Publications Details

Barriers and Alternatives to Encryption in Critical Nuclear Systems

Lamb, Christopher; Sandoval, Daniel R.

Over the past decade, cybersecurity researchers have released multiple studies highlighting the insecure nature of I&C system communication protocols. In response, standards bodies have addressed the issue by adding the ability to encrypt communications to some protocols in some cases, while control system engineers have argued that encryption within these kinds of high consequence systems is in fact dangerous. Certainly, control system information between systems should be protected. But encrypting the information may not be the best way to do so. In fact, while in IT systems vendors are concerned with confidentiality, integrity, and availability, frequently in that order, in OT systems engineers are much more concerned with availability and integrity that confidentiality. In this paper, we will counter specific arguments against encrypting control system traffic, and present potential alternatives to encryption that support nuclear OT system needs more strongly that commodity IT system needs while still providing robust integrity and availability guarantees.