p.p1 completely successful in eliminating the potential for

p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 10.0px Helvetica}
p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Helvetica}

 In terms of both geographic range of impact and severity of impact, one of the greatest threats to United States
security is the threat of radioactive or nuclear attack. About 95% of cargo entering the United States enters through
containerized maritime cargo pathways. While various legislation has passed on the issue of improving security for
these vital pathways, such as the SAFE Port Act of 2006 and the Trade Act of 2002, the regulations entailed in these
laws has not been completely successful in eliminating the potential for smuggled nuclear material. This research
presents current practices and legislation aimed at the reduction of smuggled nuclear material entering the country,
and examines the effectiveness and vulnerabilities of such practices and programs. Based on publicly available data,
this paper presents likely smuggling pathways, based on the vulnerability in the maritime containerized cargo systems,
and the accessibility of nuclear materials. Through a comprehensive analysis of historical orphan source incident data
and current practices, points of vulnerability in the containerized shipping pathway are identified. The smuggling
pathways into the United States are modeled, considering strategic and adaptive adversaries.
Keywords
 Game Theory, Reliability, Homeland Security
1. Current Practices
1.1 Agencies and Offices Responsible for Regulatory Controls
 Several federal agencies and offices exist to combat the threat of a nuclear attack on U.S. soil. In 1998, the Department
of Energy (DoE) established the office of the Second Line of Defense (SLD) to provide detection equipment,
maintenance, technical support, and training to foreign personnel at land border crossings, rail crossings, airports,
and strategic seaports in Russia. In 2000, SLD and other DoE nonproliferation operations were transferred to the
new National Nuclear Security Administration (NNSA). NNSA has formed global partnerships in the interest of the
creation and expansion of a global multilayered security network for nuclear smuggling deterrence. Following the
9/11 attacks, SLD expanded its reach into Eastern Europe and former Soviet countries. Radiation detection systems
are integrated with existing border security measures at the border crossing of partner countries to prevent smuggling.
The NNSA also has mobile detection tools for sites and events in which a full RDS installation would be impractical.
At the end of 2014, Russia cut its cooperation with the U.S. on nuclear security matters. NNSA reorganization began
in the next months, and the SLD program became the Nuclear Smuggling Detection and Deterrence Program (NSDD).
NNSA also formed the Global Material Security program during this period, with the intent of securing nuclear and
radiological materials.
The Domestic Nuclear Detection Office (DNDO) was established per SAFE Port Act regulations. The DNDO exists to
coordinate all federal efforts to detect and protect against the unauthorized importation, transportation, development,
possession, storage, and usage of fissile material, nuclear devices, and radiological material within the United States.
It works with federal partners to fill gaps in Global Nuclear Detection Architecture worldwide, with 74 independent
federal programs/projects.
Security at ports of entry and points of origin is also facilitated and managed by the U.S. Coast Guard and U.S.
Customs and Border Patrol, as detailed in the following subsection.
1.2 Current Practices and Legislation
 Container security is primarily facilitated by CBP at ports of entry, although there is also some DHS involvement.
The USCG uses ISPS codes at ports of entry, and requires notice of arrival at least 96 hours before arrival, as well as
all vessel, cargo, and personnel information, including the last port visited. Except in cases of sovereignty concerns,
the USCG rates foreign ports by ISPS standards to evaluate their counterterrorism measures. ISPS subject vessels are
also required to maintain their security en route from the foreign port to the port of entry in the US. The Automated
Targeting System (ATS) is a decision support tool used to algorithmically assign a risk score to incoming shipments.
Established in the 1970’s and expanded after the 9/11 attacks, the ATS reviews large quantities of information about
incoming shipments and individuals in order to determine their threat level. Data is collected on both incoming
passengers and incoming cargo, including such information as the shipper, the previous reliability and trustworthiness
of the shipper, the cargo’s history, and who is funding the shipping. NTC-C scans all containers, determining highrisk
candidates. Non-intrusive screening technologies are used to screen cargo coming into and out of the country,
including Radiation Portal Monitors (RPM’s). Portal technology enables the detection of even trace radiation, and
following detection, can be used to identify the source. CBP officers utilize RIID to identify sources of radiation
signatures and determine whether they are benign or dangerous.
The USCG maintains 40+ bilateral maritime law enforcement agreements, and 11+ proliferation security initiatives.
