FAS | Government Secrecy | DOE Docs ||| Index | Search | Join FAS


DEPARTMENT OF DEFENSE
DEPARTMENT OF ENERGY

December 7, 2000

Secretary of Defense
Honorable William S. Cohen
1000 Defense Pentagon
Washington, DC 20301

Secretary of Energy
Honorable William B. Richardson
1000 Independence Ave, SW
Washington,, DC 20545

Administrator
National Nuclear Security Administration
Honorable John A. Gordon
1000 Independence Ave SW
Washington, DC 20545

We have reviewed the Report of the Joint Policy Group for the Protection of Nuclear Weapons Design and Use Control Information and approve its recommendations.

Since 1993, when Secretary of Energy Hazel O'Leary announced an Openness Initiative, several reexaminations of the adequacy and effectiveness of protection measures for nuclear weapons information categorized as Restricted Data (RD) have been conducted by joint groups from our respective departments as well as the National Research Council. The Joint Policy Group evaluated prior recommendations on increased protection for the most sensitive RD, validated the requirement, and identified documents containing the most sensitive RD warranting enhanced protection.

If you approve the enclosed recommendations, our staffs will commence implementation while continuing to jointly seek further means of providing improved, consistent, and cost-effective protection for the Nation's most sensitive Restricted Data.

Enclosure
As stated


DEPARTMENT OF DEFENSE
ASSISTANT SECRETARY OF DEFENSE
COMMAND, CONTROL, COMMUNICATIONS AND INTELLIGENCE

DEPARTMENT OF ENERGY
DIRECTOR, OFFICE OF SECURITY
AND EMERGENCY OPERATIONS

NATIONAL NUCLEAR SECURITY ADMINISTRATION
CHIEF, DEFENSE NUCLEAR SECURITY

REPORT OF
THE JOINT POLICY GROUP FOR THE
PROTECTION OF
NUCLEAR WEAPONS DESIGN
AND USE CONTROL INFORMATION

DECEMBER 1, 2000

BACKGROUND

On August 28, 2000, the Department of Energy (DOE) and the Department of Defense (DoD) established the Joint Policy Group for the Protection of Nuclear Weapons Design and Use Control Information. The charter of the Joint Policy Group (JPG) was to: (1) identify any nuclear weapon design and use control information requiring enhanced protection, (2) identify possible methods to provide such protection, and (3) make recommendations based on the threat, cost and operational impact of those methods. The group was to report on the results of its study and provide recommendations by December 1, 2000, after which it would disband. Participants in this study are listed at Annex A.

This group and its report are the culmination of years of effort to respond to a recommendation in the DOE Report of the Fundamental Classification Policy Review (FCPR) Group in 1997.1 The FCPR Group recommended that, while there is some Restricted Data that warrants declassification, there is also some Restricted Data that warrants increased protection. This recommendation was consistent with two previous reviews: A Review of the Department of Energy Classification Policy and Practice by the National Research Council2 and The Classification Policy Study by the Department of Energy (DOE) Office of Declassification. The DoD, the Department of State and other agencies concurred with the recommendations of the FCPR, and this led to the "higher fences" initiative. The idea of "higher fences" was also endorsed by the Commission on Protecting Government Secrecy, the Openness Advisory Panel of the Secretary of Energy Advisory Board and the Technical Evaluation Panel (a panel of senior DOE scientists.)

Renewed concerns for non-proliferation, results of the three studies and apparent recent losses and mishandling of nuclear-related information have given a high priority to ensuring the identification and protection of weapon design information, including design information on older and simpler weapons. Subsequent to the FCPR, DOE technology and classification experts, using a keystone approach, recommended that approximately 65 topics in CG-W-5,3 the Joint DOE/DoD Nuclear Weapon Classification Policy Guide, be given enhanced protection. One option identified for providing enhanced protection for this information was upgrading the classification of the information to Top Secret. Stakeholders within the DOE scientific and classification community and within the DoD expressed concern about the operational impact and cost of raising this information to Top Secret. That led to the chartering of the Joint Policy Group and this report.

