FAS | Government Secrecy | Other Gov Docs ||| Index | Search | Join FAS


Strength Through Leadership
Confidence Through Security

Year-End Status of Safeguards and Security
in the Nuclear Weapons Complex

A Report
to the Secretary of Energy
from
the Office of Independent Oversight
and Performance Assurance

January 2000


Strength Through Leadership
Confidence Through Security

Year-End Status of Safeguards and Security in
the Nuclear Weapons Complex

This report provides a year-end update on the effects of the Secretary of Energy’s security initiatives within the Department of Energy and its nuclear weapons complex. Nineteen ninety-nine was an eventful year for the Department in terms of the level of attention and the amount of activity associated with our security programs and our ability to protect the nation’s secrets. The year began with the Department falling under heavy criticism from both Congress and the media for serious problems in our security practices. That criticism did not substantially subside throughout the year. The Secretary directed a number of actions in an effort to bring our security organizations, programs, and practices to a level that could demonstrably provide adequate protection to those things the Department is entrusted to protect. This report provides a summary perspective on where the Department began the year, what was done on a Departmental level to address problems, and where the Department stands now in terms of observable and measurable results. The status reported is based on appraisals conducted by the Department’s Office of Independent Oversight and Performance Assurance.

Independent Oversight

The Secretary of Energy created the Office of Independent Oversight and Performance Assurance in early 1999 to consolidate security-related Department-wide independent oversight into a single office reporting directly to the Office of the Secretary of Energy. Its nucleus was the Office of Security Evaluations, formerly part of the Office of Oversight under the Assistant Secretary for Environment, Safety and Health. Two new offices--the Office of Cyber Security and Special Reviews, and the Office of Emergency Management Oversight--were created to complete the consolidation of oversight activities within the new organization.

The Office of Independent Oversight and Performance Assurance conducts appraisals of all aspects of the Department’s policies, programs, and practices related to safeguards and security, cyber security, and emergency management. Our activities range from comprehensive appraisals of a facility’s safeguards and security, cyber security, and emergency management programs to follow-up appraisals that check on the status of corrective actions or specific problems. We also conduct Department-wide special studies of significant issues related to security. When we identify problem areas, we also strive to identify viable approaches for correcting the problems. We do this with highly qualified experts in a dozen disciplines related to security, cyber security, and emergency management. Many of our appraisal team members are recognized authorities in their individual disciplines. Our approach to appraisals is performance-based so we can determine whether security programs and practices in fact provide the necessary protection. Accordingly, we developed and applied performance-testing methodologies whenever applicable. Many of our tests and methodologies have been adopted by Departmental organizations across the country for survey and self-assessment purposes. Our office is respected throughout the Department for its thoroughness, professionalism, and objectivity, and our efforts and conclusions have always withstood scrutiny because of our thorough validation procedures.

The Challenge

The security problems that challenged the Department during 1999 did not originate in 1999-- they merely became public knowledge to such an extent and in such quick succession that they demanded immediate attention. For the first 50 years of its existence, the priority of the nuclear weapons complex was clear: develop, build, and maintain a nuclear weapons stockpile sufficient to support the nation’s nuclear strategy. While security was an acknowledged necessity, it, along with almost everything else, took a back seat to production requirements. When security and production had competing or incompatible needs, security generally yielded. This was understandable, given the national priorities at the time, but it inevitably planted a seed in the culture of the weapons complex that taught a very simple lesson: security requirements aren’t absolute—they can be put aside for more important things. With victory in the Cold War came the common but unfortunate misconception that we no longer had any formidable enemies, and therefore shouldn’t be allocating increasingly scarce funding on security. While not ignored, security became a decreasing priority and an increasingly expensive overhead item to many managers. Thus the conditions were established that led to the security problems confronting the Department in 1999.

