United States Nuclear Regulatory Commission - Protecting People and the Environment

Frequently Asked Questions About NRC's Design Basis Threat Final Rule

On this page:

Index to All Frequently Asked Questions Pages

What are the design basis threats (DBTs)?

The DBTs provide a general description of the attributes of potential adversaries who might attempt to commit radiological sabotage or theft or diversion against which licensee's physical protection systems must defend with high assurance. The DBTs have been part of the Nuclear Regulatory Commission's (NRC) regulations in Title 10 of the Code of Federal Regulations, (10 CFR) Section 73.1, since 1979. The DBTs are regularly reviewed and, when appropriate, revised to reflect changes in the threat environment.

To top of page

What does this revision of the DBT rule accomplish?

Revision of the DBT rule does primarily three things. First, it imposes generic security requirements similar to those previously imposed on operating nuclear power plants by the Commission's April 29, 2003 DBT Orders. The DBT rule modifies and enhances NRC's regulations based on experience and insights gained by the Commission during implementation of these security Orders. For example, the final rule contains provisions related to multiple, coordinated groups of attackers, suicide attacks and cyber threats. Secondly, the Commission considered and, as appropriate, incorporated the 12 factors identified in the Energy Policy Act of 2005. Finally, the DBT rulemaking process provided the public with an opportunity to participate in the development of NRC's security regulations.

To top of page

What are the 12 factors in the Energy Policy Act of 2005 considered by the Commission?

They are:

1)The events of September 11, 2001;
2)An assessment of physical, cyber, biochemical, and other terrorist threats;
3) The potential for attack on facilities by multiple coordinated teams of a large number of individuals;
4)The potential for assistance in an attack from several persons employed at the facility;
5)The potential for suicide attacks;
6)The potential for water-based and air-based threats;
7)The potential use of explosive devices of considerable size and other modern weaponry;
8)The potential for attacks by persons with a sophisticated knowledge of facility operations;
9)The potential for fires, especially fires of long duration;
10)The potential for attacks on spent fuel shipments by multiple coordinated teams of a large number of individuals;
11)The adequacy of planning to protect the public health and safety at and around nuclear facilities, as appropriate, in the event of a terrorist attack against a nuclear facility; and
12)The potential for theft or diversion of nuclear material from such facilities.

To top of page

How does the rule account for the individual design considerations unique to each nuclear power plant?

The DBT rule applies to commercial nuclear power reactors and Category I Fuel Cycle Facilities. The DBTs provide performance-based requirements which allow each licensee to develop its site-specific defensive strategies. Licensees implement these defensive strategies through security plans, safeguards contingency plans, and security officer training and qualification plans which are reviewed and approved by the NRC.

To top of page

How does the revised DBT rule support NRC's plans to update its security requirements?

The revised DBT rule represents the NRC efforts to strengthen and align its regulations with the security Orders issued after September 11, 2001. In addition, the NRC has under development or revision three additional rules that will further enhance NRC's security regulations. These include the following:

  • 10 CFR Part 52, "Licenses, Certifications, and Approvals for Nuclear Power Plants," which provides the framework for new power reactor licensees to incorporate NRC security requirements into their licenses;

  • 10 CFR 73.55, "Power Reactor Security Requirements," which revises and updates the physical protection requirements for operating nuclear power reactors; and

  • 10 CFR 73.62, "Security Assessment Requirements for New Nuclear Power Reactor Designs," which provides requirements for security design assessments for new nuclear power reactors.

To top of page

Page Last Reviewed/Updated Monday, February 24, 2014