核协信专函〔2019〕7 号
关于召开核电厂网络安全技术国际交流与
培训会议的通知
各有关单位:
为加强核电厂网络安全建设,促进核电厂网络安全法规 标准和技术的国际交流,提升核电行业从业人员对国内外核 电厂网络安全法规标准、安全策略、防护技术的理解和认识。 中国核能行业协会信息化专业委员会定于2019年3月27日
-29日在深圳举办核电厂网络安全技术国际交流与培训会议。 会议由中国核能行业协会信息化专业委员会主办,中广
核工程有限公司承办,Framatome GmbH 协办。主办方将邀请 德国、韩国、加拿大等国际核电网络安全法规标准方面的专家学者,国际电工委员会、国际原子能机构等单位的专家代 表和咨询顾问出席活动,并计划邀请工信部、国防科工局、 国家核安全局、国家能源局、国家信息技术安全研究中心、 国家核安保技术中心、环保部核与辐射安全中心、国家工业
关于召开核电厂网络安全技术国际交流与
培训会议的通知
各有关单位:
为加强核电厂网络安全建设,促进核电厂网络安全法规 标准和技术的国际交流,提升核电行业从业人员对国内外核 电厂网络安全法规标准、安全策略、防护技术的理解和认识。 中国核能行业协会信息化专业委员会定于2019年3月27日
-29日在深圳举办核电厂网络安全技术国际交流与培训会议。 会议由中国核能行业协会信息化专业委员会主办,中广
核工程有限公司承办,Framatome GmbH 协办。主办方将邀请 德国、韩国、加拿大等国际核电网络安全法规标准方面的专家学者,国际电工委员会、国际原子能机构等单位的专家代 表和咨询顾问出席活动,并计划邀请工信部、国防科工局、 国家核安全局、国家能源局、国家信息技术安全研究中心、 国家核安保技术中心、环保部核与辐射安全中心、国家工业
信息安全发展研究中心等单位领导、专家出席。现将有关事
宜通知如下:
一、交流和培训的目标
通过培训,提升从业人员对国内外核电网络安全相关法 规标准的理解和认识,学习网络安全策略、防护技术手段, 了解前沿学术进展、国内外网络安全的良好实践;通过研讨 会,促进国内外核电行业网络安全前沿动态的学术沟通、经 验反馈与合作探索。
二、时间和地点
时间:2019年3月27日-29日(培训时间为27-28日,研 讨会时间为29日,培训学员需于26日下午报到,参加研讨会 专家可于28日下午报到)
地点:深圳市龙岗区天安数码城5号楼 中广核工程有限 公司(设计院)
三、邀请人员
核电行业各集团(公司)负责信息安全部门领导,核能 行业相关设计、建设、运行、服务单位中从事设计、运行、 生产、维修、仪控、信息化建设、信息安全及文档管理等岗位和专业的领导和技术人员、中国核能行业协会核电运行分 会成员单位和网络与信息安全工作组成员单位。
四、活动安排
详见《日程安排》(附件1)。
一、交流和培训的目标
通过培训,提升从业人员对国内外核电网络安全相关法 规标准的理解和认识,学习网络安全策略、防护技术手段, 了解前沿学术进展、国内外网络安全的良好实践;通过研讨 会,促进国内外核电行业网络安全前沿动态的学术沟通、经 验反馈与合作探索。
二、时间和地点
时间:2019年3月27日-29日(培训时间为27-28日,研 讨会时间为29日,培训学员需于26日下午报到,参加研讨会 专家可于28日下午报到)
地点:深圳市龙岗区天安数码城5号楼 中广核工程有限 公司(设计院)
三、邀请人员
核电行业各集团(公司)负责信息安全部门领导,核能 行业相关设计、建设、运行、服务单位中从事设计、运行、 生产、维修、仪控、信息化建设、信息安全及文档管理等岗位和专业的领导和技术人员、中国核能行业协会核电运行分 会成员单位和网络与信息安全工作组成员单位。
四、活动安排
详见《日程安排》(附件1)。
五、报名和费用
1.会议收取注册费,收费标准为:中国核能行业协会会 员单位 4800 元/人,非会员单位 6800 元/人。
2.注册费可以报到当天缴纳,或者提前汇款至中国核能 行业协会。
名称:中国核能行业协会开户银行:中国银行北京西三环北路支行 账号:338966139210
3.请各参会单位于 2019 年 3 月 24 日前,将会报名表(附 件 2)发送邮件或传真至中国核能行业协会信息化专业委员 会秘书处。
六、其他事宜
1.参加培训的学员经考核评定合格者,将由中国核能 行业协会信息化专业委员会将颁发合格证书。经考核评定优 秀者将另外颁发优秀学员证书。
2.参加培训的学员需要提交一寸免冠证件照(电子版)。
3.培训和交流语言是英语。
4.会务组统一安排住宿,费用自理(住宿酒店另行通知)。
七、联系人 郑东,15600680181,[email protected]。 胡兵(中广核工程有限公司),18806653007。
1.会议收取注册费,收费标准为:中国核能行业协会会 员单位 4800 元/人,非会员单位 6800 元/人。
2.注册费可以报到当天缴纳,或者提前汇款至中国核能 行业协会。
名称:中国核能行业协会开户银行:中国银行北京西三环北路支行 账号:338966139210
3.请各参会单位于 2019 年 3 月 24 日前,将会报名表(附 件 2)发送邮件或传真至中国核能行业协会信息化专业委员 会秘书处。
六、其他事宜
1.参加培训的学员经考核评定合格者,将由中国核能 行业协会信息化专业委员会将颁发合格证书。经考核评定优 秀者将另外颁发优秀学员证书。
2.参加培训的学员需要提交一寸免冠证件照(电子版)。
3.培训和交流语言是英语。
4.会务组统一安排住宿,费用自理(住宿酒店另行通知)。
七、联系人 郑东,15600680181,[email protected]。 胡兵(中广核工程有限公司),18806653007。
特此通知。
附件:1.日程安排
2.报名表
3.专家简介
主送:中国核工业集团有限公司、中国核工业建设股份有限公司、中国广核电力股份有限公司、国家电力投资集 团有限公司、中国华能集团有限公司、地方政府核电办、产业协会联盟、核工业计算机应用研究所、中国 核能行业协会网络与信息安全工作组成员单位、中国 核能行业协会及各会员单位
附件:1.日程安排
2.报名表
3.专家简介
|
中国核能行业协会信息化专业委员会 2019 年 3 月 5 日 |
主送:中国核工业集团有限公司、中国核工业建设股份有限公司、中国广核电力股份有限公司、国家电力投资集 团有限公司、中国华能集团有限公司、地方政府核电办、产业协会联盟、核工业计算机应用研究所、中国 核能行业协会网络与信息安全工作组成员单位、中国 核能行业协会及各会员单位
附件 1
Nuclear Cybersecurity Training & Workshop
on Safety I&C, Operational I&C and Electrical Power Systems (EPS)
27-29 March 2019, 深圳/Shenzhen
