- 86 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
About this book
This publication provides detailed guidance on developing, implementing, and integrating computer security as a key component of nuclear security. This guidance applies to computer security aspects of nuclear security and its interfaces with nuclear safety and with other elements of a State's nuclear security regime, including the security of nuclear material and nuclear facilities, of radioactive material and associated facilities, and of nuclear and other radioactive material outside of regulatory control. The scope of this publication includes: computer-based systems, the compromise of which could adversely affect nuclear security or nuclear safety; the State's and relevant entities roles and responsibilities in relation to computer security in the nuclear security regime; the activities of the State in establishing and implementing a computer security strategy for nuclear security; the elements and measures for subordinate computer security programmes; and the activities to sustain the strategy.
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Computer Security for Nuclear Security by in PDF and/or ePUB format, as well as other popular books in Technology & Engineering & Mechanical Engineering. We have over one million books available in our catalogue for you to explore.
Information
1. INTRODUCTION
Background
1.1. Computer based systems play an essential role in all aspects of the safe and secure operation of facilities and activities using, storing and transporting nuclear material and other radioactive material, including maintaining physical protection, and in measures for detection of and response to material out of regulatory control. All such computer based systems therefore need to be secured against criminal or intentional unauthorized acts. As technology advances, the use of computer based systems in all aspects of operations, including nuclear security and safety, is expected to increase.
1.2. The Nuclear Security Fundamentals [1] stress the importance of information security, including computer security, within a nuclear security regime, and the need for assurance activities to identify and address issues and factors that might affect the capacity to provide adequate nuclear security, including computer security.
1.3. The security of sensitive information is a component of Essential Element 3 for a national nuclear security regime. Reference [1] states that: “The legislative and regulatory framework, and associated administrative measures … Provide for the establishment of regulations and requirements for protecting the confidentiality of sensitive information and for protecting sensitive information assets”. The security of sensitive information and sensitive information assets implies protecting the confidentiality, integrity and availability of such information and assets. The Amendment to the Convention on the Physical Protection of Nuclear Material [2] also identifies the protection of the confidentiality of information as its Fundamental Principle L.
1.4. Paragraph 4.10 of the Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Revision 5) [3] states:
“Computer based systems used for physical protection, nuclear safety, and nuclear material accountancy and control should be protected against compromise (e.g. cyber attack, manipulation or falsification) consistent with the threat assessment or design basis threat.”
1.5. The Nuclear Security Recommendations on radioactive material and associated facilities [4] and on nuclear and other radioactive material out of regulatory control [5] also stress the need to prevent unauthorized access to sensitive information and to protect it from compromise. Suggested Recommendations level guidance, intended to supplement the recommendations on computer security in Refs [3–5] pending future revision of these publications, is provided in Annex I.
1.6. When computer based systems are used to process, transmit and store sensitive information in digital form, its confidentiality, integrity and availability need to be sufficiently protected through the implementation of computer security measures throughout the life cycle of such digital assets. Computer security includes the measures necessary for the prevention and detection of, response to and recovery of computer based systems from cyber-attacks.
1.7. Nuclear security threats have identified cyber-attacks as a means to target computer based systems to carry out or facilitate malicious acts, whether directly or in combination with more conventional means such as physical access and insiders. Such acts could result in unauthorized removal of nuclear or other radioactive material or sabotage potentially leading to unacceptable radiological consequences. Cyber-attacks could also be used to facilitate other criminal or intentional unauthorized acts, such as trafficking of nuclear or other radioactive material out of regulatory control.
1.8. To address the full range of potential nuclear security threats, therefore, a nuclear security regime needs to include the means to address threats who have or can acquire skills for targeting computer based systems with cyber-attacks. Furthermore, nuclear security threats who do not themselves have such skills can induce individuals who do have them (for example, by payment or by duress) to assist.
1.9. Maintaining effective computer security at facilities handling nuclear material or other radioactive material, and in associated activities such as transport, is a significant challenge, owing to the substantial and rapidly evolving threat. Many of the essential elements of a State’s nuclear security regime depend upon, or are supported by, computer based systems and therefor...
Table of contents
- 1. INTRODUCTION
- Appendix NUCLEAR SAFETY INTERFACE CONSIDERATIONS FOR COMPUTER SECURITY AT FACILITIES
- REFERENCES
- Annex I SUGGESTED RECOMMENDATIONS LEVEL GUIDANCE ON COMPUTER SECURITY FOR A NATIONAL NUCLEAR SECURITY REGIME
- Annex II CYBERTHREAT PROFILES
- Annex III ASSIGNMENT OF COMPUTER SECURITY RESPONSIBILITIES
- Annex IV EXAMPLE FRAMEWORK OF COMPUTER SECURITY COMPETENCES AND LEVELS OF CAPABILITY
- GLOSSARY