United States Nuclear Regulatory Commission - Protecting People and the Environment

Frequently Asked Questions About Force-on-Force Security Inspections at Nuclear Power Plants

On this page:

Index to All Frequently Asked Questions Pages

Which specific licensees are involved in force-on-force inspections?

Every operating nuclear power plant and certain other major nuclear facilities are subject to force-on-force inspections every 3 years. Force-on-force inspections are not conducted at stand-alone independent spent fuel storage installations or decommissioned nuclear power plants.

To top of page

What is a force-on-force inspection? How does it help ensure security at a nuclear power plant?

A force-on-force inspection is a two-phased, performance-based inspection that is designed to verify and assess the ability of licensees' physical protective systems and security organizations to provide high assurance that activities involving special nuclear material are not inimical to the common defense and security of the facilities, and do not constitute an unreasonable risk to public health and safety. A force-on-force inspection is conducted over several days in two separate visits by an inspection team at the licensee's site.

First, NRC security and operations specialists conduct table-top drills on a mock-up of the facility. During this phase they evaluate the effectiveness of licensee security plans against a series of attack scenarios. Drill coordinators explore the number of defenders, their protective positions, and their protective strategy. The role of State, local, and Federal law enforcement and emergency planning officials is also discussed in the table-top drills.

Second, armed with information from the table-top drills, and with information gathered before conducting the table-top drills, detailed plans are made for a number of commando-style attacks seeking to probe potential deficiencies in the protective strategy. A mock adversary force carries out these attacks. The mock adversary force attempts to reach and simulate destroying enough safety equipment to set in motion an event that would damage the reactor's core or spent fuel pool and potentially cause a release of radiation to the environment. The licensee’s security force seeks to interdict the adversary force and prevent it from reaching the safety equipment.

During force-on-force inspections, the licensee maintains both its normal security force, which is not involved in the exercise, and a second security force that actually participates in the exercise. The use of weapons and explosives is simulated using electronic equipment and other means. The purpose of these inspections is to identify any significant deficiencies in the protective strategy in the licensee's security plan that need correcting. Any such deficiencies are promptly reviewed and properly addressed. These inspections provide the most realistic evaluation of the licensee security force’s proficiency, short of an actual terrorist attack.

The NRC teams that conduct the force-on-force inspections at NRC-licensed facilities include active duty U.S. Special Operations Forces. These individuals participate in the inspections by:

  • Assisting the NRC inspectors in developing the scenarios used to test the facilities.
  • Providing expert technical advice to the mock adversary force.
  • Assisting the NRC inspectors in evaluating site security forces and systems.
  • Providing an independent evaluation of the mock adversary force’s performance.

To top of page

How do these inspections improve security at nuclear facilities?

Force-on-force inspections provide a realistic evaluation of the proficiency of licensee security forces against a threat consistent with the design basis threat (DBT). The purpose of these inspections is to identify deficiencies in the licensee's protective strategy, security plan, or implementation that need correcting. Any such deficiencies are promptly reviewed and properly addressed.

To top of page

Why weren't these security inspections conducted between September 2001 and February 2003?

Following September 11, 2001, NRC force-on-force inspection activities were suspended because their conduct would have been a significant distraction to licensee security forces that were already at the highest level of alert. Moreover, NRC would not have had the resources to conduct the inspections because NRC security personnel were fully engaged in helping to staff NRC's emergency response centers, in developing detailed advisories and Orders for NRC licensees, and in monitoring and evaluating the licensees' heightened security postures, including weekly reports on power reactor licensee physical security resources and program enhancements.

This was a period when both licensee and NRC resources were stretched to their limits, significant enhancements were underway, and it would have been imprudent to conduct inspections in that environment. To be effective and safe, force-on-force inspections require significant resources to plan for and conduct. The licensee needs to be able to staff both its normal security force and the complete second security force without driving overtime usage to unacceptable levels. The NRC staff needs to assess in advance potential deficiencies in the protective strategy at a site and choose the scenarios most likely to identify potential weaknesses. Until early 2003, neither NRC nor licensees had the margin of resources necessary to carry out a well-prepared inspections program in the heightened threat environment; NRC and licensees now have the resources. In February 2003, NRC resumed this important activity after having conducted less resource-intensive enhanced table-top drills at seven sites in summer 2002. In 2003, the NRC conducted a pilot program in which the effects of the interim compensatory measures and expanded adversary characteristics that were required by NRC's Orders were evaluated. In 2004, the NRC conducted a transitional force-on-force inspections program during which the inspection processes were refined, and the licensees completed physical protection enhancements and implemented their revised security plans. In November 2004, the NRC began conducting evaluated force-on-force inspections.

To top of page

Has the NRC been in contact with the FBI and other Federal law enforcement authorities on conduct of inspections at these particular plants?

Yes, the NRC has been in contact with the FBI and other Federal law enforcement authorities on the force-on-force inspections. Some local FBI offices and some State and local government representatives observe and/or participate in these inspections.

To top of page

Is the Department of Homeland Security (DHS) directly involved? Have law enforcement and intelligence agencies been briefed on these inspections?

The FBI is invited to participate in the force-on-force inspections. While DHS and intelligence agencies do not generally participate in the force-on-force inspections, the NRC coordinates with these entities to evaluate the DBT for radiological sabotage. Licensee security forces are tested against a threat consistent with the DBT during force-on-force inspections. Lead local law enforcement and representatives from the respective States are also invited to participate or observe.

To top of page

Do any other regulatory agencies conduct force-on-force inspections?

The Departments of Energy and Defense both use the force-on-force model to evaluate the proficiency of security systems and forces. The NRC is not aware of any other Federal regulatory agency that conducts force-on-force inspections at private sector facilities.

To top of page

While the NRC's force-on-force program was suspended, were there no such inspections being conducted at power reactors sites?

In general, licensees have been conducting their own such inspections as part of the security force training and the validation of updated security plans. The Commission's April 29, 2003, training Order includes enhancements in licensee training programs, the details of which are Safeguards Information.

To top of page

Are these inspections tough enough in the post-September 11 environment?

Yes, the NRC is using adversary characteristics that go beyond the pre-September 11 DBT for radiological sabotage. Scenarios developed from these characteristics by NRC staff are realistic, challenging, and representative of an enhanced threat consistent with the Commission's February 25, 2002, Order to power reactor licensees and the April 29, 2004, Orders for Training and Qualification and the revised DBT. The NRC periodically reviews the DBT to ensure it appropriately reflects the current threat environment.

To top of page

Isn't it true that, despite your best effort, no inspection can fully prepare a nuclear power plant for an actual terrorist attack?

Force-on-force inspections comprise one element of the NRC's security oversight program, which ensures licensee readiness to defend against the DBT.  While force-on-force inspections provide valuable information regarding the implementation of licensee protective strategies in a simulated environment, the NRC also inspects licensees' cyber security, access authorization, security training, equipment testing and maintenance, and insider mitigation programs to ensure that licensees maintain a well-developed security program. A well-developed security program, a skilled security force, a strong training program, and periodic exercises (such as in the force-on-force inspections) to test, adjust, and improve upon the security of a nuclear facility are expected to prepare a licensee for a terrorist attack equivalent to the DBT.

To top of page

Page Last Reviewed/Updated Tuesday, March 31, 2020