Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber-security and IEC International Standards

Similar presentations


Presentation on theme: "Cyber-security and IEC International Standards"— Presentation transcript:

1 Cyber-security and IEC International Standards
Frans Vreeswijk IEC General Secretary & CEO IAEA Conference 1 June 2015 Vienna, Austrîa

2 digital dependence – increased vulnerability
Ladies and Gentlemen, Our dependency on computers, digital information collection and data transmission systems is growing daily. And while malicious acts in cyber space are deeply annoying at the level of the individual, the exploitation of cyber vulnerabilities of infrastructure systems is becoming an increasing threat to our overall security.

3 Nuclear energy production plants rely on computer networks for most internal processes. Many plants are connected to external networks and increasingly sophisticated malware can target such systems. Recent events have raised global concerns of cyber-attacks and the impact they could have on nuclear security. Cyber threats are fundamentally different to other safety hazards. While safety concepts are based on the probabilities of random failure, security concepts must assume that an informed actor intentionally tampers with digital systems.

4 IEC International Standards
Standards are a fundamental ally in assessing and managing risks and can significantly help increase the safety and security of nuclear environments. IEC safety publications provide specific directives related to nuclear energy facilities with an all-encompassing approach to risk assessment, safety and security.

5 scope of the IEC Energy generation and the millions of devices and systems that use or produce electricity and contain electronics. Interoperability, safety, security, performance, EMC and more. The IEC is one of the three global Standards bodies. We publish the large majority of the technical rules that guide the design, manufacturing, installation, overhaul and end-of-life management of the millions of devices and systems that produce or use electricity and contain electronics. IEC work covers topics such as interoperability, safety, security and much more. IEC International Standards are voluntary, consensus based and developed according to the criteria laid down by the World Trade Organization.

6 global reach: 166 countries
98% of world population 96% of energy generation The IEC brings together 166 countries that represent 98% of global population and 96% of energy generation. Nearly all countries in the world accept products built according to IEC International Standards.

7 IEC + IAEA The IEC works closely with IAEA since nearly four decades. Experts from both organizations collaborate on joint Safety Standards. They enjoy observer status in each organization. since 1977

8 electric, electronic devices & techniques
IEC International Standards cover the majority of electric and electronic instrumentation, equipment and systems used in the nuclear industry. IEC scope of work also includes emerging electronic techniques in information processing and control, including artificial intelligence. In mid-2014, the IEC has published the first International Standard that establishes the requirements for security programmes for information and communication digital systems used in nuclear power plants. And IEC and IAEA Division of Nuclear Security have agreed to further develop the collaboration on security related activities.

9 new and revised IEC Standards
The IEC is now in the process of revising one of its Standards to take into account the fast-evolving nature of the cybersecurity landscape, in terms of threats, practices and regulatory frameworks. Furthermore, a new, soon to be published IEC International Standard will help coordinate the safety and cyber security provisions for information and communication digital systems and architecture.

10 generic to specialized
ISO ITU IAEA In this context it is important to note, that the IEC never works in isolation. In addition to its close collaboration with IAEA, the IEC also actively coordinates pertinent work with ISO and ITU. The IEC has several active liaisons with relevant technical committees. The aim is to avoid duplicative work and take advantage wherever possible of existing know-how. For example, the IEC helps complement existing generic safety and security Standards to bring them to the high level of safety and regulatory requirements in nuclear environments. As a general rule, whenever new work on an International Standard is started, the IEC makes certain that relevant know-how in existing Standards is taken in to account. For example, the IEC has close working liaisons with ISO/IEC JTC1 SC 27, which prepares generic cyber-security Standards. This approach is an integral part of the ISO/IEC Directives and helps increase the coherence of International Standards. It also helps reduce technical barriers to trade in line with the WTO TBT agreement.

11 maintain universal safety and security terminology
The IEC also helps maintain consistency between IAEA and IEC documents by reviewing and commenting drafts of IAEA safety and security documents, and by enforcing the consistent use of a unique safety and security terminology by both organizations. An additional benefit of this approach is that it helps the IEC to identify detailed technical aspects for new work it should cover.

12 Cyber-security and IEC International Standards
Ladies and Gentlemen. I believe this international conference will play a crucial role in reviewing and identifying global expertise in cyber-security and will ultimately help strengthen the computer and overall security of the nuclear infrastructure. Frans Vreeswijk IEC General Secretary & CEO IAEA Conference 1 June 2015 Vienna, Austrîa


Download ppt "Cyber-security and IEC International Standards"

Similar presentations


Ads by Google