Each licensee shall provide physical protection at a fixed site, or contiguous sites where licensed activities are conducted, against radiological sabotage, or against theft of special nuclear material, or against both, in accordance with the applicable sections of this Part for each specific class of facility or material license. If applicable, the licensee shall establish and maintain physical security in accordance with security plans approved by the Nuclear Regulatory Commission.

[58 FR 13700, Mar. 15, 1993]

(a) To meet the general performance requirements of § 73.20 a fixed site physical protection system shall include the performance capabilities described in paragraphs (b) through (g) of this section unless otherwise authorized by the Commission.

(b) Prevent unauthorized access of persons, vehicles and materials into material access areas and vital areas. To achieve this capability the physical protection system shall:

(1) Detect attempts to gain unauthorized access or introduce unauthorized material across material access or vital area boundaries by stealth or force using the following subsystems and subfunctions:

(i) Barriers to channel persons and material to material access and vital area entry control points and to delay any unauthorized penetration attempts by persons or materials sufficient to assist detection and permit a response that will prevent the penetration; and

(ii) Access detection subsystems and procedures to detect, assess and communicate any unauthorized penetration attempts by persons or materials at the time of the attempt so that the response can prevent the unauthorized access or penetration.

(2) Detect attempts to gain unauthorized access or introduce unauthorized materials into material access areas or vital areas by deceit using the following subsystems and subfunctions:

(i) Access authorization controls and procedures to provide current authorization schedules and entry criteria for both persons and materials; and

(ii) Entry controls and procedures to verify the identity of persons and materials and assess such identity against current authorization schedules and entry criteria before permitting entry and to initiate response measures to deny unauthorized entries.

(c) Permit only authorized activities and conditions within protected areas, material access areas, and vital areas. To achieve this capability the physical protection system shall:

(1) Detect unauthorized activities or conditions within protected areas, material access areas and vital areas using the following subsystems and subfunctions:

(i) Controls and procedures that establish current schedules of authorized activities and conditions in defined areas;

(ii) Boundaries to define areas within which the authorized activities and conditions are permitted; and

(iii) Detection and surveillance subsystems and procedures to discover and assess unauthorized activities and conditions and communicate them so that response can be such as to stop the activity or correct the conditions to satisfy the general performance objective and requirements of § 73.20(a).

(d) Permit only authorized placement and movement of strategic special nuclear material within material access areas. To achieve this capability the physical protection system shall:

(1) Detect unauthorized placement and movement of strategic special nuclear material within the material access area using the following subsystems and subfunctions:

(i) Controls and procedures to delineate authorized placement and control for strategic special nuclear material;

(ii) Controls and procedures to establish current authorized placement and movement of all strategic special nuclear material within material access areas;

(iii) Controls and procedures to maintain knowledge of the identity, quantity, placement, and movement of all strategic special nuclear material within material access areas; and

(iv) Detection and monitoring subsystems and procedures to discover and assess unauthorized placement and movement of strategic special nuclear material and communicate them so that response can be such as to return the strategic special nuclear material to authorized placement or control.

(e) Permit removal of only authorized and confirmed forms and amounts of strategic special nuclear material from material access areas. To achieve this capability the physical protection system shall:

(1) Detect attempts at unauthorized removal of strategic special nuclear material from material access areas by stealth or force using the following subsystems and subfunctions:

(i) Barriers to channel persons and materials exiting a material access area to exit control points and to delay any unauthorized strategic special nuclear material removal attempts sufficient to assist detection and assessment and permit a response that will prevent the removal; and satisfy the general performance objective and requirements of § 73.20(a); and

(ii) Detection subsystems and procedures to detect, assess and communicate any attempts at unauthorized removal of strategic special nuclear material so that response to the attempt can be such as to prevent the removal and satisfy the general performance objective and requirements of § 73.20(a).

(2) Confirm the identity and quantity of strategic special nuclear material presented for removal from a material access area and detect attempts at unauthorized removal of strategic special nuclear material from material access areas by deceit using the following subsystems and subfunctions:

(i) Authorization controls and procedures to provide current schedules for authorized removal of strategic special nuclear material which specify the authorized properties and quantities of material to be removed, the persons authorized to remove the material, and the authorized time schedule;

(ii) Removal controls and procedures to identify and confirm the properties and quantities of material being removed and verify the identity of the persons making the removal and time of removal and assess these against the current authorized removal schedule before permitting removal; and

(iii) Communications subsystems and procedures to provide for notification of an attempted unauthorized or unconfirmed removal so that response can be such as to prevent the removal and satisfy the general performance objective and requirements of § 73.20(a).

(f) Provide for authorized access and assure detection of and response to unauthorized penetrations of the protected area to satisfy the general performance objective and requirements of § 73.20(a). To achieve this capability the physical protection system shall:

(1) Detect attempts to gain unauthorized access or introduce unauthorized persons, vehicles, or materials into the protected area by stealth or force using the following subsystems and subfunctions:

(i) Barriers to channel persons, vehicles, and materials to protected area entry control points; and to delay any unauthorized penetration attempts or the introduction of unauthorized vehicles or materials sufficient to assist detection and assessment and permit a response that will prevent the penetration or prevent such penetration and satisfy the general performance objective and requirements of § 73.20(a); and

(ii) Access detection subsystems and procedures to detect, assess and communicate any unauthorized access or penetrations or such attempts by persons, vehicles, or materials at the time of the act or the attempt so that the response can be such as to prevent the unauthorized access or penetration, and satisfy the general performance objective and requirements of § 73.20(a).

(2) Detect attempts to gain unauthorized access or introduce unauthorized persons, vehicles, or materials into the protected area by deceit using the following subsystems and subfunctions:

(i) Access authorization controls and procedures to provide current authorization schedules and entry criteria for persons, vehicles, and materials; and

(ii) Entry controls and procedures to verify the identity of persons, materials and vehicles and assess such identity against current authorization schedules before permitting entry and to initiate response measures to deny unauthorized access.

(g) Response. Each physical protection program shall provide a response capability to assure that the five capabilities described in paragraphs (b) through (f) of this section are achieved and that adversary forces will be engaged and impeded until offsite assistance forces arrive. To achieve this capability a licensee shall:

(1) Establish a security organization to:

(i) Provide trained and qualified personnel to carry out assigned duties and responsibilities; and

(ii) Provide for routine security operations and planned and predetermined response to emergencies and safeguards contingencies.

(2) Establish a predetermined plan to respond to safeguards contingency events.

(3) Provide equipment for the security organization and facility design features to:

(i) Provide for rapid assessment of safeguards contingencies;

(ii) Provide for response by assigned security organization personnel which is sufficiently rapid and effective to achieve the predetermined objective of the response; and

(iii) Provide protection for the assessment and response personnel so that they can complete their assigned duties.

(4) Provide communications networks to:

(i) Transmit rapid and accurate security information among onsite forces for routine security operation, assessment of a contingency, and response to a contingency; and

(ii) Transmit rapid and accurate detection and assessment information to offsite assistance forces.

(5) Assure that a single adversary action cannot destroy the capability of the security organization to notify offsite response forces of the need for assistance.

[44 FR 68193, Nov. 28, 1979]

(a) A licensee physical protection system established pursuant to the general performance objective and requirements of § 73.20(a) and the performance capability requirements of § 73.45 shall include, but are not necessarily limited to, the measures specified in paragraphs (b) through (h) of this section. The Commission may require, depending on individual facility and site conditions, alternate or additional measures deemed necessary to meet the general performance objective and requirements of § 73.20. The Commission also may authorize protection measures other than those required by this section if, in its opinion, the overall level of performance meets the general performance objective and requirements of § 73.20 and the performance capability requirements of § 73.45.

(b) Security organization. (1) The licensee shall establish a security organization, including guards. If a contract guard force is utilized for site security, the licensee's written agreement with the contractor will clearly show that (i) the licensee is responsible to the Commission for maintaining safeguards in accordance with Commission regulations and the licensee's security plan, (ii) the NRC may inspect, copy, and take away copies of all reports and documents required to be kept by Commission regulations, orders, or applicable license conditions whether such reports and documents are kept by the licensee or the contractor, (iii) the requirement, in § 73.46(b)(4) of this section that the licensee demonstrate the ability of physical security personnel to perform their assigned duties and responsibilities, include demonstration of the ability of the contractor's physical security personnel to perform their assigned duties and responsibilities in carrying out the provisions of the Security Plan and these regulations, and (iv) the contractor will not assign any personnel to the site who have not first been made aware of these responsibilities.

(2) The licensee shall have onsite at all times at least one full time member of the security organization with authority to direct the physical protection activities of the security organization.

(3) The licensee shall have a management system to provide for the development, revision, implementation, and enforcement of security procedures. The system shall include:

(i) Written security procedures which document the structure of the security organization and which detail the duties of the Tactical Response Team, guards, watchmen, and other individuals responsible for security. The licensee shall retain a copy of the current procedures as a record until the Commission terminates the license for which these procedures were developed and, if any portion of these procedures is superseded, retain the superseded material for three years after each change; and

(ii) Provision for written approval of such procedures and any revisions thereto by the individual with overall responsibility for the security function.

(4) The licensee may not permit an individual to act as a Tactical Response Team member, armed response person, guard, or other member of the security organization unless the individual has been trained, equipped, and qualified to perform each assigned security duty in accordance with Appendix B of this part, “General Criteria for Security Personnel.” In addition, Tactical Response Team members, armed response personnel, and guards shall be trained, equipped, and qualified for use of their assigned weapons in accordance with paragraphs (b)(6) and (b)(7) of this section. Tactical Response Team members, armed response personnel, and guards shall also be trained and qualified in accordance with either paragraphs (b)(10) and (b)(11) or paragraph (b)(12) of this section. Upon the request of an authorized representative of the Commission, the licensee shall demonstrate the ability of the physical security personnel, whether licensee or contractor employees, to carry out their assigned duties and responsibilities. Each Tactical Response Team member, armed response person, and guard, whether a licensee or contractor employee, shall requalify in accordance with Appendix B of this part. Tactical Response Team members, armed response personnel, and guards shall also requalify in accordance with paragraph (b)(7) of this section at least once every 12 months. The licensee shall document the results of the qualification and requalification. The licensee shall retain the documentation of each qualification and requalification as a record for 3 years after each qualification and requalification.

(5) Within any given period of time, a member of the security organization may not be assigned to, or have direct operational control over, more than one of the redundant elements of a physical protection subsystem if such assignment or control could result in the loss of effectiveness of the subsystem.

(6) Each guard shall be armed with a handgun, as described in appendix B of this part. Each Tactical Response Team member shall be armed with a 9mm semiautomatic pistol. All but one member of the Tactical Response Team shall be armed additionally with either a shotgun or semiautomatic rifle, as described in appendix B of this part. The remaining member of the Tactical Response Team shall carry, as an individually assigned weapon, a rifle of no less caliber than .30 inches or 7.62mm.

(7) In addition to the weapons qualification and requalification criteria of appendix B of this part, Tactical Response Team members, armed response personnel, and guards shall qualify and requalify, at least every 12 months, for day and night firing with assigned weapons in accordance with Appendix H of this part. Tactical Response Team members, armed response personnel, and guards shall be permitted to practice fire prior to qualification and requalification but shall be given only one opportunity to fire for record on the same calendar day. If a Tactical Response Team member, armed response person, or guard fails to qualify or requalify, the licensee shall remove the individual from security duties which require the use of firearms and retrain the individual prior to any subsequent attempt to qualify or requalify. If an individual fails to qualify or requalify on two successive attempts, he or she shall be required to receive additional training and successfully fire two consecutive qualifying scores prior to being reassigned to armed security duties.

(i) In addition, Tactical Response Team members, armed response personnel, and guards shall be prepared to demonstrate day and night firing qualification with their assigned weapons at any time upon request by an authorized representative of the NRC.

(ii) The licensee or the licensee's agent shall document the results of weapons qualification and requalification for day and night firing. The licensee shall retain the documentation of each qualification and requalification as a record for 3 years after each qualification and requalification.

(8) In addition to the training requirements contained in appendix B of this part, Tactical Response Team members shall successfully complete training in response tactics. The licensee shall document the completion of training. The licensee shall retain the documentation of training as a record for three years after training is completed.

