Since the 1992 ‘Joint Declaration of South and North Korea on the Denuclearization of the Korean Peninsula’ was agreed, various negotiations and policies have been conducted. There were policies such as CVID, Strategic Patience, Top-Down Approach, Calibrated Practical Approach, Audacious Initiative and the Geneva Agreement, and 9.19 Joint statement by the six-party talks were signed to denuclearize Korean Peninsula. However, starting with the first nuclear test in 2006, North Korea conducted six nuclear tests to develop atomic bombs, boosted fission bombs, ICBMs, and SLBMs to enhance its weapon capabilities. In addition, nuclear security crisis on the Korean Peninsula has been rising day by day as signs of restarting the North Korea’s Yongbyon 5MWe Graphite-moderated reactor were observed and the possibility of a seventh nuclear test have been increased. Since North Korea’s nuclear issue has a lot of influence on international security, especially on the Northeast Asian countries, a realistic denuclearization policy that reflects North Korea’s current domestic situation along with the international situation is needed. It’s been six months since Russia invaded Ukraine on February 24, 2022. The war between Russia, which has nuclear weapons, and Ukraine, which gave up its possession of nuclear weapons due to the Cooperative Threat Reduction (CTR) program known as the Nunn-Lugar program, is expected to have a significant impact on North Korea, which is considering denuclearization due to UN sanctions on North Korea. Therefore, in this study, based on the war patterns of Russia-Ukraine war, perspective on how it could affect North Korea’s denuclearization is analyzed. Also, significance and limitations of the previous nuclear negotiations, the North Korea’s political regime, the ‘five-year strategy for North Korea’s economic development’ and the ‘five-year plan for North Korea’s economic development’ were analyzed to suggest practical DPRK’s denuclearization policy.

The crisis of climate change aroused international needs to reduce the greenhouse gas emission in energy sector. Government of South Korea formulated an agenda of carbon neutrality through announcing 2050 Net-Zero Carbon Scenario A and B in October 2021. As the power supply from renewable energy increases, it becomes a core element to take into account the daily intermittency of renewable energy in analyzing the upcoming energy plans. However, the existing yearly Load Duration Curve is insufficient for applying day and night power change in daily scale into energy mix analysis, since it derives the energy mix for whole year on the basis of classifying annual base load and peak load. Therefore, a new energy mix simulation model based on the daily power load and supply simulation is needed for the future energy analysis. In this study we developed a new model which simulates the average power supply and demand daily (over a 24 hour period) for each season. The model calculates the excess and shortage power during day and night by integrating each energy’s daily power pattern. The 2050 Net-Zero Carbon Scenario A was used for the model verification, during which the same amounts of power production from each energy source were applied: nuclear, renewable, carbon-free gas turbine, fuel cell and byproduct gas. Total power demand pattern and renewable energy production pattern were drawn from the data of 2017 power production, and Pumped-storage Hydroelectricity and Energy Storage System were used as day-to-night conversion. Detailed assumptions for each energy were based on the Basis of Calculation for Net-Zero Carbon Scenario from Government. The model was verified with three cases which were divided depending on the method of hydrogen production and whether the Curtailment and Conversion Loss (CCL) of renewable energy were considered or not. Case 1 assumed production of hydrogen occurred for 24 hours while not considering CCL, had 0% relative error in comparison of total annual power production, and case 2, considering CCL, had a 1.741% relative error. Case 3 assumed production of hydrogen occurred only during daytime with excess power and CCL consideration, yielded 0.493% relative error in total amount of hydrogen production, confirming that the model sufficiently describes the Government’s Scenario A with the input of total power production. This model is expected to be used for analyzing further energy mix with different ratios of each energy source, with special focus on nuclear and renewable energy sources.