| 第一天/1st Day – 2019-03-27 [Technical] | ||
| 时间 | 内容/Topic | 演讲者/Presenter |
| 开场白/Introduction | ||
| 09:00 – 09:20 | Welcome by CNEA, Shenzhen host and invited speakers | CNEA, CGN, Framatome |
| 09:20 – 09:30 | Introduction of participants and trainers | all |
| 09:30 – 09:40 | Overview and scope of Training & Workshop | Dr. Karl Waedt (KW) |
| 开场白/Cybersecurity Challenges | ||
| 09:40 – 10:10 | Cybersecurity – New Challenges for Industry and Worldwide Technical Trends | Venesa Watson (VE) |
| 10:10 – 10:30 | Gradual Progress of Cybersecurity in the Nuclear Domain | KA |
| 10:30 – 11:00 | 会间茶歇/Coffee Break | |
| 11:00 – 11:20 | Cybersecurity Incidents in Nuclear and Critical Infrastructure | VE, XI, IN |
| 信息安全设计/Security by Design | ||
| 11:20 – 11:40 | Safety DiD and Security DiD (IAEA NP-T-2.11, IAEA NSS) | KA |
| 11:40 – 12:00 | Security Grading in China (IT, Industry, Nuclear) | XX – in Chinese from CN |
| 12:00 – 12:30 | Asset Management of Security Artefacts (ISO/IEC 19770) | KA, AS, IN |
| 12:30 – 13:30 | 午餐/Lunch Break | |
| 13:30 – 14:00 | Cybersecurity in Industry 4.0, RAMI | KA, XI |
| 14:00 – 14:30 | Domain Based Security (DBSy, HMG IA) and Security Architecture and Design / Modeling (IEC 62714) |
KA XI |
| 信息安全控制/Security Controls for IT and OT | ||
| 14:30 – 15:00 | Security Requirements, Objectives and Controls - JTC1/SC27 | KA, AS |
| 15:00 – 15:30 | 会间茶歇/Coffee Break | |
| 15:30 – 16:10 |
Security Controls Overview (IAEA, IEC, US NRC, NEI) Generic Structuring by ISO/IEC 27002 and ISO/IEC 27009 Controls for non-nuclear Energy Utilities (ISO/IEC 27019) | KA – 40 min VN XI |
| 16:10 – 16:30 | Safety & Security Grading, Security Maturity Level (IEC 62443) Controls for process industry (IEC 62443) | VE KA à 20 min |
| 16:30 – 16:45 | Security Controls Guidance in China (IT, Industry, Nuclear) | XX – in Chinese from CN |
| 16:45 – 17:00 | Example Security Control: Whitelisting & Blacklisting for OT | VE |
| 17:00 – 17:30 | End of 1st Day Question Round | all |
| 18:30 | 欢迎晚餐/Welcome Dinner | |
| 第二天/2st Day – 2019-03-28 [Technical] | ||
| 时间 | 内容/Topic | 演讲者/Presenter |
| 开场白/Introduction | ||
| 09:00 – 09:10 | Summary of previous day | Venesa Watson (VE) |
| 09:10 – 09:20 | Overview and scope for 2nd day of Training & Workshop | Dr. Karl Waedt (KA) |
| 电气系统信息安全/Security for Electrical Power Systems (EPS) | ||
| 09:20 – 09:35 | EPS Architectures and Equipment (SIPROTEC) | VE, DE, DA |
| 09:35 – 10:05 |
Security Controls for Electrical Power Systems (EPS) EPS in the Asherah NPP Model (AEA CRP) | KA, DE, DA – 30 min |
| 功能安全与接口/Functional Safety & Security Interface | ||
| 10:05 – 10:30 |
Considering Nuclear Safety & Security (IEC 62589) Considering Functional Safety & Security (IEC TR 63069) Safety & Security Interface Guide/DKE TBINK AK IT-Security | IN VE, IN, XI – 25 min IN |
| 10:30 – 11:00 | 会间茶歇/Coffee Break | |
| 11:00 – 11:25 | Attribute Based Access Control for Plants and Station Control | VE, JO |
