GAO-04-894T, Nuclear Security: Several Issues Could Impede the Ability of DOE's Office of Energy, Science and Environment to Meet the May 2003 Design Basis Threat


This is the accessible text file for GAO report number GAO-04-894T 
entitled 'Nuclear Security: Several Issues Could Impede the Ability of 
DOE's Office of Energy, Science and Environment to Meet the May 2003 
Design Basis Threat' which was released on June 22, 2004.

This text file was formatted by the U.S. General Accounting Office 
(GAO) to be accessible to users with visual impairments, as part of a 
longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov.

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately.

Testimony:

Before the Subcommittee on National Security, Emerging Threats, and 
International Relations, Committee on Government Reform, House of 
Representatives:

United States General Accounting Office:

GAO:

For Release on Delivery Expected at 10:00 a.m. EDT:

Tuesday, June 22, 2004:

Nuclear Security:

Several Issues Could Impede the Ability of DOE's Office of Energy, 
Science and Environment to Meet the May 2003 Design Basis Threat:

Statement of Robin M. Nazzaro, Director, Natural Resources and 
Environment Team:

GAO-04-894T:

GAO Highlights:

Highlights of GAO-04-894T, a testimony to Subcommittee on National 
Security, Emerging Threats, and International Relations, Committee on 
Government Reform, House of Representatives 

Why GAO Did This Study:

A successful terrorist attack on Department of Energy (DOE) sites 
containing the material used in nuclear weapons, called special nuclear 
material, could have devastating consequences for the site and its 
surrounding communities. Because of these risks, DOE needs an effective 
safeguards and security program. A key component of an effective 
program is the design basis threat (DBT), a classified document that 
identifies, among other things, the potential size and capabilities of 
terrorist forces. The terrorist attacks of September 11, 2001, rendered 
the then-current DBT obsolete resulting in DOE issuing a new version in 
May 2003. 

GAO examined the issues that could impede the ability of DOE’s Office 
of Energy, Science and Environment to fully meet the threat contained 
in the May 2003 DBT by the department’s fiscal year 2006 deadline. 


What GAO Found:

Five Office of Energy, Science and Environment sites contain 
substantial quantities of Category I special nuclear material, which 
consists of specified quantities of plutonium and highly enriched 
uranium. These sites have all developed plans for implementing the May 
2003 DBT. However, there are several issues that could make it 
difficult to implement these plans by DOE’s deadline of the end of 
fiscal year 2006. Specifically: 

* Office of Energy, Science and Environment sites approved their DBT 
implementations plans in February 2004 before the Deputy Secretary of 
Energy issued his April 2004 guidance on which sites had improvised 
nuclear device vulnerabilities. As a result, some sites may be required 
to shift to enhanced protection strategies, which could be very costly. 
Consequently, the assumptions in the Office of Energy, Science and 
Environment DBT implementation plans may no longer be valid, and the 
plans may need to be revised.

* Office of Energy, Science and Environment site plans are based on the 
May 2003 DBT; however, DOE is now reexamining the May 2003 DBT and may 
revise it. Consequently, if the DBT is changed in a way that increases 
security requirements, some Office of Energy, Science and Environment 
sites may have to revise their implementation plans to reflect the need 
to provide for a more stringent defense.

* The plan for one Office of Energy, Science and Environment site was 
under funded. Specifically, officials in the Office of Nuclear Energy, 
Science and Technology, which is part of the Office of Energy, Science 
and Environment, told GAO that, for one site, no DBT implementation 
funding had been requested for fiscal year 2005. 

* Finally, full implementation of these plans will require the 
successful resolution of complex organizational arrangements between 
various program and security offices.

Consequently, GAO continues to believe, as it recommended in April 
2004, that DOE needs to develop and implement a departmentwide, 
multiyear, fully resourced implementation plan for meeting the new DBT 
requirements that includes important programmatic activities such as 
the closure of facilities and the transportation of special nuclear 
materials.

www.gao.gov/cgi-bin/getrpt?GAO-04-894T.

