"Nuclear power plants rely on digital components, like supervisory control and data acquisition (SCADA) devices, to perform daily operations. These devices can contain software vulnerabilities. To address SCADA and other cyber threats, the U.S. Nuclear Regulatory Commission (NRC) has issued directives for licensed operators to submit cybersecurity plans for their facilities. While the guidance is on par with other sectors, the application may be inadequate. Protection against cyber-attacks becomes more important as SCADA systems become more standardized and connected to other networks. In addition to resilient components, improvements like redundancy, whitelisting, and intrusion detection systems can help improve a SCADA network. Ultimately, the nuclear power industry may need to undergo a culture shift in order to reduce the vulnerability of these systems. An information- sharing and analysis center can also provide lessons learned and expertise to the NRC and nuclear power plants in the U.S."
2018 by the author(s). Posted here with permission. Documents are for personal use only and not for commercial profit. See document for full rights information.
Homeland Security Affairs Journal: http://www.hsaj.org/
Homeland Security Affairs (April 2018), v.14, article 4