The Department’s 1999 23rd Annual Report to the President -- prepared by the Department’s safeguards and security policy organization -- covering the calendar years 1997 and 1998 and based largely on the results of our appraisal activities, emphasized a number of security-related weaknesses. Three nuclear weapons program facilities discussed in the report received overall ratings of less than satisfactory for security. The report characterized many security programs as “lacking management support and involvement.” The Annual Report also highlighted concerns across the weapons complex relating to protection of information against “hackers,” protective force readiness and preparedness, aging physical security alarm hardware, and the need for better facilities for long-term storage of plutonium and highly enriched uranium.

The allegations of nuclear espionage at a national laboratory made the subject of security within the DOE a matter of nationwide concern. The aftermath of this revelation and the prominent reporting of the Department’s security problems created a crisis in confidence between the Department and Congress and, to some extent, the American public. This situation posed a real threat to the Department’s ability to continue performing its national security and other responsibilities.

The Secretary’s Response

Acknowledging the existence of serious security problems, the Secretary immediately took a number of significant actions aimed at correcting deficiencies and creating institutional changes to strengthen the Department’s security programs and prevent such serious deficiencies from occurring in the future. These unprecedented initiatives included:

The initiation of changes of this scope and magnitude in the Department’s approach to security, in a single year, is unprecedented, and required extraordinary leadership initiative and the concentration of significant effort at all levels within the Department. Collectively, these initiatives concentrated on four basic management tenets: demonstrating management interest at the highest level and demanding it at lower levels; setting understandable and achievable goals and milestones; holding managers accountable for performance; and providing additional resources in areas of most serious need.

The Results

At the Secretary’s direction, the Office of Independent Oversight and Performance Assurance devoted most of its efforts during the year to dealing with the Department’s most immediate security concerns. The Secretary tasked us to closely examine the status of security at the three major nuclear weapons laboratories, identify any significant deficiencies, and identify what would have to be corrected to bring the security programs to an acceptable level of performance by the end of the year. He further directed us to provide continuous information on the status of laboratory security programs. Accordingly, we conducted:

The results of our major efforts are summarized in the following sections.

Lawrence Livermore National Laboratory

Our comprehensive appraisal in the spring of 1999 found serious, widespread deficiencies in Lawrence Livermore’s programs for protecting information and special nuclear materials. For example:

As a result of our findings during the comprehensive inspection, we rated the overall safeguards and security program, as well as most program elements, as less than satisfactory.

Our follow-up appraisal in December 1999, evaluating the status of corrective actions, found that Lawrence Livermore had responded vigorously to the results of our earlier appraisal and had made noteworthy progress in addressing the identified deficiencies. While some problems in unclassified cyber security remained, progress was made in other areas:

As a result of the significant progress made since the earlier appraisal and the compensatory measures in place, we rated Lawrence Livermore’s overall safeguards and security program as satisfactory during the follow-up appraisal.

Sandia National Laboratories-New Mexico

Our comprehensive appraisal of Sandia National Laboratories-New Mexico was conducted in July 1999. Most of the elements of the safeguards and security program were found to be effective; however, we identified several issues in need of immediate attention:

Our follow-up appraisal in December 1999 found that considerable resources and management attention had been applied to the identified deficiencies; appropriate short-term corrective actions had been implemented; and suitable plans for long-term corrective actions had been developed. While follow-through on longer-term actions remains necessary, we found that the interim actions, including the effectiveness of implemented compensatory measures, had sufficiently addressed the identified concerns to merit an overall program rating of satisfactory.

Los Alamos National Laboratory

We conducted a comprehensive appraisal of Los Alamos in August 1999; our previous comprehensive appraisal of the site had been a mere ten months earlier. We found that while Los Alamos had made significant progress in addressing the deficiencies we had identified the previous year, problems remained to be fully corrected in some areas, including unclassified computer security and protection of classified parts. However, due to the compensatory measures in place, we rated the overall status of the protection program as satisfactory.

Our follow-up appraisal in December 1999 found that most unclassified computer security concerns had been adequately addressed. Vulnerability assessments of the storage of classified parts had been conducted and interim protective measures were in place, pending implementation of longer-term corrective actions such as installation of alarm systems. The overall protection program rating remained satisfactory.

