1. The interactions between DOE/NNSA and other organizations responsible in part for preparing for or responding to an attack on NNSA facilities; and

  2. The attack scenarios used to design, update, and test the security systems.

The committee judges that its recommendations regarding these shortcomings—in particular, that DOE adopt a “total systems approach” to security, described in detail in Chapters 3 and 4 of the full report—can help DOE better evaluate facility security systems and their vulnerabilities. However, the committee has refrained from outlining a specific methodology; it instead focused on general approaches and tools that could be used.

The committee’s major recommendations are described below and are discussed in detail in the body of the full version of the report.

A dissenting opinion from one committee member is included in the full version of the report. This opinion is largely consistent with the report’s findings and recommendations, but it emphasizes a need for a single entity with both the responsibility and authority to direct the security system.

Finally, the committee limits its scope to cyber security as it relates to the physical security of nuclear weapons and significant quantities of SNM. Neither this report nor the full report addresses the cyber security aspects of protecting classified information or documents. This interpretation of the committee’s scope was agreed on with the sponsor in September 2009.


In this section, the committee describes and briefly explains the key recommendations contained in the committee’s report. The committee’s work also resulted in a number of findings, that were judged to be too sensitive to reproduce in this abbreviated version. The findings are included in the full version of the report, entitled Understanding and Managing Risk in the DOE Nuclear Weapons Complex, which is exempt from public release under the Freedom of Information Act (FOIA), 5 U.S.C. § 552(b)(2).

RECOMMENDATION 3-1: The committee advises against the use of probabilistic risk assessment (PRA) in designing security for the DOE nuclear weapons complex at this time. However, the committee recommends the use of some tools and techniques traditionally associated with PRA to improve NNSA’s understanding of the full spectrum of risks to the complex.

RECOMMENDATION 3-2: NNSA should utilize relevant techniques traditionally associated with risk assessment to improve its understanding of risk—specifically including an analysis of the security system—along with creative scenario generation techniques and security best practices.

RECOMMENDATION 4-1: The committee recommends that DOE/NNSA generate a range of plausible and specific objectives that the site security system is intended to preclude, for use in scenario generation. An adversary perspective should be taken into account when generating these objectives.

RECOMMENDATION 4-2: The committee recommends that a comprehensive and plausible range of adversary capabilities, strategies, and tactics be considered in defining the threat to sites and designing security systems.

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement