance.
Mr. Zimmerman. Up. There you go.
Mr. Reyes. That is a strategic point to show the
adversary--I can't go into details but made out of
bulletproof----
Mr. Shays. It is totally bulletproof.
Mr. Reyes. Yes, sir.
Mr. Shays. That is helpful. I didn't know that.
Now this one.
Mr. Zimmerman. Same thing.
Mr. Reyes. Same thing. That is another strategic point. And
we can't tell you how many officers.
Mr. Shays. What brings down something like this? It would
have to be a grenade launch or a rocket?
Mr. Reyes. You would have to have a sizable weapon.
Mr. Shay. OK.
Mr. Reyes. So our only point was trying to make that there
are physical changes there. We couldn't bring you all the
pictures. We really invite the committee or any of the staff on
the committee to go and visit. Because in this forum we can't
go into the details. But it's more than paper. We were
surprised that they are characterizing it as that.
Mr. Shays. Is the gentleman also going to get into the
issue, I hope?
Mr. Tierney. Just jump in.
Mr. Shays. No, I just wonder if you were going to pursue
your questioning on the quality of the people.
Mr. Tierney. I don't know if you are going to bring that up
or not. I am concerned and interested--I don't know whether I
am the only one concerned about the quality of the people that
are actually in there as security personnel. You know, the
background check. Who is going the background check? How in
depth it is. Who does their training? Who observes the
performance on the job? Who determines whether or not they are
properly proficient in weapons? Who determines that they are
showing up on time, doctoring records, doing all those things?
Mr. Reyes. The background checks are all done by the Feds.
In other words, the FBI processes the fingerprints.
Mr. Tierney. So anytime Wackenhut or anybody else wants to
hire somebody they have to check them through the FBI?
Mr. Reyes. Yes, sir. Yes, sir. The psychological test is
done by a contractor to the facility, but it's a doctor with
his own credentials to go through that.
Now we are the ultimate who reviews that. Our inspection is
called access controls. Contrary to what you heard here from
GAO, we conduct those all the time and they are being conducted
as we speak. So we are there where the rubber meets the road
doing those inspections.
Mr. Zimmerman. Background checks are more rigorous and more
frequent than it is for other individuals that have vital area
access because of the fact that these individuals are armed.
Mr. Reyes. Yes, the armed individuals receive a more
thorough review.
Mr. Tierney. Do you have any of the concerns raised by the
Department of Energy or the GAO?
Mr. Reyes. The recommendations, you mean?
Mr. Tierney. Yes.
Mr. Reyes. We take them seriously. We have endorsed some of
them. We have implemented some of them. Others we are still
considering. We just haven't gotten to them and haven't ruled
them out.
Mr. Tierney. Thank you.
Mr. Shays. Thank you.
I would just like to ask, and do this real quick because I
want to get to the next panel, but I think you have been very
responsive. I don't get a sense there are consequences if bad
things happen. So make me feel good about consequences.
First off, anyone who was inebriate, drunk, they are fired,
right?
Mr. Reyes. Yes, sir.
Mr. Shays. OK. And then there is the question as to how
that would have happened. So you don't want a written
explanation from--why wouldn't there be at least a written
explanation?
Mr. Reyes. There is an aside. We know that the individual
was fired. Typically, it was by the supervisor observation
program. The supervisors of these individuals are trained to
observe behavior. So the way it is found out is typically we
have a report that a supervisor requests it for cause, testing
of an individual.
We know an individual is no longer aware, and we are aware
of the corrective actions we are taking over all of the
facility. We may not send an inspector just to review that in
detail. Our inspectors onsite are aware that this individual is
not coming back, and they are in discussion with the other
security guards, and that's why we have the inspector at the
plant who has access to all 1,000 employees. They know and they
ask, do you know what happened, and make sure that word gets
out that is not tolerated. We do have indirect means to
confirming it. I think there is a misnomer on----
Mr. Shays. Wait. If you have people onsite, it seems to me
you are able to check it the next day. That's why I am
beginning to think, if you have people onsite, they are aware
of the citations, correct?
Mr. Reyes. Yes.
Mr. Shays. Don't they write you a note and say this has
been corrected?
Mr. Reyes. If we go and follow it, they do. But we have a
very prescribed inspection program that includes safety and
security. And we want them to go in the control room and we
want them to check the safety pumps. It is just a matter of
make sure you are putting your resources where the highest
safety and significance matter is.
Mr. Shays. I would think that the people onsite would be
asked to verify any citation, every criticism in the plant. I
would think that's what they need to do. And I would think they
need to write a report on everyone. I mean, it just seems like
a no-brainer. They are there.
Mr. Reyes. They are busy. And they write a report. And the
most significant ones, they are aware of the other ones.
Mr. Shays. How difficult is it to followup on a complaint
and check it out? They could do it in an hour or two, couldn't
they?
Mr. Reyes. Well, it typically takes more than that.
Mr. Shays. Better they do it than no one do it.
Mr. Reyes. But we do it, sir, on a sample basis. We do.
Mr. Shays. I am going to have that explained to me later. I
am impressed you have people onsite. I am not impressed that
they are not following up on cited complaints or noncited
complaints.
Anything else you want to put on the record that you would
like to--yes.
Mr. Zimmerman. I just want to make a comment--I guess maybe
two comments, maybe one on legislation. But the comment I want
to make is that I got the sense from reviewing the hearing from
last year and from sitting here today that a number of the
members of the committee have a concern that we don't worry
enough, that we are complacent, why aren't we laying awake at
night?
And I want to tell you that we are laying awake at night,
that we are very concerned, that this agency is about
continuous improvement and that we are constantly looking and
working very long hours in an effort to get out in front of
those that mean to do us harm.
So there's a very--I am very proud of the staff at the NRC,
and we are very much focused, again, on trying to search for
continuous improvement, and we are not lackadaisical. We are--I
am not saying that we are, but, again----
Mr. Shays. I think you have judged us fairly well in terms
of our concern.
I have a feeling that the way we set up DOE, we have those
who promote and those who are looking to be the inspectors and
to do security. And I feel for some reason we still don't have
that separation with NRC. I don't know why we don't.
Mr. Zimmerman. That's why I am raising it. I am trying to,
in words at least, say it--and then through everything that we
have tried to do in our explanation. Because we are not sure
that our issues have stuck.
Mr. Shays. I think you are going to have a hard time
convincing us in that area. By setting up a separate
organization, there will be some natural tensions that I don't
think exist within the NRC, and so I think you are going to
have some real skepticism on our part about that. And so I
understand that you have divided responsibilities. That's the
challenge.
Mr. Reyes. I just want to thank the committee for inviting
us here. We are looking forward to coming back and keeping you
updated on the action we are taking. We do want to ask your
support on the legislative request that we have in front of
Congress. It is of the most importance, that those laws are
passed so we can protect our nuclear power plants better.
Thank you very much.
Mr. Shays. Hold on 1 second. OK. I want to put it on the
record. I would like you to just ask this question or make this
point and have you react to it.
Mr. Halloran. This is the point that I think you made
before, in terms of the zeal of the regulatory effort. DOE is
an operator of sites, NRC is a regulator, so you are
necessarily one step removed from turning the knobs and----
Mr. Reyes. We are.
