Security planning for small modular reactors ‘not where it should be’, academic says

SMRs have risen up the agenda with Great British Nuclear’s (GBN) competition for developers to get access to government support for deployment making progress, as well as other novel nuclear energy companies like Last Energy UK saying it will deploy micro-reactors in Wales by 2027.

Big technology companies like Google, Amazon and Oracle have said they want SMRs to power their AI data centres, to overcome grid power constraints.

And in the UK, the Civil nuclear: roadmap to 2050 stated: “To deliver energy security while driving down costs our long-term ambition is the deployment of fleets of SMRs in the UK.”

Proponents of SMRs, such as big tech companies, want them because of the additional flexibility they offer in location. They don’t need to be built far away from people because of their size, or near water because SMRs can be air-cooled.

This opens up questions about appropriate security arrangements, because traditional gigawatt-scale nuclear sites in the UK benefit from having long sight lines and layers of physical security such as fences, patrol paths and armed guards.

NCE spoke with King’s College London Centre for Science & Security Studies research fellow Ross Peel to find out more about security considerations for SMR developers.

Peel has recently authored papers with King’s on Insider Threat Security Considerations for Advanced and Small Modular Reactors and Nuclear Industry Views on the Security of Small Modular Reactors: Results of a pilot survey, both published in October 2024.

Peel said he has been “very pro-nuclear” for years but is working to help the industry to address his security concerns.

Safety a higher priority than security

Peel was keen to point out that there is a difference between safety around SMRs and security – with there being a lot more focus on the former.

“When developers are pushing forward with the development of an SMR concept, they think first about ‘How can we make it safe? How can we address the concerns people have?’ Which is safety, waste management, money,” he said.

“The general public, as far as I observe, is less worried about the security of nuclear facilities than they are about the safety of nuclear facilities.”

He said that was, in part, because “we’ve never had a major security incident.

“Security is one of those things where, if it’s done well and nothing happens, then [people think] there’s no problem with it.

“It only captures the public’s attention when it goes wrong, whereas safety is more towards the front of the consciousness for people.”

A nuclear industry source offered a minor rebuttal to this view, telling NCE that “nuclear safety is going to be the most visible and time-consuming part of developing a reactor design, but safety, safeguards and security are all developed in parallel.

“You wouldn’t want to finalise your security plans before you’ve finalised the safety features of your design, because they all have to fit together effectively.”

Referring to the developers in the GBN competition process, the source said: “Since the designs aren’t fully assessed yet, we wouldn’t expect to have complete security plans either, but that’s the right way to do things.

“The principles of security and the approaches have been set, and those are world-class and incredibly robust.”

Peel admitted that ascertaining what work has been done to address security concerns around SMRs.

“To a certain extent, it’s difficult to say because when you do work on security, you don’t talk about it too much,” he said.

“A certain amount of the security is delivered by the adversary not knowing what the security measures are, because if they knew the entire security plan, then it would be easier for them to plan how they were going to deal with it or get around it.”

Modern nuclear power sites in the UK look like military bases, given their rings of security fences and armed guards. Peel said he is unsure whether the fact that nuclear power stations have the aesthetics of a fortress is part of the deliberate design of nuclear security.

“I wouldn’t say it’s necessarily part of the purpose, but it is certainly seen a security side benefit, in terms of a deterrent effect,” he said.

“People look at it and go, ‘I don’t think me and my three lads from ISIS or whatever, are going to get in here, but we might be able to go and target something a bit softer’.”

Peel explained that the key internationally recognised security principles for nuclear site security, set by the International Atomic Energy Agency (IAEA), are ‘deter, detect, delay and respond’.

Turning to the UK, he said the principal document describing security plans and designs around nuclear developments is the ‘design basis threat’ and this would be created in partnership between the developer, the Office for Nuclear Regulation (ONR) and the relevant government security agencies.

He said the security services “need that information” contained in the design basis threat so they can assess whether developers can “handle a threat at that level”.

However the design basis threat is a secret document, “because if the threat actors know what the design basis threat is, they can therefore say ‘Okay, as long as we do that, plus one, we will succeed’”.

When should an SMR developer start their security planning?

Regarding at what stage an SMR developer should start thinking about security during the lifecycle of an SMR project, Peel said: “The recommendation from the IAEA, from security professionals, and pretty much everybody on that side of the fence is ‘as soon as possible’.

“We recommend that security needs to be thought about from the very start, right alongside safety.

“Security traditionally has been left until quite late in the process, and then solved by throwing lots of guns, gates and guards at the thing after all of the elements of design have been quite finalised.

“Security is almost retrofitted or built onto the design later, rather than what we recommend, which is the principle which is called security by design.

“You think about from the very outset, ‘How can we actually make this thing so it is secure from day one of this design process, as we’re thinking about it really early?’”

When it comes to applying this to SMRs, Peel said developers should start from similar to a GW scale plant with “the look of a fortress with hundreds of meters of distance surrounding the site and things, and shrink it down into a much smaller footprint”.

Additionally, Peel said developers are “absolutely able to reach out to private companies and consultants for security”.

He is personally aware of numerous “private consultants in the security sector who have contracts with various companies to do either individual parts or analyses or reviews or even to design security solutions for a reactor”.

Considering what he would say if he was providing security consultancy services to an SMR developer, Peel said engaging with the regulator, the ONR, is the first step.

“The ONR carries the responsibility for civil nuclear security licensing and review, and that’s not just about security,” he said.

“The ONR is very keen that developers come to them as soon as possible and start having those early conversations because they say that ‘If you come to us early with your ideas and have a chat with us, we can start giving you feedback early in the process and help guide you towards what we think will work.’”

