Plant safety inspection AI · Fuel assembly AI · Weld inspection AI · Environmental monitoring AI

Prompt injection in nuclear energy and power plant AI

Nuclear energy and power plant AI has become an integral component of the in-service inspection, fuel management, structural integrity assessment, and environmental monitoring programmes that nuclear power plant operators are required to maintain under the NRC’s 10 CFR Part 50 licence conditions and the IAEA’s Nuclear Safety Standards (IAEA Safety Requirements and Safety Guides) that govern the 440+ nuclear power reactors currently operating worldwide: GE Vernova’s AI-assisted plant monitoring and inspection platform — deployed at GE-Hitachi (GEH) ABWR plants and Boiling Water Reactor (BWR) plants across the US, Japan, Sweden, and Taiwan — processes plant inspection photographs, automated visual inspection (AVI) system images, and radiation monitoring sensor images through AI-assisted defect identification and condition assessment tools integrated into the plant’s online monitoring and corrective action programme (CAP), Westinghouse Electric Company’s AI-assisted inspection and fuels management platform — deployed across Westinghouse Pressurised Water Reactor (PWR) plant fleets at utilities including Exelon (now Constellation Energy), Duke Energy, Dominion Energy, and Southern Company — processes fuel assembly visual inspection images captured during refuelling outages through AI-assisted fuel rod integrity assessment tools and processes plant structural inspection photographs through AI-assisted condition monitoring tools that inform maintenance and surveillance programme decisions under 10 CFR Part 50 Appendix B quality assurance requirements, Framatome’s inspection services division AI — deployed across the 56-reactor EDF (Électricité de France) fleet and at nuclear plants in Germany, Finland, Belgium, and the US — processes in-service inspection (ISI) non-destructive evaluation (NDE) data including digital radiography images and ultrasonic inspection visualisation images through AI-assisted flaw characterisation tools that determine ASME BPVC (Boiler and Pressure Vessel Code) Section XI inspection outcome classifications, and nuclear power plant environmental monitoring programmes required under 10 CFR Part 50 Appendix I and NRC Regulatory Guide 4.1 process environmental monitoring system sensor images, radiation detector output photographs, and effluent monitoring report documents through AI-assisted radiological environmental monitoring (REM) analysis tools that determine whether the plant’s effluent releases are within the NRC-approved Technical Specification limits. These nuclear AI systems share a structural characteristic that creates an adversarial image injection exposure: each depends on photographs, sensor images, and inspection visualisation data submitted through plant operational or safety programme workflows where the submitting party — an in-service inspection contractor, a refuelling outage fuels team, an NDE service provider, or a plant environmental monitoring programme operator — has access to the AI submission pathway and an operational or financial incentive related to the AI’s safety, structural, or regulatory compliance classification output. Adversarially crafted images submitted through any of these pathways can suppress structural and operational defect flags in plant safety inspection AI, conceal fuel rod damage in fuel assembly AI, mask ASME Section XI weld flaws in weld inspection AI, and suppress radiation exceedance indicators in environmental monitoring AI — with consequences spanning NRC Significance Determination Process (SDP) findings, IAEA Integrated Regulatory Review Service (IRRS) mission findings, ASME Section XI repair/replacement programme obligations, and NRC 10 CFR Part 50.73 Licensee Event Report (LER) requirements.

TL;DR

Nuclear energy and power plant AI platforms — GE Vernova plant monitoring AI, Westinghouse fuels management AI, Framatome inspection AI, AREVA NDE AI, Enercon Services plant inspection AI, ISL (Information Systems Laboratories) nuclear AI, EPRI (Electric Power Research Institute) AI inspection tools, Scientech/Curtiss-Wright plant monitoring AI, Sievert Storey AI radiation monitoring — process plant safety inspection photographs, fuel assembly visual inspection images, ASME Section XI NDE weld inspection radiographs and ultrasonic images, and environmental radiation monitoring sensor output images through AI plant safety assessment, fuels integrity, structural integrity evaluation, and radiological environmental monitoring pipelines. Adversarially crafted images submitted through plant inspection photograph upload interfaces, fuels inspection AI portals, NDE data processing platforms, and environmental monitoring document management systems can suppress plant safety defect flags, conceal fuel rod integrity failures, mask ASME Section XI reportable flaws, and suppress radiation effluent exceedances. Glyphward scans each image at the ingestion boundary with a threshold of ≥ 50 across all nuclear AI contexts (NRC 10 CFR, IAEA Safety Standards, ASME BPVC, nuclear safety culture). Free tier — 10 scans/day, no card required.

