Reports of a fire at a French nuclear power plant last week. While there was no nuclear risk, the blaze is described as a ‘significant technical event.’Moreno Carullo, co-founder and Chief Technical Officer at Nozomi Networks commented below.

Moreno Carullo, Co-Founder and Chief Technical Officer at Nozomi Networks:

moreno-carullo“The challenge with critical infrastructure, such as the French EDF Flamanville plant, is that the machinery is dated. Pausing systems frequently to check for signs of damage or weakness is simply not possible so often an annual audit is all that’s conducted. To try and bridge the gap, visibility of what is happening within the infrastructure could mean that abnormal fluctuations are identified, and evasive action or even further investigation before damage occurs. However, this is easier said than done when you consider that a standard power plant will typically have an average 50,000 real-time processes, using standard networking tools to monitor, manage, and then troubleshoot is akin to mission impossible. The task of manually analysing the resulting data is not only time-consuming, but also error prone.

“Using advances in computer science, such as machine learning and artificial intelligence, to build an internal representation of an industrial network and its physical processes could hold the key. These ‘tools’ “take advantage of the predictability in control system traffic by establishing a baseline of ICS network communications and conduct active monitoring for anomalies. Having this operational visibility provides immediate insights for faster troubleshooting and remediation of IT and operational issues without impacting industrial processes, making it easier for engineers and plant operators to identify potential malfunctions before damage can occur. If a centrifuge is spinning too fast or slowly – as was the case with Stuxnet, or the temperature is approaching dangerous levels as would have been the case at the Flamanville Plant, evasive action could be taken before damage occurs.

“As new projects are planned and implemented, such as the building of a new third reactor at Flamanville, industrial cyber security and operational monitoring must be built in to pre-empt and prevent ‘significant technical events’ from happening.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.