-
11/12/2008
1
SECURITY IN GAUGING ACTIVITY
Name:FAEIZALALISection/Division:SEKSYENPERUNDANGANATOMICENERGYLICENSINGBOARD(AELB)MINISTRYOFSCIENCETECHNOLOGYANDINNOVATION
Background
Before 11 September 2001, the security of radioactive sources
was largely addressed by measures protecting the sources from
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
y p gunintentional access by inappropriately qualified personnel
or attempts at theft for financial gain
2
REGULATORY CONTROL HIERARCHY
ActRegulation
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
OrderCode of PracticeMaterial Advisor
LEGISLATIVE FRAMEWORK
i. Main Legislation
Atomic Energy Licensing Act 1984 (Act 304)
ii. RegulationsRadiation Protection (Licensing) Regulations
1986
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
( g) gRadiation Protection (Basic Safety Standard) Regulations
1988
Regulation No. 52 Emphasize on the licensees responsibility on
the protection of sources from theft and sabotage
Radiation Protection (Transportation) Regulations 1989Radiation
Protection (Appeal) Regulations 1990
-
11/12/2008
2
Laws are in place.
Regulatory Authority exists.
RADIATION PROTECTION & SECURITY INFRASTRUCTURE
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
Rules, regulations and standards have been established.
Arrangements for radiation safety training, radiation protection
services and radwaste management services are in place.
- Adoption of the Code of Conduct on Security of Radioactive
Sources and the 3 Supporting documents
1st announcement to licensees on 10 December 2008 2nd
Announcement on the adoption of these d t t P R ibl f th Li
RADIATION PROTECTION & SECURITY INFRASTRUCTURE
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
documents to Person Responsible for the License (PRFL) &
Radiation Protection Officer (RPO) on 30 June 2009.
- Source registry database systems
RADIATION PROTECTION & SECURITY INFRASTRUCTURE
Establishment of emergency planningand preparedness: cooperation
with National Disaster Center
Lead Agency for Radiological EmergencyLaunch inter-agency
National Drill
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
Technical Support Organization:Nuclear Malaysia Agency
Cooperation with relevant government agencies have been
established:
Ministry of Health, Royal Customs Malaysia, Royal Malaysian
Police etc.
ADOPTIONCodeofConductonTheSafetyandSecurityofRadioactiveSources
ApprovedbytheIAEABoardofGovernorson19S t b 2003
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
8
September2003
ApprovedbytheAELBBoardofMeetingonAugust2007
-
11/12/2008
3
3elementarydocumenttosupporttheimplementationCoC;
1. CategorizationofRadioactiveSources2.
SecurityofRadioactiveSources
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
9
3. GuidelinesonImportandExportofRadioactivesSources
CATEGORIZATIONOFRADIOACTIVESRSG1.9
Provideasimple,logicalsystemforrankingradioactivesourcesbasedontheirpotentialtocauseh
h h l h
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
10
harmtohumanhealthGroupingthepracticesinwhichthesesourcesareusedintodiscretecategories.
SECURITYOFRADIOACTIVESOURCES
Tecdoc1355
Intendedtoprovideguidancetoregulatorybody,manufacturers,suppliersandusersofsourcesindecidingwhichsecuritymeasuresareneededtoensureconsistencywiththeInternationalBasicSafetyStandardsandtheRevisedCodeofConduct
for the Safety and Security of
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
11
ConductfortheSafetyandSecurityofRadioactiveSources.
Itisrecognizedthattheremustbeabalancebetweenmanagingsourcessafelyandsecurely,whilestillenablingthemtobeusedbyauthorizedpersonnelwithoutunduehindrance
GUIDANCEONTHEIMPORTANDEXPORTOFRADIOACTIVESOURCES
ThisGuidanceprovidesacommonframework,tootherradioactivesourcesinadditiontoCategory1and2sources.
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
12
AggregationofsourcesthatmayposearisksimilartoCategory1or2sourceswillbeconsideredunderthecontextofthisGuidance
-
11/12/2008
4
OBJECTIVE
To ensure security of sources requires that measures be applied
to prevent unauthorized access to radioactive sources at all stages
of their life cycle, as well as loss, theft, and unauthorized
transfer of sources
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
,To ensure the safety of radioactive sources requires
controlling exposure to radiation from sources, both directly and
as a consequence of incidents, so that the likelihood of harm
attributable to such exposure is very lowSecurity is therefore a
prerequisite for safety
13
Definitions
Design basis threat for sources means the attributes and
characteristics of potential insider and/or external adversaries,
who might attempt damage to, or unauthorized removal of,
radioactive sources , against which a physical protection system is
designed and evaluated
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
and evaluated
Security means measures to prevent unauthorized access or damage
to, and loss, theft or unauthorized transfer of, radioactive
sources
Security culture means characteristics and attitudes in
organizations and of individuals, which establish that security
issues receive the attention warranted by their significance
14
DefinitionsSafety means measures intended to minimize the
likelihood of accidents with radioactive sources and, should such
an accident occur, to mitigate its consequences
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
Safety culture means the assembly of characteristics and
attitudes in organizations and individuals which establishes that,
as an overriding priority, protection and safety issues receive the
attention warranted by their significance
Accounting means physically checking that all sources are
present in their expected location. This may be satisfied by an
appropriate radiation survey.