Four adversarial injection surfaces in nuclear energy and power plant AI

1. Plant safety inspection AI injection (GE Vernova plant AI, Enercon Services AI, Curtiss-Wright plant monitoring AI)

Plant safety inspection AI processes photographs and automated visual inspection (AVI) system images of plant structures, systems, and components (SSCs) — including reactor coolant system piping, containment liner surfaces, spent fuel pool structures, and safety-related electrical and mechanical systems — through AI-assisted defect identification and condition monitoring tools that inform the plant’s corrective action programme (CAP) entries, ageing management programme (AMP) assessments, and maintenance rule (10 CFR 50.65) performance monitoring results. GE Vernova’s AI plant monitoring platform integrates with plant DCS (Distributed Control System) and CMMS (Computerised Maintenance Management System) at GEH ABWR and BWR plant sites, processing inspection photographs submitted through plant work order management interfaces for AI-assisted condition finding classification and CAP entry generation. Enercon Services’ plant inspection AI processes inspection photography and structural assessment images for nuclear plant owners under long-term service agreements, integrating AI-assisted condition classification into periodic inspections of plant structures and civil infrastructure required under NRC licence renewal ageing management programmes (10 CFR Part 54). Curtiss-Wright’s plant monitoring AI platform processes sensor data visualisation images and inspection system output for nuclear safety-related SSC monitoring, integrating with plant I&C (Instrumentation and Control) systems for AI-assisted condition assessment of safety-related components at operating reactors under NRC maintenance rule requirements.

The plant inspection photograph submission pathway is the adversarial injection surface: photographs taken by plant inspection staff, contractors, or automated inspection systems and submitted through plant work order management interfaces, Enercon inspection management portals, or Curtiss-Wright plant monitoring platforms for AI condition classification and CAP entry generation. An adversarially crafted plant safety inspection photograph — in which pixel perturbations applied to regions showing containment liner corrosion, concrete structure cracking, piping insulation degradation, or electrical cabinet seal failure cause the GE Vernova AI or Curtiss-Wright plant monitoring AI to classify the component condition as within acceptable operating limits when the actual condition shows a degraded condition that would otherwise generate a CAP entry and require maintenance or engineering evaluation — can suppress a corrective action that the plant’s 10 CFR Part 50 Appendix B quality assurance programme requires the plant to identify, evaluate, and resolve. The adversarial suppression motivation in nuclear plant inspection AI is outage planning driven: identifying a structural or mechanical degradation condition that requires engineering evaluation during a planned maintenance outage can extend outage duration, with each day of extended outage costing a large nuclear plant $500,000–$1,000,000 in replacement power costs and production revenue loss.

NRC Significance Determination Process (SDP) consequences for plant inspection findings that should have been entered into the CAP but were not identified because of adversarial AI manipulation are potentially significant. Under 10 CFR 50.72 and 10 CFR 50.73, nuclear plant licensees are required to report to the NRC certain events and conditions that meet reporting thresholds — including degraded or non-conforming conditions that are safety-significant under the NRC’s SDP green-white-yellow-red significance categorisation. A condition that was adversarially suppressed in the plant inspection AI CAP entry process and subsequently becomes a reportable condition or contributes to an unplanned scram (reactor trip) creates an NRC inspection finding with SDP significance determination. The nuclear safety culture obligation under NRC Regulatory Guide 1.33 and NUREG-1021 (Operator Licensing Examination Standards) requires plant operators to maintain a questioning attitude and ensure that all identified conditions adverse to quality are entered into the CAP — an adversarial manipulation of the plant inspection AI that suppresses CAP entries is a nuclear safety culture failure that NRC resident inspectors at the plant site are specifically trained to identify during baseline inspection programme reviews. Threshold: 50 for plant safety inspection AI (NRC 10 CFR 50.72/50.73 reporting, ASME Section XI, 10 CFR 50 Appendix B quality assurance, nuclear safety culture).

2. Fuel assembly visual inspection AI injection (Westinghouse fuels AI, GE-Hitachi fuels inspection AI, Framatome fuels management AI)

