Research on Cybersecurity Regulatory Policies and Standards for Nuclear Power Instrumentation and Control Systems
摘要
With the in-depth integration of enterprise operational technology and information technology, the instrumentation and control systems of nuclear power plants have been fully shifted from analog technology to digital technology, and digital instrumentation and control systems have been widely used in nuclear power plants around the world. With the development of global industrial digitization, networking and intelligence, the cybersecurity of instrumentation and control systems of nuclear power plants can’t be guaranteed using the traditional method based on physical isolation. Cyber attacks on instrumentation and control systems may cause the production process interruption and even nuclear safety incidents, thus attracting great attention from countries and organizations. To perform cybersecurity measures properly, nuclear power plants need to follow the relevant regulatory policies of the country in which they are located, and also refer to the relevant international and national standards. This paper analyzes cybersecurity regulatory policies of several nuclear power generation countries as well as relevant international standards of the International Electrotechnical Commission, especially the new regulatory policies and standards in recent years, and puts forward suggestions for the development of cybersecurity standards for nuclear power instrumentation and control systems in the future, so as to help upstream and downstream enterprises to effectively carry out cybersecurity measures during the whole lifecycle of instrumentation and control systems including design, construction, operation and maintenance stages.