 contributed significantly for developing several guide documents in IAEA on nuclear security related topics. So in the morning session I will hand it over to Chris Price for giving you some inputs on this area and before that I have two experts who arrived this morning I want to introduce them and we have Patrick Reines from France, they're legal expert. He would be guiding you on the project, group project number five. Those of you who selected project five, he is available here and at the end of the day you can start meeting him. You also have James Hilco from the US, another expert for the group project number six, root cause analysis, he's also available. Today you can start discussing on the project six. So with this I will hand over to Chris to start his presentation. Thank you. Thank you very much for that introduction. As you heard I was a regulator for many years in the UK. I retired three years ago and since then I've been working part-time for the IAEA and that's one of the reasons I'm here today. So I believe you had a lot on nuclear safety last week. This morning we're going to discuss nuclear security. What is it? What are the objectives and the fundamental principles of nuclear security? How does it play into the infrastructure for a nuclear power program? And then after the coffee break we're going to look at recommendations for protection of nuclear facilities such as nuclear power plants. And finally if we got time I'll have a quick word about how the IAEA can assist member states in this area. So what is it? Well here's a definition which we produced some years ago. You'll also hear the term physical protection. As the IAEA started it's issuing recommendations on how to protect nuclear material way back in 1972. This issued a concern that nuclear material if it fell into the wrong hands could possibly be used to make a improvised nuclear device. In other words a sort of weapon of some kind and one can comprehend what the consequences of that would be if terrorists got hold of a nuclear weapon of some kind. And the term physical protection was used rather in nuclear security because as many of you will know in your own languages the words safety and security use the same word and we needed something to distinguish between what we call nuclear security from nuclear safety. And so that term was used historically until the IAEA really started up having a large program following the events of 9-11 in the US with the attacks on Washington and New York. When the whole subject went off to the top of the political agenda and the IAEA started a program which encompassed not only nuclear material but also radioactive material and what they call material out of regulatory control. In other words material has been lost or stolen. So the big difference here if you look at this definition is that what we're concerned are intentional acts and this is the big difference between security and safety. Safety is concerned with accidents, natural hazards like earthquakes and things like that. Equipment failures but what we're concerned about is individuals, groups who intentionally want to steal material, radioactive material, nuclear material or what we call sabotage facilities or nuclear material and transport to cause a radiological hazard. So what could they do if they got hold of material well as I mentioned nuclear weapons or what we call improvised nuclear devices but also a radioactive material causes the concern about dirty bombs which are radiological dispersal devices or REDs which are radiological exposure devices whereby someone hides material in a public area where the people are going to be present for periods of time and they get irradiated without realizing it and then of course sabotage. So if you probably heard the nuclear program worldwide is pretty large it's the statistics show and in turn of radioactive material, radioactive sources there are absolutely millions of them around the world and they're used in all sorts of medicine, agricultural, industry, research, etc and some of these are pretty strong and therefore pose a serious hazard to health if they're misused. So establishing an effective sustainable nuclear security infrastructure is important in every country in the world because every country in the world I think with that it's hardly an exception at least has radioactive sources if it doesn't have nuclear material. I mentioned that the program really sort of took off in 2002 but it had concern and really started some in the previous decade because in the early 1990s we started getting reports of nuclear material being offered for sale which was a bit disturbing because criminals should not really have got hold of this material and the fact that they were offering it to anyone who could come up with a money was a matter of international concern and in order to establish the size of the problem the agency set up what they call an incident and trafficking database whereby member states reported confirmed cases because there was a lot of media speculation at the time as to how much material was going on and people wanted a clear authoritative source of information on this problem and this has now been running for 24 years now and as you can see from this we're talking about getting 100 confirmed incidents a year we're probably more than that now because initially there were very few being reported although they may well have been happening. So this confirms that material what we call out of regulatory control is quite a serious problem worldwide and the answer to that of course is to secure it at source to make sure that it doesn't go missing in the first place and end up being trafficked around the world to potential groups who would misuse it. There are statistics of the types of material most of it is radioactive material rather nuclear but nevertheless some bit is quite strong material. So the IA's vision