Y-12 Weapons Plant

We conducted a comprehensive appraisal of the Y-12 Weapons Plant in Oak Ridge, Tennessee, during September and October 1999. While we found that some protection program elements were particularly effective, several significant concerns were identified in other program elements. The overall protection program, as well as some individual elements thereof, were rated less than satisfactory. Because of the time needed to effectively implement planned corrective actions, we have not yet conducted a formal follow-up appraisal to determine the adequacy of the actions taken to address these concerns. However, we have conducted follow-up visits and monitored the corrective action plan, which is generally adequate. The Y-12 Weapons Plant is still working to address longstanding issues in material control and accountability resulting from an extended shutdown due to safety concerns.

Transportation Safeguards Division

We conducted a follow-up review of the Transportation Safeguards Division in late 1999, specifically to examine how it had addressed some deficiencies in tactical capabilities that were identified in the 23rd Annual Report to the President. The Division had developed an appropriate response plan to address the issue, had established milestones and conducted training, and demonstrated an acceptable level of proficiency in training exercises we observed. We concluded that the Division’s response to the identified deficiency was satisfactory.

The Prognosis

Overall, what we found offers considerable reason for optimism, particularly at the weapons laboratories. The unprecedented leadership provided by the Secretary of Energy has focused efforts and mobilized significant resources to implement both immediate and long-term solutions to the Department’s security problems. Those efforts are already demonstrating numerous positive results, and we have seen considerable progress toward the most pressing needs in a relatively short time. While many efforts have yet to be completed, we have observed and measured considerable achievement in many areas. Most notably, with the Secretary as a driving force, we see the beginning of a Department-wide cultural change in attitude toward security, which has never previously been seen in this Department. Top-level facility managers, including the directors of the major weapons laboratories, are acting on the Secretary’s message that security matters--that they must pay attention to security and give it the appropriate priority if they are to continue conducting their business. Not only have we seen significant effort and resources devoted to correcting security problems, but increased upper management emphasis on security is also filtering down to the mid-level managers and supervisors whose support and cooperation are essential to effective security. We have even seen some evidence that as security practices are enforced, workers are realizing that they can do their jobs and follow good security procedures simultaneously without serious inconvenience. The weapons laboratories, having borne the brunt of last year’s public criticism and having been a main focus of corrective efforts, provide the first evidence of a real attitudinal change. However, the Secretary’s emphatic direction (after the recent appraisal at Y-12) to make individuals accountable for security problems can be expected to send a clear, forceful message throughout the entire Department regarding the need to focus on security.

We also measured real progress in the last six months of 1999 in the "nuts and bolts" implementation of security measures. For example, our security appraisal in October 1998 rated Los Alamos National Laboratory less than satisfactory in all major areas. When we returned a year later, Los Alamos--under a new Director and with the Secretary’s new emphasis--had made much progress. Although significant issues remain, such broad progress had been made that we gave the Los Alamos security program an overall rating of satisfactory. Our follow-up visit in December 1999 confirmed that the forward momentum on the remaining problems was continuing.

As another example, security at the Lawrence Livermore National Laboratory had progressively deteriorated over the period 1993 to 1997 to the point that, during our appraisal in the late spring of 1999, we concluded that the weaknesses were so self-evident that performance testing was not needed to prove that special nuclear materials were not adequately protected. After that appraisal, at the express direction of the Secretary, the laboratory began working closely with Department field managers and key Headquarters managers to identify and implement corrective actions for these weaknesses. When Independent Oversight returned in December 1999 to evaluate progress, we concluded that the protection provided to special nuclear materials at that time was effective.

The Secretary’s personal emphasis on the protection of information in computer systems has also led to a re-examination, throughout the weapons complex, of the protection afforded to classified and sensitive information in other forms and media. This re-examination is spurring the correction of deficiencies in the protection of classified documents and parts.

