TY - GEN
T1 - Risk assessment on instrumentation and control network security management system for nuclear power plants
AU - Chen, Yu Jen
AU - Liao, Gen Yih
AU - Cheng, Tsung Chieh
PY - 2009
Y1 - 2009
N2 - Modern nuclear power plants have been adopting open standards in their digital networks to enhance extensibility and interoperability. This also opens another possibility for an attacker to intrude into the networks. To prevent digital networks from being attacked, the U.S. Nuclear Regulatory Commission provides guidelines regarding achieving high reliability and design quality requirements. However, quality assurance in hardware/software components is not sufficient to ensure the security of the overall network system. Security policies and sound system administration are also indispensable factors to rigid security. To enhance the level of security protection in the Taiwan nuclear power plants, this investigation aims at the scope of digital instrumentation and control networks in one of the nuclear power plants in Taiwan, takes advantages of the guidelines of RG 1.152, follows the network security standard of NUREG-0800 Appendix 7.1-D and attempts to plan and design an ISMS based on the methodology of BS7799. The result of this investigation will be able to help nuclear power plants to organize and establish the first phase of Instrumentation and Control Network Security Management System (ICNSMS), which thinks over information and network security issues in a comprehensive perspective.
AB - Modern nuclear power plants have been adopting open standards in their digital networks to enhance extensibility and interoperability. This also opens another possibility for an attacker to intrude into the networks. To prevent digital networks from being attacked, the U.S. Nuclear Regulatory Commission provides guidelines regarding achieving high reliability and design quality requirements. However, quality assurance in hardware/software components is not sufficient to ensure the security of the overall network system. Security policies and sound system administration are also indispensable factors to rigid security. To enhance the level of security protection in the Taiwan nuclear power plants, this investigation aims at the scope of digital instrumentation and control networks in one of the nuclear power plants in Taiwan, takes advantages of the guidelines of RG 1.152, follows the network security standard of NUREG-0800 Appendix 7.1-D and attempts to plan and design an ISMS based on the methodology of BS7799. The result of this investigation will be able to help nuclear power plants to organize and establish the first phase of Instrumentation and Control Network Security Management System (ICNSMS), which thinks over information and network security issues in a comprehensive perspective.
KW - Information security management system (ISMS)
KW - Risk assessment
KW - Vulnerability analysis
UR - https://www.scopus.com/pages/publications/72849108505
U2 - 10.1109/CCST.2009.5335526
DO - 10.1109/CCST.2009.5335526
M3 - 会议稿件
AN - SCOPUS:72849108505
SN - 9781424441709
T3 - Proceedings - International Carnahan Conference on Security Technology
SP - 261
EP - 264
BT - Proceedings - 43rd Annual 2009 International Carnahan Conference on Security Technology, ICCST 2009
T2 - 43rd Annual 2009 International Carnahan Conference on Security Technology, ICCST 2009
Y2 - 5 October 2009 through 8 October 2009
ER -