TG-FSSS-1, Unclassified Controlled Nuclear Information, Topical Guideline for Fixed-Site Safeguards and Security

UCNI GUIDELINES

General.

Unclassified information about FSSS which is broad or general in nature regarding facilities, operations, capabilities, and equipment is usually not controlled as UCNI, primarily because such information is not likely to meet the "adverse effect test" required before information may be UCNI. Such general information may be released to the public or any person upon making a proper request under statute or Executive order, unless other controls on release apply (e.g., the Privacy Act). However, information that does meet the "adverse effect test" is UCNI in accordance with the determinations contained in the approved General Guideline document (Reference H11). Each UCNI guideline topic in this document which specifies that the information it addresses is UCNI includes a number (e.g., GG #15, 16, etc.) which is the General Guideline determination under which the topic primarily falls. The General Guideline number given is not necessarily the only determination covering the topic.

Information pertaining to FSSS is not limited only to safeguards and security measures for the protection of a facility. Other information can have a major bearing on security. For example, certain facility design information or design-related operational information concerning a facility would be of significant assistance, if not essential, to an attacker in planning or executing an act of theft, diversion, or sabotage. Therefore, these guidelines include topics related to facility design, in addition to topics traditionally associated with safeguards and security measures. This is because such information could be used to select a specific target (or targets) for attack, plan entry and egress routes, plan for activities that could impede or confuse response forces, evaluate risks, etc. Other UCNI guidelines will address production or utilization facility design information that has an impact on information that would assist in illegal production of a nuclear weapon (i.e., technology-related information).

In certain cases, it may not be possible or practical to control information determined to be UCNI by this guideline at all locations. In such cases, internal guidelines specific to an organization should be submitted for approval to address such exceptions.

Chapter 1. National Security Assets.

This chapter provides UCNI guideline topics concerning unclassified information relating to national security assets and the association of sensitive functions with UCNI sensitive facilities.

Information in CG-SS-2 (7/90) Chapter 1, "Threat Description, National Security Assets and Policies," which is unclassified by topics in that Chapter is NOT UCNI except as indicated by the following topics.

110 UCNI sensitive facilities

111 Information contained in a list of UCNI sensitive facilities at a site only if the information reveals it is complete (Basis: GG #5; ID No.: FSSS-1) . . . UCNI

112 Otherwise . . . NOT UCNI

Chapter 2. Physical Protection of DOE Assets

CG-SS-2 and other classification guides provide extensive rationale and guidance for the classification of information relating to physical security measures for the protection of facilities, equipment, and materials of significance to the national security.

The following UCNI guideline topics address unclassified information pertaining to physical security measures for sites, facilities, or security areas. Guideline topics addressing information that has a bearing on physical security, but which is not per se physical security (e.g., facility design information detailing physical layout, etc.), are addressed in other sections of this document.

Reason for Control as UCNI

The reason for controlling information concerning physical protection of DOE assets as UCNI is to protect that unclassified information that would significantly assist a malefactor in committing an act of theft, diversion, or sabotage.

Broad Guidance

In general, information concerning physical security measures for the protection of DOE assets that is broad in scope and does not reveal design or operational details will not significantly assist a malefactor in targeting a site, facility, or security area. Such information does not meet the UCNI adverse effect test and is not UCNI. Other unclassified information concerning physical protection of DOE assets that is NOT UCNI includes:: - Information which is discernible by casual observation from an uncontrolled area.; - Budgeting and cost information.; - Routine administrative data concerning personnel.; - Information concerning armament and equipment usually associated with law enforcement or security matters.; - Procedural and operational information that concerns safety or nonsensitive routine matters (e.g., firearms safety).
Information that pertains to physical protection of sensitive DOE assets that generally is UCNI includes:: - Unclassified information that reveals a specific security deficiency at a specified sensitive site, facility, or security area, particularly details of the deficiency.; - Unclassified information concerning specific locations and design or operational details of internal barriers, security posts, alarms, detectors, special nuclear material (SNM) vaults, buried sensors, etc.; - Unclassified information concerning sensitive aspects of capabilities and limitations of security equipment, and methods and times to defeat or degrade security equipment or operations.; - Unclassified information concerning protective force plans, procedures, and operations that are of a nonroutine nature regarding protection of sensitive facilities, sites, or security areas.

Topical Guidance

Except where information is determined to be UCNI by topics in this guideline, information determined by topics in Chapter 2 of CG-SS-2 (7/90) to be unclassified is NOT UCNI.

210 Physical security projects and system designs

211 Unclassified information in system proposals used for management decisions which reveals information determined to be UCNI by other topics (e.g., details of specific intrusion detection, alarm, or assessment equipment; design features for security posts to provide protection for personnel; security deficiencies, etc.) (Basis: GG #6; ID No.: FSSS-2) . . . UCNI: 211.1 Otherwise . . . NOT UCNI
212 Unclassified information providing details of how elements of a system will be or are designed and integrated to produce an effective security system (Basis: GG #16; ID No.: FSSS-3) . . . UCNI

220 Physical security equipment (barriers, access control, intrusion detection, alarm, assessment, delay, or deterrent equipment)

221 General

221.1 Unclassified sensitive evaluations developed specifically by DOE or its contractors concerning delay times, defeat times, or detailed methods to defeat physical security equipment (Basis: GG #16; ID No.: FSSS-4) . . . UCNI

221.2 Unclassified sensitive maintenance information concerning UCNI physical security equipment that reveals a security deficiency (Basis: GG #16; ID No.: FSSS-5) . . . UCNI

221.3 Information in reports, printouts, etc., on status of equipment which reveals status of an entire or significant portion of a security system for a facility, site, or security area which gives insight into security deficiencies, or that tends to reveal security-related problems under specific conditions (e.g., winds above a specified speed, snow above specified depth or rate of snowfall, etc.) (Basis: GG #16; ID No.: FSSS-6) . . . UCNI

221.4 Unclassified information in recordings/logs, including CCTV or other video recordings, regarding alarms, equipment responses, or personnel responses, if a security deficiency or information determined to be UCNI by other topics is revealed
(Basis: GG #16; ID No.: FSSS-7) . . . UCNI

NOTE: But see CG-SS-2

222 Barriers

222.1 Observable details concerning observable barriers . . . NOT UCNI

222.2 Unclassified information concerning security barriers not observable from uncontrolled areas that could significantly assist in penetrating a barrier (Basis: GG #16; ID No.: FSSS-8) . . . UCNI

223 Intrusion detection, alarm, and assessment (including duress alarm equipment)

223.1 Unclassified information revealing the specific types of, or details concerning, intrusion detection, alarm, and assessment equipment at a specified site, facility, or security area if such information is not readily determinable by observation from an uncontrolled area (Basis: GG #16; ID No.: FSSS-9) . . . UCNI

NOTE: But see Topic 223.1.4

223.1.1 Specific types of buried sensors with a given Perimeter Intrusion Detection and Assessment System (PIDAS) (Basis: GG #16; ID No.: FSSS-10) . . . UCNI

223.1.2 Unclassified information regarding PIDAS installation, effectiveness, reliability, etc. (Basis: GG #16; ID No.: FSSS-11) . . . UCNI

223.1.3 Unclassified information concerning types and details of other intrusion detection, alarm, and assessment equipment or systems including installation, effectiveness, limitations, line supervision and anti-tamper information, details of power supplies, etc. (Basis: GG #16; ID No.: FSSS-12) . . . UCNI

223.1.4 The fact of installation of intrusion detection (including the general fact of door, window, or motion sensors), alarm, or assessment systems (e.g. CCTV) at a specified site, facility, building, or security area. . . . NOT UCNI

223.2 The fact of duress alarm capabilities associated with a specific security post/activity
(Basis: GG #15; ID No.: FSSS-13) . . . UCNI

223.2.1 Information revealing methods, procedures, or coded or concealed signals to indicate duress, emergency, or planned response, if unclassified (Basis: GG #15; ID No.: FSSS-14) . . . UCNI

NOTE: See CG-SS-2 topic series 215 and 238.

224 Access control

224.1 Unclassified details concerning installed access control systems or equipment, including design features, installation, capabilities, limitations, effectiveness, anti-tamper information, lockout/lockdown/anti-forced-entry information, etc. (Basis: GG #16; ID No.: FSSS-15) . . . UCNI

NOTE: Associations with specific installations of manufacturers equipment is Government information.

