欢迎来到麦多课文档分享! | 帮助中心 海量文档,免费浏览,给你所需,享你所想!
麦多课文档分享
全部分类
  • 标准规范>
  • 教学课件>
  • 考试资料>
  • 办公文档>
  • 学术论文>
  • 行业资料>
  • 易语言源码>
  • ImageVerifierCode 换一换
    首页 麦多课文档分享 > 资源分类 > PDF文档下载
    分享到微信 分享到微博 分享到QQ空间

    CSA N290 7-2014 Cyber security for nuclear power plants and small reactor facilities (First Edition Errata Febraury 2015).pdf

    • 资源ID:621524       资源大小:1.30MB        全文页数:42页
    • 资源格式: PDF        下载积分:10000积分
    快捷下载 游客一键下载
    账号登录下载
    微信登录下载
    二维码
    微信扫一扫登录
    下载资源需要10000积分(如需开发票,请勿充值!)
    邮箱/手机:
    温馨提示:
    如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
    如需开发票,请勿充值!如填写123,账号就是123,密码也是123。
    支付方式: 支付宝扫码支付    微信扫码支付   
    验证码:   换一换

    加入VIP,交流精品资源
     
    账号:
    密码:
    验证码:   换一换
      忘记密码?
        
    友情提示
    2、PDF文件下载后,可能会被浏览器默认打开,此种情况可以点击浏览器菜单,保存网页到桌面,就可以正常下载了。
    3、本站不支持迅雷下载,请使用电脑自带的IE浏览器,或者360浏览器、谷歌浏览器下载即可。
    4、本站资源下载后的文档和图纸-无水印,预览文档经过压缩,下载后原文更清晰。
    5、试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。

    CSA N290 7-2014 Cyber security for nuclear power plants and small reactor facilities (First Edition Errata Febraury 2015).pdf

    1、REVISED FEBRUARY 2015N290.7-14Cyber security for nuclear power plants and small reactor facilitiesLegal Notice for StandardsCanadian Standards Association (operating as “CSA Group”) develops standards through a consensus standards development process approved by the Standards Council of Canada. This

    2、 process brings together volunteers representing varied viewpoints and interests to achieve consensus and develop a standard. Although CSA Group administers the process and establishes rules to promote fairness in achieving consensus, it does not independently test, evaluate, or verify the content o

    3、f standards.Disclaimer and exclusion of liabilityThis document is provided without any representations, warranties, or conditions of any kind, express or implied, including, without limitation, implied warranties or conditions concerning this documents fitness for a particular purpose or use, its me

    4、rchantability, or its non-infringement of any third partys intellectual property rights. CSA Group does not warrant the accuracy, completeness, or currency of any of the information published in this document. CSA Group makes no representations or warranties regarding this documents compliance with

    5、any applicable statute, rule, or regulation.IN NO EVENT SHALL CSA GROUP, ITS VOLUNTEERS, MEMBERS, SUBSIDIARIES, OR AFFILIATED COMPANIES, OR THEIR EMPLOYEES, DIRECTORS, OR OFFICERS, BE LIABLE FOR ANY DIRECT, INDIRECT, OR INCIDENTAL DAMAGES, INJURY, LOSS, COSTS, OR EXPENSES, HOWSOEVER CAUSED, INCLUDIN

    6、G BUT NOT LIMITED TO SPECIAL OR CONSEQUENTIAL DAMAGES, LOST REVENUE, BUSINESS INTERRUPTION, LOST OR DAMAGED DATA, OR ANY OTHER COMMERCIAL OR ECONOMIC LOSS, WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR ANY OTHER THEORY OF LIABILITY, ARISING OUT OF OR RESULTING FROM ACCESS TO OR POSSESSI

    7、ON OR USE OF THIS DOCUMENT, EVEN IF CSA GROUP HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, INJURY, LOSS, COSTS, OR EXPENSES.In publishing and making this document available, CSA Group is not undertaking to render professional or other services for or on behalf of any person or entity or to p

