What is security by design, and why is it important?
According to NSS No. 27-G, security by design (SeBD) is an approach whereby the design of new nuclear facilities takes nuclear security into account, so that the required level of security is provided in a cost-effective way that is compatible with operations, safety, and nuclear material accounting and control. In other words, nuclear security is fully integrated into the design process of a nuclear reactor or facility, as early as possible. SeBD emphasizes incorporating protection-related elements early and continuously throughout the nuclear reactor or facility design process based on systems design and engineering principles.
NNSA and national laboratory expertise may be available as a resource for U.S. reactor designers on technical recommendations for SeBD topics of physical security, nuclear material accounting, insider threat, cyber security, transport security and sabotage mitigation capabilities.
Currently, there is a lack of an internationally accepted regulatory framework on how to incorporate SeBD principles into advanced reactor designs; however, this is also under development, and NNSA fully supports government, industry, and international organizational collaboration to develop such a framework.
Key Security Concepts within SeBD:
For optimum efficiency and effectiveness, address nuclear security as part of a comprehensive systems approach along with safety and safeguards (3S).
Take physical protection into account as early as possible in site selection and design.
Work with governments of countries, especially regulatory authorities, to which your company plans to export to define the design basis threat and unacceptable consequences. Threats from both insider and external adversaries should be included in the design basis threat.
Use a graded approach to security where the level of physical protection should depend on the categories of the nuclear material or levels of unacceptable consequences.
Consider both likelihood and consequence of theft and sabotage in evaluating system effectiveness of physical protection systems.
What NNSA resources and recommendations exist for SeBD?
NNSA’s federal and national laboratory nuclear security technical experts have decades of combined nuclear security technical expertise domestically and internationally. NNSA works with other DOE and U.S. Government entities in countries embarking on and expanding nuclear power programs to ensure that the regulatory frameworks and operational capabilities can meet international standards. These experts are available to provide technical guidance on:
Current and emerging technologies
Theft and sabotage risk mitigation
Finding the right balance between security, efficiency, and cost early in the process ensures that U.S. designs and business cases are competitive and successful in the global marketplace. NNSA and national laboratory experts are prepared to work with industry to help them understand SeBD.
NNSA and the national laboratories strongly recommend that U.S. companies desiring to export their nuclear technologies take all appropriate technical resources into consideration when incorporating security into their designs. NNSA and the national laboratories will continue to develop and share good practices, lessons learned, and relevant technical resources for advanced reactors. See below for examples of these resources.
Sandia National Laboratories’ “Security-by-Design Handbook”
(SAND2013-0038) provides guidance on incorporating a physical protection system at the design phase to minimize risks of malicious acts and a strategy to achieve a robust, durable and responsive security system.
Idaho National Laboratory’s “Cyber-Informed Engineering”
Report (INL/EXT-16-40099) provides a framework to identify and address cyber vulnerabilities in the design process, bridging the gap between engineering design and cyber-security.
How can industry collaborate with NNSA?
To develop a partnership with industry, the DOE national laboratories can enter:
Nondisclosure Agreements (NDAs)
Cooperative Research and Development Agreements (CRADAs)
to have detailed discussions of technologies that can include proprietary information
which enable industry to work hand-in-hand with lab scientists to develop new technologies or further develop them
Special Partnership Projects (SPPs)
User Facility Agreements (UFAs)
to fund directed work by lab scientists and use of lab equipment to test industry technology, provide a proof of concept for industry technology, or for partner-specific research and development (R&D) activities
for industry partners to do their own experiments using unique and state of the art facilities not commonly available in the commercial world
Ongoing and Future Opportunities
Webinars, Information Sessions, and Stakeholder Meetings
Providing experts to INS supported IAEA activities
Analysis at DOE Labs to support overall industry needs