When Physics Meets (Reverse) Engineering: Understanding Cyber-Physical Attacks Against Nuclear Reactors
The current unstable geopolitical situation has once again, after many years, brought back the everlasting threat of a nuclear conflict.
This talk is intended to contribute further to a better understanding of the different cyber-physical attacks that may impact nuclear facilities, driven from the perspective of hypothetical, but realistic, state-sponsored operations. One of the novel aspects of this research is that it is based on the analysis of specific digital Instrumentation and Control equipment (Class 1E), that is currently deployed in multiple Nuclear Power Plants across Europe (including Swiss NPP such as Beznau or Gösgen), USA, Russia, or China.
AI Summary
Key facts
- Teleperm XS is the digital platform under scrutiny for its role in nuclear reactor safety systems, highlighting its significance in ensuring the operational security of nuclear facilities.
- Santamarta's research revealed that Teleperm XS modules were available on eBay, which sparked his interest in exploring the vulnerabilities within nuclear power plant safety systems.
- The simulation of a cyber-physical attack led to a scenario where the reactor core was partially uncovered in 49 minutes, indicating the potential severity of such attacks.
Ideas
- Cyber-physical attacks on nuclear reactors are complex but conceivable, emphasizing the need for preparedness and education in the face of potential cyber incidents.
- The digital reactor protection system, Teleperm XS, plays a crucial role in the safety of nuclear power plants, making it a significant target for potential cyber attacks.
- Simulating cyber-physical attacks, such as the one leading to a partial reactor meltdown, can help in understanding vulnerabilities and strengthening nuclear reactor defenses.
Keywords
- Cyber-Physical Attacks
- Nuclear Reactors
- Teleperm XS
- Safety Systems
- Cyber Security
Quotes
- “this talk about and this is uh This research and this talk is all about information and education uh it's not about fat or drama”
- “nuclear power plants are complex but they may be valuable targets during armed conflicts or profound um geopolitical confrontations but still extremely uh rare case”
- “if you have access to uh the Service Unit if you can compromise the Service Unit you have the keys of the gimon you can deploy new firmware you can deploy new user applications to the functional units you can basically control entire reactor protection system and issue actuation orders”
Recommendations
- Increase awareness and education on nuclear technology and its cyber aspects to better prepare for and potentially identify cyber-related nuclear incidents.
- Strengthen the security of nuclear power plants by focusing on the protection of digital reactor protection systems like Teleperm XS against potential cyber threats.
About the speaker
Ruben Santamarta
Ruben Santamarta is a European independent security researcher with more than 20 years of experience.
In these years he has found and published dozens of vulnerabilities in common desktop software and operating systems, industrial control systems, SCADA software, IoT devices, RF controllers, radiation detection devices, SATCOM, maritime equipment, and avionics systems. He has presented multiple times at international security conferences such as BlackHat USA. His research projects are usually covered by international media outlets.
Read more …