U.S. Plans to Tighten Nuclear Power Plant Security 248
CDMA_Demo writes "The 103 nuclear reactors running in USA can voluntarily agree to follow a new 15 page update to a 1996 regulatory guide. The update notes possibility of "unauthorized, undesirable, and unsafe intrusions", and recommends measures aginst such activities. It also recommends such facilities to be cut off from external networks: "Remote access...[that may pose a potential security risk]...should not be implemented". The Slammer worm in 2001 managed to bring down the network at Ohio's David-Besse nuclear plant and concerns kept growing at the United Nations' International Atomic Energy Agency (IAEA)."
Away from External Networks (Score:5, Funny)
Volunteering... (Score:5, Insightful)
Re:Volunteering... (Score:2, Interesting)
It's a draft. They're suggesting that everyone starts conforming now, instead of waiting until it's approved and made mandatory. Surely this is a good thing.
I agree with you that it's scary that this has come so late though.
What's the population of Chernobyl these days?
Re:Volunteering... (Score:3, Interesting)
What's the population of Chernobyl these days?
Very low, due to a very poorly designed reactor, a shutdown of the insufficient safety systems, and a government that didn't care about its people. None of those conditions exists in US nuclear power plants.
Safety upgrades in nuclear power plants happen whenever somebody messes up, so that they don't mess up in the same way again. This upgrade is nothing surprising.
Re:Volunteering... (Score:2, Insightful)
I prefer it when they perform a safety upgrade before someone messes up...
Re:Volunteering... (Score:3, Informative)
What exactly was wrong with the reactor design with Chernobyl?
~70 percent of worlds nuclear reactors are almost identical to the Chernobyl reactor, only difference being that no-one is running unauthorized experiments with all safety precautions manually overridden on those still active.
> None of those conditions exists in US nuclear power plants.
Are you wi
Re:Volunteering... (Score:5, Informative)
Re:Volunteering... (Score:3, Informative)
Years ago I did some research on Chernobyl accident and remember reading that there was a concrete containment shell, but it blew up with the reactor. Most of the sites I now found by googling repeat the statement that there was no containment shell, but at least this site [motherearthnews.com] claims the opposite: "2. Despite official statements made in the U.S
Re:Volunteering... (Score:3, Informative)
Re:Volunteering... (Score:3, Interesting)
That's [ucsusa.org] because [nirs.org] US [corrosion-doctors.org] reactors [animatedsoftware.com] are [ems.org], of [ohiocitizen.org] course [nrc.gov], models [ohiocitizen.org] of [nrc.gov] safe [doe.gov] design [cleveland.com] and [ucsusa.org] operation [toledoblade.com].
Re:Volunteering... (Score:3, Insightful)
Everyone and their brother have been concerned about security at Nuclear plants since (and even before) 9/11.
If a terrorist organization wanted to cause a spectacular level level of chaos and death, bombing a nuclear power plant is towards the top of the list.
This is a good indicator that the Bush Administration is incompetent, or really isn't concerned with your security. I like how they kept talking about Dirty Bombs and d
Re:Volunteering... (Score:2)
They were not ignored.
What you're looking at is a document describing various tactics that could be used to enhance security. It is by no means the only step that has been taken.
First off, most of the security measures were taken DURING CONSTRUCTION of these plants. A bomb was, of course, a major concern, and these facillities were built with that in mind. Nothing is bomb-proof, but nuclear power p
Re:Volunteering... (Score:2)
I think that began in the early 1800s, but certainly the actions taken by the US in Central/South America, Southeast Asia and in the Middle East over the last 40 years cemented our reputation as a ruthless manipulator of foreign governments. US/UK collusion over systems like Echelon, the Viet Nam war, the assassination of at the very least one foriegn leader and our backing and subsequent abandonment of the Af
Re:Volunteering... (Score:2)
for my conspiracy theory
To wit:
The 1st Dubya administration streamlined entry
into the USA of Saudi nationals with the State
Department's "VISA Express" program.
The Saudi embassy in Washington (DC) pulled
more than $30M USD in cold cash from Riggs
Bank between 01/00 and 01/2002, which they
have not accounted for. (Riggs was fined.)
While all US aircraft were grounded just after
9-11-2001, the Saudi's (with Dubya's approval)
chartered aircraft to evacuate more tha
Re:Volunteering... (Score:2)
Top of the list maybe, but what would they use to attack them? The containment domes are designed to withstand airliners, and the nuclear waste is its own best defense. You can't just walk in and grab some and walk you, you wouldn't make it 50 feet before the radiation killed you.
What exactly is your plausible scenario of attack? Something that doesn't rely on the terrorists having an organized military (no military strike craft, no tanks, no month long occupation to extract the materials.....), in short,
Re:Volunteering... (Score:2)
Bin Laden was convinced that Americans were cowards that would leave if there was just a conventional mass casualty attack against thei
An anecdote. (Score:5, Interesting)
Delta Force operators come on an occasional announced, i.e. they know they're coming, basis to try to infiltrate. Supposedly they have succeeded every time.
Re:An anecdote. (Score:2)
You gotta be kidding me. (Score:5, Funny)
Remember to always question policy this way: WWJBD? What Would Jack Bauer Do?
That is all.
* Yes I know, it's TV.
Re:You gotta be kidding me. (Score:2)
Re:You gotta be kidding me. (Score:2, Funny)
Just wait for the Ebola outbreak!
Re:You gotta be kidding me. (Score:3, Interesting)
One such dumbshit is Condoleezza Rice
http://abcnews.go.com/US/story?id=90453&page=1/ [go.com]
Even though saying that they had intelligence that Bin Laden planned to hijack domestic US planes
and yet
TIME Magazine (Domestic edition), 'NEVER SAFE ENOUGH,' by Hugh Sidey, November 14, 1994 Volume 144, N
Re:You gotta be kidding me. (Score:2)
There is one simple answer to WWJBD: whatever the fuck is necessary.
Re:You gotta be kidding me. (Score:3, Funny)
Yes, and the spooky part about this: Remember how 24 started this season? Train derailment? Car on the tracks?
I have a feeling Juan Manuel Alvarez was after some device in Glendale, CA this morning.
(Okay, I'm joking - but what was weird --- when I heard about the train derailment - the first thing I thought about was a terrorist plot!! Uhoh)
Re:You gotta be kidding me. (Score:2)
Rumsfeld may not be able to shoot a gun, but his kung-fu is unstoppable [poe-news.com].
Wouldn't you think... (Score:4, Insightful)
That MAYBE, they would've done this, oh I don't know, say in October of 2001?
But silly me, what do I know about national security. Here I still think it's better to make less enemies than more.
Re:Wouldn't you think... (Score:4, Insightful)
Exactly. You know nothing of national security.
You see, what you are supposed to do is piss off most of the world, and when they start coming after you, ignore it. After you've been hit a couple times, declare your patriotism and implement strict new laws which ironically only limit the legal citizens in your country. Then to top it off, you enact a few meaningless laws which limit people's mobility but makes the dumbest 51% of the population feel more secure.
After that, declare the war "won" and go about your way. It's time to piss off more countries my friend...
Re:Wouldn't you think... (Score:2)
Oh, and while I'm doing that, I'm supposed to take over 3 years to implement a real, meaningful security measure, since that might involve telling a -corporation- what to do.
Why you know, I think I'm learning this whole "national security" thing. Maybe I'll put in a resume for the Cabinet position...
Monday Night on Fox (Score:2)
And this, just in time to coincide with a current plot point / terrorist threat in 24 [fox.com]!
Don't get any big ideas, the government has got us covered.
I'd like to say (Score:2)
Slammer? (Score:5, Insightful)
That would be common sense, wouldn't it? I'm not trained in network security, but why would controll systems need to be connected to the 'net?
PS: I'm ignoring the obvious "Why are you running Windows and not some ultra-hard OpenBSD or RTOS or something".
Re:Slammer? (Score:3, Informative)
Re:Slammer? (Score:5, Insightful)
They aren't. Just like the critical systems for life support aren't. Just like the Ballistic Missile Early Warning System isn't. There are, however, obviously people at the DOD, hospitals, and even nuclear power plants who do the same kind of tedious work done in other places (spreadsheets, memos, powerpoint presentations) and THEIR computers are often connected to the internet. Honestly, I understand why the media likes to make it sound liike the power plant control system crashed because of a virus, but I don't understand why so many people swallow the intimations of the inflamatory headlines.
RTFA, they are connected. (Score:2, Informative)
But they are. You need to read the fine Security Focus article again, but I'll quote the worst parts for you.
The T1 line, investigators later found, was one of multiple ingresses into Davis-Besse's business network ... From the business network, the worm [s
Let me explain something to you.... (Score:3, Informative)
Solid state logic systems do run the safety systems, but there's no way to interface with them besides the physical controls that are directly connected to them.
Re:Slammer? (Score:2)
Many of these systems used to be on private networks built from dedicated leased data lines. That was expensive.
One day, some bright person discovered that they could save a ton of money by switching to a public network. Management said "Hot Shit! Another vacation home in the Alps!" and it was done.
Re:Slammer? (Score:2)
Even removable media can carry a virus back to the secure network. Which means you better be damned sure that the drive was wiped clean before it goes back.
The safest way to move data is to print it out, and hand type it back in at the other location.
Well, yeah. (Score:2)
Re:Well, yeah. (Score:2)
Re:Well, yeah. (Score:2)
The conversation that started it all... (Score:5, Funny)
Wife: It's a good thing the real nuclear power plants don't allow remote access! Man what fanciful terror alert situation will those 24 writers think of next?
Official: Uh...
Re:The conversation that started it all... (Score:4, Interesting)
OMFG, one of our reactors is MISSING!!!!
Re:The conversation that started it all... (Score:3, Informative)
External Networks? (Score:3, Insightful)
Umm, why the hell would a self-contained/self-sustaining system need to be connected to an external network in the first place?
Sorry, you work at a Nuclear Power Plant? Check your frelling AOL/Yahoo/Hotmail e-mail on your own damn computer, on your own damn time.
Re:External Networks? (Score:2)
Sorry, you work at a Nuclear Power Plant? Check your frelling AOL/Yahoo/Hotmail e-mail on your own damn computer, on your own damn time.
The self-contained/self-sustaining system isn't connecting externally.
The only computers at power plants that are capable of connecting to the internet are in no way capable of contacting a core system. Employees are encouraged to get there work
Re:External Networks? (Score:2)
The system affected was a computer running a digital readout. It froze from resource starvation. Analog gauges and other safety systems continued to work fine.
Re:External Networks? (Score:2)
Trust no one. Not even yourself.
Re:External Networks? (Score:2)
In the case of the nuclear plant, it was requisite for the virus to infect the host at the contractors site to leap frog to the plant. The nuclear power plant's computers were not routed to the internet.
As I said, I agree with you; the situation is inexcusable. I only reply to save face and clari
Re:External Networks? (Score:2)
Its really not that big of a deal. Same goes for at this place. The amount of damage possible to inflict this way is relatively minimal.
Oh well... (Score:2, Interesting)
Looks like that kind of educational oppertunity won't be happening as frequently, now. IIRC, that was the first tour they'd given since the plant was opened. That gives you a sense of perspective as to how common such oppertunities are.
Though other plants may perhaps hold more frequent tours, I doubt few outsiders will get to see the turbines and dynamos of an operational plant
Re:Oh well... (Score:4, Interesting)
Pretty freaking cool, imo.
Re:Oh well... (Score:2)
Sucks for Homer (Score:4, Funny)
Re: (Score:2, Interesting)
Windows and Nuclear?? (Score:2, Funny)
Re:Windows and Nuclear?? (Score:2)
A little typo (Score:2)
Retaliation? (Score:2)
You can feel safe (Score:2)
It's like they were planning to find weapons of mass destruction in Iraq, or they were trying to catch Osama Bin Laden in Afghanistan. Another example of ineffectivity and paralyzed work, three years after a serious security incident...
