[Senate Hearing 113-733]
[From the U.S. Government Publishing Office]





                                                        S. Hrg. 113-733

    SECURING RADIOLOGICAL MATERIALS: EXAMINING THE THREAT NEXT DOOR

=======================================================================

                                HEARING

                               before the

                              COMMITTEE ON
               HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS
                          UNITED STATES SENATE

                    ONE HUNDRED THIRTEENTH CONGRESS


                             SECOND SESSION

                               __________

                             JUNE 12, 2014

                               __________

        Available via the World Wide Web: http://www.fdsys.gov/

                       Printed for the use of the
        Committee on Homeland Security and Governmental Affairs
        
        
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    
        
        
        
        
        
        
        
 
                         U.S. GOVERNMENT PUBLISHING OFFICE 

90-920 PDF                     WASHINGTON : 2015 
-----------------------------------------------------------------------
  For sale by the Superintendent of Documents, U.S. Government Publishing 
  Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; 
         DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, 
                          Washington, DC 20402-0001       
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        

        COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS

                  THOMAS R. CARPER, Delaware Chairman
CARL LEVIN, Michigan                 TOM COBURN, Oklahoma
MARK L. PRYOR, Arkansas              JOHN McCAIN, Arizona
MARY L. LANDRIEU, Louisiana          RON JOHNSON, Wisconsin
CLAIRE McCASKILL, Missouri           ROB PORTMAN, Ohio
JON TESTER, Montana                  RAND PAUL, Kentucky
MARK BEGICH, Alaska                  MICHAEL B. ENZI, Wyoming
TAMMY BALDWIN, Wisconsin             KELLY AYOTTE, New Hampshire
HEIDI HEITKAMP, North Dakota

                  Gabrielle A. Batkin. Staff Director
               John P. Kilvington, Deputy Staff Director
            Harlan C. Geer, Senior Professional Staff Member
               Carly A. Covieo, Professional Staff Member
            Deirdre G. Armstrong, Professional Staff Member
               Keith B. Ashdown, Minority Staff Director
         Daniel P. Lips, Minority Director of Homeland Security
          William H.W. McKenna, Minority Investigative Counsel
                     Laura W. Kilbride, Chief Clerk
                   Lauren M. Corcoran, Hearing Clerk
                   
                   
                   
                   
                   
                   
                   
                   
                   
                   
                   
                   
                            C O N T E N T S

                                 ------                                
Opening statements:
                                                                   Page
    Senator Carper...............................................     1
Prepared statements:
    Senator Carper...............................................    25

                               WITNESSES
                        Thursday, June 12, 2014

Hon. Anne Harrington, Deputy Administrator for Defense Nuclear 
  Nonproliferation, National Nuclear Security Administration, 
  U.S. Department of Energy......................................     4
Huban A. Gowadia, Ph.D., Director, Domestic Nuclear Detection 
  Office, U.S. Department of Homeland Security...................     6
Mark A. Satorius, Executive Director for Operations, U.S. Nuclear 
  Regulatory Commission..........................................     8
David Trimble, Director, Natural Resources and Environment, U.S. 
  Government Accountability Office...............................    10

                     Alphabetical List of Witnesses

Gowadia, Huban A.:
    Testimony....................................................     6
    Prepared statement...........................................    36
Harrington, Hon. Anne:
    Testimony....................................................     4
    Prepared statement...........................................    27
Satorius, Mark A.:
    Testimony....................................................     8
    Prepared statement...........................................    42
Trimble, David:
    Testimony....................................................    10
    Prepared statement...........................................    50

                                APPENDIX

Charts referenced by Senator Carper..............................    57

 
    SECURING RADIOLOGICAL MATERIALS: EXAMINING THE THREAT NEXT DOOR

                              ----------                              


                        THURSDAY, JUNE 12, 2014

                                     U.S. Senate,  
                           Committee on Homeland Security  
                                  and Governmental Affairs,
                                                    Washington, DC.
    The Committee met, pursuant to notice, at 10:32 a.m., in 
room SD-342, Dirksen Senate Office Building, Hon. Thomas R. 
Carper, Chairman of the Committee, presiding.
    Present: Senator Carper.

              OPENING STATEMENT OF CHAIRMAN CARPER

    Chairman Carper. This hearing will come to order.
    A little over a year ago, the city of Boston, as we will 
recall, was struck by a tragedy during the running of the 117th 
Boston Marathon. Two terrorists detonated pressure cooker bombs 
near the finish line. As you will recall, they killed three 
people; they injured nearly 300 more.
    The horror of this attack, which we viewed again and again 
on television, and again on the first anniversary of the 
attack, will never be forgotten, but neither will the heroism 
that unfolded immediately following those attacks. Police, 
medical personnel, National Guardsmen, volunteers, runners, and 
spectators all ran toward the blasts to provide immediate aid 
to the injured. These acts of courage and selflessness saved 
countless lives.
    The tragic events of the 117th running of the Boston 
Marathon remind us that we must constantly seek to counter the 
threats and anticipate the threats from homegrown terrorists 
and to improve our Nation's ability to anticipate--and 
prevent--the next attack.
    Today, as we strive to improve our counterterrorism 
efforts, we have the opportunity to look back at the Boston 
Marathon bombing and ask ourselves this question: What if the 
attack had occurred differently? What if it was even more 
deadly? What if the pressure cooker bombs were not just simply 
bombs but dirty bombs? The last question is what we are going 
to focus on today in this hearing.
    A dirty bomb is any kind of crude explosive device that, 
when detonated, disperses radiation around and beyond the 
blast. If a dirty bomb successfully goes off, those who survive 
the blast can be exposed to harmful amounts of radiation that 
could cause sickness or even death. Moreover, a dirty bomb 
could render areas uninhabitable for not just days or weeks or 
months but for years, making that particular weapon a highly 
disruptive weapon.
    If the Boston Marathon terrorists had turned their pressure 
cooker bombs into dirty bombs, then the consequences of that 
tragic day could have been multiplied by an order of magnitude. 
I want us just to think about that for a minute.
    For instance, when those police, medical personnel, 
volunteers, runners, and spectators all ran toward the blast to 
help the injured, what if they had been unknowingly exposed to 
harmful amounts of radiological material? In many cases, this 
material cannot be seen, as we know, it cannot be smelled, 
felt, or tasted. In this hypothetical, what would have been a 
heroic display of courage and selflessness could have quickly 
spiraled into a far more deadly and disruptive situation.
    Today's hearing will focus on how we can ensure that this 
hypothetical situation does not come to pass. We will focus on 
the threat of a dirty bomb and specifically examine the 
security of radiological material here in communities across 
our country that could be used to create a dirty bomb.
    Two years ago, at the request of then-Senator Daniel Akaka, 
a good friend of us all, the Government Accountability Office 
(GAO) issued a report examining the government's efforts to 
secure radiological material in U.S. medical facilities.
    GAO found that in many cases this radiological material was 
all too vulnerable to theft or sabotage. Shortly thereafter, I 
joined Senator Akaka and Senator Casey in requesting that GAO 
audit the security of radiological material used at 
construction and industrial sites.
    Unlike the radiological devices in hospitals that are 
stationary and large, industrial radiological sources are often 
found in small, highly portable devices, routinely used in 
open, populated areas. And we have on the poster over here an 
example of the kind of highly portable radiological device that 
we are talking about.\1\
---------------------------------------------------------------------------
    \1\ The chart referenced by Senator Carper appears in the Appendix 
on page 58.
---------------------------------------------------------------------------
    This is a radiography camera. It is a camera that is 
commonly used at constructionsites to survey pipes and 
foundations for cracks and imperfections. These cameras contain 
radiological material that, if seized by the wrong hands, could 
be used to help create a dirty bomb. This clearly is the type 
of portable device that a thief or terrorist could walk away 
with if they found it left unsecured. GAO will testify today on 
the security of industrial radiological material like this 
camera, but the messages from their audit are clear.
    Despite government efforts, industrial radiological sources 
are far too vulnerable to theft or sabotage by terrorists or by 
others wishing to do us harm. In fact, GAO found four cases 
where potential dirty bomb material was stolen between 2006 and 
2012.
    Moreover, GAO found two cases where individuals with 
extensive criminal histories were given unsupervised access to 
potential dirty bomb material. One of those individuals had 
been previously convicted of making ``terroristic threats.''
    We are going to learn more about these vulnerabilities, and 
I think we are going to learn a little bit about maybe some 
commonsense fixes from our friends at GAO. But let me just say 
this: We have to do better. We have to do better than this. And 
given the consequences of a dirty bomb, there really is no 
excuse for the kind of vulnerabilities identified by the 
Government Accountability Office.
    If we are to protect against the next Oklahoma City 
bombing, the next 9/11, or the next Boston Marathon bombing, we 
need to stay several steps ahead of the terrorists. We must 
anticipate and neutralize their evolving ability to carry out 
terrorist plots well before they are ever conceived and 
executed.
    Today we will also hear from three agencies that play a 
critical role in securing radiological material in the United 
States and preventing dirty bomb attacks from occurring.
    And with that, we are going to turn to our panel, and I am 
going to make some brief introductions of each of you, and then 
we will invite you to present your testimony. And I will ask 
some questions. Some of my colleagues will drift in and out; 
they will ask questions as well. And then by that time, it will 
be time for dinner. [Laughter.]
    Hopefully we will be done sooner than that. But I want to 
welcome each of you for joining us today. Thank you for coming. 
Thank you for your preparation for this hearing and for your 
willingness to respond to our questions.
    The Honorable Anne Harrington is the Deputy Administrator 
for Defense Nuclear Nonproliferation for the National Nuclear 
Security Administration (NNSA). Does that fit on a business 
card?
    Ms. Harrington. Barely.
    Chairman Carper. Barely. That is a lot. A position you have 
held, I understand, since, what 2010. Thank you. Prior to the 
National Nuclear Security Administration, she served as the 
Director of the National Academy of Sciences Committee on 
International Security and Arms Control. She has also held 
positions in the State Department as Acting Director and Deputy 
Director of the Office of Proliferation Threat Reduction. 
Welcome.
    Next on our panel we have Dr. Huban--and I am going to ask 
you to pronounce your last name. Let me try it, and then I want 
you to pronounce it for us. Gowadia? Is that right?
    Ms. Gowadia. Gowadia.
    Chairman Carper. Gowadia. That is a great name. The 
Director of the Domestic Nuclear Detection Office (DNDO) at the 
Department of Homeland Security (DHS). Dr. Gowadia was 
appointed Director in September 2013 after being Acting 
Director since 2012. Dr. Gowadia, welcome. I understand you 
served in multiple positions at the Domestic Nuclear Detection 
Office since 2005, and prior to that worked at the Department 
of Homeland Security's Science and Technology Directorate, the 
Transportation Security Administration (TSA), and the Federal 
Aviation Administration (FAA).
    Our next witness on this panel is Mr. Mark Satorius, 
Executive Director for Operations at the U.S. Nuclear 
Regulatory Commission (NRC), and in that role he serves as the 
Chief Operating Officer (COO) overseeing the day-to-day 
operations of that agency. Mr. Satorius joined the NRC 25 years 
ago as an operating licensing examiner and then as a reactor 
inspector and senior project engineer. Mr. Satorius, a U.S. 
Naval Academy graduate, served as an officer in the U.S. Navy's 
Nuclear Power Program and a nuclear-trained submarine officer. 
Thank you for that service, too.
    Our final witness this morning is Mr. David Trimble, who 
serves as a Director of the Natural Resources and Environment 
group at the U.S. Government Accountability Office. Mr. Trimble 
is the primary author of a GAO report underlining the threat 
presented by the security of domestic industrial radiological 
sources. In his current role at GAO, Mr. Trimble provides 
leadership and oversight on nuclear security and cleanup 
issues. Previously, he has focused on environmental causes, 
including controlling toxic substances, clean water, clean air 
issues, and the Environmental Protection Agency (EPA) 
management. Before joining GAO in 2009, Mr. Trimble served at 
the Department of State's Political Military Affairs Bureau 
where he was responsible for export compliance and enforcement 
issues.
    Those are the introductions. I am sure they do not do 
justice to each of you, but we are delighted that you are here 
and that you are willing to help better inform this Committee, 
and hopefully this Senate, with the potential threats that face 
us and what we might do about them.
    Ms. Harrington, please proceed.

