[House Hearing, 108 Congress]
[From the U.S. Government Publishing Office]





       HOMELAND SECURITY: MONITORING NUCLEAR POWER PLANT SECURITY

=======================================================================

                                HEARING

                               before the

                   SUBCOMMITTEE ON NATIONAL SECURITY,
                   EMERGING THREATS AND INTERNATIONAL
                               RELATIONS

                                 of the

                              COMMITTEE ON
                           GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED EIGHTH CONGRESS

                             SECOND SESSION

                               __________

                           SEPTEMBER 14, 2004

                               __________

                           Serial No. 108-265

                               __________

       Printed for the use of the Committee on Government Reform


  Available via the World Wide Web: http://www.gpo.gov/congress/house
                      http://www.house.gov/reform

                                 ______

                    U.S. GOVERNMENT PRINTING OFFICE
98-358                      WASHINGTON : 2005
_____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512�091800  
Fax: (202) 512�092250 Mail: Stop SSOP, Washington, DC 20402�090001

                     COMMITTEE ON GOVERNMENT REFORM

                     TOM DAVIS, Virginia, Chairman
DAN BURTON, Indiana                  HENRY A. WAXMAN, California
CHRISTOPHER SHAYS, Connecticut       TOM LANTOS, California
ILEANA ROS-LEHTINEN, Florida         MAJOR R. OWENS, New York
JOHN M. McHUGH, New York             EDOLPHUS TOWNS, New York
JOHN L. MICA, Florida                PAUL E. KANJORSKI, Pennsylvania
MARK E. SOUDER, Indiana              CAROLYN B. MALONEY, New York
STEVEN C. LaTOURETTE, Ohio           ELIJAH E. CUMMINGS, Maryland
DOUG OSE, California                 DENNIS J. KUCINICH, Ohio
RON LEWIS, Kentucky                  DANNY K. DAVIS, Illinois
TODD RUSSELL PLATTS, Pennsylvania    JOHN F. TIERNEY, Massachusetts
CHRIS CANNON, Utah                   WM. LACY CLAY, Missouri
ADAM H. PUTNAM, Florida              DIANE E. WATSON, California
EDWARD L. SCHROCK, Virginia          STEPHEN F. LYNCH, Massachusetts
JOHN J. DUNCAN, Jr., Tennessee       CHRIS VAN HOLLEN, Maryland
NATHAN DEAL, Georgia                 LINDA T. SANCHEZ, California
CANDICE S. MILLER, Michigan          C.A. ``DUTCH'' RUPPERSBERGER, 
TIM MURPHY, Pennsylvania                 Maryland
MICHAEL R. TURNER, Ohio              ELEANOR HOLMES NORTON, District of 
JOHN R. CARTER, Texas                    Columbia
MARSHA BLACKBURN, Tennessee          JIM COOPER, Tennessee
PATRICK J. TIBERI, Ohio              BETTY McCOLLUM, Minnesota
KATHERINE HARRIS, Florida                        ------
------ ------                        BERNARD SANDERS, Vermont 
                                         (Independent)

                    Melissa Wojciak, Staff Director
       David Marin, Deputy Staff Director/Communications Director
                      Rob Borden, Parliamentarian
                       Teresa Austin, Chief Clerk
          Phil Barnett, Minority Chief of Staff/Chief Counsel

 Subcommittee on National Security, Emerging Threats and International 
                               Relations

                CHRISTOPHER SHAYS, Connecticut, Chairman

MICHAEL R. TURNER, Ohio
DAN BURTON, Indiana                  DENNIS J. KUCINICH, Ohio
STEVEN C. LaTOURETTE, Ohio           TOM LANTOS, California
RON LEWIS, Kentucky                  BERNARD SANDERS, Vermont
TODD RUSSELL PLATTS, Pennsylvania    STEPHEN F. LYNCH, Massachusetts
ADAM H. PUTNAM, Florida              CAROLYN B. MALONEY, New York
EDWARD L. SCHROCK, Virginia          LINDA T. SANCHEZ, California
JOHN J. DUNCAN, Jr., Tennessee       C.A. ``DUTCH'' RUPPERSBERGER, 
TIM MURPHY, Pennsylvania                 Maryland
KATHERINE HARRIS, Florida            JOHN F. TIERNEY, Massachusetts
                                     DIANE E. WATSON, California

                               Ex Officio

TOM DAVIS, Virginia                  HENRY A. WAXMAN, California
            Lawrence J. Halloran, Staff Director and Counsel
                  J. Vincent Chase, Chief Investigator
                        Robert A. Briggs, Clerk
             Andrew Su, Minority Professional Staff Member


                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on September 14, 2004...............................     1
Statement of:
    Matthiessen, Alex, Director, Hudson Riverkeeper, Garrison, 
      NY; David Lochbaum, Union of Concerned Scientists, 
      Washington, DC; and Marvin Fertel, vice president and chief 
      nuclear officer, Nuclear Energy Institute, Washington, DC..   115
    Reyes, Luis, Executive Director of Operations, Nuclear 
      Regulatory Commission, accompanied by Roy P. Zimmerman, 
      Director, Office of Nuclear Security and Incidence 
      Response, Nuclear Regulatory Commission....................    32
    Wells, Jim, Director, Natural Resources and Environment, 
      Government Accountability Office, accompanied by Raymond H. 
      Smith, Jr. Assistant Director; and Kenneth E. Lightner, 
      Jr., Senior Analyst........................................    73
Letters, statements, etc., submitted for the record by:
    Fertel, Marvin, vice president and chief nuclear officer, 
      Nuclear Energy Institute, Washington, DC, prepared 
      statement of...............................................   149
    Kucinich, Hon. Dennis J., a Representative in Congress from 
      the State of Ohio:
        Letter dated August 18, 2004.............................    30
        Letter dated August 19, 2004.............................    22
        Prepared statement of....................................     4
    Lochbaum, David, Union of Concerned Scientists, Washington, 
      DC, prepared statement of..................................   141
    Maloney, Hon. Carolyn B., a Representative in Congress from 
      the State of New York, prepared statement of...............    13
    Matthiessen, Alex, Director, Hudson Riverkeeper, Garrison, 
      NY, prepared statement of..................................   119
    Reyes, Luis, Executive Director of Operations, Nuclear 
      Regulatory Commission, prepared statement of...............    35
    Shays, Hon. Christopher, a Representative in Congress from 
      the State of Connecticut, prepared statement of............    19
    Wells, Jim, Director, Natural Resources and Environment, 
      Government Accountability Office, prepared statement of....    77
    Zimmerman, Roy P., Director, Office of Nuclear Security and 
      Incidence Response, Nuclear Regulatory Commission:
        Information concerning force-on-force exercises..........   110
        Information concerning licensee employees................   108

 
       HOMELAND SECURITY: MONITORING NUCLEAR POWER PLANT SECURITY

                              ----------                              


                      TUESDAY, SEPTEMBER 14, 2004

                  House of Representatives,
Subcommittee on National Security, Emerging Threats 
                       and International Relations,
                            Committee on Government Reform,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 10:05 a.m., in 
room 2247, Rayburn House Office Building, Hon. Christopher 
Shays (chairman of the subcommittee) presiding.
    Present: Representatives Shays, Platts, Duncan, Kucinich, 
Sanders, Maloney, Ruppersberger, Tierney, and Watson.
    Staff present: Lawrence Halloran, staff director and 
counsel; J. Vincent Chase, chief investigator; Robert A. 
Briggs, clerk; Andrew Su, minority professional staff member; 
and Jean Gosa, minority assistant clerk.
    Mr. Shays. A quorum being present, the Subcommittee on 
National Security, Emerging Threats and International Relations 
entitled Homeland Security: Monitoring Nuclear Power Plant 
Security is called to order.
    I have a statement. I am going to catch my breath, and I am 
going to ask the ranking member to start, and then I will make 
my opening statement.
    Mr. Kucinich. I want to thank the chairman, as always, for 
his diligence in matters of security in calling these hearings 
and indicate my appreciation for the attention that you pay to 
these matters.
    Good morning to the Chair and members of the subcommittee 
and to our witnesses here today. I welcome this opportunity to 
discuss nuclear security in open session. As both Congress and 
the public have been stymied for far too long and getting 
truthful answers to many questions we have about nuclear safety 
and security.
    Three years ago, two incidents shook the faith of the 
American people in our security. The first, of course, was the 
tragic attack on our country by terrorists on September 11.
    The other less-known incident was the hidden problem going 
on at the Davis-Besse nuclear reactor in Ohio. These are the 
facts.
    In February 2001 the Nuclear Regulatory Commission began 
investigating an aging mechanism that often caused cracking in 
reactors. As a result of these findings in late 2001, the NRC 
determined that the Davis-Besse plant was at risk and should 
shut down by December 31, 2001. FirstEnergy, the plant owner, 
resisted the order, claiming it should stay open without 
incident until March 2002. FirstEnergy argued that a shutdown 
would cause an unnecessary financial burden.
    Rather than following its own safety procedures and 
shutting down Davis-Besse, the NRC relented and allowed the 
plant to operate until February 2002. After the Davis-Besse 
plant had been shut down, workers repairing one of five cracked 
control rod nozzles discovered extensive damage to the reactor 
vessel head. The workers found a large corroded hole the size 
of a football in the reactor vessel head next to one of the 
nozzles. The GAO concluded in a scathing report on May 2004 
that the risk estimate used by the NRC to decide whether the 
plant needed to be shut down was flawed.
    The NRC severely underestimated the risk Davis-Besse posed, 
even exceeding risk levels generally considered acceptable by 
the Agency. The GAO report shows that the NRC was ill-equipped, 
ill-informed, and far too slow to react. The NRC's reaction to 
Davis-Besse was inadequate, irresponsible and left the public 
at great risk.
    The NRC later reported that the plant might have been as 
close as 60 days to bursting its rust, damaged lid. 
Fortunately, the health of tens of thousands of Ohio residents 
was not harmed, but this was a disaster waiting to happen. 
Let's talk about security.
    So, Mr. Chairman, it's very difficult for me to sit here 
today and to listen without objectivity as the NRC and the 
nuclear industry lobbyists tell us how much has been spent, how 
much security has improved in the last 3 years. The facts and 
independent experts tell us differently.
    For example, we know that one security firm, Wackenhut, 
provides nearly half of the guard forces at our Nation's 
nuclear sites. Yet, as was documented by the Department of 
Energy's Inspector General, the report in January of this year 
questions surround Wackenhut's competency and objectivity to 
fulfill this crucial mission. The DOE Inspector General found 
that in simulation attack drills, Wackenhut attackers told the 
Wackenhut guard defenders the buildings that were being 
attacked, the targets at those buildings and whether a 
diversionary tactic would be used.
    The IG also noted an industry-funded study found that as 
many as 50 percent of the guard forces in a New York plant did 
not meet physical fitness requirements, guards reported for 
duty drunk, worked 70 to 80 hours per week and were allowed to 
repeat weapons qualifying tests until they passed them.
    In spite of this poor record, and obvious conflict of 
interest, the commercial industry still decided to hire 
Wackenhut to provide the attack teams in force-on-force drills 
at NRC commercial sites. This could be called a case of the fox 
guarding the hen house and anyone with a shred of common 
sense--it's a poor decision. It undermined public trust and 
raises serious questions on who is making the decisions at the 
NRC. Understandably, the NRC has decided that the less it says 
the better. It has polled public security information from its 
Web site. It has restricted public access by public interest 
groups to information by requiring none disclosure forms or 
thorough reclassification, even if the information was 
previously unclassified.
    Mr. Chairman, I would like to submit two documents for the 
record. The first is a letter from Public Citizen to the NRC 
dated August 19th; and the second is a Freedom of Information 
Act request submitted by a coalition of public interest groups 
dated August 18th. Both documents question the rational behind 
the NRC's announcement in August 2004 that ``certain security 
information formally included in the reactor oversight process 
will no longer be publicly available and will no longer be 
updated in the NRC's Web site.''
    The same information, including performance indicators and 
physical inspection information, was available on the NRC Web 
site after September 11. It was temporarily pulled from the Web 
site for review and returned to it after it was deemed to have 
no value to potential terrorists.
    What has changed to make this information unacceptable for 
public review? Since the NRC won't hold public hearings, it's 
up to this subcommittee to find out. Mr. Chairman, we all know 
that these nuclear plants are decades old and they are 
decaying. Yet despite the billions of dollars spent to upgrade 
security at these nuclear plants, the NRC clearly has a long 
ways to go before it can restore public trust in its position. 
I have to wonder if an incident such as if this happened at 
Davis-Besse in Ohio happened today, whether the NRC would tell 
us about it. The NRC should work to allay public fears about 
public safety not to foster them. I really look forward to 
hearing your testimony. Thank you.
    [The prepared statement of Hon. Dennis J. Kucinich 
follows:]

[GRAPHIC] [TIFF OMITTED] T8358.001

[GRAPHIC] [TIFF OMITTED] T8358.002

[GRAPHIC] [TIFF OMITTED] T8358.003

[GRAPHIC] [TIFF OMITTED] T8358.004

[GRAPHIC] [TIFF OMITTED] T8358.005

[GRAPHIC] [TIFF OMITTED] T8358.006

    Mr. Shays. Thank you, gentlemen. At this time the Chair 
would recognize Mr. Turner.
    Mr. Turner. Thank you, Mr. Chairman.
    Mr. Chairman, I want to thank you for your leadership in 
reviewing the issues of our terrorist attack preparedness, both 
at our nuclear weapons facilities and our power plants; in your 
efforts in reviewing our terrorist attack preparedness both of 
in our nuclear weapons facilities and our power plants; and 
your efforts in reviewing terrorist attack preparedness of 
making America's families safer.
    The security of nuclear facilities--both weapons facilities 
and power plants, is an issue this committee has examined 
through several hearings. In dealing with the security of 
nuclear weapons facilities, the subcommittee has learned that 
DOE needs to update its designed basis threat to meet the 
current security situation, including upgrading equipment, 
training and its security force.
    Our nuclear power plants, though they don't contain 
weapons, are just as important to protect. They are designed 
and built to withstand many natural disasters. But we must make 
sure as a Nation that we do all we can to protect these energy 
sources from foreseeable attack.
    In earlier hearings, we found that DOE has not developed as 
strong a relationship with DOD in regard to the sharing of 
resources and information. I look forward from hearing from our 
witnesses today concerning issues of coordinations of their 
efforts with DOD and other Federal agencies, and whether they 
are taking all available steps and precautions to ensure that 
the proper equipment is available to secure these nuclear power 
plants.
    Thank you, Mr. Chairman.
    Mr. Shays. I thank the gentleman.
    The Chair would recognize Carolyn Maloney.
    Mrs. Maloney. Thank you.
    Well, first of all, Chairman Shays, I want like to thank 
you for your consistent oversight on terrorism and ways to make 
our country safer. I think you have really done an outstanding 
job. I thank you on behalf of my constituents.
    I would like to welcome all of our witnesses, particularly 
Mr. Alex Matthiessen, director of the Hudson Riverkeeper from 
the State of New York.
    The purpose of this hearing is to discuss how adequate are 
the security measures recommended by the Nuclear Regulatory 
Commission to protect power plants from terrorist attacks. We 
know that since September 11, there have been some positive 
steps, but 3 years later, many still have serious and well-
founded concerns about the safety of our nuclear power plants. 
Required preparations for attacks are specified in the 
classified design basis threat, the DBT. And a new DBT for 
nuclear plants is set to be implemented by the end of next 
month by updating requirements are welcomed. There are several 
concerns about the thoroughness and implementation of the DBT.
    One of the greatest concerns is that these new security 
requirements do not include an analysis on the impact of an 
attack similar to the one on the World Trade Center. The NRC 
has announced that this review is underway, but no analysis has 
been completed. This is 3 years later, and I want to know why.
    I absolutely do not understand why it has not been done 
when we know that after the September 11 attacks and after the 
9/11 Commission reported, that on the list of initial targets 
proposed by al Qaeda leaders, included planes attacking and 
flying into nuclear power plants. Khalid Shaikh Mohammed 
recommended that, and that's spelled out in the 9/11 Commission 
report.
    I would like to hear from our witnesses on the status this 
analysis. It's a very serious threat to our country. Not only 
does this plan not include the threat of an aviation attack. 
The GAO found that it will take several more years before the 
NRC will have assurances that the plants are protected against 
the terrorist threats--included in the new DBT--and they will 
not have detailed knowledge about security at individual 
facilities to insure that these plants provide the protections 
included in the DBT.
    My understanding, based on the submitted testimony of the 
GAO, that this is caused because the NRC's review of the new 
security plans has been rushed largely superficial and because 
the NRC reviewers are not visiting the plants to obtain details 
about the plants and view how they work with the plants 
facilities.
    Additionally, I am told it will take up to 3 years for the 
NRC to test implementation of all the new plans through the 
force-on-force exercises. And I would like to hear more from 
the witnesses on these shortcomings.
    Regarding the force-on-force exercises, I am interested to 
hear from the NRC and the Nuclear Energy Institute on the 
implementation of these exercises.
    Earlier this year NEI chose Wackenhut security to provide 
the attack teams in the force-on-force drills at NRC commercial 
sites. And we just heard from Mr. Kucinich, an outline of many 
of the problems there. They did provide security at Indian 
Point No. 2 nuclear power plant, which is less than 35 miles 
from the district that I represent.
    The utility Interenergy, that had recently acquired the 
plant, hired a consultant to conduct a probe of security at the 
facility and found Wackenhut lacking dramatically. I have a 
list of problems they had. Only 19 percent of the security 
officers stated that they could adequately defend the plant. 
And I would like to place all of them in the record.
    But they have not improved from there, and Interenergy 
subsequently terminated Wackenhut's contract as a result of 
their findings. I would like to put the findings in the record 
to save time----
    Additionally, Wackenhut provides security for close to half 
of all of the nuclear power plants now. And by allowing them to 
provide the attack teams on a company with a troubling record 
will be basically having Wackenhut police themselves--and I 
refer again to the testimony of Mr. Kucinich--where they were 
telling them where they were going to attack and etc.
    So I think that this is worse than the so-called fox 
guarding the hen house that Mr. Kucinich referenced. It is not 
an apparent conflict of interest, but a blatant conflict of 
interest. And they definitely should not be the ones doing the 
attack.
    Finally, the testimony submitted by GAO states, and it was 
very, very troubling, ``the NRC does not plan to make 
improvement to their inspection program that GAO previously 
recommended and still believes is absolutely necessary. So 
first of all, I want to know why they are not going to make the 
improvements that GAO recommended. For example, NRC is not 
following up to verify that all violations of security 
requirements are corrected.''
    And I would like an explanation from the NRC on this 
important question, and why they do not plan to follow some of 
the recommendations that the GAO believes is so necessary. So I 
thank the chairman for this oversight hearing. It's important 
and I yield back the balance of my time.
    [The prepared statement of Hon. Carolyn B. Maloney 
follows:]