| 安全测试/Security Testing | ||
| 11:25 – 11:45 | Security Testing in Main Lifecycle Phases | KA, IN |
| 11:45 – 12:00 | Security Testing during Development (ISO/IEC/IEEE 29119) | KA, XI, IN |
| 12:00 – 12:15 | Security Testing Guidance in China (IT, Industry, Nuclear) | XX – in Chinese from CN |
| 12:15 – 12:30 | Pen Testing and Smart Fuzz Testing (DEFENSICS/synopsis) | VE, RA |
| 12:30 – 13:30 | 午餐/Lunch Break | |
| 安全治理与应用安全/Security Governance and Application Security | ||
| 13:30 – 13:50 | Application Security Controls (ASCs) | KW, AS, XI |
| 13:50 – 14:10 | Security Along the Supply Chain | VE, IN |
| 14:10 – 15:00 |
Secure Configuration (BIOS, SCALANCE, Firewall) and Security Hardening (OS Level, SLES, RHEL, Windows) | VE, DE AS, IN |
| 15:00 – 15:30 | 会间茶歇/Coffee Break | |
| 15:30 – 15:50 | Developments in Crypto Standardization for Real-time | VE |
| 安全开发/Secure Development | ||
| 15:50 – 16:30 |
Secure Software Development Guidance (ISO/IEC TR 24772) & Secure FPGA/HDL Development Environment (IEC 62566) | KA, IN, XI AS, SA |
| 16:30 – 16:45 | Secure Development Guidance in China (IT, Industry, Nuclear) | XX – in Chinese from CN |
| 16:45 – 17:00 | Independent Security V&V, Certification for Industry & Nuclear | KA, IN |
| 17:00 – 17:30 | End of 2nd Day Question Round | all |
| 18:30 | 晚餐/Dinner | |
| 第三天/3rd Day – 2019-03-29 [Technical & Management] | ||
| 时间 | 内容/Topic | 演讲者/Presenter |
| 安全法规与控制/ Cybersecurity Regulation | ||
| 09:00 – 09:10 | Summary of previous days | Dr. Karl Waedt (KA) |
| 09:10 – 09:40 | E.g. National Cybersecurity Regulation | Mr. Kim, Korea |
| 09:40 – 9:55 | Sino-German Cooperation in Industry 4.0/IM: Safety & Security | KA, XI |
| 09:55 – 10:30 | Major Cybersecurity IAEA topic | Mr. Michael Rowland |
| 10:30 – 11:00 | 会间茶歇/Coffee Break | |
| 11:00 – 11:25 | CN Presentation – e.g. HTR Cybersecurity | XX – in Chinese from CN |
| 11:25 – 11:45 | Application and Organization Normative Framework for Security | KA, AS |
| 11:45 – 12:15 | Nuclear IEC Cybersecurity Controls – IEC 63096 Concepts | VE, XI |
| 12:15 – 12:30 | Cybersecurity training concepts for nuclear and Industry 4.0/IM | KA |
| 12:30 – 13:30 | 午餐/Lunch Break | |
| 13:30 – 14:00 | Safe Engineering in the Digital Age | Mr. Peter Sieber |
| 14:00 – 14:15 | CN Presentation – e.g. security for one Chinese I&C platform | XX – in Chinese from CN |
| 14:15 – 14:30 | CN Presentation – e.g. by SNERDI/SNPAS | XX – in Chinese from CN |
| 总结与展望/Conclusion and Outlook | ||
| 14:30 – 14:50 | Questions & feedback | all |
| 14:50 – 15:00 | Final discussion and outlook to further events | all |
| 15:00 | End of 3rd day Training & Workshop | |
附件 2
核电厂网络安全技术国际交流与培训报名表
| 姓名 |
性别 |
工作单位、职务 |
联系电话 |
电子邮件 |
住宿要求 (单间、合住) |
联系人:郑东 15600680181 邮箱:[email protected] 传真:010-88510021
- 8 -
附件 3
专家简介
Dr. Karl Waedt
development of IEC 61508/61511, EN 50156, IEC 62443, IEC TR 63069, IEC 62337,
