Language selection


CNSC Cyber Security Program Implementation and Inspections at NPPs

Abstract of the technical presentation presented at:
U.S. Nuclear Regulatory Commission’s (NRC’s) Regulatory Information Conference (RIC) 2019
March 12, 2019

Prepared by:
Chul Hwan Jung
Canadian Nuclear Safety Commission


Cyber security is an evolving issue for key stakeholders of Nuclear Power Plants (NPPs) for the continued safe and secure operation of NPPs.

As Canada’s nuclear regulatory authority, the Canadian Nuclear Safety Commission (CNSC) is solely responsible for the oversight of cyber security in the Canadian nuclear industry. Therefore, in 2008, CNSC staff requested that Canadian NPPs conduct self-assessments of their cyber security procedures. Following these self-assessments, NPP licensees implemented a systematic cyber security site program using industrial guidance documents that were available at that time.

Further to the issuance of the CSA Standard N290.7-14 in January 2015, CNSC staff required that NPP licensees perform a gap analysis between their current cyber security program and the requirements of CSA N290.7-14, and address any identified gaps. New cyber security requirements from the CSA N290.7-14 standard have been imposed by the CNSC. NPP licensees are currently implementing the new standard with target completion dates in 2019–2020.

CNSC staff have conducted comprehensive cyber security program inspections at all NPP sites.

This presentation provides an overview of cyber security program regulatory requirements and inspections at NPPs as well as lessons learned from inspections conducted and future tasks. Regulatory oversight by means of desktop reviews and site inspections conducted thus far has revealed that all NPP facilities are compliant with current regulatory requirements.

To obtain a copy of the abstract’s document, please contact us at or call 613-995-5894 or 1-800-668-5284 (in Canada). When contacting us, please provide the title and date of the abstract.

Page details

Date modified: