Download - Cevn Vibert. Thales UK. 28th January
Holistic Nuclear Security
An International ChallengeCevn Vibert
2 /2 /
Thales CNI Security Facility
Who… am I?
Cevn Vibert CITP MIET MInstMC MBCS
Solutions Architect & CNI Facility Manager
Security and Consulting
Thales UK
07791080623 [email protected] has over 25 years in Industry in a wide range of markets and industries.
Projects with EDF, Sellafield, RWE, National Grid, BP, KOC, LUL and Network Rail, together with Thames Water, Dwr Cymru, and many more.
Experienced with Command and Control C2 Systems, Control Rooms, System of Systems, CCTV, Access Control, Situational Awareness, Robust and Resilient Architectures, PLCs, SCADA, Industrial Networks, Knowledge Databases, Incident Management, CBRN systems, Emergency Management, Reporting Solutions, Communications and Mobile Systems.
Years of experience within the security threat environment has reinforced the necessity for integrated holistic security to manage current and emerging threats. Situational Awareness solutions are key to providing adaptive, effective and timely response to events.
3 /3 /
Thales CNI Security Facility
Who… is Thales?
Mountbatten House, Basing View, Basingstoke, Hants. RG21 4HJ
£11.5bn revenue global company with over 65,000 employees; £1.3bn and 7,500 with Thales UK.
Thales UK services a wide range of markets including Critical National Infrastructure protection.
Thales UK is a long-term service delivery partner to EDF Generation’s existing nuclear fleet and is providing a deployable communications capability as part of the Japanese Earthquake Response Programme.
Thales UK also has interests across the NDA estate, focussing on the provision of security, resilience and emergency management capability.
Thales UK recognises security as a global challenge for the nuclear industry and understands how only a holistic approach to infrastructure protection will manage that risk to acceptable levels.
4 /4 /
Thales CNI Security Facility
Thales expertise - Nuclear
30 years of expertise: Most UK energy production sites use Thales systems to operate
their facilities.
Thales supports the UK energy sector with: DPCS Data Processing & Control Systems (Nuclear)
Critical to safe operation of EDF’s UK’s nuclear power stations
APMS Advanced Plant Management Solutions (Fossil) Developed for RWE Npower 60 Systems installed in 9 Power Stations
EDF’s technology partner to extend life of existing nuclear power fleet:
Obsolescence management Fault and failure analysis Re-engineering services Spares & Supply Chain management Skills and competence management (SQEP)
5 /5 /
Thales CNI Security Facility
Nuclear Power: Emergency Response
Deployable Communications & Information System (DCIS)
Japanese Earthquake Response Programme (ONR requirement)
Addressing ‘Beyond Design Basis’ scenarios due to extreme natural events
Provides critical data from the nuclear power station to decision makers
Transportable Emergency Response Modules:
Completely self-sufficient with resilient communications architecture
Capability held in storage at key points in the UK
Emergency scenario requires Human Factors expertise to make operation intuitive
6 /6 /
Thales CNI Security Facility
Nuclear Security
• What Threats….?
• Why Security…?
• How to manage Security?
• When to manage Security?
• Benefits of managing Security?
• What Thales is doing……..
……..We can all work… Together, Smarter, Safer
7 /7 /
Thales CNI Security Facility
What… does a security threat look like?
Targeted Threat to physical security
8 /8 /
Thales CNI Security Facility
Disruption to Operations
What… does a security threat look like?What… does a security threat look like?
9 /9 /
Thales CNI Security Facility
What… does a security threat look like?
SCADA System Threats
10 /10 /
Thales CNI Security Facility
What… does a security threat look like?
Importance of Procedures and Policies
11 /11 /
Thales CNI Security Facility
What… does a security threat look like?
The “Normal Person” internal threat
12 /12 /
Thales CNI Security Facility
Why… Security?
It doesn’t matter where in the world you are, there are potential security threats, and are all linked to a number of primary objectives.
Protests/Demonstrations
Terrorism
IP Theft
Unscrupulous Competitors
Nuisance Disruption
Organised Crime
Disgruntled Employees
13 /13 /
Thales CNI Security Facility
How… to deal with Security Threats?