224.1.1 Commercial vendor information, per se, concerning such systems/equipment . . . NOT UCNI

224.1.2 The fact that a specified access control system or equipment is installed at a specified site/facility/security area/building . . . NOT UCNI

224.2 Unclassified information concerning security badges

224.2.1 Information concerning hidden or not readily detectable features of security badges used at a site/facility. (Basis: GG #17; ID No.: FSSS-16) . . . UCNI

224.2.2 Information revealing the meaning of markings on badges (or other items), if any, used to authorize entry/egress into controlled zones/areas during emergencies . . . NOT UCNI

224.2.3 Unclassified lists of lost/missing security badges . . . NOT UCNI

NOTE: Information determined to be unclassified and is not automatically approved for release to the public. The information may be subject to other limitations on release (e.g., the Privacy Act or other exemptions to the Freedom of Information Act)

225 Unclassified information concerning keys, locks, combinations, and tamper-indicating devices, except for information determined to be UCNI by an approved internal guideline (Basis: GG #15; ID No.: FSSS-17) . . . NOT UCNI

NOTE: Refer to CG-SS-2 Topic Series 250

230 Protective personnel

231 Total number of protective personnel in a specific shift for a sensitive site or facility . . . NOT UCNI: 231.1 Size of other protective-related personnel assets (e.g., in-house incident response forces) (Basis: GG #17; ID No.; FSSS-18) . . . UCNI; 231.2 Number of protective personnel assigned to a specific patrol, station/post, or other breakout of personnel by time/location where not determinable by casual observation from an uncontrolled area (Basis: GG #17; ID No.: FSSS-19) . . . UCNI

232 That security personnel are being increased or decreased, provided significant security deficiencies are not revealed . . . NOT UCNI

240 Security plans and procedures

241 Unclassified physical security plans and orders: 241.1 Unclassified guard force deployment plans and orders (Basis: GG #15; ID No.: FSSS-20) . . . UCNI; 241.2 Information concerning access control procedures, that could significantly assist an adversary (Basis: GG #15; ID No.: FSSS-21) . . . UCNI; 241.3 Unclassified information on plans, procedures, and operations concerning responses to security incidents that could significantly assist an adversary (Basis: GG #15; ID No.: FSSS-22) . . . UCNI; 241.3.1 Unclassified special procedures to identify and pass facility emergency personnel through various control/checkpoints during emergencies (Basis: GG #15; ID No.: FSSS-23) . . . UCNI; 241.4 Unclassified information concerning routine patrol schedules, locations, and frequency, if authorized by an approved internal guideline (Basis: GG #15; ID No.: FSSS-24) . . . UCNI

242 Details of arrangements with local, state, or Federal law enforcement units concerning specific responses to attack scenarios (Basis: GG #16; ID No.: FSSS-25) . . . UCNI

250 Protective personnel armament and equipment

251 Information revealing that major security items such as armored vehicles or helicopters are nonoperational (i.e., will be disabled or down for lengthy periodic maintenance for some future period), when such information is not protectable by classification, and when such information could significantly assist a malefactor (Basis: GG #16; ID No.: FSSS-26) . . . UCNI: 251.1 When returned to operational status . . . NOT UCNI; 251.2 Otherwise . . . NOT UCNI

252 Unclassified information revealing the total inventory of armament or location's of armament storage sites, if authorized by an approved internal guideline (Basis: GG #16; ID No.: FSSS-27) . . . UCNI

260 Security communications

261 A list of security/emergency-related telephone numbers, if back-up/reserve numbers are not revealed . . . NOT UCNI: NOTE: Internal guidelines shall specify which back-up/reserve numbers, if any, are UCNI
(Basis: GG #15; ID No.: FSSS-28)
262 Channel assignments and frequencies for alternate/reserve/back-up use in the event of jamming or other inability to use primary channels (Basis: GG #15; ID No.: FSSS-29) . . . UCNI: 262.1 Primary channel assignments and frequencies . . . NOT UCNI
263 Unclassified procedures to be used in the event of degraded/jammed communications or to avoid monitoring of sensitive communications (Basis: GG #15; ID No.: FSSS-30) . . . UCNI: 263.1 Unclassified information concerning the effectiveness, or lack thereof, of attempts to monitor, degrade, intrude into, jam, or otherwise affect security or facility emergency communications (Basis: GG #17; ID No.: FSSS-31) . . . UCNI

264 The meaning of communication codes other than standard, well-known "ten" codes (Basis: GG #15; ID No.: FSSS-32) . . . UCNI

265 Identity of communications equipment used by security or site/facility emergency management personnel . . . NOT UCNI

266 Unclassified evaluations of radio/telephone communications or communications equipment revealing details of security-related deficiencies (Basis: GG #17; ID No.: FSSS-33) . . . UCNI

270 Evaluations of physical security

271 Unclassified evaluations of physical security measures, or of procedures for routine inspection and testing of equipment, which reveal design, procedural, or operational details concerning physical security measures which could significantly assist an adversary (Basis: GG #15; ID No.: FSSS-34) . . . UCNI

272 Unclassified information describing security deficiencies at a site/facility/security area that have not been corrected (Basis: GG #17; ID No.: FSSS-35) . . . UCNI: 272.1 General statements concerning the results of evaluations and dates of past evaluations that do not reveal deficiencies or that reveal significant deficiencies that have been corrected . . . NOT UCNI

280 Non-Transportation Safeguards System (TSS) shipments

281 General: 281.1 Information concerning non-TSS shipments, if determined to be unclassified due to an operational exigency, e.g., vehicle accident or incident, when and to the extent necessary for the health and safety of the public or as necessary to comply with laws or regulations such as filing an accident report with the appropriate agency. Local procedures should specify such conditions, to the extent practicable . . . NOT UCNI; 281.2 Information concerning shipment of low-level wastes, mixed hazardous wastes, transuranic wastes, spent chemical wastes, and other environmentally sensitive wastes to the Waste Isolation Pilot Plant (WIPP), other disposal sites, or to other locations or firms for handling/disposal . . . NOT UCNI; 281.3 The fact that air, rail, truck, ship, or any other mode of transportation is used for shipment of SNM or other material . . . NOT UCNI; 281.4 Information concerning Department of Transportation (DOT) approved shipping containers . . . NOT UCNI; 281.5 Information on the transportation of materials which is contained in unclassified Government regulations, directives, and documents which have been officially placed in the public domain . . . NOT UCNI; 281.6 Information on non-TSS shipments which can be obtained by visual access from an uncontrolled area . . . NOT UCNI
282 Non-TSS shipments of nuclear material, classified material (except documents), or high-level wastes between protected areas at a site: 282.1 Details concerning specific shipment quantities or configurations of nuclear material, classified material (except documents), or high-level wastes, if unclassified, that are attractive theft or sabotage targets (Basis: GG #15; ID No.: FSSS-36) . . . UCNI; 282.1.1 But, generic upper- or lower-bound information identified as such for safety analysis reports or environmental impact studies . . . NOT UCNI; 282.1.2 Mere fact that a specific shipment contains radioactive, nuclear, or hazardous material, and other information as may be required by law or regulation to be releasable . . . NOT UCNI; 282.2 Unclassified schedules and itinerary for a shipment (planned, actual, or completed), except where information must be publicly released (e.g., preannounced road close) Basis: GG #15; ID No.: FSSS-37) . . . UCNI; 282.3 Unclassified information concerning security plans, procedures, and operations associated with non-TSS shipments between protected areas; 282.3.1 Details of security measures for the transport vehicle and contents (Basis: GG #15; ID No.: FSSS-38) . . . UCNI; 282.3.2 Details of protective force personnel information (escorts, armament, operations, etc.) (Basis: GG #15; ID No.: FSSS-39) . . . UCNI; 282.3.3 Details of communication requirements, procedures, reports, etc. (Basis: GG #15; ID No.: FSSS-40) . . . UCNI; NOTE: Includes information contained in logs/recordings.; 282.3.4 Contact points, procedures, and other information concerning possible or actual nonsecurity-related incidents (telephone contact points, procedures for vehicle breakdown/accidents, etc.), not revealing information that could assist a malefactor . . . NOT UCNI
283 Non-TSS shipments between sites: 283.1 Unclassified information concerning off-site shipments using commercial carriers, except where special security measures may be required . . . NOT UCNI; 283.2 Information concerning contents, packaging, or any other information required to be released by law or regulation . . . NOT UCNI; 283.3 Special shipment security arrangements, if any (Basis: GG #15; ID No.: FSSS-41) . . . UCNI

Chapter 3. Automated Data Processing (ADP)

Broad Guidance

This chapter addresses UCNI guideline topics concerning Automated Data Processing (ADP) facilities, hardware and networks. In general, the only information that is UCNI based on this chapter is that related to the design of ADP assets, not measures for ensuring the protection of information contained in ADP software or in ADP-generated data. Information contained in ADP software or ADP-generated displays or reports, or related to security measures for ADP facilities is UCNI or NOT UCNI based on topics in other sections of this guideline or other UCNI guidelines.

Topical Guidance

Except where information is determined to be UCNI by topics in this guideline, information determined to be unclassified by topics in Chapter 3 of CG-SS-2 (7/90) is NOT UCNI.

310 Unclassified design information concerning sensitive facility ADP equipment essential to accomplishment of the mission (Basis: GG #6; ID No.: FSSS-42) . . . UCNI

NOTE: Internal guidelines shall specify what information, if any, is UCNI under this topic.

320 Information concerning physical security measures for an ADP system . . . See Chapter 2

Table of Contents

Click here to continue.