Europe | Security

The security stress test

3 September 2012

A post-Fukushima security review in Europe, run in parallel with the European stress tests, has sketched out what good nuclear security looks like, and recommended a few changes.

The standardisation of nuclear security rules in Europe dates back to 1972, with The Physical Protection of Nuclear Material (whose revisions have been published as IAEA Infocirc 225). The most important regulation in the field is the Convention on the Physical Protection of Nuclear Material, CPPNM, which requires parties to commit to develop and implement a nuclear security legal framework. It was ratified and entered into force in 1987.

An amendment signed in July 2005 widens the reach of CPPNM from protection of materials in transport to domestic use of nuclear materials (in installations, storage and during transport), and also protection of materials against sabotage. In addition, it requires that every state’s physical protection system applies Fundamental Principles of Physical Protection of Nuclear Material and Nuclear Facilities.

This has not yet entered force. Although 56 countries have ratified it as of April 2012, as many again are needed, and some of the big nuclear heavyweights (including USA and France) have not signed up. The report recommends that getting the 2005 amendment into force is ‘an urgent requirement’.

After Fukushima, the European Commission and the European Nuclear Safety Regulators’ Association (ENSREG) set up an Ad-Hoc Group on Nuclear Security on 21 July 2011. Unlike the stress test project, it did not deal with specific NPPs, nor individual member states (and in fact it and the stress tests worked almost entirely independently). It did focus on methods for evaluating, taking preventive measures and protecting NPPs, identify and share good practices, and consider ways to improve general security. Preliminary results following five meetings were reported 9 December. The 2011 work was largely based on a survey to member states, which reportedly revealed that all have a nuclear security regime ‘commensurate to the extent of the nuclear industry in each state’. General ‘good practices’ were extracted from the surveys, and abstracted from national circumstances, legal or administrative systems. Unlike results of the stress tests, these were not intended to be a peer review or assessment.

The report stressed the value of what it called ‘nuclear security culture’ as a companion to nuclear safety culture. It defines nuclear security culture as beliefs and attitudes that credible threats exist and security is important; clear and understandable security policy; clear roles and responsibilities; performance measurement; involvement of management, training and qualification.

After a further six meetings, a final report, which deals in generalities and best practices, was published in June 2012. Although it might bear a resemblance to an IAEA report, the IAEA was not officially involved, although it gave some presentations. There was more involvement, but probably still little contribution, from the European Nuclear Security Regulators’ Association, founded in 2004, which includes all European Union civil nuclear states except Bulgaria and Romania.

The work of the group in 2012 focused on five themes, whose results are summarised.

Cyber security

Threat analysis should include a combination of cyber and physical attack.

ICT systems can be grouped and protected by the consequences on safety or security of the plant in case of a cyber attack on them.

Critical components include industrial control systems especially supervisory controls and data acquisition systems (SCADA).

Security measures such as change management and overviews of systems interconnectivity should be implemented, if they have not been already.

IPPAS missions

IAEA international physical protection advisory service missions are confidential in-depth evaluations of member states’ physical protection regime involving a small team of experts and lasting up to two weeks.

IPPAS missions should become the norm in the EU, and be carried out every 10 years.

Every mission should have a follow-up three years later.

EU members that have not invited IPPAS mission (Belgium, Germany and Spain, according to IAEA records) should be encouraged to do so.

Intentional air crash

Even if the aircraft attack against an NPP is not part of the DBT, there is a common understanding among member states that dedicated countermeasures need to be implemented.

Intelligence gathering is the first line of defence; civil aviation protection methods is the second line. The third line of defence is timely warning of NPP staff.

NPP operators should introduce measures to mitigate the consequences of these events, including fire protection.

Synergies between safety and security

As safety and security events can lead to one another, emergency plans and contingency plans for NPPs must be consistent and synergies should be drawn between the areas.

Contingency plans must be tested with exercises of scenarios mixing safety and security issues.

Exercises and training

Implementation of security exercises and security vocational training should be mandatory for the nuclear operator.

Different authorities may have special tactics and use special terminology; therefore, it is important to arrange exercises involving all responders.

Type 1 exercises are performed at operator level with the internal security forces. These are aimed at assessing the response procedures, based on internal and external threats, including the presence of explosives. They are conducted quarterly.

Type 2 exercises involving the territorial police and focus on response procedures of the territorially-competent police forces, the reaction to acts of trespassing and the management of interfaces between actors inside and outside the site. They are conducted annually.

Type 3 exercises are developed at national level and involve all the security stakeholders. These exercises involve the special forces dedicated to NPPs. Their aim is to evaluate the organization and implementation of security plans as a whole, the interfaces between the authorities and the operators, the command posts location and equipment, the communication framework with the public and the media. Conducted every 18-24 months.

Only a person trained as a guard, as specified in the relevant national regulation, or with some other security-field training, can act as the shift manager or a security guard.

Author Info:

Download a full copy of the report on

This article was first published in the August 2012 issue of Nuclear Engineering International

Related Articles
Reporting security

Privacy Policy
We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.