Holistic Nuclear Security

An International Challenge
Cevn Vibert
Who… am I?

/

Cevn Vibert

CITP MIET MInstMC MBCS

Solutions Architect & CNI Facility Manager
Security and Consulting
Tha...
Who… is Thales?

/

Mountbatten House, Basing View, Basingstoke, Hants. RG21 4HJ

£11.5bn revenue global company with over...
Thales expertise - Nuclear

/

30 years of expertise:
 Most UK energy production sites use Thales systems to operate
thei...
Nuclear Power: Emergency Response

/

Deployable Communications & Information System (DCIS)


Japanese Earthquake Respons...
Nuclear Security

/

• What Threats….?
• Why Security…?
• How to manage Security?
• When to manage Security?
• Benefits of...
What… does a security threat look like?

/

Targeted Threat to physical security

Thales CNI Security Facility
/

What… does a security threat look like?

What… does a security threat look like?

Disruption to Operations

Thales CNI ...
What… does a security threat look like?

/

SCADA System Threats

Thales CNI Security Facility
What… does a security threat look like?

0 /

Importance of Procedures and Policies

Thales CNI Security Facility
1 /

What… does a security threat look like?

The “Normal Person” internal threat

Thales CNI Security Facility
Why… Security?

2 /

It doesn’t matter where in the world you are, there are potential security
threats, and are all linke...
How… to deal with Security Threats?

3 /

Threats take many forms;

Detect

•Physical Access to Facilities

•Cyber Attack ...
4 /

When… to apply security?
It is possible to extend the before-event activity to deter and detect long
before someone a...
When… to apply security?

5 /

To manage threats the international community must consider security on a holistic basis.
•...
Resilience AND EM?

6 /

Interrelationships with Emergency Management & Resilience have to be managed
• Post Fukushima the...
Benefits…. the realisation?

7 /

•

Efficiency in guard force optimisation

•

Efficiency of control room staff optimisat...
Thales CNI Facility

8 /

What are we all doing about Integrated Holistic Nuclear Security?…..

Thales CNI Security Facili...
9 /

Thales CNI Security Facility

Cross-industry analogies
CNI Situational Awareness

0 /

Mobile C2
Systems

Sensors

Physical
Security

PSIMs

Video
Management

Industrial IT
Netw...
The UK CNI Facility

1 /

•

Simulate enterprise wide networks

•

Demonstrate security/emergency/resilience management sy...
2 /

Thales CNI Security Facility

…In the News…
Holistic Security Situational Awareness

3 /



Physical Security (Fences, Intrusion Detection, CCTV, Resilient Networks)...
Holistic Security Situational Awareness

4 /

Thales iCAS – CBRN Sensor platform, algorithms and C2

Thales UWB Radar
– lo...
Holistic Security Situational Awareness

5 /

Thales ECHO – Incident Crisis Management

Thales TVS – Intelligent Video Man...
3rd party suppliers

6 /

Many suppliers have loaned or donated components for our CIP Facility. We neither endorse or pro...
Partner Organisations

7 /

Cyber Insurance Forum
UK Government Cyber Strategy
MOD-Industry Defence Cyber Protection Partn...
8 /

Cyber Integration Centre


World Class Cyber Centre
 £2.5Million recently invested
 85 Cyber Engineers
 Building ...
9 /

Thales CNI Security Facility

Cyber Facility
0 /

Thales CNI Security Facility

Cyber Facility
1 /

Thales CNI Security Facility

Cyber Facility
Cyber Facility

2 /

How many cameras viewable on the internet

Figures for just one manufacturer
Thales CNI Security Faci...
CNI Projects – World examples

3 /

Mexico City
15,000 CCTV cameras
500 + Operators
8 Command Centres
60,000 calls/day

Ra...
4 /

Thales CNI Security Facility

Holistic Security - Situational Awareness
Benefits…. the realisation?