is to assist member states to establish this effective security wherever the material is being used stored or transported. So one of the things that was necessary was to establish a nuclear security series of documents rather like the safety standards in which authoritative advice could be given to member states as to what they should have in place and how they might implement nuclear security and the very top tier document is was issued about I think only about 2012 so it's not that many years ago but what it does is we looked at all the international instruments you're going to have a presentation tomorrow on that so I'm not going to talk about international instruments today but looking at those they contain a number of obligations in there and we distill those together with other other things to come up with what we call 12 essential elements of a nuclear security regime in other words the sort of regime every country should have to some extent depending on whether it's got a nuclear program or whether it's just got radioactive sources but the the the contents the same it's just the amount of resources one would need to deploy to effectively protect this and against that is as the objective as well which is to protect persons property society in the environment from the harmful consequences of a nuclear security event that objective is almost identical to safety with the exception there they're talking about the harmful consequences of an accident or something like that and we're talking about a nuclear security event in other in other words a deliberate intentional act to cause harm or to steal material with the potential of taking it to another place to cause harmful consequences to persons property society and the environment so I mentioned that the IA is encouraging everyone to have a nuclear security regime what is it comprised of it's got three bits really to it the first one is a what we call a legislative and regulatory framework so that's a framework set up by government with laws regulations other administrative into governmental things because unlike safety the government and its agencies are involved on a day-to-day basis with nuclear security and it's not just an issue for the operator and the regulator because we're talking about potential criminal acts and preventing criminal acts is a state responsibility as much as a responsibility of individual companies or people so government plays a large part in it with its various institutions and organizations who implement this framework for instance and border control protecting major public events right down to often providing the guard force or at least the response force to nuclear facilities or radioactive facilities who will react in the case of any event being detected there which indicates a criminal or otherwise unauthorized act and finally the regime comprises the systems and measures that the holders of this material have to put in place so there are 12 essential elements and we'll quickly go through them one by one and the first one was very much to make it clear that it states who are responsible for this they can't abrogate this they can't delegate it and leave it to just some small little group in their country they can't leave it to a neighboring country they can't say well it's the IEA's responsibility or the United Nations responsibility it is clearly their responsibility but the other thing of this is this is a sensitive area obviously because it impinges on national security it impinges upon the rights of states to run their own affairs without interference from other countries or other bodies and so states were also very keen to put this emphasis state responsibility in other words it's my responsibility not anyone else's and I acknowledge that because I don't want anyone else coming in and telling me what to do and how to run my own country so having a country accepted that it's it's their responsibility they then need to work out who is actually going to be have responsibilities in this area and clearly the operators or the carriers of material have a prime responsibility because it's in their control whether they own it or not but then are all these other bodies who also are going to assist them especially in the event of any criminal acts in cases of any loss of material and these are many and varied as we'll see key competent authorities well you know most countries have all of this and to some extent or other these bodies get involved at some stage or other where they're enforcing the regulations where they're protecting the border and looking for material being trafficked across it the intelligence services because here we've got a key thing of what is the threat because if you're a a normal operator of a facility it's not within your gift to know exactly what the threat is who are the people out there how many of them are there what and say capability to attack me and things like that that again is where a state comes in because it has bodies which collect information intelligence on terrorist groups criminal groups etc and who can distill all that information to into a form of a threat assessment so that the people holding nuclear material understand what they have to protect against so part of this also obviously is then to not only establish these laws and regulations but have a body we use the word competent authority here because there are a lot of different ones in security but of course the key one is the regulatory body regulatory authority whatever name it goes with and making sure that on behalf of the government that's going to exercise day-to-day oversight over those people who are authorized legally empowered to hold nuclear material or radioactive material and make sure that they are protecting it in accordance with the legal requirements as there will be many of these then they need to be coordinated one with another so that we