Secure Software Configuration Management Processes for nuclear safety software development environment

The main difference between nuclear and generic software is that the risk factor is infinitely greater in nuclear software – if there is a malfunction in the safety system, it can result in significant economic loss, physical damage or threat to human life. However, secure software development environment have often been ignored in the nuclear industry. In response to the terrorist attacks on September 11, 2001, the US Nuclear Regulatory Commission (USNRC) revised the Regulatory Guide (RG 1.152-2006) “Criteria for use of computers in safety systems of nuclear power plants” to provide specific security guidance throughout the software development life cycle. Software Configuration Management (SCM) is an essential discipline in the software development environment. SCM involves identifying configuration items, controlling changes to those items, and maintaining integrity and traceability of them. For securing the nuclear safety software, this paper proposes a Secure SCM Processes (S2CMP) which infuses regulatory security requirements into proposed SCM processes. Furthermore, a Process Flow Diagram (PFD) is adopted to describe S2CMP, which is intended to enhance the communication between regulators and developers.

► The proposed method emphasizes platform-independent security processes. ► A hybrid process based on the nuclear SCM and security regulations is proposed. ► Detailed descriptions and Process Flow Diagram are useful for software developers.