15
Definitions
Inventorying means a campaign to physically check all sources
possessed, by specifically and uniquely identifying each individual
source using
i t h i l b
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
appropriate means such as serial numbers.
Principal parties means the person having the main
responsibilities for the application of the basic safety standards.
These are registration of licensees.
16
-
11/12/2008
5
Overall strategy
Prevention of acquisition of radioactive sources by those with
malevolent intent. This includes measures to:
Deter (prevent) unauthorized access to the source or source
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
Deter (prevent) unauthorized access to the source, or source
location, in order to deter theft;detect any such attempts at
unauthorized access;delay unauthorized access or theft;provide
rapid response to attempts at unauthorized access or theft.
17
Threat assessment
The use of a design basis threat assessment methodology is
recommended as the best method to design the security measures for
specific sources.
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
A detailed design basis threat assessment methodology to define
the appropriate level of security consists of the following
activities
Characterize the source, its type, nature and applicationPerform
an assessment of the potential threat within the country as a
whole, based on information from security and intelligence
experts.
18
Threat assessment
Evaluate the potential consequences of successful actions to
acquire the sourceDetermine, based on the assessment of threat and
potential consequences a design basis threat against
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
potential consequences, a design basis threat against which the
security should be designed and evaluated.Perform a vulnerability
analysis for the specific source, or sources against this design
basis threat
19
Performance objectives for security groups
four security groups are defined based on these fundamental
protection capabilities. They provide a systematic way of
categorizing the graded performance objectives required to cover
the range of security
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
j q g ymeasures that might be needed, depending on the assessed
risk
Security Group A:
Security Group B:Security Group C:Security Group D:
20
-
11/12/2008
6
Security Group A
Measures should be established to deter unauthorized access, and
to detect unauthorized access and acquisition of the
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
qsource in a timely manner. These measures should be such as to
delay acquisition until response is possible
21
Security Group B:
Measures should be established to deter unauthorized access, and
to detect unauthorized access and acquisition of the
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
qsource in a timely manner.
22
Security Group C:
Measures should be established to deter unauthorized access
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
verify the presence of the source at set intervals
23
Security Group D
Measures should be established to ensure safe use of the source
and adequately protect it as an asset, verifying its
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
p , y gpresence at set intervals.
24
-
11/12/2008
7
Security Group (Gauging)Security Group A Security
Group BSecurity Group C
Security Group D
Safe management and protect as an asset
Deter (prevent) unauthorized access
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
(p )
Timely detection of unauthorized access
Timely detection of unauthorized acquisition of the radioactive
source
Verification of source presence at setintervalsDelay
acquisition
until response is possible
25
Assignment of radioactive sources to security groups
most effectively achieved by using the outcomes of the threat
assessment
the IAEA has developed a revised Categorization of
Radioactive
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
Sources (IAEA-TECDOC-1344)
sources in Categories 1 to 3 generally have the possibility of
giving rise to exposure sufficient to cause severe deterministic
effects if they are uncontrolled
26
Security groups based upon source categorization
SecurityGroup
SourceCategory
Examples of practices
A 1 Radioisotope RTGs)IrradiatorsTeletherapy Fixed multi-
knife)
2 Industrial radiography
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
B 2Industrial radiographyHigh/medium dose rate brachytherapy
3 Fixed industrial gauges (e.g. level, dredger, conveyor)Well
logging gauges
C 4Low dose rate brachytherapy (except those
below)Thickness/fill-level gaugesPortable gauges (e.g.
moisture/density)Bone densitometerStatic eliminators
D 5 Low dose rate brachytherapy eyeplaques and permanent implant
sourcesX ray fluorescence devicesElectron capture devices
27
Source Category 1 & 2
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
-
11/12/2008
8
Source Category 3,4 & 5
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
TYPES OF SPECIFIC SECURITY MEASURES
Administrative measuresaccess control procedures;alarmed access
points (e.g. with radiation detectors);key control procedures;
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
key control procedures;video cameras or personal
surveillance;records related to management of sources;inventories;
regulations and guidance;reliability and trustworthiness of
personnel;information security;establishment of a safety culture
and a security culture.
30
TYPES OF SPECIFIC SECURITY MEASURES
Technical measuresfences;walls;
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
cages;transport packaging;locks and interlocks for doors;locked,
shielded containersintrusion-resistant source-holding devices.
31
Licensee ResponsibilityLicensees bear the responsibility for
setting up and implementing the technical and organizational
measures that are needed for ensuring both the safety and security
of the sources for which they are authorized.
Licensees should ensure that:Sources are managed in accordance
with the authorization.