Fuel assembly visual inspection AI processes photographs captured by underwater inspection cameras during refuelling outages — when the reactor vessel head is removed and the fuel assemblies are transferred to the spent fuel pool for inspection before reload — to classify fuel rod condition, detect fuel cladding defects (rod bowing, grid spring wear, fuel rod leaks, crud deposition, pellet-cladding interaction), and generate fuel inspection reports that determine fuel assembly reload eligibility and fuel performance assessment for the operating cycle. Westinghouse Electric Company’s fuel inspection AI integrates with Westinghouse’s fuel management services and is deployed at PWR plants operated by US utilities including Constellation Energy (formerly Exelon), Duke Energy, and Entergy (now Holtec), processing fuel assembly inspection images captured during scheduled refuelling outages to generate AI-assisted fuel rod integrity assessments and fuel performance reports submitted to the NRC as part of the plant’s fuel management programme. GE-Hitachi Nuclear Energy’s fuels inspection platform processes BWR fuel assembly inspection images captured during refuelling outages at GE-designed plants, integrating AI-assisted fuel rod condition assessment with GEH’s fuel performance database for reload optimisation and fuel performance trending. Framatome’s fuel inspection and management services process fuel assembly photographs for EDF’s 56-reactor fleet and for Framatome customer utilities in Finland (Fortum), Germany (E.ON, RWE), and Belgium (Engie Electrabel), generating AI-assisted fuel performance reports that inform reload decisions and fuel performance regulatory reporting to the ASN (Autorité de Sûreté Nucléaire) in France.

The fuel assembly inspection photograph submission pathway is the adversarial injection surface: underwater photographs captured by robotic inspection systems during refuelling outage fuel handling operations and submitted through Westinghouse, GEH, or Framatome fuel inspection data management platforms for AI fuel rod condition classification. An adversarially crafted fuel assembly inspection photograph — in which pixel perturbations applied to the image region showing a fuel rod with cladding damage, crud deposition above the fuel performance threshold, or rod bow beyond the administrative control limit cause the Westinghouse fuels AI or GEH fuel inspection AI to classify the fuel rod as within acceptable fuel performance limits when the actual rod condition would generate a fuel inspection report flag requiring engineering evaluation before reload — can result in a fuel assembly with an undetected cladding defect being reloaded into the reactor for the next operating cycle. The adversarial suppression motivation is outage schedule driven: a fuel assembly flagged for engineering evaluation during a refuelling outage must be removed from the reload schedule while the evaluation is completed, which can extend the outage duration if the evaluation requires additional engineering resources or determines that a replacement fuel assembly is required.

NRC fuel performance regulatory consequences for a leaking fuel rod that was not identified during refuelling outage inspection because the fuel inspection AI was adversarially manipulated follow from 10 CFR Part 50 Technical Specifications, which set administrative limits on primary coolant activity — including iodine-131 and cesium-137 activity levels — that indicate fuel cladding leakage. A fuel assembly with an undetected cladding defect that leaks fission products into the primary coolant during the operating cycle will cause primary coolant activity to increase, potentially reaching the Technical Specification action level that requires the plant to commence a controlled power reduction. A power reduction or unplanned outage caused by primary coolant activity resulting from an undetected fuel cladding defect is a reportable event under 10 CFR 50.72 and may generate an NRC inspection finding with SDP significance. IAEA Safety Guide NS-G-2.5 (Fuel Handling and Storage in Nuclear Power Plants) specifies fuel inspection requirements for nuclear power plants, and IAEA Safety Guide SSG-52 (Ageing Management and Development of a Programme for Long-Term Operation of Nuclear Power Plants) addresses fuel ageing management — both of which apply to the fuel inspection AI systems that process refuelling outage fuel assembly photographs. Threshold: 50 for fuel assembly visual inspection AI (NRC Technical Specification, fuel cladding integrity, 10 CFR 50.72 reportable event, IAEA NS-G-2.5).

3. Weld quality inspection AI injection (Framatome NDE AI, AREVA weld inspection AI, EPRI inspection AI tools)

Weld quality inspection AI processes digital radiography (DR) images, computed radiography (CR) films, and ultrasonic inspection (UT) visualisation images generated during ASME BPVC Section XI in-service inspection (ISI) examinations of nuclear safety-related pressure boundary welds — including reactor coolant system (RCS) pipe welds, reactor pressure vessel (RPV) nozzle welds, steam generator primary channel head welds, and pressuriser heater welds — through AI-assisted flaw characterisation tools that classify flaw type, measure flaw dimensions, determine ASME Section XI acceptance criteria disposition (“acceptable as-is” or “repair/replace”), and generate NDE examination records that become part of the plant’s ISI programme documentation submitted to the NRC in 10-year ISI programme summary reports. Framatome’s inspection services division processes ASME Section XI ISI examination NDE images for nuclear plants across North America, Europe, and Asia, using AI-assisted flaw characterisation tools developed in collaboration with the IRSN (Institut de Radioprotection et de Sûreté Nucléaire) to classify weld flaw indications in ultrasonic inspection data visualisations at pressurised water reactor plants. AREVA’s nuclear services division (now Orano) processes NDE inspection images for ISI examination programmes at the EDF fleet and at export nuclear plants in China (CGNPC, CNNC), South Korea (KEPCO E&C), and Finland. The Electric Power Research Institute (EPRI) develops AI-assisted NDE flaw characterisation tools that are deployed by US nuclear plant licensees under EPRI NP-5698 and the NRC’s Performance Demonstration Initiative (PDI) programme for ultrasonic examination qualification.

