CS Measures for Nuclear Power Plant Protection: A Systematic Literature Review

As digital instrumentation in Nuclear Power Plants (NPPs) is becoming increasingly complex, both attack vectors and defensive strategies are evolving based on new technologies and vulnerabilities. Continued efforts have been made to develop a variety of measures for the cyber defense of these infrastructures, which often consist in adapting security measures previously developed for other critical infrastructure sectors according to the requirements of NPPs. That being said, due to the very recent development of these solutions, there is a lack of agreement or standardization when it comes to their adoption at an industrial level. To better understand the state of the art in NPP Cyber-Security (CS) measures, in this work, we conduct a Systematic Literature Review (SLR) to identify scientific papers discussing CS frameworks, standards, guidelines, best practices, and any additional CS protection measures for NPPs. From our literature analysis, it was evidenced that protecting the digital space in NPPs involves three main steps: (i) identification of critical digital assets; (ii) risk assessment and threat analysis; (iii) establishment of measures for NPP protection based on the defense-in-depth model. To ensure the CS protection of these infrastructures, a holistic defense-in-depth approach is suggested in order to avoid excessive granularity and lack of compatibility between different layers of protection. Additional research is needed to ensure that such a model is developed effectively and that it is based on the interdependencies of all security requirements of NPPs.

Download Full-text

Digital Instrumentation and Control Systems Upgrades in Current Generation Nuclear Power Plants

18th International Conference on Nuclear Engineering: Volume 1 ◽

10.1115/icone18-30358 ◽

2010 ◽

Author(s):

Steven A. Arndt

Keyword(s):

United States ◽

Cyber Security ◽

Nuclear Power ◽

Power Plants ◽

Nuclear Power Plants ◽

Plant Protection ◽

The United States ◽

Regulatory Compliance ◽

Digital Systems

Over the past 20 years, the nuclear power industry in the United States (U.S.) has been slowly replacing old, obsolete, and difficult-to-maintain analog technology for its nuclear power plant protection, control, and instrumentation systems with digital systems. The advantages of digital technology, including more accurate and stable measurements and the ability to improve diagnostics capability and system reliability, have led to an ever increasing move to complete these upgrades. Because of the difficulties with establishing digital systems safety based on analysis or tests, the safety demonstration for these systems relies heavily on establishing the quality of the design and development of the hardware and software. In the United States, the U.S. Nuclear Regulatory Commission (NRC) has established detailed guidelines for establishing and documenting an appropriate safety demonstration for digital systems in NUREG-0800, “Standard Review Plan for the Review of Safety Analysis Reports for Nuclear Power Plants: LWR Edition,” Chapter 7, “Instrumentation and Controls,” Revision 5, issued March 2007 [1], and in a number of regulatory guides and interim staff guidance documents. However, despite the fact that the United States has a well-defined review process, a number of significant challenges associated with the design, licensing, and implementation of upgrades to digital systems for U.S. plants have emerged. Among these challenges have been problems with the quality of the systems and the supporting software verification and validation (V&V) processes, challenges with determining the optimum balance between the enhanced capabilities for the new systems and the desire to maintain system simplicity, challenges with cyber security, and challenges with developing the information needed to support the review of new systems for regulatory compliance.

Download Full-text

Data Flow Based Cyber Security Defense-in-Depth Model of I&C System for Nuclear Power Plants

Volume 4: Nuclear Safety, Security, Non-Proliferation and Cyber Security; Risk Management ◽

10.1115/icone25-67918 ◽

2017 ◽

Author(s):

Bing Hu ◽

Longqiang Zhang ◽

Zhiwu Guo ◽

Youran Li ◽

Wei Sun ◽

...

Keyword(s):

Cyber Security ◽

Nuclear Power ◽

Power Plants ◽

Nuclear Power Plants ◽

Data Flow ◽

Security Threat ◽

Technical Requirements ◽

Digital Instrumentation ◽

Defense In Depth ◽

Security Standards

With the introduction of digital instrumentation system, the cyber security threat to nuclear power plants is becoming more and more serious. The existing cyber security standards of nuclear power plants still need to be improved, and the technology practice of defensive strategies is lacking all over the world. In this paper, based on the comparison of domestic and foreign regulations and standards, combined with the technical practice of I&C system overall plan, a defense-in-depth model based on data flow is proposed. The overall technical requirements, hierarchy, network model, cyber security basic requirements, cyber security interface and protection of digital assets are introduced, the application of the model and the direction of research on cyber security of nuclear power plant are prospected.

