- 1 -

Nuclear Security Series No. xx

Implementing Guide

Nuclear Security

Detection [Architecture]

Version: 5 3 February 2012

INTERNATIONAL ATOMIC ENERGY AGENCY

- 1 -

FOREWORD 1

TO BE PREPARED BY THE SECRETARIAT AT A LATER TIME 2

The present publication is based on the Model Guidelines Document for Nuclear Detection Architectures 3 developed within the framework of the Global Initiatives for Combating Nuclear Terrorism (GICNT). 4

- 2 -

TABLE OF CONTENTS 1

1. INTRODUCTION - 3 - 2 1.1. Background - 3 - 3 1.2. Purpose - 4 - 4 1.3. Scope - 4 - 5 1.4. Structure - 4 - 6 2. BASIS FOR ESTABLISHING A NATIONAL NUCLEAR SECURITY DETECTION 7 ARCHITECTURE - 5 - 8 2.1. National nuclear security detection strategy - 6 - 9 2.2. Legal and regulatory framework - 6 - 10 2.3. National capabilities - 7 - 11 2.4. International and regional cooperation - 8 - 12 3. DESIGN AND DEVELOPMENT OF THE NATIONAL NUCLEAR SECURITY DETECTION 13 ARCHITECTURE - 10 - 14 3.1. Attributes of effective nuclear security detection - 11 - 15 3.2. Structural and organizational elements - 12 - 16

3.2.1. Multi-layered approach - 12 - 17 3.2.2. Crosscutting elements - 14 - 18

3.3. Role of information in effective nuclear security detection - 14 - 19 3.3.1. Delivering information to users - 15 - 20 3.3.2. Information management - 16 - 21

3.4. Trustworthiness of personnel - 16 - 22 3.5. Role of nuclear security culture - 17 - 23 4. DETECTION BY INSTRUMENTS - 18 - 24 4.1. Detection instruments - 18 - 25

4.1.1. Passive detection instruments - 18 - 26 4.1.2. Active detection instruments - 19 - 27

4.2. Data network for detection instruments - 19 - 28 4.3. Detection technology investments and operational requirements - 19 - 29 4.4. Evaluating detection technologies - 19 - 30 4.5. Research and development in detection technology - 20 - 31 5. DETECTION BY INFORMATION ALERT - 21 - 32 5.1. Operational information - 21 - 33 5.2. Medical surveillance reports - 21 - 34 5.3. Reporting regulatory non-compliance - 21 - 35 5.4. Reporting loss of regulatory control - 22 - 36 6. INITIAL ASSESSMENT OF ALARMS/ALERTS - 23 - 37 6.1. Initial assessment of alarms - 23 - 38 6.2. Initial assessment of alerts - 23 - 39 7. IMPLEMENTATION FRAMEWORK - 25 - 40 7.1. Roles and responsibilities - 25 - 41 7.2. Instrument deployment plan - 25 - 42 7.3. Concept of operations - 26 - 43

7.3.1. Technical specifications of detection instruments - 26 - 44 7.3.2. Installation, acceptance testing, calibration and maintenance - 27 - 45

7.4. Education, awareness, training and exercises - 27 - 46 7.5. Sustainability - 28 - 47 APPENDIX: NUCLEAR SECURITY DETECTION ―CHECKLIST‖ - 29 - 48 REFERENCES - 34 - 49 ABBREVIATIONS - 35 - 50 GLOSSARY - 36 - 51 52

- 3 -

1. INTRODUCTION 1

1.1. BACKGROUND 2

The risk that nuclear or other radioactive material could be used in terrorist acts is regarded as a serious threat 3 to international peace and security. The IAEA maintains an Illicit Trafficking Database (ITDB) which contains 4 confirmed reports of detected nuclear and other radioactive material out of regulatory control. Material out of 5 regulatory control could lead to criminal or terrorist acts including: (a) criminals or terrorists acquiring and 6 using nuclear material to build an improvised nuclear device (IND); or (b) deliberate dispersal of radioactivity, 7 by the construction of a radiological dispersal device (RDD) or radiation exposure device (RED); or c) through 8 an act of sabotage at a facility that uses or stores nuclear and other radioactive material; or during transport of 9 nuclear and other radioactive materials. 10

There are a number of international legal instruments, both binding and non-binding, which are intended to 11 combat nuclear terrorism. The IAEA has responded to requests from Member States for guidance on their 12 obligations and best practices with respect to these international legal instruments. The top-tier guidance 13 publications include: 14

Nuclear Security Fundamentals [1]; 15 Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear facilities 16

(INFIRC/225/Rev.5) [2]; 17 Nuclear Security Recommendations on Radioactive Material and Associated Facilities [3]; and 18 Nuclear Security Recommendations on Nuclear and Other Radioactive Material out of Regulatory 19

Control [4]. 20 The International Legal Framework for Nuclear Security [5] 21

The second tier guidance documents are Recommendations, which elaborate the essential elements of nuclear 22 security and present international consensus recommendations on how States should apply these essential 23 elements. 24

This document falls within the third tier of guidance documents – Implementing Guide – that is intended to 25 provide more detailed information on implementing the Recommendations using appropriate measures. 26

A State’s nuclear security regime comprises: 27

o the legislative and regulatory framework and administrative systems and measures governing 28 nuclear security of nuclear material, other radioactive material, associated facilities and 29 associated activities, 30

o the institutions and organizations within the State responsible for ensuring the 31 implementation of the legislative and regulatory framework and administrative systems of 32 nuclear security, and 33

o nuclear security systems and measures for the prevention of, detection of and response to 34 nuclear security events [1]; 35

One of the necessary elements supporting the establishment of an effective nuclear security regime is the 36 development of a national detection strategy [4]. The implementation of the national detection strategy requires 37 an effective nuclear security detection architecture that contributes to the protection of persons, property, 38 society and the environment from harmful consequences of a nuclear security event by enhancing a State’s 39 capacity to monitor and control the movement of nuclear and other radioactive material. 40

An effective nuclear security detection architecture1 is based on the national detection strategy and the national 41

legal and regulatory framework for nuclear security; and is supported by a well functioning system of law 42 enforcement

2. The nuclear security detection architecture comprises: 43

1 While the term ―national infrastructure‖ is widely used in other IAEA publications and includes the State's legal and

regulatory framework and the State's underlying strategy, the ―nuclear security detection architecture" is based on the legal

and regulatory framework needed to implement the national level strategy and includes the nuclear security systems and

measures at national and local levels (i.e. at individual facilities and other strategic locations) for the prevention of,

detection of and response to nuclear security events and the institutes and organizations directly responsible for

implementing those systems and measures. 2 As used here, the term ―law enforcement‖ is intended to cover a wide range of different functions and responsibilities

concerned with enforcing laws, regulations, and related requirements.

- 4 -

Established competent authorities3 with responsibilities for the nuclear security systems and 1

measures as well as technical support organizations and arrangements for coordination and 2 communication. 3

Arrangements for international cooperation and assistance; 4 Nuclear security systems and measures for detection of nuclear and other radioactive material out 5

of regulatory control that provide adequate coverage of the State, its facilities and other strategic 6 locations (i.e. borders), including: 7

o A comprehensive set of detection instruments (fixed and/or mobile) with appropriate 8 concepts of operations; 9

o A system for the collection of operational information, medical surveillance data (that 10 indicates radiation exposure) and non-compliance reports from the regulatory authority 11 and other competent authorities who may issue approval (for example transport or import 12 or export approvals) as part of information alerts. 13

1.2. PURPOSE 14

The objective of this publication is to provide guidance on the development of, or improvement of an existing, 15 nuclear security detection architecture that establishes systems and measures for detection of criminal or 16 unauthorized acts with nuclear security implications involving nuclear and other radioactive material out of 17 regulatory control. 18

1.3. SCOPE 19

This publication provides guidance to States for the development of an effective nuclear security detection 20 architecture for detection of a criminal act or an unauthorized act with nuclear security implications involving 21 nuclear and other radioactive material out of regulatory control. 22

This publication does not address in detail the legal or regulatory framework or the national nuclear security 23 strategy that support the nuclear security detection architecture nor does it address the preventive measures that 24 may be implemented. It provides guidance on the interface with the response measures but does not deal with 25 this subject in detail [7]. 26

1.4. STRUCTURE 27

Chapter 2 describes the basis for establishing an effective nuclear security detection architecture including the 28 relationship between the components of this basis. Chapter 3 sets out the elements of an effective nuclear 29 security detection architecture. Chapters 4 and 5 describe the basic concepts for detection by instruments and by 30 information alerts respectively. Chapter 6 presents guidelines on the initial assessment of alarms and alerts. 31 Chapter 7 provides an overview of the implementation framework for establishing a nuclear security detection 32 architecture. 33

The Appendix provides a ―checklist‖ for establishing an effective nuclear security detection architecture. 34

3 Competent authorities are governmental organizations or institutions that have been designated by a State to carry out one

or more nuclear security functions [4].

- 5 -

2. BASIS FOR ESTABLISHING A NATIONAL NUCLEAR SECURITY 1

DETECTION ARCHITECTURE 2

The IAEA Nuclear Security Recommendations on Nuclear and Other Radioactive Material out of Regulatory 3 Control [4] recommend that for the State to have an effective nuclear security regime, it should ensure: 4

Comprehensive legislation that provides legal authority to the various competent authorities within the 5 State to undertake their activities in an effective manner; and 6

Provision of sufficient and sustained resources to the various competent authorities to enable them to 7 carry out their assigned functions, including detection systems and measures, through an instrument 8 alarm and/or an information alert, of the presence or indications of a criminal act, or an unauthorized 9 act with nuclear security implication, involving nuclear or other radioactive material that is out of 10 regulatory control

4. 11

The nuclear security detection architecture integrates the nuclear security systems and measures needed to 12 implement a national strategy for the detection of nuclear and other radioactive material out of regulatory 13 control. The systems and measures are implemented within a concept of operations and are supported by 14 communications, law enforcement, intelligence agencies, systems of regulatory compliance as well as human 15 resources (e.g. enforcement officials, experts, local and national response teams, other authorities) to ensure its 16 effectiveness. 17

Sections 2.1–2.4 below discuss a number of elements of a national nuclear security regime that provide the 18 basis for an effective nuclear security detection architecture, and that need to be taken into account in 19 establishing such an architecture. 20

The nuclear security detection architecture addresses part of a spectrum of nuclear security activities as shown 21 in Figure 1. While this publication relates to the detection part of the spectrum, the relationships between the 22 different parts of the spectrum (prevention, detection and response) is important

5. 23

24 25

26

27

28

29

30

Figure 1: Spectrum of nuclear security activities 31

Although details of the prevention and response part of the spectrum are outside the scope of this document, it 32 is important to consider the entire spectrum in the design and development of a State’s nuclear security 33 detection architecture. The nuclear security detection architecture will include detection systems and measures 34 established by the responsible competent authorities. 35

Detection includes a known encounter between the threat and the defensive countermeasures such as: 36

An instrument alarm; 37 An information alert; 38 A collection of qualitative and quantitative information concerning the alarm or alert; 39

4 A ―criminal act‖ is normally covered by criminal or penal law in a State, whereas an ―unauthorized act‖ is typically the

subject of administrative or civil law. In addition, criminal acts involving nuclear or other radioactive material may

constitute offences related to acts of terrorism which, in some States, are subject to special legislation that may be of

relevance in following these recommendations. Unauthorized acts with nuclear security implications could include both

intentional and unintentional unauthorized acts as determined by the State, as described in footnote 2. Examples of a

criminal act or an unauthorized act with nuclear security implications could, if determined by the State, include: 1) the

undertaking of an unauthorized activity involving radioactive material by an authorized person; 2) the unauthorized

possession of radioactive material by a person with the intent to commit a criminal or unauthorized act with such material,

or to facilitate the commission of such acts; or, 3) the failure of an authorized person to maintain adequate control of

radioactive material, thereby making it accessible to persons intending to commit a criminal or an unauthorized act, using

such material. 5 The IAEA Nuclear Security Recommendations on Nuclear and other Radioactive Material out of Regulatory Control [4]

recommends that once there has been a conclusive initial assessment that a nuclear security event has occurred the relevant

competent authorities should commence with response activities. These are outside the scope of this publication.