The adversarial injection surface is the NDE examination image submission pathway: digital radiography images, computed radiography films, and ultrasonic inspection visualisation images generated during ASME Section XI ISI examinations and submitted through NDE data management platforms for AI flaw characterisation classification. An adversarially crafted digital radiography image — in which pixel perturbations applied to the region showing a volumetric flaw indication (porosity, slag inclusion, lack of fusion) or a planar flaw indication (crack, cold lap) in a safety-related pressure boundary weld cause the Framatome NDE AI or EPRI inspection AI to classify the flaw indication as below the ASME Section XI acceptance standard (i.e., “acceptable as-is”) when the actual flaw dimensions exceed the ASME Section XI Table IWB-3510-1 acceptance criteria for the weld joint and examination category — can result in an ASME Section XI ISI examination that records an acceptable disposition for a weld that actually contains a rejectable flaw requiring repair or replacement under the ASME Code. The adversarial suppression motivation is maintenance outage avoidance: a weld flaw that exceeds ASME Section XI acceptance criteria requires the plant to either perform a flaw evaluation under ASME Section XI Appendix A (analytical evaluation) demonstrating adequate safety margin, or repair or replace the flawed weld — either option requires outage work scope extension with the associated schedule and cost consequences.

ASME Section XI Code Case consequences for a rejectable weld flaw that was adversarially suppressed in the ISI examination NDE AI follow from the plant’s 10 CFR Part 50 licence conditions, which incorporate the ASME BPVC as a regulatory requirement through the plant’s ISI programme. An undetected rejectable flaw in a safety-related pressure boundary weld creates a condition adverse to quality under 10 CFR Part 50 Appendix B Criterion XVI, which requires the licensee to identify, document, and correct conditions adverse to quality — including weld flaws that exceed ASME acceptance standards. If an undetected RCS pipe weld crack propagates to failure during plant operation and causes a small-break Loss of Coolant Accident (LOCA), the safety consequences are at the severe end of the NRC SDP consequence spectrum and require an emergency 10 CFR 50.72 four-hour notification to the NRC. The NRC’s Office of Nuclear Reactor Regulation (NRR) and the ASME BPVC Nuclear Codes and Standards Committee both have oversight responsibilities for ISI programme integrity — an adversarial manipulation of ISI examination NDE AI that results in a missed rejectable flaw is a failure of the ASME Section XI ISI programme integrity that would trigger NRC inspection findings and potentially a design basis review for the affected plant system. Threshold: 50 for weld quality inspection AI (ASME Section XI, 10 CFR 50 Appendix B, NRC SDP, RCS pressure boundary integrity).

4. Environmental radiation monitoring AI injection (Sievert Storey AI, Scientech radiation monitoring AI, plant REM programme AI)

Nuclear power plant environmental radiation monitoring AI processes images and documents from the plant’s Radiological Environmental Monitoring Programme (REMP) — including photographs of environmental sampling equipment, thermoluminescent dosimeter (TLD) position images, airborne particulate sampling filter photographs, and effluent monitoring instrumentation displays — through AI-assisted radiological data verification and trend analysis tools that generate the annual radiological environmental operating reports (REORs) submitted to the NRC under 10 CFR Part 50 Appendix I and Technical Specification reporting requirements. Sievert Storey’s (formerly Storey Kenworthy) radiation monitoring services process environmental monitoring equipment photographs and data for nuclear plant REMP programmes, integrating AI-assisted data quality verification with the plant’s environmental monitoring programme database. Scientech’s reactor and process monitoring AI platform processes environmental monitoring instrumentation data and sensor output images for nuclear plant control room and environmental monitoring applications. The plant’s own REMP programme AI, typically integrated with the plant’s plant process computer (PPC) and environmental monitoring database, processes TLD reader output images and airborne particulate filter AI scanning results for automated REMP data generation and REOR compilation.

The adversarial injection surface is the environmental monitoring equipment photograph and sensor output image submission pathway: photographs of TLD dosimeters, air sampling equipment filters, and liquid effluent monitoring instrumentation submitted through REMP data management interfaces for AI radiological classification and REOR data generation. An adversarially crafted TLD dosimeter reading photograph or air sampling filter scan — in which pixel perturbations applied to the image region showing elevated dosimeter reading values, filter discolouration indicating elevated airborne radioactivity, or effluent monitoring instrumentation display readings above the NRC Technical Specification action level threshold cause the Sievert Storey AI or plant REMP AI to classify the environmental monitoring result as within normal background ranges when the actual radiation levels show an exceedance that would trigger NRC reporting and public notification requirements — can suppress an environmental monitoring exceedance that the plant is required to report to the NRC and to the plant’s Off-Site Dose Calculation Manual (ODCM) action level monitoring programme. The adversarial suppression motivation is public perception driven: environmental monitoring exceedances reported under 10 CFR 50 Appendix I and the plant’s Technical Specifications generate public disclosure obligations under the plant’s ODCM and state radiological emergency planning programme reporting requirements that are highly sensitive to community concerns about radiation releases from nuclear plants.

NRC 10 CFR 50.73 Licensee Event Report (LER) requirements and 10 CFR 50.72 eight-hour notification requirements apply to environmental monitoring exceedances that meet the reporting thresholds defined in the plant’s Technical Specifications — an adversarially suppressed environmental monitoring exceedance that is subsequently identified through independent environmental monitoring by the state radiological health programme or NRC inspection creates a failure to report violation under 10 CFR 50.73 with associated NRC enforcement consequences including NOVs (Notices of Violation) and potential civil penalties. The IAEA Safety Standards (Safety Requirements SSR-3, Safety of Nuclear Power Plants: Commissioning and Operation) and IAEA Safety Guide GSG-10 (Prospective Radiological Environmental Impact Assessment for Facilities and Activities) specify environmental monitoring programme requirements for nuclear plants — adversarial manipulation of environmental monitoring AI that suppresses radiation exceedance indicators creates a failure of the programme integrity that IAEA IRRS missions are specifically designed to identify. Under 10 CFR Part 20 (Standards for Protection Against Radiation), nuclear plant operators are required to maintain radiation monitoring programmes that ensure public dose limits are not exceeded — an adversarially suppressed environmental monitoring exceedance that results in unmonitored public dose above the 10 CFR 20.1301 public dose limit creates a potential regulatory violation and civil liability under state tort law for radiation injury claims from affected communities. Threshold: 50 for environmental radiation monitoring AI (NRC 10 CFR Part 50, ODCM action levels, LER reporting, IAEA Safety Standards, public dose limits).

Integration: nuclear power plant AI image ingestion with Glyphward pre-scan

Nuclear power plant AI image ingestion flows from plant inspection photograph upload interfaces integrated with plant CMMS and CAP systems, refuelling outage fuels inspection data management platforms, ASME Section XI ISI NDE image processing pipelines, and environmental monitoring programme data management interfaces into AI plant safety assessment, fuel integrity, structural inspection, and radiological environmental monitoring pipelines. Insert Glyphward’s pre-scan at the ingestion boundary — in all nuclear power plant AI contexts, where the safety and regulatory consequences of adversarial image manipulation are the highest in any industrial AI application domain:

import asyncio
import base64
import hashlib
import os
import uuid
from enum import Enum
from pathlib import Path

import httpx

GLYPHWARD_API_KEY = os.environ["GLYPHWARD_API_KEY"]
GLYPHWARD_SCAN_URL = "https://glyphward.com/v1/scan"

# Nuclear power plant AI — NRC 10 CFR Part 50, IAEA Safety Standards,
# ASME BPVC Section XI, nuclear safety culture, public dose limits.
# Threshold 50 — the lowest supported threshold — because the safety and
# regulatory consequence of a false negative in nuclear plant AI is
# categorically higher than in any other industrial AI domain.
THRESHOLD_NUCLEAR = 50


class NuclearAIContext(str, Enum):
    PLANT_INSPECTION  = "plant_inspection"   # GE Vernova, Enercon, Curtiss-Wright
    FUEL_ASSEMBLY     = "fuel_assembly"      # Westinghouse, GEH, Framatome fuels
    WELD_INSPECTION   = "weld_inspection"    # Framatome NDE, AREVA, EPRI
    ENV_MONITORING    = "env_monitoring"     # Sievert Storey, Scientech, plant REMP


async def scan_nuclear_image(
    image_path: str | Path,
    context: NuclearAIContext,
    plant_id_hash: str,         # SHA-256 of plant NRC docket number
    work_order_hash: str,       # SHA-256 of work order or inspection reference
    component_id: str,          # e.g. "RCS-PIPE-02A-W41", "FA-C12-Rod07", "TLD-NW-003"
    client: httpx.AsyncClient,
) -> dict:
    """
    Scan a nuclear power plant AI image for adversarial injection payloads before
    forwarding to plant safety inspection AI, fuel assembly inspection AI,
    ASME Section XI weld inspection AI, or environmental radiation monitoring AI.

