ISSRC Information Systems Security Research Center. University of Oulu, Department of Information Processing Science T.Wiander, M.

ISSRC Information Systems Security Research Center University of Oulu, Department of Information Processing Science T.Wiander, M.Siponen

TIMO WIANDER M.Sc (IS), B.Sc (Marketing) Project Manager ISSRC ISO/IEC 9000 Lead Auditor Practical experience 18+ years ISO/IEC 27001 Lead Auditor Practical experience 14+ years Contract Auditor (Department of Defence) CISA Country representative in IAEA TM-group (Security) on behalf of STUK

Sponsors Our sponsors include: STUK (Radiation and Nuclear Safety Authority) Fortum Corp. TVO (Teollisuuden Voima Oyj Outokumpu Oyj Nokia Corp. Elisa Corp. Elektrobit Corp. F-Secure Corp Itella SOK (Suomen Osuuskauppojen keskuskunta) City of Oulu

Categories in the IAEA Nuclear Security Guidelines Nuclear Security Fundamentals contain objectives, concepts and principles of nuclear security and provide the basis for security recommendations. Recommendations present best practices that should be adopted by Member States in the application of the Nuclear Security Fundamentals.

Categories in the IAEA Nuclear Security Guidelines Implementing Guides provide further elaboration of the Recommendations in broad areas and suggest measures for their implementation. Technical Guidance publications comprise: Reference Manuals, with detailed measures and/or guidance on how to apply the Implementing Guides in specific fields or activities; Training Guides, covering the syllabus and/or manuals for IAEA training courses in the area of nuclear security; and Service Guides, which provide guidance on the conduct and scope of IAEA nuclear security advisory missions.

Computer Security at Nuclear Facilities Techical Guidance -Reference Manual Recommendation status under consideration Consists of 3 parts: Introduction, Requirements and Implementation guidance Development started 2004, initialisation 8/2003 Re-start 2006 due to organisational changes Workshops, expert review, balloting Estimated publication 12/2010 Will be available on iaea.org/publications

Table of Contents 1 Introduction 1.1 Background 1.2 Objectives 1.2.1 Document objectives 1.2.2 Nuclear security and computer security objectives 1.3 Requirements specific to nuclear facilities 1.4 Intended audience and document structure 1.5 Methodology 1.6 Definitions

Table of Contents 2 Regulatory and Management considerations (PART 1) 2.1 Legislative considerations 2.2 Regulatory considerations 2.3 Site Security framework 2.3.1 Computer Security 2.3.2 Computer systems at nuclear facilities 2.3.3 Defence in depth 2.4 Assessing the threat environment

Table of Contents 3 Management systems 4 Organizational issues 4.1 Authorities and responsibilities 4.1.1 Management 4.1.2 Computer Security Officer 4.1.3 Computer Security Team 4.1.4 Organizational Management Responsibilities 4.1.5 Individual Responsibility 4.2 Computer security awareness culture 4.2.1 Computer Security Training Programme

Table of Contents 5 Implementing computer security (PART 2) 5.1 Computer Security Plan (CSP) and Policy 5.1.2 Components of the CSP 5.2 Interaction with other domains of security 5.2.1 Personnel security 5.3 Assets Analysis and Management 5.4 Computer systems classification 5.4.1 Safety classification 5.4.2 Security or security related systems 5.5 Graded approach to computer security

Table of Contents 6 Threats, Vulnerabilities and Risk Management 6.1 Basic concepts and relationships 6.2 risk assessment and management 6.3 Threats identification and characterisation 6.3.1 Design Basis Threat 6.3.2 Attacker profiles 6.3.3 Attack Scenarios 6.4 A simplified outcome of a risk assessment

Table of Contents 7 Special Considerations for Nuclear Facilities 7.1 Facility lifetime phases and modes of operation 7.2 Differences between it systems and control systems 7.3 Demand for additional connectivity and related consequences 7.4 considerations on software updates 7.5 Secure design and specifications for computer Systems. 7.6 Third party/vendor access control procedure

Table of Contents 8 Glossary & Abbreviations 9 Appendix I. An example of zone model implementation 10 Appendix II. Scenarios for imaginable attacks against systems in nuclear facilities 10.1.1 Information gather to support a malicious act scenario 10.1.2 Attack disabling or compromising one or several computer systems 10.1.3 Computer systems compromise as a tool of coordinated attack

Table of Contents 11 Appendix III. A methodology for identifying computer security requirements 12 Appendix IV. The role of Human Error in Computer Security 13 Appendix V.Bibliography 13.1 IAEA guidance of relevance 13.2 International standards 13.3 Web resources 13.4 Other relevant literature

Table of Contents 14 Document evolution 14.1.1 Record of changes 14.1.2 Contributors to drafting and review 14.1.3 Consultants Meetings

State of Art Number of publications IAEA Nuclear Security Series (15) IAEA Safety Series (85) IAEA Safety Standards Series (125) Safety Reports Series (59) Security Safety

(Un)Lucky Accident STUXNET Technical issue vs. management of security?

Further Development Revised version 4/2011? (TECHNICAL MEETING in FIN) Web resources? Supporting tools and methods? Sharing of Best Practices?

More information Project Manager Timo Wiander, timo.wiander@oulu.fi; 040 532 7872 http://issrc.oulu.fi http://www.iaea.org/publications/