National Academies Press: OpenBook
« Previous: Executive Summary
Suggested Citation:"Summary." National Research Council. 2011. Understanding and Managing Risk in Security Systems for the DOE Nuclear Weapons Complex: (Abbreviated Version). Washington, DC: The National Academies Press. doi: 10.17226/13108.
×

Summary

In the U.S. Department of Energy (DOE), the National Nuclear Security Administration (NNSA)—a semi-autonomous agency—is responsible for securing fully and partially assembled nuclear weapons and significant quantities of special nuclear material (SNM). NNSA’s security mission includes protecting these weapons and materials, associated facilities, and other assets.

In the current budget-constrained environment, NNSA’s security system needs to be both effective and efficient. An effective NNSA security system would be robust, resilient, and adaptive. An efficient NNSA security system would operate at reasonable cost and impose minimal burdens on the organizations carrying out NNSA’s primary missions at its facilities.

Previous examinations of NNSA’s security (Mies 2005; GAO 2007a, b, 2010) have found that security at NNSA sites has been neither resilient nor adaptive. In addition, as a result of DOE’s3 security expansion in the wake of the attacks of September 11, 2001, until recently costs were escalating at unsustainable rates. At the same time, the increased security requirements have made many of the sites’ primary mission activities much more burdensome. DOE and NNSA recently issued a revised security policy, the Graded Security Protection (GSP) Policy, intended to address some of these concerns.

It is in this context that the U.S. Congress directed NNSA to ask the National Academies for advice on augmenting its security approach, particularly on the applicability of probabilistic risk assessment and other risk-based approaches to securing the complex. In carrying out its charge (see Appendix A), the committee has focused primarily on what actions DOE and NNSA could take to make their security approach more effective and efficient.

The committee has concluded that defining security risks more precisely (e.g., by using a probabilistic risk assessment approach) will not significantly improve NNSA’s security planning. This is primarily because there is no comprehensive analytical basis for defining the attack strategies an adversary might employ or the probabilities of success associated with them.

However, this does not mean that a rigorous assessment of security risk is not useful. Using structured thinking processes and techniques to characterize security risk could improve NNSA’s understanding of security vulnerabilities. In addition, understanding the risks and uncertainties associated with various security subsystems as well as the security system as a whole can inform and improve decisions, particularly in allocating limited resources, provided the techniques are used appropriately.

Still, there is no single comprehensive approach that can ensure an effective and efficient security system. In particular, risk methodologies cannot address cultural or organizational barriers to improved security, and no risk approach can determine how much DOE’s nuclear security program should cost. Decisions about how much risk can and should be accepted are the responsibility of the U.S. government and inherently rely on nontechnical considerations.

With these considerations in mind, in this report, the committee focuses on how NNSA could use risk-based analysis and other approaches to better inform decision making, particularly related to the following three key shortcomings associated with NNSA’s current nuclear security system that were identified by the committee:

  1. The interactions and dependencies among security countermeasures;

3

The “nuclear weapons complex” encompasses facilities operated by NNSA. However, other organizations within DOE operate facilities that manage and protect Category I SNM, including the DOE Office of Science and the DOE Office of Environmental Management. DOE-wide policies apply to all facilities; other policies and procedures are NNSA specific. In this report, DOE is referred to when policies applying to all DOE facilities are discussed; NNSA is referenced when policies and procedures specific to the nuclear weapons complex are discussed.

Suggested Citation:"Summary." National Research Council. 2011. Understanding and Managing Risk in Security Systems for the DOE Nuclear Weapons Complex: (Abbreviated Version). Washington, DC: The National Academies Press. doi: 10.17226/13108.
×
  1. The interactions between DOE/NNSA and other organizations responsible in part for preparing for or responding to an attack on NNSA facilities; and

  2. The attack scenarios used to design, update, and test the security systems.

The committee judges that its recommendations regarding these shortcomings—in particular, that DOE adopt a “total systems approach” to security, described in detail in Chapters 3 and 4 of the full report—can help DOE better evaluate facility security systems and their vulnerabilities. However, the committee has refrained from outlining a specific methodology; it instead focused on general approaches and tools that could be used.

The committee’s major recommendations are described below and are discussed in detail in the body of the full version of the report.

A dissenting opinion from one committee member is included in the full version of the report. This opinion is largely consistent with the report’s findings and recommendations, but it emphasizes a need for a single entity with both the responsibility and authority to direct the security system.

Finally, the committee limits its scope to cyber security as it relates to the physical security of nuclear weapons and significant quantities of SNM. Neither this report nor the full report addresses the cyber security aspects of protecting classified information or documents. This interpretation of the committee’s scope was agreed on with the sponsor in September 2009.

KEY RECOMMENDATIONS

In this section, the committee describes and briefly explains the key recommendations contained in the committee’s report. The committee’s work also resulted in a number of findings, that were judged to be too sensitive to reproduce in this abbreviated version. The findings are included in the full version of the report, entitled Understanding and Managing Risk in the DOE Nuclear Weapons Complex, which is exempt from public release under the Freedom of Information Act (FOIA), 5 U.S.C. § 552(b)(2).


RECOMMENDATION 3-1: The committee advises against the use of probabilistic risk assessment (PRA) in designing security for the DOE nuclear weapons complex at this time. However, the committee recommends the use of some tools and techniques traditionally associated with PRA to improve NNSA’s understanding of the full spectrum of risks to the complex.


RECOMMENDATION 3-2: NNSA should utilize relevant techniques traditionally associated with risk assessment to improve its understanding of risk—specifically including an analysis of the security system—along with creative scenario generation techniques and security best practices.


