[House Hearing, 109 Congress]
[From the U.S. Government Publishing Office]




 
  NUCLEAR SECURITY: HAS THE NRC STRENGTHENED FACILITY STANDARDS SINCE 
                            SEPTEMBER 11TH?

=======================================================================

                                HEARING

                               before the

                   SUBCOMMITTEE ON NATIONAL SECURITY,
                  EMERGING THREATS, AND INTERNATIONAL
                               RELATIONS

                                 of the

                              COMMITTEE ON
                           GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED NINTH CONGRESS

                             SECOND SESSION

                               __________

                             APRIL 4, 2006

                               __________

                           Serial No. 109-196

                               __________

       Printed for the use of the Committee on Government Reform


  Available via the World Wide Web: http://www.gpoaccess.gov/congress/
                               index.html
                      http://www.house.gov/reform


                                 ______

                    U.S. GOVERNMENT PRINTING OFFICE
30-694                      WASHINGTON : 2006
_____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512ï¿½091800  
Fax: (202) 512ï¿½092250 Mail: Stop SSOP, Washington, DC 20402ï¿½090001

                     COMMITTEE ON GOVERNMENT REFORM

                     TOM DAVIS, Virginia, Chairman
CHRISTOPHER SHAYS, Connecticut       HENRY A. WAXMAN, California
DAN BURTON, Indiana                  TOM LANTOS, California
ILEANA ROS-LEHTINEN, Florida         MAJOR R. OWENS, New York
JOHN M. McHUGH, New York             EDOLPHUS TOWNS, New York
JOHN L. MICA, Florida                PAUL E. KANJORSKI, Pennsylvania
GIL GUTKNECHT, Minnesota             CAROLYN B. MALONEY, New York
MARK E. SOUDER, Indiana              ELIJAH E. CUMMINGS, Maryland
STEVEN C. LaTOURETTE, Ohio           DENNIS J. KUCINICH, Ohio
TODD RUSSELL PLATTS, Pennsylvania    DANNY K. DAVIS, Illinois
CHRIS CANNON, Utah                   WM. LACY CLAY, Missouri
JOHN J. DUNCAN, Jr., Tennessee       DIANE E. WATSON, California
CANDICE S. MILLER, Michigan          STEPHEN F. LYNCH, Massachusetts
MICHAEL R. TURNER, Ohio              CHRIS VAN HOLLEN, Maryland
DARRELL E. ISSA, California          LINDA T. SANCHEZ, California
JON C. PORTER, Nevada                C.A. DUTCH RUPPERSBERGER, Maryland
KENNY MARCHANT, Texas                BRIAN HIGGINS, New York
LYNN A. WESTMORELAND, Georgia        ELEANOR HOLMES NORTON, District of 
PATRICK T. McHENRY, North Carolina       Columbia
CHARLES W. DENT, Pennsylvania                    ------
VIRGINIA FOXX, North Carolina        BERNARD SANDERS, Vermont 
JEAN SCHMIDT, Ohio                       (Independent)
------ ------

                      David Marin, Staff Director
                Lawrence Halloran, Deputy Staff Director
                       Teresa Austin, Chief Clerk
          Phil Barnett, Minority Chief of Staff/Chief Counsel

Subcommittee on National Security, Emerging Threats, and International 
                               Relations

                CHRISTOPHER SHAYS, Connecticut, Chairman
KENNY MARCHANT, Texas                DENNIS J. KUCINICH, Ohio
DAN BURTON, Indiana                  TOM LANTOS, California
ILEANA ROS-LEHTINEN, Florida         BERNARD SANDERS, Vermont
JOHN M. McHUGH, New York             CAROLYN B. MALONEY, New York
STEVEN C. LaTOURETTE, Ohio           CHRIS VAN HOLLEN, Maryland
TODD RUSSELL PLATTS, Pennsylvania    LINDA T. SANCHEZ, California
JOHN J. DUNCAN, Jr., Tennessee       C.A. DUTCH RUPPERSBERGER, Maryland
MICHAEL R. TURNER, Ohio              STEPHEN F. LYNCH, Massachusetts
JON C. PORTER, Nevada                BRIAN HIGGINS, New York
CHARLES W. DENT, Pennsylvania

                               Ex Officio

TOM DAVIS, Virginia                  HENRY A. WAXMAN, California
            Lawrence J. Halloran, Staff Director and Counsel
                  J. Vincent Chase, Chief Investigator
                        Robert A. Briggs, Clerk
             Andrew Su, Minority Professional Staff Member


                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on April 4, 2006....................................     1
Statement of:
    Blumenthal, Richard, attorney general, State of Connecticut; 
      Danielle Brian, executive director, Project on Government 
      Oversight; Marvin Fertel, vice president and chief nuclear 
      officer, Nuclear Energy Institute; and Christopher Crane, 
      president and chief nuclear officer, Exelon Generation Co., 
      LLC........................................................    65
        Blumenthal, Richard......................................    65
        Brian, Danielle..........................................    73
        Crane, Christopher.......................................   105
        Fertel, Marvin...........................................    85
    Wells, Jim, Director, Natural Resources and Environment, U.S. 
      Government Accountability Office; Nils Diaz, chairman, U.S. 
      Nuclear Regulatory Commission, accompanied by Edward 
      McGaffigan, Jr., Commissioner; and Jeffrey S. Merrifield, 
      Commissioner...............................................     5
        Diaz, Nils...............................................    27
        Wells, Jim...............................................     5
Letters, statements, etc., submitted for the record by:
    Blumenthal, Richard, attorney general, State of Connecticut, 
      prepared statement of......................................    68
    Brian, Danielle, executive director, Project on Government 
      Oversight, prepared statement of...........................    76
    Crane, Christopher, president and chief nuclear officer, 
      Exelon Generation Co., LLC, prepared statement of..........   107
    Diaz, Nils, chairman, U.S. Nuclear Regulatory Commission, 
      prepared statement of......................................    30
    Fertel, Marvin, vice president and chief nuclear officer, 
      Nuclear Energy Institute, prepared statement of............    88
    Kucinich, Hon. Dennis J., a Representative in Congress from 
      the State of Ohio, prepared statement of...................    53
    Shays, Hon. Christopher, a Representative in Congress from 
      the State of Connecticut, prepared statement of............     3
    Wells, Jim, Director, Natural Resources and Environment, U.S. 
      Government Accountability Office, prepared statement of....     8


  NUCLEAR SECURITY: HAS THE NRC STRENGTHENED FACILITY STANDARDS SINCE 
                            SEPTEMBER 11TH?

                              ----------                              


                         TUESDAY, APRIL 4, 2006

                  House of Representatives,
       Subcommittee on National Security, Emerging 
              Threats, and International Relations,
                            Committee on Government Reform,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 2:05 p.m., in 
room 2247, Rayburn House Office Building, Hon. Christopher 
Shays (chairman of the subcommittee) presiding.
    Present: Representative Shays, Platts, Duncan, Kucinich, 
and Van Hollen.
    Staff present: Lawrence Halloran, staff director and 
counsel; R. Nicholas Palarino, Ph.D., senior policy advisor; 
Robert A. Briggs, analyst; Marc LaRoche, intern; Andrew Su, 
minority professional staff member; and Jean Gosa, minority 
assistant clerk.
    Mr. Shays. A quorum being present, the Subcommittee on 
National Security, Emerging Threats, and International 
Relations hearing entitled, ``Nuclear Security: Has The NRC 
Strengthened Facility Standards Since September 11th?'' is 
called to order.
    This afternoon, the subcommittee continues our oversight of 
security standards at civilian nuclear power facilities. Twice 
before, we convened to measure the scope and pace of post 
September 11th safeguard improvements in and around reactor 
sites. Both hearings found some progress, revisited enduring 
challenges, and elicited promises of tangible progress.
    Today, we take account of those commitments and ask 
specifically how the Nuclear Regulatory Commission [NRC], and 
the nuclear power industry are maintaining readiness against a 
changing threat. One necessary security tool, secrecy, prevents 
an open discussion of some particular elements of the design 
basis threat [DBT], which sets the threshold of enemies and 
capabilities against which reactor sites should be able to 
defend.
    We will convene a closed session next month to give Members 
access to classified material and nuclear safeguard information 
supporting the DBT. But the most important part of this 
conversation is about public safety, public health, and the 
protection of critical infrastructure. It can and should take 
place in the open.
    At our request, the Government Accountability Office [GAO] 
conducted an in-depth examination of the process used by the 
NRC to update the design basis threat standard, the industry 
response to new security mandates, and the rigor of inspections 
and drills used to test security force readiness.
    The GAO findings, released today, painted a decidedly mixed 
picture of nuclear power security. Substantial improvements 
have been made since September 11, 2001, and since adoption of 
the new design basis threat in 2003. Buffer zones have been 
augmented where possible, barriers have been thickened, 
detection equipment installed or upgraded. Protective forces 
have been enlarged and armed with new weapons and smarter 
strategies.
    But according to GAO, it may be too early to claim success 
since fewer than half of the 65 NRC-regulated sites have been 
tested against a live adversary in what are called force-on-
force exercises. Additionally those tested did not always 
perform as well as expected, even in necessarily artificial, 
fully noticed drills conducted in broad daylight.
    GAO also found that stronger security standards did not 
necessarily mean the NRC had sufficiently fortified itself 
against the dangers of an overly cozy relationship with the 
industry. While still drafting the new design basis threat, the 
Commission solicited outside comments, creating the appearance 
industry was influencing the threat assessment process with 
extraneous cost concerns.
    The regulated should never even appear to be able to 
dictate security standards to the regulator. But this is more 
than a question of appearance. Only the rigor and independence 
of the NRC process guarantee the integrity of the product.
    Nevertheless, the Commission continues to resist the GAO 
recommendation to develop explicit criteria for decisions 
altering design basis threat standards. When the reasons for 
the NRC decision can only be guessed at, the commission should 
not be surprised when their critics see those actions as 
arbitrary or the product of undue outside influence.
    We know the September 11th terrorists had their sights on a 
nuclear reactor. If they had succeeded in causing a radioactive 
release by breaching a containment facility with a truck bomb 
or draining the water from a fuel storage pool, how would this 
discussion be different? That is the conversation we need to 
have today.
    So we welcome all our witnesses. They are experts, and they 
are dedicated to their work. We appreciate that a great deal, 
and we look forward to their testimony.
    [The prepared statement of Hon. Christopher Shays follows:]

    [GRAPHIC] [TIFF OMITTED] T0694.001
    
    [GRAPHIC] [TIFF OMITTED] T0694.002
    
    Mr. Shays. So at this time, let me welcome Mr. Jim Wells, 
Director, Natural Resources and Environment, Government 
Accountability Office; the Honorable Nils Diaz, chairman, U.S. 
Nuclear Regulatory Commission, accompanied by the Honorable 
Edward McGaffigan, Jr., Commissioner; and the Honorable Jeffrey 
S. Merrifield, Commissioner.
    we look forward to the testimony and the response by all 
the folks there in terms of the questions that will be asked.
    If I could, I know it is a tight seat, and I don't want to 
knock over the water again. But I would like you to stand up, 
and I will swear you in.
    [Witnesses sworn.]
    Mr. Shays. We will note for the record that all our 
witnesses have responded in the affirmative. Again, we welcome 
each of you.
    And Mr. Wells, we will start with you.

   STATEMENTS OF JIM WELLS, DIRECTOR, NATURAL RESOURCES AND 
ENVIRONMENT, U.S. GOVERNMENT ACCOUNTABILITY OFFICE; NILS DIAZ, 
 CHAIRMAN, U.S. NUCLEAR REGULATORY COMMISSION, ACCOMPANIED BY 
     EDWARD McGAFFIGAN, JR., COMMISSIONER; AND JEFFREY S. 
                    MERRIFIELD, COMMISSIONER

                     STATEMENT OF JIM WELLS

    Mr. Wells. Thank you, Mr. Chairman.
    We are pleased to be here today to discuss the GAO report 
on NRC's ability to assure the public and the Congress that 
nuclear power plants are capable of defending against a 
terrorist attack.
    As you know, nuclear power plants were thought to be a 
target around the September 11th timeframe, and our sources 
believe power plants continue to be a general creditable threat 
target today.
    Mr. Chairman, the process NRC used to decide on what level 
of security they thought was needed was, in our opinion, a 
well-defined and generally logical process. However, we did 
take issue with how they used some of their staff resources to 
gather information from the industry and the public as it 
related to the timing of making the decisions about what was to 
be in or what was to be out of the final DBT.
    For example, some NRC staff, the same NRC staff that was 
responsible for assessing the available intelligence and making 
recommendations to NRC management was also used to obtain 
industry objections and the public. These objections ranged 
from such requirements being prohibitively expensive or 
excessive in the view that such a threat was coming from an 
enemy of the United States, therefore, a responsibility of the 
Government and not one for a private company.
    The timing of how/when these decisions by the threat 
assessment staff on what DBT levels to recommend could create 
the appearance of a change being based on industry objectives, 
objections rather than an assessment of the terrorist threat. 
We believe that the best approach would be to insulate the same 
threat assessment staff from such interactions, allowing their 
recommendations to be fact-based analysis of the threat instead 
of their involvement with policy-level considerations.
    We also raised some concerns about the clarity and the 
transparency and the discretionary latitude given the 
Commissioners and how they cast their votes as to what weapon 
or what level of force was to be required in the DBT. The 
process that we evaluated in terms of what we saw in developing 
the DBT reveals that the Commissioners largely supported the 
staff's recommendations, but also they made significant 
changes.
    Some things were not added, like defense against two types 
of weapons, bomb sizes, or quantities of equipment and 
explosives that could plausibly be used against a plant. We 
spoke with the Commissioners. We examined the voting records. 
We accepted the Commissioners' statements that their votes 
reflected their policy judgments and their legal authority as 
Commissioners.
    In voting, the individual Commissioners used differing 
criteria, emphasized differing factors, such as the cost or the 
practicality of defensive measures. Our concern and our 
recommendation was not that the decisions may have been wrong, 
but that the criteria that would perhaps help or guide that 
would be available to weigh the various possibilities would 
assist the Commissioners in their deliberations to approve or 
reject the known intelligence or security staff's 
recommendation.
    Such criteria, to us, would assist in providing more 
transparency as well as increasing the rigor and the 
consistency of the process in making those decisions. If the 
goal is to produce a more credible DBT, we think criteria would 
help, especially given that Commissioners come and go.
    Mr. Chairman, GAO reported to you in 2004 that we had 
fairly significant concerns related to how the NRC was testing 
plant security. Two years later, our reaction to NRC's use of 
its force-on-force exercise is positive today. We saw 
improvements in security, like providing early detection of an 
attack, sufficient delay for defensive positions to be 
obtained, and improving capabilities of the professional guard 
forces to respond appropriately vastly improved over what we 
had seen 2 years earlier.
    The initiatives that are being put in place and refined as 
they go we would characterize as commendable, but still 
represent a work in progress. A lot is riding on the quality of 
these tests. This type of testing is extremely important to 
ensure down the road that public confidence that the plants are 
well protected. We saw both good and not so good testing 
scenarios, with results that offer NRC and the industry the 
opportunity to make improvements.
    Mr. Chairman, our bottom-line finding is that the plants' 
response and financial investment in the revised DBT following 
the September 11th attacks has truly been substantial, in the 
billions of dollars. And in some cases, their improvements have 
gone beyond what the NRC has required.
    Likewise, NRC's significant staff efforts, their orders, 
and diligence have clearly raised the security level at the 
plants. Having said that, the ability to defend against an 
attack is essentially limited to how close the attack turns out 
to be to the existing DBT. It remains essential that NRC, the 
industry, DHS, and others remain on guard.
    At our last testimony, Mr. Chairman, you may recall that we 
cited some somewhat challenging working relationships with the 
NRC to obtain information in our earlier requests from you. 
Today, I'd like to say that the NRC's cooperation has been 
excellent, and we appreciate all the senior management 
attention that they have given us, and we appreciate the 
Commissioners' support in getting the story right.
    While we may continue to agree or disagree, we are 
impressed with the staff's desire to do a good job. It's no 
doubt that you are well aware that NRC faces growing challenges 
on many fronts, human capital issues and others, as this Nation 
debates the future of nuclear power. A lot is depending on the 
quality job that NRC has been tasked to do.
    Mr. Chairman, that concludes my short remarks.
    [Note.--The GAO March 2006 report entitled, ``Nuclear Power 
Plants, Efforts Made to Upgrade Security, but the Nuclear 
Regulatory Commission's Design Basis Threat Process Should be 
Improved, GAO-06-388,'' may be found in subcommittee files.]
    [The prepared statement of Mr. Wells follows:]

    [GRAPHIC] [TIFF OMITTED] T0694.003
    
    [GRAPHIC] [TIFF OMITTED] T0694.004
    
    [GRAPHIC] [TIFF OMITTED] T0694.005
    
    [GRAPHIC] [TIFF OMITTED] T0694.006
    
    [GRAPHIC] [TIFF OMITTED] T0694.007
    
    [GRAPHIC] [TIFF OMITTED] T0694.008
    
    [GRAPHIC] [TIFF OMITTED] T0694.009
    
    [GRAPHIC] [TIFF OMITTED] T0694.010
    
    [GRAPHIC] [TIFF OMITTED] T0694.011
    
    [GRAPHIC] [TIFF OMITTED] T0694.012
    
    [GRAPHIC] [TIFF OMITTED] T0694.013
    
    [GRAPHIC] [TIFF OMITTED] T0694.014
    
    [GRAPHIC] [TIFF OMITTED] T0694.015
    
    [GRAPHIC] [TIFF OMITTED] T0694.016
    
    [GRAPHIC] [TIFF OMITTED] T0694.017
    
    [GRAPHIC] [TIFF OMITTED] T0694.018
    
    [GRAPHIC] [TIFF OMITTED] T0694.019
    
    [GRAPHIC] [TIFF OMITTED] T0694.020
    
    [GRAPHIC] [TIFF OMITTED] T0694.021
    
    Mr. Shays. Thank you, Mr. Wells.
    I think that it is important that you point out, given that 
you weren't satisfied with the relationship before, that you 
have made it very clear that you are pleased with that 
relationship. And that is duly noted and appreciated.
    I thank you. I thank the Commissioners for that. That is 
the way it should be.
    Mr. Wells. Thank you.
    Mr. Shays. Mr. Diaz.

                   STATEMENT OF NILS J. DIAZ

    Mr. Diaz. Mr. Chairman, it's a pleasure to be before you 
today with my fellow Commissioners; Commissioner McGaffigan, 
Commissioner Merrifield.
    Commissioner Jaczko and Commissioner Lyons are not here for 
different reasons.
    Mr. Shays. They wouldn't fit at this table. [Laughter.]
    Mr. Diaz. I think they knew that. But they do send their 
regrets.
    We do appreciate the opportunity to discuss the efforts and 
accomplishments of the U.S. Nuclear Regulatory Commission and 
its licensees to improve safety and security at nuclear power 
plants. Testimony today will focus on the Government 
Accountability Office's recent report, and we'll also provide 
an update on the status of nuclear power plant security.
    The Commission appreciates the efforts of GAO in reviewing 
this important topic; the care taken to ensure that the report 
is comprehensive, up to date, and accurate; and the 
consideration given to NRC's comments. We believe GAO's input 
and its criticism are constructive, and we are taking their 
recommendations very seriously.
    Mr. Chairman, safety, security, and emergency preparedness 
at nuclear power plants are synergistically improving. Our 
organization and the licensees' organization have changed to 
respond to the post September 11th world and did change 
rapidly.
    The safety and security framework for reactors and 
materials is in place. It's tested and being improved 
commensurate with the September 11th threat and potential 
consequences. The agency's security and research program were 
major contributors to the security assessments that were done 
and the improvements made.
    These programs focused on defining the vulnerabilities and 
security needs and then were integrated with operational safety 
and licensing priorities, leveraging resources and expertise 
with our Federal partners and national laboratories.
    We continue to manage and prioritize resources, including 
our human resources needs, investing in the present and in the 
near future, while exercising appropriate fiscal restraint.
    In its recent report, GAO recommended that NRC improve its 
process for making changes to the DBT. Additionally, GAO 
recommended that the NRC should separate the responsibility of 
receiving and considering external stakeholder feedback from 
the process of developing the specific threat characteristics 
in the DBT. It is important to consider those recommendations 
in the proper context.
    On February 25, 2002, the NRC supplemented its security 
regulations through orders to power reactor licensees imposing 
interim compensatory measures informed by information received 
from law enforcement and intelligence agencies. The orders were 
based on a review which included land, water-borne, and 
aircraft threats, for estimating damage, enhancing deterrence, 
prevention and mitigation, and reducing potential consequences 
to the public.
    These measures required power reactor licensees to enhance 
security and improve the capabilities to respond to a terrorist 
attack, effective August 31, 2002. These orders constituted a 
de facto supplement to the DBT by adding appropriate security 
enhancements that the NRC deemed necessary in light of the 
heightened threat environment and were arrived at with no 
industry input.
    The interim compensatory measures provided a significant 
foundation for the subsequent orders. These enhancements to 
security included significantly increasing the numbers of 
dedicated security guards with threat response duties, 
increased vehicle standoff distances, addition of water-borne 
threats, and improved coordination with law enforcement and 
intelligence communities, as well as strengthened safety-
related mitigation procedures and strategies and enhanced 
background investigation.
    Furthermore, on April 29, 2003, the NRC, after soliciting 
and receiving comments from appropriate Federal, State, and 
industry stakeholders, issued orders supplementing the DBTs and 
provided additional details regarding specific adversary 
characteristics against which power reactors need to protect.
    While the specifics of these changes are sensitive, the 
supplements to the existing threat resulted in enhancements 
such as increased patrols, augmented security forces and 
capabilities, additional security posts, additional physical 
barriers, vehicle checks at greater standoff distances, 
enhanced coordination with law enforcement and military 
authorities, augmented security and emergency response 
training, equipment, and communications, and more restrictive 
site access control for personnel, including expanded, 
expedited, more thorough background checks and enforceable work 
hour limits and training for security force personnel.
    All these orders required implementation by October 29, 
2004, and have been inspected for compliance.
    The NRC conducts security oversight to ensure compliance 
with its requirements, including baseline inspection programs 
and force-on-force exercises. The NRC conducted force-on-force 
testing at nuclear power plants since well before the events of 
September 11th and has since enhanced the program 
significantly.
    The force-on-force program is a performance-based NRC 
program to physically test and evaluate the site's defensive 
strategies concerning the DBT. The GAO report recognized its 
value to the continual improvement of security at NRC 
facilities. The NRC continues to enhance the programs through 
the integration of lessons learned from previous exercises.
    Since September 11th, we have conducted force-on-force 
exercises, including the pilots and the extended pilots at 53 
of the 64 reactor sites, 26 after the full program was started 
and 27 in the pilot program and the enhanced pilot program.
    Currently, the NRC is also implementing key provisions of 
the Energy Policy Act of 2005 that will help augment the 
oversight of security for nuclear facilities and materials. For 
example, the act authorizes the possession and use of certain 
firearms by security personnel. The Commission is very pleased 
that many long-sought security-related pieces of legislation 
were included in the Energy Policy Act, and we thank the 
Congress for its support.
    In its recent report, GAO recommended that the Commission 
develop explicit criteria for defining what is and is not 
reasonable for a private security force to defend against. The 
Commissioners' decision regarding final approval of a 
supplemental DBT were not arbitrary. The Commissioners' 
deliberations and decisionmakings were comprehensive, thorough, 
risk-informed, and resulted in effective enhancements of 
defensive capabilities of nuclear power plants.
    While additional delineations of relevant considerations 
might be useful in some circumstances, reasoned judgment within 
this and other areas of the Commission's statutory 
decisionmaking authority does not require and, in fact, could 
be unduly restricted by detailed prescriptive criteria. 
Moreover, overly detailed prescriptive criteria could be 
detrimental to good regulatory decisionmaking.
    GAO's second recommendation focused on the process used by 
the Commission to obtain external stakeholder input while 
developing the supplemented DBT in 2003. Again, we believe we 
needed to act promptly, but deliberately. Issuance of orders is 
not and should not be routine, but it was expeditious at the 
time.
    We agree with GAO that separation of the threat assessment 
process and the establishment of the DBT characteristics should 
be maintained. Now that the NRC has returned to our normal DBT 
review process, wherein we sequentially develop a revision to 
the DBT, then seek external stakeholder input, we have fully 
addressed GAO's concern.
    Mr. Chairman, the Nuclear Regulatory Commission acted 
promptly and effectively to integrate increased security at 
nuclear power plants with safety and emergency preparedness. We 
continue to strengthen our partnership with Federal, State, and 
local authorities to provide and integrate the response to 
potential threats of nuclear power plants.
    Our oversight confirms that licensees have implemented the 
requirements and have adequate security, safety, and 
preparedness capability to ensure protection of the American 
people.
    We will be pleased to answer the questions of the 
subcommittee.
    [The prepared statement of Mr. Diaz follows:]

