{!LANG-b5b1ea4730caeb79e02754e6a82f5265!}
{!LANG-c22fc27ee7a40f29f833930841859827!}
Protecting information from unauthorized access is an integral part of the general problem of ensuring information security. Measures to protect information from unauthorized access should be carried out in conjunction with measures for the special protection of the main and auxiliary means of computer technology from PEMIN.
A set of software and hardware tools and organizational (procedural) solutions for protecting information from unauthorized access is implemented within the framework of an information protection system from unauthorized access (NSI ISD), consisting conditionally of the following four subsystems: access control; registration and accounting; cryptographic; ensure integrity.
The owner (owner) of confidential information of the AU with the participation of an expert commission and interested parties selects an acceptable class of protection of the AU from unauthorized access (if necessary with the assistance of information protection specialists), based on the conditions and operating mode of the AU and the required reliability of information protection. The selected classification of NPP security is documented and approved by the owner (owner) of
private speaker information.
Among the defining features by which the AS is grouped into various classes are:
the presence in the speaker information of a different level of confidentiality; the level of authority of the access subjects of the AU to access confidential information;
data processing mode in speakers: collective or individual. The specific composition of the information protection system of the NSD is determined based on the security class selected for this AS in accordance with the document “Automated Systems. Protection against unauthorized access to information. Classification of automated systems and information protection requirements. ”
Depending on the conditions of a particular AS, determined by the main images of the installed AS security class within the framework of access control, registration and accounting subsystems, integrity and cryptographic subsystems, it is recommended to implement (perform) the following functions - requirements for the corresponding classes.
The access control subsystem should include means of identification, authentication (authentication) and access control of users and their programs to the following resources: to the system; to the terminals;
to a computer (PC), nodes of a computer network (PC); to communication channels;
to external computer devices (PC);
to the program to volumes, directories, files, records, record fields. Elements of identification, authentication and access control to resources are implemented if the specified resources are available in the AU and if some users do not have access to them. The control of subjects' access to protected resources is carried out in accordance with the access matrix.
In addition to access control means, this subsystem, if there are several levels of information confidentiality, should include information flow control means, i.e., information transfer control between strictly installed resources (carriers), taking into account the availability of permission for this type of exchange. Information flows are managed using privacy labels. At the same time, the level of confidentiality of protected objects (drives) should not be lower than the level of confidentiality of information recorded on them.
The registration and accounting subsystem should include means for recording and recording the following events and / or resources:
user input / output to / from the system (host); issuance of printed (graphic output documents);
start / end programs of n processes (tasks, tasks) using protected files;
access of user programs to protected files, including their creation and deletion, transmission via communication lines and channels;
access of user programs to terminals, computers, computer network nodes, communication channels and lines, external computer devices, programs, volumes, catalogs; changes in authority of access subjects; created protected access objects; accounting of information carriers. In addition, this subsystem should include means for cleaning (zeroing, depersonalizing) the areas of mainframe memory and external drives used to process and / or store protected information.
The cryptographic subsystem should provide for the encryption of confidential information recorded on (shared) storage media shared by various access subjects, as well as on removable storage media (tapes, disks, floppy disks, microcassettes, etc.) of long-term external memory for storage outside work sessions authorized access entities. Access to encryption operations and / or cryptographic keys should be controlled through the access control subsystem. In this case, certified means of cryptographic protection should be used. Their certification is carried out by special certification centers or specialized enterprises licensed to carry out certification of cryptographic means of protection.
The level of implementation of the functions of the SPD of the NSD should ensure its integrity for all operating modes of the NPP.
The subsystem for ensuring the integrity of the SZI NSD is mandatory for any SZI and includes organizational, software and hardware and other means and methods that provide:
physical security of CBT (devices and storage media), the territory and the building where the J1C is located, with the help of security equipment and special personnel, strict access control, special equipment for the NPP premises;
inaccessibility of access control, accounting and control by users for the purpose of modifying, blocking or disconnecting them;
monitoring the integrity of the software of the AS and SZI for their unauthorized changes;
periodic and / or dynamic testing of the functions of SZI NSD using special software tools;
the presence of an administrator (service) of information protection responsible for maintaining, normal functioning and monitoring of the SZI NSD; restoration of SZI of NSD in case of failure and failure;
the use of certified (certified) means and methods of protection, the certification of which is carried out by special certification
centers or specialized enterprises licensed to conduct certification of protection means for SZI NSD, for low security classes certification is allowed by the enterprise (owner).
Monitoring of the software environment of system-wide tools and SZI NSD, taken into operation, should be provided for each AS that processes confidential information. The integrity of the software environment is ensured by the quality of acceptance of AS software designed to process confidential information.
The practical creation of information security tools that satisfy the above requirements is carried out within the framework of hardware and control programs of computer operating systems (PCs), as well as within the framework of software tools that expand the capabilities of operating systems in case of their application.
The vast majority of information in the modern world is processed in automated systems (AS). Therefore, the speaker is the "most popular" object of protection. All active speakers that process confidential information, respectively, which need protection from unauthorized access, are classified in accordance with the Guiding document of the State Technical Commission of Russia "Automated Systems. Protection from unauthorized access to information. Classification of AS and information protection requirements."
