 Physical protection because it's a term which is used in a lot of international instruments and bilateral nuclear cooperation agreements because it's been used for so long and so we still use this term physical protection just for nuclear material facilities but it is very much part of the overall program which we call nuclear security which also encompasses other radioactive material and material out of regulatory control. Now whereas the majority of the IEA nuclear security program is relatively new and it's not mature in the same way that the safety standards is in the nuclear area this has been going on for a very long time back to 72 well it started in 1970 producing the first recommendations on physical protection and it's gone through a number of iterations since the number of revisions of this document like all IEA certainly nuclear security documents it's produced by representatives from member states and then published by the agency so it's very much a product of the global community it's not the IEA telling you what to do or suggesting what you should do it is it is what the international community feels should be done in this area. I had the privilege of chairing the group which developed the most recent revision which was published in 2010 it took several years to formulate an update and interestingly it wasn't done as a result of 9-11 at all what happened in 9-11 is we then got a raft of international instruments put on the the books but this document was was fit for purpose even then because it had always been developed initially to protect nuclear material against theft for use in a nuclear explosive device and laterally after Chernobyl giving more attention also to the sabotage of nuclear material and facilities like power plants and and so really it was quite fit for purpose but as always things develop and it's always good every 10 years or so to sit down and say you know does this meet our current views on how to protect and what are the objectives of protection so actually what happened after 9-11 was you're here tomorrow about the convention on physical protection being extended and so a lot of effort was put into by the same sort of people into producing an amendment to that convention and when that was finished then we were in a position to revise the IEA recommendations because of course it's always been important that these are consistent with international instruments and what went into the convention was some objectives and some fundamental principles which are similar but not identical to the essential elements which I opened the meeting with earlier so what we did was yeah in short consistency with particularly this amendment to the convention we introduced risk management I mean we had all the bits in before but we didn't really explain why the threat is important why we have a graded approach to consequences and why the rest of the document is about how to reduce the vulnerability to attack which is really what risk management is all about and so we introduced the concept of a risk management approach to protecting nuclear facilities tie that in with a gradient approach and that gradient approach in turn is very much based on something we call defense in depth in other words the higher the consequences of a target the more defense you put around it in concentric circles and that being in turn based on a graded approach which is either I'll go into categorization systems and it also became important to note that we had a strong interface not only with safety but also with the nuclear material accountancy and control measures which were starting to become very much orientated solely towards safeguards and while safeguards is very important because all countries with a nuclear nuclear program are required under non-proliferation treaty to have a safeguards agreement with the IAA these accountancy and control measures also strongly supported nuclear security it was important to remind the accountants and the material custodians that they were not just doing this to meet an international obligation so the scope is divided really in to the measures used at facilities in use of storage and transport because transport the security measures you take obviously are very different than the ones you will take to protect a fixed installation and so we divide the book up in that in that way and we look at protection against the two objectives of unauthorized removal and sabotage so let's start with the objective so first of all we're protecting against unauthorized removal and secondly protecting against sabotage now why only these two things I'm sure you could come up with other reasons why it's very sensible to protect nuclear facilities the reason is that because this is produced by an international agency and it's focusing on what is concerned to the international community in other words what are the risks faced by any member state the agency from operational nuclear facilities of course if material is removed without authority and gets into the wrong hands it can be moved to any other state and used to create some sort of problem and the same with sabotage as we saw well from Chernobyl cross-border implications can be quite significant and neighboring countries sometimes thousands of kilometers away can be affected by a meltdown of a nuclear power reactor so this is really why it focuses these things on these these two two aspects in turn it looks at what do you do at the extent of locating and recovering missing material and to what extent does security play a part in minimizing the effects of a successful sabotage attack so having got these objectives we then produced primarily for the purpose of this amendment to the convention a number of fundamental principles and these are they and we will go through them one by one talking about nuclear facility we're of course talking about anything which has nuclear material although mining and milling is a bit outside the recommendations it really wants once it starts becoming natural uranium concentrated then then it starts becoming the subject certainly of these recommendations so through conversion enrichment fuel fabrication into reactors possibly reprocessed if not long-term storage all of these are various types of facilities which the recommendations have to cover so they are not just specific to nuclear power stations they also are applicable to other types of nuclear facilities physical protection regime exactly the same as the nuclear security regime three components one the legislative regulatory framework the state puts in the institutions and organizations within the state to which responsibilities are assigned either administratively or by law and then the physical protection systems put in place at the facilities or around a transform and it could equally be expressed this way where the the rate of much of the regime is up at the state competent authority level but the license holders become responsible for producing a physical protection system which in turn comprises an integrated set of measures and these measures cover people procedures and equipment and throughout all levels we want to see nuclear security culture pervading who are the entities well we've got the state in practical terms that means the relevant ministries or departments of the state I think in most countries the responsibility for national security resides with the the highest executive level whether that's the president or the prime minister but in practice of course that's then delegated to various departments or ministries who will have responsibilities and they'll certainly include energy interior foreign office etc all have varying responsibilities and then of course down to the license holders who are either the operators of the facilities or carriers shippers receive us for transport it gets a bit complicated in transport they're all transport is very complex area partly because nuclear material is also dangerous goods and so we get involved with that but also because in some countries they decide the shipper and the person who is actually produces the material is also responsible it's transport in others this is contracted out to other professional carriers companies who who actually do the transport and the receiver of it also plays a role by at least checking that it's arrived properly and reporting it so we looked at state responsibilities in broad terms first thing this morning it's legal and registry frameworks got to assign responsibilities set requirements and this is an interesting area because there's now recognized two ways of doing this one is the prescriptive way and the second is the performance based way so either the state writes a long list of things that have to be done each individually described and if you do all them and something goes wrong basically the state must take the responsibility because it's decided what measures precisely will be in a nuclear facility for security we're now moving more really to a more sensible way of saying actually what the state should do is set the objectives that it requires the operators to achieve in this area because we want an integrated effective package of measures in a physical protection system and so and operators are always complaining that government setting requirements and being too prescriptive and doesn't allow us freedom to do things our way okay you do it your way but this is what you've got to achieve and you set objectives in terms of controlling access in terms of detection etc etc and you allow the operator to come up with a package of measures which achieve that this requires much more competence on the part of the operator because it's no longer ticking a box of what requirements have been set by the state in a detailed manner but now I've got to work it out himself and justify it to the regulator to get a license so I think we have enough about the state responsibility that's its job to establish implement or ensure implementation of more like it maintain sustain a physical protection regime effective against and we say unauthorized removal because of course what's more commonly called theft but there are some ways of obtaining material by fraud for instance which clearly is unauthorized removal but some countries call that by different name of theft so that's why we use this word unauthorized removal so it means obtaining material by whatever means whether it means physically picking it up where it's by deception by whatever means that's unauthorized removal and sabotage of course is causing an unacceptable radiological release deliberately we've had some interesting questions about threat up the threats and things like that it's clearly a state responsibility to find this the threat is not static and the state is responsible for monitoring it and advising people of changes to it also of course the state's legal regulatory infrastructure is written to cater for what what is in the state some states at the moment only have research reactors for instance but if they look at their regime they might find that the laws and regulations are inadequate to deal with the construction of a nuclear power plant for instance so when you introduce new types of material or new facilities you need to look at what you've got in place and refine it accordingly and then of course the state plays a lot of responsibilities in terms of if materials lost or the sabotage etc the book talks about competent authorities and in a way that any state body that's got a responsibility like the police responding to an attack are a competent authority but more generally what we're talking about a competent authority here we're talking about a regulatory body which is designated by the state invariably you need a law to do this because it's got to have legal authority and that means authority to enter your premises at any time and inspect whatever it likes and that needs legal powers to do clearly it has to be competent because it's regulating some very competent people who are running a power reactor it needs money to be able to carry out its duties and obviously human resources and its job is to exercise to issue authorizations and exercise oversight over what we call applicants there are people who've applied for a license but don't yet have a facility operators which is a generic term for anyone who operates the facility and shippers and carriers depending on who's responsible for transport certainly the regulatory body will need to have access to the state system of nuclear material counts in control I mentioned a very important you know out of facility there'd be a strong interface with the nuclear material counts in control people but of course at the state level the regulator will want to go to whoever's running the state system of nuclear material counts in control to find out where the material is and therefore which places should have a license to operate and own this material and the competent authorities have got a big keen role in making sure that the valuations are carried out regularly to ensure that all the systems installed are sustained and all the contingency plans are regularly exercised and many of these things will then reveal how necessary improvements and of course it's up to the regulatory body then to make sure that these corrective actions are taken where they're amending the contingency plan as a result of lessons learnt from an exercise or ensuring that cameras are replaced because they are now not good enough to carry out the valuation and you need some new ones but the main thing about it is is the operator is always in the lead in this area because they're going to be the first person to know they got a problem they're going to be the first people who