    [GRAPHIC] [TIFF OMITTED] T0694.022
    
    [GRAPHIC] [TIFF OMITTED] T0694.023
    
    [GRAPHIC] [TIFF OMITTED] T0694.024
    
    [GRAPHIC] [TIFF OMITTED] T0694.025
    
    [GRAPHIC] [TIFF OMITTED] T0694.026
    
    [GRAPHIC] [TIFF OMITTED] T0694.027
    
    [GRAPHIC] [TIFF OMITTED] T0694.028
    
    [GRAPHIC] [TIFF OMITTED] T0694.029
    
    [GRAPHIC] [TIFF OMITTED] T0694.030
    
    [GRAPHIC] [TIFF OMITTED] T0694.031
    
    [GRAPHIC] [TIFF OMITTED] T0694.032
    
    [GRAPHIC] [TIFF OMITTED] T0694.033
    
    [GRAPHIC] [TIFF OMITTED] T0694.034
    
    Mr. Shays. Thank you, Mr. Chairman.
    And I would just note, the other Commission members, when 
we ask questions, just jump in as full participants here.
    I would like just first to have an explanation of the 27 
figure, and you give the 26 plus 27. So maybe, Mr. Wells, I 
would like you to respond first just so I have a sense of how 
you can reconcile those numbers. I know the chairman can, but 
how do you reconcile them?
    Mr. Wells. The numbers we used were the reports that were 
available based on baseline inspections and force-on-force 
exercises that had been conducted since the revised DBT was 
implemented in 2003, after October.
    I believe the chairman's numbers including going back all 
the way to September 11th timeframe years before. Quite 
frankly, 2 years ago, when we looked at their old inspection 
program, we found a lot of problems and weren't too impressed 
with the rigor of that inspection. So we didn't include those 
numbers. We only included what they've done since, recently.
    Mr. Shays. Would you concur that is the difference of the 
numbers, Mr. Diaz?
    Mr. Diaz. Not exactly, Mr. Chairman.
    The 26 numbers are what we call the numbers of the force-
on-force exercises that were conducted after the security plans 
were in place.
    Mr. Shays. But not before the design basis threat?
    Mr. Diaz. After the design basis threat was established, we 
started to conduct pilot programs, which are not exactly the 
same as they conducted, but they were force-on-force programs.
    Mr. Shays. Right. No, but you do agree that the 27 are 
basically from the design basis threat?
    Mr. Diaz. No. Yes, from the time that the full program is 
started.
    Mr. Shays. Right. Right.
    Mr. Diaz. Two years before, we had been conducting----
    Mr. Shays. So where you might have the disagreements are 
that what you did before, you would say is valid, Mr. Wells 
would question, and I would probably side more with Mr. Wells 
on that. I mean, the design basis threat was, it upped the ante 
a bit. You had to meet a stronger standard.
    Mr. Diaz. They were very close, sir. They were very close.
    Mr. Shays. I hope they weren't close.
    Mr. Diaz. No, no. Because----
    Mr. Shays. Don't go down that road.
    Mr. Diaz. Because the February 25, 2002, orders served as a 
very good baseline for the DBT. By the time the DBT was 
implemented or was not implemented, by the time we actually 
established the orders in April 2003, we commenced with a 
series of pilots on force-on-force that actually helped us see 
what was the implementation needs, what things needed to be 
done.
    And in many ways, they did serve a very good purpose of 
informing the Commission of the compliance of the licensees so 
that there was no compliance issues. We have----
    Mr. Shays. I am not saying it was better than nothing, but 
it wasn't as good as what happened after you had a design basis 
threat. So I am not saying it was useless. I am just saying 
what the design basis threat, once you did that, you have done 
27. That is the marker we are using.
    Mr. McGaffigan. Mr. Chairman, I think it's more important 
to focus on where we agree, and Mr. Wells agrees that what 
we're doing today in the 27, which is exactly what Congress 
asked us to do in the Energy Policy Act; do 1 every 3 years at 
each of these sites; 22 a year. It's been a little more than a 
year. That's why the 27.
    We are doing that. We're doing it well, and we're 
continuing to try to make improvements as we bring in, you 
know, additional ways to deal with realism. By the way, we 
don't do them all in the daytime. We do them at night.
    Mr. Shays. Yes. We will talk a little more about it. But 
let me just say what I think is the most helpful. What is most 
helpful to this subcommittee is as accurate and precise 
information as we can get and not trying to win an argument 
here.
    One of the values, and I appreciate the Commission 
understanding that it is helpful to have the GAO at the table 
rather than have them come separate and so on; but this isn't a 
debate. We are not trying to win arguments. We are just trying 
to know the truth, know where our strengths are, where our 
weaknesses are.
    We are all under oath in this subcommittee because we 
really value real accuracy. So, I am not trying to get in any 
game here. I just want to know the distinctions.
    So, what I am going to carry from that last question is you 
did 26 before you had a design basis threat. It was helpful. 
Your statement is that design basis, that wasn't all that 
different. I think there was some differences.
    Mr. Diaz. There are some differences, sir.
    Mr. Shays. Yes.
    Mr. Diaz. There are some differences.
    Mr. Shays. There had to have been. And I know when I am 
dealing with the Energy Department as it relates to the 
protection of their facilities, when we walk through about four 
of those sites, we had some very serious--this is a number of 
years ago--about the design basis threat. And frankly, there 
were some assumptions that were almost absurd, absurd in that 
they didn't look at what we think would be a real issue.
    I don't think you are going to be faced with an attack at 
every site. I think you are going to be faced with an attack at 
one or two sites that will be so well thought out and will take 
years to develop. In other words, by developing, having someone 
in-house be part of the problem, or maybe two.
    Just as an example, without talking about what your design 
basis threat is, there is a huge difference between two 
insiders and one. Assumption makes the reality of dealing with 
it much different.
    Let me ask you what role did the industry play in helping 
the Commission establish the design basis threat? And let me 
say before you answer, it had to have some role. So don't tell 
me it didn't have any role. Then we have big problems. Just 
tell me how much a role.
    Mr. Diaz. Well, sir, the staff, first, worked with 
intelligence community and worked with State authorities to 
come up with a threat assessment. Once that threat assessment 
was established, it was determined at the time that it would be 
more expeditious to engage those stakeholders that were 
cleared.
    Of course, one of our principal stakeholder groups consists 
of the licensees, those who are going to have to implement the 
DBT, those who are going to have to actually manage the 
security forces. And at that time, the staff determined that it 
was appropriate to get them involved, to get feedback on what 
the DBT was, and they received that feedback.
    However, I must say that the deliberations of the 
Commission were separate from that. The Commission maintains a 
separation with the staff, and we actually have that process in 
place.
    The staff actually went, prepared it, and then interacted 
with the industry, received feedback from the industry, and 
then the deliberations of the Commissioners--especially these 
three Commissioners, which were actually there and doing the 
deliberation--was totally separate from the industry.
    Mr. Shays. Wouldn't it be more logical to have established 
what you viewed as the design basis threat and then asked the 
industry to respond? And I realize that it would be behind 
closed doors.
    But in other words, rather than their input before, 
wouldn't it have been almost better to have their input after?
    Mr. McGaffigan. Mr. Chairman, just in terms of the process 
we followed, as Chairman Diaz said, in February 2002, we issued 
an order with no industry input, based only on law 
enforcement----
    Mr. Shays. When was that, 2002?
    Mr. McGaffigan. February 2002. Within 6 months after 
September 11th. And Chairman Diaz, as a Commissioner then, 
should take credit because he was the driving force behind 
we've got to get this out. Dick Meserve was our chairman at the 
time.
    We put that out. No industry input. We actually had a few 
glitches as a result of that because some of the words were not 
precise, and we had to issue some clarifying guidance later in 
the year.
    In late 2002, we had tasked the staff to come up with a DBT 
that could go forward. In January 2003, we took that staff 
document, without change, and gave it to the law enforcement, 
intelligence, and security agencies of the Government, to all 
the States that had NRC facilities in them, and to the industry 
for comment.
    So, without industry input, we put out a draft document for 
comment. At that point, we got input. Twelve of the States came 
back and gave us input.
    Mr. Shays. Is this for the final DBT that you----
    Mr. McGaffigan. This is for the final DBT. I'm talking 
January 2nd or 3rd, 2003, heading toward an April decision on 
the final DBT.
    So the process that we went through was to get as broad 
comment as we could from those who had clearances. So, as I 
said, all the States----
    Mr. Shays. I get the picture here. I understand what you 
are saying.
    Now let me ask you, Mr. Wells, have you seen that document 
that was the earlier document that they were asked to comment 
on?
    Mr. Wells. Yes, we have.
    Mr. Shays. OK. Were there significant changes from that 
document, as you recall?
    Mr. Wells. The process, as we saw it in January 2003, the 
threat assessment staff, based on their assessment of 
intelligence, available information, recommended at least in 
the five major areas a level of DBT support, number of 
attackers, vehicle bombs, weapons, and equipment, and 
explosives.
    In January 2003, they were also involved in getting input 
from the----
    Mr. Shays. Who is ``they?''
    Mr. Wells. The threat assessment staff were also involved 
in task, and they dealt with the industry in comments received 
in February 2003, in March 2003, and in April 2003.
    Mr. Shays. Well, you confirmed this----
    Mr. Wells. They recommended to the NRC management that four 
of those categories I just talked about were lowered. Four of 
the five were lowered.
    Mr. Shays. Right. So----
    Mr. Wells. It's a timing issue for us in terms of when the 
information was considered, which is recommended.
    Mr. Shays. Yes, and what would be good is for us, when we 
meet behind closed doors, to walk through those. You know, in 
any case, were they strengthened?
    Mr. Wells. No, sir.
    Mr. Shays. How did the NRC resolve the question of whether 
the DBT represents a true reflection of the terrorist threat 
and not based on basically what was viewed as practical?
    In other words, it may be the design basis threat would be 
so impractical as to put the plan out of operation. But if that 
is the case, it should be put out of operation. I mean, if, in 
fact, the design basis threat is realistic, but not practical, 
that tells us something. Do you get the gist of my question?
    Mr. Wells. Yes, sir.
    Mr. Shays. Let me ask Mr. Merrifield, since you haven't 
participated, if you would respond to that question?
    Mr. Merrifield. Well, I think part of that question goes to 
the heart of the question you asked previously, and that is 
regarding the involvement of the industry.
    Mr. Shays. Right.
    Mr. Merrifield. The fact of the matter is we have a system 
in which we place the responsibility for defending the plants 
on the utilities themselves. So for the Commission to come up 
with a DBT in a vacuum without having an understanding of the 
impact operationally at the plants and what those costs would 
be would not be appropriate for us as a regulator to regulate 
in that way.
    So I think it was important for us to have some sense of 
what the practicality of that may be and the associated cost.
    Mr. Shays. You know, I think that is a very helpful and a 
very honest answer. But if you think about it, you could argue 
both sides of the equation. If, in fact, the design basis 
threat is realistic, but it is so onerous to the operation of 
the plant, it is still realistic.
    Mr. Merrifield. Well----
    Mr. Shays. Let me just finish. So if it is realistic, that 
is the threat. And the threat really isn't an issue of whether 
or not it is practical. I mean, you may conclude that a 
particular plant needs to be shut down because the design basis 
threat is realistic--I am being redundant--but you can't defend 
it.
    Mr. Merrifield. I think there's a variety of elements that 
go into the decision that's made by the Commission. The first 
thing is taking the information that we derive from our own 
staff and from the intelligence community in attempting to 
derive what that threat is.
    One of the things I think that we reflect on as 
Commissioners is the fact much of that information is 
subjective in nature. It involves judgment calls by the 
intelligence community regarding what they believe are the 
capabilities of the adversaries we face, and that salts its way 
throughout the early part of that process.
    Layer on top of that is the interface between ourselves and 
our licensees and the responsibility that we place on them. We 
have, in the context of our regulatory authorities, the notion 
that there is an enemy of the State, some capability beyond 
which is really not the responsibility of our licensees, but in 
a free society is placed on local, State, and Federal 
Governments.
    What we've tried to do as a Commission in a post September 
11th environment is to enhance what we're doing with local, 
State, and Federal Government to make sure that the 
responsibility for defending the plant is seamless. Some 
responsibilities under the context of the DBT, which were 
imposed on our licensees, but coordinating under the auspices 
of DHS with our counterparts in local, State, and Federal 
Government to ensure that where the DBT ends off, there are 
capabilities out there to respond to those elements outside of 
the DBT.
    Mr. Shays. Yes, sir?
    Mr. McGaffigan. Mr. Chairman, let me just deal with the one 
that's the elephant on the table, the aircraft threat. Let's 
just take that threat. That was the September 11th threat.
    Mr. Shays. Right.
    Mr. McGaffigan. Dick Meserve, our former chairman, was 
testifying as early as 2002 that we did not think that threat 
belonged in a DBT because the weaponry with which you could 
defend yourself, either fighter planes armed with air-to-air 
missiles or surface-to-air missiles, is not appropriate for a 
private sector regulated guard force to have.
    We didn't stop there. We then, I think, are unique in 
Government today in the relationship we have with NORAD and 
NORTHCOM, as they have upgraded their capabilities, we have 
imminent threat procedures at these plants. NORAD has high 
confidence they can detect the aircraft that are in duress 
nowadays diverting from a flight path.
    If they can't get an F-16 there, they're on the phone with 
our licensees, and our licensees are prepared to put that plant 
in the safest configuration possible, which, among other 
things. If it's truly imminent, they will scram the reactor so 
the reactor is shutting down. There is no further nuclear 
energy being produced.
    And they'll do various other things. Disperse personnel. 
All that sort of thing. The plants are inherently hard, 
compared to chemical plants or anything else in our society. So 
we think that we have gone for. As Commissioner Merrifield 
said, in dealing with the enemy of the state, we don't stop 
there.
    We work with the appropriate agencies of government. We 
have unique relations. The chairman was just at NORTHCOM and 
NORAD a few weeks ago with the senior staff to tighten that 
relationship. So that's what we do.
    The original enemy of the state notion came when we were 
licensing--obviously, a previous Commission in the late 
1960's--the Turkey Point reactor, which is less than 100 miles 
from Cuba, Chairman Diaz's home country, and with whom I'm sure 
he'd want me to add he strongly disagrees with Mr. Castro. 
[Laughter.]
    Mr. Shays. What he would like you to say is he is a citizen 
of these United States, and proudly so, and grew up in Cuba.
    Mr. McGaffigan. Right. The fact is that to deal with 
licensing Turkey Point, we had to assume the U.S. Air Force 
would intercept MiGs coming from Cuba.
    Mr. Shays. Let me just say I understand, you know, that we 
have kind of slipped into the enemy of the United States issue, 
and that is a question of whether you incorporate in your 
design basis threat the responsibility to include that. And 
that is another issue.
    The issue that we are not going to resolve, but the issue 
that, obviously, we are going to be wrestling with, as you do, 
is how much does practicality trump the design basis threat? 
That is the bottom-line issue.
    Mr. Wells, do you get a sense of what I am asking here?
    Mr. Wells. I understand the sense of your question. It's an 
appropriate question. The GAO didn't make a value judgment 
about that.
    Mr. Diaz. Sir, can I----
    Mr. Shays. And let me just say, before you respond, that we 
have been joined first by Mr. Platts, and appreciate him, from 
Pennsylvania and also our ranking member.
    And I am going to make sure that I just take care of what 
is a technical responsibility of this Chair, and that is ask 
unanimous consent that all members of the subcommittee be 
permitted to place an opening statement in the record, and the 
record remain open for 3 days for that purpose. And without 
objection, so ordered.
    I ask further unanimous consent that all witnesses be 
permitted to include their written statement in the record. 
Without objection, so ordered.
    And to note for the record that we do have a quorum. We are 
legal. OK.
    Yes, sir?
    Mr. Diaz. Let me go back to the question of, you know, how 
do you know that you have the right DBT, which I think is what 
you are asking.
    Mr. Shays. Right. Right.
    Mr. Diaz. You know, I might have to beat our drums or toot 
our horns in here, but I want to assure you that since 
September 11th, these Commissioners and the entire Commission 
was so engaged on the issue of security that each one of us was 
continuously aware of what the intelligence that was coming, 
how it was being treated, how it was being handled.
    Each one of us went and engaged other agencies. The process 
that we went through was very, very thorough and very 
comprehensive. We do take into account not only the 
intelligence threat, but what experts were telling. I 
personally went to the Department of Defense, sat down with the 
experts, looked at the information.
    We made informed decisions. Those decisions that were made 
we made collegially. We interact. We bounce things off each 
other. This was a period of months in which we looked at 
everything that the U.S. Government had available, and I must 
say, sir, that we are very thankful that since September 11th, 
we got much better information. We got it quicker. We have 
tremendous amount of cooperation from other agencies.
    We were able to receive information and make decisions that 
we believe were directed to protecting the public health and 
safety of Americans.
    Mr. Shays. Before going to Mr. Kucinich in just 1 second, 
what I am interesting in knowing is--I mean, the bottom line is 
the staff made a recommendation. Obviously, staff is not always 
right. I am tempted to say more, but----
    Mr. Merrifield. They serve us all, Mr. Chairman.
    Mr. Shays. Yes, they do. But the bottom line is they came 
out with a certain recommendation, and in four instances, I 
think you testified, Mr. Wells, they were softened. Four or 
five?
    Mr. Wells. Four of the five.
    Mr. Shays. Yes. And so, were you told, ``This was our 
recommendation, and now this is our recommendation based on 
input?'' So you saw both. And did you question why they had 
been changed?
    Mr. Diaz. We saw the draft, and we saw the final 
recommendation. We went in closed doors with the staff and 
asked, you know, what is your best recommendations? What are 
the issues----
    Mr. Shays. Did you ask them why they recommended it be 
reduced?
    Mr. Diaz. I don't remember that I asked them why. I 
questioned the changes.
    Mr. Shays. OK. Well, we will ask you why when we are behind 
closed doors.
    Mr. Diaz. OK.
    Mr. Shays. Just for the record.
    Mr. Kucinich.
    Mr. Kucinich. Thank you very much, Mr. Chairman, and 
members of the subcommittee, to our witnesses.
    Mr. Wells, in your summary of what GAO found, ``GAO found 
that the process used to obtain stakeholder feedback created 
the appearance that changes were made based on what the 
industry considered reasonable and feasible to defend against 
rather than on what an assessment of the terrorist threat 
called for.''
    Is this conclusion based on what you would say would be the 
culture of the NRC itself in terms of its over-responsiveness 
to the cues which industry sends out about what it wants?
    Mr. Wells. Mr. Kucinich, we made that conclusion based on 
the process that we observed that was used in 2003 to develop 
that DBT. It was a timing issue in that DBT.
    I would say that the NRC has responded to us that was a 
process that they don't normally use. That it was used to 
expedite the development of that particular DBT and that they 
believe they fixed our recommendation by saying that in the 
future they will not use that sequential process, but will 
revert back to an individual process step.
    Mr. Kucinich. So is it your opinion then that the industry 
is not calling the shots with respect to design basis threat?
    Mr. Wells. We have no evidence of that. What we say in our 
conclusion is because of the circumstances of when the comments 
were received and the staff that was used to receive those 
comments, it certainly could create the appearance that lest 
they could defend otherwise that they were influenced by the 
industry.
    It's an appearance issue, a conflict of interest concern on 
our part.
    Mr. Kucinich. Right. Now, Mr. McGaffigan gave the 
subcommittee reasons why the private sector should not have to 
guard against air attacks on nuclear plants. My question is Mr. 
Wells--are there any security enhancements which could be made 
at sites to better protect against air attacks?
    Mr. Wells. Mr. Kucinich, in an open forum, we are aware of 
studies that have been done in a classified arena. But to 
discuss those details would be beyond the scope of this 
hearing.
    Mr. Kucinich. Mr. Diaz, is the Nuclear Regulatory 
Commission in contact with the industry with respect to 
fortifying reactors against potential air attacks?
    Mr. Diaz. The answer is not only are we in contact, sir. 
But on February 25, 2002, we ordered the industry to take 
measures to mitigate the consequences of large fires and 
explosions, including those that could be caused by aircraft 
attacks.
    The industry was given requirements, timelines. Some of 
those, because they were made very quickly, had to be refined. 
But the answer is, yes, the industry has been ordered and is 
prepared to take those actions necessary to protect the 
American people from the consequences of aircraft attacks.
    Mr. Kucinich. Are you telling the committee that the NRC 
design basis threat includes aircraft attacks?
    Mr. Diaz. No, sir. I am not saying that.
    Mr. Kucinich. OK.
    Mr. Diaz. I am saying that we issued a specific order on 
February 25, 2002, that ordered the industry to be prepared, 
OK, to deal with the consequences.
    Mr. Kucinich. Mr. Chairman, considering that we know that 
the September 11th hijackers had initially targeted nuclear 
plants, why doesn't the NRC design basis threat include 
aircraft attack?
    Mr. Merrifield. Can I try that----
    Mr. Kucinich. Before you answer that, would it be OK if Mr. 
Diaz answered?
    Mr. Diaz. Sure. You know, fundamentally, this is an issue 
the Commission put a significant amount of thought. It was a 
serious issue.
    You know, we have responsibility for both safety and 
security. We believe that we could deal with the potential 
consequences of an aircraft attack in the safety arena, that we 
could actually require and did require our licensees to deal 
with the consequences.
    We do not believe at the time, nor do I believe now, that 
we should make licensees responsible for defending, you know, 
with aircraft and anti-aircraft or any other measures against, 
you know, the anti-aircraft, against the aircraft threat.
    Mr. Kucinich. Well, now did Mr. McGaffigan want to add to 
that?
    Mr. McGaffigan. Just, sir, the design basis threat is a 
legal term in NRC regulatory space. It's the threat against 
which the licensee has to be able to defend, as opposed to the 
enemy of the state concept that Chairman Shays started to get 
into, which is the responsibility of the Federal Government. 
And that concept has been in our regulatory practice for almost 
four decades.
    The weaponry required for a licensee to defend against an 
aircraft attack--surface-to-air missiles and fighter planes 
with air-to-air missiles--that sort of weaponry is entirely 
inappropriate for a private sector regulated force to have.
    Mr. Kucinich. I don't know that anyone here is suggesting 
that the licensees do that. But there was a suggestion earlier 
with respect to fortification of the reactors.
    Mr. McGaffigan. But, sir, we have, as Chairman Diaz just 
outlined, as a result of the February 27, 2002, order--February 
25, 2002, order asked licensees to figure out what they can do 
to cope with an accident should it occur, should such an attack 
occur, with their safety systems, what enhancements can they do 
with their safety systems.
    As I said in response to Chairman Shays earlier, we can put 
the plant, we think with the help of NORAD and NORTHCOM, in the 
safest possible configuration that we can place it with a 
little bit of warning, and we have procedures in place, tested 
procedures in place to do precisely that.
    So we think that the combination of our imminent threat 
procedures, the inherent hardness of the facility, the 
additional thought that licensees have given to this matter 
since February 25, 2002, adds up to a very robust capability to 
protect the public health and safety.
    Mr. Kucinich. Have all the licensees complied with your 
communications?
    Mr. McGaffigan. Yes, sir.
    Mr. Kucinich. If they have all complied, you know, I 
understand that nuclear plant owners applying for license 
extensions are required to submit a severe accident mitigation 
analysis as part of their applications for renewal of their 
licenses.
    Why doesn't the NRC require a design basis threat analysis 
of an aircraft attack in the severe accident mitigation 
analysis?
    Mr. Diaz. The design basis threat rulemaking will take into 
consideration, according to what the comments and what the 
process finally ends up, the potential for an aircraft attack, 
that we believe that the rulemaking is the right process to be 
able to get the right information on the issue, proceed with, 
you know, the deliberations that need to take place.
    So it will be part of the new consideration of the DBT. And 
if, at the time, that is a pathway, then we will take it very 
seriously and consider it.
    It might very well be that we, at the time, the U.S. 
Government will have enough additional protection for aircraft 
that added to the defenses that exist at the plant for the 
safety systems, you know, we might consider that might not be 
adequate. I cannot prejudge what the decision will be.
    Mr. Kucinich. Yes, I want to go back to Mr. Wells. 
According to the GAO, the NRC, under pressure by the nuclear 
industry, overruled staff recommendations in the draft design 
basis threat that required a full range of weapons that could 
be expected to be used in an attack on a nuclear facility.
    My question to you is did the NRC staff recommendations in 
the draft design basis threat also include a large aircraft as 
one of the weapons that could be used in such an attack, and 
did the NRC overrule such a recommendation?
    Mr. Wells. The staff did not include an airborne----
    Mr. Kucinich. I am sorry?
    Mr. Wells. The staff did not include a recommendation for 
airborne protection in the draft DBT.
    Mr. Kucinich. So the staff never mentioned on staff 
recommendations. There is no draft staff recommendation for 
aircraft?
    Mr. Wells. To include airborne, there were not.
    Mr. Kucinich. None? And so, therefore, the NRC didn't 
overrule----
    Mr. Wells. That's correct.
    Mr. Kucinich [continuing]. Because you said such a 
recommendation was never made?
    Mr. Wells. That's correct. For airborne. For other weapons 
and equipment, yes. But not for airborne. It was never included 
originally.
    Mr. Kucinich. OK. One final comment here, and that is that 
the concerns which some of us have is that the industry is 
basically leading this dance, and the industry may not want to 
spend the kind of money that would be necessary to fully 
protect these nuclear reactors.
    And that it is up to the NRC to tell the industry what it 
ought to do. It is not up to the industry to tell the NRC what 
it is willing to do. There is a difference of opinion.
    Thank you, Mr. Chairman.
    [The prepared statement of Hon. Dennis J. Kucinich 
follows:]

[GRAPHIC] [TIFF OMITTED] T0694.035

[GRAPHIC] [TIFF OMITTED] T0694.036

[GRAPHIC] [TIFF OMITTED] T0694.037

[GRAPHIC] [TIFF OMITTED] T0694.038

    Mr. Shays. I thank the ranking member very much.
    Mr. Merrifield. Mr. Chairman, may I respond to that?
    Mr. Shays. Sure.
    Mr. Merrifield. May I respond to that briefly?
    Mr. Shays. Sure.
    Mr. Merrifield. I would say I appreciate the comment made, 
Congressman Kucinich. I think we take our independence very 
seriously. We are willing to issue orders for security. We have 
issued very significant, very costly orders for security in a 
post September 11th environment.
    We certainly, as we listen to stakeholders, whether it's 
Congress, whether it's the American people as a whole, or 
whether it is the utilities that we regulate, we listen to the 
views of a myriad of people who have concerns about these 
issues.
    But at the end, the members of the Commission, including 
the three of us who are here, were sworn to uphold and defend 
the interests of this country. And so, we take that mission 
very seriously in making an independent judgment as to what we 
feel is appropriate, irrespective of whether the industry likes 
it or not.
    Mr. Kucinich. Mr. Chairman, if I may, in response?
    We know the NRC has pulled safety information from its Web 
site, restricted access by public interest groups, even tried 
to keep inspection and security guard performance information 
secret. Sir, with all due respect, I have my own understanding 
of the NRC with respect to the conduct of the NRC at Davis-
Besse in Ohio.
    So I want to take what you are saying in the spirit that 
you are going to do the best job you can. That is how I want to 
take it. But I also know that the NRC is under different types 
of pressures that some agencies come under when there is 
powerful interest groups at work.
    So thank you for the job you are doing.
    Mr. Shays. Mr. Platts. Thank you, Mr. Platts, for your 
patience.
    Mr. Platts. Thank you, Mr. Chairman.
    I apologize. I need to run to a 3 o'clock meeting, but I do 
appreciate the chance to get a couple of questions in.
    Mr. Shays. You take your time.
    Mr. Platts. Thank you for your continuing oversight of this 
issue.
    I want to just make sure my understanding, Mr. Wells, in 
your testimony here today and your written statement, you have 
talked about that appearance of a conflict and that the 
industry's input that it was really what was reasonable and 
feasible to defend against, as opposed to an assessment that 
was based on the realistic terrorist threat. And that there was 
an appearance of this.
    I don't know if you are able to answer in this session or 
when we are in closed session, but besides the appearance, is 
there a belief by GAO that is the fact. That it was a decision 
based on the reasonable and feasible in the industry's 
perspective, as opposed to the good faith terrorist assessment?
    Mr. Wells. We have no evidence to support undue influence 
by the industry. It clearly was an appearance issue to us that 
we believe could be fixed if the threat assessment staff were 
just removed from this process.
    What we do know factually is what they recommended going 
in, after getting industry and other's comments, was lowered 
significantly in terms of their recommendation to the 
Commission for approval. That's what we know.
    Mr. Platts. In being lowered, is it then your opinion that 
the lowered standard is not in line with the realistic threat?
    Mr. Wells. We did not make an evaluation judgment or were 
we asked to decide whether these decisions were correct. So we 
just reported on the process that occurred.
    Mr. Platts. OK. Thank you.
    On the specific issue of the inspections and the force-on-
force exercises, my understanding from the testimony is less 
than half, 27 of the 65 have had force-on-force exercises.
    Mr. Wells. Thirty-one, 30-some percent. That's correct.
    Mr. Platts. OK. This would be a question really to the 
Commission members or to you, Mr. Wells. Is there a timeframe 
for when all 38 remaining will also have had those exercises?
    Mr. Diaz. Yes, sir. They all have to have an exercise 
within a period of 3 years. In the next approximately 15 
months, they would all--will have conducted force--a new, 
complete force-on-force exercise. You miss the fact that we 
have been having other not as complete force-on-force 
exercises.
    Mr. Platts. Right.
    Mr. McGaffigan. Excuse me, sir. Could I also add----
    Mr. Platts. Sure.
    Mr. McGaffigan [continuing]. That one item of our training 
requirements for the power reactors is that every shift of 
security personnel gets trained annually, which de facto 
becomes they do force-on-force exercises at least quarterly. 
They have five shifts. They get them done, and there are very 
impressive capabilities they have for their own force-on-force 
exercises to get ready for our scored force-on-force exercise.
    I was at Quad Cities last week. Exelon--you'll have Mr. 
Crane later--has chosen to buy its own MILES gear. So they use 
this equipment that comes from the military that makes the 
exercises much more realistic, even in their own training 
exercise. Not waiting for us to show up.
    So that's an example, I think Mr. Wells mentioned earlier, 
where licensees have gone beyond NRC regulatory requirements. 
So our exercises, our scored exercises occur once every 3 
years, just as Congress asked us to do in the Energy Policy 
Act. But our training requirements require them to do force-on-
force exercises more than once a quarter.
    Mr. Merrifield. Well, and just very briefly?
    Mr. Platts. Sure.
    Mr. Merrifield. In addition, because we have resident 
inspectors at the site, they do have the opportunity to also 
witness those additional exercises. We don't evaluate those 
formally or grade them on them, but obviously we take what we 
do from observing those.
    Mr. Platts. The requirement that at least once in the 3 
years, the force-on-force, is the reason that there are still 
38 that have not had that just a manpower issue, being able to 
plan and execute those 38?
    Because given the environment we are in, the fact that we 
are 4 1/2 years after September 11th and still another 15 
months perhaps until we get all of them done, it seems like we 
would want to be prioritizing that.
    Mr. Merrifield. I think, just to clarify one thing, we have 
been conducting force-on-force evaluations at the plants pre 
September 11th. We've been doing it since probably the mid 
1980's or before--early 1990's?
    Mr. Diaz. Early 1990's.
    Mr. Merrifield. What we've done, however, is we have 
reduced the periodicity of those. We used to make sure we had 1 
every 7 years. Now we're to 1 every 3 years. We're increasing 
the rate of this.
    Mr. Platts. Right.
    Mr. Merrifield. But I just didn't want to give you the 
impression----
    Mr. Platts. Also, the assumptions that you are basing those 
force-on-force certainly have changed.
    Mr. Merrifield. Agreed. That's correct.
    Mr. Platts. Because of what happened on September 11th, and 
not just September 11th, but throughout the 1990's with the 
different major terrorist attacks against our Nation.
    Mr. Merrifield. That's absolutely right. What is different 
about the new ones that we're taking a look at is, No. 1, 
they're better exercises. We use a MILES gear, as Commissioner 
McGaffigan has mentioned. We test them harder. We test them 
with more elements. So it's a better exercise now.
    But I just didn't want to leave the impression in the 
record that we somehow invented force-on-force 3 years ago 
because we've been doing this for many, many years.
    Mr. Platts. Right. Mr. Chairman.
    Mr. Diaz. And there is one key fact is that----
    Mr. Shays. Excuse me. You may be the chairman, but you 
still have to use the mic. [Laughter.]
    Mr. Diaz. Thank you, Mr. Chairman.
    One key fact is that the way these exercises have been 
distributed among the industry is that 31 out of 32 licensees 
have experienced one exercise or another. So they all have been 
exposed to it, OK?
    So that means that in their security culture, they have 
been exposed to it. They have seen it. They know what it is. 
They know what the requirements are. They actually are then 
capable of taking these experiences from one plant to the 
other, and I think that is a very favorable fact.
    Mr. Platts. Let me get one other quick question, I 
apologize in having to run. That regarding the frequency of the 
inspections. Mr. Wells, in your testimony, you talk about that 
they have improved their force-on-force, for example, by 
conducting inspections more frequently at each site.
    So does that mean some sites have had more than one force-
on-force exercise while others are still waiting?
    Mr. Wells. In the past, these exercises were conducted in a 
different form but were done once every 8 years. They've 
escalated that to once every 3 years. I do want to point out 
that's still an aggressive schedule. These things are big 
deals. They're very expensive to conduct. And it's going to be 
a challenge for them to complete all these in time.
    Mr. Platts. So I want to make sure I am not 
misinterpreting. There has been no facilities that have had a 
second force-on-force in the 3 years before others have had 
their first?
    Mr. Wells. With the exception, if they perform a force-on-
force, and the licensee performs poorly or there is unanswered 
questions about their ability to protect, they will schedule a 
second, repeat exercise.
    Mr. Platts. OK.
    Mr. Wells. They'll keep going back to that same plant until 
they get it right.
    Mr. Platts. OK.
    Mr. Diaz. We have done that, Congressman. We had one plant 
that did not meet standards, and we scheduled immediately 
another force-on-force within 3 months, went back. And then 
that time, they were ready.
    Mr. Platts. Glad to hear that, and--yes?
    Mr. Merrifield. Yes, I just want to add one thing I think 
goes to your previous question. One additional enhancement that 
hasn't gotten on the record today is the quality of the 
adversary force.
    Prior to the changes that we made, they used to use 
personnel at the plant as the adversary force or from other 
individuals who work for the utility. Today, the adversary 
force is made up of individuals typically who have special 
forces background, delta force background.
    These are very highly capable, very motivated individuals 
who truly want to test what these plants are doing, and we 
believe that's a real enhancement to the quality of the overall 
exercises.
    Mr. Platts. Well, maybe that actually raises; so they are 
employees of NRC?
    Mr. Merrifield. No, they are not. They are actually----
    Mr. Platts. Or they are still contracted?
    Mr. Merrifield. They are contract employees.
    Mr. Platts. But not from the industry participant?
    Mr. Merrifield. No, they are not employees of the industry, 
not from the utility.
    Mr. McGaffigan. They are from industry. I mean, we can get 
into this. NEI contracts with these folks. Wackenhut provides 
the people. They take them from across the industry. So guards 
volunteer for this duty. We have a substantial force of people 
to draw from in order to staff each exercise, as Mr. Wells 
talks about.
    We make sure that there's no undue influence. There's a 
bunch of conflict of interest requirements that we have imposed 
that we believe adequately protect against a conflict of 
interest there.
    But the fact is that these people are much better than 
anything we had before, and we're managing any conflict of 
interest issues we think very adequately. There's no ``Keystone 
cop'' routine when they are at a site that Wackenhut happens to 
have the security force at.
    Mr. Platts. Knowing I am going to be even later now for my 
meeting that you keep raising additional thoughts. Is there any 
consideration to NRC that volunteer actually being engaged to 
be NRC's own team so you avoid even the possible appearance of 
that conflict, that they are NRC employees who are fully 
dedicated to this responsibility?
    Because given how often you are doing them and they are 
going to continue to do them, it would seem natural that you 
would have your own in-house team.
    Mr. Diaz. No, sir. We are not giving serious consideration 
to that because we actually run this adversary forces in many 
ways. We provide the scenarios. We provide the qualifications. 
We provide the requirements. We do the scheduling.
    We believe that it's critical for these facilities to 
maintain a distinct separation between what would be an 
external component to their plants and the safety of the plant. 
We want safety and security to be integrated in the plant so 
that they could work together synergistically and actually do a 
better job together than they can do if they are independent of 
each other.
    Mr. Platts. But it sounds like that the team actually 
carries out what NRC devises as a plan of attack that they are 
going to go through in their exercise?
    Mr. Diaz. That is correct.
    Mr. Platts. OK. I apologize that I need to run out. Final 
thought?
    Mr. McGaffigan. I'm the Democrat on the Commission, sir, 
and it's a resource issue partly. You can ask NEI later what 
they pay annually, but it's millions of dollars, I think close 
to $10 million a year to keep this force in shape. And it 
didn't strike us--we thought we could get the same benefit 
without adding those employees.
    Furthermore, we think there is a benefit. These people are 
going to rotate off of the adversary force back to their 
licensee, and they can bring the knowledge that they gained as 
these folks are the best people that attack the nuclear plants 
on the face of the Earth. They'll bring that knowledge back to 
their site----
    Mr. Shays. I am going to cutoff this discussion only 
because I think you have made the point well.
    I am going to have to speak before the Rules Committee 
sometime soon, and we are not dismissing you yet because I want 
to just get to one other area, and that is criteria.
    Mr. Platts. Mr. Chairman, I appreciate your patience with 
my exchange----
    Mr. Shays. See, the problem was, you were to come back and 
relieve me. And now you are going to be late there. So I am 
getting screwed on both ends here. [Laughter.]
    But the questions were great.
    Mr. Platts. All the more my apologies, Mr. Chairman.
    And my thanks to the Commissioners, Mr. Wells, to all of 
your efforts and testimony here today. Thank you.
    Mr. Shays. Thank you. They were good questions. Thank you 
for coming.
    I am going to have the professional staff ask questions. I 
would like one Commissioner to answer, not three, on this so I 
can get through, unless the answer does need additional 
magnification. And I have focused on criteria.
    Mr. Halloran. There is the lingering dispute between the 
GAO and the Commission about the question of criteria for 
decisionmaking about the DBT standards. That your testimony 
makes statements to the effect that detailed and restrictive 
criteria could be detrimental to the Government and could 
overly limit your discretion.
    But in one sense, that is the easy case. That is not 
necessarily what was recommended. Let me ask first, what kind 
of criteria were you recommending; to the extent you can talk 
about that out loud--and are there precedents for it elsewhere 
in other regulatory settings that you have seen?
    Mr. Wells. We did not recommend or specify a specific 
criteria. We assumed that the NRC would develop their own 
criteria. So their concern about anything being unduly 
prescriptive would be up to them to decide what type of 
guidelines and in terms of what factors should be considered, 
the types of weight that may be given to those factors.
    We have found throughout government, where decisionmakers 
have been asked to consider risk management and make informed 
decisions based on risk considerations, that there's been great 
value in guidelines that are available to the decisionmakers 
that lay out all the various factors and provide some weight to 
them to assist them in having a very defensible transparent 
reasons why the decisions were made one way or the other.
    We found that rigor improved the consistency of how 
decisions were made, coupled with the fact that they were semi-
annually reviewing these DBT recommendations. So the process is 
ongoing, happens frequently, and we just found value in having 
the written guidance that we believe NRC should develop 
themselves.
    Mr. Diaz. I respectfully disagree with that conclusion, and 
the reason is that the Commission has very straight means in 
which to make decisions. We receive information. We interact.
    Anything that will come and put a rule, what it would do is 
we will start paying more attention to the staff, paying more 
attention to what the criteria are than what the circumstances 
are, what additional information is. I think this is a 
deliberative body that meets frequently----
    Mr. Shays. Let me just interrupt a second and get through 
this. One of the questions I might have asked, is it possible 
to have criteria? And then logically it is.
    It seems to me you are almost interviewing someone for a 
job without having some basic standards and requirements you go 
through. You seem to interpret the criteria maybe because you 
follow so many regulations. We are not saying that it limits 
you that you only have the criteria that you establish. You 
might add or subtract to the criteria as you work this process 
through.
    But when you interview someone for a job, you know what you 
are looking for. You have certain things on your list. You know 
what the job entails. Then you look for that match.
    And you just don't do it subjectively and sit down and say, 
``Oh, he seems like nice guy.'' And all of us say, ``Oh, yes, 
let us hire him.'' And that is kind of the feeling I get.
    Mr. McGaffigan. Mr. Chairman, just so you know that we're 
not a phalanx here. I have advocated for the GAO position 
internally. I believe we tried in 2003 to come up with criteria 
briefly. We didn't agree. We don't agree on the criteria.
    We tried more recently. In the last semi-annual threat 
assessment, the Commission response to the last semi-annual 
threat assessment, I again proposed criteria, and we didn't 
reach agreement. I personally believe we should have criteria. 
But our two attempts at arriving at criteria failed.
    Mr. Shays. Let me just see, I would think you would have 
criteria and then add to it or subtract to it. But you would 
have some basic criteria that you would follow. It seemed very 
logical to me. I would, if I had been on the Commission, would 
have supported you.
    No, I mean, I appreciate you pointing that out. We don't 
all agree in Congress. You don't all agree on the Commission. 
If you all came with one voice here, I would be pretty unhappy 
about it.
    I at least would like to know that you are debating that. 
That is a healthy thing. And I guess what I would say to you is 
I hope you keep at it until you feel you can find some 
agreement.
    It is not locked in stone, you know, chipped in stone. I 
would think you would constantly re-evaluate the criteria.
    Do you mind, gentlemen, if we go on? I usually say is there 
anything we should have asked that you wished we had, but I 
don't want to know that. [Laughter.]
    Yes, I already spilled water on you. That is good enough.
    Mr. Merrifield. Mr. Chairman, I know you want to get 
through this question, but I would like to just fill something 
in.
    Mr. Shays. Sure.
    Mr. Merrifield. Because we confronted this when we had our 
meeting with the GAO staff, and they asked us how we went 
through our decisions. And I think we can go into more detail 
on this when we have a closed session.
    Part of this is ultimately like the decisions that you make 
as a Member of Congress, judgment calls. It's based on the 
myriad of information you have available to you.
    When we met with the GAO staff, they said, well, in coming 
up with the DBT, can you give us the list of documents you used 
to make your decision? And part of my answer was I've been a 
Commissioner for 7 1/2 years. I've had access to thousands of 
pages of highly classified documents.
    I made visits to all 103 nuclear power plants in the United 
States and, indeed, half the nuclear power plants in the world. 
I visited with colleagues in any number of agencies. I met with 
well over 100 Members of Congress since I've been a 
Commissioner. Those are the kind of things that you use to make 
an informed decision.
    Now my disagreement in terms of Commissioner McGaffigan, in 
terms of having a set of criteria is I think the Commissioners, 
each of us as independent Commissioners, has to have some of 
those criteria in our own minds, as you do when you are making 
a decision on immigration reform or other things.
    Commissioner McGaffigan will tell you, he and I have some 
very vigorous discussions about these issues, which I----
    Mr. Shays. You know what I am sensing, though? You are a 
Commission that has to dot your ``i's'' and cross your ``t's.'' 
So I think you tend to think of criteria as almost being a 
restriction. I would think it would be a basis if in the end 
you decide to override a criteria, then there would be an 
explanation that you would be able to give.
    But my sense is you all should keep working at that because 
I have a feeling that if someone analyzing a business structure 
would say, you know, this is very doable.
    Yes, on a bill, I don't follow the same criteria for every 
bill. I use what I call my ``community meeting test.'' If I 
can't explain it at a community meeting, I better not do it, 
you know?
    But it is a criteria, you know? And so, if someone says, 
``Why don't you go to the Paris air show,'' and I talk to my 
staff about it. They say, ``Hey, boss, you are not on the 
aviation committee. You are not even on transportation. I don't 
think it meets your test.''
    I mean, there are certain things that I would think you 
would have, and I would think you would be able to even write 
them down collectively.
    Mr. Merrifield. Well, Mr. Chairman, I certainly agree with 
you. That internal decisionmaking is the same way you do, we 
all have decision criteria that we use. I mean, I'm very proud 
of the fact that when my staff tries to gauge where I am on an 
issue, they're going to be able to understand with about a 98 
percent accuracy what I intend to do because I use those very 
same kind of criteria.
    I think there is a concern about the Commission as a whole 
being locked into a single set of criteria, when each one of 
the five of us brings our own value judgments.
    Mr. Shays. OK. I am going to have to get the last word, 
which is the privilege of the chairman.
    I hope that you take seriously the recommendation or 
concern of the GAO and that you continue to debate this and 
that you continue to evaluate whether you could come up with a 
criteria that would make sense. It then gives us the benchmark 
to which to evaluate as well.
    I think it would provide for a meaningful discussion. So I 
realize there is disagreement here, and that is the way we will 
leave it, but at least you know where we are coming from.
    Thank you. You have been a very responsive panel, and I 
thank you very much for that.
    And thank you all.
    We are going to get onto the next one, and if you would 
stay standing, I will swear you in.
    We have the Honorable Richard Blumenthal, the attorney 
general of the State of Connecticut and, for the public record, 
a close friend. We have Danielle Brian, executive director, 
Project on Government Oversight. We have Mr. Marvin Fertel, 
vice president and chief nuclear officer, Nuclear Energy 
Institute. And we have Mr. Chris Crane, president and chief 
nuclear officer, Exelon Generation Co.
    Mr. Chris Crane? Yes. Oh, I am sorry if I said it 
incorrectly. It is Mr. Chris Crane. Stay standing.
    I don't always get to swear in the attorney general of the 
State of Connecticut. So this is a real privilege.
    [Witnesses sworn.]
    Mr. Shays. Note for the record, all four have responded in 
the affirmative.
    And I just want to note for the record, we have Mr. Duncan 
from Tennessee, who has been a wonderful member of this 
subcommittee. And we might be able to persuade him to chair 
this subcommittee if I have to go to the Rules Committee, but 
we will see how that works out.
    The Honorable Richard Blumenthal. Dick, it is wonderful to 
have you here, and thank you for your outstanding service, and 
thank you for serving in your capacity as attorney general. You 
do a terrific job.

 STATEMENTS OF RICHARD BLUMENTHAL, ATTORNEY GENERAL, STATE OF 
  CONNECTICUT; DANIELLE BRIAN, EXECUTIVE DIRECTOR, PROJECT ON 
 GOVERNMENT OVERSIGHT; MARVIN FERTEL, VICE PRESIDENT AND CHIEF 
  NUCLEAR OFFICER, NUCLEAR ENERGY INSTITUTE; AND CHRISTOPHER 
 CRANE, PRESIDENT AND CHIEF NUCLEAR OFFICER, EXELON GENERATION 
                            CO., LLC

                STATEMENT OF RICHARD BLUMENTHAL

    Mr. Blumenthal. Thank you very much, Congressman Shays, Mr. 
Chairman, members of the subcommittee.
    First of all, let me thank the chairman, Congressman Shays, 
for his real courage and conviction on this issue, his 
continuing oversight, and his recognition about the importance 
of openness, increasing the amount of information available to 
the public on this issue. Because what's at stake here, as much 
as anything, is the credibility of this process.
    And so, I want to first thank him for his enormous 
contribution on that score and just say that----
    Mr. Shays. I would just like to point out to the rest of 
the panelists, you do not need to do this. This is a 
Connecticut thing. It has been all taken care of. So we will 
get right to the point there.
    Mr. Blumenthal. And he's my Congressman.
    I also want to say that nothing I have to say here 
questions the good motives and dedication of the panel that 
preceded me or anyone else involved in the Nuclear Regulatory 
Commission. We do have differences, as the chairman pointed 
out. And on those differences, I think that I'm going to rely 
principally on my written testimony. But I think credibility 
will depend on having criteria.
    Very clearly, there need to be criteria, particularly for 
the selection of weapons. The decision to drop, for example, 
two of the weapons that were recommended by the staff, as 
reported by the GAO, calls into question seriously and severely 
the credibility of the entire process, as do other apparent 
failings, such as the complete failure to involve potential air 
attack, particularly from the larger kinds of aircraft that 
could pose a threat at places like Indian Point, which is very 
much of concern to me, the Indian Point power plant being 
located so clearly and closely to the large part of 
Connecticut's population.
    An air attack is not simply a speculative or imaginary kind 
of occurrence. It is a clear and present danger. The idea that 
there is a distinction between enemy of the state and design 
basis threat that justifies excluding air attack seems 
completely unrealistic and unfounded.
    I believe that the NRC must be required to give more 
reliance to the security experts, homeland security experts, 
people who are objective and independent of this process rather 
than nuclear power plant operators.
    As the GAO report very pointedly observes, weapons were 
removed from the DBT after the nuclear operators were consulted 
and after they submitted their views on the feasibility and 
cost and said that, ``Certain kinds of adversary 
characteristics would be prohibitively expensive.''
    I agree with the GAO that this situation created, ``created 
the appearance that changes were made based on what the 
industry considered reasonable and feasible to defend against 
rather than an assessment of the terrorist threat.''
    Again, credibility is at stake here, and the public not 
only demands and needs, but also deserves credibility in this 
process, which would include prescriptive criteria, detailed 
criteria on what should be involved in this process.
    I want to emphasize that there needs to be greater emphasis 
on the potential threats posed by spent nuclear fuel pools. The 
presence of such pools is a real factor in Indian Point and at 
Millstone. Some of them are housed in structures that are 
comparable to the kind of pools that we swim in rather than the 
ones we store nuclear fuel in.
    The hardening of the domes encasing the plants may be 
deemed adequate, although I'm not necessarily conceding they 
are. But certainly the spent nuclear fuel deserves and needs 
greater protection.
    And I want to emphasize also the importance of protection 
for whistleblowers. We are engaged right now in a specific case 
that involves a whistleblowing complaint and then a 
retaliation. I've asked, as recently as last week, the NRC to 
investigate in their annual assessment, I've asked them to 
investigate.
    I think the NRC must provide protection for whistleblowers 
and investigate whenever whistleblowing kinds of allegations 
are made, and there are indeed indications of retaliation. Only 
yesterday I called on the NRC to immediately investigate the 
source and extent of radiation contamination at Indian Point.
    Last week, the plant operators admitted that radiation 
levels in wells as close to 50 yards of the Hudson River were 
three times the allowable levels for drinking water. 
Environmental threats have to be the subject of NRC attention 
as well, and certainly Indian Point has posed them.
    Let me just conclude, and I know that your time is short, 
Mr. Chairman, and I appreciate your staying this long. Conclude 
by saying that the kinds of attack that may be made in the view 
of many experts has been gravely underestimated. The potential 
for multiple terror cells or different kinds of weapons or 
larger scale attack all seem to have been underestimated in the 
design basis threat that has been in use so far.
    So, I hope that this committee will begin to persuade the 
NRC and, if necessary, compel it to think outside the box, 
think of threats that have not been considered before, air 
attacks, air exclusion zones, the kinds of threats posed by 
traffic in Long Island Sound--LNG tankers that may be part of 
energy projects--all need to be assessed and considered.
    Thank you.
    [The prepared statement of Mr. Blumenthal follows:]

    [GRAPHIC] [TIFF OMITTED] T0694.039
    
    [GRAPHIC] [TIFF OMITTED] T0694.040
    
    [GRAPHIC] [TIFF OMITTED] T0694.041
    
    [GRAPHIC] [TIFF OMITTED] T0694.042
    
    [GRAPHIC] [TIFF OMITTED] T0694.043
    
    Mr. Shays. I thank the gentleman very much. And frankly, I 
wish I had gotten into the issue of spent fuel, particularly 
with the Commission because I do agree with you. It is a good 
way to describe it, being like a house for a swimming pool.
    Ms. Brian.

                  STATEMENT OF DANIELLE BRIAN

    Ms. Brian. Chairman Shays, thank you for inviting POGO to 
testify at this important hearing. It's clear you share many of 
the same priorities as POGO across the board--security at 
nuclear power plants and at the nuclear weapons complex, 
excessive Government secrecy, whistleblower protections. I 
think your subcommittee is doing the most important work in the 
Congress, and I think it's important to recognize that. And 
you're not my Congressman.
    The GAO report that you Commissioned is shocking and 
confirms what POGO has been alarmed about for the past 3 years. 
It detailed the inappropriate influence of the nuclear industry 
on the NRC's design basis threat process. They essentially get 
two bites of the apple.
    The nuclear industry is allowed to lobby the NRC security 
staff to lower the security standards recommended to the 
Commission, and then the NRC Commissioners removed weapons that 
were recommended despite that lobbying, including what we 
understand included the two weapons in question were RPGs and 
50-caliber rifles with armor-piercing rounds. Because industry 
claimed it was too expensive for them to protect against such a 
threat.
    The result of this process is a completely unrealistic DBT 
that reflects not what intelligence estimates dictate, but 
instead what industry is willing to pay for. Because of the 
lowering of these security standards, at one site the GAO found 
some or all of the attackers during the force-on-force were 
able to enter the protected area in each of the three exercise 
scenarios.
    At another, the mock attackers were able to destroy three 
out of four targeted components. At another site, they didn't 
even include spent fuel pools among the targets to be 
protected.
    It should be understood these failures occurred even though 
there remain significant artificialities in the tests in the 
first place. They are still scheduled and announced 8 to 12 
weeks before they occur, giving the security force ample time 
to prepare. Furthermore, the GAO found the security force can 
tell within minutes at what time the test will begin.
    Counter to what we were hearing in the last panel, while I 
certainly agree these tests are far better than they were when 
we first started talking about this a few years ago, the GAO 
also found that the controllers, who are essentially the 
referees in these tests, were sometimes volunteers from the 
plant, just like we had seen before, who had no security 
experience at all. And they're the people who essentially get 
to decide who was living or dying in a particular exchange.
    At approximately half the sites, the mock attackers and 
security force they are testing are employed by the same 
company, Wackenhut. Whether those tests are honest or not, how 
can the public have faith in a system with such an obvious 
conflict of interest?
    Even with these weaknesses, the GAO also found evidence of 
behavior that some might call cheating. In one case, a site 
employee made motions that may have alerted the security 
officers to the targets the adversaries would be trying to 
reach that evening. Now imagine, these are the tests where they 
know the GAO is watching them.
    Just last year, several years after the September 11th 
attacks, NBC News asked the Nuclear Energy Institute spokesman 
about Mohammed Atta's plans to target what is now believed to 
have been Indian Point. His reaction? He said he'd never heard 
of Mohammed Atta.
    The impact of this ostrich-like approach to the homeland 
security needs of our country permeates the nuclear community, 
both the industry and its regulator, the NRC. Perhaps the most 
important evidence that the NRC remains in denial is their 
decision to require nuclear power plants to protect only 
against a handful of terrorists. This decision is based on the 
assumption that only one terrorist cell acting alone would 
attack the plant.
    There is no explanation why the NRC continues to come to 
this conclusion, despite historical evidence that multiple 
cells of terrorists were used collectively on September 11th. 
The GAO points out that the Department of Energy, an agency 
which we've both had some problems with as well, but they still 
do a lot better on this than the NRC has. They're relying on 
the same intelligence as the NRC when determining their DBT.
    In comparison, however, the DOE requires their facilities 
to protect against an attacking force about three times that 
required by the NRC and against the very weapons rejected by 
the NRC. Their security is also provided by a private force. I 
think it's important to dispel the myth that private forces 
can't be asked to do more than they are. The difference, 
however, in the two agencies' processes is that the DOE does 
not have an industry lobbying them to lower their standards.
    It's important to recognize the two steps--as you said 
before, so I won't repeat them--that there essentially is the 
threat assessment staff and then the Commission that is 
reducing the weapons. But the thing that really alarms us is 
that these RPGs that are of particular concern to us are very 
available.
    As we wrote to Commissioner Diaz on February 22nd, we 
raised our concerns that the Commission decided not to protect, 
we believe, against these weapons. Despite the fact that during 
a special forces mission in West Africa last year, Pentagon 
officials found that an RPG could be purchased for less than 
$10 on the weapons market and were available in large 
quantities in a matter of hours.
    This is equally true in South Asia. Pentagon officials have 
told POGO that getting shipments of RPGs into the United States 
would be surprisingly easy.
    I wanted to emphasize a final quote from the GAO that 
removal of these weapons from the revised DBT was significant 
because of the strength of the NRC staff's intelligence 
analysis supporting their inclusion. I'd like to include a copy 
of the letter we wrote to Chairman Diaz with our concerns about 
this.
    It's also important to recognize that this is a problem 
that's easy to fix. In an unclassified film created by the 
Department of Energy named ``Systems Under Fire,'' they outline 
the relative ease with which RPGs can destroy traditional 
barriers. They also show a relatively inexpensive defensive 
measure, predetonation screens, that the industry should be 
required to adopt, which would effectively mitigate the 
lethality of these weapons.
    The NRC Commissioners watered down the original staff 
proposed security standards based on the belief they can only 
ask of the nuclear industry what can be expected of a private 
security force, but we really believe this is backward logic.
    Security professionals should determine the security threat 
and then determine what is required to meet that threat. If it 
is concluded that private forces cannot adequately protect the 
facilities to the standards set by the intelligence community, 
then it is the Government's job to step in at industry's 
expense.
    Mr. Shays. We did a second round. I think we need to close 
you down here in a second.
    Ms. Brian. Yes. I can----
    Mr. Shays. That is a term that the--``close you down'' is 
not a good term.
    Ms. Brian. OK. I'll just conclude by saying our concern is 
that there is no one accepting the responsibility of making 
that leap between the DBT and what is actually required. I want 
to point out that I have great respect for a lot of the 
security staff at the NRC and Commissioner McGaffigan in 
particular. And I think they're coming at this with really 
honest efforts, but it's tremendous pressure that they're 
receiving as well.
    [The prepared statement of Ms. Brian follows:]

    [GRAPHIC] [TIFF OMITTED] T0694.044
    
    [GRAPHIC] [TIFF OMITTED] T0694.045
    
    [GRAPHIC] [TIFF OMITTED] T0694.046
    
    [GRAPHIC] [TIFF OMITTED] T0694.047
    
    [GRAPHIC] [TIFF OMITTED] T0694.048
    
    [GRAPHIC] [TIFF OMITTED] T0694.049
    
    [GRAPHIC] [TIFF OMITTED] T0694.050
    
    [GRAPHIC] [TIFF OMITTED] T0694.051
    
    [GRAPHIC] [TIFF OMITTED] T0694.052
    
    Mr. Shays. Right. Thank you very much.
    I am hoping I can hear everyone testify before I have to 
go.
    Mr. Fertel.

                   STATEMENT OF MARVIN FERTEL

    Mr. Fertel. Thank you, Chairman Shays, members of the 
subcommittee.
    In my testimony today, I would like to make three points. 
First, the growing need for electricity supply, energy 
security, and the concern over global warming has led to a 
resurgence of the interest in nuclear energy.
    Second, in response to the question, are our Nation's 
nuclear plants more secure than they were before September 
11th? I would say the answer is a resounding yes, and I think 
the GAO actually says that, too. Over the past 4 1/2 years, the 
industry has made substantial and significant improvements to 
an already-strong security.
    Finally, the nuclear energy industry recognizes that the 
spectrum of possible threats facing the Nation can be larger 
than the NRC's design basis threat for nuclear power plants. 
And because of that, we've led efforts, under the auspices of 
the Department of Homeland Security, to assess the potential 
vulnerabilities of our critical infrastructure to a broader 
spectrum of threats and to coordinate Federal, State, and local 
resources to complement and supplement plant security in the 
face of such threats.
    With regard to my first point, according to the projections 
from the U.S. Energy Information Administration, even with a 
strong commitment to efficiency and conservation, our Nation is 
expected to need 45 percent more electricity by 2030. Much of 
this new electricity supply will be needed in the form of 
large-scale baseload generation. The only realistic 
alternatives to significantly increasing baseload generation 
are coal and nuclear energy.
    The Congress recognized the need for a diverse energy 
portfolio and the importance of nuclear in that portfolio in 
the Energy Policy Act of 2005. That bill is having its intended 
impact. Nine companies are pursuing actions toward building 
between 12 and 19 new nuclear plants in the United States, and 
we expect that the new nuclear power plants will become 
operational within about a decade.
    Let me turn now to security. When I was here just over 18 
months ago, I testified that nuclear power plants are the most 
secure commercially owned facilities in the country. That 
remains true today because we have continued to work to meet 
the NRC requirements, satisfy our own performance expectations, 
and most importantly, through DHS, enhance integration with 
Federal, State, and local authorities responsible for providing 
security to our Nation's critical infrastructure.
    Specifically, over the past 4 1/2 years, we have improved 
our security in several steps. The first step was what the 
Commission talked about that occurred on September 11th. Just 4 
months later, in February 2002, the NRC again increased 
security requirements in several areas.
    The industry, complying with the NRC orders, instituted 
additional measures, such as extending or fortifying security 
perimeters, increasing patrols within security zones, 
installing new barriers to protect against vehicle bombs, 
installing additional high-tech surveillance equipment, and 
strengthening security coordination with local, State, and 
Federal agencies.
    Following the completion of its top-to-bottom review and 
its study of the potential threats to nuclear power plants, the 
NRC issued three orders in April 2003. One order revised the 
DBT, further increasing plant security requirements.
    In addition to modifying the DBT, the NRC also issued 
orders that enhanced training and qualifications for security 
officers and improved access control and established work hour 
limits. We estimate the cost across our 64 sites of this 
additional security since 2001 is now over $1.2 billion.
    Since the September 2004 hearing before this subcommittee, 
we have implemented NRC's approved security plans at each site. 
We've completed the physical improvements at each site as 
required by the DBT defined by the NRC.
    We've conducted 27 NRC-observed force-on-force drills, and 
we can play with those numbers if they are still confusing, and 
also hundreds of such drills as part of the industry's 
programmatic security training program. We've been a national 
leader working with the Department of Homeland Security by 
completing 22 risk assessments and 20 comprehensive reviews for 
nuclear power plants.
    Given all we have done and although the GAO identified some 
areas for improvement, we are very pleased that GAO also agrees 
with what the industry has been saying; that nuclear power 
plants have made substantial security improvements after 
September 11th.
    As my final point, I want to emphasize that security at 
nuclear power plants does not end with what the NRC requires, 
nor with what plant operators can provide to protect our 
Nation's critical infrastructure. Industrial and commercial 
facilities must integrate their security with local, State, and 
Federal forces. The industry recognizes that there is a 
spectrum of potential threat; some less, some greater than the 
capabilities of our or any other private sector plant security 
program.
    Recognizing this fact, the industry has provided national 
leadership and is the first industrial sector to participate in 
the Department of Homeland Security's Risk Assessment and 
Management for Critical Asset Protection [RAMCAP] program and 
its comprehensive review program. Twenty-two sites have gone 
through RAMCAP, and 20 nuclear plant sites have already 
completed the comprehensive reviews. We expect to complete all 
of them by July 2007.
    These DHS programs represent areas where significant 
enhancements to security can be achieved for nuclear plants and 
for all the other sectors of the critical infrastructure. This 
subcommittee can be instrumental in furthering programs like 
this, and we would encourage the subcommittee to support DHS in 
its effort to complete these activities for the entire critical 
infrastructure.
    In closing, we are pleased that the GAO agrees that our 
security has been greatly improved. We look forward to 
fulfilling our responsibilities and continuing to work with 
governmental agencies, such as GAO, DHS, and the NRC, as well 
as Congress, to ensure that our facilities remain the most 
secure facilities in the Nation's critical infrastructure.
    Thank you.
    [The prepared statement of Mr. Fertel follows:]

    [GRAPHIC] [TIFF OMITTED] T0694.053
    
    [GRAPHIC] [TIFF OMITTED] T0694.054
    
    [GRAPHIC] [TIFF OMITTED] T0694.055
    
    [GRAPHIC] [TIFF OMITTED] T0694.056
    
    [GRAPHIC] [TIFF OMITTED] T0694.057
    
    [GRAPHIC] [TIFF OMITTED] T0694.058
    
    [GRAPHIC] [TIFF OMITTED] T0694.059
    
    [GRAPHIC] [TIFF OMITTED] T0694.060
    
    [GRAPHIC] [TIFF OMITTED] T0694.061
    
    [GRAPHIC] [TIFF OMITTED] T0694.062
    
    [GRAPHIC] [TIFF OMITTED] T0694.063
    
    [GRAPHIC] [TIFF OMITTED] T0694.064
    
    [GRAPHIC] [TIFF OMITTED] T0694.065
    
    [GRAPHIC] [TIFF OMITTED] T0694.066
    
    [GRAPHIC] [TIFF OMITTED] T0694.067
    
    [GRAPHIC] [TIFF OMITTED] T0694.068
    
    [GRAPHIC] [TIFF OMITTED] T0694.069
    
    Mr. Shays. Thank you, Mr. Fertel.
    Mr. Crane. Thank you.

                 STATEMENT OF CHRISTOPHER CRANE

    Mr. Crane. Chairman Shays and subcommittee members, I am 
Chris Crane, president and chief nuclear officer of Exelon 
Nuclear, and I am pleased to be here today to continue on with 
what Mr. Fertel provided as to what the industry has done, but 
give you more specifically what's happened in our company, 
Exelon.
    Exelon Generation is the largest owner and operator of 
commercial nuclear power plants in the United States. We own 
and operate 17 reactors in 10 States--Illinois, New Jersey, 
Pennsylvania. In addition, we provide the management and 
operating assistance for three reactors in New Jersey that are 
owned by Public Service Enterprise Group [PSEG].
    Exelon is extremely proud of our operating performance. Our 
plants are among the best in the world in terms of capacity 
factor and outage management. We are even more proud, however, 
of our safety record. Our highest duty is to protect the safety 
and security of our workers and the people who live within the 
communities around the plants that we operate.
    As a result of the NRC revised security requirements, 
Exelon Nuclear invested $140 million capital improvements for 
the physical security upgrades at our plants. In addition, we 
have greatly increased the staffing of our security forces, but 
the contracts----
    Mr. Shays. Mr. Crane, I am going to just interrupt you for 
a quick second.
    I have to go before the Rules Committee. We are going to 
keep going. I am going to have Mr. Duncan chair, and I am going 
to ask Mr. Van Hollen, if he doesn't mind, to chair if Mr. 
Duncan has to leave. And then I will come back.
    Then, if you would, if you would have counsel ask some 
questions as well? And I hope I will be able to get back in 
time to ask the questions I want.
    Sorry to interrupt, but I just wanted to make clear what we 
are doing.
    Mr. Crane. As I was saying, we, as a company, have invested 
over $140 million in capital improvements and our physical 
security upgrades at the sites. In addition, we have greatly 
our staffing of our security forces, with our contract forces 
expanding by 84 percent and our corporate security 
organization, which provides the oversight and strategic 
development and coordination of our security plans, increasing 
by 20 percent.
    In 2001, our security-related operating costs were 
approximately $44 million. This year, we expect to spend $90 
million for security.
    All Exelonsites have complied with the NRC requirements 
regarding infrastructure improvements, training requirements, 
and access authorization. As part of the NRC's effort to 
confirm continued compliance with these security standards, the 
Commission conducts routine inspections that have been 
discussed here today.
    This year alone, we have conducted multiple exercises at 
all the facilities. We conducted multiple sites at all of our 
facilities. We have had two force-on-force drills that were 
discussed about previously last year, and by the middle of this 
year, we'll have two additional that will be completed.
    While security at the commercial nuclear plants in the 
United States has improved greatly since 2001, performance 
issues can and do arise with security personnel. As these 
issues arise, they are addressed systematically and 
objectively.
    As I noted earlier, Exelon assumed the responsibility last 
year of the management of the PSEG's Salem and Hope Creek 
reactors. The shift came in an aftermath of an inadequate 
force-on-force exercise at the Hope Creek project or the Hope 
Creek site, which was referenced earlier in the GAO report and 
has been referenced by different panelists here today.
    As our first order of business, we installed the Exelon 
defensive strategy model at the site, investing approximately 
$40 million that's above and beyond the $140 million we've 
previously spent in capital improvements. We also increased the 
security force by approximately 40 percent in 2005. And as a 
result of these efforts, Salem and Hope Creek successfully 
passed the evaluated exercise, and we consider that a great 
success.
    As a part of the Energy Policy Act of 2005, Congress 
directed the NRC to conduct formal rulemaking to review its 
design basis for the commercial nuclear facilities. Clearly, 
the Commission, as stated previously, must continue to assess 
the threat facing the nuclear plants for possible changes.
    In conducting this assessment, we recommend that the 
Commission should continue to closely coordinate with the 
Department of Homeland Security and Federal intelligence and 
law enforcement agencies. In addition, the Commission, in 
evaluating these potential changes to design basis threat, must 
keep in mind the different delineations between the 
responsibility of the plant owners, those of law enforcement, 
and for the Federal Government.
    While Federal law requires plant owners to protect against 
various potential threats, the law also considers many threats 
to be outside the scope of the licensee's responsibility and 
instead relies on law enforcement and the military to protect 
against these certain threats.
    Mr. Chairman, Exelon is committed to safe operations of our 
plants and providing strong security and emergency planning 
programs. We have devoted significant financial and personnel 
resources to ensure that our sites are in full compliance with 
the NRC requirements.
    We have established high performance expectations for our 
security forces. We continue to work closely with the NRC and 
Federal, State, local enforcement to ensure that we have fully 
integrated a plan to respond to security events at our site.
    I'd like to thank you again for the opportunity to provide 
this input and would welcome any questions you may have.
    [The prepared statement of Mr. Crane follows:]

    [GRAPHIC] [TIFF OMITTED] T0694.070
    
    [GRAPHIC] [TIFF OMITTED] T0694.071
    
    [GRAPHIC] [TIFF OMITTED] T0694.072
    
    [GRAPHIC] [TIFF OMITTED] T0694.073
    
    [GRAPHIC] [TIFF OMITTED] T0694.074
    
    [GRAPHIC] [TIFF OMITTED] T0694.075
    
    Mr. Duncan [presiding]. Well, thank you very much, Mr. 
Crane. You have certainly been an informative panel.
    I will say something that I have told other people at 
times. Chris Shays is not my Congressman either, Ms. Brian, but 
I will tell you that--and Mr. Blumenthal, if he doesn't already 
know this, should know this--that Chris Shays is one of the 
most active and one of the finest chairmen that we have in this 
Congress today.
    I don't always agree with him, and he would be very proud 
to tell you that I don't always agree with him probably. But at 
any rate, he does an outstanding job, and this hearing is 
another example of that.
    I told him I have a whole host of appointments starting at 
3:45, which was 5 minutes ago. So I am not really going to ask 
any questions except for this.
    What percentage of our energy now is generated by nuclear 
power? I am sure Mr. Crane or Mr. Fertel can tell me.
    Mr. Crane. Greater than 20 percent.
    Mr. Duncan. Well, and what I am getting at, I had read 
something similar to that, and I have also read, though, that 
some other countries like France and Japan and Sweden and some 
others, they have--I believe I read that some country has as 
high as 70 percent.
    Can you tell me anything about that? What percentage some 
of those other countries?
    Mr. Fertel. I think France is up around 70 percent, 
Congressman Duncan, and I think one of the former East Bloc 
countries actually is close to 80 percent.
    Mr. Duncan. Oh, really?
    Mr. Fertel. Yes. I think 20 percent in our country, we'd 
like to see more. But to be honest, it's still the largest 
program in the world. The nuclear program in this country is 
bigger than the French and Japanese programs combined, and 
they're the second and third largest programs.
    So in number of plants and output, we are actually very 
large. In percent of our total electricity supply, we're still 
the second largest, but only 20 percent.
    Mr. Duncan. Well, I was a lawyer and a judge before I came 
to Congress, and I am not a nuclear expert by any means. And I 
will say this. I have always said and believe that anybody can 
improve.
    I hope I am a better Congressman now than I was 5 years 
ago. This is my 18th year. I hope I am better now than I was 5 
years ago. And if I am here 5 years from now, I hope I am 
better then than I am now.
    And we should all strive to get better, and I hope that the 
nuclear industry takes very seriously, and I believe they will, 
the recommendations or suggestions of the GAO.
    On the other hand, I do know from reading that the nuclear 
industry in this country is one of our most highly regulated 
industries, even at this point, and that this industry is 
probably more highly regulated in this country than in any 
other country. And saying that, I will make it very clear to 
tell everyone that I have no connection whatsoever, even 
remote, to the nuclear power industry.
    So, you know, my father told me many years ago about 
something else. I don't even remember what he was talking 
about. He said everything looks easy from a distance. And it is 
real easy to criticize, I can assure you, on almost anything.
    But you know, I know, too, common sense would tell you that 
the nuclear industry would be the most concerned about a 
terrorist attack because you are talking about losing whopping 
amounts of money if they had a plant that was attacked and 
closed down.
    Now I heard a speech by Secretary Chertoff a few months ago 
in which he said it is not possible to protect against every 
conceivable harm at every place at every moment. So, what we 
have to do, we have to do what is reasonable, what is 
practical, yet we can't sacrifice the good to try to achieve 
the perfect. I mean we could shut the whole country down, and 
we wouldn't have any nuclear concerns or any other, you know, 
but that makes no sense whatsoever.
    So I think the nuclear power industry, frankly, is doing a 
great job. I am sure that there probably were people at the NRC 
who were offended to hear that the nuclear power industry had 
too much influence over them because they say that their report 
is based on contributions from Federal, State, and local 
officials, all kinds of stakeholders, and everybody who has 
really much of an interest at all.
    But I am going to go to those appointments, and I am going 
to turn this over to Congressman Van Hollen for any questions 
he has. And then I understand the staff is going to ask some 
questions.
    Thank you for taking over.
    Mr. Van Hollen [presiding]. Well, thank you. Thank you, Mr. 
Duncan. And let me also thank our witnesses.
    Unfortunately, I, too, have a group waiting back in my 
office. I apologize. I missed the first panel because the 
Government Reform Committee, another subcommittee had a hearing 
as well.
    I just have two questions. The first question is for Mr. 
Fertel and Mr. Crane. With respect to the analysis of the 
vulnerability of nuclear power plants to an air attack, we know 
from investigations by the 9/11 Commission and others that was 
one of the scenarios envisioned by the September 11th 
attackers.
    Putting aside the question of who is responsible for 
dealing with that issue, would you agree that is a 
vulnerability in the system that needs to be addressed, or is 
that something that is, in your view, such a low probability we 
shouldn't worry about it?
    Because as of right now, we haven't done much about that as 
a Nation. We have sort of been pointing fingers as to who is 
responsible for addressing the issue rather than tackling the 
issue.
    Mr. Fertel. Just a response to that. First of all, from a 
pure technical study standpoint, the NRC has done studies, and 
I'm sure they can brief you in their secret session.
    The industry did studies that we don't hold secret. We 
hired the Electric Power Research Institute shortly after 
September 11th to look at a 767-400, a relatively large plane, 
one that constitutes more than 80 percent of the aircrafts 
flying in this country and had it hit containment structures 
where the fuel is, had it hit spent fuel pool structures, and 
had it hit dry cask storage.
    And they did it as an analysis to maximize the impact, and 
what we found was we wouldn't get a release of radiation with 
that particular scenario.
    Now National Academy of Sciences looked at things and said, 
well, if the plane was bigger, and the plane flew faster, you 
get a different outcome, no question. The plane doesn't hit it 
just right, you get a different outcome.
    So what we concluded was that the robustness of the 
structure is really pretty good unless you have a really 
marvelous hit on the structure. A very, very bad day at the 
plant with a lot of people dead that work there, but as far as 
a release, we didn't get it from a relatively sophisticated 
analysis. This was $1 million worth of engineering computer 
runs.
    You weren't here for the first panel, Congressman, but 
Commissioner McGaffigan and others talked about the actions 
they have taken. They've taken actions with NORAD and with the 
military to do a number of things as far as trying to protect 
the air space around nuclear plants, imminent threat procedures 
at all of Mr. Crane's plants.
    His control room has been trained on basically shutting the 
plant down if they're told by NORAD something happens or a 
plane is off course. They don't have to know it's a terrorist 
plane. They've also been trained on other actions they could 
take to try and put the plant in the safest condition it could 
be in if there was something that happened.
    So there have been a lot of actions taken by the Nuclear 
Regulatory Commission. Studies are still being completed right 
now looking at things like that at the plants. What's not being 
done is what you said, which is, you know, putting surface-to-
air missiles at every plant.
    And we would say that things like that come out of these 
comprehensive reviews that I mentioned. The comments made by 
Danielle and the attorney general say that there are threats 
bigger than the DBT. We don't question that. Of course, there 
are. There's threats smaller than the DBT, too.
    But there are bigger ones, and what the Department of 
Homeland Security is doing is looking at a spectrum of 16 
threats, many of them larger than ours, much larger, and many 
of them smaller. And they are looking at airplanes and figuring 
out what they should be doing for particular sites.
    Mr. Van Hollen. Thank you.
    Does anyone else have a comment on that question?
    Mr. Blumenthal. Only, Congressman, that if I understood the 
response correctly, it was that, yes, we should be looking at 
the potential for aircraft attack, despite a study or a number 
of studies that perhaps show that it can be exaggerated. But 
clearly, it is a threat in places like Millstone or Indian 
Point, given the vulnerability of the structures there.
    And I think maybe equally important, and certainly the non-
engineers, the citizens among us will appreciate this point, 
this fear is a very real one for people who live near the 
plants. And that includes people who live within a 50-mile 
radius, which is the zone that's regarded at risk, which 
includes a third of the population of Connecticut, when it 
comes to Indian Point and even larger if you consider 
Millstone.
    Mr. Van Hollen. Right. No, thank you on that point.
    I think that you are right. This is clearly an area that we 
need to move forward on more aggressively. There is no doubt 
about that. Both in terms of the physical protection of the 
plant areas, but more important in terms of the interception.
    Let me just ask, if I could, Ms. Brian, most of the 
testimony today is focused on nuclear power plants. There was 
this investigation that was done last fall with respect to 
nuclear research reactors at different universities around the 
country and the ability of people to get easy access to those 
research facilities.
    And after that, there was discussion about, you know, how 
we need to tighten up on security. And I don't know if you have 
had an opportunity, or if any of the other members of the 
panel, but if you have had an opportunity to look at what has 
been done, whether it is adequate, and if not, what more we 
should be doing?
    Ms. Brian. Yes. Well, I am familiar with that. That was an 
ABC investigation.
    And the one thing that was a little confused by that 
investigation was not all research reactors really are the 
same. Many of them have such small amounts of nuclear material 
that they're not of great consequence.
    There are some, however, though, that are of greater 
consequence than the power reactors that we're talking about 
here. It's actually weapons-grade highly enriched uranium. And 
while one reactor doesn't have enough to make a bomb, two 
would.
    And one of the things that we've been talking about--in 
fact, we're going to be testifying tomorrow before Armed 
Services on the subject--is that those reactors--I'm sorry--
those facilities are regulated by the NRC. And while they do 
have a higher standard of security than they do for the power 
plants, it's not as high as the standards of the Department of 
Energy for exactly the same materials.
    And I think it's one of these weird bureaucratic, ``Well, 
it's another agency, even though it's the same material'' kind 
of thinking. And we're in the process of working with the 
Department of Energy to rethink shouldn't they be taking over 
responsibility and dramatically increasing standards?
    There is also a real question, why do the universities need 
to have HEU at all?
    Mr. Van Hollen. Right. I understand that the GAO is taking 
a look at security at the research reactors as well, and we are 
looking forward to their report on that. My understanding is 
research reactors, yes, you have some with more highly enriched 
uranium, which is actually potential bombmaking material. But 
even those that are less highly enriched have the potential for 
use in some kind of dirty bomb with a conventional explosive.
    So I mean, to your knowledge, and I must I happened to be 
channel surfing, I think--and I saw some of the expose on that. 
And people were just able to walk right up and get access to 
these plants. Has action been taken, to your knowledge, to 
better protect those areas and bring it up to some of the 
standards?
    You say that we don't meet the same standards as the DOE 
does. What actions have been taken with respect to those 
university sites since that report?
    Ms. Brian. To my understanding, the Government hasn't 
changed any of its standards at all. That's something that each 
university is dealing with. But I think it's very appropriate 
for the Government to set higher standards.
    Mr. Fertel. I can't attest to exactly what NRC as to 
research reactors is doing, Congressman. But submit questions 
to them because they have taken actions to increase security at 
not only commercial nuclear plants, but at research reactors 
and at other facilities that they regulate.
    Mr. Van Hollen. Good. Well, we will do that. And again, 
thank you all for your testimony here this afternoon. And I 
apologize as well.
    If we could just recess until 4:15, I guess Congressman 
Shays will be back.
    Thank you all.
    [Recess.]
    Mr. Shays [presiding]. In my 12 years as chairing a 
subcommittee, I have never adjourned it, and I apologize for 
having that happen. There is always a first.
    I will just catch my breath and have counsel ask some 
questions, and then I want to jump in.
    Mr. Halloran. Thank you.
    Let us talk about the issue raised by the attorney general 
in terms of the security of spent fuel pools. Why isn't that a 
more explicit element of the DBT in your view?
    Mr. Blumenthal. I'm sorry. Could you----
    Mr. Halloran. Sure. You raised the issue of security of 
spent fuel pools and their limited protection structures and 
other vulnerabilities. And it doesn't seem to be an explicit 
aspect of the DBT now. And I am wondering, in your experience, 
why that is, and what might be done to mitigate that risk?
    Mr. Blumenthal. You know, I have to apologize that I don't 
know the reason why it is not included in the DBT. It may well 
be that, and I think this response may be anticipated from 
others on the panel, that it is regarded as a problem that was 
supposed to be solved through another means. That is through 
transfer of that spent fuel to other locations, more secure 
locations. In fact, locations where the security was 
anticipated to be like night and day compared to what exists 
now.
    The present facilities are temporary, putting ``temporary'' 
in several layers of quotes. But they are, nonetheless, for the 
foreseeable future likely to be there. And I think also there 
are probably technical reasons that perhaps the engineers have 
minimized the dangers.
    But the fact of the matter is that breaching the security 
and creating an environment that will permit a release of 
radioactive material is a real danger, and there's been 
virtually no attention to it, at least so far as the design 
basis threat is concerned.
    Ms. Brian. Mr. Halloran, if I could add, the spent fuel 
pools are actually a part of the DBT. Our understanding is they 
are one of the targets.
    The concern that we share with the attorney general, 
though, is that there isn't enough attention placed on the 
kinds of things that could happen like the kinds of weapons 
that could be used against them, as well as aircraft, and the 
consequences of those, which were very well discussed in the 
previously mentioned National Academy study.
    Mr. Crane. OK. Again, to reaffirm that last statement. The 
spent fuel pools are targets that are protected by the weaponry 
in the DBT.
    So they're drilled on. They're tried to get access to 
during the adversary forces. They're a part of it. What is not 
part of it, which is not part of the DBT--it's beyond the 
capability, as previously said--to protect against the 
airliner.
    Now the NRC has taken actions, and we've all complied with 
the actions, and this is the confusing point. It is the actions 
have not been taken under the DBT. They've been taken under 
safety guidelines and regulations that have been issued.
    We have to do certain things with our spent fuel. We have 
to move it in a certain location. We have to have or are 
heading toward having capacities for different coolant sources 
being added. I want to make sure I don't get into safeguards 
information. But there is a significant amount of work that's 
being done.
    We would like to have the repository open to further move 
the amounts of used fuel. But right now they are safely and 
adequately stored. There are actions that the industry has 
taken at the direction of the NRC to have further defense and 
depth in contingencies available. But I think we're confusing 
what the DBT is and what the DBT isn't and how we protect the 
spent fuel pools.
    Mr. Shays. I don't understand what you just said. What are 
we confusing?
    Mr. Crane. Asking why the spent fuel pools are not 
protected under the DBT.
    Mr. Shays. But explain your comment, ``we're confusing.'' 
What are we confusing?
    Mr. Crane. The guidelines that the NRC has issued that 
takes the defense and depth actions on the spent fuel pools 
were issued as guidelines under safety aspects, not under 
security.
    Mr. Shays. And but your testimony would also be that it is 
part of the DBT?
    Mr. Crane. As the DBT, we protect the spent fuel pools 
against the armament and the forces that are prescribed in the 
DBT.
    Mr. Shays. Right. Not what?
    Mr. Crane. The airplane.
    Mr. Shays. Right. That is because we have said that is part 
of the Federal Government's responsibility?
    Mr. Crane. That's correct.
    Mr. Fertel. Maybe just to add a little more. Commissioner 
McGaffigan is sitting here, and maybe he can figure out how 
some of what they do that isn't safeguards so they can get out 
more because he's very good about doing that. But the NRC is 
doing and actually has completed independent assessments of 
every plant's spent fuel pool, looking at what could happen 
under very bad days.
    In parallel, but also independently, the industry did its 
own assessment of those. Danielle referred to the National 
Academy study. The National Academy study, which is a 
classified document, does recommend two particular remedial 
things you should do to deal with a bad day with spent fuel 
pools.
    Mr. Halloran. Excuse me. Those studies were done under the 
safety rubric, though, not the security side of the house. Is 
that what I would understand?
    Mr. Fertel. They were done as part of requirements that the 
NRC imposed to look at what would happen to the spent fuel pool 
under airplane attacks and other things like that. It was not 
specific to a threat.
    The actions the NRC has taken have looked at improving 
safety in those situations. And basically, the NRC has taken 
actions in one case that satisfies one of the two NAS 
recommendations, and the industry has proposed action that 
would satisfy the second case. And we think NRC is reviewing 
that to see if they'll approve it.
    So, to be honest, the spent fuel pools are a target set as 
part of what you look at to protect. So while they're not ``in 
the DBT,'' the DBT is applied to them, and you've got to 
protect them successfully against it. And second, for things 
that's beyond the DBT, that's been looked at very aggressively 
by the NRC in site-specific independent studies. And every 
plant is taking action to improve the safety of the spent fuel 
pool.
    Mr. Halloran. That leads then to the question about enemy 
of the United States and of what real relevance or practical 
meaning that standard would have if, as was testified earlier, 
it was a standard crafted with a particular situation in mind. 
Maybe it was from Cuba.
    In the terms of designing the DBT, what does it really mean 
when we are dealing with threats crafted by non-state actors, 
trans-national characteristics, they are not supported by the 
power of the state? One guy training to fly an airplane did a 
lot of damage, several guys. And so, of what real relevance is 
that standard today?
    Mr. Blumenthal. If I can take a crack at the answer first? 
That's the problem with the distinction, that it has little, if 
any, relevance today. Maybe it did in the cold war setting, 
where the major threat was a missile or an airplane coming from 
the Soviet Union and threatening a designated target. But 
today, an enemy of the state is not coming from outside our 
borders necessarily, but inside.
    And the distinction, as I indicated earlier, I think is 
decreasingly relevant, if it has any meaning at all today. And 
I think the kind of distinctions which I have to admit, I 
didn't follow the last answer--to say that it's not in the DBT, 
but it is covered by the DBT. I think that kind of--and I don't 
question the veracity, the truthfulness of it. But I think that 
kind of distinction indicates the lack of relevance that this 
kind of attempt to use outmoded concepts has in this new world 
that we've occupied for the last 5 years.
    Ms. Brian. If I could just make two points? One is if you 
think about an attack happening, how is a security officer 
supposed to figure out whether they're an enemy of the state or 
not? When are they going to say, ``This isn't my problem?''
    I mean it's so impractical in the extraordinary fast 
timeframe this is all happening, the chaos. It's a ridiculous 
concept to me. And then, in reality, the----
    Mr. Shays. Ms. Brian, I am not fully following. Be more 
specific. What is a ridiculous concept?
    Ms. Brian. The idea that the security officers are required 
to make a distinction between they are to protect against 
certain types of actors, but not others. How are they supposed 
to figure out whether the person who's coming in with a gun is 
an enemy of the state or not?
    Mr. Shays. No, see, I happen to agree with a lot of your 
positions, but I think that is stretching it a bit. And if I am 
wrong, then you can correct me.
    But, and I do agree with Mr. Blumenthal about the 
relevancy. But if, in fact, we are not going to say to the 
operators of a plant that they have to defend against an 
airplane coming in.
    But it does raise the point, maybe you would, unless we 
decide, for instance, with spent fuel, which I happen to agree 
with Attorney Blumenthal that spent fuel is a huge risk outside 
the dome, outside the protective cover--I would then say, well, 
you know, it is the responsibility of the operators to protect 
it better.
    So I guess I am kind of in between here, and I may even ask 
the Commissioner to step back and help me, walk me through 
this. So, which by the way, I appreciate that you would stay 
and listen to this other panel. It speaks well.
    I think we had some folks from GAO and others who stayed, 
and that is appreciated as well.
    Ms. Brian. If I could clarify my point? The aircraft is not 
the only thing that is eliminated from what the private 
security forces are required to protect because of this 
standard.
    Mr. Shays. Give me an example that you would think----
    Ms. Brian. The other weapons that we're concerned about 
that are not being included are considered weapons that are 
used by enemies of the state.
    Mr. Shays. Maybe Mr. Fertel or Mr. Crane, you could----
    Mr. Fertel. Let me, first of all, Danielle--and I think you 
don't mean it the way I'm hearing it, too. The officers are not 
either counting the number of people attacking or asking what 
their weapons are to see whether they're going to fight them. 
They're going to fight them if they attack the site with 
whatever they come with.
    So I don't think there is a distinction that they're not 
going to fight me because they think I'm an enemy of the state, 
but they will fight you because they think you're not.
    I personally would agree, this is personal, that the enemy 
of the state is probably an artifact of a different era. But 
for the same reason, I think that you need to think about what 
we've been discussing differently, too. Since September 11th, 
this Nation has done a lot, including standing up DHS--and 
whether it's standing on both legs very firmly is probably in 
the eye of the beholder--creating a director of national 
intelligence, and doing a lot to try and protect our Nation.
    Before that happened, NRC was kind of alone doing what it 
does, and I think that they have done a very good job since 
September 11th in making a lot of changes----
    Mr. Shays. I don't know if you are answering the question, 
though, that we were discussing?
    Mr. Fertel. Well, the question was do we believe there's a 
distinction between enemy of the state or not, and that's what 
I'm addressing. Do I have the question right, Mr. Chairman?
    Mr. Shays. Yes, but I am thinking particularly of should it 
be the responsibility of the operators to provide a hardened 
target for spent fuel?
    Mr. Fertel. Yes, OK. I didn't think we were focused only on 
spent fuel, but if we want to start with spent fuel. We have a 
hardened target for spent fuel.
    Mr. Shays. No, but--well, you do and you don't.
    Mr. Fertel. No, we do. And I'd love to be able to have the 
NRC or us brief you on that, OK? They are not sitting out there 
by themselves. You weren't here, Mr. Chairman, for at least 
some of the discussion that went on during the Q&A.
    Mr. Shays. Sure.
    Mr. Fertel. I mentioned, and NRC has done their own study, 
so they can share theirs. But theirs is secret, and ours, we've 
made public. We've done studies right after September 11th that 
looked at a 767 hitting the spent fuel pools and a 767 hitting 
dry cask storage.
    And you can go to a bigger airplane, a faster speed, but 
this was a pretty big plane. It's 80 percent of the air flights 
we have in this country. And the outcome was there was no 
release of radiation. There was a very bad day on the plant. 
There was a lot of damage. There was a lot of----
    Mr. Shays. The spent fuel that is at Indian Point, is that 
under the dome?
    Mr. Fertel. Spent fuel at Indian Point is almost impossible 
to hit, to be honest.
    Mr. Shays. No, that is not what I asked. Is it under the 
protected dome?
    Mr. Fertel. It is because it's a pressurized water reactor. 
It is in a building next to the containment. It's not in 
containment. It's not in there, no. But it is below ground, the 
pool itself.
    Ms. Brian. It has one exposed wall, though. It's not 
entirely----
    Mr. Shays. Yes. And I understand. It is on the side of the 
hill. So it would be harder to hit. But----
    Mr. Fertel. I mean, there's a reality and a theoretical 
reality to some of these things, and I'm not pooh-poohing where 
something could happen. What I'm telling you is that has been 
looked at. NRC has also done these independent studies, which 
looks at what you can do to protect it, and those studies have 
been completed. So there has been a lot done looking at spent 
fuel pools, and appropriately so.
    My point is beyond spent fuel pools. It goes to this 
question of enemy of the state and what's the responsibility of 
the commercial operator?
    Mr. Shays. The reason why spent fuel was on the table was 
that it is our biggest fear is that it becomes a target for an 
enemy of the state. That is why it was on the table.
    Mr. Fertel. I understand that.
    Mr. Shays. OK. You wanted to finish your point?
    Mr. Fertel. Yes, my point, sir, is that whether it's an 
enemy of the state in the conventional definition that the NRC 
has always had, or maybe in what people believe today, which is 
just some really bad terrorists that are trying to get us, the 
response of the private sector ought to be what it's capable of 
doing, and we shouldn't pretend it can do more. It can't shoot 
down airplanes.
    And what we really need to do is what I think DHS has 
embarked upon, which is to look at threats that are much bigger 
than our DBT and to look at threats that are smaller and to 
risk inform and threat inform how they bring integrated 
resources to support whatever you have. And that is going on.
    Mr. Shays. It seems logical what you say what the industry 
is capable of doing. But there is an assumption that the design 
basis threat will protect the plant and, therefore, the public. 
That is the assumption.
    So the assumption is that whatever is required, the plant 
will be protected. What the inference of your comment is that 
if it is not capable of doing it, then we don't require it to 
do it. Therefore, it is not part of the design basis threat. 
That is the inference of your comment.
    Mr. Fertel. Our understanding of the design basis threat--
and you have a Commissioner here, so he can give you theirs--is 
that the design basis threat is what the NRC holds licensees 
accountable at a high assurance to ensure that they can defend 
against.
    It is not the full spectrum of threats. It is not the most 
credible threat necessarily. It could be bigger or smaller than 
the most credible threat. But it is what they believe licensees 
need to be able to with high assurance win at. And we believe 
there is threats that go beyond that.
    Mr. Shays. Right.
    Mr. Fertel. And that those need to be dealt with not 
necessarily because it's an enemy of the state, but because as 
a country right now we are standing up a system that's 
attempting to protect our whole critical infrastructure. Not 
just nuclear plants, but everything else, and how do we do 
that?
    And to be honest, I think DHS is moving down a responsible 
road maybe too slowly.
    Mr. Shays. Well, definitely too slowly.
    Mr. Fertel. Yes, I would agree.
    Mr. Shays. Maybe Mr. Blumenthal, you could jump in in just 
1 second. But what the inference to the public is that a design 
basis threat meets the threat. Therefore, you are protected. 
And the inference from your statement is the design basis 
threat meets the capability of the industry at a particular 
site to do what it is capable of doing, but it doesn't 
necessarily meet the threat.
    Mr. Fertel. I'd say it just slightly different. If it's my 
words, I'd say it's what the NRC has decided that the industry 
individual licensees must meet with high assurance of winning. 
They decide it. We don't decide it. They do.
    Mr. Shays. Yes. How do you react to this dialog, Mr. 
Blumenthal? Mr. Blumenthal, I would like you to respond to what 
you are hearing being said.
    Mr. Blumenthal. Well, you know, I was just looking through 
some of my notes about what Chairman Diaz said.
    Mr. Shays. So you were taking notes? You weren't just 
sitting there. [Laughter.]
    Mr. Blumenthal. Let me react in this way. If someone had 
predicted on September 10, 2001, that the two buildings of the 
World Trade Center would not only be hit, but would come down, 
there would have been a lot of engineers who would have said, 
``No way. You can hit them 10 different times, 10 different 
ways, and they will stand, and people will exit them.''
    If you had said somebody flying an aircraft is going to try 
to hit a nuclear plant in Pennsylvania or the Pentagon, they 
would have said, ``No way. But even if they do, they won't do 
damage.''
    And I guess the question is not whether a terrorist can hit 
a spent fuel pool. Certainly, we know that is possible. The 
question is, first, can they be stopped? And second, what 
damage will be done?
    And my own military experience leads me to think that kind 
of attack should prompt action on all fronts. That is from the 
plant operator, who should design it not just to withstand what 
is a couple of studies in terms of prediction of damage, but 
should be designed to be as damage proof as possible under all 
circumstances. And I don't think we have any assurance that the 
plant operators have been required to build as strongly and 
hardly as possible.
    And of course, the military, the Federal Government has an 
obligation, too. You want a belt and suspenders type of 
approach here. You don't want to just say, well, that is the 
Federal Government's responsibility, or the nuclear plant 
operator ought to build it so that it can withstand attack no 
matter what. Both ought to be focused on this problem.
    I just think that's one reason why this distinction is 
artificial and outmoded and unrealistic.
    Ms. Brian. If I could make a point that may clarify my 
vision of why I think this is ridiculous?
    Mr. Shays. Sure.
    Ms. Brian. This attack, if it were to happen, the tests 
have shown there are sort of 3 to 8 minutes, very fast. Quick. 
You either win or you lose. And it also takes, studies have 
shown or tests have shown, about an hour and a half or 2 hours 
to get a SWAT team, get them together, assembled, put all their 
equipment on, brief them, get them there.
    There's this giant gap, and the gap is essentially created 
by this distinction of enemy of the state. I'm not suggesting 
that the people at the plant are going to say, ``I'm not going 
to fight.'' But the point is the things they're no longer 
required to protect against is because it's been deemed an 
enemy of the state type weapon or method.
    And that's a distinction that I think we have this cavern 
of time, which I understand DHS is theoretically shrinking, but 
that's a huge cavern that I think is the Government's 
responsibility to do something about if industry isn't being 
asked to do it.
    Mr. Fertel. Just on Danielle's statement. Part of the 
comprehensive reviews that DHS is doing is looking at exactly 
what she's referring to. They are looking at the threat 
spectrum at every plant, and basically, they have a series of 
16 big threats they look at.
    Then they're looking to see if they thought that a ground 
assault, which is what you're referring to, of a large force--
which is one of their--in fact, a lot of their threats are very 
large forces--was likely in that area, they're looking at what 
they would have to do to help prevent it, to help you identify 
it sooner because these things don't happen overnight.
    The experts are going to be doing surveillance and 
everything else. They're actually sitting down and thinking 
through if my site was one where they thought that could 
happen, what would they be giving local law enforcement to 
state, and what would they be setting up to protect the site 
not when it's attacked, but to give them early warning that 
you're under surveillance and stuff like that? And then to 
think about attack and take-back.
    Another study that we did, and it goes to Danielle's 
statement, if you lose. This was at a request for us to take a 
look at a ground assault that actually won and was able to get 
into the plant, was able to cause a release of radiation. And I 
wouldn't profess that this is a good outcome, but the outcome 
is not nearly as dramatic, at least in death, as one normally 
hypothesizes.
    What it found was there would be two prompt fatalities, and 
we can make this available to the subcommittee, if you'd like, 
Mr. Chairman. And there would be about 100 latent cancers over 
the long term, which would not statistically change the cancer 
rate in an area.
    And this was done for a real plant situation with a 
population that was relatively large around it. It was not a 
specific plant. We were not asked to try and do it for a 
specific plant so that people could get scared. It was putting 
together a couple of situations. We'd be more than glad to 
share it.
    I'm not at all professing that's an acceptable outcome. 
What I'm trying to point out is that the consequences of some 
of these things I think are much greater in people's mind than 
potentially in reality, though we should make sure it never 
happens.
    Mr. Shays. When we meet, is it next month? Do you have a 
hearing schedule? When we have our hearing in May behind closed 
doors, what would be the questions that you would want to ask, 
Mr. Blumenthal and Ms. Brian, if you were me in those hearings?
    Ms. Brian. OK. I would love you to ask the Commissioners if 
they think that everything is being reasonably asked of 
industry because I don't believe the Commission----
    Mr. Shays. Well, I could ask that in open forum. Give me 
something exciting to ask.
    Ms. Brian. Well, ask them why they are not protecting 
against weapons that we know terrorists use all the time.
    Mr. Blumenthal. I'd like to know what weapons have been 
eliminated, what specific weapons have been eliminated and why. 
What additional weapons, apart from the recommendations as to 
what should be considered, what additional weapons staff has 
considered as relevant to that kind of attack and why they 
haven't even been considered by the staff?
    And what studies have been done by them, not by the 
industry, but by the Nuclear Regulatory Commission that show we 
shouldn't be worried about spent fuel pools and why they're 
sufficiently protected?
    Mr. Shays. When they had the general concept in the 
Department of Energy on the design basis threat, when we were 
there, we had concern that they were focused too much on 
someone getting in and out.
    September 11th answered that question. A lot of people 
don't care if they go up with whatever. In other words, they 
don't care if they die in the process of causing a real 
catastrophe.
    So, Mr. Fertel and Mr. Crane, you would agree that the 
design basis threat, based on that, had to go up significantly. 
Correct?
    Mr. Crane. Yes, I agree, and it did.
    Mr. Shays. Now the other issue was whether you had, there 
is a huge difference between whether you had one insider or 
two. Obviously, I could carry it to extremes. I mean, I happen 
to believe when you cut taxes, you generate economic activity. 
But obviously, if you got rid of all taxes, that is carrying it 
to the extreme.
    So I could carry this to the extreme. But I happen to 
believe it is very likely you would have more than one insider. 
Would you agree that with every inside person the task becomes 
much more difficult, and especially depending on who the 
insider would be and what capacity?
    Mr. Crane. I think that you can come up with scenarios that 
could create tougher situations, and that's why we have to 
depend on more than just the guard force to ensure that the 
insider threat is minimized--through constant behavioral 
assessments, through different psychological tools. Members of 
our staff that have that critical knowledge have an enhanced 
inspection characteristic and behavioral assessments done on 
them, and their background evaluations are reviewed more 
frequently.
    So the answer is yes. You could come up with scenarios that 
could make it very tough. The guard forces, the guard force, 
they are very well trained. But we have other administrative 
tools to ensure that does not happen.
    Ms. Brian. Congressman, if you could also ask them about 
the number of attackers they are protecting against?
    Mr. Shays. Well, that was the other issue when we were 
looking at Y-12.
    Ms. Brian. Right.
    Mr. Shays. We felt originally that they were 
underestimating the number of people potentially who could, and 
when they increased the numbers, obviously, it became a much 
more difficult challenge for them.
    What I would also want to know is obviously everything that 
they changed from staff to once they interacted. And we can be 
very candid publicly our reaction as to whether we felt that 
this was influenced too much by the concept that I know is 
legitimate. But that also can be carried to an extreme, and 
what is the industry capable of doing?
    What I am left with in this hearing, and maybe you could 
react to it? I am left with a feeling that I had come to this 
hearing thinking that the design basis threat was pretty much, 
if we met it, we could pretty much protect a facility.
    I am leaving with the view that the design basis threat is 
a logical thing to do to maximize our capability to respond to 
an attack, but even if we meet it, it is no guarantee that we 
have protected the plant because it may be in some plants that 
it is simply not practical to do everything you need to do to 
fully protect it.
    That is where I want to kind of have a dialog behind closed 
doors as to whether that happens at all or whether it happens, 
you know, often. Because obviously we can't ask you to do 
something you can't do.
    But it seems to me that the threat has to be realistic, 
whatever it is. And then the chips fall where they may. And I 
am wondering, and maybe I could ask you, Commissioner, to just 
step up for this? If you didn't mind, just pulling a chair up?
    And if your colleagues are disappointed they aren't here to 
give a different view, you could tell them they could have 
stayed, if that is not too fresh.
    Mr. McGaffigan. I was the designated Commissioner.
    Mr. Shays. Good. Well, then that is super. Thank you.
    Then we will assume that you are speaking for the 
Commission. Did you hear my last basic point?
    Mr. McGaffigan. Yes.
    Mr. Shays. Yes, maybe you could respond to it?
    Mr. McGaffigan. Sir, I think it's permeated the hearing 
today. Clearly, there are threats that go beyond the design 
basis threat. I talked earlier about the aircraft threat and 
what we have done with NORAD.
    Mr. Shays. Yes, but let us get rid of the airplane.
    Mr. McGaffigan. But I also think that the comprehensive 
reviews, although they're paper exercises to some degree, show 
that the capability of our guard forces, which is really 
extraordinary. I'd encourage you to visit Millstone or Indian 
Point. Or as I said, I was at Quad Cities last week. They are 
pretty extraordinary forces.
    I'll give you unclassified numbers. There are 8,000 guards 
at approximately 64 sites. That means 125 per site. That means 
about 25 per shift on average. There are some sites that have 
more, some that have less. So you're attacking a site that has 
25 people armed with AR-15s and other sort of weapons, lots of 
ammunition in prepared positions that you have taken on.
    I would argue that our regulatory requirement is high 
assurance that during an exercise they can defend against the 
DBT. I think they have extraordinary capability against beyond 
DBT ground-type assaults and that the capability degrades 
gracefully, and it isn't a matter that if you have--and we've 
tested it at one site.
    I mean we'd like to have more industry volunteers, and I'll 
put in that plug right now. But one site we tested 2X, and the 
site did just fine. Against twice the size of the force. That 
particular site had no targets that's destroyed. They destroyed 
twice as many guards.
    We think that would happen more frequently. It is hard, the 
industry always is wary of the regulator in terms of allowing 
us to explore beyond regulatory threats. But I say I think it 
degrades gracefully.
    And then for the extraordinary threats like the aircraft, 
we do two things. We work with NORAD, and we invoke our safety 
authorities, whether it's a spent fuel pool or a core. We 
assume the worst, and say, OK, what can you guys do now to 
mitigate it, to prevent anybody offsite from being hurt?
    Mr. Shays. What I think what we may end up having to do 
that might make industry very uncomfortable. I am going to say 
to you that I happen to think ultimately the environmental 
movement, to which I feel very close to, is ultimately going to 
have to decide whether we want global warming or nuclear 
generating power plants in addition to conservation.
    I think that it is going to be whether we are going to be 
competitive with the rest of the world as they end up with 
nuclear plants on a generating plants. I mean, I happen to 
believe that we are going to have plants in this country, and I 
vote to send it to Yucca Mountain.
    But I am uncomfortable with having plants until we decide 
what we do with spent fuel. I don't like the idea, I think we 
are very vulnerable leaving them onsite. So I have some 
discomforts.
    But it seems to me that we almost need to have another way 
to grade every plan and say this is the extent to which the 
design basis threat is feasible and logical. I believe that we 
have made a decision to lower the design basis threat because 
it is not practical to meet what may, in fact, be a very 
realistic threat.
    I believe that is true. Obviously, that is debatable. But I 
think that there are scenarios that would almost be impractical 
for a plant to have prepared for 24 hours a day. But I believe 
also that the design basis threat gives people a sense that if, 
in fact, we need it, whatever that is, that people feel we are 
protected. And I don't think we are because I think we do 
compromise it.
    So then the issue to me is, should there be another way to 
which we then inform at least, if not publicly, those 
decisionmakers that this plant isn't as well protected and can 
never be as well protected as this plant because it is 
impractical to do all the things that we have to do at this 
plant?
    And then have a private dialog in particular about what 
that means. Is this something that ever happens in dialog----
    Mr. McGaffigan. Mr. Chairman, in terms of looking at new 
plants, the Commission last summer, when I was off the 
Commission briefly waiting to be reconfirmed, did make a 
decision that we would ask for a so-called target set analysis 
of each of the new designs as part of our process.
    We believe that the target set is the set of equipment that 
you have to take out in order to lead to core damage or to--we 
were focused on the core or to spent fuel damage. The more 
complicated, the larger the target set, the more the terrorist 
has to do to succeed, the less the probability of the terrorist 
succeeding.
    And a lot of that can be built into the design, and I 
believe it's already built into the design of each of the new 
reactors--the AP1000, the Economic Simplified Boiling Water 
Reactor, and the EPR, the European Pressurized Reactor, or 
whatever they're calling it in the United States these days. 
They have a different title.
    The evolutionary power reactor. Part of their marketing in 
the United States is to delete ``European'' and put in 
``evolutionary.''
    But each of those, each of those reactors is from a point 
of view of terrorist attack, we believe, going to be much safer 
and more secure than the current generation of reactors. Not 
that the current generation isn't secure, but one of the policy 
statements the Commission issued a long time ago is that when 
we embark on a new generation of reactors, they will be both 
safer and more secure than the current generation of reactors.
    We think that will be the case. So, we'll have to be behind 
the doors that the details of those analyses they're going to 
give us, but we'll be happy to share those with the Congress, 
you know, and convince you that these are very secure 
facilities that are being proposed by the industry.
    Mr. Shays. And I am exposing my ignorance here, which I do 
quite often, but I do learn from it. Do we grade every nuclear 
power-generating plant on a scale of whatever to be able to 
compare its vulnerability versus another one?
    Mr. McGaffigan. We do not, sir.
    Mr. Shays. That to me seems--what?
    Mr. McGaffigan. We have studies and these comprehensive 
reviews----
    Mr. Shays. But I think you know where I am going. Before 
you answer, I would just tell you where I am going. Where I am 
going is, obviously, that would have to be kept very 
confidential because you then don't want to expose it to the 
adversaries.
    But if the logic is that someone goes to the weakest 
target, what is the weakest one? And some have to be weaker 
than others. And if they are not weaker, maybe their 
consequence is greater if--just hold on 1 second. You will get 
your chance.
    The consequence may be even worse. I mean, maybe one plant 
isn't as vulnerable, but if it is hit in an effective way, the 
consequence is far greater than the weaker plant, if you get my 
gist here?
    But it would seem to me that we would grade every plant, we 
would know how each one. And if, in fact, the design basis 
threat doesn't really meet the actual threat, but what we are 
capable of meeting, if that is my suspicion and it is right, 
then it would seem to me we would have to have some way to say 
this is the vulnerability at this plant?
    Mr. Fertel. Yes, Mr. Chairman. Commissioner McGaffigan 
referred to it, and I did in my testimony. DHS is on that path. 
That's exactly what this RAMCAP program does, but not just for 
nuclear plants, it does it for LNG facilities. It's going to do 
it for chemical plants. It's going to do it for all the 
critical infrastructure sectors.
    And what they do is they go out and they have a spectrum of 
16 threats, and you should have them come in and tell you what 
they're doing.
    Now they don't necessarily say this is a credible threat 
and this is a noncredible threat. They look at all of them, and 
they ask for the worst-case consequences for each of those. Not 
a very sophisticated engineering analysis, more qualitative. 
But they have a methodology they use that gives them pretty 
good data and probably for nuclear plants gives them the best 
data because there's been so much done at those plants.
    Their intent, and they've got to get to execution, they're 
doing the things now. Their intent was that they would then 
have a matrix for all of the critical infrastructure. So my 
nuclear plant, Danielle's chemical plant, attorney general's 
LNG facility. And they would look at these 16 threats.
    Mr. Shays. I don't think you would want to be associated 
with an LNG. [Laughter.]
    Mr. Blumenthal. I'm taking it in the spirit that it was 
offered.
    Mr. Fertel. It was inclusiveness.
    Mr. Blumenthal. He's not giving me ownership.
    Mr. Fertel. What they would be doing is they would be 
saying that for threat A, we think there's a high likelihood 
that may occur in our country. And they would look and they'd 
say, OK, threat A has very low consequence for my facility, but 
high consequence for Danielle's.
    They would then look and say do we feel we're adequately 
protected as a Nation? Not as her as a separate entity, but 
with what she's doing at her plant and what the Federal 
Government and State and local are going to do, what else do 
they need to do to enhance the margin of security?
    That's the effort that they're on, and it's a combination 
of this RAMCAP, plus what Commissioner McGaffigan referred to 
on comprehensive reviews. That is the closest thing to what 
you're discussing, but it's not ranking nuclear plants among 
nuclear plants. It's ranking nuclear plants within the 
infrastructure. And some nuclear will be high risk you need to 
deal with, and some will be very low risk.
    Mr. Blumenthal. If I can just interject, as a non-expert, 
as just a----
    Mr. Shays. Why don't you just say as an unbiased person?
    Mr. Blumenthal. As a country lawyer.
    Mr. Shays. OK. Yes, right. [Laughter.]
    Mr. Blumenthal. You know, as I listen to all of the 
terminology and the reports about studies and the consideration 
of threat levels and all the rest of it, I'm struck by the need 
to have perhaps some agency other than the NRC doing these 
security assessments. And maybe it should be the homeland 
security agency.
    But one of my main reasons for being tempted by that 
outcome is the account from the GAO, which I think is 
absolutely stunning that the design basis threat was redefined 
because the industry objected to the expense of it being 
responsible for protecting against certain weapons. It, in 
effect, persuaded the NRC to redefine this design basis threat 
because of its needs, financially and otherwise.
    And you know, the security of our nuclear plants maybe is 
too important for the Nuclear Regulatory Commission to be 
responsible for performing or assuring.
    Mr. Shays. I would tend to agree, especially if we start to 
see more of them, more plants.
    Mr. Blumenthal. And I want to----
    Mr. Shays. You will get that in----
    Mr. Blumenthal. I realize that it may seem like a novel or 
dramatic idea, but----
    Mr. Shays. I don't think it is novel, actually.
    Mr. Blumenthal. Not novel?
    Mr. Shays. No. Not novel.
    Mr. Blumenthal. Well, that gives me some assurance. 
[Laughter.]
    And I didn't suggest that it was entirely novel, but novel 
for the----
    Mr. Shays. In this room, it seems novel right now, yes.
    Mr. Blumenthal [continuing]. Congress to consider doing. 
But certainly where the lack of transparency, which, again, the 
GAO highlighted. Where you have lack of transparency and 
apparent possible over-involvement of the industry, you would 
want a different agency to be making these decisions.
    Mr. Shays. Right. I hear you.
    Yes, Commissioner?
    So now we are going to close up.
    Mr. McGaffigan. Two points. One is in response to your 
original question, the ranking. Rankings, just if we did safety 
rankings of the 103 plants, it would depend on the 
configuration of the plant at any given point in time, and it's 
the same in security.
    So one plant may be more secure than another at time X and 
not be more secure at time Y, depending on what else is 
happening at the plant at the same time. So it's a complicated 
thing.
    To the extent that we can, we do provide NORAD and 
NORTHCOM--and we can talk to you about this in a classified 
meeting--our list of things they should focus on, and we give 
them plant status on critical parameters so that they can 
better assign their resources. We do that. We've done that 
already. We've been doing that for years.
    On the issue of independence of the Nuclear Regulatory 
Commission, all I can say, sir, is that our staff is a very 
professional group of folks. They are not lapdogs of the 
industry or wholly owned subsidiaries of NEI.
    I have personally had no ties to this industry throughout 
my life. I'm a 30-year civil servant. I worked for Jeff 
Bingaman for 14 years. I was a Foreign Service officer for 7 
years. I have never collected a check except from Harvard, 
CalTech, and the Federal Government, U.S. Treasury. And most of 
our staff is exactly that way.
    Some Commissioners have ties to the industry. I think 
that's a different--they bring a perspective. And you benefit--
we are an independent regulator. We are the watchdog.
    I wish, one thing, sir, if you're ever working on the title 
of the Nuclear Regulatory Commission, I wish we were called the 
Nuclear Safety and Security Commission because ``regulatory'' 
has such a negative connotation in our society, and most 
other----
    Mr. Shays. Well, names do matter. We do have the Patriot 
Act.
    Mr. McGaffigan. Yes, I know. Names do matter. And most 
other regulatory bodies on the face of the Earth have 
``safety'' in their title, and we, unfortunately, have 
``regulatory,'' which brings with it all those negative 
connotations.
    We are an independent body. We call the shots, the balls 
and strikes, as we see them. These folks are put through their 
paces that are our licensees in both safety and security.
    Mr. Shays. I hear you. Now I understand why they allowed 
you to stay. [Laughter.]
    Mr. Crane.
    Mr. Crane. I just have to----
    Mr. Shays. I don't mean allowed, asked you to stay.
    Mr. Crane. I just have to respond to a couple of comments.
    Mr. Shays. Sure.
    Mr. Crane. First of all, I think most regulatory agencies 
have stakeholder interface meetings and conversations, and I 
think it's a critical part to make sure you hit the mark when 
the regulation comes up.
    The NRC did afford a small section of the industry that was 
a working group to be able to look at the feasibility of what 
could be done not only in the timeline of what could be done or 
what reasonably we had to protect ourselves again. 
Probabilities came into our feedback.
    We are not an industry that is overly driven by profits, 
and we have not been pushing back overly hard. We have spent 
over $1.2 billion. There are 16 sectors in the United States, 
and show one other sector that's put anywhere near that money 
into it and voluntarily done this and expedited it.
    At our company alone, we've spent over $140 million in a 
very short period, a 1-year period of time, $140 million, and 
we increased our operational expenses by 100 percent. We didn't 
go ask for handouts from Congress. We didn't ask for handouts 
from Homeland Security.
    We are dedicated to protecting our people. We are dedicated 
to protecting our assets. If we cut a corner in our industry, 
billions of dollars of value of our shareholders are lost 
immediately. So to portray us as being able to push back on the 
regulator and we're driven by money is totally false.
    Mr. Shays. No. And that extreme statement would be false. 
But having been in this business of Government for 30 years, 
you do have competing interests.
    And I think that the issue is to what extent do you want to 
protect yourself? And I think that is where you would have an 
industry that might think 10 years, but maybe not think of the 
30-year case, or the 30-year storm or whatever. So I think it 
is somewhere in between.
    I think people have been, frankly, pretty respectful of 
your industry and here as well. And let me just say I would 
like to end this hearing, if I could, by allowing each of you 
to make any point that you think, question that we should have 
asked that we didn't or any point that you want to put on the 
record before we adjourn.
    And maybe I will start with you, Mr. Blumenthal, and give 
Mr. Crane a chance to think about it.
    Mr. Blumenthal. Well, my point is going to be very brief 
because I have to catch a plane to be back in Connecticut for a 
commitment. So I'm willing to defer. I yield my time, as the 
saying goes in Congress.
    Mr. Shays. OK. Ms. Brian.
    Thank you, sir.
    Ms. Brian. I would just want to add that----
    Mr. Blumenthal. Excuse me for interrupting. I really do 
want to thank you, Mr. Chairman, for having this hearing, which 
I think has really been very useful and important.
    Mr. Shays. Thank you.
    Mr. Blumenthal. As well as your subcommittee and for all 
the great work you're doing.
    Mr. Shays. Thank you very much. You know what? Why don't 
you just feel free to leave right now? Honestly, because I am 
just going to go down. So, thank you so much.
    Mr. Blumenthal. Thank you.
    Mr. Shays. Travel safe.
    Yes, ma'am?
    Ms. Brian. I only wanted to add the reminder that in the 
process that this took place, where the staff was able to work 
with industry and come up with some changes in their 
recommendations, other people aren't allowed in that process 
because only very few people have the clearance and the 
capacity.
    So those of us on the outside are allowed to submit 
comments, but we're blindfolded because we're commenting on 
things that we're not allowed to know about.
    Mr. Shays. Thank you.
    Mr. Fertel.
    Mr. Fertel. I think the thing I would encourage, Mr. 
Chairman, is for you to be briefed by DHS on what they're doing 
more broadly to protect the critical infrastructure. I think it 
goes to the heart of the some of the issues and concerns you've 
raised.
    Mr. Shays. Well, I hope this won't shock you, but I have 
more faith in the NRC than I do in DHS. So----
    Mr. Fertel. It doesn't shock me, and again, I'm not trying 
to defend them. But I'm just saying they are doing something.
    Mr. Shays. In fact, let me say this to you--a lot more 
confidence. So that tells you where I am at.
    Mr. Fertel. But you helped create them, so we should try to 
make them effective.
    Mr. Shays. No, and there will be a point in time where they 
will get better and better and better. But you know, I am still 
trying to sort out Katrina. We didn't want them to stand by, 
watching FEMA fail. We wanted them to be proactive and help 
FEMA.
    Mr. Crane. That was going to be my same comment on anything 
you could do for us with DHS to expedite, it would be helpful.
    Mr. Shays. OK. Great. I think you all have been wonderful 
witnesses.
    And I am going to note for the record the NRC has evidently 
made a greater effort to be cooperative with our people that 
look at them, which is I think Ms. Brian's request, and I think 
that is a positive thing.
    But, Ms. Brian, we need organizations like yours to be 
speaking out and raising concerns, and we thank you for that. 
And we appreciate the work of the industry. So thank you all 
very much.
    Ms. Brian. Thank you, Chairman.
    Mr. Shays. Thank you, Commissioner.
    This hearing is adjourned.
    [Whereupon, at 5:15 p.m., the subcommittee was adjourned.]

                                 