don't have duplication of effort that when the resources of another government agency is required it can be quickly obtained and so we go on one interesting thing here is also on the accountancy side the radioactive sources everyone should have a register and report their holdings of what they've got this is important because unless you know what you have and where it is you couldn't start really protecting it properly but also if it does get stolen then you can identify that from your records that stuff is gone missing in the nuclear material case there is already a requirement to which you're going to hear about later on today about nuclear material countancy and control in order to report holdings of nuclear material to the IEA under safeguards agreements but that nuclear material countancy is also very important for security because again that's the authoritative source of what material you have at a facility in order to know where it is and to categorize it to determine what level of security it needs but the control aspects are also very important because if you exercise good control over material then it deters people stealing it or if they do try and steal it it should be recognized very quickly that something's gone missing because of the various control mechanisms you put in place and then of course there is an external thing like import export controls on nuclear material enforced through border controls and sanctions in other words it's no good saying in the law that people got to do all these things and look after this material properly if there is not a sanction in the form of prismant or fines for people who fail to do this properly and so sanctions are the ultimate and we're talking about legal sanctions here following prosecution in a court of law legal hierarchy this is I've been to a number of countries on advisory missions in this area and every country is different when it comes to its its legal hierarchy and they have different names for things like laws and statutes and decrees and orders and regulations but essentially there's like there is a hierarchy with a constitution at the top laws which are passed by parliament regulations which may be made by various state bodies and down below they might put voluntary guidance but I think that would include things like codes of conduct which are issued as good advice and if you don't take it then you've got to explain why something went wrong if what you did wasn't failed to comply with a code of practice so often the guidance is not quite as voluntary as it stands international transport is a key area because this is when something would go wrong and the material is going to move from out of the jurisdiction of one country into a jurisdiction of another or perhaps even through another jurisdiction before it gets the finer one so you can get a number of countries involved and some of the transport can take place in international airspace or the high seas where there is no single country responsible but in the case of movements of nuclear material it's important that the country responsible is identified in advance and that it looks after the material until it's handed over to the recipient in due course so there should be a seamless procedure here to make sure that whenever material is moving internationally there is a responsible country for it every stage of the movement. I mentioned briefly about penal or criminal legislation this is of importance from the point of view of acting as a deterrent and persuading people that they really should do the right thing and ultimately even extraditing offenders as you'll hear tomorrow when we get on to international instruments international cooperation and assistance it's in every country's interest that nuclear and radioactive material is properly looked after and secured because if it's stolen in one place it can end up in another country very easily as we've seen from the trafficking database where material is detected often at borders coming in from another country and so designating points of contact in each country so that people know who to contact in the event of certain things is very important sharing information about threats particularly and generally exchanging experience are all part play an important part in this global nuclear security regime assessment of threats I mentioned that briefly already you've got to know what the threats are in order to know what you've got to protect against and what we're talking here primarily is the capability of the individual groups who are known to pose the threat because that knowing that capability you can then work out exactly how much protection you need to put on certainly high consequence targets like nuclear power stations which have sabotaged could cause the sort of results that you've seen or we've already seen in places like Chernobyl and Fukushima having identified the threat them we want to identify what are the targets needing protecting a nuclear facility can be quite a large place you know it'll include perhaps even sort of canteens and administrative buildings and things like that well they're not really the key things what you're really protecting are the material or in the case of sabotage systems which if you lost them safety systems like primary cooling circuits would result in a significant radiological hazard arising so identifying all these targets is important and then we use a risk informed approach and that this is really the kernel of nuclear security this is all about risk management in in terms of an external threat or even internal one but intentional acts by groups where they're going to come from outside or whether even they may already be employed or have legitimate access to the facilities themselves because in security terms risk has three functions one is the threat the second are the consequences of that threat if it's applied to particular