Year
2017
Abstract
International nuclear safeguards are technical measures implemented by the International Atomic Energy Agency (IAEA) to verify the correctness and completeness of declarations made by States about their nuclear material activities. Based, in part, on information provided by safeguards equipment, the IAEA relies on the integrity of the information to make accurate conclusions. Most safeguards equipment contains digital systems that collect, process, analyze, store and transmit data. Despite increasing efforts to protect digital systems against unauthorized access and modification of information or equipment, cyber adversaries are becoming more sophisticated and more persistent. Cyber security is a challenging problem due to its breadth and complexity. We have chosen a framework that applies especially well to the equipment-based environment of safeguards. Specifically, we use the lifecycle of safeguards technology development (requirements, design, manufacture, test, review, authorize, deliver, use, decommission) as a framework to examine potential risks and preventive measures based on best practices to address cybersecurity challenges. This paper will explore how the lifecycle framework might be applied generally to safeguards technology to reduce risks from cyber attack.