detect someone climbing over the fence they're going to be the first person to discover something might be missing the regulator sits there oblivious of all this hoping that his regulations are being adhered to so it is absolutely important that the regulator is informed as soon as possible of any nuclear security event any untoward activity so that it is in the picture as much as the operator is and most countries will be encouraged to have regulations which require reporting of certain events in a timely manner and then the operators need to ensure through their management system that these things are reported to the appropriate people in management and reported on wooded upwards so if necessary to the police or whatever as well as to the directory body threat assessment we've had this the state defines the threat assessment associated capability associated capabilities and then a db design basis threat is developed as a design basis threat is really the worst case that you could get that's really it's it's looking at what is that we may have a tax they may only be convicted by one insider whose capability is fairly limited but what's the worst case we could have the insider not only working by himself but also in conjunction with an external attacker force etc of x number of people who have x number of guns and access to explosives etc and in what we call high high consequence targets like nuclear power stations where clearly the consequences of a sabotage attack can be very very serious uh for that we require design basis threat as we recommend it anyway as we do for holders of category one nuclear material which i'll come on to but for lesser facilities like a fuel fabrication facility just dealing with low rich uranium you wouldn't necessarily require a design basis threat because under the graded approach you wouldn't need as much security on a fuel fabrication facility as you would on a nuclear power station so anyway the design so where security is especially important such as a nuclear power station then it's the basis for the physical protection system design so the operator or designer needs to sit down look at this design basis threat and work out how exactly they're going to protect the plant against the capability described in that document and that also of course means looking at insiders as well risk management i mentioned that before it's up to the state really to set its risk appetite risk management doesn't mean we're completely removing the risk to do that would probably require well the only safe way would be to shut down the nuclear power station that would remove the risk pretty much but if you're going to operate it then there will always be some residual risk at least there's something minor happening and it's up to the state to determine what its risk appetite is in this context they used to always get very excited in the UK every time someone climbed over the perimeter fence of a facility and we had to explain to the minister that you'll see this from time to time this is not a threat which is going to produce any consequences because immediately he climbs over would detect him and he's arrested he's got nowhere near a target therefore there was no risk but perception wise they get very they see it as a security breach and and it should be prevented from happening in future etc etc so people's idea of perception and risk can vary quite considerably ministers tend to want to see no risk at all and then you tell them what the cost of not having any risk and they then decide that perhaps they'll have to live with a little bit of risk so what we do about risk well reducing the threat really is a straight responsibility I mean there's a group of terrorists in the country it's up to the law enforcement and intelligence bodies to deal with these people as best they can and try and reduce that threat the operator can't do very much about it but the operator can do something as I mentioned earlier about deterring people attacking it by making a look at a very hard target and hope that the bad guys all go and attack soft targets which is why in the moment in Europe we're getting so many of these attacks on public places because these countries all have nuclear power stations but they're pretty well protected whereas the streets of the capital are very very not so well protected we can improve the effectiveness of the physical protection system so that's going to cost money though in both in manpower and in physical equipment and of course being in danger of reducing operational efficiency so but certainly we're going to need to reduce the vulnerability in some way or other but also what is not looked at so much is reducing potential consequences and there are a number of ways that you can do this for instance if you've got liquid radioactive waste it's very easy to you know disperse around especially if you're on a hill but why not solid solidify that with by mixing it in with some what we do with high high activity is vitrify with glass and turn it into glass blocks you've still got the radiation levels but it's not dispersible in the same way if you put a bomb against the glass block it just blows the block around whereas if you you know put a bomb in and disperse the liquid then you'd have a lot more of a problem of cleanup so there are ways of doing doing doing this we're modifying the material one of the other things that's been done a lot in the last 15 years is converting research reactors from operating on high rich uranium a material especially useful for making nuclear weapons making turning them into into running on low in rich uranium because the that low rich uranium would require further conversion to be able to be suitable for nuclear explosive devices so by reducing the enrichment that the research reactors use we've reduced the risk quite considerably and that has benefits in terms of not only minimizing the likelihood of terrorists getting hold of high rich uranium but also reducing the need for the amount of security on the research reactors because they're no longer such an attractive target so I mentioned graded approach what exactly is this this is I mean if you said it in sort of money terms I mean a shock holding I don't know a few thousand pounds dollars of stock or something it's going to have some security on it but not the same as a bank with millions of dollars pounds euros or whatever in it and it's the same really with nuclear material we look at what the consequences of its theft or disperse who are and then work out how much security is required so in terms of theft many many years ago about 1975 I think they finalized this table of they placed nuclear material into categories category one containing the most attractive material suitable for nuclear explosive devices and category three being lesser material which would need a either multiple thefts