targets and the third is vulnerability so in other words we're looking at protecting things from the threat which could cause unacceptable consequences I mean and in consequence terms there is a grading because some consequences might not be very serious others could be potentially affecting neighboring states and and then putting in the amount of protection to prevent or minimize the risk of a threat being successful and causing these consequences so this is what it's all about risk vulnerability and potential consequences and balancing those three because threat is not static potential consequences can vary considerably depending on what the target is stealing a radioactive source from a hospital which is used to be injected into people for doing tracing is not actually going to be very serious because you've probably got a low radioactivity a very short half-life and that's not really serious stealing something like cold bought 60 with very high radioactive material long-lived totally different question and so you have to balance the amount of effort you put into ensuring the most dangerous things are protected the most and having put in all these procedures then you obviously need to detect events whether they're actually at a facility or at a major public event or at borders or wherever a tax could take place or material could be smuggled through having done all this and put in lots of nice security just the same as safety one doesn't then say well we're sure now nothing is ever going to happen we've got a good thing here to defeat whatever it's thrown at us and that's it job done well it's not because we always have to repair that they are successful hopefully they'll be defeated you know but one can't never guarantee that and therefore we need to have what we call contingency plans in the case that there is an attempted theft or attack to sabotage a facility and it being successful and and the follow-up actions that will be then required and these are quite complex plans we've probably heard about emergency plans for safety the same here we've got to mesh those in they get multi agency response will be involved and we need to make sure the plans are there and practiced regularly so that if ever is a call upon them everybody knows exactly what their role is and what they have to do and having put together this very complex regime involving many agencies involving the operators holding material the carriers who transport it the regulatory bodies who make sure that the the regulations comply with etc we then need to sustain this because having set it all up at some expense the probability is that absolutely nothing will happen if you ask me about how many you know successful attacks have there been against nuclear facilities worldwide in the last 30 years I'd probably say hardly any so you've got this problem of the consequences of something going wrong could be very very serious on the other hand the probability of this happening in form of an attack is is certainly in past experience pretty low so you've got to motivate all these people who've got all these responsibilities to carry on doing them when everything appears to be nice and happy out there and there are no bad people in the world and we can all get on producing our electricity or whatever else from our nuclear power plant so sustainability is absolutely key is and and one of the basis is there's something we'll talk about nuclear security culture or like similar like safety culture and keeping the threat up to date etc so that any changes are identified and this all really comes down to leadership from the top and having integrated management systems so that security is integrated into the overall management of a facility and management includes quality management as well and that's applied as much to security equipment as it is to any other functions of the facility so that's a quick run-through of what nuclear security should look like in a state and we'll look at going to a bit more detail in subsequent lectures about how one would set this up in the case of embarking on a nuclear power program and actually protecting a nuclear facility but at this stage are there any questions from any of you about what we've covered so far yes so they've got But just to hear the reason for one affecting the other, unless you work closely together. The classic here, of course, is safety of those who react to it, even everywhere, from green signs to a efficient store and understable age-building action style, and security of the place. The minimum number of doors, top of the strong doors, those affecting the same time. It's really easy way to manage it. So the question is, the side of the fear of the threat and its impact. Well, what I was saying, what I said before, there was little evidence of any physical impact or facility being sold all day on cyber. So here, there really is a real threat day by day. And I think the world really woke up to that in the nuclear area following the Stutznetz attack. And everyone suddenly realized that, actually, it was not only protecting information on computer systems that was important. I think everyone had really realized this for a long time. They might not have been doing it very well, but everyone these days has their own personal computer and recognizes that they need to protect information on it in order not to assist people trying to scam them, et cetera. But the big real difference is that during the last 10, 20 years, computers are being used increasingly in the form of instrument and control systems at nuclear facilities. Now, this is not information. This is just data coding. And these have been put in, in some cases, with remote diagnostic availability and stuff like this, thinking that no one would meddle with these surely. But of course, these are equally vulnerable to attack. If not connected to the internet, they nevertheless can be