[GRAPHIC] [TIFF OMITTED] T8358.007

[GRAPHIC] [TIFF OMITTED] T8358.008

    Mr. Shays. I thank the gentlelady.
    At this time the Chair would recognize John Duncan from 
Tennessee.
    Mr. Duncan. Thank you, Mr. Chairman.
    I remember a few days after the original and horrible 
events of September 11, I was eating dinner and meeting with 
several Members of the House. And Congressman Callahan, who at 
that point was a senior member of the Appropriations Committee, 
estimated that we would spend--he said over $1\1/2\ trillion 
over the next 5 years on security measures. I thought then that 
his estimate was extremely high. No one challenged him on it.
    But I know that just a couple of months ago, Federal 
Express--just one company--said they spent an extra $200 
million on security that they wouldn't have spent.
    After the last hearing on this subject, I sent letters to 
five Department of Energy laboratories and BWXTY 12 just to ask 
them how much their security measures had increased. I got back 
these responses. And a 40 percent increase in security spending 
on Oak Ridge National Laboratory, a 51 percent increase at the 
Savannah River National Laboratory, 50 percent increases at 
Argon and a separate 50 percent increase at BWXTY-12.
    In addition, we checked with the Tennessee Valley 
Authority, and their security spending has gone up by 60 
percent since September 11, and that doesn't count $30 million 
extra that they spent after some Nuclear Regulatory Commission 
ordered some special measures after April 2003.
    Security is very, very important, and I don't know if 
Congressman Callahan was way off on his $1\1/2\ trillion, but 
there are always companies, there are all kinds of security 
companies now that have gotten into this market and are doing 
everything they can to sensationalize and scandalize these 
matters and exaggerate the problem so that they can make more 
money.
    And I am not saying not do anything with regard to 
security. But if you stop to think about it, if we do--if 
Congressman Callahan was anywhere close to being right--that's 
$1 trillion or $1\1/2\ trillion that we are not spending on 
schools, medical research, highways to cut down on the deaths 
on our Nation's highways, or many, many other good things, 
whether you might like libraries, national parks or whatever.
    And I think back to former Governor Gilmore of Virginia, 
who was the chairman of the Commission on Terrorism that the 
President appointed. After his Commission studied the issue of 
terrorism, he sent this in a cover letter with their reporting, 
and Governor Gilmore said there will never be 100 percent 
guarantee of security for our people, the economy and our 
society. We must resist the urge to seek total security. It is 
not achievable and drains our attention from those things that 
can be accomplished.
    I just think that we have to make sure that we take serious 
steps about security, but we also have to make sure that we 
don't give terrorists undeserved victories by going totally 
ridiculously overboard on this and that we don't do it simply 
because there's some companies out here that want to make some 
more money.
    So, with that, I think it's good to keep holding these 
hearings to make sure that we do have a reasonable and rational 
response to some of these problems.
    Thank you, Mr. Chairman.
    Mr. Shays. I thank the gentleman.
    At this time the Chair would recognize Mr. Ruppersberger 
from Maryland.
    Mr. Ruppersberger. First, Chairman Shays, I agree with Mrs. 
Maloney that you have done an excellent job as leader this 
committee and brings a lot of problems as it relates to 
national security to the attention of this committee. I just 
hope that as a body of Congress we can hope implement some of 
the issues that we have learned in these hearings.
    The issue of security with respect to nuclear plants, we 
know that it's very, very important. Our intelligence shows 
that al Qaeda clearly has made our nuclear plants a target and 
that was also confirmed in the 9/11 Commission. Now, one of my 
areas of concern is, first, the issue of privatization and how 
we manage privatization. I don't have an issue with 
privatization. It works sometimes. Other times, it is not 
necessary when we deal with government.
    If you are going to privatize, whether it's Wackenhut's 
name has been mentioned today or anyone else. If we are going 
to pay to have someone other than government deal with the 
issue, we want efficiency and we want accountability.
    It seems to me that part of the NRC's responsibility is to 
hold all privatization, such as Wackenhut, accountable for 
performance. You read in here that people are coming to work 
intoxicated or they are not prepared or they don't have the 
physical standards, that concerns me. That's our fault too as 
the government or NRC because we have not held them liable.
    Now, one of my concerns is the issue of consistency in 
national policies and the regulation of nuclear power plants. 
This seems to be some conflict between the NRC regulatory 
abilities versus the privatized operations of the nuclear and 
commercial entities themselves.
    The security standards have already been changed, for 
example. We have a new design-based threat. DBT formula, which 
should be a good thing. The required force-on-force exercises 
have been increased to once every 3 years instead of every 8 
years. That's a good thing. The NRC has also issued more orders 
regarding augmenting barricades, security forces, patrols and 
restrict plant access.
    The Nuclear Energy Institute has claimed an increase of $16 
million per site toward security. Despite these changes, 
however, the reality of lapses in the security provided by and 
controlled through private industry remains.
    And I believe it will take real partnerships to resolve 
many of the critical changes we face in protecting nuclear 
sites. We must work toward resolving this situation without 
putting undue cost pressure upon the industry itself. I believe 
we as the government need to do better and working with the 
nuclear industry regarding threats and intelligence 
information. We need a true working partnership that provides a 
more thorough examination of how information is classified by 
NRC.
    We must not compromise secure security for public 
disclosure, but there must remain a balance for the industry to 
help keep industries secure these nuclear sites.
    Thank you.
    Mr. Shays. I thank the gentleman.
    At this time, Ambassador Watson, you have the floor.
    Ms. Watson. I just want to emphasize our role, Mr. 
Chairman, as the overseers, and I think that oversight has been 
lagging in the last session. I thank you for bringing to our 
attention this subject matter, but we are failing in our 
responsibility if we don't call in our witnesses, raise the 
right questions, and be sure they are performing in a 
responsible way. So thank you so very much.
    I think that our national security depends on the 
protection of our nuclear power plants, and what I have heard 
thus far in other hearings, tells us we have a lot to be 
worried about. So I hope that we will get new information in 
this hearing that will be helpful.
    Thank you, Mr. Chairman.
    Mr. Shays. I thank the gentlelady and appreciate her 
comments as well as all of the other Members.
    I would like to put my statement on the record as well and 
say that 3 years ago, the vulnerability of high-value 
structures to low-tech attack was seared in our national 
memory. Images of the collapsing Twin Towers and a smoldering 
hole in the Pentagon forced an assessment of safeguards and 
vulnerabilities at other critical facilities, including nuclear 
power plants.
    That assessment prompted some immediate steps by the 
Nuclear Regulatory Commission, the NRC, to strengthen security 
at the Nation's 65 reactor sites. Last year, we heard testimony 
from the NRC, the Government Accountability Office, GAO and 
others describing post-September 11 efforts to update security 
policies and practices to meet a dynamic new threat 
environment. But much of that testimony raised as many 
questions as were answered about the rigor of the NRC 
regulatory process, the realism of emergency response planning, 
the willingness of reactor operators to meet new security 
mandates and the pace of needed change.
    So we asked the GAO to monitor implementation of nuclear 
counterterrorism enhancements, including some recommended in 
earlier GAO reviews. Their initial findings depict a lengthy 
process that risk becoming more theoretical than actual. A new 
protection standard--or design basis threat--was not issued 
until April 2003. A rushed review of facility plans 
implementing the DBT could be completed next month. But that 
has been formulaic, wholly paper exercise. The NRC will not 
have complete, site-specific data, from force-on-force 
exercises to validate upgraded security plants for 3 more 
years. Even then, there may be no reasonable assurance plants 
are adequately protected.
    Suddenly--I think I am even one of them--the new DBT 
understates the true level of risk, meaning that security 
plants will have to be modified and tested again. Despite 
persistent efforts by reactor operators and regulators to 
minimize the risks of containment breach or spent fuel 
sabotage, surrounding communities and those further down wind, 
take little comfort from a cosy indulgent regulatory process 
that looks and acts very much like business as usual.
    Findings of security violations, illicit promises of, 
correction, but little NRC followup. Emergency response plans 
may not be current. Lessons learned are not shared. And a 
proposal to hire an attacking force from the same company used 
to protect several plants raises legitimate concerns about the 
integrity of future mandatory force-on-force exercises. There 
is no question nuclear power plants remain of abiding interest 
to terrorists.
    However, real questions remain. How and when the 
seriousness of that threat will be fully reflected in the 
substance and speed of critical countermeasures.
    As we continue to pursue these questions, the subcommittee 
sincerely appreciates the experience and expertise brought to 
the discussion by all our witnesses. We look forward to their 
testimony.
    Taking care of some general business, I ask unanimous 
consent that all members of the subcommittee be permitted to 
place an opening statement in the record and that the record 
remain open for 3 days for that purpose.
    Without objection, so ordered.
    I ask further unanimous consent that all witnesses be 
permitted to include their written statements in the record and 
without objection, so ordered.
    [The prepared statement of Hon. Christopher Shays follows:]

    [GRAPHIC] [TIFF OMITTED] T8358.009
    
    [GRAPHIC] [TIFF OMITTED] T8358.010
    
    Mr. Kucinich. Mr. Chairman.
    Mr. Shays. Yes.
    Mr. Kucinich. These are the letters I would ask to be 
entered into the record.
    Mr. Shays. This is from the Union of Concerned Scientists 
without objection dated August 19th. We will add that to the 
record.
    [The information referred to follows:]

    [GRAPHIC] [TIFF OMITTED] T8358.011
    
    [GRAPHIC] [TIFF OMITTED] T8358.012
    
    [GRAPHIC] [TIFF OMITTED] T8358.013
    
    [GRAPHIC] [TIFF OMITTED] T8358.014
    
    [GRAPHIC] [TIFF OMITTED] T8358.015
    
    [GRAPHIC] [TIFF OMITTED] T8358.016
    
    [GRAPHIC] [TIFF OMITTED] T8358.017
    
    Mr. Kucinich. There is a letter right behind the it.
    Mr. Shays. There is a letter right behind it. Let's get 
that one.
    Mr. Shays. And then a letter from Public Citizen dated 
August 18th. Both will be put in the record and without 
objection so ordered.
    [The information referred to follows:]

    [GRAPHIC] [TIFF OMITTED] T8358.018
    
    [GRAPHIC] [TIFF OMITTED] T8358.019
    
    Mr. Shays. We have and we are grateful to have our first 
panel, Mr. Luis Reyes, executive director of operations of the 
Nuclear Regulatory Commission and Mr. Roy P. Zimmerman, 
director, Office of Nuclear Security and Incidence Response, 
Nuclear Regulatory Commission.
    What we are going to do is we are going to have them make 
their statements. We will go through a 5-minute round of 
questioning. We are then going to have the GAO make their 
statement, ask them questions and then do a second round to our 
first panel separately afterwards. We appreciate our first 
panel being willing to do it. It's to everyone's advantage to 
have that kind of dialog, and that makes me feel good that you 
recognize that and I appreciate it.
    So with that, we would ask you to stand and swear you in as 
we swear all our witnesses.
    [Witnesses sworn.]
    Mr. Shays. Note for the record our witnesses are responding 
in the affirmative. Is there anyone I should have asked in your 
staff that may need to respond? If so, it may make sense for me 
to swear them in.
    Mr. Reyes. No, Roy and myself are the ones doing the 
testimony.
    Mr. Shays. OK. That's fine. That's great.
    With that, Mr. Reyes, you have the floor and am happy to 
have with your statement.

  STATEMENTS OF LUIS REYES, EXECUTIVE DIRECTOR OF OPERATIONS, 
NUCLEAR REGULATORY COMMISSION, ACCOMPANIED BY ROY P. ZIMMERMAN, 
 DIRECTOR, OFFICE OF NUCLEAR SECURITY AND INCIDENCE RESPONSE, 
                 NUCLEAR REGULATORY COMMISSION

    Mr. Reyes. Thank you.
    Mr. Chairman, members of the subcommittee, it is indeed a 
pleasure to appear before you today to discuss some of the 
efforts by the Nuclear Regulatory Commission.
    Mr. Shays. I am going to have you move that mic a little 
more in direct line with you.
    Mr. Reyes. OK. Is that any better?
    Mr. Shays. Yes. Just turn it this way. Thank you.
    Mr. Reyes. To the efforts by the Nuclear Regulatory 
Commission and its licensees with respect to security at 
nuclear power plants. The NRC has greatly enhanced requirements 
of licensees at nuclear power plants and conducted 
vulnerability assessments and identified mitigation strategies 
in order to improve security and evaluate potential threats. 
Nuclear power plants have maintained a strong safety and 
security measures and were designed to withstand catastrophic 
events including fire, flood, earthquakes and tornados.
    Security at nuclear facilities across the country has long 
been the subject of NRC regulatory oversight, dating back to 
the 1970's. And nuclear power plants have been required to 
implement security problems that are capable of defending 
against violent assault by well-armed, well-trained 
adversaries.
    Nuclear power facilities have likely been among the best 
protected commercial facilities in the Nation prior to 
September 11, 2001 and remain so today. However, the September 
11th terrorist attacks on the United States brought to light a 
new and more immediate threat to our country.
    To cope with these changes in the threat environment, the 
NRC undertook a reassessment of its safeguards and security 
programs to identify from actions, and long-term enhancements 
that will raise the level of security at the nuclear facilities 
across the country.
    Since the terrorist attacks, the NRC has ordered as 
licensee to take specific actions to security at their 
facilities and to amend the protection of the nuclear materials 
they possess. We believe that this comprehensive act also 
effectively addressed major congressional concerns about the 
adequacy of security in the new threat environment. We 
recognize though that security would be further enhanced in the 
five legislative proposals that the Commission has submitted to 
Congress which are appended to our testimony are promptly 
enacted.
    My full statement submitted for the record provides a 
summary of the numerous post-September 11 actions and 
enhancement to raise the level of security at nuclear 
facilities.
    This includes a series of orders through all nuclear power 
licensees beginning in February 2002 to formally incorporate 
specific compensatory measures into the search safeguards and 
security programs. This enhancement of security included 
increased security patrols, augmented security forces, 
additional security posts, increased vehicle span of distances 
and improved coordination with law enforcement.
    In the months since those orders were issued, there has 
been coordination with the regulated industry and 
representatives of the Federal, State and local government 
agencies that would be called upon to support the licensees 
response to a potential terrorist attack.
    Also, following the September 11, 2001 attacks, the NRC 
began a reassessment of the design basis threat [DBT]. As a 
result, the threat characteristic set forth in NRC regulations 
were supplemented by orders issued to power reactors and to 
certain field cycle facilities.
    The NRC's currently reviewing licensee revised security 
plants for nuclear power plants and certain nuclear fuel 
facilities. Nearly 2,000 plants in all, and expects that all 
the plants will be reviewed, revised as appropriate and 
approved, and with few exceptions implemented by October 29, 
2004 deadline imposed by the Commission's April 29, 2003 
orders.
    Additionally, the NRC has completed an extensive set of 
vulnerability assessments and identified mitigation strategies 
for NRC license activities involving radioactive materials and 
nuclear facilities. These efforts have continued to affirm the 
robustness of the effectiveness of these facilities, the 
effectiveness of redundant systems and defense of design 
principles and the value of effective programs for operator 
training and emergency preparedness.
    We have continued to improve our security performance 
evaluation program, that is our force-on-force evaluations.
    In February 2004 the NRC began a transition force-on-force 
program incorporating lessons learned during the pilot. The 
transition program uses the characteristics of the DBT as 
enhanced as supplemented by our orders to prepare for 
resumption of the full security performance assessment program 
in November 2004.
    In conclusion, my full statement also includes 
prescriptions of NRC's revised base line inspection program, 
the status of security plan reviews, emergency preparedness and 
sharing of information with our stakeholders.
    I appreciate the opportunity to appear before you today. 
And I look forward to answering any questions you may have.
    [The prepared statement of Mr. Reyes follows:]