Response Detection Prevention

- 6 -

Information from other sources, such as radiography, that may not necessarily be readings from 1 radiation detectors; 2

Initial assessment of the alarm or alert. 3

2.1. NATIONAL NUCLEAR SECURITY DETECTION STRATEGY 4

An effective nuclear security detection architecture is derived from a comprehensive, integrated detection 5 strategy prepared by the State, through the coordinating body or mechanism

6 to ensure the necessary 6

institutional support [4]. In some instances, implementation of a detection strategy at the national level may 7 require new legislation, while in other instances existing legislation may provide sufficient basis for the 8 implementation of the strategy. 9

A national detection strategy determines the scope of, and priority assigned to, the nuclear security detection 10 architecture. It articulates objectives for the detection systems and measures and provides the basis for 11 assignment of functions, including cooperation and coordination between the competent authorities and 12 allocation of resources. 13

A detection strategy is based on a careful characterization and analysis of the threat posed by the use7 or 14

transport of nuclear and other radioactive material out of regulatory control. A national threat assessment is 15 prepared by the responsible competent authority in coordination with all involved organizations and updated 16 periodically in light of new information and changing conditions. A detection strategy is reviewed and updated 17 in accordance with changes to the threat and risk assessments. Notwithstanding an unchanged threat or risk 18 environment, review of a detection strategy is considered periodically. 19

Threats will differ depending on the circumstances in each State. Possibilities to be considered include the 20 following: 21

Criminal or terrorist groups attempting to build or use an improvised nuclear device (IND); 22 Criminal or terrorist groups acquiring and/or using radioactive material through theft of nuclear or 23

other radioactive material or sabotage of facilities and activities8, e.g. for the construction of a 24

radiation exposure device (RED), or a radiological dispersal device (RDD); or 25

A range of criminal or unauthorized activities, such as unauthorized transport through the State 26 territory, unauthorized possession or use of nuclear or other radioactive material and devices within the 27 State, as well as conspiracies and hoaxes or scams where the material is not actually nuclear or other 28 radioactive material. 29

Similarly, a range of potential threats may be considered, from relatively unsophisticated and opportunistic to 30 highly sophisticated and determined motivations. Further, all States, including those that assess the likelihood 31 of the use or transport of nuclear and other radioactive material out of regulatory control through their territory 32 to be relatively low, should be aware that material, equipment and technology that may ultimately contribute to 33 the construction of an IND, RED or RDD may either originate in their State or be shipped through their State. 34

A detection strategy includes a policy on sensitive information and assigns responsibilities to the various 35 competent authorities for information security related to systems for detection of criminal or unauthorized acts 36 with nuclear security implications involving the use of nuclear or other radioactive material out of regulatory 37 control 38

Consistent with the IAEA nuclear security recommendations [4], the national detection strategy should include 39 opportunities for international and regional cooperation. 40

Once approved, various elements of a national detection strategy are communicated to relevant stakeholders in 41 an appropriate manner, which may differ depending on national laws and practices. 42

2.2. LEGAL AND REGULATORY FRAMEWORK 43

In accordance with the IAEA Nuclear Security Recommendations on Nuclear and Other Radioactive Material 44 out of Regulatory Control [4], the State should establish and maintain an effective legal and regulatory 45 framework as the basis for the implementation of the national detection strategy. 46

The legal framework should define the conduct or actions that are considered to be a criminal act, or an 47 unauthorized act(s), with nuclear security implications. Criminal acts should be defined to include the threat or 48

6 A coordinating body is a committee with representatives of all relevant competent authorities. If the State has a federal

structure, the coordinating body could be established at the federal and at the state, regional or local level. 7 In this context use includes trade, receipt, possession and storage. 8 The detection of such acts at regulated facilities and activities are not covered in this publication. For details, see [2, 3, 8, 9].

- 7 -

attempt to commit such an act as well as actually committing the act. The legal framework should include 1 provisions that result in the protection of nuclear and other radioactive material at the source (i.e. security of 2 material in authorized production, use and storage) and during transport. The legal framework should also 3 provide the basis for the implementation of national import and export controls as well as customs and border 4 operations for detection at designated and non-designated points of entry and/or exit (POEs), and at other 5 strategic locations. 6

The legal framework should define the roles and responsibilities and assign authority to the relevant competent 7 authorities. Related functions of competent authorities in the development of a detection architecture could 8 include: 9

Contributing to the development of the national detection strategy; 10 Developing, operating and maintaining the detection systems and alarm assessment procedures and 11

providing the resources necessary for implementing and testing the associated activities; 12 Providing adequate training and information to all personnel involved in carrying out nuclear security 13

detection measures; 14 Sustaining the detection capabilities and ensuring operational preparedness through sound 15

management practices, performance testing, addressing detection instrument maintenance, personnel 16 training, exercises and process improvements; and 17

Cooperating with the coordinating body if established, other competent authorities and bilateral and 18 multilateral counterparts as applicable, in part to ensure the effectiveness of their procedures and 19 responsibilities. 20

Developing sustainable communication between designated staff and other designated organizations 21 for assessment of instrument alarms and information alerts. 22

2.3. NATIONAL CAPABILITIES 23

States may draw on a wide range of on-going activities in the design, development, and implementation of an 24 effective nuclear security detection architecture. The national capabilities for establishing and implementing an 25 effective nuclear security detection architecture can be summarized as follows [6]: 26

Security of nuclear and other radioactive material 27 The implementation of nuclear security measures for nuclear and other radioactive material in authorized 28 production, use, or storage facilities and during transport can prevent terrorists and criminals from obtaining 29 material that could be used for a criminal act or an unauthorized act with nuclear security implications and 30 provide a level of assurance that materials are secure and under control [2, 3, 8, 9]. 31

Regulatory controls 32 Regulatory controls including enforcement measures contribute to detection of nuclear and other radioactive 33 material. An effective nuclear security detection architecture necessarily relies upon regulatory authorities and 34 other competent authorities that have a role in regulating and controlling the secured use, storage and transport 35 of radioactive material for its implementation. 36

Provisions for inspecting carriage, transit modes, facilities, and other venues that have the potential of nuclear 37 security threats are important and need to be in compliance with licensing and safety regulations within the 38 State territory. Inspection methods may include weigh stations, highway checkpoints, or random enforcement 39 screening and other inspection activities which provide an opportunity for nuclear security detection objectives 40 to be met through shared instrumentation, information, and cooperative planning. 41

Technical expertise 42 Technical experts able to provide scientific and engineering expertise on the design of the detection systems 43 and measures, operational concepts and procedures, analysis of data from detection systems and on interdicted 44 material may be found in academia and national research institutions. These resources could be integrated as 45 part of the nuclear security detection architecture and if this is done the methods of engaging them need to be 46 formalized. 47

Technical experts can also assist in the assessment of instrument alarms or information alerts and analysis of 48 trends in the performance of the systems. They can provide this support both remotely and at the detection site, 49 depending on the national nuclear security detection systems and measures. A State may have specialized tools 50 for data analysis and collection and may consider allocating resources to further develop these tools to enhance 51 their utility as part of the nuclear security detection architecture. 52

Customs and border control 53 Effective border controls are critical in preventing and/or detecting the unauthorized transport of nuclear and 54 other radioactive material. In general, nuclear security detection systems and measures are compatible with 55

- 8 -

existing systems for controlling entry/exit of people and goods at authorized land, water and air POEs, as well 1 as between POEs. Organizations involved in border control enforcement should be integrated (where 2 appropriate) into the development of the detection systems and measures to ensure effective and compatible 3 screening, detection, and interdiction. Local knowledge of authorities conducting counter-smuggling and drug 4 enforcement operations focused on non-designated POEs (land, air and water) will be important for the 5 detection of a criminal act or an unauthorized act involving nuclear and other radioactive material out of 6 regulatory control and should be factored into the planning of the nuclear security detection architecture. 7

Law enforcement 8 Law enforcement organizations at the national, sub-national and local levels support the nuclear security 9 detection architecture. Even if they do not use detection instruments themselves (and they may in some cases), 10 law enforcement agencies have institutional knowledge and experience in security systems for the protection of 11 targets that will be essential for implementing an effective nuclear security detection architecture. 12 Comprehensive mechanisms such as communication and coordination, joint training and exercises and 13 development of integrated operational protocols and procedures are a means of keeping law enforcement 14 authorities aware of the existence of nuclear and other radioactive material in use, storage, or transport within 15 their jurisdictions. 16

Information gathering, processing, and sharing 17 As the nuclear security detection architecture is developed and implemented, the sharing of information and 18 analysis regarding alarms and alerts and knowledge of potential threats will increase overall performance. A 19 State may have existing mechanisms for the collection, analysis, and sharing of operational information among 20 law enforcement, border control, and other competent authorities that can serve as a model and may be applied 21 in the development of the nuclear security detection architecture. Information sharing may be formalised 22 through appropriate protocols and agreements so that essential information is shared amongst competent 23 authorities such as law enforcement, customs and other competent authorities. 24

Private and public sectors 25 As the private and public sectors both have vital roles in developing and implementing an effective nuclear 26 security detection architecture, it is important that there is appropriate partnership between the State and 27 industry. This intersection is illustrated by the private sector involvement in: 28

Participants in the worldwide supply chain for internationally traded goods; 29 Shippers and common carriers of vessels, aircraft, railroad cars, and shipping containers that would be 30

screened during normal everyday commerce; 31 Retailers, shippers, and consumers of goods containing naturally occurring radioactive material 32

(NORM) that cause innocent alarms; 33 Operators of private port facilities, airports, railroad stations and private security arrangements at 34

major public events; 35 Suppliers and users of detection instruments and industrial devices that incorporate radioactive 36

material; 37 Suppliers of radiochemistry products for medical and research applications 38 Suppliers and shippers of dual-use commodities. 39

The responsible competent authorities may develop outreach efforts to inform the private and public sectors of 40 detection objectives and policies, as well as potential impacts and unintended consequences. Detection 41 instruments and procedures for detection may be designed to avoid undue cost and inconvenience to business 42 and to facilitate, rather than impede, the flow of legitimate commerce. 43

2.4. INTERNATIONAL AND REGIONAL COOPERATION 44

While responsibility for the design of an effective nuclear security detection architecture rests with the State, 45 international and regional cooperation offers a number of potential benefits: 46

Opportunity to obtain information, advice, or technical assistance to help improve detection 47 capabilities; 48

Development of regional technical support centers that can combine high-level technical and scientific 49 expertise to assess alarm and alerts; 50

Advancement of research and development into new technical solutions, thereby accelerating progress 51 and reducing the resource burden on any one State; 52

Voluntary nuclear security event reporting to neighbouring States; 53 Voluntary reporting to the IAEA’s Illicit Trafficking Database (ITDB) [10], and sharing of 54

information on alarms, trends, and detector performance; 55

- 9 -

Conduct of vulnerability and threat assessments. While specific vulnerability information may be 1 sensitive and unlikely to be shared, except under carefully controlled circumstances, cooperation in the 2 methodologies for assessing vulnerabilities, risks and threats is possible and could be helpful for States 3 as they seek to strengthen their capabilities and practices in this area; and 4

In situations where States are required to cooperate for the free movement of people and goods among 5 neighboring countries, States could cooperate and adopt a regional approach to nuclear security 6 detection systems and measures. 7

- 10 -

3. DESIGN AND DEVELOPMENT OF THE NATIONAL NUCLEAR 1

SECURITY DETECTION ARCHITECTURE 2

The design and development of an effective nuclear detection architecture relies upon: 3

Assignment and coordination of responsibilities for the implementation of the nuclear security 4 detection architecture. 5

Determination of: 6 o the nature and quantity of nuclear and other radioactive material present within a State 7 o the nature of the criminal and unauthorized acts with nuclear security implications involving 8

nuclear and other radioactive material out of regulatory control that have been defined in 9 relevant legislation 10

o the pathway or route along which nuclear and other radioactive material might be transported 11 9; 12

o criminal or terrorist individuals and groups and their capabilities and intentions to engage in a 13 criminal or unauthorized acts with nuclear security implications involving nuclear and other 14 radioactive material out of regulatory control; 15

o the tactics and capabilities that could be employed while acquiring, transporting, and 16 delivering threats;

10 17

o the targets and strategic locations that might be attacked; 18 o the conditions under which the attacks might take place. 19

Specification of a baseline: a set of initial capabilities and criteria upon which the detection systems 20 and measures will be established. 21

Determination, through a comparison of threat assumptions and baseline capabilities, of the gaps and 22 vulnerabilities. 23

Consideration of a range of options, including detection systems and measures, technologies and non-24 technological solutions that could potentially reduce or eliminate the vulnerabilities. 25

Evaluation of the potential risk reduction benefits, costs, and other impacts of the identified options. 26 Prioritising the available options according to risk reduction, costs, and other impacts. 27 Identification of short-term risk-reduction options for inclusion in the short-term deployment of 28

detection systems and measures. 29 Identification of longer-term options that may include research and development on improved 30

technologies, methods, and procedures. 31 Evaluation of the effectiveness of the implemented measures and identify additional options and 32

recommendations as appropriate. 33

In designing a nuclear security detection architecture, it is important to avoid undue focus on current or past 34 threats. This can be achieved by a design that is forward-looking and protects against threats that may exist in 35 the future. This can be done through the performance of threat assessments to anticipate potential threats before 36 they arise and careful consideration of vulnerabilities and consequences, including pathways that might be 37 exploited and targeted in the future. Therefore, it is important to revisit the analysis and adapt to changes in 38 threat and risk. 39

Significant time may be needed to fully implement the technical and operational solutions. While the system is 40 being developed, immediate steps, such as those listed below, may reduce risks and vulnerabilities: 41

Ensure adequate technical support—that is, technical expertise not at the scene of detection—is 42 available to allow front-line officers to consult with experts who can advise on all aspects of detection 43 and assessment; and 44

Develop, exercise and evaluate concepts of operation. 45

9 At the most generic level, pathways include designated and non-designated land, air, and water, with subdivisions under

each of these broad categories. For example, land borders include rail, road, and pedestrian crossings; aviation pathways

include commercial and private aviation; maritime pathways include small vessels (e.g., less than 300 gross tons), larger

vessels, and so forth. 10 Tactics and capabilities may include the use of various forms of shielding and masking to obscure the signatures of

radioactive material, falsification of documents or other forms of deception to conceal illicit actions, the capability to use

threats, coercion, violence; technical, financial, logistical, and human resources; possible insider information or assistance;

and so forth.

- 11 -

3.1. ATTRIBUTES OF EFFECTIVE NUCLEAR SECURITY DETECTION 1

The policy and strategy attributes of an effective nuclear security detection architecture ideally will [6]: 2

Be risk-informed 3 The nuclear security detection architecture needs to be effective in limiting the risk of nuclear security 4 threats; make efficient use of resources and be compatible with existing measures to prevent the 5 unauthorized movement of hazardous cargo; be based on a balance between risk reduction, cost 6 effectiveness, and other pertinent factors. 7

Apply the defence in depth principle 8 Individual counter measures or defences can be circumvented or defeated, especially given sufficient 9 time. No single layer can be sufficiently effective or reliable to ensure an effective defence. Defence in 10 depth is a key design principle for increasing the effectiveness of complex systems. For further 11 guidance on defence in depth see sub-section 3.2. 12

Be graded and balanced 13 Vulnerabilities across lightly or undefended pathways may be easily exploited. An effective defence 14 needs to be balanced and avoid undue emphasis on a small number of easily defended pathways while 15 leaving other pathways essentially unprotected. Further, not all pathways are equally attractive or 16 feasible. A graded approach that recognizes the different risks associated with various pathways will 17 provide the best level of protection. 18

Be designed to adapt and evolve over time 19 Threats change, sometimes quickly, and new threats can emerge with little warning. Technologies also 20 evolve, enabling new or modified capabilities that can reduce risks, save money, improve timeliness, 21 or increase information availability and quality. Further, the conditions in which detection systems 22 operate may change as economic and commercial systems may evolve. The detection systems and 23 measures therefore should be able to be adapted. 24

Have an element of unpredictability 25 Elements of unpredictability within the detection architecture can provide a strategic advantage. 26 Random schedules for additional screening at varying locations carefully guarded by operational 27 security will improve the effectiveness of the system. Mobile and re-locatable detection instruments 28 contribute significantly to unpredictability and deterrence. 29

Not rely solely on radiation detection technologies 30 Radiation detection instruments are only one means of detection, and the effectiveness can be 31 enhanced by complementary methods. For example, operational information and other sources can 32 trigger detection. 33

Emphasize operational flexibility 34 Mobile detection instruments could enable bringing the detector near to the threat. Mobile detection 35 instruments provide such advantages as flexibility to adjust to evolving threats and the ability to 36 respond to information alerts or other threat-specific or situational information (such as special events 37 or heightened security alerts). However, fixed detectors can still play an important role, particularly at 38 POEs and entrances to strategic locations. 39

Be tailored to specific conditions and circumstances 40 The design principles outlined above have broad applicability to detection of nuclear and other 41 radioactive material out of regulatory control. However, there can be no ―one size fits all‖. Nuclear 42 security detection architecture design should take into account specific differences among: 43

o States, including their legal systems, threat environment and resources 44 o Competent authorities, including operating routines, technical bases, cultures, traditions and 45

resources. 46 o Operational environments differ greatly depending on whether they are at a seaport, airport, 47

land crossing, rail crossing, post office, harbor, shoreline, mountainous open border, desert, 48 or harsh climate

11. POEs, which tend to have somewhat regular, predictable traffic patterns, 49

may also exhibit enormous variability. 50

Exploit opportunities to integrate at the national, regional and international levels 51 Detection systems and measures including data format and protocols may be integrated within the 52 State and integration is to be encouraged at regional and international levels, to the extent consistent 53 with national security. At the same time, sensitive information about design, vulnerabilities, and 54 operations needs to be protected. When appropriate, the benefits of sharing knowledge, research, best 55

11

One important effort in this regard is establishing detection instruments settings appropriate to the unique

physical and operating environment.

- 12 -

practices, information, intelligence, and resources can lead to enhanced performance of national and 1 international detection systems. 2

3.2. STRUCTURAL AND ORGANIZATIONAL ELEMENTS 3

The nuclear security detection architecture and its systems and measures may be based on the principles of 4 defence in depth, for example, at and between POEs, into the State, within the State, and with other cooperating 5 States. In addition there are key foundations and crosscutting elements that tie the layers together and provide 6 important synergies among the layers. 7

3.2.1. Multi-layered approach 8

When designing the nuclear security detection architecture, it is important to note that design of the detection 9 systems within the State may vary depending on the design of detection systems in other States. Figure 2 is 10 intended as a comprehensive view for detection system structure and components for an overarching global 11 nuclear security detection architecture, which is recognised as a long-term vision. Nevertheless, a national 12 nuclear security detection architecture is on a smaller scale, focused at and within national borders. Figure 2 13 only illustrates an important larger context that should be considered in the implementation of a State’s national 14 nuclear security detection architecture. 15

16 Figure 2: Detection system structure and components12 17

Cooperation on the bilateral, regional, and international levels is important for improving the global nuclear 18 security detection efforts. Such cooperation, as suggested by this comprehensive concept, requires agreement of 19 all involved States. 20

Primary elements: exterior, trans-border, and interior 21 This overarching concept has three primary elements: 22

Exterior: The exterior element that encompasses the nuclear security detection architecture of other 23 States, but should nonetheless be considered when designing the national nuclear security detection 24 architecture. 25

Trans-border: The border element encompasses both the domestic border (both at and between the 26 POEs

13) within the State, as well as transit corridors between States. 27

Interior: The interior element contains the final set of domestic layers and represents the final 28 opportunity to detect and interdict nuclear and other radioactive material out of regulatory control. In 29 other words this is the national nuclear security detection architecture. 30

These three elements can be further broken down into a total of nine sub-elements; each is discussed briefly 31 below. In the following discussion, it is assumed (unless otherwise indicated) that the target State is the State to 32 whose nuclear security detection architecture these guidelines are being applied. 33

Exterior sub-elements: point of origin, transit, and point of exit 34 Detection can focus on three sub-elements of the exterior element: 35

12 While figure 2 depicts a linear path, it is important to recognize that threats may originate in any layer; exterior, border, or

interior. 13 Depending on the context, POE refers to a point of entry or point of exit or both.

- 13 -

Foreign origin: The foreign origin element of nuclear security detection architecture focuses on 1 locations in other States where nuclear and other radioactive material are stored, used, or produced. 2 The security and detection capabilities around these potential points of origin can be considered for the 3 design of the national nuclear security detection architecture. 4

Transit: The transport of nuclear and other radioactive material within and between States provides 5 opportunities for detection. The foreign transit element encompasses transport of material within or 6 between States from their point of origin to their last point of exit and/or entry prior to reaching the 7 border of the target State. Within this element, material could be transported across multiple borders, 8 by several different modes of transportation, and could encounter various elements of the nuclear 9 security detection architecture (or none at all, depending on the scenario) operated by one or more 10 States. The types of detection opportunities are many and varied and could include border crossings (at 11 POEs or otherwise), checkpoints, law enforcement encounters, and maritime and air transport security 12 procedures. This element comprises air, land, and maritime domains and can be further divided into 13 authorized and unauthorized POEs. 14

Foreign point of exit: Foreign points of exit from other States to the target State are natural screening 15 points, since they form a possible chokepoint through which traffic will normally pass to enter the 16 target State. The number of air, land, and sea ports that ship cargo or people to the target State may be 17 large. Nonetheless, even a large number of ports are much more manageable than the vast spaces 18 between ports. For land crossings between adjacent nations, the foreign point of exit is generally 19 physically adjacent to (and hence the same) as the domestic point of entry and will be described later 20 under the border element of the nuclear security detection architecture. 21

Trans-border sub-elements: transit-to-target and border 22 Transit-to-target: The transit-to-target element encompasses the actual passage of material from a State 23

between the points of exit and entry—and thus falls under both the exterior and border primary 24 elements. The portion of the detection architecture designed to detect and interdict in-transit represents 25 the last opportunity to detect material before the material reaches the target State. As with the other 26 parts of the architecture, this part can be divided into air, land, and maritime modes of transport. 27

Border: The border element comprises detection instruments at (or near) all geographical boundaries 28 of the target State, including the land borders with adjacent States, the coastal and inland waterway 29 borders, and airspace. Border areas are typically segmented by mode of transport (land, maritime, air) 30 and whether the entry is through an authorized point of entry and/or exit, or the areas between points 31 of entries. 32

Interior sub-elements: domestic origin, domestic sub-element, target vicinity, and target 33 A State developing a national detection strategy may consider several sub-elements: 34

Domestic origin: Because the material may originate from within the State itself, a major focus of the 35 detection architecture element focuses on locations within the State where nuclear and other 36 radioactive material are stored, used, or processed or are out of regulatory control. Similar to those of 37 the foreign origin element, countermeasures in this interior element are designed to protect nuclear and 38 other radioactive material from being stolen or lost from these locations and to detect if protection has 39 failed. It is of the utmost importance for all States to make every effort to secure this element. 40

Domestic sub-element: The domestic sub-element of the detection architecture includes capabilities 41 that detect or identify nuclear and other radioactive material between entry into the State (or the 42 domestic point of origin) and the ultimate target. The purpose of this element is to detect the device or 43 material before it reaches its target or exits the country on the way to a foreign target. 44

