The Role of Organizational Culture in Nuclear Security

Abstract

In this chapter, the authors discuss the importance of a strong security culture within the nuclear enterprise. Indian author N.K. Joshi argues that culture is a combination of values, beliefs, attitudes, and behaviors shared among an organization’s members and supported by its leaders. A strong security culture is one that is able to develop and maintain a close partnership between nuclear scientists and engineers and security professionals. U.S. authors Cristina Fekkes Lussier and Karen Kaldenbach argue that organizational culture consists of attitudes, values, and behaviors critical to operational success. They offer a detailed discussion of the Y-12 security breach and the corrective actions taken in its aftermath to demonstrate the vital importance of culture within the nuclear enterprise.

3.1 An Indian Perspective

• Narendra Kumar Joshi 

In India, various facilities and organizations such as educational institutions, hospitals, industries, nuclear power reactors, nuclear fuel complexes and nuclear waste treatment facilities use radioactive materials and radiation sources. Each organization has its own culture and governing structure. Effective nuclear security culture is characterized by compliance with rules, regulations, procedures, and constant vigilance and a proactive questioning attitude on the part of personnel. The Indian nuclear security architecture is mainly based on five pillars: National legal provisions (Atomic Energy Acts and Rules-DAE) in consonance with IAEA guidelines; the regulator; the Atomic Energy Regulatory Board, which stipulates standard operating procedures; the security and intelligence agencies in charge of threat assessment and physical protection; and the personnel with the responsibility of oversight or observance, surveillance and technology for the detection, delay, and response approach. Radioactive material is much more likely to go out of regulatory control than nuclear material, particularly when it is used in educational institutions, and in industrial and medical applications. Depending on the organization, physical, and cyber security arrangements vary and security risk and vulnerabilities change. This chapter provides details of Indian physical security, cybersecurity, and emergency response system in an effort to apprise the security culture prevalent in the Indian civil nuclear facilities. The chapter then concludes with a few weaknesses in India's nuclear security programmes, which become particularly important as adversaries refine and evolve their capabilities and tactics, and new threat scenarios emerge. These threats require India to keep pace with evolving security systems and adapt to changing threat environments.

All stakeholders in the field of nuclear science and technology need a good understanding of relationships and interfaces among safety, security, and safeguards (3S). It will benefit all: designers and operators, shippers and carriers of nuclear material, national and international authorities, researchers and academicians, and the world population at large. Nuclear employees, the public and the environment are all subject to threats arising from hazards related to both safety and security. Nuclear safety can be defined as the means to protect people or the environment from accidents and human error. Similarly, nuclear security refers to the means to protect nuclear and high hazard radioactive material from unauthorized access, theft, diversion, sabotage, or other malicious acts. Therefore, safety threats entail accidents due to system failure, human error, or natural disaster whereas security threats may include terrorism due to sabotage, external attack, or malicious actions by insiders. In 2008, the International Atomic Energy Agency (IAEA) published the NSS Implementing Guide on Nuclear Security Culture.¹ The guide defines the concept and characteristics of nuclear security culture while describing the roles and responsibilities of institutions and individuals entrusted with a function in the security regime. The IAEA Technical Guidance Self-Assessment of Nuclear Security Culture in Facilities and Activities was finalized and released by the agency in November 2017.²

This chapter focuses on India’s approach to security culture in the nuclear security realm. Following an introduction of basic tenets of culture, the second section details the nuclear security management structure within nuclear facilities by identifying the roles, responsibilities, and accountability within Indian facilities. The section also assesses the security culture as prevalent in the organisation, the reporting of security incidents, and personnel reliability programmes that aid an effective security culture. The third section examines the Indian approach by studying the key legislations, physical and cyber security measures, and emergency response mechanisms.

3.1.1 Basics Aspects of Culture

Many scholars use the word “culture” to explain a variety of phenomena, but there is no unanimously accepted definition. From a sociological perspective, the four basic aspects of culture are beliefs, values, attitudes, and behaviour.³ National culture is a set of shared beliefs, assumptions, and modes of behaviour derived from common experiences and accepted narratives that shape collective identity and determine appropriate ends and means for achieving specific objectives.⁴ Beliefs consist of ideas that each of us accept as true. We have beliefs about all areas of our lives, from religion and morality to economics and society. We are not born with beliefs; rather, they are our deep-seated, personal responses to life experiences and the backgrounds in which we are raised. Values are global abstract principles that serve as guiding principles for our lives. Examples include freedom, community, honesty, equality, learning, and perseverance. Attitudes arise from an inner framework built upon our values and beliefs; they also have an element of emotion. Developed over time, attitudes form the basis of our likes, dislikes, and judgements. Our attitudes trigger an emotional, verbal, behavioural, and/or mental response to a task or person based on our internal belief system.

Behaviour is the ultimate, tangible demonstration of our values, beliefs, and attitudes. For example, if an employee of nuclear organization believes that nuclear security plays a fundamental role in protecting the safety of their organization, they might hold such values as: Security is the responsibility of every person in the organization including me. Strong security is essential to an organization’s overall success, not an impediment to it. They might have such attitudes as: the work performed by security professionals in the organization is important. Teamwork is critically important when resolving both safety and security matters. And they might exhibit such behaviours as: proactively seeking to learn more about the threats an organization faces and conscientiously adhering to all security procedures and requirements. These are all indicators of a positive nuclear security culture. Identifying those attitudes and beliefs, determining how they manifest themselves in the behaviour of security personnel, and transcribing them into formal working methods is the key to a culture that yields good outcomes.

3.1.2 Organizational Culture

Numerous constituent factors contribute to national culture and make it distinctly different from one country to another. National cultural values are learned early, held deeply, and change slowly over the course of generations. Organizational culture, on the other hand, is comprised of broad guidelines that are rooted in organizational practices learned on the job. An organization is a social system where its members are involved in it only during working hours and when quitting the job, they leave it behind. Organizational culture has more common international traits due to globalized trade and communication. IAEA methodologies for nuclear safety and nuclear security culture are based on Edgar Schein’s widely recognized principles of organizational culture.⁵ The word culture here may be defined as “a pattern of shared basic assumptions that the group learned as it solved its problems of external adaptation and internal integration that has worked well enough to be considered valid and, therefore, to be taught to new members as the correct way to perceive, think, and feel in relation to those problems.”⁶ Security, in a general sense, refers to the degree of protection against danger, damage, loss, and criminal activity. The IAEA defines nuclear security culture as: “The assembly of characteristics, attitudes and behaviours of individuals, organizations, and institutions which serves as a means to support and enhance nuclear security.”⁷ The role of organizational culture plays a significant role in contributing to higher standards of performance, productivity, safety, security, compliance, and personnel discipline.

Effectiveness is the rationale behind efforts to bolster organizational culture and subsequently, security culture. Organizational effectiveness demands the agility and determination to reorient security standards when new risks emerge in internal and external environments. The effectiveness can be quantified by two major parameters which give rise to four main organizational cultural clusters: clan, adhocracy, market, and hierarchy.⁸ The four clusters of organizational culture are helpful in determining a management mechanism to promote nuclear security culture in specific organizations. The first parameter measures an organization’s flexibility, discretion, and dynamism. Some organizations are viewed as effective if they change and adapt readily. A measure of disorder characterizes their operations. Others are considered effective if they are stable, orderly, and mechanistic. Most government agencies and business conglomerates fall into this category. The second parameter measures an organization’s orientation. Organizations at one end of the continuum are internally oriented, highly integrated, and unified. At the other end are organizations characterized by external orientation, differentiation, and rivalry.