IEC 62382 AND IEC 62881.
专家简介
Dr. Karl Waedt
Concepts & Architecture / Cybersecurity in Framatome GmbH ICPGDA
He is deputy chair of DKE UK 967.1 (German Mirror Committee of TC45/SC45A), German delegate in TC45/SC45A WG3(I&C) and WG9(Cybersecurity), Chairperson to CEN/CENELEC CLC/TC 45AX (I&C and EPS) and Deputy in KTA UK EL (I&C and ES Board), IAEA TMs pm Cybersecurity, on behalf on German Ministry BMWi, Member of DKE/TBINK Safety & Security by Design, German Delegate in ISO/IEC JTC1/SC27 WG4 Security Controls and Services, Technical R&D Coordinator, together with 6 German University Partners and Member of GI (German Informatics Society) and IEEE.Venesa Watson
Ph.D. Candidate (Cybersecurity) in Framatome GmbH
She works with a team of eight (8) PhD students as a part of the SMARTEST R&D project, which was formulated to combine the competences of universities/colleges with industry to develop test procedures for the systematic security analysis of the IT security of computerized nuclear process control systems. The project seeks to identify as many weak points as possible in these control systems, with the overall aim to lower the risk of critical incidents. They employ various security testing methods such as fuzzing, remote code execution, packet injection and forensics examination to achieve the goals of the project. Her focus is on fuzzing of the systems and other message manipulation attacks, where both public and proprietary protocols are analysed and used.Peter Sieber
Vice President Norms and Standards, Vice President Region China in HIMA Paul Hildebrandt GmbH
He is Responsible for HIMA business in China, Coordination of Norms & Standard activities and Review and Expansion of HIMA Portfolio. He has participated atdevelopment of IEC 61508/61511, EN 50156, IEC 62443, IEC TR 63069, IEC 62337,
IEC 62382 AND IEC 62881.
Michael Rowland
Consultant in RACG, Nuclear Security Information Officer at the International Atomic Energy Agency (IAEA)
Michael Rowland was a Nuclear Security Information Officer at the InternationalAtomic Energy Agency (IAEA) and communicated with and trained nuclear industry professionals at all levels, including both executive and technical experts from around the globe. Additional duties included leading and coordinating meetings to develop international consensus publications on computer security such as Nuclear Security Series Publication NSS 33-T, Computer Security of Instrumentation and Control (I&C) Systems at Nuclear Facilities published in May 2018 and draft publication NST 047, Computer Security Techniques at Nuclear Facilities approved for publication in June 2018.
Mr. Rowland received a Bachelor of Engineering - Electrical Engineering from Ryerson University in 2001 and obtained his professional engineering (P. Eng) license in 2006. He is currently enrolled with Royal Holloway, University of London to obtain a Masters in Information Security.
