• About ISL
• Solutions
• Careers
• News

• Current
• 2010 Archive
• 2009 Archive
• 2008 Archive
• 2007 Archive
• 2006 Archive
• 2005 Archive

• Home

DOE Advanced Mixed Waste Treatment Project (AMWTP) – Bechtel Idaho

ISL was contracted to assist in development and implementation of the AMWTP Program Cyber Security Plan (PCSP) to comply with the DOE PCSP, and prepare for DOE FISMA and Security (HSS) audits. The work included development of policies, procedures, and processes; as well as Identifying the critical assets, implementing security measures, performing risk and vulnerability assessments, penetration tests, and system hardening. ISL performed cyber security audit preparation and implemented two factor authentication which was integrated with the enterprise infrastructure. ISL also developed and integrated security baselines for servers, network, applications and databases in accordance with FIPS Pub 200. Data encryption utilized AlertSec.

Nuclear Regulatory Commission Technical Assistance on Digital Process Systems in Nuclear Power Plant

A task order associated with this contract focused on the review and assessment of Critical Digital Assets (Critical Infrastructures, Instrumentation and Controls), for nuclear power plants and nuclear fuel cycle facilities. ISL reviewed and assessed the digital control systems and their associated critical infrastructure to assure their cyber security programs meets the NRC requirement Regulatory Guide 5.71 “CYBER SECURITY PROGRAMS FOR NUCLEAR FACILITIES.” ISL provided to the NRC recommendations on the review of the vendor topical reports and licensing activities. ISL performed the cyber security assessment for a new system that the licensees (Nuclear utilities and nuclear manufacturing facilities), provided to the NRC for review in order to comply with Critical Digital Assets and Critical Infrastructure Protection (CIP), programs.

DOE Idaho National Laboratory (INL) Cyber Security Plan Compliance

ISL was contracted to assist with DOE Program Cyber Security Plan (PCSP) compliance, and prepare for DOE Federal Information Security Management Act (FISMA) and Security audits. This work primarily involved implementation of a Patch and Vulnerability Management program, in accordance with NIST 800-40, to ensure all vulnerabilities were recorded and tracked to a final resolution. The purpose of this was to help INL organizations identify and mitigate security issues before they could be exploited by attackers. Additional tasks included joining non-Windows systems to the Active Directory, encryption of laptop computers, and user awareness training. All work was performed in accordance with the DOE’s Program Cyber Security Plan (PCSP) and the associated requirements and guidelines in Information Security guidelines specified in Federal Information Processing Standard (FIPS) Publications 199 and 200, and NIST Special Publication 800-53. Focus areas included design of security architecture to meet FISMA requirements, implementation of security plans and evaluation and implementation of Vintela Authentication Services for joining Non-Windows systems to Active Directory.

Great Plains Energy (Formerly Kansas City Power and Light), Critical Infrastructure Cyber Security Compliance Program

ISL developed a web-based Critical Infrastructure Cyber Security Portal for Great Plains Energy (formerly Kansas City Power and Light) to aggregate critical cyber assets, information security policies, procedures, training materials, and security plans in a central repository. The system also provided near real-time notification of security threats and vulnerabilities via implementation of Really Simple Syndication (RSS) feeds.

United Arab Emirate FANR, Development of Cyber Security Regulatory Plan AND COMPLIANCE Program

ISL developed an information and cyber security plan and compliance plan for United Arab Emirate FANR. This program latter became a regulatory guide that needed to be complied with by all the nuclear power plants in that country. ISL provided all the steps in developing a program, inspection and compliance standards as part of this project. This program followed the framework stated in the ISO 17799 and FISMA as well as Nuclear Regulatory Commission’s Regulatory Guide 5.71

Enstor Gas Company, Performed IV&V and Security Assessment of Several Gas Sites

ISL performed an independent V∓V of information security and also assessed the security posture of the Enstor gas company. ISL also performed a vulnerability scanning of the network environment and provided the results of the security gap analysis to the clients. Part of the project required ISL to develop several security procedures and standards so Enstor could comply with the Department of Homeland Security Information and cyber security requirements as well and Critical Infrastructure Protection mandates.

Tennessee Valley Authorities, Enterprise IT Security Professional Services

ISL was awarded a $25 Million IDIQ contract from Tennessee Valley Authorities (TVA), to provide a wide variety of projects in the areas of IT security. ISL would utilize FISMA framework to perform an end to end security assessment and evaluation to identify security gaps. Based on the results of the assessment then develop remediation plan and finally execute the plan.

ISL Independent Cyber Security Evaluations

May 2011
ISL's Cyber Security Professionals give you the attention you need to impartially and thoroughly assess your company's infrastructure. We have experience in assessing current-state computing environments against National Institute of Standards and Technology NIST SP 800-53 baseline controls. Whether your business is in the private sector, or your business supports a Government Agency, understanding these controls is critical to your overall security and operating efficiencies. Learn More

ISL Announces RELAP5/MOD3.3 User Workshop

April 2011
ISL's RELAP5/MOD3.3 User Workshop was held June 7 - 9, 2011 in Columbia, Maryland. Be the first to know when new workshops are announced. The 3-Day RELAP5 Workshop is designed for beginners to intermediate users and includes both lectures and hands-on exercises to instruct the user on the application of RELAP5 for their analysis needs. RELAP5/MOD3.3 is a thermal-hydraulic systems analysis code developed by the Nuclear Regulatory Commission (NRC) for nuclear reactor safety analysis applications and used extensively in the power generation community. The workshop will be held in a Class A training center. Worktables and comfortable seating for students will be in "classroom style" environment with computer workstations for each student. Light continental breakfast, refreshments, afternoon snacks and catered lunches will be provided. The course will be taught by ISL's Mark Bolander and Robert Beaton who combined have over 40 years of experience applying the RELAP5 code. The cost of the workshop is $2,300.