[House Hearing, 112 Congress]
[From the U.S. Government Publishing Office]




 
                         [H.A.S.C. No. 112-156] 
                     Y-12 INTRUSION: INVESTIGATION, 
                      RESPONSE, AND ACCOUNTABILITY

                               __________

                                HEARING

                               BEFORE THE

                    SUBCOMMITTEE ON STRATEGIC FORCES

                                 OF THE

                      COMMITTEE ON ARMED SERVICES

                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED TWELFTH CONGRESS

                             SECOND SESSION

                               __________

                              HEARING HELD

                           SEPTEMBER 13, 2012

                                     
[GRAPHIC] [TIFF OMITTED] TONGRESS.#13

                                     
  

                  U.S. GOVERNMENT PRINTING OFFICE
76-217                    WASHINGTON : 2013
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing Office, 
http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center, U.S. Government Printing Office. Phone 202ï¿½09512ï¿½091800, or 866ï¿½09512ï¿½091800 (toll-free). E-mail, [email protected].  


                    SUBCOMMITTEE ON STRATEGIC FORCES

                     MICHAEL TURNER, Ohio, Chairman
TRENT FRANKS, Arizona                LORETTA SANCHEZ, California
DOUG LAMBORN, Colorado               JAMES R. LANGEVIN, Rhode Island
MO BROOKS, Alabama                   RICK LARSEN, Washington
MAC THORNBERRY, Texas                MARTIN HEINRICH, New Mexico
MIKE ROGERS, Alabama                 JOHN R. GARAMENDI, California
JOHN C. FLEMING, M.D., Louisiana     BETTY SUTTON, Ohio
SCOTT RIGELL, Virginia               RON BARBER, Arizona
AUSTIN SCOTT, Georgia
                Tim Morrison, Professional Staff Member
                 Drew Walter, Professional Staff Member
                Leonor Tomero, Professional Staff Member
                      Eric Smith, Staff Assistant


                            C O N T E N T S

                              ----------                              

                     CHRONOLOGICAL LIST OF HEARINGS
                                  2012

                                                                   Page

Hearing:

Thursday, September 13, 2012, Y-12 Intrusion: Investigation, 
  Response, and Accountability...................................     1

Appendix:

Thursday, September 13, 2012.....................................     9
                              ----------                              

                      THURSDAY, SEPTEMBER 13, 2012
      Y-12 INTRUSION: INVESTIGATION, RESPONSE, AND ACCOUNTABILITY
              STATEMENTS PRESENTED BY MEMBERS OF CONGRESS

Sanchez, Hon. Loretta, a Representative from California, Ranking 
  Member, Subcommittee on Strategic Forces.......................     4
Turner, Hon. Michael, a Representative from Ohio, Chairman, 
  Subcommittee on Strategic Forces...............................     1

                               WITNESSES

Miller, Hon. Neile L., Principal Deputy Administrator, National 
  Nuclear Security Administration (Ms. Miller did not provide an 
  opening statement during the unclassified portion of the 
  hearing.)......................................................
Poneman, Hon. Daniel B., Deputy Secretary of Energy, U.S. 
  Department of Energy...........................................     6

                                APPENDIX

Prepared Statements:

    Poneman, Hon. Daniel B.......................................    20
    Sanchez, Hon. Loretta........................................    17
    Turner, Hon. Michael.........................................    13

Documents Submitted for the Record:

    [There were no Documents submitted.]

Witness Responses to Questions Asked During the Hearing:

    [There were no Questions submitted during the hearing.]

Questions Submitted by Members Post Hearing:

    Ms. Sanchez..................................................    33


      Y-12 INTRUSION: INVESTIGATION, RESPONSE, AND ACCOUNTABILITY

                              ----------                              

                  House of Representatives,
                       Committee on Armed Services,
                          Subcommittee on Strategic Forces,
                      Washington, DC, Thursday, September 13, 2012.
    The subcommittee met, pursuant to call, at 2:07 p.m., in 
room 2118, Rayburn House Office Building, Hon. Michael R. 
Turner (chairman of the subcommittee) presiding.

OPENING STATEMENT OF HON. MICHAEL TURNER, A REPRESENTATIVE FROM 
        OHIO, CHAIRMAN, SUBCOMMITTEE ON STRATEGIC FORCES