Below are brief characterizations of each of the four cultural clusters with an emphasis on security-relevant traits:

• Clan Culture: The organization is held together by loyalty or tradition and commitment levels are high. The organization emphasizes long-term benefits of human resource development and attaches great importance to cohesion and morale. It may be seen as a friendly place to work where people share a lot about themselves. The organization also places a premium on teamwork, participation, and consensus—educational and training institutions fall in this category.

• Hierarchy Culture: Formal rules and policies hold the organization together. The long-term concerns are stability and performance, viewed as the product of efficient and smooth operations. Management practices emphasize predictability. The leaders pride themselves on being good, efficiency-minded coordinators and organizers. It is considered as a very formal structured place to work. Procedures govern what people do and how to do it. Security awareness has a better chance to make inroads in a hierarchical culture. Regulatory authorities represent a good example of this type of organizational culture.

• Adhocracy Culture: The glue that holds the organization together is commitment to experimentation and innovation. It is viewed as a dynamic, entrepreneurial, and creative place to work, a place where people consistently stick their necks out and take risks. The leaders are considered to be innovators and risk-takers. The organization encourages individual initiative and freedom. However, diversity and individualism of members may pose obstacles in the way of security culture promotion.

• Market Culture: The glue that holds the organization together is an emphasis on winning. Reputation and success are common concerns. The organizational style is hard-driving competitiveness. It is a result-oriented organization. The major objective is to get the job done. People are competitive and goal oriented. Often, the vision of success may outweigh security considerations.

Natural radioactive elements are a part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial, and agriculture applications. Various facilities and organization are using radioactive sources such as educational institutions, hospitals, industries, nuclear power reactors, nuclear fuel complexes, and nuclear waste treatment facilities. Each organization has its own culture and governing structure. For example, a regulatory authority predominately belongs to the hierarchy cluster, a nuclear physics university to clan, an advanced research institution to adhocracy and finally, a manufacturer and supplier of nuclear technology to market. Any optimal cluster combination would depend on the organization’s missions, profiles, workforce, and other additional factors. Most organizations with nuclear infrastructure can benefit from the proposed methodology by developing an optimal and balanced combination of all four clusters.

3.1.3 Nuclear Security Culture

Nuclear security culture is a subset of organizational culture and draws on its experience. It is designed to improve the performance of the human component and makes its interface with security technologies and regulations smoother and more effective. Security culture is applicable to the entire workforce and can be an effective tool to address both unintentional and intentional breaches. Security culture connotes not only the technical proficiency of the people, but also their awareness of security risks and motivation to follow established procedures, comply with regulations, and take the initiative when unforeseen circumstances arise. The organization must allocate sufficient financial, technical, and human resources to implement the assigned security responsibilities. It must ensure that all security personnel have the necessary qualifications and that the qualifications are maintained by an appropriate training and human-capacity development program. Personnel must have the necessary equipment, adequate work areas, up-to-date information, and other forms of support to carry out their security responsibilities.

Nuclear Security Culture has five distinct components that are both unobservable and observable: beliefs and attitudes, principles for guiding decisions and behaviour, management systems, leadership behaviour, and personnel behaviour. The most important assumption for the nuclear security culture of an organization is that there is a credible insider and outsider threat and that nuclear security is important. In other words, there must be an underlying assumption of vulnerability that permeates the whole workforce, not the organization’s security specialists alone.

3.1.4 Bridging the Gap Between Nuclear Safety and Security Culture

Safety and security responsibilities involve individuals from diverse backgrounds and experiences. Thus, bridging the gap between safety and security may be a challenging process. Scientists and engineers who are engaged in nuclear safety place a high value on creativity, skepticism, problem-solving, and analysis. Security personnel, by contrast, have military or police backgrounds and place high value on discipline, duty, courage, and commitment. One group, then, naturally seeks compliance with the rules, whereas the other group naturally seeks to change, question, and modify them. And one group places a high value on secrecy and discretion—need to know—whereas the other places a high value on openness and sharing of mistakes and lessons learned—need to share.

A need-to-share approach to security is better than the need-to-know approach. Such an approach achieves a much better balance between the risk of malicious or unintended disclosure and the risk of failing to share information that could help avert a threat or event. Need to share doesn’t necessarily mean that an organization divulges classified information on the measures it is taking to counter threats. It does, however, mean that the Security Department shares more information, more openly, with their cross-functional counterparts within the organization. This not only encourages a strong security culture and growing levels of trust and goodwill, but also increases overall security.

Although guns, guards, and gates remain an important feature of nuclear security implementation, the growing complexity of security threats has required a radical reappraisal of the traditional approach toward security. The threat of knowledgeable insiders and cyberattacks requires high levels of technical knowledge about nuclear facilities that are not generally present in security departments. Real symbiotic relationships have to be created between security and safety teams to address a real challenge that cannot be solved by the partners acting alone. Teamwork is the only way to make security more effective. In fact, safety and security professionals should conduct joint vulnerability assessments. Scientists and engineers should support and contribute to security objectives rather than feeling like they are simply the passive victims of security rules and regulations. Similarly, security professionals should be seen as full partners with their peers in the safety community, not subordinate to it (or vice versa). Due to the threat and regulatory environment, the competency framework for safety and security professionals needs to be modified to ensure that both have the necessary knowledge, skills, and attributes to work together as a unified team.

3.2 Nuclear Security Management Structure of the Organization

The organizational level has three dimensions—a facility, its management, and personnel—each with distinct roles and responsibilities to build and sustain a robust nuclear security culture. The belief that managing a complex nuclear security program simply involves the management of guns, guards, and gates is both simplistic and outdated. An operating facility has full responsibility for nuclear security in all activities under its jurisdiction. The organization must define roles, responsibilities, and accountability for each level, including security and other interfaces. Management systems must be put in place for each security function to define expectations, implement and maintain processes, measure progress, assess compliance, improve performance based on experience, and manage change.

3.2.1 Roles, Responsibilities, and Accountability at Each Level of the Organization

Organisations should have in place a nuclear security policy statement that declares a sound commitment to quality of performance in all nuclear security activities. As part of this process, they should have an effective security risk assessment process and accept threat as a baseline for site security and ensure that the organisation and its employees understand the security threat and risks. Organisations should set security competence standards and build them into the human recruitment processes. They should also ensure competence on company boards with regards to security and have ownership control of security resources. Organisations should identify areas of performance for improvement (or to sustain excellent performance) and develop key point indicators for the smooth functioning of business. They must benchmark performance periodically and work collaboratively with other organisations in supporting the development of good industry practice. All the above factors are to ensure that appropriate information and advice is available for all levels with the breadth of competence to interpret it and take actions accordingly.

Organisational management systems should ensure that correct information is fed into the governance processes. Organisations should have systems, processes, and competence to deliver threat information to all employees tailored to their security clearance and their role. They should also have an effective security risk register and a system for communicating the risks. These risks should feed into training and development. Organisations should have a system of self-assessment in place to maintain motivation, leadership, and security culture in general. As part of this process, they should also promote security responsibility from the executive level. It should integrate security expectations into normal business and translate objectives and good practice into local policy and procedures. Management should be provided resources to enable communication of expectations to the workforce and to check understanding of rules. Management should have proactive and reactive ability to ensure individual accountability and use internal and external resources to review success of initiatives and challenges. Management should take action against individuals when appropriate (rehabilitation as well as punishment) and communicate to show that transgressors have been dealt with. The company board should monitor and oversee the performance of managers and executives. They must also benchmark performance periodically and work collaboratively with other organisations in supporting the development of good industry practice.