To view the full product, including the scope and methodology, click on 
the link above. For more information, contact Robin M. Nazzaro at (202) 
512-3841 or nazzaror@gao.gov.

[End of section]

Mr. Chairman and Members of the Subcommittee:

I am pleased to be here today to discuss our work on physical security 
at the Department of Energy's (DOE) Office of Energy, Science and 
Environment (ESE). DOE's Office of Energy, Science and Environment 
comprises nine offices, including the Offices of Environmental 
Management (EM); Nuclear Energy, Science and Technology (NE); and 
Science (SC) and is headed by the Under Secretary for ESE.

DOE has long recognized that a successful terrorist attack on a site 
containing the material used in nuclear weaponsócalled special nuclear 
materialócould have devastating consequences for the site and its 
surrounding communities. This is particularly true at sites that 
contain Category I special nuclear material, which consists of 
specified quantities of plutonium and highly enriched uranium in the 
form of assembled nuclear weapons and test devices, major nuclear 
components, and other high-grade materials such as solutions and 
oxides.

Because terrorist attacks could have such devastating consequences, 
DOE's effective management of its safeguards and security program, 
which includes developing safeguards and security policies, is 
essential to preventing an unacceptable, adverse impact on national 
security.[Footnote 1] For many years, DOE has employed risk-based 
security practices. To manage potential risks, DOE has developed a 
design basis threat (DBT), a classified document that identifies the 
potential size and capabilities of terrorist forces. DOE's DBT is based 
on an intelligence community assessment known as the Postulated Threat. 
DOE requires the contractors operating its sites to provide sufficient 
protective forces and equipment to defend against the threat contained 
in the DBT. The DBT in effect on September 11, 2001, had been DOE 
policy since June 1999. DOE replaced the 1999 DBT in May 2003 to better 
reflect the current and projected terrorist threats that resulted from 
the September 11 attacks.

On April 27, 2004, we testified before this Subcommittee on several key 
aspects surrounding DOE's development and implementation of its May 
2003 DBT.[Footnote 2] Specifically, we reported on our examination of 
(1) the reasons DOE needed almost 2 years to develop a new DBT, (2) the 
higher threat contained in the new DBT, and (3) the remaining issues 
that needed to be resolved for DOE to fully defend against the threat 
contained in the new DBT. With regard to the issues needing resolution 
for DOE to fully defend against the threat contained in the new DBT, we 
found that DOE had been slow to resolve a number of significant issues 
including developing DBT implementation plans and budgets to support 
these plans. The need to fully resolve these issues may affect the 
ability of its sites to fully meet the threat contained in the new DBT 
in a timely fashion. Consequently, we stated that DOE's deadline to 
meet the requirements of the new DBT by the end of fiscal year 2006 was 
probably not realistic for some sites.

Subsequently, you asked us to examine in more detail the issues that 
could impede ESE's ability to fully meet the threat contained in the 
new DBT by DOE's fiscal year 2006 deadline. To carry out our objective, 
we interviewed DOE and ESE officials, including EM, NE, and SC 
headquarters security officials, as well as field security officials. 
We also reviewed relevant documents these officials provided to us. In 
addition, we reviewed recent reports from DOE's Office of Independent 
Oversight and Performance Assurance for the ESE sites that contain 
Category I special nuclear material. We also relied on our previous 
work on DOE physical security conducted for this Subcommittee over the 
last 2 years. We performed our work from May 2004 to June 2004 in 
accordance with generally accepted government auditing standards.

In summary, ESE sites containing Category I special nuclear material 
have developed plans for implementing the May 2003 DBT. However, we 
believe there are several issues that could make it difficult to 
implement these plans by DOE's deadline of the end of fiscal year 2006. 
These specific issues are as follows:

* ESE sites approved their implementation plans during February 2004 
before the Deputy Secretary of Energy issued his April 2004 guidance on 
which sites had improvised nuclear device vulnerabilities. As a result, 
some sites may be required to shift to enhanced protection strategies, 
which could be very costly. Consequently, the assumptions in the ESE 
site plans may no longer be valid, and the plans may need to be 
revised.

