Computer Security Aspects of Design for Instrumentation and Control Systems at Nuclear Power Plants.

Intro -- 1. INTRODUCTION -- 1.1. Background -- 1.2. Objective -- 1.3. Scope -- 1.4. Structure -- 2. KEY CONCEPTS FOR COMPUTER SECURITY FOR NPP I&amp -- C SYSTEMS -- 2.1. Safety concepts in overall I&amp -- C architecture -- 2.2. Safety concepts and DiD -- 2.3. Computer security concepts -- 2.4. Computer security levels -- 2.5. Defensive computer security architecture specification -- 2.5.1. Trust models -- 2.5.2. DCSA requirements for computer security DiD -- 2.6. DCSA implementation -- 2.6.1. Computer security DiD -- 2.6.2. Computer security zones -- 2.7. Information technology and I&amp -- C computer systems -- 2.8. Types of computer security measures -- 2.9. Security of design artefacts -- 2.10. Interface between safety and security -- 2.11. Opportunities to enhance computer security -- 2.12. Supply chain considerations -- 3. RISK INFORMED APPROACH TO COMPUTER SECURITY -- 3.1. Modelling -- 3.1.1. Attack surface modelling -- 3.1.2. Threat modelling -- 3.1.3. Facility and system security modelling -- 3.2. Example scenario analysis -- 3.3. Common mechanism issues -- 3.4. Common cause access -- 3.5. Scenario analysis for common mechanism risk -- 4. COMPUTER SECURITY IN THE I&amp -- C SYSTEM LIFE CYCLE -- 4.1. General guidance for computer security -- 4.2. Secure development environment -- 4.3. Contingency plans -- 4.4. I&amp -- C vendors, contractors and suppliers -- 4.5. Computer security training -- 4.6. Common elements of all life cycle phases -- 4.6.1. Management systems -- 4.6.2. Computer security reviews and audits -- 4.6.3. Configuration management for computer security -- 4.6.4. Verification and validation, testing -- 4.6.5. Computer security assessments -- 4.6.6. Documentation -- 4.6.7. Design basis -- 4.6.8. Access control -- 4.6.9. Protection of the confidentiality of information -- 4.6.10. Security monitoring.

4.6.11. Considerations for the overall DCSA -- 4.6.12. DiD against compromise -- 4.7. Specific life cycle activities -- 4.7.1. Computer security requirements specification -- 4.7.2. Selection of predeveloped items -- 4.7.3. I&amp -- C system design and implementation -- 4.7.4. I&amp -- C system integration -- 4.7.5. System validation -- 4.7.6. Installation, overall I&amp -- C system integration and commissioning -- 4.7.7. Operations and maintenance -- 4.7.8. Modification of I&amp -- C systems -- 4.7.9. Decommissioning -- 5. SUMMARY AND CONCLUSIONS -- Appendix I SOFTWARE MODIFICATION VIA REMOVABLE MEDIA -- Appendix II SEPARATION OF SERVICE SYSTEMS AND EXTERNAL COMMUNICATION FROM CLOSED LOOP OPERATION -- Appendix III NUCLEAR FUEL DEGRADATION DETECTION SYSTEM -- REFERENCES -- Annex I DATA COMMUNICATIONS SECURITY -- Annex II RECOMMENDATIONS FOR ESSENTIAL DATA COLLECTION -- ABBREVIATIONS -- CONTRIBUTORS TO DRAFTING AND REVIEW -- STRUCTURE OF THE IAEA NUCLEAR ENERGY SERIES.

Description based on publisher supplied metadata and other sources.

Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.