The Maritime Transportation Security Act of 2002 provides a regime for security plan approval, which is basically a
U.S. version of ISPS regulations. The 1st line of defense against nuclear smuggling is to secure nuclear material at the
source, and the 2nd line is NSDD radiation detection systems at 585 sites. The DHS National Small Vessel Security
Strategy from 2008 was designed to evaluate small vessel threat levels, based on the potential for recreational and
small vessels to be used to smuggle in terrorists and weapons or to be used as direct attack methods, as water borne
IED’s. The strategy focuses on coherent rule-sets and increased security, as well as risk-based decision making. The
corresponding plan is sensitive to pre-cleared stakeholders, and includes a multi-tier implementation.
The Global Nuclear Detection Architecture (GNDA) is a multilayered security architecture divided into 3 layers. The
first is an exterior layer, composed of efforts to detect and report on material that is outside of United States regulatory
control. The second is a border layer, which includes the protection of avenues of approach and entry into the United
States. The third is an interior layer, including domestic capabilities to detect and report on material that is in the
United States, but outside of official regulatory control.
NSDD activities are sub-grouped into 2 categories—the Implementation Program, and the Sustainability Program.
The Implementation Program primarily consists of the installation of large RDS units at strategic locations and the
provision of mobile detection systems (MDS) in and to partner countries, pending agreement between the foreign
government and the U.S. government. The Sustainability Program is a 2 phase program. The first phase, the Transition
phase, involves the maintenance of radiation detection equipment. The second phase, the Post-Transition phase,
aims to take maintenance of equipment out of U.S. hands and transfer responsibility for a site’s RDS systems to the
government of the host country. NSDD expenses FY2011-FY2015 totaled 1 billion USD, and approximately 142
million USD was allocated to NSDD in FY2016. Per the NNSA’s funding requests, planned spending from FY2017-
FY2021 is around 809 million USD.
NSDD partners include countries all over the world, but are mostly concentrated in Eurasia. To identify and prioritize
programs and activities, NSDD uses quantitative threat assessment and risk-based models. Threat assessment is used
to understand the environment in which global nuclear smuggling occurs and to rank countries and areas of concern.
The results of this threat assessment are then used to inform 3 risk based models—international crossings, the global
maritime shipping network, and MDS asset prioritization—used in partner prioritization. NSDD has not identified or
not described the number of additional large container seaports that need to be equipped to maximize the effects of the
program, the number of additional MDS assets that need to be deployed, and the number of partner countries expected
to enter the post-transition phase.
Per the Trade Act of 2002, cargo container manifests must be in at least 24 hours prior to onloading of containers at
ports of exit for U.S. bound ships.
The Security and Accountability for Every Port Act (SAFE Act) establishes the framework for voluntary security
programs at ports, such as CSI and C-TPAT. It also allows for the collection of “10+2” shipper information by CBP
either before a ship reaches a point of entry, or upon arrival. “10+2” information includes necessary data such as point
of origin, seller, manufacturer, container stuffer, and importer. The SAFE Act required 100 percent scanning of U.S.
bound containers by 2012, but 100 percent scanning had not been attained as of a GAO report released in 2015.
The Container Safety Initiative (CSI), seeks to reduce container vulnerability at optimal screening. CSI arrangements
exist at 60+ foreign seaports that process a combined 80 percent or more of U.S. bound cargo. CSI facilitates prescreening
for containers that pose a security risk prior to their being loaded onto U.S. bound ships. Provided all parties
consent, CSI partnerships can be built to facilitate such screening based upon the level of perceived container risk,
the export volume of the port, and the level of cooperation between the relevant foreign government entities and the
U.S. government. CSI compliant ports have to meet minimums with respect to operating procedures and technical
capabilities, to operate nonintrusive inspection methods for nuclear material screening, and to consistently monitor
and improve their processes.
The Customs Trade Partnership Against Terrorism (C-TPAT) is a voluntary supply chain security program that creates
partnerships between the U.S. and exporters such as Canada, Japan, and the EU, to facilitate point of origin cargo
screening and faster validation. C-TPAT partners are selected through an application process to the DHS. For a partnership
to be formed, the partner applicant must have a history of moving large volumes of cargo internationally, and
must meet SAFE Act requirements, including requirements for container security, procedural security, IT security, and
access controls. Compliant parties are broken up into 3 tiers, with increasing expediency of processing moving from
tier 1 to tier 3. Tier 1 compliant partners can have the ATS generated risk scores of their containers risk reduced down
to 80 percent of the high risk threshold. Tier 2 compliance carries the benefits of risk reduction, reduced screening,
and priority cargo searches, where searches are necessary. Tier 3 compliance adds the benefits of further reductions
in risk level and screening, expedited release of cargo at ports of entry, and partner inclusion in incident management
exercises. Partners can be validated by certified 3rd parties, and in the event of noncompliance, partnerships can be
revoked.