    [GRAPHIC] [TIFF OMITTED] T8358.139
    
    [GRAPHIC] [TIFF OMITTED] T8358.140
    
    [GRAPHIC] [TIFF OMITTED] T8358.141
    
    [GRAPHIC] [TIFF OMITTED] T8358.142
    
    [GRAPHIC] [TIFF OMITTED] T8358.143
    
    [GRAPHIC] [TIFF OMITTED] T8358.144
    
    [GRAPHIC] [TIFF OMITTED] T8358.145
    
    [GRAPHIC] [TIFF OMITTED] T8358.146
    
    [GRAPHIC] [TIFF OMITTED] T8358.147
    
    [GRAPHIC] [TIFF OMITTED] T8358.148
    
    [GRAPHIC] [TIFF OMITTED] T8358.149
    
    [GRAPHIC] [TIFF OMITTED] T8358.150
    
    [GRAPHIC] [TIFF OMITTED] T8358.151
    
    [GRAPHIC] [TIFF OMITTED] T8358.152
    
    [GRAPHIC] [TIFF OMITTED] T8358.153
    
    [GRAPHIC] [TIFF OMITTED] T8358.154
    
    [GRAPHIC] [TIFF OMITTED] T8358.155
    
    [GRAPHIC] [TIFF OMITTED] T8358.156
    
    [GRAPHIC] [TIFF OMITTED] T8358.157
    
    [GRAPHIC] [TIFF OMITTED] T8358.158
    
    [GRAPHIC] [TIFF OMITTED] T8358.159
    
    [GRAPHIC] [TIFF OMITTED] T8358.160
    
    [GRAPHIC] [TIFF OMITTED] T8358.161
    
    Mr. Shays. You may go to the next witness.
    Mr. Turner [presiding]. I'm sorry.
    Mr. Zimmerman.
    Mr. Zimmerman. I have no opening statement. Thank you.
    Mr. Turner. We will go to a 5-minute round of questions 
from the members of the committee.
    I know many of the members of the committee are going to 
have questions concerning the design basis threat, their 
concern of its insufficiency. The concern of force-on-force 
exercises and their lack of reliable training and 
effectiveness, also issues concerning equipment and training.
    But I am very interested in the relationship between DOD 
and the protection of our nuclear power plants. In some of the 
information that we have indicates that power plants are not 
required as part of their design basis threat to take into 
consideration attacks by a foreign power or even perhaps the 
type of terrorist organizations that we see with al Qaeda, with 
the airborne threat.
    Could you talk a little bit about the NRC's coordination 
with the DOD and how and where that occurs? Both in the level 
of communication, exercises, onsite equipment and response?
    Mr. Reyes. OK. Prior to September 11th, the NRC has always 
had intelligence analysts. Subsequent to September 11th those 
intelligence analysts--even though they are NRC employees--are 
collocated with the intelligence agencies. So we have changed 
not only the analysis of intelligence information the way we 
did it before, but now we have collocated with the intelligence 
community. And what that has provided is a more direct feedback 
for us--but we now provide the intelligence community, 
information we didn't provide it before. We have required our 
licensees to report to us activities that may observe around 
their facilities that may have some bearing on the national 
intelligence information.
    Now, in terms of the design basis threat, we have worked 
very closely with DOE and DOD in terms of the intelligence to 
determine our design basis threat. As somebody stated, we do 
not have in the NRC regulatory oversight weapons plans that 
have nuclear weapons or plants that have nuclear weapons 
components. So our design basis threat takes that into account 
and we feel is similar to DOE facilities that are similar to 
ours. So we think that the design basis threat is similar now.
    Now, I couldn't bring all of the pictures because security 
information. It's limited to the public. But some of the 
pictures here provide some of the features that the plants 
have. They compare to similar facilities with DOE and DOD. What 
you don't see here today is technology to detect intrusion and 
some of the programs that they have the facilities to make sure 
that the individuals that have access to the facility have 
security clearance----
    Mr. Turner. I am going to interrupt you. Because we have a 
limited time period for the answers. I appreciate your giving 
us information concerning intelligence gathering and 
information with respect to detection.
    Mr. Reyes. OK.
    Mr. Turner. But obviously my question and my interest 
concerns the ability to actually defend these facilities. 
Intelligence is only an element that gives you an understanding 
of what you are defending against or when defense is necessary. 
And detection certainly is way too late. So if you could please 
describe with respect to the Department of Defense, NORTHCOM, 
where are you drawing the line between the facilities 
responsibilities, the DOD's responsibilities and how are those 
actually being coordinated in a meaningful way that actually 
transcends into defense.
    Mr. Reyes. Let me have Mr. Zimmerman give you the details 
of our interface with NORTHCOM.
    Mr. Zimmerman. Thank you let me provide you with some of 
the specifics. With regard to NORAD, we have interactions with 
NORAD on a daily basis. We provide them information associated 
with the status of our facilities. They know which facilities 
are operating, which ones are shut down, which facilities may 
be with selected equipment out of service. We have run 
exercises with NORAD, where we have Amalgam Virgo or Amalgam 
Amigo are examples, for example, of actual interactions we have 
had with them on the phone, as well as with licensees.
    There is also, have been calls that NORAD has had directly 
with our licensees, but we have set up a protocol that happens 
very quickly. If there's an anomalous situation in the air that 
involves NORAD, NRC and the licensee on a three-way phone 
call--and we have been practicing that with our licensees--we 
have been involved in many exercises with the Federal 
Government and DOD primarily in the lead. We have been involved 
with the TOPOFF exercises that have occurred. We are involved 
with TOPOFF planning for next year. We have been involved in 
Forward Challenge, we have been involved with UDO 4.
    We are actively involved in and are interacting both with 
NORTHCOM with regard to their ability to respond with quick 
response forces. They have been out to the sites. We have taken 
them onsite tours. And they have had an opportunity to walk the 
facilities share their thoughts with us.
    So we view that we have a very strong relationship with 
NORAD, with NORTHCOM and we plan on making it stronger through 
an effort we call integrated response planning. And that deals 
with recognizing that the design basis threat we view as what 
is reasonable for private guard force, where the Federal 
Government needs to come in promptly. DOD is an active player 
in that effort of integrated response.
    Mr. Turner. Mr. Kucinich.
    Mr. Kucinich. Thank you very much, Mr. Turner.
    Mr. Zimmerman, one of the things the NRC points to on their 
Web page is a way that increased security is extending the 
perimeter of their facilities. Despite this, there have been 
two incursions into nuclear facilities in the last 2 months. 
One occurred at Beaver Valley in Pennsylvania and the other 
occurred at Pilgrim. If NRC had indeed extended the perimeter, 
ostensibly to catch terrorists before they get on the site, how 
were these individuals able to get out into plant sites?
    Mr. Zimmerman. I think context is very important in this 
regard. Without talking to the specific details--I am not sure 
I recall the specific details--the area that we are talking 
about at these facilities is what is called the owner-
controlled area. This is the area of property that is owned by 
the licensee, but in many cases is far removed from where the 
protected area where the vital equipment is located. At some 
plants, it's miles away from where the actual facility 
equipment is located. What we have done subsequent to September 
11 is require that licensees conduct surveillance out in their 
owner-controlled area to be able to identify the possibility of 
surveillance taking place on their site or as well as any 
plant, preplanning for an attack.
    We also called for licensees to mix up those patrols so 
they don't always roll around at 4, you know, hour on the hour. 
They mix it up to try to keep any potential surveillance, you 
know, at bay. We get daily reports that are made from the 
licensees into my office that address the many instances where 
individual sightseers are taking pictures of the sites, where 
the film is confiscated, explain to the individuals the 
sensitive nature of the equipment that they are trying to take 
pictures of.
    There are close working relationships with the local law 
enforcement and the FBI to run license plates to look for any 
information in the background of these individuals. It's a very 
aggressive program--and addressing one of the other concerns 
that was raised earlier, we share this information across the 
industry so that if there is some information that somebody 
sped away quickly from a particular location, that information 
is put on a protected Web server so all sites have access to it 
and can be on the lookout for a similar vehicle.
    Mr. Kucinich. I have a number of questions here, Mr. 
Chairman, that will probably require--you are going to have a 
second round of questioning? I know my time isn't up.
    Mr. Shays [presiding]. I would be happy to yield to my 
colleague some of my time. We would like to go just a 5-minute 
round with this, and then they are going to come back after GAO 
has testified.
    Mr. Kucinich. Well, before----
    Mr. Shays. Why don't we go through this. Why don't we----
    Mr. Kucinich. My 5 minutes hasn't expired.
    Mr. Shays. OK.
    Mr. Kucinich. I want to, as a personal matter ask you a 
question.
    Mr. Zimmerman. Surely.
    Mr. Kucinich. What do you think about the failure of your 
own agency to provide information to the public about a hole in 
the head of a reactor vessel. Is that a security matter that 
you have any concern with, or is that somebody else's job?
    Mr. Zimmerman. To be candid, it is not in the realm of 
responsibilities that I have. I think better justice could be 
done to answering your questions in a different setting, 
perhaps with different individuals that are closer.
    Mr. Kucinich. You really don't know anything about that, is 
that what you are saying?
    Mr. Zimmerman. No, I am not saying that at all.
    Mr. Kucinich. Do you know anything about it at all?
    Mr. Zimmerman. Yes.
    Mr. Kucinich. What are you aware about it?
    Mr. Zimmerman. I am aware of the fact that there was 
degradation in the vessel head that was late in being 
identified, through a non-destructive examination. I am aware 
of the fact that the NRC followed the degradation closely and 
had identified a period of time that it was felt that it was 
reasonable for that facility to continue to operate based on 
the information that was available to them.
    Mr. Kucinich. Mr. Chairman, I just want to point something 
out. And I don't think this is tangential. We have a witness in 
front of us whose job deals with nuclear security. I would 
submit that there is a lack of communication within the NRC on 
issues of security that he just made a statement that defies 
belief of anyone who claims that they followed this. So I am 
just going to take his initial statement that he is really not 
responsible for this. And the gentleman is showing a lack of 
comprehensive understanding of what the NRC's failings were on 
this--and I am not going to attribute that to his problem--I am 
going to attribute it to the responsibilities of the people who 
had the first obligation to let the public know--should have 
also let him know, since he is dealing with nuclear security.
    So I think one of the things the committee has already been 
able to determine here is that you don't have the kind of 
communication within the NRC that would protect the public 
interest with respect to security lapses of a mechanical kind, 
physical kind, inside. So the security problems can come 
outside, but they can also come inside.
    Thank you, Mr. Chairman.
    Mr. Turner [presiding]. Mrs. Maloney.
    Mrs. Maloney. What have you done to protect our plants from 
the possibility of a plane flying in?
    Mr. Reyes. Yes, we have----
    Mrs. Maloney. We have read in the 9/11 Commission said that 
was one of their plots. So how are we protecting ourselves from 
that?
    Mr. Reyes. The NRC has done a vulnerability assessment. 
That includes a wide variety of aircraft. It includes smaller 
aircraft, all the way to a large commercial aircraft loaded 
with fuel--an analysis of a limited number of plants that are 
typical in the design of the power plants in the United States. 
What that analysis has shown is there is a very low probability 
that the crash of such a large aircraft into the facility would 
cause both damage to the core and a significant radiation 
release that will impact the health of the public.
    And the reason being is that prior to September 11th, these 
plants have severe accident procedures--they were procedures 
that were mitigated or strategies that were to cope with events 
that could not be foreseen by the design. Our analysis has 
identified that more had to be done--and in fact the mitigative 
strategies have been enhanced to cope with such an attack. Now 
that will be the back end once the attack occurs.
    At the front end, I think Mr. Zimmerman talked about our 
relationship with NORTHCOM and NORAD and the exercises and 
direct communication from NORAD to the control room in the 
power plant to advise them if there is a pending attack.
    Mrs. Maloney. Do we have any planes in the air that would 
shoot down another plane coming? I mean, we never anticipated 
that a plane would knock down the Towers. So the main thing is 
to prevent it from coming in in the first place. So what do we 
have? Are you working with the--you understand the security to 
basically shoot down a plane if it ever got into the area?
    Mr. Reyes. Yes, our work has been with NORAD who had the 
responsibility to intercede the aircraft.
    Mrs. Maloney. Now, in the prepared testimony of the GAO, 
they say that the NRC does not plan to make improvement to the 
inspection program that the GAO previously recommended and 
still believes that it is not necessary. For example NRC is not 
following up to verify that all the violations of security 
requirements have been corrected. Can you explain that? That's 
a direct quote from the GAO report that they are very disturbed 
that you are not correcting the items that they pointed out to 
you. Why not?
    Mr. Reyes. The GAO report relates to our followup of the 
corrective action--the NRC both on the safety and security 
site. And we don't think distinguish them--they work together--
puts their effort on the violations of biggest or higher 
significance. Now, what we do is we put--confirm all the 
corrective actions for violations of higher level, and for low 
level violations we do it in a sample basis. Now that doesn't 
mean we don't know what was done.
    What it means is for security specialists to confirm 
whether that minor violation or violation of low risk was not 
corrected. But we have an NRC office in every power plant. We 
have inspectors there, and we are aware of the corrective 
action on small, low-risk violations. But we follow all 
significant violations with subject matter experts, whether 
security or safety.
    On the lower level, we do a sampling process. It's a matter 
of resources.
    Mrs. Maloney. So, then, you are not following up to verify 
that the violations of security requirements have been 
corrected for ``smaller violations?''
    Mr. Reyes. On a sampling basis we do.
    Mrs. Maloney. But you are just correcting the larger 
violations. Can you give me an example of a smaller violation 
that you are not correcting?
    Mr. Reyes. Well, they corrected it. We just don't confirm 
specifically that it is corrected. I will have Mr. Zimmerman 
maybe give an example of a minor violation.
    Mr. Zimmerman. A minor violation could be an isolated case 
where an individual had a lapse and didn't record information 
within a certain period on a tour or potentially may not have 
logged it at all. We would view that as a violation. By 
understanding a licensee's program, they have a corrective 
action program that they are required to have. Their quality 
assurance organization will pursue that, determine whether it 
is an isolated case.
    We also during our review--if we see something that 
indicates it is potentially larger and has programmatic aspects 
to it--we would continue to follow that trail. But if we see 
that as an isolated case, the corrective action would be taken 
by the licensee. And then as Mr. Reyes said, we do come back 
for the lower significance items and do a sampling check to see 
if we have confidence in the thoroughness of the review of the 
utility.
    Mrs. Maloney. My time is up. Thank you.
    Mr. Turner. Mr. Platts.
    Mr. Platts. Thank you, Mr. Chairman. I appreciate your 
testimony here today. And I question our focus, I know, is 
about protecting our facilities from the terrorist threats. And 
I would like to at least put on your radar an issue that kind 
of relates that if there is an attack and our response and 
attentions come to my attention in my local community, I would 
go right up against the Susquehanna River where Three Mile 
Island is--and certainly as a high school student, remember 
1979 very well--living a few miles from the plant.
    The issue that has been raised to me is if there would be 
an attack how we would respond to the attack, specifically for 
children in day care, preschools, nursery schools, and believed 
by some of my constituents that NRC's oversight, along with 
FEMA, is not insuring that our NRC regulations are being fully 
complied by facilities regarding those preschool child care 
centers, and the State plans that are in place. My 
understanding of NRC is your responsibility is really to 
improve the State plans for evacuation if there is an attack or 
if there is an incident of whatever kind that requires an 
evacuation that NRC looks to the State and approves the State 
plans?
    Mr. Reyes. FEMA, the Federal Emergency Management Agency 
does that.
    But if I could address briefly your concern. If there is an 
attack at a nuclear power plant--regardless of whether it is 
ground, waterborne or air--right away, there is a declaration 
of high level emergency. What that does is automatically gives 
the local government, the counties and the State, mobilizing 
their emergency plan.
    And the typical arrangement--and I don't know the one in 
Pennsylvania specifically--the typical arrangement is that when 
that is declared, the local government already has prearranged 
decisionmaking on evacuating children, senior citizens. So the 
fact that the facility was attacked without any consequences--
yet in terms of release of radiation and all of that--because 
you declare a high level emergency, you are already as a 
precautionary measure, very conservative, rolling and the 
offsite government agencies are already moving.
    Mr. Platts. The concern is that--and then that process, for 
it to work, those plants need to be thorough and that the FEMA 
reviews the plans.
    Mr. Reyes. Right.
    Mr. Platts. Based on their finding and you issue a license 
that yes they have a plan in place.
    Mr. Reyes. Correct.
    Mr. Platts. Is that perhaps with some facilities in 
Pennsylvania and perhaps elsewhere around the country that 
those plans are not as thoroughly guarding these preschool age 
children even though the regs require them to, to accomplish 
those children as well.
    Mr. Reyes. Yes, it is FEMA that has to do the assessment. 
And they monitor the exercises and the plant and the fact that 
it gets performed adequately. I just couldn't----
    Mr. Platts. So NRC basically takes the decision of FEMA and 
just ratifies that decision that FEMA says, yes, they are in 
compliance, their State plan, their local plan, therefore the 
license is issued?
    Mr. Reyes. Yes, it's called reasonable assurance. FEMA 
sends out a report, and a certification that they have 
reasonable assurance that the offsite emergency preparedness 
actions, the plans and the actions that they will take by 
observing the execution of the plan and the exercises, etc. is 
adequate. And we take that certification of reasonable 
assurance and accept it.
    Mr. Platts. Thank you. Thank you, Mr. Chairman.
    Mr. Turner. Ms. Watson.
    Ms. Watson. According to the GAO, NRC is not taking 
advantage of opportunities to improve the effectiveness of 
force-on-force exercises and security oversight in general by 
implementing the recommendations.
    And I did hear you mention, you have gone so far with a 
lack of resources. I would like to elaborate on that and tell 
us how is nuclear power plant inspection information shared 
with the NRC regional offices and nuclear power plants. So you 
can answer collectively.
    The other concern that I have is that several months ago, 
we heard about traditional procedures and traditional ways of 
calculating how an attack would take place on our nuclear 
plants. I had problems with traditional. Because I think 
whatever enemy out there we are facing is being very creative. 
And if we have a traditional procedure or formula that we use 
on the ground, what about that comes from the air or over 
water? So you might want to address that as well.
    Mr. Reyes. OK. I would be glad to do that. Let me talk 
first about the information sharing. All the findings, all the 
violations, whether they are high or low or of significance, 
regarding security, are reviewed by a panel which is composed 
of a representative from all of our four regional offices and 
our headquarters offices.
    And that's to make sure that in fact they are properly 
being categorized in terms of their significance and therefore 
which ones we need to do followup corrective action in detail 
and which ones we do a sampling process. That information is 
shared because there's representatives from each one of the 
regional office and the program office. So those individuals 
share that within their own group.
    Then we also have very frequent meetings with the 
industry--it's called a security working group--where we share 
all the issues that we have identified with them, and the 
security working group from the industry then shares that with 
their counterparts.
    We also have prepared a protected Web page that has those 
kindS of information. Not only do we share that with the 
licensees, but it gets shared with local governments and other 
interested parties that do have the appropriate clearance to 
have that information. So we do have a very aggressive way to 
share the information.
    Now, we haven't adopted every recommendation that GAO has 
submitted. We haven't dismissed them; we are considering them, 
but we feel there is a very aggressive way that this 
information is being shared.
    Ms. Watson. When you said lack of resources, would you 
elaborate, please?
    Mr. Reyes. We feel we have adequate resources, but what you 
want to do is you want to put your resources where the more 
significance is. So Mr. Zimmerman provided you an example of 
where a patrol officer had an oversight to log in as they 
conducted the patrol around the facility, and they have to log 
in exactly where they were and where they are not going. That 
would be a relatively low violation of our requirements, and we 
necessarily wouldn't put the resources there. If we were to 
find a more significant problem regarding training of the 
officers or the weapons not being in good working order or 
something like that, we will put very detailed followup on the 
more significance, because they do have the more significant 
potential to affect security. So there's a matter of grading 
where our resources go to; they go to the most significant 
findings.
    Ms. Watson. I am really troubled by the fact that we are 
fighting an enemy of unknown proportion. It could be an 
American--I will always remember Oklahoma--or it could be 
someone who has merged into our society. They have a very 
different mindset than we do. And I'm wondering if there is any 
activity going on that tries to get into that mindset, because 
I think the September 11 attack was planned a decade in 
advance. And certainly we know by the training, the time it 
took to train those who flew the planes--and they went in and 
said we don't want to learn how to take off or land; that 
should have rung a bell. And they paid in cash. But apparently 
they were more interested in getting that money than in picking 
up the clues. And I am finding out there have been clues along 
the way and we haven't done a good job in connecting the dots.
    So I am wondering if we have a think tank that might be 
looking at the creative ways that people, you know, watching us 
in an open society might do us great harm through our nuclear 
plants. Pand, finally, how does this fit into homeland 
security? How does the NRC, what role do you play in terms of 
homeland security?
    Mr. Reyes. OK. Let me talk about--the concerns you had 
about the potential adversaries and the modes and the planning 
all goes into the intelligence community. What we do is we take 
that information, and, for example, when we consider the design 
basis threat and when we do our exercises, we assume that all 
that information in terms of what we call coordinated attacks--
and we assume they are coming from the ground, from the air, 
from the water, and that they have an insider that they have. 
So all that is considered in both the design basis threat and 
the exercises we actually conduct. So also, we don't go out 
there to try to do intelligence work. We are the beneficiaries. 
And by having our intelligence analyst physically present in 
that community, we get that information and we factor that into 
our activities.
    Now, let me have Mr. Zimmerman explain to you how we work 
with DHS, because we are an active participant in that effort.
    Mr. Zimmerman. One of the things that we do with the 
Department of Homeland Security is we try to maximize our time 
that we spend in their operation. And I will explain that. 
There may not be a particular issue that is necessarily in our 
sector, but we will try to send people to their operations 
center, even if there is an issue that they are pursuing that 
is unrelated to the nuclear sector, just so that we can get 
comfortable, get a chance to meet people, understand what their 
protocols are. And we basically have a relatively large number 
of people that we are sending down there and getting badged 
ahead of time, so that if the bell does ring in our sector, we 
have working relationships established. And if we are in a 
reactive situation, we know where our desk is, we know what our 
responsibilities are.
    And when we do our exercises now, we have requested of DHS, 
and they have been very supportive, to try a continuous 
improvement to make our exercises more realistic, where we want 
them to play in our exercises now that they have been stood up. 
So we want to send people to them, understand what issues they 
would have in this emergency situation during this drill, and 
raise those issues directly to us in real time in the exercises 
so that we can practice and learn how we can improve our 
overall response to the Federal Government.
    Ms. Watson. I will just finish up with this. I think 
intelligence has failed to provide all of us with the 
information that we need to prevent--not respond to an 
emergency, to prevent. And I would hope that the NRC would 
definitely be looking at strategies, procedures, to prevent a 
nuclear kind of emergency, because once there is a nuclear 
attack we are done.
    Mr. Zimmerman. May I respond?
    Mr. Turner. Actually, we need to move on. Mr. Tierney.
    Mr. Tierney. Thank you, Mr. Chairman.
    You rely on private companies for the securities of the 
individual plants. Right?
    Mr. Zimmerman. That's correct.
    Mr. Tierney. All right. So we have 65 plant sites, 103 
nuclear reactors in 31 States.
    Mr. Zimmerman. Correct.
    Mr. Tierney. And you sort of delegate that responsibility 
to private companies, and then rely on their report to you as 
to whether or not they are complying with the various standards 
that you set.
    Mr. Reyes. No. We have direct observation of their 
activities.
    Mr. Tierney. About once every 3 years, right?
    Mr. Reyes. No, no. That's incorrect.
    Mr. Tierney. OK.
    Mr. Reyes. See, the inspection program--and I think this 
is--the GAO auditors are in the process of doing that effort, 
and they haven't been able to visit the facilities. So we have 
a security inspection program that looks at everything, from 
training to performance of the detection system, implementation 
of the program for access to individuals, communications. The 
portion as far as exercise is on top of all that I just told 
you, and that is the final task on the dynamics. That's where 
we actually simulate adversaries, and they actually come in and 
jump over the fence and actually have access to--and we 
simulate the attack. But that's only the culmination of a large 
number of inspection hours by a lot of subject matter experts 
in security that come in unannounced at all times of the day or 
night to check each one of the elements.
    Mr. Tierney. Let me interrupt if we can because are limited 
in time here. So you are saying that your agency determines the 
standards for training, and then you go down and you observe 
and make sure that training is in fact occurring and being met 
and that people are passing those criteria.
    Mr. Reyes. That's correct.
    Mr. Tierney. And that's no matter what the turnover there.
    Mr. Reyes. Correct.
    Mr. Tierney. And then you are telling me that you are also 
keeping an eye on how much overtime is involved, how many hours 
these people are working on each shift on a regular basis?
    Mr. Reyes. We have requirements for that. We review the 
records and we interview individuals.
    Mr. Tierney. Did you want to add something?
    Mr. Reyes. What he was going to tell you is our inspection 
program has increased by a factor of five.
    Mr. Zimmerman. Since 2000. The amount of hours that we 
spend onsite--this is separate from force on force--is we have 
gone up fivefold in the amount of inspection hours that we are 
currently spending onsite. The design basis threat that we 
issued in April 2003 is quite similar to the interim 
compensatory measures that we put in place in February 2002. 
Our inspectors have already gone out and verified that probably 
80 percent of what is in the revised 2002 DBT is already in 
place.
    Mr. Tierney. Are you subcontracting any of this evaluation 
work?
    Mr. Reyes. No.
    Mr. Zimmerman. It's being done through our regional 
offices.
    Mr. Tierney. And when you do the force on force, are you 
subcontracting any of that attack force work out?
    Mr. Reyes. No. The NRC reviews the training for the 
adversaries, the NRC decides on the scenario, and the NRC is 
there in large numbers to observe the force on force. And we 
are the ones who determine whether the performance is 
acceptable or not. See, this is a big difference between DOE 
and NRC. DOE operates and regulates itself. We have a private 
licensee, but we are the ones who do the oversight and we are 
the ones who determine the adequacy.
    Mr. Tierney. But it is not your personnel that are actually 
doing the force on force. You hire somebody to do that, then 
oversee them?
    Mr. Reyes. The adversaries are not NRC employees. The 
people monitoring them and doing the independent assessment 
are.
    Mr. Zimmerman. We hire contractors that are experts in this 
area. They are joined at the hip with the adversary team; they 
are in the field with the adversary team as they are trying to 
make their approach on the facility. They are involved in the 
preparation aspect indicating, based on what we have been able 
to determine, this is how I would attack the facility, so this 
is how you will attack.
    The decision on how the attack is made is made by the NRC 
contractor, not by the contractor that's going to carry out the 
actual attack. But our contractors will go with them.
    Mr. Tierney. So we no longer have Wackenhut watching 
Wackenhut.
    Mr. Reyes. It never has been. We don't know the 
misunderstanding, but it never has been.
    Mr. Zimmerman. We do the full assessment. Wackenhut will 
pull the trigger, but we will have somebody there to make sure 
that person is taking the appropriate action of what he or she 
has been instructed to do based on us laying out what the 
scenario will be, and then being with them in the field while 
they carry it out.
    Mr. Tierney. We can maybe revisit that again later. Tell 
me, if you would, about spent fuel storage security and why we 
should feel comfortable with the way things are going there.
    Mr. Reyes. There is two kinds of storage of spent fuel. One 
is what we call the pools or the wet pool. And those are inside 
all the protected area of the facility, and all the security 
features that you have for the reactor, you basically have for 
the wet pools. The dry cast storage could be either inside the 
protected area or could be sitting by itself within a protected 
area. And that also has security features to it. The dry cast 
storage is more robust in terms of attacks and all that. So we 
feel very secure that it is--the security is adequate.
    Mr. Tierney. Thank you.
    Mr. Turner. Mr. Sanders.
    Mr. Sanders. Thank you very much, Mr. Chairman.
    As you know, gentlemen--and thank you very much for being 
with us. As you know, we have a nuclear power plant in Vernon, 
right at the southern edge of Vermont and right near the 
Massachusetts border. Recently there was a scare, as you know, 
when two spent fuel rods appeared to be missing, and they were 
relocated sometime later. But that raised anxiety in an area 
where anxiety is already fairly high.
    Let me just ask you just a couple of questions. It seems to 
me--and I don't want to disappoint any of my colleagues or 
you--that the truth of the matter is there is not an enormous 
amount of faith in the U.S. Government; that people do not 
believe everything that you say or I say or anyone else says. 
And when it comes to nuclear power and the potential danger, 
clearly people are very, very concerned as to whether or not 
the U.S. Government is in fact protecting them.
    As I understand it, earlier in August the NRC announced 
that a substantial amount of site-specific security information 
would be taken off of its Web site. Now, I can understand that 
we do not want to tell al Qaeda all of the methods that we have 
to defend nuclear power plants. But the bottom line is that 
when people, at least in the past, could critique, could say it 
is not enough, now they have virtually nothing. So if I'm 
living in Vernon, Vermont or Brodova, Vermont, how do I know 
that the kind of security--I don't need to know every detail, 
people understand that. But what kind of reassurance do people 
have that security is appropriate when they now go to the Web 
site and they get far less information than they used to? And 
as I understand it, you took that information off kind of 
privately, without a lot of public discussion as to whether 
that was a good idea.
    Mr. Reyes. Prior to September 11th and today, our strategic 
plan has safety security and openness as one of the goals. And 
we have learned since September 11th, through our feedback with 
the intelligence community, that there are people out there 
that want to do us harm. And information that we openly share 
with everybody as one of our strategic goals could be harm to 
the Nation. So what we had to do is, we had to do some soul-
searching and find out what information should we pull out of 
the public. And we took out information that could assist 
somebody in doing us harm.
    What we are going to do is--the remaining of the 
information regarding the safety of the facility, all that 
information is still there. What we are going to do is we are 
going to summarize that security information we have and 
present it in a summary fashion without giving details that 
somebody can harm us.
    Mr. Sanders. We don't have a lot of time. And I think 
everybody understands that we do not want to give enemies 
information. But on the other hand, I would ask you to keep in 
mind, given the fact that people do not necessarily have a lot 
of confidence, that they do want to know that they are being 
protected. They want the opportunity to critique when they feel 
that security is not appropriate. And I fear very much that is 
not the situation.
    Now, I understand that there was several FOIA requests made 
before this policy went into effect; in other words, regarding 
the nature of security. What does the NRC plan to do with those 
FOIA requests?
    Mr. Reyes. Well, we are going to have to process them under 
the new guidelines, because regardless of how you put the 
information in the public, the details, we now know our 
intelligence colleagues are telling us do not put detailed 
information out that can assist people to do us harm.
    Mr. Sanders. Let me go to another area. And forgive me, we 
just have to move fast because there's not a lot of time. I'm 
picking up at a point that Mr. Tierney raised a moment ago; and 
that is, NRC, as I understand it, has repeatedly stated that 
they believe release of radioactive fuel as a result of a 
terrorist attack on a spent fuel pool is unlikely. NRC 
officials have made that point over and over again, and they 
said that as recently as last week.
    So what I want to know is why you think that way? Are you 
taking additional steps to fortify the many spent fuel pools 
around the country, rather than simply dismissing the prospect 
of a breach of security there?
    Mr. Reyes. We have done analysis of airplane crashes into 
the spent fuel pools. Now, it's been a limited number of 
details in terms of which ones we have done that, and those are 
the conclusions you stated. We are now moving forward to doing 
further studies to make sure that we have done a thorough 
review in any one of the layouts. The configuration of the 
pools are different in different plants, and so we are now 
continuing the analysis to make sure that the results we have 
are representative of the total population.
    Mr. Sanders. Am I correct in remembering, though, that 
there are some knowledgeable people who disagree with some of 
the conclusions that you have reached about the safety of those 
facilities in terms of a plane attack?
    Mr. Reyes. There's always people who disagree.
    Mr. Sanders. I'm not talking about fringy people; but I'm 
talking about intelligent people.
    Mr. Reyes. Yeah, there's always intelligent people that 
disagree with us.
    Mr. Sanders. All right. What about the potential of an air 
attack? I understand that there is no longer a no-fly zone in 
effect over our Nation's nuclear reactors. And my question is, 
why you think that is good policy? And why does the NRC think 
it's such an insubstantial threat, especially in light of the 
fact that al Qaeda clearly considered nuclear reactors an 
attractive target?
    Mr. Reyes. After September 11th, we met with the FAA and we 
tried to get their insights and their determination on what 
should be the airspace around nuclear power plants determined 
to be. The FAA determination was that for nuclear power plants 
and other critical infrastructure, that it was not advisable in 
their mind to put no-fly zones. What they did determine was for 
nuclear power plants to put what they call a notice to airmen, 
which basically is a notice that goes to all pilots about 
limiting their flying around these facilities. But we are just 
following, after the meeting with the FAA, what they determined 
to be the most wise.
    Mr. Sanders. But do you think that makes sense? On the 
surface it doesn't make a lot of sense to me, given what we saw 
about September 11 and the use of airplanes as missiles.
    Mr. Reyes. The rationale of the FAA was that there's other 
critical infrastructure, just like nuclear power plants. And if 
they were to put no-fly zones over all these facilities and the 
infrastructure, you basically stop commerce because you have so 
many no-fly zones across the national--chemical plants, 
pesticides.
    Mr. Sanders. Frankly, a nuclear power plant is different 
than many other infrastructures and facilities. We don't think 
we should have universal no-fly zones, but I would suggest that 
maybe we may want to do a little bit of thinking about that 
one.
    Mr. Reyes. And we met with the FAA and we tried to convey 
that.
    Mr. Sanders. I mean, you met with the FAA. You are the 
experts on nuclear dangers; they are not. They have other 
interests as well. And we need to rely on somebody to protect 
us.
    Mr. Turner. Mr. Sanders, we need to move on.
    Mr. Sanders. Thank you.
    Mr. Turner. Chairman Shays.
    Mr. Shays. I thank you. We are going to have a second 
opportunity to question these witnesses. We do thank them, 
because that's a better way for them to make their arguments 
and for us to understand the challenges.
    The bottom line, it's been 3 years since September 11th, 
and 2 years of it was the intelligence community giving us a 
postulated threat. You have worked the last year on a design 
basis threat, and now that's coming into place. And what's 
concerning me is there appears to be 3 years before you really 
test at every facility, and so it's going to be like 6 years 
from September 11th.
    I want to ask, are you aware of the memo, which was 
classified, from the Deputy Secretary of Energy to DOE 
facilities strengthening the DBT and ordering safeguards beyond 
those called for by the initial post-September 11 standard?
    Mr. Reyes. We work closely with DOE, and we know exactly 
what their DBT is and where the directions are heading. We are 
required by the Commission to brief them every 6 months on the 
intelligence, and so they can reassess the DBT. We are 
scheduled to do that November 16th of this year. At that time, 
we will brief them not only with the intelligence information 
we have, but with all the DOE--DBT changes that they are 
considering or perhaps they have implemented by the time we 
meet with the Commission.
    Mr. Shays. When we met with DOE officials and we toured 
certain facilities, they came back to us and said that they 
were going to strengthen their design basis threat. We have the 
postulated threat up here, we have the Department of Energy 
with their DBT here, and we see you lower down on the design 
basis threat, that you don't have as strong a standard as what 
we see happening for the DOE facilities. That's my reading of 
it. And I would like to know, do you anticipate strengthening 
your design basis threat based on----
    Mr. Reyes. We will share that information with the 
Commission. It's a policy decision by the commissioners whether 
to increase or not increase the DBT. And, but we have a process 
to do that, and November 16th is our next presentation to the 
Commission to consider that.
    Mr. Shays. One of the biggest criticisms that GAO has is 
that they say the NRC's review of the plants, which are not 
available to the general public for security reasons, has 
primarily been a paper review and is not detailed enough for 
NRC to determine if the plans would protect the facility 
against the threat presented in the DBT. How do you respond to 
that?
    Mr. Reyes. The security plans are--they have, but at a 
pretty high level. And what you see here, what you have at the 
station, then, is what we call implementing procedures, the 
strategies of how those individuals will respond to an attack, 
where are they located, how will the firing lines, etc., is an 
implementing procedure. And the reason you want to have it that 
way is, let's assume that the legislative proposal that we 
highlighted to you gets approved and we now can give them 
better weapons. Then the strategy at the time may change.
    Mr. Shays. Well, now that we don't have the assault weapon 
ban, are you now able to get--no, I'm serious. Are you 
prohibited from giving them assault weapons?
    Mr. Reyes. Under State law--see, this, under the State law 
they cannot have automatic weapons.
    Mr. Shays. Under every State or in some States, or in every 
State?
    Mr. Zimmerman. Some States have changed.
    Mr. Reyes. Recently. Very recently.
    Mr. Shays. See, the logic of the assault weapon ban is that 
we want the law enforcement folks and the security people to 
have every advantage possible. We don't want the bad folks to 
have weapons that our people don't have.
    Mr. Reyes. We agree.
    Mr. Shays. I mean, the government's got it screwed up here.
    Mr. Zimmerman. The legislation that we proposed would allow 
the security officers to use automatic weapons. Right now they 
are using semi-automatic weapons.
    Mr. Shays. I want you to use whatever the hell you need to 
do the job. You know, our job in government is to make sure 
it's never a fair fight. We want our military people to always 
have the best.
    Mr. Zimmerman. I couldn't agree with you more.
    Mr. Tierney. Would the gentleman yield on that for 1 
second? The problem is these are not military people and these 
aren't public forces on that. The question I would have is, who 
is doing the background check on these individuals? Who are 
they? How well trained are they? And how confident can we be 
that they can be entrusted with this kind of weaponry and are 
going to do the job that we might normally expect of our own 
forces?
    Mr. Zimmerman. The background checks on the security 
officers is extremely aggressive. They are viewed to be in 
what's called a ``critical group'' because of recognizing that 
if they were the insider, what damage they would be able to 
cause. So there is a significant background check and 
behavioral observation that takes place. The vast majority of 
these individuals are prior military or law enforcement.
    But the answer to your question, there is a very 
significant and appropriate background check being done.
    Mr. Tierney. By the NRC?
    Mr. Zimmerman. Well, no. We work through the FBI. We pass 
the information to various agencies that have a variety of data 
bases that you are aware of, and those names are provided to 
those data bases. We are a passthrough.
    Mr. Reyes. Similar to a clearance, the fingerprinting and 
review will be done by the FBI. It's not the licensee if that's 
what you're asking.
    Mr. Shays. Let me claim my time again. But I do think the 
gentleman is right on target. My biggest fear is the person who 
does have the weapon on the inside. I think one individual like 
that could practically accomplish whatever task they want. And 
so I think that is a key factor the gentleman has identified.
    The bottom line is you are going to be looking at whether 
to revise your new design basis threat. How long would that 
take, though, if you then decided to do that?
    Mr. Reyes. Once we present that to the Commission, 
typically within a few weeks they make a decision one way or 
the other. So then if they were to make a change, we will have 
to implement it through orders or some mechanism like that.
    Mr. Shays. So how long would that take before it actually 
were met in the field.
    Mr. Reyes. It depends on the size of the increase. If you 
are talking about the number of adversaries----
    Mr. Shays. Just give me a sense. Are we talking a year 
more?
    Mr. Reyes. That should be in months we can issue the 
orders, and then the implementation will take a little bit 
longer, depending on the magnitude.
    Mr. Shays. A little bit longer means what? A year?
    Mr. Reyes. My guess would be a year.
    Mr. Shays. No, no. See, that isn't a little bit longer. I 
don't feel like there is an intensity level at NRC, I honestly 
don't. But we will get to that later. I think we need to get to 
the next.
    Ms. Watson. Is this just a followup, or can it wait when 
they come back to us?
    Mr. Turner. This panel is going to be returning after panel 
two. Will you be able to stay for----
    Ms. Watson. Yeah. It was just pertinent to----
    Mr. Shays. I would be happy to.
    Ms. Watson. I was just going to say what is really 
bothering me at this moment is that I represent a State that 
has a very porous border, and there are people coming across 
the Mexican border into the United States that are going to be 
able to buy automatic assault weapons in their corner sporting 
goods store because the ban has evaporated. And I understand 
that there is a constant movement across our border, our 
southern border into the United States, where these people can 
go in with fictitious names and somebody else's ID and pick up 
one of these assault weapons. This will impact on you greatly, 
and so I just throw that out.
    Mr. Turner. Perhaps when they return that's an issue they 
can address at that time, if that's OK.
    Ms. Watson. That's fine. So just keep that in mind, my 
concern.
    Mr. Turner. What I understand is that panel one is going to 
remain while panel two testifies, and then return to us for 
additional questions after we have heard the testimony of Mr. 
Jim Wells. So we will excuse you at this point, with the 
understanding that you are going to be remaining.
    Mr. Shays. And we thank you for that. That will be helpful.
    Mr. Turner. And then we will call forward panel two, which 
is Mr. Jim Wells, Director, National Resources and Environment 
Government Accountability Office, who will be accompanied by 
Mr. Raymond H. Smith, Jr., Assistant Director, and Mr. Kenneth 
E. Lightner, Jr., Senior Analyst.
    Gentlemen, we do swear in our witnesses for the hearing. If 
you would please stand and raise your right arm.
    [Witnesses sworn.]
    Mr. Turner. Please note for the record that the witnesses 
responded in the affirmative.
    Mr. Turner. We welcome you, Mr. Wells, and look forward to 
your testimony.