     TESTIMONY OF THE HONORABLE ANNE HARRINGTON,\1\ DEPUTY 
 ADMINISTRATOR FOR DEFENSE NUCLEAR NONPROLIFERATION, NATIONAL 
   NUCLEAR SECURITY ADMINISTRATION, U.S. DEPARTMENT OF ENERGY

    Ms. Harrington. Thank you, Mr. Chairman, and thank you for 
giving me the opportunity to testify on the Department of 
Energy (DOE) National Nuclear Security Administration efforts 
to enhance the security of vulnerable high-risk radioactive 
sources in the United States. I would like to thank you for 
your continued interest and the interest of the Committee and 
its leadership on this important issue. I would also like to 
thank my colleagues from the Department of Homeland Security 
and the Nuclear Regulatory Commission for being constructive 
and indispensable partners in the effort to reduce the risk of 
radiological incidents.
---------------------------------------------------------------------------
    \1\ The prepared statement of Ms. Harrington appears in the 
Appendix on page 27.
---------------------------------------------------------------------------
    The Office of Defense Nuclear Nonproliferation, which I 
lead, in conjunction with our Federal, local, and industry 
partners, works to enhance the security of civilian radioactive 
materials in the United States and internationally. I have 
provided details on our programs in my written testimony.
    We do appreciate the comments and recommendations from the 
General Accountability Office, and we are actively implementing 
their recommendations to expand outreach to increase the number 
of program volunteers and enhance coordination with other 
Federal agencies.
    I want to use the time allotted for my oral remarks to look 
at the path forward and at the strategic approach we are 
developing to address the challenges of securing the materials 
that can be used in a dirty bomb.
    The importance of securing high-risk radiological sources 
was highlighted at the 2014 Nuclear Security Summit when the 
United States and 22 other countries signed on to a so-called 
gift basket, committing to secure all International Atomic 
Energy Agency (IAEA) classified Category I radioactive 
materials at a level that meets or, where possible, exceeds the 
guidelines of the agency's Code of Conduct on the Safety and 
Security of Radioactive Sources. The goal is to accomplish this 
by the 2016 Nuclear Security Summit.
    The recent theft in Mexico of a truck carrying a large 
cobalt-60 source demonstrates how much our own security depends 
on the quality of security outside our borders. Commitments 
like the ones implemented under the Nuclear Security Summit 
process contribute in a meaningful way not just to the security 
of individual countries but to our joint security.
    While we continue to proceed with implementation of 
security enhancements for high-risk radioactive materials, 
several factors have led us to consider a new strategic 
approach to addressing the dirty bomb threat through actions 
that achieve more permanent and sustainable threat reduction. 
Factors that we considered include: the large number of 
radioactive sources worldwide; the fact that we secure or 
retire existing sources even as new sources and new devices are 
being introduced; the long-term cost for sustaining security 
systems; the limited options for disposal of these sources; and 
the general constraints within the Federal budgets.
    The grand challenge we should consider is how we can 
achieve permanent risk reduction rather than continuing in the 
current preventive posture. Just as we have demonstrated that 
highly enriched uranium (HEU), is not necessary for producing 
critical medical isotopes and that we can eliminate HEU from 
that technology cycle, can we apply the same principle to 
radiological sources?
    We should strive to not only further enhance security, but 
reduce the size and complexity of the overall problem and 
achieve permanent threat reduction by decreasing the number of 
sites and devices that require the high-activity radioactive 
materials.
    The centerpiece of this strategy is to engage in a 
worldwide effort to provide reliable non-radioactive 
alternatives to the highest activity radioactive sources that 
pose the greatest risk or to find ways to reduce the amounts of 
material needed for a given function.
    We will need to have the engagement and active 
participation from the research, industry, and medical 
communities, but the potential benefits--removing the risk of a 
dirty bomb altogether--are significant.
    Considering a range of incentives for replacement where 
commercially viable alternatives exist is something that we are 
investigating, and we are also collaborating with our research 
and development office to explore and assess technical 
improvements that could be developed and transferred to 
industry for commercialization.
    We recognize, however, that we may not succeed in replacing 
the need for all sources. For example, radioactive industrial 
sources such as mobile well logging and radiography sources may 
not have an acceptable and viable alternative. In such cases we 
are collaborating with industry partners to develop innovative 
and sustainable security solutions.
    We have seen that other countries are willing to go above 
and beyond international norms and standards for radiological 
security through collaboration with our programs and through 
commitments they have made at the Nuclear Security Summit. We 
have also now seen domestically that some Agreement States have 
taken radiological security to a higher level. While we have an 
important role to play in this regard, we also encourage all 
other States to show the same initiative to demonstrate 
leadership and commit resources to take radiological security 
beyond minimum requirements.
    Thank you for your attention, and I am happy to answer any 
questions.
    Chairman Carper. Ms. Harrington, thank you so much. Thanks 
for your testimony. Thanks for your service.
    Dr. Gowadia, would you please present your testimony at 
this time? Thank you.

