What are the nuclear security considerations that the extensive use of advanced digital systems and information-technology features bring with them? How do nuclear security regulations address risks such as cyber-attacks?
Computer-based systems and advanced technologies are increasingly used to support a wide range of operations in nuclear power plants, research reactors, radiological waste facilities, and in many other applications of peaceful uses of nuclear technology.
Remaining vigilant and having resilient processes in place to prevent hacking and other forms of cyber- attacks are of critical importance. “As cyber-attacks are potential threats against measures that protect nuclear facilities, computer security and nuclear security are closely interlinked,” said Elena Buglova, Director of the IAEA Division of Nuclear Security. “Building and maintaining a robust computer and information security programme are essential components of nuclear security arrangements. Their effectiveness and sustainability require a well thought out strategy and well-established regulations.”
Experts from around the world will meet to discuss latest developments in this field at a ‘Technical Meeting on Computer Security Regulations and Inspections in Nuclear Security,’ in Berlin, Germany, hosted by the German Ministry for the Environment, Nature Conservation and Nuclear Safety (BMU), from 30 May to 3 June, 2022.
The meeting’s focus is on the need for computer security strategies, legislation, and regulations to implement computer security controls to protect nuclear installations, materials and critical functions. The meeting will also provide a platform to enhance interaction and information exchange as well as good practices in the field of computer technology.
Speakers will address the following topics:
- initial development and implementation of national computer security strategies and associated regulatory frameworks;
- technical considerations for computer security regulations;
- progressive approaches to enacting computer security regulations; and
- implementing and sustaining inspection programmes for computer security regulations.
At working group sessions, technical workshops and an open forum, participants will have the opportunity to share strategies, practices, needs and lessons learned on implementing computer security regulations to address computer security as an integral part of nuclear security.
For those interested in presenting their work, they need to submit their abstracts by 22 February 2022. More information about the meeting and the abstract submission can be found here: Technical Meeting on Computer Security Regulations and Inspections in Nuclear Security | IAEA
IAEA Nuclear Security Programme and Computer Security
The information and computer security activities currently implemented by the IAEA are outlined in the Nuclear Security Plan 2022-2025. It emphasizes information exchange and research as main tools to stay abreast of the technological developments.
The IAEA offers guidance and e-learning tools to address countries’ needs with regard to computer security and nuclear security. The latest IAEA implementing guide to comprehensively address computer security – Nuclear Security Series (NSS) No. 42-G Computer Security for Nuclear Security – was issued in 2021.
