Application of a Graded Approach and Defence in Depth for Computer Security at Nuclear Facilities

摘要

Computer security (or Cyber Security) of I&C systems (i.e. sensitive digital assets) at nuclearfacilities is of increasing importance based upon the adoption of cyber-attacks as a key componentof a potential adversary’s Tactics, Techniques and Procedures (TTPs). This new capability (i.e. tolaunch cyber-attacks) demands that operators of nuclear facilities put in place a programme andmeasures ensure protection of I&C systems.However, given that resources and time are limited, operators need to apply their limitedresources in a manner that maximizes the security benefit. The International Atomic EnergyAgency (IAEA) recognizes the need for efficient and effective approaches to security. IAEANuclear Security Series (NSS) Fundamentals NSS 20 [1], Essential Element 9: Use of RiskInformed Approaches states “A nuclear security regime uses risk informed approaches, includingin the allocation of resources for nuclear security systems and nuclear security measures and in theconduct of nuclear security related activities that are based on a graded approach and defence indepth.”For computer security, the IAEA defines the concepts of computer security levels andcomputer security zones in NSS 17 [2]. Computer security levels exist as a requirementsspecification that details the constraints and conditions imposed that must be met to ensure thatappropriate protection is provided to sensitive digital assets. Each individual computer securitylevel will require a graded level of effort (i.e. allocated resources), level of confidence inmeasures, and a level of adherence to requirements (or procedures) when conducting activities thatmay affect computer security.Computer security zones have logical and/or physical boundaries for which a common set ofrequirements (i.e. computer security level) are imposed or applied. Computer security zones existand consists of boundaries, devices and measures that are observable and/or measurable. Thearrangement of computer security zones within a defensive computer security architecture ensurethat defence-in-depth is achieved.The purpose of this paper is to provide an overview of IAEA guidance on the application of agraded approach and defence in depth to computer security at nuclear facilities. The paper willalso discuss the concepts of computer security levels and zones as found in IAEA Nuclear SecuritySeries (NSS) publications on computer security.