In accordance with the document, the classification of speakers includes the following steps:
The initial data for the classification of speakers are:
The choice of speaker class is made by the customer and the developer with the assistance of information security specialists.
Among the defining features of the classification of AS include the following:
Are installed 9 classes of speaker protection against unauthorized access To information, each class is characterized by a certain minimum set of protection requirements. Classes are divided into 3 groups:
Classes correspond to automated systems in which one user works, admitted to all information in the AS, placed on media of the same level of confidentiality.
The classes of this group correspond to automated systems in which users have the same access rights to all information in the AS, processed or stored on media of various levels of confidentiality.
In these automated systems, information of different privacy levels is simultaneously processed or stored. Not all users have access to all information in the speaker.
Interestingly, the document identifies 4 subsystems to provide protection against unauthorized access:
Depending on the class of speakers, the requirements for the listed subsystems differ (tables 8.1, 8.2, 8.3). The following notation is accepted:
"-" - there are no requirements for this class;
"+" - there are requirements for this class.
Subsystems and Requirements | Classes | ||||
---|---|---|---|---|---|
1D | 1G | 1B | 1B | 1A | |
access control subjects: | |||||
into the system | + | + | + | + | + |
- | + | + | + | + | |
to programs | - | + | + | + | + |
- | + | + | + | + | |
1.2. Control information flows | - | - | + | + | + |
2.1. Registration and accounting: | |||||
entrance (exit) access subjects | + | + | + | + | + |
- | + | + | + | + | |
- | + | + | + | + | |
access programs access subjects | - | + | + | + | + |
access programs access subjects | - | + | + | + | + |
change of authority access subjects | - | - | + | + | + |
- | - | + | + | + | |
+ | + | + | + | + | |
- | + | + | + | + | |
- | - | + | + | + | |
- | - | - | + | + | |
access subjects | - | - | - | - | + |
cryptographic tools | - | - | - | + | + |
+ | + | + | + | + | |
+ | + | + | + | + | |
- | - | + | + | + | |
+ | + | + | + | + | |
+ | + | + | + | + | |
- | - | + | + | + |
Subsystems and Requirements | Classes | |
---|---|---|
2B | 2A | |
1. Access Control Subsystem | ||
1.1. Identification, Authentication and access control subjects: | ||
into the system | + | + |
to terminals, computers, nodes of the computer network, communication channels, external computer devices | - | + |
to programs | - | + |
to volumes, directories, files, records, record fields | - | + |
1.2. Control information flows | - | + |
2. The subsystem of registration and accounting | ||
2.1. Registration and accounting: | ||
entrance (exit) access subjects to (from) the system (network node) | + | + |
issuance of printed (graphic) output documents | - | + |
launch (completion) of programs and processes (tasks, tasks) | - | + |
access programs access subjects to protected files, including their creation and deletion, transmission via communication lines and channels | - | + |
access programs access subjects to terminals, computers, nodes of a computer network, communication channels, external computer devices, programs, volumes, directories, files, records, record fields | - | + |
change of authority access subjects | - | - |
created protected access objects | - | + |
2.2. Media Recording | + | + |
Cleaning (zeroing, depersonalization) of freed areas of main memory of computers and external drives | - | + |
2.4. Security Attempt Alarm | - | - |
3. Cryptographic subsystem | ||
3.1. Confidential Information Encryption | - | + |
3.2. Encryption of information belonging to various access subjects (to groups of subjects) on different keys | - | - |
3.3. The use of certified (certified) cryptographic tools | - | + |
4. Integrity Subsystem | ||
4.1. Ensuring the integrity of software and processed information | + | + |
4.2. Physical security of computer equipment and storage media | + | + |
4.3. The presence of the administrator (service) of information security in the AU | - | + |
4.4. Periodic testing of SZI NSD | - | + |
4.5. The availability of means for restoration of SZI NSD | + | + |
4.6. Using Certified Protective Equipment | - | + |
Subsystems and Requirements | Classes | |
---|---|---|
3B | 3A | |
1. Access Control Subsystem | ||
1.1. Identification, Authentication and access control subjects: | ||
into the system | + | + |
to terminals, computers, nodes of the computer network, communication channels, external computer devices | - | - |
to programs | - | - |
to volumes, directories, files, records, record fields | - | - |
1.2. Control | - | - |
access programs access subjects to terminals, computers, nodes of a computer network, communication channels, external computer devices, programs, volumes, directories, files, records, record fields | - | - |
change of authority access subjects | - | - |
created protected access objects | - | - |
2.2. Media Recording | + | + |
Cleaning (zeroing, depersonalization) of freed areas of main memory of computers and external drives | - | + |
2.4. Security Attempt Alarm | - | - |
3. Cryptographic subsystem | ||
3.1. Confidential Information Encryption | - | - |
3.2. Encryption of information belonging to various access subjects (to groups of subjects) on different keys | - | - |
3.3. The use of certified (certified) cryptographic tools | - | - |
4. Integrity Subsystem | ||
4.1. Ensuring the integrity of software and processed information | + | + |
4.2. Physical security of computer equipment and storage media | + | + |
4.3. The presence of the administrator (service) of information security in the AU | - | = |
4.4. Periodic testing of SZI NSD | + | + |
4.5. The availability of means for restoration of SZI NSD | + | + |
4.6. Using Certified Protective Equipment | - | + |
The requirements depending on the security class are described in more detail in the Guiding document of the State Technical Commission of Russia "Automated systems. Protection against unauthorized access to information. Classification of AS and information protection requirements." A revision of the NPP protection class is mandatory if at least one of the criteria on the basis of which it was established has changed.