Target vicinity: The target vicinity element encompasses those detectors located near targets but with 45 sufficient standoff to protect the targets. It also encompasses search capabilities within the target 46 vicinity. For example, target vicinity can refer to the perimeter of a base or campus, or to the 47 boundaries of a metropolitan area (boundaries that may themselves require definition), or to a security 48 perimeter set up for a special event. States can identify a number of high value targets, such as targets 49 related to national strategic locations or heavily populated areas. This list would be based on national 50 threat assessments in a national detection strategy. An IND or RDD could also be constructed near the 51 target itself, as opposed to moving a more complete device to the target just prior to dispersal. 52 Therefore, States should consider methods of addressing this threat when developing a national 53 detection strategy. These methods may include performing inspection prior to major public events, 54 tightly coupled with information gathering, or increased perimeter inspections. 55

Target: This element should be flexible, incorporating mobile detection instruments that can be 56 deployed around high-value targets and capable of handling special events and information alerts on 57 the possible use of material. It should be noted that POEs can in themselves be targets and should be 58 included in the national threat assessments. 59

- 14 -

3.2.2. Crosscutting elements 1

Cutting across all the layers are elements that integrate and support the layers. Key crosscutting elements 2 include: 3

Operations and analysis centre 4 This is the focal point for information for the detection systems. A national operations centre (and/or set of 5 inter-regional operation centres), if established, can be responsible for maintaining situational awareness of 6 nuclear security capabilities and for facilitating the coordination of responses to the detection of nuclear and 7 other radioactive material. An operations centre may also play a key role in informing and coordinating 8 resources to mitigate consequences after an event. States need to consider designating an operations centre or 9 centres with responsibility for coordination and information dissemination between local, national, and 10 international entities. To be most effective, an operations centre should have access to relevant information on 11 both threats and capabilities to counter or interdict threats. The responsible authority need to have the ability to 12 coordinate and communicate decisions to direct those capabilities. The State may have one or more such 13 centres, depending on the organization of responsibilities for nuclear and other radioactive material within the 14 State. States with multiple centres need to establish a mechanism for coordination among the centres. 15

Technical support14 for detection 16 This is the (often remote) capability to assist those at the detection site in the assessment of radiation alarms or 17 information alerts or the discovery of suspicious or unauthorized material that could be used to manufacture a 18 IND, RED or RDD. Technical support relies heavily on radiation analysts and subject matter experts who can 19 identify specific isotopes and potential threats based on data collected from the detection site, either remotely or 20 in person. International technical support capabilities may be available on request (e.g., through organizations 21 such as the IAEA and other incident reporting channels). 22

Performance testing, evaluation and verification 23 This involves planned and systematic efforts to evaluate the performance of the overall system, adjust to new 24 radiological and cargo environments, provide quality control for sensors and systems, perform trend analysis, 25 and maintain longer-term environmental knowledge. 26

Human resource development, training, exercises, and operational readiness 27 Personnel skill and performance are maintained by providing regular exercises and training at all levels 28 (national, regional, and international). Specialized training for the operation of nuclear and other radioactive 29 material detection technology management procedures and protocols is vital. Overall system training should 30 also include testing for readiness of all relevant national authorities (public health response, rescue, 31 environmental protection, and law enforcement authorities) [11]. 32

Data exchange protocol 33 To be effective, deployed assets—such as detectors, technical support, and analysis centres—need the ability to 34 exchange accurate and timely data. An effective data exchange infrastructure should have a combination of 35 effective connectivity (robust, redundant, and of sufficient bandwidth) and appropriate data standards or 36 protocols to allow the recipient to understand the transmitted information. Effective data exchange also enables 37 necessary situational awareness. Implementation difficulties typically arise because of the need to cross 38 jurisdictional boundaries and the lack of interoperability of legacy systems. 39

3.3. ROLE OF INFORMATION IN EFFECTIVE NUCLEAR SECURITY DETECTION 40

Information is vital for the implementation of an effective nuclear security detection architecture. This 41 information comes from many sources, takes many forms, and plays a number of critical roles. Relevant 42 information can come from radiation detectors, other sensors (e.g., cameras), detector operators, technical 43 experts and analysts, emergency responders, law enforcement, intelligence analysts, and international partners. 44 Information may be captured as alarms, alerts, data, pictures, status, text, alerts, and trends or via more formal 45 and specific mechanisms particular to each national organization. The information generated by the nuclear 46 security detection architecture may be used to detect, identify, or interdict material and to identify suspicious 47 activities; or evaluate the effectiveness of the architecture itself. The information could also be sensitive and 48 should be protected at the national level. 49

Independent operation of individual, localized detection systems and measures limits the overall effectiveness 50 of the detection architecture. In contrast, the effective flow and use of relevant information allows for optimal 51 functioning of nuclear security detection systems. For the nuclear security detection architecture, information 52 can be categorized into three main types: 53 14 The term ―technical support‖ refers to mechanisms for engaging subject matter experts, including researchers, scientists,

and analysts to assist with technical expertise in investigating and resolving alarms and alerts.

- 15 -

Threat and alarm/alert information 1 This includes information about nuclear security threats, detections, relevant criminal or unauthorized activities, 2 smuggling as well as technical assessments, or data collections related to possible nuclear security events. Such 3 information also includes information related to detection alarms or alerts. Ideally, this information can be 4 transmitted to relevant competent authorities as soon as possible, if not instantaneously, especially when an 5 actual threat is indicated. Protocols may be established in advance to ensure that appropriate officials of 6 competent authorities are notified rapidly of nuclear security events. 7

The amount and type of data that may need to be transferred will vary. A technical support analyst may want to 8 see detailed detector data and corroborative data about the transfer and circumstances of the detection. A 9 customs inspector may want information related to shipment manifests to aid in targeting or inspecting cargo 10 containers. Information provided to law enforcement officers may be critical in identifying and interdicting 11 threats; not all interdictions of threats will necessarily be directly triggered by detecting alarms. Given the 12 variety of information needs, national centres, such as the operations and analysis centre, designed to integrate 13 data from all sources will improve the effectiveness of the nuclear security detection architecture. 14

Configuration information 15 This includes information about the set up and organization of the detection systems. As this information is 16 sensitive it needs to be protected at the national level and not shared. This information includes specific data 17 related to: 18

o Location of detection instruments 19 o Types of detection instruments, including hardware and software configurations 20 o Technical capability of those instruments and their false alarm rates 21 o Agencies and operators responsible for detection instruments 22 o Authorities responsible for conducting inspections 23 o Degree of training and expertise of operators 24 o Operational information, such as the time periods when operations occur and the number of operators 25

per detector 26 o Supporting technical systems 27 o Failure rates and maintenance schedules 28

Status information 29 This includes information about the current (or historical) state of the detection instruments, operators, 30 processes, and systems. This information can be considered sensitive and therefore needs to be protected at the 31 national level. 32

Information related to the location and status of deployed equipment and operators enables more rapid and 33 effective response to nuclear security events. Over time, aggregate data collected by nuclear security detection 34 systems supports important longer-term trend analyses. These analyses can improve overall awareness related 35 to the authorized transport of nuclear and other radioactive material, as well as potential threats. In addition, 36 analysis of such information can provide national decision makers with the information required to allocate 37 additional resources for maintenance and improvements to the detection systems. 38

3.3.1. Delivering information to users 39

Providing correct data to the correct users at the correct time is vital to ensure that information effectively 40 supports the detection of a nuclear security event. Detection systems can produce large amounts of data that 41 should be collected and managed to ensure its effective use. 42

A principal challenge for information management systems for a nuclear security detection architecture is the 43 interoperability of detection instruments among varying locations and across multiple user communities. This 44 challenge increases as additional detectors, sensors, or data collectors are included within a given information 45 system. The development of common data formats and testing protocols may help ensure effective 46 communications, even across multiple operators or jurisdictions. The design of the information system should 47 be considered when designing the nuclear security detection architecture to ensure all information requirement 48 are addressed including in relation to content, presentation, information sharing etc. 49

The various users of data of detection systems have varying requirements for content, presentation, and 50 timeliness. These requirements are highly dependent on the responsibility of the user within the national 51 nuclear security detection architecture. Generally, States may have three levels of users. Creating a tiered 52 structure for information flow—including clear guidelines about what information is passed from tier to tier and 53 in what circumstances—is a critical step in developing effective nuclear security detection architecture. A brief 54 summary of each level of data users follows: 55

- 16 -

National decision makers, the highest level of data users, needs to receive timely information about the 1 detection of nuclear security events. These decision makers also need an understanding of current 2 capabilities and gaps to inform decisions about future investments. Without this information, 3 investments may result in inefficient allocation of resources. 4

Second level of information users comprises national- and sub-national operations managers, 5 including leaders of operational agencies and technical experts who support nuclear security detection 6 systems. These data users are often geographically separated from detection instruments for which 7 they have responsibility. To effectively manage their real-time operations, these national and sub-8 national managers require rapid and secure transfer of data from detection instruments. 9

Local operators of detection instruments, the third level of information users, are most often the first 10 and direct recipient of data from detection instruments. Successful interdiction requires these operators 11 to make rapid decisions based on sometimes ambiguous detector data. Information transfer must 12 therefore be rapid and easy to interpret to allow operations to work at an effective pace and respond 13 properly.

15 Where relevant, operators should be provided information that originates at higher-level 14

sub-national or national authorities, such as operational information and adjustments to operational or 15 response protocols. Means to consistently supply such information should be established during the 16 initial phases of implementing detection architecture. 17

3.3.2. Information management 18

It is important to ensure that information cannot be retrieved by those seeking to circumvent or exploit 19 operation of detection systems. As mentioned above, the detection strategy will include the policy on sensitive 20 information related to detection architecture and define responsibilities of various competent authorities for 21 information management. Each competent authority could establish an information management policy 22 including the rules for protecting the confidentiality and integrity of sensitive information and for the 23 dissemination of such information to other competent authorities within and outside the State on a need-to-24 know basis. In particular, the following information should be classified as sensitive and appropriately 25 protected: 26

Perceived national threats and vulnerabilities and the results of the national threat 27 assessment; 28

Locations, configurations of detection systems as well as the performance, 29 maintenance and calibration records of the detection instruments; 30

Preparedness and response plans and procedures; and 31 Communication, authentication and encryption codes for transfer of sensitive 32

information. 33

Training of the relevant personnel in procedures for information management is an essential element for the 34 implementation of the policy. 35

3.4. TRUSTWORTHINESS OF PERSONNEL 36

States need to establish a system for assessing the trustworthiness of personnel who work within the national 37 nuclear security detection architecture. Each competent authority could establish policy and procedures 38 consistent with national laws requiring all personnel having responsibilities under the nuclear security detection 39 architecture to be subject to: 40

An appropriate trustworthiness check; 41 A condition of employment that a positive trustworthiness check is obtained and maintained; and 42 The requirement that such trustworthiness checks be revalidated on a regular basis, in accordance with 43

national policy or regulations. 44

3.5. ROLE OF NUCLEAR SECURITY CULTURE 45

Three major components should be combined to ensure an effective nuclear security culture exists within a 46 State. The first is the nuclear security policy of the State that is put into practice in relation to a particular 47 aspect of nuclear security, in this case the national nuclear security detection strategy. The second is the 48 organization’s role in implementing aspects of nuclear security. The third is the management and individuals in 49 an organization that put the nuclear security detection systems and measures into effect. 50

15 Accordingly, operational testing and evaluation should be conducted on data formats as they are displayed to operators to

avoid inaccurate data interpretation.

