supporting physical protection systems in nuclear facilities IAEA - - PowerPoint PPT Presentation

supporting physical protection systems
SMART_READER_LITE
LIVE PREVIEW

supporting physical protection systems in nuclear facilities IAEA - - PowerPoint PPT Presentation

Jan 17, 2023 336 likes •608 views

Considerations for deploying a security information and event management system supporting physical protection systems in nuclear facilities IAEA CN-254 Authors Mitchell HEWES Australian Nuclear Science and Technology Organisation Lucas

slide-1
SLIDE 1

Considerations for deploying a security information and event management system supporting physical protection systems in nuclear facilities

IAEA CN-254

slide-2
SLIDE 2

Authors

  • Mitchell HEWES

Australian Nuclear Science and Technology Organisation Lucas Heights, Australia Email: mitchell@ansto.gov.au

  • Alan COWIE

Australian Nuclear Science and Technology Organisation Lucas Heights, Australia Email: ajc@ansto.gov.au

slide-3
SLIDE 3

Outline

  • Physical Protection Systems within a Facility
  • Components of an ECS
  • Where does a CSS fit in?
  • Sensitive Information
  • Information Security Assurance
  • CSS monitoring a PPS
  • Conclusion
slide-4
SLIDE 4

Terminology

  • PPS – Physical Protection System
  • ECS – Electronic Control System
  • CSS – Computer Security System
slide-5
SLIDE 5

Physical Protection Systems within a Facility

slide-6
SLIDE 6

Typical physical protection systems

  • Physical barriers necessitate access points e.g.

doors, gates, lifts

  • Mechanical locks & keys
  • Photo identification cards & documentation
  • Guard personnel
  • Access protocols & procedures
  • Access log books & visitor lists
slide-7
SLIDE 7

Physical Barrier & Access Point

slide-8
SLIDE 8

Guard Personnel

slide-9
SLIDE 9

Components of an ECS

slide-10
SLIDE 10

Electronic card/token & reader

slide-11
SLIDE 11

Access Controlled Door

slide-12
SLIDE 12

Centralized Access Control

slide-13
SLIDE 13

Computer-based components of an example networked security system.

slide-14
SLIDE 14

Biometric Identification & Data

slide-15
SLIDE 15

Purpose & Benefits of ECS

  • Greater efficiency – augment physical
  • Managing keys
  • Robust record of actions undertaken
  • Negate need for a guard at each door
  • Monitoring and recording of the state of electro

mechanical components

  • Programmatic automation of Physical

Processes e.g. Enforcement of a “no alone” zone

slide-16
SLIDE 16

Where does a CSS fit in?

  • In our example the Computer Security System

forms an overwatch function for the ECS

  • It would sit within a different security zone and

take in inputs from multiple facility functions to be able to provide correlation for monitoring and response on attacks spanning multiple systems.

  • How can we enable this while protecting the

function of the ECS?

slide-17
SLIDE 17

Sensitive Information

slide-18
SLIDE 18

Sensitive Information

  • Items used in granting automated access

– Card ID – PIN Number – Biometric Templates

  • State information of electromechanical assets
  • CCTV Camera video feeds
  • Computer configuration
  • New EACS parameters supplied to make system

changes

Automated State Change Contextual State Change

slide-19
SLIDE 19

Computer Security Measures for PPS

  • Host integrity checking
  • Sub zone network segregation
  • Netflow - record capture and parsing
  • Port monitoring
  • Port security
  • Wifi rogue monitoring/suppression

Contextual State Change

slide-20
SLIDE 20

Data Flow Model Between PPS and CSS

  • Sensitive information that could affect an

automated state change within a facility function should not leave it’s source security zone while it is still functionally significant.

  • Sensitive information that could affect an

automated state change within a facility function must not be generated by a system at a lower security level.

slide-21
SLIDE 21

Information Security Assurance

slide-22
SLIDE 22

Goals

  • Ensure the confidentiality, integrity, and availability of the

automated operation of the PPS and the accuracy of information supplied to an operator to make contextual changes

  • Monitor the operation of the computer-based hardware

components and software for indicators of compromise.

  • Provide independent computer security measures to ensure

a defence in depth against a single computer security vulnerability.

  • Enable the response, remediation, and restoration of

verifiable normal operation.

Transitive from PPS: Deter, Detect, Delay, Respond

slide-23
SLIDE 23

CSS Monitoring a PPS

  • Monitor the computer-based components of the physical

protection system and the computer security measures protecting them.

  • Monitor the effectiveness of zone-decoupling measures for

computer security zones interacting with the PPS.

  • Decouple from the PPS itself - limit the information flow to

prevent information important to automated operation of the PPS from being captured by the CSS. E.g. through a data diode.

  • Provide the potential to correlate with the monitoring of other

computer security zones to monitor the overall facility computer security defence in depth posture.

slide-24
SLIDE 24

Conclusion

slide-25
SLIDE 25

Conclusion

  • 1. A nuclear facility PPS augmented with an ECS

increases defence in depth from physical attack.

  • 2. An ECS transfers some risk from a physical

compromise to an computer-based compromise, thus the need to incorporate computer security measures to maintain defence in depth.

  • 3. A CSS monitors computer security measures. Just as

the ECS monitors the physical security measures.

  • 4. A well thought out and implemented CSS, which

preserves the confidentiality of sensitive information critical to PPS automation, is required to provide continued assurances of defence in depth.