Extreme close-up of a circuit board showcasing a padlock icon on a chip

Cybersecurity

Applying our knowledge to protect your critical assets from cyber threats.

Get in Touch

For any career-related inquiries, please visit our Careers​​ page for more information

For any concerns or questions about how we use your personal data or about how to exercise your rights under privacy legislation, contact the Kinectrics Data Protection Officer at [email protected] or call 416-207-6000 ext. 6465.

Cyber Security for Critical Infrastructure - Brochure

Our Global Team

Canada Profile photo: Marcy Sanderson Marcy Sanderson VP, Strategic Growth and Innovation
Now reaching out to...
Profile photo: Marcy Sanderson

Marcy Sanderson

VP, Strategic Growth and Innovation, Canada

For any concerns or questions about how we use your personal data or about how to exercise your rights under privacy legislation, contact the Kinectrics Data Protection Officer at [email protected] or call 416-207-6000 ext. 6465.

Cybersecurity Overview

Workers with hardhats observing monitoring computer

Cybersecurity, the practice of protecting critical systems and sensitive information from digital attacks, is very important to electricity generating stations, especially nuclear facilities, where fine control is essential in order to maintain safe and reliable operation.

A strong cybersecurity strategy is like the safety principals of the plant. Cybersecurity uses a defense in depth approach with layers of protection to defend against cyber-crime, including cyber-attacks that attempt to take over control of systems, change or remove data or in some other way disrupt normal operation.

We have been supporting the successful implementation of cybersecurity programs and modifications for Industrial Control Systems (ICS) in critical infrastructure sector since it was first recognized as an issue. Our cybersecurity services are comprehensive and address all stages of program implementation.

We have implemented solutions within our client's physical and procedural framework and understand the challenges the critical infrastructure sector are facing. We provide functional support to both the operational technology (OT) and information technology (IT) security-focused teams within your organization.

Why Our Cybersecurity Services?

  • Development of One-Line Diagrams

    The comprehensive one-line diagrams we produce give a simplistic review of cybersecurity capabilities enabling the full defensive architecture to be easily seen and understood.

  • Comprehensive Systematic Assessment

    By systematically assessing your processes, procedures, and assets and addressing all stages of cybersecurity program implementation we ensure all the cybersecurity needs are met.

  • Qualified and Security-Cleared

    Our team includes qualified security-cleared engineers and analysts in Canada and the United States with experience in systematically assessing client processes and procedures in compliance with NEI-13-10 and CSA N290.7.

  • Strong Working Relationships

    Working closely with vendors and suppliers allows us to ensure assets are classified and remediated properly. This includes obtaining schematics and interfacing with component manufacturer’s engineers to ensure proper identification.

  • Value Added Solutions

    We support your every need, helping you remove cybersecurity threats and developing contingency plans in case a threat materializes,

  • In-house Human Factors Engineering

    Our human factors engineering (HFE) specialists provide input to design based on HFE analysis and validation.

Our Cybersecurity Technical Abilities

Table of Contents

Program Planning, Development, and Auditing

Evaluation of new or existing equipment for cyber program compliance and vulnerabilities.

  • Participation in cybersecurity assessment team meetings to determine Critical Digital Asset (CDA) / Cyber Essential Asset (CEA) classifications and necessary remediation actions
  • Multiple employees have Technical Assessment Methodology (TAM) training from EPRI
  • We prepare vulnerability assessments and provide input through the modification process using the TAM
  • We undertake third-party reviews of cybersecurity upgrade design changes and Work Packages resulting in fewer field changes and ensuring compliance with regulations
Illustration of a padlock surrounding by swirling abstract art

Cybersecurity Program Implementation

Engineering, design, and implementation support to specific cybersecurity program controls including, but not limited to:

  • Boundary Isolation Device Installation (Data Diodes, Network Taps)
  • Defense-In-Depth Bypass Identification and Elimination
  • Time Distribution utilizing Network Time Protocol (UTC, EST, DST) and Inter-Range Instrumentation Group Format B Timecodes
  • Installation of Analog Deterministic KVMs to Allow Switching Between Various Layer Workstations
  • Security Information and Event Management
  • Intrusion Detection & Prevention, Real-time Network Monitoring, and Logging Hardware Installation
  • CS Management System Installation such as Antivirus, Whitelisting, and Windows Server Update Services
  • Equipment Procurement Specifications
Illustration of working in meeting while large padlock is shown on a laptop

Physical Security Integration

Protecting your company assets with physical cybersecurity solutions.

