ANS is committed to advancing, fostering, and promoting the development and application of nuclear sciences and technologies to benefit society.
Explore the many uses for nuclear science and its impact on energy, the environment, healthcare, food, and more.
Explore membership for yourself or for your organization.
Conference Spotlight
2026 ANS Annual Conference
May 31–June 3, 2026
Denver, CO|Sheraton Denver
Latest Magazine Issues
Feb 2026
Jul 2025
Latest Journal Issues
Nuclear Science and Engineering
March 2026
Nuclear Technology
February 2026
Fusion Science and Technology
January 2026
Latest News
Mirion announces appointments
Mirion Technologies has announced three senior leadership appointments designed to support its global nuclear and medical businesses while advancing a company-wide digital and AI strategy. The leadership changes come as Mirion seeks to advance innovation and maintain strong performance in nuclear energy, radiation safety, and medical applications.
Michael T. Rowland, Raja Abdul Raja Adnan, J. Scott Purvis, (IAEA)
Proceedings | Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technolgies (NPIC&HMIT 2019) | Orlando, FL, February 9-14, 2019 | Pages 1649-1658
Computer security (or Cyber Security) of I&C systems (i.e. sensitive digital assets) at nuclear facilities is of increasing importance based upon the adoption of cyber-attacks as a key component of a potential adversary’s Tactics, Techniques and Procedures (TTPs). This new capability (i.e. to launch cyber-attacks) demands that operators of nuclear facilities put in place a programme and measures ensure protection of I&C systems. However, given that resources and time are limited, operators need to apply their limited resources in a manner that maximizes the security benefit. The International Atomic Energy Agency (IAEA) recognizes the need for efficient and effective approaches to security. IAEA Nuclear Security Series (NSS) Fundamentals NSS 20 [1], Essential Element 9: Use of Risk Informed Approaches states “A nuclear security regime uses risk informed approaches, including in the allocation of resources for nuclear security systems and nuclear security measures and in the conduct of nuclear security related activities that are based on a graded approach and defence in depth.” For computer security, the IAEA defines the concepts of computer security levels and computer security zones in NSS 17 [2]. Computer security levels exist as a requirements specification that details the constraints and conditions imposed that must be met to ensure that appropriate protection is provided to sensitive digital assets. Each individual computer security level will require a graded level of effort (i.e. allocated resources), level of confidence in measures, and a level of adherence to requirements (or procedures) when conducting activities that may affect computer security. Computer security zones have logical and/or physical boundaries for which a common set of requirements (i.e. computer security level) are imposed or applied. Computer security zones exist and consists of boundaries, devices and measures that are observable and/or measurable. The arrangement of computer security zones within a defensive computer security architecture ensure that defence-in-depth is achieved. The purpose of this paper is to provide an overview of IAEA guidance on the application of a graded approach and defence in depth to computer security at nuclear facilities. The paper will also discuss the concepts of computer security levels and zones as found in IAEA Nuclear Security Series (NSS) publications on computer security.
