Address
Description
Mission
Pantex has five primary operational missions:
1. Weapons Assembly: The Pantex Plant assembly mission, which has been scaled back in recent years, is accomplished with components furnished by DOE complex suppliers. In addition to initial production, weapons assembly activities include repairs, modifications, and updates to improve safety and reliability or to incorporate new technology. The nuclear physics packages for all weapons are assembled in assembly cells or assembly bays, depending on the type of explosive and safety requirements. The mechanical assembly for most warheads and center bomb assemblies is performed in assembly bays designed for maximum safety. Operations performed during this stage of assembly include insertion of the physics package, installation of electrical parts, paint touch-ups, X-rays, and technical tests. The weapons' final assembly and packaging includes tail assembly and the installation of the preflight assembly. Bombs are installed on a specially designed trailer, and warheads are placed in drumlike containers.
2. Weapons Disassembly: Most of the weapons sent to Pantex for disassembly were originally assembled at Pantex. The DOE has disassembled some 50,000 nuclear weapons over the years in a safe, secure, efficient, and environmentally sound manner. All weapons scheduled for dismantlement are subjected to a series of safeguard inspections within 72 hours of their arrival at Pantex. Only after the weapons pass these tests are they permitted to undergo the approved disassembly procedure. A variety of methods are used to disassemble the weapons and dispose of the resulting materials in a manner that will protect the health and safety of Pantex employees, the public and the environment.
3. Evaluation of Weapons: To maintain the reliability of the nation's weapons stockpile, weapons from all active systems are randomly selected and returned to Pantex each year for surveillance testing and evaluation. Certain components are removed from the weapon, assembled into test configurations, and subjected to electrical and/or explosives testing. Extreme care is taken during the evaluation process to maintain the assembled and received condition of the weapon and its components. Data gathered as a result of the testing are reported to the DOE's design agencies. Components not destroyed during the testing process are recycled for reacceptance and are available for use in future weapons system assemblies.
4. High Explosive Research and Development: Another mission at Pantex is to develop and research the high explosives that surround the nuclear components of weapons. The Applied Technology Division is responsible for all activities at Pantex that involve the chemical high explosive components for nuclear weapons. Safety is paramount in all operations of this division. The High Explosives Synthesis Facility is used to develop explosives and explosive processes and to produce small quantities of specialty high explosives not available from commercial sources. Applied Technology also provides chemical analysis to support plant environment, safety, and health programs.
5. Interim Plutonium Pit Storage: As a result of arms reduction initiatives and an increase in the volume of nuclear weapons dismantlements, Pantex Plant has been designated as an interim staging site for plutonium pits. A pit is a component made of plutonium metal and is the heart of a nuclear weapon.
Technology Disciplines
In 2009, faced with the challenge of identifying the introduction of computer malware that had the potential to evade common detection mechanisms, such as antivirus software, Kansas City Plant (KCP) created the Windows Logging Service (WLS). On the surface it’s a replacement for other well-known logging tools, but was created with the intent to fill the needs of an incident responder.
WLS provides the chosen cryptographic hashes of each executed process, along with many other user-defined parameters, as well as contextual data to identify related activity. The data added to the log stream initially came about as a product of indicators of compromise (IOC) contained in reports of known threats. As adoption of WLS has spread, further data has been added at the request of other US Government sites, commercial entities, and open source research.
With WLS running on each host, an organization essentially has a network of indicator generators that provide near real-time and historic data. The goal of which is to detect an initial threat vector and quickly determine the breadth of a compromise, if any. KCP utilizes this data to greatly decrease the number of hosts being reimaged by comparing network data that indicates potential compromise, with host data that confirms or refutes the previous evidence. Tracking of cryptographic hashes also allows KCP to discover new threats that bypass traditional detection mechanisms quickly and remediate before any further compromises.
The data WLS provides in near real-time and the open format in which it is provided is unique to both the host logging and host-based intrusion detection system (HIDS) markets. Utilizing the broad knowledge base of IOC types and a standard logging format allows WLS data to be directly sent to almost any commercial off-the-shelf (COTS) log analysis tool for immediate usage. The provided types of IOCs and their metadata can also be highly customized to fit the needs of the organization to meet both compliance and incident response needs.
Through contacts of previous DOE/NNSA employees and word-of-mouth, commercial interest in WLS has been building. In 2013, working with the legal and licensing personnel, KCP was able to successfully begin commercialization of WLS. Presently, a number of commercial organizations from broad market segments have purchased licenses and many more have or are pursuing evaluation and end user licenses.
Licensees of WLS are also provided with a set of queries and a pre-built app for a popular log analysis tool. The app provides everything from basic health monitoring of a WLS deployment to detailed drilldowns about a specific host.
In addition, the app has a framework pre-built to allow new users to immediately begin tracking all new processes, with alerting, which can reduce detection of unknown threats to minutes.