(9) The licensee shall conduct Tactical Response Team and guard exercises to demonstrate the overall security system effectiveness and the ability of the security force to perform response and contingency plan responsibilities and to demonstrate individual skills in assigned team duties. During the first 12-month period following the date specified in paragraph (i)(2)(ii) of this section, an exercise must be carried out at least every three months for each shift, half of which are to be force-on-force. Subsequently, during each 12-month period commencing on the anniversary of the date specified in paragraph (i)(2)(ii) of this section, an exercise must be carried out at least every four months for each shift, one third of which are to be force-on-force. The licensee shall use these exercises to demonstrate its capability to respond to attempts to steal strategic special nuclear material. During each of the 12-month periods, the NRC shall observe one of the force-on-force exercises which demonstrates overall security system performance. The licensee shall notify the NRC of the scheduled exercise 60 days prior to that exercise. The licensee shall document the results of all exercises. The licensee shall retain the documentation of each exercise as a record for three years after each exercise is completed.

(10) In addition to the medical examinations and physical fitness requirements of paragraph I.C of Appendix B of this part, each Tactical Response Team member, armed response person, and guard, except as provided in paragraph (b)(10)(v) of this section, shall participate in a physical fitness training program on a continuing basis.

(i) The elements of the physical fitness training program must include, but not necessarily be limited to, the following:

(A) Training sessions of sufficient frequency, duration, and intensity to be of aerobic benefit, e.g., normally a frequency of three times per week, maintaining an intensity of approximately 75 percent of maximum heart rate for 20 minutes;

(B) Activities that use large muscle groups, that can be maintained continuously, and that are rhythmical and aerobic in nature, e.g., running, bicycling, rowing, swimming, or cross-country skiing; and

(C) Musculoskeletal training exercises that develop strength, flexibility, and endurance in the major muscle groups, e.g., legs, arms, and shoulders.

(ii) The licensee shall assess Tactical Response Team members, armed response personnel, and guards for general fitness once every 4 months to determine the effectiveness of the continuing physical fitness training program. Assessments must include a recent health history, measures of cardiovascular fitness, percent of body fat, flexibility, muscular strength, and endurance. Individual exercise programs must be modified to be consistent with the needs of each participating Tactical Response Team member, armed response person, and guard and consistent with the environments in which they must be prepared to perform their duties. Individuals who exceed 4 months without being assessed for general fitness due to excused time off from work must be assessed within 15 calendar days of returning to duty as a Tactical Response Team member, armed response person, or guard.

(iii) Within 30 days prior to participation in the physical fitness training program, the licensee shall give Tactical Response Team members, armed response personnel, and guards a medical examination including a determination and written certification by a licensed physician that there are no medical contraindications, as disclosed by the medical examination, to participation in the physical fitness training program.

(iv) Licensees may temporarily waive an individual's participation in the physical fitness training program on the advice of the licensee's examining physician, during which time the individual may not be assigned duties as a Tactical Response Team member.

(v) Guards whose duties are to staff the central or secondary alarm station and those who control exit or entry portals are exempt from the physical fitness training program specified in paragraph (b)(10) of this section, provided that they are not assigned temporary response guard duties.

(11) In addition to the physical fitness demonstration contained in paragraph I.C of Appendix B of this part, Tactical Response Team members, armed response personnel, and guards shall meet or exceed the requirements in paragraphs (b)(11)(i) through (b)(11)(v) of this section, except as provided in paragraph (b)(11)(vi) of this section, initially and at least once every 12 months thereafter.

(i) For Tactical Response Team members the criteria are a 1-mile run in 8 minutes and 30 seconds or less and a 40-yard dash starting from a prone position in 8 seconds or less. For armed response personnel and guards that are not members of the Tactical Response Team the criteria are a one-half mile run in 4 minutes and 40 seconds or less and a 40-yard dash starting from a prone position in 8.5 seconds or less. The test may be taken in ordinary athletic attire under the supervision of licensee designated personnel. The licensee shall retain a record of each individual's performance for 3 years.

(ii) Incumbent Tactical Response Team members, armed response personnel, and guards shall meet or exceed the qualification criteria within 12 months of NRC approval of the licensee's revised Fixed Site Physical Protection Plan. New employees hired after the approval date shall meet or exceed the qualification criteria prior to assignment as a Tactical Response Team member, armed response person, or guard.

(iii) Tactical Response Team members, armed response personnel, and guards shall be given a medical examination including a determination and written certification by a licensed physician that there are no medical contraindications, as disclosed by the medical examination, to participation in the physical fitness performance testing. The medical examination must be given within 30 days prior to the first administration of the physical fitness performance test, and on an annual basis thereafter.

(iv) The licensee shall place Tactical Response Team members, armed response persons, and guards, who do not meet or exceed the qualification criteria, in a monitored remedial physical fitness training program and relieve them of security duties until they satisfactorily meet or exceed the qualification criteria.

(v) Licensees may temporarily waive the annual performance testing for an individual on the advice of the licensee's examining physician, during which time the individual may not be assigned duties as a Tactical Response Team member.

(vi) Guards whose duties are to staff the central or secondary alarm station and those who control exit or entry portals are exempt from the annual performance testing specified in paragraph (b)(11) of this section, provided that they are not assigned temporary response guard duties.

(12) The licensee may elect to comply with the requirements of this paragraph instead of the requirements of paragraphs (b)(10) and (b)(11) of this section. In addition to the physical fitness qualifications of paragraph I.C of Appendix B of this part, each licensee subject to the requirements of this section shall develop and submit to the NRC for approval site specific, content-based, physical fitness performance tests which will—when administered to each Tactical Response Team member, armed response person, or guard—duplicate the response duties these individuals may need to perform during a strenuous tactical engagement.

(i) The test must be administered to each Tactical Response Team member, armed response person, and guard once every 3 months. The test must specifically address the physical capabilities needed by armed response personnel during a strenuous tactical engagement at the licensed facility. Individuals who exceed 3 months without having been administered the test due to excused time off from work must be tested within 15 calendar days of returning to duty as a Tactical Response Team member, armed response person, or guard.

(ii) Within 30 days before the first administration of the physical fitness performance test, and on an annual basis thereafter, Tactical Response Team members, armed response personnel, and guards shall be given a medical examination including a determination and written certification by a licensed physician that there are no medical contraindications, as disclosed by the medical examination, to participation in the physical fitness performance test.

(iii) Guards whose duties are to staff the central or secondary alarm station and those who control exit or entry portals are exempt from the performance test specified in paragraph (b)(12) of this section, provided that they are not assigned temporary response guard duties.

(c) Physical barrier subsystems. (1) vital equipment must be located only within a vital area, and strategic special nuclear material must be stored or processed only in a material access area. Both vital areas and material access areas must be located within a protected area so that access to vital equipment and to strategic special nuclear material requires passage through at least three physical barriers. The perimeter of the protected area must be provided with two separated physical barriers with an intrusion detection system placed between the two. The inner barrier must be positioned and constructed to enhance assessment of penetration attempts and to delay attempts at unauthorized exit from the protected area. The perimeter of the protected area must also incorporate features and structures that prevent forcible vehicle entry. More than one vital area or material access area may be located within a single protected area.

(2) The physical barriers at the perimeter of the protected area shall be separated from any other barrier designated as a physical barrier for a vital area or material access area within the protected area.

(3) Isolation zones shall be maintained in outdoor areas adjacent to the physical barrier at the perimeter of the protected area and shall be large enough to permit observation of the activities of people on either side of that barrier in the event of its penetration. If parking facilities are provided for employees or visitors, they shall be located outside the isolation zone and exterior to the protected area.

(4) Isolation zones and all exterior areas within the protected area shall be provided with illumination sufficient for the monitoring and observation requirements of paragraphs (c)(3), (e)(8), (h)(4) and (h)(6) of this section, but not less than 0.2 footcandle measured horizontally at ground level.

(5) Strategic special nuclear material, other than alloys, fuel elements or fuel assemblies, shall:

(i) Be stored in a vault when not undergoing processing if the material can be used directly in the manufacture of a nuclear explosive device. Vaults used to protect such material shall be capable of preventing entry to stored SSNM by a single action in a forced entry attempt, except as such single action would both destroy the barrier and render contained SSNM incapable of being removed, and shall provide sufficient delay to prevent removal of stored SSNM prior to arrival of response personnel capable of neutralizing the design basis threat stated in § 73.1.

(ii) Be stored in tamper-indicating containers;

(iii) Be processed only in material access areas constructed with barriers that provide significant delay to penetration; and

(iv) Be kept in locked compartments or locked process equipment while undergoing processing except when personally attended.

(6) Enriched uranium scrap (enriched to 20% or greater) in the form of small pieces, cuttings, chips, solutions or in other forms which result from a manufacturing process, contained in 30 gallon or larger containers with a uranium-235 content of less than 0.25 grams per liter, may be stored within a locked and separately fenced area within a larger protected area provided that the storage area fence is no closer than 25 feet to the perimeter of the protected area. The storage area when unoccupied shall be protected by a guard or watchman who shall patrol at intervals not exceeding 4 hours, or by intrusion alarms.

(d) Access control subsystems and procedures. (1) A numbered picture badge identification subsystem shall be used for all individuals who are authorized access to protected areas without escort. An individual not employed by the licensee but who requires frequent and extended access to protected, material access, or vital areas may be authorized access to such areas without escort provided that he receives a picture badge upon entrance into the protected area and returns the badge upon exit from the protected area, and that the badge indicates, (i) Non-employee—no escort required; (ii) areas to which access is authorized and (iii) the period for which access has been authorized. Badges shall be displayed by all individuals while inside the protected areas.

(2) Unescorted access to vital areas, material access areas and controlled access areas shall be limited to individuals who are authorized access to the material and equipment in such areas, and who require such access to perform their duties. Access to material access areas shall include at least two individuals. Authorization for such individuals shall be indicated by the issuance of specially coded numbered badges indicating vital areas, material access areas, and controlled access areas to which access is authorized. No activities other than those which require access to strategic special nuclear material or to equipment used in the processing, use, or storage of strategic special nuclear material, or necessary maintenance, shall be permitted within a material access area.

(3) The licensee shall establish and follow written procedures that will permit access control personnel to identify those vehicles that are authorized and those materials that are not authorized entry to protected, material access, and vital areas. The licensee shall retain a copy of the current procedures as a record until the Commission terminates each license for which the procedures were developed and, if any portion of the procedures is superseded, retain the superseded material for three years after each change.

(4)(i) The licensee shall control all points of personnel and vehicle access into a protected area. Identification and search of all individuals for firearms, explosives, and incendiary devices must be made and authorization must be checked at these points except for Federal, State, and local law enforcement personnel on official duty and United States Department of Energy couriers engaged in the transport of special nuclear material. The search function for detection of firearms, explosives, and incendiary devices must be accomplished through the use of detection equipment capable of detecting both firearms and explosives. The individual responsible for the last access control function (controlling admission to the protected area) shall be isolated within a structure with bullet resisting walls, doors, ceiling, floor, and windows.

(ii) When the licensee has cause to suspect that an individual is attempting to introduce firearms, explosives, or incendiary devices into a protected area, the licensee shall conduct a physical pat-down search of that individual. Whenever firearms or explosives detection equipment at a portal is out of service or not operating satisfactorily, the licensee shall conduct a physical pat-down search of all persons who would otherwise have been subject to search using the equipment.

(5) At the point of personnel and vehicle access into a protected area, all hand-carried packages except those carried by individuals exempted from personal search under the provisions of paragraph (d)(4)(i) of this part must be searched for firearms, explosives, and incendiary devices.

(6) All packages and material for delivery into a protected area must be checked for proper identification and authorization and searched for firearms, explosives, and incendiary devices prior to admittance into the protected area, except those Commission-approved delivery and inspection activities specifically designated by the licensee to be carried out within material access, vital, or protected areas for reasons of safety, security, or operational necessity.

(7) All vehicles, except United States Department of Energy vehicles engaged in transporting special nuclear material and emergency vehicles under emergency conditions, shall be searched for firearms, explosives, and incendiary devices prior to entry into the protected area. Vehicle areas to be searched shall include the cab, engine compartment, undercarriage, and cargo area.

(8) All vehicles, except designated licensee vehicles, requiring entry into the protected area shall be escorted by a member of the security organization while within the protected area, and to the extent practicable shall be off-loaded in an area that is not adjacent to a vital area. Designated licensee vehicles shall be limited in their use to onsite plant functions and shall remain in the protected area except for operational, maintenance, security and emergency purposes. The licensee shall exercise positive control over all such designated vehicles to assure that they are used only by authorized persons and for authorized purposes.