* ESE site plans are based on the May 2003 DBT; however, DOE is now 
reexamining the May 2003 DBT and may revise it. Consequently, if the 
DBT is changed to increase security requirements, some ESE offices may 
have to revise their implementation plans to reflect the need for a 
more stringent defense.

* While ESE sites have developed implementation plans, even under the 
old assumptions, the plan for one site was under funded. Specifically, 
NE security officials told us that for one site no DBT implementation 
funding had been requested for fiscal year 2005.

* Finally, full implementation of these plans will require the 
successful resolution of complex organizational arrangements between 
various program and security offices.

We continue to believe, as we recommended in April 2004, that DOE needs 
to develop and implement a department wide multiyear, fully resourced 
implementation plan for meeting the new DBT requirements that includes 
important programmatic activities such as the closure of facilities and 
the transportation of special nuclear materials.[Footnote 3]

Background:

Five ESE sites collectively contain substantial quantities of Category 
I special nuclear material. These include the following:

* the Savannah River Site in Savannah River, South Carolina, and the 
Hanford Site in Richland, Washington, which are managed by EM;

* the Idaho National Engineering and Environmental Laboratory and the 
Argonne National Laboratory-West which are located in Idaho Falls, 
Idaho, and are managed by NE; and:

* the Oak Ridge National Laboratory in Oak Ridge, Tennessee, which is 
managed by SC.

Contractors operate each site for ESE. The ESE program offices that 
oversee these sitesóEM, NE, and SCóhave requested about $397 million in 
fiscal year 2005 for security.

Two other organizations are important contributors to DOE's security 
program. The Office of Security in DOE's Office of Security and Safety 
Performance Assurance develops and promulgates orders and policies, 
such as the DBT, to guide the department's safeguards and security 
programs. The Office of Independent Oversight and Performance Assurance 
in DOE's Office of Security and Safety Performance Assurance supports 
the department by, among other things, independently evaluating the 
effectiveness of contractors' performance in safeguards and security. 
It also performs follow-up reviews to ensure that contractors have 
taken effective corrective actions and appropriately addressed 
weaknesses in safeguards and security.

The risks associated with Category I special nuclear materials vary but 
include the creation of improvised nuclear devices capable of producing 
a nuclear yield, theft for use in an illegal nuclear weapon, and the 
potential for sabotage in the form of radioactive dispersal. Because of 
these risks, DOE has long employed risk-based security practices. The 
key component of DOE's well-established, risk-based security practices 
is the DBT, a classified document that identifies the characteristics 
of the potential threats to DOE assets. The DBT traditionally has been 
based on a classified, multiagency intelligence community assessment of 
potential terrorist threats, known as the Postulated Threat. The DBT 
considers a variety of threats in addition to the terrorist threat. 
Other adversaries considered in the DBT include criminals, psychotics, 
disgruntled employees, violent activists, and spies. The DBT also 
considers the threat posed by insiders, those individuals who have 
authorized, unescorted access to any part of DOE facilities and 
programs. Insiders may operate alone or may assist an adversary group. 
Insiders are routinely considered to provide assistance to the 
terrorist groups found in the DBT. The threat from terrorist groups is 
generally the most demanding threat contained in the DBT.

DOE counters the terrorist threat specified in the DBT with a 
multifaceted protective system. While specific measures vary from site 
to site, all protective systems at DOE's most sensitive sites employ a 
defense-in-depth concept that includes sensors, physical barriers, 
hardened facilities and vaults, and heavily armed paramilitary 
protective forces equipped with such items as automatic weapons, night 
vision equipment, body armor, and chemical protective gear.

The effectiveness of the protective system is formally and regularly 
examined through vulnerability assessments. A vulnerability assessment 
is a systematic evaluation process in which qualitative and 
quantitative techniques are applied to detect vulnerabilities and 
arrive at effective protection of specific assets, such as special 
nuclear material. To conduct such assessments, DOE uses, among other 
things, subject matter experts, such as U.S. Special Forces; computer 
modeling to simulate attacks; and force-on-force performance testing, 
in which the site's protective forces undergo simulated attacks by a 
group of mock terrorists.