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
Sources are managed in accordance with the authorization.When
sources are not in use, they are promptly stored in an approved
manner. Storage should be in accordance with the requirements for
the group to which the source belongs.Any transfer of sources to
another person is documented and that person is authorized in
accordance with the applicable regulatory requirements to receive
the transferred source.Financial provisions in accordance with the
regulatory requirements for the safe management of disused sources
are in place.Sources are shipped and received in accordance with
regulatory requirements.
-
11/12/2008
9
Licensee Responsibility
Individuals (radiation worker) with assigned responsibility for
sources
Reliable
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
ReliableAuthorizedProper training
Inventories and RecordsAll sources should be inventoried at
least on an annual basis and should be maintained and updated as
follows:
The routine inventoryWhenever the recorded parameters change and
particularlyWhenever sources are transferred
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
The records should include the following particulars:Location of
the sourceRadionuclideRadioactivity on a specified dateSerial
number or unique identifierPhysical formSource use historyReceipt,
transfer or disposal of the source
Status and Event Reporting System
Unusual events to be reported to the Regulatory Authority could
include:
Loss of control over a radioactive source
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
Unauthorized access to, or unauthorized use of a sourceMalicious
acts threatening authorized activitiesDiscovery of any unaccounted
source.
Specific Security Measures
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
Measures
36
-
11/12/2008
10
Specific Security Measures
Groups A and B, a basis is needed for the design of the
appropriate delay and detection devices.
For security groups C and D there is less need for a
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
For security groups C and D, there is less need for a design
basis threat approach and application of existing standards is an
appropriate approach
A summary of recommended measures described below is given as
follows:
Group A Group B Group C Group DGeneral administrative
measures
Daily accounting Weakly accounting Semi-annual accounting
annual accounting
Access control to sources location allowing timely detection of
unauthorized access
Access control to sources location
No specific provision
Deterrence (prevent) provided by:
A. 2 tech measures B. 2 measures (1 tech measure)
C. 1 tech measures
S ifi l G i
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
Routine measures to ensure safe used and protect as and
asset
Specific emergency response plan Generic emergency response
plan
Background checks
Security plan
Information security
Upgrade security for increase threat
Timely detection provided by:
A: Remotely monitored intruder alarm
B: Local alarm
Timely response to an alarm
Security Group A and B
Emergency response planSpecific emergency response procedures
should be developed.
Background check
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
ac g ou d c ecLicensees should ensure that persons engaged in
the management of group A and B sources are trustworthy
Information securityInformation or documents that can be used to
identify specific locations, specific security measures or
weaknesses in principal partys system of management of sources
should be controlled and distributed.
Security Group A and B
Response to an increased threatThe planning for response to an
increased threat of malevolent use should take place in close
cooperation with the Regulatory Authority
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
Security plansThe security plan should describe how the security
provisions in this document are met for the source(s) under
consideration
40
-
11/12/2008
11
Security Group ASources in storage
a locked and fixed container or a device holding the source;a
locked storage room, separating the container from unauthorized
personnel;access control to the storage room;detection of
unauthorized access or removal of the source;
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
ability to respond in a timely manner to such detection.stored
in a shielded container, which is locked;kept in an enclosed,
secured vehicle;the vehicle parked inside a locked compound or
locked garage;the vehicle subject to continuous detection of
unauthorized intrusion attempts and thereshould be the capability
to respond to intrusion.
Hh 41
Security Group A
Sources in transportbackground checks on trustworthiness of the
transport organization and operatives;deterrence through use of
transport packages locked and sealed
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
deterrence through use of transport packages locked and sealed
and in a dedicatedtransport unit, which is locked;timely detection
through radio communication between the personnel in the vehicle
anda security office or organization;response through security
trained transport operatives;emergency plan developed to deal with
emergencies in transit
42
Security Group B
Sources in storagea locked and fixed container or a device
holding the source;a locked room to separate the container from
unauthorized access;
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
access;access control to the room;ability to detect unauthorized
access to, or removal of the source.
43
Security Group B
Sources in transportTransport of Security Group B sources should
satisfy the performance requirements for
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
y p qsecurity for this group. comply with national and
international legislation and agreements on security in
transport
44
-
11/12/2008
12
Security Group CSources in transport
Transport of Security Group B sources should satisfy the
performance requirements for security for this groupcomply with
national and international legislation and
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
agreements on security in transport
Sources in storagesources could be stored in a locked, fixed
container and in a room with control on access.
45
Security Group D
ensure safe use of the source and adequately protect it as an
asset, verifying its presence at set intervals.
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
comply with national and international legislation and
agreements on security in transport
46
TEMPORARY STORAGE
emergency or the discovery of an orphan source
sources should be removed from a temporary
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
p ystorage to a designated facility as soon as practicable, with
the objective that no source is stored temporarily for greater than
30 days
47
Thank you
Security Awareness Expert
Grouphttp://www.aelb.gov.myhttp://ansn.aelb.gov.my
48