5 /

Efficiency
Efficiency
Effectiveness Effectiveness
Efficiency
Effectiveness
Efficiency
Ef...
Questions? – Discussion Themes…

6 /

Nuclear Security - Themes for Discussion


To what extent is the security threat un...
7 /

Together. Smarter. Safer.
THALES – Mountbatten House, Basing View, Basingstoke, Hampshire, RG21 4HJ, UK

Thank You.
T...
8 /

Thales CNI Security Facility

CNI Facility
Upcoming SlideShare
Loading in …5
×

Cevn Vibert. Thales UK. 28th January

1,029 views

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,029
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
27
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Presented as a reminder to all involved.
    Add specific aim if required.
  • Cevn Vibert. Thales UK. 28th January

    1. 1. Holistic Nuclear Security An International Challenge Cevn Vibert
    2. 2. Who… am I? / Cevn Vibert CITP MIET MInstMC MBCS Solutions Architect & CNI Facility Manager Security and Consulting Thales UK 07791080623 Cevn.Vibert@UK.ThalesGroup.com Cevn has over 25 years in Industry in a wide range of markets and industries. Projects with EDF, Sellafield, RWE, National Grid, BP, KOC, LUL and Network Rail, together with Thames Water, Dwr Cymru, and many more. Experienced with Command and Control C2 Systems, Control Rooms, System of Systems, CCTV, Access Control, Situational Awareness, Robust and Resilient Architectures, PLCs, SCADA, Industrial Networks, Knowledge Databases, Incident Management, CBRN systems, Emergency Management, Reporting Solutions, Communications and Mobile Systems. Years of experience within the security threat environment has reinforced the necessity for integrated holistic security to manage current and emerging threats. Situational Awareness solutions are key to providing adaptive, effective and timely response to events. Thales CNI Security Facility
    3. 3. Who… is Thales? / Mountbatten House, Basing View, Basingstoke, Hants. RG21 4HJ £11.5bn revenue global company with over 65,000 employees; £1.3bn and 7,500 with Thales UK. Thales UK services a wide range of markets including Critical National Infrastructure protection. Thales UK is a long-term service delivery partner to EDF Generation’s existing nuclear fleet and is providing a deployable communications capability as part of the Japanese Earthquake Response Programme. Thales UK also has interests across the NDA estate, focussing on the provision of security, resilience and emergency management capability. Thales UK recognises security as a global challenge for the nuclear industry and understands how only a holistic approach to infrastructure protection will manage that risk to acceptable levels. Thales CNI Security Facility
    4. 4. Thales expertise - Nuclear / 30 years of expertise:  Most UK energy production sites use Thales systems to operate their facilities. Thales supports the UK energy sector with:  DPCS Data Processing & Control Systems (Nuclear)  Critical to safe operation of EDF’s UK’s nuclear power stations  APMS Advanced Plant Management Solutions (Fossil)  Developed for RWE Npower  60 Systems installed in 9 Power Stations  EDF’s technology partner to extend life of existing nuclear power fleet:  Obsolescence management  Fault and failure analysis  Re-engineering services  Spares & Supply Chain management  Skills and competence management (SQEP) Thales CNI Security Facility
    5. 5. Nuclear Power: Emergency Response / Deployable Communications & Information System (DCIS)  Japanese Earthquake Response Programme (ONR requirement)   Addressing ‘Beyond Design Basis’ scenarios due to extreme natural events  Provides critical data from the nuclear power station to decision makers Transportable Emergency Response Modules:  Completely self-sufficient with resilient communications architecture  Capability held in storage at key points in the UK  Emergency scenario requires Human Factors expertise to make operation intuitive Thales CNI Security Facility
    6. 6. Nuclear Security / • What Threats….? • Why Security…? • How to manage Security? • When to manage Security? • Benefits of managing Security? • What Thales is doing…….. ……..We can all work… Together, Smarter, Safer Thales CNI Security Facility
    7. 7. What… does a security threat look like? / Targeted Threat to physical security Thales CNI Security Facility
    8. 8. / What… does a security threat look like? What… does a security threat look like? Disruption to Operations Thales CNI Security Facility
    9. 9. What… does a security threat look like? / SCADA System Threats Thales CNI Security Facility