of plutonium or HEU to get enough material or a lot of extra processing to convert low enriched material to high enriched so and then there are a set of measures increasing what the book does is say these are the things you do for category three but if you've got category two here's the extra things you do and if you've got two kilograms or more plutonium then you do all these other extra things so there's a sort of graded approach to security amount you reduce vulnerability to theft and of course at the top end you really want to reduce it as far as possible the risk of successful theft now with sabotage it's not quite as easy to do the same thing because it's the radiation level of the material here which is the key thing and you could get some of the same radiation levels from radioactive material if in bulk like cobalt 60 as you could from irradiated nuclear fuel and some things have different properties in terms of if they're ingested then they can kill you whereas other things are not posed the same risk so it's very complicated anyway what we suggested countries do is they set what they call a level of unacceptable radiological consequences and I think what we had in mind here was if the consequences of a sabotage of a facility is going to affect the local population outside the perimeter to some extent then normally you have to invoke then a district emergency plan you then have to be thinking about evacuating people etc and clearly most people in government would think that's pretty unacceptable that you you've got a hazard which impinges on the local population and then above that would be what we call high radiological consequences and here we're talking about things that would have a major impact potentially even cross border and this is all worked out on on exposures basically to people and the good safety folks can calculate the impact of dispersal of this amount of this material would result in this amount of radiological consequences at this point so it requires quite a lot of work to it's easy to set a level but to work out exactly whether you've got the material which would meet that material level is quite a bit of work to do but it's the only sensible way we can come around to coming to a graded approach on sabotage um defense in depth so the higher the consequences the more defense in depth you want so here is a sort of plastic little thing of I've got to climb over the perimeter fence from off-site I'm then in a limited access area where I could be detected um by patrolling guards etc um then I come to another fence which is surrounds what's called the protected area um which has got detection devices and cameras on it and certainly if I try and get over or through that I'm always certainly going to be detected um and then I've still got to get into this control building um which is housing the category two or category one nuclear material or um is a vital area from a sabotage point of view and having got into the control building then I probably still got to get through further barriers to get to an actual target itself which will be in a locked room or a strong room or something like that so all through these various things the more you put these in each of them should have detection assessment and um delay and delay something because the earlier you go start responding to an attack until you've had a detection and assessed that it actually is caused by a human being and not by an animal or something like that so this is the concept of defense in depth and we uh we use it a lot in terms of devising recommended measures for a graded approach but some things are common regardless of what the consequences are um you'll always require contingency plans um and they've all got to um work in with the emergency plan which is the safety response for which includes reaction to sabotage tanks um contingency plans are different slightly different emergency plans triggered by an actual release but many of the contingency plans are triggered by a detection of something which should not be happening like a person climbing over a fence um and um and then there is a response to prevent that person persons getting to the target area um and either removing it or damaging it security culture we've mentioned at some length now that's important quality assurance was um identified as one of the fundamental principles um by the people back in about 2000 who were doing the work on a menu in the convention um that is now commonly referred to as quality management and it's part of integrated management but for the purposes of um uh certainly the convention anyway and and the book we still talk about is quality assurance but it's making sure that that things are um constructed etc as they should be as they're designed to be um confidentiality this is another name for protecting sensitive information um although it now merges a bit into the cyber security program and not only protecting information and communication systems but also protecting instrumented control systems and finally we've got the sustainability program to keep the whole thing running um throughout uh its lifetime so what responsibilities have operators got um well first of all obviously they've got to comply with the law and regulations which sounds quite simple but uh if the regulations get too detailed then then they you they hit problems and want um to put up alternative means and stuff like that so complying with regulations may not be quite so simple as it looks on paper um they've got to cooperate and coordinate their own activities with other state bodies with responsibilities and these include not only the state people who are going to um make sure that their safeguards compliant etc but also of course with people like the response force who are going to come from outside because it's no good the police turning up at the fraying gate and never having been in the in this complex of a power reactor or two power reactors and knowing exactly where they're supposed to go and where there are dangers etc etc um and the radiation protection requirements etc so um there is a need to work very closely with these sort of state bodies um Newton material and cancelling control measure mentioned already what we now recommend is that in order to get a license um or an approval uh from the point of view of new physical protection uh the operator should submit a security plan which is a detailed description of what measures they've actually got in place in the facility to protect against theft and sabotage um and uh the contingency plans that they have in place to deal with nuclear security events um of one kind or another and um the regulator then either approves this plan and makes a condition that would be implemented from now on so it's not just a plan it then when it once is approved it becomes in itself a regulatory requirement to