The measurement activities to evaluate material balance of nuclear material are usually performed by operator. It is because that the IAEA does not have enough manpower to carry out nuclear measurement accountancy of all nuclear materials in the world. Therefore, the IAEA should consider scenarios which facility operator tries to divert nuclear material for misuse by distorting measurement record. It is required to verify the operator’s measurement data whether it is normal or not. IAEA measures inventory items using their own equipment which is independent of facility operator equipment for verification. Since all inventory lists cannot be verified due to limited resources, the number of items to be verified is determined through statistical method which is called as sample size calculation. They measure for the selected items using their own equipment and compares with operator’s record. The IAEA determines sample size by comprehensively considering targeted diverted nuclear material amount and targeted non-detection probability and performance of measurement equipment. In general, the targeted diverted nuclear material amount is considered significant quantity (plutonium: 8 kg, uranium-235: 75 kg). If the targeted non-detection probability or the performance of the verification equipment is low, the sample size increases, and on the contrary, in the case of high non-detection probability or good performance of verification equipment, even a small sample size is satisfied. It cannot be determined from a single sample size calculation because there are so many sample size combinations for each verification equipment and there are many diversion scenarios to be considered. So, IAEA estimates initial sample size based on statistical method to reduce calculation load. And then they calculate non-detection probability for a combination of initial sample size. Through the iteration calculation, the sample size that satisfies the closest to the target value is derived. The sample size calculation code has been developed to review IAEA’s calculation method. The main difference is that IAEA calculates sample size based on approximate equation, while in this study, sample size is calculated by exact equation. The benchmarking study was performed on reference materials. The data obtained by the code show similar results to the reference materials within an acceptable range. The calculation method developed in this study will be applied to support IAEA and domestic inspection activities in uranium fuel fabrication facility.

To ensure the peaceful use of nuclear energy, nuclear safeguards are applied in member states of the International Atomic Energy Agency (IAEA) under the Non-Proliferation Treaty. The two major considerations in implementing nuclear safeguards are effectiveness and efficiency. In terms of efficiency, the IAEA has a great interest in using containment and surveillance (C/S) technology to maintain continuity of knowledge. A representative means of C/S technology is a sealing system to detect tampering. The existing sealing systems used by the IAEA are of limited functionality in realtime verification purposes. To address this limitation, the present study develops a real-time verification sealing system. First, we analyzed the design requirements of a sealing system proposed by various institutions including the IAEA, the U.S. Nuclear Regulatory Commission, and a number of national laboratories and companies. Then, we identified the appropriate design requirements of this system for real-time verification. Finally, the prototype system was developed and tested based on the identified design requirements. The validation tests of the prototype system were performed for anticipated environmental conditions, radiation resistance, and safeguards functionality. Additionally, we are developing user-friendly verification software. The software validation is planned to perform for functionality, performance efficiency, and security. The next step is to develop a commercialized realtime verification sealing system based on the results of validation tests. Using this commercialized system, we plan to evaluate the performance in various actual use cases. Such a system is expected to significantly enhance the efficiency of nuclear safeguards.

Even though it is emphasized to apply safeguards-by-design (SBD) concept in the early phase of the design of a new nuclear facilities, there is no clear guideline or tools for the practical SBD implementation. Generally known approach is trying to review whether there is any conflicts or shortcomings on a conceptual safeguards components in a design information. This study tries to build a systematic tools which can be easily applied to safeguards analysis. In evaluating the safeguards system or performance in a facility, it is essential to analyze the diversion path for nuclear materials. Diversion paths, however, can be either extremely simplified or complicated depending on the level of knowledge and purpose of specific person who do analyze in the field. In the context, this study discusses the applicability of an event tree and fault tree method to generating diversion paths systematically. The essential components constituting the diversion path were reviewed and the logical flow for systematically creating the diversion path was developed. The path generation algorithm based on the facility design components and logical flow as well as the initial information of the nuclear materials and material flows was test using event tree and fault tree analysis tools. The usage and limitation of the applicability of this two logic methods are discussed and idea to incorporate the logic algorithm into the practical program tools is suggested.The results will be used to develop a program module which can systematically generate diversion paths using the event tree and fault tree method.