    Mr. Turner. I think you are all aware that votes are going 
to be called soon on the House floor.
    I think everyone is aware that the structure of today's 
hearing is we are going to have opening statements from myself 
and my ranking member, Loretta Sanchez, and then we will be 
going into closed session for the questions and answers. And so 
we will both then commence to offer our opening statements.
    I would like to welcome everyone to today's hearing on the 
recent security breach at the Y-12 National Security Complex.
    As we all know from the press accounts, in the predawn 
hours of Saturday, July 28, three nuclear disarmament activists 
trespassed onto the grounds of the Y-12 complex in Oak Ridge, 
Tennessee. The activists, including an 82-year-old Catholic 
nun, who is present with us today, cut through several fences 
and entered the high-security ``Protected Area'' surrounding 
the Highly Enriched Uranium Materials Facility, HEUMF. The 
activists defaced an exterior building with spray paint, human 
blood, posters, crime scene tape, and other items before 
eventually being stopped and detained by members of the 
protective force. Reportedly, even once on the scene, the 
initial protective force member apparently did not respond with 
appropriate urgency.
    This level of intrusion in the perimeter of a supposedly 
highly secure nuclear weapons facility is unprecedented, and it 
is absolutely unacceptable. It is outrageous to think that the 
greatest threat to the American public from weapons of mass 
destruction may be the incompetence of DOE [Department of 
Energy] security.
    I want to say that again.
    Because I have had hearing after hearing--I have 
participated both on this committee and with the Oversight and 
Government Reform Committee where we have raised the issue 
repeatedly of the security at these facilities. There is no 
margin for error for security at these facilities, and it is 
outrageous to think that the greatest threat to the American 
public from weapons of mass destruction may actually be the 
incompetence of DOE security to be unable to keep these 
facilities secure.
    Now I have just recently thanked one of the protesters for 
bringing this to light, to thank God that we did not have the 
security threat that could have been. If the facility had 
actually been under attack and all of these systems had failed, 
we would have had an absolute catastrophe. Instead, we have an 
embarrassment, but, thank God, an exposure of the issues and 
the problems of DOE that I know Members of Congress have been 
complaining about for a decade, because I have been one of 
them.
    Let me be clear: I rank this failure alongside the Air 
Force's unauthorized shipments of nuclear weapons to Barksdale 
Air Force Base in 2007 and nuclear weapons components to 
Taiwan, which was reported in 2008.
    From our oversight of these incidents, the subcommittee is 
intimately familiar with how systemic failures--coupled with a 
lack of leadership attention--can lead to massive failures in a 
business with room for none.
    The 2007 Air Force incident revealed deep and systemic 
flaws throughout the Air Force enterprise that allowed that 
incident to occur. It also revealed that both on-the-ground 
personnel and senior leaders in the Air Force had taken their 
eyes off the ball when it came to nuclear weapons. Tellingly, 
we saw Secretary of Defense Gates take strong action to hold 
these people accountable and fix the system.
    As the Y-12 investigations proceed, I expect to see 
similarly strong actions with regard to the July 28 incident 
and the leadership, management, and oversight failures that 
enabled it to occur.
    I have deep reservations regarding NNSA's [National Nuclear 
Security Administration] nuclear weapons security posture going 
back many years. Some of my first direct encounters with 
nuclear weapons occurred in the early 2000s. A visit to Y-12's 
old nuclear facilities and a ride-along with NNSA's Office of 
Secure Transportation left me deeply concerned that we were not 
paying sufficient attention to the security of our nuclear 
weapons, and my concerns have been borne out by what we saw in 
this incident.
    And let's remember, it was because of massive security 
problems and mismanagement at DOE that led this committee to 
create NNSA in 1999. This Y-12 incident is just one more 
indicator that the creation of NNSA has not fixed the problem. 
Twelve years later and the entire nuclear weapons enterprise, 
from the budget process to facilities construction and now even 
basic security, is fundamentally broken.
    Ranking Member Sanchez and I spoke earlier, and we agreed 
that the system is broken. The ranking member and I have 
pledged to conduct a subcommittee investigation and ensure we 
get to the root causes of this failure.
    We both want strong and effective Federal oversight of the 
nuclear enterprise, and we want the responsible Federal and 
contractor officials to be held accountable. This must never 
happen again. We must make it clear that these failures cannot 
be repeated and those responsible are held accountable. Ms. 
Sanchez and I will demand it.
    Perhaps most troubling to me is that we have heard that 
there were many indicators of problems with Y-12 security prior 
to July 28 that include sky-high false- and nuisance-alarm 
rates, cameras that were broken for 6 months, and huge 
maintenance backlogs of security critical equipment.
    Some of these indicators go back several years, and many of 
them were reported to NNSA's Y-12 site office on a daily or 
weekly basis. But no one reacted. No one at the contractors, 
NNSA, or DOE followed up on these indicators and forced 
corrective action. I am simply shocked by the failure to 
recognize a near meltdown of critical security lapses that were 
known well before this incident occurred. And, again, thank God 
that it wasn't an actual attack on the facility.
    It appears that the Federal overseers were focused on the 
wrong things. There was plenty of paperwork but no recognition 
of or action on these problems. This is mind-boggling and may 
be the new textbook definition of ``missing the forest for the 
trees.''
    Here are some basic questions:
    Who knew that these cameras were out for so long?
    Who knew that the false alarm rates were so high?
    Who knew about the huge backlog of security maintenance and 
the overreliance on compensatory measures?
    Who should have known these things who did not?
    And did anyone do anything to fix them?
    And, if they haven't, have they been fired and why not?
    As far as I can tell, the only individual who has been 
fired is the Y-12 protective force officer who initially, if 
belatedly and incompetently, responded to the alarms. And he 
may get rehired as part of a union protest.
    Others at both contractors and NNSA have been reassigned or 
allowed to retire. This does not fit my definition of 
accountability and certainly does not follow the example set 4 
years ago by Secretary Gates.
    Some more complex but equally important problems involve 
the bifurcation of responsibility and accountability for 
security at Y-12. Shortly after the July 28th incident, NNSA 
decided the dual prime contracts at Y-12--one for the 
protective force and one for the broader management of Y-12--
resulted in less effective security. Two contractors were 
responsible for security, and they didn't communicate or 
coordinate like they needed to. NNSA fixed this problem 
immediately after the incident by making one a subcontract to 
the other.
    However, this bifurcation of responsibility and 
accountability for security also exists on the Federal side. 
Both DOE and NNSA have security offices responsible for setting 
security policies, conducting oversight, and ensuring effective 
security is in place. So far, we have yet to see NNSA and DOE 
recognize the problems in their own house, even though they 
immediately recognized it in their contractors.
    Instead, I am seeing a lot of bureaucratic finger pointing 
between NNSA, DOE, and the two contractors at Y-12. This 
bureaucratic backstabbing is also now playing out in the 
Washington Post, with details of supposedly classified reports 
being leaked to the press. That leaking alone is deeply 
troubling, and I expect our witnesses to tell us what they are 
doing to track down where this was leaked from and end it. All 
of this is just another indication that the system is broken.
    There is something deeply and fundamentally wrong with the 
culture in the Forrestal building. If this type of bureaucratic 
warfare had erupted at DOD after the Minot and Taiwan 
incidents, Secretary Gates would have had those people 
terminated immediately.
    I am going to place the remaining portion of my opening 
statement in the record so that I can make certain my ranking 
member has sufficient time to enter hers.
    I just want to conclude with this.
    This is outrageous, unacceptable, and absolutely has to be 
fixed. The American public expects that we would have the 
highest level of security. There is a staff member on this 
committee who opined that the day-care center on Capitol Hill 
may be more protected than our nuclear weapons were on that 
night at Y-12. It is unacceptable. There are people who had 
responsibility for it, and they should be held accountable. 
And, the system needs to be fixed.
    [The prepared statement of Mr. Turner can be found in the 
Appendix on page 13.]
    Mr. Turner. I turn to my ranking member, Loretta Sanchez.

   STATEMENT OF HON. LORETTA SANCHEZ, A REPRESENTATIVE FROM 
  CALIFORNIA, RANKING MEMBER, SUBCOMMITTEE ON STRATEGIC FORCES

    Ms. Sanchez. Thank you, Mr. Chairman, and thank you before 
us.
    Since our last hearing to examine NNSA management and the 
risks for nuclear safety and security, we had this intrusion of 
Y-12 and the inadvertent spread of technetium at one of our 
nuclear weapons laboratories. These are but two recent 
occurrences that highlight the continued need and the 
importance of closely examining safety and security reforms, 
and we need to address what risks are there.
    I'd like to thank Chairman Turner for consistently, over 
this past year in particular, focusing this committee on the 
oversight issues as they relate to what we are going to discuss 
today. Because, I do believe that we have clearly an 
unacceptable problem with respect to management of security and 
safety. And, we need to fix these problems.
    I join the chairman in welcoming Deputy Secretary Dan 
Poneman and Deputy Administrator Neile Miller to help us take a 
closer look at the recent security breach at Y-12. I thank DOE 
Inspector General Gregory Friedman; DOE's Chief Health, Safety 
and Security Officer Glenn Podonsky; and Acting Chief and 
Associate Administrator for the Office of Defense Nuclear 
Security at NNSA Jeff Harrell, who are here and available for 
questioning but not necessarily sitting right in front of us.
    So I think it is pretty historical, this issue that 
happened on July 28. Thank God it was peace activists, and 
thank God it was Sister Rice who was coming through these 
fences--four perimeter fences--at what most of us would expect 
to be one of the most secure sites in the world.
    This is a problem. Not only did they penetrate the 
security, but once they were able to reach the central storage 
facilities for nuclear weapons grade uranium, the security 
response didn't know what to do and wasn't very good at taking 
a look at what was going on and following procedures, most 
importantly, that weren't as laid out as all of us thought they 
would be and, of course, nonfunctioning equipment, 
communication deficiencies, all sorts of problems that we now 
are going to take a look at.
    It is clear that taxpayers in particular and even just from 
a safety standpoint Americans need much more than what we saw 
on that night. So, as Chairman Turner emphasized, we are 
extremely concerned about the deficiencies that came to light.
    First, the contractor's poor performance is inexcusable. 
From the Department of Energy Inspector General Report, we know 
that one of the cameras had been left out of service for 
approximately 6 months. And what we learned yesterday, in the 
testimony given yesterday, that some of the cameras actually 
worked, but they were simply turned off and that people who 
were coming to be the safety net didn't know which cameras were 
on or that even cameras were off. That's a major problem.
    On top of these glaring deficiencies, reports last week 
revealed possible cheating by the contractor on the security 
inspection tests that had been ordered as part of the DOE 
response to the Y-12
intrusion.
    Secondly, the abysmal failure by the contractors, I am 
concerned about a weakening of the Federal oversight process 
that appears to have promoted a ``hands-off'' approach.
    At the NNSA level, it appears that site officials knew 
about several of these deficiencies and yet did not force the 
contractors to take the much-needed corrective actions. The 
DOE-IG [Department of Defense Inspector General] report notes 
with reference to over-reliance at Y-12 on the use of 
compensatory measures to address equipment failures that 
directly impacted security readiness.
    Moreover, as baffling as the deficiencies brought to light 
by this intrusion are, last year's performance evaluation of 
B&W [The Babcock & Wilcox Company] Y-12--the draft of which is 
written by the contractor and merely reviewed by the NNSA 
officials--gave B&W Y-12 a stellar review. More specifically, 
B&W Y-12, responsible for delaying the repair cameras for 
months and failing to do the required maintenance that would 
have reduced the rate of false alarms, received as a rating of 
excellent for its safeguards and security work, contributing to 
B&W Y-12 receiving $51 million in incentive fee for fiscal year 
2011.
    Last year, in an initiative to address concerns of 
excessive and overly burdensome oversight, the Department of 
Energy streamlined and eliminated many DOE safety and security 
directives despite questions about the impact that would have. 
Questioning this initiative, the GAO [Government Accountability 
Office] noted in April of 2012 ``that the benefits of this 
reform are unclear because the DOE did not determine if the 
original directives were in fact burdensome and the reform did 
not fully address the safety
concerns.''
    Mr. Chairman, we have votes on the floor. You and I both 
know that. I would like to put forward the rest of my statement 
for the record.
    But, truly, we have to take a look at what happened here. I 
think there is a lot of blame to go around, and we need to 
correct these issues. And if somebody is not doing their job, 
we need to figure out how to get it right.
    So I thank you for having this hearing. We have the 
responsibility, and now we have the chance to get this right. 
We cannot fail the American people.
    Thank you.
    [The prepared statement of Ms. Sanchez can be found in the 
Appendix on page 17.]
    Mr. Turner. I thank my ranking member, Ms. Sanchez.
    She has reiterated that Members of Congress for a long time 
have had no confidence in DOE and NNSA in providing security 
for these facilities, but we had only a feeling, no proof. We 
now have proof. So this is an issue that has to be addressed.
    Secretary Poneman, I am going to give you 3 minutes to 
summarize an opening statement. We will then return after votes 
with the remainder of the subcommittee with us and go into a 
classified briefing to receive additional details.
    Secretary Poneman, 3 minutes.