attacked by someone getting physically in contact with a computer terminal and attaching a USB stick or something to it and downloading viruses. So this is probably the big area that we've seen a change, is protecting process control systems, which by themselves might not lead to radiological consequences. But certainly, they would lower the amount of defense in depth if you start losing safety control systems at the same time that you launch a physical attack on another system in the facility and end up with no safety control. And reactors running away out of control. OK, any further questions? Yeah, one more. Sorry, that's a good question. I just mentioned Staxnet. Yes. I did hear you, right? Yes. So should we re-support in the market the security between the state and the state? Yeah, this is an interesting question. It's well often I get asked by the Republic of Korea in a similar form. Now, what we're talking about security is against what we call non-state actors. In other words, terrorist groups, individuals, et cetera. We're not talking about state level attacks, where these are in the form of an invasion of your country by a neighboring one or of that kind. I think with computer security threats, the issue here is that when you get an attack and they're pretty frequent, it's not easy to identify where they originate anyway. Who is originating this attack? Is it a state-led thing? Or is it just a young teenager sitting in his home playing with a computer and seeing if he can hack his way into your computer network? You don't really know. And I don't think in practical terms it makes an enormous difference. Again, if you've got some very important computer system, then you're going to apply the most effective ways to protect who you can, rather than looking and deciding whether the attack is a state level one or not. I think I'm going to cut it there, because I need to move on if we're going to have our coffee break on time by getting to the next presentation. A quick one here. As you can see, there is a lot of organization in the security system. But who are you supposed to be to integrate all of this organization with the role you play a part of? In case of any case, too. Who is the response organization? Well, you'll always need an external response organization, because if you get a criminal attack on a facility, this is then immediately becomes a case of law and order. And there's a matter for the local police. And so the police will always come and respond or should do to any serious crime. But often countries want a response organization to defeat the people as well as capture them, put them in prison, charge them with various criminal offenses. So the response organization comes from whoever the government determines that should be, in some cases, like the UK as a specialized police force. Other countries, I know, because the place was located on the border, it gave the job to the border guards to protect the facility as well. In other cases, they can be the army or whoever. It's just up to the country to work out what it needs. But if it's once a dedicated response force at a facility, then that's going to be a fairly specialized body. And even if it's part of a wider thing, then part of the National Guard, for instance, or something like that, then you'll need a specialized body within that bigger overall organization who are familiar with what needs to be protected in nuclear terms. OK, so can we now get on with the next one? So this being a nuclear energy course, I'm sure you have all heard by now often about the milestones document that they produced I think at least 10 years, 12 years ago, this came out being started to provide guidance on how to repair, to implement a power program. And although this milestones document does mention security, of course, it's covering all the preparations in a much broader way. And what it contains on security is a prompt, but we decided that actually some more detailed guidance was really needed in exactly what one would do before reaching the three milestones of a nuclear power program development. And so we produced this book on establishing a nuclear security infrastructure for a nuclear power program. And we broke it down into a number of basic elements, which I'm going to cover one at a time. And we're talking about here a nuclear security infrastructure. So we're talking about policy. How's the government going to decide who does what? Legislation. What legislation is needed by the government to ensure that everything is done correctly? The various organization things that needed like coordination, assignment of responsibilities, et cetera. Before one gets to the various nuclear security systems and measures that are going to be put in place at three levels here. Prevention, which is really what we're focusing a lot on here today, which has become known as the first line of defense, because our aim should be to prevent attacks or prevent material being stolen. But because of contingency plans, we need a second line of defense if these fail. And so we need to detect if stuff has been stolen or detect if a sabotage attack is underway in order to get an appropriate response by whoever has been allocated that responsibility. So the first thing, and the thing that has to be done by milestone one, is work out a national policy and strategy for nuclear security. Because if you're going to make a decision to embark on a power program, you need to know what you need to have in place for that and how it meshes in with the existing nuclear national security infrastructure. And so this all needs working out is really the what's and ifs. You need to undertake the threat assessment, for instance. Obsess and identify what's required. And so this really is a key preparatory scoping exercise carried out by government prior to milestone one. One of the things that will come out, of course, is