Cyber Security

Cyber security of industrial control systems is a growing concern in all industries, and particularly in the nuclear industry; a multi-billion-dollar worldwide market. Demands for modern, technology-based solutions emerge daily. While a large commercial industry caters to the cyber security of information technology (IT) systems, most solution providers are focused on conventional hacking and data theft. The cyber security of industrial control systems used in nuclear power plants, as well as non-nuclear process plants, and other critical energy infrastructure is in its infancy. Unlike IT systems, industrial control systems are often bound by strict regulatory requirements and rigorous change controls that introduce complexities, risks and costs. Solutions require specialists in Instrumentation & Control systems with cyber security expertise.

CNL is actively working towards the development of a nuclear industrial control cyber intrusion detection and mitigation system for protection of Canada’s critical infrastructure.

The CNL cyber security team, located in Cyber-New Brunswick’s (Cyber-NB) Knowledge Park hub in Fredericton, will expand into the new Cyber-NB new building in 2020-21, with access to Level-2 security facilities. This expansion will enable CNL to offer Level 2 secure services to, and collaborate on, level-2 secure technology needs with National Defence, the Centre for Cybersecurity, NRCan, CNSC, and CNSC licensees.

CNL has developed a simulator of a reactor control system as a test bed for developing intrusion-resistant systems, intrusion detection and remediation. This secure, simulated cyber-physical environment offers a unique environment for safely and realistically simulating cyberattacks on nuclear industrial control systems, for testing security control measures including supply chain qualification of programmable electronic systems in nuclear power plants and for training plant personnel in cyber security.

Your trusted partner in delivering world-class cyber security solutions

Canadian Nuclear Laboratories has been committed to commissioning its research capabilities in cyber security and has celebrated a number of recent milestones:

Launched a new multi-million dollar cyber security research facility at Knowledge Park in Fredericton, New Brunswick
Developed internationally utilized, cutting edge cyber security technologies, including the current development and commercialization of a safety-qualified plant display system for mission critical applications
Established partnerships with University of New Brunswick, including the Canadian Institute for Cybersecurity and the Faculties of Engineering and Computer Science

Canadian Nuclear Laboratories is a world leader in nuclear science and technology, leveraging its expertise in non-disruptive Industrial Control Systems solutions by protecting mission-critical infrastructures. This work utilizes a state-of-the-art research facility which can model the typical architectures of business and process control networks in order to monitor networks for potential problems and improve security.

The Cyber Security research facility underpins Canadian Nuclear Laboratories’ Cyber Security research program with the latest technologies in order to address government and industry priorities. The new facility at the University of New Brunswick replicates control systems found in critical infrastructure world-wide; it enables Canadian Nuclear Laboratories to develop intrusion-resistant systems, add intrusion detection and provide remediation, all while maintaining the integrity of the client’s systems.

CNL Cyber Security Research Facility’s Key Features and Benefits

• Distributed control systems testing platform equipped with industrial controllers to simulate real-time process control functions which include a representative suite of field instrumentation such as smart devices and industrial communication network protocols.

• Cyber Security technologies that will be deployed to model different Cyber Security solution options that will themselves be under assessment for configurability, usability, and effectiveness, particularly in the real-time process environment. Technologies to be investigated include:

o Boundary protection devices (e.g., firewalls)

o Network Intrusion Protection

o Network Anomaly Detection

o Endpoint protection

o Security information and event management (SIEM) tools

o Application sandboxing

o Vulnerability scanners

o Multi-engine virus scanners

o Network devices (e.g., smart switches, network taps)

o Virtual servers

o Penetration testing tools.

• Security Operations Centres (SOC) equipped with situational awareness tools and dashboards that provide real-time monitoring, analysis, alerting, and reporting capabilities.

The security of industrial control systems has become a major priority for all industries, including nuclear, and now represents a multi-billion dollar worldwide market. To ensure the integrity and security of these systems, organizations must have access to state-of-the-art facilities where they can test them in controlled environments. With the opening of our new National Innovation Centre for Cybersecurity, CNL we are now able to offer our customers this capability, with the full support of our world-leading experts in industrial control systems and security.