{"title":"核电站仪表与控制网络安全管理系统的风险评估","authors":"Yu-Jen Chen, Gen-Yih Liao, T. Cheng","doi":"10.1109/CCST.2009.5335526","DOIUrl":null,"url":null,"abstract":"Modern nuclear power plants have been adopting open standards in their digital networks to enhance extensibility and interoperability. This also opens another possibility for an attacker to intrude into the networks. To prevent digital networks from being attacked, the U.S. Nuclear Regulatory Commission provides guidelines regarding achieving high reliability and design quality requirements. However, quality assurance in hardware/software components is not sufficient to ensure the security of the overall network system. Security policies and sound system administration are also indispensable factors to rigid security. To enhance the level of security protection in the Taiwan nuclear power plants, this investigation aims at the scope of digital instrumentation and control networks in one of the nuclear power plants in Taiwan, takes advantages of the guidelines of RG 1.152, follows the network security standard of NUREG-0800 Appendix 7.1-D and attempts to plan and design an ISMS based on the methodology of BS7799. The result of this investigation will be able to help nuclear power plants to organize and establish the first phase of Instrumentation and Control Network Security Management System (ICNSMS), which thinks over information and network security issues in a comprehensive perspective.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Risk assessment on Instrumentation and Control Network Security Management System for nuclear power plants\",\"authors\":\"Yu-Jen Chen, Gen-Yih Liao, T. Cheng\",\"doi\":\"10.1109/CCST.2009.5335526\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Modern nuclear power plants have been adopting open standards in their digital networks to enhance extensibility and interoperability. This also opens another possibility for an attacker to intrude into the networks. To prevent digital networks from being attacked, the U.S. Nuclear Regulatory Commission provides guidelines regarding achieving high reliability and design quality requirements. However, quality assurance in hardware/software components is not sufficient to ensure the security of the overall network system. Security policies and sound system administration are also indispensable factors to rigid security. To enhance the level of security protection in the Taiwan nuclear power plants, this investigation aims at the scope of digital instrumentation and control networks in one of the nuclear power plants in Taiwan, takes advantages of the guidelines of RG 1.152, follows the network security standard of NUREG-0800 Appendix 7.1-D and attempts to plan and design an ISMS based on the methodology of BS7799. The result of this investigation will be able to help nuclear power plants to organize and establish the first phase of Instrumentation and Control Network Security Management System (ICNSMS), which thinks over information and network security issues in a comprehensive perspective.\",\"PeriodicalId\":117285,\"journal\":{\"name\":\"43rd Annual 2009 International Carnahan Conference on Security Technology\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-11-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"43rd Annual 2009 International Carnahan Conference on Security Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCST.2009.5335526\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"43rd Annual 2009 International Carnahan Conference on Security Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2009.5335526","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Risk assessment on Instrumentation and Control Network Security Management System for nuclear power plants
Modern nuclear power plants have been adopting open standards in their digital networks to enhance extensibility and interoperability. This also opens another possibility for an attacker to intrude into the networks. To prevent digital networks from being attacked, the U.S. Nuclear Regulatory Commission provides guidelines regarding achieving high reliability and design quality requirements. However, quality assurance in hardware/software components is not sufficient to ensure the security of the overall network system. Security policies and sound system administration are also indispensable factors to rigid security. To enhance the level of security protection in the Taiwan nuclear power plants, this investigation aims at the scope of digital instrumentation and control networks in one of the nuclear power plants in Taiwan, takes advantages of the guidelines of RG 1.152, follows the network security standard of NUREG-0800 Appendix 7.1-D and attempts to plan and design an ISMS based on the methodology of BS7799. The result of this investigation will be able to help nuclear power plants to organize and establish the first phase of Instrumentation and Control Network Security Management System (ICNSMS), which thinks over information and network security issues in a comprehensive perspective.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
