ML18227A182

From kanterella
Revision as of 22:31, 12 June 2019 by StriderTol (talk | contribs) (Created page by program invented by StriderTol)
Jump to navigation Jump to search
Draft Guidance 5061 Slides for Public Meeting
ML18227A182
Person / Time
Issue date: 08/15/2018
From: Kim Lawson-Jenkins
NRC/NSIR/DPCP/CSB
To:
References
DG-5061, RG-5.71
Download: ML18227A182 (12)
v  d  e


Text

Revision of RG 5.71(Draft Guidance 5061)Kim Lawson

-JenkinsCyber Security BranchDivision of Physical and Cyber Security PolicyOffice of Nuclear Security and Incident Response 1

2Reasons for revising RG 5.71

  • RG 5.71 released in 2010
  • Since 2010-

-New NRC regulation

-Implementation of cyber security plans at licensees' plants-Milestone 1

-7 cyber security inspections

-NEI 13-10-Addendums to NEI 08

-09*Work began on DG

-5061 in spring 2016 Scope of Updates

  • Clarify existing interpretation of regulations
  • Based on lessons learned from Milestones 1

-7 inspections

  • Changes apply going forward*New regulation since 2010

-Cyber security event notification

-53 r4*New IAEA security guidance 3

4Dependencies

  • Resolution of SFAQs oDeterministic Devices oData Integrity oMoving Data Between Security Levels oTreatment of Maintenance & Test Equipment
  • Outcome of 2016 Table Top Exercises oDetection Response and Elimination oMonitoring and Assessment oDrills and Exercises
  • NEI 08-09 Addendums Staff Regulatory GuidanceAsset Identification associated with 10 CFR 73.54*Balance of Plant Equipment
  • The importance of identifying attack surfaces and attack pathways in the analysis of digital systems 5

Staff Regulatory GuidanceProtection of digital assets 6

Staff Regulatory GuidanceProtection of digital assets

  • Purpose of security controls -Control intent added to Appendices B and C
  • Reducing or eliminating attack surfaces and attack pathwaysEffectiveness of security measures
  • Cyber security metrics

-What is being measured?

-Why is it being measured?

-What do the metrics mean?

7 KStaff Regulatory Guidance 8The Big PictureSSEP functionsCDACDACDACDAsSecurity ControlsKnowledge of Attack Surfacesand PathwaysPerformApplied ToContinuously Monitored for EffectivenessCyber Security Plan Other Changes

  • Defensive Architecture
  • Glossary*References
  • Appendix A (CSP template)

-only editorial changes 9 Appendices B & C (security controls) 10 DG-5061NEI 08-09Rationale for change/differenceB.1.9Previous Logon NotificationRemoved controlIntent covered in covered in logging/audit controlsB.1.11 Supervision and Review

-Access ControlRemoved controlIntent covered in covered in logging/audit controlsB.1.14 Automated LabelingRemoved controlRemoved controlIntent is covered in C.1.3 Media Labeling/MarkingB.3.5 Resource PriorityRemoved controlRemoved control Anysafety requirements for resource priority would have precedence. This control is usually applicable in the design phase of a digital device.B.3.19 Thin NodesRemoved controlRemoved controlThis control would becovered inthe B.5.1 Removal of Unnecessary Services and Programs. B.3.20Heterogeneity/DiversityRemoved controlDifferentdepending on safety or security context.B.3.21Fail in a known stateRemoved controlImportantfor security Tentative Schedule

  • Public Comment Period

-60 days*Comments Resolution

-late 2018*Publication of RG 5.71 rev 1

-early 2019 11 Questions 12

Retrieved from "https://kanterella.com/w/index.php?title=ML18227A182&oldid=1641848"