Writing Nuclear Technology Security Safety

Why Nuclear Security Needs Information Security

The Promise Of NST070

Mitchell Hewes
Mitchell Hewes
Why Nuclear Security Needs Information Security

This article has been adapted verbatim from a paper accepted and presented during the International Conference on Computer Security in the Nuclear World: Securing the Future titled ‘Why Nuclear Security Needs Information Security: The Promise Of NST070’ authored by Mike StJohn-Green and myself.

Abstract

Effective computer security requires information security. Computers, like humans, are actors on information and adversaries target the functions they perform by compromising the confidentiality, integrity, or availability (CIA) of the information itself.

Modern information is fluid and knowledge-based, capable of being inferred from fragments and moving beyond traditional boundaries. This makes older, containment-based security models that treat information as a simple object appear increasingly obsolete. The value of information is also asymmetric; what seems routine to a defender can reveal critical vulnerabilities to an attacker. Since information’s value is derived from its use within a function, any compromise of its CIA can be quantified by the potential impacts to that function’s performance.

The IAEA’s circulated draft of NST070 describes an integrated, life-cycle approach that protects information’s CIA during both its processing and its ultimate use. This model, with its holistic approach, fills gaps legacy systems cannot, resulting in strong security against modern threats and the future of AI. NST070 is set to become an essential security evolution, closing gaps within legacy models to create a truly modern defence. This paper will illustrate how the circulated draft of NST070 delivers this.

1. Introduction

Nuclear security guidance has historically evolved from the principles of physical protection, heavily emphasising the containment of physical objects based on an analysis of their static value. This approach proved effective when confidentiality was the predominant concern, particularly against adversaries seeking to collect intelligence. This lineage is evident in legacy information security frameworks, such as IAEA Nuclear Security Series No. 23-G Security of Nuclear Information1 (NSS 23-G), which focused on protecting the confidentiality of discrete “information objects”—tangible items like hard copy documents and electronic files—under the assumption that if the object is contained, the information is secure.

However, the rapid digitalisation of nuclear infrastructure and the use of computer based systems to control physical machines have exposed the limitations of a purely containment-centric posture. Information is no longer merely a physical asset to be locked away; it is both a dynamic component and a functional dependency of the functions we rely on for nuclear safety and security. As a result of this shift while confidentiality remains important, our approaches to the integrity and availability of information have moved to the centre of security discourse. This is increasingly evident as vulnerabilities within industrial control systems become high-profile targets for non-state actors and central to greyzone warfare, where digital interference serves as a potent tool for disruption without triggering conventional conflict2.

Approaches to information security have struggled to keep pace with this change. Much existing analysis and labelling still rely heavily on containment models, such as marking documents as confidential and applying standardised security controls to them, with little analysis of how the information is used, trusted, and how that could be exploited. Modern adversarial tactics render these models increasingly insufficient. Integrity faces escalating threats from new techniques designed to deceive users—both human and machine—such as deep-fakes generated by artificial intelligence and sophisticated cyber-attacks. Simultaneously, confidentiality has been disrupted as the global push to embrace artificial intelligence offers adversaries novel ways to aggregate, extract, and reconstruct meaning from scattered, unclassified datasets, reproducing sensitive information and bypassing traditional containment entirely.

Effective information security can no longer rely so heavily on a model of containment. Instead, it requires the defender to analyse how information is used to support decision-making by both the legitimate user and the adversary.

Computers and humans share a functional similarity: both act within a feedback loop, taking actions to support the correct performance of a function. Whether human or digital, the actor relies on information to form a belief about the facility’s state and capabilities to inform their decision-making. In a nuclear facility, these actors ingest information to update this model and determine the necessary actions to maintain nuclear safety, nuclear security, and nuclear material accounting and control.