- 17 -

All personnel should be encouraged to be accountable for their attitude and behavior and motivated to ensure 1 nuclear security. Effective nuclear security culture [11] is characterized by 2

Clear policy and legislation that emphasizes the importance of nuclear security 3 Institutions with clear mandates, roles and responsibilities in relation to nuclear security 4 Leaders and managers who model behavior that emphasizes nuclear security 5 Recruitment and training of personnel that requires individuals to have the attitude and behavior that 6

support nuclear security 7 Training programmes and frequent exercises that reinforce attitudes and behaviors that support nuclear 8

security 9

- 18 -

4. DETECTION BY INSTRUMENTS 1

The detection of nuclear and other radioactive material can be undertaken by technical and other means. This 2 section focuses on radiation detection measures, both passive and active, and other detection systems. 3

4.1. DETECTION INSTRUMENTS 4

Fundamentally, passive and active detection technologies differ. Passive detection instruments directly measure 5 natural emissions of radiation. For example, personal radiation detectors, which are passive detectors, 6 continuously monitor for the presence of radiation and signal to an operator elevated levels of gamma or 7 neutron emissions. Conversely, radiography, which is an example of a simple active system, is used to detect 8 dense material, which might be the shielding for the radioactive material. Radiography complement but does 9 not replace passive systems. 10

Compared to active detection instruments, passive detection instruments are generally less expensive, require 11 less electrical power, and present no additional health risks to personnel. Passive detection instruments may 12 allow faster through-put than active detection instruments. However, passive detection instruments are 13 inherently limited because they require that a material emit a radiation signal detectable above ambient 14 background radiation. Therefore, passive detection instruments may not detect the nuclear or other radioactive 15 material, if it is shielded. Because of their comparatively low costs and significant, albeit limited, capability, 16 passive detection instruments are common tools for detection of nuclear or other radioactive material. 17

4.1.1. Passive detection instruments 18

Generally speaking, passive detection instruments provide the primary means to detect, and, in some cases, 19 identify, a wide range of potential nuclear threats [12, 13]. Many of the currently available radiation detection 20 instruments—often called ―gross counting‖ systems—rely on algorithms that compare the instantaneous 21 ambient level of radiation against a known background. While often effective in detecting sources of radiation, 22 these detection instruments are susceptible to innocent alarm rates due to the presence of legitimate radiation 23 sources. Spectroscopic detection instruments—which identify radionuclides through automated analysis of 24 measured radiation energy spectra—may be integrated with ―gross counting‖ detection instruments. 25 Spectroscopy relies on the fact that every radionuclide emits radiation at specific energy levels, creating a 26 unique emission energy signature or fingerprint for each isotope. These detection instruments can recognize and 27 dismiss NORM items. 28

Passive detection instruments are available in several types to meet a wide array of operational needs. The 29 smallest passive detection instruments are personal radiation devices or handheld detectors [14], and the largest 30 are generally radiation portal monitors [13]. 31

Personal radiation detectors, or pagers, have traditionally been intended for personnel protection, but are now 32 being considered for other applications. These detectors are generally small (approximately the size of a mobile 33 or cellular telephone) and may be worn by operators on their belts or on their persons for an extended period of 34 time. Personal radiation detectors continuously monitor the local radiation environment, counting gamma rays 35 and/or neutrons that interface with the detector. By integrating these measurements over specific time intervals, 36 these detectors measure total radiation background and generally provide an alarm when radiation levels exceed 37 a pre-established threshold. Personal radiation detectors can serve as a valuable tool for providing the presence 38 of potential radioactive sources (especially for sources with particularly high activity levels, as may be present 39 in radiological dispersal devices). Some commercially available personal radiation detectors also provide 40 radiation dose measurements and limited ability to identify the isotopic constituents of detected radiation. 41

Compared to smaller radiation detection instruments, portal monitors can rapidly scan much larger items, such 42 as shipping containers and vehicles, for much smaller amounts of radioactive material. It is simply the 43 comparatively larger volume of detector material that provides the improved sensitivity of the radiation portal 44 monitor. A variety of mobile and re-locatable platforms can offer similar detection capability as the fixed 45 radiation portal monitor. These mobile or re-locatable platforms are designed to address the needs in specific 46 applications, such as: 47

Land and water borders between designated points of entry or exit; 48 Temporary locations in response to major public events and information alerts; 49 Transit cargo at seaports and airports. 50

Mobile detection instruments could be installed in the form of conventional vehicles (vans), cargo handling 51 equipment (straddle carrier) and aerial detection instruments (manned and unmanned). Re-locatable platforms 52 may incorporate portable electronics and wireless communications. 53

- 19 -

Newly developed handheld and other human-portable (e.g., wearable) passive detection instruments provide 1 increased capability compared to earlier versions of the technology; many provide some degree of 2 spectroscopic radiation identification capability. By employing advanced detectors and electronics with 3 increased energy resolution and associated software-based analysis tools, portable spectroscopic systems 4 measure the energy spectrum of emitted radiation and provide additional information to an operator related to 5 the presence of radionuclides [15, 16]. 6

However, handheld detectors, like personal radiation detectors, suffer from the relatively small size of their 7 sensors. Because sensitivity is directly related to the volume of detector, these devices have limited detection 8 ranges and may require increased amounts of time to scan larger areas or targets, such as shipping containers. 9

4.1.2. Active detection instruments 10

Active detection instruments provide numerous unique capabilities over passive detection instruments, but also 11 introduce numerous challenges. For instance, active detection instruments could provide the ability to detect 12 shielded material that might be undetectable through passive detection instruments. However, because active 13 detection instruments operate by penetrating the object with radiation such as x-rays, gamma rays, or neutrons, 14 they often generate a safety concern, as people could be exposed to radiation. Thus, a balance between safety 15 and security should be sought when deploying active detection instruments. 16

Two types of active detection instruments currently in either operation or development are radiography and 17 interrogation technologies. For the first type, X-ray or gamma radiography is used to discriminate between low 18 and high density material, which enables the detection of shielding. These detection instruments usually 19 produce images that are analysed for anomalies by operators. The second type of active detection instruments, 20 consisting of interrogation technologies, directly detects nuclear material, both shielded and unshielded, in 21 cargo containers by generating a measurable radiation signature. 22

4.2. DATA NETWORK FOR DETECTION INSTRUMENTS 23

Integrating detection systems into information networks is also key factor. States may substantially enhance 24 their understanding of the challenges, costs, and requirements of day-to-day operations and significantly 25 improve operational effectiveness by integrating detection systems into local, sub-national, and national data 26 sharing networks. Networked detection systems and information sharing offer the benefit of helping to reduce 27 operational burdens associated with innocent alarms. By sharing information between locations, operators can 28 reduce duplicative inspections of individual targets and rapidly clear innocent alarms associated with many 29 passive detection systems. 30

4.3. DETECTION TECHNOLOGY INVESTMENTS AND OPERATIONAL REQUIREMENTS 31

Investment in detection technologies should be directly informed by the national detection strategy for creating 32 the nuclear security detection architecture and in particular by operational requirements and constraints. This 33 will reduce the likelihood of unnecessary costs, poorly performing technologies, ineffective use of scarce 34 resources leading to a false sense of security and other undesirable effects such as a negative impact on the flow 35 of people and goods among States. 36

No single technology will meet all operational requirements. A highly effective system is one that is multi-37 layered and can cover a wide range of potential threat pathways. Knowledge sharing among the international 38 community will assist in meeting these challenges when designing the nuclear security detection architecture. 39

4.4. EVALUATING DETECTION TECHNOLOGIES 40

Evaluation of detection technologies should be undertaken having regard to a set of common performance 41 outcomes for the detection system. Evaluations should include objective laboratory testing of both technology 42 that is currently available to verify performance and technology under development to consider operational 43 enhancements that newer technologies may provide. Evaluation should also consider whether new technologies 44 are compatible with existing operations. If appropriate, regional and international collaboration and sharing of 45 evaluation results can provide a significant benefit to States by avoiding duplication of costly test and data 46 collection activities. 47

The following performance characteristics should be considered by a State when assessing detection 48 technologies: 49

Detection capability required by the nuclear security detection systems and measures that is based on 50 the information derived from the threat assessment 51

- 20 -

Detection instruments performance in the context of the concept of operations as specific radiation 1 detection instruments may perform differently in different operational environments. Evaluations of 2 specific detection instruments should be made in an operational context to the extent possible. 3

Detection instrument performance for identification of the type of detected radiation. This can be 4 achieved by a multi-layered approach where an initial technology is used to detect radiation, and 5 additional technical capabilities are applied in secondary inspections to identify the source of the 6 radiation [16]. 7

Detection instrument range which is specific to evaluating detection systems sensitivity and efficiency. 8 While smaller detectors generally exhibit shorter detection ranges, detector range is not only a function 9 of detector size. Instead, range is inversely related to desired probabilities of detection and 10 identification. Depending on the application (e.g., wide area searches as compared to the scanning of 11 passenger luggage), there could be trade-off for detection range for increased probabilities of detecting 12 specific threat material. 13

Detection instrument mobility or ability to be re-located. The potential for mobility encompasses a 14 number of factors, including size, weight, durability, power requirements and data connectivity. 15

Other factors influencing the choice of detection instrument technology includes initial cost, life-cycle 16 cost, temperature or shock resistance, other operating requirements (energy consumption, weight, 17 cooling requirements), and physical dimensions. 18

4.5. RESEARCH AND DEVELOPMENT IN DETECTION TECHNOLOGY 19

On-going research and development of new capabilities should be considered vital to support detection 20 technologies. Individual States may adopt different approaches to development depending on their research and 21 development framework. International collaboration is an important means of sharing improvements in 22 technology that will benefit all States. Such collaboration will be dependent on whether or not certain 23 information may be shared or whether it is classified as sensitive by a State. 24

Research in detection technology may focus on the technical attributes such as probability of detection, 25 identification capability, detection range, and mobility. These improvements may be sought at a systems level, 26 through the development of improved instruments, and for integrating detector hardware and software. 27

- 21 -

5. DETECTION BY INFORMATION ALERT 1

Detection of criminal act(s) or unauthorized act(s) with nuclear security implications can also be achieved via 2 information alert. An information alert, possibly indicating a nuclear security event, would require follow-up 3 assessment and may come from a variety of sources, including operational information, medical surveillance, 4 border monitoring, etc. This Section will outline the need for establishing systems and measures for collecting 5 and analysing information alerts. 6

5.1. OPERATIONAL INFORMATION 7

Within the framework of the nuclear security detection architecture, the competent authorities concerned with 8 detection systems should gather operational information in order to gain a better understanding of the threat 9 within States. Gathering and analysing information on the following should be considered: 10

Activities of sub-national groups; 11 Information obtained through other national or international sources, including the IAEA Illicit 12

Trafficking Database (ITDB); 13 Non-compliance with regulatory requirements, particularly relating to transport of nuclear and other 14

radioactive material; 15 Abnormal activities in international trade; 16 Utilize counter terrorism capabilities to investigate trading of nuclear and other radioactive material 17

(who is buying the radioactive sources and for what purpose). 18 Discrepancies in the inventory of nuclear and other radioactive material; and 19 Other information suggesting unauthorized activities involving nuclear and other radioactive material. 20

Effective information gathering should involve the full cooperation of all the relevant organizations and 21 authorities – the regulatory body, law enforcement, intelligence, customs, border guards, port authorities, etc. 22

States need to implement a policy for encouraging persons to report to the competent authorities any suspicious 23 or unusual activity potentially involving nuclear and other radioactive material. 24

5.2. MEDICAL SURVEILLANCE REPORTS 25

Most of the radiation injuries to members of the public caused by radioactive material have been accidental in 26 nature. Nevertheless, the appearance of radiation injuries

16 may reveal a criminal or an unauthorized act with 27

nuclear security implications or the preparation for such acts [17]. 28

While preserving the confidentiality between physician and patient, health professionals should report the 29 occurrence of any suspicious (unexplained) radiation injury to the relevant competent authorities. All such 30 reports should be followed up to determine the cause of the injuries. 31

5.3. REPORTING REGULATORY NON-COMPLIANCE 32

In accordance to the IAEA nuclear security recommendations [4], authorized persons should promptly report 33 non-compliances related to nuclear and other radioactive material to the relevant competent authority with 34 regulatory responsibilities. Such reporting arrangements should provide an early alert of the possible loss of 35 regulatory control over nuclear and other radioactive material and should therefore be regarded as part of the 36 arrangements for the detection of nuclear or other radioactive material out of regulatory control by information 37 alert. 38

The competent authority with regulatory responsibilities need to develop procedures and protocols to assist 39 authorized persons to report their regulatory non-compliances having nuclear security implications to other 40 relevant competent authorities. 41

Competent authorities including law enforcement bodies, as appropriate, could make effective use of any 42 reporting arrangements. An effective reporting process, under which all law enforcement bodies and regulatory 43 authorities are informed immediately of non-regulatory compliances of radioactive material, allows these 44 agencies to move into a heightened alert status and analysis the trends and patterns of possible threats. 45

16 Recognition of radiation injuries could therefore be part of the syllabus for the training of health professionals. In

addition, information on such injuries could be provided to those health professionals that are already practicing their

profession. Such information could be provided through short training courses or through the provision of information

leaflets.

