Back to Search Start Over

Computer security regulation for nuclear installation: A suggestion

Authors :
M. F. S. Putra
F. P. Cusmanri
M. R. Ridhallahi
Z. Zulfiandri
Source :
AIP Conference Proceedings.
Publication Year :
2021
Publisher :
AIP Publishing, 2021.

Abstract

The progress and development of information technology has opened up one form of nuclear crime, namely computer crime. The Stuxnet incident that occurred in 2010 is one example of cyber incidents related to nuclear security. The International Atomic Energy Agency (IAEA) as an international regulatory body has paid attention to computer security as outlined in one of the important elements in NSS 20 - Objective and Essentials Elements of a State’s Nuclear Security Regime. The security aspect itself is one of the aspects emphasized in Act Number 10 of 1997 concerning Nuclear Energy. Government Regulation Number 54 of 2012 concerning Nuclear Installation Safety and Security outlines a more detailed discussion of nuclear installation security, which is a more specific discussion on safety in the aspect of physical protection regulated in Regulation of the Head of the Nuclear Power Supervisory Agency Number 1 of 2009 concerning Installation Physical Protection Systems and Nuclear Materials. However, all of these regulations still do not explicitly mention computer security. This paper was prepared to provide recommendations that can be used in the preparation of regulations and guidelines related to computer security in nuclear installations. This paper was prepared using the main reference NSS 17 - Computer Security at Nuclear Facilities which was perfected by the review of Regulatory Guide 5.71 - Cyber Security Programs for Nuclear Facility, CSA N290.7-14 - Cyber Security for Nuclear Power Plants and Small Reactor Facilities, and REGDOC-2.5.2. - Design of Reactor Facilities: Nuclear Power Plants. From the results of the study, it was concluded that several things that need to be considered as required regarding computer security are the establishment of a computer security team, the preparation of a computer security plan, a graded approach to computer security, and risk assessment.

Details

ISSN :
0094243X
Database :
OpenAIRE
Journal :
AIP Conference Proceedings
Accession number :
edsair.doi...........a3a2e75bdbf974a28a684d4ee4e0b9fa
Full Text :
https://doi.org/10.1063/5.0058875