The results of these assessments are documented at each site in a 
classified document known as the Site Safeguards and Security Plan. In 
addition to identifying known vulnerabilities, risks, and protection 
strategies for the site, the Site Safeguards and Security Plan formally 
acknowledges how much risk the contractor and DOE are willing to 
accept. Specifically, for more than a decade, DOE has employed a risk 
management approach that seeks to direct resources to its most critical 
assetsóin this case Category I special nuclear materialóand mitigate 
the risks to these assets to an acceptable level. Levels of riskóhigh, 
medium, and lowóare assigned classified numerical values and are 
derived from a mathematical equation that compares a terrorist group's 
capabilities with the overall effectiveness of the crucial elements of 
the site's protective forces and systems.

Historically, DOE has striven to keep its most critical assets at a low 
risk level and may insist on immediate compensatory measures should a 
significant vulnerability develop that increases risk above the low 
risk level. Compensatory measures could include deploying additional 
protective forces or curtailing operations until the asset can be 
better protected. In response to a September 2000 DOE Inspector 
General's report recommending that DOE establish a policy on what 
actions are required once a high or moderate risk is identified, in 
September 2003, DOE's Office of Security issued a policy clarification 
stating that identified high risks at facilities must be formally 
reported to the Secretary of Energy or Deputy Secretary within 24 
hours. In addition, under this policy clarification, identified high 
and moderate risks require corrective actions and regular reporting.

Through a variety of complementary measures, DOE ensures that its 
safeguards and security policies are being complied with and are 
performing as intended. Contractors perform regular self-assessments 
and are encouraged to uncover any problems themselves. DOE Orders also 
require field offices to comprehensively survey contractors' operations 
for safeguards and security every year. The Office of Independent 
Oversight and Performance Assurance in DOE's Office of Security and 
Safety Assurance provides yet another check through its comprehensive 
inspection program. All deficiencies identified during surveys and 
inspections require the contractors to take corrective action.

Reflecting the post-September 11 environment, the May 2003 DBT, among 
other things, identified a larger terrorist threat than did the 1999 
DBT. It also expanded the range of terrorist objectives to include 
radiological, biological, and chemical sabotage. Key features of the 
2003 DBT included the following:

* Expanded terrorist characteristics and goals. The 2003 DBT assumes 
that:

terrorist groups are the following: well armed and equipped; trained in 
paramilitary and guerrilla warfare skills and small unit tactics; 
highly motivated; willing to kill, risk death, or commit suicide; and 
capable of attacking without warning. Furthermore, according to the 
2003 DBT, terrorists might attack a DOE facility for a variety of 
goals, including the theft of a nuclear weapon, nuclear test device, or 
special nuclear material; radiological, chemical, or biological 
sabotage; and the on-site detonation of a nuclear weapon, nuclear test 
device, or special nuclear material that results in a significant 
nuclear yield. DOE refers to such a detonation as an improvised nuclear 
device.

* Increased the size of the terrorist group threat. The 2003 DBT 
increases the terrorist threat levels for the theft of the department's 
highest value assets--Category I special nuclear materials--although 
not in a uniform way. Previously, under the 1999 DBT, all DOE sites 
that possessed any type of Category I special nuclear material were 
required to defend against a uniform terrorist group composed of a 
relatively small number of individuals. Under the 2003 DBT, however, 
the department judged the theft of a nuclear weapon or test device to 
be more attractive to terrorists, and sites that have these assets are 
required to defend against a substantially higher number of terrorists 
than are other sites. For example, a DOE site that, among other things, 
assembles and disassembles nuclear weapons, is required to defend 
against a larger terrorist group. Other DOE sites, such as an EM site 
that stores excess plutonium, only have to defend against a smaller 
group of terrorists. However, the number of terrorists in the 2003 DBT 
is larger than the 1999 DBT number. DOE calls this a graded threat 
approach.

* Mandated specific protection strategies. In line with the graded 
threat approach and depending on the type of materials they possess and 
the likely mission of the terrorist group, sites must now implement 
specific protection strategies for Category I special nuclear material. 
In addition, sites will have to develop, for the first time, specific 
protection strategies for facilities, such as radioactive waste storage 
areas, wastewater treatment, and science laboratories, against the 
threat of radiological, chemical, or biological sabotage.

