Much is being written about the recent Browns Ferry "broadcast storm" event. Without judging what others are saying, I would like to posit what I believe either happened or could have happened. There is insufficient detail in the NRC Information Notice to make a definitive judgment. Talking to other experts with experience in the design of these systems, there are several possibilities. The first is an overloaded network device such as a layer 2, unmanaged switch; the second would be something generating excessive network traffic such as an errant device or an IT network scan. These events are unintentional and have been seen previously. It is unlikely the NRC's recommendation of a firewall at each variable frequency drive would not be sufficient to adequately prevent these types of incidents.
The Browns Ferry event is NOT a nuclear event, but an industrial control system cyber event. It points out the need for guidance in network design, implementation, installation qualification, and performance monitoring. I called about 12 people over the past three days on this event. Four people responded they had seen similar events in their non-nuclear facilities. Consequently, I plan to have a 3 hour open session discussion on this subject at the August Control System Cyber Security Conference in Knoxville.