DISCUSSION

The Sigma System for Restricted Data Management:

The Atomic Energy Act of 1954, as amended, defines Restricted Data as meaning all data concerning (1) design, manufacture, or utilization of atomic weapons; (2) the production of special nuclear material; or (3) the use of special nuclear material in the production of energy, but shall not include data declassified or removed from the Restricted Data category pursuant to section 2162 of this title.4

The Department of Energy issues regulations concerning access to Restricted Data and has published DOE Order 5610.2 that establishes the procedures for the control of weapon data.5

The Department of Defense issues and maintains separate policies and procedures governing access to and dissemination of Restricted Data by DoD personnel.6

The policy of categorizing Restricted Data into defined subject groups is contained in DOE O 5610.2 and is known as the Sigma system. The intent of this categorization is to separate information into common work groups, and facilitate enforcement of strict need-to-know for information access. This system uses strict security, as denoted by required access markings, for sharply defined and narrowly scoped information. This approach was endorsed by the National Research Council report and supports cost effective resource management in both departments.

Access and Control of Restricted Data:

The DOE and DoD have authority from the Atomic Energy Act of 1954 (as amended) to establish policy and procedures for access to Restricted Data, and those policies have significant differences. Table 1 summarizes these approaches. DoD uses an access control caveat "Critical Nuclear Weapons Design Information" (CNWDI) for certain categories of Restricted Data to ensure that only persons specifically authorized and briefed for access to CNWDI gain access to it. DoD generated documents that contain CNWDI are clearly marked: "Critical Nuclear Weapon Design Information–DoD Directive 5210.2 Applies." Other DoD generated documents that do not contain CNWDI, but do contain Restricted Data are marked as "Restricted Data," but have no other special caveat. Portion marking in DoD originated documents provides further assistance in the authorized access and control of RD. The percentage of each marking by DOE or DoD, by category, is not available.

Table 1

DoD DOE
Category Access Accountable Category Access Accountable
Top Secret RD: All SSBI7 YES Top Secret RD: All SSBI YES
Secret RD CNWDI NAC8 NO Secret RD CNWDI SSBI NO
Secret RD no CNWDI or Sigma marking NAC NO Secret RD no CNWDI or Sigma marking SSBI NO
Secret RD marked Sigma 1-13 NAC NO Secret RD marked Sigma 1-13 SSBI NO
Secret RD marked Sigma 14 SSBI YES Secret RD marked Sigma 14 SSBI YES
Secret RD marked Sigma 15 SSBI NO Secret RD marked Sigma 15 SSBI NO

Issue for the Joint Working Group:

The Joint Working Group was asked to respond to the conclusion of the FCPR that

In response to this conclusion, two options were considered by both the FCPR Group and the Joint Policy Group:

Because the Sigma system is well established and both the DOE and the DoD have been using it to provide enhanced protection for Sigma 14 and 15 information, the Joint Policy Group decided that creating a new Sigma 16 would be a manageable and cost effective solution. Annex B provides the definition of Sigma 16. Also, because the security measures for Sigmas 14 and 15 are already established and implemented within both departments, the Group decided that similar, but not identical, measures should be implemented for Sigma 16. Those enhanced security measures are outlined at Annex C.

One of the provisions of the Group's charter was that the information would originate from a subset of CNWDI. To assist in the evaluation of options, a survey of DoD components and contractors was conducted to determine the number of personnel who have access to CNWDI, their clearance level, and the investigative basis. The survey also collected information on where CNWDI was likely to be stored or processed. This information was intended to assist the group in determining how many activities and contractors may be impacted by any enhanced protection option(s). In a separate request to information technology professionals, DoD also collected information on the estimated cost of upgrading communication and information systems to process information classified Top Secret. This information is at Annex E.

Based on the data in Annexes D and E, the Joint Working Group determined that creating a new Sigma category, Sigma 16,9 and providing enhanced security measures to that category yielded better security at a lower cost and with less negative impact on operations than upgrading information to Top Secret.

Finally, the Joint Working Group determined that the current guidelines for protection of use control information designated Sigma 14 and 15 are sufficient.10

CONCLUSIONS

RECOMMENDATIONS

ASSIGNMENT OF ACTIONS

Department of Defense:

DOE/National Nuclear Security Administration:

REFERENCES


ANNEX A

PARTICIPANTS

The following individuals participated in the meetings of the joint DoD DOE working group that addressed the issues presented in the JPG charter, and assisted in the development of this report.

