Login using IAM
Section 1: Objective
1. This regulation provides regulatory requirements for the physical protection of nuclear facilities and nuclear material, including during transport, against malicious acts.
Section 2: Scope
2. This regulation shall apply to general aspects of nuclear security of nuclear facility and nuclear material in use, storage and during transport.
3. This regulation prescribes the nuclear security requirements for the authorized person of a nuclear facility and nuclear material as stipulated in the Regulation on Licensing and Regulatory Oversight of Nuclear Facilities (NRRC-R-03) and the Regulation on Notification on and Authorization of Facilities and Activities with Radiation Sources (NRRC-R-02).
4. This regulation prescribes the nuclear security requirements for the licensee of a nuclear material in transport as stipulated in the Regulation on Safe Transport of Radioactive Materials (NRRC-R-15).
5. This regulation does not address nuclear security requirement for radioactive material that is prescribed in the Regulation on Security of Radioactive Materials (NRRC-R-17).
Section 3: Definitions
Access control
Means to ensure that access is authorized and restricted based on business and security requirements.
Adversary
Any individual performing or attempting to perform a malicious act, an adversary may be an insider, outsider, or collusion of both.
Assessment
The process of analyzing systematically and evaluating an information alert or an instrument alarm to determine whether a nuclear security event has occurred.
Carrier
Any person or organization engaged in the transport of nuclear material with responsibility for implementing and maintaining security measures in accordance with national requirements.
Central alarm station
An installation which provides for the complete and continuous alarm monitoring, assessment and communication with guards, facility management, and response forces.
Competent security agencies
A governmental organization or institution that has been designated by in the Kingdom to carry out one or more nuclear security functions.
Cybersecurity
Protection of networks, IT systems, operational technologies systems and their components of hardware and software, their services and the data they contain, from any penetration, disruption, modification, access, use or unauthorized exploitation. The concept of cybersecurity also includes information security and digital security.
Confidentiality
The prevention of the disclosure of sensitive information that could compromise physical protection.
Contingency plan
A predefined set of actions for response to unauthorized acts indicative of attempted unauthorized removal or sabotage, including threats thereof, designed to effectively counter such acts.
Control (of nuclear material)
shall mean activities, devices, systems, and procedures that ensure that the continuity of knowledge (e.g., location, quantitative measurements) about nuclear material is maintained.
Information and Cybersecurity plan
A plan for the implementation of the information protection and cybersecurity policy specifying organizational roles, responsibilities, and procedures.
Computer-based systems
The computation, communication, instrumentation and control devices that make up functional elements of a facility or activity, including desktop computers, mainframe systems, servers and network devices, as well as lower-level components such as embedded systems and programmable logic controllers.
Delay
The element of a physical protection system designed to increase adversary penetration time for entry and/or exit from the nuclear facility or transport.
Defense in depth
The combination of multiple layers of systems and measures that have to be overcome or circumvented before nuclear security is compromised.
Design basis threat
The attributes and characteristics of potential insider and/or external adversaries who might attempt unauthorized removal or sabotage against which a physical protection system is designed and evaluated.
Detection
A process in a physical protection system that begins with sensing potentially malicious or otherwise unauthorized activity and that is completed with the assessment of the cause of the alarm.
Effective intervention
An intervention that is timely and powerful enough to prevent a person or group of persons, including those equipped with weapons or explosive material, from committing an unauthorized removal or sabotage.
Graded approach
The application of nuclear security measures proportional to the potential consequences of a malicious act.
Guard
A person who is entrusted with responsibility for patrolling, monitoring, assessing, escorting individuals or transport, controlling access and/or providing an initial response.
Information security
The preservation of the confidentiality, integrity and availability of information.
Insider
One or more individuals with authorized access to nuclear facilities or nuclear material in transport who could attempt unauthorized removal or sabotage, or who could aid an external adversary to do so.
Malicious act
Any act or attempt of unauthorized removal or sabotage.
Nuclear security
The prevention and detection of and response to theft, sabotage, unauthorized access, illegal transfer, or other malicious acts involving nuclear material, other radioactive substances, or their associated facilities.
Nuclear security culture
The characteristics, attitudes and behaviors of individuals, organizations and institutions which serves as a means to support, enhance, and sustain nuclear security.