- 22 -

5.4. REPORTING LOSS OF REGULATORY CONTROL 1

As soon as the authorized person detects the loss of nuclear or other radioactive material, the authorized person 2 will promptly report the loss of regulatory control to the relevant competent authority with regulatory 3 responsibilities. Such reporting arrangements will be considered as an alert on the loss of control over 4 radioactive material and should therefore be regarded as part of detection by information alert. 5

The competent authority that receives a report need to promptly inform other relevant competent authorities. 6 Other competent authorities including law enforcement bodies, as appropriate, need to make effective use of 7 such prompt reporting arrangements. An effective reporting process, under which all law enforcement bodies 8 and regulatory authorities are informed of the loss of control of radioactive material, is an important element of 9 detection by information alert. 10

- 23 -

6. INITIAL ASSESSMENT OF ALARMS/ALERTS 1

An instrument alarm or an information alert will lead to an initial assessment. Proper procedures and protocols 2 needs to be in place for the prompt initial assessment of both an instrument alarm and an information alert by 3 designated staff from relevant organizations. A generic alarm assessment and response process is shown in 4 Figure 3 below. 5

6.1. INITIAL ASSESSMENT OF ALARMS 6

Generally, an instrument alarm will correspond to one of three conditions17

: 7

False alarm/alert: This occurs when the assessment reveals no presence of nuclear and other 8 radioactive material. 9

Innocent alarm: An innocent alarm relates to an assessment that reveals the presence of 10 radioactive material that is not out of regulatory control. Examples include items containing 11 NORM, people recently subjected to medical procedures involving radioactive material, and 12 industrial devices incorporating radioactive material. Such industrial devices will have associated 13 formal transport documents and package labelling. 14

Confirmed non-innocent alarm: Nuclear or other radioactive material is out of regulatory control. 15 In this case, the full measure of response capabilities may be employed in accordance with the 16 national response plan [7]. 17

For this process, technical support for assessing alarms and assisting in the initial assessment activities is vital. 18 Technical support in the form of mobile expert support teams could include persons equipped and trained to use 19 basic radiation monitoring detection instruments for categorization of radioactive material and perform 20 radiation protection tasks. The Technical Support Organisations (see 3.2.2 above) could provide the necessary 21 expertise and coordinate the required support for the initial assessment of alarms. 22

6.2. INITIAL ASSESSMENT OF ALERTS 23

In case of an information alert, the initial assessment could include: 24 Assess the quality and credibility of the information; 25 Consider verifying the national inventory of nuclear and other radioactive material; 26 Identify possible location(s) of the nuclear and other radioactive material and arrange for a search 27

campaign; 28 Search for the nuclear and other radioactive material; 29 Initiate proper response measures

18. 30

Decisions on whether to institute a specific search for the nuclear or other radioactive material and the priority 31 to be given to the search could be determined by such factors as: 32

Potential hazard associated with the material; in particular, whether it is nuclear material or other 33 radioactive material such as categories 1-3 of the categorization of sources [19]: 34

Length of time between the loss or theft of nuclear or other radioactive material and the report. 35 Reporting should be prompt, although there may, for example, have been some delay between the loss 36 or theft taking place and recognition that the material was missing; 37

Amount of information available that might be used to direct the search; 38 Resources – personnel, instrumentation and financial – involved in undertaking the search. 39

17 The automated state-of-the-art technology categorizes the findings as follows:

Naturally Occurring Radioactive Material (NORM) such as radon daughters, potassium;

Medical isotopes;

Industrial isotopes; and

Nuclear Material: Uranium ( 233U, DU, LEU, HEU or refined Uranium (processed material)), Plutonium, etc.

The detection instruments cannot usually determine the uranium isotope ratios but they are able to distinguish uranium ore

from man-made processed material [18]. 18 Response measures would likely result in either heightened border control activities (e.g. if information alert indicates

proximity to the border) or targeted law enforcement operation (e.g. if in a State’s interior) in response to information alert.

- 24 -

1

Figure 3: Generic functional flow for initial assessment of alarms/alerts 2

- 25 -

7. IMPLEMENTATION FRAMEWORK 1

This section describes the initial steps towards implementing effective nuclear security detection architecture to 2 support the implementation of the systems and measures and sustain and improve the effectiveness of those 3 systems and measures over time as well as providing immediate improvements to national capabilities. 4

7.1. ROLES AND RESPONSIBILITIES 5

The implementation of nuclear security detection architecture should include establishing roles and 6 responsibilities for the management, operation, and maintenance of the nuclear security detection architecture. 7 It may also call for the development of new and additional capabilities. Many levels and agencies of 8 government, as well as private entities, may be involved. 9

The development and implementation of nuclear security detection architecture within the national nuclear 10 security regime should involve the following actions: 11

Develop the national nuclear security detection strategy; 12 Design the national nuclear security detection architecture; 13 Design national policy and programmes to implement the nuclear security detection architecture; 14 Ensure the coordinating body or mechanism and relevant competent authorities have, or can obtain, 15

legal authority to conduct their responsibilities; 16 Identify the physical, human and financial resources required and provide these to the competent 17

authorities to effectively undertake their responsibilities; 18 Assign responsibility for implementing detection systems; 19 Develop detection systems including instrument deployment plans; 20 Establish a process for evaluating and assessing the management of the nuclear security detection 21

architecture, including the relevant elements at the national, regional and local levels; 22 Establish a process for refining the implementation of the nuclear security detection architecture 23

based on changes in threat and the results of performance measurement of its implementation over 24 time; 25

Consider the addition of an Operations Centre and/or a Technical Support Centre as part of the 26 framework to play a key coordination and cooperation function. 27

7.2. INSTRUMENT DEPLOYMENT PLAN 28

Based on the detection strategy and within the framework of the national nuclear security detection 29 architecture, the competent authorities could prepare instruments deployment plan(s) based upon the assessed 30 threat of criminal or unauthorized acts involving nuclear or other radioactive material out of regulatory control. 31 Consideration should be given to the following: 32

Monitoring for radiation at points of entry and/or exit at land borders, ports and airports; 33 Monitoring for radiation inside the country and searching for nuclear and other radioactive material 34

out of regulatory control; 35 Monitoring for radiation at venues and any other strategic locations that is considered to be vulnerable 36

to an attack from the use of an IND, RDD or RED. 37

The criteria for the use of detection instruments could be based on the following considerations: 38 National threat assessment; 39 Concept of operations; 40 Type and quantity of nuclear or other radioactive material to be detected; 41 Capability of customs, border control and other law enforcement personnel to operate radiation 42

detection instruments and to respond to alarms at the borders and in the domestic interiors; 43 Number of border crossing locations, maritime ports or airports to be screened; 44 Volume of traffic and goods entering or leaving the country; 45 Volume of domestic traffic between installations that store or use radioactive material; 46 Number of events involving criminal or unauthorized acts within the country and immediate 47

neighbouring countries; and 48 Financial implications of the various policy options. 49

Taking into account the above and the prioritization of available resources, the competent authorities could 50 develop an appropriate detection instrument deployment plan, considering the following: 51

- 26 -

Structural and organizational elements of the detection systems based the principles of defence-in-1 depth. These could include the transportation routes inside the State’s territory, at locations where 2 probability of detection is maximized or in proximity to locations where nuclear or other radioactive 3 material is produced, used, stored, consolidated or disposed. In addition, the locations for monitoring 4 at any particular crossing should be the control or nodal points (customs check points, weigh bridges, 5 etc.) where the flow of traffic is at its most dense. Consideration should also be given to whether to 6 monitor the transit points for the public or those for commercial vehicles or both. In all cases, 7 consideration should be given to the degree of disruption caused by the monitoring. 8

Operational and performance specifications of the detection instruments, in accordance with national 9 and international standards and technical guidelines; 10

Capabilities, constraints and limitations on detection instruments at both officially designated and 11 undesignated air, land and water border crossing points; 12

Mobile and re-locatable detection systems to provide flexibility and adjustments to evolving threats; 13 Detection requirements in support of law enforcement operations associated with information alerts; 14

and 15 Events of national significance, such as a major public event or at strategic locations and critical 16

infrastructure. 17

The detection instrument deployment plan could include: 18

Specifications, initial installation, calibration, and acceptance testing of equipment; the setting up of a 19 maintenance procedure, and the adequate training and qualification of users and technical support 20 staff. systems and procedures for conducting a radiation survey or a radiation search for nuclear and 21 other radioactive material out of regulatory control; 22

Defining threshold levels of an instrument alarm; 23 Establishing concept of operations and procedures for performing initial alarm assessment and other 24

secondary inspection actions such as localization, identification, categorization and characterization of 25 nuclear and other radioactive material, including obtaining technical support from experts to assist in 26 the assessment of an alarm that cannot be resolved on site; and 27

Provision and sustainment of supporting measures to ensure effective detection, including personnel 28 training, equipment calibration, testing and maintenance, and safe and secure disposition of discovered 29 material and documented response procedures. 30

7.3. CONCEPT OF OPERATIONS 31

The concept of operations for the nuclear security detection architecture should include procedures for routine 32 operations responding to instrument alarms, information alerts in relation to detection of nuclear and other 33 radioactive materials and for assessing the threat and determine what, if any, actions are necessary. 34

The concept of operations should detail both the functions and capabilities necessary to implement the nuclear 35 security detection architecture. It should include a complete set of procedures and protocols to address the full 36 range of possible cases related to the unauthorized movement of nuclear and other radioactive material [12]. 37

Whether initiated by an instrument alarm or information alert, the concept of operations is to be graded 38 commensurate with the severity of the situation as determined by a progression of assessment steps. In some 39 cases, technical support be required and may be provided from a location remote from the operator’s site. As 40 discussed in Section 6.1, this is typically referred to as support and is most often employed in assisting the local 41 operator in the initial assessment of the alarm or alert. In other cases, experts may travel to the location to 42 provide the necessary assistance in the form of a mobile expert support team. 43

The concept of operations should consider the appropriate radiation protection measures during the alarm/alert 44 initial assessment and other response processes. 45

7.3.1. Technical specifications of detection instruments 46

Technical specifications should address the national capability of resolving alarms. Therefore, as outlined in 47 7.2, specifications should be guided by concepts of operations and adherence to international [13] or national 48 standards. The technical specifications for the detection instruments should be determined by the type of 49 radiation that is expected to be emitted as well as functional requirements including sensitivity required, 50 susceptibility of the instruments to false alarms, its ability to withstand exposure to environmental factors, 51 installation and/or deployment considerations, ease of training of staff, maintenance and sustainability of the 52 instruments. 53

- 27 -

In addition, investigation levels and alarm setting levels should be established for the monitoring equipment 1 that is to be used. They should be established taking account of: 2

Background radiation levels; 3 Nature of the vehicles, objects or persons being screened; 4 Transit times through the monitoring zone; 5 Nature of any cargo; 6 Density of any material which would affect self-shielding; 7 Type of detector that has been installed. 8

7.3.2. Installation, acceptance testing, calibration and maintenance 9

Detection instruments should be calibrated prior to use for the first time and subject to an acceptance test to 10 confirm the specified performance specifications. In addition, periodic calibration, performance testing and 11 preventive maintenance should be carried out periodically by qualified experts, based on international or 12 national standards and advice of the manufacturer of the equipment. Daily checks to verify that the equipment 13 can detect appropriate increases in radiation intensity can confirm the availability and proper operation of the 14 detection instruments. Records of all calibrations, evaluations and daily checks should be kept. 15