(9) The licensee shall control all points of personnel and vehicle access to material access areas, vital areas, and controlled access areas. At least two armed guards trained in accordance with the provisions contained in paragraph (b)(7) of this section and appendix B of this part shall be posted at each material access area control point whenever in use. Identification and authorization of personnel and vehicles must be verified at the material access area control point. Prior to entry into a material access area, packages must be searched for firearms, explosives, and incendiary devices. All vehicles, materials and packages, including trash, wastes, tools, and equipment exiting from a material access area must be searched for concealed strategic special nuclear material by a team of at least two individuals who are not authorized access to that material access area. Each individual exiting a material access area shall undergo at least two separate searches for concealed strategic special nuclear material. For individuals exiting an area that contains only alloyed or encapsulated strategic special nuclear material, the second search may be conducted in a random manner.

(10) Before exiting from a material access area, containers of contaminated wastes must be drum scanned and tamper sealed by at least two individuals, working and recording their findings as a team, who do not have access to material processing and storage areas. The licensee shall retain the records of these findings for three years after the record is made.

(11) Strategic special nuclear material being prepared for shipment offsite, including product, samples and scrap, shall be packed and placed in sealed containers in the presence of at least two individuals working as a team who shall verify and certify the content of each shipping container through the witnessing of gross weight measurements and nondestructive assay, and through the inspection of tamper seal integrity and associated seal records.

(12) Areas used for preparing strategic special nuclear material for shipment and areas used for packaging and screening trash and wastes shall be controlled access areas and shall be separated from processing and storage areas.

(13) Individuals not permitted by the licensee to enter protected areas without escort must be escorted by a watchman or other individual designated by the licensee while in a protected area and must be badged to indicate that an escort is required. In addition, the individual shall be required to register his or her name, date, time, purpose of visit and employment affiliation, citizenship, and name of the individual to be visited in a log. The licensee shall retain each log as a record for three years after the last entry is made in the log.

(14) All keys, locks, combinations and related equipment used to control access to protected, material access, vital, and controlled access areas shall be controlled to reduce the probability of compromise. Whenever there is evidence that a key, lock, combination, or related equipment may have been compromised it shall be changed. Upon termination of employment of any employee, keys, locks, combinations, and related equipment to which that employee had access, shall be changed.

(15) The licensee may not announce or otherwise communicate to its employees or site contractors the arrival or presence of an NRC safeguards inspector unless specifically requested to do so by the NRC safeguards inspector.

(e) Detection, surveillance and alarm subsystems and procedures. (1) The licensee shall provide an intrusion alarm subsystem with a capability to detect penetration through the isolation zone and to permit response action.

(2) All emergency exits in each protected, material access, and vital area shall be locked to prevent entry from the outside and alarmed to provide local visible and audible alarm annunciation.

(3) All unoccupied vital areas and material access areas shall be locked and protected by an intrusion alarm subsystem which will alarm upon the entry of a person anywhere into the area, upon exit from the area, and upon movement of an individual within the area, except that for process material access areas only the location of the strategic special nuclear material within the area is required to be so alarmed. Vaults and process areas that contain strategic special nuclear material that has not been alloyed or encapsulated shall also be under the surveillance of closed circuit television that is monitored in both alarm stations. Additionally, means shall be employed which require that an individual other than an alarm station operator be present at or have knowledge of access to such unoccupied vaults or process areas.

(4) All manned access control points in the protected area barrier, all security patrols and guard stations within the protected area, and both alarm stations shall be provided with duress alarms.

(5) All alarms required pursuant to this section shall annunciate in a continuously manned central alarm station located within the protected area and in at least one other independent continuously manned onsite station not necessarily within the protected area, so that a single act cannot remove the capability of calling for assistance or responding to an alarm. The alarm stations shall be controlled access areas and their walls, doors, ceiling, floor, and windows shall be bullet-resisting. The central alarm station shall be located within a building so that the interior of the central alarm station is not visible from the perimeter of the protected area. This station may not contain any operational activities that would interfere with the execution of the alarm response function.

(6) All alarms required by this section shall remain operable from independent power sources in the event of the loss of normal power. Switchover to standby power shall be automatic and shall not cause false alarms on annunciator modules.

(7) All alarm devices including transmission lines to annunciators shall be tamper indicating and self-checking e.g., an automatic indication shall be provided when a failure of the alarm system or a component occurs, when there is an attempt to compromise the system, or when the system is on standby power. The annunciation of an alarm at the alarm stations shall indicate the type of alarm (e.g., intrusion alarm, emergency exit alarm, etc.) and location. The status of all alarms and alarm zones shall be indicated in the alarm stations.

(8) All exterior areas within the protected area shall be monitored or periodically checked to detect the presence of unauthorized persons, vehicles, materials, or unauthorized activities.

(9) Methods to observe individuals within material access areas to assure that strategic special nuclear material is not moved to unauthorized locations or in an unauthorized manner shall be provided and used on a continuing basis.

(f) Communication subsystems. (1) Each guard, watchman, or armed response individual on duty shall be capable of maintaining continuous communication with an individual in each continuously manned alarm station required by paragraph (e)(5) of this section, who shall be capable of calling for assistance from other guards, watchmen, and armed response personnel and from law enforcement authorities.

(2) Each alarm station required by paragraph (e)(5) of this section shall have both conventional telephone service and radio or microwave transmitted two-way voice communication, either directly or through an intermediary, for the capability of communication with the law enforcement authorities.

(3) Non-portable communications equipment controlled by the licensee and required by this section shall remain operable from independent power sources in the event of the loss of normal power.

(g) Test and maintenance programs. The licensee shall have a test and maintenance program for intrusion alarms, emergency exit alarms, communications equipment, physical barriers, and other physical protection related devices and equipment used pursuant to this section that shall provide for the following:

(1) Tests and inspections during the installation and construction of physical protection related subsystems and components to assure that they comply with their respective design criteria and performance specifications.

(2) Preoperational tests and inspections of physical protection related subsystems and components to demonstrate their effectiveness and availability with respect to their respective design criteria and performance specifications.

(3) Operational tests and inspections of physical protection related subsystems and components to assure their maintenance in an operable and effective condition, including:

(i) Testing of each intrusion alarm at the beginning and end of any period that it is used. If the period of continuous use is longer than seven days, the intrusion alarm shall also be tested at least once every seven days.

(ii) Testing of communications equipment required for communications onsite, including duress alarms, for performance not less frequently than once at the beginning of each security personnel work shift. Communications equipment required for communications offsite shall be tested for performance not less than once a day.

(4) Preventive maintenance programs shall be established for physical protection related subsystems and components to assure their continued maintenance in an operable and effective condition.

(5) All physical protection related subsystems and components shall be maintained in operable condition. The licensee shall develop and employ corrective action procedures and compensatory measures to assure that the effectiveness of the physical protection system is not reduced by failure or other contingencies affecting the operation of the security related equipment or structures. Repairs and maintenance shall be performed by at least two individuals working as a team who have been trained in the operation and performance of the equipment. The security organization shall be notified before and after service is performed and shall conduct performance verification tests after the service has been completed.

(6) The security program must be reviewed at least every 12 months by individuals independent of both security program management and personnel who have direct responsibility for implementation of the security program. The security program review must include an audit of security procedures and practices, an evaluation of the effectiveness of the physical protection system, an audit of the physical protection system testing and maintenance program, and an audit of commitments established for response by local law enforcement authorities. The results and recommendations of the security program review, and any actions taken, must be documented in a report to the licensee's plant manager and to corporate management at least one level higher than that having responsibility for the day-to-day plant operations. These reports must be maintained in an auditable form, available for inspection for a period of 3 years.

(h) Contingency and response plans and procedures. (1) The licensee shall establish, maintain, and follow an NRC-approved safeguards contingency plan for responding to threats, thefts, and radiological sabotage related to the strategic special nuclear material and nuclear facilities subject to the provisions of this section. Safeguards contingency plans must be in accordance with the criteria in appendix C to this part, “Licensee Safeguards Contingency Plans.” Contingency plans must include, but not limited to, the response requirements listed in paragraphs (h)(2) through (h)(5) of this section. The licensee shall retain the current safeguards contingency plan as a record until the Commission terminates the license and, if any portion of the plan is superseded, retain that superseded portion for 3 years after the effective date of change.

(2) The licensee shall establish and document response arrangements that have been made with local law enforcement authorities. The licensee shall retain documentation of the current arrangements as a record until the Commission terminates each license requiring the arrangements and, if any arrangement is superseded, retain the superseded material for three years after each change.

(3) A Tactical Response Team consisting of a minimum of five (5) members must be available at the facility to fulfill assessment and response requirements. In addition, a force of guards or armed response personnel also must be available to provide assistance as necessary. The size and availability of the additional force must be determined on the basis of site-specific considerations that could affect the ability of the total onsite response force to engage and impede the adversary force until offsite assistance arrives. The rationale for the total number and availabiliy of onsite armed response personnel must be included in the physical protection plans submitted to the Commission for approval.

(4) Upon detection of abnormal presence or activity of persons or vehicles within an isolation zone, a protected area, a material access area, or a vital area, or upon evidence or indication of intrusion into a protected area, a material access area, or a vital area, the licensee security organization shall:

(i) Determine whether or not a threat exists,

(ii) Assess the extent of the threat, if any,

(iii) Take immediate concurrent measures to neutralize the threat by:

(A) Requiring responding guards or other armed response personnel to interpose themselves between vital areas and material access areas and any adversary attempting entry for purposes of radiological sabotage or theft of strategic special nuclear material and to intercept any person exiting with special nuclear material, and

(B) Informing local law enforcement agencies of the threat and requesting assistance.

(5) The licensee shall instruct every guard and all armed response personnel to prevent or impede acts of radiological sabotage or theft of strategic special nuclear material by using force sufficient to counter the force directed at him including the use of deadly force when the guard or other armed response person has a reasonable belief that it is necessary in self-defense or in the defense of others.

(6) To facilitate initial response to detection of penetration of the protected area and assessment of the existence of a threat, a capability of observing the isolation zones and the physical barrier at the perimeter of the protected area shall be provided, preferably by means of closed circuit television or by other suitable means which limit exposure of responding personnel to possible attack.

(7) Alarms occurring within unoccupied vaults and unoccupied material access areas containing unalloyed or unencapsulated strategic special nuclear material shall be assessed by at least two security personnel using closed circuit television (CCTV) or other remote means.

(8) Alarms occurring within unoccupied material access areas that contain only alloyed or encapsulated strategic special nuclear material shall be assessed as in paragraph (h)(7) of this section or by at least two security personnel who shall undergo a search before exiting the material access area.

(i) Implementation schedule for revisions to physical protection plans. (1) By November 28, 1994, each licensee shall submit a revised Fixed Site Physical Protection Plan to the NRC for approval. The revised plan must describe how the licensee will comply with the requirements of paragraphs (b)(10) and (b)(11) of this section or the requirements of (b)(12) of this section. Revised plans must be mailed to the Director, Division of Fuel Management, Office of Nuclear Material Safety and Safeguards, U.S. Nuclear Regulatory Commission, Washington, DC 20555.

(2) Each licensee shall implement the approved plan pursuant to paragraphs (b)(10) and (b)(11) of this section or (b)(12) of this section within 1 year after NRC approval of the revised Fixed Site Physical Protection Plan.

[44 FR 68194, Nov. 28, 1979, as amended at 53 FR 19258, May 27, 1988; 53 FR 23383, June 22, 1988; 53 FR 45452, Nov. 10, 1988; 57 FR 33430, July 29, 1992; 58 FR 29522, May 21, 1993; 58 FR 45784, Aug. 31, 1993; 59 FR 38348, July 28, 1994; 79 FR 75741, Dec. 19, 2014; 84 FR 65646, Nov. 29, 2019]

Each licensee who is not subject to § 73.51, but who possesses, uses, or stores formula quantities of strategic special nuclear material that are not readily separable from other radioactive material and which have a total external radiation level in excess of 1 gray (100 rad) per hour at a distance of 1 meter (3.3 feet) from any accessible surfaces without intervening shielding other than at a nuclear reactor facility licensed under parts 50 or 52 of this chapter, shall comply with the following:

(a) Physical security organization. (1) The licensee shall establish a security organization, including guards, to protect his facility against radiological sabotage and the special nuclear material in his possession against theft.

(2) At least one supervisor of the security organization shall be on site at all times.

(3) The licensee shall establish, maintain, and follow written security procedures that document the structure of the security organization and detail the duties of guards, watchmen, and other individuals responsible for security. The licensee shall retain a copy of the current procedures as a record until the Commission terminates each license for which the procedures were developed and, if any portion of the procedures is superseded, retain the superseded material for three years after each change.

