SCADA Fusion with Commercial Fission

  • 2017

SCADA Fusion with Commercial Fission

Author:
Matthew Horner
Abstract:

Nuclear power plants, as well as most other power plants, rely on digital components to perform daily operations. Many of these components are supervisory control and data acquisition (SCADA) devices that can contain software vulnerabilities. In order to address SCADA and other cyber threats, the regulating body for nuclear power plants, the US Nuclear Regulatory Commission (NRC), has issued directives for licensed operators to develop and submit cybersecurity plans for their facilities. However, while the guidance is on par with cybersecurity programs in other sectors, the application may be inadequate; protection against cyber-attacks is growing more important as SCADA systems become more standardized and connected to other networks. In addition to resilient components, improvements like redundancy, whitelisting, and intrusion detection systems (IDS) can help improve a SCADA control network. Ultimately, a culture shift in the nuclear power industry may be required to improve the actions of nuclear operators and supervisors. Creation of an information sharing and analysis center (ISAC) can also provide anonymous lessons learned and expertise to the NRC and nuclear power plants in the US.