A maintenance plan for the equipment should be established at the time of installation and be based on the 16 international standards and advice of the manufacturer of the equipment. 17

7.4. EDUCATION, AWARENESS, TRAINING AND EXERCISES 18

Comprehensive education, awareness and training programmes should be put in place for personnel with 19 responsibility for operations, detection, assessment, and maintenance. Training for, and raising awareness of, 20 the nuclear security detection architecture involves many types of personnel. The curriculum design should 21 account for the disparate backgrounds of the personnel and provide them the appropriate level of competence or 22 awareness in the context of their existing job duties [20]. 23

The existing nuclear security detection architecture and the individual’s role therein, will often determine 24 whether an education, awareness or training programme is the best way to develop and sustain a capability. A 25 needs assessment should be conducted to define the training, human, and financial resources necessary to 26 support the nuclear security detection architecture implementation. The needs assessment should include the 27 following steps: 28

Determine training goals based on the national threat assessment and the associated concept of 29 operations developed to counter those threats, as well as identify the related training objectives and 30 factors that could impact the nuclear security detection architecture; 31

Perform a job task analysis to determine the specific skill, qualification, and certification requirements 32 for all personnel with a role in the development, implementation and operation of the various elements 33 of the nuclear security detection architecture; 34

Evaluate existing training programmes to determine elements that could be leveraged for training in 35 detection instruments, techniques and procedures. 36

Determine what international assistance programmes may be available to raise awareness and aid the 37 implementation of education and training programmes 38

Establish a training schedule that accounts for staff rotation, staff attrition, and periodic performance 39 evaluations 40

Implement the training programme, applying adult learning principles and progressive training 41 methodologies that include subject matter expert instructors, as well as customized and realistic 42 training props and job aids 43

Establish a process for on-going evaluation of training activities, courses, and providers 44

Well-planned exercises and performance evaluations are useful in assessing local and national nuclear security 45 detection capabilities to identify and correct deficiencies in equipment, concept of operations, and training. An 46 exercise programme should be designed to continually improve these capabilities in a manner that complements 47 other performance measurement tools, such as drills and inspections. Exercise programmes should be 48 appropriate to the size of the national nuclear security detection effort, its level of maturity, and its integration 49 with other security, border control, and counter-smuggling activities. The results of exercises should be 50 carefully recorded and assessed by programme officials. A wide variety of training exercises can be used, 51 including table-top exercises, simulations, functional exercises, and announced or unannounced field exercises. 52

Depending on scope and objective, exercises could involve the participation of multiple local and national 53 agencies, ministries, law enforcement and public safety officials, private partners, and other key stakeholders, 54

- 28 -

as well as regional and international participants. Exercise rules, roles and responsibilities should be established 1 in advance, along with the methodology for evaluating results. 2

In addition to conducting evaluation exercises, formal inspections or assessments should be undertaken to 3 ensure compliance with existing processes and activities defined by the nuclear security detection architecture. 4

7.5. SUSTAINABILITY 5

Sustainability is a key element for the nuclear security detection architecture. Significant planning and 6 commitment of resources, both financial and human, are needed to ensure the long-term operational 7 effectiveness of national capabilities for detection of nuclear and other radioactive material out of regulatory 8 control. Achieving effective operations over time will require a focus on maintaining the appropriate level of 9 detection capabilities, commensurate with the national threat assessment. Also needed is attention to day-to-day 10 operations, maintenance, quality control and continuous system improvements, as well as to the flexibility to 11 adapt to the evolving threat. 12

Sustainability of human resources should take into account personnel rotations and attrition within different 13 authorities, as well as the training requirements for both existing and new personnel. Plans should also ensure 14 that there will be a sufficient numbers of qualified personnel to operate and maintain equipment and assess 15 instrument alarms and information alerts. 16

To sustain performance of technical equipment, resource estimations and planning should cover the associated 17 platform and full life-cycle requirements, including recapitalization and required product improvements. 18 Comprehensive maintenance plan should be established that include preventive and corrective maintenance and 19 an inventory of spare parts. 20

Considering the resource constraints, sustainability of instrument performance is important. It affects the 21

system’s overall reliability, availability, downtime, cost of operation, etc. Competent authorities may consider: 22

Establishing a proper plan for monitoring the usage, configuration control and 23 inventory control; 24

Establishing appropriate performance monitoring, calibration, periodic testing; 25 Identifying critical components

19 (hardware, firmware and data collection and 26

evaluation software) for each detection instrument and the life times; 27 Investigating possible suppliers for the critical components and find out their 28

availability; 29 Preparing a long term plan (up to 15 years) and identify measures to ensure supply 30

and possible modifications, adaptations and upgrades. 31

19 Within the context of this document, critical components are hardware and software components of an instrument with

limited availability in time or obsolescence and need to be considered for sustaining the nuclear security detection system.

- 29 -

APPENDIX: NUCLEAR SECURITY DETECTION “CHECKLIST” 1

Item Task Section Status

National Detection Strategy

1 Articulate national detection strategic goals and objectives. 2.1

2 Conduct a national threat assessment to inform detection strategy. 2.1

3 Determine scope and priority of nuclear security detection

architecture. 2.1

4

Endorse the detection strategy by the coordinating body or

mechanism with responsibility for the overall coordination of the

national nuclear security architecture.

2.1, 7.1

5 Define overall roles and responsibilities. 2.1, 2.2,

7.1

6

Establish risk-informed approach to evaluate, prioritize

investments and resource allocations, and inform strategic

decision making.

2.1

7 Communicate various elements of the national detection strategy

to all relevant stakeholders in an appropriate manner. 2.1

Assessment and Evaluation of National Capabilities

8

Perform an initial capabilities and resource assessment (i.e.,

"baseline" assessment), including financial capabilities,

technological capabilities and resources, operational information

capabilities, trained personnel, technical experts and general

resources.

2.3, 3.0

9

Perform a needs assessment (i.e., identify gaps and

vulnerabilities), through a comparison of threat assumptions and

targets with initial capabilities and resource assessment.

3.0

10

Postulate a range of options, including detection systems and

measures as well as solutions, to address identified gaps and

vulnerabilities.

3.0

11 Evaluate and prioritize the risk reduction benefits, costs, and other

impacts of the identified options. 3.0

12

Determine necessary detection technologies, legal/ regulatory

framework, and authorities to execute country-specific nuclear

security detection architecture functions.

2.2, 7.1,

7.2

13

Subsequent to implementation, evaluate the effectiveness of the

solution measures and identify additional options and

recommendations as appropriate.

3.0, 3.1,

3.2

Planning and Organisation

14

Ensure the coordinating mechanism and relevant competent

authorities have or obtain the legal authority to carry out their

roles and responsibilities.

7.1

15

Establish a legal and regulatory framework built upon pre-existing

laws (to the extent feasible) covering all elements of the nuclear

security detection architecture.

2.2

16 Establish operational priorities, policies and requirements

2.1, 4.3,

7.1

17 At the agency or organizational level, further define roles and

responsibilities and describe the conduct of day-to-day operations 2.1,7.1

18

Identify the physical, human, and financial resources required and

provide to the relevant competent authorities to implement the

relevant parts of the nuclear security detection architecture.

7.1

- 30 -

Item Task Section Status

19 Pursue and become parties to international and regional treaties or

agreements of cooperation, as appropriate. 2.4

20

Identify need for regional and/or international cooperation/support

(e.g. detection instruments, technical support) where appropriate. 2.4

21 Identify and document what acts are authorized and not

authorized. 2.1,2.2

22 Provide adequate criminal and/or civil penalties for illicit

trafficking or misuse of such materials. 2.2

23

Identify relevant stakeholders, other agencies and authorities

needed to inform and liaise with the relevant authorities

responsible for the various elements of the nuclear security

detection architecture and define the mechanisms of coordination

between these elements of the overall strategy

7.1

24 Ensure sufficient numbers of qualified personnel to operate and

maintain the detection instruments. 7.5

25 Establish sustainable funding for implementation of the nuclear

security detection architecture.

3.0, 3.1,

7.1, 7.2,

7.5

26

Establish a process for evaluating and assessing the management

of nuclear security detection architecture activities at national,

sub-national and local levels.

7.1,

27

Verify assumptions made in planning and organization of the

nuclear security detection architecture, including what the

detection architecture should do as well as what it cannot do.

2.1, 3.0

28 Ensure sustainability of human resources taking into account

personnel rotations and attrition as well as training requirements. 7.5

29

Consider the addition of an operations and analysis centre or

centres as part of the information coordination mechanism of the

nuclear security detection architecture.

3.2.2, 5.1,

7.1

Design of Detection Architecture

30 State and prioritize the high level implementation concepts for the

nuclear security detection architecture. 2.1

31

Utilize existing national activities, capabilities, and systems in the

nuclear security detection architecture (e.g., existing licensing,

inspection, customs and border control, law enforcement, analysis

and operational information capabilities).

2.2, 2.3

32

Utilize identified and necessary public and private sector

capabilities and resources in the nuclear security detection

architecture.

2.3

33

Develop an operational concept that translates the strategic goals

and objectives (from the national-level nuclear security detection

strategy) into authorized, pre-established procedures across all

relevant pathways for responding to instrument alarms and

information alerts.

3.1, 7.1,

7.3

34 Set technical investment policies and priorities 4.3

35

Taking in to account the exterior layer, establish and utilize a

layered approach to security that utilizes detection systems and

measures at strategic locations at the border and domestic interior.

3.2.1

36 Establish mechanisms for collection of operational information,

analysis, and sharing capabilities.

3.0, 3.1,

5.1, 6.2

37

Establish cooperative monitoring practices, for reporting and

information sharing with neighbouring states and the IAEA on

voluntary basis.

2.4

- 31 -

Item Task Section Status

38

Establish a process for refining the implementation of the nuclear

security detection architecture based on evolutions in the threat

including scalability; and the results of measured performance

during periodic inspections and exercises.

7.1

Information Management

39 Categorize nuclear security sensitive information (threat

information, detections, technical assessments, etc.). 3.3

40

Establish an information management policy including the rules

for protecting the confidentiality and integrity of sensitive

information and for dissemination of such information.

3.3

41 Develop information sharing standards and common data formats

and protocols for timely exchange of information.

3.2.2,

3.3.1

42 Create a tiered structure of information flow. 3.3.1

43 Create information delivery system to national, sub-national and

local decision-makers, relevant managers and operators. 3.3.1

44 Ensure data integrity, information and network security. 3.3.2

45 Integrate information from detection instruments and information

alerts. 3.3, 5.1

46

Develop or identify necessary technical support capability for

detection under country-specific nuclear security detection

architecture and/or establish access to international expert

technical and support capabilities, as appropriate.

3.0, 3.1,

3.2.2, 6.1,

6.2

Detection by Instruments

47 Set technology requirements and standards consistent with

national-level deployment plan. 4.2, 4.3

48 Ensure detection technology investments are consistent with the

national-level detection strategy. 4.3, 7.2

49

Based on established criteria, develop a detection instrument

deployment plan at designated points of entry and/or exit, strategic

locations at borders inside the country, and at major public

venues, ports etc.

7.2

50

As part of detection instrument deployment plan, ensure suite of

complementary fixed, mobile and re-locatable passive and active

detection systems appropriate to specific applications (e.g. points

of entry and/or exit, temporary locations in support of major

public events, etc.).

4.1, 7.2

51

Based on a graded approach, evaluate performance requirements

in the acquisition/deployment of detection systems for detection,

localization, and identification.

3.2, 4.4,

6.1

52

Evaluate detectors that provide different capabilities depending on

operational requirements, including portable, vehicle based, and

stationary (e.g. radiation portal monitors).

4.4

53 Evaluate deployment of detection instruments of varying

sensitivity and performance. 4.4

54

Conduct laboratory testing and evaluation of equipment for

technical feasibility as appropriate (e.g., probability of detection,

identification accuracy and precision) or have access to

international recommendations.

