[ISN] Regulators seek cause of reactor shutdown

From: InfoSec News (alerts@private)
Date: Sun May 20 2007 - 23:26:04 PDT


http://www.enewscourier.com/local/local_story_137225918.html

 From staff, wire reports
May 17, 2007

WASHINGTON -- An overloaded computer network prompted an emergency 
shutdown in a reactor at the Tennessee Valley Authoritys Browns Ferry 
Nuclear Plant in Athens last year, and federal regulators still cant say 
where the interference came from.

The shutdown occurred amid growing congressional scrutiny over whether 
utilities and other high-risk sites are vulnerable to cyber attacks as 
they increasingly rely on computer networks to remotely control their 
operations.

Nuclear Regulatory Commission officials say the August 2006 malfunction 
did not threaten the safety of the plant and that they are confident an 
outside hacker was not responsible. But in a letter to the agency this 
week, the House Homeland Security Committee called for a broader 
investigation, citing a host of unanswered questions.

Browns Ferry spokesman Craig Beasley on Thursday took issue with the APs 
characterization of the Unit 3 shutdown as an emergency.

"It was not an emergency shutdown, said Beasley. The operators saw a 
problem and chose to shut the plant down.

Beasley said the problem was a result of poor energy supply to the 
recirculation pumps.

The pumps werent working as they should and it showed up on the control 
panel, so we shut down the plant manually, said Beasley.

Beasley said the solid-state power supply to the pump motors is operated 
by a computer controller.

This network became overloaded, and when it got overloaded it couldnt 
process the information so the solid-state stopped supplying power.

Beasley said technicians basically segmented controls apart to preclude 
any kind of overload againTheyve been working fine since. We made sure 
it wouldnt happen with Unit 2.

Beasley stressed that the control system is not connected to a network 
outside the plant. It was excessive internal traffic, said Beasley.

It appears from the information that weve collected so far that this 
(plant) may or may not have been compromised. We want the NRC to 
determine the source, committee Chairman Bennie Thompson, D-Miss, said 
in an interview.

We need to know whether instances like this are internal or external, 
and to what extent we are going to deal with them. For the NRC to rely 
on the operators explanation of what happened ... we think does not go 
far enough, he said.

In a report issued last month, the NRC said TVA officials manually shut 
down the plants Unit 3 reactor after excessive traffic on the computer 
network caused recirculation pumps to fail, creating a potentially 
unstable condition.

Although TVA hasnt determined the source of the data overload, the NRC 
said the utility reacted appropriately to the failure and has addressed 
it by installing new firewalls to better control traffic on the network.

NRC and TVA officials said the Browns Ferry network involved is an 
internal-only network and when operated as designed cannot accept data 
from outside sources. TVA spokesman Terry Johnson said the utility 
believes the failure may have been caused by an unexplained glitch in 
the computer system.

But when pressed, the officials would not categorically rule out the 
possibility of outside access.

We have reasonable assurance that there is no external access to this 
system, said Eva Brown, the NRCs project manager at Browns Ferry. We did 
an independent assessment to convince ourselves that (TVAs) conclusions 
were acceptable, and there was no evidence of an external source.

Shutdowns at nuclear plants are somewhat rare; Browns Ferry had two 
shutdowns in all of 2006, and has had two so far this year.

NRC spokesman Scott Burnell said the agencys public notice on the August 
2006 incident should serve to warn other operators of the potential 
problem, although the NRC is not requiring any action.

At this point there isnt any regulatory reason to, he said. Sometimes it 
does take small events like this to bring issues to the attention of the 
staff at the plant and the NRC. Thats why we issued this informational 
notice.

Joe Weiss, managing partner at Applied Control Solutions and an expert 
on industrial computer security, said he doubted that anyone 
intentionally caused the Browns Ferry network to fail. But, he said, it 
raises concerns regardless.

The whole area of cyber security in industrial facilities is effectively 
in its infancy, he said. There needs to be a greater appreciation within 
the nuclear community that these systems truly are connected.

Since the Sept. 11, 2001, terrorist attacks, security experts have 
warned of vulnerabilities in the computer networks of the nations 
critical infrastructure, including emergency response agencies, 
electricity providers and water treatment plants.

A 2005 report from the Environmental Protection Agencys inspector 
general, for example, found that water utilities had installed 
computer-based remote controls with little attention paid to security, 
leaving valves, pumps and chemical mixers open to cyber attack.

In 2003, a computer virus temporarily disabled the safety monitoring 
system at the Davis-Besse nuclear station in Ohio, even though the 
utility thought the network was protected from such a breach.


_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Sun May 20 2007 - 23:34:42 PDT