* Addressed the potential for improvised nuclear device concerns. The 
May 2003 DBT established a special team to report to the Secretary of 
Energy on each site's potential for improvised nuclear devices. Based 
on the team's advice, in April 2004 the Deputy Secretary of Energy 
designated whether a site had such a concern. This official designation 
was intended to help address the general dissatisfaction with previous 
DOE policies for improvised nuclear devices, knowledge of which was 
carefully controlled and not shared widely with security officials. For 
example, some EM sites had no information at all on their potential for 
this risk.

A Number of Issues May Affect the Ability of ESE Sites to Fully Meet 
the Threat Contained in the New DBT in a Timely Fashion:

When we testified before this Subcommittee in April 2004, we stated 
that while DOE had issued the final DBT in May 2003, it had only 
recently begun to resolve a number of significant issues that could 
affect the ability of its sites to fully meet the threat in the new DBT 
in a timely fashion. These issues involved issuing additional DBT 
implementation guidance, developing DBT implementation plans, and 
developing budgets to support these plans. We noted that fully 
resolving all of these issues might take several years, and the total 
cost of meeting the new threats was currently unknown. Consequently, we 
stated, full DBT implementation could occur anywhere from fiscal year 
2005 to fiscal year 2008, well beyond the department's goal of the end 
of fiscal year 2006. Because some sites would be unable to effectively 
counter the higher threat contained in the new DBT for up to several 
years, we stated that these sites should be considered to be at higher 
risk under the new DBT than they were under the old DBT.After reviewing 
ESE's efforts to implement the May 2003 DBT at sites containing 
Category I special nuclear material, we continue to be concerned about 
whether DOE can meet its fiscal year 2006 deadline for full DBT 
implementation. Specifically, while ESE sites that contain Category I 
special nuclear material have developed plans for implementing the May 
2003 DBT, as directed by the Deputy Secretary of Energy, we believe 
there are four issues that will make it difficult to implement these 
plans in a timely fashion.

First, ESE sites approved their implementation plans in February 2004 
before the Deputy Secretary of Energy issued his guidance on which 
sites had improvised nuclear device vulnerabilities. As noted 
previously, the May 2003 DBT created a special team, composed of 
weapons designers and security specialists to report on each site's 
improvised nuclear device vulnerabilities. The results of this report 
were briefed to senior DOE officials in March 2004 and the Deputy 
Secretary of Energy issued guidance, based on this report, to DOE sites 
in early April 2004. As a result, some sites may be required under the 
2003 DBT to shift to enhanced protection strategies, which could be 
very costly. This special team's report may most affect ESE sites, 
because, in some cases, their improvised nuclear device potential had 
not previously been explored. In addition, ESE security officials told 
us that confusion exists about how or if this guidance applies to their 
sites, and they stated that they are working with officials from DOE's 
Office of Security to resolve this confusion. The Director of DOE's 
Office of Security and Safety Performance Assurance agreed that 
additional guidance will be necessary to resolve this confusion. 
Consequently, because ESE sites developed their plans well before this 
guidance was issued, the assumptions in their plans may no longer be 
valid and the plans may need to be revised.

Second, the ESE site implementation plans are based on the May 2003 
DBT; however, DOE is now reexamining the May 2003 DBT and may revise 
it. In our April 2004 report, we expressed several concerns about the 
May 2003 DBT. In particular, we noted that some DOE sites may have 
improvised nuclear device concerns that, if successfully exploited by 
terrorists could result in a nuclear detonation. However, under the May 
2003 DBT, DOE only required these sites to defend against a relatively 
small group of terrorists. Because we believed that DOE had not made a 
persuasive case for defending against a lower number of terrorists, we 
recommended that DOE reexamine how it applies the DBT to sites with 
improvised nuclear device concerns. Subsequently, in May 2004, the 
Secretary of Energy announced that the department would reexamine the 
DBT. Originally, this reexamination was to be completed by June 30, 
2004. However, according to the Director of DOE's Office of Security 
and Safety Performance Assurance this effort will not be completed 
until August 6, 2004. In addition, the Director stated that the end 
result of this effort may only be a plan on how to revise the DBT. 
Consequently, if the DBT is changed in a way that increases security 
requirements, some ESE offices may have to revise their implementation 
plans to reflect the need to provide for a more stringent defense.

