WizNucleus to present at the upcoming NITSL Workshop on July 12-14, 2011. (read more)
FERC – Federal Energy Regulatory Commission
The Federal Energy Regulatory Commission (FERC) is an independent agency that regulates the interstate transmission of electricity, natural gas, and oil. FERC also reviews proposals to build liquefied natural gas (LNG) terminals and interstate natural gas pipelines as well as licensing hydropower projects.
NERC – North American Electric Reliability Corporation
The North American Electric Reliability Corporation (NERC) provides effective reliability standards and a strong standards enforcement program, to help maintain and improve the reliability of North America’s bulk power system. These include identifying issues before they have a chance to become critical, sharing best practices, supporting training and education, monitoring the international electric grid, benchmarking performance to provide the industry with an objective lens through which to view itself.
NRC – Nuclear Regulatory Commission
The U.S. Nuclear Regulatory Commission (NRC) was created as an independent agency by Congress in 1974 to enable the nation to safely use radioactive materials for beneficial civilian purposes while ensuring that people and the environment are protected. The NRC regulates commercial nuclear power plants and other uses of nuclear materials, such as in nuclear medicine. The NRC does accomplishes this by nuclear reactor licensing, inspection and enforcement of its requirements.
RG 5.71 & 10 CFR 73.54
The US Nuclear Regulatory Commission (NRC) issued NRC Regulatory Guide, RG 5.71 Cyber Security Program for Nuclear Facilities in January 2010. In it, the section dealing with the protection of digital computer and communication systems and networks is 10 CFR 73.54. It requires, in part, that US Nuclear Regulatory Commission (NRC) licensees provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks. 10 CFR 73.54(a)(2) requires the licensee to protect such systems and networks from those cyber attacks that would act to modify, destroy, or compromise the integrity or confidentiality of data or software; deny access to systems, services, or data; and impact the operation of systems, networks, and equipment.
CDA Management & Cyber Security
Nuclear facilities use digital and analog systems to monitor and operate equipment, and to obtain and store vital information. Many plant computer systems are now linked to digital networks that extend across the plant, performing safety, security and emergency preparedness functions. These are called critical digital assets (CDAs).
CDA indentification, management and protection is extremely important. Protection of these critical digital assets (CDAs) and the information they contain from sabotage or malicious use is called cyber security. All power reactor facilities licensed by the NRC must have a cyber security program. CDA management can be done using a CDA management software or tool.
ITAAC – Inspections, Tests, Analyses And Acceptance Criteria
The next generation of nuclear plants will be built under combined operating licenses that reference designs that are pre-certified by the USNRC. ITAAC provides the nuclear reactor and the regulator with evidence that the plant and its equipment were procured and constructed in accordance with the certified-design.
A large number of independent organizations including the reactor supplier, the plant constructor, engineering firms, testing organizations, component manufacturers, equipment suppliers, and the utility will prepare and certify ITAAC documents.
Critical Infrastructure Protection (CIP) reliability or CIP compliance has been instituted by the NRC to establish cyber security at control centers, critical substations and any other locations having critical cyber assets (CCAs). The nuclear power plant must identify all CCAs within a physical location and then define an electronic perimeter such that all connections to this collection of devices and software systems are secured. The CIP regulations ensure that the nuclear power plant is completely secure from hackers and cyber threats.