INTEGRITY When Life Depends On It
The Nuclear Regulatory Commission (NRC) and nuclear power plant operators have been put on notice by the U.S. Congress...
"We write to you with great concern about the cybersecurity posture of our nation's nuclear power plants, and ask that you move with all deliberate speed in ensuring that nuclear plant licensees institute comprehensive cybersecurity policies and procedures on safety and non-safety systems alike."
May 14, 2007, from a letter to Dale E. Klein, Chairman, U.S. Nuclear Regulatory Commission from Congressman Bennie G. Thompson, Chairman, Committee on Homeland Security; and, James R. Langevin, Chairman, Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology.
More than 19% of electricity generation representing 787 billion kilowatt hours of electricity. 104 operating nuclear reactors in the US. 4.1 million pounds of Uranium concentrate production. An entire nuclear power industry managed by systems that are thought to have security due to an "air gap" strategy that has recently been demonstrated faulty. It's not a matter of if a cyber attack will shut down or damage a nuke. It's only a matter of when and what the damage is.
Sooner or later, cyber security strategies based on ad-hoc, reactive, inconclusive "pierce and patch" security policies will result in:
A cyber security strategy based on "pierce and patch" is
Unfathomable. Unacceptable. Untenable. Uneconomic.
INTEGRITY the most secure and reliable software system ever developed can provide nuclear power facilities with certified unbeatable cyber asset security. The National Information Assurance Partnership (NIAP) has awarded INTEGRITY a rating of EAL6+ High Robustness. No software system has ever come close to these ratings before INTEGRITY.
With INTEGRITY, control and command applications like SCADA systems, work without the possibility of intentional, hostile, well-funded, internal or external attack. And it's been certified not once, but multiple times.
An inadvertent shut down like the one that occurred at the Hatch Nuclear Power Plant near Baxley, GA, when a single engineer installed a software upgrade on a computer operating on the plant's business network which triggered a reset of data which was diagnosed as a lack of water in the cooling system by a computer on the control network is impossible with INTEGRITY. INTEGRITY creates a real "air gap" by truly separating data and applications unless communication is allowed based on very stringent pre-established policies.
"I still do not get the sense that we are addressing cybersecurity with the seriousness that it deserves. I think we could search far and wide and not find a more disorganized, ineffective response to an issue of national security of this import." Congressman James Langevin, as quoted by PC World, May 21, 2008.
INTEGRITY helps nuclear power plants meet and exceed cyber security requirements.
Because INTEGRITY is designed to be secure first and foremost, the waterfall design cycle required by the IEEE standard is less challenging. Security is in place right from the start. Deploying INTEGRITY then becomes a matter of defining and establishing the policies and protocols of who gets what access to which data and where as well as what systems are allowed to communicate with other systems. Never will nuclear power plants have to worry about their business networks causing problems with their control networks. Separation is the key and nothing separates better than INTEGRITY.
Certified as secure and reliable for both military and non-military use as a result of the most rigorous testing and evaluation possible, INTEGRITY offers:
To learn more about how INTEGRITY Global Security can secure your nuclear facility, please call 805.882.2500 or send email.