(4) The licensee may not permit an individual to act as a guard, watchman, armed response person, or other member of the security organization unless the individual has been trained, equipped, and qualified to perform each assigned security job duty in accordance with appendix B, “General Criteria for Security Personnel,” to this part. Upon the request of an authorized representative of the Commission, the licensee shall demonstrate the ability of the physical security personnel to carry out their assigned duties and responsibilities. Each guard, watchman, armed response person, and other member of the security organization shall requalify in accordance with appendix B to this part at least every 12 months. This requalification must be documented. The licensee shall retain the documentation of each requalification as a record for three years after the requalification.

(b) Physical barriers. (1) The licensee shall locate vital equipment only within a vital area, which, in turn, shall be located within a protected area such that access to vital equipment requires passage through at least two physical barriers. More than one vital area may be within a single protected area.

(2) The licensee shall locate material access areas only within protected areas such that access to the material access area requires passage through at least two physical barriers. More than one material access area may be within a single protected area.

(3) The physical barrier at the perimeter of the protected area shall be separated from any other barrier designated as a physical barrier within the protected area, and the intervening space monitored or periodically checked to detect the presence of persons or vehicles so that the facility security organization can respond to suspicious activity or to the breaching of any physical barrier.

(4) An isolation zone shall be maintained around the physical barrier at the perimeter of the protected area and any part of a building used as part of that physical barrier. The isolation zone shall be monitored to detect the presence of individuals or vehicles within the zone so as to allow response by armed members of the license security organization to be initiated at the time of penetration of the protected area. Parking facilities, both for employees and visitors, shall be located outside the isolation zone.

(5) Isolation zones and clear areas between barriers shall be provided with illumination sufficient for the monitoring required by paragraphs (b) (3) and (4) of this section, but not less than 0.2 foot candles.

(c) Access requirements. The licensee shall control all points of personnel and vehicle access into a protected area, including shipping or receiving areas, and into each vital area. Identification of personnel and vehicles shall be made and authorization shall be checked at such points.

(1) At the point of personnel and vehicle access into a protected area, all individuals, except employees who possess a NRC or United States Department of Energy access authorization, and all hand-carried packages shall be searched for devices such as firearms, explosives, and incendiary devices, or other items which could be used for radiological sabotage. The search shall be conducted either by a physical search or by the use of equipment capable of detecting such devices. Employees who possess an NRC or Department of Energy access authorization shall be searched at random intervals. Subsequent to search, drivers of delivery and service vehicles shall be escorted at all times while within the protection area.

(2) All packages being delivered into the protected area shall be checked for proper identification and authorization. Packages other than hand-carried packages shall be searched at random intervals.

(3) A picture badge identification system shall be used for all individuals who are authorized access to protected areas without escort.

(4) Access to vital areas and material access areas shall be limited to individuals who are authorized access to vital equipment or special nuclear material and who require such access to perform their duties. Authorization for such individuals shall be provided by the issuance of specially coded numbered badges indicating vital areas and material access areas to which access is authorized. Unoccupied vital areas and material access areas shall be protected by an active intrusion alarm system.

(5) Individuals not employed by the licensee must be escorted by a watchman, or other individual designated by the licensee, while in a protected area and must be badged to indicate that an escort is required. In addition, the licensee shall require that each individual not employed by the licensee register his or her name, date, time, purpose of visit, employment affiliation, citizenship, name and badge number of the escort, and name of the individual to be visited. The licensee shall retain the register of information for three years after the last entry is made in the register. Except for a driver of a delivery or service vehicle, an individual not employed by the licensee who requires frequent and extended access to a protected area or a vital area need not be escorted if the individual is provided with a picture badge, which the individual must receive upon entrance into the protected area and return each time he or she leaves the protected area, that indicates—

(i) Nonemployee-no escort required,

(ii) Areas to which access is authorized, and

(iii) The period for which access has been authorized.

(6) No vehicles used primarily for the conveyance of individuals shall be permitted within a protected area except under emergency conditions.

(7) Keys, locks, combinations, and related equipment shall be controlled to minimize the possibility of compromise and promptly changed whenever there is evidence that they have been compromised. Upon termination of employment of any employee, keys, locks, combinations, and related equipment to which that employee had access shall be changed.

(d) Detection aids. (1) All alarms required pursuant to this part shall annunciate in a continuously manned central alarm station located within the protected area and in at least one other continuously manned station, not necessarily within the protected area, such that a single act cannot remove the capability of calling for assistance or otherwise responding to an alarm. All alarms shall be self-checking and tamper indicating. The annunciation of an alarm at the onsite central alarm station shall indicate the type of alarm (e.g., intrusion alarm, emergency exit alarm, etc.) and location. All intrusion alarms, emergency exit alarms, alarm systems, and line supervisory systems shall at minimum meet the performance and reliability levels indicated by GSA Interim Federal Specification W-A-00450 B (GSA-FSS). The GSA Interim Federal Specification has been approved for incorporation by reference by the Director of the Federal Register. A copy of the material is available for inspection at the NRC Library, 11545 Rockville Pike, Rockville, Maryland 20852-2738.

(2) All emergency exits in each protected area and each vital area shall be alarmed.

(e) Communication requirements. (1) Each guard or watchman on duty shall be capable of maintaining continuous communication with an individual in a continuously manned central alarm station within the protected area, who shall be capable of calling for assistance from other guards and watchmen and from local law enforcement authorities.

(2) The alarm stations required by paragraph (d)(1) of this section shall have conventional telephone service for communication with the law enforcement authorities as described in paragraph (e)(1) of this section.

(3) To provide the capability of continuous communication, two-way radio voice communication shall be established in addition to conventional telephone service between local law enforcement authorities and the facility and shall terminate at the facility in a continuously manned central alarm station within the protected area.

(4) All communications equipment, including offsite equipment, shall remain operable from independent power sources in the event of loss of primary power.

(f) Testing and maintenance. Each licensee shall test and maintain intrusion alarms, emergency alarms, communications equipment, physical barriers, and other security related devices or equipment utilized pursuant to this section as follows:

(1) All alarms, communications equipment, physical barriers, and other security related devices or equipment shall be maintained in operable and effective condition.

(2) Each intrusion alarm shall be functionally tested for operability and required performance at the beginning and end of each interval during which it is used for security, but not less frequently than once every seven (7) days.

(3) Communications equipment shall be tested for operability and performance not less frequently than once at the beginning of each security personnel work shift.

(g) Response requirement. (1) The licensee shall establish, maintain, and follow an NRC-approved safeguards contingency plan for responding to threats, thefts, and radiological sabotage related to the special nuclear material and nuclear facilities subject to the provisions of this section. Safeguards contingency plans must be in accordance with the criteria in appendix C to this part, “Licensee Safeguards Contingency Plans.” The licensee shall retain the current safeguards contingency plan as a record until the Commission terminates the license and, if any portion of the plan is superseded, retain the superseded portion for 3 years after the effective date of the change.

(2) The licensee shall establish and document liaison with law enforcement authorities. The licensee shall retain the documentation of the current liaison as a record until the Commission terminates each license for which the liaison was developed and, if any portion of the liaison documentation is superseded, retain the superseded material for three years after each change.

(3) Upon detection of abnormal presence or activity of persons or vehicles within an isolation zone, a protected area, a material access area, or a vital area; or upon evidence or indication of intrusion into a protected area, material access area, or vital area, the licensee security organization shall:

(i) Determine whether or not a threat exists,

(ii) Assess the extent of the threat, if any, and

(iii) Take immediate concurrent measures to neutralize the threat, by:

(A) Requiring responding guards to interpose themselves between material access areas and vital areas and any adversary attempting entry for the purpose of theft of special nuclear material or radiological sabotage and to intercept any person exiting with special nuclear material, and,

(B) Informing local law enforcement agencies of the threat and requesting assistance.

(4) The licensee shall instruct every guard to prevent or impede attempted acts of theft or radiological sabotage by using force sufficient to counter the force directed at him including deadly force when the guard has a reasonable belief it is necessary in self-defense or in the defense of others.

(h) Each licensee shall establish, maintain, and follow an NRC-approved training and qualifications plan outlining the processes by which guards, watchmen, armed response persons, and other members of the security organization will be selected, trained, equipped, tested, and qualified to ensure that these individuals meet the requirements of paragraph (a)(4) of this section.

(Sec. 161i, Pub. L. 83-703, 68 Stat. 948, Pub. L. 93-377, 88 Stat. 475; secs. 201, 204(b)(1), Pub. L. 93-438, 88 Stat. 1242-1243, 1245, Pub. L. 94-79, 89 Stat. 413 (42 U.S.C. 2201,5841,5844,Dec. 28, 1973, as amended at 42 FR 64103, Dec. 22, 1977; 43 FR 11965, Mar. 23, 1978; 43 FR 37426, Aug. 23, 1978; 44 FR 68198, Nov. 28, 1979; 53 FR 19259, May 27, 1988; 57 FR 33430, July 29, 1992; 57 FR 61787, Dec. 29, 1992; 59 FR 50689, Oct. 5, 1994; 63 FR 26962, May 15, 1998; 72 FR 49561, Aug. 28, 2007; 86 FR 43403, Aug. 9, 2021; 88 FR 57879, Aug. 24, 2023]

(a) Applicability. Notwithstanding the provisions of §§ 73.20, 73.50, or 73.67, the physical protection requirements of this section apply to each licensee that stores spent nuclear fuel and high-level radioactive waste pursuant to paragraphs (a)(1)(i), (ii), and (2) of this section. This includes—

(1) Spent nuclear fuel and high-level radioactive waste stored under a specific license issued pursuant to part 72 of this chapter:

(i) At an independent spent fuel storage installation (ISFSI) or

(ii) At a monitored retrievable storage (MRS) installation; or

(2) Spent nuclear fuel and high-level radioactive waste at a geologic repository operations area (GROA) licensed pursuant to part 60 or 63 of this chapter;

(b) General performance objectives. (1) Each licensee subject to this section shall establish and maintain a physical protection system with the objective of providing high assurance that activities involving spent nuclear fuel and high-level radioactive waste do not constitute an unreasonable risk to public health and safety.

(2) To meet the general objective of paragraph (b)(1) of this section, each licensee subject to this section shall meet the following performance capabilities.

(i) Store spent nuclear fuel and high-level radioactive waste only within a protected area;

(ii) Grant access to the protected area only to individuals who are authorized to enter the protected area;

(iii) Detect and assess unauthorized penetration of, or activities within, the protected area;

(iv) Provide timely communication to a designated response force whenever necessary; and

(v) Manage the physical protection organization in a manner that maintains its effectiveness.

(3) The physical protection system must be designed to protect against loss of control of the facility that could be sufficient to cause a radiation exposure exceeding the dose as described in § 72.106 of this chapter.

(4)(i) The licensee must ensure that the firearms background check requirements of § 73.17 of this part are met for all members of the security organization whose official duties require access to covered weapons or who inventory enhanced weapons.

(ii) The provisions of this paragraph are only applicable to licensees subject to this section who are also subject to the firearms background check provisions of § 73.17 of this part.

(c) Plan retention. Each licensee subject to this section shall retain a copy of the effective physical protection plan as a record for 3 years or until termination of the license for which procedures were developed.

(d) Physical protection systems, components, and procedures. A licensee shall comply with the following provisions as methods acceptable to NRC for meeting the performance capabilities of § 73.51(b)(2). The Commission may, on a specific basis and upon request or on its own initiative, authorize other alternative measures for the protection of spent fuel and high-level radioactive waste subject to the requirements of this section, if after evaluation of the specific alternative measures, it finds reasonable assurance of compliance with the performance capabilities of paragraph (b)(2) of this section.

(1) Spent nuclear fuel and high-level radioactive waste must be stored only within a protected area so that access to this material requires passage through or penetration of two physical barriers, one barrier at the perimeter of the protected area and one barrier offering substantial penetration resistance. The physical barrier at the perimeter of the protected area must be as defined in § 73.2. Isolation zones, typically 20 feet wide each, on both sides of this barrier, must be provided to facilitate assessment. The barrier offering substantial resistance to penetration may be provided by an approved storage cask or building walls such as those of a reactor or fuel storage building.

(2) Illumination must be sufficient to permit adequate assessment of unauthorized penetrations of or activities within the protected area.

(3) The perimeter of the protected area must be subject to continual surveillance and be protected by an active intrusion alarm system which is capable of detecting penetrations through the isolation zone and that is monitored in a continually staffed primary alarm station and in one additional continually staffed location. The primary alarm station must be located within the protected area; have bullet-resisting walls, doors, ceiling, and floor; and the interior of the station must not be visible from outside the protected area. A timely means for assessment of alarms must also be provided. Regarding alarm monitoring, the redundant location need only provide a summary indication that an alarm has been generated.

(4) The protected area must be monitored by daily random patrols.

(5) A security organization with written procedures must be established. The security organization must include sufficient personnel per shift to provide for monitoring of detection systems and the conduct of surveillance, assessment, access control, and communications to assure adequate response. Members of the security organization must be trained, equipped, qualified, and requalified to perform assigned job duties in accordance with appendix B to part 73, sections I.A, (1) (a) and (b), B(1)(a), and the applicable portions of II.

(6) Documented liaison with a designated response force or local law enforcement agency (LLEA) must be established to permit timely response to unauthorized penetration or activities.

(7) A personnel identification system and a controlled lock system must be established and maintained to limit access to authorized individuals.

(8) Redundant communications capability must be provided between onsite security force members and designated response force or LLEA.

(9) All individuals, vehicles, and hand-carried packages entering the protected area must be checked for proper authorization and visually searched for explosives before entry.

(10) Written response procedures must be established and maintained for addressing unauthorized penetration of, or activities within, the protected area including Category 5, “Procedures,” of appendix C to part 73. The licensee shall retain a copy of response procedures as a record for 3 years or until termination of the license for which the procedures were developed. Copies of superseded material must be retained for 3 years after each change or until termination of the license.

(11) All detection systems and supporting subsystems must be tamper indicating with line supervision. These systems, as well as surveillance/assessment and illumination systems, must be maintained in operable condition. Timely compensatory measures must be taken after discovery of inoperability, to assure that the effectiveness of the of the security system is not reduced.

(12) The physical protection program must be reviewed once every 24 months by individuals independent of both physical protection program management and personnel who have direct responsibility for implementation of the physical protection program. The physical protection program review must include an evaluation of the effectiveness of the physical protection system and a verification of the liaison established with the designated response force or LLEA.

(13) The following documentation must be retained as a record for 3 years after the record is made or until termination of the license. Duplicate records to those required under § 72.180 of part 72 and § 73.1210 of this part need not be retained under the requirements of this section:

(i) A log of individuals granted access to the protected area;

(ii) Screening records of members of the security organization;

(iii) A log of all patrols;

(iv) A record of each alarm received, identifying the type of alarm, location, date and time when received, and disposition of the alarm; and

(v) The physical protection program review reports.

(e) GROA exemption. A licensee that operates a GROA is exempt from the requirements of this section for that GROA after permanent closure of the GROA.

(f) Response requirements. Licensees must train each armed member of the security organization with access to enhanced weapons on the use of deadly force when the armed member of the security organization has a reasonable belief that the use of deadly force is necessary in self-defense or in the defense of others, or any other circumstances as authorized by applicable State or Federal law.

[63 FR 26962, May 15, 1998, as amended at 63 FR 49414, Sept. 16, 1998; 66 FR 55816, Nov. 2, 2001; 88 FR 15890, Mar. 14, 2023]

By November 23, 2009 each licensee currently licensed to operate a nuclear power plant under part 50 of this chapter shall submit, as specified in § 50.4 and § 50.90 of this chapter, a cyber security plan that satisfies the requirements of this section for Commission review and approval. Each submittal must include a proposed implementation schedule. Implementation of the licensee's cyber security program must be consistent with the approved schedule. Current applicants for an operating license or combined license who have submitted their applications to the Commission prior to the effective date of this rule must amend their applications to include a cyber security plan consistent with this section.

(a) Each licensee subject to the requirements of this section shall provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks, up to and including the design basis threat as described in § 73.1.

(1) The licensee shall protect digital computer and communication systems and networks associated with:

(i) Safety-related and important-to-safety functions;

(ii) Security functions;

(iii) Emergency preparedness functions, including offsite communications; and

(iv) Support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions.

(2) The licensee shall protect the systems and networks identified in paragraph (a)(1) of this section from cyber attacks that would:

(i) Adversely impact the integrity or confidentiality of data and/or software;

(ii) Deny access to systems, services, and/or data; and

(iii) Adversely impact the operation of systems, networks, and associated equipment.

(b) To accomplish this, the licensee shall:

(1) Analyze digital computer and communication systems and networks and identify those assets that must be protected against cyber attacks to satisfy paragraph (a) of this section,

(2) Establish, implement, and maintain a cyber security program for the protection of the assets identified in paragraph (b)(1) of this section; and

(3) Incorporate the cyber security program as a component of the physical protection program.

(c) The cyber security program must be designed to:

(1) Implement security controls to protect the assets identified by paragraph (b)(1) of this section from cyber attacks;

(2) Apply and maintain defense-in-depth protective strategies to ensure the capability to detect, respond to, and recover from cyber attacks;

(3) Mitigate the adverse affects of cyber attacks; and

(4) Ensure that the functions of protected assets identified by paragraph (b)(1) of this section are not adversely impacted due to cyber attacks.

(d) As part of the cyber security program, the licensee shall:

(1) Ensure that appropriate facility personnel, including contractors, are aware of cyber security requirements and receive the training necessary to perform their assigned duties and responsibilities.

(2) Evaluate and manage cyber risks.

(3) Ensure that modifications to assets, identified by paragraph (b)(1) of this section, are evaluated before implementation to ensure that the cyber security performance objectives identified in paragraph (a)(1) of this section are maintained.

(4) Conduct cyber security event notifications in accordance with the provisions of § 73.77.

(e) The licensee shall establish, implement, and maintain a cyber security plan that implements the cyber security program requirements of this section.

(1) The cyber security plan must describe how the requirements of this section will be implemented and must account for the site-specific conditions that affect implementation.

(2) The cyber security plan must include measures for incident response and recovery for cyber attacks. The cyber security plan must describe how the licensee will:

(i) Maintain the capability for timely detection and response to cyber attacks;

(ii) Mitigate the consequences of cyber attacks;

(iii) Correct exploited vulnerabilities; and

(iv) Restore affected systems, networks, and/or equipment affected by cyber attacks.

(f) The licensee shall develop and maintain written policies and implementing procedures to implement the cyber security plan. Policies, implementing procedures, site-specific analysis, and other supporting technical information used by the licensee need not be submitted for Commission review and approval as part of the cyber security plan but are subject to inspection by NRC staff on a periodic basis.

(g) The licensee shall review the cyber security program as a component of the physical security program in accordance with the requirements of § 73.55(m), including the periodicity requirements.

(h) The licensee shall retain all records and supporting technical documentation required to satisfy the requirements of this section as a record until the Commission terminates the license for which the records were developed, and shall maintain superseded portions of these records for at least three (3) years after the record is superseded, unless otherwise specified by the Commission.

[74 FR 13970, Mar. 27, 2009, as amended at 80 FR 67275, Nov. 2, 2015]

(a) Introduction. (1) By March 31, 2010, each nuclear power reactor licensee, licensed under 10 CFR part 50, shall implement the requirements of this section through its Commission-approved Physical Security Plan, Training and Qualification Plan, Safeguards Contingency Plan, and Cyber Security Plan referred to collectively hereafter as “security plans.” Current applicants for an operating license under 10 CFR part 50, or combined license under 10 CFR part 52 who have submitted their applications to the Commission prior to the effective date of this rule must amend their applications to include security plans consistent with this section.

(2) The security plans must identify, describe, and account for site-specific conditions that affect the licensee's capability to satisfy the requirements of this section.

(3) The licensee is responsible for maintaining the onsite physical protection program in accordance with Commission regulations through the implementation of security plans and written security implementing procedures.

(4) Applicants for an operating license under the provisions of part 50 of this chapter or holders of a combined license under the provisions of part 52 of this chapter, shall implement the requirements of this section before fuel is allowed onsite (protected area).

(5) The Tennessee Valley Authority Watts Bar Nuclear Plant, Unit 2, holding a current construction permit under the provisions of part 50 of this chapter, shall meet the revised requirements in paragraphs (a) through (r) of this section as applicable to operating nuclear power reactor facilities.

(6) Applicants for an operating license under the provisions of part 50 of this chapter, or holders of a combined license under the provisions of part 52 of this chapter that do not reference a standard design certification or reference a standard design certification issued after May 26, 2009 shall meet the requirement of § 73.55(i)(4)(iii).

(b) General performance objective and requirements. (1) The licensee shall establish and maintain a physical protection program, to include a security organization, which will have as its objective to provide high assurance that activities involving special nuclear material are not inimical to the common defense and security and do not constitute an unreasonable risk to the public health and safety.

(2) To satisfy the general performance objective of paragraph (b)(1) of this section, the physical protection program must protect against the design basis threat of radiological sabotage as stated in § 73.1.

(3) The physical protection program must be designed to prevent significant core damage and spent fuel sabotage. Specifically, the program must:

(i) Ensure that the capabilities to detect, assess, interdict, and neutralize threats up to and including the design basis threat of radiological sabotage as stated in § 73.1, are maintained at all times.

(ii) Provide defense-in-depth through the integration of systems, technologies, programs, equipment, supporting processes, and implementing procedures as needed to ensure the effectiveness of the physical protection program.

(4) The licensee shall analyze and identify site-specific conditions, including target sets, that may affect the specific measures needed to implement the requirements of this section and shall account for these conditions in the design of the physical protection program.

(5) Upon the request of an authorized representative of the Commission, the licensee shall demonstrate the ability to meet Commission requirements through the implementation of the physical protection program, including the ability of armed and unarmed personnel to perform assigned duties and responsibilities required by the security plans and licensee procedures.

(6) The licensee shall establish, maintain, and implement a performance evaluation program in accordance with appendix B to this part, to demonstrate and assess the effectiveness of armed responders and armed security officers to implement the licensee's protective strategy.

(7) The licensee shall establish, maintain, and implement an access authorization program in accordance with § 73.56 and shall describe the program in the Physical Security Plan.

(8) The licensee shall establish, maintain, and implement a cyber security program in accordance with § 73.54.

(9) The licensee shall establish, maintain, and implement an insider mitigation program and shall describe the program in the Physical Security Plan.

(i) The insider mitigation program must monitor the initial and continuing trustworthiness and reliability of individuals granted or retaining unescorted access authorization to a protected or vital area, and implement defense-in-depth methodologies to minimize the potential for an insider to adversely affect, either directly or indirectly, the licensee's capability to prevent significant core damage and spent fuel sabotage.

(ii) The insider mitigation program must contain elements from:

(A) The access authorization program described in § 73.56;

(B) The fitness-for-duty program described in part 26 of this chapter;

(C) The cyber security program described in § 73.54; and

(D) The physical protection program described in this section.

(10) The licensee shall use the site corrective action program to track, trend, correct and prevent recurrence of failures and deficiencies in the physical protection program.

(11) Implementation of security plans and associated procedures must be coordinated with other onsite plans and procedures to preclude conflict during both normal and emergency conditions.

(12)(i) The licensee must ensure that the firearms background check requirements of § 73.17 of this part are met for all members of the security organization whose official duties require access to covered weapons or who inventory enhanced weapons.

(ii) The provisions of this paragraph are only applicable to licensees subject to this section that are also subject to the firearms background check provisions of § 73.17 of this part.

(c) Security plans. (1) Licensee security plans must describe:

(i) How the licensee will implement requirements of this section through the establishment and maintenance of a security organization, the use of security equipment and technology, the training and qualification of security personnel, the implementation of predetermined response plans and strategies, and the protection of digital computer and communication systems and networks.

(ii) Site-specific conditions that affect how the licensee implements Commission requirements.

(2) Protection of security plans. The licensee shall protect the security plans and other security-related information against unauthorized disclosure in accordance with the requirements of § 73.21.

(3) Physical Security Plan. The licensee shall establish, maintain, and implement a Physical Security Plan which describes how the performance objective and requirements set forth in this section will be implemented.

(4) Training and Qualification Plan. The licensee shall establish, maintain, and implement, and follow a Training and Qualification Plan that describes how the criteria set forth in appendix B, section VI, to this part, “Nuclear Power Reactor Training and Qualification Plan for Personnel Performing Security Program Duties,” will be implemented.

(5) Safeguards Contingency Plan. The licensee shall establish, maintain, and implement a Safeguards Contingency Plan that describes how the criteria set forth in appendix C, section II, to this part, “Nuclear Power Plant Safeguards Contingency Plans,” will be implemented.

