‘As AR and VR become mission-critical in nuclear operations, their security and reliability must match that of any other critical asset,’ argues Jamf’s Michael Covington.
Working at a nuclear power station must be a pretty interesting job, but also a dangerous one.
There are so many things that could go wrong, from radiation leaks to a reactor core meltdown, not to mention the fact that these facilities are typically classed as critical infrastructure and, thus, can become the target of a terrorist attack.
With so many potential risks, safety is paramount. From advanced cooling systems to accident-tolerant fuels, technology has ensured that nuclear sites have become much safer places to work in recent years.
As technological advancements keep pushing boundaries, nuclear site safety is now being levelled up even more, thanks to the development of augmented reality (AR) and virtual reality (VR) technologies.
AR and VR headsets have the capability not only to enhance safety but also to improve the efficiency of nuclear operations, from simulating emergency training scenarios to remotely operating machinery.
However, as these technologies become more deeply integrated into nuclear operations, it is imperative that security and reliability are not an afterthought. Any compromise – whether through cyberattack, system failure or mismanagement – could have severe safety and financial consequences.
Because these headsets are being integrated into operational procedures, it is essential they undergo thorough vetting when being introduced into the environment. They should also receive ongoing monitoring to ensure that regulatory requirements are met and that the organisation’s security standards are maintained.
How AR and VR are revolutionising the power industry
Due to their critical safety role, AR and VR headsets in the nuclear industry are now classified as ‘mission-critical’ devices. This term refers to any mobile device essential to an organisation’s operations and too important to fail.
The nuclear industry leverages virtual technology to train staff and conduct safety exercises. Immersive simulations allow engineers and operators to practice complex procedures in realistic, risk-free environments. This approach enhances training effectiveness while ensuring staff safety.
By using AR and VR overlays, trainees can also interact with digital schematics in real time, gaining hands-on experience without exposure to the risks of a real-world environment. For example, Fortum’s Loviisa plant constructed a dedicated VR-based control room training process, estimated at just one-tenth of the cost of a traditional training setup.
Beyond safety, AR and VR technology also help nuclear organisations carry out more efficient and precise operations. Headsets provide engineers with greater control and engagement when operating remote robots and other teleoperated systems.
For instance, ČEZ Group’s nuclear power plant in Temelín, Czechia, is experimenting with AR as a replacement for traditional walkie-talkies, offering better support to engineers.
Virtual and augmented reality technologies have also proven invaluable for testing and refining infrastructure designs before construction or modification. Similarly, these tools help teams prepare for high-stakes incidents, such as reactor malfunctions, by simulating response scenarios in a controlled environment.
Augmented tech is mission critical
As AR and VR become embedded in nuclear operations, they transition from valuable tools to mission-critical assets. This means operators must seriously consider the potential impact of a system failure or a system breach.
Disruption to softer applications such as training and planning is easily managed. Operators can switch to traditional measures or delay while the issue is resolved.
However, frontline critical operations cannot afford unscheduled downtime and disruption. Engineers relying on AR/VR to control reactor maintenance robots could be forced to take hazardous manual interventions.
These devices also increase the plant’s attack surface for potential cyberthreats.
Cybercriminals are always looking for vulnerable technology that can be exploited to access secure IT environments, and unsecured headsets are no exception. Because these systems have access to sensitive schematics and risk management plans, it is possible they may become the target of attackers.
A 2023 study by the University of Chicago exposed vulnerabilities in commercial VR systems, demonstrating how attackers could manipulate environments or extract confidential data.
Key cybersecurity and reliability challenges
There are several security and operational challenges around AR/VR technology that must be addressed to avoid introducing unnecessary risk.
Poor security standards in consumer-grade AR/VR devices are one key issue.
Many VR headsets and AR platforms are designed for entertainment, not industrial use. These consumer-grade devices may lack robust authentication, encryption or timely updates to address vulnerabilities, leaving them vulnerable to cyberattacks. While critical use cases are more likely to involve specialised systems, there is still potential for introducing risk into the ecosystem.
This task is complicated by the fact that some sites will likely deploy AR/VR devices from multiple manufacturers, each with its own software and security protocols. This lack of standardisation makes applying consistent protections across all devices difficult, increasing the risk of an overlooked vulnerability.
There is also a balancing act around cyber hygiene versus uptime. Regular software and security patches are essential, but automated updates can unexpectedly disrupt live operations if not properly managed. A security update could cause as much downtime as a cyberattack without backup devices or planned maintenance windows.
How to secure mission-critical AR and VR devices
To ensure AR and VR systems remain secure and operational, nuclear facilities must adopt a layered security approach that balances cyber resilience with uptime management.
Enforce rigorous supplier vetting
Before deployment, organisations should evaluate AR/VR hardware and software vendors to ensure they meet strict cybersecurity standards. This includes reviewing bug bounty programs, security update processes, data encryption methods and supported access control options.
Implement centralised device management
All AR/VR devices should be enrolled in a purpose-built endpoint management system that is optimised for the AR/VR platform. This allows security teams to apply policies that safeguard sensitive data and enforce user authentication to prevent unauthorised access. It also makes it easier to segment networks to restrict AR/VR connectivity to essential systems.
AR/VR systems should also be locked down to prevent the installation of unverified software, reducing exposure to malware or system compromise.
Develop structured update strategies
Care must be taken to schedule security patches during maintenance windows to prevent unplanned downtime. In addition, maintaining backup headsets can ensure continued operations if devices need updating or troubleshooting. Alternative processes should be readily available as needed.
Plan for rapid incident response
Finally, it is critical to be prepared for a security incident. The nuclear sector is no stranger to the risk of hostile cyber attention but must ensure any VR and AR assets are included into existing response plans. This means establishing protocols for isolating compromised devices and ensuring quick recovery processes to restore critical operations.
Securing AR and VR for a safer nuclear future
As AR and VR become mission-critical in nuclear operations, their security and reliability must match that of any other critical asset.
Proactive cybersecurity, structured updates and centralised management are essential in safeguarding these technologies against cyberthreats and availability issues.
By treating augmented and virtual reality tech with the same rigour as other critical infrastructures, nuclear facilities can unlock their full potential without inadvertently introducing more risk.
By Michael Covington
Michael Covington, PhD, is a seasoned technologist and the VP of strategy for Jamf, a leader in Apple enterprise management. He previously held leadership roles at Intel Labs, Cisco Security and Juniper Networks.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
www.siliconrepublic.com (Article Sourced Website)
#secure #tech #nuclear #power #operations