you will need some new laws or amended laws in order to deliver what you want and to deter things involving nuclear facilities or nuclear material. So you've got to identify the instruments here, the competent authorities, the expertise required. That's all a phase one thing. By phase two, you need to put in place all this legislation because from the start of phase three, you're actually starting to construct a nuclear facility. So everything legal needs to be in place before that stage. In other words, at milestone two. So you're all ready to go ahead with construction. And thirdly, you need a regulatory framework. And here we're talking about setting up a regulator who's going to assess applications, the safety and security, certainly of a proposed plant, to ensure that it's going to be adequate. Important thing here is that things are secured by design. So this means setting up a regulatory body, putting in place a regulatory body program, which includes authorizations or approvals for work to be carried out, inspection to ensure it's carried out properly, and enforcement if the licensee concerned has failed to comply with some legal requirement. And all these processes and procedures need to be in place by phase two because you're going to be regulating the thing from the time it starts construction in order to ensure that it is constructed safely. And it is secured by design. And you're not going to bolt on security later on as a sort of last resort when it becomes much more difficult and much more expensive. Threat assessment, what I mentioned, you need to think about who is actually going to do this. We had the question already, who's responsible here? Well, that's a phase one thing. Who is going to do the threat assessment and work up a thing which we call a design basis threat, which is often more common in the responsibility of the competent authority regulatory body. But it's a more sophisticated assessment, really, than the national threat assessment. The national threat assessment is based on what is known at the moment. The design basis threat is tending to look ahead a bit at, well, how could this change in a medium term? And if there's any gaps, let's fill them in with some sensible sort of things like how much explosives are the people likely to bring into the plow and to attack it. I mean, it's very key from a design because you can protect against explosive attacks. If you know, A, what sort of explosive it is and B, how much there is of it. And that will depend then on how actually you put concrete to make sure that the explosion is going to have no effect. So, by phase two, certainly one needs to have both of these in place because the operator in phase three constructing this plant needs to build in security to counter the threat or the threat capabilities which are assessed as possible potential to an attack on the facility. Management systems. I mentioned integrating management systems already. These are absolutely key. And this is not only going to have to cover some of the things we already mentioned, but of course we need to protect sensitive information. This is very important. There will be a security plan for the facility which will define exactly what's in place. You do not want a potential attacker getting hold of that information because then you know is exactly what he's got to circumvent to achieve his objective of theft or sabotage. So that sort of information needs protecting and you need systems in place to do that. Trustworthiness of people. I think most of us now accept that although we'd like to trust all our fellow citizens, some of them might turn out to be bad eggs and we therefore need to have a system in place to make sure that you don't recruit known criminals and people like that and stop them getting authorized access to the facility. So a trustworthiness program, that all needs to be set up again by phase two, the milestone two I mean, because it's going to have to be applied from construction onwards. HR needs, or other ones, what training is going to need? Who's going to need training? What sort of training they're going to require? This is all stuff you need to work out by milestone two because you're going to have to apply all this management system and nuclear security culture and sustainability all through phase three. And so this is all mostly has to be done in milestone two. Then the various measures, of course, to secure the facility. I mean, these include the regulator coming up, what we call a graded approach. So you can identify how much security needs to be applied to various targets. What needs to be applied at the construction site? I would suggest that once you start constructing a nuclear power plant, this is a multi-billion pound project, you're going to want to protect that construction site to some extent from the word go. And then as more and more stuff. So even before the nuclear material arrives, you're going to need to make sure the thing is being put up and no one's hidden a bomb in the middle of it. Which could go off later on when the materials have. So there are all these sort of measures to take in place. Similarly for radioactive material, here's a, one of the things a nuclear power plant will produce is a lot of radioactive waste. And so whereas you might just have a program at the moment for radioactive sources, you're going to have to widen that in scope to cover all radioactive material, which could pose a hazard if dispersed or used as an exposure device. If you've got nuclear material into the country, then of course, one of the things you have to plan for is you actually might lose some of that. And so this is again, is a need to make sure that your program for material out of regulatory control includes measures to respond to criminal or other acts involving not only radioactive material being out of control, but also nuclear material out of control. And