    10. 10. What… does a security threat look like? 0 / Importance of Procedures and Policies Thales CNI Security Facility
    11. 11. 1 / What… does a security threat look like? The “Normal Person” internal threat Thales CNI Security Facility
    12. 12. Why… Security? 2 / It doesn’t matter where in the world you are, there are potential security threats, and are all linked to a number of primary objectives. Terrorism Protests/Demonstrations Unscrupulous Competitors Nuisance Disruption Disgruntled Employees IP Theft Thales CNI Security Facility Organised Crime
    13. 13. How… to deal with Security Threats? 3 / Threats take many forms; Detect •Physical Access to Facilities •Cyber Attack on Control Systems/Operations •Denial of Service D eter •Placement of Material/Data R o d esp n •Theft of Material/Data •IP/ID theft Recover Thales CNI Security Facility
    14. 14. 4 / When… to apply security? It is possible to extend the before-event activity to deter and detect long before someone approaches a physical or cyber perimeter. Thales CNI Security Facility
    15. 15. When… to apply security? 5 / To manage threats the international community must consider security on a holistic basis. • Physical (Situational Awareness) • Operational (business logic linked to ConOps), • Cyber (all the time with a SOC/NOC) , • Personnel (vetting before employment and during, authentication every-day every- accesspoint, qualifications/records continuously updated and linked to security) • Pattern-of-Life (social media monitoring predicting events, duress response identifying events in progress, unusual behaviour identification predicting or identifying issues) • Combating one without the other leaves inherent weaknesses • Wider reaching commercial and efficiency benefits can be realised. Thales CNI Security Facility
    16. 16. Resilience AND EM? 6 / Interrelationships with Emergency Management & Resilience have to be managed • Post Fukushima there is a lot of focus on Resilience • We need to ensure security remains part of the holistic considerations Emergency Preparedness Emergency Monitoring Incident and Emergency Management Thales CNI Security Facility
    17. 17. Benefits…. the realisation? 7 / • Efficiency in guard force optimisation • Efficiency of control room staff optimisation • Improved control room response times • Reduced manned response times • Enables rapid complex decision making • Safety enhancement through improved access/egress • Improved muster capability • Safety enhancement through right worker, right place, right qualifications • Lower security threat risk • Lower contingency/reserve due to reduced risk • Reduced outage due to quicker recovery from security/emergency incidents • Remote monitoring/control in security/emergency situations • Prevention of egress into threat or contamination zones Thales CNI Security Facility
    18. 18. Thales CNI Facility 8 / What are we all doing about Integrated Holistic Nuclear Security?….. Thales CNI Security Facility
    19. 19. 9 / Thales CNI Security Facility Cross-industry analogies
    20. 20. CNI Situational Awareness 0 / Mobile C2 Systems Sensors Physical Security PSIMs Video Management Industrial IT Networks Operation Integration Information & Reports Emergency Management GIS / Geo Systems Situation Awareness Multiple Security Levels Incident Management Multiple System Integration Cyber Process Integrated Communications (ICCS) Business Links ConOps Access Control NB. More detailed version at end Thales CNI Security Facility
    21. 21. The UK CNI Facility 1 / • Simulate enterprise wide networks • Demonstrate security/emergency/resilience management systems working together • Understand impacts of cyber threats to networks and management systems • Assess industry products/applications for security vulnerabilities • Develop lock-downs for legacy and new systems to enhance security • Run customer scenarios and collaboratively develop operational requirements • Explore innovative approaches to holistic security (e.g. social media predictive, biometrics) Thales CNI Security Facility
    22. 22. 2 / Thales CNI Security Facility …In the News…