    STATEMENT OF JIM WELLS, DIRECTOR, NATURAL RESOURCES AND 
 ENVIRONMENT, GOVERNMENT ACCOUNTABILITY OFFICE, ACCOMPANIED BY 
   RAYMOND H. SMITH, JR. ASSISTANT DIRECTOR; AND KENNETH E. 
                 LIGHTNER, JR., SENIOR ANALYST

    Mr. Wells. Thank you, Mr. Chairman. We are pleased to be 
here today to discuss NRC's efforts to improve security at the 
Nation's 104 commercial nuclear power plants. Today, it's 3 
years after the Twin Towers and Pentagon attacks, and we are 
discussing what NRC has done, where they are, and what's left 
to do. To NRC's credit they responded immediately, advising the 
plants to go to the highest levels of security, and they issued 
about 60 advisories and orders.
    As an auditor, I am going to stop here and let them take 
credit for what they've done. They have, in fact, done a lot of 
things, and there is no doubt that security has been enhanced. 
But what we get paid to do as auditors is to bring forth 
concerns, and that's what I will do today.
    While we applaud these efforts, the question is today: Has 
it been enough? It will take several more years for NRC to make 
an independent determination that each plant has taken 
responsibile, reasonable, and appropriate steps to provide 
protection.
    The first step that NRC chose was to create new security 
plans to implement their new DBT. While the original plan was 
envisioned to take 2 years, the commissioners decided to use an 
industry-developed template with yes-and-no answers to speed up 
the process. And, Mr. Tierney, they did hire contractors to 
help review the plans, and they wanted to get it done in 6 
months.
    Now, we have some concerns about how the NRC is doing this 
first step. Not that this first step is wrong, it's just the 
process they chose to use.
    First, NRC's review has been rushed, and is largely a paper 
review, in our opinion. NRC reviewers are generally not 
visiting the plants to obtain details. However, we have learned 
that they are recently beginning to visit some of the plants 
and ask some questions relating to their plans. We understand 
they may have visited about approximately 4 or 5 of the 65 
facilities and the 100 plants that are under consideration.
    The plans themselves, and we have reviewed 12 of those 
plans, do not detail defensive positions at the site, how the 
defenders would be deployed to respond to that attack, or how 
long the deployment would take. In addition, NRC is not 
requesting the documents and the studies supporting the plan; 
so, in our opinion, as a result, NRC today as they are 
reviewing these plans, even though when they are approved they 
still will not have a lot of detailed knowledge about the 
actual security at the individual facilities prior to the 
approval of those plans.
    Second, as it clearly has already been pointed out, it will 
take up to 3 years for the NRC to test these plans through 
force-on-force exercises at each facility. Moreover, NRC is 
considering action that could potentially compromise the 
integrity of these exercises. And I refer, as members of the 
subcommittee have already raised, the consideration of using a 
private company, Wackenhut, that is a company that the nuclear 
industry has selected, a company that clearly has had problems 
in the past at Oak Ridge--and, I might add, that NRC was doing 
oversight when these problems did happen--and a company that 
provides guards for about half the facilities to be tested. We 
understand Wackenhut is currently under contract with about 50 
percent of the nuclear facilities.
    This relationship with the industry also raises questions 
about the force's independence. And that's just a question that 
needs to continue to be asked in terms of due diligence by the 
NRC in terms of assuring that whatever contractor is used, that 
there is independence.
    We note that the NRC's DBT is similar to DOE, as you have 
stated, Mr. Chairman and Mr. Shays. As you know, in April 2004, 
DOE officials told this subcommittee that they would have to 
rethink its threat assessment that they were using. DOE, we 
understand, completed that review last Tuesday and 
substantially increased their DBT.
    If the NRC, when they consult with their commissioners, 
decides to revisit or revise the DBT, NRC will clearly need 
more time. How much time I think is a good question, that's 
already been asked of the NRC.
    Also, funding the cost of any additional protection that 
may be required could also be a fairly significant issue for 
the industry. NRC has already clearly publicly stated that the 
current DBT that they are being required to defend against is 
the largest reasonable threat against which a regulated private 
guard force should be expected to defend under existing law. 
Also, potential vulnerabilities of additional assaults are on 
the horizon and currently are being addressed outside of the 
existing DBT. Any change in any of these approaches could place 
additional requirements on the plants. And I speak here about 
the airborne nature over the nuclear power plants.
    In conclusion, can the public be assured that NRC's efforts 
will protect the plants against attack? Our answer to you today 
is not yet. It will still be some time before NRC can provide 
the public with full assurances that what has been done is 
enough. Some of these enhancements are still being put in 
place, and they remain to be tested.
    Ms. Maloney and Congresswoman Watson, you have raised 
questions about NRC not agreeing to do some of our 
recommendations. Yes, we still disagree. Maybe it's an issue of 
substantial versus minor. We've found, others have found, 
sleeping guards, guards that have falsified records; access has 
been granted to individuals in highly secured areas that had no 
business being there. We are not sure that's minor.
    While NRC may initially disagree with some of the things 
that we raise about trying to improve, it's questions like this 
raised by this subcommittee that may help the NRC in terms of 
seeing the light and moving forward and making some substantial 
improvements.
    We have a lot more audit work to do, Mr. Chairman. You have 
asked us to do a lot of things, including an assessment of the 
DBT and a lot of concern about the vulnerabilities, and is the 
current DBT actually going to do anything to help protect the 
actual vulnerabilities that exist. So we still owe you a report 
a year from now or early next year, if we can finish it, on how 
NRC defines the threat faced by the nuclear power plants. We 
believe, based on what we have seen today--understanding that 
we are still preliminarily still doing our audit, we have not 
completed our work, and, in fairness to the NRC, have not given 
them an opportunity to comment or react to what we have seen 
today--that it's important that NRC act quickly and take a 
strong leadership role in establishing a worthy adversary team 
for these upcoming exercises.
    I can't overemphasize how important these exercises are to 
test what's being put in place. These improvements are 
expensive, and we want to make sure that they are actually 
doing what they are intended to do and can in fact defend the 
plants. Perhaps NRC needs to consider establishing priorities 
for the facilities to be tested.
    Quite frankly, we have seen a common general approach that 
they take. They tend to look at plants in general, generically. 
But clearly when you come to vulnerabilities and you come to 
assessment of threats, you need to look much more closely and 
individually at plants and perhaps prioritize where you put 
your attention first. They need to carefully analyze test 
results if they detect any shortcomings in the facility's 
security, and, perhaps most importantly, be willing to require 
additional security improvements as warranted or as discovered.
    Mr. Chairman, this testimony, or the statement, provides 
our preliminary reviews. We'll be happy to respond to any 
questions you may have. Thank you.
    Mr. Turner. Thank you, Mr. Wells.
    [The prepared statement of Mr. Wells follows:]