do exactly what it says in there which is a lot easier than having lots of very complex regulations saying exactly what you do um and um or otherwise there will be discussions backwards and forwards of how the plan needs to be improved in order for the regulator to approve it um but eventually the the long the ultimate thing is to have an approved security plan uh optimum site selection and design site selection often is an area I think government gets more involved in um certainly because it it goes in with planning requirements things like that but design is very much um something between the operator and the designer or the vendor um but it's up to them to make sure that the uh um design incorporates the sort of physical uh physical protection measures that will be required yeah and then having set all this up then the operator is responsible for evaluating the system on a regular basis making sure it does work uh going around kicking the fence making sure the alarms go off for instance to full-scale exercises with response forces to ensure that um they protect the target um and prevent the bad guys getting getting to it they're also responsible compensatory measures I mentioned about them reporting things through regulatory bodies it's very important that they also report any failures in this physical protection system however they're caused um you know if the fence blows down in high wind which you once had somewhere um then obviously he needs to put some guards there until the fence has been repaired um because the the delay factor and detection provided by that fence is no longer there um similarly other equipment breaks or something like that and pending repair then the operator has got to tell the regulator that it's not running as per the approved security plan and what measures that have been put in place to compensate for this on the short term until the repair is undertaken um and if it's a more important work necessary um he'll then have to get which involves a uh amendment to the security plan and it's obviously going to have to get that cleared in advance uh because there should be no change to the security plan unless the regulator has approved it in advance so this is very much a sort of system of how the regulator maintains oversight and ensures that the um what's in place has always been approved by it um as part of the security plan um we were asked about um detection delay and response earlier on um the system is the integrated set of measures intended to prevent completion of a malicious act whether that is theft or sabotage um and one of the ways of looking at this is is doing a timeline of where am I going to detect them how much delay is provided between there and the target and will the response force get there in order to prevent them attacking the target whether it's material or equipment systems or devices important to safety um and so as illustrated here um you look at it from the point of view of the tasks that the external attacker has to do um and you can end time how long you would expect them to take to do it um and uh and that could extend to things like them if they need to blow a hole in a wall um uh how long would it take them to set up a charge to blow a hole in the wall of the building in order to get through the build into the building etc um these are all tasks that you know they would be faced with and they all these tasks would take time um and then you look at uh through exercises at the time the response force takes to get um to an appropriate place to interrupt the attack uh by getting between the bad guys and the target and then what's called neutralizing them which is arresting or killing them I suppose so here we look at it in the thing um the functions that you'll be having at a nuclear power station would be you would have a detection preferably as far out as possible from the the actual um power power um block um and there you would hope that the sensor or multiple sensors often you often put on fences two types of sensors so if one doesn't work the other will do that will then send an alarm signal to what we call a central alarm station um and there they will assess what caused the alarm through looking at camera footage of the area and until they've done this assessment there is no detection so from this timeline point of view the the that that time doesn't take account until you've got this uh assessment so in other words you need to be able to assess what caused an alarm very quickly because you're now racing against the attack in order to uh to buy more time you can provide delay obstacles so walls and things like that heart and doors to get into buildings all these sort of things are delay features which uh the attacker has to get through and meanwhile the central alarm station is communicating to the response force what has happened the response force deploys and then interrupts and neutralizes the adversary attempt at least in in that's the overall plan anyway uh in practice I guess unless you've got a response force on your facility already you're uh you're unlikely to buy the amount of time you need not without putting tremendously amount of money into delay barriers um because uh any um delay barriers obstacles can be defeated just given enough time uh we've seen now people um criminals attack bank vaults or safe deposit vaults and by drilling their way through walls and things like that you know uh unless the alarm's gone off and the response is on its way you know give they've given them time they'll get they'll get into the bank vault and they'll rob it uh it's the same with any any any delay things you put up uh you're only buying time you're not preventing anything at all so these layers we have um we end up with more security on all of them as they get close to the target so we have the limited access area where access is limited and controlled um in other words this is where your first gate will be or your first fence will be where the first access control checks will be carried out for the more important targets they'll be in a protected area soon they'll have a repeat of the whole thing again with fences cameras uh access control search all that sort of thing um until you get to an inner area or a vital area and these are the top targets either category one nuclear material or vital area which is uh an area containing equipment systems or devices or nuclear material which could lead to high radiological consequences so and one of the things in a nuclear power plant is go and identify what those are um and decide how you're going to protect them maybe a classic is standby diesel generators there um i mean the problem with Fukushima was the lack of standby power uh they lost not only in the main supply but the power the backup um and as a result you know there was there was a really serious problem but if you've got six standby