[Federal Register Volume 62, Number 231 (Tuesday, December 2, 1997)]
[Rules and Regulations]
[Pages 63640-63644]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 97-31515]
-----------------------------------------------------------------------
NUCLEAR REGULATORY COMMISSION
10 CFR Part 73
RIN 3150-AF53
Changes to Nuclear Power Plant Security Requirements
AGENCY: Nuclear Regulatory Commission.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Nuclear Regulatory Commission (NRC) is revising its
regulations to delete certain security requirements associated with an
internal threat. This action follows the NRC's reconsideration of
nuclear power plant physical security requirements to identify those
requirements that are marginal to safety, redundant, or no longer
effective. This action will reduce the regulatory burden on licensees
without compromising physical protection against radiological sabotage
required for public health and safety.
EFFECTIVE DATE: January 16, 1998.
FOR FURTHER INFORMATION CONTACT: Dr. Sandra Frattali, Office of Nuclear
Regulatory Research, U.S. Nuclear Regulatory Commission, Washington, DC
20555-0001, telephone (301) 415-6261, e-mail [email protected].
[[Page 63641]]
SUPPLEMENTARY INFORMATION:
Background
On February 20, 1997, the NRC published a proposed rule in the
Federal Register (62 FR 7721) that would revise the NRC's regulations
associated with an internal threat to nuclear power plants that are
contained in 10 CFR part 73, ``Physical Protection of Plants and
Materials.'' The five changes, which provide significant relief to
licensees without compromising the physical security of the plants,
involve changes to--
1. Search requirements for on-duty guards, Sec. 73.55(d)(1);
2. Requirements for vehicle escort, Sec. 73.55(d)(4);
3. Control of contractor employee badges, Sec. 73.55(d)(5);
4. Maintenance of access lists for each vital area,
Sec. 73.55(d)(7)(i)(A); and
5. Key controls for vital areas, Sec. 73.55(d)(8).
The Commission received 9 letters commenting on the proposed rule.
Eight were from utilities and one was from an industry group. Copies of
the letters are available for public inspection and copying for a fee
at the Commission's Public Document Room, located at 2120 L Street, NW
(Lower Level), Washington, DC.
Discussion
The public comments supported the proposed rulemaking in general.
Seven of the nine commenters recommended additional relief from the
vehicle escort provisions. One commenter recommended additional relief
from the search requirements for armed guards. Two commenters
recommended changes to the regulations without support that were
outside the scope of this rulemaking.
For three of the changes in the proposed rule, only the language
that had been changed was provided in the proposed rule language. The
language that did not change in those paragraphs was inadvertently
omitted. This language has been put back in the final rule. The three
paragraphs affected are: search requirements for on-duty guards,
Sec. 73.55(d)(1); requirements for vehicle escort, Sec. 73.55(d)(4);
and maintenance of access lists for each vital area,
Sec. 73.55(d)(7)(i)(A).
The comments are discussed below.
Comment Resolution
1. Search Requirements for On-duty Guards (Sec. 73.55(d)(1))
Under the current regulations, armed security guards who leave the
protected area as part of their duties must be searched for firearms,
explosives, and incendiary devices upon re-entry into the protected
area. Requiring a guard to go through an explosives detector or
searching packages carried by the guard protects against the
introduction of contraband. Because an armed guard carries a weapon
onsite, passage of the guard through the metal detector, the principal
purpose of which is to detect firearms, serves little purpose. The
guard has to either remove the weapon while passing through the
detector or be subject to a hands on search. Either approach makes
little sense for the guard who is authorized to carry a weapon onsite.
Further, removing and handling the guard's weapon could present a
safety risk to the guard and other personnel. This rule will allow
armed security guards who are on duty and have exited the protected
area to reenter the protected area without being searched for firearms
(by a metal detector).
Comment. All commenters supported this action. One commenter
recommended that the words ``on official business'' be removed.
Response. The term ``on official business'' has been replaced by
the term ``on duty.'' The rationale given in the proposed rule to
eliminate the searches would also apply when the guard reenters the
protected area at other times, for example, after lunch where the lunch
area is outside the protected area, as is the case at some facilities.
The meaning of ``on duty'' is not meant to extend to ``on call'' or to
personal activities.
The amended rule allows armed security guards who are on duty and
have exited the protected area to reenter the protected area without
being searched for firearms (by a metal detector). Note that the rule
says ``reenter.'' This means that the guards have been searched on
their initial entry into the protected area. Unarmed guards and
watchpersons will continue to meet all search requirements. All guards
will continue to be searched for explosives and incendiary devices
because they are not permitted to carry these devices into the plant.