Recently, about 70 Small Modular Reactors (SMRs) are being developed around the world due to various advantages such as modularization, flexibility, and miniaturization. An innovative SMR (i- SMR) is being developed in South Korea as well, and the domestic nuclear utility is planning to apply for the Standard Design Approval in 2026 after completing the basic design and standard design. Accordingly, the regulatory body is conducting research on the regulatory system for reviewing the i- SMR standard designs by referring to the IAEA and the U.S. NRC cases. A SMR is expected to many changes not only in terms of cyber security due to new digital technology, remote monitoring, and automatic operation, but also in terms of physical security according to security systems, security areas, and vital equipment. Accordingly, related technical documents issued by the IAEA require nuclear utilities to consider regulatory requirements of security from the design phase by integrating security regulations into SMR licensing. The U.S. NRC has also identified 17 issues affecting SMR design since 2010 (SECY-10-0034), and among them, ‘Consideration of SMR security requirements’ was included as a major issue. Accordingly, the NuScale applicant conducted security assessment and design in consideration of the Design Base Threat (DBT) in the initial SMR design process through the Gap Analysis Report (2012) and the NuScale’s Security System Technical Report (TR-0416-48929), and the NRC developed the Design Specific Review Standard for NuScale (DSRS) and then reviewed the applicant’s security design process, standard design results, and testing criteria for security system (ITAAC). This paper analyzed the case of security review activities during the NuScale standard design review, and through this, it is intended to be used in the development of domestic regulatory system for the i-SMR security review in the future.

It is still questionable if the Nuclear Damage Compensation Act can be applied to security accidents on nuclear facilities caused by hacking or drone attacks. If the Act is applied, the nuclear operator shall be liable for compensation for the damage even if there is no negligence, and no other person shall be liable. If it is not, victims must prove the negligence of nuclear operators and not only nuclear operators but also suppliers must be responsible. According to Article 5 of this Act, a nuclear operator cannot operate a reactor before signing liability insurance contract or a compensation contract or depositing in order to compensate for nuclear damage. The liability insurance contract includes the hacking accident, but it is not applied to drone attacks since only hacking accident is included in design basis accidents. However, Article 2 of this Act defines a nuclear accident as an event that may cause nuclear damage so it can be said that the ‘event’ includes intentional attacks. Article 3 stipulates that nuclear operators are not liable for compensation for damages caused by armed conflicts, hostile acts between countries, or civil war or rebellion. Therefore, if nuclear power plant is attacked by missiles from North Korea, the nuclear operator is not liable for compensation. And, it can be interpreted that the nuclear operator is liable for compensation for damages caused by actions of a third party that do not fall under this category. According to the Act on Indemnity Agreement For Nuclear Damage Compensation, nuclear damage caused during normal operation is included in the scope of compensation, but damage caused by actions of third parties is excluded. In the end, damage caused by actions of third parties is included in the scope of nuclear damage, but not included in the loss compensated by the government. According to the Act on Physical Protection, the Nuclear Safety & Security Commission is required to establish a design basis threat that is the standard for designing and evaluating physical protection systems. Therefore, it is reasonable to include the contents of design basis threats in liability insurance, or to apply the principle of no negligence liability and focus of responsibility to protect victims, if not.

The purpose of the present research is to verify the design characteristics of the SMART facility for the application of the IAEA’s safeguards-by-design (SBD) concept to small modular reactor (SMR) and to establish a foundation for SBD to be faithfully implemented as early as possible from the design stage. International Atomic Energy Agency (IAEA) is planning to facilitate the verification activities of inspectors by developing a safeguards approach to the reactor as early as possible and preparing a safeguards technical report (STR) before commercial operation of SMR begins. To this end, the IAEA is developing various approaches to the application of SBD to SMR with countries such as Republic of Korea, Russian Federation, China, the United States, and Canada through the Member State Support Program (MSSP). In order to review the unique design information of SMART facilities, the only deployable SMR in Korea, and to establish safeguards from the early design stages of SMART, it is necessary to carry out the task through cooperation with the Korea Atomic Energy Research Institute (KAERI) and Korea Institute of Nuclear Nonproliferation and Control (KINAC). IAEA agreed with the KINAC and KAERI to the direction of the project and to prepare both the Design Information Questionnaire (DIQ) and the Safeguards Technical Report (STR) for SMART facilities sequentially. The DIQ is a collection of questions to understand the characteristics of the reactor facilities that must be considered in applying safeguards. The STR is a document referenced by IAEA inspectors when verifying safeguards. Those draft versions were prepared and submitted to the IAEA. After review opinions were received, additional revision was conducted. In 2022, the IAEA holds the consultancy meeting on SBD for SMART. The purpose of the meeting is to review the draft DIQ and STR prepared by designers and discuss the future work plan of the task with designer and the task point of contact in order to safeguards can be considered at the early stage of the design. The results will be beneficial to the efficient safeguards verification activities of IAEA inspectors in the future.