Nuclear security event
An event that has potential or actual implications for nuclear security that must be addressed.
Nuclear security measures
Measures intended to prevent a nuclear security threat from completing criminal or intentional unauthorized acts involving or directed at nuclear material, other radioactive material, associated facilities, or associated activities or to detect or respond to nuclear security events.
Off-site response force
The armed competent security agencies forces whose members are not located at a nuclear facility.
On-site nuclear response force
A team of personnel whose members are -
(a) Trained in the use of firearms, permitted to carry firearms in the Kingdom and qualified to use them, and
(b) Permanently located at a high-security site.
Performance testing
Testing of nuclear security measures and the physical protection system to determine whether or not they are implemented as designed; adequate for the proposed natural, industrial and threat environments; and in compliance with established performance requirements.
Physical barrier
A fence, wall or similar impediment which provides access delay and complements access control.
Physical protection measures
The personnel, procedures, and equipment that constitute a physical protection system.
Physical protection system
An integrated set of nuclear security measures intended to prevent the completion of a malicious act.
Quality assurance
A process that provides confidence that the physical protection requirements are satisfied on a continuing basis.
Response
All the activities by the Kingdom that involve assessing and responding to a nuclear security event.
Response forces
Persons, on-site or off-site, who are armed and appropriately equipped and trained to counter an attempted unauthorized removal or an act of sabotage.
Risk assessment
Overall process systematically identifying, estimating, analysing, and evaluating the risk
Sensitive information
The information in which, the unauthorized disclosure (or modification, alteration, destruction or denial of use) of which could compromise nuclear security or otherwise assist in the carrying out of a malicious act against a nuclear facility, organization or transport.
Sabotage
Any deliberate act directed against a nuclear facility or nuclear material in use, storage or transport which could directly or indirectly endanger the health and safety of personnel, the public or the environment by exposure to radiation or release of radioactive substances.
Security area
For the purpose of implementing defense in depth principle by assigning areas as the following:
I. Limited access area: designated area containing a nuclear facility and nuclear material to which access is limited and controlled for physical protection purposes and where the movement and stay is limited by the decision or decree by a national competent authority.
II. Protected area: area inside a limited access area containing Category I or II nuclear material and/or sabotage targets surrounded by a physical barrier with additional nuclear security measures.
III. Vital area: area inside a protected area containing equipment, systems or devices, or nuclear material, the sabotage of which could directly or indirectly lead to high radiological consequences.
IV. Inner area: an area with additional protection measures inside a protected area, where Category I nuclear material is used and/or stored.
Security plan
A document prepared by the licensee and required to be approved by NRRC that presents a detailed description of the security measures in place at a facility.
Stand-off attack
An attack, executed at a distance from the target nuclear facility or transport, which does not require adversary hands-on access to the target, or require the adversary to overcome the physical protection system.
Sustainability program
A program where the licensee defines activities to ensure sufficient nuclear security measures are maintained.
Target
Nuclear material, other radioactive material, associated facilities, associated activities, or other locations or objects of potential exploitation by a nuclear security threat, including major public events, strategic locations, sensitive information, and sensitive information assets.
Threat
A person or group of persons with motivation, intention, and capability to commit a malicious act.
Threat assessment
An evaluation of the threats based on available intelligence, law enforcement, and open-source information that describes the motivation, intentions, and capabilities of these threats.
Transport control center
A facility, which provides the continuous monitoring of a transport conveyance location and security status and for communication with the transport conveyance shipper, receiver, carrier and, when appropriate, its guards and the response forces.
Transport security plan
A document prepared by the licensee and required to be approved by NRRC that presents a detailed description of the security measures in the transport of nuclear material.
Two-person rule
A procedure that requires at least two authorized and knowledgeable persons to be present to verify that activities involving nuclear material and nuclear facilities are authorized in order to detect access or actions that are unauthorized.
Unauthorized removal
The theft or other unlawful taking of nuclear material.
Unirradiated nuclear material
Material not irradiated in a reactor or material irradiated in a reactor but with a radiation level equal to or less than 1 Gy/h (100 rad/h) at 1 m unshielded.
Section 4: General Principles
6. The licensee shall be primarily responsible for nuclear security of its nuclear material, nuclear fa-cilities, and activities.
