Protection
from Cyber
Threat
By Jon Gribble and Richard Dahl, Black
& Veatch.
Jon Gribble
Jon Gribble is the Associate Vice
President and Director of Operating
Plant Projects for Black & Veatch’s
nuclear energy business. Gribble
graduated from
the University of
Missouri Columbia
as a chemical
engineer and
attended the 2014
INPO Reactor
Technology Course
for Utility Executives
at MIT. In his 22
years at Black &
Veatch, Gribble
has held various
roles within the
organization from
detailed design
through construction,
startup and project
management on
turnkey projects across the globe.
Gribble is currently tasked with
implementing engineering, procurement,
construction and decommissioning at
nuclear plants in the U.S. and abroad.
In 2015, Black & Veatch ranked 6th
in Engineering News-Record among
nuclear design companies.
An interview by Newal Agnihotri, Editor
of Nuclear Plant Journal, at the Utility
Working Conference in Amelia Island,
Florida on August 10, 2015.
1.Is the equipment at the plants vulnerable
to cyber threats?
Jon Gribble:
Hackers or others
skilled in the software space can gain
access to Critical Digital Assets (CDAs)
and control systems, whether that’s
the computer in your vehicle; a plane’s
control system or the digital components
within a power plant. That’s also
applicable to nuclear power plants where
there are digital assets throughout the
facility. The nuclear industry is assessing
each digital asset to determine what the
accessibility is for each individual device
and how to safeguard against a cyber
threat. This includes such areas as card
scanners, measuring devices (i.e pressure,
temperature and flow transmitters) or
control systems. We
assess how we can
limit access to only
personnel authorized
to properly operate it
and prevent access,
physical or electronic
to those that may
have malicious intent.
And that’s the cyber
security space in a
nutshell of what Black
& Veatch and other
companies are doing.
We are working to
help utilities assess
the risks and then
implement protections
to mitigate them.
2.
Have the specific utilities expressed
concern with cyber threats to their
equipment?
Richard Dahl:
There are concerns.
The newer plants like the AP1000s
currently under construction have a great
deal of digital assets and a distributed
control system (DCS), with cyber security
being in mind during their design and
construction. However, the older plants
which are the vast majority of nuclear
facilities that began operating more than
20 years ago were primarily analog. All of
the systems were separate. As the plants
aged, the analog devices were outdated,
discontinued and expensive to maintain
and so they’ve upgraded them. They’ve
put a lot of digital components in, which
are those critical digital assets or CDAs.
These newer devices are the ones exposed
to a potential cyber threat that could be
attacked with malicious code or hardware
and cause them to perform outside of
their designated parameters.
The public generally thinks of a
hacker gaining control of a generating
facility from his laptop far away from
the plant. However, the CDAs that have
any ability to control what happens in
the plant have always been isolated
from the outside. If they have a digital
connection, it was from a transmitter
or a PLC or something of that nature in
the plant, within the protected area, that
went to the control room or some other
room within the control room and never
outside through the internet. With the
implementation of the cyber security
plan to support the 10 CFR 73.54
(Code of Federal Regulations) cyber
security rule, all of those systems now
are behind what’s called a data diode,
a unidirectional device that makes it
physically and electronically impossible
for a network connection from outside
the plant or even from outside that data
diode to access systems behind it.
Data diodes are devices that work
typically through a fiber connection,
where there’s only a transmit fiber, one
fiber connection that sends the light. A
laser goes from one side to the other.
So it transmits and cannot receive. No
information can come back in through
that connection.
It’s like a digital check valve. So,
for most of those systems, it would
be physically impossible to get on a
computer that’s on the internet; within
the licensee’s business network in their
plant or elsewhere and connect to a
segment that has any type of control
over the plant. This would be physically
impossible. However, there are other
avenues that may be used. There is the
ability to get malicious code into a plant
through portable media, a CD or DVD, or
a floppy disk.
The data diodes do a great deal to
protect plants from an external network-
based threat. We never say in security
that a risk is eliminated, but that risk is
very much minimized.
28
NuclearPlantJournal.com Nuclear Plant Journal, September-October 2015