Mr. Halloran [continuing]. And putting up the fences. So
that dictates some different operational structures and ways to
get things done, doesn't necessarily demand a lesser intensity
level, but I think it does require a different approach.
Mr. Shays. See, I think he gave a better answer than you
did. He made a better defense of your case, I think. I wanted
to put it on the record. I am making an assumption. I made a
parallel in which I am being challenged, and that is that the
parallel isn't the same--that you are a regular. I guess, I
also view you as promoters of the industry. I do feel that way.
So, at any rate----
Anything else to put on the record?
Mr. Reyes. No. We want to reinforce the legislative request
that we have then. We really need those legislative
enhancements.
Thank you very much.
Mr. Shays. Don't be offended I said he did a better job. He
is a really bright guy.
Mr. Reyes. No, we are not.
Mr. Shays. Thank you for waiting, and I appreciate your
willingness to fit into our needs. Thank you very much.
Mr. Reyes. Thank you.
Mr. Shays. I will call on our last panel--thank you for
being here.
Mr. Alex Matthiessen, director, Hudson Riverkeeper,
Garrison, NY; Mr. David Lochbaum, the Union of Concerned
Scientists, based in Washington, DC; and Mr. Marvin Fertel,
vice president and chief nuclear officer at Nuclear Energy
Institute.
With that, if you would--thank you for standing.
[Witnesses sworn.]
Mr. Shays. I would note for the record our witnesses
responded in the affirmative.
Mr. Fertel, you were a dead giveaway in the audience
because any time the Commission made a comment that you liked
you smiled broadly, and I thought--you would not be a good
poker player, sir.
Mr. Fertel. I am just too straight.
Mr. Shays. OK. Well, that's a good answer.
All right. Mr. Matthiessen, we will start with you; and we
will just go right down the line. Thank you very much.
Mr. Matthiessen. Terrific.
Mr. Shays. Nice to have you all here.
STATEMENTS OF ALEX MATTHIESSEN, DIRECTOR, HUDSON RIVERKEEPER,
GARRISON, NY; DAVID LOCHBAUM, UNION OF CONCERNED SCIENTISTS,
WASHINGTON, DC; AND MARVIN FERTEL, VICE PRESIDENT AND CHIEF
NUCLEAR OFFICER, NUCLEAR ENERGY INSTITUTE, WASHINGTON, DC
Mr. Matthiessen. Thank you for having me, Chairman Shays,
members of the subcommittee. Thank you for the opportunity to
once again testify on safety and security at Indian Point; and
thank you, Congressman Shays, for your leadership to date on
this issue.
I also want to say I was very encouraged by the line of
questioning, questions that we heard from members of the
subcommittee today.
Riverkeeper is not and has never been an anti-nuclear
organization. Our campaign aims only to minimize the risks
associated with the Indian Point nuclear facility and by
necessity aid in the reform of those Federal and State agencies
and policies governing the plant.
Three years after September 11, Indian Point still is
unprepared to repel an attack from the air, land or water or a
combination thereof. While improvements have been made at the
margins, there remain gaping holes in Indian Point security. On
the ground, current guards tell us that in some areas security
at the plant is worse than it was before September 11, 2001.
The spent fuel pools remain largely unprotected.
Mr. Shays. Let me just say something to you. When you make
a comment like that, this is a comment that you are saying
under oath. So this is not casual comments, correct?
Mr. Matthiessen. No.
OK. This is based on conversations that I have had with a
current security guard at the plant, and he is relaying, in
turn, comments that he has gotten from other guards.
Many of the best-trained and most-experienced guards have
been fired or have quit. This is according to the guard's
report that we have heard only a week and a half or 2 weeks
ago--morale is low, and guards say they feel no obligation to
stay on their posts in event of an attack. A chilled
environment exists at the plant, and Entergy management is
apparently still telling security personnel to alter incident
reports.
There are no specific defenses against an aerial attack at
Indian Point--no no-fly zone, no combat patrols, no anti-
aircraft missiles, nothing.
From the water, there is no physical barrier to prevent a
tanker or a speedboat loaded with explosives from plowing into
the cooling water intakes.
With regard to the NRC's force-on-force security drills,
they are a joke--but not a funny one. The NRC drills are
designed to allow nuclear systems to game the system. Everyone
knows that if real conditions were used and no limits put on
well-trained mock attackers, the plans would fail nearly every
time.
Again, I have details reported by POGO and other groups as
well as the guards themselves.
A head-in-the-sand mindset has a fever grip on the NRC and
FEMA, which has refused to accept the new threat level and
revamp organizations accordingly. The NRC and FEMA are captive
to the industry they regulate, and the Department of Homeland
Security has failed to assert itself. As a result, these
agencies have little credibility with the American people,
which in turn undermines public safety.
Allow me to identify just three of many problems plaguing
the NRC:
First, the NRC resists the need to consider terrorism in
administrative proceedings, and yet they routinely invoke
terrorism to justify a new wave of policies designed to thwart
the public's right and need to scrutinize the industry.
Second, the NRC's new design base threat level is set too
low. David Lochbaum will cover this in detail, but allow me to
add that there remains a considerable gap between the level of
defense plant operators are expected to provide and what the
U.S. military is prepared to deploy.
Finally, the NRC continues to enact policies that allow it
and the nuclear industry to operate in increasing secrecy and
with reduced transparency and public participation. I assure
you--and I know you know this--that the less the public is able
to see the more dangerous this industry will become.
Now moving into recommendations. The best way to truly
minimize the public health and safety risks at Indian Point is
to close the plant and secure the onsite spent fuel. However,
so long as Indian Point is still operating, there are numerous
ways to better protect the plant. I will highlight those three
or four measures that I think are the most urgent and readily
achievable.
First, we must secure the plant against aerial or
waterborne attacks, which we can do with relatively inexpensive
passive technologies. Installing a Beamhenge system, a line of
steel beams set vertically in deep concrete foundations
connected by a web of high-strength cables, wires and netting,
would effectively shield the facility's vital components and
structures. Beamhenge is essentially the nuclear grade
equivalent of the fences erected around golf driving ranges.
Dunlop barriers, inflated cylinders of rubber-coated textile
linked together or anchored to a mooring buoy, should be
installed in the Hudson River in front of Indian Point to help
protect the plant's cooling water structures. Already in place
at several Navy bases, Dunlop barriers are used to thwart small
boat terrorist attacks.
Second, we must establish a temporary no-fly zone over
Indian Point, combined with combat air patrols, at least until
the passive defense systems are in place.
Third, Congress must direct the NRC to deal more
aggressively with the highly vulnerable spent fuel stored at
nuclear reactor sites. The best way to do that is to install
hardened onsite storage systems, or HOSS, which is designed to
contain isolated radiation and repel terrorist attacks.
Finally, Congress must direct the NRC and FEMA to revamp
their policies and regulations governing nuclear plant security
and emergency preparedness.
I have a whole laundry list of specifics there, but I will
wait until the Q&A--if I have the opportunity to list those--in
the interest of time.