(6) Cyber Security Plan. The licensee shall establish, maintain, and implement a Cyber Security Plan that describes how the criteria set forth in § 73.54 “Protection of Digital Computer and Communication systems and Networks” of this part will be implemented.

(7) Security implementing procedures. (i) The licensee shall have a management system to provide for the development, implementation, revision, and oversight of security procedures that implement Commission requirements and the security plans.

(ii) Implementing procedures must document the structure of the security organization and detail the types of duties, responsibilities, actions, and decisions to be performed or made by each position of the security organization.

(iii) The licensee shall:

(A) Provide a process for the written approval of implementing procedures and revisions by the individual with overall responsibility for the security program.

(B) Ensure that revisions to security implementing procedures satisfy the requirements of this section.

(iv) Implementing procedures need not be submitted to the Commission for approval, but are subject to inspection by the Commission.

(d) Security organization. (1) The licensee shall establish and maintain a security organization that is designed, staffed, trained, qualified, and equipped to implement the physical protection program in accordance with the requirements of this section.

(2) The security organization must include:

(i) A management system that provides oversight of the onsite physical protection program.

(ii) At least one member, onsite and available at all times, who has the authority to direct the activities of the security organization and who is assigned no other duties that would interfere with this individual's ability to perform these duties in accordance with the security plans and the licensee protective strategy.

(3) The licensee may not permit any individual to implement any part of the physical protection program unless the individual has been trained, equipped, and qualified to perform their assigned duties and responsibilities in accordance with appendix B, section VI, to this part and the Training and Qualification Plan. Non-security personnel may be assigned duties and responsibilities required to implement the physical protection program and shall:

(i) Be trained through established licensee training programs to ensure each individual is trained, qualified, and periodically re-qualified to perform assigned duties.

(ii) Be properly equipped to perform assigned duties.

(iii) Possess the knowledge, skills, and abilities, to include physical attributes such as sight and hearing, required to perform their assigned duties and responsibilities.

(e) Physical barriers. Each licensee shall identify and analyze site-specific conditions to determine the specific use, type, function, and placement of physical barriers needed to satisfy the physical protection program design requirements of § 73.55(b).

(1) The licensee shall:

(i) Design, construct, install and maintain physical barriers as necessary to control access into facility areas for which access must be controlled or denied to satisfy the physical protection program design requirements of paragraph (b) of this section.

(ii) Describe in the physical security plan, physical barriers, barrier systems, and their functions within the physical protection program.

(2) The licensee shall retain, in accordance with § 73.70, all analyses and descriptions of the physical barriers and barrier systems used to satisfy the requirements of this section, and shall protect these records in accordance with the requirements of § 73.21.

(3) Physical barriers must:

(i) Be designed and constructed to:

(A) Protect against the design basis threat of radiological sabotage;

(B) Account for site-specific conditions; and

(C) Perform their required function in support of the licensee physical protection program.

(ii) Provide deterrence, delay, or support access control.

(iii) Support effective implementation of the licensee's protective strategy.

(4) Consistent with the stated function to be performed, openings in any barrier or barrier system established to meet the requirements of this section must be secured and monitored to prevent exploitation of the opening.

(5) Bullet resisting physical barriers. The reactor control room, the central alarm station, and the location within which the last access control function for access to the protected area is performed, must be bullet-resisting.

(6) Owner controlled area. The licensee shall establish and maintain physical barriers in the owner controlled area as needed to satisfy the physical protection program design requirements of § 73.55(b).

(7) Isolation zone. (i) An isolation zone must be maintained in outdoor areas adjacent to the protected area perimeter barrier. The isolation zone shall be:

(A) Designed and of sufficient size to permit observation and assessment of activities on either side of the protected area barrier;

(B) Monitored with intrusion detection equipment designed to satisfy the requirements of § 73.55(i) and be capable of detecting both attempted and actual penetration of the protected area perimeter barrier before completed penetration of the protected area perimeter barrier; and

(C) Monitored with assessment equipment designed to satisfy the requirements of § 73.55(i) and provide real-time and play-back/recorded video images of the detected activities before and after each alarm annunciation.

(ii) Obstructions that could prevent the licensee's capability to meet the observation and assessment requirements of this section must be located outside of the isolation zone.

(8) Protected area. (i) The protected area perimeter must be protected by physical barriers that are designed and constructed to:

(A) Limit access into the protected area to only those personnel, vehicles, and materials required to perform official duties;

(B) Channel personnel, vehicles, and materials to designated access control portals; and

(C) Be separated from any other barrier designated as a vital area physical barrier, unless otherwise identified in the Physical Security Plan.

(ii) Penetrations through the protected area barrier must be secured and monitored in a manner that prevents or delays, and detects the exploitation of any penetration.

(iii) All emergency exits in the protected area must be alarmed and secured by locking devices that allow prompt egress during an emergency and satisfy the requirements of this section for access control into the protected area.

(iv) Where building walls or roofs comprise a portion of the protected area perimeter barrier, an isolation zone is not necessary provided that the detection and, assessment requirements of this section are met, appropriate barriers are installed, and the area is described in the security plans.

(v) All exterior areas within the protected area, except for areas that must be excluded for safety reasons, must be periodically checked to detect and deter unauthorized personnel, vehicles, and materials.

(9) Vital areas. (i) Vital equipment must be located only within vital areas, which must be located within a protected area so that access to vital equipment requires passage through at least two physical barriers, except as otherwise approved by the Commission and identified in the security plans.

(ii) The licensee shall protect all vital area access portals and vital area emergency exits with intrusion detection equipment and locking devices that allow rapid egress during an emergency and satisfy the vital area entry control requirements of this section.

(iii) Unoccupied vital areas must be locked and alarmed.

(iv) More than one vital area may be located within a single protected area.

(v) At a minimum, the following shall be considered vital areas:

(A) The reactor control room;

(B) The spent fuel pool;

(C) The central alarm station; and

(D) The secondary alarm station in accordance with § 73.55(i)(4)(iii).

(vi) At a minimum, the following shall be located within a vital area:

(A) The secondary power supply systems for alarm annunciation equipment; and

(B) The secondary power supply systems for non-portable communications equipment.

(10) Vehicle control measures. Consistent with the physical protection program design requirements of § 73.55(b), and in accordance with the site-specific analysis, the licensee shall establish and maintain vehicle control measures, as necessary, to protect against the design basis threat of radiological sabotage vehicle bomb assault.

(i) Land vehicles. Licensees shall:

(A) Design, construct, install, and maintain a vehicle barrier system, to include passive and active barriers, at a stand-off distance adequate to protect personnel, equipment, and systems necessary to prevent significant core damage and spent fuel sabotage against the effects of the design basis threat of radiological sabotage land vehicle bomb assault.

(B) Periodically check the operation of active vehicle barriers and provide a secondary power source, or a means of mechanical or manual operation in the event of a power failure, to ensure that the active barrier can be placed in the denial position to prevent unauthorized vehicle access beyond the required standoff distance.

(C) Provide periodic surveillance and observation of vehicle barriers and barrier systems adequate to detect indications of tampering and degradation or to otherwise ensure that each vehicle barrier and barrier system is able to satisfy the intended function.

(D) Where a site has rail access to the protected area, install a train derailer, remove a section of track, or restrict access to railroad sidings and provide periodic surveillance of these measures.

(ii) Waterborne vehicles. Licensees shall:

(A) Identify areas from which a waterborne vehicle must be restricted, and where possible, in coordination with local, State, and Federal agencies having jurisdiction over waterway approaches, deploy buoys, markers, or other equipment.

(B) In accordance with the site-specific analysis, provide periodic surveillance and observation of waterway approaches and adjacent areas.

(f) Target sets. (1) The licensee shall document and maintain the process used to develop and identify target sets, to include the site-specific analyses and methodologies used to determine and group the target set equipment or elements.

(2) The licensee shall consider cyber attacks in the development and identification of target sets.

(3) Target set equipment or elements that are not contained within a protected or vital area must be identified and documented consistent with the requirements in § 73.55(f)(1) and be accounted for in the licensee's protective strategy.

(4) The licensee shall implement a process for the oversight of target set equipment and systems to ensure that changes to the configuration of the identified equipment and systems are considered in the licensee's protective strategy. Where appropriate, changes must be made to documented target sets.

(g) Access controls. (1) Consistent with the function of each barrier or barrier system, the licensee shall control personnel, vehicle, and material access, as applicable, at each access control point in accordance with the physical protection program design requirements of § 73.55(b).

(i) To accomplish this, the licensee shall:

(A) Locate access control portals outside of, or concurrent with, the physical barrier system through which it controls access.

(B) Equip access control portals with locking devices, intrusion detection equipment, and surveillance equipment consistent with the intended function.

(C) Provide supervision and control over the badging process to prevent unauthorized bypass of access control equipment located at or outside of the protected area.

(D) Limit unescorted access to the protected area and vital areas, during non-emergency conditions, to only those individuals who require unescorted access to perform assigned duties and responsibilities.

(E) Assign an individual the responsibility for the last access control function (controlling admission to the protected area) and isolate the individual within a bullet-resisting structure to assure the ability of the individual to respond or summon assistance.

(ii) Where vehicle barriers are established, the licensee shall:

(A) Physically control vehicle barrier portals to ensure only authorized vehicles are granted access through the barrier.

(B) Search vehicles and materials for contraband or other items which could be used to commit radiological sabotage in accordance with paragraph (h) of this section.

(C) Observe search functions to ensure a response can be initiated if needed.

(2) Before granting access into the protected area, the licensee shall:

(i) Confirm the identity of individuals.

(ii) Verify the authorization for access of individuals, vehicles, and materials.

(iii) Confirm, in accordance with industry shared lists and databases that individuals are not currently denied access to another licensed facility.

(iv) Search individuals, vehicles, and materials in accordance with paragraph (h) of this section.

(3) Vehicles in the protected area. (i) The licensee shall exercise control over all vehicles inside the protected area to ensure that they are used only by authorized persons and for authorized purposes.

(ii) Vehicles inside the protected area must be operated by an individual authorized unescorted access to the area, or must be escorted by an individual as required by paragraph (g)(8) of this section.

(iii) Vehicle use inside the protected area must be limited to plant functions or emergencies, and keys must be removed or the vehicle otherwise disabled when not in use.

(iv) Vehicles transporting hazardous materials inside the protected area must be escorted by an armed member of the security organization.

(4) Vital areas. (i) Licensees shall control access into vital areas consistent with access authorization lists.

(ii) In response to a site-specific credible threat or other credible information, implement a two-person (line-of-sight) rule for all personnel in vital areas so that no one individual is permitted access to a vital area.

(5) Emergency conditions. (i) The licensee shall design the access control system to accommodate the potential need for rapid ingress or egress of authorized individuals during emergency conditions or situations that could lead to emergency conditions.

(ii) To satisfy the design criteria of paragraph (g)(5)(i) of this section during emergency conditions, the licensee shall implement security procedures to ensure that authorized emergency personnel are provided prompt access to affected areas and equipment.

(6) Access control devices. (i) The licensee shall control all keys, locks, combinations, passwords and related access control devices used to control access to protected areas, vital areas and security systems to reduce the probability of compromise. To accomplish this, the licensee shall:

(A) Issue access control devices only to individuals who have unescorted access authorization and require access to perform official duties and responsibilities.

(B) Maintain a record, to include name and affiliation, of all individuals to whom access control devices have been issued, and implement a process to account for access control devices at least annually.

(C) Implement compensatory measures upon discovery or suspicion that any access control device may have been compromised. Compensatory measures must remain in effect until the compromise is corrected.

(D) Retrieve, change, rotate, deactivate, or otherwise disable access control devices that have been or may have been compromised or when a person with access to control devices has been terminated under less than favorable conditions.

(ii) The licensee shall implement a numbered photo identification badge system for all individuals authorized unescorted access to the protected area and vital areas.

(A) Identification badges may be removed from the protected area only when measures are in place to confirm the true identity and authorization for unescorted access of the badge holder before allowing unescorted access to the protected area.

(B) Except where operational safety concerns require otherwise, identification badges must be clearly displayed by all individuals while inside the protected area and vital areas.

(C) The licensee shall maintain a record, to include the name and areas to which unescorted access is granted, of all individuals to whom photo identification badges have been issued.

(iii) Access authorization program personnel shall be issued passwords and combinations to perform their assigned duties and may be excepted from the requirement of paragraph (g)(6)(i)(A) of this section provided they meet the background requirements of § 73.56.

