nuclear-news

Chinese leaders have actively participated in the last three summits, and pledged at each of them to act to strengthen nuclear security. But how successful have they been so far?

On the one hand, largely due to these earlier summits, nuclear security issues have received greatly increased national attention and awareness in China, from both national leaders and the general public. China has actively worked on several national laws and regulations related to nuclear security, and invested significant money to improve the physical protection of its nuclear facilities—including the updating of its monitoring devices, and otherwise accounting for and controlling every bit of nuclear material in China’s possession. A “center of excellence” on nuclear security—a joint US-China project initiated at the first nuclear security summit—was just commissioned on March 18 in Beijing, marking a milestone in summit outcomes. In short, China’s commitment to nuclear security is seemingly now well-established.

But on the other hand, in spite of these advances, there are still significant gaps in China’s nuclear security, which leave room for improvement. For example, the country has yet to build an overall legal framework that would govern the use of nuclear energy and related safety and security issues. In particular, China needs to update its nuclear regulations and guidelines, especially those that oversee tests of the ability of China’s nuclear facility designs to resist attacks from large-scale and well-organized armed terrorist groups; such tests are vital for identifying the strengths and weaknesses of security procedures. And cybersecurity is yet to be  addressed.

So what major gaps remain, and what steps does China still need to take to improve the legal framework behind its nuclear security—a framework that is vital to making any substantial changes on the ground?

Progress on China’s nuclear laws and regulations. In China, legal documents are classified into four tiers. From high to low, these are laws, regulations, rules, and guidelines. Or, to be more precise: statutory law requiring approval by the National People’s Congress; State Council regulations; departmental rules; and regulators’ guidance or publications.

To further complicate matters, some laws and regulations are directly relevant to nuclear security, while others are much more indirect. The most direct ones are the Atomic Energy Law, the Nuclear Safety Law, and the Nuclear Security Regulations, while the ones that are indirectly relevant to nuclear security are the National Security Law and the National Counterterrorism Law.

Currently, the only major regulations on fissile material controls can be found in a document called the “Regulations for Control of Nuclear Materials,” issued in 1987, or 29 years ago—a time when the Berlin Wall was still up, Ronald Reagan was president, the World-Wide Web was not even a glint in a computer scientist’s eye, and the word “cybersecurity” was yet to be coined. Obviously, much has changed since then. Yet China’s only updating of these regulations was its “Rules for Implementation of the Regulations on Nuclear Materials Control”—issued in 1990.

In comparison, the most updated guidelines regarding the physical protection of nuclear facilities were issued in 2008—which is much more current, although itself now eight years old………..

Major gaps remain. While China has been making progress at improving the legal framework surrounding its nuclear laws and regulations, there have not been many updates of nuclear regulations and rules on the security of nuclear materials and facilities. All the existing regulations and rules were written before the attacks on New York and Washington in September 11, 2001, and the threat of nuclear terrorism was not specifically mentioned.

Although the 2008 guidelines require all civilian nuclear facilities to be designed in such a way that they consider threats to their security coming from outsiders, insiders, or a collusion of both—technically known as a “design basis threat”—they contain no clearly defined standards for how each nuclear facility should be designed for local conditions……..

while operators currently are required to do in-depth vulnerability assessments and performance tests of the individual components in their security systems, these tests do not include the realistic force-on-force exercises recommended by the International Atomic Energy Agency (IAEA). No Chinese regulations and guidelines require such tests, which are vital for identifying the strengths and weaknesses of security procedures.

Finally, China’s existing nuclear regulations and guidelines have not yet specifically addressed cybersecurity issues. Strengthening cybersecurity at nuclear facilities has become an important topic in the area of nuclear security, due to operations and security systems becoming increasingly reliant on digital control—and digitization invites cyber-attack. In practice, a number of countries like the United States and Russia have recently updated their regulations or rules regarding cybersecurity at nuclear facilities.

But China has not yet written nuclear regulations and guidelines with provisions specific to cybersecurity at nuclear facilities……..

Steps for improvement. At the 2014 nuclear security summit, President Jinping stated that “the more we do to enhance nuclear security, the less chance we will leave to terrorists.” Converting the top Chinese leader’s stated commitment into practical, sustainable reality, however, will require China to undertake several steps. In particular, China should speed the updating and issuing of any new laws, regulations, rules, and guidelines on nuclear security, especially those that have not been touched since the regulations of 1987 and the rules of 1990.

Clearer and more stringent rules and guidelines would establish a national-level design basis threat, with clarifying requirements for all military and civilian nuclear facilities. China should have at least a minimum standard for any design basis threat that includes protection against a modest group of well-armed and trained outsiders, a well-placed insider, and outsiders and an insider working together, using a broad range of possible tactics.

Moreover, China should incorporate IAEA principles and guidelines regarding nuclear security into its national laws and regulations, as suggested by a recent pledge by 35 countries to observe the terms of a joint agreement—known as Strengthening Nuclear Security Implementation—initiated at the 2014 summit at The Hague.

China should update and issue new nuclear regulations and guidelines incorporating cybersecurity explicitly. Cybersecurity should be integrated strongly and fully into the physical protection and accounting systems, and they should be an integrated component of any nuclear power plants design basis threat.

Soon, China should be issuing the Atomic Energy Law, Nuclear Safety Law, and Nuclear Security Regulations that have been under review for quite a while now. As a faster way of making progress, China should also update its 2008 guidelines on physical protection to integrate new IAEA guidelines, including the conduct of force-on-force exercises.

To ensure that the new regulations and rules are effectively implemented for facilities and transporters of nuclear weapons and weapon-usable fissile materials, China needs an effective system of enforcement and a constantly developing and improving nuclear security system that will not stagnate. http://thebulletin.org/how-china-needs-improve-its-legal-framework-nuclear-security9276