← Frameworks / Nuclear Guidance

IAEA Nuclear Security Series No. 17-T Rev.1 Computer Security at Nuclear Facilities

International guidance for computer security at nuclear facilities published by the International Atomic Energy Agency. 14 sections covering computer security management, risk management, defense-in-depth (5 security levels), identification and authentication, access control, system integrity, audit and monitoring, communication security, supply chain security, incident response, contingency planning, personnel security, physical security integration, and assessment and testing. Provides framework for protecting instrumentation and control (I&C) systems including safety-critical systems. Applied globally through national regulatory implementations.

Clauses: 14

Avg Coverage: 76.6%

Publisher: International Atomic Energy Agency (IAEA) Version: Rev.1 (2023)

IAEA NSS 17-T → SP 800-53 SP 800-53 → IAEA NSS 17-T Coverage Analysis

Clause	Title	SP 800-53 Controls
Sec 3	Computer Security Management	PM-01 PM-02 PM-03 PM-09 PM-10 PL-01 PL-02
Sec 4	Risk Management	RA-01 RA-02 RA-03 RA-05 RA-07 RA-09 PM-09
Sec 5.1	Defense-in-Depth	SC-07 SC-32 AC-04 PL-08 SC-46 SA-08
Sec 5.2	Identification and Authentication	IA-02 IA-03 IA-04 IA-05 IA-08 AC-02
Sec 5.3	Access Control	AC-02 AC-03 AC-05 AC-06 AC-07 AC-17 AC-20
Sec 5.4	System Integrity	CM-02 CM-03 CM-06 CM-07 SI-02 SI-03 SI-07 CM-14
Sec 5.5	Audit and Monitoring	AU-02 AU-03 AU-06 AU-09 SI-04 CA-07 SC-48
Sec 5.6	Communication Security	SC-08 SC-12 SC-13 SC-23 SC-07 AC-04
Sec 6	Supply Chain Security	SR-01 SR-02 SR-03 SR-05 SR-06 SR-09 SR-10 SR-11 SA-04
Sec 7	Incident Response	IR-01 IR-02 IR-04 IR-05 IR-06 IR-08
Sec 8	Contingency Planning	CP-01 CP-02 CP-04 CP-06 CP-09 CP-10 SC-24
Sec 9	Personnel Security	PS-01 PS-02 PS-03 PS-04 PS-06 PS-07 AT-01 AT-02 AT-03 AT-04
Sec 10	Physical Security Integration	PE-01 PE-02 PE-03 PE-06 PE-08
Sec 11	Assessment and Testing	CA-01 CA-02 CA-05 CA-07 CA-08 PM-14