Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

U.S. Plans to Tighten Nuclear Power Plant Security

Posted by samzenpus on Wed Jan 26, 2005 09:27 PM
from the don't-come-in-here dept.
Security IT
CDMA_Demo writes "The 103 nuclear reactors running in USA can voluntarily agree to follow a new 15 page update to a 1996 regulatory guide. The update notes possibility of "unauthorized, undesirable, and unsafe intrusions", and recommends measures aginst such activities. It also recommends such facilities to be cut off from external networks: "Remote access...[that may pose a potential security risk]...should not be implemented". The Slammer worm in 2001 managed to bring down the network at Ohio's David-Besse nuclear plant and concerns kept growing at the United Nations' International Atomic Energy Agency (IAEA)."
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

U.S. Plans to Tighten Nuclear Power Plant Security 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Away from External Networks (Score:5, Funny)

    by wot.narg (829093) <wot.narg@gmail. c o m> on Wednesday January 26 2005, @09:29PM (#11487870) Homepage
    You know you got owned when someone cracked your power plant and the fuel rods spell "owned" in binary.

  • Volunteering... (Score:5, Insightful)

    by dilvie (713915) on Wednesday January 26 2005, @09:30PM (#11487879) Homepage Journal
    The fact that it's voluntary makes me a bit nervous. The fact that the suppliment was this long in coming makes me even more nervous.

    • An anecdote. (Score:5, Interesting)

      by glrotate (300695) on Wednesday January 26 2005, @10:21PM (#11488234) Homepage
      My uncle is a security guard at a nuclear power plant. He is 59 years old and his occupation before nuclear powerlant security guard was truck driver. He is the most honest and trusworthy man you will ever meet, but he is 59 years old and had a triple bypass last year.

      Delta Force operators come on an occasional announced, i.e. they know they're coming, basis to try to infiltrate. Supposedly they have succeeded every time.

          • Re:Volunteering... (Score:5, Informative)

            by ArsenneLupin (766289) on Thursday January 27 2005, @02:56AM (#11490045)
            What exactly was wrong with the reactor design with Chernobyl?

            • No containment (outer shell): once the reactor itself is burst, the radioactive material is out in the open, whereas in western designs, there is still an outer shell.
            • Unsafe RBMK [globalsecurity.org] design, which has a huge positive void coefficient [wikipedia.org], i.e. it is (mis)designed in such a way that when the cooling water in the primary circuit starts boiling, the nuclear reaction accelerates... with predictable consequences. Most western designs have a slightly negative void coefficient (boiling water leads to slowdown of reaction), which makes the design intrinsically safer.

  • You gotta be kidding me. (Score:5, Funny)

    by The-Bus (138060) on Wednesday January 26 2005, @09:31PM (#11487886) Homepage
    This, the week after a similar weakness* is shown on 24?

    Remember to always question policy this way: WWJBD? What Would Jack Bauer Do?

    That is all.

    * Yes I know, it's TV.
    • This, the week after a similar weakness* is shown on 24?

      Yes, and the spooky part about this: Remember how 24 started this season? Train derailment? Car on the tracks?

      I have a feeling Juan Manuel Alvarez was after some device in Glendale, CA this morning.

      (Okay, I'm joking - but what was weird --- when I heard about the train derailment - the first thing I thought about was a terrorist plot!! Uhoh)

  • Wouldn't you think... (Score:4, Insightful)

    by laughingcoyote (762272) <barghesthowl&excite,com> on Wednesday January 26 2005, @09:31PM (#11487888) Journal

    That MAYBE, they would've done this, oh I don't know, say in October of 2001?

    But silly me, what do I know about national security. Here I still think it's better to make less enemies than more.

    • Re:Wouldn't you think... (Score:4, Insightful)

      by i41Overlord (829913) on Wednesday January 26 2005, @10:37PM (#11488380)
      But silly me, what do I know about national security. Here I still think it's better to make less enemies than more.

      Exactly. You know nothing of national security.

      You see, what you are supposed to do is piss off most of the world, and when they start coming after you, ignore it. After you've been hit a couple times, declare your patriotism and implement strict new laws which ironically only limit the legal citizens in your country. Then to top it off, you enact a few meaningless laws which limit people's mobility but makes the dumbest 51% of the population feel more secure.

      After that, declare the war "won" and go about your way. It's time to piss off more countries my friend...

  • Slammer? (Score:5, Insightful)

    by MBCook (132727) <foobarsoft@foobarsoft.com> on Wednesday January 26 2005, @09:35PM (#11487918) Homepage
    Would someone like to explain to me why the systems (assumingly CRITICAL systems) at a NUCLEAR POWER PLANT are connected to the Internet (and therefor exposed for Slammer) at all? I would think that you would want such stuff to be isolated so that nothing like that could happen. I mean, if you MUST get some data out to the outside world, connect two computers by serial cable. One is connected to the 'net and can only recieve data, the other is connected to the internal network and can only send data. That way NOTHING can get into the system.

