By Topic

Security design of remote maintenance system for nuclear power plants based on ISO/IEC 15408

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Watabe, R. ; Mitsubishi Electr. Corp., Hyogo ; Oi, T. ; Endo, Y.

As a method to reduce periodic inspection time and mean recovery time on fault occurrence, remote maintenance systems for nuclear power plants (NPPs) are proposed, which augment efficiencies in maintenance operations for the plants by surveying them remotely and achieving collaborations between on-site operators and remote plant designers and expert operators. In particular, with the spread of Internet technology and Internet security protection technology in recent years, there is a tendency to build remote maintenance systems using the Internet without dedicated communication lines. However, the biggest concern of customers such as electric power companies is security. It is highly necessary to give assurance of the security of remote maintenance systems coherently and consistently in order to introduce such systems based on Internet technology into NPPs. However, there exist various ways of thinking about security. Furthermore, there has not been a general agreement on how to give assurance of the security of remote maintenance systems for NPPs. So we have applied ISO/IEC 15408 to remote maintenance systems for NPPs. It is used to evaluate the security level of IT products and systems. Based on ISO/IEC 15408, we have listed assets to be protected, threats to the assets, security objectives against the threats, and security functional requirements that achieve the security objectives. Also, we have shown relations between the threats and the security objectives, and relations between the security objectives and the security functional requirements. As a result, we have concretized a necessary and sufficient security design of remote maintenance systems for NPPs that can protect the instrumentation and control (I&C) system against intrusion, impersonation, tapping, obstruction and destruction. In this paper, we describe the background of the remote maintenance systems for NPPs, a summary of the systems, and its security design based on ISO/IEC 15408.

Published in:

SICE, 2007 Annual Conference

Date of Conference:

17-20 Sept. 2007