In order to effectively carry out its nuclear safeguards mission, the International Atomic Energy Agency (IAEA) must maintain a high level of information security. The United States National Security Agency (NSA), and other similar organizations, recommend “defense in depth” as a practical strategy for securing networked systems. Defense in depth is the practice of placing multiple layers of security throughout a system. For more than two decades, the IAEA has implemented defense in depth by using virtual private networks and cryptography tokens for data authentication and encryption.
In recent years, some safeguards instrument developers have integrated data security functionality directly into new instruments, thereby pushing data authentication and encryption closer to the source of data creation. Recent experience has shown, however, that direct integration may not always be desirable. Furthermore, the IAEA has started using more and more commercial-off-the-shelf (COTS) instruments, which typically do not include intrinsic data security capabilities. As such, the IAEA needs a low-cost data security device that can be connected to any instrument, COTS or custom.
The United States Government has funded development of a data security device for use by the IAEA Department of Safeguards. The device is named “Rainbox” in reference to the IAEA “RAINSTORM” requirements for data acquisition and data security. The Rainbox sits logically between an instrument and the network. It collects data from one or more connected instruments, digitally signs and/or encrypts the data and then presents the secured data for retrieval from IAEA headquarters over the network. The data acquisition and data server software are written in the Go programming language. Open-source libraries, including sc-hsm-ultralite, provide the data security functionality.
The Rainbox itself is built entirely from COTS hardware. Since the Go programming language supports Linux, macOS and Windows, and the Rainbox hardware simply requires one USB port plus two or more network ports, the Rainbox can easily be ported to other platforms, thereby providing long-term sustainability. Future work includes integration of additional capabilities such as virtual private networking and instrument-to-instrument triggering.