protected area must be checked for proper authorization and visually searched § Protection of digital computer 10 CFR Ch. I (1–1–10 Edition ). industry voluntary cyber program (NEI ); 10 CFR , Cyber Security Rule; Implementation/Oversight of Interim Cyber Security Milestones. In the SRM, the Commission determined as a matter of policy that the NRC’s cyber security regulation (10 CFR ) should be interpreted to.

Author: Shazuru Feshicage
Country: Solomon Islands
Language: English (Spanish)
Genre: Science
Published (Last): 6 June 2018
Pages: 273
PDF File Size: 18.49 Mb
ePub File Size: 18.69 Mb
ISBN: 946-3-49045-898-3
Downloads: 67198
Price: Free* [*Free Regsitration Required]
Uploader: Vora

Follow us on social media Facebook Twitter LinkedIn.

Cyber Security, NERC Compliance, and the Nuclear Plant Challenge

Unlike most software providers, who maintain a rigid code base with brittle interfaces to third-party systems of record, DevonWay builds applications that anticipate change. The proposed rule would provide an alternative, graded approach to the current 10 CFR Part 50 requirements for onsite and offsite radiological EP at power reactor sites.

Popular articles from this firm Contract Corner: The proposed revisions are broad in scope insofar as they would amend language in multiple parts of NRC regulations, including 10 CFR Parts 20, 26, 50, 51, 52, 72, 73, and You still have to meet the requirements by compensating controls.

However, this may not always be feasible. Accordingly, the principal purpose of the proposed rule is to increase regulatory efficiency by aligning decommissioning requirements with the reduction in radiological risk that occurs over time such that fewer plant-specific exemptions and license amendments are necessary while still adequately protecting public health and safety and maintaining security.

What is the difference between a conditional and an unconditional offer?

This approach would provide four levels of emergency planning standards that coincide with significant milestones in decommissioning and which reflect the gradual reduction of the radiological risk during decommissioning: However, from our perspective, the most important aspects of the proposed rule include changes to the following areas: We did not do an exhaustive comparison, but the technical, operational and management requirements looked to be basically NIST plus some additional words and minor modifications.

We have collaborated with several of our respected customers to help ensure that CyberWay can be easily and quickly configured to meet the requirements of single-unit plants and fleets alike, even as the rules and regulations evolve.

As noted in SECY, the proposed rule includes changes in three areas that would apply to operating reactor licensees: Additionally, within the cyber security team, knowledge is required of both nuclear plant and corporate-wide cyber networks along with detailed plant systems and design experience.


NRC Staff Seeks Commission Approval to Publish Proposed Decommissioning Rule Changes – Lexology

Regulatory Position because it enumerates the specific elements a Cffr Security Plan should entail. Please contact customerservices lexology. DevonWay has a track record of deploying systems into production at nuclear sites in just days, and is unique in its ability to apply change as cyber security rules continue to evolve. Your email address will not be published.

It is also recommended that key NPP staff be placed on the NERC Standards email distribution list for up and coming changes in the Standards, request to be on distribution can be made via email at sarcomm nerc.

Your email address will not be published.

The types of potential accidents at decommissioning reactors are substantially fewer, and the risks of radiological releases are substantially lower, relative to those at operating reactors. Notably, sincesix power reactors have permanently shut down, defueled, and entered decommissioning, and 12 additional reactor units are slated to do the same.

The proposed changes for decommissioning power 37.54 would allow for a graded approach and alternatives for physical security of the facility e.

DevonWay products are quick to deploy and modify, and they integrate easily with systems of record. The proposed rule would provide that the cybersecurity requirements in 10 CFR Given the importance of this rulemaking, we will continue to monitor related developments, including associated public meetings and public comments on the proposed rule and draft guidance documents.

Extending the plant configuration to include support for critical digital assets and providing a fully attributed cyber-security Controls Library reflecting NEI Rev. This new product expands DevonWay’s commitment to supplying next-generation enterprise asset management solutions. About Us Digital Bond was founded in and performed our first control system security assessment in the year USA May 24 We will be attending the NEI Cyber Security Implementation Workshop in Baltimore on Januarywhere we will conduct software demonstrations and answer questions to help program managers assess their readiness for developing cyber security plans.

The proposed changes would 73.54 power reactor licensees to use excess funds in their decommissioning trust funds DTFs established under 10 1 Given the above compliance responsibilities and the nuclear challenge articulated above, the following are the specific related challenges for NPPs today:.

The proposed rule would change language in 10 CFR Parts 50, 72, and 73 related to physical security requirements that would apply once a power reactor enters decommissioning.

Finally, the NRC staff noted that it intends to publish four draft cfg documents for public comment in conjunction with the proposed rule. Certain NRC decommissioning regulations, however, do not specifically account for this important difference between shutdown and operating plants.


You can see the requirements in C. This change would eliminate cgr FOCD prohibition for reactors in decommissioning. Long Story 73.554 short: The key sections is C: Given the age of many of these nuclear related control systems this could be quite a challenge.

Leave a Reply Cancel reply Your email address will not be published. Login Register Follow on Twitter Search. The proposed rule also would provide for the removal of the cybersecurity license condition for 10 CFR Part 50 power reactor licensees after the spent fuel decay period Decommissioning Funding Assurance: Approach and implementation of information flow enforcement will be especially interesting:.

NRC Staff Seeks Commission Approval to Publish Proposed Decommissioning Rule Changes

Hats off to the drafting team though on a good effort and necessary document. In order to insure compliance with NRC requirements, NPPs have committed to full implementation of their site cyber security plan over the period In addition, potential internal threats such as disgruntled employees releasing sensitive information to the media or taking intellectual property from the company, human errors from employees causing plant transients, or loss of configuration management are issues of significant importance to NPP management.

See this small excerpt as an example:. To achieve reasonable compliance, each NPP must identify all of their critical digital assets CDA that, if compromised, could impact the performance of a security, safety, important to safety, or emergency preparedness SSEP system function.

If you would like to learn how Lexology can drive your content marketing strategy forward, please email enquiries lexology. The proposed rule, which is accompanied by a draft regulatory analysis and a draft environmental assessment, represents the latest step in a rulemaking process that the NRC staff commenced in Decemberwhen the Commission directed the staff to proceed with an integrated rulemaking on power reactor decommissioning in response to the increasing number of power reactors entering decommissioning.

My saved default Read later Folders shared with you. This is significant because if the Standard is revised, without proper technical considerations to the unique NPP operational environment, this could place burdensome and problematic operational challenges to the NPP simply to meet NERC compliance once it becomes effective. Comments There have been several developments in Cyber Security for Nuclear Power in the past few weeks.