Categories

Additional information

Source: Web-site of vendor

The project has been delivered on schedule

The budget has not been exceeded

Functionality complies with task

Description

CYBER THREATS TO NUCLEAR POWER GENERATION
Safe reactor operations and the prevention of radiological releases, radiological sabotage and other threats to public safety are of paramount importance at all nuclear generators. Continuous and uninterrupted operations are also important, since significant power outages can pose public safety risks as well. All nuclear generators, therefore, deploy both comprehensive physical and cyber security measures.
If malicious attackers ever gain access to a nuclear generating unit’s Distributed Control System (DCS), sabotage of reliability-critical and even safety-critical operations is possible. The risk of such sabotage is unacceptable. Nuclear industrial security standards and regulations require operators to deploy the strongest practical measures to prevent the compromise of nuclear control and safety networks. The question is – how to achieve 100% protection from remote cyber threats?

THE CHALLENGE
To secure the safe, reliable and continuous operation of nuclear control and safety networks from threats emanating from less trusted external networks, yet still provide safe, real-time access to live operations data to the enterprise network.
Analog controls may be immune to cyber attacks, but modern plants use digital control systems nearly universally for steam generators, and may use digital systems for critical core control and safety systems as well. Firewalls or other IT security measures are software, and all software has vulnerabilities and so can be compromised. Nuclear generators demand much more thorough protections than software mechanisms can provide.

WATERFALL SOLUTION
A Waterfall Unidirectional Security Gateway was installed between each DCS network and the enterprise network. Unidirectional Gateway software connectors replicate OSISoft PI Syslog servers from the control network to the enterprise network where enterprise clients can interact normally and bi-directionally with these replicas. A file server replication connector was also deployed, to minimize the need for removable media.

RESULTS & BENEFITS
100% Security: The nuclear and turbine control networks are now physically protected from any external network, fully protecting these sensitive networks from any online threats, attacks and human errors originating from external networks.
100% Visibility: Clients on the enterprise network continue interact normally and bi-directionally with replica servers, obtaining the same data from those replicas as would have been reported by live control servers.
100% Compliance The resulting network architecture complies with the most demanding nuclear cyber-security standards and regulations, including NRC 5.71.

Details

Business tasks

Ensure Security and Business Continuity

Manage Risks

Problems

Risk of lost access to data and IT systems

Risk of data loss or damage

Risk of attacks by hackers

Risk or Leaks of confidential information