LAUSR

It is our pleasure to introduce this special issue of Nuclear Science and Engineering as the first look into performance-based, risk-informed physical security for nuclear facilities. The body of work presented here highlights some of the more recent work advancing security modeling, integrating safety and security risk techniques, and identifying novel approaches to a known technical gap—risk-informed physical security. The physical security at nuclear facilities is an important aspect of maintaining safe, secure, and reliable operations. Yet, as of 2021, physical security remained one of the highest operation and maintenance costs at U.S. nuclear power plant sites. Physical security programs at U.S. nuclear sites started to ramp up to meet changes in their threat profiles or their design-basis threat (DBT) in the early to mid-1980s. The events of September 11, 2001, saw more changes to the threat profiles and DBT, resulting in significant increases in physical security, especially at high-consequence nuclear sites. As U.S. nuclear facilities are built and existing sites modernize their infrastructure and control systems to run beyond their original operating parameters, an opportunity exists to modernize their physical security programs by applying performance-based, risk-informed advancements through software tools, risk methods, advanced design techniques, and automation. The traditional risk triplet implemented in probabilistic risk assessment (PRA), comprising scenarios initiated by an initiating event, probabilities (i.e., of the initiating event and of pivotal events that change the trajectory of the scenario toward consequences), and consequences, has become an important tool for ensuring nuclear safety. Since PRA involves an estimation of probabilities of uncertain consequences resulting from uncertain events in complex systems, early PRA simplifications required the elements of the risk models to possess various statistical properties (e.g., randomness and independence) in part due to the limitations of computing technologies of the era. Even the primary author of the seminal Reactor Safety Study, WASH-1400, said, “I do not believe that the safeguards [i.e., security] risks can be quantified using these [i.e., PRA] procedures,” because the threat does not possess certain important statistical properties (e.g., randomness). These early simplifications resulted in a hesitancy to use risk analysis within the nuclear physical security arena. If we translate the traditional terms of risk into a nuclear physical security context, the risk triplet involves scenarios initiated by attacks (i.e., threat), probabilities (i.e., of the attack and pivotal events that lead to consequences [vulnerability]), and consequences of the attack, and it becomes clear that the early simplifications are invalid for this problem. Because the definition of threat includes the adversary’s decision-making process, the threat to the primary target is a function of both the primary target’s vulnerabilities and the adversary’s consequence expectations. However, even this does not fully capture the complex conditional relationship between threat and vulnerability. Thus, this relationship cannot be properly captured within the simplified calculation method of early nuclear safety PRA. Additionally, the complexity added from the interdependence of additional target sets inherently challenges the assumption that targets can be treated as independent of other targets. Also, the addition of multiple targets is further confounded by the timing of when those targets are attacked, and the order and timing can vary both the vulnerability and consequence variables. For example, does an adversary attack the secondary target on the way