In general, though, I think it would be good for Congress
to consider appointing a task force made up of governmental and
nongovernmental stakeholders to do a top-to-bottom review of
the NRC and FEMA's oversight of this industry.
In conclusion, little has changed since September 11
regarding the level of security at Indian Point. Federal
agencies remain in a state of denial regarding the security
threat facing nuclear facilities. Congress needs to ask the NRC
and the industry--and I am paraphrasing the gentleman who was
from the NRC who was here just a minute ago--if you are so
concerned and laying awake at night, why aren't you concerned
about deploying the most obvious and inexpensive security
measures at our most vulnerable and high-risk nuclear plants?
Whether they admit it or not, I believe the answer is quite
simple. The industry and the NRC don't want to draw public
attention to the intrinsic danger of nuclear power and the
naked vulnerability of these facilities to terrorist attack,
especially at a time when the industry is hoping to build a
whole new generation of nuclear energy plants.
The Federal Government's current approach to nuclear plant
security and emergency preparedness is leading us down a path
that could--God forbid--result in a far more terrifying attack
than what we experienced that horrible day 3 years ago. We have
received the warning signs regarding the possibility of and our
vulnerability to a terrorist attack on a U.S. nuclear power
plant, much as the government had received warnings about the
September 11 attacks. Let's not give a future 9/11 Commission
the opportunity to say we knew a nuclear attack on a power
plant was possible and we did too little to stop it or to
minimize the impacts.
Thank you very much for giving me the opportunity to share
my views today.
Mr. Shays. Thank you, Mr. Matthiessen.
[The prepared statement of Mr. Matthiessen follows:]
[GRAPHIC] [TIFF OMITTED] T8358.041
[GRAPHIC] [TIFF OMITTED] T8358.042
[GRAPHIC] [TIFF OMITTED] T8358.043
[GRAPHIC] [TIFF OMITTED] T8358.044
[GRAPHIC] [TIFF OMITTED] T8358.045
[GRAPHIC] [TIFF OMITTED] T8358.046
[GRAPHIC] [TIFF OMITTED] T8358.047
[GRAPHIC] [TIFF OMITTED] T8358.048
[GRAPHIC] [TIFF OMITTED] T8358.049
[GRAPHIC] [TIFF OMITTED] T8358.050
[GRAPHIC] [TIFF OMITTED] T8358.051
[GRAPHIC] [TIFF OMITTED] T8358.052
[GRAPHIC] [TIFF OMITTED] T8358.053
[GRAPHIC] [TIFF OMITTED] T8358.054
[GRAPHIC] [TIFF OMITTED] T8358.055
[GRAPHIC] [TIFF OMITTED] T8358.056
[GRAPHIC] [TIFF OMITTED] T8358.057
[GRAPHIC] [TIFF OMITTED] T8358.058
[GRAPHIC] [TIFF OMITTED] T8358.059
Mr. Shays. Mr. Lochbaum.
Mr. Lochbaum. Thank you Mr. Chairman. I appreciate this
opportunity to present our views on nuclear power plant
security.
Today's open hearing demonstrates that nuclear plant
security issues can be responsibly discussed in public, a fact
lost upon the Nuclear Regulatory Commission. The NRC
essentially closed its doors to the public on this important
topic since September 11. That's unacceptable, and we urge the
Congress to compel the NRC to follow its lead by including the
public in policy discussions.
Mr. Shays. That's a very interesting point. It has never
occurred to me that it's being used. The irony is it is being
used as an excuse not to have the dialog when we need the
dialog even more.
Mr. Lochbaum. But it is also forcing groups like ours to go
to other avenues since they have closed our doors, and the
media and other outlets are the way we find our voice since
they have closed our voice. They would probably prefer that
they had those comments in house than seeing them in headlines.
Mr. Shays. Good point.
Mr. Lochbaum. A successful attack on a nuclear power plant
would be one of the worst disasters in American history. That
this threat is real is revealed by two simple facts. First, the
nuclear industry urged this Congress to renew Price-Anderson
Federal liability protection for nuclear power plants. If an
attack could not cause catastrophic harm, owners could get
private insurance coverage.
Second, the nuclear industry claims to have spent more than
$1 billion upgrading security since September 11. No one has
enough money to spend on pseudo threats.
After September 11, the industry issued orders requiring
plants to take steps to make facilities less vulnerable to
attack.
The NRC also revamped its oversight process. The steps we
liked most among them are frequency of NRC-evaluated force-on-
force security test was increased to once every 3 years from
once every 8 years, the number of design basis threat
adversaries was increased, and many of the unrealistic
limitations on their weapons and tactics were lessened or
removed.
Minimum standards have been established for training and
qualifications of security force personnel, and working hour
limits for security force personnel were mandated by the NRC.
Despite these steps taken, nuclear power plants remain
vulnerable to attack by land, sea and by air. The American
public cannot honestly be assured that all reasonable measures
to protect them have been taken until the following 10 steps
are taken:
The two-person rule and/or expanded in-plant use of
security monitoring cameras needs to be done to better control
vital access to areas.
The evaluation process for proposed procedure revisions and
hardware modifications must formally verify whether protection
against sabotage is affected by the planned changes.
The NRC must not allow the same company to provide both the
attackers and the defenders in force-on-force security tests.
The NRC must increase its design basis threat level to a
realistic level comparable to that established by the DOE after
September 11.
The NRC must either require background checks for nuclear
plant workers with access to sensitive plant information or to
prevent these workers from accessing that information.
The NRC must require water barriers around intake
structures at nuclear power plants.
The NRC must require protection against aircraft hazards
similar to the process it used to protect the plants against
fire hazards.
The Federal Government's ability to withstand or respond an
attack designed above the design basis threat level must be
periodically demonstrated.
The NRC must require adequate protection for spent fuel by
requiring owners to transfer fuel discharged from the reactor
more than 5 years ago into dry casks which are emplaced within
earth berms and other protective devices.
And last--or, actually, first--the NRC must reengage the
public in security policy discussions.
I would like to highlight two of those recommendations. The
others are detailed further in my written testimony.
Right now, spent fuel at nuclear power plants is not as
safe or as secure as it should be. Many plants have five to
eight times as much spent fuel as fuel in the reactor. There
are fewer barriers that attackers must penetrate in order to
successfully damage spent fuel. And, correspondingly, there are
fewer barriers protecting the public from the radioactivity
released from damaged fuel.
At most plants, the spent fuel pools are filled to
overflowing. Spent fuel is then loaded into dry casks and
placed out on open air lots out back. In fact, the current
scheme of spent fuel storage could hardly be made less safe or
less secure. By maintaining the spent fuel pools at or near
full capacity, the risk is kept as high as it possibly can get.
Transferring spent fuel into dry casks merely adds the
additional risk of spent fuel out in the backyard.
The responsible thing to do would be to minimize the
inventory in spent pool fuels by transferring fuel discharged
from the reactor more than 5 years ago into dry casks, which
are then placed in earthen walls or other protective devices.
The risk reduction by emptying the spent pool would more than
offset the increased risk from dry cask storage resulting in
overall tangible reduction in the risk profile at each plant
site.