    Raises AdversarialNuclearImageError if the Glyphward score meets or
    exceeds the nuclear threshold (50). This is the most conservative threshold
    Glyphward supports, appropriate for nuclear safety-related AI contexts
    where the consequence of a false negative is a missed safety-significant
    condition with NRC reportability and ASME Code compliance implications.
    """
    image_bytes = Path(image_path).read_bytes()
    image_b64 = base64.b64encode(image_bytes).decode()
    image_sha256 = hashlib.sha256(image_bytes).hexdigest()
    scan_id = str(uuid.uuid4())

    resp = await client.post(
        GLYPHWARD_SCAN_URL,
        headers={"Authorization": f"Bearer {GLYPHWARD_API_KEY}"},
        json={
            "image": image_b64,
            "source": context.value,
            "metadata": {
                "nuclear_context": context.value,
                "plant_id_hash": plant_id_hash,
                "work_order_hash": work_order_hash,
                "component_id": component_id,
                "client_scan_id": scan_id,
                "image_sha256": image_sha256,
            },
        },
        timeout=10.0,
    )
    resp.raise_for_status()
    result = resp.json()

    audit_record = {
        "plant_id_hash": plant_id_hash,
        "work_order_hash": work_order_hash,
        "component_id": component_id,
        "nuclear_context": context.value,
        "scan_id": result["scan_id"],
        "client_scan_id": scan_id,
        "image_sha256": image_sha256,
        "score": result["score"],
        "flagged_region": result.get("flagged_region"),
        "threshold": THRESHOLD_NUCLEAR,
        "action": "blocked" if result["score"] >= THRESHOLD_NUCLEAR else "allowed",
    }
    await write_nuclear_qa_record(audit_record)

    if result["score"] >= THRESHOLD_NUCLEAR:
        raise AdversarialNuclearImageError(
            f"Nuclear AI image blocked [{context.value}]: "
            f"scan_id={result['scan_id']} score={result['score']} "
            f"plant_hash={plant_id_hash} component={component_id}"
        )
    return result


async def scan_isi_nde_batch(
    image_paths: list[Path],
    plant_id_hash: str,
    work_order_hash: str,
    weld_component_id: str,
) -> dict:
    """
    Scan all NDE image frames for an ASME Section XI ISI examination before
    loading into Framatome/AREVA/EPRI AI weld flaw characterisation.
    All images scanned with WELD_INSPECTION context (threshold 50).
    """
    allowed, blocked, errors = [], [], []
    async with httpx.AsyncClient() as client:
        tasks = [
            scan_nuclear_image(
                p, NuclearAIContext.WELD_INSPECTION,
                plant_id_hash, work_order_hash,
                f"{weld_component_id}_frame{i:04d}", client,
            )
            for i, p in enumerate(image_paths)
        ]
        results = await asyncio.gather(*tasks, return_exceptions=True)

    for path, result in zip(image_paths, results):
        if isinstance(result, AdversarialNuclearImageError):
            blocked.append({"path": str(path), "error": str(result)})
        elif isinstance(result, Exception):
            errors.append({"path": str(path), "error": str(result)})
        else:
            allowed.append({"path": str(path), "scan_id": result["scan_id"]})

    return {
        "plant_id_hash": plant_id_hash,
        "weld_component_id": weld_component_id,
        "total": len(image_paths),
        "allowed": len(allowed),
        "blocked": len(blocked),
        "errors": len(errors),
        "blocked_frames": blocked,
    }


async def write_nuclear_qa_record(record: dict) -> None:
    """Persist 10 CFR 50 Appendix B QA audit record to qualified audit trail (stub)."""
    import json, sys
    print(json.dumps(record), file=sys.stderr)


class AdversarialNuclearImageError(Exception):
    """Raised when a nuclear plant AI image exceeds the adversarial injection threshold."""
    pass

