January-February 2019 NPJ

28 NuclearPlantJournal.com Nuclear Plant Journal, January-February 2019 them define the most appropriate life extension strategy and to make them benefit from our technology and long experience in this field. 5. How has Rolls-Royce approached the cyber security challenges in its digital systems, worldwide? Rolls-Royce I&C follows a strict computer and information security program based on general and nuclear specific norms, the Rolls-Royce Group processes and state-of-the-art technologies. Our digital safety I&C technology, Spinline ® , has been designed specifically for nuclear applications and features a secure development and operational environment that provides protection against unauthorized modifications and implements design requirements promoting integrity and reliability during design, operation and m¬aintenance. Rolls-Royce development environ- ment is protected, thanks to general secu- rity principles:  Physical and environmental security: physical access restrictions and monitoring.  Human resource security: employees and contractors references are checked and NDAs must be signed.  IT systems access control: uses of networks, applications and IT systems are restricted and monitored. Spinline ® specific procedures are in place during development, tests and installation:  Software life cycle processes in place to prevent & detect unauthorized modifications: strict design control process; configuration management systemwith traceability; independent V&V and testing.  Spinline ® software does not include unwanted functions: proprietary Operational System Software (OSS) performs only limited functions; the specific application software cannot modify the OSS; the communication network is a Rolls-Royce proprietary “NERVIA” network.  Integrity of Spinline ® code is checked upon initialization and each processing cycle: software loaded on flash memory; checksum regularly verified.  Spinline ® hardware incorporates failure detection & has a proven high reliability record. During operations, test and maintenance, specific procedures are also implemented:  Production code alteration requires physical access and removing the main processor board from its rack, which is limited by administrative control, moreover open cabinet door causes an alarm.  There is no way for remote access to a Spinline System: Nervia protocol does not allow dynamic modification; adding a machine to modify data or remove one node is immediately detected; one way communication to external system is implemented with hardware.  Only local access is available for maintenance and testing of a Spinline system: physical access is required; allowed actions are pre-defined and limited. Rolls-Royce I&C Computer and Information Security program is based on ISO 27001, 27002 and nuclear specific guides such as IEC 62645, 62859, IAEA NSS-17 and NRC RG 1.152. We closely monitor compliance with US regulatory requirements and associated compliance for both licensing and cyber security. Moreover, continuous training programs are in place to increase the expertise and number of our specialists to be able to provide a specific approach adapted to our customers.In addition we can provide Hardline based Diverse systems, based on discrete non- programmed components. In summary Rolls-Royce has proven experience in the successful, cost effective delivery of digital I&C equipment, safety and non-safety related, to a variety of customers and plant types on a global basis. The operating experience associated with our safety systems has shown no failure on demand for the operating equipment. With more than 850 operating systems in 150 nuclear units, Rolls-Royce has the largest global operating installed digital I&C base with the long term commitment to support those installations. Contact: Romain Desgeorge, Rolls- Royce, email: Romain.Desgeorge.cn@ rolls-royce.com or Bill Rosko, Rolls- Royce, email: William.Rosko@rolls- royce.com . Neutron Flux Monitoring System based on Spinline ® digital technology. Successful Global... ( Continued from page 27)