diesel generators it doesn't seem to seem to mean that we need to protect each and every single one of them because how many do you actually need to maintain standby power if it's only two at a time then select two of them and make sure that they're really well protected um and uh you know so there are ways of working out what systems could be attacked and what redundancy is in place from a safety point of view and and work out what's the minimum number of um features that would need to be attacked to cause a high radiological consequence release um so schematically it looks like that um with various barriers at fences and detection each into each area and here you can see that for category one of category three material um we're quite happy that that's just in a building inside a fence with a perimeter around it uh because for category three we're talking about stuff like low enriched uranium fresh fuel which actually you can't do a lot with immediately uh it's low enriched um it's not very radioactive at all um certainly it's not going to cause by itself high radiological consequences um but when you irradiate that fuel and take it out the reactor and put it in a pond it then becomes category two material and then it's in a protected area so then it's getting yet another layer of of protection around it and if it was assessed that you could I don't know say drain the pot and remove the water and uh you'd certainly be into high radiological consequences and that pond would then be a vital area um so then you'd have you know these three levels of protection around that pond so that's the way a graded approach and defense in depth work tandem in tandem so um that really is sort of a quick run-through about the sort of measures that that require to be taken both by the state and uh the operators to protect against um unauthorized removal and sabotage of something like a nuclear power station um the agency's got quite a large program now um of range of activities to help member states in this area um one I mentioned um documents like um the objectives and fundamental principles and this one I've just been talking about which is um the physical protection one but there are 26 documents I think currently being published and many more on their way and um they're in a hierarchy we've done the fundamentals and recommendations most of the implementing guides are now being done and we're now working on a lot of technical guidance of how to do things in particular areas such as um a handbook on physical protection equipment and things like that which is very very detailed or um how to plan continuously plans and exercise some things like that on you know particular areas of interest um and the way this is done is is the fundamentals say what should there are the essential elements for a state the recommendations like this book are basically largely what should be done um and then the implementing technical guidance uh contains suggestions of how you might achieve the what in the recommendations but at the end of day it's all guidance none of this is legally binding by itself so as I said before they're developed by member states experts um there is now a nuclear security guidance committee which then looks at the product and makes sure that things like consistency are in place um and um makes any corrections it finds necessary but again that committee is formed by representatives from member states um and then it goes into publication to make sure it complies with the publication standards of the agency um every couple of years or so and everything I think it's four years they have a nuclear security plan this is approved by the board of governors um and basically says what the agency can offer during the next four years and what its priorities will be to to various things whether need success assessment coordination research projects etc um so we look at a bit more assistance cooperation um a lot of work being put in done into encouraging um people here to relevant legal instruments um of course they develop the nuclear security guidance documents and these documents then form the basis for advisory service visits missions to countries on request um and so their physical protection regimes are then assessed against the IEA recommendations um but again it's voluntary it's on request and the advice received is not legally binding um a lot of work being put into education and training what's known as capacity building especially for newcomer states who are embarking on nuclear power um there are a whole range of people who will now be need to be trained up on all sorts of areas which never previously existed in a country a lot of work done on major public events this is in terms of advising how to protect against them being attacked with a dirty bomb which is always considered sort of major threat um we've got 80 000 people in one small area and and you let off a dispersal device one could imagine um not only the potential health consequences but the panic which would ensue and risk reduction which is um often bringing donor countries together with recipients to improve their physical protection equipment etc um there are two sets of advisory services one deals with material ad-red should control so that's looking at advising customs border authorities people like that state police forces um and this other one which is the physical protection advisory service which goes and looks at um the state regime um not only for nuclear but also now it has a module for for states just with uh for radioactive material then it looks then at the regime in place for protecting radioactive sources and looks at some places where they're held to look at the level of um the security measures in place and so far there have been quite a lot of these advisory missions they're quite popular um and certainly if you're embarking on nuclear power program um as part of commissioning the place at the end of the day having an advisory mission external advice like this would be very useful to make sure that what you put in place um is good it's all voluntary it's recognized as a very sensitive area and the report produced is highly confidential which is the top sort of classification of the ia thing um and it only goes to the state who invited it it's never distributed anywhere else and um it's then up to the state concern to um decide to implement all the recommendations and suggestions in it which normally they do because there's not much point having this sort of advice if you don't then follow up on it education training a lot of work done with um universities and that sort of things to roll out um again sort of security is uh i i went back 20 years ago you'd find very few universities had courses on anything to do with security in any realm uh even commercial security um this is now recognized as a sort of important area by many