A British nuclear power station suffering an "unplanned outage" has categorically denied any link to the sophisticated Stuxnet worm. One of two reactors at Heysham 1, owned by French energy giant EDF, was taken offline yesterday. Parts of the site are run by Siemens S7 systems, prompting suggestions the sophisticated worm is to …
Forbes only half says
Forbes only half says it's Stuxnet; the article body backpedals a bit.
The other half of their point is that Edf Electricity Distribution has been sold to a pair of Hong Kong companies, and the sale has just completed. Edf Electricity Distribution apparently covers London and much of the south east. Maybe they're worried about 2012 and don't want to be associated with what is going to happen...
Nice to know UK plc's essential utilities are in safe hands and not subject to the arbitrary ravages of the free market and in particular of (very) foreign companies not a million miles from those nasty Commies in China who now do most of the UK's manufacturing.
No, it's not Stuxnet.
Heysham 1 is one of the UK's fleet of Advanced Gas-cooled Reactors.
A few years ago I had the opportunity -- non-repeatable, alas -- to crawl all over (and under) one of its siblings, at Torness.
If you want to write a worm that can wreak havoc on an AGR, you don't want to go for Siemens controllers -- you need something with hands and the ability to pick padlocks! Literally *every* valve in the insanely complex plumber's nightmare that is an AGR is locked in position with a padlock -- by design. There are dozens, possibly hundreds, of operational parameters that can be adjusted, and a limited envelope within which the reactor can sustain criticality while generating steam; while running, these are literally locked down, with the only easily accessible controls being physical safety features. I suspect the mere idea of running an AGR on SCADA software controlled from Windows might make the engineers responsible faint ...
(A full write-up of my visit to Torness is here: http://www.antipope.org/charlie/blog-static/rants/nothing-like-this-will-be-buil.html )
It's Charlie himself. Well met, sir, well met.
charliestross has it about right
I worked on the construction and commissioning of Heysham II, and also did oddments on Heysham I. Heysham II is much as Charlie describes- Heysham I is an even earlier design of station, less automated and computerised....in fact, if memory serves me right, Heysham I and its sister station at Hartlepool were either the first UK nuclear stations with digital control systems, or the last with analogue!
And one thing you don't do with a nuclear station with fully certified control systems is replace them - it's not worth the effort in terms of getting HSE/NII approvals. So treat this sory with a substantial pinch of salt.
Love the books, btw, charlie!
So this reactor took a trip...
"EDF declined to give a detailed technical explanation for the ongoing outage, citing regulations that forbid the release of such information. The regulations are designed to prevent distortion of the energy market based on speculation over when electricity production may resume."
I mean, ok, how regularly f*cktarded and irretrievably ignorant does one need to be to think that a regulation of that kind makes any sense?
The more so that energy market is _supposed_ to be distored if a producer goes off-line.
regulations that forbid the release of such information
Sounds like doublespeak for legally enforced media blackout enabling teh government to lie and effect a cover-up in the event that a nuclear cockup occurs.
Of course it's not Stuxnet
That would require computers modern enough to run Windows, after all...
@Charlie re Torness writeup.
Sir, what a wonderful writeup.
Overused, but appropriate: "we shall not see their like again".
Classic overengineering, or sensible safety precautions?
Compare and contrast with the EPRs under construction (and over budget) in Finland and France, where despite long standing European regulatory policy which requires logically and physically separate systems for control and for shutdown, the suppliers Areva are still proposing a single integrated control and shutdown system. Even commercial aircraft engines (with rather more cost pressure) generally come with separate control and safety systems.
Still, they wouldn't do it if it wasn't safe would they.
I did my work experience as a PFY in the IT dept at Heysham 1* about a decade back. I distinctly remember being told that the safety critical systems ran on UNIX-based boxes so unless things have changed since, EDF's claim that there's no S7 stuff in a safety critical role probably holds water since I believe S7's software is a Windows thing?
* Not as exciting as it sounds - two weeks of making tea, upgrading RAM, changing toner cartridges and plugging those god-awful type-1 token ring connectors back together because nobody had bothered with that locking clip thingy with enough self-important, demanding yet unappreciative users to scare me off Hell Desk work for life. It was a very interesting place to spend a fortnight, though. Good grub in the canteen, too.
Re: So this reactor took a trip...
@Destroy All Monsters "I mean, ok, how regularly f*cktarded and irretrievably ignorant does one need to be to think that a regulation of that kind makes any sense?"
Well, how ignorant are you? If there aren't regulations on what energy producers could say, they easily manipulate the market with false or misleading news. Energy producers rarely own a single plant.
Imagine if one of your plants were to develop a crack in the containment vessel and the plant had to be idled? That would take a long time to repair. What happened if this crack was discovered just a week before a number of contracts were up, driving up prices immediately, because there is now less supply. And then what would happen, if the plant then announces the contractor doing the work had a faulty x-ray machine, and everything is fine, and resumes production?
There are good reasons for most regulations.
re: Well, how ignorant are you?
Because the general public should have no right to know the truth in the event of a nuclear accident. I mean, that would be highly embarassing wouldn't it.
Liking your website and articles!! Thank you.
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Boffins say they've got Lithium batteries the wrong way around
- Game Theory Half a BILLION in the making: Bungie's Destiny reviewed
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Phones 4u slips into administration after EE cuts ties with Brit mobe retailer