Rantburg

Today's Front Page   View All of Thu 05/22/2025 View Wed 05/21/2025 View Tue 05/20/2025 View Mon 05/19/2025 View Sun 05/18/2025 View Sat 05/17/2025 View Fri 05/16/2025
2007-05-20 Home Front: WoT
"Data storm" blamed for nuclear-plant shutdown
Could have bene provoked by an outside data spike: that's not comforting.
The U.S. House of Representative's Committee on Homeland Security called this week for the Nuclear Regulatory Commission (NRC) to further investigate the cause of excessive network traffic that shut down an Alabama nuclear plant.

During the incident, which happened last August at Unit 3 of the Browns Ferry nuclear power plant, operators manually shut down the reactor after two water recirculation pumps failed. The recirculation pumps control the flow of water through the reactor, and thus the power output of boiling-water reactors (BWRs) like Browns Ferry Unit 3. An investigation into the failure found that the controllers for the pumps locked up following a spike in data traffic -- referred to as a "data storm" in the NRC notice -- on the power plant's internal control system network. The deluge of data was apparently caused by a separate malfunctioning control device, known as a programmable logic controller (PLC).

In a letter dated May 14 but released to the public on Friday, the Committee on Homeland Security and the Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology asked the chairman of the U.S. Nuclear Regulatory Commission to continue to investigate the incident.

"Conversations between the Homeland Security Committee staff and the NRC representatives suggest that it is possible that this incident could have come from outside the plant," Committee Chairman Bennie G. Thompson (D-Miss.) and Subcommittee Chairman James R. Langevin (D-RI) stated in the letter. "Unless and until the cause of the excessive network load can be explained, there is no way for either the licensee (power company) or the NRC to know that this was not an external distributed denial-of-service attack."

The PLC was connected to the plant's Ethernet network, according to an NRC information notice on the incident. The PLC controlled Unit 3's condensate demineralizer -- essentially a water softener for nuclear plants. The flood of data spewed out by the malfunctioning controller caused the variable frequency drive (VFD) controllers for the recirculation pumps to hang.

Such failures are common among PLC and supervisory control and data acquisition (SCADA) systems, because the manufacturers do not test the devices' handling of bad data, said Dale Peterson, CEO of industrial system security firm DigitalBond. "What is happening in this marketplace is that vendors will build their own (network) stacks to make it cheaper," Peterson said. "And it works, but when (the device) gets anything that it didn't expect, it will gag."
Posted by Steve White 2007-05-20 00:02|| || Front Page|| [11133 views ]  Top

#1 Doesn't know what to do with bad data? Sounds suspiciously like Macrosoft's sloppy work.
Posted by gorb 2007-05-20 01:27||   2007-05-20 01:27|| Front Page Top

#2 DRUDGE > DICAPRIO says HUMANS FACE EXTINCTION FROM GLOBAL WARMING. Wouldn't had happened iff we all wore togas and lived green like Leonardo.
Posted by JosephMendiola 2007-05-20 03:46||   2007-05-20 03:46|| Front Page Top

#3 Take it from me (worked on design and construction of 4 nukes) the PLC and SCADA systems are strictly internal. Could be a dopey loop in the logic sequence under certain conditions that just now became apparent - low flow at certain temps or PSI for example.
Posted by Jack is Back!">Jack is Back!  2007-05-20 06:49||   2007-05-20 06:49|| Front Page Top

#4 Why would a nuclear plant's Local area network (LAN) be connected to the Internet? (Another article mentioned the LAN was 10 Mbps - very OLD tech. I've seen old network interface cards go bad and saturate a network).
Posted by DMFD 2007-05-20 09:29||   2007-05-20 09:29|| Front Page Top

#5 How about a plain old pressure switch? (several times redundant of course)do away with computer controls except as backup.
Posted by Redneck Jim 2007-05-20 13:10||   2007-05-20 13:10|| Front Page Top

#6 there is no way for either the licensee (power company) or the NRC to know that this was not an external distributed denial-of-service attack.

Am I the only one who finds it supremely ironic and hysterically funny that DOS has finally come to mean denial-of-service?
Posted by Zenster">Zenster  2007-05-20 17:04||   2007-05-20 17:04|| Front Page Top

#7 Am I the only one who finds it supremely ironic and hysterically funny that DOS has finally come to mean denial-of-service?

DOS = Disk Operating System
DoS = Denial of Service

It helps if you grasp the subtle differences between the acronym's.
Posted by Natural Law 2007-05-20 22:53||   2007-05-20 22:53|| Front Page Top

17:49 magpie
15:50 Skidmark
15:50 swksvolFF
15:48 Skidmark
15:46 Skidmark
15:41 Skidmark
15:35 Skidmark
15:25 Skidmark
15:21 illeagle
14:41 Besoeker
14:16 trailing wife
14:12 swksvolFF
14:03 trailing wife
13:55 Skidmark
13:45 Silentbrick
13:40 DarthVader
13:35 swksvolFF
13:20 Skidmark
13:16 Skidmark
13:11 Skidmark
13:02 Skidmark
13:01 Skidmark
12:59 Skidmark
12:52 mossomo









Paypal:
Google
Search WWW Search rantburg.com