If speakers previously classified are included in a computer network or system and connected to other technical means by communication lines of various physical nature, the higher-level speakers formed at the same time are classified as a whole, but not classified with respect to lower-level speakers.
If speakers of different security classes are combined, then the integrated speaker should be classified according to the highest security class of the speakers included in it, unless they are combined using a firewall, when each of the combined speakers can maintain its security class.
Guidance document
Automated systems.
Protection against unauthorized access to information
Classification of automated systems and information protection requirements
Approved by the decision of the Chairman of the State Technical Commission under the President of the Russian Federation of March 30, 1992
1. Classification of speakers
2. Requirements for the protection of information from unauthorized access for speakers
This guidance document establishes a classification of automated systems to be protected from unauthorized access to information, and requirements for the protection of information in speakers of various classes.
The guidance document was developed in addition to GOST 34.003-90, GOST 34.601-90, RD 50-680-88, RD 50-34.680-90 and other documents.
The document can be used as a regulatory and methodological material for customers and speakers in the formulation and implementation of protection requirements.
Accepted abbreviations
AS - automated systems
Unauthorized access - unauthorized access
RD - guidance document
SZI - information security system
SZI NSD - a system for protecting information from unauthorized access
1. Classification of speakers
1.1. The classification applies to all operating and designed AS institutions, organizations and enterprises that process confidential information.
1.2. The division of the NPP into appropriate classes according to the conditions of their functioning from the point of view of information protection is necessary in order to develop and apply reasonable measures to achieve the required level of information protection.
1.3. Differentiation of the approach to the choice of methods and means of protection is determined by the importance of the information being processed, the difference between the AS in terms of its composition, structure, information processing methods, and the quantitative and qualitative composition of users and maintenance personnel.
1.4. The main stages of the classification of speakers are:
- development and analysis of source data;
- identification of the main features of the speakers needed for classification;
- comparison of the identified signs of AS with classified;
- Assignment to the appropriate class of information protection from unauthorized access.
1.5. The necessary initial data for the classification of a specific speaker are:
- a list of protected information resources of the AU and their level of confidentiality;
- a list of persons having access to the standard NP facilities, indicating their level of authority;
- matrix of access or authority of the subjects of access in relation to the protected information resources of the AU;
- data processing mode in the speaker.
1.6. The choice of speaker class is made by the customer and the developer with the assistance of information security specialists.
1.7. Among the defining features by which the AS is grouped into various classes are:
- the presence in the AU of information of a different level of confidentiality;
- the level of authority of the access entities of the AC to access confidential information;
- data processing mode in the speaker - collective or individual.
1.8. Nine security classes of speakers are set from unauthorized access to information.
Each class is characterized by a certain minimum set of protection requirements.
Classes are divided into three groups, distinguished by the features of information processing in AS.
Within each group, a hierarchy of protection requirements is observed depending on the value (confidentiality) of information and, therefore, a hierarchy of AS security classes.
1.9. The third group includes speakers, in which one user is logged on to all speaker information posted on media of the same privacy level. The group contains two classes - 3B and 3A.
The second group includes AS, in which users have the same access rights (authority) to all information of the AS, processed and (or) stored on media of different levels of confidentiality. The group contains two classes - 2B and 2A.
The first group includes multi-user speakers, which simultaneously process and (or) store information of different levels of confidentiality. Not all users have the right to access all speaker information. The group contains five classes - 1D, 1G, 1B, 1B and 1A.
2. Requirements for the protection of information from unauthorized access for speakers
2.1. Protecting information from unauthorized access is an integral part of the general problem of ensuring information security. Measures to protect information from unauthorized access should be carried out in conjunction with measures for the special protection of the main and auxiliary means of computer technology, communications equipment and systems from reconnaissance and industrial espionage equipment.
2.2. In the general case, a set of software and hardware tools and organizational (procedural) solutions for protecting information from unauthorized access is implemented within the framework of an information protection system from unauthorized access (NSI IS), conditionally consisting of the following four subsystems:
- access control;
- registration and accounting;
- cryptographic;
- ensuring integrity.
2.3. Depending on the class of speakers within the framework of these subsystems, the requirements should be implemented in accordance with paragraphs. 2.4, 2.7 and 2.10. Details of these requirements are formulated in paragraphs. 2.5, 2.6, 2.8, 2.9 and 2.11-2.15.
2.4. Requirements for speakers of the third group
Designations:
- "-" - there are no requirements for this class;
- "+" - there are requirements for this class.