Weakest Link (Score:2, Insightful)
1) All US international shipping ports: plenty of room for trouble there (the Sum of All Fears, anyone?)
2) Water/Sewage treatment plants: one of the best ways to spread pathogens (or scare a whole lot or ppl)
3) Major Power line junctions to help prevent another power outage like the one we had thew hit most of the Northeast in 2003 (thanks, Ohio!)
4) the
Re:Weakest Link (Score:2)
Oh.... um....
Our bad.
This is not a suprise after latest net nuke attack (Score:5, Funny)
This all in an attempt to use a remote control system developed for nuclear installations in case of a radiation leak or disaster.
It's no suprise... not like there wasn't a nuke detonated in the desert all those years ago. About time they wake up.
This is going to come across as really rude, but (Score:2)
Re:This is going to come across as really rude, bu (Score:2)
I myself mistook you for someone who might be able to get a joke... but rage on net patrol, rage on (I think I saw a typo, look, over there... you see it... it's way over your head!")
Re:This is not a suprise after latest net nuke att (Score:2)
First of all, the traffic was not going to or coming from the nucular plants, so they wouldn't have been affected by it (other than to slow down those two secretaries who actually have internet access at a nuke facility).
Second of all, no amount of packets can mask an intrusion with no chance of being logged: if the intrusion is able to get in,
Re:This is not a suprise after latest net nuke att (Score:2)
Great.
Infection (Score:3, Funny)
Re:Infection (Score:2)
In other news (Score:3, Funny)
The Only Concerns at IAEA (Score:2)
are that Bush still wants to get rid of ElBaradei in order to pull off another pile of bullshit about Iran's "WMDs".
Fortunately the rest of the world - including the "Bush poodle" Blair - aren't going along with it.
Re:The Only Concerns at IAEA (Score:2)
Fortunately the rest of the world - including the "Bush poodle" Blair - aren't going along with it.
Reality check. No one is exactly happy with El Baradei, and no one is happy with the current WMD proliferation situation. No one really has a good answer on how to stop proliferation because once a nation has nuclear weapons, they have the only real protection against foreign military powers
Re:The Only Concerns at IAEA (Score:2)
Reality check.
ElBaradei is supported by the UN and virtually every nation in the world except the US.
A recent article said that even the US's closest allies - Australia and Britain - BOTH refused to support the US attempt to get rid of him.
The reason the US doesn't like him is because he refuses to fudge evidence that Iran has nuclear weapons and he has pointed out that Israel needs to be inspected for its nuclear arsenal.
Bush is presently flying US military aircraft into Iranian airspace to probe their
Easier the first time around (Score:2)
I don't much care if a local gun store is built like Fort Nox. I do expect nuclear facilities, chemical, explosive,
Re:Easier the first time around (Score:2)
What would you do? Surround the installation with an army camp, and have perimeter guards with machine-gun nests and tanks?
I worked at a Nuclear Power Plant (Score:5, Informative)
I even worked in IT. Here is how it works (at least at the one I worked at): all of the software that actually runs the plant is over 25 years old (and therefore does not run Windows). It runs some obscure custom shit, not that obscurity is efficient at security, but I guess it kinda helps. Yes, the computers used by the Secretaries, the Maintenance staff, the Managers, etc. all run Windows. The servers ran Red Had 7.3. This is all fluff. If this breaks or gets corrupted one of two things happens to the reactor: 1. Nothing or 2. Nothing. There are two ways the the system is electrically connected to the outside world, and both of them are through high voltage power lines, which cannot really be used to send data in to break things. If you want to break something, you need to physically be there to do it.
If you work in a nuclear power plant, you are going to continue to do everything you can think of to make it even harder for someone to sabotage the place. Physically, this includes multiple walls, gates, barricades, guns, and more to protect the containments. From a procedural standpoint, this means anyone who wants to get on-site gets ran through a database to check your history, after getting an employee escort. Anyone who wants to get into the protected area gets personally approved after a more in depth background check, and a heck of a lot of red tape.
