Since 18 of December 2019 uses Nucleus credentials. Visit our help pages for information on how to Register and Sign-in using Nucleus.
10-14 February 2020
Europe/Vienna timezone

French approach of security by design: from the Opéra Garnier to SMR

Not scheduled
Paper PP: Security by design, including in newcomer countries


THOMAS LANGUIN (MINISTRY OF ENVIRONMENT, ENERGY AND THE SEA FRANCE) Mr Erik DUCOUSSO (Ministry for an ecological and solidary transition)


On 14 January 1858, Napoleon III was victim of a bomb-attacked in front of the Paris opera house by Italian terrorists as a response to French interventionism in their country. After this attack, Napoleon III decided the building of a new opera house that would be more prestigious but as well better secured: one of the most famous building in Paris was born, the Opéra Garnier.

Who remembers today that security was one of the concern of this building? If we look carefully, it clearly appears that security was considered as early as the design phase of the opera. This example will be used as an illustration of the benefits of security by design, in particular what is sometimes called “intrinsic security”.
To go further, we will explain how security by design principles used for the Opéra Garnier are still relevant for nuclear facilities. Three comparisons will be used:
creation of the Avenue de l’Opéra, large enough to prevent any attack during travel time / integrated assessment of transport issues when considering the siting and design of a nuclear facility;
“Rotonde de l’Empereur”, that provides a secured and dedicated access for the Emperor / underground design of SMR that provide protection against off-site attacks;
direct access to the Emperor’s loge / reduction of the need to access vital area by moving consignment room from the main control room building to outside of the vital area.

These examples show how inherent features, integrated as early as possible during the design phase, contribute to enhance the security of the building regarding specific threats without the need to add dedicated physical protection systems afterward.
The current French approach of security by design can be resumed as a combination of:
an intrinsically secured design, with inherent features of the installation that contribute to reduce the number of targets, to facilitate nuclear security and allow a better mitigation of the potential consequences of the remaining vulnerabilities and;
an early identification of physical protection requirements, to cope with the vulnerabilities of the installation.
Security by design may also help to make easier the consideration of future changes in the threat during the lifetime of the installation. For instance, it can result in a design that provides rooms for future additional physical protection systems to cope with evolutions of the threat.
Therefore, in order to be as much efficient as possible, it is expected that designers take into account security aspects as early as possible during the design phase of the installation, as done for nuclear safety. However, one of the challenges for security by design is that it relies on a design basis threat which is specific to each country and is generally protected information.
Even though this approach has not been yet introduced in the regulatory framework, the French nuclear security authority is endeavoured to apply the principles resulting from the concept of security by design to new nuclear installations currently under construction or in development in France.
The list below is not exhaustive, but some principles that can be applied to new nuclear installations can be expressed as follow:
how to optimize fuel assembly design and management to reduce vulnerability to theft?
how to identify potential sabotage targets and reduce their numbers and/or vulnerabilities?
how to optimize building organization and access to reduce opportunities for insider threat?
how to adapt safety features, in particular passive features and/or redundancy, to face malicious acts as well?
how to adapt transport provisions to reduce vulnerability of transports when accessing the site?

In conclusion, the concept of security by design, being a combination of an early identification of physical protection requirements and an intrinsically secured design, should be addressed as early as possible by designers when developing new nuclear installations. It will result in facilities with more efficient and effective security, but also that are cost-effective with respect to threat evolutions and prevention of negative impacts on operations, safety, and safeguards.

State France

Primary authors

THOMAS LANGUIN (MINISTRY OF ENVIRONMENT, ENERGY AND THE SEA FRANCE) Mr Erik DUCOUSSO (Ministry for an ecological and solidary transition)

Presentation Materials