Nuclear Power Facility Meets US Nuclear Regulatory Commission Cybersecurity Regulations

Nuclear Power Facility Meets US Nuclear Regulatory Commission Cybersecurity Regulations

Company Overview

A US-based nuclear power plant with over 1,000 megawatt generating capacity.

Case Summary:

Industry: Nuclear Power Generation

Challenge: Company required increased cybersecurity and network defense according to US Code of Federal Regulations and NRC Regulatory Guide.

Solution: OPDS-1000 data diodes deployed along with OPTS PI System historian replication, and OMBI Modbus data replication.

Benefits: OT network secured from external influence or attack. PI System data and Modbus critical data asset monitoring data made available to business end users.

Cybersecurity Challenge

As a US nuclear power facility, the plant is subject to Nuclear Regulatory Commission (NRC) cybersecurity regulations, including Title 10 of the Code of Federal Regulations, as outlined in NRC Regulatory Guide 5.71. To achieve compliance, the company created a plan to upgrade cybersecurity according to the NRC guidance. The company also required OSIsoft PI System historian data replication, and remote Modbus critical cyber asset monitoring by business end-users on the corporate IT network.

Requirements:

  • Clearly define network segments and eliminate all connections to critical OT systems from external networks
  • Enable one-way data flow from OT network to corporate IT network
  • Maintain business continuity via PI System replication to IT end users
  • Enable remote monitoring of critical cyber assets via modbus replication to corporate IT unit

Use Case | Before


Solution

Owl data diodes utilizing patented technology (OPDS-1000) was selected to prevent remote access to the OT network, provide effective network segmentation, and enable deterministic, one-way data transfer. Added OSIsoft® PI System replication (OPTS) to transfer historian data from OT to IT network, and used OMBI Modbus integration to replicate critical cyber asset monitoring data.

Use Case | After

Deployment

Solutions:

Owl Perimeter Defense Solution – 1000 (OPDS-1000)
Self-contained 1U data diode, purpose-built for network segmentation and deterministic, one-way data transfer up to 1 Gbps.

Interface Module:


Owl PI Transfer Service (OPTS)
Specialized software developed specifically for secure replication and transfer of OSIsoft® PI System historian data across network boundaries.


Owl Modbus Interface (MBTS)
Specialized software developed for secure replication and transfer of Modbus protocol data across network boundaries.

Results

  1. Improved cybersecurity, achieving compliance with NRC Regulatory Guide and federal mandates for nuclear power facilities
  2. Data diodes removed all inbound access to OT networks while providing deterministic outbound data flow for monitoring and business continuity
  3. Enabled PI System historian and Modbus critical cyber asset replication for access by business users at corporate network
DOWNLOAD RESOURCE ↓