  • Design and Implementation of Physical Security Requirements in Support of Cybersecurity Programs (e.g. Lock & Alarm Devices)
  • Plant and Security Computer Upgrades including Video Monitoring
  • Design and Remediation for Network Connections that Cross the Protected Area Boundary
Illustration of a cityscape being interconnecting by paths of light

Cybersecurity Network Schematics

We develop comprehensive one-line diagrams for simplistic illustrated layout of cybersecurity capabilities.

Plants may have network components represented on dozens of plant configuration drawings. This can make it difficult to see the full defensive architecture, identify cyber level bypasses, or to prove that bypasses do not exist.

We create drawings that:

  • Succinctly Map a plant’s Computer Network by Cybersecurity Level
  • Identify Network Boarders & Boundaries
  • Identify Air-Gapped and Demilitarized Zone (DMZ) Networks

These can be used as permanent plant drawings or as an informational sketch to help with cybersecurity planning and audits.

Value-Added Solutions

Supporting our client's every need.

  • Development of Contingency and Manual Actions used in the event of a Cyber Threat
  • Allowing for proper planning and design of permanent or automated cybersecurity solutions while ensuring compliance with regulatory deadlines
  • Modernizing and Retrofitting existing ICSs in a highly regulated environment
  • Requiring compliance with guidelines and standards such as NEI-13-10 and CSA N290.7
  • Strong working relationship with equipment vendors ensuring assets are classified and remediated properly
  • Including obtaining schematics and interfacing with component manufacturers to ensure proper identification. We work hand-in-hand with the vendors who provide cyber-compliant systems to validate our solutions

Downloads

Our Proven Experience

Quality Assurance & Technical Standards

CSA N290.7 (2021)
Cybersecurity for nuclear power plants and small reactor facilities
NEI 08-09 (2010)
Cybersecurity Plan for Nuclear Power Reactors
NEI 13-10 (2017)
Cybersecurity Control Assessments

Key Clients

Organization
Bruce Power logo Visit Bruce Power
Organization
Entergy logo Visit Entergy
Organization
ES Fox Constructors logo Visit ES Fox
Organization
Ontario Power Generation (OPG) logo Visit Ontario Power Generation (OPG)
Organization
Southern Company Nuclear logo Visit Southern Nuclear

Projects

CAL3 SE Design Engineering L3 Cyber Security 003
Project

Connection of Operational Technology Equipment to Business LAN

HML0 Placeholder Image
Project

Cybersecurity for a CANDU Nuclear Generating Facility

CAL3 Design Engineering L3 Cyber Security 001
Project

Cybersecurity Projects for a New Build Pressurized Water Reactor (PWR) Project in the USA.

CAL3 SE Design Engineering L3 Electrical Design 003
Project

Electrical Design Projects - US Pressurized Water Reactor (PWR) Station

CAL3 SE Design Engineering L3 Cyber Security 005
Project

Electromagnetic Interference (EMI) and Radio Frequency Interference Study at an American Pressurized Water Reactor (PWR) Station

PRL1 Security Access Facilities SAF for an American Nuclear Utility
Project

Local Area Network (LAN) Coverage Study for an American Pressurized Water Reactor (PWR) Site

MEL1 COG01
Project

NEI 10-4 and NEI 13-10 Task Force

CAL3 SE Design Engineering L3 Cyber Security 002
Project

Security Projects at an American Boiling Water Reactor (BWR) Nuclear Generating Facility

PRL1 Society 3 2022 11 23 011713 suoq
Project

Various I&C Projects at an American Pressurized Water Reactor (PWR) Nuclear Generating Facility

PRL1 Society 4
Project

Various Projects for an American Pressurized Water Reactor Facility

Kinectrics I&C and Computer Design is a reliable partner for our capital projects ranging from process instrumentation to safety-related process control modifications and securely integrating digital control systems. We rely on Kinectrics for emergent outage and operational issues requiring design engineering support and always trust their ability to mobilize for emergent work and deliver design packages on critical path.
Manager, Bruce Power

Related Media & News

MEL1 Events ASME PVP
Event Jun 18 - 20, 2022

ASME - Pressure Vessels & Piping Conference 2022

Learn more
MEL1 Wi N 6
Event Sep 25 - 28, 2022

Women in Nuclear Canada 2022

Learn more
Media Center

Keep Exploring

Visit our media center to find news and helpful resources from Kinectrics.

Visit the Media Center

Kinectrics Training

To get yourself or your staff up to speed on the latest electricity generation standards, sign up for one of Kinectrics’ training courses.

Train with us