All personnel should understand their part in ensuring that security threats are controlled and managed and all board members, senior executives, and managers should take leadership roles with regard to security. All personnel should understand security performance and expectations, participate in improvement activities, and report events and matters in accordance with security regulations. Individuals should be confident about how a ‘whistle blowing’ process operates and be able to access evidence that shows a fair reporting culture. All personnel should use security information responsibly to manage/mitigate and improve performance and understand the consequence of misuse. All personnel should understand security expectations and strive to achieve associated standards. They should also participate in improvement activities, encourage others, and report security events in accordance with regulations.

Role-model managers influence culture throughout their organization with their leadership style, management practices, and personal behaviour. By employing incentives and disincentives at their disposal, managers establish patterns of behaviour, alter the physical environment, and foster an effective nuclear security culture by ensuring that people understand that a credible threat exists and that nuclear security is important. Managers need to encourage personnel to report any event that could affect nuclear security. Though security is a concern for everyone in a nuclear facility, the personnel specifically responsible (e.g., protective forces and security guards) have to be well-trained, rewarded, and kept motivated. These individuals must be allowed career opportunities as well as redeployment possibilities in order to maintain the workforce and competence.

3.2.2 Security Culture Assessment

Security culture assessment plays a key role in developing and maintaining an awareness of the strengths and weaknesses of organizational culture and nuclear security culture as its subset. Security culture assessments have distinct features compared to a traditional audit or performance evaluation: it is a learning curve rather than a checklist of expectations. Threat assessment lies at the heart of performance-based security. It involves complex risk and vulnerability analysis, as well as analysis of possible consequences. Both nuclear safety and security need to be integrated to assist with coordination to effectively protect people and the environment. It can be helpful to use the ARCI Technique, which is based on the premise that in any decision-making process, one person is ultimately Accountable and one or more people may be Responsible, Consulted, and Informed. The ARCI process may help to identify functional areas, key activities, and decision points. Risk management hierarchy may be based on Eliminate, Reduce, Isolate, Control-Protect, and Discipline. Organizations invest considerable sums of money to purchase nuclear security equipment; their investments are wasted if lack of maintenance leads to breakdowns and total system failures. There are two key types of equipment failure. The first is functional failure, which is usually reported by an operating crew; the second is potential failure, which is usually discovered by a maintenance crew.

3.2.3 System of Self-Assessment

There must be a system of self-assessment that includes a wide range of assessment programs, root-cause analyses, culture indicators, lessons learned, and corrective tracking programs for nuclear security. Self-assessment needs conscious efforts to think in terms of how individuals and teams interact with one another, with the physical surroundings within the site, and with the external environment. Nuclear security at an organization has several important off-site stakeholders and understanding their priorities, perceptions, beliefs, and attitudes is central to effective on-site security and teamwork among all players. These stakeholders include organizations that provide intelligence, security skills training, medical assistance, mitigation, and other services. Organisations should identify areas of security learning and development performance for improvement in order to meet objectives/goals. They should also set targets for security learning and development improvement and provide an environment where personnel feel empowered to challenge security behaviours in others. Companies and organisations should explain the importance of security to staff in the context of its own organisational activities and identify training needs. Organizations should involve their staff in developing improvements, conduct surveys periodically, and consult internally on necessary changes.

3.2.4 Reporting of Security Incidents

A reporting policy is a commitment to the highest standards of ethical, moral, and legal business conduct. It protects those who report wrongdoing, as well as those who may be wrongly or falsely accused, from undue negative repercussions. If we see a problem and do not communicate that problem to the right people who can address it, then we have failed as an organization. The organization should have a security liaison officer, who has the primary role to foster communication between different departments by being fully knowledgeable about security policies, procedures, responsibilities, and requirements, as well as skilled in interpreting and promoting them to the people in their department.

3.2.5 Personnel Reliability Programmes

Personnel reliability programmes (PRPs) should be developed for careful screening and vetting of potential employees from the ‘pre-employment’ stage to the ‘post-employment’ stage. It is generally applied on a graded basis. These programs include the security clearances through comprehensive background checks and vetting process, continuous evaluations of employees, behavioural observations, management reviews, promotions or financial benefits, personal file evaluations, medical and psychological evaluations, and random drug and alcohol tests. It requires a focus on recognising behaviour that is concerning or deviant and raises serious concern.

3.2.6 Effective Security Culture:

In an effective security culture, all personnel are accountable for their behaviour and are motivated to ensure nuclear security. Effective nuclear security culture is characterized by compliance with rules, regulations, procedures, and constant vigilance and a proactive questioning attitude on the part of personnel. Drills and exercises should be used to reinforce the understanding of response procedures and any deficiencies should be identified and eliminated before an actual emergency occurs. Personnel need to recognize the importance of information protection for effective nuclear security. An effective nuclear security culture depends upon teamwork and cooperation of all personnel involved in security. Personnel must understand how their particular roles and interfaces contribute to maintaining security. An effective nuclear security culture is dependent on proper planning, training, awareness, operation, and maintenance, as well as on people who plan, operate, and maintain nuclear security systems. The human factor is a primary contributor to most nuclear security-related incidents as well as malfunctions related to activities involving nuclear and other radioactive material. A significant part of establishing an effective nuclear security management structure is having clearly defined roles and responsibilities. Members of all organizations need a clear understanding of ‘who is responsible for what’ in order to achieve the desired results. It is particularly important to review and update the responsibility system when organizational change is being planned or executed.

3.3 India’s Approach to Nuclear Security

A brief brochure released by the Indian Ministry of External Affairs (MEA) provides an insight into India's nuclear security architecture.⁹ The first report on this subject was published by Observer Research Foundation and presented a detailed analysis of the strengths and weaknesses of India's nuclear security policies.¹⁰ This included an overview of the legal and institutional architecture and also a critical review of the policies in practice by some of the established nuclear powers. Another important publication on this subject focuses on the country’s nuclear security institutions, instruments, practices, and culture and has also put forward a number of policy recommendations.¹¹

The Indian nuclear security architecture is based mainly on five pillars:

1. 1.

   National legal provisions (Atomic Energy Acts and Rules-DAE) in consonance with IAEA guidelines;

2. 2.

   Regulator AERB that stipulates the SOPs;

3. 3.

   The security (and intelligence) agencies in charge of threat assessment and physical protection;

4. 4.

   The human element (personnel) with the responsibility of oversight or observance; and

5. 5.

   Surveillance and detection technology for detection, delay, and response approach.

Nuclear security here takes care of physical protection, cyberattacks, and radioactive material transport. A workforce made up of individuals who are vigilant, question irregularities, execute their work diligently, and exhibit high standards of personal accountability is able to contribute to a more effective nuclear security architecture.

3.3.1 Key Legislations

The country’s legislative framework for nuclear matters flows from the Atomic Energy Act 1962 passed by the Indian Parliament. As per the Act, the Atomic Energy Commission (AEC) is the sole authority in the country that deals with nuclear energy matters. Various rules have been established under the 1962 Atomic Energy Act, such as:

1. 1.

