jueves, 3 de enero de 2013

Implementing Cyber Security at Nuclear Power Plants

As of February 2, 2012 there were 439 nuclear power plants in operation world wide. Most of these existing NPP where constructed between the 1960 and 2000 [Ref1]. These NPP are controlled primarily by analog systems that for one produce less energy and second analog systems are resistance to cyber attacks. But with the turn of the century, the increased demand on energy and the positive effort of reducing carbon emissions lowering and fighting global warming, newer and more productive NPP with digital systems where designed. At the same time, older NPP increasingly relay  on computers to run auxiliary and monitoring systems. 

That is why I wrote about the importants of cyber security for nuclear power plants in my last blog. Now it is time to spend some thought on how to accomplish the task of cyber security and deciding on a good security program, that will cover the NPP needs. The main point is to establish a fitting cyber security architecture that lines out all the areas and needs of the a specific NPP or maybe even a group of systems. To put it in very simply, how you build your security architecture will most likely depend on the following 4 basic questions:  
1. Why
2. What
4. How
The answers to each of these questions will depend on the current state of the utility and the future plans. As an example;
1. Why
Most likely,  a NPP or utility has to implement or extent its cyber security program for the following reasons:
1) The older analog systems will be updated to new digital programmable systems
2) The NPP is a new build or has a new extension
3) The regulatory bodies ask you for it to include cyber or IT-security to complement the safety program
4) Internationally it is becoming the norm and is expected in today's digital operational environment
5) To achieve a state of the art nuclear operation that has an positive reflection on your nuclear program
With these question's answered the next question should answer more details:
2. What
Here you can use a top down approach, to analyse the security programs implementation scope. A good point to start is to evaluate each safety zone and determine if there is a need for security implementation. To divide it in three main areas would be:

1) External Network infrastructure (internet, remote business pears or back up control center)
2) Corporate LAN
3) Control Systems LAN
The controle systems LAN then could be broken down further:
1) I&C Architecture and Network (According to operational areas and safety zones for example)
2) System
3) Subsystems
4) Software components
With the increase of computers and digital systems and several security concerns mentioned in the previous article, like the US based slammer worm and the Stuxnet virus in Iran for example, the demand on cyber security to complete nuclear safety has increased in the last couple of years massively and the attention of regulatory bodies like the IAEA and the NRC directed at cyber security at nuclear power plants. 
Now the question of "When" is not easily answered for the general public. On a very generic basis, it can be assumed that the Utility wants to update I&C systems, because they like to be more productive. According to the IAEA "Progress in electronics and information technology (IT) has created incentives to replace traditional analog instrumentation and control (I&C) systems in nuclear power plants with digital I&C systems, i.e. systems based on computers and microprocessors. 
Digital systems offer higher reliability, better plant performance and additional diagnostic capabilities. Analog systems will gradually become obsolete in the general IT shift to digital technology. About 40% of the world’s operating reactors have been modernized to include at least some digital I&C systems. Most newer plants also include digital I&C systems." [Ref 2]

The change from analog to digital I&C systems has posed new challenges for the industry and regulators, who have had to create new regulations, data, and develop methods to guide, lead and assures safe operations for utilities. It is essential that the new systems meet all reliability and performance requirements of course, but also meet the cyber security requirements, that ensures safe operations. This leads to the last question of "How".