Our nuclear plants have become like mini-fortresses following 9/11. Concerns over attacks on land or of targeted aircraft crashes led to the proposal of numerous new safety laws and regulations; the overriding focus being on the threat from without. All this focus on external forces however has missed the largest threat to nuclear power plant safety that actually has manifested itself. And it came from within.
In July of 2011 an illegal immigrant from Mexico somehow got past security and gained access to the Palo Verde Nuclear Plant in Maricopa, Arizona. Thirty-year-old Cruz Loya Alvares had been working as a contractor on site of the facility, remodeling a nearby administrative building. What brought him to enter the power plant itself is unknown, but he did try once before it in previous days, only to be turned away because of his expired Mexican driver’s license. The second time he entered in another contractor’s vehicle, flashed his Arizona identity card, and was waved through.
Technically, this sort of security breach is supposed to be prevented by the Nuclear Regulatory Commission. The NRC had strict guidelines on granting unescorted access. As they state on their website, their screening program is supposed to ensure that individuals let inside the facility are “trustworthy and reliable” and do not intend to “interrupt the normal operations of a plant or commit radiological sabotage”. The Unauthorized Access Authorization (UAA) program is supposed to consist of a thorough background and credit check, completion of a personal history questionnaire, and -- the keystone provision -- “verification of true identity”.
It was on that verification of true identity that the Palo Verde security failed. Had they done their jobs properly, Alvares would have been turned away as he was the first time. Still, even without absolving them of the major error, we must critically examine the vulnerabnilities of the security system itself. In essence it shifts the burden of identification from the guards on site of the plant to the Unauthorized Access Authorization staff without better equipping them to carry out their duties. It’s not inconceivable that Alvares could have presented his identity card to the UAA staff and been granted permission to enter.
Instead of changing the parties responsible for authorizing the access, a better solution is to equip all the access control personnel -- UAA staff, guards on site, and other security personnel -- with the means to quickly and easily verify “true identity”, as called for by the NRC regulations.
In fact, such solutions already exist in many other industries: a multi-tier, overlapping approach that starts with UV-light checks of identity documents. When stricter verification procedures are called for, documents could be scanned, authenticated, recorded, and the individual’s information uploaded for cross-checking against multiple secure databases.
Industries ranging from finance and retail to transportation security have made use of the identity-verification machines to put themselves at less risk of serious breaches, as well as to comply with government regulations. They continue to do so, proving the solution works. The NRC and its constituent power plants would do well to study those models and figure out the best way to implement a version for themselves.