Development, Distribution and Maintenance of Application Security Controls For Nuclear

[+] Author and Article Information
Karl Waedt

AREVA GmbH, Henri-Dunant-Strasse 50, 91058 Erlangen, Germany

Yongjian Ding

University of Applied Sciences Magdeburg-Stendal, Magdeburg, Germany

Antonio Ciriello

AREVA GmbH, Henri-Dunant-Strasse 50, 91058 Erlangen, Germany

Xinxin Lou

AREVA GmbH, Henri-Dunant-Strasse 50, 91058 Erlangen, Germany

1Corresponding author.

ASME doi:10.1115/1.4039970 History: Received October 29, 2017; Revised April 05, 2018


The generic concept of Security Controls, as initially deployed in the information security domain, is gradually used in other business domains, including industrial security for critical infrastructure and cybersecurity of nuclear safety I&C. A Security Control, or less formally, a security countermeasure can be any organizational, technical or administrative measure that helps in reducing the risk imposed by a cybersecurity threat. In order to facilitate and formalize the process of developing, precisely describing, distributing and maintaining more complex security controls, the Application Security Controls (ASC) concept is introduced by the new ISO/IEC 27034 multipart standard. An ASC is an extensible semi-formal representation of a security control (e.g. XML or JSON-based), which contains a set of mandatory and optional parts as well as possible links to other ASCs.

Copyright (c) 2018 by ASME
Your Session has timed out. Please sign back in to continue.






Some tools below are only available to our subscribers or users with an online account.

Related Content

Customize your page view by dragging and repositioning the boxes below.

Related Journal Articles
Related eBook Content
Topic Collections

Sorry! You do not have access to this content. For assistance or to subscribe, please contact us:

  • TELEPHONE: 1-800-843-2763 (Toll-free in the USA)
  • EMAIL: asmedigitalcollection@asme.org
Sign In