Cyber security of industrial control systems is a growing concern in all industries, and particularly in the nuclear industry; a multi-billion-dollar worldwide market. Demands for modern, technology-based solutions emerge daily. While a large commercial industry caters to the cyber security of information technology (IT) systems, most solution providers are focused on conventional hacking and data theft. The cyber security of industrial control systems used in nuclear power plants, as well as non-nuclear process plants, and other critical energy infrastructure is in its infancy. Unlike IT systems, industrial control systems are often bound by strict regulatory requirements and rigorous change controls that introduce complexities, risks and costs. Solutions require specialists in Instrumentation & Control systems with cyber security expertise.
CNL is actively working towards the development of a nuclear industrial control cyber intrusion detection and mitigation system for protection of Canada’s critical infrastructure.
The CNL cyber security team, located in Cyber-New Brunswick’s (Cyber-NB) Knowledge Park hub in Fredericton, will expand into the new Cyber-NB new building in 2020-21, with access to Level-2 security facilities. This expansion will enable CNL to offer Level 2 secure services to, and collaborate on, level-2 secure technology needs with National Defence, the Centre for Cybersecurity, NRCan, CNSC, and CNSC licensees.
CNL has developed a simulator of a reactor control system as a test bed for developing intrusion-resistant systems, intrusion detection and remediation. This secure, simulated cyber-physical environment offers a unique environment for safely and realistically simulating cyberattacks on nuclear industrial control systems, for testing security control measures including supply chain qualification of programmable electronic systems in nuclear power plants and for training plant personnel in cyber security.
Canadian Nuclear Laboratories has been committed to commissioning its research capabilities in cyber security and has celebrated a number of recent milestones:
Canadian Nuclear Laboratories is a world leader in nuclear science and technology, leveraging its expertise in non-disruptive Industrial Control Systems solutions by protecting mission-critical infrastructures. This work utilizes a state-of-the-art research facility which can model the typical architectures of business and process control networks in order to monitor networks for potential problems and improve security.
The Cyber Security research facility underpins Canadian Nuclear Laboratories’ Cyber Security research program with the latest technologies in order to address government and industry priorities. The new facility at the University of New Brunswick replicates control systems found in critical infrastructure world-wide; it enables Canadian Nuclear Laboratories to develop intrusion-resistant systems, add intrusion detection and provide remediation, all while maintaining the integrity of the client’s systems.
• Distributed control systems testing platform equipped with industrial controllers to simulate real-time process control functions which include a representative suite of field instrumentation such as smart devices and industrial communication network protocols.
• Cyber Security technologies that will be deployed to model different Cyber Security solution options that will themselves be under assessment for configurability, usability, and effectiveness, particularly in the real-time process environment. Technologies to be investigated include:
o Boundary protection devices (e.g., firewalls)
o Network Intrusion Protection
o Network Anomaly Detection
o Endpoint protection
o Security information and event management (SIEM) tools
o Application sandboxing
o Vulnerability scanners
o Multi-engine virus scanners
o Network devices (e.g., smart switches, network taps)
o Virtual servers
o Penetration testing tools.
• Security Operations Centres (SOC) equipped with situational awareness tools and dashboards that provide real-time monitoring, analysis, alerting, and reporting capabilities.