90 FR 11 pgs. 5743-5746 - Law Enforcement Response in Power Reactor Physical Protection Programs
Type: PRORULEVolume: 90Number: 11Pages: 5743 - 5746
Pages: 5743, 5744, 5745, 5746Docket number: [NRC-2024-0167]
FR document: [FR Doc. 2025-00974 Filed 1-16-25; 8:45 am]
Agency: Nuclear Regulatory Commission
Official PDF Version: PDF Version
[top]
NUCLEAR REGULATORY COMMISSION
10 CFR Part 73
[NRC-2024-0167]
Law Enforcement Response in Power Reactor Physical Protection Programs
AGENCY:
Nuclear Regulatory Commission.
ACTION:
Proposed interpretive rule; request for comment.
SUMMARY:
The U.S. Nuclear Regulatory Commission (NRC) is issuing a notice of proposed interpretation of regulatory requirements to clarify that a power reactor applicant or licensee may, when designing or updating its physical protection program, incorporate law enforcement response into its site physical protection program through the implementation of a site-specific Security Bounding Time. This proposed interpretation would provide flexibility to applicants and licensees by allowing them to consider the assistance of law enforcement responders as part of the physical protection program. The NRC is requesting comment on the proposed interpretation and will hold a public meeting during the public comment period to address questions regarding the proposed interpretation and to facilitate public comments.
DATES:
Submit comments on the proposed interpretation by March 3, 2025. Comments received after this date will be considered if it is practical to do so, but the NRC is able to ensure consideration only for comments received before this date.
ADDRESSES:
You may submit comments by any of the following methods; however, the NRC encourages electronic comment submission through the Federal rulemaking website:
• Federal Rulemaking website: Go to https://www.regulations.gov and search for Docket ID NRC-2024-0167. Address questions about NRC dockets to Helen Chang; telephone: 301-415-3228; email: Helen.Chang@nrc.gov. For technical questions contact the individuals listed in the FOR FURTHER INFORMATION CONTACT section of this document.
• Email comments to: Rulemaking.Comments@nrc.gov. If you do not receive an automatic email reply confirming receipt, then contact us at 301-415-1677.
• Fax comments to: Secretary, U.S. Nuclear Regulatory Commission at 301-415-1101.
• Mail comments to: Secretary, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001, ATTN: Rulemakings and Adjudications Staff.
• Hand deliver comments to: 11555 Rockville Pike, Rockville, Maryland 20852, between 7:30 a.m. and 4:15 p.m. eastern time, Federal workdays; telephone: 301-415-1677.
You can read a plain language description of this proposed interpretation at https://www.regulations.gov/docket/NRC-2024-0167. For additional direction on obtaining information and submitting comments, see "Obtaining Information and Submitting Comments" in the SUPPLEMENTARY INFORMATION section of this document.
FOR FURTHER INFORMATION CONTACT:
Wellington Tejada, Office of Nuclear Security and Incident Response, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001; telephone: 301-415-1623; email: Wellington.Tejada@nrc.gov.
SUPPLEMENTARY INFORMATION:
I. Obtaining Information and Submitting Comments
A. Obtaining Information
Please refer to Docket ID NRC-2024-0167 when contacting the NRC about the availability of information for this action. You may obtain publicly available information related to this action by any of the following methods:
• Federal Rulemaking Website: Go to https://www.regulations.gov and search for Docket ID NRC-2024-0167.
• NRC's Agencywide Documents Access and Management System (ADAMS): You may obtain publicly available documents online in the ADAMS Public Document collection at https://www.nrc.gov/reading-rm/adams.html. To begin the search, select "Begin Web-based ADAMS Search." For problems with ADAMS, please contact the NRC's Public Document Room (PDR) reference staff at 1-800-397-4209, 301-415-4737, or by email to PDR.Resource@nrc.gov. For the convenience of the reader, instructions about obtaining materials referenced in this document are provided in the "Availability of Documents" section.
• NRC's PDR: The PDR, where you may examine and order copies of publicly available documents, is open by appointment. To make an appointment to visit the PDR, please send an email to PDR.Resource@nrc.gov or call 1-800-397-4209 or 301-415-4737, between 8 a.m. and 4 p.m. eastern time, Monday through Friday, except Federal holidays.
B. Submitting Comments
The NRC encourages electronic comment submission through the Federal rulemaking website ( https://www.regulations.gov ). Please include Docket ID NRC-2024-0167 in your comment submission.
The NRC cautions you not to include identifying or contact information that you do not want to be publicly disclosed in your comment submission. The NRC will post all comment submissions at https://www.regulations.gov as well as enter the comment submissions into ADAMS. The NRC does not routinely edit comment submissions to remove identifying or contact information.
If you are requesting or aggregating comments from other persons for submission to the NRC, then you should inform those persons not to include identifying or contact information that they do not want to be publicly disclosed in their comment submission. Your request should state that the NRC does not routinely edit comment submissions to remove such information before making the comment submissions available to the public or entering the comment into ADAMS.
II. Background
[top] In the NRC's regulatory framework, power reactor licensees regulated under title 10 of the Code of Federal Regulations (10 CFR) part 50, "Domestic Licensing of Production and Utilization Facilities, or 10 CFR part 52, "Licenses, Certifications, and Approvals for Nuclear Power Plants," are required to provide physical protection sufficient to prevent radiological sabotage from a hostile adversary, the characteristics of which fall within a defined design basis threat (DBT). The DBT of radiological
In 2005, the NRC undertook a rulemaking to revise the DBT of radiological sabotage as directed by Section 651 of the Energy Policy Act of 2005. In the final rule, "Design Basis Threat," the Commission set forth its views on the corresponding roles of licensee security forces and offsite Federal and State law enforcement agencies in protecting against the threats applicable to power reactors (72 FR 12705). As the Commission explained, the DBT reflects the Commission's determination of the composite set of adversary features against which private security forces should reasonably have to defend. Although the rule sets an upper limit on the threat that must be considered in the design of licensee security programs, the Commission noted that the defense of our Nation's critical infrastructure is a shared responsibility between the NRC, the Department of Defense, the Department of Homeland Security, Federal and State law enforcement, and other Federal agencies. The Commission also noted that, although licensees are not required to develop protective strategies to defend against beyond-DBT events, it should not be concluded that licensees can provide no defense against those threats. The Commission expressed its confidence that a licensee's security force would respond to any threat-no matter the size or capabilities-that may present itself, and the Commission stated that it expects that licensees and Federal and State authorities will use whatever resources are necessary in response to both DBT and beyond-DBT events.
In 2006, the Commission undertook a separate rulemaking effort to amend its security regulations in §?73.55 and add new security requirements pertaining to nuclear power reactors. As revised in the 2009 final rule, "Power Reactor Security Requirements," the NRC regulations in §?73.55(b)(1) through (3) provide a general performance objective and requirements for a licensee to establish and maintain a physical protection program that must protect against the DBT of radiological sabotage (74 FR 13926). Specific requirements for the design and implementation of the physical protection program are provided in §?73.55(c) through (q). These regulatory requirements establish that the licensee has the ultimate responsibility for protecting an operating power reactor site against an adversary force up to and including the DBT of radiological sabotage. In the 2009 final rule, the Commission further stated that a licensee's ability to defend against the DBT of radiological sabotage is not dependent on the availability of offsite responders.
Taken together, the 2007 and 2009 final rules reflect an interpretation of the security regulations that required licensees to establish a physical protection program, including a private security organization, that is capable of defending against the DBT without the assistance of local, State, or Federal law enforcement. As currently implemented, licensee physical protection programs do not include credit for local, State, or Federal law enforcement response. While §?73.55(k)(9) and paragraph II.B.3.d in appendix C to 10 CFR part 73 require licensees to document and maintain response agreements with law enforcement agencies to the extent practicable, licensees do not recognize this law enforcement response as an essential contributor for how the site will defend against the DBT.
On October 9, 2018, the Commission issued Staff Requirements Memorandum (SRM) to SECY-17-0100, "Staff Requirements-SECY-17-0100-Security Baseline Inspection Program Assessment Results and Recommendations for Program Efficiencies," and directed the staff to provide recommendations for providing credit for response by local, State, and Federal law enforcement in the NRC's security inspection program. On July 30, 2020, in SECY-20-0070, "Technical Evaluation of the Security Bounding Time Concept for Operating Nuclear Power Plants," the NRC staff presented the Commission with a methodology for power reactor licensees to incorporate law enforcement response into their physical protection programs and leverage additional operator actions and equipment to further strengthen site capabilities to protect against the DBT of radiological sabotage through a site-specific Security Bounding Time (SBT). A redacted version of SECY-20-0070 is publicly available and describes how the SBT concept could be implemented at a power reactor site.