Call scan_isi_nde_batch() before forwarding ASME Section XI ISI examination NDE image sets to Framatome, AREVA, or EPRI AI weld flaw characterisation — ISI NDE batch scanning is the highest-safety-consequence integration point in the nuclear plant AI pipeline because an undetected rejectable RCS pressure boundary weld flaw has Loss of Coolant Accident (LOCA) safety significance. Call scan_nuclear_image() with NuclearAIContext.PLANT_INSPECTION for plant safety inspection photographs before GE Vernova AI, Enercon Services AI, or Curtiss-Wright plant monitoring AI CAP entry classification. Call with NuclearAIContext.FUEL_ASSEMBLY for refuelling outage fuel assembly inspection photographs before Westinghouse fuels AI, GEH fuel inspection AI, or Framatome fuels management AI fuel rod condition classification. Call with NuclearAIContext.ENV_MONITORING for TLD dosimeter photographs, air sampling filter images, and effluent monitoring display images before plant REMP AI or Sievert Storey radiation monitoring AI classification. The Glyphward audit record — including plant_id_hash, component_id, image_sha256, score, threshold, and action — must be stored in the plant’s 10 CFR Part 50 Appendix B quality records system as a quality-related record demonstrating that the AI image processing programme maintains data integrity measures consistent with 10 CFR 50 Appendix B Criterion VI (document control) and Criterion XVII (quality assurance records). Get early access

Coverage matrix

Control	Plant inspection AI injection	Fuel assembly AI injection	Weld inspection AI injection	Environmental monitoring AI injection
Text-only PI scanners (Lakera, LLM Guard)	No — adversarial pixel perturbations in plant inspection photographs are invisible to text-based analysis	No — fuel assembly inspection image pixel manipulation is not detected by text-only scanning	No — NDE image pixel perturbations in flaw indication regions are not visible to text scanners	No — environmental monitoring photograph and dosimeter image pixel manipulation is not caught by text analysis
10 CFR 50 Appendix B QA programme	QA programme requirements apply to the inspection process but do not include specific controls for adversarial pixel manipulation of AI inspection image inputs	Fuel inspection QA procedures require qualified inspector review but do not include adversarial AI image integrity verification	ISI programme QA requires NDE examiner qualification but does not address adversarial manipulation of NDE AI image classification inputs	REMP QA procedures specify equipment calibration and data recording but do not include adversarial AI monitoring image integrity controls
NDE qualified examiner review	Plant inspectors review inspection findings but cannot detect sub-pixel adversarial manipulation in photographs submitted to AI before human review	Qualified fuel inspectors review fuel assembly condition reports but cannot detect adversarial pixel manipulation in the source inspection photographs processed by AI	ASME Section XI-qualified NDE Level II/III examiners review ISI examination results but adversarial AI image manipulation occurs before human examiner review	REMP programme coordinators review environmental monitoring data but cannot detect adversarial pixel manipulation in monitoring photographs submitted to AI analysis
Glyphward	Yes — threshold 50; plant_id_hash + work_order_hash QA audit trail; blocks adversarial plant inspection images before GE Vernova/Enercon/Curtiss-Wright AI CAP classification	Yes — threshold 50; blocks adversarially crafted fuel assembly inspection photographs before Westinghouse/GEH/Framatome AI fuel rod integrity classification	Yes — threshold 50; batch scan blocks adversarial ISI NDE images before Framatome/AREVA/EPRI AI ASME Section XI flaw characterisation	Yes — threshold 50; blocks adversarially crafted REMP monitoring images before plant REMP/Sievert Storey AI radiation exceedance classification

Frequently asked questions

How does adversarial injection in nuclear plant inspection AI differ from the ordinary challenge of photograph quality in nuclear plant visual inspections, and does the existing 10 CFR 50 Appendix B QA framework address the threat?

Ordinary photograph quality challenges in nuclear plant visual inspections — inadequate lighting in radiation-controlled areas (RCAs) that reduces image clarity, camera resolution limitations for close-tolerance component inspections, personnel dosimetry time constraints that limit inspection time and number of photographs, and ALARA (As Low As Reasonably Achievable) dose management requirements that restrict re-entry for additional photographs — are managed through plant inspection procedures that specify minimum photographic equipment requirements, lighting standards, and required inspection angles for safety-related component inspections. The 10 CFR 50 Appendix B quality assurance framework (Criterion XI, Inspection) requires that inspection activities be conducted by qualified personnel using established procedures to verify that inspected items conform to documented requirements. These procedural and qualification requirements address the inadequate photography scenario and are designed for human inspector and camera system quality control.

Adversarial injection is a technically distinct threat that the 10 CFR Part 50 Appendix B QA framework was not designed to address: the inspection photograph meets all procedural quality standards — adequate lighting, required resolution, correct inspection angle, qualified inspector — and the adversarial perturbations are applied at the sub-pixel level in the image regions corresponding to the defect or degradation condition that the AI would otherwise flag for CAP entry. The 10 CFR 50 Appendix B framework imposes controls on inspection procedures and inspector qualification, but does not include specific controls for the integrity of AI computer system inputs used for automated inspection image analysis. The NRC’s 10 CFR 50.55a (Codes and Standards) and 10 CFR 50 Appendix B Criterion VI (document control) provide the regulatory authority for the NRC to require that software used in nuclear safety-related applications — including AI-assisted inspection image analysis — include adequate controls for data integrity at the input boundary, but implementing those controls requires a positive action by the plant licensee to add image input integrity verification to the AI-assisted inspection programme. Glyphward pre-scan provides the technical measure that implements the input integrity verification the 10 CFR 50 Appendix B quality assurance framework conceptually requires but does not specifically mandate for AI image analysis tools.