2. Public Relevant Data
2.1 Orphan Source Incidents
 The first documented cases of nuclear trafficking appear in 1991, soon after the collapse of the Soviet Union. The
number of cases recorded between 2001 and 2009 has virtually doubled compared to the previous decade, from 860
to 1582. This rise is mainly due to increased global awareness of the potential nuclear terrorism threat, improved
detection capabilities at many international borders and points of entry, campaigns to recover orphan radiation sources,
and better incident reporting practices to the IAEA.
The International Atomic Energy Agency (IAEA) maintains a nuclear and radiological material trafficking database,
the ITDB. As of the end of 2014, approximately 2,700 cases of illicit trafficking of nuclear material had been reported
and confirmed. More than 100 countries voluntarily contribute to the IAEA database.
The Database on Nuclear Smuggling, Theft, and Orphan Radiation Sources (DTSO) is maintained by the Center for
International Security and Cooperation (CISAC) at the Stanford Institute for International Studies (SIIS). The DTSO is
comprised of databases, including the ITDB and the CNS database, as well as journals, newspapers, and other sources
dating to 1999 in order to have a more coherent picture of global nuclear smuggling. It is divided into 21 descriptive
categories.
The Center for Nonproliferation Studies (CNS) also maintains an incident and tracking database, which provides free
and open access to centralized information on nuclear material that has fallen out of regulatory control. 514 incidents
were reported from January, 2013 to December, 2015. CNS also releases an annual report, and the database includes
21 descriptive categories to group and describe incidents. An orphan nuclear source, as recorded in CNS data, is any
amount of nuclear material that has fallen out of proper regulatory control. Orphan sources can vary in nature from a
relatively harmless misplaced tritium exit sign to missing medical grade isotopes, such as cobalt-60, which can be used
to make a dirty bomb. While this dataset relies on self reporting and contains only selected incidents over a maximum
5 year period, it provides some ground work on hot spots for orphan source activity.
CNS reported data suggests 4 likely origins for illicit nuclear or radioactive material: Loss, Theft, Contaminated
Material, and Improper Disposal. Loss and theft retain their expected meanings. Contaminated material can occur in
cases of nuclear meltdown, or in the case of the 4th origin type–improper disposal. Improper disposal involves the loss
of nuclear seed or contaminated material within the disposal process. This can include examples such as the failure to
dispose of medical seed sources after a procedure, etc. A majority of lost nuclear material is never recovered, although
CNS data is incomplete with regards to recovery. Out of approximately 700 origin events (loss, theft, contamination,
disposal), there is only recovery and detection data for around 650.
When an orphan source incident occurs, detection and recovery of the material can occur in a variety of ways.
Figure 1: CNS Reported Origin Incidents, Sorted by Location and Type
2.2 Factors that May Affect Smuggling
 While many factors influence crime and smuggling on a global scale, we expect that certain variables matter more than
others. We look primarily at corruption in public office, existing drug and human trafficking networks, connections
to organized crime, and terror activity. Datasets on these activities are maintained by Transparency International
(Corruption perceptions), the United Nations Office on Drugs and Crime (Organized crime and smuggling networks),
and the START Consortium (Global Terrorism Database).
Transparency International releases data on corruption perceptions across the globe every year. Countries with a higher
index are perceived to be more corrupt, which can be a contributing factor both in smuggling and in device acquisition.
Corrupt public officials can be bribed or bought off in order for bad actors to acquire a device, or to look the other way
and enable smuggling through their jurisdictions. This data seems to correlate with global terrorism and drug data, but
this relationship is unlikely to be completely causal.
Figure 2: Transparency International’s Corruption Index Data
Global terrorism data can also be an indicator of potential hot spots. A country or region destabilized by terror can be
used as part of a smuggling pathway due to the resulting lack of order and regulation. In addition, areas with greater
terrorist activity can serve as origin points for groups with nefarious intent seeking to acquire a device or seed source.
3. Possible Smuggling Scenarios
3.1 Potential Threat Origin Points
 A terrorist group could obtain a bomb, perhaps even with the yield of the Hiroshima bomb, from several plausible
sources, including from Russia, Pakistan, or India. Russia’s strategic (long-range) nuclear weapons are reportedly
well guarded either on missiles or, thanks in part to U.S. assistance, in storage. In contrast, thousands of shorter-range
lower-yield weapons intended for use in combat are less well secured, and their numbers and locations are uncertain. A
fear is that terrorists might buy or steal one of these weapons along with information on how to bypass any use-control
devices.
Figure 3: Global Deaths Due to Terrorism
American, British, Chinese, French, and Israeli nuclear weapons are thought to be well guarded. Control is less certain
for weapons in India and Pakistan. ISIS and other terror groups could buy nuclear devices through weapons dealers
with links to corrupt officials in the region. This lack of security makes Pakistan a possible source of nuclear devices
for terrorists.
In the event that obtaining a bomb from the nuclear stockpile of a country with low security is not possible, another
route to obtain a nuclear device is to build one. The Hiroshima bomb was a “gun-assembly” weapon. Its nuclear
explosive was a gun barrel about 6 inches in diameter by 6 feet long. It was capped at each end, with a standard
explosive at one end, a mass of uranium highly enriched in the isotope 235 (HEU) next to the explosive, and a second
HEU mass at the other end. Detonating the explosive shot one mass of HEU into the other, rapidly assembling a mass
large enough to support a fission chain reaction. Plutonium cannot be used for this purpose. This is the simplest type
of nuclear weapon. U.S. scientists had such high confidence in the design that they did not even test the Hiroshima
bomb. Experts agree that terrorist groups could not make special nuclear material (SNM), such as fissile plutonium or
HEU, but any believe that a terrorist group with access to HEU and key skills could build a crude nuclear weapon.
In the event an actual nuclear bomb cannot be obtained or created, there is still the potential for harm due to other
sources, such as the radioactive seed sources used in medical procedures (i.e. Cobalt-60) that can be used in dirty
bombs.
3.2 Maritime Smuggling Pathways and Methods
 IED’s, dirty bombs, enriched nuclear material, or other nuclear weapons could potentially be smuggled into the United
States in a variety of methods. A maritime containerized pathway, in which illicit nuclear material is transported in
shipping containers, is one of the more likely scenarios due to the sheer volume of containers coming into the United
States. Commercial and noncommercial boats can be used to this end. Vessels or small boats can also be used, both
as weapons themselves (WBIED’s), or to carry weapons. Al Qaeda has a demonstrated capacity for using ships as
weapons, and in 2000, claimed an attack on the USS Cole in the port of Aden, in which a small boat containing explosives
rammed the ship, killing 15 Americans. Private and unregistered/illegal boats can also be used as conveyance
methods.
3.3 Threat Entry Points
 Once a terror cell or potential attacker has obtained a nuclear device, a plausible entry point is through one of the United
States’ many ports. The U.S. has 361 seaports and river ports, 95,000 miles of coastline, and about 26,000 miles of
navigable waterways. A huge number of ships and a staggering amount of cargo move through these waterways and
ports. Every year, 8,100 foreign cargo ships make a total 50,000 visits to the United States and deliver a daily average
of 21,000 containers, for nearly 8 million containers a year. They arrive from 3,000 ports worldwide. At the heart of
maritime transport are shipping containers —metal boxes that are 40 feet long, 8 feet tall and 8 feet deep. About 90
percent of the world’s cargo is shipped in these containers, mostly in ships. A single ship may carry as many as 3,000
of them. A given container could potentially contain contraband in any form.
Currently the Coast Guard and the Customs Service can verify the contents of only 4 to 6 percent of all containers. The
scale of the potential problem is large relative to the scale of U.S. Customs and Border Patrol operations. Additionally,
inspectors working on the Container Security Initiative may not receive sufficient training in preparation for overseas
postings. Another issue is that globally, port security is may not be strict enough to prevent smuggling of various
weapons. However, due to sovereignty concerns, the U.S. can only incentivize adequate security, and has no ability
to enforce it. As of August 2004, the Coast Guard did not have enough personnel to verify that all foreign vessels
were compliant with the International Ship and Port Facility Security Code (ISPS), a set of new maritime regulations
designed to detect and deter threats to international security. Not enough staff can be hired to pursue new security
initiatives. The Customs-Trade Partnership Against Terrorism program, a joint government/business initiative to cooperatively
secure the overall supply chain and border security, did not even have enough staff to review the nearly
5,000 initial applications it received.
4. Conclusion
Acknowledgements
References