Sabotage on nuclear power plants are of great national and social significance and long-term damage, the IAEA’s “Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Rev.5) provides a standard direction for physical protection of their nuclear facilities in almost all member countries, including Korea and the United States. In the United States, Federal Law 10 CFR Part 73, Sections 73.40 to 73.57 specify requirements for physical protection of nuclear power plants, performance criteria, physical protection systems and components thereof, core information, and physical protection for key activities related to nuclear power plant operations. Accordingly, the USNRC carefully examines whether the plant meets the physical protection objectives and criteria set out in SRP 13.6.2, whether the core area/protection area is properly set up to protect against internal and external physical attacks, sabotage threats, and what design measures and facilities are being set up for these areas. The Department of Homeland Security (DHS), established in 2002 following the 2001 World Trade Center attacks, authorized federal, local governments, and authorities National Infrastructure Protection Plan (NIPP) to protect facilities from terrorist attacks and man-made physical attacks in 2007. NIPP clarifies the great principles and governance of the physical protection of national infrastructure in the United States presented by DHS. There are many physical protection design guidelines and technical standards for preventing attacks from terrorists or internal and external sabotage attackers, improving the viability of mitigating the damage in case of emergency, and achieving efficient recovery from such damage. Particularly important, small-scale damage/damage at a particular location of a major facility is extended to the entire facility, resulting in asymmetrical large-scale damage, so-called “Progressive Collapse” under initial attack loads, minimizing local damage, and protecting the building’s integrity through isolation from other structural components. Consequently, this paper deal with physical protection system design on Unite states standards and practices for applying to physical protection system design in Republic of Korea.

Kori unit 1, Korea’s first light-water nuclear power plant, was permanently shut down in June 2017. The operator, Korea Hydro & Nuclear Power Co. (KHNP), submitted a final dismantling plan for Kori unit 1 to the Nuclear Safety and Security Commission (NSSC) in May 2021. Pursuant to this procedure, the NSSC is preparing regulations for the decommissioning stage of large nuclear facilities for the first time in the Republic of Korea. The Korea Institute of Nuclear Non-proliferation and Control (KINAC) is also considering applying regulations on safeguards. Moreover, the International Atomic Energy Agency (IAEA) developed the “International Safeguards Guidelines for Nuclear Facilities under Decommissioning” in 2021. The guidelines describe the detailed application of safeguards measures to be considered when decommissioning nuclear facilities, dismantling essential equipment, and providing relevant information to the IAEA, as well as the scope of IAEA inspections. In addition, Dr. R. Bari of the Brookhaven National Laboratory (BNL) proposed the Facility Safeguardability Assessment (FSA), a methodology that reflects facility characteristics from the design stage to ensure that designers, national regulators, and the IAEA communicate smoothly regarding safeguards measures. The FSA process derives expected problems with safeguards measures considering new nuclear facilities by analyzing the gap of safeguards measures applied to existing similar nuclear facilities. This study uses the existing FSA methodology to predict problems related to safeguards measures when decommissioning nuclear facilities and to analyze deviations from safeguards measure requirements according to IAEA guidelines. To this end, the reference facility is set as an operating pressurized light water reactor; the issues with the safeguards measures are summarized using the FSA Process; and a draft safeguards concept for nuclear facilities under decommissioning is designed. Furthermore, validity is confirmed through a simple analysis of the diversion path, and implications and lessons are derived. Through this, it is possible to anticipate new safeguards measures to be applied when decommissioning nuclear facilities in the Republic of Korea and review problems and considerations in advance.