RECOMMENDATION 4-1: The committee recommends that DOE/NNSA generate a range of plausible and specific objectives that the site security system is intended to preclude, for use in scenario generation. An adversary perspective should be taken into account when generating these objectives.


RECOMMENDATION 4-2: The committee recommends that a comprehensive and plausible range of adversary capabilities, strategies, and tactics be considered in defining the threat to sites and designing security systems.

Suggested Citation:"Summary." National Research Council. 2011. Understanding and Managing Risk in Security Systems for the DOE Nuclear Weapons Complex: (Abbreviated Version). Washington, DC: The National Academies Press. doi: 10.17226/13108.
×

RECOMMENDATION 4-3: The committee recommends that DOE sites regularly track and evaluate the information available to an adversary and use this information to improve their understanding of the most likely ways an adversary might attack a given site or other operations, such as transportation.


RECOMMENDATION 4-4: The committee recommends that DOE sites supplement their current vulnerability assessment processes with creative scenario generation techniques.


RECOMMENDATION 4-5: The committee recommends that DOE Headquarters take on the responsibility of defining an overall deterrence strategy for the nuclear weapons complex, subject to evaluation by deterrence subject-matter experts.


RECOMMENDATION 5-1: The committee recommends that DOE focus its communication efforts aimed at Congress and the administration on risk management rather than on the risk to the nuclear weapons complex. This communication should draw on the total systems approach and scenario generation processes recommended by the committee.


RECOMMENDATION 5-2: The committee recommends that DOE take steps to ensure a more integrated and collaborative environment for functional responsibility for the security system at the headquarters level and in the field. A clearer and more expeditious process for accepting risk should be a priority goal.

CONCLUSION

It is clear that the threat that DOE requires its sites to defend against is formidable. The current security emphasis is out of balance. A redirection of focus and resources is indicated, but accomplishing such a major shift in approach will require leadership and a different model for security guidance, planning, and evaluation. The committee’s recommendations are intended to serve as a starting point for this change.

Of the recommendations listed above, three stand out in the committee’s view as its primary suggestions for how DOE/NNSA could effectively succeed in restructuring its security approach. These suggestions are primarily related to the lack of a total systems view associated with security at NNSA sites.

First, DOE/NNSA should seek to better integrate its security efforts. This would help to address potentially significant vulnerabilities. Second, NNSA and other outside security organizations that are responsible for some aspects of the security of the weapons complex do not appear to be well coordinated. Third, a broader suite of adversary scenarios should be developed.

Finally, the committee notes that any analysis is only an input to a decision maker who needs to make a subjective judgment regarding defense strategies, tactics, and investments. Despite the best plans, defenses, and training, the decision maker needs to be alert and prepared to react quickly and decisively to the unexpected. Thus, it is essential that all aspects of security associated with the DOE nuclear weapons complex —whether they are operated by DOE, by NNSA, or by another agency entirely—be well understood, well organized, well exercised, and well coordinated. Although this may not require changes in how NNSA’s security apparatus is organized, it is likely to require a change in approach and a change in mindset.

Suggested Citation:"Summary." National Research Council. 2011. Understanding and Managing Risk in Security Systems for the DOE Nuclear Weapons Complex: (Abbreviated Version). Washington, DC: The National Academies Press. doi: 10.17226/13108.
×
Page 3
Suggested Citation:"Summary." National Research Council. 2011. Understanding and Managing Risk in Security Systems for the DOE Nuclear Weapons Complex: (Abbreviated Version). Washington, DC: The National Academies Press. doi: 10.17226/13108.
×
Page 4
Suggested Citation:"Summary." National Research Council. 2011. Understanding and Managing Risk in Security Systems for the DOE Nuclear Weapons Complex: (Abbreviated Version). Washington, DC: The National Academies Press. doi: 10.17226/13108.
×
Page 5
Next: References »
Understanding and Managing Risk in Security Systems for the DOE Nuclear Weapons Complex: (Abbreviated Version) Get This Book
×
Buy Paperback | $15.00 Buy Ebook | $11.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

A nuclear weapon or a significant quantity of special nuclear material (SNM) would be of great value to a terrorist or other adversary. It might have particular value if acquired from a U.S. facility--in addition to acquiring a highly destructive tool, the adversary would demonstrate an inability of the United States to protect its nuclear assets. The United States expends considerable resources toward maintaining effective security at facilities that house its nuclear assets. However, particularly in a budget-constrained environment, it is essential that these assets are also secured efficiently, meaning at reasonable cost and imposing minimal burdens on the primary missions of the organizations that operate U.S. nuclear facilities.

It is in this context that the U.S. Congress directed the National Nuclear Security Administration (NNSA)--a semi-autonomous agency in the U.S. Department of Energy (DOE) responsible for securing nuclear weapons and significant quantities of SNM--asked the National Academies for advice on augmenting its security approach, particularly on the applicability of quantitative and other risk-based approaches for securing its facilities. In carrying out its charge, the committee has focused on what actions NNSA could take to make its security approach more effective and efficient.

The committee concluded that the solution to balancing cost, security, and operations at facilities in the nuclear weapons complex is not to assess security risks more quantitatively or more precisely. This is primarily because there is no comprehensive analytical basis for defining the attack strategies that a malicious, creative, and deliberate adversary might employ or the probabilities associated with them. However, using structured thinking processes and techniques to characterize security risk could improve NNSA's understanding of security vulnerabilities and guide more effective resource allocation.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!