In the summer of 2016, the International Atomic Energy Agency (IAEA) launched a Coordinated Research Project (CRP) on Enhancing Computer Security Incident Analysis at Nuclear Facilities (J02008). The primary objective of this CRP was to improved computer security capabilities at nuclear facilities to support the prevention and detection of, and response to, computer security incidents that have the potential to either directly or indirectly adversely affect nuclear safety and nuclear security. The secondary objective was to establish an international community of experts to facilitate the exchange of good practices in the field of computer security incident response at nuclear facilities. [a] The fields of nuclear security and nuclear nonproliferation have a long history of multinational problem solving. The field of cyber security has not enjoyed this same history as meaningful collaboration in this field requires disclosure of vulnerabilities and weaknesses. Add to this geo-political conflict in the cyber domain at the nation state level and bringing together nations to work collaborative on this type of project was sure to experience a unique set of challenges.
This paper describes the confidence building processes that occurred over the course of the past three years between the CRP participants from the countries of: Argentina, Brazil, Canada, China, Germany, Ghana, Hungary, Mexico, Pakistan, Poland, Republic of Korea, and the United States of America. Our findings illustrate a few interesting processes where well-resourced cyber-capable nations have to adjust their approach to accommodate nations still growing their capabilities. We observed how contributions from narrowly focused research teams could be incorporated into a testbed while broad frameworks could be constrained to allow for varying levels of model fidelity. We feel the most significant observations are of how relationships were formed and developed to allow for meaningful multicultural exchange. We hope that our findings will help future nuclear-cyber projects to structure themselves in such a way as to decrease the time it takes for parties to trust each other and thus bring the joint-research capability to fruition in short time.