[PDF] Computer Security At Nuclear Facilities eBook
Computer Security At Nuclear Facilities Book in PDF, ePub and Kindle version is available to download in english. Read online anytime anywhere directly from your device. Click on the download button below to get a free pdf file of Computer Security At Nuclear Facilities book. This book definitely worth reading, it is an incredibly well-written.
"This publication provides guidance specific to nuclear facilities on implementing a computer security programme and evaluating existing programmes. The use of computer systems to cover an increasing range of functions at nuclear facilities introduces new vulnerabilities that could seriously endanger nuclear security if not addressed in a rigorous and balanced manner. Digital systems are being increasingly introduced in safety, safety-related and security systems throughout facilities. Non-availability or malfunction of these systems can seriously impact nuclear safety and security, and potentially facilitate sabotage of the facility and/or theft of material. Computer security must, therefore, be a key component of overall facility security."--Provided by publisher.
Accidents and natural disasters involving nuclear power plants such as Chernobyl, Three Mile Island, and the recent meltdown at Fukushima are rare, but their effects are devastating enough to warrant increased vigilance in addressing safety concerns. Nuclear Power Plant Instrumentation and Control Systems for Safety and Security evaluates the risks inherent to nuclear power and methods of preventing accidents through computer control systems and other such emerging technologies. Students and scholars as well as operators and designers will find useful insight into the latest security technologies with the potential to make the future of nuclear energy clean, safe, and reliable.
Computer security is increasingly recognized as a key component in nuclear security. This publication outlines a methodology for conducting computer security assessments at nuclear facilities. The methodology can likewise be easily adapted to provide assessments at facilities with other radioactive materials.
This revision provides guidance on how to establish or improve, develop, implement, maintain, and sustain computer security within nuclear facilities. This publication addresses the use of risk informed approaches to establish and enhance computer security policies, programmes; it describes the integration of computer security into the management system of a facility; establishes a systematic approach to identifying facility functions and appropriate computer security measures that protect sensitive digital assets and the facility from the consequence of cyber-attacks consistent with the threat assessment or design basis threat.
The purpose of this publication is to assist member states in developing comprehensive contingency plans for computer security incidents with the potential to impact nuclear security and/or nuclear safety. It provides an outline and recommendations for establishing a computer security incident response capability as part of a computer security programme.
This publication provides detailed guidance on developing, implementing, and integrating computer security as a key component of nuclear security. This guidance applies to computer security aspects of nuclear security and its interfaces with nuclear safety and with other elements of a States nuclear security regime, including the security of nuclear material and nuclear facilities, of radioactive material and associated facilities, and of nuclear and other radioactive material outside of regulatory control. The scope of this publication includes: computer-based systems, the compromise of which could adversely affect nuclear security or nuclear safety; the States and relevant entities roles and responsibilities in relation to computer security in the nuclear security regime; the activities of the State in establishing and implementing a computer security strategy for nuclear security; the elements and measures for subordinate computer security programmes; and the activities to sustain the strategy.
Computer security as a discipline is challenged by increasing threat vectors targeting a dynamic technological environment. This publication establishes guidance addressing the challenge of applying computer security measures to instrumentation and control (I&C) systems at nuclear facilities. The measures are intended to protect these I&C systems throughout their entire lifecycles against malicious acts perpetrated by threat actors. The technical basis and methodologies for the application of these computer security measures are considered. The publication also addresses the application of such measures to the development, simulation and maintenance environments of the I&C systems. In addition, account is taken of developments in the human factors engineering and nuclear safety. This Technical Guidance references and takes into account other Safety Guides and IAQEA Nuclear Security Series publications that provide guidance relating to I&C design.
Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE) introduces a new methodology to help critical infrastructure owners, operators and their security practitioners make demonstrable improvements in securing their most important functions and processes. Current best practice approaches to cyber defense struggle to stop targeted attackers from creating potentially catastrophic results. From a national security perspective, it is not just the damage to the military, the economy, or essential critical infrastructure companies that is a concern. It is the cumulative, downstream effects from potential regional blackouts, military mission kills, transportation stoppages, water delivery or treatment issues, and so on. CCE is a validation that engineering first principles can be applied to the most important cybersecurity challenges and in so doing, protect organizations in ways current approaches do not. The most pressing threat is cyber-enabled sabotage, and CCE begins with the assumption that well-resourced, adaptive adversaries are already in and have been for some time, undetected and perhaps undetectable. Chapter 1 recaps the current and near-future states of digital technologies in critical infrastructure and the implications of our near-total dependence on them. Chapters 2 and 3 describe the origins of the methodology and set the stage for the more in-depth examination that follows. Chapter 4 describes how to prepare for an engagement, and chapters 5-8 address each of the four phases. The CCE phase chapters take the reader on a more granular walkthrough of the methodology with examples from the field, phase objectives, and the steps to take in each phase. Concluding chapter 9 covers training options and looks towards a future where these concepts are scaled more broadly.
This publication presents the proceedings of an international conference in the field of nuclear security. The conference was convened to foster the exchange of practices and experiences related to the security of radioactive material under regulatory control in use, transport and storage, and the detection of nuclear and other radioactive material out of regulatory control. The conference provided a forum for Member States to share their experiences, difficulties, and lessons learned during the implementation of IAEA Nuclear Security Series No. 13, Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Rev.5). The publication contains the President's summary of the conference, statements from the opening and closing sessions, and an outline of the conference programme. The attached CD-ROM contains the full conference programme, the list of conference participants, and a selection of papers and presentations from the conference.
"This revision provides guidance on how to establish or improve, develop, implement, maintain, and sustain computer security within nuclear facilities. This publication addresses the use of risk informed approaches to establish and enhance computer security policies, programmes; it describes the integration of computer security into the management system of a facility; establishes a systematic approach to identifying facility functions and appropriate computer security measures that protect sensitive digital assets and the facility from the consequence of cyber-attacks consistent with the threat assessment or design basis threat."--Publisher's description.