Speaker
Description
This paper presents first the regulatory framework of the United Arab Emirates (UAE) for Cyber Security at the nuclear power plant and secondly its implementation for the licence of Barakah Nuclear Power Plant (NPP). FANR, the nuclear regulator of the UAE in accordance with the Federal Law by Decree No. 6 of 2009 on Peaceful Uses of Nuclear Energy, has developed and maintained a regulation for Physical Protection of Nuclear Material and Nuclear Facilities [FANR-REG-08] to provide requirements to the licensee of a nuclear facility, including cyber security (Article 22). FANR established a regulatory guide for Cyber Security at Nuclear Facilities [FANR-RG-011] to provide guidance on the compliance of the regulation. This guidance was based on U.S. NRC Regulatory Guide 5.71, Cyber Security Programs for Nuclear Facilities and IAEA Nuclear Security Series No. 17, Computer Security at Nuclear Facilities. In addition to the previous documents, the licensee could follow the Nuclear Energy Institute (NEI) 08-09, Cyber Security Plan for Nuclear Power Reactors. In the integrated (safety and nuclear security) licence process for operation of Unit 1 of Barakah NPP, Emirates Nuclear Energy Corporation (ENEC), submitted a Final Safety Analysis Report (FSAR), which contains a Chapter 20 on Physical Protection. This official unrestricted chapter referred to the Physical Protection Plan for Operation (PPP-O), which includes cyber-security. From 2015, ENEC developed the Cyber Security Program Manual (CSPM) and FANR reviewed it providing to ENEC more than 50 Request for Additional Information (RAIs). FANR wrote and finalized the Security Evaluation Report (SER) for the PPP-O, which has a part on cyber security. Moreover, ENEC established an implementation plan based on US NRC Cyber Security Milestones. FANR checked the implementation of the CSPM through inspections. The first inspection was conducted in Westinghouse office in USA in November 2016 to verify the system with protection implemented of cyber threat before its delivery at Barakah NPP. The second inspection was, on site, to verify the implemented part of cyber security (October 2017) and the third inspection was not completed because ENEC has delayed some worked to be done (March 2019). In final, to verify that the CSPM was correctly implemented as design, an inspection was performed in June 2019. All the findings were closed before the end of the 2019. FANR has reasonable insurance that the cyber security was implemented in Unit 1 of Barakah NPP as developed in the CSPM. As a result, the licence of operation of Unit 1 of Barakah NPP was issued in the beginning of 2020.
| State | United Arab Emirates |
|---|---|
| Gender | Female |