3.2.2, 4,4

- 32 -

Item Task Section Status

55 Field test equipment for operational suitability (e.g. range, re-

location/mobility, environmental factors). 4.4

56 Establish appropriate alarm threshold levels and ensure periodic

calibration, performance testing and maintenance.

7.3.1,

7.3.2

57

Understand the technical attributes and limitations of detection

instruments - such as probability of detection, identification

capability, performance, and mobility.

4.5

58

As appropriate, develop research agendas that respond to enduring

technical challenges and that promise improvements in deployed

technical capabilities.

4.5

59 Pursue international and other partnerships for R&D as

appropriate. 4.5

60 Develop sustainability plan for detection instruments. 7.5

Concept of Operations

61

Establish procedures for prompt reporting of regulatory non-

compliance of nuclear and other radioactive material, loss of

regulatory control and (as appropriate) suspicious radiation

injuries.

5.2, 5.3,

5.4

62

Describe the processes for employing instruments, operators, and

competent authorities for meeting the objectives of the nuclear

security detection strategy.

7.3

63 Establish procedures for the assessment of alarms, notification,

and technical support. 6.1, 6.2

64

Establish requirements, procedures and protocols for reporting

instrument alarms and information alerts to relevant competent

authorities.

5.1, 5.2,

5.3, 5.4,

6.1, 6.2,

7.3

65

Ensure consistency with the response procedures, protocols and

scenarios for effective nuclear security detection and response

systems and measures.

7.3

66 As part of on-going threat assessment, collect and analyse relevant

operational information. 5.1

Awareness, Training and Exercises

67 Determine training goals based on the national threat assessment

and the associated concept of operations. 7.4

68

Perform a job/task analysis to determine the specific skill,

qualification, and certification requirements for all personnel with

a role in the nuclear security detection architecture.

7.4

69 Account for training requirements for both existing and new

personnel. 7.5

70

Evaluate existing training programmes to determine elements that

could be leveraged for training in detection instruments,

techniques and procedures.

3.2.2, 7.4

71 Determine what international assistance programmes may be

available. 7.4

72 Establish a training schedule that accounts for staff rotation, staff

attrition, and periodic performance evaluations. 7.4

73

Implement the training programme, applying appropriate learning

principles and methodologies for all disciplines and expertise

levels.

7.4

- 33 -

Item Task Section Status

74 Establish a process for on-going evaluation of training activities,

courses, and providers. 7.4

75 Identify appropriate stakeholders for exercises based on scope and

objective. 7.4

76 Establish exercise roles, rules, responsibilities and evaluation

methodology 7.4

77 Conduct formal internal and external inspections or assessment to

ensure compliance with existing processes and activities. 7.4

Nuclear Security Culture and Trustworthiness

78 Promote culture of security awareness across all competent

authorities and relevant stakeholders. 3.5

79 Establish policies and procedures requiring all personnel having

responsibilities to be subject to an appropriate trustworthiness. 3.4

80 Regularly assess the trustworthiness of the responsible personnel. 3.4

- 34 -

REFERENCES 1

[1] International Atomic Energy Agency, Nuclear Security Fundamentals; IAEA Nuclear Security Series 2 No. xx, IAEA, Vienna 201x. 3 [2] International Atomic Energy Agency, Nuclear Security Recommendations on Physical Protection of 4 Nuclear and Nuclear Facilities (INFCIRC/225/Revision 5), IAEA Nuclear Security Series No. 13, IAEA, 5 Vienna (2011) 6 [3] International Atomic Energy Agency, Nuclear Security Recommendations on Radioactive Material 7 and Associated Facilities, IAEA Nuclear Security Series No. 14, IAEA, Vienna (2011) 8 [4] European Police Office, International Atomic Energy Agency, International Civil Aviation 9 Organization, International Criminal Police Organization-INTERPOL, United Nations Interregional Crime and 10 Justice Research Institute, United Nations Office on Drugs and Crimes and World Customs Organization, 11 Nuclear Security Recommendations on Nuclear and Other Radioactive Material out of Regulatory Control, 12 IAEA Nuclear Security Series No. 15, IAEA, Vienna (2011). 13 [5] International Atomic Energy Agency, The International Legal Framework for Nuclear Security, 14 International Law Series No. 4, IAEA, Vienna (2004). 15 [6] Model Guidelines Document for Nuclear Detection Architectures, Global Initiative to Combat Nuclear 16 Terrorism, (December 2009). 17 [7] International Atomic Energy Agency, Crime Scene Management, IAEA, Nuclear Security Series No. 18 (To be published) 19 [8] International Atomic Energy Agency, Security in the Transport of Radioactive Material, IAEA 20 Nuclear Security Series No. 9, IAEA, Vienna (2008) 21 [9] International Atomic Energy Agency, Security of Radioactive Sources, IAEA Nuclear Security Series 22 No. 11, IAEA, Vienna (2009) 23 [10] International Atomic Energy Agency, ITDB Fact Sheet, IAEA, http://www-24 ns.iaea.org/downloads/security/itdb-fact-sheet-2009.pdf 25 [11] International Atomic Energy Agency, Nuclear Security Culture, IAEA Nuclear Security Series No. 7, 26 IAEA, Vienna (2008) 27 [12] International Atomic Energy Agency, Combating Illicit Trafficking in Nuclear and Other Radioactive 28 Material, IAEA Nuclear Security Series No. 6, IAEA, Vienna, (2007). 29 [13] International Atomic Energy Agency, Technical and Functional Specification for Border Radiation 30 Monitoring Equipment, IAEA Nuclear Security Series No.1, (2006). 31 [14] Radiation protection instrumentation – Alarming Personal Radiation Devices (PRD) for detection of 32 Illicit Trafficking of Radioactive Material, IEC 62401, Geneva, (2001). 33 [15] Radiation protection instrumentation - Spectroscopy-based alarming personal radiation devices 34 (SPRD) for detection of illicit trafficking of radioactive material, IEC 62618, Geneva, (2011). 35 [16] Radiation Protection Instrumentation - Hand-held Instruments for the Detection and Identification of 36 Radionuclides and Additionally for the Indication of Ambient Dose-Equivalent Rate from Photon Radiation,‖ 37 IEC 62327, Geneva, (2006). 38 [17] International Atomic Energy Agency, World Health Organization; Generic Procedures for Medical 39 Response during a Nuclear or Radiological Emergency; EPR-Medical, IAEA, Vienna (2005) 40 [18] Radiation Protection Instrumentation - Spectroscopy-Based Portal Monitors used for the Detection and 41 Identification of Illicit Trafficking of Radioactive Material, IEC 62484, Geneva [2010]. 42 [19] International Atomic Energy Agency, Categorization of Radioactive Sources, IAEA Safety Standards 43 Series No. RS-G-1.9, IAEA, Vienna (2005). 44 [20] International Atomic Energy Agency, Educational Programme in Nuclear Security, IAEA Nuclear 45 Security Series No. 12, IAEA, Vienna, (2010). 46

- 35 -

ABBREVIATIONS 1

GICNT: Global Initiative to Combat Nuclear Terrorism 2

IND: Improvised nuclear device 3

ITDB: Illicit Trafficking Data Base 4

NORM: Naturally occurring radioactive material 5

POE: Point of entry and/or exit 6

RDD: Radiological dispersal device 7

RED: Radiation exposure device 8

- 36 -

GLOSSARY 1

Detection: Awareness of criminal act[s] or unauthorized act[s] with nuclear security implications or 2 measurement[s] indicating the unauthorized presence of nuclear material, or other radioactive material at an 3 associated facility or associated activity or a strategic location 4

Detection instrument: A complete functional system, being a combination of hardware and software (or 5 firmware) supported by procedures for installation, calibration, maintenance and operation, used for detecting 6 nuclear material or other radioactive material. 7

Detection measure: Measures intended to detect a criminal or an unauthorized act with nuclear security 8 implications. 9

Detection system: Integrated set of detection measures including capabilities and resources necessary for 10 detection of a criminal act or an unauthorized act with nuclear security implications. 11

Improvised nuclear device (IND): A device incorporating radioactive materials designed to result in the 12 formation of nuclear-yield reaction. Such devices may be fabricated in a completely improvised manner or may 13 be improvised modification to a nuclear weapon. 14

Information alert: Time sensitive reporting that could indicate a nuclear security event requiring assessment, 15 and may come from a variety of sources, including operational information, medical surveillance, accounting 16 and consigner/consignee discrepancies, border monitoring, etc. 17

Instrument alarm: Signal from a detection instrument or set of such instruments that could indicate a nuclear 18 security event requiring assessment. An instrument alarm may come from devices that are portable or deployed 19 at fixed locations and operated to augment normal commerce protocols and/or in a law enforcement operation. 20

Major public event: A high-profile event that a State has determined to be a potential target. 21

Nuclear security detection architecture: The integrated set of nuclear security systems and measures, based 22 on an appropriate legal and regulatory framework, needed to implement a national strategy for the detection of 23 nuclear and other radioactive material out of regulatory control. 24

Nuclear material: Nuclear material is defined to be any material that is either special fissionable material or 25 source material as defined in the IAEA Statute, Article XX. 26

Nuclear security event: An event that has potential or actual implications for nuclear security that must be 27 addressed. 28

Nuclear security measures: Measures intended to prevent a nuclear security threat from completing criminal 29 or intentional unauthorized acts involving or directed at nuclear material, other radioactive material, associated 30 facilities, or associated activities or to detect or respond to nuclear security events. 31

Nuclear security system: An integrated set of nuclear security measures. 32

Point of entry and/or exit (POE): An officially designated point of entry or exit’ is a place on the land border 33 between two States, seaport, international airport or other point where travellers, means of transport, and/or 34 goods are inspected. Often Customs and immigration facilities are provided at these points of entry and exit. 35 Undesignated point of entry and/or exit is any air, land and water crossing point that is not officially designated 36 for travellers and/or goods by the State, such as green borders, sea shores and local airports. 37

Radiation exposure device (RED): Device with radioactive material designed to intentionally expose 38 members of the public to radiation. 39

Radioactive material: Radioactive material is any material designated in national law, regulation, or by a 40 regulatory body as being subject to regulatory control because of its radioactivity. 41

Radiological dispersal device (RDD): A device to spread radioactive material using conventional explosives or 42 other means. 43

Radiation search: The set of activities to detect, and identify suspicious nuclear or other radioactive material 44 out of regulatory control and to determine its location. 45

Radiation survey: Activities to map the radiation background of natural and man-made radioactive material in 46 an area or to facilitate later search activities. 47

- 37 -

Regulatory control: Any form of institutional control applied to nuclear material or other radioactive material, 1 associated facilities, or associated activities by any competent authority as required by the legislative and 2 regulatory provisions related to safety, security, and safeguards. 3 Explanation: The phrase ―out of regulatory control‖ is used to describe a situation where nuclear or other 4 radioactive material is present without an appropriate authorization, either because controls have failed for 5 some reason, or they never existed. 6 Response: All of the activities by a State that involve the assessing and responding to a nuclear security event. 7

Response measure: Measure intended to assess an alarm/alert and to respond to a nuclear security event. 8

Response system: Integrated set of response measures including capabilities and resources for assessing the 9 alarms/alerts and response to a nuclear security event. 10

Sensitive information: Information, in whatever form, including software, the unauthorized disclosure, 11 modification, alteration, destruction, or denial of use of which could compromise nuclear security. 12

Strategic location: A location of high security interest in the State which is a potential target for terrorist 13 attacks using nuclear and other radioactive material or a location for detection of nuclear and other radioactive 14 material that is out of regulatory control. 15

Venue: Any identified location (such as a building, stadium, open area/park, religious place) where a major 16 public event is planned to or actually takes place. A venue is considered to be a strategic location. 17

Target: Nuclear material, other radioactive material, associated facilities, associated activities, or other 18 locations or objects of potential exploitation by a nuclear security threat, including major public events, 19 strategic locations, sensitive information, and sensitive information assets. 20