In a letter to the Nuclear Regulatory Commission (NRC), USACM advocates for stronger cybersecurity in power plants across the nation. The letter points out the critical role of computer-controlled safety systems in today’s power plants and the importance of securing these systems:
“In seeking to update the almost decade-old guidance you recognize that protecting computer systems is a crucial component of securing our nation’s critical infrastructure. Taking proactive, standards-based steps toward securing computer systems is a necessary and worthwhile process – one long advocated by cybersecurity experts and USACM.”
Late last year, the NRC proposed a draft regulatory guide that would establish voluntary standards for the use of computers in safety systems of nuclear power plants and asked for public comment. The guide spells out its broad goals:
The draft proposal mentions that the standards are based on accepted IEEE standards; however, there is some contention as reported by SecurityFocus , as industry argued the proposal was overly regulatory in comments before the Commission:
“The NRC tries to promote the use of digital technology in the nuclear power industry on the one hand, but then over-prescribes what is needed when a digital safety system is proposed,” wrote company president William Petrick, in comments filed with the commission.”
USACM’s letter takes a different tack noting that the goals of this guidance are worthy and that the NRC should look toward making the practices mandatory.