 
Department of Energy 
Office of Security and Emergency Operations               
	David A. Jones 
Office of Nuclear and National Security Information
	Roger Heusser 
	Finn Neilsen (Co-Chair) 

National Nuclear Security Administration 
Office of the Chief, Defense Nuclear Security             
	John C. Todd (Co-Chair) 
	Jon H. Todd 
Office of Security Support (Defense Programs)            
	Bill Hensley 
Office of Weapons Surety                                  
	Randall Weidman 
	Jay Tilden 
Albuquerque Operations Office                            
	Mike Spence 
	Jake Chavez 
Sandia National Laboratories 
	Joe Morreale 
	John Lewis 
	George Novotny 
	Al West 
	Rodney Wilson 
Lawrence Livermore National Laboratory                    
	Bill Bookless 
	Kent Johnson 
	Maylene Wagner 
Los Alamos National Laboratory                            
	Tim Neal 

Department of Defense 

Office of the Assistant Secretary of Defense
	(Command, Control, Communications and Intelligence) 
Office of the Director, Defense Research and Engineering 
Office of the Deputy Chief of Staff for Operations, U.S. Department of the Army 
Office of the Chief of Naval Operations (NO9N2), U.S. Department of the Navy 
Director, Strategic Systems Program Office, U.S. Department of the Navy 
Office of the Deputy Chief of Staff for Air and Space Operations,
	U.S. Department of the Air Force 
Office of the Joint Chiefs of Staff 
U.S. Strategic Command 
Naval School Explosive Ordnance Disposal 
Defense Threat Reduction Agency 


ANNEX B

DEFINITION OF SIGMA 16

Detailed implementation of Sigma 16 will take place after agreement by the principal DOE and DoD officials to this approach. Sigma 16 is defined as follows:

Sigma 16:


ANNEX C

SIGMA 16 ENHANCED PROTECTION MEASURES

1. Documents11 at any classification level are fully accountable, including inventory, copying, transferring and destruction.

2. Documents will be marked as Sigma 16 and need-to-know strictly enforced.

3. SSBI is required for access.

4. By-name overall access list is required.

5. Administrative and physical controls will be in place to preclude access to documents by individuals not approved and certified by designated agency coordinators.

6. Establish a central electronic registry of authorized departments, agencies, or organizations including mailing addresses.

7. Establish a central electronic database of persons authorized access to Sigma 16. It is recommended that the Joint Personnel Adjudication System (JPAS) serve as the central electronic database for the DoD.

8. Establish a document registry to track "birth-to-death" accountability for each document.

9. Identification of a single point of contact [department facility coordinator] to ensure accountability of Sigma 16 documents.


ANNEX D

DOE/NNSA RESTRICTED DATA ACCESS [Preliminary Estimate for Planning Purposes Only]

ORGANIZATION FACILITIES PERSONNEL
HQ DOE & NNSA Forrestal & Germantown 200
Albuquerque Operations Office 300
Sandia National Laboratories Albquerque
Livermore
2000

Los Alamos Area Office Los Alamos National Laboratory 5000
Amarillo Area Office Pantex Plant 1500
Kansas City Area Office Kansas City Plant 200
Nevada Operations Office
Bechtel Nevada
60
150
Savannah River Tritium Operations
Fissile Material Operations
100
400
Oak Ridge Operations Office
Area Office
Y-12 Plant BWXT
ORNL (supports Y-12)
Bechtel Jacobs (East Tennessee Tech Park/ Portsmouth/Paducah)
ORISE
25
75
2000-3000
25
10
20
Oakland Operations Office
Lawrence Livermore National Laboratory
5
2700







DoD CNWDI ACCESS [Preliminary Estimate for Planning Purposes Only]



ORGANIZATION SSBI NAC/ENTNAC
ARMY 2620 1436
NAVY 1383 537
MARCORP (less III MEF & Albany Depot) 74 144
AIR FORCE 1173 507
JOINT STAFF 461 0
OSD 124 7
USSTRATCOM 1095* 8
USCINCPAC 50 0
EUCOM 19 0
SOCOM 21* 0
JOINT FORCES COMMAND 0 0
DTRA 583 106
NSA 200 0
DARPA 22* 0
BMDO 873** 8
DIA 324*** 0
DSS 0 0
DLA 7 19
DCMA 2 17
DCAA 0 0
DISA 4**** 0
NIMA 95* 0
NAG 11* 0
CONTRACTORS (17 contractors) 971 834


ANNEX E

ESTIMATED COST TO UPGRADE COMMUNICATION AND INFORMATION SYSTEMS TO PROCESS INFORMATION CLASSIFIED TOP SECRET

1. Multiply desktops and drops by number of personnel who need connectivity, plus some number of printers. Cost may vary depending upon location of exact room and building.

2. RECURRING:

3. ENCRYPTION COSTS:

These can be mounted at the main distribution point, rather than on/in an individual PC, in order for small groups of people to share data. However, if you need to encrypt on a larger LAN there is a network encryption system @$25,000.

Primary Joint World-Wide Intelligence Communication System (JWICS) node @$100K.

