IEC Secretary General and CEO Frans Vreeswijk took part in the International Conference on Computer Security in a Nuclear World organized by the International Atomic Energy Agency (IAEA) in Vienna (1-5 June).
This event was organized in cooperation with the International Criminal Police Organization (INTERPOL), the UN Interregional Crime and Justice Research Institute (UNICRI), the IEC and the International Telecommunication Union (ITU). A number of experts from IEC Technical Committee (TC) 45: Nuclear instrumentation, and its Subcommittees (SCs), were among the 650 experts that attended the conference.
Long-time involvement in cybersecurity
The IEC has been closely involved in the development of Standards for cybersecurity for years through its work in a SC of the Joint Technical Committee (JTC) it set up with the International Organization for Standardization (ISO).
ISO/IEC JTC 1 SC 27: IT security techniques, has prepared dozens of documents covering various aspects of IT security techniques, including the information security management system family of Standards.
From nuclear safety to cybersecurity
The IEC plays a central in the development of International Standards for the safety and security of nuclear installations.
IEC TC 45 and its SCs prepare International Standards for the design, construction, performance, testing and calibration of radiation detection instrumentation for all applications. IEC TC 45 has published 35 International Standards as of June 2015.
The core domain of IEC SC 45A is instrumentation and control systems important for safety in nuclear energy generation facilities. As of June 2015, SC 45A has issued 77 publications. Nuclear power plants are among the most rigorously monitored installations and IEC International Standards play a central role for this.
IEC SC 45B (radiation protection instrumentation) develops International Standards for instrumentation used for illicit trafficking detection and identification of radionuclides, as well as radiation-based security screening. As of June 2015, SC 45B has issued 55 publications, six of them for illicit trafficking detection.
Mitigating risks from cyber-attacks on nuclear installations
Noting that International Standards previously developed by IEC/ISO JTC 1/SC 27 were “not directly applicable to the cyber protection of nuclear” computer-based systems “due to the specificities of these systems, including the regulatory and safety requirements inherent to nuclear facilities,” IEC SC 45A developed IEC 62645:2014, Nuclear power plants – Instrumentation and control systems – Requirements for security programmes for computer-based systems, to address these specificities. Read the full IEC article on the background to IEC 62645 here.
The fact that the Vienna conference was organized in cooperation with the IEC, with the participation of its Secretary General and CEO, and of a number of IEC experts is evidence of the unique role played by this organization in contributing to safer and more secure nuclear installations, not least by addressing new risks, such as cyber-attacks.