2. Requirements for Vehicle Escort (Sec. 73.55(d)(4))
The present requirement that a searched, licensee-owned vehicle
within the protected area must be escorted by a member of the security
organization, even when the driver is badged for unescorted access,
does not contribute significantly to the security of the plant. Under
the current regulations, all vehicles must be searched prior to entry
into the protected area except under emergency conditions. Also under
the current regulations, all vehicles must be escorted by a member of
the security organization while inside the protected area except for
``designated licensee vehicles.'' ``Designated licensee vehicles'' are
those vehicles that are limited in their use to onsite plant functions
and remain in the protected area except for operational, maintenance,
repair, security, and emergency purposes. Under the current
requirement, all other vehicles that are not ``designated licensee
vehicles'' must be escorted at all times while in the protected area
even when they are driven by personnel with unescorted access.
Comment. Seven commenters were concerned that the proposed rule
would only allow a vehicle to be unescorted when being operated by
licensee employees having unescorted access. These commenters wanted
this extended to contractor employees who are cleared for unescorted
access as well.
Response. This change has been made. Since both licensee employees
and contractor employees are subject to equivalent access authorization
programs, the level of trustworthiness is deemed to be equivalent.
There is no compelling reason to distinguish between the two. The
amended rule eliminates the requirement for escort of licensee-owned or
leased vehicles entering the protected area for work-related purposes
provided these vehicles are driven by personnel who have unescorted
access. This change provides burden relief to licensees without
significantly increasing the level of risk to the plant.
Comment. Five comments were made that limiting unescorted vehicles
to those that were licensee-owned was unduly restrictive, and wanted
this extended to licensee-owned or leased vehicles. One commenter
wanted it further extended to contractor- or vendor-owned or leased
vehicles.
Response. The rule language was changed to allow for licensee-
leased vehicles to be unescorted when driven by personnel who have
unescorted access. The NRC staff recognizes that licensees may lease
rather than buy vehicles. However, the staff believes that this
provision should not be extended indiscriminately to contractor or
vendor vehicles because licensees have no knowledge or control over how
contractor or vendor vehicles may be used for purposes other than those
for which the licensee has contracted.
[[Page 63642]]
3. Control of Contractor Employee Badges (Sec. 73.55(d)(5))
Contractor employees with unescorted access are required to return
their badges when leaving the protected area. Current regulatory
practice allows licensee employees to leave the protected area with
their badges if adequate safeguards are in place to ensure that the
proper use of the badge is not compromised or that a system such as
biometrics is in place to ensure that only the proper person uses the
badge for gaining access to the protected area. Because contractors and
licensees are subject to the same programs required for unescorted
access, there is no reason to employ more stringent badge control
requirements for contractor employees.
This amended rulemaking allows contractor employees to take their
badges offsite under the same conditions as licensee employees.
Comment. All commenters supported this provision.
Response. The final rule will be published as proposed, with a
sentence added to ensure that the integrity of the access controls are
not adversely affected.
Comment. One commenter wanted the physical differentiation between
contractor and employee badges eliminated.
Response. This comment provided no reason for changing the current
requirement of having employee and contractor badges distinguishable.
Further the staff has no reason to make such a change. Because of this
and the fact that this comment is outside the scope of this rulemaking
this change is not being made.
4. Maintenance of Access Lists for Each Vital Area
(Sec. 73.55(d)(7)(i)(A))
Maintaining separate access lists for each vital area and
reapproval of these lists on a monthly basis is of marginal value. At
many sites, persons granted access to one vital area also have access
to most or all vital areas. Licensees presently derive little
additional benefit from maintaining discrete lists of individuals
allowed access to each separate vital area in the facility. Also,
licensee managers or supervisors are required to update the access
lists at least once every 31 days to add or delete individuals from
these lists as appropriate. There is also a requirement to reapprove
the list every 31 days. However, reapproval of all individuals on the
lists at least every 31 days, to validate that the lists have been
maintained accurately is unnecessarily burdensome.
This rulemaking replaces separate access authorization lists for
each vital area of the facility with a single list of all persons who
have access to any vital area. It also changes the requirement to
reapprove the list at least once every 31 days to quarterly. Reapproval
consists of a review to ensure that the list is current and that only
those individuals requiring routine access to a vital area are
included. Because a manager or supervisor must update the list,
conducting this comprehensive reapproval every 31 days is of marginal
value.