KINAC has regulated cyber security of nuclear facilities based on「Act on Physical Protection and Radiological Emergency」and KINAC/RS-015 “Security for Computer and Information System of Nuclear Facilities”, a regulatory guide. By that law and regulatory guide, nuclear licensees shall protect digital assets so-called CDAs, which are conducting safety, security, and emergency preparedness functions from cyber-attack. First of all, to protect CDAs from cyber-attack, licensees should identify CDAs from their assets according to the RS-015. The identification methods are provided in another regulatory guide, RS-019. To research the best practice, a reference case is selected as a U.S. case. In this study, a comparison analysis was conducted especially focused on EP CDAs identification methodology between R.O.K. and U.S., because the regulation basis is relatively insufficient in R.O.K., and improvement plans for the cyber security regulations in R.O.K were proposed. From the analysis, it was identified that detailed methods to identify EP function are provided in NEI 10-14 “Identifying Systems and Assets Subject to the Cyber Security Rule” published by Nuclear Energy Institute (NEI), an institute of nuclear power reactor licensees. Also identified that the definition of EP function is provided clearly in NEI 10-04 based on related regulation, 10 CFR 50.47 “Emergency Plans”. In that regulation, licensees shall follow and maintain the effectiveness of an emergency plan that meets the sixteen planning standards of 10 CFR 50.47(b). So, these sixteen planning standards correspond to the emergency preparedness functions. In NEI 10-04, scoping considerations for emergency preparedness function are provided referring to sixteen planning standards. Moreover, in that scoping considerations, planning standards, planning standard functions and 10 CFR 73.54 “Protection of digital computer and communication systems and networks” scoping guidance are provided, so, licensees identify EP CDA in their assets conveniently. In case of R.O.K., because these sixteen planning standards are not established, there is an ambiguity in identifying EP CDAs. The only related provision is “Detailed Standards for Establishment of Emergency Plan”. To resolve the ambiguity, it is needed to analyze sixteen planning standards in 10 CFR 50.47(b) and “Detailed Standards for Establishment of Emergency Plan”. Then, should be developed ‘scoping considerations for emergency preparedness function’ based on the analysis as provided in NEI 10-04.

IAEA has the right and obligation to verify the states’ commitments for safeguards under the comprehensive safeguards agreement and additional protocols. There are IAEA inspections such as PIV, DIV, RII, SNRI under these agreements. As part of the implementation of this mission, the IAEA inspectors perform the verification for the state’s accounting reports related the nuclear materials such as ICR, PIL, MBR. To do well this verification, the inspectors often use non-destructive analysis, which aims to measure attributes of the items during the inspections. This kind of an activity aims to detect the missing nuclear items or wrong things in the facility using nuclear materials. In general, NDA techniques use the neutron counting and gamma ray spectrometry. Besides, IAEA also performs several verification measures as follows. - C/S (Containment and Surveillance techniques) is to maintain the continuity of the knowledge by giving assurance that its containment remains unimpaired. - Unattended and remote monitoring is to transmit the data from onsite of the facility through the on-line system. - E/S (Environmental Sampling) is to detect the minute traces of nuclear materials by smearing some points in the on-site of the facility. Nowadays, the above mentioned techniques are important ways to increase the effectiveness of the safeguards approaches reducing IAEA actual costs. To strengthen the effectiveness and improve the efficiency of safeguards approaches, IAEA always develops and adopts the techniques and equipment for safeguards. Especially, IAEA seems to be concerned with the improvement and development of the non-destructive techniques and equipment in the fields of nuclear fuel cycle. IAEA develops the new techniques and equipment through the help of MSSP (Member States Support Programs). The IAEA defines the needs of safeguards and coordinates the support programs. After the IAEA tests and evaluates the techniques/equipment developed, IAEA decides whether to use the developed techniques and equipment during the inspection by the procedure of the IAEA quality assurance. This paper aims at studying the current changes of the IAEA equipment such as DCVD, NGSS and HCES.