The second recommendation I will highlight involves access
to sensitive information. As this subcommittee has discussed,
the NRC's imposed restrictions as recently as August 4th on the
public's access to information after September 11. But there is
a huge loophole. The access authorization upgrades mandated by
the NRC after September 11 only apply to nuclear plant workers
who get unrestricted access. There are literally thousands of
nuclear plant workers with ready access to sensitive plant
information that do not get unescorted access and therefore are
not subject to background checks. Our enemies can get those
jobs and obtain blueprint calculations, risk assessment hazards
and analysis and upcoming equipment outage schedules useful in
planning an attack.
The NRC has to plug this loophole. It makes little sense to
restrict public access to information while allowing the
equivalent of uncontrolled drive-through service at the plants
themselves.
Before I close, I would like to take a moment to defend the
NRC from the chairman's concerns about the 6-year security
upgrade schedule. That's actually the NRC's express lane. You
should see their pace at resolving safety issues. By
comparison, 6 years is the blink of an eye.
Mr. Chairman, I sincerely thank you for holding this open
hearing and for listening to the public perspectives on this
important issue.
Mr. Shays. Thank you.
[The prepared statement of Mr. Lochbaum follows:]
[GRAPHIC] [TIFF OMITTED] T8358.060
[GRAPHIC] [TIFF OMITTED] T8358.061
[GRAPHIC] [TIFF OMITTED] T8358.062
[GRAPHIC] [TIFF OMITTED] T8358.063
[GRAPHIC] [TIFF OMITTED] T8358.064
[GRAPHIC] [TIFF OMITTED] T8358.065
Mr. Shays. Mr. Fertel.
Mr. Fertel. Thank you, Chairman Shays.
Given the importance of security at our nuclear plants
today, I generally speak with the chief officers that operate
those plants weekly, and I find I am getting to know a lot of
the security managers personally. During the past 3 years, the
industry has carried out unprecedented, unequalled efforts to
review and improve our security; and I think during the
discussion today the term business as usual, the lack of
intensity and not exchanging lessons learned was used. I can
only say that it's anything but business as usual. It's pretty
intense, and we are exchanging lessons learned almost weekly.
So I think there is a lot going on that I wish maybe we could
share more with Dave and his colleagues.
I would like to start by emphasizing the importance of
nuclear power to our Nation. Our Nation's 103 reactors safely
and cleanly produce enough electricity to power one in every
five homes and businesses in the United States. Many regions
are heavily dependent on nuclear energy. For example, in the
chairman's State of Connecticut, electricity from nuclear
provides 50 percent of the power in that State; and these
plants also provide an additional benefit of stabilizing the
electricity grid.
I would like to emphasize three major points today
regarding the security of our nuclear power plants:
First, nuclear power plants were the most secure industrial
facilities in the United States before September 11th and
against terrorist attacks, and they are even more secure today.
Second, power plants can serve as a model of industrial
security in America. Our plants are far more secure than any
other sector of our Nation's infrastructure and have been
recognized as such by several independent organizations and
security experts.
Third, while the industry is fully committed to protecting
its employees, the public and its assets, our companies have
maximized the level of protection they can reasonably provide
to these facilities.
Although we coordinate extensively with government entities
on security matters, continued emphasis on integrated response
planning is necessary; and there are important legal and policy
limitations to further increasing the security requirements
that the operators of the plant have to satisfy.
As you know, nuclear power plants were built to be robust
and secure. A nuclear reactor is secured by several feet of
concrete walls and an internal barrier of steel reinforced
concrete. They were built to contain the effects of a reactor
accident and also to withstand natural accidents such as
hurricanes, earthquakes, fires and floods.
Even before the September 11th attacks, every nuclear plant
was protected by a strategy that included protective
perimeters, physical barriers, sophisticated access
authorization technology and a professional, well-armed
security force. We conduct background checks on all of our
employees and strictly control access to our plants.
After September 11th, the industry--in response to orders
issued by the NRC--enhanced security at our plants
significantly. Each nuclear power plant is scheduled to meet
the requirements of the most recent NRC security orders by the
October 29th deadline.
Over the past 3 years, we have expanded our security force
by 60 percent, from 5,000 to 8,000 security officers at the 64
sites. During that time, the industry has spent about $1
billion to increase the security force and to significantly
enhance physical protection at the plant. About two-thirds of
that or more is physical protection. So there are things
happening at the plants.
My written testimony provides details regarding these
improvements. However, some of them are considered safeguard
information and thus not available to the public.
As part of the new security requirements, each plant will
conduct multiple--and I repeat--multiple force-on-force
exercises every year. The NRC formally evaluates each plant's
force-on-force exercise at least once every 3 years, as you
have heard before.
In these exercises, the NRC evaluates the execution of the
security strategy, the performance of the plant security force
and strategy, the performance of the plant security force and
the performance of the independently trained adversary force
used in the mock attacks.
I am looking forward to questions on why we hired
Wackenhut, which I am sure we will get. We can talk about that.
We think it is the right thing to do. We think it will enhance
security at the plants.
Given the September 11th attacks, we also significantly
increased our cooperation and coordination with State and local
law enforcement. We have worked closely with the NRC, the
Department of Homeland Security and other Federal, State and
local authorities, with the goal of building a seamless
security for our plants.
However, additional emphasis on integrated response
planning is needed; and there are important legal implications
to us doing certain things that we don't have the authority to
do, that we need help from the governmental entities to do.
Mr. Matthiessen's testimony provides results from a new
report by Riverkeeper on the consequences of possible terrific
attack on the Indian Point nuclear power plant in New York. I
just want to take a minute to discuss that report.
The industry always welcomes meaningful technical analysis
of our nuclear facilities. However, this Riverkeeper report is
more of the Hollywood equivalent of merging plots of ``The
Perfect Storm,'' ``The Day After Tomorrow'' and ``Independence
Day'' and trying to sell it to the public as a realistic
scenario. Simply, the likelihood of the accident sequence in
this report leading to a release of radiation is so incredibly
low that it is not credible.
With your permission, Mr. Chairman, I would like to include
in the record an analysis of the Riverkeeper report recently
prepared by leading technical experts. Thank you.
Mr. Kucinich [presiding]. Thank you very much.
[The prepared statement of Mr. Fertel follows:]
[GRAPHIC] [TIFF OMITTED] T8358.066
[GRAPHIC] [TIFF OMITTED] T8358.067
[GRAPHIC] [TIFF OMITTED] T8358.068
[GRAPHIC] [TIFF OMITTED] T8358.069
[GRAPHIC] [TIFF OMITTED] T8358.070
[GRAPHIC] [TIFF OMITTED] T8358.071
[GRAPHIC] [TIFF OMITTED] T8358.072
[GRAPHIC] [TIFF OMITTED] T8358.073
[GRAPHIC] [TIFF OMITTED] T8358.074
[GRAPHIC] [TIFF OMITTED] T8358.075
[GRAPHIC] [TIFF OMITTED] T8358.076
[GRAPHIC] [TIFF OMITTED] T8358.077
[GRAPHIC] [TIFF OMITTED] T8358.078
[GRAPHIC] [TIFF OMITTED] T8358.079
[GRAPHIC] [TIFF OMITTED] T8358.080
[GRAPHIC] [TIFF OMITTED] T8358.081
[GRAPHIC] [TIFF OMITTED] T8358.082
[GRAPHIC] [TIFF OMITTED] T8358.083
[GRAPHIC] [TIFF OMITTED] T8358.084
[GRAPHIC] [TIFF OMITTED] T8358.085
[GRAPHIC] [TIFF OMITTED] T8358.086
[GRAPHIC] [TIFF OMITTED] T8358.087
[GRAPHIC] [TIFF OMITTED] T8358.088
[GRAPHIC] [TIFF OMITTED] T8358.089
[GRAPHIC] [TIFF OMITTED] T8358.090
[GRAPHIC] [TIFF OMITTED] T8358.091
[GRAPHIC] [TIFF OMITTED] T8358.092
[GRAPHIC] [TIFF OMITTED] T8358.093
[GRAPHIC] [TIFF OMITTED] T8358.094
[GRAPHIC] [TIFF OMITTED] T8358.095
[GRAPHIC] [TIFF OMITTED] T8358.096
[GRAPHIC] [TIFF OMITTED] T8358.097
[GRAPHIC] [TIFF OMITTED] T8358.098
[GRAPHIC] [TIFF OMITTED] T8358.099
[GRAPHIC] [TIFF OMITTED] T8358.100
[GRAPHIC] [TIFF OMITTED] T8358.101
[GRAPHIC] [TIFF OMITTED] T8358.102
[GRAPHIC] [TIFF OMITTED] T8358.103
[GRAPHIC] [TIFF OMITTED] T8358.104
[GRAPHIC] [TIFF OMITTED] T8358.105
[GRAPHIC] [TIFF OMITTED] T8358.106
[GRAPHIC] [TIFF OMITTED] T8358.107
[GRAPHIC] [TIFF OMITTED] T8358.108
[GRAPHIC] [TIFF OMITTED] T8358.109
[GRAPHIC] [TIFF OMITTED] T8358.110
[GRAPHIC] [TIFF OMITTED] T8358.111
[GRAPHIC] [TIFF OMITTED] T8358.112
[GRAPHIC] [TIFF OMITTED] T8358.113
[GRAPHIC] [TIFF OMITTED] T8358.114
[GRAPHIC] [TIFF OMITTED] T8358.115
[GRAPHIC] [TIFF OMITTED] T8358.116
[GRAPHIC] [TIFF OMITTED] T8358.117
[GRAPHIC] [TIFF OMITTED] T8358.118
[GRAPHIC] [TIFF OMITTED] T8358.119
[GRAPHIC] [TIFF OMITTED] T8358.120
[GRAPHIC] [TIFF OMITTED] T8358.121
[GRAPHIC] [TIFF OMITTED] T8358.122
[GRAPHIC] [TIFF OMITTED] T8358.123
[GRAPHIC] [TIFF OMITTED] T8358.124
[GRAPHIC] [TIFF OMITTED] T8358.125
[GRAPHIC] [TIFF OMITTED] T8358.126
[GRAPHIC] [TIFF OMITTED] T8358.127
[GRAPHIC] [TIFF OMITTED] T8358.128
[GRAPHIC] [TIFF OMITTED] T8358.129
[GRAPHIC] [TIFF OMITTED] T8358.130
[GRAPHIC] [TIFF OMITTED] T8358.131
[GRAPHIC] [TIFF OMITTED] T8358.132
[GRAPHIC] [TIFF OMITTED] T8358.133
[GRAPHIC] [TIFF OMITTED] T8358.134
[GRAPHIC] [TIFF OMITTED] T8358.135
[GRAPHIC] [TIFF OMITTED] T8358.136
[GRAPHIC] [TIFF OMITTED] T8358.137
[GRAPHIC] [TIFF OMITTED] T8358.138
Mr. Kucinich. I would like to begin with some questions of
Mr. Lochbaum. The industry claims to have spent $1 billion
since September 11 upgrading nuclear plant security. What does
that claim tell you?
Mr. Lochbaum. Well, I think it speaks to how unprepared we
were on September 11th, because that's money that wasn't spent
until afterward. And I also think it reminds me of the billion
dollars that was spent fixing safety problems at Millstone or
the hundreds of millions of dollars that were spent fixing
problems at the Davis-Besse plant.
Mr. Kucinich. I think they spent about $600 million there
and about $1 billion at Indian Point to restore plants to a
safe level. So how many billions will it take to increase
security, in your estimation, to adequate levels?
Mr. Lochbaum. I don't think it's a question of money. I
don't think there's that much money left to be spent. I think
it's more of an attitude question that this subcommittee has
explored. I think it's more of a focus and just getting serious
about it, more so than the dollar amount, that is preventing it
so far. I think the fact that they have been able to do as much
as they have behind closed doors is the biggest barrier to
getting it done right.
Mr. Kucinich. And, in your thinking about this, have you
thought about some alternatives to this such as solar, wind?
Has the NRC and, to your understanding, or the industry spent
any money for security at these facilities?
Mr. Lochbaum. Well, if you look at the $1 billion that the
industry has spent on upgrading nuclear power plant security
and compare that to the amount that's been spent upgrading at
wind farms or other renewable technology, if it's been $100, it
would probably high.
Mr. Kucinich. Would these wind farms be less of a target?
Mr. Lochbaum. There's no real hazard there, so there's no
real need to provide $1 billion of security to something that
is not a hazard to the American people.
But the real question is--and it is something beyond me to
answer--but is it really worth spending $1 billion protecting
Americans or is it better to spend the $1 billion more
productively in providing an energy technology that doesn't
provide that risk to ourselves?
Mr. Kucinich. Well, you make a series of recommendations in
your testimony how to improve physical security at nuclear
plants. Do you want to offer to this committee what
recommendations you think should be implemented first?
Mr. Lochbaum. If I had one to pick from, it would be the
spent fuel pool issue, in reducing the threat from spent fuel.
Right now, from both a safety standpoint and a security
standpoint, we are doing that wrong.
Mr. Kucinich. Let me ask you something. Why this issue of
the transfer of the cask?
Mr. Lochbaum. Right.
Mr. Kucinich. Why has this transfer of spent fuel into dry
cask not been done before now?
Mr. Lochbaum. We started doing it in 1986 in this country.
At that time, the casks that we were using could only be used
for storage, not for transport. So there was a reluctance to
transfer things into dry cask that would then have to be
handled twice. Nowadays, the casks that we have can be used for
storage and transport. You are going to have to put it in the
cask eventually. Why not do it now where it improves safety, it
improves the security, and it doesn't affect the cost that
much?
Mr. Kucinich. Thank you, just have another question for Mr.
Fertel.
Mr. Shays [presiding]. You may have as much time as you
want.
Mr. Kucinich. Earlier you heard it brought into the
discussion, the situation at Davis-Besse. Would you
characterize--are you familiar with it?
Mr. Fertel. Yes, I am.
Mr. Kucinich. Would you say the events surrounding Davis-
Besse are an exception or the rule in the nuclear industry?
Mr. Fertel. I would say they were the exception, and it was
an unacceptable exception.