7. The licensee shall consider and maintain nuclear security from the early stage of a nuclear facility.
8. The licensee shall ensure the availability of nuclear security measures that is commensurate with the threat assessment at each stage of the licensing process.
9. The licensee shall apply the requirements of this regulation based on the design basis threat or national threat assessment as prescribed by the NRRC.
10. The licensee shall set up physical protection measures for nuclear material based on its category, prior to arrival of the nuclear material on site.
11. The licensee shall ensure that the physical protection system is integrated and effective against both sabotage and unauthorized removal.
12. The licensee shall be responsible for ensuring that nuclear security interface with safety and nu-clear material accounting and control systems, and measures at the nuclear facility is mutually supportive as practicable.
13. Where potential conflicts between safety and security are identified, the licensee shall immedi-ately adopt compensatory and/or mitigative actions to maintain safety and security as prescribed by the NRRC.
Section 5: Categorization of Nuclear Material
14. The licensee shall apply security measures for protecting nuclear material and for preventing each level of potential radiological consequences based on the category as prescribed by the NRRC in Appendix I.
15. The licensee shall apply aggregation on the total amount of nuclear material in determining the categorization of the nuclear material in any specific location within the facility in identifying the physical protection measures for the unauthorized removal.
16. The categorization shall not be applicable in determining physical protection against sabotage, in which the licensee shall use the threshold for unacceptable radiological consequences prescribed by the NRRC.
Section 6: Responsibilities to the Competent Security Agencies
17. The licensee shall make documented, needed arrangements with competent security agencies to ensure that nuclear security measures are adequate to counter the threats identified in the de-sign basis threat.
18. The licensee shall arrange for the training and familiarization of the nuclear facility for the compe-tent security agencies as defined in the documented arrangements between the licensee and competent security agencies.
19. The licensee shall consult the offsite response force regarding the arrangements, resources, and the equipment available to the licensee and the off-site response force, and any other security re-lated matter at the facility.
20. Transfer of leadership responsibility during nuclear security event from the licensee to the offsite response forces shall be jointly agreed upon and documented in the contingency plans.
Section 7: Defense in Depth Principle
21. The defense in depth principle shall be applied in the design of the physical protection system for each of the functions of detection, delay, and response, with independent capabilities so that the failure of one capability does not mean loss of that function.
22. The licensee shall have protection measures combining design mixture of security devices, proce-dures and facility design that have to be overcome or circumvented by an adversary in order to achieve his objectives.
23. When implementing defense in depth principle, diversity and redundancy shall be considered ap-plying graded approach.
Section 8: Facility Threat and Risk Assessment
24. The licensee shall perform a threat and risk assessment specific to the facility in which it conducts licensed activities in order to determine the adequacy of its physical protection system based on the design basis threat or threat assessment as prescribed by the NRRC.
25. The licensee shall make modifications to its physical protection system, as necessary, to counter any credible threat identified as a result of the threat and risk assessment and shall kept a written record of each threat and risk assessment conducted.
26. The licensee shall provide a copy of the written record, along with a statement of actions taken as a result of the threat and risk assessment, to the NRRC within the time period specified by the NRRC upon completion of the assessment.
Section 9: Assignment of Nuclear Security Responsibilities
27. The licensee shall assign qualified personnel, subject to the NRRC approval, in charge with a de-fined role and responsibility to effectively implement nuclear security measures ensuring the facil-ity's continuous operational functions, and to liaise and cooperate with the NRRC and competent security agencies.
28. At the minimum, the licensee shall ensure the availability of the following effective nuclear securi-ty functions:
(a) Security management;
(b) Security operations; and
(c) Physical protection.
29. The licensee shall have in place trained and adequately equipped guards to perform their func-tions in accordance with nuclear security measures and arrangement.
30. The licensee shall ensure that assigned personnel and guards are familiar with nuclear security measures, the locations of nuclear material at the site, and procedures contributing to the im-plementation of the regulatory requirements of this regulation.
Section 10: Protection Areas and Layers
31. The licensee shall designate a nuclear security area depending on the category of nuclear material and sabotage targets for which defense in depth needs is applied based on the following:
(a) limited access area;
(b) protected area; and
(c) inner areas and vital areas.