Adversaries do not target information for its own sake. They target the decision-making process to either:

  • Reveal Performance Limitations: By analysing information objects representing logic or configuration data, they uncover the specific boundaries and vulnerabilities of our orientation, allowing them to engineer scenarios that operate exactly within the unanalysed blind spots.
  • Corrupt the Orientation: By compromising the integrity and availability of information objects relied upon within to form an orientation, they deceive the actor into issuing insecure, unsafe, or untimely control actions, turning them into an unwitting agent of the adversaries will.

Recognising these dynamics was a primary driver for the IAEA’s revision of its guidance. NSS 42-G3 and NSS 17-T Rev. 14 had already advanced alongside modern systems thinking theory, framing sensitive information as the active target, the compromise of which would result in mal-operation of the digital assets. In accordance with the Convention on the Physical Protection of Nuclear Material (CPPNM) and its Amendment, computer security was established as a subset of information security. To prevent systemic weaknesses that well-resourced adversaries could exploit, the Secretariat recognised the need to address the doctrinal inconsistencies between NSS 23-G and the more modern computer security guidance.

This paper introduces the revised approach outlined in the IAEA’s circulated Step 12 draft of NST0705 the draft proposed as the next revision of NSS 23-G. NST070 proposes a shift toward a risk-informed, graded approach that prioritises the demonstrable assurance of information relied upon within important functions over its static containment, thereby allowing defenders to both engineer the targeted protections necessary while enabling the secure and risk-informed adoption of AI and other emerging technologies.

Further, mapping this functional assurance to understand how information and its actors make up our orientation within an OODA Loop (Observe, Orient, Decide, Act)6 shifts nuclear security from providing for passive containment to preparing for dynamic engagement.

With this framework, the beliefs we form, and the functions those are executed within, represent the fixed elements of our orientation. Protecting it preserves correct decision-making. If an adversary corrupts our orientation, they effectively hijack our decision cycle. Knowing this, to prevent a nuclear security event, defenders must leverage their deep, asymmetric knowledge of the function and the role of information within it to maintain an accurate perception of reality while denying the same to the adversary.

2. The Value Propositions of NST070

To address the widening gap between legacy information security models and modern adversarial capabilities, the IAEA’s draft NST070 introduces a series of subtle changes on how sensitive information is classified, managed, and protected throughout its lifecycle. Rather than treating information purely as a static asset requiring containment, the draft provides an approach to information security designed to protect the dynamic operations of modern nuclear facilities.

The following section highlights a series of shifts on how information security is approached described. By contrasting the structural deficiencies of the existing publication of NSS 23-G with the new guidance, we can illustrate how NST070 transitions the discipline toward a model of functional assurance.

2.1. Information Resists Containment

Containment-centric security models, like NSS 23-G, often treat information exactly like physical nuclear material: identifying a tangible representation as sensitive (e.g., a site security plan), protectively marking it, and placing it within a bounded system, such as a safe. In this linear model, if the physical object remains in the safe, the information is deemed secure; if it is removed, the response triggers a security investigation and, ideally, recovery. But what if it has been copied? There is little structured guidance for interpreting what this disclosure would mean for the overall security posture.

Applying the logic of protecting physical assets to information creates a systemic blind spot. Because information is non-tangible, its theft does not require its removal. If a security posture only accounts for the representation, an adversary can simply exploit alternative forms, assembling facts and context until the sensitive information can be reconstructed. The adversary completely bypasses the protected physical object, collapsing the facility’s advantage that was reliant on confidentiality without ever gaining access to the ‘safe’.

Fig. 1 demonstrates how NST070 provides the foundations to address this vulnerability by introducing a conceptual model that separates abstract information from its tangible representations (“Ceci n’est pas une pipe”—or, in this case, the document is not the secret itself). The draft acknowledges information “can be represented and communicated by almost any means but becomes meaningful and valuable only when placed within appropriate context”5.

