0
research-article

THE NEED FOR INTEGRATED CYBERSECURITY AND SAFETY TRAINING

[+] Author and Article Information
Deeksha Gupta

AREVA GmbH, Henri-Dunant-Strasse 50, 91058 Erlangen, Germany
deeksha.gupta@areva.com

Edita Bajramovic

AREVA GmbH, Henri-Dunant-Strasse 50, 91058 Erlangen, Germany
edita.bajramovic@areva.com

Holger Hoppe

AREVA GmbH, Henri-Dunant-Strasse 50, 91058 Erlangen, Germany
holger.hoppe@areva.com

Antonio Ciriello

AREVA GmbH, Henri-Dunant-Strasse 50, 91058 Erlangen, Germany
antonio.ciriello@areva.com

1Corresponding author.

ASME doi:10.1115/1.4040372 History: Received October 30, 2017; Revised April 23, 2018

Abstract

Companies involved in the nuclear domain, like component and platform manufacturers, have well established yearly trainings on Nuclear Safety Culture. These trainings are typically covered as part of the annual quality assurance-related refresher trainings, introductory courses for new employees. Gradually, security awareness trainings are also addressed on a regular basis, typically with a focus on IT, test bay or construction site work environment, and privacy-related topics. Due to emerging national nuclear regulation, steadily but surely, specialized cybersecurity trainings are foreseen for integrator and utilities. Beyond these safety, physical security and cybersecurity specific trainings, there is a need to address the joint part of these disciplines, starting from the planning phase of a new NPP. The engineers working on safety, physical protection and cybersecurity, must be aware of these interrelations to jointly elaborate a robust I&C architecture and a resilient security architecture. This paper provides more in-depth justification of when and where additional training is needed, due to the ubiquitous deployment of digital technology in new NPPs. Additionally, for existing NPPs, the benefits of conveying knowledge by training on specific interfaces between the involved disciplines, will be discussed. Furthermore, the paper will address the need of focused training of management stakeholders, as eventually, they must agree on the residual risk. The decision-makers are in charge of facilitating the inter-disciplinary cooperation in parallel to the allocation of resources, e.g. on security certifications of products, extended modeling-based safety and security analyses and security testing coverage.

Copyright (c) 2018 by ASME
Your Session has timed out. Please sign back in to continue.

References

Figures

Tables

Errata

Discussions

Some tools below are only available to our subscribers or users with an online account.

Related Content

Customize your page view by dragging and repositioning the boxes below.

Related Journal Articles
Related eBook Content
Topic Collections

Sorry! You do not have access to this content. For assistance or to subscribe, please contact us:

  • TELEPHONE: 1-800-843-2763 (Toll-free in the USA)
  • EMAIL: asmedigitalcollection@asme.org
Sign In