  TESTIMONY OF HUBAN A. GOWADIA, PH.D.,\1\ DIRECTOR, DOMESTIC 
 NUCLEAR DETECTION OFFICE, U.S. DEPARTMENT OF HOMELAND SECURITY

    Ms. Gowadia. Thank you. Good morning, Chairman Carper, and 
I would extend thanks also for holding this hearing. It is a 
good opportunity for us to appear today to present to you and 
discuss with you the Domestic Nuclear Detection Office's 
efforts to prevent and prepare for radiological events.
---------------------------------------------------------------------------
    \1\ The prepared statement of Ms. Gowadia appears in the Appendix 
on page 36.
---------------------------------------------------------------------------
    I am honored to be here today to testify with my 
distinguished colleagues. Their support and assistance are 
fundamental to the mission you have given my office.
    At the Domestic Nuclear Detection Office, we are singularly 
focused on the nuclear threat and seek to make nuclear 
terrorism a prohibitively difficult undertaking for our 
adversaries.
    In coordination with Federal, State, and local partners, we 
develop and enhance the global nuclear detection architecture 
(GNDA), which is a framework for detecting, analyzing, and 
reporting on nuclear and other radioactive materials that are 
out of regulatory control.
    Although my office focuses on detecting and locating 
radioactive materials once they are lost or stolen, we work 
very closely with our colleagues at the Department of Energy 
and the Nuclear Regulatory Commission who are responsible for 
the safety and security of these materials.
    Our approach to detection is based on the critical triad of 
intelligence, law enforcement, and technology. By ensuring 
intelligence-informed operations are conducted by well-trained 
operators using the right technologies, we maximize our ability 
to detect and interdict radiological and nuclear threats.
    The first leg of the triad, intelligence and information 
sharing, is, very frankly, the backbone of a robust detection 
architecture. Timely and accurate indicators and warnings are 
crucial to the deployment of resources and operations. 
Additionally, we analyze past nuclear smuggling cases and 
pertinent terrorism events and bring this knowledge to bear on 
the development of future detection architectures and systems.
    The Domestic Nuclear Detection Office's Joint Analysis 
Center enables information sharing and also provides alarm 
adjudication support and situational awareness to our 
stakeholders.
    To increase the awareness of lost and stolen sources, we 
regularly publish information bulletins for our State and local 
partners, summarizing relevant news articles with useful facts 
about radioactive materials.
    The second leg of our triad is law enforcement officers and 
first responders, those on the front lines of detection and 
prevention efforts. The Domestic Nuclear Detection Office works 
to ensure that they have the necessary capabilities and are 
well trained and ready for the mission. Since 2005, through 
many collaborative efforts, we have provided radiation 
detection training to over 27,000 Federal, State, and local law 
enforcement personnel and emergency responders. Annually, we 
conduct approximately 15 exercises that stress operator's 
abilities to detect illicit radiological and nuclear material 
while enhancing collaboration and building trusted networks.
    To date, the Domestic Nuclear Detection Office has engaged 
with 29 States to raise awareness of this threat, and we assist 
our State and local partners as they develop their own 
detection programs. We work with them to build a flexible, 
multilayered architecture that can be integrated with Federal 
assets into a unified response in the event of a credible 
threat. By the end of 2015, we will have expanded these efforts 
to cover all 50 States.
    The Domestic Nuclear Detection Office further supports law 
enforcement operations by providing mobile detection deployment 
units. These are designed to supplement existing local 
detection and reporting capabilities, especially in support of 
national and other special security events.
    The program was instituted in 2008, and the trailers house 
equipment for up to 40 personnel. In fact, this year on July 4, 
we will complete our 150th deployment of the mobile detection 
units.
    The final leg of our triad is technology. In addition to 
acquiring and deploying radiation sensors for the Department of 
Homeland Security's operational components, we maintain an 
aggressive transformational and applied research portfolio. The 
Domestic Nuclear Detection Office collaborates with Federal 
research and development partners as well as with industry, 
academia, and the national laboratories to bring the right 
technologies to front-line operators.
    Operators are always included in all of our efforts. For 
instance, we recently led the development of a next-generation 
handheld radioisotope identification device. These are 
regularly used by law enforcement and technical experts in the 
field.
    We work closely with our operational partners to identify 
key requirements for the design of the system. The final 
product is now a device that is lightweight, easy to use, more 
reliable, and even has lower life-cycle costs. With your 
support, we will continue such collaborative efforts to develop 
breakthrough technologies and offer significant operational 
improvements and enhance our national detection capabilities.
    Thank you again for this opportunity to discuss the 
Domestic Nuclear Detection Office's efforts to protect our 
Nation from radiological and nuclear threats. I sincerely 
appreciate your interest and support for the entire nuclear 
security enterprise. Your leadership and our collaborations 
will help us ensure a safe, secure, and resilient homeland. 
Thank you.
    Chairman Carper. Dr. Gowadia, thank you so much.
    Mark Satorius, please proceed. When you left the Navy, how 
many years had you served?
    Mr. Satorius. Five years of active duty, sir, and then 18 
years of reserve service.
    Chairman Carper. OK. And so 18 years of reserve service, so 
that is like 23 years.
    Mr. Satorius. Yes, sir.
    Chairman Carper. That is how many years I served, 5 active, 
18 reserve. And I was a Navy P-3 aircraft mission commander, 
and our job was to track Soviet nuclear subs. We did a lot of 
low-level missions off the coast of Vietnam, surface 
surveillance during the Vietnam War, including around those 
islands in the South China Sea where there is a big----
    Mr. Satorius. Yes, sir, and you oftentimes spent time 
looking for U.S. submarines without as much success.
    Chairman Carper. No, we were not stupid enough to try to 
look. We could not find them. They were so quiet. And the way 
we found them, as you know, was through sound. But we are very 
proud of your service there, and you are a retired captain?
    Mr. Satorius. Yes, I am. I am a retired captain.
    Chairman Carper. So am I. Well, Captain, my son, Ben, calls 
me, ``Captain, my captain.'' [Laughter.]
    And I always say, ``As you were, sailor.'' So, Captain, 
welcome.