With the Secretary’s continuing attention, the Department is rapidly taking action to correct known deficiencies, and procedures are now in place to implement longer-term permanent corrections--and to identify and correct other security problems that may exist. The quick progress in the past year confirms that the Department has capable security professionals who can do an excellent job at protecting our national security interests if given the appropriate direction, resources, and opportunity, and that the incredible human and technical capabilities of our facilities can be effectively applied to solving our security problems as well as to their more traditional areas of endeavor. While final judgment must be withheld until completion of the work so successfully begun, the progress to date has been unprecedented. In some cases, such as those illustrated above, once-lethargic and unresponsive programs have been completely turned around. The enabling change we have seen that has made the progress possible, and that will perhaps provide the most critical impetus to the Department’s security program, is the sea change in attitude toward security, particularly at management levels at the laboratories and other facilities. If sustained, the new attitude--instilled in large part through the Secretary’s personal involvement and leadership--can drive all the other elements that are necessary to assure a robust and formidable security program.

Independent Oversight Activities for CY 2000

The Office of Independent Oversight and Performance Assurance has scheduled a full range of activities during calendar year 2000 to determine if the progress made last year is sustained, the Secretary’s initiatives are pursued, and the long-term corrective actions are implemented. Our planned activities include visits to all the weapons laboratories and other major facilities.

Office of Safeguards and Security Evaluations

This office, which evaluates safeguards and security programs, has an ambitious schedule for the year. They will conduct comprehensive appraisals at four major facilities. These comprehensive appraisals involve detailed examinations of the various elements of a facility’s protection program as well as an analysis of the effectiveness of the overall safeguards and security program. They also involve rigorous performance testing of system elements, often including major force-on-force tactical performance tests. In addition to these four major efforts, the office will conduct follow-up appraisals at eight other facilities, including Los Alamos, Lawrence Livermore, and Sandia national laboratories. These follow-up appraisals, which are also significant efforts, will focus on examining the progress and status related to previously identified deficiencies, and typically examine protection program effectiveness in other areas as well.

Office of Cyber Security and Special Reviews

This office, whose primary responsibilities are associated with cyber security oversight, has an equally ambitious schedule. They will conduct comprehensive appraisals of classified and unclassified cyber security programs at four facilities. These comprehensive appraisals, which will include performance tests, will be conducted in conjunction with the Office of Safeguards and Security Evaluations’ comprehensive appraisals discussed above. They will conduct follow-up appraisals of cyber security systems at eight facilities, also in conjunction with the safeguards and security appraisals. Concurrent safeguards and security and cyber security appraisals are more efficient and effective, allowing us to evaluate all aspects of security simultaneously, share administrative resources, and limit our impact on the facilities. This office will also conduct more focused cyber security reviews at two facilities, and will conduct extensive remote cyber security scanning and network penetration testing of computer systems at 12 facilities.

Office of Emergency Management Oversight

This office, which evaluates emergency management and emergency response capabilities, has scheduled the following activities. They will conduct full emergency management program reviews at three facilities, evaluating all aspects of emergency management and emergency response plans, facilities, training, drills, and performance. They will also conduct eight follow-up reviews to examine the status of corrective actions for previously identified deficiencies. They will plan and conduct a major emergency management performance test at one facility, and will evaluate major emergency management exercises conducted by two other facilities.


APPENDIX A

The Office of Independent Oversight and
Performance Assurance

Director, Independent Oversight and
Performance Assurance

Glenn S. Podonsky

Deputy Director, Independent Oversight
and Performance Assurance

Mike Kilpatrick

Director, Office of Safeguards and
Security Evaluations

Barbara Stone

Deputy Director, Office of Safeguards
and Security Evaluations

John Hyndman

Director, Office of Cyber Security and
Special Reviews

Brad Peterson

Director, Office of Emergency Management
Oversight

Charles Lewis




FAS | Government Secrecy | Other Gov Docs ||| Index | Search | Join FAS