Korea Institute of Nuclear Non-proliferation and Control (KINAC) Safeguards division and Export control division operate regulation management system each other according to their work scope and characteristics. Korea Safeguards Information System (KSIS) of Safeguards division handles information for nuclear material accounting and control. Especially, accounting and declaration reports submitted to International Atomic Energy Agency (IAEA) are important information in this system. And Nuclear Import and Export Control System (NEPS) of Export control division deals with import and export information of nuclear materials and nuclear weapon trigger list items. Establishing and operating the integrated database as sharing information between KSIS and NEPS derive merits as follows. First, the full cycle of nuclear material transfer records can be managed by collecting information on the nuclear materials from import to export or disposal. In addition, regulatory body can verify inconsistency between transfer records and account records in date, location, element, mass etc. Especially, small quantity nuclear materials are major loop hole in nuclear material accountancy system. The accumulated material transfer data will give an evidence to catch loss nuclear material. Second, sharing the information on nuclear fuel cycle related research and development activities in both divisions can utilize the information to outreach on facility subject to nuclear technology transfer for Nuclear Suppliers Group (NSG) and additional protocol declaration for Safeguards Agreement with IAEA. Third, regulatory body is easily able to manage entire import and IAEA report procedure for items subject to the Nuclear Cooperation Agreement (NCA). In present, KINAC regulation on NCA is divided to Export control and Safeguards. Export control division conducts classification imported items subject to NCA and acquires prior consent or notifies to other country. And Safeguards division report inventory list for each NCA country to the ROK government once a year. Imported NCA inventory list will be generated automatically by merging database. Then, it can be easily verified without any additional process by both divisions.

The IAEA states that in the event of sabotage, nuclear material and equipment in quantities that can cause high radiological consequences (HRC), as well as the minimum systems and devices necessary to prevent HRC, must be located within one or more vital areas. Accordingly, in Article 2 of the ACT ON PHYSICAL PROTECTION AND RADIOLOGICAL EMERGENCY, the definition of the vital area is specified, and a nuclear facility operator submits a draft to the Nuclear Safety and Security Commission to establish vital areas and must obtain approval from Nuclear Safety and Security Commission. Since the spent fuel pool and new fuel storage area are areas where nuclear material is used and stored, they can be candidates for vital areas as direct targets of sabotage. The spent fuel pool is a wet spent fuel storage facility currently operated by most power plants in Korea to cool and store spent nuclear fuel. Considering the HRC against sabotage, it is necessary to review whether sepnt fuel pool needs to establish a vital area. In addition, depending on the status of plant operation during the spent fuel management cycle, the operation status of safety systems to mitigate accidents and power system change, so vital areas in fuel handling building (including spent fuel pool) also need to be adjusted flexibly. This study compares the results of the review on whether the essential consideration factors are reflected in the identification of essential safety systems and devices to minimize HRC caused by sabotage in the spent fuel storage system with the procedure for identifying the vital area in nuclear power plants. It was reviewed from the following viewpoints: Necessity to identify necessary devices to minimize the radiation effects against sabotage on the spent fuel pool, Review of necessary elements when identifying vital areas to minimize the radiation effects of spent fuel pool against sabotage, Necessity to adjust vital areas according to the spent fuel management cycle. The main assumptions used in the analysis of the vital area of the power plant need to be equally reflected when identifying vital areas in spent fuel pool. And, the results of this study are for the purpose of minimizing the radiological consequences against sabotage on the spent fuel storage system including the spent fuel pool and used to establish regulatory standards in the spent fuel storage stage.

In August 2021, in response to the rapidly changing trade environment, including the advancement of Information Communication Technology (ICT) and its services, the European Union (EU) implemented the Dual-Use Items Control Regulation 821/2021 to introduce an Internal Compliance Program (ICP) to the EU countries. Accordingly, the exporters should comply with the regulation to strengthen their transactions review systems. Sweden, Germany, France, and the United Kingdom have implemented ICPs and outreach activities for dual use items. In particular, France explicitly stipulates the introduction of ICP in the law to manage and supervise it. While Sweden, Germany, and the United Kingdom strengthen the supervisory authority of regulatory agencies then companies are encouraged to autonomously introduce ICPs. Before introducing the ICP for the trigger list items (the items) to the Republic of Korea (ROK), a comprehensive export license system for them should be firstly considered based on EU Regulations. Also the comprehensive export license might be implemented by expanding the subject for the existing license on technology export of nuclear plant into the items. The ROK does not introduce an ICP as it does not recognize a self-classification on the items in accordance with the nuclear export control law. However, in preparation for the export to the EU countries that have intentions to introduce nuclear plants, it is necessary to analyze the export control programs of Sweden, Germany, France, and the United Kingdom. Like the programs of Sweden, Germany and the United Kingdom, the EU regulations might be adopted to reduce the regulation burden in the ROK. With the reference of Sweden, the authority could support the Export Control Manager Certification (ECMC) system accredited by civil association then its outreach activities could be diverse and extended. Basically, the ECMC system could consist of Part I, II, III and IV and an applicant could be accredited by a civil association as the ECM after completing the courses of Part I and II. The ECMC courses might be as follow; 1) Part I: the Basic common course for beginner 2) Part II: the National export control system for the items 3) Part III: the International export control regulations 4) Part IV: Re-Certification within the certain period In this paper, we analyzed the export control programs in Sweden, Germany, France, and the United Kingdom and suggested the ECMC system that might be applied to the ROK as above.