Going back to questions asked by this committee about
lessons learned, following the Davis-Besse event there was a
significant lesson learned in our industry resulting in a major
materials initiative to make sure that we are looking at
materials degradation everywhere in the plant in a much more
systemic and integrated way.
It's been a very painful lesson for FirstEnergy. It's been
a very painful lesson for FirstEnergy, and it's been a very
painful lesson for people like yourself, I am sure. It's
actually turned out, for the rest of our industry, something
that has focused us much better looking at materials issues. We
were spending almost $60 million a year looking at materials
issues, so it wasn't something being ignored.
Mr. Kucinich. So you have learned something from what has
happened.
Mr. Fertel. Yes, sir.
Mr. Kucinich. In the end, you think it will result in more
sensitivity from these other plants and in the long run there
is good that might come from it.
Mr. Fertel. There is good that's come already, sir, as far
as a much better technical look at this, a much stronger and
integrated look at the analyses, the inspections that you need
to do, and clearly a much better awareness at every plant of
the importance and the safety culture aspects related to it.
So, yes, sir.
Mr. Kucinich. Just a final question which you are
anticipating. What about these force-on-force exercises? I
mean, shouldn't they contain an element of surprise?
Mr. Fertel. Well, yes, sir.
Mr. Kucinich. Are you surprised that they did?
Mr. Fertel. Again, I think people have talked about the DOE
exercise a lot. And let's talk about the new requirements NRC
has put in for force-on-force exercises and deal with that and
let me talk about the Wackenhut issue, since everybody else has
mentioned it so far today.
Mr. Kucinich. OK.
Mr. Fertel. We used to do force-on-force exercises at
nuclear power plants every 7 years. NRC now will come in and
they will evaluate them at least once every 3 years, but that's
just part of the story. They have established standards for
what the training needs to be for not only the people that
protect the plant but for the adversaries, the qualifications
for not only the people that protect the plant but the
adversaries.
We are going to be doing multiple force-on-force exercises,
in addition to normal training and gun firing and things like
that--real force-on-force exercises, every plant every year. I
can't tell you how many, which is silly to me, but it is
safeguards, and I don't know why. I think that's a silly thing.
When we in the industry looked at this, we said, the way we
should do this, the same model for training operators. We
should go to a systemic approach to training, which is a very
rigorous way to do it. Make sure we have the discipline in our
system for security activity just like we do for operator
training. That's what we are doing.
We also looked at and we said, the way these force-on-force
exercises are done--and, Mr. Turner, I think said that, at DOE,
the Secretary had formed a special adversary group. Those are
DOE people. They are not outsiders. OK.
When the U.S. Army does their war games, they use the U.S.
Army. OK. They don't bring the Russians in. You know, they
don't bring in other bad guys. They do it professionally.
Mr. Kucinich. From what I understand, if I may, they don't
describe information ahead of time as to----
Mr. Fertel. I will get the information. The information
that is described ahead of time in force-on-force exercises
now.
You do need to know when they are going to do it at the
site. Because, while you are doing an exercise, there's real
guys with real guns protecting the site. So people need to know
that you are going to do an exercise at that site. That's
known.
Outside of that, they don't know. They don't go--I don't
know what happened at the Y-12 facility. It's the first I heard
of it, because I don't follow the DOE stuff where they said
what facility they were going to attack.
But, as Luis Reyes said, this scenario that they do on the
attack and the way NRC is doing this is being developed by NRC.
They decide what the attack is, whether it's to go for spent
fuel. The adversaries know that. They get help from an insider.
The defensive guys don't know this.
Mr. Kucinich. So Wackenhut then, the guy wouldn't cheat at
mock drills at NRC facilities, but we have something on the
record that suggests that at DOE facilities it might be a
little different.
Mr. Fertel. I don't know whether Wackenhut would cheat at
anything. I think human beings cheat. Human beings make
mistakes, and human beings do things they shouldn't.
Mr. Kucinich. Well----
Mr. Fertel. The people that we have running this CAF team,
OK, the people that are doing this Composite Adversary Force,
the three top people that are running that basically are all
Special Forces, OK? They never worked for the industry before.
The project manager has 10 years as a Ranger. One of the team
leaders was a team leader for the Delta Force. The other team
leader is a special ops guy who ran a whole bunch of guys that
did all types of things like snipers and everything else. These
guys want to win, OK? They are out there to do the best job
they can and to win.
On our side--and I think this gets lost in almost every
discussion about nuclear energy. I think it's important. I
certainly feel as passionately about this, Congressman, as you
do about your Davis-Besse experience. I know a lot of people
that work at the plants. I find it insulting personally when
their integrity is challenged all the time, OK?
I think David Lochbaum offers a lot of positive things that
have helped us in a number of areas of safety, and I may agree
with some insecurity issues, some of which are being dealt
with. That's helpful. But the people at the plants who work
there--but who do you think gets killed first if terrorists
attack and win? They do. OK? Who do you think gets hurt if
something happens at a plant and something happens offsite?
Their family, their friends and their neighbors. So the
implication that they don't care I think is actually really
wrong.
Now that doesn't mean you don't make mistakes. It doesn't
mean you can't do things better. I think that's one of the
things we really want to do. We talked about sleeping guards
and so forth and what happens with energy. What happened at
sites where that happened is they fired them.
Mr. Kucinich. When you said the implication they don't
care, who are you speaking of?
Mr. Fertel. Well, I mean, that's the way most of the
discussion has gone, to be honest. You know, well, if NRC isn't
doing this, the plants wouldn't; and, gee, the guys at the
plants don't care unless David Lochbaum or Alex Matthiessen are
involved.
I am not saying they shouldn't be involved. All I am saying
is that the people that work at those plants care as much about
safety and security as anybody who sits up here talking with us
or talking to you. I think we need to understand that.
Mr. Kucinich. I don't know that there is anybody on this
committee that would dispute that.
Mr. Fertel. I am glad to hear that.
Mr. Kucinich. Except, you know, for one qualification. And
that is that you know and I know that all of these people who
care so much about doing the right job for themselves, their
co-workers, their family or community, there's a few people
that make the decision. Now, granted, my experience is greatly
informed by something in my own backyard. I understand that.
Mr. Fertel. I understand that.
Mr. Kucinich. When we know that photos in this hole in the
reactor head were kept out of the file deliberately, when we
know this thing wasn't reported, when we know when the NRC had
full information they didn't move forward to act on it, I know
that, too. So I am not using that to impugn the whole industry.
I have given you an opportunity to acquit the industry, and
you did. But, you know, I am saying that when you have one
problem like that, because we are talking about nuclear power
plants, it requires the utmost in terms of accountability, and
that's what this committee is about.
I want to thank the gentleman and thank the Chair for his
indulgence. Thank you.
Mr. Shays. I am going to, at this time, turn to the
professional staff to ask some questions.
Mr. Chase. Thanks.
Mr. Fertel, a quick question. NRC says that it's going to
take 3 years to implement and to test the new security plans.