   TESTIMONY OF MARK A. SATORIUS,\1\ EXECUTIVE DIRECTOR FOR 
         OPERATIONS, U.S. NUCLEAR REGULATORY COMMISSION

    Mr. Satorius. Thank you, and good morning, Chairman Carper. 
I appreciate the opportunity to appear before you today on 
behalf of the U.S. Nuclear Regulatory Commission.
---------------------------------------------------------------------------
    \1\ The prepared statement of Mr. Satorius appears in the Appendix 
on page 42.
---------------------------------------------------------------------------
    Radiological source security has been, and continues to be, 
a top priority at the NRC. The NRC continues to work with the 
37 Agreement States and domestic and international 
organizations on a variety of initiatives to make risk-
significant radioactive sources even more secure and less 
vulnerable.
    The events of September 11, 2001, changed the threat 
environment and resulted in significant strengthening of the 
security of radioactive sources. Immediately following 
September 11, 2001, the NRC, working with other Federal and 
State agencies, prioritized actions to enhance the security of 
radioactive sources. These initial actions resulted in the NRC 
issuing a number of security advisories to NRC and Agreement 
State licensees to communicate general threat information and 
recommend specific actions to enhance security and address 
potential threats. Once NRC identified actions that licensees 
needed to take to enhance the security and control of risk-
significant sources, the agency issued orders that imposed 
legally binding requirements on our licensees.
    In addition, as mandated by the Energy Policy Act of 2005, 
the NRC convened an interagency task force on radiation source 
protection and security to evaluate and provide recommendations 
to the President and the Congress relating to the security of 
radiation sources in the United States from potential terrorist 
threats. This task force submitted its first report to the 
President and Congress in August 2006, concluding that there 
were no significant gaps in the areas of radioactive source 
protection and security. The second task force report was 
provided in August 2010, and the third report will be submitted 
this August.
    At a hearing on July 12, 2007, by the Permanent 
Subcommittee on Investigations of this Committee, a web-based 
licensing verification system was discussed. In an effort to 
better track transactions of radioactive material nationally, 
the NRC developed a portfolio of automated tools to verify 
licenses and track credentials, inspections, devices and 
sources, and events. This portfolio includes: the National 
Source Tracking System, the Web Based Licensing System, and the 
License Verification System.
    The NRC also ceased relying on the presumption that 
applicants for a license were acting in good faith and instead 
instituted a policy by which the NRC and the Agreement States 
would verify the legitimacy of applicants when first dealing 
with them. We also issued pre-licensing guidance that includes 
various applicant and licensee screening activities and site 
visits to ensure radioactive sources will be used as intended.
    The NRC also has implemented a process called the 
Integrated Materials Performance Evaluation Program (IMPEP), to 
assess its own regional materials programs as well as those of 
the Agreement States. This program provides the NRC with a 
systematic, integrated, and reliable evaluation of the 
strengths and weaknesses of the respective programs, and it 
provides an indication of areas in which NRC and Agreement 
States should dedicate more resources or management attention.
    Through a significant collaborative effort between the NRC 
and the Agreement States, the agency developed a radioactive 
source security rulemaking to replace the earlier Orders and 
provide requirements to a broad set of licensees. This 
rulemaking was informed by insights gained through the 
implementation of the Orders.
    The resulting rule--10 Code of Federal Regulation (CFR) 
Part 37--is an optimized mix of performance-based and 
prescriptive requirements that provide the framework for a 
licensee to develop a security program for risk significant 
materials with measures specifically tailored to its facility. 
Compliance with the rule was required for NRC licensees by 
March 19, 2014. Agreement State licensees need to fulfill 
compatible requirements by March 2016.
    The NRC's efforts in material security have not ended with 
the publication and implementation of our radioactive source 
security rule. The NRC will continue to assess its programs to 
ensure that they promote the secure use and management of 
radioactive sources.
    This concludes my remarks, Senator, and I will be happy to 
respond to any questions you may have.
    Chairman Carper. Captain, thanks so much.
    David Trimble, GAO, nice to see you. Thanks for joining us, 
and thanks for all you guys do at GAO to help our country and 
us.

TESTIMONY OF DAVID TRIMBLE,\1\ DIRECTOR, NATURAL RESOURCES AND 
       ENVIRONMENT, U.S. GOVERNMENT ACCOUNTABILITY OFFICE

    Mr. Trimble. Thank you. My testimony today discusses the 
challenges Federal agencies face in securing industrial 
radiological sources in the United States and the steps 
agencies are taking to improve security. The potential 
vulnerability of radiological sources was highlighted last 
December when a truck in Mexico carrying a cobalt-60 source, a 
high-risk radiological source, was stolen.
---------------------------------------------------------------------------
    \1\ The prepared statement of Mr. Trimble appears in the Appendix 
on page 50.
---------------------------------------------------------------------------
    In our report being issued today, we examined two types of 
industrial radiological sources: mobile and stationary. We 
found that both pose security challenges even when licensees 
follow NRC's security controls.
    The size and portability of mobile sources makes them 
particularly challenging. IAEA officials have stated that the 
transportation of high-risk sources is the most vulnerable part 
of the nuclear and radiological supply chain. NRC requirements 
to ensure security for these mobile sources provide a general 
framework that is to be implemented by the licensee. While NRC 
orders call on licensees to secure these sources, they do not 
explain how to do this by, for example, specifying the 
robustness of locks that must be used or even that alarms be 
installed in trucks carrying mobile sources.
    While all 15 industrial radiography companies we visited 
met NRC's security requirements, we found great variation in 
the security measures employed, with some companies using only 
the most basic of locks to secure these high-risk sources. The 
risk to these mobile sources is underscored by four incidents 
of theft, all after NRC instituted increased controls for high-
risk sources in 2005.
    In addition to these thefts, we identified two instances 
where unauthorized individuals, both claiming to be State 
inspectors, approached the crew while in the field. In one 
case, the individual was wearing a jacket with a logo of the 
State. This person gained access to the truck, sought detailed 
information about the source, and left with two accomplices 
only after the crew had made calls to confirm his identity.
    Regarding stationary sources, these typically involve 
aerospace manufacturing plants, storage warehouses, and 
panoramic irradiators used to sterilize food. While all of the 
33 facilities we visited met NRC's general security 
requirements, some facilities still appeared to have 
vulnerabilities. Nine facilities had unsecured skylights. One 
facility had an exterior roll-top door that was open and 
unattended. And the wall of the cage inside where the 
radiography cameras were stored did not go to the ceiling. 
Another facility had an irradiator on wheels near a loading 
dock that was secured with a simple padlock.
    In addition to these potential security vulnerabilities, we 
found that some well logging companies that separately secure 
their high-risk sources, did not have to comply with NRC's 
increased security requirements.
    Licensees of both mobile and stationary sources also face 
challenges in determining which employees are suitable for 
trustworthiness and reliability certification, which is 
required by NRC before an employee is given unescorted access 
to high-risk radiological sources. The trustworthiness and 
reliability (T&R) certification is intended to mitigate the 
risk of an insider threat, which NNSA has stated is the primary 
threat to facilities with high-risk radiological sources.
    Under NRC's security controls, it is left to the licensee 
to decide whether to grant employees unescorted access, even in 
cases where an individual has been convicted of a violent crime 
or making terroristic threats.
    About half of the 33 licensees we visited said they faced 
challenges in making these determinations, and seven stated 
they had granted the T&R certification to individuals with 
criminal records, giving them unescorted access to high-risk 
sources. In one case, the individual had been arrested and 
convicted multiple times of assault, forgery, failure to appear 
in court, driving while intoxicated, driving with a suspended 
license, and twice for terrorist threats.
    Notably, the two convictions for terroristic threats were 
not included in the background information provided by NRC to 
the licensee. According to NRC, this person was not convicted 
of threats against the United States but of making violent 
verbal threats against two individuals.
    Our report also examined the steps Federal agencies are 
taking to better secure industrial radiological sources. NNSA 
has a voluntary program to install enhanced security measures 
at facilities containing high-risk sources, and both NNSA and 
DHS have research projects to help track mobile sources if lost 
or stolen. In addition, at the time of our review, NRC was 
preparing a security Best Practices Guide for licensees.
    Our report includes recommendations to NRC to review and 
consider advising the T&R process and re-examine the regulatory 
gap that exempts some facilities from the increased security 
requirements.
    Thank you. I would be happy to answer any questions you may 
have.
    Chairman Carper. David, thank you so much.
    I think we have a couple of photos here that have been 
enlarged, and I am going to ask, if I could, Mr. Trimble, for 
you to respond to a couple of questions.
    I think your report included in it a number of visuals that 
were especially interesting. We have taken I think three of 
those photos and put them on these large charts, and I am going 
to just present each of these three to you in sequence. I just 
want to ask you to describe the photo and the security concern 
that it represents.
    Here is the first one. What is the photo of?\1\
---------------------------------------------------------------------------
    \1\ The chart referenced in the hearing appears in the Appendix on 
page 57.
---------------------------------------------------------------------------
    Mr. Trimble. This is one of the sites we visited. This is a 
warehouse storing radiography cameras, and the potential 
security vulnerability we identified in this is the large door 
that is obviously left open and unattended.
    Chairman Carper. All right. And what is inside that might 
be of interest to----
    Mr. Trimble. Yes, these are the radiography cameras that 
you had the earlier picture of, and so the warehouse would be 
the central location where these cameras would be stored when 
they are not out in the field being used.
    Chairman Carper. Would they be inside? Could it be two or 
three, or maybe a couple dozen?
    Mr. Trimble. Yes, there could be any number of radiography 
cameras located inside, and they would be in a storage room 
behind a locked container. And so because they were in a locked 
container, they are meeting the NRC's security requirements, 
notwithstanding the open door and the unattended nature of that 
door.
    Chairman Carper. OK. Any idea how many of those handheld 
devices would be required if someone who knew how to handle 
radioactive materials could actually create a weapon of real 
concern?
    Mr. Trimble. I think I would defer to colleagues at the 
table here, but I believe one would be sufficient.
    Chairman Carper. OK. Let us look at the next photo. And 
what do we have here?\1\
---------------------------------------------------------------------------
    \1\ The chart referenced in the hearing appears in the Appendix on 
page 59.
---------------------------------------------------------------------------
    Mr. Trimble. This is inside one of the storage warehouses 
for those radiography cameras, but as you can see here, while 
there is a lock on the caged door, the door and the wall next 
to it do not go all the way to the ceiling. So it is a rather 
imperfect barrier.
    Now, again, inside of there, the radiography cameras were 
in a locked container, and that is how--notwithstanding the 
vulnerability there they are still able to meet the NRC 
security guidelines.
    Chairman Carper. Janet Napolitano used to be Secretary of 
Homeland Security, as you will recall, and I remember her 
sitting here at this table talking to us about border security. 
We were talking about building along the Mexican border with 
the United States a fence, or fences, and walls. I remember she 
said something to the effect of if I build a 20-foot fence, 
somebody will come along with a 25-foot ladder. Looking at this 
reminds me of that.
    I think we have maybe one more photo that has been enlarged 
and placed on a chart. Let us look at that, and maybe you can 
tell us about that photo. And what do we have here?\2\
---------------------------------------------------------------------------
    \2\ The chart referenced in the hearing appears in the Appendix on 
page 60.
---------------------------------------------------------------------------
    Mr. Trimble. This is a picture of a skylight, and at nine 
locations we visited, we identified unsecured skylights at the 
facilities. These facilities range from warehouses storing 
radiography cameras to scientific research facilities to large 
panoramic irradiators. So there are quite a range of facilities 
that had these vulnerabilities.
    Notably, I believe, in the NNSA program where they go in on 
a voluntary basis and beef up security. Skylights is one of the 
areas which they would target in terms of either closing the 
means of ingress or securing the skylight.
    Chairman Carper. Can you tell us in the building where a 
skylight exists, were the devices that we are talking about 
here locked up in a secure facility?
    Mr. Trimble. Yes. They are still meeting the NRC 
requirements because they would still be in a locked container 
inside the facility, but the skylight from our view is a 
potential vulnerability because it provides another way of 
getting inside the building to gain access to that container.
    Chairman Carper. As we all know, there are locked 
containers and there are locked containers. And some are not 
very secure; others are quite secure. Can you comment on that, 
please?
    Mr. Trimble. Well, we saw the radiographers transporting 
their mobile sources on trucks. Some of these trucks were 
secured with very simple padlocks. Some had high security 
locks, and inside where the radiography cameras would be 
stored. Sometimes people would just have an Army surplus 
container with a cable securing it to the truck, which provides 
the second lock required under the NRC requirements.
    Some took the mission much more seriously, bought 
reinforced steel containers and had bolted them did a a better 
job to secure those containers.
    So there is a great variability that we observed in the 
field.
    Chairman Carper. Let me just ask the other panelists just 
to react to what we have seen and what Mr. Trimble has said. 
Any thoughts before I ask a different question? Captain 
Satorius.
    Mr. Satorius. Well, Senator, I would just say that this is 
the first I have seen of these pictures. I have been made aware 
of issues that the GAO has found within their report. Being an 
organization that always strives to continually improve, we 
have a new security rule, which I mentioned, 10 CFR Part 37. We 
will look at that rule and see if there are things that we need 
to beef up. But as a regulatory body, we put regulations in 
place that are risk informed and performance based, and we do 
not typically have a one-rule-fits-all. We leave it to the 
licensees to do. It is their responsibility to take our 
requirements and put their program into place and ensure that 
they are complying with our regulations.
    Now, we do provide with rules guidance that will instruct 
licensees on how they can construct and operate their program 
in a manner that will comply with our regulatory requirements. 
But we leave it to the licensee to put their program in place 
