The Synergy Between Cyber and Nuclear Security. Case Study of Moldova
- 33 Downloads
Cyber security is recognized as an intrinsic part of the nuclear security due to the numerous embedded computers used in the civil nuclear domain in systems such as physical security, industrial control systems or material accountancy databases. In present these domains have developed however separate regulatory frameworks. This has led to the situation where the cybersecurity related assessment for the nuclear and radiological (NR) has become an additional function of the regulatory authorities in the NR domain. This is also the case of Republic of Moldova.
We will discuss in this paper the regulation which specifies the minimum cyber security requirements across the public institutions , which includes as well civil NR operators. We will reflect the current state of cyber security in the nuclear and radiological domain from the legislative and technical perspective. We believe the approval of these requirements will lead to an increased level of cyber security at a national level, as well as will facilitate the NR regulation process in terms of cyber security aspects. The minimum cyber security requirements will also provide clear technical guidance for all entities, including the ones from the nuclear and radiological domain, in order to apply these controls within their infrastructure. In addition, the document contains requirements for security testing, design basis threat and inclusion of cyber security requirements in all processes in the organization. We will also refer to the approved Regulation on Physical Security on Nuclear and Radiological Activity , which takes into account the increasing cyber security role upon designing, maintenance, inspection and authorization processes of a physical security system for the NR operators.
KeywordsMoldovan regulatory framework Minimum cyber security requirements Nuclear security
- 1.Government Decision no. 201 from 28.03.2017 - On minimum-security requirements for ensuring cyber security of IT systems, hardware and software. Official Monitor of the Republic of Moldova no. 109–118 from 07.04.2017Google Scholar
- 2.Government Decision no. 1268 from 23.11.2016 - On Regulation on physical security on nuclear and radiological activity. Official Monitor of the Republic of Moldova no. 415, 29 November 2016Google Scholar
- 3.IAEA NSS no. 13: Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Revision 5), Vienna (2011)Google Scholar
- 4.Buzdugan A (2016) Role of Cyber Security along with Nuclear and Radiological Safety in Medicine. Book of Abstracts. 3-rd International Conference of Health Technology Management. Ed. in Chief Victor Sontea, Chisinau, Pontos (Europress), p. 102. ISBN 978-9975-51-774-4Google Scholar
- 5.Government Decision no. 811 from 29.10.2015 – On National Cyber Security Program of Republic of Moldova for 2016–2020, Official Monitor of the Republic of Moldova, no. 306–310 from 13.11.2015Google Scholar
- 6.Establishment of the cyber security laboratory, Chisinau, Moldova (2016), http://cts.md/ro/noutate/s-lansat-primul-laborator-de-cercetare-si-instruire-domeniul-securitatii-cibernetice
- 7.Law no 299 from 21.12.2017 – On information security concept. Official Monitor of the Republic of Moldova, no. 48–57 from 16.02.2018Google Scholar
- 8.Law no. 132 from 08 June 2012 (update on 2016 & 2017) – On safe deployment of nuclear and radiological activity. Official Monitor of the Republic of Moldova, no. 229–233 from 02.11.2012Google Scholar
- 9.IAEA NSS no. 17: Computer Security at Nuclear Facilities, Vienna (2011)Google Scholar
- 10.IAEA NSS no. 23-G: Security of Nuclear Information, Vienna (2015)Google Scholar
- 11.Order no. 402 of the Ministry of Economy and Infrastructure On the approval of internal cyber security policy (2017). http://mei.gov.md/ro/content/ordinul-nr402-din-28122017-cu-privire-la-aprobarea-politicii-interne-privind-securitatea-1