(7) Visitors. (i) The licensee may permit escorted access to protected and vital areas to individuals who have not been granted unescorted access in accordance with the requirements of § 73.56 and part 26 of this chapter. The licensee shall:

(A) Implement procedures for processing, escorting, and controlling visitors.

(B) Confirm the identity of each visitor through physical presentation of a recognized identification card issued by a local, State, or Federal government agency that includes a photo or contains physical characteristics of the individual requesting escorted access.

(C) Maintain a visitor control register in which all visitors shall register their name, date, time, purpose of visit, employment affiliation, citizenship, and name of the individual to be visited before being escorted into any protected or vital area.

(D) Issue a visitor badge to all visitors that clearly indicates an escort is required.

(E) Escort all visitors, at all times, while inside the protected area and vital areas.

(F) Deny escorted access to any individual who is currently denied access in industry shared data bases.

(ii) Individuals not employed by the licensee but who require frequent or extended unescorted access to the protected area and/or vital areas to perform duties and responsibilities required by the licensee at irregular or intermittent intervals, shall satisfy the access authorization requirements of § 73.56 and part 26 of this chapter, and shall be issued a non-employee photo identification badge that is easily distinguished from other identification badges before being allowed unescorted access to the protected and vital areas. Non-employee photo identification badges must visually reflect that the individual is a non-employee and that no escort is required.

(8) Escorts. The licensee shall ensure that all escorts are trained to perform escort duties in accordance with the requirements of this section and site training requirements.

(i) Escorts shall be authorized unescorted access to all areas in which they will perform escort duties.

(ii) Individuals assigned to visitor escort duties shall be provided a means of timely communication with security personnel to summon assistance when needed.

(iii) Individuals assigned to vehicle escort duties shall be trained and qualified in accordance with appendix B, section VI, of this part and provided a means of continuous communication with security personnel to ensure the ability to summon assistance when needed.

(iv) When visitors are performing work, escorts shall be generally knowledgeable of the activities to be performed by the visitor and report behaviors or activities that may constitute an unreasonable risk to the health and safety of the public and common defense and security, including a potential threat to commit radiological sabotage, consistent with § 73.56(f)(1).

(v) Each licensee shall describe visitor to escort ratios for the protected area and vital areas in physical security plans. Implementing procedures shall provide necessary observation and control requirements for all visitor activities.

(h) Search programs. (1) The objective of the search program is to detect, deter, and prevent the introduction of firearms, explosives, incendiary devices, or other items which could be used to commit radiological sabotage. To accomplish this the licensee shall search individuals, vehicles, and materials consistent with the physical protection program design requirements in paragraph (b) of this section, and the function to be performed at each access control point or portal before granting access.

(2) Owner controlled area searches. (i) Where the licensee has established physical barriers in the owner controlled area, the licensee shall implement search procedures for access control points in the barrier.

(ii) For each vehicle access control point, the licensee shall describe in implementing procedures areas of a vehicle to be searched, and the items for which the search is intended to detect and prevent access. Areas of the vehicle to be searched must include, but are not limited to, the cab, engine compartment, undercarriage, and cargo area.

(iii) Vehicle searches must be performed by at least two (2) trained and equipped security personnel, one of which must be armed. The armed individual shall be positioned to observe the search process and provide immediate response.

(iv) Vehicle searches must be accomplished through the use of equipment capable of detecting firearms, explosives, incendiary devices, or other items which could be used to commit radiological sabotage, or through visual and physical searches, or both, to ensure that all items are identified before granting access.

(v) Vehicle access control points must be equipped with video surveillance equipment that is monitored by an individual capable of initiating a response.

(3) Protected area searches. Licensees shall search all personnel, vehicles and materials requesting access to protected areas.

(i) The search for firearms, explosives, incendiary devices, or other items which could be used to commit radiological sabotage shall be accomplished through the use of equipment capable of detecting these items, or through visual and physical searches, or both, to ensure that all items are clearly identified before granting access to protected areas. The licensee shall subject all persons except official Federal, state, and local law enforcement personnel on official duty to these searches upon entry to the protected area. Armed security officers who are on duty and have exited the protected area may re-enter the protected area without being searched for firearms.

(ii) Whenever search equipment is out of service, is not operating satisfactorily, or cannot be used effectively to search individuals, vehicles, or materials, a visual and physical search shall be conducted.

(iii) When an attempt to introduce firearms, explosives, incendiary devices, or other items which could be used to commit radiological sabotage has occurred or is suspected, the licensee shall implement actions to ensure that the suspect individuals, vehicles, and materials are denied access and shall perform a visual and physical search to determine the absence or existence of a threat.

(iv) For each vehicle access portal, the licensee shall describe in implementing procedures areas of a vehicle to be searched before access is granted. Areas of the vehicle to be searched must include, but are not limited to, the cab, engine compartment, undercarriage, and cargo area.

(v) Exceptions to the protected area search requirements for materials may be granted for safety or operational reasons provided the design criteria of § 73.55(b) are satisfied, the materials are clearly identified, the types of exceptions to be granted are described in the security plans, and the specific security measures to be implemented for excepted items are detailed in site procedures.

(vi) To the extent practicable, excepted materials must be positively controlled, stored in a locked area, and opened at the final destination by an individual familiar with the items.

(vii) Bulk material excepted from the protected area search requirements must be escorted by an armed member of the security organization to its final destination or to a receiving area where the excepted items are offloaded and verified.

(viii) To the extent practicable, bulk materials excepted from search shall not be offloaded adjacent to a vital area.

(i) Detection and assessment systems. (1) The licensee shall establish and maintain intrusion detection and assessment systems that satisfy the design requirements of § 73.55(b) and provide, at all times, the capability to detect and assess unauthorized persons and facilitate the effective implementation of the licensee's protective strategy.

(2) Intrusion detection equipment must annunciate and video assessment equipment shall display concurrently, in at least two continuously staffed onsite alarm stations, at least one of which must be protected in accordance with the requirements of the central alarm station within this section.

(3) The licensee's intrusion detection and assessment systems must be designed to:

(i) Provide visual and audible annunciation of the alarm.

(ii) Provide a visual display from which assessment of the detected activity can be made.

(iii) Ensure that annunciation of an alarm indicates the type and location of the alarm.

(iv) Ensure that alarm devices to include transmission lines to annunciators are tamper indicating and self-checking.

(v) Provide an automatic indication when the alarm system or a component of the alarm system fails, or when the system is operating on the backup power supply.

(vi) Support the initiation of a timely response in accordance with the security plans, licensee protective strategy, and associated implementing procedures.

(vii) Ensure intrusion detection and assessment equipment at the protected area perimeter remains operable from an uninterruptible power supply in the event of the loss of normal power.

(4) Alarm stations. (i) Both alarm stations required by paragraph (i)(2) of this section must be designed and equipped to ensure that a single act, in accordance with the design basis threat of radiological sabotage defined in § 73.1(a)(1), cannot disable both alarm stations. The licensee shall ensure the survivability of at least one alarm station to maintain the ability to perform the following functions:

(A) Detect and assess alarms;

(B) Initiate and coordinate an adequate response to an alarm;

(C) Summon offsite assistance; and

(D) Provide command and control.

(ii) Licensees shall:

(A) Locate the central alarm station inside a protected area. The interior of the central alarm station must not be visible from the perimeter of the protected area.

(B) Continuously staff each alarm station with at least one trained and qualified alarm station operator. The alarm station operator must not be assigned other duties or responsibilities which would interfere with the ability to execute the functions described in § 73.55(i)(4)(i) of this section.

(C) Not permit any activities to be performed within either alarm station that would interfere with an alarm station operator's ability to execute assigned duties and responsibilities.

(D) Assess and initiate response to all alarms in accordance with the security plans and implementing procedures.

(E) Assess and initiate response to other events as appropriate.

(F) Ensure that an alarm station operator cannot change the status of a detection point or deactivate a locking or access control device at a protected or vital area portal, without the knowledge and concurrence of the alarm station operator in the other alarm station.

(G) Ensure that operators in both alarm stations are knowledgeable of the final disposition of all alarms.

(H) Maintain a record of all alarm annunciations, the cause of each alarm, and the disposition of each alarm.

(iii) Applicants for an operating license under the provisions of part 50 of this chapter, or holders of a combined license under the provisions of part 52 of this chapter, shall construct, locate, protect, and equip both the central and secondary alarm stations to the standards for the central alarm station contained in this section. Both alarm stations shall be equal and redundant, such that all functions needed to satisfy the requirements of this section can be performed in both alarm stations.

(5) Surveillance, observation, and monitoring. (i) The physical protection program must include surveillance, observation, and monitoring as needed to satisfy the design requirements of § 73.55(b), identify indications of tampering, or otherwise implement the site protective strategy.

(ii) The licensee shall provide continuous surveillance, observation, and monitoring of the owner controlled area as described in the security plans to detect and deter intruders and ensure the integrity of physical barriers or other components and functions of the onsite physical protection program. Continuous surveillance, observation, and monitoring responsibilities may be performed by security personnel during continuous patrols, through use of video technology, or by a combination of both.

(iii) Unattended openings that intersect a security boundary such as underground pathways must be protected by a physical barrier and monitored by intrusion detection equipment or observed by security personnel at a frequency sufficient to detect exploitation.

(iv) Armed security patrols shall periodically check external areas of the protected area to include physical barriers and vital area portals.

(v) Armed security patrols shall periodically inspect vital areas to include the physical barriers used at all vital area portals.

(vi) The licensee shall provide random patrols of all accessible areas containing target set equipment.

(vii) Security personnel shall be trained to recognize obvious indications of tampering consistent with their assigned duties and responsibilities.

(viii) Upon detection of tampering, or other threats, the licensee shall initiate response in accordance with the security plans and implementing procedures.

(6) Illumination. (i) The licensee shall ensure that all areas of the facility are provided with illumination necessary to satisfy the design requirements of § 73.55(b) and implement the protective strategy.

(ii) The licensee shall provide a minimum illumination level of 0.2 foot-candles, measured horizontally at ground level, in the isolation zones and appropriate exterior areas within the protected area. Alternatively, the licensee may augment the facility illumination system by means of low-light technology to meet the requirements of this section or otherwise implement the protective strategy.

(iii) The licensee shall describe in the security plans how the lighting requirements of this section are met and, if used, the type(s) and application of low-light technology.

(j) Communication requirements. (1) The licensee shall establish and maintain continuous communication capability with onsite and offsite resources to ensure effective command and control during both normal and emergency situations.

(2) Individuals assigned to each alarm station shall be capable of calling for assistance in accordance with the security plans and the licensee's procedures.

(3) All on-duty security force personnel shall be capable of maintaining continuous communication with an individual in each alarm station, and vehicle escorts shall maintain continuous communication with security personnel. All personnel escorts shall maintain timely communication with the security personnel.

(4) The following continuous communication capabilities must terminate in both alarm stations required by this section:

(i) Radio or microwave transmitted two-way voice communication, either directly or through an intermediary, in addition to conventional telephone service between local law enforcement authorities and the site.

(ii) A system for communication with the control room.

(5) Non-portable communications equipment must remain operable from independent power sources in the event of the loss of normal power.

(6) The licensee shall identify site areas where communication could be interrupted or cannot be maintained, and shall establish alternative communication measures or otherwise account for these areas in implementing procedures.

(k) Response requirements. (1) The licensee shall establish and maintain, at all times, properly trained, qualified and equipped personnel required to interdict and neutralize threats up to and including the design basis threat of radiological sabotage as defined in § 73.1, to prevent significant core damage and spent fuel sabotage.

(2) The licensee shall ensure that all firearms, ammunition, and equipment necessary to implement the site security plans and protective strategy are in sufficient supply, are in working condition, and are readily available for use.

(3) The licensee shall train each armed member of the security organization to prevent or impede attempted acts of radiological sabotage by using force sufficient to counter the force directed at that person, including the use of deadly force when the armed member of the security organization has a reasonable belief that the use of deadly force is necessary in self-defense or in the defense of others, or any other circumstances as authorized by applicable State or Federal law.

(4) The licensee shall provide armed response personnel consisting of armed responders which may be augmented with armed security officers to carry out armed response duties within predetermined time lines specified by the site protective strategy.

(5) Armed responders. (i) The licensee shall determine the minimum number of armed responders necessary to satisfy the design requirements of § 73.55(b) and implement the protective strategy. The licensee shall document this number in the security plans.

(ii) The number of armed responders shall not be less than ten (10).

(iii) Armed responders shall be available at all times inside the protected area and may not be assigned other duties or responsibilities that could interfere with their assigned response duties.

(6) Armed security officers. (i) Armed security officers, designated to strengthen onsite response capabilities, shall be onsite and available at all times to carry out their assigned response duties.

(ii) The minimum number of armed security officers designated to strengthen onsite response capabilities must be documented in the security plans.

(7) The licensee shall have procedures to reconstitute the documented number of available armed response personnel required to implement the protective strategy.

(8) Protective strategy. The licensee shall establish, maintain, and implement a written protective strategy in accordance with the requirements of this section and part 73, appendix C, Section II. Upon receipt of an alarm or other indication of a threat, the licensee shall:

(i) Determine the existence and level of a threat in accordance with pre-established assessment methodologies and procedures.

(ii) Initiate response actions to interdict and neutralize threats in accordance with the requirements of part 73, appendix C, section II, the safeguards contingency plan, and the licensee's response strategy.

(iii) Notify law enforcement agencies (local, State, and Federal law enforcement agencies (LLEA)), in accordance with site procedures.

(9) Law enforcement liaison. To the extent practicable, licensees shall document and maintain current agreements with applicable law enforcement agencies to include estimated response times and capabilities.

(10) Heightened security. Licensees shall establish, maintain, and implement a threat warning system which identifies specific graduated protective measures and actions to be taken to increase licensee preparedness against a heightened security threat.

(i) Licensees shall ensure that the specific protective measures and actions identified for each threat level are consistent with the security plans and other emergency plans and procedures.

(ii) Upon notification by an authorized representative of the Commission, licensees shall implement the specific threat level indicated by the Commission representative.

(l) Facilities using mixed-oxide (MOX) fuel assemblies containing up to 20 weight percent plutonium dioxide (PuO2). (1) Commercial nuclear power reactors licensed under 10 CFR parts 50 or 52 and authorized to use special nuclear material in the form of MOX fuel assemblies containing up to 20 weight percent PuO2 shall, in addition to meeting the requirements of this section, protect un-irradiated MOX fuel assemblies against theft or diversion as described in this paragraph.

(2) Commercial nuclear power reactors authorized to use MOX fuel assemblies containing up to 20 weight percent PuO2 are exempt from the requirements of §§ 73.20, 73.45, and 73.46 for the onsite physical protection of un-irradiated MOX fuel assemblies.

(3) Administrative controls. (i) The licensee shall describe in the security plans the operational and administrative controls to be implemented for the receipt, inspection, movement, storage, and protection of un-irradiated MOX fuel assemblies.

(ii) The licensee shall implement the use of tamper-indicating devices for un-irradiated MOX fuel assembly transport and shall verify their use and integrity before receipt.

(iii) Upon receipt of un-irradiated MOX fuel assemblies, the licensee shall:

(A) Inspect un-irradiated MOX fuel assemblies for damage.

(B) Search un-irradiated MOX fuel assemblies for unauthorized materials.

(iv) The licensee may conduct the required inspection and search functions simultaneously.

(v) The licensee shall ensure the proper placement and control of un-irradiated MOX fuel assemblies as follows:

(A) At least one armed security officer shall be present during the receipt and inspection of un-irradiated MOX fuel assemblies. This armed security officer shall not be an armed responder as required by paragraph (k) of this section.

(B) The licensee shall store un-irradiated MOX fuel assemblies only within a spent fuel pool, located within a vital area, so that access to the un-irradiated MOX fuel assemblies requires passage through at least two physical barriers and the water barrier combined with the additional measures detailed in this section.

(vi) The licensee shall implement a material control and accountability program that includes a predetermined and documented storage location for each un-irradiated MOX fuel assembly.

(4) Physical controls. (i) The licensee shall lock, lockout, or disable all equipment and power supplies to equipment required for the movement and handling of un-irradiated MOX fuel assemblies when movement activities are not authorized.

(ii) The licensee shall implement a two-person, line-of-sight rule within the spent fuel pool area whenever control systems or equipment required for the movement or handling of un-irradiated MOX fuel assemblies must be accessed.

(iii) The licensee shall conduct random patrols of areas containing un-irradiated MOX fuel assemblies to identify indications of tampering and ensure the integrity of barriers and locks.

(iv) Locks, keys, and any other access control device used to secure equipment and power sources required for the movement of un-irradiated MOX fuel assemblies, or openings to areas containing un-irradiated MOX fuel assemblies, must be controlled by the security organization.

(v) Removal of locks used to secure equipment and power sources required for the movement of un-irradiated MOX fuel assemblies or openings to areas containing un-irradiated MOX fuel assemblies must require approval by both the on-duty security shift supervisor and the operations shift manager.

(A) At least one armed security officer shall be present to observe activities involving the movement of un-irradiated MOX fuel assemblies before the removal of the locks and providing power to equipment required for the movement or handling of un-irradiated MOX fuel assemblies.

(B) At least one armed security officer shall be present at all times until power is removed from equipment and locks are secured.

(C) Security officers shall be knowledgeable of authorized and unauthorized activities involving un-irradiated MOX fuel assemblies.

(5) At least one armed security officer shall be present and shall maintain constant surveillance of un-irradiated MOX fuel assemblies when the assemblies are not located in the spent fuel pool or reactor.

(6) The licensee shall maintain at all times the capability to detect, assess, interdict and neutralize threats to un-irradiated MOX fuel assemblies in accordance with the requirements of this section.

(7) MOX fuel assemblies containing greater than 20 weight percent PuO2. (i) Requests for the use of MOX fuel assemblies containing greater than 20 weight percent PuO2 shall be reviewed and approved by the Commission before receipt of MOX fuel assemblies.

(ii) Additional measures for the physical protection of un-irradiated MOX fuel assemblies containing greater than 20 weight percent PuO2 shall be determined by the Commission on a case-by-case basis and documented through license amendment in accordance with 10 CFR 50.90.

(m) Security program reviews. (1) As a minimum the licensee shall review each element of the physical protection program at least every 24 months. Reviews shall be conducted:

(i) Within 12 months following initial implementation of the physical protection program or a change to personnel, procedures, equipment, or facilities that potentially could adversely affect security.

(ii) As necessary based upon site-specific analyses, assessments, or other performance indicators.

(iii) By individuals independent of those personnel responsible for program management and any individual who has direct responsibility for implementing the onsite physical protection program.

(2) Reviews of the security program must include, but not limited to, an audit of the effectiveness of the physical security program, security plans, implementing procedures, cyber security programs, safety/security interface activities, the testing, maintenance, and calibration program, and response commitments by local, State, and Federal law enforcement authorities.

(3) The results and recommendations of the onsite physical protection program reviews, management's findings regarding program effectiveness, and any actions taken as a result of recommendations from prior program reviews, must be documented in a report to the licensee's plant manager and to corporate management at least one level higher than that having responsibility for day-to-day plant operations. These reports must be maintained in an auditable form and available for inspection.

(4) Findings from onsite physical protection program reviews must be entered into the site corrective action program.

(n) Maintenance, testing, and calibration. (1) The licensee shall:

(i) Establish, maintain, and implement a maintenance, testing and calibration program to ensure that security systems and equipment, including secondary and uninterruptible power supplies, are tested for operability and performance at predetermined intervals, maintained in operable condition, and are capable of performing their intended functions.

(ii) Describe the maintenance, testing and calibration program in the physical security plan. Implementing procedures must specify operational and technical details required to perform maintenance, testing, and calibration activities to include, but not limited to, purpose of activity, actions to be taken, acceptance criteria, and the intervals or frequency at which the activity will be performed.

(iii) Identify in procedures the criteria for determining when problems, failures, deficiencies, and other findings are documented in the site corrective action program for resolution.

(iv) Ensure that information documented in the site corrective action program is written in a manner that does not constitute safeguards information as defined in 10 CFR 73.21.

(v) Implement compensatory measures that ensure the effectiveness of the onsite physical protection program when there is a failure or degraded operation of security-related components or equipment.

(2) The licensee shall test each intrusion alarm for operability at the beginning and end of any period that it is used for security, or if the period of continuous use exceeds seven (7) days. The intrusion alarm must be tested at least once every seven (7) days.

(3) Intrusion detection and access control equipment must be performance tested in accordance with the security plans and implementing procedures.

(4) Equipment required for communications onsite must be tested for operability not less frequently than once at the beginning of each security personnel work shift.

(5) Communication systems between the alarm stations and each control room, and between the alarm stations and local law enforcement agencies, to include backup communication equipment, must be tested for operability at least once each day.

(6) Search equipment must be tested for operability at least once each day and tested for performance at least once during each seven (7) day period.

(7) A program for testing or verifying the operability of devices or equipment located in hazardous areas must be specified in the implementing procedures and must define alternate measures to be taken to ensure the timely completion of testing or maintenance when the hazardous condition or other restrictions are no longer applicable.

(8) Security equipment or systems shall be tested in accordance with the site maintenance, testing and calibration procedures before being placed back in service after each repair or inoperable state.

(o) Compensatory measures. (1) The licensee shall identify criteria and measures to compensate for degraded or inoperable equipment, systems, and components to meet the requirements of this section.

(2) Compensatory measures must provide a level of protection that is equivalent to the protection that was provided by the degraded or inoperable, equipment, system, or components.

(3) Compensatory measures must be implemented within specific time frames necessary to meet the requirements stated in paragraph (b) of this section and described in the security plans.

(p) Suspension of security measures. (1) The licensee may suspend implementation of affected requirements of this section under the following conditions:

(i) In accordance with §§ 50.54(x) and 50.54(y) of this chapter, the licensee may suspend any security measures under this section in an emergency when this action is immediately needed to protect the public health and safety and no action consistent with license conditions and technical specifications that can provide adequate or equivalent protection is immediately apparent. This suspension of security measures must be approved as a minimum by a licensed senior operator before taking this action.

(ii) During severe weather when the suspension of affected security measures is immediately needed to protect the personal health and safety of security force personnel and no other immediately apparent action consistent with the license conditions and technical specifications can provide adequate or equivalent protection. This suspension of security measures must be approved, as a minimum, by a licensed senior operator, with input from the security supervisor or manager, before taking this action.

(2) Suspended security measures must be reinstated as soon as conditions permit.

(3) The suspension of security measures must be reported and documented in accordance with the provisions of §§ 73.1200 and 73.1205 of this part.

(q) Records. (1) The Commission may inspect, copy, retain, and remove all reports, records, and documents required to be kept by Commission regulations, orders, or license conditions, whether the reports, records, and documents are kept by the licensee or a contractor.

(2) The licensee shall maintain all records required to be kept by Commission regulations, orders, or license conditions, until the Commission terminates the license for which the records were developed, and shall maintain superseded portions of these records for at least three (3) years after the record is superseded, unless otherwise specified by the Commission.

(3) If a contracted security force is used to implement the onsite physical protection program, the licensee's written agreement with the contractor must be retained by the licensee as a record for the duration of the contract.

(4) Review and audit reports must be maintained and available for inspection, for a period of three (3) years.

(r) Alternative measures. (1) The Commission may authorize an applicant or licensee to provide a measure for protection against radiological sabotage other than one required by this section if the applicant or licensee demonstrates that:

(i) The measure meets the same performance objectives and requirements specified in paragraph (b) of this section; and

(ii) The proposed alternative measure provides protection against radiological sabotage or theft of un-irradiated MOX fuel assemblies, equivalent to that which would be provided by the specific requirement for which it would substitute.

(2) The licensee shall submit proposed alternative measure(s) to the Commission for review and approval in accordance with §§ 50.4 and 50.90 of this chapter before implementation.

(3) In addition to fully describing the desired changes, the licensee shall submit a technical basis for each proposed alternative measure. The basis must include an analysis or assessment that demonstrates how the proposed alternative measure provides a level of protection that is at least equal to that which would otherwise be provided by the specific requirement of this section.

(4) Alternative vehicle barrier systems. In the case of vehicle barrier systems required by § 73.55(e)(10), the licensee shall demonstrate that:

(i) The alternative measure provides protection against the use of a vehicle as a means of transportation to gain proximity to vital areas;

(ii) The alternative measure provides protection against the use of a vehicle as a vehicle bomb; and

(iii) Based on comparison of the costs of the alternative measures to the costs of meeting the Commission's requirements using the essential elements of 10 CFR 50.109, the costs of fully meeting the Commission's requirements are not justified by the protection that would be provided.

[74 FR 13971, Mar. 27, 2009, as amended at 77 FR 39909, July 6, 2012; 88 FR 15891, Mar. 14, 2023]