NST070 Fig. 2 Conceptual model illustrating the relationship between abstract information, information objects, information assets and the functions performed, with examples Fig. 1. NST070 Fig. 2 Conceptual model illustrating the relationship between abstract information, information objects, information assets and the functions performed, with examples (produced verbatim from Ref. 5).

This has become an increasingly important concept, as the advent of frontier AI and Large Language Models has demonstrated the ability to infer missing context to find sensitive information; for example, by rapidly aggregating and synthesising vast quantities of disparate, publicly available data to make novel inferences about a nuclear facility’s operations or physical layout7.

Recognising that “conventional information security measures can generally only be applied to information objects, information assets and individuals”5, NST070 instructs that “Information security measures should be designed to protect information as comprehensively as practicable in both its tangible and abstract forms”. To address the response to a compromise of information, the guidance further establishes that a facility’s incident response plan should “Outline methods to… otherwise mitigate the related consequences, ensuring that functions can continue to be performed within the defined levels of risk tolerance”5.

By separating abstract information from tangible objects, the draft promotes the development of a graded approach that orients nuclear security to preserve the utility of the information rather than just protecting an individual representation.

2.2. Automation Amplifies Vulnerability

The current NSS 23-G primarily considered human actors: a person reads a secret and acts on it therefore those secrets should not be disclosed to adversaries. Today, information directly leads to the performance of a function as can be exhibited through instrumentation and control systems, physical access controllers, safety actuation systems, and even video monitoring systems. Information as the basis for action is foundational to considering both computer security as well as mitigation of unwitting insiders, and information is considered to exist throughout the State and taking on many forms as depicted in Fig. 2.

NST070 FIG. 3. Relationship between the information and computer based systems in the State and in the nuclear security regime Fig. 2. NST070 FIG. 3. Relationship between the information and computer based systems in the State and in the nuclear security regime (produced verbatim from Ref.  5).

If an adversary alters the information relied on by any of these actors without stealing it, the actor may make incorrect and potentially catastrophic decisions based on that falsified data. The consequence of such a compromise is not just a leaked secret; it is a valve opening, an alarm disabling, or the failure to actuate a safety system. In each of these examples, the actions taken or deferred will likely have a direct impact on defence-in-depth.

While second order effects of this are not directly addressed in NST070, as the level of detail would exceed that of an Implementing Guide, the Systems Theoretic Accident Modelling Process8 provides the basis for a useful categorisation of the impact of the subversion of these actions:

  1. A control action required for safety/security is not provided: A loss of Availability prevents a critical safety actuation or security response.
    • Example: An adversary suppresses the high radiation signal to a safety actuation system. The system, lacking the necessary observation, fails to close a containment valve.
  2. An unsafe control action is provided: A loss of Integrity induces a malicious or incorrect command, tricking the system into an unintended state.
    • Example: An adversary spoofing digital sensor readings leads an operator to believe a cooling pump has failed. The operator, following standard operating procedures, issues a command to activate a backup system that, in the current actual state, over-pressurises the circuit.
  3. A potentially safe control action is provided too late, too early, or out of sequence: Latency or timing manipulation of when information is available disrupts the synchronisation of actions necessary for effective defence-in-depth.
    • Example: An adversary generates spectrum noise to affect the delivery speed of messages between a central alarm station and a wirelessly connected truck stopper, causing a delay that allows the adversary to transit the barrier before the actuation command is registered.
  4. A continuous safe control action is stopped too soon or applied too long: A disruption causes an incomplete or over-extended execution of an action, potentially leading to impairment of the function.
    • Example: An adversary intercepts the digital feedback from a Spent Fuel Pool’s level sensors, feeding the pump controller a constant “Low” signal during a makeup operation. The controller, relying on this observation, applies the pumping action for too long, causing a pool overflow that floods the spent fuel pool hall.