Subsystems and Requirements |
||
1. Access Control Subsystem |
||
1.1. Identification, authentication and access control of subjects: |
||
into the system |
||
to terminals, computers, nodes of the computer network, communication channels, external computer devices |
||
to programs |
||
to volumes, directories, files, records, record fields |
||
1.2. Information flow management |
||
2. The subsystem of registration and accounting |
||
2.1. Registration and accounting: |
||
entrance (exit) of subjects of access to (from) system (s) (network node) |
||
issuance of printed (graphic) output documents |
||
launch (completion) of programs and processes (tasks, tasks) |
||
access of programs of subjects of access to protected files, including their creation and deletion, transmission via communication lines and channels |
||
access programs of subjects of access to terminals, computers, computer network nodes, communication channels, external computer devices, programs, volumes, directories, files, records, record fields |
||
changes in access authority |
||
created protected access objects |
||
2.2. Media Recording |
||
2.3. Cleaning (zeroing, depersonalization) of freed areas of main memory of computers and external drives |
||
2.4. Security Attempt Alarm |
||
3. Cryptographic subsystem |
||
3.1. Confidential Information Encryption |
||
3.2. Encryption of information belonging to different access entities (groups of entities) on different keys |
||
3.3. Use of certified (certified) cryptographic tools |
||
4. Integrity Subsystem |
||
4.1. Ensuring the integrity of software and processed information |
||
4.2. Physical security of computer equipment and storage media |
||
4.3. The presence of the administrator (service) of information security in the AU |
||
4.4. Periodic testing of SZI NSD |
||
4.5. The availability of means for restoration of SZI NSD |
||
4.6. Using Certified Protective Equipment |
Date of introduction 01.01.92
These guidelines apply to automated systems (AS) used in various fields of activity (management, research, design, etc.), including their combination, and establish requirements for the content of documents developed during the creation of AS.
1.1. Requirements for the content of documents being developed. when creating a nuclear power plant, they are established by these guidelines, as well as the relevant state standards of the Unified Program Documentation System (ECPD), the Unified Design Documentation System (ESKD), the Project Documentation System for Construction (SPDS) and GOST 34.602.
Types and completeness of documents are regulated by GOST 34.201.
1.4. The content of documents developed at the pre-design stages according to GOST 34.601, and organizational and administrative, is determined by the developers, depending on the amount of information necessary and sufficient for further use of documents. The contents of these documents are given in annexes 1 and 2.
1.5. Documents, if necessary, are stitched into books or volumes to which inventories are compiled.
2.1.1. The sheet contains a list of all documents developed at the appropriate stages of the creation of the AU and used from the projects of other AU.
2.1.2. The list is filled out in sections - parts of the design of the AU.
2.1.3. The document should be performed in accordance with GOST 2.106.
The names of sections and subsections are recorded in the columns "Designation" and "Name" in the form of headings and highlighted by underlining.
2.2.1. Documents contain sections:
2.2.2. In the section "General Provisions" they give:
2.2.3. The section "Description of the activity process" reflects the composition of the procedures (operations) taking into account the interconnection and compatibility of the processes automated to non-automated activities, formulates the requirements for the organization of work in the conditions of functioning of the nuclear power plant.
2.2.4. In the section "Basic technical solutions" are listed:
GOST 34.201.
2.2.5. In the section "Activities for the preparation of the automation object for putting the system into operation" lead:
The document "Functional Structure Diagram" contains:
2.5.1. The document "Description of Automated Functions" contains sections:
2.5.2. In the section "Initial data" give:
2.5.3. In the section "AC goals and automated functions", a description is given of automated functions aimed at achieving established goals.
2.5.4. The section "Characterization of the functional structure" contains:
2.5.5. The section "Typical solutions" provides a list of typical solutions with an indication of the functions, tasks, task complexes for which they are applied.
2.6.1. The document contains sections:
2.6.2. In the section "Characteristics of a set of tasks" are given:
2.6.3. The "Output" section contains:
2.6.3.1. In the description for each output message should indicate:
2.6.3.2. In the description for each structural unit of information should indicate:
2.6.4. The "Input" section should contain:
2.6.4.1. In the description for each structural unit of information input messages should be indicated;
2.6.5. It is allowed to give in the form of annexes illustrative material, tables or auxiliary text, as well as documents with independent designations (drawings of document forms, description of information arrays, diagrams, etc.).
The local budget and local budget estimates contain information on the estimated cost of the work performed during the construction of the nuclear power plant, and the estimated cost of the facilities constructed during the construction of the nuclear power plant, in accordance with the requirements of SNiP 1.02.01 and other documents for determining the cost of a nuclear power plant and its components.
Note. When changing the estimated cost of work and facilities compared with the planned specify the economic efficiency of the NPP.
2.8.1. The document contains sections:
2.8.2. In the section "General information about the NPP" indicate the name of the NPP, its designation assigned by the developer, the name of the supplier company and other information about the NPP as a whole.
2.8.3. In the section "Main characteristics of the speakers" should be given:
2.8.4. The “Completeness" section indicates all the hardware and software complexes that are directly included in the AS, individual means, including data carriers and operational documents.
2.8.5. In the section "Certificate of Acceptance" the date of signing of the act on acceptance of nuclear power plants into commercial operation and the names of the signatories are given.
2.8.6. The Manufacturer's Warranties section provides the warranty periods for the NPP as a whole and its individual components, if these terms do not coincide with the warranty periods for the NPP as a whole.