In 2004, in order to comply with UN Security Council Resolution 1540, the European Union (EU) came into force with Regulation 428/2009 for the export control of dual-use items, which has been working to prevent the proliferation of weapons of mass destruction (WMDs). In August 2021, it amended the EU 821/2021 to include mandating the introduction of ICPs for exporters in the member countries in order to strengthen controls over the transfer of tangible and intangible technologies. The main contents are as follows; 1) Mandatory introduction of Internal Compliance Program (ICP): Exporters within the EU countries should introduce a transaction review procedure through the ICP in consideration of their size and organization. 2) Export control on Cyber Surveillance Items to protect human rights: In order to protect human rights and comply with the obligations of international human rights law, EU countries should implement export controls on cyber-monitoring items exported from customs zones in the EU. Cyber surveillance items are specially designed to monitor, extract, collect or analyze data such as biometrics through intrusion of information and communication systems or deep packet hijacking. However, items used for purely commercial programs such as billing, marketing, quality service, user satisfaction or network security are excluded. 3) Expansion of the Catch-all system: EU countries should utilize the catch-all system to strengthen export controls on cyber-monitoring items, including dual-use items. 4) Strengthening control over the cloud: Exporters and EU countries should extend the scope of intangible technology transfer, such as electronic media, fax, and telephone, outside the EU’s customs territory, and apply export control regulations such as general or comprehensive licenses to cloud transmissions outside the EU territory. 5) Introduction of large-scale project authorization: To reduce the administrative burden on enterprises (especially small and medium-sized enterprises) and authorities when exporters with individual or collective licenses export to one or more specific end-users for the purpose of large scale projects, provided that they ensure the implementation of an appropriate level of export controls; EU countries may introduce large-scale project license systems in the form of general authorization. Recently, there is a possibility that the ROK would export its nuclear technologies including APR1400 to the EU member countries in the midst of the EU adoption of carbon-zero policy. In this paper, we have analyzed the EU export control regulations and suggested the future direction of nuclear export control programs in the ROK.

The guidelines for cyber security regulations at domestic and foreign nuclear facilities, such as KINAC/RS-015, NRC’s RG5.71 and NEI 13-10, require the establishment of security measures to maintain the integrity of critical digital assets (CDAs) and protect them as threats to the supply process. According to the requirements, cyber security requirements shall be reflected in purchase requirements from the time of introduction of CDAs, and it shall also be verified whether cyber security security measures were properly applied before introduction. Domestic licensees apply measures to control the supply chain in the nuclear safety sector to cyber security policies. The safety sector supply chain control policy has areas that functionally overlap with the requirements of cyber security regulations, so regulatory guidelines in the safety sector can be applied. However, since most of the emergency preparedness and physical protection functions introduce digital commercial products, there is a limit to applying the control of the supply chain in the safety field as it is. It is necessary to apply supply chain control operator policies, procedures, and purchase requirements for each SSEP function, or to establish cyber security integrated supply chain control requirements. In this paper, based on the licensee’s current supply chain control policy, the cyber security regulation plan for supply chain control according to the SSEP (Safety-Security-Emergency Preparedness) function of CDAs is considered.