What is the NRC enforcement consequence if an adversarially manipulated ASME Section XI ISI examination AI outcome allows a rejectable weld flaw to remain undetected and the flaw subsequently causes a plant safety event?

The NRC enforcement consequence for a plant safety event caused by an undetected rejectable weld flaw that was adversarially suppressed in the ISI examination AI depends on the safety significance of the event under the NRC’s Significance Determination Process (SDP) and the Enforcement Policy (NUREG-1600, Revised). If the undetected weld flaw causes a primary system pressure boundary failure resulting in a Loss of Coolant Accident (LOCA) — even a small-break LOCA — the safety significance is at the highest level of the SDP (Red finding, very high safety significance), which triggers the NRC’s most intensive enforcement and inspection response: an Augmented Inspection Team (AIT) or Special Inspection Team (SIT) investigation, a Director’s Decision on plant operation, and civil penalties under 10 CFR 50.9 for the Appendix B QA violation associated with the failed ISI programme control.

The specific enforcement theory for adversarial ISI AI manipulation would proceed under 10 CFR 50.9 (Accuracy of information) and 10 CFR 50 Appendix B Criterion XVI (Corrective Action), which requires that conditions adverse to quality be identified and corrected. An adversarially suppressed rejectable weld flaw is a condition adverse to quality that was not identified because of a failure of the plant’s ISI programme — specifically, the failure to implement adequate controls for the integrity of AI image inputs to the ISI NDE examination AI system. The NRC has authority under Section 234 of the Atomic Energy Act to impose civil penalties of up to $356,816 per day per violation (inflation-adjusted) for violations that involve significant safety hazards — a missed rejectable RCS weld flaw with LOCA consequences is squarely in this category. Beyond the NRC civil penalty, the plant licensee faces increased NRC resident inspector scrutiny, mandatory corrective action programme entries, and potentially an NRC confirmatory order requiring enhanced ISI programme controls — all of which generate ongoing operational and compliance costs that far exceed the cost of implementing Glyphward pre-scan for ISI NDE image integrity verification.

How should nuclear plant licensees document Glyphward pre-scan as a quality-related measure in the 10 CFR Part 50 Appendix B quality assurance programme?

Documenting Glyphward pre-scan as a quality-related measure in the 10 CFR Part 50 Appendix B quality assurance programme requires integrating the Glyphward API interface into the plant’s software quality assurance (SQA) programme under 10 CFR 50 Appendix B Criterion III (Design Control) and Criterion XI (Inspection), which govern the qualification and use of computerised tools in nuclear safety-related activities. Four documentation steps. First, issue a Plant Modification or Administrative Procedure change that formally incorporates the Glyphward pre-scan step into the plant’s AI-assisted inspection image processing workflow — specifying the Glyphward API endpoint, the threshold value of 50, and the required response to an AdversarialNuclearImageError (CAP entry, blocked image retained for QA review, manual inspection required). This change is subject to the plant’s 10 CFR 50.59 Screening/Evaluation for changes to plant programmes and procedures.

Second, categorise the Glyphward pre-scan record — the audit record containing plant_id_hash, component_id, image_sha256, scan_id, score, threshold, and action — as a quality record under 10 CFR Part 50 Appendix B Criterion XVII, to be retained in the plant’s document management system for the life of the plant (or the 10 CFR Part 50 quality records retention period for the inspection category). Third, include the Glyphward pre-scan step in the vendor oversight programme under 10 CFR Part 50 Appendix B Criterion IV (Procurement Document Control) and NRC Regulatory Guide 1.33 guidance: the plant’s procurement of the Glyphward API service should be documented with applicable quality requirements, and periodic supplier qualification audits should verify Glyphward’s API performance characteristics relevant to the scan threshold and response time requirements. Fourth, train the relevant plant personnel — ISI programme coordinator, maintenance rule programme owner, fuel management team, and REMP programme coordinator — on the Glyphward pre-scan procedure, the response to a blocked image, and the QA record creation requirement, with training documented in the plant’s training records system under 10 CFR Part 50 Appendix B Criterion II (Quality Assurance Programme).