4. RECURRING COSTS:

JWICS Drops – cost is site specific depending upon, for example, whether cable has to be pulled; distance from primary node; primary node host requirement for a separate server; central storage required; any additional network equipment needed to connect desired room to nearest JWICS connection; additional shielded cabling from nearest JWICS connection to desired room.


ANNEX F

REFERENCES

JOINT POLICY GROUP FOR THE PROTECTION OF
NUCLEAR WEAPONS DESIGN AND USE CONTROL INFORMATION

CHARTER

August 28, 2000

PURPOSE: The protection of nuclear weapon-related information is crucial to maintaining the security of the United States. Since both the Department of Energy (DOE) and the Department of Defense (DoD) are responsible for the security of such information, corresponding programs are needed at both agencies to ensure continuity and standardization where practical. Such continuity and standardization enhance the protection of nuclear weapon-related information across the Government and benefit the American taxpayer by establishing a more efficient and effective program. To that end, the Joint Policy Group for the Protection of Nuclear Weapons Design and Use Control Information (Joint Policy Group) has been established to determine how best to enhance the protection of Restricted Data (RD) constituting the most sensitive nuclear weapon-related information. Such information is a subset of all nuclear weapon design and use control information. To accomplish this task, the Joint Policy Group will (1) study current DoD and DOE policies for the classification and protection of nuclear weapon design and use control information, (2) evaluate the effectiveness of these policies, and (3) recommend whether and how these policies may be improved.

BACKGROUND: Under the Atomic Energy Act of 1954, as amended (the Act), the DOE establishes the Government-wide identification, protection, and personnel security programs for RD. Also under the Act, the DoD, which possesses the bulk of all RD outside the DOE, establishes its own internal personnel security program for RD under its control. Since both Departments have policy roles with respect to RD, and also have the overwhelming majority of all RD in the government, cooperation in this study is imperative.

Formation of the Joint Policy Group to study the protection of nuclear weapons design and use control information is not without precedent. In 1995, the DOE and DoD embarked on the Fundamental Classification Policy Review (FCPR), a joint effort to comprehensively review nuclear weapons-related classification policy to determine which information no longer warranted protection in the post-Cold War era. The FCPR also identified a number of specific nuclear weapons-related subject areas as being particularly sensitive. This aspect of the FCPR is a starting point for the Joint Policy Group to identify what, if any, information warrants enhanced protection.

OBJECTIVE: The objectives of the Joint Policy Group are to identify (1) any nuclear weapon design and use control information requiring enhanced protection, (2) possible methods to provide such protection, and (3) recommendations based on the threat, cost and operational impact of those methods.

PROCESS: The Joint Policy Group may form and task subgroups, if needed. These subgroups will be staffed by both DoD and DOE employees and contractors.

PRODUCT: The Joint Policy Group will provide a report containing the results of its study and recommendations concerning the protection of nuclear weapons design and use control information to the Director, Security and Emergency Operations, DOE and to the Deputy Assistant Secretary of Defense (Intelligence), DoD.

Ultimately, although not a direct product of the Joint Policy Group, agency and national publications may require changes to incorporate the accepted Joint Policy Group recommendations.

DURATION: The Joint Policy Group will produce its final report and disband by December 1, 2000.

GROUP MEMBERS:

Department of Energy

National Nuclear Security Administration

Department of Defense

    [signed]                                                [signed]
    General Eugene E. Habiger, USAF (Retired)               Arthur L. Money
    Director, Office of Security and                        Assistant Secretary of Defense
         Emergency Operations                               Command, Control, Communications 
    U.S. Department of Energy                                    and Intelligence
                                                            U.S. Department of Defense



Department of Energy
Washington, DC 20585

October 3, 2000

Mr. Arthur L. Money
Assistant Secretary of Defense
Command, Control, Communications and Intelligence
6000 Defense Pentagon
Washington, D.C. 20301-6000

Dear Mr. Money:

As outlined in the "Joint Policy Group for the Protection of Nuclear Weapons Design and Use Control Information Charter" which we signed on August 28, 2000, I am designating the following individuals as Department of Energy co-chairs of the Joint Policy Group:

Office of Security and Emergency Operations, for policy
Finn K. Neilsen, Deputy Director
Office of Nuclear and National Security Information
(301)903-3526

National Nuclear Security Administration, for implementation
John C. Todd, Chief
Defense Nuclear Security
(202)586-2579

If you have any questions, please contact me at (202)586-3345.

cc:
Christopher Mellon, DOD
Finn Neilsen, SO-22
John C. Todd, NA-3




FAS | Government Secrecy | DOE Docs ||| Index | Search | Join FAS