You are saying that there will be force-on-force exercises
every year. What goes into developing these force-on-force
exercises, having seen a number of them. The question I have
is, has any thought been given to prioritizing these force-on-
force exercises? There are a number of plants that are in the
more densely populated areas. Indian Point is one example. Has
any thought been given in terms of prioritizing where and when
we should do these exercises?
Mr. Fertel. First of all, NRC is making all those
decisions. The plants have no idea until a set period before
the exercise that the planning can be done. So if I'm at the
end of next year, I don't know now, I'll know within a few
weeks because they've got to do planning.
There has been some of what you've asked for already done.
Because NRC has been doing a pilot and a transitional force-on-
force exercise program for the last 2 years; and over the
latter part of this year, it's been testing the new design
basis threat as part of it. Even though you don't have
everything necessarily in place, you knew what you were going
to do and you were able to test it. And what they have chosen--
for instance, Indian Point. Indian Point has already had both a
force-on-force and an integrated response and an emergency
planning exercise.
So I think the NRC has attempted to do some of that.
My understanding--and, again, I'm giving you kind of an
arm's length because they make the decision--is that there is
probably about 30 sites that haven't gone through the force-on-
force, and those are the ones that haven't gone through the
transitional period in the last year and a half or two. Those
are the ones that they would pick from for the first year
starting November of this year, and I think they will
prioritize their--based upon looking at factors like where the
site is, when was the last time they actually exercised, and
things like that. So, to some degree, it's being done already.
Mr. Chase. But a concern could be that the force-on-force
exercises that were done or have been done to date are under
the old DBT, not under the new DBT.
Mr. Fertel. Some were.
Mr. Chase. So what I'm asking is, under the new DBT, we
know that it's stronger, supposedly stronger. Have they given
any thought to prioritizing?
Mr. Fertel. They haven't shared that with us. And to be
honest, they don't want to share it with us because they don't
want to give the sites much lead time in knowing what's going
on.
Now, again, starting in November, starting actually later
this year, every site will start doing their own force-on-force
exercises as part of what they have to do, and it's more than
one a year per site, absent NRC. And, as I think Roy Zimmerman
said, they will probably have their residents and others
observing lots of those. And my guess is they could do that,
because every site, whether it's an Indian Point site or it's
North Anna, will be doing them as part of their normal routine
annual training that they're going to have to do. But I don't
have an explicit answer to your question because NRC controls
that.
Mr. Chase. Do either of the other witnesses want to
comment? OK.
Mr. Matthiessen, I'm curious. On what basis do you conclude
the NRC-revised DBT is too low?
Mr. Matthiessen. Well, on what basis do I--well, just
because the DOE is requiring greater DBT and also because I
think in a post September 11 world we have to be thinking in
terms of the most sophisticated, multi-directional suicidal
attacks. And from what I know--and I obviously can't repeat it
here--the NRC has only bumped up its DBT marginally, and I
think there really needs to be a much more serious level.
Mr. Shays. Let me just ask you, though. I mean, basically,
why would you be in a position to know what the DBT was?
Mr. Matthiessen. Why would I be in a position to know what
it is?
Mr. Shays. It's not public.
Mr. Matthiessen. Well, I don't know specifically what it
is. I have an indication or a sense of what it is.
Mr. Shays. So it's admittedly third-hand concerns.
Mr. Matthiessen. It is. But I take it on pretty good----
Mr. Shays. You all tend to get your information fairly
accurately, but I was just curious.
Mr. Matthiessen. I would just love to make a comment in
response to Mr. Fertel, if I could. I just want to mention that
he mentioned the force-on-force drill at Indian Point and the
emergency planning exercises that were done earlier this
summer. I would just suggest that if those are any indication
of what the rest of the industry can look forward to, then I
think we are in trouble, and I think that the public should be
very, very concerned.
In the case of the emergency planning exercise that was
done, the NRC, in what looked like a PR move more than a
serious test of emergency planning, did conduct a terrorist
mock attack on the plant. But, unfortunately, the test didn't
involve any release of radiation whatsoever. So as far as I was
concerned, they might as well have been testing the security or
emergency planning around a Wal-Mart. I mean, the whole point
of doing these emergency plans is because nuclear reactors are
a special case, they contain materials that are very, very
dangerous, and what we need to think about is a worst-case
scenario, and a worst-case scenario does involve the release of
radiation.
And, likewise, for the force-on-force test, again, they
tend to get advance notice, way in advance. The operators, from
what we've heard again from security guards inside the plant,
spent a lot of time and money beefing up security to abnormal
levels in anticipation of the actual day. The attacks happen in
day light over prescribed routes. From what we understand, the
mock terrorists were not trained at terrorist levels and not
equipped with the kind of weaponry that terrorists would likely
have.
So, again, I think that the integrity of these exercises is
not what it needs to be if we are serious about truly testing
the ability of these plants to repel a terrorist attack and to
evacuate and protect people in the event of a terrorist attack.
Mr. Shays. If you could just respond to that last point.
Mr. Fertel. Just on the force-on-force at Indian Point, I
was not there, so I can't verify; and I don't think Alex was
there, either. But I do know that one of the reasons I heard
that they do do night exercises as part of force-on-force, it's
pretty routine. I think at Indian Point they made a conscious
decision because of the terrain and the danger that they were
not going to do it as part of this pilot program when they were
doing it, and I understand that was a very conscious decision
to avoid personnel injury at the point. But night exercises are
part of force-on-force.
Coming up November 1st, when these orders are effective,
all the adversaries will have to meet the standards both for
their capability and their fitness that the NRC has set. And
that's pretty good standards. And, again, that's a major
improvement over before September 11, to be honest, and as will
the defenders. So I would expect, Alex, that you will see--I
can only go by what you said on Indian Point, but you will see
improved force-on-force at Indian Point as they start their
exercises.
Mr. Matthiessen. I hope so, but we may not see the results
for another 3 years.
Can I just ask a question of Mr. Fertel?
Mr. Shays. No.
Mr. Matthiessen. Sorry.
Mr. Shays. That's all right. You can ask us a question if
you would like. What's the question you would like us to ask
him?
Mr. Matthiessen. Well, I would just like to ask why--what
is the industry and the NRC's response for not instituting what
we see as pretty straightforward measures that wouldn't even
cost the industry that much that would add an enormous measure
as far as we have been led to believe.
Mr. Shays. Such as?
Mr. Matthiessen. A couple of the passive systems, barriers
that I mentioned in my testimony, the Dunlop barriers and the
Beamhenge, these are ways that you would really--you'd go a
long way toward protecting these facilities and----
Mr. Shays. We will make sure that we have a dialog about
that.
Mr. Matthiessen. OK.
Mr. Chase. Mr. Fertel, how optimistic are you that the
industry--according to GAO and the NRC, they are saying that
the implementation of the security plans are going to take
place by the end of October of this year. How confident are you
that's going to actually happen?
Mr. Fertel. As of 2 weeks ago, everybody was on schedule to
be able to meet the requirements of the orders by October 29th.
There's some issues where people may not have the picture that
the chairman liked of the bullet-resistant enclosure that
protects the officers. There are some plants that may have some
problems in getting deliveries of some of those and will have
to take other actions, and that's mainly because our soldiers
in Iraq and our Defense Department and the DOE are getting
priority. There's only two sources of steel for those,
apparently; and our guys get bumped a bit on that. But,
otherwise, we are going to be ready on October 29th.
Mr. Chase. And, last, Mr. Matthiessen, would you share with
us your thoughts or give us the status on the--if you can
recall. The concerns regarding evacuation plans in New York and
Connecticut.
Mr. Matthiessen. I mean, again, what concerns me so much is
that the FEMA used to have a policy of requiring certification
of the plans by the four counties that surround the plant as
well as the State. But a couple years ago, after the Witt
report came out and showed pretty conclusively that this plan
couldn't work in the event of a terrorist attack on the plant,
especially--or, sorry, a radioactive release, especially in the
case of a fast-breaking release, these counties became very
uncomfortable and became convinced that it really wasn't
possible to evacuate or even shelter people in place of a level
that would be satisfactory, and so they withdrew that
certification, as did the State emergency management office.
And the FEMA came out, as you probably know, last August
and just rubber-stamped the emergency plan without any
evidence--not providing any evidence--this shouldn't be
safeguards information, most of it anyway--without any evidence
or analysis upon which they base that conclusion. And, of
course, the NRC came out and rubber-stamped it a half an hour
later, on a Friday in late July. And this is kind of typical of
these agencies.
And, again, I think you don't have to be a James Lee Witt
that, given the road congestion, given the population
densities, there is just no way that you could realistically
evacuate that area or shelter people in place.
Second, I do want to make a comment on the----
Mr. Shays. I'm sorry, I need to interrupt you.
Mr. Matthiessen. I'm sorry.
Mr. Shays. I have a need to be sitting at a desk at 2 in
order to not lose my place in another committee hearing. So, if
that's all right, let me just go on and ask.
What I'm wrestling with, Mr. Lochbaum, is--first of all,
Mr. Fertel, what I'm the wrestling with is that I think the
industry needs to do a better job, as much as you point out it
was one of the most secure industries before September 11,
because I think that we are going to have to have a very
significant debate about the future of nuclear energy. And I
wrestle as an environmentalist with the fact that, if I want to
get at greenhouse gases, is there a role that nuclear energy
has to play.
Right now, Millstone's one, two, and three are about 50
percent of Connecticut's--based on your testimony, and it used
to be more when we had the Yankee plant plus one, two, and
three--you know, we were oversubscribed. But tell me how you
sort out, Mr. Lochbaum. Do you think nuclear energy simply
can't be expanded at all?
Mr. Lochbaum. I guess we view nuclear energy as providing
the bridge to the future, with renewable energy technologies
and improved energy efficiency being that future. But that
future is, quite frankly, not here today. So we think that the
safe operation of existing plants, until the--as they reach in
their normal lifetimes they get replaced by better technologies
of the 21st century technologies would be our druthers.
Mr. Shays. This spent fuel is a huge concern to me. And,
you know, I see them at the facility on the Hudson River, you
know, saw the pool where they are at and so on. And they were
in the contained area, I believe, is my recall. But we just are
collecting more and more of this. Mr. Fertel, how do you
wrestle with that?
Mr. Fertel. Well, I think Congress clearly has a good role
to play in moving the ball forward on Yucca Mountain, funding
it appropriately, providing the oversight to DOE to make sure
they do it appropriately and dealing with the issues around it
will move that ball forward. I think, in the interim, clearly
you're going to try and do everything you can and are doing
everything to manage it safely from a security standpoint, NRC
has issued advisories to the plants on what they can do to
improve security.
Mr. Shays. Let me ask you this. How is it that we have been
able to increase production when we haven't added a plant in 30
years?
Mr. Fertel. Well, we actually have added a lot of plants in
the last 30 years. We just haven't ordered a plant in that
period.
Mr. Shays. We haven't what?
Mr. Fertel. We haven't ordered a new one, but we've added
about 50 plants since 1980. But the way we have increased it in
the decade----
Mr. Shays. We've had 50 plants since 1980?
Mr. Fertel. Yeah.
Mr. Shays. How many have we had since 1990?
Mr. Fertel. As far as real plants, concrete and steel? Two,
I think.
Mr. Shays. OK.
Mr. Fertel. But we have added the equivalent of 19 since
1990 in improving output from the plants, operating them
better, doing a thing that we call uprates, where you can
either improve the turbine or you can improve something on the
reactor, on the reactor side to get more power out of it. And
we have added two plants. So we've added about 19,000 megawatts
since 1990 in kilowatt hours out.
Mr. Shays. Do you all want to quickly speak to this issue
of citations and whether they have to respond in writing or so
on? I mean, is this of concern? Or are we more concerned than
we should be?
Mr. Lochbaum. As Mr. Reyes said, it's consistent with how
they deal with safety issues. So it's the same approach. I also
go back to what Mr. Zimmerman said. They are piloting the new
significance determination process.
Mr. Shays. And that's a good thing.
Mr. Lochbaum. Well, it depends on how it comes out. It's a
trial run now. But that could--depending on how that outcome
is, could go further to better defining that line between what
gets reported and what gets followed up, what the plant owners
do and what the NRC does. I'm comfortable with that. If there
is a better way of doing it, I'm open to that. But I bought
into the process and I'm comfortable with it the way it is.
Mr. Fertel. I think an aspect that maybe could help your
comfort level--because you clearly weren't comfortable with it,
listening to the discussion, is that I think the impression
when they say they are doing a sample makes it sound like, oh,
my God, they're just choosing a few. When they're doing the
sample, they are doing a sample in security, they are doing a
sample in safety, they are doing samples in other areas. And
what they are looking for, in all honesty, is to see if there
is any sort of a systemic breakdown in the corrective action
program that the plant uses. And if they see a breakdown, well,
then it's a whole other ball game for the NRC to come in and
basically do major inspections. So they want your processes to
work; and, if they work, they are comfortable.
Mr. Shays. OK. I am going to adjourn.
Actually, there is one other question. If staff's waiting
for me--I am going out that door and I'm hustling. I have a
better feeling of knowing the NRC is present every day. Are we
underutilizing those folks? If you don't know, that's another
issue.
Mr. Lochbaum. We were concerned that--several years ago,
the NRC changed its policy, like in 1997, 1998. They used to
have more NRC resident inspectors, more people onsite. As part
of a budget-cutting move, they removed some of the people from
that onsite presence. That contributed to the problem that
Davis-Besse--that Representative Kucinich is concerned about.
Mr. Shays. But it seems to me that they could be doing
followup. I mean, evidently, they have prescribed things they
should do.
Mr. Lochbaum. It's hard when there's so few of them. If
they went back to the levels they had 5, 6 years ago, they
could do more because there were more people there.
Mr. Shays. Well, if you have two and you add one more,
that's three. That's a 50 percent increase. Maybe even that
would be beneficial.
Mr. Lochbaum. It couldn't hurt.
Mr. Shays. I'm sorry. I have a feeling there's some other
things we could say, but it's been a long day, and it's been a
very helpful day, and I appreciate all your contribution. So,
we are going to call this hearing closed. Thank you.
[Whereupon, at 2:07 p.m., the subcommittee was adjourned.]
