CYBER SECURITY - COMPLIANCE TO THE NEW CSA 290.7 STANDARD
35th Annual CNS Conference - 2015 May 31 - June 3


Presented at:
35th Annual CNS Conference
2015 May 31 - June 3
Location:
Saint John, Canada
Session Title:
2A2 - Safety and Security

Authors:
M. Daley (Canadian Nuclear Laboratories)
R. Doucet (Canadian Nuclear Laboratories)
M. Echlin (Canadian Nuclear Laboratories)
M. MacDonald (Canadian Nuclear Laboratories)
V. Mihaylov (Canadian Nuclear Laboratories)
J. Sijs (Canadian Nuclear Laboratories)
D. Trask (Canadian Nuclear Laboratories)
  

Abstract

 

Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self-assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled "Cyber security for nuclear power plants and small reactor facilities" [1], released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard.

This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations.



 



Individual Conference-Paper Copies (Electronic Where Available):

  • For CNS members, the first 5 copies per calendar year are free, and additional copies are $10 each.
  • For non-members, the price is $25 for the first Conference-paper copy in a request, and $10 each for additional copies of papers in the same conference and in the same request.
  • Contact the CNS office to order reprints.