    [GRAPHIC] [TIFF OMITTED] T8358.020
    
    [GRAPHIC] [TIFF OMITTED] T8358.021
    
    [GRAPHIC] [TIFF OMITTED] T8358.022
    
    [GRAPHIC] [TIFF OMITTED] T8358.023
    
    [GRAPHIC] [TIFF OMITTED] T8358.024
    
    [GRAPHIC] [TIFF OMITTED] T8358.025
    
    [GRAPHIC] [TIFF OMITTED] T8358.026
    
    [GRAPHIC] [TIFF OMITTED] T8358.027
    
    [GRAPHIC] [TIFF OMITTED] T8358.028
    
    [GRAPHIC] [TIFF OMITTED] T8358.029
    
    [GRAPHIC] [TIFF OMITTED] T8358.030
    
    [GRAPHIC] [TIFF OMITTED] T8358.031
    
    [GRAPHIC] [TIFF OMITTED] T8358.032
    
    [GRAPHIC] [TIFF OMITTED] T8358.033
    
    [GRAPHIC] [TIFF OMITTED] T8358.034
    
    [GRAPHIC] [TIFF OMITTED] T8358.035
    
    [GRAPHIC] [TIFF OMITTED] T8358.036
    
    [GRAPHIC] [TIFF OMITTED] T8358.037
    
    [GRAPHIC] [TIFF OMITTED] T8358.038
    
    Mr. Turner. One of the statements in your written 
testimony, it says NRC has already stated that the current 
design basis threat is the largest reasonable threat against 
which a regulated private guard force should be expected to 
defend under existing law.
    Now, we have been looking at, in addition to power plants, 
nuclear weapons facilities, and it has seemed to me that 
perhaps we are going about this backward. The design basis 
threats are being defined as a result of the resources that are 
available rather than the actual threat that exists. The 
statement that you have here in your testimony seems to 
indicate that the design basis threat is not a full evaluation 
of what the actual attack method or threat could be to a 
nuclear power plant, but is instead a review of what resources 
they have and what maximum capability that they would have to 
respond. Could you speak about that for a moment?
    Mr. Wells. Yes, sir. NRC in their own words have 
characterized their responsibility as a regulator which 
presents challenges, and they have used the word ``balance.'' 
They have a lot of concern for balance in terms of what should 
be required, what can be regulated. And they also have a 
responsibility to maintain a viable industry to deliver 
electricity to this country. Clearly, that involves choices and 
decisions.
    Our observation, having conducted several audits and 
continuing with our work, is that the NRC, as a regulator, has 
placed a lot of faith in what the licensees tell them. They 
also have to provide some trust level to the licensee. We have 
seen examples in doing our Davis-Besse work where that may not 
have been as valid as they should have been.
    So I think the question being asked today and the question 
that continually needs to be asked: What do you expect of the 
regulator?
    Mr. Turner. The paragraph that I'm referring to goes on to 
say that, also, certain potential vulnerabilities such as 
airborne assaults are currently being addressed outside of the 
DBT.
    Now, what it has seemed to me in reviewing the materials, 
that there is certainly--the responsibility for it is assigned 
outside of the design basis threat, but I'm not confident that 
it's currently being really addressed. Do you see any efforts 
that, outside the design basis threat, that there is 
coordination, that there is sufficient effort to actually 
respond to the threats that are beyond the box that they are 
currently dealing with with the design basis threat of the 
private guard force?
    Mr. Wells. Congressman Turner, NRC has given us access to 
the design basis threat. We are well aware of what the design 
basis threat, what is contained in the design basis threat. We 
are dealing with safeguarded security information that prevents 
me from actually discussing in terms of what is actually in the 
plan or not in the plan. We have asked them what they are doing 
in terms of considering airspace over the nuclear power plants. 
They have responded to us that they have contracted for, paid 
for, and have the results of a fairly significant study that 
they have done. They indicate it's classified. I cannot get 
into that today.
    Mr. Turner. I'm not asking about any information for you to 
disclose. I'm asking about the issue of coordination. It seems 
to me that the initial statement that we have in your written 
testimony is the design basis threat is a box that is based 
upon a private guard force and that they are not necessarily 
going beyond that.
    Then the next statement in the testimony is that with 
respect to airborne assaults and certainly, I would think, 
other issues that go outside of that box and what the private 
guard force would be able to do, which would require 
coordination with the DOD, we have also discussed NORTHCOM and 
NORAD. Do you see any evidence that coordination is effectively 
occurring, or is it just, as you relate, to other reviews, just 
a paper coordination going on?
    Mr. Wells. Let me respond that, as I said earlier, we are 
still conducting our work, we are still asking questions. I 
don't have a conclusion or a reaction for you. Factually, we 
are aware--as NRC stated this morning, they are talking to the 
FAA. We are aware that the nuclear industry themselves is on 
public record saying that is a defense that they don't believe 
is their responsibility, that is a national responsibility.
    So we will continue looking at and assessing the 
requirements that are in the DBT or not in the DBT. That is 
something we haven't done yet.
    Mr. Turner. One real quick followup question. In the 
testimony that we heard before, it was dismissed as to whether 
or not aircraft attacking these facilities are of any danger. 
That doesn't seem reasonable to me. What is your opinion of 
that?
    Mr. Wells. We had several words in our statement that was 
sent to the NRC for classification purposes, and those 
sentences and words were removed from the statement because of 
the security concern. They do have information on the study 
that they have conducted.
    Mr. Turner. It is an area that you are concerned with then 
also?
    Mr. Wells. Absolutely. We will continue our assessment of 
the vulnerability versus the design basis threat that's being 
put up against it.
    Mr. Turner. Thank you, Mr. Wells.
    Mr. Kucinich.
    Mr. Shays. Would the gentleman yield for a second?
    Mr. Kucinich. Sure.
    Mr. Shays. This is the statement you were going to give 
today?
    Mr. Wells. That's correct.
    Mr. Shays. Were there a lot of things taken out of your 
statement?
    Mr. Wells. No, there was not. There was a few word 
adjustments. We sent the entire statement, from my opening 
statement to the end of my statement, for classification review 
because we have a public obligation----
    Mr. Shays. I think that makes sense. That's not the issue. 
I just was curious if there was just one area.
    Mr. Wells. The area involved the airborne attack issue.
    Mr. Shays. OK. Thank you.
    Mr. Turner. Mr. Kucinich.
    Mr. Kucinich. Thank you.
    Mr. Wells, as Secretary of Energy, Secretary Abraham 
recently announced the formation of an elite specialized 
military-type team that would be used to test security at DOE 
facilities. Do you believe the NRC should follow suit and turn 
this function from what you have described as sleeping 
intoxicated guards into a government function?
    Mr. Wells. Unfortunately, I haven't done the audit work to 
support a conclusion to give you a straight answer. I know 
that's something that this chairman has asked us to continue to 
do and report on the end of this year, and we are continuing.
    Mr. Kucinich. Well, you have done the audit work on one 
part of the equation.
    Mr. Wells. Yes, we have, but not on the design basis 
threat. But clearly we are aware that there are different types 
of facilities. There is nuclear material. We are aware that the 
DOE has different classifications of types of material and 
different guard force versus private guard force. There are 
different issues between the agencies that could account for 
some differences between what's required. We just don't know 
how valid that fact is until we actually have a chance to look 
at it.
    Mr. Kucinich. I want to go over some territory here. You 
stated in your testimony that the October 2004 deadline for 
implementing the DBT is on schedule, but that this is based 
only on a paper review, and that the NRC cannot determine if 
the plans would actually protect the facility against the 
threat presented in the DBT.
    Mr. Wells. That's correct, sir.
    Mr. Kucinich. Is that correct?
    Mr. Wells. That's correct. We know that they are 85 percent 
complete with approving those or looking at those plants. But 
even when they are 100 percent approved, we still take our 
position that they only got what they got.
    Mr. Kucinich. Well, so then should the NRC be more involved 
in the oversight over the DBT implementation process?
    Mr. Wells. Absolutely. They have acknowledged to us that 
this is a first step, and they have step two and step three and 
step four. We just know it's going to take additional time 
before they can reach that assurance to the public that 
everything that has been put in place will work.
    Mr. Kucinich. And what kind of improvements has GAO 
recommended to be implemented in the NRC inspection program, 
and, why if they have, has the NRC resisted in making those 
changes?
    Mr. Lightner. There are two open points from our report 
from last September that NRC has not taken action on. I believe 
they have been discussed earlier. But the one has to do with 
followup on security violations that were noted. Particularly 
we're concerned with something called noncited violations which 
are followed up by NRC only as part of a sampling process. And 
as stated earlier, I believe our difference with them is over 
what is significant and what isn't.
    NRC cites these as noncited violations primarily because 
they have occurred less than two times in the prior year. I 
believe our concern is that even if they occur once, and they 
are significant, such as falsifying records related to guards' 
checkpoints or a sleeping guard, that they are significant and 
should be followed up on in every case to make sure that this 
doesn't happen in the future.
    Mr. Kucinich. So you then challenge the underlying 
assumption which the NRC has about what's significant?
    Mr. Wells. That's correct.
    Mr. Kucinich. And let's go a little bit deeper into this. 
Are you saying that their assumptions contain within them 
potential threats to the security of nuclear power plants?
    Mr. Wells. Noncited violations, if a guard is sleeping or 
unauthorized individuals are allowed access in secured areas, 
falls directly in security. I don't know how else to say that.
    Mr. Kucinich. So is that a yes?
    Mr. Wells. It certainly raises concern. Yes.
    Mr. Kucinich. Thank you.
    Mr. Turner. Ms. Watson.
    Ms. Watson. I'm going to quote from some information in 
your report, and you can tell me if it's accurate or not. And 
it says, for example, the plans do not detail defensive 
positions at this site, how the defenders would deploy to 
respond to an attack, or how long the deployment would take. In 
addition, NRC is not requesting and the facilities are 
generally not submitting for review the documents and studies 
supporting the draft security plans.
    Can you comment on that?
    Mr. Wells. The best way to comment would be to describe a 
plan; a plan is approximately 150 pages long for a single 
plant; 80 to 85 percent of the information is a template in 
which the licensee responds and checks a box yes or no.
    An example is the requirement that lighting be sufficient 
so that guards can see someone at night? The licensee would 
respond, yes, we have lighting.
    I know I'm oversimplifying this a little bit, but I'm 
giving you the implication of the template nature of the plan 
that's developed. Basically, what the licensee is doing is 
certifying to or committing to the NRC that, when they get out 
there to look, with all the details, they will find that the 
licensee is committing that they will have something in place 
that will meet all the template requirements that NRC is 
imposing.
    That's the nature of the plan that we've looked at. It does 
not describe where the guard tower is, the location of the 
guard tower. It does not describe that. It just says we have 
guard towers.
    Ms. Watson. Yeah, but they might be in New York City, you 
know. I'm not comfortable with where we are now, and I 
definitely am not comfortable with my constituents' security. 
And within the State we do have nuclear power plants.
    Are you, as an agency that goes in and accounts for 
resources and so on, satisfied that we are where we need to be 
at this time, this point in time?
    Mr. Wells. In regard to the Nuclear Regulatory Commission?
    Ms. Watson. Yes.
    Mr. Wells. We have issued two reports. We are going on our 
third report. And in each of those reports we have surfaced 
concerns and made recommendations that we suggest could improve 
government operations and regulatory issues with the NRC. So we 
are doing what we can to raise these issues and to recommend 
fixes.
    Ms. Watson. But are you satisfied with where the NRC is? 
This is September 2004. Are you satisfied, September 2004, that 
we are where we should be?
    Mr. Wells. NRC needs to be given a lot of credit. They have 
done a lot of things as quickly as they possibly can under 
their requirements. I have to be careful in answering that 
personally, I would always like things to be done faster. And I 
agree with the chairman to say that 14 months to design the 
DBT, allowing another year to put it in place, seems like an 
awful long time. But we are dealing with a regulatory agency 
that has public concerns; they are facing lawsuits about 
whether they do rulemaking, whether they do orders.
    I understand the challenge they have. Personally, I would 
hope that the intensity level, as the chairman referred to, 
perhaps could be moved forward. I encourage the NRC to ask the 
DOE why they were able to do a revision to their DBT so 
quickly. And in lessons learned, if there is something DOE did 
that the NRC could use, I would suggest that they pay attention 
and try that.
    Ms. Watson. And let me just say that I heard the word 
``resources,'' but I didn't hear the elaboration. Are they 
lacking the resources to work in a more speedy fashion?
    Mr. Wells. Clearly, the NRC has gotten a mandate and a 
mission to be a regulatory agency that is a commission that's 
funded by the industry. So there has always been this fine line 
between, we have an obligation to require our regulators to 
regulate an industry and how to go about doing that. There has 
always been resource constraints and issues involved with the 
NRC in terms of how much resources they have to effectively get 
the job one. And it's a very tough balance that they face.
    Ms. Watson. See, that kind of gives us a hint as to what we 
as policymakers, hello, who have the oversight, should be 
doing. And we, working with industries, nongovernmental, you 
know, ought to realize that they are not going to move unless 
they have the resources necessary.
    So thank you for your statement. And I will yield back the 
balance of my time.
    Mr. Turner. Mr. Chairman.
    Mr. Shays. Thank you.
    I think you are being very fair to the NRC. I mean, you 
said they responded quickly and decisively to the September 11, 
2001 terrorist attacks, and multiple steps to enhance security 
at commercial and nuclear plants. It gives, to me, more 
credibility when you point out some of what they aren't doing.
    I do think there is some value in looking at parallels 
between what DOE is doing. What I'm getting a feeling of--and I 
would love you to explain this concept of orders versus 
rulemaking. The Secretary of Energy can basically say, damn it, 
just do it. And, you know, admittedly bureaucracies take a 
while, but doesn't the NRC have the capability to say let's do 
it? No more 2 years, no more whatever, just get the job done 
and do it quickly. Do they not have that capability?
    Mr. Wells. Mr. Chairman, I'm not a lawyer, but I believe 
that they do have wide discretion in orders that they can 
issue, advisories that they can issue. There is a line between 
what's voluntary implementation by the industry and what's 
required of the industry. However, I do know that they are 
facing several lawsuits challenging the right to issue just-do-
it orders.
    Mr. Shays. By these companies?
    Mr. Wells. By public interest groups.
    Mr. Shays. Well, by public interest groups that are unhappy 
that they are not moving quickly. Are the companies taking 
challenges to the----
    Mr. Wells. I'm not sure who the----
    Mr. Shays. Well, I mean, with all due respect, I mean, I 
might be one of those people going after the NRC as well if 
they are not moving quickly. I mean, we are really talking 6 
years from September 11th to when the design basis threat is 
going to be shown at least in one experience at each plant. So 
your basic point to us is that this is pretty much a paper 
review today. Do you stand by that?
    Mr. Wells. I do. Step one has been a paper review.
    Mr. Shays. I mean, there isn't any real-life stuff going on 
to make sure it's happening yet.
    Mr. Wells. We have been recently made aware that they 
visited four or five places to ask some questions about what 
was actually in the document.
    Mr. Shays. Well, we have 65 places they could visit, and 
they have gone to four or five places?
    Mr. Wells. That's correct.
    Mr. Shays. So, I mean, we are not even talking about the 
efforts to break the integrity of the plant and those 
exercises; we are just talking the NRC just going there and 
checking it out firsthand.
    Mr. Wells. That's correct.
    Mr. Shays [presiding]. OK. So they are going to rely on the 
force-on-force, but they haven't started that yet.
    Now, what I think is pretty stunning is your statement on 
page 13, where you talk about instances of security guards 
sleeping on duty and security officers falsifying logs to show 
that it's been checked--had checked vital areas and barriers 
when he was actually in a part of the plant, for example--were 
treated as non-cited violations. The whole issue of non-cited 
violations that was raised by my colleague, who gets to decide 
whether they are noncited violations?
    Mr. Wells. The NRC.
    Mr. Shays. Now, what would be the logic for making them 
noncited? Tell me the logic. What would be their argument?
    Mr. Lightner. In a NRC letter responding to our last 
report, they wrote to us, ``the use of noncited violation 
contributes to an environment that fosters licensee's self-
identification and correction of problems, an important 
organizational behavior that NRC encourages.''
    It's our understanding that this is the philosophy that 
they have and that they want the licensee to identify and 
correct the problems that----
    Mr. Shays. So you think if they make them cited, they won't 
do it? They won't share it? I'm missing the logic.
    Mr. Lightner. I believe it's a difference in philosophy 
between maybe NRC and the GAO.
    Mr. Shays. Well, we'll have them explain the philosophy.
    Mr. Lightner. Based on these statements and their response 
to our report, I believe they believe that it's the 
responsibility of the licensee--they would like the licensee to 
find as many problems as they can and correct them. And we 
wouldn't disagree that's a good thing for them to be the people 
onsite to find and correct them.
    Mr. Shays. So what I'm reading in that is if they cite 
them, they will be less inclined to share them and disclose 
them?
    Mr. Lightner. No, I don't think so. I think they just want 
them to be aware of the problems and correct them. Our view is 
that's fine, except we believe a regulator should be aware of 
what the problems are and be right on top of the correction and 
followup on those to make sure they do the job.
    Mr. Shays. So we basically have a grade; it's either cited 
or non-cited. It's either a pass/fail? I don't mean pass/fail, 
I mean, a cited violation evidently is significant.
    Mr. Wells. It is significant, and they would do followup 
and they would verify in fact that it's been corrected. If it's 
a noncited violation, they would trust and have faith that the 
contractor has said I fixed it, and then the NRC would not 
necessarily do a followup to verify. They may do some sampling 
a year so later to see if it was.
    Mr. Shays. Is that because the commercial enterprise was 
the one to find the----
    Mr. Wells. It could go either way. The NRC could find it or 
the licensee could find it, and it could both be noncited. Part 
of it has to do with NRC's regulatory philosophy that they are 
to provide oversight, not necessarily to be there on a day-in/
day-out basis critiquing the operation of the nuclear power 
plant. There is a reliance on the operators to do a good job 
and fix things as they find them.
    Mr. Shays. Right. Are they prevented if it's a noncited 
violation from verifying that it's been fixed?
    Mr. Wells. They are not prevented. If it happened to fall 
in their sample and they went out and looked and found that it 
was not corrected, I assume that there would be consequences to 
the licensee for not fixing it, or to the licensee who might 
have said, yeah, we did fix it, but they didn't.
    Mr. Shays. Well, it seems to me, as you said, this 
classification tends to minimize the seriousness of the 
problem, which it certainly does. Non-cited violations do not 
require a written response from the licensee and do not require 
NRC inspectors to verify that the problem has been corrected.
    Mr. Wells. That's correct.
    Mr. Shays. But it's really two parts. They don't even have 
to do a written response.
    Mr. Wells. No. That's correct.
    Mr. Shays. I find that very surprising. I mean, really 
surprising. The NRC used non-cited violations extensively for 
serious problems, thereby allowing the licensee to correct the 
problem on their own without NRC verification of the 
correction.
    So your point to us, which I think is serious, is that 
these are serious violations there also. And you stand by that?
    Mr. Wells. I do.
    Mr. Shays. Consequently, NRC may not be fully aware of the 
quality of security at a site, and the lack of followup and 
verification reduces assurances that needed improvements have 
been made.
    I just would totally accept that as logical.
    Let me just ask you, could someone find out how much time I 
have for the vote? Just check the TV.
    That tells me that licensees are commercial 
enterprises,correct? And I have nothing against commercial 
enterprise. I happen to believe in it. That's one reason I am a 
Republican.
    Mr. Wells. That's correct.
    Mr. Shays. But what I don't quite understand--am I to infer 
that they, in a sense, compete, that they view themselves as 
competitors and not sharing information? I mean, lessons 
learned is what I deeply care about. Are they sharing 
information with their competitors about screw-ups they have 
done in their own plants?
    Mr. Wells. That would be an excellent question to ask the 
industry folks that are on the third panel. We at GAO haven't 
done any specific work to look at sharing of information, but 
there is a lot of proprietary information out there. No 
question about it.
    Mr. Shays. OK. Well, I believe you have done a helpful job. 
I sense that you are using your words in a measured way, which 
makes me think that we need to pay more attention to them than 
we may be. Is there anything you want to put on the record? Is 
there anything that we should have asked that we didn't that 
you wish we had asked?
    Mr. Wells. I think the continuing oversight by the Congress 
of the Nuclear Regulatory Agency is something that is 
important. They have a very important responsibility that's 
greatly increased since September 11, 2001, and I think the 
public deserves a lot more openness about where we are and 
what's happening. And I understand the security needs, but I 
also, you know, am sensitive to even as auditors going into an 
agency, a regulatory agency like the NRC, that sometimes I 
don't feel like we are getting as much cooperation in terms of 
trying to improve government operations as opposed to only 
trying to minimize how they answer our questions.
    Mr. Shays. Yes.
    Mr. Wells. So I would hope that we and the future 
Commissioners of the NRC can work something out from an 
operating procedure because we are in this together to try to 
find out a better way to regulate a commercial nuclear industry 
that doesn't share a lot of concern about what may happen in 
the future from terrorist attacks. So we are there to help, and 
I am looking forward to that improved operation and working 
relationship.
    Mr. Shays. Well, I think that you have earned that right to 
expect that.
    Thank you.
    Mr. Wells. Thanks, Mr. Chairman.
    Mr. Shays. That is a very measured report. I appreciate 
that.
    I guess I am the chairman now for a second. I would just 
say to our first panel, you will be the first that we will call 
back as soon as we get back from voting. You really have about 
20 minutes, if anybody wants to go downstairs and get something 
to eat. I think that it will probably have three more votes. I 
don't think we will keep you here that long. So I thank you all 
very much.
    We stand in recess.
    [Recess.]
    Mr. Shays. We are back to order.
    Both witnesses have been sworn in, and we sincerely 
appreciate you all waiting.
    We do have some questions we would like to ask you based on 
the GAO's report. I would say to you that in my judgment, when 
you get into these issues of nuclear security and so on, you 
can really make things pretty sensationalized because the 
consequences can be quite significant. I view the GAO as 
someone who took no cheap shots, just came out with some 
concerns. I would like you to address them.
    I need to have you explain to me, if you would, Mr. Reyes, 
why we are not seeing cited complaints and a written response 
to them as discussed in the report by the GAO.
    Mr. Reyes. The NRC requirements on violations, whether they 
are safety or security, is a graded approach.
    Mr. Shays. Are what? I'm sorry.
    Mr. Reyes. Graded approach. In other words, for more 
significant violations, the licensee is required to provide an 
original response if appropriate.
    For the noncited violations, which are the violations of 
lesser significance, we do not require them to send us a 
document. What we do require them is to put in their corrective 
action program. They have a program that is required by their 
quality assurance program to note any deviation or any 
violation of any requirement and to track the corrective action 
into full implementation.
    Now, for significant violations, we do follow with NRC 
inspectors to confirm that all of those actions were taken and 
that they are effective. For the minor significant violations--
we call them noncited violations--we do it on a sampling 
process.
    Now, that doesn't mean that we don't know what's being 
done. See, I think there's a misconception that for those 
violations that we don't do a complete detailed followup we 
don't know what's been done. See, at every power plant in the 
country, the NRC has an office and has inspectors that live in 
the community and work there every day and interface with all 
of the employees at that station. So we do know, in general 
terms, what those that we didn't sample, the corrective actions 
were and what is being done. But we didn't send any specialist. 
We call them----
    Mr. Shays. I should have known that, but you are saying you 
actually have someone onsite?
    Mr. Reyes. We have more--there are two NRC inspectors at 
each fuel--nuclear power plant and the field officers NRC----
    Mr. Shays. I knew they were there. I didn't know they were 
specific onsite.
    Mr. Reyes [continuing]. Physically onsite on the facility. 
They live on the community. They have unfettered access to any 
part of the nuclear power plant.
    Mr. Shays. So they don't have any operational 
responsibility. They can just walk wherever the hell they want.
    Mr. Reyes. Exactly right. At any time of day and night.
    Mr. Shays. That sounds like an interesting job.
    Mr. Reyes. I used to be one when I earned an honest living, 
and I loved it.
    Mr. Shays. It doesn't sound like an honest living.
    Mr. Reyes. It was. It was protecting public health and 
safety. But, at the same time, you have hands on and the real 
activity that was going on in a facility.
    Mr. Shays. How do you avoid not developing such a personal 
relationship that you kind of close your eyes?
    Mr. Reyes. Very good question. We have a policy that we 
require them--first of all, there be two of. And the maximum 
time they can stay at one facility is 7 years, and we force 
them to rotate from one facility to another.
    Then we have requirements from the supervisors from the 
regional offices to visit them at least quarterly to make sure 
there is--we call them objectivity reviews to make sure that in 
fact they are not being either unfair one way or the other. You 
can go either way.
    Mr. Shays. OK. It is a strange terminology to call it minor 
significant violation, which is what you said. It sounds like 
you have three gradations here. But if it's significant, why is 
it minor? And if it is minor, why is it significant?
    Mr. Reyes. Maybe the terms are confusing. What we do, this 
panel that we referred to earlier, which is representative from 
all of the field offices and the headquarters program office, 
has guidelines in terms of the significance of the violation, 
and we--one of the categories, the lowest category, is called 
noncited violations, and I believe that's the one that GAO was 
referring to.
    Mr. Shays. Right.
    Mr. Reyes. That we don't specifically follow through by 
sending inspectors to check every one of them. We do it in a 
sample approach.
    Mr. Shays. Is someone who is falsifying papers, is that a 
significant violation?
    Mr. Reyes. I am going to have to defer----
    Mr. Shays. Yes, talk to me a little bit about how you 
decide what is a cite, what isn't----
    Mr. Zimmerman. Good question.
    Mr. Shays [continuing]. And who decides.
    Mr. Reyes. We decide.
    Mr. Zimmerman. It comes back to the panel that we talked 
about.
    Mr. Reyes. NRC panel.
    Mr. Zimmerman. NRC panel made up of representatives from 
each region and from our headquarters in Rockville. And what we 
look at, is it an isolated case or does it permeate the 
organization?
    Mr. Shays. Right.
    Mr. Zimmerman. That's one of those factors that can help 
determine the significance of the item. How long has this been 
going on? Is this the first time it's been done? Or through our 
investigations--we have investigators. When we have a concern 
that potentially could be problematic in nature, we could use 
our investigators to come out and get additional information.
    But the length of duration, what could have happened with 
the fact that this record of this door was not checked. If the 
door is alarmed and this was a belt and suspenders and the 
individual didn't check the door, but there is no reason to 
suspect the door all of a sudden isn't working properly, does 
it work well afterward and before? And you check it afterwards, 
and it is still working, and it doesn't have a history of 
problems, a reasonable person could likely say that door 
probably would have worked, the belt and suspenders weren't 
there, but the door was still secure, as was the vital--those 
types of dialogs back and forth weighing the significance of 
this item is what this panel does.
    A comment I didn't make in our earlier session of this is 
there was dialog that you had with GAO. Well, maybe this is a 
difference of opinion between what is a minor violation----
    Mr. Shays. Right.
    Mr. Zimmerman [continuing]. And what significance is.
    One of the things we are planning on looking at, because we 
have a review going on of what we call our significance 
determination process, which really is the hierarchy document, 
and we are piloting that activity right now. And it's 
possible--I don't know what the results will be, but it's 
possible that we may change some of our thoughts with regard to 
where that break point is between something being minor and 
something being more significant. That's an activity that we 
started in the July timeframe.
    Mr. Shays. Let me yield such time as he may consume--not 
yield, let me give him the floor.
    Mr. Tierney. Thank you, Mr. Chairman.
    I would almost like to ask you a broad question. I would 
say that to the end I am still a little concerned with your 
force-on-force aspect and the finding that Wackenhut had 
knowledge that stand-by personnel had been used in test 
performances in the past. It seems that people were sort of 
trailing other people just to get the idea of where they might 
go and some of the information that would have been held inside 
and was not. Tell me why we shouldn't be concerned about that?
    Mr. Reyes. Let me give you the three major points; and 
then, if you need more details, I know Mr. Zimmerman has a lot 
of details.
    But I think you need to remember, and I made that point 
earlier, DOE operates and regulates itself. In the case of the 
nuclear industry, commercial nuclear industry, we are the ones 
who do the oversight for those facilities. So when you bring 
the adversaries to do the force on force in this case you are 
talking about--is employees of this Wackenhut corporation. We, 
the NRC, review that in fact those individuals did the right 
thing. So we are the ones who are accepting their credentials 
and are they ready to do the test. We, the NRC, determine what 
the venue is that will be. And we are there in large numbers in 
the preparation and conduct of the test, and--as it is the NRC 
who decides whether the performance was acceptable or not.
    Mr. Tierney. But still, apparently, someone still got the 
heads-up of how it was going to be done, what the attack would 
look like and be prepared for it.
    Mr. Reyes. But that is the Department of Energy example 
from the IG findings, and we are aware of those IG findings, 
and we have already trained our inspectors to look for those 
kinds of issues.
    Mr. Zimmerman. I think in the earlier session we talked 
about what we do every 3 years, where we will be with the 
adversary----
    Mr. Tierney. Check that.
    Mr. Zimmerman. I will get back to you. Check the miles 
front and afterwards and all the things we do, the sensitivity 
we have toward it. Then we have the annual exercise that the 
licensee does, and I believe that we plan on observing those, 
but I want to make that distinction between those two different 
types.
    The understanding that I have been given is at Y-12 it was 
not the DOE standard force on force where this occurred. It 
wasn't like our 3-year exercise. It was the off-year activity 
being done by the site, so that it had less oversight, less 
controls. It doesn't make it right, doesn't make it right. But 
I wanted to clarify for you that if in your mind you are 
looking at it and saying that equates to the NRC's 3-year force 
on force, I am trying to clarify that is not the----
    [The information referred to follows:]

