Study says nuclear plant designs need stepped-up attention to security

While protections for nuclear plants from possible terror attacks have improved dramatically since 9/11, a report by a group of nuclear scientists said there is plenty of room for more enhancement in new reactor and plant designs in the coming years.

The extensive report, The Future of Nuclear Power in the United States, released on Feb. 8 by the Federation of American Scientists (FAS) and Washington and Lee University, said that while most safety procedures and precautions at U.S. nuclear plants are geared towards accidents, more attention needs to be paid to intentional attacks and sabotage. Harold Feiveson, the senior research scientist and member of Princeton University’s Program on Science and Global Security of the Woodrow Wilson School of Public and International Affairs, wrote the 144-page report’s security analysis section.

Feiveson analyzed the design-basis-threat (DBT), which is an assessment of the plausible threats that nuclear plants confront and must defend against. He said that despite improvements in the DBT after the 9/11 terrorist attacks, “questions remain whether the DBT is yet realistic enough to capture plausible threats by terrorist groups, and whether the DBT and associated reactor security operations have been adjusted to accommodate industry concerns with cost.”

He added “there will always be the possibility of a beyond-DBT attack on a reactor,” and he recommends the nuclear power industry pursue new reactor designs, reactor site locations, and operational procedures that would boost the inherent safety and security of the plants.

He noted that the terror threat to nuclear plants comes primarily in two types. The first is a commando-like ground-based attack possibly abetted by an insider, on some designated targets and nuclear compounds. The target could be critical equipment, which if disabled could lead to a core meltdown or dispersal of radioactivity from the spent fuel pool. The second type is an external attack that uses either brute force or electronic stealth. Attackers could use an aircraft crashed into a reactor complex, or a Cyber attack  --  which could also be initiated by an insider at a plant.

Fieveson also points out that an attack doesn’t’ necessarily have to target the reactor itself. He said spent fuel pools, used to store used reactor fuel rods, are generally not protected by a containment dome and are more vulnerable than the reactor to attacks from the ground or air. He said the way in which the pools are managed could greatly affect the risks of large releases of radioactivity in the event of loss of cooling. He cited a 2003 study by independent scientists that showed with densely-packed spent fuel rods, a loss of water coolant could potentially lead to a propagating zirconium fire and a large radioactive release to the environment. Zirconium is the material commonly used in cladding the fuel rods.

He said a 2005 National Academy of Sciences study supported that analysis. However, he noted, both of those analyses suggested ways to manage the spent fuel pools  --  like more rapid removal of spent fuel to dry-cask storage, or, in the NAS study, by carefully interspersing hotter and cooler spent fuel. Both measures, he said, would make a zirconium fire much less likely.

He warned that modular pebble bed reactors, which have passive safety features that automatically shut down operations or slow during cooling loss may not require the redundant safety measures that other reactor technologies do, but they have their own set of vulnerabilities that need to be studied.

“For example, the modular pebble bed reactor in which the pebbles are not expected to melt even if the coolant is completely and permanently lost, could look attractive on such safety and security grounds, though the possibility and consequence of graphite fires would have to be further studied,” he said.

Although the DBT has improved and force-on-force security exercises done by the Nuclear Regulatory Commission every three years have stepped up security, Feiveson said questions remain about the DBT’s ability to halt a terror attack and whether nuclear reactor security operations have adequately adjusted to address industry concerns with costs.

“Whatever the DBT, there will always be the possibility of a beyond-DBT attack on a reactor,” he said. “This suggests the value of the nuclear industry seeking reactor designs and operational procedures that are more inherently safe than the current systems.”