2.9.1. The document contains sections:
2.9.2. In the "General Information" section, indicate the name of the NPP, its designation assigned by the developer, the name of the developer, the date of putting the NPP into operation, general instructions to the NPP operating personnel, requirements for maintaining the form and its storage location, including a list of technical documentation, which staff should be familiar with.
2.9.3. In the section "Key Features" indicate:
2.9.4. In the "Completeness" section indicate:
2.9.5. In the section "Certificate of Acceptance" indicate:
2.9.6. In the section "Warranty obligations" indicate:
2.9.7. In the section "Information about the state of the speakers" indicate:
2.10.1. The document contains sections:
2.10.2. In the "Introduction" section indicate:
2.10.3. In the section "Initial data" give:
2.10.4. In the section "Calculation Methods" indicate the rationale for the choice of calculation methods and regulatory and technical document according to which the calculation is carried out, or a brief description of the calculation method and a link to the sources where it is published.
2.10.5. In the section "Calculation of reliability indicators" indicate:
2.10.6. In the section "Analysis of calculation results" indicate:
2.10.7. If in justified cases when assessing the reliability of the NPP it is impossible to take into account the level of reliability of the software of the NPP and the level of reliability of the actions of the personnel of the NPP, then in the document "Design Assessment of the Reliability of the System" the information on the assessment of the reliability of the NPP is given only taking into account the reliability of the complex of technical equipment, including non-standard.
2.11.1. The document contains sections:
2.11.2. In the section "Purpose of the system" indicate:
2.11.3. In the "System Description" section indicate:
2.11.4. In the section "Description of the relationship of speakers with other systems" indicate:
2.11.5. In the section "Description of subsystems" indicate:
2.13.1. The document contains a list of operational documents in accordance with GOST 34.201.
2.13.2. The list is filled out in sections - parts of the design of the AU.
2.14.1. The "Test Program and Test Method" of the design automation toolbox at the test operation stage is intended to establish technical data to be verified during testing of the AC components and the design automation toolbox, as well as the test procedure and methods for their control.
2.14.2. The “program and test procedure” of the system (subsystem) at the stage of experimental functioning is intended to establish data that ensure the receipt and verification of design decisions, identify the causes of failures, determine the quality of work, quality indicators of the functioning of the system (subsystem), verify the compliance of the system with safety requirements, duration and test mode.
2.14.3. Test programs should contain lists of specific inspections (tasks to be solved) that should be carried out during tests to confirm compliance with the requirements of the statement of work, with links to the appropriate test methods (sections of the methods).
2.14.4. The list of checks to be included in the test program includes:
2.14.5. A description of the system test methods for individual indicators is recommended to be arranged in the same sequence in which these indicators are located in the technical requirements.
2.14.6. The test program contains sections:
The document includes applications.
Depending on the characteristics of the systems, it is allowed to combine or exclude individual sections, provided that their contents are stated in other sections of the test program, and also include additional sections (if necessary).
2.14.7. In the section "Object of test" indicate:
2.14.8. In the section "Purpose of testing" indicate specific goals and objectives that must be achieved and solved during the test.
2.14.9. In the section "General Provisions" indicate:
2.14.10. In the section "Scope of tests" indicate:
2.14.11. In the section "Conditions and procedure for testing" indicate:
2.14.12. In the section "Material and technical support of tests" indicate specific types of material and technical support with the distribution of tasks and responsibilities of the organization involved in the tests.
2.14.13. In the section "Metrological support of tests" a list of measures for metrological support of tests is given with the distribution of tasks and responsibilities of organizations participating in the tests for the implementation of the relevant activities.
2.14.14. In the section "Reporting" indicate a list of reporting documents that should be executed in the process of testing and upon completion, indicating the organizations and enterprises that develop, coordinate and approve them, and the timing of these documents.
Reporting documents include an act and a report on test results, an act of the technical condition of the system after testing.
2.14.15. The annexes include a list of test methods, mathematical and complex models used to evaluate the characteristics of the system.
2.14.16. When conducting tests in several stages of the test program should be issued in the form of a single document.
2.14.17. Test methods are developed on the basis of TK and approved test programs using standard test methods (if any). At the same time, certain provisions of standard test methods can be specified and specified in the developed test methods, depending on the features of the system and the test conditions. The content of the sections of the methods is set by the developer.
The organizational chart contains:
3.1.1. The document contains sections:
3.1.2. In the section "Changes in the organizational structure of the facility management" indicate:
3.1.3. In the section "Organization of divisions" lead:
3.1.4. In the section "Reorganization of existing management units" indicate a description of the changes caused by the creation of AS, which must be implemented in each of the existing units of the facility management in: organizational structure, functions of units, work regulations, staff of units.
3.2.1. The document "Methodology of computer-aided design" contains sections:
3.2.2. In the section "General Provisions" indicate the class of objects to which the methodology is extended, the composition of user users, requirements and restrictions on the conditions for applying the methodology.
3.2.3. In the section "Statement of the problem" indicate the main ways and directions of solving the problem, requirements and restrictions on the solution, criteria for evaluating the results.
3.2.4. In the section "Design Methodology" describe the selected mathematical methods used in the design, indicate the composition and purpose of the design procedures, the interaction of design procedures in the execution process.