NST070, however, aims to correct this imbalance, noting that “loss of integrity or of availability can also have negative consequences for nuclear security and nuclear safety”5. The draft emphasises that attacks “could include attacks that are specifically designed and executed to mislead human or machine based decision making”5. If sensitive information is modified in a way that “misleads individuals or information assets”, it can prevent them “from correctly performing their functions and potentially lead to a nuclear security event or a nuclear accident”5.

NST070 FIG. 5. Example common scale of impact and a graded approach to protecting sensitive Information Fig. 3. NST070 FIG. 5. Example common scale of impact and a graded approach to protecting sensitive Information (produced verbatim from Ref. 5).

Fig. 3 illustrates the practical application of this, it outlines a consequence-based, graded approach, moving away from classification tied to unauthorised disclosure and concluding that “the protection of integrity and availability should be prioritised over confidentiality if the potential consequences to nuclear security and nuclear safety are greater”5.

2.3. Information Security is a Unifying Foundation

In many instances NSS 23-G, and the resulting guidance structure built up within NSS 42-G and NSS 17-T Rev. 1, could be interpreted in a way that conflated information with its actors, treating them as a single administrative unit. This ambiguity would lead to security posture that heavily prioritised hardening the sensitive digital assets (i.e. computer security) while failing to validate the integrity, origin, or broader lifecycle of the sensitive information itself (i.e. information security) leading to many lost opportunities for a more efficient security solution. In a systems security engineering context, this is a problematic functional decomposition, as it assumes that protecting the actor inherently guarantees the validity and safety of the basis for its action.

NST070 delineates this relationship, defining Information Security (and the Information Security Management System) as the superset that governs information objects in any form while Computer Security manages the specific subset of computer based information assets (i.e. digital assets) that facilitate their use. Highlighting that “decisions made and actions taken by individuals, on the basis of information in whatever form, can have some significance for the functions performed relevant to nuclear security”5, it provides the stable foundations for a broader information security framework that goes beyond computer security.

For instance, it counters disinformation by presenting the need to validate integrity before it influences human decision-making or is acted upon by an asset. Similarly, it supports the development of insider risk mitigation strategies against the risk of unwitting insiders who, despite operating within highly well-defined procedures, might be manipulated into taking adverse actions by acting on falsified information.

2.4. Information has an Asymmetric Value

Without specific guidance standard information security risk assessments typically measure the value of information based on its criticality to an organisation’s business continuity or routine operational needs. This overlooks a malicious perspective: an adversary does not use this information to operate the facility, but rather to target, bypass, or degrade physical protection and nuclear safety. They want to use it within a malicious act, resulting in a different, or asymmetric, value placed on that information.

NST070 FIG. 4. The relationship between the State and entities relevant to the nuclear security regime for the purposes of information security Fig. 4 NST070 FIG. 4. The relationship between the State and entities relevant to the nuclear security regime for the purposes of information security (produced verbatim from Ref. 5).

This asymmetry is further complicated by the fact that information may have different value throughout the nuclear security regime, often residing in, or being sensitive to other regulated entities or third parties. For example, an operator might discover and mitigate a specific equipment vulnerability, subsequently treating the technical details of that flaw as historical data with low sensitivity. However, if that same equipment design is utilised by other facilities within the regime, an adversary may view those details as a highly valuable blueprint for undertaking a malicious act elsewhere.

NST070 addresses this asymmetry, explaining that “each entity or organization could have a different use… and perception of the value of information”5. For instance, detailed configuration data for a safety control system might be considered by the operator “to be of little value”. However, to an adversary, such information “might be of high value as it could reveal a weakness or vulnerability that could be exploited in the context of a criminal or intentional unauthorized act”5 and “should therefore be protected consistent with the highest impact and consequence”5.

2.5. Aggregation and Inference Are Increasingly Important

While aggregation (i.e. gathering many pieces of information) is a recognised threat it was not structurally addressed within the original publication of NSS 23-G. Nor was inference, the cognitive leap an adversary makes to construct a model from that fragmented information.