If you are just Joe Public (no offense), you have a much higher chance of dying in a car accident so I wouldn't worry about this.
And No, I didn't RTFA, but I figured as long as my comment was more useful than the rest of them (read: references to 24), I figured this comment would be helpful.
Re: I worked at a Nuclear Power Plant too (Score:2)
I'm sorry. When I said that all of the software that actually runs the plant is over 25 years old and some obscure custom shit I meant the monitoring stuff and the control stuff.
I agree that it is stupid that the computer is connected to the network. I would also like to mention that it is unacceptable for the operators to be unfamiliar with the 1969 technology. At San Onofre, operators are trained and on the simulator (looks and acts identical) one week out of five where all sorts of stuff is thrown a
physical security? (Score:3, Informative)
This is anecdotal, but minorly noteworthy - My mom used to work for the company that owned and operated Three Mile Island - the (physical) security was intense: the perimeter was ringed by towers manned by security offers with rifles and a 'no warning shot' policy - you approached the perimeter from an undesignated direction and you got shot, period.
I still have one of the security force's hats, says "TMI Rapid Response Team" and has a crosshairs in the middle.
Triv
Hey, you- what are you doing?!! (Score:3, Funny)
Since you are a /.er... (Score:2)
Asimov's warning comes true (Score:2)
Idea to cut the nuclear plants from external networks looks quite simular.
Re:Windows + Nuclear Reactor = Scarey (Score:4, Funny)
You can't say nuclear That really scares me Sometimes a brain can Come in quite handy.
Re:Windows + Nuclear Reactor = Scarey (Score:3, Funny)
The guy with his finger on the nukyalur button can't even say "nuclear". Think about that one before bed tonight.
Re:Sneaking out with rods (Score:4, Informative)
Please google for the string "dirty bomb".
Re:Sneaking out with rods-ROLFLOL!! (Score:5, Interesting)
1. Terrorists storm a reactor and try to steal uranium or plutonium to make bombs.
Not likely. Assuming attackers could shoot their way past the beefed-up phalanx of armed guards, traffic barriers and guard towers that now surround every nuclear plant, they'd still have to fight their way into the reactor building through multiple levels of remote-activated blast doors--where access requires the right key card and palm print--to get to the spent-fuel pond, says Michael Wallace, president of Constellation Energy's generation group, which operates five nuclear reactors. The pond is where highly radioactive used fuel sits in 14-foot-long stainless steel assemblies cooling under 40 feet of water. Terrorists couldn't just grab this stuff and run because, unshielded, it gives off a lethal dose of radiation in less than a minute. To avoid exposure, terrorists would have to force workers to use a giant crane inside the reactor to load the assemblies into huge transfer casks, then open the mammoth doors of the reactor building and use another crane to lift the cask onto a waiting truck--all the while being shot at by the National Guard.
And While we are at it, How about crashing a plane into the reactor?
2. Terrorists crash a plane into a reactor, leading to overheating and a meltdown.
Even less likely. Assume that terrorists could get past tightened airport security and fight off passengers to get through new, improved cockpit doors and take control of a plane. Even then they'd have to crash the jet directly into a reactor to have any chance of breaking containment. In 2002 the Electric Power Research Institute performed a $1 million computer simulation to assess such a risk. Conclusion: A direct hit from a 450,000-pound Boeing 767 flying low to the ground at 350mph would ruin a plant's ability to make electricity but not break the reactor's cement shield. Reason: A reactor, smaller in profile than the Pentagon or World Trade Center, would not absorb the full force of the plane's impact. And, for all the force behind it, a plane, built of aluminum and titanium, has far less mass than the 20-foot-thick steel-and-concrete sarcophagus enclosing a nuclear reactor. It would be like dropping a watermelon on a fire hydrant from 100 feet.
Subscription required: Stopping the Bad Guys [forbes.com]
Re:Sneaking out with rods-ROLFLOL!! (Score:2)
Re:Sneaking out with rods-ROLFLOL!! (Score:2)
Lets also remember from scenario #1.....
Nuclear reactors don't generally run on Weapons grade fuel. You would need to enrich the fuel to make it weapons grade, which would really be as difficult as starting from natural Uranium, which is easy to get. There is no reason to shoot your way through all those guards in order to steal some (possibly used) fuel that is (if used) highly radioactive, and no more useful for creating weapons than natural Uranium that you can get for a few hundred $ per pound.
They wo
Re:Dirty bombs are ridiculous (Score:2)
If the chemical weapon is so deadly, how far would the bird fly, contaminated with enough toxic gunk to kill many people?
Re:Dirty bombs are ridiculous (Score:2)
Re:Slightly offtopic but .. (Score:2, Informative)
Re:Slightly offtopic but .. (Score:2)
I assume this refers to "Electrify city streets in..." etc.
With overhead power, you can run buses, trucks etc. as trolleys [members.shaw.ca], so they won't need huge (several tons for a truck) battery packs. This may be more efficient.
Re:Slightly offtopic but .. (Score:4, Informative)
My home state of Maine became the site of the first complete decomissioning of a large commercial reactor. The plant became operational in '72 ( and it had to survive a referendum to close it in '80, '82, and '87). In '95 it was shutdown many months for repairs and they discovered cracks in the steam generator tubes. The plant opened back up for less than a year I believe, they evaluated the cost to refit the plant and they decided they would have a hard time making back the investment in refitting the plant, so they shut it down permanently. They had originally intended to operate the plant at least until 2020 or 2030. Part of the huge cost was the fact that they need to store the waste onsite. Now all that is left of the plant is a semi-permanent high-level waste storage facility on a few acre footprint. Several hundred acres of the plants land are already being developed on. Several hundred more are a peninsula where the waste storage is located and the gated access make it less attractive for commercial development.
Bush wants to have a new reactor running in the US in the next 10 years. This will be the first approved since '79 and the first to come online since the mid 90's.
the economics of nukes are broken.... (Score:2)
Re:Slightly offtopic but .. (Score:2, Interesting)
In a lot of cases, people don't mind a nuke power plant - as long as it's (all together now) Not In My Back Yard. I worked for a company that did nuclear dosimetry, and was in and out of power plants all over the country; believe me, they are very physically secure.
Most of Californicate's troubles with insufficient energy is that almost nobody in the state is willing to be anywhere near ANY kind of power plant, nuke or not. So the plants get built elsewhere, and Calif. pays premium rates to import it (when
Re:Slightly offtopic but .. (Score:2)
Re:Slightly offtopic but .. (Score:2)
Re:Slightly offtopic but .. (Score:3, Insightful)
So despite all this potential for generating more than enough energy for decades to come... why bother resorting to all kind of foreign policy antics to obtain the tradional heavily polluting energy sources ?
Money. There are heavily entrenched interests in the US in coal and oil, and they happen to be running the country (into the ground, I'll add.) Their freshman level understanding of Adam Smith leads them to believe that they are doing society a good by pursuing their selfish interests, namely advancin
Re:Slightly offtopic but .. (Score:2)
Re:Slightly offtopic but .. (Score:2)
Q: Which country moved to Euro first, in regards to oil transactions?
A: Yep, you're thinking right. That one. (Iraq, for those who still didn't get it).
Russia does use EUR for oil transaction, although not exlusively. Venezuela does as well (and it closely follows China's i
Re:Windows + Bypassed Firewall = don't connect it (Score:2)
We don't get to dictate network layout to customers, of course, but we recommend and usually provide a separate firewall, independent of any corporate firewall, between the power systems LAN and the rest of the corporate network.
Re:NRC's comments (Score:2)
Huge?
Most nuclear plants that I've visited have resided on a huge plot of land, but the plants themselves are generally pretty small. They're easy to get lost in, but that's more a function of compartmentalizing the plant structure than the size.