here there are three areas with deterrents, sorry, prevention, which that includes deterring, making the target look too hard to attack, securing information about it so that people wanting to attack do not know exactly what protection means there and trustworthiness, making sure that potential criminals, et cetera, are not granted legal access to the facility. Detection for that material out of control is obviously all these border monitoring and stuff like that. Detection other places and then of course, the response is quite complicated because you've got not only to assess what happens when alarms go off, but you could then have a crime scene and she managing the forensics, which can be used to identify where material might have come from. You've got to recover the material and return it. And so there's a lot to do in that area. International cooperation, certainly this area, you need to make sure you've got your points of contact nominated that the international community has been told about them, how to get hold of them. And so this is a thing which goes on throughout all the phases of embarking on a nuclear power program. So that is very quickly a run through, I don't know if I'm doing it on time, 10, 20, good, we've got plenty of time for some more questions. So that really is a very quick gal up through what's in this book. So anyone engaged in embarking on a nuclear power program and planning the management of it, this is the key document to look at, to work out when things need to be done. But basically they all fall into sort of three things. And before milestone one, you need to consider, assess, recognize, identify in order to develop the policy and the strategy. So in other words, it's doing a scoping exercise here in some depth. So you know exactly what's going to be required. Phase two then is to deliver most of that. You need to enact laws and regulations, develop, establish, define, regulatory programs, policies, procedures, requirements. So that once, by that's by milestone two, because then for milestone three, once you've tended and got accepted a tender, then construction could start and all these things then need to be in place to secure the construction site and be prepared to receive material in due course. And that's not only nuclear material, but every single nuclear power plant I've ever been also has radioactive sources in it for one reason or another. So it's not just nuclear material we're going to see inside a nuclear power plant. So during phase three, this is when you will implement, review, update, sustain responsibilities, requirements, systems and measures. And this is all going to be a threat based approach. So you need to develop the threat from phase one onwards and make sure that you monitor it and update the assessment as needed throughout the whole process. So that's it. That's basically a very quick run through. I mentioned numerous sort of measures and things like that when after our coffee break, we're going to look at nuclear material, nuclear facility protection and a bit more depth. And so I will go into many of these measures and in a little more detail, but at this stage, I hope we've got across, there are a lot of things that a government has to do in order that the operators who are going to construct and manage this nuclear power plant are quite clear as exactly what they've got to do. Which means the government has got to work out pretty much before exactly what they're quite clear, because nothing is more disruptive than you're constructing a major facility like this and suddenly find out the government's turned around and suddenly thought of some new thing that it wants. And you have to try to work out how to change the design or whatever to accommodate it. Everything needs to be well thought out beforehand. So yeah, we've got some small questions now. Can I one from the front here? The three, the three that you've figured out, but eventually the picture on this one, to that side, I don't think. Yeah, prevention, that was really when I was talking there about prevention detection response. It was really about material ad direct to control. In other words, stuff that's out there, it's already been lost for one reason or another or stolen. As regards prevention detection response out of facility, I'm gonna cover that after the break because we're gonna look at how to protect a facility and we'll talk a bit about how, what measures we put in place to prevent attacks and then detect and respond to them if they do take place, whether they're insiders or not. So we'll cover that if we can after the coffee break. One at the back here, yeah. Yeah, yeah, yeah. So it's a question about the interface between safety culture and security culture. They're not the same thing, but they're very similar. Why I say they're not exactly the same is because one of the key security measures is to maintain confidentiality on sensitive information. Whereas in the safety area, if anything goes wrong, it spread the word and tell everyone exactly what the problem is so that people make sure it doesn't happen again. Well, if we've got a weakness or something in the security area, until we fixed it, we do not want to go and advertise that fact. So we have these conflicting things really where in safety, you're encouraging everyone to own up and point out problems. Whereas in security, we need this done but in a much more confidential way. That's one of the sort of key sort of differences between the two. Is there a book on it? Yes. This again is an interesting area. In safety, you won't find a single book on separate book on safety culture. It's all part of safety management. In security, yes, there is an implementing guide on nuclear security culture, which actually says that the answer to this lies in good management. We've sort of reversed it if you like and I'll explain after the coffee break why the