to document a written security plan. I would have to understand 
the security zone on some of these pictures to understand 
completely all the details. But I wanted to provide that short 
perspective.
    Chairman Carper. OK, good. Is this an honor system that is 
in place, basically self-policing compliance?
    Mr. Satorius. No, because we also inspect these facilities, 
and where we have compliance problems, where they do not comply 
with our regulatory requirements, we have an enforcement 
program that can issue violations, civil penalties, Orders that 
will modify or revoke their license if necessary. So we have a 
very robust enforcement program. And like I say, we inspect 
these facilities on a periodicity that aligns with the 
potential danger that might befall a member of the public if 
they were to be exposed.
    Our inspection program is quite robust. I am a former 
inspector myself. It is about a year program that has formal 
classes that have to be taken and passed successfully. There 
are many on-the-job type accompaniments where you are under 
instruction as you perform these inspection activities. And 
then, finally, you are qualified as an inspector through an 
oral board.
    So it is a rigorous program, and only inspectors can 
perform these sort of reviews of licensees.
    Chairman Carper. Did you say the regulation had been 
updated recently?
    Mr. Satorius. Yes.
    Chairman Carper. Give us just a flavor for how it was 
changed.
    Mr. Satorius. I had mentioned in the 2005 timeframe we had 
done an assessment since 9/11 and looked at what things we 
needed to make regulatory requirements, and what we typically 
do is we will issue orders that modify their license and has 
them perform certain activities. We will then take a little bit 
longer and go through the rulemaking process, which is a 2- to 
3-year process, involves outreach to stakeholders and members 
of the public to help us in that rulemaking endeavor.
    And so that process took place, and we issued that 
regulation in March of this year. It involves, as you have 
heard, a background check to ensure that individuals that are 
allowed to have access by themselves, that they are trustworthy 
and reliable. The licensee performs that review and makes the 
determination as to whether the individual is trustworthy and 
reliable.
    We also have issued a guidance document of best practices 
for performing these type of reviews so that the individual 
that is responsible for making that call has guidance on what 
to look for and what the other thing that it requires is 
liaisoning with local law enforcement so that you have a plan 
that if in the course of the required detecting and assessing 
and responding to the potential theft of a source, you have to 
lay out a plan with local law enforcement so that they can 
respond. They are required to inform the NRC--they call the 
local law enforcement first, and they are required to call us 
as soon as they are done with that so we get early notification 
so that we can outreach to our Federal partners to make sure 
that this lost or stolen source has actually been absconded 
with and----
    Chairman Carper. OK.
    Mr. Satorius. Those are some of the things.
    Chairman Carper. Can you give us some idea how often these 
reports to police and to the NRC come in for devices that are 
missing or are believed to be stolen?
    Mr. Satorius. I would say several a month, and the vast 
majority of those, all but--since 2005--I am sorry. 2010, 2011, 
2012, and 2013, there has been no Category I source lost or 
stolen. For Category II sources----
    Chairman Carper. Give us some idea what a Category I is as 
opposed to a Category II, please.
    Mr. Satorius. Yes. The IAEA standards and their Code of 
Conduct identifies Category I sources as, if not safely managed 
or securely protected are likely to cause permanent injury to a 
person who handled them or were otherwise in contact with them 
for more than a few minutes, it would probably be fatal to be 
close to this amount of unshielded material for a period of a 
few minutes to an hour. And these sources are used in 
irradiators, and they are very strong sources. They tend to be 
cobalt-60.
    And Category II is one step down from that, where if you 
were in close contact to it for an hour or two, there would be 
serious injury and possibly a fatality.
    Chairman Carper. I would assume that for Category I devices 
that the level of risk would be higher.
    Mr. Satorius. Yes.
    Chairman Carper. And the requirement for securing the 
device would be greater, and maybe even inspections would occur 
more often. Give us some idea how often inspections would occur 
for these different categories.
    Mr. Satorius. Annually for Category I sources.
    Chairman Carper. And for the other categories?
    Mr. Satorius. It varies. Some have a periodicity of every 2 
years or every 3 years, depending upon the strength of the 
material and its potential to harm members of the public. And I 
will say also for Category I sources, Part 37, the new rule, 
requires that anytime the source is removed from its storage 
container, it sets off an alarm. So that is a new requirement 
that was in Part 37.
    Chairman Carper. And is that for Category I devices?
    Mr. Satorius. Yes.
    Chairman Carper. OK. Let me just ask our panelists, would 
you just comment on the rule that Captain Satorius just 
described? What should we be encouraged by, maybe concerned 
about? Please, any of you. David.
    Mr. Trimble. Well, as we note in our report, our site 
visits were assessing the current rules. Part 37 did not kick 
in for NRC-led States until this year, and it will not roll out 
for States until 2016.
    What I would highlight, however, is that many of the 
problems that were identified in our report I do not believe 
would be addressed. For example, the issue of collocation where 
some sites are able to not be subject to the security 
requirements because they are separately stored; therefore, 
they are not totaled up to hit the regulatory threshold that 
triggers the requirements for enhanced security. I do not 
believe that is addressed.
    I do not believe that some of the specificity that we have 
talked about in terms of types of locks for Category II sources 
is addressed.
    And then the issue about trustworthiness and reliability 
certifications and the process by which that is done I do not 
believe is addressed.
    So the decision is still being left to the licensee, and 
there is no process which--or criteria that would disqualify 
someone from being given such a certification. There is no 
process by which, say, for example, say you had a conviction or 
a red flag that would trigger greater NRC involvement.
    Chairman Carper. Ms. Harrington or Dr. Gowadia, would you 
just react to what Mr. Trimble just said?
    Ms. Harrington. I would like to take perhaps one of his 
points just very briefly, actually one of Mr. Satorius' points, 
which is the coordination, and I think this is one of those 
places where we can play a special role and do, along with NRC 
and DHS. Reaching out to law enforcement can often be very 
complicated. There are many different layers. You might be in a 
tribal area. It might be a university campus with its own 
security police. It could be an environment where you have 
local county and State police.
    So part of what we do collaboratively to go a bit above and 
beyond what is in the actual rule is to organize tabletop 
exercises that involve all elements of the community. These 
exercises really help bring together the different elements of 
the community that would be involved in response to any kind of 
incident. And so far in collaboration with our colleagues at 
the Department of Energy who do counterterrorism and 
counterproliferation, we have run well over 100 of these 
exercises all over the United States in communities----
    Chairman Carper. How often? Like in a year or what?
    Ms. Harrington. Several a year, usually. But we have found 
that the feedback from this kind of exercise is extremely 
positive. But if you were to try to regulate that sort of 
exercise, I am not sure exactly how you could do it. But this 
is one of the steps by looking together at how we can 
collaboratively improve the security posture, we have come up 
with some approaches like this that I think we feel are a very 
positive contribution to the overall security.
    Ms. Gowadia. Speaking for the Domestic Nuclear Detection 
Office, sir, I could tell you that the collaboration one is 
very critical because the trusted networks by virtue of these 
exercises and all the work we do in our trilateral meetings, in 
our Government Coordination Council, et cetera, they help us 
build an ability to get the early indicator, the early warning, 
so that the law enforcement assets with the detection 
capabilities can respond and help find the lost or stolen 
sources.
    So we certainly support the regulatory work at the NRC and 
additional work that Administrator Harrington just mentioned, 
because it definitely enables our end of the mission spectrum, 
the detection, the find, fix, and locate piece.
    Chairman Carper. How do the safeguards that have been 
described here this morning, how do they compare with 
safeguards that are in place in other countries around the 
world where they have whether it is radiography cameras or 
other devices, even medical radioactive materials? How does our 
work compare with that of other countries?
    Ms. Harrington. This really is a global challenge, and I 
think to the credit of the countries involved in the Nuclear 
Security Summit process, they really have brought radiological 
security to the fore since the 2012 summit when it was added to 
the list of active targets for collaboration. I mentioned in my 
testimony that at the 2014 summit the United States and 22 
other countries made a commitment that by the time of the 2016 
summit, we would have taken steps to secure all Category I 
sources. So that now is on our collective plates in the United 
States to deliver that to the 2016 summit, and we will work 
collaboratively with other countries.
    But I would venture to say that the photographs that we saw 
here today could reasonably represent similar challenges within 
the international community. In fact, I was at a conference in 
southern Africa earlier this year, and as you know, very rich 
in natural resources, and the countries are extremely worried 
about the dirty bomb threat because of the number of sources, 
the lack of regulation, lack of secure procedures, lack of a 
strong independent regulator to provide a framework. And so we 
will work with those countries collaboratively to try to help 
them improve their profile.
    Chairman Carper. OK. When I was Governor of Delaware for 8 
years, I was very much involved in the National Governors 
Association (NGA), which had a clearinghouse for good ideas. I 
remember many cabinet meetings presiding over with our cabinet 
when we were discussing a particular challenge in our State, 
saying to my cabinet, ``Some other State has faced this 
challenge, and they have figured it out, and they are the gold 
standard.'' We had, as I said, in the National Governors 
Association this clearinghouse for good ideas, and we had the 
ability to find out what other State had addressed this 
satisfactorily, who the contact people were, how to get in 
touch with them, and it was actually very helpful in many 
instances.
    Do we have that kind of capability with maybe looking--I do 
not know if we would look from State to State, but if not from 
State to State to see who has the best practices in this 
regard, or maybe from country to country who has the best 
practices? Maybe it is us. But could you all speak to that, 
please?
    Mr. Satorius. I can start, Senator.
    Chairman Carper. Please.
    Mr. Satorius. And I will speak from an Agreement State 
perspective where we have 37 States within the United States 
that have signed an agreement--the Governor has signed an 