Third, in one case ESE does not have adequate resources. Specifically, 
while ESE sites have developed implementation plans, even under the old 
assumptions, the plan for one site was under funded. NE security 
officials told us that for one site no DBT implementation funding had 
been requested for fiscal year 2005, even though the site recognized 
that it needed to substantially increase its protective forces to meet 
the new DBT.

Finally, ESE faces a number of complex organizational issues that could 
make DBT implementation more difficult. Specifically:

* EM's Security Director told us that for EM to fully comply with the 
DBT requirements in fiscal year 2006 at one of its sites, it will have 
to close and de-inventory two facilities, consolidate excess materials 
into remaining special nuclear materials facilities, and move 
consolidated Category I special nuclear material, which the National 
Nuclear Security Administration's Office of Secure Transportation will 
transport, to another site. Likewise, the EM Security Director told us 
that to meet the DBT requirements at another site, EM will have to 
accelerate the closure of one facility and transfer special nuclear 
material to another facility on the site. Because the costs to close 
these facilities and to move materials within a site are borne by the 
EM program budget and not by the EM safeguards and security budget, 
obtaining adequate funding could be difficult.

* At an Office of Science site, a building that contains Category I 
special nuclear material is managed and protected by the Office of 
Science, while the material itself belongs to NE. NE is currently 
planning to remove the material and process it. After processing, the 
material will no longer have to meet the protection requirements for 
Category I special nuclear material. Accomplishing this task will 
require additional security measures, the planning and funding for 
which will have to be carefully coordinated between the Office of 
Science and NE.

* NE sites face similar issues. For example, the NE Security Director 
told us that EM currently owns all of the Category I special nuclear 
material stored at an NE site. EM is currently planning to have the 
National Nuclear Security Administration's Office of Secure 
Transportation transport this material to several other locations by 
the end of January 2005. According to the NE site Security Director, NE 
is counting on the successful removal of this special nuclear material 
to meet the department's fiscal year 2006 deadline for implementing the 
May 2003 DBT. To implement the May 2003 DBT, NE also needs to 
consolidate two of its sites into a single national laboratory, which 
will, among other things, ensure that it has an adequate number of 
protective forces. If the EM special nuclear materials are not moved 
and this consolidation is not achieved, the number of protective forces 
at this site may not be adequate.

Because of the importance of successfully integrating multiple program 
activities with security requirements, we continue to believe, as we 
recommended in April 2004, that DOE needs to develop and implement a 
departmentwide, multiyear, fully resourced implementation plan for 
meeting the May 2003 DBT requirements that includes important 
programmatic activities such as the closure of facilities and the 
transportation of special nuclear materials.

Mr. Chairman, this concludes our prepared statement. We would be happy 
to respond to any questions that you or Members of the Subcommittee may 
have.

GAO Contact and Staff Acknowledgments:

For further information on this testimony, please contact Robin M. 
Nazzaro at (202) 512-3841. James Noel and Jonathan Gill made key 
contributions to this testimony. Don Cowan and Preston Heard also made 
contributions to this testimony.

FOOTNOTES

[1] See U.S. General Accounting Office, Nuclear Security: NNSA Needs to 
Better Manage Its Safeguards and Security Program, GAO-04-471 
(Washington, D.C.: May 30, 2003).

[2] See U.S. General Accounting Office, Nuclear Security: DOE Must 
Address Significant Issues to Meet the Requirements of the New Design 
Basis Threat, GAO-04-701T (Washington, D.C.: April 27, 2004).

[3] See U.S. General Accounting Office, Nuclear Security: DOE Needs to 
Resolve Significant Issues Before It Fully Meets the New Design Basis 
Threat, GAO-04-623 (Washington, D.C.: April 27, 2004).