Sorting
From A to Z
Deployments found: 2
CYBER THREATS TO NUCLEAR POWER GENERATION
Safe reactor operations and the prevention of radiological releases, radiological sabotage and other threats to public safety are of paramount importance at all nuclear generators. Continuous and uninterrupted operations are also important, since significant power outages can pose public safety risks as well. All nuclear generators, therefore, deploy both comprehensive physical and cyber security measures.
If malicious attackers ever gain access to a nuclear generating unit’s Distributed Control System (DCS), sabotage of reliability-critical and even safety-critical operations is possible. The risk of such sabotage is unacceptable. Nuclear industrial security standards and regulations require operators to deploy the strongest practical measures to prevent the compromise of nuclear control and safety networks. The question is – how to achieve 100% protection from remote cyber threats?
THE CHALLENGE
To secure the safe, reliable and continuous operation of nuclear control and safety networks from threats emanating from less trusted external networks, yet still provide safe, real-time access to live operations data to the enterprise network.
Analog controls may be immune to cyber attacks, but modern plants use digital control systems nearly universally for steam generators, and may use digital systems for critical core control and safety systems as well. Firewalls or other IT security measures are software, and all software has vulnerabilities and so can be compromised. Nuclear generators demand much more thorough protections than software mechanisms can provide.
WATERFALL SOLUTION
A Waterfall Unidirectional Security Gateway was installed between each DCS network and the enterprise network. Unidirectional Gateway software connectors replicate OSISoft PI Syslog servers from the control network to the enterprise network where enterprise clients can interact normally and bi-directionally with these replicas. A file server replication connector was also deployed, to minimize the need for removable media.
RESULTS & BENEFITS
100% Security: The nuclear and turbine control networks are now physically protected from any external network, fully protecting these sensitive networks from any online threats, attacks and human errors originating from external networks.
100% Visibility: Clients on the enterprise network continue interact normally and bi-directionally with replica servers, obtaining the same data from those replicas as would have been reported by live control servers.
100% Compliance The resulting network architecture complies with the most demanding nuclear cyber-security standards and regulations, including NRC 5.71.
Safe reactor operations and the prevention of radiological releases, radiological sabotage and other threats to public safety are of paramount importance at all nuclear generators. Continuous and uninterrupted operations are also important, since significant power outages can pose public safety risks as well. All nuclear generators, therefore, deploy both comprehensive physical and cyber security measures.
If malicious attackers ever gain access to a nuclear generating unit’s Distributed Control System (DCS), sabotage of reliability-critical and even safety-critical operations is possible. The risk of such sabotage is unacceptable. Nuclear industrial security standards and regulations require operators to deploy the strongest practical measures to prevent the compromise of nuclear control and safety networks. The question is – how to achieve 100% protection from remote cyber threats?
THE CHALLENGE
To secure the safe, reliable and continuous operation of nuclear control and safety networks from threats emanating from less trusted external networks, yet still provide safe, real-time access to live operations data to the enterprise network.
Analog controls may be immune to cyber attacks, but modern plants use digital control systems nearly universally for steam generators, and may use digital systems for critical core control and safety systems as well. Firewalls or other IT security measures are software, and all software has vulnerabilities and so can be compromised. Nuclear generators demand much more thorough protections than software mechanisms can provide.
WATERFALL SOLUTION
A Waterfall Unidirectional Security Gateway was installed between each DCS network and the enterprise network. Unidirectional Gateway software connectors replicate OSISoft PI Syslog servers from the control network to the enterprise network where enterprise clients can interact normally and bi-directionally with these replicas. A file server replication connector was also deployed, to minimize the need for removable media.
RESULTS & BENEFITS
100% Security: The nuclear and turbine control networks are now physically protected from any external network, fully protecting these sensitive networks from any online threats, attacks and human errors originating from external networks.
100% Visibility: Clients on the enterprise network continue interact normally and bi-directionally with replica servers, obtaining the same data from those replicas as would have been reported by live control servers.
100% Compliance The resulting network architecture complies with the most demanding nuclear cyber-security standards and regulations, including NRC 5.71.
INDUSTRIAL CONNECTIVITY CHALLENGES
The IIoT promises enormous value to manufacturing operations, but faces significant challenges. Industrial communications protocols and data formats are not good fits for big-data and cloud analysis needs, and increased Internet connectivity to edge devices on industrial networks dramatically increase attack opportunities and security risks.
Waterfall’s Unidirectional CloudConnect provides strong, physical protection from Internet-based and other remote attacks for industrial control systems and edge devices. In addition to strong cyber protections, CloudConnect routinely carries out all necessary industrial to cloud communications as well as data format and object format conversions. Unidirectional CloudConnect makes industrial cloud connectivity easy and robust.
THE CHALLENGE
To secure the production network from IP theft and cyber-sabotage from threats emanating from cloud networks, yet still provide the enterprise network with real-time access to live operations data and visibility into manufacturing operations.
Modern industrial attacks routinely defeat firewalls, encryption, intrusion detection and other software protections. The smart manufacturing site needs to enable cloud connectivity for edge devices in control system networks, while reliably defeating modern attacks.
WATERFALL SOLUTION
Waterfall Unidirectional CloudConnect was installed between the manufacturing production network and the enterprise network.
Unidirectional CloudConnect collects data from IIoT edge devices as well as from conventional industrial data sources such as PLCs, OPC servers and production historians. Unidirectional CloudConnect converts this data into websockets and other cloud-friendly formats and publishes the data to cloud platforms while physically preventing any Internet-based attacks from reaching manufacturing networks.
RESULTS & BENEFITS
100% Security: The production network is now physically protected from any cloud-based threats.
100% Visibility: Waterfall Unidirectional CloudConnect provides safe visibility into industrial operations for enterprise users, vendors and cloud-based service providers.
100% Compatible ICS, enterprise and cloud systems continue to operate normally. Unidirectional CloudConnect provides to each participant the protocols and servic es they expect of connected devices and networks.
100% Visibility: Waterfall Unidirectional CloudConnect provides safe visibility into industrial operations for enterprise users, vendors and cloud-based service providers.
100% Compatible ICS, enterprise and cloud systems continue to operate normally. Unidirectional CloudConnect provides to each participant the protocols and servic es they expect of connected devices and networks.