Download Full-text

Compliance-Driven Cybersecurity Planning Based on Formalized Attack Patterns for Instrumentation and Control Systems of Nuclear Power Plants

Security and Communication Networks ◽

10.1155/2022/4714899 ◽

2022 ◽

Vol 2022 ◽

pp. 1-13

Author(s):

Minsoo Lee ◽

Hyun Kwon ◽

Hyunsoo Yoon

Keyword(s):

Nuclear Power ◽

Power Plants ◽

Plant Protection ◽

Security Requirements ◽

Development Phase ◽

Development Organization ◽

Security Controls ◽

Attack Patterns ◽

The Government ◽

And Control

The instrumentation and control (I&C) system of a nuclear power plant (NPP) employs a cybersecurity program regulated by the government. Through regulation, the government requires the implementation of security controls in order for a system to be developed and operated. Accordingly, the licensee of an NPP works to comply with this requirement, beginning in the development phase. The compliance-driven approach is efficient when the government supervises NPPs, but it is inefficient when a licensee constructs them. The security controls described in regulatory guidance do not consider system characteristics. In other words, the development organization spends a considerable amount of time excluding unnecessary control items and preparing the evidence to justify their exclusion. In addition, security systems can vary according to the developer’s level of security knowledge, leading to differences in levels of security between systems. This paper proposes a method for a developer to select the appropriate security controls when preparing the security requirements during the early development phase; it is designed to ensure the system’s security and reduce the cost of excluding unnecessary security controls. We have formalized the representation of attack patterns and security control patterns and identified the relationships between these patterns. We conducted a case study applying RG 5.71 in the Plant Protection System (PPS) to confirm the validity of the proposed method.

Download Full-text

A Literature Review: Smart Grids Impacts on Nuclear Power Plants Task 4: Project Final Report

10.2172/1457357 ◽

2016 ◽

Author(s):

Michael Villaran ◽

◽

Meng Yue ◽

Robert Lofaro ◽

Athi Varuttamaseni ◽

...

Keyword(s):

Literature Review ◽

Smart Grids ◽

Nuclear Power ◽

Power Plants ◽

Nuclear Power Plants ◽

Final Report

Download Full-text

Python TensorFlow Big Data Analysis for the Security of Korean Nuclear Power Plants

Electronics ◽

10.3390/electronics9091467 ◽

2020 ◽

Vol 9 (9) ◽

pp. 1467

Author(s):

Sangdo Lee ◽

Jun-Ho Huh ◽

Yonghoon Kim

Keyword(s):

Power Plant ◽

Nuclear Power Plant ◽

Network Traffic ◽

Nuclear Power ◽

Power Plants ◽

Security Requirements ◽

Republic Of Korea ◽

Continuous Data ◽

Cyber Attack ◽

The Republic

The Republic of Korea also suffered direct and indirect damages from the Fukushima nuclear accident in Japan and realized the significance of security due to the cyber-threat to the Republic of Korea Hydro and Nuclear Power Co., Ltd. With such matters in mind, this study sought to suggest a measure for improving security in the nuclear power plant. Based on overseas cyber-attack cases and attacking scenario on the control facility of the nuclear power plant, the study designed and proposed a nuclear power plant control network traffic analysis system that satisfies the security requirements and in-depth defense strategy. To enhance the security of the nuclear power plant, the study collected data such as internet provided to the control facilities, network traffic of intranet, and security equipment events and compared and verified them with machine learning analysis. After measuring the accuracy and time, the study proposed the most suitable analysis algorithm for the power plant in order to realize power plant security that facilitates real-time detection and response in the event of a cyber-attack. In this paper, we learned how to apply data for multiple servers and apply various security information as data in the security application using logs, and match with regard to application of character data such as file names. We improved by applying gender, and we converted to continuous data by resetting based on the risk of non-continuous data, and two optimization algorithms were applied to solve the problem of overfitting. Therefore, we think that there will be a contribution in the connection experiment of the data decision part and the optimization algorithm to learn the security data.