   STATEMENT OF HON. DANIEL B. PONEMAN, DEPUTY SECRETARY OF 
               ENERGY, U.S. DEPARTMENT OF ENERGY

    Secretary Poneman. Chairman Turner, Ranking Member Sanchez, 
with your permission, I will summarize and submit my full 
statement for the record.
    Thank you for the invitation to appear before you here 
today to discuss this very, very important issue. We appreciate 
the interest and engagement of this committee, and we recognize 
the important oversight role that you fulfill. We share your 
commitment to ensure that all of our offices and operations are 
delivering on our mission safely, securely, and in a fiscally 
responsible manner.
    As the recent incident at Y-12 demonstrates, the Department 
has fallen short of our own expectations and faces continuing 
challenges in our goals of continuous improvement. The recent 
incident, as Secretary Chu has made clear, is unacceptable; and 
we have taken swift and decisive action to identify and address 
the problems it revealed across the DOE complex.
    Regarding physical protection, we have taken the following 
immediate steps to improve security: Cameras have been repaired 
and tested, guard patrols increased, security policies have 
been strengthened, the number of false and nuisance alarms have 
been greatly reduced to provide more confidence in the 
intrusion detection system.
    We have addressed leadership issues. The top six leaders at 
the management and operating contractor and protective force 
contractor were either allowed to retire or relieved of their 
duties at Y-12. Five members of the protective force were 
fired, demoted, or suspended without pay.
    On the Federal side, the Chief of Defense Nuclear Security 
for the NNSA at headquarters has been reassigned pending the 
outcome of a review. We have also reassigned the most senior 
Federal security official who was at the site at the time, also 
pending the outcome of our internal reviews.
    We have taken steps to deal with the problems that were 
revealed in our contracts at Y-12. Security functions at the Y-
12 site have been brought under one contract, as you noted, Mr. 
Chairman, to ensure continuity of operations and line of 
command.
    A formal show cause letter was issued to the contractor 
that covers the entire scope of operations at Y-12, including 
security. This is a first step toward potentially terminating 
the contracts for both the management and operations site 
contractor and the security subcontractor. Past performance, 
including these deficiencies and terminations, will be 
considered in the awarding of future contracts.
    When it comes to the protective forces, we immediately 
acted to improve the security culture at Y-12. The entire site 
workforce was required to undergo additional security training. 
Nuclear operations at the site were suspended until retraining 
was complete. The former head of security from Pantex moved to 
Y-12 to lead the effort to reform the security culture at the 
site.
    Site managers at all DOE facilities with nuclear material 
were directed to provide their written assurance that all 
nuclear facilities are in full compliance of the Department's 
security policies and directives, as well as internal policies 
established at the site level.
    We will continue to investigate. We will leave no stone 
unturned, Mr. Chairman and Ranking Member Sanchez, as we 
investigate what led to this unacceptable incident at Y-12; and 
we will aggressively review security across all our sites. We 
can go into the details of those reviews when you come back. I 
know you have to vote.
    In conclusion, the series of personnel and management 
changes that I have just described were made to assure the 
highest level of security at the site and across the DOE 
complex. To manage this transition, we have brought some of the 
best security experts from our enterprise to Y-12 to act 
quickly to address the security shortcomings at the site. We 
are also working to make the structural and cultural changes 
required, appropriately, to secure the facility.
    The Secretary and I intend to send a clear message: Lapses 
in security will not be tolerated. We will leave no stone 
unturned to find out what went wrong, and we will take the 
steps necessary to provide effective security at this site and 
across our enterprise.
    And I thank you for your time.
    [The prepared statement of Secretary Poneman can be found 
in the Appendix on page 20.]
    Mr. Turner. We will be adjourned for our classified 
briefing.
    [Whereupon, at 2:25 p.m., the subcommittee adjourned and 
entered a closed briefing.]
?

      
=======================================================================




                            A P P E N D I X

                           September 13, 2012

=======================================================================

      
?

      
=======================================================================


              PREPARED STATEMENTS SUBMITTED FOR THE RECORD

                           September 13, 2012

=======================================================================

      
                    Statement of Hon. Michael Turner

            Chairman, House Subcommittee on Strategic Forces

                               Hearing on

      Y-12 Intrusion: Investigation, Response, and Accountability

                           September 13, 2012

    Good afternoon and welcome to today's hearing on the recent 
security breach at the Y-12 National Security Complex.
    As we all know from the press accounts, in the predawn 
hours of Saturday, July 28, three nuclear disarmament activists 
trespassed onto the grounds of the Y-12 complex in Oak Ridge, 
Tennessee. The activists, including an 82-year-old Catholic 
nun, cut through several fences and entered the high-security 
``Protected Area'' surrounding the Highly Enriched Uranium 
Materials Facility (HEUMF). The activists defaced an exterior 
side of the building with spray paint, human blood, posters, 
crime scene tape, and other items before eventually being 
stopped and detained by members of the protective force. 
Reportedly, even once on the scene the initial protective force 
member apparently did not respond with appropriate urgency.
    This level of intrusion into the perimeter of a highly 
secure nuclear weapons facility is unprecedented--and it is 
completely unacceptable. It is outrageous to think that the 
greatest threat to the American public from weapons of mass 
destruction may be the incompetence of DOE security.
    Let me be clear: I rank this failure alongside the Air 
Force's unauthorized shipments of nuclear weapons to Barksdale 
Air Force Base in 2007 and nuclear weapons components to 
Taiwan, which was reported in 2008.
    From our oversight of those incidents, this subcommittee is 
intimately familiar with how systemic failures--coupled with a 
lack of leadership attention--can lead to massive failures in a 
business with room for none.
    The 2007 Air Force incident revealed deep and systemic 
flaws throughout the Air Force enterprise that allowed that 
incident to occur. It also revealed that both on-the-ground 
personnel and senior leaders in the Air Force had taken their 
eyes off the ball when it came to nuclear weapons. Tellingly, 
we saw Secretary of Defense Gates take strong action to hold 
these people accountable and fix the system.
    As the Y-12 investigations proceed, I expect to see 
similarly strong action with regard to the July 28 incident and 
the leadership, management, and oversight failures that enabled 
it to occur.
    I have had deep reservations regarding NNSA's nuclear 
weapons security posture going back many years. Some of my 
first direct encounters with nuclear weapons security in the 
early 2000s--a visit to Y-12's old nuclear facilities and a 
ride-along with NNSA's Office of Secure Transportation--left me 
deeply concerned that we were not paying sufficient attention 
to the security of our nuclear weapons.
    And let's remember: it was because of massive security 
problems and mismanagement at DOE that led this committee to 
create NNSA in 1999. This Y-12 incident is just one more 
indicator that creation of NNSA hasn't fixed the problems--12 
years later and the entire nuclear weapons enterprise, from the 
budget process to facilities construction and now basic 
security, is fundamentally broken.
    Ranking Member Sanchez and I spoke earlier, and we agreed 
that the system is broken. The Ranking Member and I have 
pledged to conduct a subcommittee investigation and ensure we 
get to the root causes of these failures.
    We both want strong and effective Federal oversight of the 
nuclear enterprise, and we both want the responsible Federal 
and contractor officials to be held accountable. This must 
never happen again. We must make it clear that these failures 
cannot be repeated and those responsible are held accountable. 
Ms. Sanchez and I will demand it.
    Perhaps most troubling to me is that we have heard that 
there were many indicators of problems with Y-12's security 
prior to July 28. These include:
         LSky-high false- and nuisance-alarm rates;
         LCameras that were broken for 6 months; and
         LHuge maintenance backlogs of security 
        critical equipment.
    Some of those indicators go back several years, and many of 
them were reported to NNSA's Y-12 site office on a daily or 
weekly basis. But no one reacted. No one at the contractors, 
NNSA, or DOE followed up on these indicators and forced 
corrective action. I am simply shocked by the failure to 
recognize a near meltdown of critical security lapses that were 
known well before this incident occurred.
    It appears that the Federal overseers were focused on the 
wrong things. There was plenty of paperwork but no recognition 
of--or action on--these problems. This is mind-boggling, and 
may be the new textbook definition of ``missing the forest for 
the trees.''
    Here are some basic questions:
         LWho knew that these cameras were out for so 
        long?
         LWho knew that the false alarm rates were so 
        high?
         LWho knew about the huge backlog of security 
        maintenance and the overreliance on compensatory 
        measures?
         LWho should have known these things?
         LDid they do anything to get it fixed?
         LHave they been fired?
    As far as I can tell, the only individual that has been 
fired is the Y-12 protective force officer who initially--if 
belatedly and incompetently--responded to the alarms. And he 
may get rehired thanks to his union's protest.
    Others at both contractors and NNSA have been 
``reassigned'' or allowed to retire. This does not fit my 
definition of accountability, and certainly does not follow the 
example set 4 years ago by Secretary Gates.
    Some more complex but equally important problems involve 
the bifurcation of responsibility and accountability for 
security at Y-12. Shortly after the July 28 incident, NNSA 
decided the dual prime contracts at Y-12--one for the 
protective force and one for the broader management of Y-12--
resulted in less effective security. Two contractors were 
responsible for security, and they didn't communicate or 
coordinate like they needed to. NNSA fixed this problem 
immediately after the incident by making one a subcontract to 
the other.
    However, this bifurcation of responsibility and 
accountability for security also exists on the Federal side: 
both DOE and NNSA have security offices responsible for setting 
security policies, conducting oversight, and ensuring effective 
security is in place. So far, we have yet to see NNSA or DOE 
recognize this problem in their own house--even though they 
immediately recognized it in their contractors.
    Instead, I'm seeing a lot of bureaucratic finger-pointing 
between NNSA, DOE, and the two contractors at Y-12. This 
bureaucratic backstabbing is also now playing out in the 
Washington Post, with details of supposedly classified reports 
leaked to the press. That leaking alone is deeply troubling and 
I expect our witnesses will tell us what they are doing to 
track that down and put an end to it. All of this is just 
another indication that the system itself is broken.
    There is something deeply and fundamentally wrong with the 
culture in the Forrestal building. If this type of bureaucratic 
warfare had erupted at DOD after the Minot and Taiwan 
incidents, Secretary Gates would have had those involved 
terminated immediately.
    Continuing with the status quo--doing more of the same--
isn't going to resolve the root causes of NNSA and DOE's long 
history of security failures. Dozens of reports and other 
indicators show the system itself is broken, in addition to 
leadership, management, and personnel failures.
    As one example, an independent study of NNSA security 
conducted by Admiral Rich Mies back in 2005 found that many of 
the problems their study identified, ``are not new; many 
continue to exist because of a lack of clear accountability, 
excessive bureaucracy, organizational stovepipes, lack of 
collaboration, and unwieldy, cumbersome processes.''
    As the sole authorizing committee with jurisdiction for the 
nation's nuclear security activities, we take this incident 
very seriously. We must understand the details of what actually 
happened during this incident and the failures that allowed it 
to happen. We must also understand what corrective actions are 
being taken, who is being held accountable, and the ongoing 
investigations. And, as I mentioned, the Ranking Member and I 
are in lock-step about this. There are no politics here.
    To enable this in-depth discussion, we must get beyond the 
press accounts and discuss sensitive details. Therefore, with 
agreement of the Ranking Member, after opening statements from 
the witnesses we are going to immediately transition into a 
classified session. We want a full and vigorous discussion--and 
this can only take place in a closed session. The subcommittee 
will continue to conduct rigorous oversight of this matter in 
the months ahead, and we anticipate further subcommittee 
oversight activities in the future.
    Today, we have two of the senior officials responsible for 
ensuring nuclear security at DOE facilities. They are:
         LThe Honorable Daniel B. Poneman, Deputy 
        Secretary of Energy, U.S. Department of Energy; and
         LThe Honorable Neile L. Miller, Principal 
        Deputy Administrator, National Nuclear Security 
        Administration.
    Thank you to our witnesses for appearing today--we look 
forward to your testimony and the detailed discussion during 
the subsequent briefing. I know we all want to make sure this 
doesn't happen again--because next time it may not be an 82-
year-old nun.
    I'd like to note that during a recent office visit with 
Deputy Secretary Poneman, he agreed that DOE, NNSA, and its 
contractors would fully cooperate with the subcommittee's 
investigation. I thank him for that commitment and look forward 
to our continuing discussion.

                   Statement of Hon. Loretta Sanchez

         Ranking Member, House Subcommittee on Strategic Forces

                               Hearing on

      Y-12 Intrusion: Investigation, Response, and Accountability

                           September 13, 2012

    Since our last hearing to examine NNSA management and the 
risks for nuclear safety and security, we have had the 
intrusion at Y-12 and the inadvertent spread of technetium at 
one of the nuclear weapons laboratories. These are but two 
recent occurrences that highlight the continued importance of 
closely examining what safety and security reforms are 
warranted and what risks must be addressed. I would like to 
thank Chairman Turner for focusing our Subcommittee on these 
important oversight issues this year and for the opportunity to 
delve into what have become clearly unacceptable management 
problems that have plagued a broken system.
    I join the Chairman in welcoming Deputy Secretary Dan 
Poneman and Deputy Administrator Neile Miller to help us take a 
closer look at the recent security breach at Y-12. I thank 
Department of Energy Inspector General Gregory Friedman; DOE's 
Chief Health, Safety and Security Officer Glenn Podonsky; and 
Acting Chief and Associate Administrator for the Office of 
Defense Nuclear Security at the NNSA Jeff Harrell, for being 
available to answer our questions in the closed briefing that 
will follow this open hearing.
    On July 28, a historically unprecedented intrusion whereby 
three peace activists, including an 82-year-old nun, were able 
to penetrate, without being intercepted, four perimeter fences, 
at what is expected to be one of the most secure sites in the 
world. Not only did they penetrate the security zone but were 
able to reach the country central storage facility for nuclear 
weapons-grade uranium, as the security response was 
inexplicably hampered by nonfunctioning equipment, 
communication deficiencies, and numerous failures to follow 
prescribed procedures for responding to alarms and security 
breaches.
    It is clear that we owe the taxpayers and the security of 
our country stronger oversight and stricter accountability on 
nuclear safety and security.
    As Chairman Turner emphazised, we are extremely concerned 
about the deficiencies that came to light and about whether 
security readiness is ready for prime-time given the serious 
gaps in contractor implementation and Federal oversight.
    First, the contractor's poor performance is inexcusable. 
From the Department of Energy Inspector General Report, we know 
one of the broken cameras had been left out of service for 
approximately 6 months. Some cameras as was revealed in 
yesterday's congressional hearing were inoperable simply 
because the switch was turned off. Security guards were not 
aware of which cameras were nonoperational at the time they 
assumed their post. The false alarm rate was on the order of 
hundreds of false alarms a day.
    On top of these glaring deficiencies, reports last week 
revealed possible cheating by the contractor on a security 
inspection test that had been ordered as part of the DOE 
response to the Y-12 intrusion.
    Second, beyond the abysmal failure by the contractors, I am 
concerned about a weakening of the Federal oversight process 
that appears to have promoted a ``hands-off'' approach:
    At the NNSA level: It appears NNSA site officials knew 
about several of these deficiencies and yet did not force the 
contractors to take much-needed corrective actions. The DOE IG 
report notes with reference to overreliance at Y-12 on the use 
of compensatory measures to address equipment failures that 
directly impacted security readiness, ``federal officials 
[stated] that with the advent of NNSA's contractor governance 
system (Contractor Assurance System), they could no longer 
intervene . . . to address growing maintenance backlogs.'' This 
raises serious questions about competency, and about whether 
there has been a growing trend of relegating much 
decisionmaking authority to the contractor despite glaring 
performance failures that underlay a lack of security 
readiness.
    Moreover, as baffling as the deficiencies brought to light 
by this intrusion are, last year's performance evaluation of 
B&W Y-12--the draft of which is written by the contractor and 
merely reviewed by NNSA officials--gave B&W Y-12 a stellar 
review. More specifically, B&W Y-12, responsible for delaying 
the repair of cameras for months and failing to do the required 
maintenance that would have reduced the rate of false alarms, 
received an a rating of ``excellent'' for its Safeguards and 
Security work, contributing to B&W Y-12 receiving $51 million 
in incentive fee for FY 2011.
    With regard to DOE: Last year in an initiative to address 
concerns of excessive and overly burdensome oversight, the 
Department of Energy streamlined and eliminated many DOE safety 
and security directives despite questions about the impact. 
Questioning this initiative, the Governmental Accountability 
Office (GAO) noted in April 2012 ``that the benefits of this 
reform are unclear because the DOE did not determine if the 
original directives were in fact burdensome and the reform did 
not fully address safety concerns.''
    As another example, in a revised executive order (DOE Order 
227.1) last year loosening contractor accountability, DOE 
reduced the requirements on the contractors for implementing 
corrective actions to address deficiencies identified by the 
independent Health Safety and Security Office.
    Furthermore, GAO has noted that the DOE directives reform 
effort gave ``the NNSA site offices, rather than DOE's Office 
of Independent Oversight staff, responsibility for correcting 
problems identified in independent assessments.''
    Third, and a final point: Independent oversight remains 
crucial to ensuring security readiness that is up to the task 
of protecting weapons-usable material.
    We have heard the refrain in previous hearings this year 
that Federal oversight was overly burdensome. And the authors 
of the NAS report testified before our Subcommittee that ``A 
great deal of work that has been accomplished over the years in 
safety and security has required extensive effort by the NNSA 
and the laboratories. We believe these efforts have been 
strengthened to the point where they no longer need the current 
level special attention to assure high quality results in 
laboratory operations.''
    However, as brought to light in the Washington Post 
yesterday, it was independent oversight by the Department of 
Energy 2 years ago that sounded the alarm on lax security at Y-
12, and found that ``security cameras were inoperable, 
equipment maintenance was sloppy and guards were poorly 
trained.''
    I remain deeply concerned about efforts that could weaken 
Federal safety and security oversight, including controversial 
provisions on nuclear safety and security in the FY 2013 House 
National Defense Authorization bill. The recent IG report noted 
that an NNSA official stated that ``they had been instructed 
not to evaluate and report on `how' the contractors were 
conducting business, but to focus instead on ensuring that the 
mission was accomplished.''
    This incident should inject urgency in the need to ensure 
that Federal officials have direct access to the contractors in 
charge of security. It is also the latest indicator that 
overseeing how security is provided remains crucial to avoid 
another potentially more serious accident.
    This will require strong leadership, access to the 
contractor and independent expertise.
    The silver lining in this appalling event at Y-12 is that 
these were not terrorists bent on attacking the facilities, 
that the new HEUMF facility is extremely robust, as opposed to 
the nearby 60-year-old 9212 facility, and finally that we did 
not have a trigger-happy guard mistakenly kill an 82-year-old 
nun.
    But this is a wake-up call about the serious deficiencies 
in safety culture and woeful gaps in oversight that allowed 
this situation to occur.
    We have the responsibility--and now the chance--to get this 
right. We cannot afford to fail again. 

[GRAPHIC] [TIFF OMITTED] T6217.001

[GRAPHIC] [TIFF OMITTED] T6217.002

[GRAPHIC] [TIFF OMITTED] T6217.003

[GRAPHIC] [TIFF OMITTED] T6217.004

[GRAPHIC] [TIFF OMITTED] T6217.005

[GRAPHIC] [TIFF OMITTED] T6217.006

[GRAPHIC] [TIFF OMITTED] T6217.007

[GRAPHIC] [TIFF OMITTED] T6217.008

[GRAPHIC] [TIFF OMITTED] T6217.009

[GRAPHIC] [TIFF OMITTED] T6217.010

?

      
=======================================================================


              QUESTIONS SUBMITTED BY MEMBERS POST HEARING

                           September 13, 2012

=======================================================================

      
                   QUESTIONS SUBMITTED BY MS. SANCHEZ

    Ms. Sanchez. In the past few years, NNSA issued security directives 
(NAPs) that replace DOE directives. The NAPs were intended to allow 
more flexibility in implementing security requirements and reduce the 
costs of security; they provided less rigorous requirements in certain 
areas such as maintenance of alarm systems and gave more authority to 
lower level managers to accept risks. Meanwhile, NNSA has favored a 
system with less independent oversight and instead relied more on the 
contractor self-assessments and the contractors ability to establish 
effective safety and security programs and manage risk.
    Our House NDAA bill also gives more authority to NNSA, blocking 
independent on safety and security. We heard from several laboratory 
directors about burdensome regulations and excessive oversight were 
hindering productivity at the laboratories.
      Is it your view that NNSA sites conduct effective 
oversight?
      Do contractors have too little independent oversight, or 
too much?
      Do you believe that the incident is the result of overly 
burdensome security requirements, as some have claimed?
      Do you think that NNSA has gone too far in delegating 
responsibility for making security decisions to its contractors?
      In light of the Y-12 incident, are you concerned that new 
NAPs may be inconsistent or have fewer requirements than DOE 
regulations? Will you direct NNSA to rescind these NAPs or allow them 
to go forward?
      Should independent oversight be strengthened?
    Secretary Poneman. The Y-12 incident and subsequent Office of 
Health, Safety and Security (HSS) Independent Oversight inspection 
identified numerous examples of inadequate Federal oversight by line 
management and ineffective contractor assurance systems. For example, 
we learned that NNSA Federal oversight and assessment activities did 
not effectively evaluate all safeguards and security areas, and the 
ensuing analyses did not provide an adequate basis to conclude that 
Departmental assets were being protected at the required levels. We 
also learned that NNSA performance measures (used to help influence 
decisions regarding contractor award fees) did not accurately depict 
actual contractor performance. Self-assessments conducted by both site 
contractors generally provided more information about the status of 
processes than of the actual effectiveness of security measures that 
were in place ``on the ground.'' Contractor self-assessment reports 
often contained insufficient information regarding security program 
implementation, failed to identify deficiencies, or lacked the analyses 
to support conclusions. Consequently, reports did not accurately inform 
NNSA and contractor line management of the effectiveness of existing 
security programs to support decisions regarding future security 
activities. Weaknesses in contractor, site office, and NNSA 
Headquarters Defense Nuclear Security oversight and assurance systems 
essentially presented NNSA senior management with an inaccurate picture 
of the overall health of the protection program at Y-12, thereby 
missing the opportunity to identify early indicators of problems that 
might have mitigated the security breach. While these deficiencies were 
especially pronounced at Y-12, HSS Independent Oversight reviews at 
other sites have also concluded that contractor assurance systems have 
not sufficiently matured and that weaknesses persist in NNSA Federal 
line management oversight.
    We believe that rigorous, performance-based, independent oversight 
is a critical element of DOE's approach to self-regulation, 
particularly for high consequence facilities and activities such as 
nuclear operations and nuclear security. The Government remains 
responsible for these facilities and for the potentially dramatic 
adverse consequences of failures in nuclear safety and nuclear 
security, and the Government provides our contractors billions of 
dollars of indemnification for nuclear accidents. Consequently, we have 
an obligation to ensure that those contractors are operating these 
facilities safely and securely. While DOE (including NNSA) line 
management has the primary responsibility for managing and overseeing 
contractor performance, our HSS Independent Oversight office has no 
responsibility for the mission and activities being reviewed. 
Consequently, HSS is able to provide the Secretary and me, along with 
line management, objective and unbiased feedback on performance. We 
believe that our contractors currently receive an appropriate level of 
independent oversight.
    No, the Y-12 incident was not at all the result of overly 
burdensome security requirements. Over the period of 2009-2010, the 
Department went through a systematic review to reform all of its safety 
and security directives. The outcome of that effort was the development 
of a more concise set of non-duplicative requirements and directives 
that produce effective protection and efficient operations. Our safety 
and security regulations and directives identify the necessary 
requirements to protect workers, the public, the environment, and 
national security assets. They also provide contractors the flexibility 
to meet the requirements in the most efficient manner, and are 
streamlined through consolidation or elimination of duplicative or 
unnecessary provisions.
    The Y-12 incident was partly the result of overly broad delegation 
of inherently governmental risk acceptance authority to the contractor, 
which was made without effective Federal review. This inappropriate 
delegation of responsibility to the contractor was enabled by 
inappropriate and/or ambiguous provisions in NNSA Policy documents 
(NAPs). At Y-12, the contractor ``cognizant security authority'' 
appeared to be unconstrained, with Federal officials deferring to the 
contractor for most decisions impacting the site security mission.
    A number of concerns were identified with security NAPs. In some 
cases, they provided a less rigorous standard of protection than 
Departmental directives or were not consistent with Governmentwide 
security requirements. In other cases, they provide for an 
inappropriate degree of delegation of risk acceptance authority to 
contractors. The Secretary and I believe, and the NNSA Administrator 
agrees, that there should be a single set of DOE security directives 
governing all Departmental operations, including those of the NNSA. The 
Administrator will rescind the security NAPs so that they will no 
longer be applied as a substitute for Departmental requirements. A 
revised version of NAPs may be utilized to provide additional 
implementing instructions, consistent with Departmental directives, to 
NNSA sites.
    Yes. The Secretary has re-emphasized the importance of HSS 
Independent Oversight as a critical element of the Department's 
governance approach, and past GAO reviews have pointed to the 
importance of and need to strengthen independent oversight. The 
Secretary has also directed HSS Independent Oversight to undertake more 
rigorous inspections, to include force-on-force performance testing of 
the protection of special nuclear material at all Category I sites over 
a 12 month period. For many years, HSS Independent Oversight has 
implemented a rigorous force-on-force performance testing program that 
has been regarded by the U.S. Nuclear Command and Control System staff 
as a model for Federal agencies with nuclear security missions. The 
Secretary has also directed HSS Independent Oversight to further 
enhance that program by expanding the scope and variety of performance 
testing methods utilized to assess the readiness of DOE/NNSA site 
protection systems against a broader spectrum of threats and adversary 
capabilities. Performance testing methodologies will include no-notice 
and limited notice testing to obtain a more realistic assessment of 
site response capabilities.
    Ms. Sanchez. As GAO asked, why does HSS not have the power to 
enforce its own recommendations?
    Secretary Poneman. The role of the HSS Independent Oversight office 
is to conduct appraisals to evaluate the performance of DOE line 
organizations and contractors, and to identify deficiencies where they 
are detected. HSS Independent Oversight may also provide 
recommendations to DOE line management on approaches to addressing the 
deficiencies. DOE line management and its contractors are required by 
Departmental directive to evaluate deficiencies identified by HSS 
Independent Oversight, including identifying the reasons for the 
deficiencies, and to develop and implement corrective actions plans for 
problems identified as ``significant deficiencies''. Our DOE field 
offices and contractors are accountable to the head of their respective 
program offices, such as the NNSA Administrator, and ultimately to the 
Secretary and me for ensuring that problems are adequately and promptly 
addressed. HSS Independent Oversight has the authority to monitor 
implementation of those corrective measures and to report back to 
senior program office officials and to me if there are any concerns as 
to responsiveness or effectiveness of actions. This arrangement 
appropriately places the responsibility and accountability for 
corrective actions with DOE line management, with HSS Independent 
Oversight serving to monitor the effectiveness of actions on behalf of 
the Secretary and Deputy Secretary.
    Ms. Sanchez. Please provide any report or analysis that Department 
of Energy/NNSA may produce on whether security should be transferred to 
the Department of Defense, including costs, legal issues, and whether 
the deficiencies that led to the failures would/could be avoided if 
security was shifted to the military?
    Secretary Poneman. The Department of Energy (including the NNSA) 
has not produced any report or analysis on the subject of transferring 
responsibility for security to the Department of Defense.
    Ms. Sanchez. How would the House National Defense Authorization 
provisions impact Federal oversight of security operations? What are 
the benefits and risks of these provisions? Please provide your views 
on these provisions.
    Secretary Poneman. The Department of Energy, including the National 
Nuclear Security Administration (NNSA), strongly oppose certain 
sections of the bill because they would unduly restrict the authority 
of the Secretary of Energy, weaken safety standards, and/or 
fundamentally alter the nature of the relationship between the 
Department and its contractors.
    Sections 3113 and 3133 would excessively restrict the authority of 
the Secretary of Energy to oversee the management and operations of the 
NNSA. They would restrict the Secretary's ability to select the most 
appropriate oversight mechanism for its contractors. While we recognize 
that performance-based standards are an effective tool and may be 
sufficient for some low hazard/consequence activities, we believe that 
the Department must retain the ability to select the oversight 
mechanism that best protects national security interests for a given 
project, particularly for high hazard/consequence activities, such as 
operation of nuclear facilities or protection of special nuclear 
materials. The bill hampers our ability to tailor our approach to the 
needs of the Government. Limiting the Department's ability to oversee 
contracts as appropriate may lead to more inefficiency and waste, not 
less. The fact that the Department's mandate is to provide adequate 
protection for its workers and the public while managing unique hazards 
as it conducts high-consequence activities, such as nuclear safety and 
security, makes it particularly important that the Department retain 
the ability to use all necessary tools to fulfill its mission. We 
believe that independent oversight of safety and security standards, by 
an organization outside the line management chain that does not have 
conflicting priorities, is an important protection for the health and 
safety of our workers and the public. Given the nature and complexity 
of its mission, and, in particular, its obligation to preserve and 
protect America's national nuclear safety and security, the Department 
must address a number of unique, complex safety and security issues. We 
believe that it is essential for the Department to retain flexibility 
to safeguard against those unique risks, using all of the tools that 
science and our experience in this area afford. The proposed bill 
limits our ability to determine how best to execute the Department's 
mission safely, securely, and effectively.
    Section 3115 would mandate that the NNSA alone establish and 
oversee health, safety and security at its facilities. Independent 
oversight of safety and security is an important protection for the 
health and safety of our workers and the public. The provision would 
also exempt the NNSA from the Department's existing process to enforce 
and ensure accountability for meeting safety and security requirements. 
Similarly, the bill would restrict the Department's ability to 
prescribe health and safety regulations regarding non nuclear 
activities that are more stringent than Occupational Safety and Health 
Administration standards, by requiring waivers to permit use of more 
stringent standards. While we believe in the importance of streamlining 
regulatory burdens, we believe that the Department must be able to 
prescribe a safety regime that meets its unique needs without having to 
use waivers to do so.

