OPERATING NUCLEAR POWER STATIONS IN A REGULATED CYBER SECURITY ENVIRONMENT: A ROADMAP FOR SUCCESS
35th Annual CNS Conference - 2015 May 31 - June 3


Presented at:
35th Annual CNS Conference
2015 May 31 - June 3
Location:
Saint John, Canada
Session Title:
2A2 - Safety and Security

Authors:
E. Dorman (AREVA Inc.)
  

Abstract

 

The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility.

The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in-depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7.



Individual Conference-Paper Copies (Electronic Where Available):

  • For CNS members, the first 5 copies per calendar year are free, and additional copies are $10 each.
  • For non-members, the price is $25 for the first Conference-paper copy in a request, and $10 each for additional copies of papers in the same conference and in the same request.
  • Contact the CNS office to order reprints.