    [GRAPHIC] [TIFF OMITTED] T8358.039
    
    Mr. Tierney. I understand that. That we don't do those for 
every 3 years leads me to believe we ought to be concerned less 
about the annual periodic checks, that those don't occur 
either.
    I am real concerned about these private enterprises 
policing themselves even if they aren't monitored by the NRC. 
It is like the fox watching the chicken coop here. I have a 
real problem with them doing the training and them deciding 
what the hours are going to be and them deciding what the force 
on force is going to be, even if they have your supervision----
    Mr. Zimmerman. They don't decide.
    Mr. Tierney [continuing]. Your decisionmaking. There are 
examples of that information getting out and not being done 
right, and it is troublesome.
    Mr. Zimmerman. I understand the perception. They are not 
deciding anything. They are not deciding what path they are 
going to take. This is scripted by the NRC saying this is the 
path that you are going to take. The people doing it are our 
contractors.
    Mr. Tierney. That's every 3 years.
    Mr. Zimmerman. Every 3 years.
    Mr. Tierney. The annual ones--which I would imagine are 
just as important--that is not the case.
    Mr. Zimmerman. And the benefit of having a contract 
organization such as Wackenhut organization in place is that if 
I am one of the individuals who was selected to be on the 
composite adversary force I am going to learn an awful lot. Now 
I am going to take it back to my site and enhance the 
performance of those annual exercises, and I am going to bring 
back best practices associated with where I have been.
    Mr. Tierney. I am not sure I buy that, Mr. Zimmerman. But, 
you know, I hear what you are saying, and I respect your 
opinion on that. But I am not sure I buy it.
    Mr. Zimmerman. Let me add one in closure----
    Mr. Tierney. Sure.
    Mr. Zimmerman [continuing]. That will make you feel a 
little bit better. If it turns out the NRC is not satisfied 
with the performance of this group, we are going to do it 
ourselves. The Commission has told us that.
    Mr. Tierney. But that is every 3 years.
    Mr. Reyes. He means the whole concept. The Commission is 
trying this approach right now. He is talking about the whole 
concept of Wackenhut supplying the adversaries. The Commission 
hasn't ruled out that we will have this--that this is the only 
way to go. We are doing this. The Commission can change their 
mind and say, no, we are going to do it differently.
    Mr. Zimmerman. The first use of this composite adversary 
force is occurring this week. This week is the first time it 
will be used in force on force. It will be on strength. If it 
doesn't meet our standards, then they will hear about it and 
the industry will hear about it. If there is the need for 
course corrections, they will be made.
    Mr. Tierney. I have serious concerns on that. I would be 
interested if you would report to this committee what you find 
after that goes on and give us some detail on that.
    Mr. Zimmerman. I will do that.
    [The information referred to follows:]

    [GRAPHIC] [TIFF OMITTED] T8358.040
    
    Mr. Tierney. I would greatly appreciate that. That is one 
of the overriding concerns that I have, is that we are really 
not in charge of every aspect of who is in there providing 
security.
    I don't want to use up too much of the time here.
    Mr. Shays. I would just have a question--the gentleman 
yields the question.
    Mr. Tierney. Now you have heard other people testifying 
here this morning. What do you think are the serious concerns 
that they raised and what is your response to those most 
serious concerns?
    Mr. Reyes. GAO audits are not complete, and they haven't 
visited the facilities. We are concerned that you are giving 
the impression that all they do is a paper review. We tried to 
bring some pictures.
    Mr. Tierney. Correct me if I am wrong. You haven't visited 
all the facilities either?
    Mr. Shays. I have to show you the pictures. The pictures to 
me were confusing.
    Mr. Reyes. OK. We cannot show you----
    Mr. Shays. I don't understand why I should be impressed 
with someone who has a gun and a helmet on. Why would I feel 
good about this?
    Mr. Reyes. The physical barrier?
    Mr. Shays. Yes.
    Mr. Reyes. See the physical barrier, the pop-up barrier?
    Mr. Shays. Yes.
    Mr. Reyes. When GAO says that all that is going on is 
paper--we are trying to say there are physical changes at these 
facilities in the field. Now we couldn't bring pictures of 
everything.
    Mr. Shays. OK. Tell me this----
    Mr. Tierney. I think the concern was that you determined 
that those physical things were through a paper review in all 
but about four to six instances.
    Mr. Shays. And, again, if the gentleman would yield just 
for a second. So this is the barrier.
    Mr. Zimmerman. A barrier.
    Mr. Reyes. Yes. A pop-up barrier.
    Mr. Zimmerman. It rolls down and pops up.
    Mr. Shays. All right. I am not impressed.
    Mr. Reyes. But that is not a paper issue. I mean, there are 
physical barriers there.
    Mr. Shays. What does this tell me?
    Mr. Reyes. You say that--bullet resistance.
    Mr. Zimmerman. Up. There you go.
    Mr. Reyes. That is a strategic point to show the 
adversary--I can't go into details but made out of 
bulletproof----
    Mr. Shays. It is totally bulletproof.
    Mr. Reyes. Yes, sir.
    Mr. Shays. That is helpful. I didn't know that.
    Now this one.
    Mr. Zimmerman. Same thing.
    Mr. Reyes. Same thing. That is another strategic point. And 
we can't tell you how many officers.
    Mr. Shays. What brings down something like this? It would 
have to be a grenade launch or a rocket?
    Mr. Reyes. You would have to have a sizable weapon.
    Mr. Shay. OK.
    Mr. Reyes. So our only point was trying to make that there 
are physical changes there. We couldn't bring you all the 
pictures. We really invite the committee or any of the staff on 
the committee to go and visit. Because in this forum we can't 
go into the details. But it's more than paper. We were 
surprised that they are characterizing it as that.
    Mr. Shays. Is the gentleman also going to get into the 
issue, I hope?
    Mr. Tierney. Just jump in.
    Mr. Shays. No, I just wonder if you were going to pursue 
your questioning on the quality of the people.
    Mr. Tierney. I don't know if you are going to bring that up 
or not. I am concerned and interested--I don't know whether I 
am the only one concerned about the quality of the people that 
are actually in there as security personnel. You know, the 
background check. Who is going the background check? How in 
depth it is. Who does their training? Who observes the 
performance on the job? Who determines whether or not they are 
properly proficient in weapons? Who determines that they are 
showing up on time, doctoring records, doing all those things?
    Mr. Reyes. The background checks are all done by the Feds. 
In other words, the FBI processes the fingerprints.
    Mr. Tierney. So anytime Wackenhut or anybody else wants to 
hire somebody they have to check them through the FBI?
    Mr. Reyes. Yes, sir. Yes, sir. The psychological test is 
done by a contractor to the facility, but it's a doctor with 
his own credentials to go through that.
    Now we are the ultimate who reviews that. Our inspection is 
called access controls. Contrary to what you heard here from 
GAO, we conduct those all the time and they are being conducted 
as we speak. So we are there where the rubber meets the road 
doing those inspections.
    Mr. Zimmerman. Background checks are more rigorous and more 
frequent than it is for other individuals that have vital area 
access because of the fact that these individuals are armed.
    Mr. Reyes. Yes, the armed individuals receive a more 
thorough review.
    Mr. Tierney. Do you have any of the concerns raised by the 
Department of Energy or the GAO?
    Mr. Reyes. The recommendations, you mean?
    Mr. Tierney. Yes.
    Mr. Reyes. We take them seriously. We have endorsed some of 
them. We have implemented some of them. Others we are still 
considering. We just haven't gotten to them and haven't ruled 
them out.
    Mr. Tierney. Thank you.
    Mr. Shays. Thank you.
    I would just like to ask, and do this real quick because I 
want to get to the next panel, but I think you have been very 
responsive. I don't get a sense there are consequences if bad 
things happen. So make me feel good about consequences.
    First off, anyone who was inebriate, drunk, they are fired, 
right?
    Mr. Reyes. Yes, sir.
    Mr. Shays. OK. And then there is the question as to how 
that would have happened. So you don't want a written 
explanation from--why wouldn't there be at least a written 
explanation?
    Mr. Reyes. There is an aside. We know that the individual 
was fired. Typically, it was by the supervisor observation 
program. The supervisors of these individuals are trained to 
observe behavior. So the way it is found out is typically we 
have a report that a supervisor requests it for cause, testing 
of an individual.
    We know an individual is no longer aware, and we are aware 
of the corrective actions we are taking over all of the 
facility. We may not send an inspector just to review that in 
detail. Our inspectors onsite are aware that this individual is 
not coming back, and they are in discussion with the other 
security guards, and that's why we have the inspector at the 
plant who has access to all 1,000 employees. They know and they 
ask, do you know what happened, and make sure that word gets 
out that is not tolerated. We do have indirect means to 
confirming it. I think there is a misnomer on----
    Mr. Shays. Wait. If you have people onsite, it seems to me 
you are able to check it the next day. That's why I am 
beginning to think, if you have people onsite, they are aware 
of the citations, correct?
    Mr. Reyes. Yes.
    Mr. Shays. Don't they write you a note and say this has 
been corrected?
    Mr. Reyes. If we go and follow it, they do. But we have a 
very prescribed inspection program that includes safety and 
security. And we want them to go in the control room and we 
want them to check the safety pumps. It is just a matter of 
make sure you are putting your resources where the highest 
safety and significance matter is.
    Mr. Shays. I would think that the people onsite would be 
asked to verify any citation, every criticism in the plant. I 
would think that's what they need to do. And I would think they 
need to write a report on everyone. I mean, it just seems like 
a no-brainer. They are there.
    Mr. Reyes. They are busy. And they write a report. And the 
most significant ones, they are aware of the other ones.
    Mr. Shays. How difficult is it to followup on a complaint 
and check it out? They could do it in an hour or two, couldn't 
they?
    Mr. Reyes. Well, it typically takes more than that.
    Mr. Shays. Better they do it than no one do it.
    Mr. Reyes. But we do it, sir, on a sample basis. We do.
    Mr. Shays. I am going to have that explained to me later. I 
am impressed you have people onsite. I am not impressed that 
they are not following up on cited complaints or noncited 
complaints.
    Anything else you want to put on the record that you would 
like to--yes.
    Mr. Zimmerman. I just want to make a comment--I guess maybe 
two comments, maybe one on legislation. But the comment I want 
to make is that I got the sense from reviewing the hearing from 
last year and from sitting here today that a number of the 
members of the committee have a concern that we don't worry 
enough, that we are complacent, why aren't we laying awake at 
night?
    And I want to tell you that we are laying awake at night, 
that we are very concerned, that this agency is about 
continuous improvement and that we are constantly looking and 
working very long hours in an effort to get out in front of 
those that mean to do us harm.
    So there's a very--I am very proud of the staff at the NRC, 
and we are very much focused, again, on trying to search for 
continuous improvement, and we are not lackadaisical. We are--I 
am not saying that we are, but, again----
    Mr. Shays. I think you have judged us fairly well in terms 
of our concern.
    I have a feeling that the way we set up DOE, we have those 
who promote and those who are looking to be the inspectors and 
to do security. And I feel for some reason we still don't have 
that separation with NRC. I don't know why we don't.
    Mr. Zimmerman. That's why I am raising it. I am trying to, 
in words at least, say it--and then through everything that we 
have tried to do in our explanation. Because we are not sure 
that our issues have stuck.
    Mr. Shays. I think you are going to have a hard time 
convincing us in that area. By setting up a separate 
organization, there will be some natural tensions that I don't 
think exist within the NRC, and so I think you are going to 
have some real skepticism on our part about that. And so I 
understand that you have divided responsibilities. That's the 
challenge.
    Mr. Reyes. I just want to thank the committee for inviting 
us here. We are looking forward to coming back and keeping you 
updated on the action we are taking. We do want to ask your 
support on the legislative request that we have in front of 
Congress. It is of the most importance, that those laws are 
passed so we can protect our nuclear power plants better.
    Thank you very much.
    Mr. Shays. Hold on 1 second. OK. I want to put it on the 
record. I would like you to just ask this question or make this 
point and have you react to it.
    Mr. Halloran. This is the point that I think you made 
before, in terms of the zeal of the regulatory effort. DOE is 
an operator of sites, NRC is a regulator, so you are 
necessarily one step removed from turning the knobs and----
    Mr. Reyes. We are.
    Mr. Halloran [continuing]. And putting up the fences. So 
that dictates some different operational structures and ways to 
get things done, doesn't necessarily demand a lesser intensity 
level, but I think it does require a different approach.
    Mr. Shays. See, I think he gave a better answer than you 
did. He made a better defense of your case, I think. I wanted 
to put it on the record. I am making an assumption. I made a 
parallel in which I am being challenged, and that is that the 
parallel isn't the same--that you are a regular. I guess, I 
also view you as promoters of the industry. I do feel that way. 
So, at any rate----
    Anything else to put on the record?
    Mr. Reyes. No. We want to reinforce the legislative request 
that we have then. We really need those legislative 
enhancements.
    Thank you very much.
    Mr. Shays. Don't be offended I said he did a better job. He 
is a really bright guy.
    Mr. Reyes. No, we are not.
    Mr. Shays. Thank you for waiting, and I appreciate your 
willingness to fit into our needs. Thank you very much.
    Mr. Reyes. Thank you.
    Mr. Shays. I will call on our last panel--thank you for 
being here.
    Mr. Alex Matthiessen, director, Hudson Riverkeeper, 
Garrison, NY; Mr. David Lochbaum, the Union of Concerned 
Scientists, based in Washington, DC; and Mr. Marvin Fertel, 
vice president and chief nuclear officer at Nuclear Energy 
Institute.
    With that, if you would--thank you for standing.
    [Witnesses sworn.]
    Mr. Shays. I would note for the record our witnesses 
responded in the affirmative.
    Mr. Fertel, you were a dead giveaway in the audience 
because any time the Commission made a comment that you liked 
you smiled broadly, and I thought--you would not be a good 
poker player, sir.
    Mr. Fertel. I am just too straight.
    Mr. Shays. OK. Well, that's a good answer.
    All right. Mr. Matthiessen, we will start with you; and we 
will just go right down the line. Thank you very much.
    Mr. Matthiessen. Terrific.
    Mr. Shays. Nice to have you all here.

 STATEMENTS OF ALEX MATTHIESSEN, DIRECTOR, HUDSON RIVERKEEPER, 
 GARRISON, NY; DAVID LOCHBAUM, UNION OF CONCERNED SCIENTISTS, 
  WASHINGTON, DC; AND MARVIN FERTEL, VICE PRESIDENT AND CHIEF 
   NUCLEAR OFFICER, NUCLEAR ENERGY INSTITUTE, WASHINGTON, DC

    Mr. Matthiessen. Thank you for having me, Chairman Shays, 
members of the subcommittee. Thank you for the opportunity to 
once again testify on safety and security at Indian Point; and 
thank you, Congressman Shays, for your leadership to date on 
this issue.
    I also want to say I was very encouraged by the line of 
questioning, questions that we heard from members of the 
subcommittee today.
    Riverkeeper is not and has never been an anti-nuclear 
organization. Our campaign aims only to minimize the risks 
associated with the Indian Point nuclear facility and by 
necessity aid in the reform of those Federal and State agencies 
and policies governing the plant.
    Three years after September 11, Indian Point still is 
unprepared to repel an attack from the air, land or water or a 
combination thereof. While improvements have been made at the 
margins, there remain gaping holes in Indian Point security. On 
the ground, current guards tell us that in some areas security 
at the plant is worse than it was before September 11, 2001. 
The spent fuel pools remain largely unprotected.
    Mr. Shays. Let me just say something to you. When you make 
a comment like that, this is a comment that you are saying 
under oath. So this is not casual comments, correct?
    Mr. Matthiessen. No.
    OK. This is based on conversations that I have had with a 
current security guard at the plant, and he is relaying, in 
turn, comments that he has gotten from other guards.
    Many of the best-trained and most-experienced guards have 
been fired or have quit. This is according to the guard's 
report that we have heard only a week and a half or 2 weeks 
ago--morale is low, and guards say they feel no obligation to 
stay on their posts in event of an attack. A chilled 
environment exists at the plant, and Entergy management is 
apparently still telling security personnel to alter incident 
reports.
    There are no specific defenses against an aerial attack at 
Indian Point--no no-fly zone, no combat patrols, no anti- 
aircraft missiles, nothing.
    From the water, there is no physical barrier to prevent a 
tanker or a speedboat loaded with explosives from plowing into 
the cooling water intakes.
    With regard to the NRC's force-on-force security drills, 
they are a joke--but not a funny one. The NRC drills are 
designed to allow nuclear systems to game the system. Everyone 
knows that if real conditions were used and no limits put on 
well-trained mock attackers, the plans would fail nearly every 
time.
    Again, I have details reported by POGO and other groups as 
well as the guards themselves.
    A head-in-the-sand mindset has a fever grip on the NRC and 
FEMA, which has refused to accept the new threat level and 
revamp organizations accordingly. The NRC and FEMA are captive 
to the industry they regulate, and the Department of Homeland 
Security has failed to assert itself. As a result, these 
agencies have little credibility with the American people, 
which in turn undermines public safety.
    Allow me to identify just three of many problems plaguing 
the NRC:
    First, the NRC resists the need to consider terrorism in 
administrative proceedings, and yet they routinely invoke 
terrorism to justify a new wave of policies designed to thwart 
the public's right and need to scrutinize the industry.
    Second, the NRC's new design base threat level is set too 
low. David Lochbaum will cover this in detail, but allow me to 
add that there remains a considerable gap between the level of 
defense plant operators are expected to provide and what the 
U.S. military is prepared to deploy.
    Finally, the NRC continues to enact policies that allow it 
and the nuclear industry to operate in increasing secrecy and 
with reduced transparency and public participation. I assure 
you--and I know you know this--that the less the public is able 
to see the more dangerous this industry will become.
    Now moving into recommendations. The best way to truly 
minimize the public health and safety risks at Indian Point is 
to close the plant and secure the onsite spent fuel. However, 
so long as Indian Point is still operating, there are numerous 
ways to better protect the plant. I will highlight those three 
or four measures that I think are the most urgent and readily 
achievable.
    First, we must secure the plant against aerial or 
waterborne attacks, which we can do with relatively inexpensive 
passive technologies. Installing a Beamhenge system, a line of 
steel beams set vertically in deep concrete foundations 
connected by a web of high-strength cables, wires and netting, 
would effectively shield the facility's vital components and 
structures. Beamhenge is essentially the nuclear grade 
equivalent of the fences erected around golf driving ranges. 
Dunlop barriers, inflated cylinders of rubber-coated textile 
linked together or anchored to a mooring buoy, should be 
installed in the Hudson River in front of Indian Point to help 
protect the plant's cooling water structures. Already in place 
at several Navy bases, Dunlop barriers are used to thwart small 
boat terrorist attacks.
    Second, we must establish a temporary no-fly zone over 
Indian Point, combined with combat air patrols, at least until 
the passive defense systems are in place.
    Third, Congress must direct the NRC to deal more 
aggressively with the highly vulnerable spent fuel stored at 
nuclear reactor sites. The best way to do that is to install 
hardened onsite storage systems, or HOSS, which is designed to 
contain isolated radiation and repel terrorist attacks.
    Finally, Congress must direct the NRC and FEMA to revamp 
their policies and regulations governing nuclear plant security 
and emergency preparedness.
    I have a whole laundry list of specifics there, but I will 
wait until the Q&A--if I have the opportunity to list those--in 
the interest of time.
    In general, though, I think it would be good for Congress 
to consider appointing a task force made up of governmental and 
nongovernmental stakeholders to do a top-to-bottom review of 
the NRC and FEMA's oversight of this industry.
    In conclusion, little has changed since September 11 
regarding the level of security at Indian Point. Federal 
agencies remain in a state of denial regarding the security 
threat facing nuclear facilities. Congress needs to ask the NRC 
and the industry--and I am paraphrasing the gentleman who was 
from the NRC who was here just a minute ago--if you are so 
concerned and laying awake at night, why aren't you concerned 
about deploying the most obvious and inexpensive security 
measures at our most vulnerable and high-risk nuclear plants?
    Whether they admit it or not, I believe the answer is quite 
simple. The industry and the NRC don't want to draw public 
attention to the intrinsic danger of nuclear power and the 
naked vulnerability of these facilities to terrorist attack, 
especially at a time when the industry is hoping to build a 
whole new generation of nuclear energy plants.
    The Federal Government's current approach to nuclear plant 
security and emergency preparedness is leading us down a path 
that could--God forbid--result in a far more terrifying attack 
than what we experienced that horrible day 3 years ago. We have 
received the warning signs regarding the possibility of and our 
vulnerability to a terrorist attack on a U.S. nuclear power 
plant, much as the government had received warnings about the 
September 11 attacks. Let's not give a future 9/11 Commission 
the opportunity to say we knew a nuclear attack on a power 
plant was possible and we did too little to stop it or to 
minimize the impacts.
    Thank you very much for giving me the opportunity to share 
my views today.
    Mr. Shays. Thank you, Mr. Matthiessen.
    [The prepared statement of Mr. Matthiessen follows:]