reason of that is. But yeah, it's basically similar in terms of you want good leadership at the top. If the top doesn't believe in safety or security, you won't see it properly done anywhere throughout the whole facility or organization. Key of it is good management, making sure that there's good flow of information from the workers up to the managers and back and that sort of thing. But a key thing really when you say security culture is getting across two things. One, there is a threat out there. It may not happen tomorrow but it could happen the day after. And secondly, that all these measures we require you to take wearing bits of passes are important and you need to rigorously do follow the procedures laid down. So that is the basis of nuclear security culture, those two things. So it's awareness training, making sure that people are aware that there are threats out there and they could be directed at your facility and making sure they understand the role they play because everybody in the facility has some role for security, exactly the same way as they have for safety. Everybody has a responsibility, a personal responsibility to follow procedures or whatever. And obviously managers have more responsibilities. Any, yes, another question over here. The question will be on threat assessment. Yes. Just like in safety, we consider design basis. Accidents, yeah. And along, sorry, beyond design basis. Yeah. So in respect of security, or threat assessment is security mentioned, national threat assessment, design basis threats. So I want to ask, is there any consideration for beyond design threats? You're designing this threat, aren't you? Yeah, this is an interesting area. The whole issue about design basis threat is being re-looked at. And it's a good argument for saying design basis threat is the threats that the operator has to protect against in designing his facility and establishing various measures to protect it. Whereas beyond design basis threat would be what the state has to handle. And that would include things like standoff attacks. In other words, launching an attack against a nuclear facility from outside it on land that the operator does not control. That clearly becomes a state responsibility. I'm sure you can get the police to go and visit potential spots every now and again and question anyone they see hanging around in those sort of areas, but the operator can't do that. So if you like, you could call that beyond design basis in terms of what the operator has to design against. The state still has to protect against it. And the operator may have to take measures to mitigate it. Rocket attack or something like that. Although the operator normally doesn't have the powers to prevent someone firing a rocket at a facility, nevertheless, the operator could actually put up means to mitigate the effects, explosive effects of it. For instance, putting metal screens up in front of key targets and things so that the missile explodes before it hits the target. That sort of thing. So there can be a bit of a mix here. It all very much depends on what your threats are and deciding, will the government decide who's gonna handle what more. This is the whole thing. Who's, what's the capability we're protecting against and who's gonna be responsible for ensuring that there is protection against that? Yeah, the question is how do we assess trustworthiness? Well, the thing about trustworthiness, your assessment is only as good as the day it is done. And so all managers have to remember that. A number of times I've heard managers say, oh, well, he's trustworthy. Well, he was trustworthy last year on such and such a date when the state authority carried out a police criminal records check and a security service check against him and we couldn't find anything. What I'm really saying is it's an ongoing process. You can do various things. I mean, a lot of it is good HR recruitment things. Is he who he says he is? Does he have the qualifications that he claims to have? All these sort of things. It's amazing how many people were recruited who just come up with a good story on the day and say, you know, I'm really expert at this and this. Oh, good, we'll recruit you. Not good HR recruitment at all though. You need to check out all these things. So HR's got a big role to play here. The state can obviously check its record to see what's known against the individual. Once you have confirmed who the individual is, so you need him to produce a passport or other identity card or something because it's not much good us at the state doing a check against someone who's got a false name. We're not gonna get anything. So there are those sort of things but really it's ongoing monitoring. Certain things can be done beforehand but thereafter it's a good sort of relationship between managers and their staff. And again, it's security culture. People should, if they've got concerns about an individual, be passing them up to management in order to, it's someone, I mean, we're not only talking about criminals, I mean, we're also talking about people with mental problems here. In a number of cases, I know where individuals, employees have installed the material to weird reasons of their own because they've gone a bit funny in the head. So it's quite a complex area. And it's all government, I can't give you, this is how to do it because like most things in security, it depends very much on government structures. It depends on national culture. In some countries things, we do things in another country, we can't do that. So it's very much reached state to come up with its own way of determining trustworthiness but it's absolutely key to dealing with what we call the insider threat. Anyway, it's now coffee break time so we'll have more time to have some questions after the next session, I'm sure. So thank you for all the very interesting questions that I've had so far.