universities are now increasingly getting courses that we've mastered in uh security not only commercial security but even nuclear security and then of course there's training courses um numerous ones those are provided by the ia um well the accident really is on train the trainer um if we can get some people trained in a particular country in in in this then they can then roll out that same training to more people within their country um and to this end countries are now encouraged to have nuclear security support centers um otherwise known as centers of excellence by some where they carry out their own national training um and um the ia supports this partly by getting all these support centers together to discuss their experience and share best practice etc so there's a lot of work going in on in this area to improve capacity building um and as an education network it's not the same as sharing um course material and things like that major public events um this is this is some of the sort of things that the ia's provide support to in terms of training up access control to include detection of radioactive material attempts to be smuggling those into stadiums etc risk reduction a lot of upgrades done a lot of especially in the radioactive source area um and a lot of in detection instruments being provided um this is all collected together often in an integrated nuclear security support plan for a country and so it's all all their needs are captured on one plan um again all this is totally voluntary e-learning is now a new thing coming in a lot a lot of um so you can go on the ia website and download e-learning packages um and kind of mention most of those things research reactor programs a lot of work being done on them to enhance them to stay in their nuclear security um accountancy and control a lot of work being done in that area in the last few years um um uh getting across and there is a book now on it use um it's nuclear material accounts in control for nuclear security in other words making it clear what part of their work contributes to nuclear security um that's what nuclear material does often radio transport as well um there is a lot of transport taking place but a number of transporters actually are fairly limited um so it's often the supply countries that actually arrange a transport using transport means they've got so that really concludes the nuclear security part of this course um so if you want more questions we like it to be different we we we don't we don't really want to put the security man in charge of counting the material because if he himself was an insider and wanted to steal the material he could cover it up so it's far better to have a separate lot of body of people here counting the material making sure it's there than the security people over here who only um follow up any reports of material being missing so it's always a good idea to separate it at a facility level at a state level um there is something called a state system of accounting control which is there to ensure accurate reports are given to the IEA Safeguard's division uh division department I mean um who then you know have the accounts for the world if you like uh and there the people send out inspectors of their own to check that material is um where it's supposed to be um so up there it's it's not quite so important but but at a facility level it's very important to have the accountants separate the control bit is done by what we call nuclear material custodian so there the people actually in charge of the building where the material is and there the people really um control access to the building control movement within the building and submit reports to the accountants on material being moved in and out of the building so the accountants maintain an up-to-date record of where material is or where it's gone uh and then they report up to the state um and then the state reports to the IEA so that's how it works but best to be separated yeah yes uh yeah so the question is how does state get help from the IEA um well it's very easy huge uh there is a division of nuclear security uh at the IEA if you go on the IEA website um it'll you go on uh what we do and you'll then get on to a web page to do with nuclear security and there you will find contact telephone numbers and email addresses um of the various section leaders who uh are responsible for various things and uh you're just getting in touch with them um and and ask for assistance so it's it's quite quite a simple thing to do of course I wouldn't guarantee that always they're capable of keeping I mean obviously um they were running to a budget they don't have unlimited resources uh especially if you wanted help in upgrading a physical protection system and things but um certainly they will do whatever they can do and suggest how how they can best help you but I mean when the country needs help it has a weakness yeah in the security program yeah so is it that important because this is torturing the weakness isn't really important you say before that you have to first solve it and then what's your weakness so well I mean if it identifies an area it's weak in yeah I mean it can get in touch with the IA and ask for advice on addressing that I mean in one way is having an advisory service mission like iPass to come along and give advice on how to improve it bearing in mind that often there are things that have to be done at the state level and also by the operators so there are more than one party offering involved in these problems it may be a need for improved human capacity better nuclear security culture something like that in which case you know there are training courses and things like that the big difficult area is is if you wanted money to you know build a new fence or something and provide lots of cameras that's when this one gets problems because they don't really have they have some money to supply things like detection instruments for major public events and stuff like that but building the all the detection delay systems around nuclear power reactor is quite quite costly security of a fast breathing reactor yes well fast breathing reactors I mean one of your one of your first issues is that the fresh fuel is normally about 30 plutonium or high in rich uranium so straight away you're into category one nuclear material which needs protecting against theft so that increases the security you need around the fresh fuel so that's that's the big issue um otherwise um yeah I mean the consequences of sabotage are not dissimilar I would say to I mean you've got a different primary cooling circuits you've probably got something I mean the one we had in UK had had sodium rather than water cooled primary cooling circuit but that gets reactive radioactive but I mean it's still you know something that you could sabotage I don't think it makes much difference