    That would be common sense, wouldn't it? I'm not trained in network security, but why would controll systems need to be connected to the 'net?

    PS: I'm ignoring the obvious "Why are you running Windows and not some ultra-hard OpenBSD or RTOS or something".

    • I remember reading the article and that somewhere down the line it said that it was workstations that went down, not anything related to power generation capabilities or plant safety. Maybe someone can find a link to that article about that particular incident, but as I recall the facts of the article were far less, uh, scandalous than the headline.

    • Re:Slammer? (Score:5, Insightful)

      by Dun Malg (230075) on Wednesday January 26 2005, @09:55PM (#11488056) Homepage
      Would someone like to explain to me why the systems (assumingly CRITICAL systems) at a NUCLEAR POWER PLANT are connected to the Internet

      They aren't. Just like the critical systems for life support aren't. Just like the Ballistic Missile Early Warning System isn't. There are, however, obviously people at the DOD, hospitals, and even nuclear power plants who do the same kind of tedious work done in other places (spreadsheets, memos, powerpoint presentations) and THEIR computers are often connected to the internet. Honestly, I understand why the media likes to make it sound liike the power plant control system crashed because of a virus, but I don't understand why so many people swallow the intimations of the inflamatory headlines.

  • The conversation that started it all... (Score:5, Funny)

    by GnomeAttic (97126) on Wednesday January 26 2005, @09:40PM (#11487971) Homepage
    What follows is the transcript of a conversation that took place between a top US defense official and his wife after watching this week's episode of Fox's popular drama 24.

    Wife: It's a good thing the real nuclear power plants don't allow remote access! Man what fanciful terror alert situation will those 24 writers think of next?

    Official: Uh...

  • External Networks? (Score:3, Insightful)

    by tmhsiao (47750) on Wednesday January 26 2005, @09:43PM (#11487990) Homepage Journal
    The Slammer worm in 2001 managed to bring down the network at Ohio's David-Besse nuclear plant and concerns kept growing at the United Nations' International Atomic Energy Agency (IAEA).

    Umm, why the hell would a self-contained/self-sustaining system need to be connected to an external network in the first place?

    Sorry, you work at a Nuclear Power Plant? Check your frelling AOL/Yahoo/Hotmail e-mail on your own damn computer, on your own damn time.

  • Sucks for Homer (Score:4, Funny)

    by ortcutt (711694) on Wednesday January 26 2005, @09:52PM (#11488048)
    I guess he won't be able to work from home in his muumuu.

  • This is not a suprise after latest net nuke attack (Score:5, Funny)

    by deft (253558) on Wednesday January 26 2005, @10:03PM (#11488103) Homepage
    I was just watching a 24 hour news update, and apparently the internet boradcast of the execution of a US Secretary Heller was a coverup for an attack on a US nuclear base firewall.

    This all in an attempt to use a remote control system developed for nuclear installations in case of a radiation leak or disaster.

    It's no suprise... not like there wasn't a nuke detonated in the desert all those years ago. About time they wake up.

  • Infection (Score:3, Funny)

    by Fuzzums (250400) on Wednesday January 26 2005, @10:08PM (#11488126) Homepage
    Nuclear powerplant meltdown after lexus drive-by bluetooth infection.

  • I worked at a Nuclear Power Plant (Score:5, Informative)

    by kf6auf (719514) on Wednesday January 26 2005, @10:51PM (#11488517)

    I even worked in IT. Here is how it works (at least at the one I worked at): all of the software that actually runs the plant is over 25 years old (and therefore does not run Windows). It runs some obscure custom shit, not that obscurity is efficient at security, but I guess it kinda helps. Yes, the computers used by the Secretaries, the Maintenance staff, the Managers, etc. all run Windows. The servers ran Red Had 7.3. This is all fluff. If this breaks or gets corrupted one of two things happens to the reactor: 1. Nothing or 2. Nothing. There are two ways the the system is electrically connected to the outside world, and both of them are through high voltage power lines, which cannot really be used to send data in to break things. If you want to break something, you need to physically be there to do it.

    If you work in a nuclear power plant, you are going to continue to do everything you can think of to make it even harder for someone to sabotage the place. Physically, this includes multiple walls, gates, barricades, guns, and more to protect the containments. From a procedural standpoint, this means anyone who wants to get on-site gets ran through a database to check your history, after getting an employee escort. Anyone who wants to get into the protected area gets personally approved after a more in depth background check, and a heck of a lot of red tape.

    If you are just Joe Public (no offense), you have a much higher chance of dying in a car accident so I wouldn't worry about this.

    And No, I didn't RTFA, but I figured as long as my comment was more useful than the rest of them (read: references to 24), I figured this comment would be helpful.

      • Re:Sneaking out with rods (Score:4, Informative)

        by laughingcoyote (762272) <barghesthowl&excite,com> on Wednesday January 26 2005, @09:40PM (#11487967) Journal

        Please google for the string "dirty bomb".

        • Re:Sneaking out with rods-ROLFLOL!! (Score:5, Interesting)

          by Homer's Donuts (838704) on Thursday January 27 2005, @02:11AM (#11489856)
          From a sidebar in the January issure of Forbes magazine.

          1. Terrorists storm a reactor and try to steal uranium or plutonium to make bombs.

          Not likely. Assuming attackers could shoot their way past the beefed-up phalanx of armed guards, traffic barriers and guard towers that now surround every nuclear plant, they'd still have to fight their way into the reactor building through multiple levels of remote-activated blast doors--where access requires the right key card and palm print--to get to the spent-fuel pond, says Michael Wallace, president of Constellation Energy's generation group, which operates five nuclear reactors. The pond is where highly radioactive used fuel sits in 14-foot-long stainless steel assemblies cooling under 40 feet of water. Terrorists couldn't just grab this stuff and run because, unshielded, it gives off a lethal dose of radiation in less than a minute. To avoid exposure, terrorists would have to force workers to use a giant crane inside the reactor to load the assemblies into huge transfer casks, then open the mammoth doors of the reactor building and use another crane to lift the cask onto a waiting truck--all the while being shot at by the National Guard.

          And While we are at it, How about crashing a plane into the reactor?

          2. Terrorists crash a plane into a reactor, leading to overheating and a meltdown.

          Even less likely. Assume that terrorists could get past tightened airport security and fight off passengers to get through new, improved cockpit doors and take control of a plane. Even then they'd have to crash the jet directly into a reactor to have any chance of breaking containment. In 2002 the Electric Power Research Institute performed a $1 million computer simulation to assess such a risk. Conclusion: A direct hit from a 450,000-pound Boeing 767 flying low to the ground at 350mph would ruin a plant's ability to make electricity but not break the reactor's cement shield. Reason: A reactor, smaller in profile than the Pentagon or World Trade Center, would not absorb the full force of the plane's impact. And, for all the force behind it, a plane, built of aluminum and titanium, has far less mass than the 20-foot-thick steel-and-concrete sarcophagus enclosing a nuclear reactor. It would be like dropping a watermelon on a fire hydrant from 100 feet.

          Subscription required: Stopping the Bad Guys [forbes.com]

    • Re:Slightly offtopic but .. (Score:4, Informative)

      by oudzeeman (684485) on Wednesday January 26 2005, @10:01PM (#11488094)
      In the US, after the three mile island incident in 1979, all unapproved reactor orders were cancelled, and no new orders were made. Some reactors that had already been approved prior to the incident didn't come online until the mid 90's. If these orders had not been cancelled and new orders were being put in, we would probably have 2-3 times this number of reactors (Nixon wanted 1000 by the year 2000, BUT before the accident new orders had already began to slow because with all the regulations and the oil crisis ending nuclear power became very expensive compared to oil). Unfortunately, nuclear was never cheap enough to challenge coal, which the US has plenty of.

      My home state of Maine became the site of the first complete decomissioning of a large commercial reactor. The plant became operational in '72 ( and it had to survive a referendum to close it in '80, '82, and '87). In '95 it was shutdown many months for repairs and they discovered cracks in the steam generator tubes. The plant opened back up for less than a year I believe, they evaluated the cost to refit the plant and they decided they would have a hard time making back the investment in refitting the plant, so they shut it down permanently. They had originally intended to operate the plant at least until 2020 or 2030. Part of the huge cost was the fact that they need to store the waste onsite. Now all that is left of the plant is a semi-permanent high-level waste storage facility on a few acre footprint. Several hundred acres of the plants land are already being developed on. Several hundred more are a peninsula where the waste storage is located and the gated access make it less attractive for commercial development.

      Bush wants to have a new reactor running in the US in the next 10 years. This will be the first approved since '79 and the first to come online since the mid 90's.

    • So despite all this potential for generating more than enough energy for decades to come... why bother resorting to all kind of foreign policy antics to obtain the tradional heavily polluting energy sources ?

      Money. There are heavily entrenched interests in the US in coal and oil, and they happen to be running the country (into the ground, I'll add.) Their freshman level understanding of Adam Smith leads them to believe that they are doing society a good by pursuing their selfish interests, namely advancin

    • Re:Oh well... (Score:4, Interesting)

      by Capt'n Hector (650760) on Wednesday January 26 2005, @10:31PM (#11488339)
      I was given the rare opportunity to tour a reasearch reactor up in Sacramento, CA... it was used primarily to test aircraft parts by bombarding them with radioactive particles, to see how they would put up with the stresses of the upper atmosphere. Since it was a lower power reactor, we could do some crazy things like:

      • Walk into the reactor chamber
      • Look down into the core (it was glowing blue, by the way)
      • Reach out and jangle the control rods
      • Dip our feet in the blue-glowing water.

      Pretty freaking cool, imo.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.