    8、erform any duty owed by any person or entity to another person or entity. The information in this document is directed to those who have the appropriate degree of experience to use and apply its contents, and CSA Group accepts no responsibility whatsoever arising in any way from any and all use of o

    9、r reliance on the information contained in this document.CSA Group is a private not-for-profit company that publishes voluntary standards and related documents. CSA Group has no power, nor does it undertake, to enforce compliance with the contents of the standards or other documents it publishes.Int

    10、ellectual property rights and ownershipAs between CSA Group and the users of this document (whether it be in printed or electronic form), CSA Group is the owner, or the authorized licensee, of all works contained herein that are protected by copyright, all trade-marks (except as otherwise noted to t

    11、he contrary), and all inventions and trade secrets that may be contained in this document, whether or not such inventions and trade secrets are protected by patents and applications for patents. Without limitation, the unauthorized use, modification, copying, or disclosure of this document may viola

    12、te laws that protect CSA Groups and/or others intellectual property and may give rise to a right in CSA Group and/or others to seek legal redress for such use, modification, copying, or disclosure. To the extent permitted by licence or by law, CSA Group reserves all intellectual property rights in t

    13、his document.Patent rightsAttention is drawn to the possibility that some of the elements of this standard may be the subject of patent rights. CSA Group shall not be held responsible for identifying any or all such patent rights. Users of this standard are expressly advised that determination of th

    14、e validity of any such patent rights is entirely their own responsibility.Authorized use of this documentThis document is being provided by CSA Group for informational and non-commercial use only. The user of this document is authorized to do only the following:If this document is in electronic form

    15、: load this document onto a computer for the sole purpose of reviewing it; search and browse this document; and print this document if it is in PDF format.Limited copies of this document in print or paper form may be distributed only to persons who are authorized by CSA Group to have such copies, an

    16、d only if this Legal Notice appears on each such copy.In addition, users may not and may not permit others to alter this document in any way or remove this Legal Notice from the attached standard; sell this document without authorization from CSA Group; or make an electronic copy of this document.If

    17、 you do not agree with any of the terms and conditions contained in this Legal Notice, you may not load or use this document or make any copies of the contents hereof, and if you do make such copies, you are required to destroy them immediately. Use of this document constitutes your acceptance of th

    18、e terms and conditions of this Legal Notice.Revision HistoryN290.7-14, Cyber security for nuclear power plants and small reactor facilitiesRevision Issued: Errata Febraury 2015 Revision symbol (in margin)Technical CommitteeStandards Update ServiceN290.7-14December 2014Title: Cyber security for nucle

    19、ar power plants and small reactor facilitiesTo register for e-mail notification about any updates to this publication go to shop.csa.ca click on CSA Update ServiceThe List ID that you will need to register for updates to this publication is 2422885.If you require assistance, please e-mail techsuppor

    20、tcsagroup.org or call 416-747-2233.Visit CSA Groups policy on privacy at csagroup.org/legal to find out how we protect your personal information.ISBN 978-1-77139-459-0 2014 CSA Group All rights reserved. No part of this publication may be reproduced in any form whatsoever without the prior permissio

    21、n of the publisher.Published in December 2014 by CSA Group A not-for-profit private sector organization 178 Rexdale Boulevard, Toronto, Ontario, Canada M9W 1R3 To purchase standards and related publications, visit our Online Store at shop.csa.caor call toll-free 1-800-463-6727 or 416-747-4044.TMA tr

    22、ade-mar k of the Canadian S tandards Association, operating as “CSA Group”Cyber security for nuclear power plants and small reactor facilitiesN290.7-14N290.7-14Cyber security for nuclear power plants and small reactor facilitiesDecember 2014 2014 CSA Group 1ContentsTechnical Committee on Reactor Con

    23、trol Systems, Safety Systems and Instrumentation for NPP (N290A) 3Subcommittee on Cyber security for Nuclear Power Plants and Small Reactor Facilities (N290.7) 6Preface 81 Scope 92 Reference publications 103 Definitions and abbreviations 103.1 Definitions 103.2 Abbreviations 134 Cyber security progr