32. The protection areas shall be physically separated through each having its own protection layer.
33. The licensee shall establish sufficient nuclear security measures for each security areas as pre-scribed by the NRRC.
34. The licensee shall control and manage procedures and record for the movement of persons and vehicles inside the security areas.
Section 11: Information and Cybersecurity
35. The licensee shall have sufficient measures for protecting computer-based systems, including sys-tems used for nuclear safety, nuclear material accounting and control, and the physical protec-tion. Consideration shall be given to the potential capabilities of the adversary, from the perspec-tive of both insider threats and external threats.
36. The licensee shall implement requirements for protecting the confidentiality of information, the unauthorized disclosure of which could compromise the physical protection of nuclear material and facility.
37. The licensee shall ensure information security and cybersecurity as prescribed in the Regulation on Information Protection and Cybersecurity (NRRC-R-20).
38. The licensee shall submit to the NRRC for approval information and cybersecurity plan describing details measures prescribed in Article 43 of this regulation.
Section 12: Training
39. The licensee shall ensure that all personnel is familiar with nuclear security measures, the loca-tions of nuclear material at the site, the procedures contributing to the implementation of these at the nuclear facility, and nuclear material transport and shall keep up-to-date record of this training.
Section 13: Security Culture
40. The licensee shall be responsible for establishing and maintaining a dynamic and effective securi-ty culture in which there is an identification of any credible threat that may exist, and where every individual in the entire organization has a role in nuclear security.
Section 14: Quality Assurance
41. The licensee shall establish and implement a quality assurance policy and quality assurance pro-gram in order to ensure that specified requirements for all activities important to nuclear security measures are satisfied.
Section 15: Trustworthiness
42. The licensee shall ensure the trustworthiness of persons working or having authorized access to the nuclear facility or confidential information, as well as those participating in activities involving nuclear material, in use and storage, onsite movement, transport and treatment, and nuclear waste.
43. The licensee shall ensure the trustworthiness of employees and persons working or having au-thorized access, with or without escorted access, to the nuclear facility or confidential information or participating in activities dealing with nuclear material in cooperation with competent security agencies.
Section 16: Insider Mitigation
44. The licensee shall establish, maintain, and implement insider mitigation measures to monitor the initial and continual trustworthiness and reliability of individuals granted or retaining unescorted access authorization to a protected or vital area or sensitive information.
45. The licensee shall implement defense-in-depth methodologies to minimize the potential for an in-sider to adversely affect, either directly or indirectly, the licensee's capability to prevent sabotage and unauthorized removal of nuclear material.
46. Measures for preventing threats related to persons who have authorized access to nuclear facili-ty, nuclear material during transport or confidential information, shall be implemented systemat-ically and extended to the licensee's subcontractors and employees.
Section 17: Records
47. A record of all persons who have access to or possession of nuclear security systems including computer systems that control access to nuclear material and/or protection areas shall be kept in an up-to-date record by the licensee.
48. The licensee shall ensure the identity of persons transacting any activity at the licensee's premises and shall keep up-to-date records of this control.
49. The licensee shall comply to the requirements to the duration of maintaining the records as pre-scribed by NRRC.
50. The licensee shall maintain all records related to the implementation of all requirements pre-scribed under this regulation for compliance and verification measures by the NRRC.
Section 18: Nuclear Material Accounting and Control for Nuclear Security
51. The licensee shall ensure control of, and be able to account for, all nuclear material at a nuclear facility at all times.
52. The licensee shall design and implement a Nuclear Material Accountancy and Control (NMAC) system as prescribed in Nuclear Material Accountancy and Control (NRRC-R-12).
53. The licensee shall ensure that the nuclear material accountancy and control system is able to pro-vide accurate information about the potentially missing nuclear material in the facility following a nuclear security event.
54. The licensee shall report any confirmed accounting discrepancy in a timely manner as prescribed by the NRRC.
55. The licensee shall ensure sufficient measures for nuclear material accounting and control are in place for nuclear security purposes and comply with the requirements prescribed in the Regula-tion on Nuclear Material Accountancy and Control (NRRC-R-12).
Section 19: Sustainability Program
56. The licensee shall develop, implement, and maintain means and procedures for maintenance and testing of physical protection systems.
