from $18,000 to nearly $200,000 per week in unplanned expenditures to implement the required SECON level 2 and 3 measures. Most of these expenses result from overtime pay to protective forces.

However, the costs of the higher SECON levels can be measured in more than just budget dollars. For example, a recent DOE Inspector's General report found that the large amounts of overtime needed to meet the higher SECON requirements have resulted in fatigue, reduced readiness, retention problems, reduced training, and fewer force-on-force performance tests for the protective forces." In addition, the increased operational costs associated with the higher SECON levels can hinder or preclude sites from making investments that could improve their security over the long term. For example, one site delayed purchasing equipment for its protective force that would address a known vulnerability because of the high costs of SECON implementation. Finally, implementation of the protective force response plans outlined in the Secretary's October 3, 2001, directive was sharply limited by the lack of available funding, with some sites estimating it would take from about $30 million to over $200 million to implement the directive completely. Moreover, the performance testing requirements of this directive were generally not conducted because of the already large amounts of protective force overtime required by the higher SECON levels. The new DBT, however, has replaced this directive.

Other than deterrence, the role of the higher SECON levels in improving DOE and NNSA physical security is uncertain. Some aspects of the SECON measures, such as vehicle inspection checkpoints have undergone some limited testing of their effectiveness. However, the higher SECON level measures in place at most sites have not been assessed using the vulnerability assessment tools, such as computer modeling and full-scale force-on-force exercises, that play such a key role in developing protective strategies for DOE and NNSA sites.

Finally, while liaison with other agencies is important, DOE and NNSA site officials anticipate that terrorist attacks on their facilities will be short and violent affairs and will be over before any external responders can arrive on site. In addition, because some DOE and NNSA sites are close to airports and/or major flight routes, they may receive little warning of

Audit Report: Management of the Department's Protective Forces, DOEAG-0602,
Department of Energy Office of the Inspector General, June 2003.

Development of a New
DBT Was Difficult, but
Resulted in a Higher
Threat Level

aircraft attacks and U.S. military aircraft may have little opportunity to intercept these attacks.

In the immediate aftermath of September 11, 2001, DOE and NNSA officials realized that the then current DBT, issued in 1999 and based on a 1998 intelligence community assessment, was largely obsolete. The terrorist attacks suggested larger groups of adversaries, larger vehicle bombs, and broader terrorist aspirations to cause mass casualties and panic than were envisioned in the 1999 DOE DBT. However, formally recognizing these new threats by updating the DBT has proven difficult.

The traditional basis for the DBT has been a study, known as the
Postulated Threat, conducted by the U.S. intelligence community and
agency security organizations, principally the Department of Defense's
(DOD) Defense Intelligence Agency. However, the new Postulated Threat
was completed about 9 months behind its original schedule and not finally
released until January 2003. According to DOE and DOD officials, this
delay was the result of other post-September 11, 2001, demands placed on
the intelligence community as well as sharp debates among the
organizations involved with developing the Postulated Threat over the size
and capabilities of future terrorist threats and the resources needed to
meet these projected threats.

Given the delay associated with the development of the Postulated Threat, DOE, on its own, developed a number of draft threat statements that culminated in the final May 20, 2003, DBT. These included the following:

• December 2001-Interim Joint Threat Policy Statement. DOE and DOD worked on this joint draft document but abandoned this effort later in 2002.

⚫ January 2002-Interim Implementing Guidance. DOE's Security Office issued this guidance so that DOE and NNSA programs could begin to plan for eventual increases in the DBT.

April 2003-4th Draft DBT.

May 2003-Final DBT.

DOE's Security Office distributed the drafts to DOE and NNSA program and site offices and invited them to provide comments. DOE's Security Office considered these comments and often incorporated them into the next version of the DBT. DOE's Security Office also continued to coordinate with the other federal organizations that have similar assets, chiefly DOD and the Nuclear Regulatory Commission.

During the development of DOE's DBT, debates, similar to those that occurred during the development of the Postulated Threat, emerged in DOE and NNSA over the size of the future threat and how much it would cost to meet the new threat. DOE and NNSA officials from all levels told us that concern over resources played a large role in developing the 2003 DBT, with some officials calling the DBT the "funding basis threat," or the maximum threat the department could afford. This tension between threat size and resources is not a new development. According to a DOE analysis of the development of prior DBTs, political and budgetary pressures and the apparent desire to reduce protective force manpower requirements appear to have played a significant role in determining the adversary numbers contained in prior DBTs.

Reflecting the post-September 11, 2001, environment, the 2003 DBT is a substantially different and more demanding document than previous DBTS. Key differences from the 1999 DBT include the following:

Increased adversary threat levels. The 2003 DBT increases the terrorist threat levels for the theft of the department's highest value assets special nuclear material—although not in a uniform way. The 1999 DBT required DOE and NNSA sites to protect against only one terrorist threat level. Under the 2003 DBT, however, the theft of a nuclear weapon or test assembly is judged to be more attractive to terrorists, and sites that have these assets are required to defend against a substantially higher number of adversaries than are other DOE and NNSA sites that possess other forms of Category I quantities of special nuclear material. For example, the Pantex Plant, which, among other things, assembles and disassembles nuclear weapons, is required to defend to a higher level than sites such Los Alamos or Y-12, both of which fabricate nuclear weapons components. DOE calls this a graded threat approach.

Specific protection strategies. In line with the graded threat approach and depending on the type of materials they possess and the likely mission of the terrorist group, sites are now required to implement specific protection strategies, such as denial of access, denial of task, or containment with recapture for their most sensitive facilities and assets.

Wider range of terrorist objectives. The 2003 DBT recognizes a wider range of terrorist objectives, particularly in the area of radiological, chemical, and biological sabotage. The 2003 DBT requires the development of protection strategies for a range of facilities, such as some radioactive waste storage areas, that were not covered under the previous DBT.

• Increased Complexity. With a graded approach and broader coverage, the new DBT is a more complex document than its predecessor. For example, the 1999 DBT was 9 pages long, while the 2003 DBT is 48 pages long.

During the 21 months it took to develop the DBT policy, DOE and NNSA sites still officially followed the 1999 DBT, although their protective posture was augmented by implementing SECON level 2 and 3 measures. While DOE sites under the Office of Environmental Management continued to conduct vulnerability assessments and develop Site Safeguards and Security Plans based on the 1999 DBT, NNSA largely suspended the development of Site Safeguards and Security Plans pending the issuance of the new DBT. During this period, however, NNSA did embark on a new vulnerability assessment process, called Iterative Site Analysis, at four sites and its Office of Transportation Safeguards. The Iterative Site Analyses were analytical, tabletop exercises that addressed a spectrum of potential threats, both within and beyond the threat contained in the 1999 DBT. Iterative Site Analyses were conducted by independent and highly skilled security professionals from across the government and private sector. Most NNSA sites agreed that the Iterative Site Analysis exercises were valuable, and some sites believe that it gave them a head start in meeting the requirements of the new DBT. The Office of Environmental Management is testing this methodology at one of its sites this summer. DOE's Office of Independent Oversight and Performance Assurance continued its inspections; however, it initially reduced the amount of force-on-force performance testing it conducted because of the high levels of protective force overtime caused by implementation of SECON level 2 and 3 measures. This Office also planned to begin performance testing at levels beyond the 1999 DBT, but had done so at only one site before the 2003 DBT was issued.

Implementation of the 2003 DBT Will Be Challenging

Successfully addressing the increased threats contained in the 2003 DBT will take time and resources, as well as new ways of doing business, sound management, and leadership. Currently, the department does not have a reliable estimate for the total cost of fully protecting DOE and NNSA facilities against the 2003 DBT. While DOE and NNSA officials expect new resource requirements to vary widely among the sites, neither the current fiscal year 2003 nor the planned fiscal year 2004 budget includes funds for implementing the 2003 DBT. DOE and NNSA are currently developing preliminary cost estimates that could be included in the fiscal year 2005 budget, which is now being formulated; however, the fiscal year 2006 budget will probably be the first to show the full budgetary impact of the new DBT. DOE and NNSA officials suggest that in order to take earlier action, they may pursue additional security funding through reprogramming and/or supplemental appropriations.

Once funds become available, most sites estimate that it will take from 2 to 5 years to fully implement, test, validate, and refine strategies for meeting the new DBT requirements. Some sites, particularly those that benefited from the Iterative Site Analysis, may be able to move more quickly, and all sites will continue to place priority on improving the protection of special nuclear material.

DOE and NNSA officials also recognize that they will have to change how they perform the physical security mission. A DOE 1999 report and a 2002 NNSA report, this time reinforced by the September 11 attacks, called for changes in the way the department approaches physical security.' These changes will be even more important now that the 2003 DBT has been issued. DOE and NNSA are seeking to

⚫ develop and employ new technologies;

accelerate the design and construction of new facilities;

· better utilize existing facilities;

⚫ purchase adjacent public lands, close public roads and/or build bypass roads around key facilities to restrict public access; and

'A Context and Strategy for Action: A Synthesis of the Special Security Review for DOE Executive Management, December 1998; A Security Architecture for NNSA: A Proposed Framework for Planning and Managing Security, May 23, 2002,