3.2.5. In the section "Source Data" determine the composition, selection, presentation and formation of arrays of information used, a list of designations of elements describing the subject area, indicating their names, units, range of values, evaluation criteria for the source data, choose methods and models of solution.
3.2.6. In the section "Design Procedures", for each design procedure, indicate the composition of the normative and reference input data, the rules for access to it, the procedure for performing the procedure, the composition and form of the output messages.
3.2.7. In the "Evaluation of Results" section, an analysis of the resulting design decision for compliance with the specified criteria is provided.
3.2.8. When designing specific objects, the document "Methodology of Computer Aided Design" can be supplemented with specific sections specific to the designed objects.
3.3.1. The document "Technological instruction" is developed for an operation or a set of operations of a data processing technological process.
3.3.2. The document indicates the name of the technological operation (operations) for which the document was developed, and provides information on the procedure and rules for performing operations (operations) of the technological process of data processing. The instructions provide a list of staff positions covered by this instruction.
3.3.3. The nomenclature of technological instructions is determined based on the adopted data processing process. The structure of the document is set by the developer depending on the content.
3.4.1. The document contains sections:
3.4.2. In the "Introduction" section indicate:
3.4.3. In the section "Purpose and conditions of use" indicate:
3.4.4. In the section "Preparation for work" indicate:
3.4.5. In the section "Description of operations" indicate:
3.4.6. For each data processing operation indicate:
3.4.7. In the section "Emergencies" indicate:
3.5.1. The document contains sections:
3.5.2. In the section "Technological process of collecting and processing data on peripheral devices during decentralized data processing" indicate:
3.5.3. In the section "Technological process of data processing at a computer center" indicate:
4.1.1. The automation scheme contains:
4.1.2. The diagram allows the necessary textual explanations
4.2.1. The document contains sections:
4.2.2. The "General Provisions" section provides the initial data used in the design of the technical equipment of the AU.
4.2.3. In the section "Structure of the complex of technical means" are given:
The section provides in the form of illustrations other documents that can be included according to GOST 34.201.
4.2.4. In the section "Means of computer technology" lead:
4.2.5. In the section "Data transmission equipment" are listed:
The layout plan of the technical support equipment, carried out during the development of the technical project, should determine the location of control points and technical support equipment requiring special rooms or separate areas for accommodation,
The document may be included in the section "Structure of the complex of technical means" of the document "Description of the complex of technical means".
The layout plan of equipment and wiring should show the plans and sections of the premises, on which the placement of technical support equipment should be indicated: sensors with selected devices, actuators, telemechanics and communication devices, computer equipment, cable and pipe wiring, etc. The plan indicates the installation dimensions necessary for the installation of technical equipment.
The task includes the layout of the placement of technical equipment, communication lines between them, requirements for the premises, conditions for the placement of technical equipment and a number of other requirements related to the need for preparatory work.
The document for each task contains the name and purpose of the development, the name of the developing organization (intended), the estimated cost and volume of development, the timing of the work.
The document contains the name of all tasks, their purpose, dates of issue and deadlines.
4.9.1. The document contains the composition of the complex of technical means and the relationship between these technical means or groups of technical means, united by any logical signs (for example, the joint performance of individual or several functions, the same purpose, etc.).
4.9.2. When performing the schemes allowed:
4.10.1. The diagram indicates:
4.10.2. The diagram may indicate other types of technical equipment and give textual explanations.
4.11.1. The diagram shows the input devices (assemblies of switching clamps, plug connectors, etc.) of panels, consoles, junction boxes and cables and wires connected to them, as well as other types of technical equipment.
4.11.2. The connection diagram may not be performed if these connections are shown on the external wiring diagram.
The document gives electrical and pipe connections between devices and devices (mounting products) installed in panels, consoles, installations of aggregate complexes, etc., as well as connecting wiring to the specified technical means.
The document indicates the main functional components (structural elements) that determine the composition of the system, subsystem, their relationship and purpose in the system, subsystem.
4.14.1. A drawing of a general view of a shield (remote control) contains:
4.14.2. In the drawing, the necessary textual explanations are allowed.
The document reflects the decisions on the installation of hardware in the amount that meets the requirements of GOST 2.109 for installation drawings.
On the diagram (electric, pneumatic, hydraulic) lead:
4.17.1. The document "Equipment Specification" should be prepared in accordance with the requirements of GOST 21.110.
4.17.2. When using technical means in the project, the order of which requires filling out questionnaires, the application of the latter to the project is mandatory.
4.17.3. When using technical means in the project that have limitations in use in accordance with the lists approved in the established manner, copies of documents on the approval of the supply of these means should be attached to the project.
The document "Statement of requirements for materials" is performed in accordance with the requirements of GOST 21.109.
4.19.1. The document contains sections:
4.19.2. In the section "General directions" indicate:
4.19.3. The Safety Precautions section lists the safety rules that must be observed during preparation of equipment for operation and during its operation.
4.19.4. In the section "Operation" indicate:
4.19.5. In the section "Verification of correct functioning" indicate the content and brief methods of the main checks of equipment operability and the correct implementation of system functions.
4.19.6. The section “Instructions on actions in different modes” lists the actions of personnel during normal operation, emergency shutdown of equipment, pre-emergency and emergency state of the automation object, starting and stopping modes of the automation object.