    Ms. Sanchez. NNSA knew about the alarm rate, the broken cameras, 
and the overreliance on compensatory measures.
      Why did site officials not intervene to fix these 
failures in a timely manner?
      Why were compensatory measures allowed to become in 
effect an indefinite solution?
    Ms. Miller. NNSA did not know all the details of the situation. 
Please see answers below.
    Site officials did not intervene because they lacked perspective on 
the impact that broken PIDAS cameras and an excessive number of 
compensatory measures would have on overall system effectiveness. They 
were involved in neither setting maintenance priority for the PIDAS 
cameras nor the approval of compensatory measures because local 
implementation of the NNSA directives in effect at the time placed 
those decisions with the contractor.
    From the contractor's perspective, compensatory measures were often 
less expensive and the incentive to repair was not sufficiently high to 
require immediate action. From a site office perspective, the 
contractor was viewed as following a process in line with NNSA policy 
and expectation. At the same time, the site vulnerability analysis team 
was used to assign case specific compensatory measures and did not look 
at the broader implications of individual decisions.
    Ms. Sanchez. In the past few years, NNSA issued security directives 
(NAPs) that replace DOE directives. The NAPs were intended to allow 
more flexibility in implementing security requirements and reduce the 
costs of security; they provided less rigorous requirements in certain 
areas such as maintenance of alarm systems and gave more authority to 
lower level managers to accept risks. Meanwhile, NNSA has favored a 
system with less independent oversight and instead relied more on the 
contractor self-assessments and the contractors ability to establish 
effective safety and security programs and manage risk.
    Our House NDAA bill also gives more authority to NNSA, blocking 
independent on safety and security. We heard from several laboratory 
directors about burdensome regulations and excessive oversight were 
hindering productivity at the laboratories.
      Is it your view that NNSA sites conduct effective 
oversight?
      Do contractors have too little independent oversight, or 
too much?
      Do you believe that the incident is the result of overly 
burdensome security requirements, as some have claimed?
      Do you think that NNSA has gone too far in delegating 
responsibility for making security decisions to its contractors?
      In light of the Y-12 incident, are you concerned that new 
NAPs may be inconsistent or have fewer requirements than DOE 
regulations? Will you direct NNSA to rescind these NAPs or allow them 
to go forward?
      Should independent oversight be strengthened?
    Ms. Miller. The Y-12 incident and subsequent Office of Health, 
Safety and Security (HSS) Independent Oversight inspection identified 
numerous examples of inadequate Federal oversight by line management 
and ineffective contractor assurance systems. For example, we learned 
that NNSA Federal oversight and assessment activities did not 
effectively evaluate all safeguards and security areas, and the ensuing 
analyses did not provide an adequate basis to conclude that 
Departmental assets were being protected at the required levels. We 
also learned that NNSA performance measures (used to help influence 
decisions regarding contractor award fees) did not accurately depict 
actual contractor performance. Self-assessments conducted by both site 
contractors generally provided more information about the status of 
processes than of the actual effectiveness of security measures that 
were in place ``on the ground.'' Contractor self-assessment reports 
often contained insufficient information regarding security program 
implementation, failed to identify deficiencies, or lacked the analyses 
to support conclusions. Consequently, reports did not accurately inform 
NNSA and contractor line management of the effectiveness of existing 
security programs to support decisions regarding future security 
activities. Weaknesses in contractor, site office, and NNSA 
Headquarters Defense Nuclear Security oversight and assurance systems 
essentially presented NNSA senior management with an inaccurate picture 
of the overall health of the protection program at Y-12, thereby 
missing the opportunity to identify early indicators of problems that 
might have mitigated the security breach. While these deficiencies were 
especially pronounced at Y-12, HSS Independent Oversight reviews at 
other sites have also concluded that contractor assurance systems have 
not sufficiently matured and that weaknesses persist in NNSA Federal 
line management oversight.
    We believe that rigorous, performance-based, independent oversight 
is a critical element of DOE's approach to self-regulation, 
particularly for high consequence facilities and activities such as 
nuclear operations and nuclear security. The Government remains 
responsible for these facilities and for the potentially dramatic 
adverse consequences of failures in nuclear safety and nuclear 
security, and the Government provides our contractors billions of 
dollars of indemnification for nuclear accidents. Consequently, we have 
an obligation to ensure that those contractors are operating these 
facilities safely and securely. While DOE (including NNSA) line 
management has the primary responsibility for managing and overseeing 
contractor performance, our HSS Independent Oversight office has no 
responsibility for the mission and activities being reviewed. 
Consequently, HSS is able to provide the Secretary and me, along with 
line management, objective and unbiased feedback on performance. We 
believe that our contractors currently receive an appropriate level of 
independent oversight.
    No, the Y-12 incident was not at all the result of overly 
burdensome security requirements. Over the period of 2009-2010, the 
Department went through a systematic review to reform all of its safety 
and security directives. The outcome of that effort was the development 
of a more concise set of non-duplicative requirements and directives 
that produce effective protection and efficient operations. Our safety 
and security regulations and directives identify the necessary 
requirements to protect workers, the public, the environment, and 
national security assets. They also provide contractors the flexibility 
to meet the requirements in the most efficient manner, and are 
streamlined through consolidation or elimination of duplicative or 
unnecessary provisions.
    The Y-12 incident was partly the result of overly broad delegation 
of inherently governmental risk acceptance authority to the contractor, 
which was made without effective Federal review. This inappropriate 
delegation of responsibility to the contractor was enabled by 
inappropriate and/or ambiguous provisions in NNSA Policy documents 
(NAPs). At Y-12, the contractor ``cognizant security authority'' 
appeared to be unconstrained, with Federal officials deferring to the 
contractor for most decisions impacting the site security mission.
    A number of concerns were identified with security NAPs. In some 
cases, they provided a less rigorous standard of protection than 
Departmental directives or were not consistent with Governmentwide 
security requirements. In other cases, they provide for an 
inappropriate degree of delegation of risk acceptance authority to 
contractors. The Secretary and I believe, and the NNSA Administrator 
agrees, that there should be a single set of DOE security directives 
governing all Departmental operations, including those of the NNSA. The 
Administrator will rescind the security NAPs so that they will no 
longer be applied as a substitute for Departmental requirements. A 
revised version of NAPs may be utilized to provide additional 
implementing instructions, consistent with Departmental directives, to 
NNSA sites.
    Yes. The Secretary has re-emphasized the importance of HSS 
Independent Oversight as a critical element of the Department's 
governance approach, and past GAO reviews have pointed to the 
importance of and need to strengthen independent oversight. The 
Secretary has also directed HSS Independent Oversight to undertake more 
rigorous inspections, to include force-on-force performance testing of 
the protection of special nuclear material at all Category I sites over 
a 12 month period. For many years, HSS Independent Oversight has 