57. Performance testing shall be carried out in accordance with the nuclear security plans and imple-menting procedures.
58. The licensee shall ensure that the intended function of the nuclear security equipment and sys-tem do not compromise in the event when modifications and replacement take place.
59. Maintenance of nuclear security equipment shall be performed according to approved proce-dures, vendor's recommendations, experience feedback, and system performance to ensure that design requirements are not compromised.
60. The licensee shall establish sustainability programs for its physical protection systems that en-compass:
(a) Operating procedures and instructions;
(b) Human resource management and training;
(c) Equipment updating, maintenance, repair, and calibration;
(d) Performance testing and operational monitoring;
(e) Configuration management; and
(f) Resource allocation and operational cost analysis.
Section 20: Compensatory Measures
61. The licensee shall immediately identify and implement measures to compensate for, degraded or inoperable equipment, systems, and components, as well as in the case that physical protection equipment is taken out of service.
62. The licensee shall implement compensatory measures in case nuclear security measures are de-termined to be incapable of providing the required level of security and the relevant corrective ac-tions shall be submitted to NRRC for approval.
63. Compensatory measures shall provide a level of protection that is equivalent to the protection that was provided by the equipment, system, or components prior to degradation or inoperabil-ity.
64. The licensee's Nuclear Security Plan shall include a plan for compensatory measures.
Section 21: Nuclear Security Plan
65. The applicant shall submit a security plan for the approval by the NRRC as part of the licensing process for the facility or activity to be licensed.
66. The security plan shall be designed according to the category of nuclear material being protected and the levels of the potential radiological consequences of sabotage.
67. The licensee shall notify the NRRC without delay of any significant events concerning unauthor-ized actions that affect the physical protection of nuclear material or nuclear facilities that deviate from the approved security plan.
68. The licensee shall submit all other relevant plans, programs and measures prescribed by this reg-ulation as part of the nuclear security plan.
Section 22: Contingency Plan
69. The licensee shall prepare and submit a contingency plan to respond to nuclear security event as defined in the design basis threat.
70. The licensee shall include written arrangements with an off-site response force in the contingency plan to ensure the protection of a facility where it conducts licensed activities.
71. The licensee shall ensure capability at all times for immediate communication among the security monitoring room, the on-site nuclear response force, and the off-site response force.
72. The licensee shall ensure that the off-site response force can support the on-site nuclear re-sponse force in making an effective intervention when requested to do so by the licensee.
73. The licensee shall implement joint exercises between on-site response force and the off-site re-sponse force as prescribed by the NRRC.
74. Whenever a threat is detected, the person in charge of the security at the facility shall take control of nuclear security measures preventing the threat and submit the relevant reports to the NRRC.
Section 23: Prudent Management Practices
75. Nuclear material below Category III and /or nuclear material, which is in a form that is no longer usable for any nuclear activity, minimizes environmental dispersal and is practicably irrecovera-ble, shall be managed and protected by the licensee in accordance with prudent management practices prescribed by NRRC.
Section 24: Measures for Categories I, II and III Nuclear Material
76. The licensee shall ensure that nuclear material is used or stored within a limited access area at the very least.
77. The licensee shall develop and maintain detection capability for any potential unauthorized intru-sion to the nuclear material at the facility.
78. The licensee shall establish and implement procedures for transferring nuclear material withing the authorized facility.
79. The licensee shall establish and implement technical means and procedures for access control that provide protection against compromise to the access.
80. For movements of Category III nuclear material within a limited access area, the licensee shall ap-ply all prudent and necessary nuclear security measures.
81. The licensee shall prepare a contingency plan to effectively counter malicious acts.
Section 25: Measures for Categories I and II Nuclear Material
82. Notwithstanding to the requirement in Section 23, the licensee shall comply to the requirements made under this section for Category I and II nuclear material.
83. The licensee shall use or store Category II nuclear material within a protected area located inside a restricted access area.
84. The protected area perimeter shall be equipped with a physical barrier, intrusion detection devic-es, and assessment to detect any unauthorized access.
85. The protected area's access points shall be kept to the minimum necessary and appropriately se-cured and fitted with alarms.
86. Vehicles, persons, and packages entering and leaving the protected area shall be subject to search for detection and prevention of unauthorized access and prohibited items or removal of nuclear material.