An organisation might successfully contain a classified document. However, if an adversary observes related unclassified details, they may infer the context and logic of the document. Many information security frameworks struggle to acknowledge this emergent risk where the relationship between non-sensitive information generates new, sensitive knowledge that bypasses traditional containment.

NST070 provides a basis for addressing both aggregation and inference, “consideration should also be given to the potential for aggregated information to warrant a higher classification, even if individual components are less sensitive”5. It treats the relationship between data points as a protectable aspect, “collections of non-sensitive information objects could become sensitive information objects if the relationship between the non-sensitive information objects provides additional context for an adversary”5, shifting defence from protecting static object to a calibrated management of the adversary’s orientation leading into a malicious act.

2.6. Transient Sensitivity Needs Flexibility

NSS 23-G was largely built for static or persistently sensitive data (e.g., plans, system designs, threat and vulnerability modelling). It lacked agile mechanisms for information whose value decays rapidly, such as real-time transport logistics or temporary operational variables within an I&C system. Applying dogmatic and heavy-handed controls in these fast-paced environments can severely hinder safety or security functions.

NST070 recognises that “traditional information security measures can be impractical for enabling the use of information whose sensitivity has a brief lifespan, for example during the transport of nuclear and other radioactive material”5. It allows for agile adaptations, such as “employing code words (including gestures or signs)” 5. However, it cautions that “meaning can be quickly inferred on the basis of context”. Therefore, “the context of these code words”5 must be treated as sensitive information itself, and this approach must be “strictly controlled and limited to scenarios in which the information’s sensitive nature is transient”5.

2.7. Realigning the Lifecycle and Control Structures to Preserving Functions

Many information security lifecycles, including those in NSS 23-G, are depicted as a series of administrative procedures that mirror those used for records management. This approach treats these lifecycle stages as an end unto themselves, creating a disconnect between the State’s overarching objectives for nuclear security and the functional execution, potentially even extending beyond the mandate of nuclear security.

Without a cohesive bridge between the lifecycle phases and the objective of nuclear security, policies have remained static and failed to address emerging threats, as, following records management, they formalised a process that prioritised the custody of the object over the contribution to the function.

NST070 FIG. 6. The four stages in a generic information life cycle and the relationships between them Fig. 5. NST070 FIG. 6. The four stages in a generic information life cycle and the relationships between them (produced verbatim from Ref. 5).

In Fig. 5 NST070 redefines the generic lifecycle and reduces it to a series of stages that can be directly related to functional outcomes5:

  • Creating: Actions performed to identify or assemble an information object from abstract information or other information objects, provide context, and asses its sensitivity.
  • Processing: Actions performed on information/information objects that could affect its C/I/A.
  • Using: Actions performed using information/information objects, reliant on its C/I/A.
  • Disposing: Actions performed to archive or destroy information/information objects ensuring they can no longer impair the performance of a function through a loss of C/I/A.

To govern this lifecycle, NST070 introduces a layered control structure, dictating that a “State’s legislative, regulatory and policy frameworks… and the information security management system of a regulated entity… should together form information security governance structures”5 demonstrating this hierarchy of controls in Fig. 6.

NST070 FIG. 6. NST070 FIG. 1. Relationship between the State’s nuclear security objectives, information security governance structures and the confidentiality, integrity and availability of information Fig. 6. NST070 FIG. 1. Relationship between the State’s nuclear security objectives, information security governance structures and the confidentiality, integrity and availability of information (produced verbatim from Ref.  5).

This hierarchy ensures the information security management system implemented and maintained by organisations within the nuclear security regime encompasses procedures “designed to provide for the security of sensitive information, sensitive information objects and sensitive information assets”5 to ultimately “preserve satisfactory performance of a regulated entity’s functions using sensitive information”5 while maintaining alignment with the objectives of nuclear security.

