8.7.1 — Strategic Asset Protection — maturity: live

Nuclear Facility Surveillance

Continuous satellite monitoring of nuclear power plants, research reactors and fuel-cycle facilities to detect unauthorised activity, structural change and radiological incidents.

Persistent overhead surveillance of nuclear plants, waste repositories, and enrichment sites gives a sovereign state independent verification that no commercial imagery vendor can revoke under geopolitical pressure.

Nuclear facilities are among the highest-consequence fixed assets a state operates. A single undetected intrusion, structural failure or covert modification can escalate from a security incident to a national emergency within hours. Ground-based perimeter sensors cover the fence line; they tell you nothing about the access road two kilometres out, the anomalous vehicle pattern that has been building for a week, or the cooling-tower plume that has quietly changed character overnight.

A sovereign satellite stack closes that gap. Synthetic-aperture radar provides day-and-night, all-weather change detection against the facility footprint at sub-metre resolution, flagging new earthworks, vehicle staging or infrastructure modification. Multispectral thermal imaging tracks coolant discharge temperatures and stack emissions against a calibrated baseline, giving early warning of thermal anomalies that precede reportable incidents. RF survey payloads detect unplanned radio transmissions inside the exclusion zone. Fused together and run through a change-detection ML pipeline, these layers give the regulator and the security services a persistent, objective record that no ground inspection team can match in coverage or continuity.

The operational outcome is threefold: the national nuclear regulator gains an independent satellite audit trail that complements IAEA safeguards reporting; the security services receive automated alerts when activity deviates from a learned baseline; and the head of government has a sovereign intelligence feed — not a vendor API — when a facility enters a credible threat window. No allied intelligence service, no commercial data broker, and no hostile actor can selectively withhold or manipulate that feed.

What matters

IAEA safeguards require states to maintain a Material Balance Area record — satellite change detection provides independent corroboration that declared inventories and facility configurations match ground truth.
Thermal plume anomalies detectable from orbit can precede a reportable coolant event by 6-12 hours, giving emergency planners a critical decision window that ground sensors alone cannot deliver.
An adversary probing a nuclear facility perimeter will generate RF and vehicle-movement signatures days before a physical breach — persistent overhead surveillance is the only sensor modality that captures this pattern at scale.
Commercial satellite operators can suspend tasking, impose export controls or comply with foreign government requests; a sovereign constellation cannot be switched off by a third party during a national security emergency.

Quick facts

Cost of Chernobyl disaster (1986) — inflation-adjusted economic loss: $700 B (2022) — IAEA The Chernobyl Accident: Updating of INSAG-1
Thermal infrared sensitivity needed to detect coolant anomalies: 0.1 °C NEDT (2023) — ESA Earth Observation Instrument Definitions — TIR
Number of states operating nuclear power programmes outside the five NPT nuclear-weapon states: 26 states (2024) — IAEA Nuclear Power Reactors in the World 2024

Sovereignty score: 10/10 — A state cannot outsource surveillance of its own nuclear estate to foreign commercial operators without surrendering control over the most sensitive intelligence stream it possesses.

IAEA Additional Protocol obligations require a state to declare all nuclear activities; a sovereign satellite record provides legally defensible evidence that the state's own declarations are accurate and that no undeclared facility has emerged — critical when contesting allegations from a hostile party.
Commercial SAR and optical vendors are subject to their home-country export and national-security laws; the US ITAR and EAR, for example, permit the US government to order a vendor to cease tasking over specified sites, which could blind a customer state at the moment of peak national need.
Thermal, RF and SAR data over nuclear facilities is itself classified information in most jurisdictions; routing that data through a foreign vendor's ground segment or cloud pipeline creates an unacceptable intelligence exposure to both the vendor's government and any actor that has penetrated the vendor's infrastructure.
In a deteriorating security environment — sabotage attempt, armed conflict, credible radiological threat — a sovereign constellation continues tasking under national command authority with no dependency on allied goodwill, commercial SLAs or third-party downlink agreements.

Reference architecture

Payload: Dual-mode: (1) X-band SAR, 0.5m spotlight resolution, 15km swath, NESZ better than -18 dB; (2) multispectral-thermal imager, 3-5 µm MWIR band, 15m GSD, calibrated for coolant plume temperature retrieval; (3) RF survey receiver, 100 MHz to 6 GHz, 500m geolocation accuracy for exclusion-zone emission detection
Bus class: ESPA-class microsat, 160-200 kg wet, 900W payload power, deployable solar panels, lithium-ion battery stack for eclipse operations; SAR and thermal payloads on a single agile bus with ±45° cross-track steering
Orbit: Sun-synchronous LEO at 520-550 km, 6-satellite walker constellation phased for 4-hour maximum revisit at mid-latitudes; supplemented by 2 satellites in a 63.4° inclined orbit for facilities above 60°N/S where SSO coverage degrades
Ground segment: Two nationally operated ground stations (X-band downlink, S-band TT&C), minimum 1,500 km apart for resilience; encrypted cross-link capability for inter-satellite data relay; no commercial or allied ground segment used for mission data
Data pipeline: On-board L0 compression → encrypted downlink → sovereign data centre L1 processing (SAR focusing, radiometric calibration) → ML change-detection engine on air-gapped GPU cluster → anomaly scoring against 90-day baseline → alert generation; all compute and storage on nationally owned infrastructure
End-user delivery: Classified geospatial portal for the national nuclear regulator and interior/security ministry; push alerts via secure government messaging to designated duty officers within 30 minutes of pass completion; daily summary reports to the nuclear security inspectorate; separate API feed to IAEA liaison officers under agreed data-sharing protocol
Time to launch: First two-satellite demonstrator (SAR + thermal) in 28 months from contract award; full 8-satellite operational constellation in 48 months; interim commercial SAR tasking (ICEYE or SEOSAR/PAZ) bridging the gap under a time-limited, compartmentalised licence
Caveats: SAR units with sub-0.5m resolution are export-controlled under ITAR and EAR — use European primes (Airbus Defence, OHB, SEOSAR) or Israeli/Indian suppliers depending on national eligibility; MWIR thermal detectors may require separate export licences from France (Lynred) or the US (Teledyne FLIR); the RF survey payload is buildable domestically with COTS SDR components if allied procurement is restricted

Frequently asked

Why can't we simply purchase imagery from Planet, ICEYE, or Capella instead of building our own system?

Commercial providers operate under the export regulations and political priorities of their home country. The United States, for example, can invoke national-security 'shutter control' provisions — a power codified in the Land Remote Sensing Policy Act — and direct providers to withhold imagery of specified regions. A sovereign constellation carries no such off-switch, ensuring that surveillance of politically sensitive sites continues even during crises when commercial access is most likely to be withdrawn.

What orbits and sensor types are best suited for nuclear facility surveillance?

A dual-layer architecture works best: a SAR microsatellite constellation in LEO (~500–550 km) for all-weather, day-night structural monitoring, and a thermal infrared (TIR) microsatellite layer for coolant and heat-anomaly detection. GEO is unsuitable for the spatial resolution required. A minimum viable sovereign constellation would be six SAR satellites paired with four TIR satellites, delivering sub-90-minute revisit over priority sites.

How does satellite surveillance complement IAEA safeguards inspections?

IAEA inspectors are the authoritative ground-truth mechanism under INFCIRC/153, but inspection frequency is limited and access can be delayed or denied. Satellite surveillance provides a continuous, independent record of physical changes — new construction, vehicle patterns, cooling-tower activity — that can trigger inspector requests or support safeguards evidence analysis. The IAEA's own imagery analysis cell uses commercial satellite data; a sovereign system adds a national layer that feeds domestic security assessments without dependence on IAEA scheduling.

What resolution is needed to detect meaningful activity at a nuclear facility?

Structural change detection (new buildings, earthworks, berms) is reliable at 1–3 m resolution. Vehicle and equipment identification requires 0.5 m or better. Detecting coolant-discharge anomalies through thermal imaging requires a noise-equivalent differential temperature (NEDT) of 0.1 °C or finer. Modern commercial SAR microsatellites such as ICEYE's X-series achieve 0.5 m in spotlight mode, while Capella's Acadia sensor reaches 0.25 m, setting a reasonable performance target for a sovereign instrument.

What is the regulatory framework for imaging another country's nuclear facilities from space?

Space-based remote sensing is governed by the ITU Radio Regulations and national licensing frameworks; there is no international law that prohibits imaging sovereign territory from orbit — the principle of 'freedom of space' established under the 1967 Outer Space Treaty applies. However, domestic export-control regimes (US EAR/ITAR, EU dual-use regulations) govern what imagery products and satellite components can be transferred internationally, adding procurement complexity for states sourcing foreign components.

How does change-detection AI improve nuclear surveillance over raw imagery analysis?

Machine learning change-detection algorithms — trained on multi-temporal SAR and optical stacks — can flag pixel-level differences in minutes rather than the hours required for manual review, and can process the entire facility perimeter rather than selected areas. Sovereign algorithms, trained on classified reference datasets and run on domestic infrastructure, avoid the intelligence-exposure risk of uploading sensitive imagery to foreign cloud processors. Organisations such as ESA's Phi-Lab and NASA Harvest demonstrate the production-readiness of this approach in adjacent domains.

