NRE 8011/8012 Seminar

Title:

IAEA Cybersecurity Concepts and Guidance: Impact and Contributions to AR Regulations

Speaker:

Mr. Michael Rowland

Affiliation:

Sandia National Laboratories

When:

Thursday, January 18, 2024 at 11:00:00 AM   

Where:

Boggs Building, Room 3-47

Host:

Fan Zhang
fan.zhang@me.gatech.edu

Abstract

The International Atomic Energy Agency undertakes effort to develop international consensus publications to support the effective Nuclear Security for nuclear facilities (e.g., Research Reactors, Nuclear Power Plants). Currently, the IAEA has three such publications on cybersecurity. IAEA NSSS 17-T Computer Security Techniques at Nuclear Facilities, IAEA NSS 33-T Computer Security of Instrumentation and Control Systems at Nuclear Facilities, and IAEA NSS 42-G Computer Security for Nuclear Security. This seminar identifies and summarizes key insights and concepts for cybersecurity at Nuclear Facilities, such as security levels, security zones, and defensive cybersecurity architecture (DCSA) and how these concepts have informed adoption of performance-based approaches for regulations in Canada, Europe, and the United States of America.


Biography

Michael Rowland is a principal member of the technical staff at Sandia National Laboratories with a focus on Cyber Security He is currently working on cybersecurity research projects focused on cybersecurity for other radioactive material and associated facilities. Specifically, defensive cybersecurity architecture, modelling and simulation of physical protection systems, and cybersecurity assessments of associated facilities. He has led development of an upcoming International Electrotechnical Commission (IEC) technical report on cyber risk management for nuclear power plants, as well as supported IEC (i.e., 62645, 63096), Canadian Standards Association (N290.7:21), and US NRC standards and guidance on cybersecurity for existing fleet and advanced reactors. During his time as at the International Atomic Energy Agency (IAEA), he was a key author of key IAEA international consensus publications on computer security. He also led the first 2 years of the IAEA Coordinated Research Project (CRP)J02008 on Computer Security Incident Response, involving 18 research institutions from 13 countries. Also, during his time at Ontario Power Generation (OPG), he aided in the development of their first cyber security programme through development of several innovations with respect to technical vulnerability management of nuclear safety systems/operational technology (OT). Mr. Rowland is a Certified Information Systems Security Professional (CISSP), Professional Engineer and obtained his Bachelor’s of Engineering (Electrical) from Ryerson University in Toronto, Canada and Masters of Information Security from Royal Holloway, University of London.

Notes

Meet the speaker