    [GRAPHIC] [TIFF OMITTED] T8358.041
    
    [GRAPHIC] [TIFF OMITTED] T8358.042
    
    [GRAPHIC] [TIFF OMITTED] T8358.043
    
    [GRAPHIC] [TIFF OMITTED] T8358.044
    
    [GRAPHIC] [TIFF OMITTED] T8358.045
    
    [GRAPHIC] [TIFF OMITTED] T8358.046
    
    [GRAPHIC] [TIFF OMITTED] T8358.047
    
    [GRAPHIC] [TIFF OMITTED] T8358.048
    
    [GRAPHIC] [TIFF OMITTED] T8358.049
    
    [GRAPHIC] [TIFF OMITTED] T8358.050
    
    [GRAPHIC] [TIFF OMITTED] T8358.051
    
    [GRAPHIC] [TIFF OMITTED] T8358.052
    
    [GRAPHIC] [TIFF OMITTED] T8358.053
    
    [GRAPHIC] [TIFF OMITTED] T8358.054
    
    [GRAPHIC] [TIFF OMITTED] T8358.055
    
    [GRAPHIC] [TIFF OMITTED] T8358.056
    
    [GRAPHIC] [TIFF OMITTED] T8358.057
    
    [GRAPHIC] [TIFF OMITTED] T8358.058
    
    [GRAPHIC] [TIFF OMITTED] T8358.059
    
    Mr. Shays. Mr. Lochbaum.
    Mr. Lochbaum. Thank you Mr. Chairman. I appreciate this 
opportunity to present our views on nuclear power plant 
security.
    Today's open hearing demonstrates that nuclear plant 
security issues can be responsibly discussed in public, a fact 
lost upon the Nuclear Regulatory Commission. The NRC 
essentially closed its doors to the public on this important 
topic since September 11. That's unacceptable, and we urge the 
Congress to compel the NRC to follow its lead by including the 
public in policy discussions.
    Mr. Shays. That's a very interesting point. It has never 
occurred to me that it's being used. The irony is it is being 
used as an excuse not to have the dialog when we need the 
dialog even more.
    Mr. Lochbaum. But it is also forcing groups like ours to go 
to other avenues since they have closed our doors, and the 
media and other outlets are the way we find our voice since 
they have closed our voice. They would probably prefer that 
they had those comments in house than seeing them in headlines.
    Mr. Shays. Good point.
    Mr. Lochbaum. A successful attack on a nuclear power plant 
would be one of the worst disasters in American history. That 
this threat is real is revealed by two simple facts. First, the 
nuclear industry urged this Congress to renew Price-Anderson 
Federal liability protection for nuclear power plants. If an 
attack could not cause catastrophic harm, owners could get 
private insurance coverage.
    Second, the nuclear industry claims to have spent more than 
$1 billion upgrading security since September 11. No one has 
enough money to spend on pseudo threats.
    After September 11, the industry issued orders requiring 
plants to take steps to make facilities less vulnerable to 
attack.
    The NRC also revamped its oversight process. The steps we 
liked most among them are frequency of NRC-evaluated force-on-
force security test was increased to once every 3 years from 
once every 8 years, the number of design basis threat 
adversaries was increased, and many of the unrealistic 
limitations on their weapons and tactics were lessened or 
removed.
    Minimum standards have been established for training and 
qualifications of security force personnel, and working hour 
limits for security force personnel were mandated by the NRC.
    Despite these steps taken, nuclear power plants remain 
vulnerable to attack by land, sea and by air. The American 
public cannot honestly be assured that all reasonable measures 
to protect them have been taken until the following 10 steps 
are taken:
    The two-person rule and/or expanded in-plant use of 
security monitoring cameras needs to be done to better control 
vital access to areas.
    The evaluation process for proposed procedure revisions and 
hardware modifications must formally verify whether protection 
against sabotage is affected by the planned changes.
    The NRC must not allow the same company to provide both the 
attackers and the defenders in force-on-force security tests.
    The NRC must increase its design basis threat level to a 
realistic level comparable to that established by the DOE after 
September 11.
    The NRC must either require background checks for nuclear 
plant workers with access to sensitive plant information or to 
prevent these workers from accessing that information.
    The NRC must require water barriers around intake 
structures at nuclear power plants.
    The NRC must require protection against aircraft hazards 
similar to the process it used to protect the plants against 
fire hazards.
    The Federal Government's ability to withstand or respond an 
attack designed above the design basis threat level must be 
periodically demonstrated.
    The NRC must require adequate protection for spent fuel by 
requiring owners to transfer fuel discharged from the reactor 
more than 5 years ago into dry casks which are emplaced within 
earth berms and other protective devices.
    And last--or, actually, first--the NRC must reengage the 
public in security policy discussions.
    I would like to highlight two of those recommendations. The 
others are detailed further in my written testimony.
    Right now, spent fuel at nuclear power plants is not as 
safe or as secure as it should be. Many plants have five to 
eight times as much spent fuel as fuel in the reactor. There 
are fewer barriers that attackers must penetrate in order to 
successfully damage spent fuel. And, correspondingly, there are 
fewer barriers protecting the public from the radioactivity 
released from damaged fuel.
    At most plants, the spent fuel pools are filled to 
overflowing. Spent fuel is then loaded into dry casks and 
placed out on open air lots out back. In fact, the current 
scheme of spent fuel storage could hardly be made less safe or 
less secure. By maintaining the spent fuel pools at or near 
full capacity, the risk is kept as high as it possibly can get. 
Transferring spent fuel into dry casks merely adds the 
additional risk of spent fuel out in the backyard.
    The responsible thing to do would be to minimize the 
inventory in spent pool fuels by transferring fuel discharged 
from the reactor more than 5 years ago into dry casks, which 
are then placed in earthen walls or other protective devices. 
The risk reduction by emptying the spent pool would more than 
offset the increased risk from dry cask storage resulting in 
overall tangible reduction in the risk profile at each plant 
site.
    The second recommendation I will highlight involves access 
to sensitive information. As this subcommittee has discussed, 
the NRC's imposed restrictions as recently as August 4th on the 
public's access to information after September 11. But there is 
a huge loophole. The access authorization upgrades mandated by 
the NRC after September 11 only apply to nuclear plant workers 
who get unrestricted access. There are literally thousands of 
nuclear plant workers with ready access to sensitive plant 
information that do not get unescorted access and therefore are 
not subject to background checks. Our enemies can get those 
jobs and obtain blueprint calculations, risk assessment hazards 
and analysis and upcoming equipment outage schedules useful in 
planning an attack.
    The NRC has to plug this loophole. It makes little sense to 
restrict public access to information while allowing the 
equivalent of uncontrolled drive-through service at the plants 
themselves.
    Before I close, I would like to take a moment to defend the 
NRC from the chairman's concerns about the 6-year security 
upgrade schedule. That's actually the NRC's express lane. You 
should see their pace at resolving safety issues. By 
comparison, 6 years is the blink of an eye.
    Mr. Chairman, I sincerely thank you for holding this open 
hearing and for listening to the public perspectives on this 
important issue.
    Mr. Shays. Thank you.
    [The prepared statement of Mr. Lochbaum follows:]

    [GRAPHIC] [TIFF OMITTED] T8358.060
    
    [GRAPHIC] [TIFF OMITTED] T8358.061
    
    [GRAPHIC] [TIFF OMITTED] T8358.062
    
    [GRAPHIC] [TIFF OMITTED] T8358.063
    
    [GRAPHIC] [TIFF OMITTED] T8358.064
    
    [GRAPHIC] [TIFF OMITTED] T8358.065
    
    Mr. Shays. Mr. Fertel.
    Mr. Fertel. Thank you, Chairman Shays.
    Given the importance of security at our nuclear plants 
today, I generally speak with the chief officers that operate 
those plants weekly, and I find I am getting to know a lot of 
the security managers personally. During the past 3 years, the 
industry has carried out unprecedented, unequalled efforts to 
review and improve our security; and I think during the 
discussion today the term business as usual, the lack of 
intensity and not exchanging lessons learned was used. I can 
only say that it's anything but business as usual. It's pretty 
intense, and we are exchanging lessons learned almost weekly. 
So I think there is a lot going on that I wish maybe we could 
share more with Dave and his colleagues.
    I would like to start by emphasizing the importance of 
nuclear power to our Nation. Our Nation's 103 reactors safely 
and cleanly produce enough electricity to power one in every 
five homes and businesses in the United States. Many regions 
are heavily dependent on nuclear energy. For example, in the 
chairman's State of Connecticut, electricity from nuclear 
provides 50 percent of the power in that State; and these 
plants also provide an additional benefit of stabilizing the 
electricity grid.
    I would like to emphasize three major points today 
regarding the security of our nuclear power plants:
    First, nuclear power plants were the most secure industrial 
facilities in the United States before September 11th and 
against terrorist attacks, and they are even more secure today.
    Second, power plants can serve as a model of industrial 
security in America. Our plants are far more secure than any 
other sector of our Nation's infrastructure and have been 
recognized as such by several independent organizations and 
security experts.
    Third, while the industry is fully committed to protecting 
its employees, the public and its assets, our companies have 
maximized the level of protection they can reasonably provide 
to these facilities.
    Although we coordinate extensively with government entities 
on security matters, continued emphasis on integrated response 
planning is necessary; and there are important legal and policy 
limitations to further increasing the security requirements 
that the operators of the plant have to satisfy.
    As you know, nuclear power plants were built to be robust 
and secure. A nuclear reactor is secured by several feet of 
concrete walls and an internal barrier of steel reinforced 
concrete. They were built to contain the effects of a reactor 
accident and also to withstand natural accidents such as 
hurricanes, earthquakes, fires and floods.
    Even before the September 11th attacks, every nuclear plant 
was protected by a strategy that included protective 
perimeters, physical barriers, sophisticated access 
authorization technology and a professional, well-armed 
security force. We conduct background checks on all of our 
employees and strictly control access to our plants.
    After September 11th, the industry--in response to orders 
issued by the NRC--enhanced security at our plants 
significantly. Each nuclear power plant is scheduled to meet 
the requirements of the most recent NRC security orders by the 
October 29th deadline.
    Over the past 3 years, we have expanded our security force 
by 60 percent, from 5,000 to 8,000 security officers at the 64 
sites. During that time, the industry has spent about $1 
billion to increase the security force and to significantly 
enhance physical protection at the plant. About two-thirds of 
that or more is physical protection. So there are things 
happening at the plants.
    My written testimony provides details regarding these 
improvements. However, some of them are considered safeguard 
information and thus not available to the public.
    As part of the new security requirements, each plant will 
conduct multiple--and I repeat--multiple force-on-force 
exercises every year. The NRC formally evaluates each plant's 
force-on-force exercise at least once every 3 years, as you 
have heard before.
    In these exercises, the NRC evaluates the execution of the 
security strategy, the performance of the plant security force 
and strategy, the performance of the plant security force and 
the performance of the independently trained adversary force 
used in the mock attacks.
    I am looking forward to questions on why we hired 
Wackenhut, which I am sure we will get. We can talk about that. 
We think it is the right thing to do. We think it will enhance 
security at the plants.
    Given the September 11th attacks, we also significantly 
increased our cooperation and coordination with State and local 
law enforcement. We have worked closely with the NRC, the 
Department of Homeland Security and other Federal, State and 
local authorities, with the goal of building a seamless 
security for our plants.
    However, additional emphasis on integrated response 
planning is needed; and there are important legal implications 
to us doing certain things that we don't have the authority to 
do, that we need help from the governmental entities to do.
    Mr. Matthiessen's testimony provides results from a new 
report by Riverkeeper on the consequences of possible terrific 
attack on the Indian Point nuclear power plant in New York. I 
just want to take a minute to discuss that report.
    The industry always welcomes meaningful technical analysis 
of our nuclear facilities. However, this Riverkeeper report is 
more of the Hollywood equivalent of merging plots of ``The 
Perfect Storm,'' ``The Day After Tomorrow'' and ``Independence 
Day'' and trying to sell it to the public as a realistic 
scenario. Simply, the likelihood of the accident sequence in 
this report leading to a release of radiation is so incredibly 
low that it is not credible.
    With your permission, Mr. Chairman, I would like to include 
in the record an analysis of the Riverkeeper report recently 
prepared by leading technical experts. Thank you.
    Mr. Kucinich [presiding]. Thank you very much.
    [The prepared statement of Mr. Fertel follows:]

