Vienna : , : International Atomic Energy Agency, , 2023

©2022

9789201468222

9789201469229

1 online resource (133 pages)

Non-Serial Publication

Nuclear industry - Security measures

Nuclear facilities - Safety measures

Inglese

1. Introduction --   1.1. Background --   1.2. Objective --   1.3. Scope --   1.4. Structure -- 2. Supply chain management --   2.1. Supply relationships --   2.2. Nuclear material and facilities --   2.3. Other radioactive material --   2.4. Material out of regulatory control --   2.5. Computer security requirements based on products and services --   2.6. Risk treatment options --   2.7. Informed customer -- 3. Information and computer security essentials for the supply chain --   3.1. Policy --   3.2. Essential elements of computer security --   3.3. Risk management --     3.3.1. A State’s nuclear security regime --     3.3.2. Information security management systems --   3.4. Digital assets and security level identification -- 4. Supply chain attack surface --   4.1. Supply chain flow paths --   4.2. Relevant entities --   4.3. Supply chain touchpoints --   4.4. Attack types -- 5. Typical procurement process -- 6. Specify stage --   6.1. Needs identification --   6.2. Procurement planning (management of procurement stages) --   6.3. Defining acceptance criteria and methods

This publication by the International Atomic Energy Agency (IAEA) addresses the critical issue of computer security within the nuclear supply chain. The book emphasizes the importance of preventing, detecting, and responding to cyber threats that could compromise

nuclear facilities and operations. It provides detailed guidance on best practices for managing digital security risks, including design, development, testing, installation, operation, maintenance, and decommissioning of nuclear computer-based systems. The intended audience includes Member States, nuclear security professionals, and stakeholders in the nuclear industry.