   Atomic Energy (Working of Mines, Minerals and Handling of Prescribed Substance) Rules, 1984;

2. 2.

   Atomic Energy (Safe Disposal of Radioactive Wastes) Rules, 1987;

3. 3.

   Atomic Energy (Factories) Rules, 1996;

4. 4.

   Atomic Energy (Control of Irradiation of Food) Rules, 1996; and

5. 5.

   Atomic Energy (Radiation Protection Rules, 1971(which were further revised in 2004).

The Atomic Energy (Radiation Protection) Rules sanction activities for nuclear fuel cycle facilities as well as radiation use in the arena of industry, medicine, and research. The regulatory body for civil nuclear installations in India is the Atomic Energy Regulatory Board (AERB), which was established in 1983.¹² The primary authority of the institution comes from the Atomic Energy Act of 1962. It reviews the safety and security of the country’s operating nuclear power plants, nuclear power projects, fuel cycle facilities, and other nuclear/radiation facilities and radiation facilities. The AERB periodically issues and updates safety and security-related documents such as the “Nuclear Security Requirements for Nuclear Power Plants,” the “Security of Radioactive Sources in Radiation Facilities,” (AERB/RF-RS/RG1), and the “Security of Radioactive Material During Transport” (AERB/NRF-TS/SG-1, AERB/NRF-TS/SC-1 (Rev.1), 2016).¹³

The Mayapuri incident in 2010, where radiological material was accidentally sold as scrap metal, brought to the fore the violation of protocols by an educational institution and significant deficiencies in legislation, surveillance, and regulations for radiation protection in India.¹⁴ The AERB's new directive (UGC D.O. No. F 10-1/2010 (CPP-II). 7th Jan. 2011) requires educational institutions to get a no-objection certificate for all radioactive materials and related equipment, including X-ray machines. The guidelines also require that these institutions have a proper disposal mechanism for radioactive materials and have trained manpower such as radiation safety officers RSOs. The AERB has developed a comprehensive database of radiation sources utilized in the country and instituted a very successful e-LORA (e-licensing of Radiation Application) platform for complete automation and to facilitate end-to-end licensing of facilities using radiation sources. The components of e-LORA are chosen to achieve Business Solution with Security, Performance, Availability, Scalability, Manageability, and Maintainability.

3.3.2 Physical Security

The provision of physical security for nuclear and other radioactive material is built upon several basic concepts. These include taking a graded approach to security, providing defence in depth, and applying four basic security objectives: deter, detect, delay, and respond. This approach incorporates a variety of technologies and mechanisms, electronic and mechanical access control systems, intrusion detection systems, video surveillance systems, and alarm systems as well as physical barriers that help to delay adversaries until a response can arrive. Typically, the physical protection system (PPS) around Indian nuclear facilities is designed on the basis of their threat assessment, taking into account the Design Basis Threat (DBT) and beyond DBT to create a layered protective envelope consisting of inbuilt reactor security, perimeter security, personnel reliability, material protection and accounting, transportation security, air and water front defence, emergency preparedness, legal provisions, and, in extreme situations, military protection.¹⁵

In 2008, the AERB issued a safety guide on security levels of radioactive material during transport (AERB/NRF-TS/SG-10) that prescribes the requirements for ensuring safety in the movement of radioactive material through the public domain. In compliance with IAEA stipulations, the AERB revised its code on the Safe Transport of Radioactive Material—AERB/NRF-TS/SC-1 (Rev.1)—in 2016, which “prescribes the classification, design, and test requirements for radioactive material for packaging… transport and administrative requirements for transportation of radioactive material in the country.”

The CISF, a paramilitary force, oversees the security provided to civilian nuclear facilities across the country. CISF officials trained to safeguard nuclear installations are rotated among the nuclear installations and are not kept in one place for more than a certain number of years as a standard operating procedure for security forces. However, some nuclear institutes (such as IPR) and heavy water plants have their own security arrangements. The physical security of nuclear installations is provided by a mix of multiple organizations such as the CISF, local police, and sometimes even private security organizations. Material accounting is handled by the DAE, and the review of security practices is the responsibility of AERB. It would be better to have a strategy of a unified or centralized security arrangement in all nuclear-related installations for better coordination, security planning, and implementation.

3.3.3 Cybersecurity

Cyber threats can be perpetrated by lone individuals, loosely organised groups, active terrorist organisations or nation-states. Attacks can occur remotely, from anywhere in the world, and be very difficult to track to their source. Nuclear facilities have become increasingly dependent on digital technology to maintain reliable operations, increase efficiency, and reduce costs. Consequently, computer-based systems are generally designed to facilitate these operational objectives rather than to maximise security. An unintended consequence of the widespread introduction of digital systems is that they have potentially increased vulnerability to malicious cyberattacks, as well as the likelihood that critical digital assets and industrial controls systems can be compromised. Many reports have identified human error as the main cause of computer security breaches in nuclear facilities.¹⁶

The IAEA recently (2021) issued its first implementing guide, Nuclear Security Series (NSS) No. 42-G Computer Security for Nuclear Security, to support experts worldwide in implementing computer security measures to strengthen their national nuclear security regimes. This guide will support Member States in strengthening computer security in their national nuclear security regimes, ensuring the benefits of digital technology can be embraced without weakening the regime and the capacity to protect, detect, and respond to cyber threats. Other publications in the NSS that touch upon computer security for nuclear security are NSS No. 17-T (Rev. 1) Technical Guidance on Computer Security at Nuclear Facilities, published in September 2021, and NSS No. 33-T Technical Guidance on Computer Security of Instrumentation and Control Systems at Nuclear Facilities.

The Computer Information and Security Advisory Group (CISAG), formed in 2001 in the DAE, is in charge of periodic oversight of information systems. It has put in place plans and guidelines to counter cyber-attacks and mitigate any adverse effects.¹⁷ Specific guidelines are under preparation to deal with network-related risks to control and instrumentation systems used in various installations. In addition, regulations require computer-based critical safety systems to have a parallel system. For information security, India has developed a secure messaging and voice communication device placed within a mobile device to communicate in a secure manner. Specifically for nuclear facilities, the Secure Network Access System (SNAS), developed at BARC, is designed with several modules for real-time detection, identification, and authentication of the end-system in a network (SNAS-Network Admission Control).¹⁸

3.3.4 Emergency Response System

Emergency response preparedness is an essential aspect of nuclear safety and security. India’s national emergency response system architecture is a combination of the Indian Environmental Radiation Monitoring Network (IERMON), ERC network, meteorological data network, emergency communication rooms, Crises Management Group (CMG), National Technical Research Organisation (NTRO), and NDMA. In the Indian atomic energy sector, Integrated Command Control & Response (ICCR) exercises focus on testing command and control functions, response mechanisms, and communication. Additionally, given the proximity of population centres to nuclear facilities, field exercises, and public interactions are an important requirement of emergency management in India. The objective of emergency preparedness is to prevent and minimise the impact of any nuclear or radiological incident on both workers and the larger public. The response plan for a nuclear emergency entails notification, activation, request for assistance, and protective action. First responders to such emergencies are required to prevent spread of contamination and restrict entry to the accident area. The key is recognising the existence of an emergency situation, identifying and characterising the source and origin, monitoring the magnitude, and providing reliable communication to personnel from medical, civil, police, and transport agencies.