implemented a rigorous force-on-force performance testing program that 
has been regarded by the U.S. Nuclear Command and Control System staff 
as a model for Federal agencies with nuclear security missions. The 
Secretary has also directed HSS Independent Oversight to further 
enhance that program by expanding the scope and variety of performance 
testing methods utilized to assess the readiness of DOE/NNSA site 
protection systems against a broader spectrum of threats and adversary 
capabilities. Performance testing methodologies will include no-notice 
and limited notice testing to obtain a more realistic assessment of 
site response capabilities.
    Ms. Sanchez. NNSA announced a return to incorporating security 
operations within one prime contract that would also cover operations.
      Please provide a copy of the analysis that preceded this 
decision.
      How will the change to the contracting structure fix 
these problems? What risks, challenges or uncertainties does it create?
      Will the prime be allowed to sub-contract security 
operations? Why not?
      How will the new contracting structure allow for 
strengthened Federal oversight over security operations?
      Will NNSA/DOE be able to have access to the security 
contractor?
      Are there any expected cost savings? How much?
    Ms. Miller. The decision to assign the WSI contract under B&W at Y-
12 until the new contract is awarded was made to promptly address 
issues at the site.
    The change in contract structure will ensure full integration of 
all aspects of the safeguards and security program under a single 
management structure. The July 28, 2012, security breach at Y-12 
exposed weaknesses in integrating critical security functions where the 
separate incumbent contractors shared responsibilities for the overall 
safeguards and security program.
    The prime contractor will not be allowed to sub-contract security 
operations in the combined Y-12/Pantex contract. This restriction was 
made to ensure that NNSA has direct oversight of the entire breadth of 
Security operations.
    Consolidating security work with plant operations will facilitate 
more streamlined and focused Federal oversight by eliminating the need 
for the Government to manage multiple contracts that require integrated 
activities at one site.
    Yes, the decision to preclude subcontracting Security operations 
was done to ensure that NNSA has direct access to the entire breadth of 
Security operations.
    Previous NNSA analysis has indicated that enveloping security 
services within the M&O contract will likely result in increased costs 
to the Government; however, the potential risks associated with a 
diversified contractual approach in the current Y-12 environment 
required an immediate remedy.
    Ms. Sanchez. Please provide any report or analysis that Department 
of Energy/NNSA may produce on whether security should be transferred to 
the Department of Defense, including costs, legal issues, and whether 
the deficiencies that led to the failures would/could be avoided if 
security was shifted to the military?
    Ms. Miller. NNSA has not produced any report or analysis regarding 
the subject of transferring responsibility for security to the 
Department of Defense. This effort would require collaboration between 
both organizations to properly address and respond appropriately to the 
question.
    Ms. Sanchez. How would the House National Defense Authorization 
provisions impact Federal oversight of security operations? What are 
the benefits and risks of these provisions? Please provide your views 
on these provisions.
    Ms. Miller. The Administration strongly opposes sections 3202, 
3115, 3113, and 3151. These provisions severely hamper external, 
independent oversight by the Defense Nuclear Facilities Safety Board; 
move regulatory authority from independent offices and agencies to the 
NNSA Administrator; require a weaker standard of contractor governance, 
management, and oversight; and eliminate DOE's flexibility to determine 
the appropriate means of assessing the unique risks that it confronts 
in its facilities. By lowering safety standards for the nuclear weapons 
complex and reducing requested funding for health, safety, and 
security, these provisions would weaken protections for workers and the 
general public.
    Sections 3113 would excessively restrict the authority of the 
Secretary of Energy to oversee the management and operations of the 
NNSA. This section would restrict the Secretary's ability to select the 
most appropriate oversight mechanism for its contractors.
    The term ``performance-based standards'' is referenced under 
section 3113, states with respect to a covered contract, means that 
contract includes the use of performance work statements that set forth 
contact requirements in clear, specific, and objective terms with 
measurable outcomes. The definition listed in section 3113, does not 
accurately reflect the NNSA performance-based approach, which is being 
implemented to include a comprehensive and detailed method with 
performance testing evaluation of specific security operations and 
activities to determine security program effectiveness. Additionally, 
NNSA must retain the ability to select the best oversight mechanism 
given its high security hazard/consequence activities, such as 
operation of nuclear facilities and protection of special nuclear 
materials. The fact that the NNSA's mandate is to provide adequate 
protection for its workers and assets while managing unique hazards as 
it conducts high-consequence activities (e.g., nuclear security) makes 
it particularly important that the NNSA retain the ability to use all 
necessary tools to fulfill its mission. The proposed bill limits our 
ability to determine how best to execute the NNSA's mission securely 
and effectively.
    Within the NNSA, we recognize a need for a Headquarters security 
assessment element between the site level and the independent oversight 
provided by the Office of Health, Safety, and Security. NNSA is 
establishing a Performance Assessment Division within the Office of 
Defense Nuclear Security for security assessment of contractors and 
Federal field organization performance, including no-notice and/or 
short notice evaluations. The division will also assess training 
effectiveness, policy implementation, and the proper execution of 
vulnerability assessments. This entity will be used to verify that 
security programs are properly implemented and provide a nuclear 
security enterprise viewpoint to NNSA senior leadership.
    Section 3115 would mandate that the NNSA alone establish and 
oversee health, safety, and security at its facilities, which would 
deprive NNSA of an essential function provided by the HSS Office of 
Independent Oversight. The Office of Independent Oversight is an 
important independent element, which assists in the inspection process 
of our facilities and assets. The provision would hamper existing 
function to enforce and ensure accountability for meeting security 
requirements. Similarly, the bill would restrict the NNSA's ability to 
prescribe health and security regulations regarding non-nuclear 
activities that are more stringent than Occupational Safety and Health 
Administration standards by requiring waivers to permit use of more 
stringent standards. We believe that the NNSA must be able to prescribe 
a regime that meets its unique needs without having to use waivers.
    Ms. Sanchez. What was the cost of shutting down Y-12 site following 
the incident, and was there any impact on schedule for programs?
    Ms. Miller. The actual cost accounted for by Y-12 was approximately 
$2.9M primarily for the fully burdened labor rates of those people who 
could not perform their primary/alternative duties during the shutdown. 
B&W Y-12 made up any schedule challenges created during the security 
shutdown and completed all primary deliverables scheduled for the year. 
While they made up the schedule using overtime as needed, the overtime 
costs for the year were considerably less than programmed for the year 
in the rates. This was accomplished by the contractor reducing overtime 
throughout the year in an effort to create savings. When the security 
event happened, they were executing at less than 50% overtime compared 
to planned rates based on prior years. The overtime needed to get back 
on schedule did not exceed planned annual overtime rates.

                                  