    [GRAPHIC] [TIFF OMITTED] T8358.066
    
    [GRAPHIC] [TIFF OMITTED] T8358.067
    
    [GRAPHIC] [TIFF OMITTED] T8358.068
    
    [GRAPHIC] [TIFF OMITTED] T8358.069
    
    [GRAPHIC] [TIFF OMITTED] T8358.070
    
    [GRAPHIC] [TIFF OMITTED] T8358.071
    
    [GRAPHIC] [TIFF OMITTED] T8358.072
    
    [GRAPHIC] [TIFF OMITTED] T8358.073
    
    [GRAPHIC] [TIFF OMITTED] T8358.074
    
    [GRAPHIC] [TIFF OMITTED] T8358.075
    
    [GRAPHIC] [TIFF OMITTED] T8358.076
    
    [GRAPHIC] [TIFF OMITTED] T8358.077
    
    [GRAPHIC] [TIFF OMITTED] T8358.078
    
    [GRAPHIC] [TIFF OMITTED] T8358.079
    
    [GRAPHIC] [TIFF OMITTED] T8358.080
    
    [GRAPHIC] [TIFF OMITTED] T8358.081
    
    [GRAPHIC] [TIFF OMITTED] T8358.082
    
    [GRAPHIC] [TIFF OMITTED] T8358.083
    
    [GRAPHIC] [TIFF OMITTED] T8358.084
    
    [GRAPHIC] [TIFF OMITTED] T8358.085
    
    [GRAPHIC] [TIFF OMITTED] T8358.086
    
    [GRAPHIC] [TIFF OMITTED] T8358.087
    
    [GRAPHIC] [TIFF OMITTED] T8358.088
    
    [GRAPHIC] [TIFF OMITTED] T8358.089
    
    [GRAPHIC] [TIFF OMITTED] T8358.090
    
    [GRAPHIC] [TIFF OMITTED] T8358.091
    
    [GRAPHIC] [TIFF OMITTED] T8358.092
    
    [GRAPHIC] [TIFF OMITTED] T8358.093
    
    [GRAPHIC] [TIFF OMITTED] T8358.094
    
    [GRAPHIC] [TIFF OMITTED] T8358.095
    
    [GRAPHIC] [TIFF OMITTED] T8358.096
    
    [GRAPHIC] [TIFF OMITTED] T8358.097
    
    [GRAPHIC] [TIFF OMITTED] T8358.098
    
    [GRAPHIC] [TIFF OMITTED] T8358.099
    
    [GRAPHIC] [TIFF OMITTED] T8358.100
    
    [GRAPHIC] [TIFF OMITTED] T8358.101
    
    [GRAPHIC] [TIFF OMITTED] T8358.102
    
    [GRAPHIC] [TIFF OMITTED] T8358.103
    
    [GRAPHIC] [TIFF OMITTED] T8358.104
    
    [GRAPHIC] [TIFF OMITTED] T8358.105
    
    [GRAPHIC] [TIFF OMITTED] T8358.106
    
    [GRAPHIC] [TIFF OMITTED] T8358.107
    
    [GRAPHIC] [TIFF OMITTED] T8358.108
    
    [GRAPHIC] [TIFF OMITTED] T8358.109
    
    [GRAPHIC] [TIFF OMITTED] T8358.110
    
    [GRAPHIC] [TIFF OMITTED] T8358.111
    
    [GRAPHIC] [TIFF OMITTED] T8358.112
    
    [GRAPHIC] [TIFF OMITTED] T8358.113
    
    [GRAPHIC] [TIFF OMITTED] T8358.114
    
    [GRAPHIC] [TIFF OMITTED] T8358.115
    
    [GRAPHIC] [TIFF OMITTED] T8358.116
    
    [GRAPHIC] [TIFF OMITTED] T8358.117
    
    [GRAPHIC] [TIFF OMITTED] T8358.118
    
    [GRAPHIC] [TIFF OMITTED] T8358.119
    
    [GRAPHIC] [TIFF OMITTED] T8358.120
    
    [GRAPHIC] [TIFF OMITTED] T8358.121
    
    [GRAPHIC] [TIFF OMITTED] T8358.122
    
    [GRAPHIC] [TIFF OMITTED] T8358.123
    
    [GRAPHIC] [TIFF OMITTED] T8358.124
    
    [GRAPHIC] [TIFF OMITTED] T8358.125
    
    [GRAPHIC] [TIFF OMITTED] T8358.126
    
    [GRAPHIC] [TIFF OMITTED] T8358.127
    
    [GRAPHIC] [TIFF OMITTED] T8358.128
    
    [GRAPHIC] [TIFF OMITTED] T8358.129
    
    [GRAPHIC] [TIFF OMITTED] T8358.130
    
    [GRAPHIC] [TIFF OMITTED] T8358.131
    
    [GRAPHIC] [TIFF OMITTED] T8358.132
    
    [GRAPHIC] [TIFF OMITTED] T8358.133
    
    [GRAPHIC] [TIFF OMITTED] T8358.134
    
    [GRAPHIC] [TIFF OMITTED] T8358.135
    
    [GRAPHIC] [TIFF OMITTED] T8358.136
    
    [GRAPHIC] [TIFF OMITTED] T8358.137
    
    [GRAPHIC] [TIFF OMITTED] T8358.138
    
    Mr. Kucinich. I would like to begin with some questions of 
Mr. Lochbaum. The industry claims to have spent $1 billion 
since September 11 upgrading nuclear plant security. What does 
that claim tell you?
    Mr. Lochbaum. Well, I think it speaks to how unprepared we 
were on September 11th, because that's money that wasn't spent 
until afterward. And I also think it reminds me of the billion 
dollars that was spent fixing safety problems at Millstone or 
the hundreds of millions of dollars that were spent fixing 
problems at the Davis-Besse plant.
    Mr. Kucinich. I think they spent about $600 million there 
and about $1 billion at Indian Point to restore plants to a 
safe level. So how many billions will it take to increase 
security, in your estimation, to adequate levels?
    Mr. Lochbaum. I don't think it's a question of money. I 
don't think there's that much money left to be spent. I think 
it's more of an attitude question that this subcommittee has 
explored. I think it's more of a focus and just getting serious 
about it, more so than the dollar amount, that is preventing it 
so far. I think the fact that they have been able to do as much 
as they have behind closed doors is the biggest barrier to 
getting it done right.
    Mr. Kucinich. And, in your thinking about this, have you 
thought about some alternatives to this such as solar, wind? 
Has the NRC and, to your understanding, or the industry spent 
any money for security at these facilities?
    Mr. Lochbaum. Well, if you look at the $1 billion that the 
industry has spent on upgrading nuclear power plant security 
and compare that to the amount that's been spent upgrading at 
wind farms or other renewable technology, if it's been $100, it 
would probably high.
    Mr. Kucinich. Would these wind farms be less of a target?
    Mr. Lochbaum. There's no real hazard there, so there's no 
real need to provide $1 billion of security to something that 
is not a hazard to the American people.
    But the real question is--and it is something beyond me to 
answer--but is it really worth spending $1 billion protecting 
Americans or is it better to spend the $1 billion more 
productively in providing an energy technology that doesn't 
provide that risk to ourselves?
    Mr. Kucinich. Well, you make a series of recommendations in 
your testimony how to improve physical security at nuclear 
plants. Do you want to offer to this committee what 
recommendations you think should be implemented first?
    Mr. Lochbaum. If I had one to pick from, it would be the 
spent fuel pool issue, in reducing the threat from spent fuel. 
Right now, from both a safety standpoint and a security 
standpoint, we are doing that wrong.
    Mr. Kucinich. Let me ask you something. Why this issue of 
the transfer of the cask?
    Mr. Lochbaum. Right.
    Mr. Kucinich. Why has this transfer of spent fuel into dry 
cask not been done before now?
    Mr. Lochbaum. We started doing it in 1986 in this country. 
At that time, the casks that we were using could only be used 
for storage, not for transport. So there was a reluctance to 
transfer things into dry cask that would then have to be 
handled twice. Nowadays, the casks that we have can be used for 
storage and transport. You are going to have to put it in the 
cask eventually. Why not do it now where it improves safety, it 
improves the security, and it doesn't affect the cost that 
much?
    Mr. Kucinich. Thank you, just have another question for Mr. 
Fertel.
    Mr. Shays [presiding]. You may have as much time as you 
want.
    Mr. Kucinich. Earlier you heard it brought into the 
discussion, the situation at Davis-Besse. Would you 
characterize--are you familiar with it?
    Mr. Fertel. Yes, I am.
    Mr. Kucinich. Would you say the events surrounding Davis-
Besse are an exception or the rule in the nuclear industry?
    Mr. Fertel. I would say they were the exception, and it was 
an unacceptable exception.
    Going back to questions asked by this committee about 
lessons learned, following the Davis-Besse event there was a 
significant lesson learned in our industry resulting in a major 
materials initiative to make sure that we are looking at 
materials degradation everywhere in the plant in a much more 
systemic and integrated way.
    It's been a very painful lesson for FirstEnergy. It's been 
a very painful lesson for FirstEnergy, and it's been a very 
painful lesson for people like yourself, I am sure. It's 
actually turned out, for the rest of our industry, something 
that has focused us much better looking at materials issues. We 
were spending almost $60 million a year looking at materials 
issues, so it wasn't something being ignored.
    Mr. Kucinich. So you have learned something from what has 
happened.
    Mr. Fertel. Yes, sir.
    Mr. Kucinich. In the end, you think it will result in more 
sensitivity from these other plants and in the long run there 
is good that might come from it.
    Mr. Fertel. There is good that's come already, sir, as far 
as a much better technical look at this, a much stronger and 
integrated look at the analyses, the inspections that you need 
to do, and clearly a much better awareness at every plant of 
the importance and the safety culture aspects related to it. 
So, yes, sir.
    Mr. Kucinich. Just a final question which you are 
anticipating. What about these force-on-force exercises? I 
mean, shouldn't they contain an element of surprise?
    Mr. Fertel. Well, yes, sir.
    Mr. Kucinich. Are you surprised that they did?
    Mr. Fertel. Again, I think people have talked about the DOE 
exercise a lot. And let's talk about the new requirements NRC 
has put in for force-on-force exercises and deal with that and 
let me talk about the Wackenhut issue, since everybody else has 
mentioned it so far today.
    Mr. Kucinich. OK.
    Mr. Fertel. We used to do force-on-force exercises at 
nuclear power plants every 7 years. NRC now will come in and 
they will evaluate them at least once every 3 years, but that's 
just part of the story. They have established standards for 
what the training needs to be for not only the people that 
protect the plant but for the adversaries, the qualifications 
for not only the people that protect the plant but the 
adversaries.
    We are going to be doing multiple force-on-force exercises, 
in addition to normal training and gun firing and things like 
that--real force-on-force exercises, every plant every year. I 
can't tell you how many, which is silly to me, but it is 
safeguards, and I don't know why. I think that's a silly thing.
    When we in the industry looked at this, we said, the way we 
should do this, the same model for training operators. We 
should go to a systemic approach to training, which is a very 
rigorous way to do it. Make sure we have the discipline in our 
system for security activity just like we do for operator 
training. That's what we are doing.
    We also looked at and we said, the way these force-on-force 
exercises are done--and, Mr. Turner, I think said that, at DOE, 
the Secretary had formed a special adversary group. Those are 
DOE people. They are not outsiders. OK.
    When the U.S. Army does their war games, they use the U.S. 
Army. OK. They don't bring the Russians in. You know, they 
don't bring in other bad guys. They do it professionally.
    Mr. Kucinich. From what I understand, if I may, they don't 
describe information ahead of time as to----
    Mr. Fertel. I will get the information. The information 
that is described ahead of time in force-on-force exercises 
now.
    You do need to know when they are going to do it at the 
site. Because, while you are doing an exercise, there's real 
guys with real guns protecting the site. So people need to know 
that you are going to do an exercise at that site. That's 
known.
    Outside of that, they don't know. They don't go--I don't 
know what happened at the Y-12 facility. It's the first I heard 
of it, because I don't follow the DOE stuff where they said 
what facility they were going to attack.
    But, as Luis Reyes said, this scenario that they do on the 
attack and the way NRC is doing this is being developed by NRC. 
They decide what the attack is, whether it's to go for spent 
fuel. The adversaries know that. They get help from an insider. 
The defensive guys don't know this.
    Mr. Kucinich. So Wackenhut then, the guy wouldn't cheat at 
mock drills at NRC facilities, but we have something on the 
record that suggests that at DOE facilities it might be a 
little different.
    Mr. Fertel. I don't know whether Wackenhut would cheat at 
anything. I think human beings cheat. Human beings make 
mistakes, and human beings do things they shouldn't.
    Mr. Kucinich. Well----
    Mr. Fertel. The people that we have running this CAF team, 
OK, the people that are doing this Composite Adversary Force, 
the three top people that are running that basically are all 
Special Forces, OK? They never worked for the industry before. 
The project manager has 10 years as a Ranger. One of the team 
leaders was a team leader for the Delta Force. The other team 
leader is a special ops guy who ran a whole bunch of guys that 
did all types of things like snipers and everything else. These 
guys want to win, OK? They are out there to do the best job 
they can and to win.
    On our side--and I think this gets lost in almost every 
discussion about nuclear energy. I think it's important. I 
certainly feel as passionately about this, Congressman, as you 
do about your Davis-Besse experience. I know a lot of people 
that work at the plants. I find it insulting personally when 
their integrity is challenged all the time, OK?
    I think David Lochbaum offers a lot of positive things that 
have helped us in a number of areas of safety, and I may agree 
with some insecurity issues, some of which are being dealt 
with. That's helpful. But the people at the plants who work 
there--but who do you think gets killed first if terrorists 
attack and win? They do. OK? Who do you think gets hurt if 
something happens at a plant and something happens offsite? 
Their family, their friends and their neighbors. So the 
implication that they don't care I think is actually really 
wrong.
    Now that doesn't mean you don't make mistakes. It doesn't 
mean you can't do things better. I think that's one of the 
things we really want to do. We talked about sleeping guards 
and so forth and what happens with energy. What happened at 
sites where that happened is they fired them.
    Mr. Kucinich. When you said the implication they don't 
care, who are you speaking of?
    Mr. Fertel. Well, I mean, that's the way most of the 
discussion has gone, to be honest. You know, well, if NRC isn't 
doing this, the plants wouldn't; and, gee, the guys at the 
plants don't care unless David Lochbaum or Alex Matthiessen are 
involved.
    I am not saying they shouldn't be involved. All I am saying 
is that the people that work at those plants care as much about 
safety and security as anybody who sits up here talking with us 
or talking to you. I think we need to understand that.
    Mr. Kucinich. I don't know that there is anybody on this 
committee that would dispute that.
    Mr. Fertel. I am glad to hear that.
    Mr. Kucinich. Except, you know, for one qualification. And 
that is that you know and I know that all of these people who 
care so much about doing the right job for themselves, their 
co-workers, their family or community, there's a few people 
that make the decision. Now, granted, my experience is greatly 
informed by something in my own backyard. I understand that.
    Mr. Fertel. I understand that.
    Mr. Kucinich. When we know that photos in this hole in the 
reactor head were kept out of the file deliberately, when we 
know this thing wasn't reported, when we know when the NRC had 
full information they didn't move forward to act on it, I know 
that, too. So I am not using that to impugn the whole industry.
    I have given you an opportunity to acquit the industry, and 
you did. But, you know, I am saying that when you have one 
problem like that, because we are talking about nuclear power 
plants, it requires the utmost in terms of accountability, and 
that's what this committee is about.
    I want to thank the gentleman and thank the Chair for his 
indulgence. Thank you.
    Mr. Shays. I am going to, at this time, turn to the 
professional staff to ask some questions.
    Mr. Chase. Thanks.
    Mr. Fertel, a quick question. NRC says that it's going to 
take 3 years to implement and to test the new security plans. 
You are saying that there will be force-on-force exercises 
every year. What goes into developing these force-on-force 
exercises, having seen a number of them. The question I have 
is, has any thought been given to prioritizing these force-on-
force exercises? There are a number of plants that are in the 
more densely populated areas. Indian Point is one example. Has 
any thought been given in terms of prioritizing where and when 
we should do these exercises?
    Mr. Fertel. First of all, NRC is making all those 
decisions. The plants have no idea until a set period before 
the exercise that the planning can be done. So if I'm at the 
end of next year, I don't know now, I'll know within a few 
weeks because they've got to do planning.
    There has been some of what you've asked for already done. 
Because NRC has been doing a pilot and a transitional force-on-
force exercise program for the last 2 years; and over the 
latter part of this year, it's been testing the new design 
basis threat as part of it. Even though you don't have 
everything necessarily in place, you knew what you were going 
to do and you were able to test it. And what they have chosen--
for instance, Indian Point. Indian Point has already had both a 
force-on-force and an integrated response and an emergency 
planning exercise.
    So I think the NRC has attempted to do some of that.
    My understanding--and, again, I'm giving you kind of an 
arm's length because they make the decision--is that there is 
probably about 30 sites that haven't gone through the force-on-
force, and those are the ones that haven't gone through the 
transitional period in the last year and a half or two. Those 
are the ones that they would pick from for the first year 
starting November of this year, and I think they will 
prioritize their--based upon looking at factors like where the 
site is, when was the last time they actually exercised, and 
things like that. So, to some degree, it's being done already.
    Mr. Chase. But a concern could be that the force-on-force 
exercises that were done or have been done to date are under 
the old DBT, not under the new DBT.
    Mr. Fertel. Some were.
    Mr. Chase. So what I'm asking is, under the new DBT, we 
know that it's stronger, supposedly stronger. Have they given 
any thought to prioritizing?
    Mr. Fertel. They haven't shared that with us. And to be 
honest, they don't want to share it with us because they don't 
want to give the sites much lead time in knowing what's going 
on.
    Now, again, starting in November, starting actually later 
this year, every site will start doing their own force-on-force 
exercises as part of what they have to do, and it's more than 
one a year per site, absent NRC. And, as I think Roy Zimmerman 
said, they will probably have their residents and others 
observing lots of those. And my guess is they could do that, 
because every site, whether it's an Indian Point site or it's 
North Anna, will be doing them as part of their normal routine 
annual training that they're going to have to do. But I don't 
have an explicit answer to your question because NRC controls 
that.
    Mr. Chase. Do either of the other witnesses want to 
comment? OK.
    Mr. Matthiessen, I'm curious. On what basis do you conclude 
the NRC-revised DBT is too low?
    Mr. Matthiessen. Well, on what basis do I--well, just 
because the DOE is requiring greater DBT and also because I 
think in a post September 11 world we have to be thinking in 
terms of the most sophisticated, multi-directional suicidal 
attacks. And from what I know--and I obviously can't repeat it 
here--the NRC has only bumped up its DBT marginally, and I 
think there really needs to be a much more serious level.
    Mr. Shays. Let me just ask you, though. I mean, basically, 
why would you be in a position to know what the DBT was?
    Mr. Matthiessen. Why would I be in a position to know what 
it is?
    Mr. Shays. It's not public.
    Mr. Matthiessen. Well, I don't know specifically what it 
is. I have an indication or a sense of what it is.
    Mr. Shays. So it's admittedly third-hand concerns.
    Mr. Matthiessen. It is. But I take it on pretty good----
    Mr. Shays. You all tend to get your information fairly 
accurately, but I was just curious.
    Mr. Matthiessen. I would just love to make a comment in 
response to Mr. Fertel, if I could. I just want to mention that 
he mentioned the force-on-force drill at Indian Point and the 
emergency planning exercises that were done earlier this 
summer. I would just suggest that if those are any indication 
of what the rest of the industry can look forward to, then I 
think we are in trouble, and I think that the public should be 
very, very concerned.
    In the case of the emergency planning exercise that was 
done, the NRC, in what looked like a PR move more than a 
serious test of emergency planning, did conduct a terrorist 
mock attack on the plant. But, unfortunately, the test didn't 
involve any release of radiation whatsoever. So as far as I was 
concerned, they might as well have been testing the security or 
emergency planning around a Wal-Mart. I mean, the whole point 
of doing these emergency plans is because nuclear reactors are 
a special case, they contain materials that are very, very 
dangerous, and what we need to think about is a worst-case 
scenario, and a worst-case scenario does involve the release of 
radiation.
    And, likewise, for the force-on-force test, again, they 
tend to get advance notice, way in advance. The operators, from 
what we've heard again from security guards inside the plant, 
spent a lot of time and money beefing up security to abnormal 
levels in anticipation of the actual day. The attacks happen in 
day light over prescribed routes. From what we understand, the 
mock terrorists were not trained at terrorist levels and not 
equipped with the kind of weaponry that terrorists would likely 
have.
    So, again, I think that the integrity of these exercises is 
not what it needs to be if we are serious about truly testing 
the ability of these plants to repel a terrorist attack and to 
evacuate and protect people in the event of a terrorist attack.
    Mr. Shays. If you could just respond to that last point.
    Mr. Fertel. Just on the force-on-force at Indian Point, I 
was not there, so I can't verify; and I don't think Alex was 
there, either. But I do know that one of the reasons I heard 
that they do do night exercises as part of force-on-force, it's 
pretty routine. I think at Indian Point they made a conscious 
decision because of the terrain and the danger that they were 
not going to do it as part of this pilot program when they were 
doing it, and I understand that was a very conscious decision 
to avoid personnel injury at the point. But night exercises are 
part of force-on-force.
    Coming up November 1st, when these orders are effective, 
all the adversaries will have to meet the standards both for 
their capability and their fitness that the NRC has set. And 
that's pretty good standards. And, again, that's a major 
improvement over before September 11, to be honest, and as will 
the defenders. So I would expect, Alex, that you will see--I 
can only go by what you said on Indian Point, but you will see 
improved force-on-force at Indian Point as they start their 
exercises.
    Mr. Matthiessen. I hope so, but we may not see the results 
for another 3 years.
    Can I just ask a question of Mr. Fertel?
    Mr. Shays. No.
    Mr. Matthiessen. Sorry.
    Mr. Shays. That's all right. You can ask us a question if 
you would like. What's the question you would like us to ask 
him?
    Mr. Matthiessen. Well, I would just like to ask why--what 
is the industry and the NRC's response for not instituting what 
we see as pretty straightforward measures that wouldn't even 
cost the industry that much that would add an enormous measure 
as far as we have been led to believe.
    Mr. Shays. Such as?
    Mr. Matthiessen. A couple of the passive systems, barriers 
that I mentioned in my testimony, the Dunlop barriers and the 
Beamhenge, these are ways that you would really--you'd go a 
long way toward protecting these facilities and----
    Mr. Shays. We will make sure that we have a dialog about 
that.
    Mr. Matthiessen. OK.
    Mr. Chase. Mr. Fertel, how optimistic are you that the 
industry--according to GAO and the NRC, they are saying that 
the implementation of the security plans are going to take 
place by the end of October of this year. How confident are you 
that's going to actually happen?
    Mr. Fertel. As of 2 weeks ago, everybody was on schedule to 
be able to meet the requirements of the orders by October 29th. 
There's some issues where people may not have the picture that 
the chairman liked of the bullet-resistant enclosure that 
protects the officers. There are some plants that may have some 
problems in getting deliveries of some of those and will have 
to take other actions, and that's mainly because our soldiers 
in Iraq and our Defense Department and the DOE are getting 
priority. There's only two sources of steel for those, 
apparently; and our guys get bumped a bit on that. But, 
otherwise, we are going to be ready on October 29th.
    Mr. Chase. And, last, Mr. Matthiessen, would you share with 
us your thoughts or give us the status on the--if you can 
recall. The concerns regarding evacuation plans in New York and 
Connecticut.
    Mr. Matthiessen. I mean, again, what concerns me so much is 
that the FEMA used to have a policy of requiring certification 
of the plans by the four counties that surround the plant as 
well as the State. But a couple years ago, after the Witt 
report came out and showed pretty conclusively that this plan 
couldn't work in the event of a terrorist attack on the plant, 
especially--or, sorry, a radioactive release, especially in the 
case of a fast-breaking release, these counties became very 
uncomfortable and became convinced that it really wasn't 
possible to evacuate or even shelter people in place of a level 
that would be satisfactory, and so they withdrew that 
certification, as did the State emergency management office.
    And the FEMA came out, as you probably know, last August 
and just rubber-stamped the emergency plan without any 
evidence--not providing any evidence--this shouldn't be 
safeguards information, most of it anyway--without any evidence 
or analysis upon which they base that conclusion. And, of 
course, the NRC came out and rubber-stamped it a half an hour 
later, on a Friday in late July. And this is kind of typical of 
these agencies.
    And, again, I think you don't have to be a James Lee Witt 
that, given the road congestion, given the population 
densities, there is just no way that you could realistically 
evacuate that area or shelter people in place.
    Second, I do want to make a comment on the----
    Mr. Shays. I'm sorry, I need to interrupt you.
    Mr. Matthiessen. I'm sorry.
    Mr. Shays. I have a need to be sitting at a desk at 2 in 
order to not lose my place in another committee hearing. So, if 
that's all right, let me just go on and ask.
    What I'm wrestling with, Mr. Lochbaum, is--first of all, 
Mr. Fertel, what I'm the wrestling with is that I think the 
industry needs to do a better job, as much as you point out it 
was one of the most secure industries before September 11, 
because I think that we are going to have to have a very 
significant debate about the future of nuclear energy. And I 
wrestle as an environmentalist with the fact that, if I want to 
get at greenhouse gases, is there a role that nuclear energy 
has to play.
    Right now, Millstone's one, two, and three are about 50 
percent of Connecticut's--based on your testimony, and it used 
to be more when we had the Yankee plant plus one, two, and 
three--you know, we were oversubscribed. But tell me how you 
sort out, Mr. Lochbaum. Do you think nuclear energy simply 
can't be expanded at all?
    Mr. Lochbaum. I guess we view nuclear energy as providing 
the bridge to the future, with renewable energy technologies 
and improved energy efficiency being that future. But that 
future is, quite frankly, not here today. So we think that the 
safe operation of existing plants, until the--as they reach in 
their normal lifetimes they get replaced by better technologies 
of the 21st century technologies would be our druthers.
    Mr. Shays. This spent fuel is a huge concern to me. And, 
you know, I see them at the facility on the Hudson River, you 
know, saw the pool where they are at and so on. And they were 
in the contained area, I believe, is my recall. But we just are 
collecting more and more of this. Mr. Fertel, how do you 
wrestle with that?
    Mr. Fertel. Well, I think Congress clearly has a good role 
to play in moving the ball forward on Yucca Mountain, funding 
it appropriately, providing the oversight to DOE to make sure 
they do it appropriately and dealing with the issues around it 
will move that ball forward. I think, in the interim, clearly 
you're going to try and do everything you can and are doing 
everything to manage it safely from a security standpoint, NRC 
has issued advisories to the plants on what they can do to 
improve security.
    Mr. Shays. Let me ask you this. How is it that we have been 
able to increase production when we haven't added a plant in 30 
years?
    Mr. Fertel. Well, we actually have added a lot of plants in 
the last 30 years. We just haven't ordered a plant in that 
period.
    Mr. Shays. We haven't what?
    Mr. Fertel. We haven't ordered a new one, but we've added 
about 50 plants since 1980. But the way we have increased it in 
the decade----
    Mr. Shays. We've had 50 plants since 1980?
    Mr. Fertel. Yeah.
    Mr. Shays. How many have we had since 1990?
    Mr. Fertel. As far as real plants, concrete and steel? Two, 
I think.
    Mr. Shays. OK.
    Mr. Fertel. But we have added the equivalent of 19 since 
1990 in improving output from the plants, operating them 
better, doing a thing that we call uprates, where you can 
either improve the turbine or you can improve something on the 
reactor, on the reactor side to get more power out of it. And 
we have added two plants. So we've added about 19,000 megawatts 
since 1990 in kilowatt hours out.
    Mr. Shays. Do you all want to quickly speak to this issue 
of citations and whether they have to respond in writing or so 
on? I mean, is this of concern? Or are we more concerned than 
we should be?
    Mr. Lochbaum. As Mr. Reyes said, it's consistent with how 
they deal with safety issues. So it's the same approach. I also 
go back to what Mr. Zimmerman said. They are piloting the new 
significance determination process.
    Mr. Shays. And that's a good thing.
    Mr. Lochbaum. Well, it depends on how it comes out. It's a 
trial run now. But that could--depending on how that outcome 
is, could go further to better defining that line between what 
gets reported and what gets followed up, what the plant owners 
do and what the NRC does. I'm comfortable with that. If there 
is a better way of doing it, I'm open to that. But I bought 
into the process and I'm comfortable with it the way it is.
    Mr. Fertel. I think an aspect that maybe could help your 
comfort level--because you clearly weren't comfortable with it, 
listening to the discussion, is that I think the impression 
when they say they are doing a sample makes it sound like, oh, 
my God, they're just choosing a few. When they're doing the 
sample, they are doing a sample in security, they are doing a 
sample in safety, they are doing samples in other areas. And 
what they are looking for, in all honesty, is to see if there 
is any sort of a systemic breakdown in the corrective action 
program that the plant uses. And if they see a breakdown, well, 
then it's a whole other ball game for the NRC to come in and 
basically do major inspections. So they want your processes to 
work; and, if they work, they are comfortable.
    Mr. Shays. OK. I am going to adjourn.
    Actually, there is one other question. If staff's waiting 
for me--I am going out that door and I'm hustling. I have a 
better feeling of knowing the NRC is present every day. Are we 
underutilizing those folks? If you don't know, that's another 
issue.
    Mr. Lochbaum. We were concerned that--several years ago, 
the NRC changed its policy, like in 1997, 1998. They used to 
have more NRC resident inspectors, more people onsite. As part 
of a budget-cutting move, they removed some of the people from 
that onsite presence. That contributed to the problem that 
Davis-Besse--that Representative Kucinich is concerned about.
    Mr. Shays. But it seems to me that they could be doing 
followup. I mean, evidently, they have prescribed things they 
should do.
    Mr. Lochbaum. It's hard when there's so few of them. If 
they went back to the levels they had 5, 6 years ago, they 
could do more because there were more people there.
    Mr. Shays. Well, if you have two and you add one more, 
that's three. That's a 50 percent increase. Maybe even that 
would be beneficial.
    Mr. Lochbaum. It couldn't hurt.
    Mr. Shays. I'm sorry. I have a feeling there's some other 
things we could say, but it's been a long day, and it's been a 
very helpful day, and I appreciate all your contribution. So, 
we are going to call this hearing closed. Thank you.
    [Whereupon, at 2:07 p.m., the subcommittee was adjourned.]