Download Full-text

Off-site modular construction and design in nuclear power: A systematic literature review

Progress in Nuclear Energy ◽

10.1016/j.pnucene.2021.103664 ◽

2021 ◽

Vol 134 ◽

pp. 103664

Author(s):

P.A. Wrigley ◽

P. Wood ◽

S. O'Neill ◽

R. Hall ◽

D. Robertson

Keyword(s):

Literature Review ◽

Systematic Literature Review ◽

Nuclear Power ◽

Modular Construction

Download Full-text

Operating Reliability Assessment of FPGA-Based NPP I&C Systems: Approach, Technique and Implementation

Volume 1: Operations and Maintenance, Engineering, Modifications, Life Extension, Life Cycle and Balance of Plant; I&C, Digital Controls, and Influence of Human Factors ◽

10.1115/icone25-66862 ◽

2017 ◽

Cited By ~ 1

Author(s):

Eugene Babeshko ◽

Ievgenii Bakhmach ◽

Vyacheslav Kharchenko ◽

Eugene Ruchkov ◽

Oleksandr Siora

Keyword(s):

Integrated Circuits ◽

Nuclear Power ◽

Power Plants ◽

Failure Modes ◽

New Technologies ◽

Systems Approach ◽

Reliability Assessment ◽

Design Stage ◽

Fpga Design ◽

Operating Reliability

Operating reliability assessment of instrumentation and control systems (I&Cs) is always one of the most important activities, especially for critical domains like nuclear power plants (NPPs). Intensive use of relatively new technologies like field programmable gate arrays (FPGAs) in I&C which appear in upgrades and in newly built NPPs makes task to develop and validate advanced operating reliability assessment methods that consider specific technology features very topical. Increased integration densities make the reliability of integrated circuits the most crucial point in modern NPP I&Cs. Moreover, FPGAs differ in some significant ways from other integrated circuits: they are shipped as blanks and are very dependent on design configured into them. Furthermore, FPGA design could be changed during planned NPP outage for different reasons. Considering all possible failure modes of FPGA-based NPP I&C at design stage is a quite challenging task. Therefore, operating reliability assessment is one of the most preferable ways to perform comprehensive analysis of FPGA-based NPP I&Cs. This paper summarizes our experience on operating reliability analysis of FPGA based NPP I&Cs.

Download Full-text

Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysis

Big Data Analytics ◽

10.1186/s41044-016-0006-0 ◽

2016 ◽

Vol 1 (1) ◽

Cited By ~ 29

Author(s):

Iffat A. Gheyas ◽

Ali E. Abdallah

Keyword(s):

Literature Review ◽

Systematic Literature Review ◽

Cyber Security ◽

Meta Analysis ◽

Insider Threats

Download Full-text

Cyber Security for Nuclear Power Plants

Cyber Security - SpringerBriefs in Computer Science ◽

10.1007/978-3-319-02279-6_3 ◽

2013 ◽

pp. 25-35

Author(s):

Thomas Shea ◽

Sandro Gaycken ◽

Maurizio Martellini

Keyword(s):

Cyber Security ◽

Nuclear Power ◽

Power Plants ◽

Nuclear Power Plants

Download Full-text

Cyber Security Assessment of NPP I&C Systems

Cyber Security and Safety of Nuclear Power Plant Instrumentation and Control Systems - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-3277-5.ch009 ◽

2020 ◽

pp. 221-238

Author(s):

Oleksandr Klevtsov ◽

Artem Symonov ◽

Serhii Trubchaninov

Keyword(s):

Control Systems ◽

Cyber Security ◽

Nuclear Power ◽

Power Plants ◽

Cyber Attacks ◽

Security Assessment ◽

Nuclear Facilities ◽

Security Risks ◽

Cyber Threats ◽

And Control

The chapter is devoted to the issues of cyber security assessment of instrumentation and control systems (I&C systems) of nuclear power plants (NPP). The authors examined the main types of potential cyber threats at the stages of development and operation of NPP I&C systems. Examples of real incidents at various nuclear facilities caused by intentional cyber-attacks or unintentional computer errors during the maintenance of the software of NPP I&C systems are given. The approaches to vulnerabilities assessment of NPP I&C systems are described. The scope and content of the assessment and periodic reassessment of cyber security of NPP I&C systems are considered. An approach of assessment to cyber security risks is described.

Download Full-text