Skip navigation
Nuclear Safeguards Education Portal
  

Threat-Informed Security

The information covered in the previous sections can be organized into a threat definition.  This is the information product at the base of designing a nuclear security system. It consists of information about the potential malicious acts, motivations, and capabilities of an adversary.  A brief explanation follows, but for an elaborate explanation of threat definitions view the Physical Protection Systems Course.

The process for constructing a threat definition has three main components:

  1. Listing the information needed: The designers must decide on what information is needed for the threat definition, so collection can be targeted effectively.  Necessary adversary information can include: motivations, potential goals based upon targets, tactics, groups size, and capabilities.    
  2. Collecting information: Threat information can be collected from a multitude of sources such as crime statistics, professional organizations, published literature, intelligence information, government directives, etc.  This information could incorporate facility specific considerations such as condition inside and outside the facility. This should also include the likelihood of insider involvement in the threat.
  3. Organizing the information into a usable format: The collected information is arranged into a usable product that allows designer to easily view and assess critical adversary information such as a group's motivation, capabilities, target, etc..

The organized information can be filled into an adversary threat spectrum, such as the one pictured below, that designers use to compare the motivations, potential targets, and capabilities of adversaries.  The information in the threat spectrum is used by designers to determine the likelihood a facility will be attacked and by whom, as well as to identify the highest consequence target of interest.  Anticipating the likelihood of an adversary attacking is problematic, so designers may choose to be conservative by assuming all adversaries will attack the facility or may choose to distill the threat information into a single threat definition to use in the design (called a Design Basis Threat).  Designers then construct a security system to counter the highest consequence of an attack on the facility.

  Threat 1 Threat 2 Threat 3
Motivation      
Ideological
     
Economic
     
Political
     
Personal
     
Intentions      
Targets of Interest
     
Likely Malicious Act
     
Willingness to Die
     
Capabilities      
Group Size
     
Tactics
     
Intelligence Gathering Means
     
Weapons
     
Explosives
     
Equipment and Tools
     
Funding
     
Modes of Transportation
     
Technical Skills
     
Cyber Skills
     
Other Knowledge
     
Support Structure
     
Insider assistance
     

From IAEA Nuclear Security Series No. 10, "Development, Use, and Maintenance of the Design Basis Threat," IAEA (2009)  (for mobile devices, it may be necessary to scroll or swipe to see all data on this table, or click here to view large version of the full table).

Page 10 / 11