Comment. All commenters supported these provisions.
Response. The final rule will be published as proposed.
The Commission desires to remind licensees that they are
responsible for properly controlling access, and that the changes to
Sec. 73.55(d)(7)(i)(A) do not remove their responsibility to establish
procedures to ensure that persons no longer needing unescorted access
are not granted such access.
5. Key Controls for Vital Areas (Sec. 73.55(d)(8))
Under the current regulations, licensees must change or rotate all
keys, locks, combinations, and related access control devices at least
once every twelve months. The rule also requires that these be changed
whenever there is a possibility they have been compromised, or when an
individual with access to the keys, locks, or combinations has been
terminated for reasons of trustworthiness, reliability, or inadequate
work performance. Additionally requiring such change every 12 months
has been determined by the NRC to be only marginal to security.
This amended rule removes the requirement for changing access
control devices at least every 12 months while retaining the
requirement to make changes for cause, and when an access control
device has been, or there is a suspicion that it may have been,
compromised.
Comment. One commenter requested that the words ``inadequate work
performance'' in the rule language be removed or defined.
Response. The NRC sees no need to define ``inadequate work
performance'' because the term characterizes many factors and
judgements involving removal for cause. Further, the comment is outside
the scope of this rulemaking.
Regulatory Action
The final rule will be promulgated with the changes made to the
proposed rule in response to the public comments. Two of the public
comments were not accommodated because they requested changes to the
regulations that were not put forward in the proposed rule.
Environmental Impact: Categorical Exclusion
The Commission has determined that this final rule is the type of
action described as a categorical exclusion in 10 CFR 51.22(c)(3)(i).
Therefore, neither an environmental impact statement nor an
environmental assessment has been prepared for this final rule.
Paperwork Reduction Act Statement
This final rule amends information collection requirements that are
subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et
seq.). These requirements were approved by the Office of Management and
Budget, approval number 3150-0002.
Because the rule will reduce existing information collection
requirements, the public burden for this collection of information is
expected to be decreased by 100 hours per licensee. This reduction
includes the time required for reviewing instructions, searching
existing data sources, gathering and maintaining the data needed, and
completing and reviewing the collection of information. Send comments
on any aspect of this collection of information, including suggestions
for further reducing the burden, to the Information and Records
Management Branch (T-6 F33), U.S. Nuclear Regulatory Commission,
Washington, DC 20555-0001, or by Internet electronic mail to
[email protected]; and to the Desk Officer, Office of information and
Regulatory Affairs, NEOB-10202, (3150-0002), Office of Management and
Budget, Washington, DC 20503.
Public Protection Notification
The NRC may not conduct or sponsor, and a person is not required to
respond to, a collection of information unless it displays a currently
valid OMB control number.
Regulatory Analysis
A discussion of each of the five changes in this final rule is
provided above in the supplementary information section. The costs and
benefits for each of the changes in this rulemaking are as follows.
1. Search Requirements for On-Duty Guards (Sec. 73.55(d)(1))
The regulatory burden on licensees will be reduced by eliminating
unnecessary weapon searches of guards who are already allowed to carry
a
[[Page 63643]]
weapon on site, which will result in better utilization of licensee
resources. There will be no reduction in plant security, and there is
no reduction in the total size of the security force. Further, the
potential safety risk to personnel caused by removing and handling a
guard's weapon will be eliminated.
2. Requirements for Vehicle Escort (Sec. 73.55(d)(4))
The regulatory burden on licensees will be reduced by requiring
fewer vehicle escorts, which will allow personnel to be utilized more
effectively or for other purposes. Resources could be redirected to
areas in which they will be more cost effective. The decrease in
security will be marginal, because unescorted access will be restricted
to vehicles owned or leased by the licensee being driven by personnel
with unescorted access.
Assuming the number of such entries of licensee owned or leased
vehicles driven by personnel having unescorted access is 10 per day per
site, the average time needed for escort is 3 hours, and the cost per
hour for security personnel is $30 (loaded), a rough estimate of the
potential savings per site per year is about $330,000 (10 escorts/day/
site x 365 days/year x 3 hrs/escort x $30/hr). With 75 sites, the
savings to the industry per year will be approximately $24,000,000.