How long does it realistically take to deploy a sovereign nuclear-surveillance constellation?

A realistic timeline from programme authorisation to initial operational capability — assuming commercial off-the-shelf microsatellite buses, procured launch services, and an existing ground station network — is 36 to 48 months for a first tranche of four to six satellites. Full operational capability across a twelve-satellite dual-sensor constellation is more typically a five-to-seven-year programme. Nations without an established space industrial base should budget an additional 12–18 months for supply-chain qualification.

What cybersecurity standards apply to the ground segment handling nuclear-site imagery?

Ground segments processing nuclear-facility intelligence should comply with NIST SP 800-53 (Security and Privacy Controls for Information Systems) at a High baseline, and with national nuclear-security regulations that implement IAEA NSS-20 physical-protection recommendations. Data links from satellite to ground must use end-to-end encryption consistent with CCSDS 352.0-B-2 (Space Data Link Security Protocol). Isolated air-gapped processing environments are best practice for the most sensitive analytical workflows.

Glossary

SAR: Synthetic Aperture Radar — an active microwave sensor that produces high-resolution imagery regardless of lighting or cloud cover by synthesising a large effective antenna from the satellite's motion.
NEDT: Noise-Equivalent Differential Temperature — the smallest temperature difference a thermal infrared sensor can reliably distinguish, expressed in degrees Celsius or Kelvin; lower values indicate higher sensitivity.
Safeguards: The IAEA's system of verification measures — inspections, remote monitoring, and analysis — that confirm nuclear material is not diverted from peaceful uses to weapons programmes.
INFCIRC: Information Circular — the IAEA's formal document series used to circulate legal agreements, policy guidance, and safeguards frameworks to member states.
Shutter control: A government's legal authority to order a licensed commercial remote-sensing operator to stop collecting or distributing imagery of specified areas for national-security reasons.
Change detection: An image-analysis technique that compares satellite imagery of the same location at different times to identify new structures, removed vegetation, vehicle activity, or other physical modifications.
Revisit interval: The time between successive satellite passes over the same point on Earth's surface; shorter revisit intervals enable near-real-time monitoring of dynamic situations.
TIR: Thermal Infrared — a portion of the electromagnetic spectrum (roughly 8–14 µm) used to detect heat emissions from structures, water bodies, and industrial processes.
Spotlight mode: A high-resolution SAR imaging mode in which the satellite steers its antenna beam to dwell on a small target area, trading swath coverage for finer spatial resolution.
ITAR: International Traffic in Arms Regulations — US export-control rules governing defence-related goods and services, including many satellite components and high-resolution imagery products, which require licences for transfer to foreign nationals or governments.

References

Nuclear Power Reactors in the World — 2024 Edition — This IAEA reference data set lists 413 operating reactors across 31 countries, plus 57 under construction, establishing the global scope of facilities that sovereign satellite programmes must prioritise. It is updated annually and is the authoritative source for facility counts.
Physical Protection of Nuclear Material and Nuclear Facilities — INFCIRC/225/Rev.5 (NSS-20) — NSS-20 establishes graded physical protection requirements for nuclear facilities worldwide, including surveillance system performance expectations. Satellite-based surveillance is treated as a supplementary layer to on-site detection systems rather than a replacement.
CCSDS Space Data Link Security Protocol — CCSDS 352.0-B-2 — This Blue Book defines authentication and encryption mechanisms for satellite data links, forming the mandatory cybersecurity baseline for ground segments receiving sensitive nuclear-facility imagery. Sovereign programmes must implement this or an equivalent national standard to prevent interception.
Outer Space Treaty — Treaty on Principles Governing the Activities of States in the Exploration and Use of Outer Space — The 1967 Outer Space Treaty, administered by UN-OOSA, establishes freedom of observation from orbit and the non-appropriation of space, providing the legal foundation that makes satellite surveillance of nuclear facilities internationally permissible regardless of the target state's consent.

Related applications

8.7.3 — Strategic Reserve Monitoring (Strategic Asset Protection)
8.7.4 — Government Site Security (Strategic Asset Protection)
8.7.5 — Cyber-Physical Asset Linkage (Strategic Asset Protection)
8.1.1 — Border Activity Detection (Smart Borders)
8.1.2 — Cross-Border Incursion Alerts (Smart Borders)
8.1.3 — Migration Flow Mapping (Smart Borders)
8.1.4 — Border Wall & Fence Integrity Monitoring (Smart Borders)
8.1.5 — Remote Crossing Surveillance (Smart Borders)