    24、am 134.1 General requirements 134.2 Elements of the program 144.3 Establishing, implementing, reviewing, and maintaining the program 144.3.1 Establishing 144.3.2 Implementing 144.3.3 Reviewing and maintaining 144.4 Interface with other programs and processes 154.4.1 General 154.4.2 Interface with ph

    25、ysical security 164.4.3 Interface with personnel security 164.4.4 Interface with training 164.4.5 Interface with information protection 164.4.6 Interface with incident response 164.4.7 Interface with supply chain 164.4.8 Interface with new design and design modifications 164.4.9 Interface with opera

    26、tions and maintenance 174.4.10 Interface with information technology 174.4.11 Interface with corrective action process 175 Roles and responsibilities 175.1 General 175.1.1 Cyber security program roles 175.1.2 Cyber security program sponsor 175.1.3 Cyber security program owner 175.1.4 Cyber security

    27、program specialist 185.1.5 CEA owners 186 Identification and classification of CEAs 186.1 Assessment and identification 186.2 Classification 19N290.7-14Cyber security for nuclear power plants and small reactor facilitiesDecember 2014 2014 CSA Group 27 Cyber security architecture 208 Controls 218.1 A

    28、pplicability 218.2 Policies and procedures 228.3 Technical controls groups 238.3.1 Access control and account management 238.3.2 Event monitoring, event management, and audit 238.3.3 System and communications protection 238.3.4 Identification and authentication of users 248.3.5 System hardening 248.

    29、4 Operational controls group 248.4.1 Media and information protection 248.4.2 Personnel security and screening 248.4.3 System and information integrity 248.4.4 Maintenance 258.4.5 Physical protection 258.4.6 Incident response and recovery 258.4.7 Contingency and continuity planning 258.4.8 Awareness

    30、 and training 258.4.9 Change control and configuration management 268.5 Management controls groups 268.5.1 System and services acquisition 268.5.2 Security assessment and risk management 269 Lifecycle management 269.1 General 269.2 Secure development environment 269.3 Preliminary design 279.4 Detail

    31、ed design 279.5 Test/validation during development and commissioning 289.6 Installation 289.7 Supply chain 289.8 Operations and maintenance 289.8.1 General 289.8.2 Modification 289.8.3 Tools and development facilities 299.9 Decommissioning 29Annex A (informative) Definitions for cyber security contr

    32、ols 30N290.7-14Cyber security for nuclear power plants and small reactor facilitiesDecember 2014 2014 CSA Group 3Technical Committee on Reactor Control Systems, Safety Systems and Instrumentation for NPP (N290A)J. Grava CANTECH Associates Ltd., Owen Sound, Ontario Category: General InterestChairR.K.

    33、 Black TransCanada, Toronto, Ontario Category: Service IndustryVice-Chair B.J. Coulas Hatch Ltd., Mississauga, Ontario SecretaryB.D. Babcock North York, Ontario Category: General InterestM. Buckler Bruce Power, Tiverton, Ontario AssociateQ.B. Chou Canadian Power Utility Services Ltd (CPUS), Toronto,

    34、 Ontario Category: Service IndustryV. Chugh AMEC NSS, Toronto, Ontario Category: Service IndustryR. Clavero Ministry of Energy, Government of Ontario, Toronto, Ontario AssociateJ. Coady Bruce Power L.P., Tiverton, Ontario Category: Owner/Operator/ProducerC.J. Conway Atomic Energy of Canada Limited (

    35、AECL), Chalk River, Ontario Category: Owner/Operator/ProducerJ.M. Cuttler Cuttler however, it may provide more specific direction for those requirements.This Standard reflects the operating experience of the Canadian nuclear power industry.Users of this Standard are reminded that the design, manufac