Responding to emergency situations requires continuous assessment of emergency levels, determining the area for countermeasures, decision-making on protective measures for public and the surrounding environment, as well as prediction of contamination levels. For example, the DAE’s Emergency Control Room (ECR) is responsible for the dissemination of authentic information regarding emergencies to the control rooms and response teams across agencies such as the AERB. The nearest ECRs are alerted for response deployment and briefings for further information dissemination. Based on the information provided through timely briefings, the level of emergency and conclusion of the emergency is determined by the AERB. Effective and procedural communication between all actors and institutions involved in emergency response is a crucial aspect in averting crises as a result of an emergency. Successful inter-agency coordination and provision and dissemination of accurate information are key to handling an emergency efficiently.

3.3.5 Establishment of Global Centre for Nuclear Energy Partnership

In fulfilling the promise made by India at the inaugural Nuclear Security Summit, it has established the Global Centre for Nuclear Energy Partnership (GCNEP) with a view to “help in capacity building, in association with the interested countries and the IAEA, involving technology, human resource development, education & training and giving a momentum to R&D in enlisted areas.”¹⁹ The centre currently has five schools, including one School on Nuclear Security Studies (SNSS) with the mission “to impart training to security agencies on application of physical protection system and response procedure, to enhance physical security of nuclear facilities by developing and deploying most modern technological tools including information security and to provide facilities for test and evaluation of sensors and systems used for physical security.”²⁰ In addition, computer security methodologies will be developed for protection of information related to the entire nuclear fuel cycle activities including that of nuclear security.

3.3.6 Holes in the Security Wall

In India, nuclear power plants under Nuclear Power Corporation of India (NPCIL) and big government research centres have adequate nuclear security machinery. Ionizing radiation applications have been accruing huge societal benefits, in terms of cancer treatment, diagnosis, and industrial uses such as non-destructive testing, gauging and in food processing applications, etc. However, the ionising radiation has certain radiological hazards associated with handling of radiation sources. Radioactive sources and radiation generators used are required to be handled safely throughout their life cycle to prevent any undue risk to health and environment. Physical protection at the sites where radiological sources, materials, devices, and instruments are used in India (e.g., hospitals, research facilities, oil and gas exploration industry, road construction industry, and steel manufacture) is lacking and physical security is rather lax, at best comparable to the protection provided at ATM.²¹ Loss of radioisotope sources occurs as a result of the violation of safe work practices and non-compliance with rules and guidelines.²² The main causes are human error and negligence in source handling and storage, as well as mismanagement and lack of supervision.

Most alarming are reports of radioactive material smuggling in and around India. Recently, in May 2021, over 7 kg of uranium was seized. India has established an inter-ministerial Counter Nuclear Smuggling Team to devise a coordinated multi-agency institutional mechanism to strengthen the national detection architecture for nuclear and radioactive material and deal with the threat of individuals or groups of individuals acquiring nuclear or radiological material for malicious purposes. Little open-source information is available on the steps India takes to prioritize security of its strategic assets, including nuclear weapons, components, or strategic facilities. The Nuclear Command Authority is responsible for all matters relating to the safety and security of India’s nuclear and delivery assets at all locations. It is believed that the physical security of warheads and components is provided by a specialized force drawn from the Indian Army.

3.3.7 Conclusion

Nuclear security is important for India for a number of reasons. India has a large nuclear programme and its atomic energy facilities are spread across the country. There are also significant vulnerabilities of nuclear terrorism and other threats from country’s immediate neighbourhood. The leaders of an organization have a particularly strong influence over the assumptions and ideas that need to be promoted to achieve and maintain a successful security culture. Principles ensuring nuclear security are based on multi-tier protection systems, and involving technological aspects, security framework, and SOPs, all firmly instituted and scrupulously enforced. Even a well-designed system can be degraded if the procedures necessary to operate and maintain it are poor, or if the operators fail to follow procedures. The biggest threat to nuclear security lies in complacency. Threats may arise because of the absence of security-related crises, low priority of security in operational activity, human nature for denial and scepticism, failure of senior management to act as role models, scarcity of resources, outdated procedures, and poor attitude towards those that report faults and flaws. Therefore, there is always scope for improvement. Security-related information needs to be communicated effectively, both inside and outside the organisation. Excessive and unwarranted secrecy is counterproductive. Although India has evolved and nurtured a coherent nuclear security culture, complacency is always a threat. Obedience to authority and reluctance to question authorities, which are ingrained aspects of Indian culture, may prove to be the cause of poor security performance.

No amount of security can be security enough, and as threats evolve, security has to be dynamic. The security system has to be adaptable to deal with a complex world. Adaptability controls the space between reaction and prediction, providing an inherent ability to respond efficiently to a wide range of potential challenges—not just those that are known or anticipated—as they arise in their environment. No adaptation is truly helpful if it’s considered a one-time event. Adaptation is a continual learning process that needs to be replicated and improved upon repeatedly. The best process for fostering this kind of recursive feedback in human systems is an intense focus on learning from success and failures.

3.4 A U.S. Perspective

• Cristina F. Lussier &
• Karen Kaldenbach 

The U.S. nuclear enterprise has focused on earning the trust of the American public in both safety and security since the end of World War II. While the U.S. Department of Energy continues to find unique opportunities to integrate the use of nuclear power as an alternative sustainable energy source for millions of Americans and their communities, the U.S. Department of Defense maintains its strong, credible nuclear arsenal to serve as a strategic deterrent against adversaries threatening America’s homeland and its allies.

While both nuclear energy and nuclear weapons involve the release of power from atomic reactions, “neither the physics nor the technologies are the same, nor are the institutions that manage the two.”²³ Yet throughout the years, these different organizations have collectively worked together to build a stronger bond of trust amongst the American public in accepting the use of nuclear power to both protect their national interests and support their daily livelihood. This chapter will explore events and characteristics that have defined the culture within these two entities of the nuclear enterprise. It also will analyze how Americans have come to accept the risk of nuclear power in order to maintain their prosperity and their independence.

3.4.1 Incorporating Lessons Learned

Since the end of World War II, the U.S. nuclear enterprise has worked hard to both maintain the Department of Defense’s nuclear arsenal and to share nuclear technology across the globe. After the U.S. dropped the first atomic bomb on Hiroshima, Japan in 1945, the world was put on notice: Americans will go to great lengths to protect their independence and national security.

Following the war, the world entered a new era, in which nuclear weapons emerged as the bedrock of strategic deterrence. As the nuclear arms race unfolded, so did the use of nuclear power for civilian use. Nuclear energy became not just a reason for fear, but also source of hope for clean, reliable, renewable energy.

3.4.1.1 Communicating Concerns Builds Understanding

Today, millions of Americans are dependent on nuclear-generated power. Almost one-fourth of all civil nuclear power plants in the world are in the U.S. This accounts for approximately one-third of the world’s global nuclear power generation.²⁴

Today’s nuclear strategic deterrence and the increase of civilian nuclear infrastructure projects over the years have relied on an effective national strategy driven by a committed workforce. Workforce culture can be an organization’s best asset or its worst liability. As Peter Drucker famously stated, “Culture eats strategy for breakfast.”²⁵ To understand how the nuclear enterprise has achieved its national security strategy objectives is to examine the attitudes, values, and behavior that together have comprised the organization’s culture. The ability to achieve operational success, as laid out by strategy, is driven by this culture, which ultimately wins or loses in both operations and in gaining the trust of the public that it serves.