3. OODA and Information Security during a nuclear security event

To move away from static containment and operationalise the functional assurance proposed in NST070, we must examine how information actively drives decision-making in the lead-up to and within a nuclear security event. Modern nuclear facilities are among the most robustly regulated examples of critical infrastructure in existence. IAEA guidance has established a series of assurance principles as international norms, such as Defence-in-Depth, the Graded Approach, and the Single Failure Criterion, creating a dense fabric of redundant, parallel safety and security systems designed to deliver important functions even in the face of localised losses (component failure or an emergent vulnerability within the PPS)910.

However, a nuclear facility and its safety and security systems cannot be protected as though they are a static collection of assets. They are complex, dynamic environments comprised of interacting processes designed to maintain these functions. An attack on a single system, a simple ‘hack’, should, by design, not result in an unacceptable loss. A true nuclear security event will emerge from a dynamic encounter within this environment, where an adversary exploits crafted control actions, disrupts feedback loops, or leverages flawed assumptions to force the facility into an unanalysed, hazardous state.

In such an encounter, the effectiveness of the facility’s defences depends entirely on the performance of its functions. However, actors performing safety and security functions, whether human or computer, rarely observe physical reality directly. Instead, their operational reality is governed by an orientation. These actors base their decisions and subsequent actions entirely on this orientation. Therefore, if an adversary can manipulate the sensitive information feeding this, they can trick the actor into issuing a damaging action, effectively turning the facility’s own processes against it, bypassing active Defence-in-Depth, and setting the scene for a nuclear security event.

Visualising how this orientation is formed requires looking at how the conceptual model described in Fig. 1 can be practically applied. It occurs through a layered convergence of information; for any given action, there are typically at least three distinct types of information that mechanically influence the orientation:

  • Information forms the baseline capability of the actor, such as the compiled firmware of a digital controller or the specialised training of the guard force;
  • The actor is instructed by predefined logical rules, such as process logic for a PLC or written standard operating procedures for a guard; and
  • The actor receives observations, interpreting them against their capability and the logical rules to execute actions within the performance a function.

These three elements of orientation can be mapped to the NST070 information lifecycle using a model derived from a Input-Control-Output-Mechanism (ICOM) Integration Definition for Process Modelling (IDEF0) 11 function block:

A set of sensitive information related to the performance of a function illustrating a re-entrant application of Fig. 1 depicted in an ICOM-like structure Fig. 7. A set of sensitive information related to the performance of a function illustrating a re-entrant application of Fig. 1 depicted in an ICOM-like structure.

Feeding this function are information objects that collectively form the system’s orientation:

  • Input (I): This is the raw observation of the physical world. It provides the situational context (e.g., Temperature is 300°C).
  • Control (C): These are the task specific instructions. They represent the application logic, safety constraints, or work orders/instructions (e.g., If Temp > 280°C, open valve).
  • Mechanism (M): This is the base capability of the actor itself. Additionally, it holds the Knowledge or System Programming required to interpret the inputs against the controls to produce an output.

For an Output (O) to be generated the mechanism (and therefore the actor) must resolved the interaction of the three variables above to form a prediction, decide on a course of action, and then act to execute it. By defining the orientation in this way, we see that any compromise to the integrity of the Control or Mechanism, or the availability and integrity of the Input, results in a flawed orientation, forcing the actor to base their decisions upon a reality that does not exist.

This can be demonstrated through mapping the internal architecture of the OODA loop’s Orient and Decide phases to the Using phase of the information lifecycle.

The ICOM-like structure in Fig. 7 applied to demonstrate the formulation of orientation within an OODA loop Fig. 8. The ICOM-like structure in Fig. 7 applied to demonstrate the formulation of orientation within an OODA loop6.

3.1. The Vulnerability of the Fixed Orientation

Because of their highly regulated nature, nuclear facilities largely operate with a fixed orientation. To ensure deterministic and verifiable responses, the operational logic and mechanisms are rigorously baselined. While this provides stability against anticipated losses (e.g. random component failures), it creates a strategic vulnerability: the defender’s Decide and Act phases can be discovered through reconnaissance.

Armed with this knowledge, an adversary does not need to outpace the defender’s OODA loop, they simply decouple it from reality. By manipulating the Input or poisoning the Control, such as through maliciously altering ladder logic or a guard’s orders, the attacker forces the actor to perform its function perfectly against a false orientation. For example, if a sensor’s integrity is compromised to report a normal state during an actual excursion, the safety system’s decision to remain idle is technically correct according to its logic yet may be functionally damaging.

When malicious information is successfully injected into the orientation this way, the actor maintains total confidence in their orientation, unwittingly executing the adversary’s intent. The defender is no longer reacting to an external threat; they have been rendered an agent of the attacker. This corruption may bypass redundancy provided by the single failure criterion as well as all active layers of defence-in-depth, including physical, computer, and information security barriers entirely, as the system executes the action under the assumption that it is a legitimate operational requirement.

Conclusion: Reclaiming the Orientation

Adversaries intent on violating the core objectives of nuclear security (preventing theft and sabotage) will not merely seek to extract information. Because defence-in-depth within most nuclear facilities is so thoroughly established, brute-force physical bypass is exceptionally difficult.

Instead, the lowest-cost path for an adversary is increasingly being demonstrated as an attack the orientation itself. This targeted attack path relies on a specific sequence:

  • Revealing Limitations: By uncovering the logic the adversary maps the system’s fixed orientation. If the function lacks architectural diversity, compromising the confidentiality of one system reveals the blind spots of all systems. This collapses the adversary’s required effort, turning what should be independence into a single, shared attack path.
  • Corrupting Orientation:
    • Denying Observation: By blocking or severing the input data, the adversary blinds the orientation.
    • Attacking Integrity: By subtly altering the inputs, logic, or mechanisms, the adversary corrupts the system’s orientation, forcing it to act on a false reality.

Our advantage will not come from the static defences established by containment-based information security. Frameworks like the original NSS 23-G focused almost exclusively on the physical containment of tangible information objects, a posture that is entirely blind to an adversary manipulating abstract information flows. By applying the functional, lifecycle-based protections of the draft NST070, we shift away from this limited perception of value.

Instead, NST070 provides a basis against which to assess the value of information functionally, through the eyes of other stakeholders in the nuclear security regime, and the adversary. Because the adversary’s attack path requires them to map our limitations and manipulate our orientation, their success is dependent on exploiting sensitive information. By shifting our priority from strict confidentiality to ensuring the integrity and availability of the basis for action within our functions, we enforce the modern principles of trustworthiness12. We protect the exact information an adversary would value most, starving them of the prerequisites for success and turning their reconnaissance and manipulation attempts into detectable anomalies.

These early indicators provide us with the opportunity for active defence. Because the facility inherently possesses the master operational picture, understanding our reliance on sensitive information allows us to dynamically re-calibrate our orientation: validating inputs, shifting control logic, or isolating compromised actors. With a well-established understanding of our own orientation we can do this long before the adversary can achieve their goal.

By securing this sensitive information relative to its uses and preparing for a dynamic encounter, we force the adversary to fight through exponentially compounding layers of uncertainty, introducing crippling friction into their decision cycle. We shift from a posture of passive containment to consistently operating inside the adversary’s OODA loop, ensuring the facility acts on a validated and resilient orientation13.

The circulated draft of NST070 aligns directly with this systems theory view. It recognises that in a modern nuclear environment, security is not merely about locking away the data but preserving the orientation so it can be safely relied upon during an emerging nuclear security event. By shifting to a model that re-evaluates information through its functional consequence, the new guidance changes how risk is calculated. Security measures are no longer graded simply by the administrative sensitivity of a static document, but by how severely a system’s orientation would diverge from reality if that information were corrupted, and what the consequences of that divergence would be.