Nuclear power plants, which are important national facilities, require special attention against the threat of terrorism using various methods. Among the terrorist threats, as structural damage and human casualties due to explosions continue to occur, interest in the blast load is increasing. However, domestic nuclear power plants do not have sufficient design requirements for protection against the threat of explosives. To prepare for the threat of terrorism using explosives, it is necessary to evaluate the physical protection performance of nuclear power plants against blast load, and to use this to improve protection performance and establish regulatory standards. Most of the explosion-proof designs used abroad use the empirical chart presented by UFC 3-340- 02 (DoD 2008), which does not take into account the effect of near-field explosions. When explosions occur inside nuclear power plants, near-field explosions occur in most cases. In this study, it was assumed that explosives were installed in the corridor inside nuclear power plants. A spherical TNT was placed in the middle of the corridor floor to simulate near-field explosions, and the structure response according to the weight of the TNT was evaluated. The corridor was modeled with a reinforced concrete material and the LS-DYNA program was used for analysis. For the explosion model, the Arbitrary-Lagrangian-Eulerian (ALE) analysis technique applying the advantages of the Lagrangian and Eulerian methods were used. By analyzing the pressure history and the degree of deformation of the structure according to the explosion, the degree of threat caused by the explosion was analyzed. Based on the analysis of this study, physical barriers performance database (DB) using Modeling & Simulation (M&S) will be constructed by performing sensitive analysis such as representative structure shape setting, boundary conditions, material of structures, etc. The constructed DB is expected to be used to establish regulatory standards for the physical barriers of nuclear power plants related to explosives.

Because a cyber-attack on industrial control system (ICS) and/or critical infrastructure such as NPPs is evolving, it is necessary to develop a cyber security regulation technology corresponding to the attack technology. Nevertheless, it is almost impossible to test actual I&C systems in NPPs for evaluating cyber security against new vulnerabilities or attack vectors. So, a testing environment is needed to conduct penetration tests and evaluate the overall cyber security of NPPs. For that purpose, KINAC is developing a cyber security test bed and has plans to apply the insight from the test bed to cyber security regulation in NPPs. Conceptually, the test bed is divided into two parts, H/W parts and S/W parts. The S/W part is mainly composed of a NPPs simulator, especially APR 1400 simulator model. Originally, the I&C systems are implemented by computer codes in the simulator model, however, parts of I&C systems in the simulator are implemented by H/W in the test bed. Then, these actual H/W-based I&C systems are wired to the simulator. Because the cyber security test only can be carried out on real I&C systems (H/W-based I&C systems), it is important to decide on the scoping of HIL in the simulator. In this decision process, the purpose of testing should be considered a priority. The decision process of scoping HIL in the simulator in line with the test purpose is discussed in this paper. For example, if the test purpose is to evaluate the consequences of NPPs induced by cyber-attacks, safety analysis results may be utilized in the decision process. Especially, if the consequences are fuel integrity in NPPs, level 1 PSA results may be used to decide the HIL scope. In that case, most of the I&C systems are safety-grade I&C systems. The number of safety-grade I&C systems is still too much so, more analysis should be accomplished to narrow down the numbers. To derive the most mitigation measures by comparing the mitigation measures in each initiating event may be one example of narrowing down the number of I&C systems. From these processes, the scope of HIL in the simulator corresponds to the test purpose may be decided.

Domestic nuclear facilities establish a physical protection system to respond to illegal transfer of nuclear materials and sabotage to nuclear materials and nuclear facilities, and operate a security search system in order to prevent the entry of controlled items into the facility. X-ray security search is also the most widely used for such security search. Since 2018, Korea Institute of Nuclear Nonproliferation and Control (KINAC) has developed the “X-ray security screening Web-Based Training Program (XWBT)” and has been using it in the physical protection education. The XWBT contains about 700 X-ray images of the item, and can learn X-ray images by type or package of the item. In addition, trainees can practice reading the X-ray image of the item or package, looking for controlled items, and determining whether the item could be passed or opened. However, there is a limit to Web-Based X-ray training program alone. This is because even if the same item is contained in the same bag, the X-ray image could be varied depending on the direction, angle, and other items in the package. Therefore, in addition to XWBT, X-ray reading practice education for actual luggage should be conducted in parallel. In addition, trainees should be familiar with various images through repetitive X-ray reading practice training so that they should be able to intuitively read X-ray images and find controlled items. Therefore, securing educational time is essential to produce skilled trainees. Korea Aviation Security Academy (KASA), which produces professional security inspectors, has established and operated a “Security search education filed for actual luggage” where trainees can pack their own bags, read X-ray images, and practice whether there are controlled items packed. In addition, KASA provides 40-hour training for security search personnel, which focuses on improving the practical skills that security search personnel must have. This study describes the current status of “X-ray Security Search” of Physical Protection Education for security personnel and presents course improvements through the case of KASA.