Speaker
Description
This presentation illustrates the practical application of Germany’s national IT security regulations for high-risk radioactive material transport, using the fictional journey of transport container "Cerberus_74" as a case study. Starting from a nuclear medicine centre in southern Germany, the scenario highlights the logistical and digital challenges involved in safely transporting highly sensitive radioactive substances.
Three core systems are critical to the operation: a real-time transport control system, container monitoring sensors, and a secure communication network. The narrative describes a simulated cyberattack aimed at manipulating GPS data and compromising container integrity data. Thanks to the protective measures outlined in the IT-Security requirements catalogue issued by BASE (Federal Office for the Safety of Nuclear Waste Management), the attack was successfully thwarted. Key safeguards included two-factor authentication, system hardening, baseline monitoring, and trained personnel.
The presentation also emphasizes the role of independent experts in the approval process. Before any transport begins, the applicant must demonstrate compliance with the IT security catalogue through detailed documentation and technical specifications. The expert acts as an auditor, verifying that theoretical concepts are effectively implemented and identifying any weakness.
The case of "Cerberus_74" underscores that IT-Security in radioactive material transport is not a static checklist but a dynamic, critical function. The combination of regulatory frameworks and expert oversight provides a robust model for ensuring safety in a digitized world and may serve as a blueprint for international standards.