agreement with the Chairman of the NRC where we first--where 
they want to take over the responsibilities for the safety and 
security of certain radioactive sources. And we have a process 
that we review their program and ensure that it has the right 
staffing, the right training.
    Chairman Carper. Excuse me. Why would a State want to take 
over that responsibility?
    Mr. Satorius. Many reasons. The principal one that I hear 
is that we charge fees for licenses and for doing our 
regulatory activities. We are a 90-percent fee-recoverable 
agency. And so we charge fees. They oftentimes can do it for 
less money, so it is kind of a service to their constituents 
where they are able to provide those industrial users or 
medical users the use of these sources safely and compliant 
with our requirements at less cost to their citizens.
    Chairman Carper. OK. Others on the issue of compliance and 
best practices, whether it is within this country or outside of 
this country, please?
    Ms. Harrington. Well, you mentioned Senator Akaka before, 
and I had the honor to testify before him several years ago, 
and he was truly a leader in this area and worked very hard 
with----
    Chairman Carper. What do you suppose inspired him?
    Ms. Harrington. I am not sure. I would ask my team, 
especially Ioanna Iliopulos, who runs this program for us, she 
worked very closely with the Senator and with the State of 
Hawaii to bring them into full compliance with all regulations 
and, as far as I know, they were the first State to do that.
    Chairman Carper. OK. Ioanna, can you step a little closer 
to the microphone, please? If you can just take a moment, then 
we let you escape to your seat.
    Ms. Iliopulos. Thank you.
    Chairman Carper. Would you just say your name, please?
    Ms. Iliopulos. Yes. My name is Ioanna Iliopulos, and I work 
for NNSA, and I run the domestic program.
    Chairman Carper. Ioanna Ilopulos?
    Ms. Iliopulos. Iliopulos.
    Chairman Carper. Thank you. There you go.
    Ms. Iliopulos. I think the Senator was truly a visionary 
and cared about a lot of post-September 11 threats, and there 
were a lot of indicators in the early days post-September 11, 
and intellectually had talked to other Congressmen and Senators 
on this issue and requested that the GAO look into the area. 
And I think with GAO's audits, which were somewhat painful, on 
Federal programs but I think in the end raised the visibility 
of some of the vulnerabilities we have both domestically and 
internationally. And he was a clear advocate of it can be done 
in my State, I have medical facilities, I have USDA 
irradiators, I have a Navy base, I have a lot of things right 
in my own back yard, if it can be done in my State and we can 
increase the security posture, that could serve as a model 
going forward with other States.
    So it was a push on our part. We did not solely focus on 
Hawaii. We focus on major metropolitan areas and other States 
across the country on a voluntary basis, but his foresight and 
his advocacy on this issue clearly articulated the need for 
others to step up and step forward.
    Chairman Carper. All right. Thank you very much. Mr. 
Trimble.
    Mr. Trimble. I would just add that previously GAO has done 
some work in this area. We looked at the issue of orphan 
sources, and we looked at how they were handling this issue in 
France, and they had some innovative ideas. We have not looked 
at the cross-organizational sharing aspect per se, but we have 
done some work overseas to look at how other countries have 
tackled some of these issues.
    Chairman Carper. I guess it would be understandable that if 
other nations have these devices that have radioactive 
materials in them, whether they are mobile or stationary, and 
if other countries do not secure them well and those materials 
were obtained, they could be used for bad purposes in those 
countries or maybe anywhere. What do we have to reduce the 
likelihood that if another country did not secure their 
radioactive materials well, what assurances do we have with the 
way we protect our own borders and our ports of entry that we 
will be able to detect or intercept any of that material coming 
in? Dr. Gowadia.
    Ms. Gowadia. Yes, thank you, Senator, for that question. At 
DHS we believe in a multifaceted, layered approach to our 
security. So this begins well overseas. In my office, the 
Domestic Nuclear Detection Office, we work very closely with 
the International Atomic Energy Agency so that we can 
promulgate best practices across the globe. All 159 member 
States now have access to best practice guides on building 
national architectures, exercising, training, and awareness, 
and we are even beginning to teach some of the courses at the 
International Law Enforcement Academy. So that is our first 
outreach.
    We also work with partner nations certainly to encourage 
them to have layered approaches within their nations. I guess 
as I go through my answer you will see me building layer after 
layer after layer so that we can make nuclear terrorism a 
harder and harder undertaking for the adversary.
    We use information such as manifest data to focus our 
overseas scanning efforts, and then certainly collaborate with 
our Intelligence Community partners so that we can get the 
early indicators, the early intelligence warnings, and surge 
our assets as necessary.
    At the borders itself, we have very robust capabilities, 
almost 100 percent of our containerized cargo is scanned at our 
seaports; 100 percent of vehicular traffic that comes across 
our land borders at our ports of entry get similarly scanned. 
We have well-trained law enforcement officers in Customs and 
Border Protection (CBP) and United States Coast Guard (USCG). 
Every boarding party in the United States Coast Guard carries 
detection equipment. All incoming general aviation flights are 
met by Customs and Border Protection officers who have the 
right equipment and scan the incoming aircraft. These are just 
some of the examples I can think of.
    And, of course, with your continued support, we will 
continue to make the right investments and appropriately 
balanced capabilities to build strength after strength at our 
borders and with our international partners.
    Chairman Carper. Well, to be honest, all that is actually 
encouraging, and so we are grateful for the work that is being 
done. I like to say everything I do I know I can do better. 
Sometimes I say the road to improvement is always under 
construction. And just give us some examples of what we are 
doing better today than maybe what we were doing in the not too 
distant past, and maybe mention a couple of areas where we can 
do better still. This would be for you and for others as well.
    Ms. Gowadia. I guess I will start. One of the things we do 
better today is inform our efforts based on a more holistic 
look at the risk. My office is responsible for coordinating the 
global nuclear detection architecture and implementing its 
domestic component. So in these fiscally constrained days, we 
have to balance our resources to get the maximum bang for the 
buck, so we are now analyzing risk-informed schemes, building 
better feeds from information so that our mobile, agile 
architecture can be more responsive to a credible threat. So 
that is something we are doing better.
    I could not agree with you more, Senator, no matter what we 
are doing, we can always do something better, a lot better. And 
with the adversary being adaptive, we have to continue to grow 
and stay ahead of their capabilities as well.
    You heard the Administrator talk about exercising. Illicit 
nuclear materials are not something a law enforcement officer 
sees on a day-to-day basis, so we must practice. We must keep 
our skills up to speed, and we do that with some of our field 
exercises where we use uncommon sources to expose our officers 
to things they do not see on a normal basis.
    These are some of the activities. Integrated exercising I 
think is something we can do better moving forward. And our 
communications coordination function always can be better.
    Chairman Carper. Anyone else? Ms. Harrington.
    Ms. Harrington. So Dr. Gowadia mentioned the global nuclear 
detection architecture. There was a White House review of GNDA 
last year, and within the context of that review, some very 
specific areas for the programs that we run at the Department 
of Energy were identified as necessary to fill certain gaps. 
For example, our second line of defense program works very 
carefully and closely with DHS. We install radiological 
detection devices in ports where there is a lot of outgoing 
cargo traffic to the United States. So we try to catch things 
before they even are headed to the United States, and we are 
particularly interested in nuclear material. But radiological 
sources are also a very big concern, and a large number do get 
caught through this system, identified, isolated, and then 
handled appropriately.
    Also internationally, since 2004--and we just actually 
celebrated the 10-year anniversary of our Global Threat 
Reduction Initiative (GTRI)--we have done an enormous amount of 
work internationally to both secure sources, identify 
disposition pathways, work with countries to develop best 
practices, work on an international code of conduct for the 
security of radiological sources. This is an extremely active 
area of programming for us and one where we will continue to be 
extremely active.
    I think one of our biggest accomplishments was first 
identifying and then retiring the radiological thermoelectric 
generators (RTGs), used by Russia to power lighthouses in very 
remote locations and so forth. These were massive sources, and 
one of them could have been used for many dirty bombs. So that 
was a huge accomplishment over multiple years. But we have had 
similar kinds of work going on across the globe for the last 
decade.
    Mr. Satorius. Senator, I would just add that one of the 
things we are doing better today that we were not doing in the 
past has to do with our source security rulemaking that I 
mentioned earlier. There are six focus areas within that 
rulemaking that makes it a more effective rule, and that 
includes, as I think I had mentioned, background checks, 
including FBI fingerprinting, to help ensure that individuals 
who are allowed next to sources, can do so unescorted, 
controlling personnel access where risk-significant sources are 
being stored, documenting security programs. In other words, a 
written security program that lays out how the licensees will 
safeguard these sources, coordinating with local law 
enforcement to have a plan in place in case there is theft or 
diversion, and coordinating and tracking radioactive source 
shipments such that if they become lost during shipment, there 
is a manner to be able to find them.
    Chairman Carper. OK, good.
    Mr. Trimble. I would add just one----
    Chairman Carper. Mr. Trimble.
    Mr. Trimble. I think the international efforts we have 
discussed today in terms of protecting the country highlight in 
an indirect way the importance of the issues we bring up in our 
report, because as those pathways become more and more 
difficult for anyone to navigate, the easiest path is domestic. 
Why try to bring something in from overseas if you can just go 
to the local hospital or go to the warehouse to get the source? 
So this underscores the importance of making sure the NRC 
requirements for domestic medical and industrial users are 
robust, and the weaknesses we identified are addressed. The 
points I would highlight in terms of where we can do better. 
Specifically should be looking at the definition of 
``collocation'' so that all vulnerable facilities are subject 
to the regulations, improving how we do background checks, 
giving better guidance on who should and should not be given 
such access, examining whether NRC should be playing a bigger 
role in that process and providing more specific guidance to 
companies and licensees who are not security professionals. 
These are commercial companies doing a business. They may have 
some health and science background, but they are not security 
professionals, so they need some more help than what we are 
giving them right now.
    Chairman Carper. OK, good. Let us go back to those 
radiography cameras. Before, one of the questions I had asked 
is: Are they Category I or Category II?
    Mr. Satorius. They are Category II, and they have a source 
that needs to be replenished fairly often because of its half-
life.
    Chairman Carper. OK. What would be ``fairly often''? Every 
year or two?
    Mr. Satorius. About every 3 months.
    Chairman Carper. OK. That is fairly often. All right.
    Are we aware of any effort to actually mount an attack 
using a dirty bomb in this country or another country? Are we 
aware of whether someone has actually attempted, much like in 
Boston where we had the effort, unfortunately successful, to 
use pressure cookers to hurt and kill and maim a lot of people? 
We have seen the use of a substance in the air to poison, try 
to kill people in subways, so we have actually demonstrated 
uses of technology to hurt people. Do we have any documentation 
about attacks either in this country or in other countries 
where this was actually tried, maybe failed, maybe aborted?
    Mr. Satorius. I do not, sir. There is the general threat 
that we make every effort to safeguard against. I am not sure 
if my colleagues are aware of any attempts to produce a dirty 
bomb using our sources?
    Ms. Harrington. If you want to followup with a classified 
briefing on the topic, we could go into that in more detail.
    Chairman Carper. OK. Good enough. And I am going to ask a 
follow-on question, and if it is one that is not appropriate to 
answer in this space, just say so. But people can go on the 
Internet and learn all kinds of things, including how to build 
weapons, and nuclear weapons, pressure cooker bombs, and I 
presume dirty bombs.
    Given the access to that kind of information, why do you 
suppose no one has done it, at least to our knowledge--and they 
have certainly not been successful in doing it. And maybe it is 
because of the security measures that we are talking about in 
this country are pretty good, getting better. Maybe it is 
because that is true in other countries. Maybe it is not as 
easy as it sounds to do, and maybe people just decided that it 
is too dangerous and they are going to hurt or maim other 
people, they maybe find some way to do it that is less damaging 
to the perpetrator, although a lot of them do not really seem 
to care about whether or not they live or die. But why? Why do 
you suppose we have not seen it attempted more? Mr. Trimble.
    Mr. Trimble. I will just jump in to start the conversation. 
I think the efforts of NNSA, DHS, and NRC deserve credit for 
all they have done to try to secure these sources. I think 
where the conversation is going is: Is there more that we can 
do, though? And that is really where our report is coming from, 
and really it is just premised on the idea that it only takes 
one to make a really bad day.
    Chairman Carper. Others, please?
    Mr. Satorius. Just quickly, I would like to say that I 
believe some of the efforts that we have taken in putting 
together regulatory programs as well as other programs, that is 
certainly one of the drivers. We have made it very hard for 
people to get their hands on these things.
    Chairman Carper. Doctor.
    Ms. Gowadia. Senator, I would echo a lot of what you said 
and what we have heard today, but in a different setting, I 
think we can go into more specifics.
    Chairman Carper. OK. Ms. Harrington.
    Ms. Harrington. I support Dr. Gowadia's statement about 
taking this up in a different environment.
    Chairman Carper. OK. Fair enough.
    Captain Satorius, let me go back to you. Let me just ask, 
does the NRC have any mechanisms to immediately review 
unescorted access decisions made by licensees? For instance, if 
a licensee grants unescorted access to an individual with a 
violent criminal history, will the NRC be immediately made 
aware of this action and will it be able to take immediate 
action?
    Mr. Satorius. We would be able to inspect it at our next 
scheduled inspection activity. That is when we review the 
decisionmaking by the licensee staff on trustworthiness and 
reliability.
    Chairman Carper. Mr. Trimble, do you want to react to that?
    Mr. Trimble. My understanding of the guidelines, though, is 
that what is being reviewed is that the various factors were 
considered, but the actual decision is left to the licensee. So 
there is still no prohibition that if someone has convictions 
for certain things, they are not allowed to have access.
    Chairman Carper. Does that sound satisfactory? Should we be 
concerned about that, ladies?
    Ms. Gowadia. So I would respectfully defer to my regulatory 
colleagues on Director Satorius' position. I support and 
advocate for this mission because, again, the more secure these 
sources are, the easier it becomes for the detection end of 
things.
    Chairman Carper. OK. Do you think it would be helpful, 
again, Mr. Satorius, to require that the licensee get a second 
opinion from their respective State or the NRC regarding the 
trustworthiness of an individual?
    Mr. Satorius. Well, Senator, I do not think it would, and 
the reason is, as a regulatory body, we expect our licensees to 
perform these activities. We give them good guidance that they 
can follow and so that they will repeat the right decisions. 
But I would say that it is not within our purview to be 
consultants. We review what the licensee has done and make a 
decision on whether they comply with our regulations.
    Chairman Carper. In any of your regulations, does the NRC 
expressly prohibit licensees from granting unescorted access to 
individuals previously convicted of making, for example, 
terroristic threats?
    Mr. Satorius. They do not.
    Chairman Carper. OK. Maybe one more question, and then we 
will wrap up. We are going to start voting in just a few 
minutes. This would be one for Ms. Harrington and for Captain 
Satorius. This is on security enhancement. I understand that 
the National Nuclear Security Administration's Global Threats 
Reduction Initiative works with the Nuclear Regulatory 
Commission, licenses State, local, and tribal governments and 
other Federal agencies to build on the existing regulatory 
requirements by providing voluntary security enhancements. Let 
me just ask you, Administrator Harrington, how many security 
enhancements has the National Nuclear Security Administration 
put into place on industrial and construction facilities? And a 
followup would be: What obstacles stand in your way from 
installing some form of security upgrades for all high-risk 
radiological sources?
    Ms. Harrington. I do not know if these numbers break out 
strictly the industrial facilities, but according to our 
analysis, there are approximately 3,000 buildings in the United 
States containing high-risk radiological sources. Of that 
number, we have already worked in 650 buildings providing our 
security upgrade program, and we intend to complete another 45 
in this fiscal year. So that is, I think, a reasonable 
accomplishment, but that only gets us up to 700 out of 3,000.
    We have also recovered----
    Chairman Carper. What about the other 2,300?
    Ms. Harrington. Well, those are in out-year plans, but with 
the budget environment as it is, we have had to extend the 
target date for completion farther than we had originally 
thought would be possible.
    The other part of this is the disposition pathway for these 
sources, and that is often a challenge because you either have 
to find a secure storage facility for long-term storage or, 
some other way to safely dispose of those sources. It is the 
licensee's responsibility to do that unless the source that 
they have has no clear disposition pathway, in which case we 
can step in and assist.
    Chairman Carper. OK. Mr. Satorius, if you have something to 
add, feel free to do so briefly. Otherwise, I am going to bring 
this to a close for now. Anything else you want to add there on 
this point?
    Mr. Satorius. Not on this point. I think my colleague has 
said it very carefully.
    Chairman Carper. OK.
    Mr. Satorius. These are enhancements, and we believe that 
compliance with our regulations provide adequate protection for 
the public.
    Senator, I do need to correct one statement I made earlier 
for the record, if I could do that very quickly.
    Chairman Carper. Sure.
    Mr. Satorius. That is, not all Category I sources are 
inspected on a yearly basis. The periodicity of the inspection 
is based on the safety and robustness of the device, and some 
Category I sources are scheduled for periodic inspections at a 
greater periodicity than 1 year, at 3 years, 4 years, 5 years.
    Chairman Carper. Good. Thanks for that clarification.
    Let me just say as we come to a close, our job in this 
Committee is to do oversight. We have the responsibility of 
oversight for the Department of Homeland Security. We also have 
broad responsibility or oversight for the whole Federal 
Government. And other committees have subcommittees that are 
responsible for investigations. Some of them take it seriously; 
others do not. But it is hard for one Committee such as this 
one to really exercise meritorious oversight over the entire 
Federal Government, like we have 15, 16 people, and as good as 
we are, and our staffs and all, it is just a little bit too 
much for us to handle. But one of the things we can do from 
time to time is partner with the GAO and ask them from time to 
time to look at particular issues, in this case threats, and 
ask the question: How are we doing? What are we doing well? 
Maybe what are others in other countries doing even better that 
we can learn from, or even particular States?
    I hope and pray that the subject of today's hearing is 
something that will just always be the subject for a hearing or 
for speculation and that nobody is ever going to be hurt or 
inconvenienced in any way because of an attack of this nature. 
You never know. And what we can do is try to make sure that we 
are doing everything we can to hope for the best and prepare 
for the worst. And I am encouraged today to hear that there is 
a fair amount of work going on to protect our people and to 
share that information with other nations so that they can 
better protect their own folks. But I certainly do not want to 
hear someone ever ask the question: Why didn't somebody do 
something about this threat of a dirty bomb? Why didn't 
somebody do something to protect against it? And I want us to 
be able to say, well, we have worked hard in order to protect 
our people and our country from a threat of this nature.
    So as I said earlier, everything I do I know I can do 
better. I think that is true of all of us, and that is true of 
every Federal program. And so our goal is perfection--probably 
hard to reach, but it is a pretty good goal for us.
    So I will conclude by saying how much we appreciate not 
just your being here, not just preparing for the hearing, not 
just answering my questions, but also we appreciate very much 
the work you do for our country. Thank you for your service to 
our Nation.
    The hearing record will remain open for 15 days--that is 
until June 27 at 5 p.m.--for the submission of statements and 
questions for the record, and, again, our thanks to each of 
you, and to our majority and minority staff, for helping us 
prepare for this hearing.
    Thank you so much, and with that this hearing is adjourned.
    [Whereupon, at 11:55 a.m., the Committee was adjourned.]

                            A P P E N D I X

                              ----------                              

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]



                                 [all]