When a radiological emergency arises, what's more important: good information or a quick response? What if you could have both?
A new communication and response platform developed by Pacific Northwest National Laboratory (PNNL), Visionary Products Incorporated (VPI), and Microsoft rapidly transfers alarm data through the cloud. Vital information is delivered to first responders securely, in seconds, via mobile devices or emergency operation centers for enhanced situational awareness among all parties.
The platform, Sentry-SECURE, is a new feature of the Sentry Remote Monitoring System (Sentry-RMS) fielded by PNNL and used at more than 700 sites across the United States. Unlike other emergency notification systems, Sentry-RMS was developed specifically to monitor for insider threats to high-activity radioactive materials at hospitals, pharmaceutical companies, universities, and other laboratories and commercial research facilities.
"Implementation of Sentry-SECURE enhances situational awareness in real-time, shortening the timeline between threat assessment and response," said Jaime Wise, project manager for Sentry-RMS at PNNL. "This leads to greater protection of radioactive sources."
The Sentry-RMS unit, located in the same room as a radiological asset, uses sensors to monitor for possible threats, such as theft or sabotage. When the unit triggers an alarm, the new Sentry-SECURE feature immediately relays alarm information to off-site emergency response personnel in parallel with on-site alarm procedures.
"Any threat to radioactive material is serious business," said Eric Gonzalez, an electrical engineer in PNNL's Engineered Embedded Systems group and the technical lead for the Sentry-RMS project. "Sentry-RMS monitors 24/7, 365 days a year, and the new Sentry-SECURE platform makes sure high-priority alarm data gets to first responders quickly and securely," said Gonzalez.
The Sentry-RMS technology is implemented by PNNL and owned by the U.S. Department of Energy's Office of Radiological Security (ORS) program. VPI manufactures and administers the technology.
A vision for sustainable security
The current generation of Sentry-RMS is about five years old. Fortunately, the system was built to accommodate future technology upgrades. Security and response experts from ORS, who work in the field with system owners and local law enforcement agencies, saw the need for a faster, secure way for alarm information to reach first responders and minimize risk.
Crucially, the solution needed to be sustainable, requiring no new hardware.
"One-off systems are really hard on first responders, including law enforcement," said Brandon Gorton, a national security specialist within PNNL's Security Systems Optimization group and the principal investigator for the Sentry-SECURE application. "They need a secure, sustainable solution that easily integrates across operational systems, including mobile platforms."
Those operational parameters led to one choice-layered security in the cloud. The vision for Sentry-SECURE was born.
The PNNL team identified nearly 600 technical requirements within physical, cyber, operational, and information security domains. VPI then evaluated cloud service providers and selected Microsoft's Azure environment as best meeting the technical requirements.
"Making the shift to a platform-as-a-service architecture led to a low-cost, feature-rich solution offering more security while being easily scalable and more efficient to deploy," said Gorton.
Microsoft's enterprise agreement with PNNL also presented key strategic advantages. The project leverages existing security features-including authentication, federation of identities, and advanced threat detection-that are deployed at secure sites across the industry, including PNNL as a Department of Energy national laboratory.
"Sentry-SECURE is an entirely independent interface, but if anyone tries to spoof or hack the alarm data, they are going against the full force of proven cryptographic solutions," said Gorton. "The heavy lifting up front makes it easier for partners in the field."
Sentry-SECURE attributes
True to the vision, Sentry-SECURE integrates into existing computer-aided dispatch or event management software without any hardware upgrades. Key attributes of Sentry-SECURE are data integrity, availability, and confidentiality-the three components of the cybersecurity "triad."
- Data integrity: information is protected from being altered in any way
- Data availability: information is available to authorized and authenticated users on demand
- Data confidentiality: data are available only to authenticated and authorized users.
To take advantage of the real-time benefit, owners and consumers must first register their information in the software. All data configuration and authentication-during signup and subsequent data transfer-occurs within the Sentry-SECURE software in Microsoft's Azure cloud environment.
The new platform is configurable to meet partner-specific needs or other security applications. The technology offers mobile applications in both Apple and Android operating systems, and threat information delivered to mobile platforms doesn't interfere with device usage in any way.
Expanding collaborations for remote monitoring systems
Sentry-RMS and Sentry-SECURE are one of several security tools offered by ORS to help partner sites better secure their radioactive materials. For the last decade, ORS program staff worked to build site partnerships and enhance the hardware, software, policies and procedures, and training when deploying a Sentry-RMS.
"Site participation in the ORS program is 100 percent voluntary," said Blake Kluse, PNNL program manager for ORS. "These sites understand the threat that radioactive material poses if it falls in the hands of malicious actors and have chosen to partner with ORS to better secure the high-value asset."
With Sentry-SECURE ready to deploy, ORS staff
