Design Assessment of a Conceptual Virtualization Architecture for OM690 at Olkiluoto 3

Industrial control systems in the nuclear sector face lifecycle risk from hardware obsolescence. This thesis analytically evaluates a conceptual virtualization blueprint for the OM690 system at the Olkiluoto 3 nuclear power plant, replacing legacy SPARC‑based servers with a platform built on Red Hat OpenShift. The scope is planning‑stage, and the thesis focuses on architectural suitability, fault tolerance, and long‑term sustainment in an air‑gapped environment. Implementation and performance testing are out of scope. The central research question is: Is the proposed virtualization architecture for OM690 viable with respect to long‑term maintainability, fault tolerance, and cybersecurity, and what architectural design principles and regulatory considerations are required to achieve that viability? The outcome is a structured assessment and a set of recommendations. The study uses standards‑grounded reasoning, vendor documentation, and failure‑mode analysis across network, storage, and compute layers. Evidence is organized as requirements to mechanisms mappings and an illustrative verification framework indicating what should be measured later. Operational aspects like identity and access control, monitoring, logging, and offline lifecycle automation are addressed to maintain long-term security and traceability in a disconnected environment. The thesis concludes that the blueprint is viable if three layers reinforce one another: a deterministic, segmented network with room level isolation; synchronous storage replication with quorum/witness to avoid split‑brain, and control plane and workload recovery sequencing that prioritizes non‑redundant roles. With controlled automation and tiered backups, the design appears maintainable and auditable. Recommended next steps are plant‑representative validation of failover behavior, restore drills to a known secure state, and acceptance thresholds for recovery characteristics.