10 CFR 73.54 PDF
protected area must be checked for proper authorization and visually searched § Protection of digital computer 10 CFR Ch. I (1–1–10 Edition ). industry voluntary cyber program (NEI ); 10 CFR , Cyber Security Rule; Implementation/Oversight of Interim Cyber Security Milestones. In the SRM, the Commission determined as a matter of policy that the NRC’s cyber security regulation (10 CFR ) should be interpreted to.
|Published (Last):||1 November 2017|
|PDF File Size:||1.92 Mb|
|ePub File Size:||17.39 Mb|
|Price:||Free* [*Free Regsitration Required]|
Nuclear Industry Cyber Security Regulation
Notably, sincesix power reactors have permanently shut down, defueled, and entered decommissioning, and 12 additional reactor units are slated to do the same. Login Register Follow on Twitter Search.
This is significant because if the Standard is revised, without proper technical considerations to the unique NPP operational environment, this could place burdensome and problematic operational challenges to the NPP simply to meet NERC compliance once it becomes effective.
Unlike most software providers, who maintain a rigid code base with brittle interfaces to third-party systems of record, DevonWay builds applications that anticipate change.
This new product expands DevonWay’s commitment to supplying cvr enterprise asset management solutions. Secondly, the Commission considered and, as appropriate, incorporated the 12 factors identified in the 773.54 Policy Act of 73.554 The proposed rule would change language in 10 CFR Parts 50, 72, and 73 related to physical security requirements that would apply once a power reactor enters decommissioning. Given the above compliance responsibilities and the nuclear challenge articulated above, the following are the specific related challenges for NPPs today:.
The devil is always in the details.
Given the importance of this rulemaking, we will continue to monitor related developments, including associated public meetings and public comments on the proposed rule and draft guidance documents. This fact has prompted decommissioning licensees to request resource intensive regulatory exemptions and related license amendments. If you would like to learn how Lexology can drive your content marketing strategy forward, please email enquiries lexology.
Your email address will not be published. To achieve reasonable compliance, each NPP must identify all of their critical digital assets CDA that, if compromised, could impact the performance of a security, safety, important to safety, or emergency preparedness SSEP system function.
NRC Staff Seeks Commission Approval to Publish Proposed Decommissioning Rule Changes
The proposed rule, which is accompanied by a draft regulatory analysis and a draft environmental assessment, represents the latest step in a rulemaking process that the NRC staff commenced in Decemberwhen the Commission directed the staff to proceed with an integrated rulemaking on power reactor decommissioning in response to the increasing number of power reactors entering decommissioning.
USA May 24 For example, the final rule contains provisions related to multiple, coordinated groups of attackers, suicide attacks and cyber threats.
The proposed changes would codify a two-step graded reduction approach that recognizes that reductions in insurance amounts may be warranted commensurate with reductions in both the probability and consequences of an incident at a decommissioning reactor Foreign Ownership, Control, or Domination: In order to insure compliance with NRC requirements, NPPs have committed to full implementation of their site cyber security plan over the period The proposed rule would provide that the cybersecurity requirements in 10 CFR Additionally, within the cyber security team, knowledge is required of both nuclear plant and corporate-wide cyber networks along with detailed plant systems and design experience.
DevonWay has a track record of deploying systems into production at nuclear sites in just days, and is unique in its ability to apply change as cyber security rules continue to evolve.
However, from our perspective, the most important aspects of the proposed rule include changes to the following areas:. Comments There have been several developments in Cyber Security for Nuclear Power in the past few weeks.
Leave a Reply Cancel reply Your email address will not be published. Over the last sixteen years we have helped many asset owners and vendors improve the security and reliability of their ICS, and our S4 events are an opportunity for technical experts and thought leaders to connect and move the ICS community forward.
Popular articles from this firm Contract Corner: You still have to meet the requirements by compensating controls.
It is also recommended that key NPP staff be placed on the NERC Standards email distribution list for up and coming changes in the Standards, request to be on distribution can be made via email at sarcomm nerc.
Energy in Transition General. See this small excerpt as an example:. Discussing the new offering, Robert W. The proposed rule also would ctr for the removal of the cybersecurity license condition for 10 CFR Part 50 power reactor licensees after the spent fuel decay period Decommissioning Funding Assurance: Reply with your comment Cancel reply Your email address will not 7.54 published.
This approach would provide four levels of emergency planning standards that coincide with significant milestones in decommissioning and which reflect the gradual reduction of the radiological risk during decommissioning: Cyber security Program Management Outline. Your email address will not be published. We have collaborated with several of our respected customers to help ensure that CyberWay can be easily and quickly configured to meet the requirements of single-unit plants and fleets alike, even as the rules and regulations evolve.
One or two experienced and highly skilled cyber security staff members should have expertise in all of these areas along with knowledge of industry best practices and operations experience. The challenge will then be implementing this plan. Accordingly, the principal purpose of the proposed rule is to increase regulatory efficiency by aligning decommissioning requirements 7.354 the 73.45 in radiological risk that occurs over time such that fewer plant-specific exemptions and license amendments are necessary while still adequately protecting public 01 and safety and maintaining security.
Cyber Security, NERC Compliance, and the Nuclear Plant Challenge
The proposed changes would allow power reactor licensees to use 37.54 funds in their decommissioning trust funds DTFs established under 10 CFR 7.354 will be attending the NEI Cyber Security Implementation Workshop in Baltimore on Januarywhere we will conduct software demonstrations and answer questions to help program managers assess their readiness for developing cyber security plans. Rather than add to that complexity with a typical enterprise-wide IT development project, plant CIOs are requesting that DevonWay configure an easy-to-use solution.
Hats off to the drafting team though on a good effort and necessary document.