87. Attention shall be given to the detection of contraband material, explosives, and firearms, as well as devices or measures, in which appropriate measures for detection shall be used.
88. The licensee shall implement measures prescribed by the NRRC for authorized access to protect-ed areas.
89. Licensee shall provide technical means and procedures for access control, including keys and computerized access lists against manipulation, falsification, or any other form of compromise
90. The licensee shall establish a central alarm station based on the requirements prescribed by the NRRC.
91. The licensee shall establish and maintain the capability at all times for guards and response forc-es.
92. The licensee shall establish measures under which on-site movements of nuclear material be-tween two protected areas are treated in compliance with the requirements for nuclear material during transport, taking into account existing nuclear security measures at the facility.
Section 26: Measures for Category I Nuclear Material
93. Notwithstanding to the requirement in Section 23 and 24, the licensee shall comply to the re-quirements made under this section for Category I nuclear material.
94. The licensee shall use or store Category I nuclear material within an inner area located inside a protected area.
95. The licensee shall ensure that the inner areas is secured and alarmed when unattended.
96. The inner areas shall be equipped with systems and measures that provide delay against unau-thorized access to allow for a timely and appropriate response against malicious acts. These sys-tems and measures shall be designed to counter potential capability of the insider and external adversary for all potential points of intrusion.
97. Vehicle barriers shall be installed at an appropriate distance from the inner area to prevent the penetration of unauthorized land, waterborne, and/or airborne threats that could be used by an adversary for committing a malicious act.
98. The licensee shall ensure effective access control measures to inner areas are developed and im-plemented at the facility and during the conduct of activity.
99. The licensee shall develop and adhere to procedure on measures for detection and prevention unauthorized access to the Category I nuclear material.
100. The licensee shall ensure detection of unauthorized action by continuous surveillance using the two-person rule or other equivalent means, whenever an inner area is occupied for the purpose to counter the insider threat.
101. The licensee shall ensure that the storage of Category I nuclear material is in accordance with the requirements prescribed by the NRRC.
102. The number of access points into the inner area shall be kept to the minimum necessary in which, all points of potential access shall be appropriately secured and alarmed.
Section 27: General Requirements Against Sabotage
103. Notwithstanding the requirement prescribed in Chapter 4, the physical protection system of a nu-clear facility should be integrated and effective against both sabotage and unauthorized removal.
104. The licensee shall conduct an analysis for each nuclear facility for NRRC's approval to determine whether the radioactive inventory has the potential to result in unacceptable radiological conse-quences, assuming that the sabotage acts will be successfully completed while ignoring the impact of the physical protection or mitigation measures.
105. The licensee shall set and implement a set of physical protection design objectives and/or measures for each assigned level of protection as prescribed by the NRRC, based on the results of analyses in Article 104.
106. The licensee of a nuclear facility whose radiological consequences do not exceed the threshold limit established by NRRC shall protect the equipment, systems, devices, and nuclear material against the sabotage based on a graded approach and per requirements provided by NRRC.
107. The licensee of a nuclear facility whose radiological consequences exceed the threshold limit es-tablished by NRRC shall identify equipment, systems or devices, or nuclear material that could di-rectly or indirectly become a potential sabotage target and protect them in accordance with the design process and protection requirements as prescribed by the NRRC.
108. The licensee shall assess, on detection of a malicious act, whether this act could lead to radiologi-cal consequences and notify the NRRC.
109. The licensee shall take measures specified in the contingency plan Immediately following an act of sabotage to prevent further damage, secure the nuclear facility, and protect emergency equip-ment and personnel.
Section 28: Designing a Physical Protection System Against Sabotage
110. The licensee shall define credible sabotage scenarios against the nuclear facility and nuclear ma-terial based on the design basis threat, including, but not limited to stand-off attacks, in-siders, collusion of adversary and cyber threats.
111. The licensee shall design a physical protection system that is effective against the sabotage sce-narios taking into account other systems of the facility.
112. The physical protection system shall be designed to deny unauthorized access of persons or equipment to the targets, to minimize the opportunity of insiders, and to protect the targets against possible stand-off attacks consistent with design basis threat.
113. The licensee shall ensure the effectiveness of nuclear security measures against the sabotage sce-narios and make required improvement modifications based on the results of performed tests which shall be subject to the NRRC approval.
Section 29: Requirements Against Sabotage at Nuclear Facilities
114. All equipment, systems or devices, or nuclear material, the sabotage of which could directly or in-directly lead to high radiological consequences shall be located inside one or more vital areas.
115. The licensee shall meet the requirements of Section 27 of this regulation along with the following additional requirements:
(a) Timely detection of tampering or interference with vital area equipment, systems or de-vices shall be provided.
(b) Maintaining strict access control to vital areas during a shutdown and maintenance peri-od.
(c) Conducting searches and testing to detect any tampering that may have been committed during shutdown and maintenance.
116. For nuclear material and other nuclear facilities other than nuclear power plants, sabotage of which can result in radiological consequences to the public shall be protected depending on the degree of consequences.
Section 30: General Nuclear Security Requirements to Protect Nuclear Material During Transport
117. The licensee shall aggregate the total amount of nuclear material on or in a single conveyance to determine a categorization and identify and implement the appropriate security requirements and measures for the conveyance.
118. When different types of nuclear material are transported on the same conveyance, an appropri-ate aggregation formula shall be used by the licensee to determine the category of the consign-ment according to the requirement provided in the Regulation on Safe Transport of Radioactive Materials (NRRC-R-15).
119. The licensee shall implement nuclear security measures against unauthorized removal during transport applying graded approach mechanism.
120. Licensee shall identify and implement additional nuclear security measures to prevent malicious act on nuclear material during transport, based on the design basis threat and potential radiologi-cal consequences.
121. The safety features of the design of transport package, container, and conveyance shall be taken into account while deciding additional physical protection measures for the protection of the ma-terial against malicious act.
122. The licensee shall protect sensitive information relating to transport operations, including de-tailed information on the schedule and route, and shall disseminate such information only based on the need to know.
123. The licensee shall not use unnecessary markings on conveyances and shall avoid the use of open channels for transmission of messages concerning shipments of nuclear material.
124. When a security related message is transmitted, such information shall be protected in accord-ance with applicable information protection requirements prescribed by the NRRC.
125. The authorized person shall establish procedures to ensure the security of keys to conveyances and security locks commensurate with the categorization of the nuclear material being transport-ed.
126. If the conveyance comes to an unexpected extended stop, the physical protection measures ap-propriate for that category of material in storage shall be applied to the extent possible and prac-ticable.
127. Physical protection of nuclear material in storage incidental to transport shall be at a level appro-priate for the category of the nuclear material and provide a level of protection consistent with that required in Chapter 4 for use and storage.
Section 31: Requirements for Categories I, II and III Nuclear Material
128. In addition to requirements in Section 29, the requirements in this Section shall be applicable to Categories I, II and III nuclear materials.
129. The licensee shall ensure that prior agreements among, receiver, and carrier specify the time, place, and procedures for transferring physical protection responsibilities; and that adequate physical protection arrangements are in place.
130. An application for a license to transport Category I, II or III nuclear material shall contain, in addi-tion to any other information required in Section 29, a written transportation security plan as prescribed by the NRRC.
131. The licensee shall ensure that packages containing nuclear material are carried in a closed, locked, and sealed conveyance, compartment, or freight container.
132. The licensee shall make the necessary arrangement for a detailed search of conveyance to ensure that nothing has been tempered with and that nothing has been affixed to the package or con-veyance that might compromise the security of the consignment.
133. The licensee shall ensure the availability of an uninterrupted communication system for the con-veyance to communicate with response forces.
134. Upon arrival, the licensee shall ensure the integrity of the packages and locks and seals in verify-ing that the security of the consignment has not been compromised and accepts the shipment and notifies the NRRC in writing immediately.
Section 32: Requirements for Categories I and II Nuclear Material
135. In addition to requirement provided in Section 29 and 30, the requirements in this Section shall apply to Categories I and II nuclear material.
136. Prior to commencing transport, the licensee shall ensure that all measures necessary to imple-ment the approved transport security plan are in place.
137. The conveyance shall be searched immediately prior to loading and shipment, and the convey-ance shall be placed in a secure area or kept under guard surveillance until its loading and ship-ment for transport and unloading, immediately upon completion of the search.