The statement shall contain the information necessary for the preparation of estimates for the purchase and installation of system hardware, comply with the requirements for drawing up custom specifications and statements for NPP projects approved in the established manner.
5.1.1. The document contains sections:
5.1.2. In the section "List of input signals" indicate:
5.1.3. In the section "List of input data" indicate:
5.2.1. The document contains sections:
5.2.2. The section "List of output signals" contains a list of output signals with their names, assignment of units of measurement and ranges of variation, method of presentation, users of information.
5.2.3. Section "List of output documents" contains a list of output documents with their names, code designations, list and significance of details, information users.
5.3.1. The document contains sections:
5.3.2. In the section "Composition of information support" indicate the name and purpose of all databases and data sets.
5.3.3. In the section "Organization of information support" are given:
5.3.4. In the "Organization of the collection and transmission of information" section:
5.3.5. In the section "Building a classification and coding system" are given:
5.3.6. In the section "Organization of the internal machine information base" are given:
5.3.7. In the section "Organization of the extra-machine information base", characteristics of the composition and volume of the extra-machine information base, the principles of its construction, including the main provisions for the organization and maintenance of the fund of normative and reference information in conjunction with automated functions, are given.
5.3.8. In the appendices to the document "Description of the information support of the system" reference and other additional materials and information should be provided (a systematic list of the names of structural units of information with the designations assigned to them and descriptions of their nature).
5.4.1. The sheet of machine information carriers contains designations, names of documents executed on machine carriers.
5.4.2. Documents are recorded in ascending order of assigned designations.
5.5.1. The document "Description of the organization of the information base" contains a description of the logical and physical structure of the database.
5.5.2. The document consists of two parts:
Parts of the document contain the following sections:
5.5.3. The “Logical structure” section describes the composition of the data, their formats and the relationships between the data.
5.5.4. The section "Physical structure" provides a description of the selected option for the location of data on specific machine media.
5.5.5. When describing the structure of the internal machine information base, lists of databases and arrays and logical connections between them should be given. For an array of information indicate the logical structure within the array or give a link to the document "Description of the array of information."
5.5.6. When describing the structure of the extra-machine information base, a list of documents and other information messages is provided, the use of which is provided for in the system, indicating the automated functions during the implementation of which this document is generated or used.
If this information is given in the documents “List of input signals and data” and “List of output signals”, you can refer to these documents.
5.5.7. In the "Organization of maintaining the information base" section, when describing the internal machine database, a sequence of procedures is given during the creation and maintenance of the database, indicating, if necessary, the procedures for the procedures and means of protecting the database from destruction and unauthorized access, as well as indicating the connections between the arrays of databases. and arrays of input information.
When describing the extra-machine information base, a sequence of procedures should be given along the route of movement of groups of documents before transferring them to the CC, and the route of movement of the output documents should be described.
The document contains a list of registered classifiers of all categories used in the AU for each classified object, a description of the encoding method, code structure and length, indications of the classification system and other information at the discretion of the developer.
The document contains:
The document must contain an image of the form of the document or video frame in accordance with the requirements of state standards of the unified documentation system R 50-77 and the necessary explanations.
The document contains a list of input data with their names, code symbols and the importance of details, as well as the names and code symbols of documents or messages containing this data.
The database directory contains a list of objects of the AS subject area, information about which is included in the database.
The document contains a list of output data indicating their names, code designations and the importance of details, as well as the names and code designations of documents or messages containing this data.
5.12.1. The document "Instructions for the formation and maintenance of the database" contains sections:
5.12.2. The section "Rules for the preparation of data" provides the procedure for selecting information for inclusion in the database, the rules for the preparation and coding of information, the forms for its presentation and the rules for filling out these forms, the procedure for making changes to the information.
5.12.3. The section "Procedure and means of filling the database" provides the composition of technical means, rules, order, sequence and description of the procedures used to fill the database, including transferring data to computer storage media.
5.12.4. The section "Procedures for changing and monitoring the database" provides the composition and sequence of procedures for monitoring and changing the contents of the database.
5.12.5. The section "Procedure and means of restoring the database" provides a description of the means of protecting the database from destruction and unauthorized access, as well as the rules, means and procedure for copying and restoring the database.
6.1.1. The document contains an introduction and sections:
6.1.2. The introductory part provides basic information about the technical, informational and other types of NPP software necessary for developing software or a link to the relevant documents of the NPP design.
6.1.3. The section "Software structure" provides a list of parts of the software with an indication of their relationships and the rationale for each of them.
6.1.4. In the section "Functions of software parts", the purpose and description of the main functions for each part of the software are given.
6.1.5. The section "Methods and means of software development" provides a list of programming methods and software development tools for speakers with an indication of the parts of the software in the development of which appropriate methods and tools should be used.
6.1.6. In the section "Operating system" indicate
6.1.7. The section "Tools that enhance the capabilities of the operating system" contains subsections in which for each tool used that extends the capabilities of the operating system, indicate:
7.1.1. The document "Description of the algorithm (design procedure)", depending on the specifics of the AU, may be developed. as a document "Description of the algorithm" or as a document "Description of the design procedure (operation)".
7.1.2. The document "Description of the algorithm" contains sections:
7.1.3. In the section "Purpose and characteristics" lead:
Note. When you include a document in the form of a section in the document "Description of the problem statement" brief information about the process (object) does not lead.
