As a nuclear engineer and having worked directly in the nuclear industry for 20 years, I have an understanding of nuclear plants and nuclear plant cyber security. The emergency safeguards in existing commercial nuclear plants use AC motors for their emergency core cooling. During normal operation, these pumps are not operational but must be operational within a very short period of time for an upset event that requires emergency core cooling. As the Fukushima event demonstrated, emergency core cooling may be needed for a significant period of time. It will be hard to hide from the public that a nuclear plant has undergone an incident requiring the operation of the emergency core cooling systems. It has been demonstrated that Aurora can damage AC motors. The Aurora event comes “over the wires” from the local substation. Consequently, Aurora can only occur if off-site power is available. Since very few substations have implemented the Aurora hardware fix, nuclear plants are at risk for core melt from Aurora as long as off-site power is maintained. This risk is certainly more probable than once in a million years which is the minimum criteria for the safety analysis to address specific threats. Why haven’t the nuclear plant operators implemented the fix for protecting their own business assets? Why has the NRC not mandated the fix for safety reasons? Why is IAEA not addressing this threat?
Joe Weiss