On June 6, 2024, the Commission issued SRM-SECY-20-0070, "Staff Requirements-SECY-20-0070-Technical Evaluation of the Security Bounding Time Concept for Operating Nuclear Power Plants," approving the staff's recommendation to reinterpret existing security regulations through a notice of interpretation. This proposed interpretation of regulatory requirements would reinterpret §?73.1 and §?73.55 to allow a licensee to consider the assistance of law enforcement responders as part of its physical protection program through a site-specific SBT and revise its security plans and site procedures to reflect this reading of the regulations in part 73.
III. Proposed Interpretation
Under the regulatory requirements in §?3.55(b)(1) through (3), operating power reactor licensees are required to establish and maintain a physical protection program, to include a security organization, with the capabilities to detect, assess, interdict, and neutralize threats up to and including the DBT of radiological sabotage at all times. This proposed interpretation would allow operating power reactor licensees to establish a site-specific SBT that incorporates law enforcement response as a component of a physical protection program that meets the requirements of §?73.55(b)(1) through (3). The SBT concept would provide a methodology for developing robust tactical response plans with participating law enforcement agencies to preclude prolonged adversary interference with plant operator actions following the initiation of an attack. A site-specific SBT represents the amount of time, following the initiation of an attack, needed to execute this response plan, preclude adversary interference, and complete any planned operator actions to prevent damage to the reactor core or spent fuel. A more detailed description of the SBT concept is found in SECY-20-0070.
[top] A licensee that chooses to develop an SBT, through the incorporation of law enforcement response as a component of its physical protection program, will be responsible for justifying its site-specific SBT and providing assurance that its overall physical protection program meets the requirements of §?73.55(b)(1) through (3). Licensees cannot compel law enforcement agencies to maintain the capabilities documented in any specific agreements they have with licensees, and the NRC does not have regulatory authority over law enforcement agencies. Nevertheless, the NRC has confidence that, when called upon, law enforcement agencies will honor their commitments. As stated in the 2007 DBT final rule, the Commission expects that licensees and State and Federal authorities will use whatever resources are necessary in response to both DBT and beyond-DBT events. Additionally, the Commission has recognized in its regulations, in the
The inclusion of law enforcement response in the licensee's physical protection program does not mean that law enforcement responders are subject to the same training requirements as members of the licensee's security organization. The NRC's regulations in §?73.55(d)(3) state that the licensee may not permit any individual to implement any part of the physical protection program unless the individual has been trained, equipped, and qualified to perform their assigned duties and responsibilities in accordance with section VI of appendix B to 10 CFR part 73 and the licensee's Training and Qualification Plan. Further, §?73.55(k)(1) states that the licensee shall establish and maintain, at all times, properly trained, qualified and equipped personnel required to interdict and neutralize threats up to and including the DBT of radiological sabotage, to prevent significant core damage and spent fuel sabotage. These provisions are properly applied solely to the licensee's own personnel ( i.e., employees or contractors), and not to any law enforcement responders who may be part of the law enforcement response that would be considered a component of the physical protection program through a site-specific SBT. Although law enforcement responders may be considered a part of the licensee's physical protection program, they should not be considered security personnel or members of the licensee's security organization required by §?73.55(d)(1), nor should they be considered among the individuals subject to the requirements of §?73.55(d)(3).
IV. Discussion
This proposed interpretation, if issued, would apply to any licensee of an operating power reactor or applicant for a power reactor license under 10 CFR part 50 or part 52. The NRC expects that the proposed interpretation would allow applicants and licensees to consider, when designing their physical protection programs, that law enforcement agencies will exercise their best efforts to protect the health and safety of the public.
The proposed interpretation would not supplant any physical protection strategies currently permitted under the NRC's regulations. Rather, the proposed interpretation explains that applicants and licensees could consider the expected law enforcement response, developed and documented in accordance with the SBT concept, as part of the physical protection program and revise their security plans and site procedures to reflect this consideration. The proposed interpretation would recognize how, following initiation of an attack, the security at a site evolves over time and additional support from law enforcement is expected to be provided to the licensee to continue to defend against the DBT. Recognizing the role of law enforcement support in a licensee's physical protection program does not reduce the NRC's confidence that licensees can maintain adequate physical protection of their sites against the DBT.