3. Control of Contractor Employee Badges (Sec. 73.55(d)(5))
The regulatory burden on licensees will be reduced by a more
effective use of security personnel, who will no longer need to handle
badges for contractor personnel who have unescorted access. There will
be no reduction in plant security because adequate safeguards will be
in place to ensure that badges are properly used and not compromised,
and a system such as biometrics is in place to ensure that only the
proper person uses the badge to gain access to the protected area.
Assuming that two security persons per working shift change, 5
shifts per day, one hour per shift are relieved from the duties of
controlling contractor employee badges during an outage lasting 3
months. Further, assuming that the cost per hour for security personnel
is $30 (loaded), a rough estimate of the potential savings per site per
year is about $27,000 (10 hours/day x 90 days/year x $30 hr). With
75 sites, the savings to the industry per year will be approximately
$2,000,000.
4. Maintenance of Access Lists for Each Vital Area
(Sec. 73.55(d)(7)(i)(A))
The regulatory burden on licensees will be reduced because
licensees will have to keep only one access list for all vital areas
and reapprove it quarterly, rather than keep individual access lists
for each vital area that must be reapproved monthly.
Assuming that the time to reapprove each of the individual lists is
1 hour per month, that a combined list will take 1.5 hours per month,
that the average number of vital areas per site is 10, and that the
cost of a clerk including overhead is $30 per hour (loaded), a rough
estimate of the potential savings per site per year is about $3,400
[(1 x 10 vital areas/month x 12 months/yr-1.5 x 1 combined vital
area/quarter x 4 quarters/yr) x $30/hr]. With 75 sites, the savings
to the industry per year will be approximately $260,000.
5. Key Controls for Vital Areas (Sec. 73.55(d)(8))
The regulatory burden on the licensees will be reduced because
fewer resources will be needed to maintain the system.
Assuming that, of approximately 60 locks that are changed each year
under the current requirement, half of them were changed because an
individual was removed for cause or the lock may have been compromised,
30 locks remain in need of change. Assuming that it takes a locksmith
10 hours to change all 30 locks at a cost (loaded) of $45 per hour, a
rough estimate of the potential savings per site per year is about $450
(10 hrs/year x $45/hr). With 75 sites, the savings to the industry
per year will be approximately $34,000.
Regulatory Flexibility Certification
As required by the Regulatory Flexibility Act as amended, 5 U.S.C.
605(b), the Commission certifies that this final rule, if adopted, will
not have a significant economic impact on a substantial number of small
entities. This final rule will affect only licensees authorized to
operate nuclear power reactors. These licensees do not fall within the
scope of the definition of ``small entities'' set forth in the
Regulatory Flexibility Act, or the Small Business Size Standards set
out in regulations issued by the Small Business Administration Act, 13
CFR part 121.
Small Business Regulatory Enforcement Fairness Act
In accordance with the Small Business Regulatory Enforcement
Fairness Act of 1996, the NRC has determined that this action is not a
major rule and has verified this determination with the Office of
Information and Regulatory Affairs, Office of Management and Budget.
Backfit Analysis
The Commission has determined that the backfit rule, 10 CFR 50.109,
does not apply to this final amendment because this amendment will not
impose new requirements on existing 10 CFR part 50 licensees. The
changes to physical security are voluntary and should the licensee
decide to implement this amendment, will be a reduction in burden to
the licensee. Therefore, a backfit analysis has not been prepared for
this amendment.
List of Subjects in 10 CFR Part 73
Criminal penalties, Hazardous materials transportation, Export,
Import, Nuclear materials, Nuclear power plants and reactors, Reporting
and recordkeeping requirements, Security measures.
For the reasons set out in the preamble and under the authority of
the Atomic Energy Act of 1954, as amended; the Energy Reorganization
Act of 1974, as amended; and 5 U.S.C. 552 and 553; the NRC is adopting
the following amendments to 10 CFR part 73.
PART 73--PHYSICAL PROTECTION OF PLANTS AND MATERIALS
1. The authority citation for Part 73 continues to read as follows:
Authority: Secs. 53, 161, 68 Stat. 930, 948, as amended, sec.
147, 94 Stat. 780 (42 U.S.C. 2073, 2167, 2201); sec. 201, as
amended, 204, 88 Stat. 1242, as amended, 1245, sec. 1701, 106 Stat.
2951, 2952, 2953 (42 U.S.C. 5841, 5844, 2297f).
Section 73.1 also issued under secs. 135, 141, Pub. L. 97-425, 96
Stat. 2232, 2241 (42 U.S.C. 10155, 10161). Section 73.37(f) also issued
under sec. 301, Pub. L. 96-295, 94 Stat. 789 (42 U.S.C. 5841 note).
Section 73.57 is issued under sec. 606, Pub. L. 99-399, 100 Stat. 876
(42 U.S.C. 2169).
2. Section 73.55 is amended by revising paragraphs (d)(1), (d)(4),
(d)(5), (d)(7)(i)(A), and (d)(8) to read as follows:
Sec. 73.55 Requirements for physical protection of licensed activities
in nuclear power reactors against radiological sabotage.
* * * * *
(d) * * *
(1) The licensee shall control all points of personnel and vehicle
access into a protected area. Identification and search of all
individuals unless otherwise provided in this section must be made and
authorization must be checked at these points. The search
[[Page 63644]]
function for detection of firearms, explosives, and incendiary devices
must be accomplished through the use of both firearms and explosive
detection equipment capable of detecting those devices. The licensee
shall subject all persons except bona fide Federal, State, and local
law enforcement personnel on official duty to these equipment searches
upon entry into a protected area. Armed security guards who are on duty
and have exited the protected area may reenter the protected area
without being searched for firearms. When the licensee has cause to
suspect that an individual is attempting to introduce firearms,
explosives, or incendiary devices into protected areas, the licensee
shall conduct a physical pat-down search of that individual. Whenever
firearms or explosives detection equipment at a portal is out of
service or not operating satisfactorily, the licensee shall conduct a
physical pat-down search of all persons who would otherwise have been
subject to equipment searches. The individual responsible for the last
access control function (controlling admission to the protected area)
must be isolated within a bullet-resisting structure as described in
paragraph (c)(6) of this section to assure his or her ability to
respond or to summon assistance.
* * * * *
(4) All vehicles, except under emergency conditions, must be
searched for items which could be used for sabotage purposes prior to
entry into the protected area. Vehicle areas to be searched must
include the cab, engine compartment, undercarriage, and cargo area. All
vehicles, except as indicated in this paragraph, requiring entry into
the protected area must be escorted by a member of the security
organization while within the protected area and, to the extent
practicable, must be off loaded in the protected area at a specific
designated materials receiving area that is not adjacent to a vital
area. Escort is not required for designated licensee vehicles or
licensee-owned or leased vehicles entering the protected area and
driven by personnel having unescorted access. Designated licensee
vehicles shall be limited in their use to onsite plant functions and
shall remain in the protected area except for operational, maintenance,
repair, security and emergency purposes. The licensee shall exercise
positive control over all such designated vehicles to assure that they
are used only by authorized persons and for authorized purposes.
(5)(i) A numbered picture badge identification system must be used
for all individuals who are authorized access to protected areas
without escort. An individual not employed by the licensee but who
requires frequent and extended access to protected and vital areas may
be authorized access to such areas without escort provided that he or
she displays a licensee-issued picture badge upon entrance into the
protected area which indicates:
(A) Non-employee no escort required;
(B) Areas to which access is authorized; and
(C) The period for which access has been authorized.
(ii) Badges shall be displayed by all individuals while inside the
protected area. Badges may be removed from the protected area when
measures are in place to confirm the true identity and authorization
for access of the badge holder upon entry into the protected area.
* * * * *
(7) * * *
(i) * * *
(A) Establish a current authorization access list for all vital
areas. The access list must be updated by the cognizant licensee
manager or supervisor at least once every 31 days and must be
reapproved at least quarterly. The licensee shall include on the access
list only individuals whose specific duties require access to vital
areas during nonemergency conditions.
* * * * *
(8) All keys, locks, combinations, and related access control
devices used to control access to protected areas and vital areas must
be controlled to reduce the probability of compromise. Whenever there
is evidence or suspicion that any key, lock, combination, or related
access control devices may have been compromised, it must be changed or
rotated. The licensee shall issue keys, locks, combinations and other
access control devices to protected areas and vital areas only to
persons granted unescorted facility access. Whenever an individual's
unescorted access is revoked due to his or her lack of trustworthiness,
reliability, or inadequate work performance, keys, locks, combinations,
and related access control devices to which that person had access,
must be changed or rotated.
* * * * *
Dated at Rockville, Maryland, this 24th day of November, 1997.
For the Nuclear Regulatory Commission.
John C. Hoyle,
Secretary of the Commission.
[FR Doc. 97-31515 Filed 12-1-97; 8:45 am]
BILLING CODE 7590-01-P