    23. 23. Holistic Security Situational Awareness 3 /  Physical Security (Fences, Intrusion Detection, CCTV, Resilient Networks)  Controlling a Nuclear Power Plant, Perimeter Access or Pipeline Protection using Automation Systems (SCADA and PLCs)  PSIM - integration of 3rd parties  Hypervisor – Situational Awareness - Hypervision using secure, collaborative, resilient, scalable data-bus architectures and web technologies.  TVS – Large Scale CCTV Video Management solutions  Wyvern – Emergency Management Situational Awareness and Security Response Planning solution.  ECHO – incident and First Responder C2 deployments  iCAS – CBRN (Chemical Biological Radiological and Nuclear) Mobile Sensors, Algorithms, and Situational Awareness tracking displays.  DCIS - Deployable Communication Information Systems Thales CNI Security Facility
    24. 24. Holistic Security Situational Awareness 4 / Thales iCAS – CBRN Sensor platform, algorithms and C2 Thales UWB Radar – locate people inside buildings Thales CNI Security Facility Thales Cougar Team Radio – Secure Civil Comms Thales TeoPad – Secure Multimedia Tablets
    25. 25. Holistic Security Situational Awareness 5 / Thales ECHO – Incident Crisis Management Thales TVS – Intelligent Video Management Thales CNI Security Facility Thales Wyvern – Emergency Information Management C2 Thales Hypervisor – Situational Awareness
    26. 26. 3rd party suppliers 6 / Many suppliers have loaned or donated components for our CIP Facility. We neither endorse or promote their systems above others. Thales is product agnostic. We enjoy working with partners but the customer’s solution is our focus. The 3rd parties are examples at the CNI Facility. Synectics – PCIM, VA, VMS Westermo – Industrial Rugged Networking Vidsys – PCIM Invensys – SCADA Geoquip – PIDS Rockwell – PLCs and SCADA Products4Automation – Win911 alarms ABB – SCADA Pelco - CCTV Thales CNI Security Facility Adroit – SCADA
    27. 27. Partner Organisations 7 / Cyber Insurance Forum UK Government Cyber Strategy MOD-Industry Defence Cyber Protection Partnership Thales CNI Security Facility
    28. 28. 8 / Cyber Integration Centre  World Class Cyber Centre  £2.5Million recently invested  85 Cyber Engineers  Building UK Cyber Standards for HMGov.  Virtual Machines  Any combination of Operating Systems  Multiple concurrent scenarios using VLANs  Mixture or virtual and ‘real’ equipment  Current known zoo of Virus and Malware  Spirent  Test Centre (OSI Layers 1-3)  Avalanche (OSI Layers 4-7)  WAN Impairment Can create and run 80 million users  Network traffic  Web / web access  Stress Test Thales Partner withFacility cyber systems suppliers  CNI Security World 
    29. 29. 9 / Thales CNI Security Facility Cyber Facility
    30. 30. 0 / Thales CNI Security Facility Cyber Facility
    31. 31. 1 / Thales CNI Security Facility Cyber Facility
    32. 32. Cyber Facility 2 / How many cameras viewable on the internet Figures for just one manufacturer Thales CNI Security Facility
    33. 33. CNI Projects – World examples 3 / Mexico City 15,000 CCTV cameras 500 + Operators 8 Command Centres 60,000 calls/day Ras Tanurah Refinery/Terminal Largest Oil Terminal 20km perimeter Turnkey solution Foiled a suicide bomber Thales CNI Security Facility French Ballard “Pentagon” HQ for French MOD, Army, Navy, Air Force and Directorates 10,000 users Very high resilience Mecca Crowd Flow and Density Monitoring 5,000+ cameras 700 TV screens
    34. 34. 4 / Thales CNI Security Facility Holistic Security - Situational Awareness
    35. 35. Benefits…. the realisation? 5 / Efficiency Efficiency Effectiveness Effectiveness Efficiency Effectiveness Efficiency Effectiveness Right People, Right Thing, Right Place, Right Time Public Relations, Public Confidence, Staff Confidence. KPIs Thales CNI Security Facility Integrated Holistic approach
    36. 36. Questions? – Discussion Themes… 6 / Nuclear Security - Themes for Discussion  To what extent is the security threat understood; cyber, physical, operational, other?  How could such threats manifest themselves within the nuclear industry?  What measures are currently in place to protect against such threats?  How does the ONR evaluate the threat and what regulation is/will be put in place to protect against it?  What mitigation would need to be in place to translate the threat picture into an acceptable and manageable risk  How do you report and respond to incidents?  How do you assess performance?  What does good look like in the nuclear sector, can it be benchmarked against other sectors?  What support could Thales provide to in the complex area of holistic integrated security. Thales CNI Security Facility
    37. 37. 7 / Together. Smarter. Safer. THALES – Mountbatten House, Basing View, Basingstoke, Hampshire, RG21 4HJ, UK Thank You. Thales CNI Security Facility
    38. 38. 8 / Thales CNI Security Facility CNI Facility

    ×