Threats take many forms;
•Physical Access to Facilities
•Theft of Material/Data
•Placement of Material/Data
•Cyber Attack on Control Systems/Operations
•Denial of Service
•IP/ID theft
Det
er
Detect
Recover
Res
pond
14 /14 /
Thales CNI Security Facility
When… to apply security?
It is possible to extend the before-event activity to deter and detect long before someone approaches a physical or cyber perimeter.
15 /15 /
Thales CNI Security Facility
When… to apply security?
To manage threats the international community must consider security on a holistic basis.
• Physical (Situational Awareness)
• Operational (business logic linked to ConOps),
• Cyber (all the time with a SOC/NOC) ,
• Personnel (vetting before employment and during, authentication every-day every- access-point, qualifications/records continuously updated and linked to security)
• Pattern-of-Life (social media monitoring predicting events, duress response identifying events in progress, unusual behaviour identification predicting or identifying issues)
• Combating one without the other leaves inherent weaknesses
• Wider reaching commercial and efficiency benefits can be realised.
16 /16 /
Thales CNI Security Facility
Resilience AND EM?
Interrelationships with Emergency Management & Resilience have to be managed
• Post Fukushima there is a lot of focus on Resilience
• We need to ensure security remains part of the holistic considerations
Emergency Preparedness
Incident and Emergency Management
Emergency Monitoring
17 /17 /
Thales CNI Security Facility
Benefits…. the realisation?
• Efficiency in guard force optimisation
• Efficiency of control room staff optimisation
• Improved control room response times
• Reduced manned response times
• Enables rapid complex decision making
• Safety enhancement through improved access/egress
• Improved muster capability
• Safety enhancement through right worker, right place, right qualifications
• Lower security threat risk
• Lower contingency/reserve due to reduced risk
• Reduced outage due to quicker recovery from security/emergency incidents
• Remote monitoring/control in security/emergency situations
• Prevention of egress into threat or contamination zones
• Permission of rapid egress into known safe zones
• Better inter-team morale through communication
18 /18 /
Thales CNI Security Facility
Thales CNI Facility
What are we all doing about Integrated Holistic Nuclear Security?…..
19 /19 /
Thales CNI Security Facility
Cross-industry analogies
20 /20 /
Thales CNI Security Facility
CNI Situational Awareness
Industrial IT Networks
GIS / Geo Systems
Emergency Management
Incident Management
Business Links
Mobile C2 Systems
Information&
ReportsIntegrated
Communications
(ICCS)
Process
Cyber
Operation Integration
Multiple System
Integration
Multiple SecurityLevels
Situation Awareness
Sensors
Video Management
Access Control
Physical
Security
PSIMs
ConOps
NB. More detailed version at end
21 /21 /
Thales CNI Security Facility
The UK CNI Facility
• Simulate enterprise wide networks
• Demonstrate security/emergency/resilience management systems working together
• Understand impacts of cyber threats to networks and management systems
• Assess industry products/applications for security vulnerabilities
• Develop lock-downs for legacy and new systems to enhance security
• Run customer scenarios and collaboratively develop operational requirements
• Explore innovative approaches to holistic security (e.g. social media predictive, biometrics)
22 /22 /
Thales CNI Security Facility
…In the News…
23 /23 /
Thales CNI Security Facility
Holistic Security Situational Awareness
Physical Security (Fences, Intrusion Detection, CCTV, Resilient Networks)
Controlling a Nuclear Power Plant, Perimeter Access or Pipeline Protection using Automation Systems (SCADA and PLCs)
PSIM - integration of 3rd parties
Hypervisor – Situational Awareness - Hypervision using secure, collaborative, resilient, scalable data-bus architectures and web technologies.
TVS – Large Scale CCTV Video Management solutions
Wyvern – Emergency Management Situational Awareness and Security Response Planning solution.
ECHO – incident and First Responder C2 deployments
iCAS – CBRN (Chemical Biological Radiological and Nuclear) Mobile Sensors, Algorithms, and Situational Awareness tracking displays.
