cop data diodes
Post on 24-Oct-2014
157 Views
Preview:
TRANSCRIPT
In-Progress In-Progress Implementation of Cyber Implementation of Cyber Security Requirements at Security Requirements at
DC CookDC Cook
Amal Al-KatribI&C COP – 2/13/12
Overview
Cyber-Security Codes, Standards, and Regulatory Requirements
Previous Work
Scope of Current DC Cook Modification
Level 3 Level 2 Communication
Waterfall Data-Diode Architecture
Waterfall Proprietary Transfer Protocol Software Configuration
Cyber-Security Codes, Standards and Regulatory Requirements
• NRC Regulatory Guide 5.71 – “Cyber Security Programs for Nuclear Facilities”
• NRC Regulatory Guide 1.152 – “Criteria for Use of Computers In Safety Systems of Nuclear Power Plants”
• 10 CFR 73.54 – “Protection of Digital Computer and Communication Systems and Networks”
• NIST SP 800-53 – “Recommended Security Controls for Federal Information Systems”
• NIST SP 800-82 – “Guide to Industrial Control Systems Security”
Previous Work
• A previous DC Cook modification installed HP ProLiant DL360 (G6) servers in the Plant Process Computer Rooms (Defensive Levels 2, 3, and 4).
• Data-diodes were installed between (a) Level 4 (Control & Safety System Network) & Level 3 (Data Acquisition Network) and (b) Level 3 (Data Acquisition Network) and Level 2 (Local Area Network).
• No data was directed through those data-diodes as part of this design package. This task was reserved for subsequent modifications.
Scope of Current DC Cook Modification
• Redirect the outputs of RMS servers through a unidirectional firewall between Levels 4 and 3 networks.
• Remove existing Level 3 to Level 2 firewalls and install necessary hardware/software and cabling to complete the communications link through Level 3 and 2 data-diode networks.
• Redirect RDR and R-Time server communications through the Level 2 data network.
Scope of Current DC Cook Modification – Cont’d
• Install 1 Cisco Firewall in U1 PPC room between Level 4 and Level 3 network
• Relocate firewall between 2-RMS-ROUT-PPC and U2RCD212 PPC switch
• Install A/B switch in Unit 1 PPC room to redirect network traffic through Level 3 to Level 2 networks
• Install new workstation on both Unit 1 and Unit 2 PPC Programmer’s Console and provide Level 4 network connection to each workstation using RMS network switches
• Re-route RDR system network cables from Level 3 to Level 2 network
• Install 100BaseT cable between existing GPS clock in U2 PPC Computer Room and Data Diode Tx server in U1 PPC Computer Room
• Abandon in place 1 Fibronics from Rack 3 in Server Room #333
Scope of Current DC Cook Modification – Cont’d
• Remove 3 Fibronics from Communication Cabinet & 1 Fibronics from RDR cabinet in U1 PPC Computer Room
• Remove 2 DEC Bridge 90 units from I/O Cabinet in U1 PPC Computer Room
• Remove 2 PIX 515 Firewalls from Communication Cabinet in U1 PPC Computer Room
• Install 1 Cisco Level 2 Business LAN switch in the TSC Communication Room
BEFORE AFTER
Level 4
Level 3
Level 2
Data Diode
RMS Switch
Firewall
PPC Switch
Data Diode
RDR ServerSatellite Display System
Data Diode
Firewall
RMS Switch PPC Switch
RDR Server
Firewall
Satellite Display System
Other L2 Devices
Level 3 Level 2 Communication
• Per NRC RG 5.71, only one-way (unidirectional) data flow is allowed from Level 3 to Level 2 to qualify for an acceptable defensive architecture.
• This mod configures the data-diode setup (consisting of a transmitter and a receiver server) to ensure such unidirectional data flow.
• This task is achieved through a Waterfall data-diode architecture.
Waterfall Data-Diode Architecture
Multi-layered architecture consisting of a transmit/receive software agent that resides on transmitter/receiver servers
Basic components of a Waterfall One-Way Architecture:
1) Waterfall TX Software Agent
2) Waterfall TX Appliance (i.e. Transmitter Server)
3) Waterfall RX Appliance (i.e. Receiver Server)
4) Waterfall RX Software Agent
5) Single Fiber Optic Cable
Transmitter Server
Receiver Server
Fiber Optic Cable
L3 L2Unidirectional Data Flow
Waterfall Data-Diode Architecture – Cont’d
Benefits of the Waterfall Architecture:
• Provides high-speed, real-time, and reliable data transfer
• Eliminates the ability to initiate communications between assets at different security levels
• Eliminates bi-directional data flow between assets at different security levels
• Data only flows from 1 level to other levels through a device or devices that enforce security policy between each level
• Eliminates applications, services, and protocols not necessary to support the design-basis function of the contained assets
• Effective protection against external cyber attacks
Waterfall Proprietary Transfer Protocol Software Configuration
Software Function
Waterfall for EthernetMulticast
Allows for multicast communication from the PPCs to RDR.
Waterfall for RemotePrinter
Allows for TCP communication from print queues to business LAN PrintWizard software and PPCs to R*TIME links.
Waterfall for Syslog Provides logging of Level 3 Cisco Network Switches and monitoring of data on Level 2 devices.
Waterfall for SMTP Allows email notification of Level 3 device failures.
Waterfall for SNMP Listens to SNMP traffic in the Level 4 and Level 3 networks and captures SNMP traps according to predefined rules set by IT. The software unidirectionaly streams the SNMP traps through the Level 3 to Level 2 data diode network to a Network Management System on the Level 2 network to monitor the status of critical assets and receive alerts following failures.
Waterfall for FTP Allows for file transfers of MIDAS, Chemistry & PPC Data to Level 2 servers including RMS Server CNP523 and R*TIME Server CNP524.
Waterfall for UDP Transfers UDP packets from the Level 3 to Level 2 network. This is required for R*TIME Relay PSS Software to communicate to the Level 2 R*Time plant system server.
Waterfall for TCP Transfers TCP packets from the Level 3 to Level 2 network. This is required for the replication of RadServ and Containment Cooling data on the Level 2 network.
Waterfall for NTP Provides network time synchronization through the Level 3 to Level 2 data diodes.
Questions / Comments
Amal K. AlKatribAmal.K.AlKatrib@sargentlundy.com
top related