← Frameworks / Nuclear Regulation

10 CFR 73.54 Protection of Digital Computer and Communication Systems and Networks

US Nuclear Regulatory Commission mandatory cybersecurity regulation for nuclear power plants and fuel cycle facilities. Requires protection of Critical Digital Assets (CDAs) associated with safety, security, and emergency preparedness functions from cyber attacks up to and including the Design Basis Threat. Implements defense-in-depth through a 5-level security architecture per NRC Regulatory Guide 5.71. Covers technical, operational, and management controls with NRC-approved Cyber Security Plans, ongoing assessment, and integration with physical protection programs.

Clauses: 18

Avg Coverage: 75.1%

Publisher: U.S. Nuclear Regulatory Commission (NRC) Version: 2009 (RG 5.71: 2010)

10 CFR 73.54 → SP 800-53 SP 800-53 → 10 CFR 73.54 Coverage Analysis

Clause	Title	SP 800-53 Controls
73.54(a)	Scope and Applicability	PM-01 PM-07 PM-11 RA-02
73.54(b)	Cyber Security Plan	PL-01 PL-02 PM-01 PM-02 PM-03 PM-09
73.54(c)(1)	Protection of Critical Digital Assets	SC-07 AC-03 AC-04 SC-28 SC-32
73.54(c)(2)	Defense-in-Depth Protective Strategies	SC-07 SC-32 AC-04 SC-46 PL-08
73.54(d)	Ongoing Assessment and Program Review	CA-07 PM-06 PM-14 PM-15 RA-07
RG5.71-A-AC	Technical Controls - Access Control	AC-02 AC-03 AC-05 AC-06 AC-07 AC-17 IA-02 IA-03 IA-05 IA-08
RG5.71-A-AU	Technical Controls - Audit and Accountability	AU-02 AU-03 AU-04 AU-05 AU-06 AU-08 AU-09 AU-12 SI-04
RG5.71-A-SC	Technical Controls - System and Communications Protection	SC-07 SC-08 SC-12 SC-13 SC-23 SC-28 SC-32 SC-45 SC-46
RG5.71-A-SI	Technical Controls - System and Information Integrity	SI-02 SI-03 SI-04 SI-07 SI-16 CM-14
RG5.71-B-CM	Operational Controls - Configuration Management	CM-02 CM-03 CM-04 CM-05 CM-06 CM-07 CM-08 RA-05
RG5.71-B-CP	Operational Controls - Contingency Planning	CP-01 CP-02 CP-04 CP-09 CP-10 IR-01 IR-02 IR-04 IR-06
RG5.71-B-MA	Operational Controls - Maintenance	MA-01 MA-02 MA-03 MA-04 MA-05 MA-06 MP-02 MP-04 MP-06 MP-07
RG5.71-B-PE	Operational Controls - Physical and Environmental Protection	PE-01 PE-02 PE-03 PE-04 PE-06 PE-08 PE-09 PE-11 PE-13 PE-14 PE-15
RG5.71-C-AT	Management Controls - Awareness and Training	AT-01 AT-02 AT-03 AT-04 PM-13 PM-14
RG5.71-C-CA	Management Controls - Security Assessment and Authorization	CA-01 CA-02 CA-05 CA-06 CA-07 CA-08 PM-14
RG5.71-C-PL	Management Controls - Planning and Risk Assessment	PL-01 PL-02 PL-08 RA-01 RA-02 RA-03 RA-05 RA-07 RA-09 CA-02 CA-06
RG5.71-C-PS	Management Controls - Personnel Security	PS-01 PS-02 PS-03 PS-04 PS-05 PS-06 PS-07 PS-08
RG5.71-C-SR	Management Controls - Supply Chain	SR-01 SR-02 SR-03 SR-05 SR-06 SR-11 SA-04 SA-09 CM-14