The NRC intends to issue regulatory guidance for developing acceptable site-specific SBTs and associated response plans with participating law enforcement agencies. This guidance will describe planning considerations and tactical response plan elements that should be included in a site-specific SBT. Additionally, the NRC intends to issue regulatory guidance to assist licensees in determining whether Commission approval would be required prior to implementing an SBT at an operating power reactor facility. In accordance with §?50.54(p)(1), licensees may not make a change which would decrease the effectiveness of a physical security plan without prior Commission approval. Prior Commission approval is not required if the changes do not decrease the safeguards effectiveness of the plan; however, these changes must be reported to the NRC within 2 months after the change is made. Implementing an SBT at a site would require a change to the site's security plans, and licensees would need to use existing site or fleet processes to assess the impact of SBT implementation on the effectiveness of the site security plans prior to implementation. The regulatory guidance would include a method that the NRC considers acceptable to determine whether a change would decrease the safeguards effectiveness of the plan, particularly as it relates to SBT implementation, to ensure the appropriate level of NRC review is completed. The NRC plans to solicit public comment on the proposed regulatory guidance in calendar year 2025.
V. Backfit and Issue Finality Considerations
Under §?50.109(a), backfitting is defined in part as the NRC's imposition of staff interpretations of its regulations on nuclear power reactor licensees or certain nuclear power reactor applicants. Provisions analogous to the backfitting requirements, referred to as issue finality provisions, appear in 10 CFR part 52.
The proposed interpretation of regulatory requirements would expand the options available for licensee physical protection programs to meet the NRC's regulatory requirements. Under the proposed interpretation, a licensee could continue to comply with the requirements of its current licensing basis or voluntarily choose to adopt an SBT by revising its security plans and site procedures to reflect the role of law enforcement in the site protective strategy. Because the NRC would not be imposing a staff interpretation of the regulations on nuclear power reactor licensees, this proposed interpretation would not meet the definition of backfitting under §?50.109 and, therefore, would not constitute a backfit or affect the issue finality of any approval issued under 10 CFR part 52.
VI. Request for Comments
The NRC is requesting comments on this proposed interpretation of regulatory requirements. The NRC will publish a document in the Federal Register containing an evaluation of the significant comments and any revisions to this proposed interpretation resulting from the comments and their evaluation.
VII. Availability of Documents
[top]
| Document | ADAMS accession No./weblink/ Federal Register citation |
|---|---|
| Design Basis Threat, Final Rule, March 19, 2007 | 72 FR 12705. |
| Power Reactor Security Requirements, Final Rule, March 27, 2009 | 74 FR 13926. |
| SRM-SECY-17-0100, "Staff Requirements-SECY-17-0100-Security Baseline Inspection Program Assessment Results and Recommendations for Program Efficiencies," October 9, 2018 | ML18283A072. |
| SECY-20-0070, "Technical Evaluation of the Security Bounding Time Concept for Operating Nuclear Power Plants" (Redacted), November 8, 2021 | ML20126G265. |
| SRM-SECY-20-0070, "Staff Requirements-SECY-20-0070-Technical Evaluation of the Security Bounding Time Concept for Operating Nuclear Power Plants," June 6, 2024 | ML24158A083. |
| Energy Policy Act of 2005 (Pub. L. 109-58) | https://www.govinfo.gov/app/details/PLAW-109publ58 . |
VIII. Paperwork Reduction Act
This proposed interpretation does not contain any new or amended collections of information subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq. ). Existing collections of information were approved by the Office of Management and Budget (OMB), approval numbers 3150-0002 and 3150-0011.
Public Protection Notification
The NRC may not conduct or sponsor, and a person is not required to respond to, a collection of information unless the document requesting or requiring the collection displays a currently valid OMB control number.
IX. Public Meeting
The NRC plans to conduct a public meeting to address questions regarding the proposed interpretation. The NRC will publish a notice of the location, time, and agenda of the meeting on the NRC's public meeting website at least 10 calendar days before the meeting. Stakeholders can monitor the NRC's public meeting website for information about the public meeting at https://www.nrc.gov/public-involve/public-meetings/index.cfm.
Dated December 9, 2024.
For the Nuclear Regulatory Commission.
John McKirgan,
Director, Division of Physical and Cyber Security Policy, Office of Nuclear Security and Incident Response.
[FR Doc. 2025-00974 Filed 1-16-25; 8:45 am]
BILLING CODE 7590-01-P