Nuclear Regulatory Commission, Regulatory Guide 5.71, Cyber Security Programs for Nuclear Facilities (Jan. 2010) (full-text).
Regulatory Guide 5.71 provides guidance to applicants and licensees on satisfying the requirements of 10 C.F.R. 73.54. The information contained within this guide represents the results of research conducted by the NRC Office of Nuclear Regulatory Research concerning cyber security program development and the collective body of knowledge and experience that has been developed through prior NRC cyber related activities. In addition, this guide embodies the findings by standards organizations and agencies, such as the International Society of Automation, IEEE, and NIST, as well as guidance from the U.S. Department of Homeland Security.
This regulatory guide applies to operating reactors licensed in accordance with 10 C.F.R. Part 50, "Domestic Licensing of Production and Utilization Facilities" (Ref. 2), and 10 C.F.R. Part 52, "Licenses, Certifications, and Approvals for Nuclear Power Plants" (Ref. 3). Licensees and applicants should consider this guidance in preparing an application for a combined operating license under 10 C.F.R. Part 52.