138. The licensee shall ensure that physical protection measures are able to provide sufficient delay in the conveyance, freight container and package so that guards and response forces have reasona-ble time for an appropriate response.
139. The licensee shall ensure each shipment is accompanied by adequately equipped and trained guards, including prior to and during loading and unloading operations.
140. Surveillance of the route shall be conducted for any threat indicators, and any necessary re-sponse shall be initiated.
141. Continuous, effective surveillance of the packages or locked cargo hold, or compartment holding the packages, shall be maintained at all times, especially when the conveyance is not on move.
142. Nuclear security measures shall include provision of continuous two-way voice communication systems between the conveyance, any guards accompanying the shipment, the designated re-sponse forces, and where appropriate, the shipper and receiver. Such systems shall be redun-dant, diverse, and secure.
143. The licensee shall make arrangements for the availability of response forces proportional to the prevailing threat to deal with nuclear security events in time to prevent the unauthorized removal of nuclear material.
Section 33: Requirements for Category I Nuclear Material
144. In addition to requirement provided in Section 29, 30 and 31, the requirements in this Section shall apply to Category I nuclear material.
145. The NRRC shall be intimated about exact date and time of shipment prior to the commencement of each shipment.
146. The licensee shall conduct a detailed route surveillance based on the threat assessment or intelli-gence information.
147. The licensee shall establish a transport control center for the purpose of keeping track of the cur-rent position and physical protection measures status of the shipment of nuclear material and alerting response forces in case of an attack.
148. The transport control center shall be protected so that its function can continue in the presence of the threat.
149. While the shipment is in process, the transport control center shall be staffed by appropriate per-sonnel whose trustworthiness has been predetermined.
Section 34: Licensee Responsibility to Nuclear Security Event
150. The licensee shall immediately report to the NRRC and competent security agencies any occur-rence of the following nuclear security events and any changes that may affect nuclear security related to nuclear facilities or transport of nuclear material as defined in the approved contingen-cy plan:
(a) Actual or attempted intrusion into the facility or into a limited access area, protected area, in-ner area, or vital area.
(b) Attempted or actual unauthorized removal, loss, or unauthorized movement of nuclear ma-terial, whether involving external adversaries or insiders.
(c) Attempted or actual acts of sabotage, including tampering or interference with vital area equipment, systems, or devices.
(d) Loss or unauthorized disclosure of sensitive information.
(e) Failure of any physical protection equipment and system leading to loss of physical protection system's function.
(f) Compromise or attempted compromise of digital computers, communication systems and networks used for nuclear security and safety.
(g) Any other event that could potentially compromise security measures.
151. The licensee shall assign a sufficient number of persons with expertise in nuclear safety, security, and radiation safety to assist the competent security agencies during a nuclear security event.
152. The licensee shall initiate its contingency plan after detection and assessment of any malicious act.
Appendix 1 Categorization of Nuclear Material
Less than 2 kg
but more than 500 g
500 g or less
but more than 15 g
Unirradiatedb
– Uranium enriched to 20%
235U or more
5 kg or more
Less than 5 kg
but more than 1 kg
1 kg or less
– Uranium enriched to 10%
235U but less than 20% 235U
– Uranium enriched above natural, but less than 10%
235U
4. Irradiated fuel
(The NRRC may assign a different category for domestic use, storage and transport taking all relevant factors into account.)
Note: This table is not to be used or interpreted independently of the text of the entire publication.
a All plutonium except that with isotopic concentration exceeding 80% in plutonium-238.
b Material not irradiated in a reactor or material irradiated in a reactor but with a radiation level equal to or less than 1 Gy/h. (100 rad/h) at 1 m unshielded.
c Quantities not falling in Category III and natural uranium, depleted uranium and thorium should be protected at least in accordance with prudent management practice.
d Based on evaluation of the specific circumstances, the NRRC may assign a different category of physical protection.
e Other fuel which by virtue of its original fissile material content is classified as Category I or II before irradiation may be reduced one category level while the radiation level from the fuel exceeds 1 Gy/h (100 rad/h) at one metre unshielded.
Last update: 13 April 2022
You can browse the portal by giving voice commands using the microphone
Speak Now...
Please give voice commands from the following options:
Disclaimer: Translation into other languages depends on the Google translation, Therefor the NCC is not responsible for the accuracy of the information in the new language.