7.1.4. The "Information Used" section provides a list of information arrays and (or) a list of signals used in the implementation of the algorithm, including:
For each array result:
1. The list of details used is given if for this array the document “Description of the information array” is not included in the project documentation or the number of details in the document “Description of the information array” is less than the number of details used in the algorithm.
2. The list of unused details is given if the number of used details in the document "Description of the information array" is greater than the number of unused details in the algorithm.
7.1.5. In the section “Solution Results”, a list of information arrays and (or) a list of signals generated as a result of the implementation of the algorithm should be provided, including:
For each array result:
7.1.6. In the section "Mathematical Description" are given:
7.1.7. In the section "Solution Algorithm" should be given:
7.1.7.1. The algorithm should provide for all situations that may arise in the process of solving the problem.
7.1.7.2. In the presentation of the algorithm should use the conventions of details, signals, graph, lines with reference to the corresponding arrays and lists of signals.
In the calculated ratios (formulas), the designation of details given in the description of their composition in other sections of the document should be used.
7.1.7.3. The algorithm is represented in one of the following ways:
The developer chooses the algorithm presentation method based on the essence of the described algorithm and the possibility of formalizing its description.
7.1.7.4. The algorithm in the form of a diagram is performed according to the rules established by GOST 19.002 or GOST 19.005.
The algorithm in the form of tables is performed according to the rules established by GOST 2.105.
The algorithm in the form of a text description is performed according to the rules established by GOST 24.301.
7.1.7.5. Relations for the control of calculations at individual stages of the algorithm are given in the form of equalities and inequalities. At the same time, control ratios are indicated that make it possible to identify errors made during the counting process and decide on the need for deviations from the normal calculation process (to continue working according to one of the algorithm variants).
7.1.8. Illustrative material, tables or auxiliary text are allowed in the form of an appendix.
7.1.9. When developing the document "Description of the design procedure (operation)" it is allowed to combine the description of several design procedures (operations) in one document.
7.1.9.1. The document "Description of the design procedure (operation)" contains an introduction and sections:
7.1.9.2. In the introduction, the purpose of the design procedure (operation) is determined, the scope and specifics of its application.
7.1.9.3. In the "Description" section indicate the content and (or) a formalized description of the design procedure (operation).
Symbols should reflect the symbols adopted in the corresponding problem area. The engineering essence of technical limitations is stated, the choice of optimality criteria is substantiated. If necessary, indicate links to documents related to the implementation of this design procedure (operation).
The formalized description contains:
7.1.9.4. The section “Execution Method” describes the proposed method for performing the procedure (operation). If necessary, drawings, diagrams explaining and revealing the essence of the proposed method are given.
If the implemented design procedure (operation) has a non-trivial mathematical interpretation, you should give an explanation or indicate sources that provide a comprehensive understanding of the method.
7.1.9.5. In the section "Algorithm diagram", a diagram of the algorithm for performing the design procedure (operation) is given. The algorithm scheme is performed according to GOST 19.002, GOST 19.003.
7.1.9.6. In the section "Requirements for the development of the program" indicate:
1.1. At the stage, they develop a report in accordance with GOST 7.32 and an application for the development of AS
1.2. The main part of the report contains sections:
1.3. In the section "Characterization of the object and the results of its functioning" describe development trends, requirements for the volume, nomenclature and quality of the results of functioning, as well as the nature of the interaction of the object with the external environment.
When identifying actual performance indicators, existing indicators and trends in their changes over time are determined.
1.4. The section "Description of the existing information system" contains a description of the functional and information structure of the system, qualitative and quantitative characteristics, revealing the interaction of its components in the process of functioning.
1.5. The section "Description of the shortcomings of the existing information system" provides the results of a diagnostic analysis, which assesses the quality of functioning and the organizational and technological level of the system, identify shortcomings in the organization and technology of the functioning of information processes and determine the degree of their influence on the quality of the system.
1.6. In the section "Justification of the need to improve the information system of the object", when analyzing the compliance of the performance indicators of the facility with the requirements, assess the degree of compliance of the predicted indicators with the required and identify the need to improve the information system by creating AS.
1.7. The section "Objectives, Criteria and Limitations of Creating AU" contains:
1.8. The section "Functions and Tasks of the created AS" contains.
1.9. The section "Expected technical and economic results of creating a nuclear power plant" contains:
1.11. The subsection "Conclusions on the industrial and economic necessity and the feasibility study of creating a nuclear power plant" contains:
1.12. The subsection "Suggestions for improving the organization and technology of the activity process" contains suggestions for improving:
1.14. The application for the development of the AU is compiled in any form and contains the proposals of the user organization to the organization-developer for work on the creation of the AU and its system requirements, conditions and resources for the creation of the AU.
2.1. At the stage, a report is developed in accordance with GOST 7.32.
2.2. In the main part of the report are:
The document contains:
The document contains:
3.1. The document contains:
contains:
{!LANG-4f1558d8f542985dd8bcd8f00ced500a!}
{!LANG-791556814c51e11bba78ddb544e4bf9c!}
{!LANG-367b1176910fc54487db1143b65bf7dd!}