Ultimately, NST070 modernises the foundations of information security to address the rapidly developing capabilities of digital technology, including the use of AI by both operators and adversaries. It provides the framework necessary to counter sophisticated, information-centric threats. It ensures that when an actor executes a safety or security function, it acts not as an unwitting agent of the adversary, but based on an assured, trustworthy orientation that accurately reflects the true orientation of the facility.

References

  1. International Atomic Energy Agency (IAEA) Nuclear Security Series No. 23-G, “Security of Nuclear Information,” Vienna, Austria, 2015.  https://www.iaea.org/publications ↩︎

  2. A. Crowe, “Mass Insider Threats: Civilians, Cyberoperations, Critical Infrastructure, and the Erosion of Sovereignty in the Grey-Zone,” in Oxford Intersections: Borders, ed. Alexander Diener and Joshua Hagen, Oxford University Press, 2026. ↩︎

  3. International Atomic Energy Agency (IAEA) Nuclear Security Series No. 42-G, “Computer Security for Nuclear Security,” Vienna, Austria, July 2021.  https://www.iaea.org/publications ↩︎

  4. International Atomic Energy Agency (IAEA) Nuclear Security Series No. 17-T (Rev. 1), “Computer Security Techniques for Nuclear Facilities,” Vienna, Austria, September 2021.  https://www.iaea.org/publications ↩︎

  5. International Atomic Energy Agency (IAEA) Draft Implementing Guide NST070 Step 12, “Information Security for Nuclear Security,” Vienna, Austria, 2025. ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎

  6. J. R. Boyd, “The Essence of Winning and Losing,” Unpublished briefing slides, June 1995.. ↩︎ ↩︎

  7. S. C. Lackner and Z. Kara, “Artificial Intelligence and Nuclear Security Governance: Addressing the Risks of Frontier AI,” Vienna Center for Disarmament and Non-Proliferation, 2025 ↩︎

  8. N. G. Leveson, “Engineering a Safer World: Systems Thinking Applied to Safety,” The MIT Press, 2012.  https://doi.org/10.7551/mitpress/8179.001.0001 ↩︎

  9. INTERNATIONAL ATOMIC ENERGY AGENCY, Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/ Revision 5), IAEA Nuclear Security Series No. 13, IAEA, Vienna (2011). ↩︎

  10. INTERNATIONAL ATOMIC ENERGY AGENCY, Safety of Nuclear Power Plants: Design, IAEA Safety Standards Series No. SSR-2/1 (Rev. 1), IAEA, Vienna (2016). ↩︎

  11. National Institute of Standards and Technology (NIST) Federal Information Processing Standards Publication (FIPS PUB) 183, “Integration Definition for Function Modeling (IDEF0),” Gaithersburg, MD, December 1993. https://nvlpubs.nist.gov/nistpubs/Legacy/FIPS/fipspub183.pdf ↩︎

  12. National Institute of Standards and Technology (NIST) Special Publication 800-160 Volume 1 Revision 1, “Engineering Trustworthy Secure Systems,” Gaithersburg, MD, November 2022. https://doi.org/10.6028/NIST.SP.800-160v1r1 ↩︎

  13. Rick Dove, “Embedding Agile Security in System Architecture,” Insight 12 (2): 14-17, International Council on Systems Engineering, July 2009. ↩︎

Where to Start — the System or the Function?
Older post

Where to Start — the System or the Function?

You may also like

Where to Start — the System or the Function?
Mitchell Hewes

Where to Start — the System or the Function?

Achieving Resilience Through the Preservation of Functions
Mitchell Hewes

Achieving Resilience Through the Preservation of Functions

Approaches for Comprehensive Safety and Digital Risk Management
Mitchell Hewes

Approaches for Comprehensive Safety and Digital Risk Management

Lighting the Way for My Father
Mitchell Hewes

Lighting the Way for My Father