DCIS - Deployable Communication Information Systems
24 /24 /
Thales CNI Security Facility
Holistic Security Situational Awareness
Thales iCAS – CBRN Sensor platform, algorithms and C2
Thales Cougar Team Radio – Secure Civil Comms
Thales TeoPad – Secure Multimedia TabletsThales UWB Radar – locate people inside buildings
25 /25 /
Thales CNI Security Facility
Holistic Security Situational Awareness
Thales ECHO – Incident Crisis Management Thales Wyvern – Emergency Information Management C2
Thales TVS – Intelligent Video Management Thales Hypervisor – Situational Awareness
26 /26 /
Thales CNI Security Facility
3rd party suppliers
Synectics – PCIM, VA, VMS Westermo – Industrial Rugged Networking
Pelco - CCTV
Vidsys – PCIM
Geoquip – PIDS
Invensys – SCADA
Rockwell – PLCs and SCADA
ABB – SCADA
Adroit – SCADA
Products4Automation – Win911 alarms
Many suppliers have loaned or donated components for our CIP Facility. We neither endorse or promote their systems above others. Thales is product agnostic. We enjoy working with partners but the customer’s solution is our focus. The 3rd parties are examples at the CNI Facility.
27 /27 /
Thales CNI Security Facility
Partner Organisations
UK Government Cyber Strategy
MOD-Industry Defence Cyber Protection Partnership
Cyber Insurance Forum
28 /28 /
Thales CNI Security Facility
Cyber Integration Centre
World Class Cyber Centre £2.5Million recently invested 85 Cyber Engineers Building UK Cyber Standards for HMGov.
Virtual Machines Any combination of Operating Systems Multiple concurrent scenarios using VLANs Mixture or virtual and ‘real’ equipment Current known zoo of Virus and Malware
Spirent Test Centre (OSI Layers 1-3) Avalanche (OSI Layers 4-7) WAN Impairment
Can create and run 80 million users Network traffic Web / web access Stress Test
Partner with World cyber systems suppliers Spirent, Encase, FireEye & Mordiant
29 /29 /
Thales CNI Security Facility
Cyber Facility
30 /30 /
Thales CNI Security Facility
Cyber Facility
31 /31 /
Thales CNI Security Facility
Cyber Facility
32 /32 /
Thales CNI Security Facility
Cyber Facility
How many cameras viewable on the internet
Figures for just one manufacturer
33 /33 /
Thales CNI Security Facility
CNI Projects – World examples
Mexico City
Ras Tanurah Refinery/Terminal
French Ballard “Pentagon”
Mecca
15,000 CCTV cameras
500 + Operators
8 Command Centres
60,000 calls/day
Largest Oil Terminal
20km perimeter
Turnkey solution
Foiled a suicide bomber
HQ for French MOD, Army, Navy, Air Force and Directorates
10,000 users
Very high resilience
Crowd Flow and Density Monitoring
5,000+ cameras
700 TV screens
34 /34 /
Thales CNI Security Facility
Holistic Security - Situational Awareness
35 /35 /
Thales CNI Security Facility
Benefits…. the realisation?
Integrated Holistic approachEfficiencyEffectivenessEfficiency
Effectiveness
EfficiencyEffectiveness
EfficiencyEffectiveness
Right People, Right Thing, Right Place, Right Time
Public Relations,
Public Confidence,
Staff Confidence.
KPIs
36 /36 /
Thales CNI Security Facility
Nuclear Security - Themes for Discussion To what extent is the security threat understood; cyber, physical,
operational, other? How could such threats manifest themselves within the nuclear
industry? What measures are currently in place to protect against such threats? How does the ONR evaluate the threat and what regulation is/will be
put in place to protect against it? What mitigation would need to be in place to translate the threat
picture into an acceptable and manageable risk How do you report and respond to incidents? How do you assess performance? What does good look like in the nuclear sector, can it be benchmarked
against other sectors? What support could Thales provide to in the complex area of holistic
integrated security.
Questions? – Discussion Themes…
37 /37 /
Thales CNI Security Facility
Together. Smarter. Safer.
THALES – Mountbatten House, Basing View, Basingstoke, Hampshire, RG21 4HJ, UK
Thank You.
38 /38 /
Thales CNI Security Facility
CNI Facility