After the Cold War ended and the Soviet Union collapsed, there was a need for the United States to better understand what role nuclear weapons would play in national security. In 1994, the U.S. government legislatively mandated the Department of Defense to perform a Nuclear Posture Review (NPR). Through the NPR, U.S. nuclear policy, strategy, capabilities, and force posture were to be outlined for the next five to ten years.²⁶ The first few NPRs were classified, making the document unavailable to the public. In 2010, the NPR was published as an unclassified document, making it publicly available. The administration did this because it “did not want to leave big open questions about what might be left unsaid because it’s in the classified domain.”²⁷

The 2010 transition from a classified to an unclassified NPR is noteworthy. It continues to impact the organizational culture of the Department of Defense and nuclear enterprise today. Whereas much of the emerging civilian technology involving nuclear energy falls into the open, unclassified programming space, the opposite was the case for much of U.S. defense organizations and support agencies. To seek solutions to the complex security issues facing the United States and its allies and partners required a shift in how these threats are seen and communicated.

Changing the NPR to an unclassified document allowed for transparency regarding the security challenges ahead. This facilitated collaboration amongst organizations and agencies in which they could discuss fighting domains and the impact of emerging threats—“including nuclear, conventional, cyber and space.”²⁸ As the speed of advancing technology in the twenty-first century diminishes latency between the decision to act and the execution of operation, the potential for devastating error is compounded. It is within this scope that senior political and defense leaders have stressed the importance of confidence in its workforce. Admiral Charles Richard, commander of U.S. Strategic Command, highlighted the need for nuclear modernization and considering the intricacies of command-and-control structures. He stated, “it has to be very clear to the military who has the authority and who has the responsibility to give that order.”²⁹

The United States nuclear enterprise seeks to empower individuals and organizations to do what is necessary to prevent and address existential threats that weaken collective strategic deterrence, creating an environment that promotes individual and organizational safety.

Whether discussing the concerns of conventional nuclear integration or nuclear power as clean energy, the United States’ focus on safety has enabled national organizations, industries, and workforces better to understand, engage, and respond to strategies to keep the nuclear enterprise safe, secure, and effective.

3.4.1.2 Taking Steps for Action

The U.S. Nuclear Regulatory Commission (NRC) has long recognized the importance of a positive nuclear safety culture. With a collective commitment from individuals and organizations, the practice of maintaining a positive safety culture tackles apathy in its earliest stages, before it grows into security atrophy resulting in a nuclear mishap. It also helps to build a more agile workforce. The NRC encourages nuclear organizations to cultivate a persistent focus on implementation of sound practices, where complacency is virtually absent. To support this goal, the NRC created a Safety Culture Policy Statement that includes nine key traits for individuals and organizations.³⁰ Figure 3.1 lists the nine traits and provides a brief description of each.

Fig. 3.1

NRC safety culture traitsFootnote

Reproduced courtesy of the United States Nuclear Regulatory Commission.

Research shows that certain personal and organizational traits exist in positive safety and security cultures. These traits are patterns of thinking, feeling, and behaving that continually emphasize safety and security. They are especially important when conflicts arise, such as disagreement between operations and security components about implementation of security measures that delay operational schedules.

Although these traits were first identified as safety culture traits, they equally apply to the collective security of an organization. There are significant differences between safety and security. Safety is primarily focused on protecting people and the environment from things, whereas security is focused on protecting things from people. For example, a security perspective aims to keep nuclear and radioactive materials secure within locked areas with no breach possible. A safety perspective, by contrast, would seek to protect the workforce in a nuclear facility from radioactive material that could present a health or safety concern.

Despite these differences, a synergistic relationship between safety and security is essential. For individuals working in and around the nuclear arena, the stakes are high. Adequately considering both safety and security helps propagate a positive overall culture. Staffs realize the importance of safety protocols designed to keep themselves, as well as those around them, from harm. However, for years many security requirements were viewed as the exclusive responsibility of the security staff. For example, if a site breach was attempted, the safety of those within the complex was viewed as a security issue, not a safety concern. The notion that security is everyone’s responsibility, just as maintaining safety protocols within a facility keeps everyone safe, had not been cultivated as common understanding until recently.

Over the last decade, the NRC made a concerted effort to correct this view within the workforce, with the publication of its Safety Culture Policy Statement. Efforts such as this, where leadership invested in its workforce by actively communicating implementation solutions and providing proactive follow through, have been essential to success within the nuclear enterprise. Despite its importance, however, the NRC Safety Culture Policy Statement was just a guiding document. How departments and organizations used the document is what ultimately created a cultural shift within the enterprise. The following examples highlight how organizations have communicated the NRC guidance.

The U.S. Department of Energy (DOE) stood up a Safety Culture Improvement Panel, which helped to outline practicing safety attributes in DOE’s Integrated Safety Management System Guide.³² In a publicly available trifold, the work done by the department’s panel helped to explain roles and responsibilities that have now become internalized by its workforce. The intuitive nature of the guidance has enabled it to become part of the workforce’s “DNA” at all echelons of the department.³³

Aligned with the DOE, and with a long history of helping to safeguard the nuclear enterprise for the U.S. Department of Defense, is the Defense Threat Reduction Agency (DTRA). DTRA is the U.S. Department of Defense agency that confronts challenges related to weapons of mass destruction and emerging threats.³⁴ The agency proudly emphasizes that its people are its most precious resource. In addition to people, integration of programs is very important. As Commander of the U.S. Strategic Command, Navy Adm. Charles A. Richard, recently commented, “it’s also important to understand how our modernization programs support and integrate with our efforts to rethink how we do strategic deterrence.”³⁵ A well supported, agile workforce is best prepared to meet this challenge.

The Atomic Energy Commission (AEC) led the safety of production, transportation, and storage of nuclear material at the beginning of the nuclear era. Today, U.S. Department of Defense Nuclear Weapon System Surety Policy provides maximum safety consistent with operational requirements. A key tenet of this program states, “to achieve nuclear weapon system safety, and to maintain the public trust by protecting public health, safety, and environment, it is critical that surety be considered throughout the life-cycle of the weapon.”³⁶

3.4.2 Nuclear Security from the Workforce to the Community

Workforce culture is often apparent upon entering a facility. Are all staff members executing safety protocols intuitively and in an organized fashion? Are security officers following procedures, being polite yet cognizant of unusual behaviors that may require further inquiry? Are staff members wearing credentials in the appropriate manner and following safety and security procedures, such as not allowing piggybacking of known coworkers into facilities, showing respect to others, and executing all protocols? The answers to these questions demonstrate the strength of an organization’s culture. Although an assessment may be required to determine the long-term viability of a positive culture, a leadership team that fosters an environment of continuous learning with positive enforcement can often achieve internalized systemic change.

For example, within the Department of Defense, standards, plans, procedures, and other positive measures are established to help the department accomplish its nuclear mission in a safe, secure, and reliable manner. Uniformity in expectation allows the workforce to achieve this successfully. Leadership throughout the ranks of the organization is held accountable not just for its actions, but for those of the team as well. These “standardized expectations” are part of an effective cultural foundation.

Hiring the right talent with specific skills needed for the task, right-sizing teams, and mandating initial and recurring periodic training are additional factors that keep the U.S. nuclear enterprise at its best. This is all part of the overall strategy. The plan is written down, approved, and funded for execution in maintaining nuclear security.