    36、ture, construction, commissioning, operation, and decommissioning of nuclear facilities in Canada are subject to the provisions of the Nuclear Safety and Control Act and its supporting Regulations.This Standard has been prepared by the Technical Subcommittee on Cyber Security for Nuclear Power Plant

    37、s and Small Reactor Facilities under the jurisdiction of the Technical Committee on Reactor Control Systems, Safety Systems, and Instrumentation of Nuclear Power Plants and the Standards Steering Committee on Nuclear Standards, and has been approved by the Technical Committee.Notes: 1) Use of the si

    38、ngular does not exclude the plural (and vice versa) when the sense allows.2) Although the intended primary application of this Standard is stated in its Scope, it is important to note that it remains the responsibility of the users of the Standard to judge its suitability for their particular purpos

    39、e.3) This Standard was developed by consensus, which is defined by CSA Policy governing standardization Code of good practice for standardization as “substantial agreement. Consensus implies much more than a simple majority, but not necessarily unanimity”. It is consistent with this definition that

    40、a member may be included in the Technical Committee list and yet not be in full agreement with all clauses of this Standard.4) To submit a request for interpretation of this Standard, please send the following information to inquiriescsagroup.org and include “Request for interpretation” in the subje

    41、ct line: a) define the problem, making reference to the specific clause, and, where appropriate, include an illustrative sketch;b) provide an explanation of circumstances surrounding the actual field condition; andc) where possible, phrase the request in such a way that a specific “yes” or “no” answ

    42、er will address the issue. Committee interpretations are processed in accordance with the CSA Directives and guidelines governing standardization and are available on the Current Standards Activities page at standardsactivities.csa.ca.5) This Standard is subject to a review within five years from th

    43、e date of publication. Suggestions for its improvement will be referred to the appropriate committee. To submit a proposal for change, please send the following information to inquiriescsagroup.org and include “Proposal for change” in the subject line: a) Standard designation (number);b) relevant cl

    44、ause, table, and/or figure number;c) wording of the proposed change; andd) rationale for the change.N290.7-14Cyber security for nuclear power plants and small reactor facilitiesDecember 2014 2014 CSA Group 9N290.7-14Cyber security for nuclear power plants and small reactor facilities1 Scope1.1 This

    45、Standard covers the cyber security of new and existing nuclear power plants (NPPs) and small reactor facilities.Note: This Standard may provide guidance for nuclear facilities other than NPPs and small reactor facilities, using a graded approach.1.2 This Standard addresses cyber security at nuclear

    46、power plants and small reactor facilities for the following computer systems and components:a) systems important to nuclear safety;b) nuclear security;c) emergency preparedness;d) production reliability;e) safeguards; andf) auxiliary assets or systems which, if compromised, exploited, or failed, cou

    47、ld adversely impact Item (a), (b), (c), (d) or (e).1.3 This Standard pertains to the securing of essential computer systems and components against cyber attacks resulting in loss of availability, degradation or loss of ability to perform their intended function, compromise of their integrity, and lo

    48、ss of confidentiality of their information.1.4 This Standard does not apply to business systems (e.g., work management), and offline engineering systems (e.g., analytical, scientific, and design computer programs as per CSA N286.7).1.5 In this Standard, “shall” is used to express a requirement, i.e.

    49、, a provision that the user is obliged to satisfy in order to comply with the standard; “should” is used to express a recommendation or that which is advised but not required; and “may” is used to express an option or that which is permissible within the limits of the standard.Notes accompanying clauses do not include requirements or alternative requirements; the purpose of a note accompanying a clause is to separate from the text explanatory or informative material.Notes to tables and figures are considered part of the table or figure and may be written as r


    注意事项

    本文(CSA N290 7-2014 Cyber security for nuclear power plants and small reactor facilities (First Edition Errata Febraury 2015).pdf)为本站会员(孙刚)主动上传,麦多课文档分享仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文档分享(点击联系客服),我们立即给予删除!




    关于我们 - 网站声明 - 网站地图 - 资源地图 - 友情链接 - 网站客服 - 联系我们

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1 

    收起
    展开