Defence in depth

“Defence in depth” was mentioned by nuclear industry sources including Peel.

Peel explained that this is “when you would employ a number of different, redundant, diverse security measures to achieve the effect”.

For example, instead of relying just on one thick wall, SMR developers should say “we’re going to have a number of different things, all of which, added together, create complexity for the adversary; a fence and a ditch to stop vehicles and a wall and access control and cameras and patrols, all those kind of things added together”.

Discussing types of defence, he said: “What we see with the traditional gigawatt scale is you’re achieving early detection and delay through distance.

“You’re saying ‘We can see 500m [in every direction] around the site. And that means that we’ll see somebody as soon as they cross that boundary.’”

He pointed out that when it comes to an SMR, which would potentially be in a more built-up area, there is less space to implement defence measures. “You therefore need to create your delay between first detection and neutralisation of the threat in other ways,” he said.

“One of the things we do in security is what we call a graded approach, so the security measures taken should be commensurate to the potential consequences if something happens.

He said, for example, if a site were able to see someone approaching in a car, you’ve got the time it takes for them to cover that distance to find and put in place appropriate obstacles to prevent their passage into the site.

However, for SMRs, which may not have the benefit of long site lines, “the first time we detect somebody might be when they’re within spitting distance of the outside wall of the facility itself.

“Now let’s say it’s in the middle of a built-up industrial area, a van full of people who get out carrying heavy demolition tools and start walking around the area of the site might not be that unusual.”

In this case, things that “are unusual in the pattern of life” may need to be employed more.

He pointed to the example of the Y-12 facility in the US where nuclear warheads are assembled where “you’ve got people hunting in the woods; people going around with guns is not abnormal in the vicinity of the site”.

In the security business, “you’ve got to kind of detect things that are abnormal, but you can’t necessarily rely on that. It’s one of, one of your many steps of what we call defence in depth”.

Big tech companies promoting the idea of powering AI data centres with SMRs raises the possibility of data centres – a non-nuclear activity – being located in proximity to nuclear sites.

If a building outside of the nuclear island is near the nuclear site, it creates a security challenge because it eliminates a sight line for nuclear site personnel.

Peel said he expected the regulator to ensure developers are achieving all their security objectives within the footprint of their site.

Security plans ‘not where they should be’

While admitting that SMR developers’ security plans are not being talked about publicly, Peel said he has “a suspicion that security plans on the whole – and it varies massively from developer to developer – are not where they should be compared to other things.

“Safety always gets top billing, and given full attention. And I’m not saying that’s not right safety is very, very important, but I just think that when security is left too late in the process, you end up doing it in a way that is not as good as it could be done.

“To compensate for that, you have to spend a lot of money on physical protection measures such as guard forces. And then that security ends up being very costly as a result, compared to how it could have been done much better if you thought about it a bit earlier and integrated it well with safety and other things.”

Peel explained the types of security personnel on nuclear sites, saying: “You have guards and you have response forces. What the guards are doing is patrolling, making sure everything’s the sensors and the cameras are working and just everything’s as it should be.

“The response forces are more SWAT team type people who, if a threat is detected, come charging out ready to respond to it.”

However, Peel recommended that SMR developers “don’t just rely on paying large numbers of security force personnel.

“Instead, think about how could you design the facility to be secure, to impose delay upon people who are trying to do things they shouldn’t?”

Officials on SMR security preparedness

A government source said nuclear security was a top priority and confirmed that the Civil Nuclear Constabulary is the sole provider of armed policing for civil nuclear sites.

The source also said that all operators of nuclear sites are answerable to the ONR and the operators’ plans must be sufficient to prevent theft or sabotage of nuclear fuels, materials and facilities.

A Civil Nuclear Constabulary (CNC) spokesperson said: “Security arrangements will be the responsibility of each duty holder appointed by each SLC [site licence company] for each of the new sites.

“The CNC will support each duty holder to develop armed response arrangements if this is required. Any security arrangements will be subject to the submission of a proposed nuclear site security plan, and this will need to be approved by the ONR.”

An Office for Nuclear Regulation spokesperson said: “As part of our goal-setting regulatory regime, it is for licensees to demonstrate that their technologies can meet the required security outcomes in whatever location they are deployed.

“SMR designs are subject to security analysis as part of our generic design assessment process, which examines all aspects of physical and cyber security to ensure that fundamental principles such as ‘secure by design’ and ‘defence in depth’ philosophies are adopted and that the design satisfies regulatory requirements once constructed and operated in the UK.

“Once a location for any site has been confirmed, operators are expected to develop security arrangements, taking into account the site’s environment throughout its lifetime.

“These arrangements must be documented in a security plan approved by ONR under the Nuclear Industries Security Regulations (NISR) 2003.”

Anti-nuclear academic says security risk assessments ‘under-estimated’

University of Sussex professor of science and technology policy Andy Stirling said: “If the physical security implications of SMRs are to be properly anticipated, account must be taken of the longstanding nuclear industry track record of massively over-optimistic risk assessments.”

“A wide range of scenarios initially assigned ‘negligible risk’ have in fact now occurred many times – supposedly impossible natural events, unforeseen technical malfunctions, core melt accidents, major containment failures, sabotage possibilities, terrorism threats, nuclear blackmail, overt acts of war. Associated costs and impacts have been hugely under-estimated.”

“There is scant reason to believe these habits of nuclear ‘appraisal optimism’ lie in the past. In many ways, the smaller scale of SMRs means that associated risks are more widely distributed and more difficult and costly to police, mitigate and defend against.”

Like what you've read? To receive New Civil Engineer's daily and weekly newsletters click here.