Toxic culture can put this strategy in jeopardy. Even the most engaged leaders and supervisors may fall victim to a toxic culture if another part of the internal process is broken or there is lack of communication across business lines of effort within an organization. For example, rushed hires, poor trainers, and substandard working conditions can all contribute to poor performance, which weighs heavily on organizations.

Consider, for example, how U.S. nuclear power plants, which are operated by contractors across the country, execute site protocols. While the workforce is trained with a focus on “safety first,” there is also a concerted effort to adapt to the diverse regions in which the plants are located. The ability to execute safety protocols differently while maintaining the strict security standards and expectations set forth by the NRC allows the contract teams to be effective and efficient in the regions in which they operate.

Job requirements and deeply held social expectations can sometimes conflict. For example, overt friendliness is generally considered an important trait in the southeastern United States. However, in some of the southern nuclear facilities, this friendliness prevented staff from challenging personnel who entered parts of the facility without authorization. These facilities adapted their training to incorporate polite inquiry regarding someone’s authorization to be in an area. This enabled them to maintain security but adapt to the local culture. Training and awareness of all expectations and skill sets to perform jobs, fostering of personal accountability, encouraging a questioning attitude, nurturing an environment for raising concerns, leadership support and encouragement, and implementation of sanctions are all important cultural traits needed to help ensure a safe and secure nuclear environment.

Working with and alongside local communities across the country means that leadership teams must deal with differing public opinions toward nuclear power. The Tennessee Valley Authority (TVA) has long sought to educate the public on the benefits of nuclear energy, to foster acceptance of nuclear power within the community. TVA actively shares employment opportunities and maintains an updated, publicly available website. It is willing to discuss issues and concerns surrounding nuclear power, to maintain trust and transparency of safety operations with the workforce and community, and to raise awareness of planned security operations. Before COVID-19, TVA hosted community days that included activities and food for the local community. During these events, TVA capitalized on the opportunity to build strong community relations. It distributed free calendars noting when drills would impact traffic and when it would sound warning sirens or make announcements to raise awareness about what the power plant does and how it maintains safety and security.³⁷

3.4.3 Defining Common Language, Values, and Standards

Publishing new policy statements does not uniformly alter organizational norms and behavior. Transformations that build strong organizational cultures occur from repeated processes that the workforce comes to believe in over time. The traits outlined by the NRC highlight key values that complement an already well-trained and highly educated workforce. The first step is to be able to communicate a vision that is easily understood, relevant, and viewed as collectively beneficial. The NRC Safety Culture Policy Statement clearly addresses the requirement that organizations ensure personnel in the safety and security sectors have an appreciation for the importance of both safety and security in their activities. U.S. nuclear power plants must demonstrate that a cognizant link between nuclear safety and nuclear security exists by NRC regulation. The IAEA Technical Report Series No. 1000 The Nuclear Safety and Nuclear Security Interface: Approaches and National Experiences addresses the management of this relationship.³⁸ As the Report makes clear, a safety issue has the potential to become a security issue just as a security issue has the potential to become a safety issue. We must protect against both.

Below, we discuss the traits that the NRC identifies as contributing to a robust safety and security culture. The nine traits are not meant to be all inclusive. The NRC’s expectation, however, is that both individuals and organizations foster those characteristics that actively embrace a strong safety and security culture within the nuclear enterprise.

Leadership safety values and actions are the first cultural trait. Organizational leaders not only implement the criteria to ensure security and safety are priorities within any facility; they also set the example for staff to emulate their behaviors. When leaders demonstrate a commitment to safety and security, staff recognize the importance of doing so themselves. It is important for leaders to ensure that necessary resources are allocated to constantly self-assess and ensure proper implementation of safety and security functions. Having a field presence to interact with safety and security personnel, and to recognize their achievements, can motivate staff. Often personal recognition is more meaningful than any financial incentive. Conversely, implementing sanctions for those who do not follow procedures and show the appropriate support for safety and security may help to prevent violations.

Problem identification helps ensure that when safety or security-related issues arise, they are promptly identified, evaluated, addressed, and resolved based upon their significance. The promptness with which organization do these things reflects upon how safety and security are prioritized. Those with a strong safety and security culture typically raise awareness with the staff about the importance of their participation in the process of identifying and addressing problems. Organizations can implement a corrective actions program with simple input capabilities, while also addressing progression and resolution of the issue. Implementing training programs to ensure that staff understand proper procedures allows them to report issues as they arise, before they become problematic.

In the realm of nuclear security, the objective for the U.S. is to maintain a safe, reliable, and credible nuclear deterrence posture. Any event, gap in capability, or issue that prevents even one of these objectives can have a negative impact on the role nuclear forces plays in properly executing strategy, plans, and programming. Thus, corrective action to address concerns of unwanted subcultures and attitudes is given high priority. Corrective action also entails prompt release of information to the public in the event of incidents involving nuclear weapons or nuclear components, radioactive material, nuclear weapon launch or transport vehicles, or nuclear reactors under Department of Defense control, as outlined in the Nuclear-Radiological Incident Public Affairs Guidance.³⁹

The duty of every staff member to identify and report problems leads to personal accountability. Employees must understand their specific job assignment and the importance of standards in performing their assigned tasks. Every staff member, from cleaner to CEO, plays a role in ensuring the safety and the security of the facility. Individuals must work well within teams in pursuit of this goal. Leadership can be essential in cultivating teamwork among staff and propagating a positive workplace environment.

Ensuring work processes are well defined and implemented to nurture good safety and security is also extremely important. This involves planning and controlling work activities via measures such as defining policies, implementing strong operating procedures, ensuring staff are properly trained on these procedures, and ensuring that work is managed in a way that safety and security are the overriding priorities. The design margins within which work should be performed must be well defined, and all staff should be trained on how to react when approaching these margins. All work processes should be adequately documented, with staff trained on the processes and knowing where to find necessary reference documentation. Last, staff must understand the importance of their rigorous adherence to procedures—knowing these were put into place to ensure a safe and secure work environment for all. If steps are deemed unnecessary and are often skipped by staff, this should be reported. If staff identifies potential improvements to standard operating procedures, the old procedure should be followed until replaced by a new one. Staff should discuss concerns with leadership to determine if a procedural review is necessary. Staff training should include learning opportunities to help them understand why certain steps may be necessary in light of specific safety or security concerns.

Successful organizations provide staff robust initial training and then enable them to engage in continuous learning regarding both safety and security. Such learning enhances the ability and willingness of individuals to apply their knowledge in the workplace. As this knowledge and experience are shared, it spreads throughout the organization, strengthening the culture in the process. Staff who feel that an organization is investing in their personal and professional success are motivated to perform better. Organizations can aid this process by conducting self-assessments and benchmarking to define areas of needed improvement. Also, lessons learned should be collected and made available to staff to avoid repeating mistakes.

When security staff are hired by TVA’s Watts Bar Nuclear Power Plant, they go through four weeks of rigorous training before beginning their official assignment. This training focuses not just on their security duties, but also on the operation of a nuclear power plant. This investment in staff has paid dividends on multiple occasions. One such case involved a security officer who, while performing his normal patrols, noticed an unusual steam pattern emanating from a valve. He took the initiative to report this to his supervisor, who immediately contacted operations staff. A pressure issue that could have led to progressive degeneration was identified early and corrected without damage to the plant. The security officer applied his existing knowledge and observations of normal plant processes with his personal accountability to raise awareness and report a potential issue. His management listed him as security officer of the month for his dedication to ensure safety and security at the site.

This example speaks to both the security officer and to the organization for promoting an environment for raising concerns. In a positive workplace, personnel feel free to raise concerns without fear of retaliation, intimidation, harassment, or discrimination. Leadership ensures that when staff do so, the issue is promptly and transparently reviewed. The appropriate level of management should be engaged in resolution of the issue, fostering an environment that promotes open communication where there is never retribution for reporting (Fig. 3.2).

Fig. 3.2

TVA’s Sequoyah nuclear plant

An incident at Exelon’s Dresden Nuclear Power Station illustrates the dangers of staff’s failure to report concerns. Two senior reactor operators were found to have been plotting an armored car heist, even soliciting support within the power station. Although staff members had become aware of the plot, and understood its potential seriousness, no one reported any concerns to management. The plot ultimately unraveled, but “the case sent ripples through the nuclear power industry, prompting the Exelon Corp.—which owns the Dresden plant and is the largest U.S. operator of nuclear reactors—to change how it trains its employees to spot and report behavior that might pose a security threat.”⁴⁰

Effective safety communications, which are facilitated by a pro-reporting environment, constitute one of the most important characteristics of a strong safety and security culture. Leadership works to ensure that information flows effectively from the top down and encourages open dialogue among staff at all levels. Safety and security communications must be incorporated into all work activities as a normal part of operations. If this has not occurred at a facility, then procedures must be revised and staff must be retrained on the revised procedures.

This process was implemented recently at one national laboratory in the United States. After careless errors were repeatedly reported, the lab director conducted a shutdown of all activities for one week to retrain and refocus staff on effectively implementing procedures and communicating concerns through the appropriate channels. This was a very costly exercise, but the lab director recognized that safety and security issues could have caused far worse problems. It also successfully communicated leadership’s expectations and prioritization of safety and security.

A critical element in helping staff feel empowered to communicate well is a respectful work environment. Leaders can greatly assist in creating a workplace where everyone is treated with dignity and respect. However, all staff members impact this effort through their daily treatment of one another. Ensuring trustworthiness and implementing necessary security protocols to verify reliability is necessary, and everyone can show that opinions are valued and demonstrate respect. This is a circular process, which recognizes that each position within the facility can contribute to the safety and security of everyone at that site. This happens when all accept personal accountability in carrying out the work processes, identifying problems and seeking resolution, and communicating with the appropriate staff to raise concerns. Employees must demonstrate a high level of trust in resolving all conflicts using fair and objective methods, seeking to aid learning for all involved parties to achieve a reasonable outcome.

The final cultural trait fits seamlessly with the previous eight. All individuals within a facility should have a questioning attitude. A questioning attitude does not mean disrespect for the opinions of others; instead, it means that individuals do not become complacent in the workplace. In their individual positions, they should continually evaluate conditions and activities to identify abnormalities that could result in errors or inappropriate action. Knowing that nuclear facilities are unique, it is important that work is continuously assessed to identify inconsistencies and abnormalities. It is possible to become blind to minor changes over time. Sometimes those with “fresh eyes” can more easily notice a problem than those exposed to it every day. Staff must be encouraged to challenge assumptions and ask questions about things they do not fully understand. Explaining the process helps reinforce learning for newer staff and may bring an opportunity for exchange of fresh ideas from which all can learn. Staff should always have a respectful attitude and be open to such opportunities.

A review of the facility breach incident at the Y-12 National Security Complex (Y-12) facility in Oak Ridge, Tennessee, as a case study showcases the importance of the nine traits discussed above, and the danger of failing to maintain a culture that promotes safety and security.

3.4.4 Y-12 Case Study

Perhaps one of the best examples of the interconnectedness of security and safety and how the failure of one impacts the other in the nuclear community is the July 2012 incident at the Y-12 facility. Y-12 is a US Department of Energy National Nuclear Security Administration (NNSA) facility that was originally established as a uranium enrichment site as part of the Manhattan Project and currently serves as one of the central repositories for highly enriched uranium in the United States. This is one of the United States’ most sensitive facilities, spending approximately $150 million annually to ensure security is maintained. It is not uncommon for antinuclear protests to occur at this facility; however, protests are usually registered with local city ordinances and typically remain peaceful (Fig. 3.3).

Fig. 3.3

Delay barriers at Y-12Footnote

Reproduced courtesy of Department of Energy.

In the early morning on July 28, 2012, three protestors (the most well-known being an 82-year-old Catholic nun) crossed multiple fences and security systems, activating numerous alarms and sensors between fences. The trespassers gained access to the most protected area of the site around the highly enriched uranium materials facility, banged on the building, defaced it with paint, and remained in the protected area for several hours before security officers intervened. The protestors did not gain entry to the building and were removed for later prosecution.⁴² But how could unauthorized personnel gain access to one of the nation’s most highly secured areas?

The contractor operating Y-12 had recently changed, resulting in new management of the facility. The contract for maintenance and operation of the facility was split from that for the physical protection of the site. Multiple problems had emerged relating to the performance of maintenance, budgeting for new equipment, classification of failures, communications, and reporting of concerns. Staff were reported to be embittered with the new contractor’s dismissive attitude regarding equipment failures and lack of attentiveness to employee concerns. Leadership did not allow staff to follow procedures in all cases. With the obvious lack of attention and mindfulness of staff to the previously mentioned cultural traits, a spiraling effect degraded the facility’s safety and security culture.

The subsequent DOE inquiry highlighted “multiple system failures on several levels,” identifying “troubling displays of ineptitude in responding to alarms, failures to maintain critical security equipment, overreliance on compensatory measures, misunderstanding of security protocols, poor communications, and weaknesses in contract and resource management.”⁴³ These issues, combined with “contractor governance and federal oversight failure to identify and correct early indicators of these multiple system breakdowns,” allowed potentially catastrophic failures. Weak adherence to security protocols was clearly cited as a key dimension of the breach with failures “contributing to an atmosphere in which the trespassers could gain access to the protected security area.” NNSA staff determined that “contributing and direct causes of the security event included an inappropriate Y-12 cultural mindset, as well as a severe lapse of discipline and performance.” An additional problem was “a culture of compliance, as opposed to a culture of performance.”⁴⁴

The Y-12 security breach resulted in much criticism of how DOE safeguards nuclear materials and damaged the reputation of the DOE and supporting contractors. The protective force contractor lost its contract as a direct result of the breach. Y-12 and NNSA took actions to improve security at the site with an active focus on improving both safety and security cultures of the organization. “Ironically, the Y-12 breach may have been an important ‘wake-up’ call regarding the need to correct security issues at the site,” as well as the importance of security and safety culture generally.⁴⁵

3.4.5  Conclusion

This chapter demonstrated the importance of a robust safety and security culture within the nuclear enterprise and identified key building blocks necessary to create it. An important theme throughout the chapter was the importance of leadership, which plays a critical role in fostering healthy cultures, which in turn sustain a strong, agile workforce able to meet the demands of a changing security environment. Such a workforce is inclusive, not afraid to identify and admit to failures, and able to limit the spread of toxic subcultures within an organization. Leaders who can articulate the immense value of safety and security and promote healthy cultures are therefore force multipliers, strengthening the nation’s nuclear security posture. The leadership necessary to foster strong safety and security cultures within the U.S. nuclear enterprise did not appear overnight, but evolved over decades of dedicated political and financial commitment. Continued long-term investment of intellectual, financial, and political resources will be necessary to ensure that such leadership continues into the future.