Cybersecurity and Nuclear Power Plants

It’s hard to read the news these days without seeing reports of one entity or another “getting hacked” or being attacked in cyberspace. We’re frequently asked how nuclear power plants are protected from those who try to break into computer systems without authorized access – often for malicious purposes.

Perhaps the most important thing to recognize is that nuclear power plants and their computer systems were designed before the days of internet cafes and wireless connections. So there is no connection to the internet and thus no way for a hacker from the outside to get at the safety-related computer systems of the plants. Even the digital control systems installed in some plants more recently have no connection to the ‘net.

And while nuclear power plants were designed to feed electricity to the power grid, they were also isolated in ways to protect them from any potential negative effects that could come from the grid.

After the terrorist attacks of September 11, 2001, cyber security quickly became a major focus of U.S. government activities. The NRC was no exception. We took immediate steps – through orders — to ensure that computer systems used to operate nuclear power plants were not accessible even by “insiders” who could attack the cyber systems directly from within the plant.

Later, the NRC went even further with a new regulation that required all the nuclear power plants to have a cyber security plan and a timeframe for implementing protections of those key systems related to safety, security and emergency preparedness functions.

In addition any power company seeking to build a new nuclear power plant will need to include a cyber-security plan as part of their application to the NRC.

The NRC has its own cyber security experts on staff and works closely with other federal experts, including U.S. Cert – the U.S. Cyber Emergency Readiness Team – to monitor what’s happening in cyber space here and around the world, and to take actions if necessary to protect the vital systems in nuclear power plants.

Sara Mroz
Security Specialist

The Job of a Health Physicist at the NRC

The Office of New Reactors (NRO) evaluates designs for new reactors and license applications to make sure they meet the necessary laws and regulations. NRO staffers complete these reviews after we’ve gathered the information we need to conclude the design or proposed reactor can protect public health and safety and the environment.

I’m one of nine NRO health physicists who participate in these reviews. We work to ensure the plant will protect people from the reactor’s radiation, both during normal operation and during accidents. We have engineering or physical science degrees, and our training focuses on radiation sources in a nuclear reactor, how they could impact people and the environment, and how to avoid unnecessary radiation exposure.

Our work helps ensure that new reactors’ structures, systems and components will minimize radiation exposures to plant personnel and members of the public — to the extent reasonable with modern technology. The reviews also consider risks from hazards that are not radiological, so that when we reduce radiation risk we don’t inadvertently increase risk from other hazards.

NRO health physicists also review the operational programs and procedures for proposed new reactors to make sure that management and personnel keep radiation exposures as low as is reasonably achievable through proper training, behavior and decisionmaking.

Our work always focuses on ensuring the possible health risks and environmental hazards associated with new reactors are managed before the reactors are approved and built.

Sara Bernal
Health Physicist
%d bloggers like this: