If it had been real life, it would have been the most audacious act of terrorism since September 11.
When Exercise Lindisfarne got under way on Wednesday, March 17, at the Torness power station in East Lothian, it was to test the defences of Scotland’s nuclear industry.
And it revealed just how slip-shod safety procedures are in what should be one of the country’s most secure facilities. During the role-playing exercise a “terrorist” with a stolen security pass penetrated the Torness nuclear power station. He damaged the reactor, caused casualties and took several staff hostage.
The emergency response launched by the plant’s operators was so riddled with flaws that it failed to deal safely and promptly with the crisis. Exercise Lindisfarne resulted in British Energy having to revamp its emergency procedures to prove to government safety watchdogs that they wouldn’t go wrong again.
Secret post-mortems on Exercise Lindisfarne were compiled by the Nuclear Installations Inspectorate (NII) and the Office for Civil Nuclear Security (OCNS), both part of the government’s Health and Safety Executive. Their reports have now been released to the Sunday Herald under freedom of information law.
“Action to ensure safety of personnel and plant appeared to lack urgency at times and the station should correct this,” concluded the NII report. There were delays in tracking and making contact with the intruder, failures tracing missing persons, and poor communications.
The coverage of the public address system was inadequate, there were “deficiencies” in radio-communciation devices, and evident problems dealing with the injured. “The station should ensure that casualties receive initial treatment and are handled appropriately during recovery,” the NII report commented.
Information on what was happening as the emergency at Torness unfolded was not always timely, accurate or consistent, the report suggested. But it did not make clear how the crisis ended.
Another report from the OCNS revealed that there had been a series of security shortfalls. The stolen pass was deactivated but there was “an unnecessary delay in interrogating the system to identify where the card had been used, and to track the unauthorised person,” it said.
A potentially crucial CCTV camera was broken and “the gatehouse security doors remained open and insecure for too long,” the report disclosed. “There was a delay in making contact with the hostage taker.”
It added: “It was not apparent that malicious activity had been considered as the initiating event and there was an unnecessary delay in declaring a security incident...There was no apparent assessment of the requirements for a site lockdown.”
In a letter to the Torness operator, British Energy, on 25 March the NII welcomed the company’s offer “to develop improved generic arrangements for responding to events having combined counter terrorism and nuclear safety elements.” These were to be demonstrated to the NII “as soon as reasonably practicable”.
The exercise was ridiculed yesterday by the nuclear industry’s critics. “In the anniversary week of the 7/7 atrocities in London, when we know that a terrorist attack on a nuclear facility could cause major casualties across Scotland and northern England, this Keystone Cops approach is simply not acceptable,” said Pete Roche, an Edinburgh-based nuclear consultant.
“If British Energy can’t get its counter terrorism arrangements right, then its nuclear facilities should be closed before we end up with a terrible contamination problem.”
Duncan McLaren, the chief executive of Friends of the Earth Scotland, was similarly worried that counter terrorism arrangements at Torness were so poor. “One of the big advantages of renewables over nuclear power is that the former don't make attractive targets for terrorists, and therefore don’t need costly high security arrangements,” he said.
The NII pointed out that Exercise Lindisfarne was “an extremely demanding and challenging combined security and safety exercise designed to stress test procedures.” It was pleased that British Energy had tested itself so thoroughly.
“Overall, we found that British Energy's response to the exercise was acceptable, given the challenging circumstances,” said an NII spokesman. “We have identified positive areas and a number of areas for improvement, to which British Energy has responded well.”
The NII regularly tries “to help improvement in areas where the operators of nuclear facilities are generally compliant, to ensure that neither the licensee nor the regulator are complacent,” the spokesman added.
British Energy, which is part of the French company EDF Energy, stressed that it continually practiced and reviewed its emergency plans. “One aspect of these reviews involves conducting regular safety and security exercises at our sites which involve station staff and emergency services in realistic and stretching scenarios,” said a company spokeswoman.
“Exercise Lindisfarne was a planned regulator-observed exercise and although there were a number of learning points identified, the exercise performance was deemed as satisfactory.”
Emergency exercises: a history of cock-ups
Exercise Lindisfarne was certainly not the first test of a nuclear emergency to go wrong. And it probably won’t be the last.
In 2005 Exercise Senator envisaged a catastrophic chain of events afflicting a Trident nuclear weapons convoy on its way through Edinburgh. An aircraft engine was imagined to be have fallen out of the sky onto the convoy, which then crashed into an oil tanker on the A720 city bypass.
The official post-mortem of the exercise from the Ministry of Defence revealed that mistakes that were made could have caused fatalities. Casualties were left trapped in vehicles and attempts to prevent the spread deadly radioactive contamination failed.
Exercise Yeti at Torness nuclear power station in East Lothian in 2003 revealed serious flaws in emergency arrangements. The then Scottish Executive complained of long delays in getting accurate information about the imagined accident which “would not have been tolerable in a real situation”.
An internal memo revealed a rash of communication problems within the Executive, including an out-of-date directory, a failed telephone connection and a problem accepting encrypted data. None of the fax machines seemed to work, it said, and when a laptop crashed there was “no means of exchanging written information”.
Another government report on 20 emergency exercises at nuclear plants, uncovered by the Sunday Herald in 2005, revealed a long litany of problems. These included inadequate radiation monitoring, multiple communication breakdowns, poor planning and a chronic shortage of basic facilities.
“Some agencies struggled to provide timely, clear and concise advice on which to base strategic decisions,” said report from the government’s Nuclear Emergency Planning Liaison Group. “There was a failure to spot that some key agencies were missing.”
Download copies of the official reports released on Exercise Lindisfarne here (1.5MB pdf).