Cyber Security at Nuclear Facilities

Cyber Security at Nuclear Facilities

The term Cyber security is understood as the protection of the confidentiality, integrity, and availability of data, computer systems, and their processes and networks as well as the ability of these systems and networks to resist unauthorized or malicious acts which could lead to compromise of the confidentiality, integrity or availability of stored, transmitted or processed data or related services or data and services accessible through these networks and information systems.

Considering to obligations of the Slovak Republic arising from the Convention on the Physical Protection of Nuclear Material and its Amendment, as well as considering the fact that the cyber security of the nuclear facilities is part of nuclear security, the Nuclear Regulatory Authority of the Slovak Republic as regulatory body conducts inspections of cyber security in the nuclear facilities in Slovak Republic.

In accordance with the Convention on the Physical Protection of Nuclear Materials and its Amendment, the International Atomic Energy Agency publishes publications that are used as reference documentation for ÚJD supervision over nuclear security. These publications document best practices and requirements for the implementation and maintenance of a physical protection system of nuclear materials as well as cyber security of computer systems of nuclear facilities.

In IAEA publication NSS No. 13 Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Revision 5) is stated: „4.10. Computer-based systems used for physical protection, nuclear safety, and nuclear material accountancy and control should be protected against compromise (e.g. cyber-attack, manipulation or falsification) consistent with the threat assessment or design basis threat.“

IAEA Nuclear Security Series publications related to the physical protection of nuclear material and cyber security of nuclear facilities:

Nuclear Security Fundamentals:
IAEA NSS No. 20 Objective and Essential Elements of a State’s Nuclear Security Regime

Recommendations:
IAEA NSS No. 13 Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Revision 5)
IAEA NSS No. 14 Nuclear Security Recommendations on Radioactive Material and Associated Facilities
IAEA NSS No. 15 Nuclear Security Recommendations on Nuclear and Other Radioactive Material out of Regulatory Control

Implementating guidance:
IAEA NSS No. 23-G Security of Nuclear Information

Technical guidance:
IAEA NSS No. 17 Computer Security at Nuclear Facilities
IAEA NSS No. 17-T (Rev. 1) Computer Security Techniques for Nuclear Facilities
IAEA NSS No. 33-T Computer Security of Instrumentation and Control Systems at Nuclear Facilities
IAEA NES No. NR-T-3.30 Computer Security Aspects of Design for Instrumentation and Control Systems at Nuclear Power Plants 

Updated: 15.02.2022