whether it's water running around or liquid sodium but the main problem I think it's the fresh fuel that's that's the area way you know from a security perspective um well I think I think the the world would be happier if plutonium and high in rich uranium did not exist in the civil sector so there's that side to it um which is why they did so much work at getting research reactors to reduce the enrichment of their fuel so there is an issue there it's a it's the fresh fuel thing and then how you're going to get this you know fresh fuel or whatever you then you probably need to reprocess it I mean the whole purpose of France breeders is they breed more plutonium or whatever well then you need a reprocessing plant to then extract that plutonium from the depleted uranium or whatever you've used as the breeder fuel so you're you're into a lot of complex fuel cycle issues here with fast breeders whereas with most other power reactors these days most people are just having a once through fuel cycle and then looking for ways of disposing of their spent fuel underground somewhere um yeah the question was what if radioactive material got got in the sea in one country and then um affected another country um well the sea is a great diluter it's rather like the atmosphere um uh there is play here's have been material in uh nuclear material in the oceans for some some years now it's sunken nuclear powered submarine spring to mind used to be actually what it was seen as a disposal means many many years ago um yeah I think that the real problem with um getting in there is he's getting into the food chain um that's that's more the problem um for neighboring countries yeah which is why there is no yeah um you're not allowed to discharge radioactive material into the seas etc you shouldn't what you shouldn't do anyway um but if you if you do well I don't know this becomes something like a uh a matter between the country's concern they would take it up under some conventions or other but it's not really a nuclear security issue because it would be so diluted that it wouldn't be a a security issue wouldn't be discrete material anymore unless you dug it out yes hi how did it come in um well I don't know I'm a nuclear weapons scientist I guess that somehow they decided that um below new below 20% uh one would have to do uh a lot of extra reprocessing it's a lot of extra enrichment to um make the material useful for for a weapon um I guess it's pretty arbitrary um I think the the the levels are pretty arbitrary um and the the the weights are because probably one percent either way wouldn't make much difference um equally you know we say two kilograms of plutonium is category one or I haven't said it's 1.99 I mean it's it's it's you've just got to draw a line somewhere and they're fairly rough I think you know lines uh to to produce a greater approach um so that probably is the answer is is that I wouldn't get too fixated about it um it's why um all the research reactors are running on these days on 19.75 percent enriched because they know they get any further above that and they get into additional security problems um but in practice those those problems are probably pretty arbitrary and it wouldn't make much difference you end up another one percent substantially but there we are yeah um best coordination what are the best coordination measures a committee no you need yeah I mean one of the best what well I'm going to go two ways one is to organize regular meetings of these bodies get the people all around the same table from time to time is a very useful way of doing it uh exercises are another useful way um because that eventually that gets everyone thinking about the same problem for for a time um there are there are various ways but again it's very important you know like all leadership it comes from the top um it's very important that the you know the higher reaches of government make clear that this is an important issue and they expect the people they've given responsibilities to to interact with one another and and make sure there are no problems um uh responding or whatever else they're they're engaged in doing um yeah I'm conscious of course I'm eating into your lunch time now yeah questions about orphaned sources um yeah when I've been talking about material out of regulatory control what I'm talking about includes orphaned sources that was a a name which was used a lot in in in more commonly in the safety area um about orphaned sources because there's a big problem there are a lot of become orphaned they haven't been necessarily stolen um they've sometimes been liking you know companies which went bankrupt and abandoned their building and left behind the source that was inside and government didn't know it was there and blah blah blah the next minute it's in the scrap metal chain um yeah so that so so but from a security point of view the IA came up with this term out of regulatory control so it meant orphaned for whatever reason whether whether it was stolen whether it accidentally became orphaned it really was a term of it hasn't got any parents to look after it yeah but so whenever I mention material out of regulatory control and and a third of this nuclear security program the IA deals with that topic then yeah that includes orphaned sources yeah okay um as I say I've we've got a question we've got a room any other questions about half past five tonight haven't we we have a wrap up session for the day which I'll be present that so so if you've got any more questions I suggest you perhaps leave it till half five and then we have them then how do we ensure that people on advisory missions are trustworthy in human consent because we go and get them from sources where undoubtedly they're considered trustworthy by their own governments um I I mean commonly they come from from regulatory bodies I mean I did a lot and and people in the agency would come to me I was working for a regulatory body in security they know that um and I think you know we assume that if their own government considers them to be trustworthy enough to be a regulator in nuclear security or I don't know nuclear material custodian and a sensitive nuclear facility you know they will have been you know assured to be trustworthy by you know and of course it's all done through governments anyway so it's not they don't go recruiting people off the street it's it's all done you know through government you know contacts so um yeah you're taking an assumption if you like that that these people are trustworthy by virtue of where they're employed currently and that's one of the reasons why once people leave their job um then they're no longer eligible you know because they're not working anymore for for and as soon as I stopped working for government I stopped doing advisory machines essentially because they don't know who I am anymore okay right