Publications

This report presents the current state of knowledge, technology, methodologies, and tools that could be implemented to realize the robust integration of safety, security, and safeguards (3S) for advanced nuclear reactors (ARs) and advanced nuclear fuel cycle facilities. This report was motivated by the global development of ARs which are expected to play a key role in meeting domestic energy and climate objectives. Domestically, with many ARs in the early design phase, the integration of 3S provides an opportunity to achieve risk reduction while using less resources than traditional light water reactors by leveraging interdependencies and synergies between each domain. In addition, domestic policy considerations encourage the convergence of each 3S domain through facility design and operations. Therefore, there is a need to better understand the interdependencies and integration between 3S across ARs and advanced reactor fuel cycle facilities’ lifecycles including design, construction, and operational phases.

Cybersecurity certification programs for Electric Vehicle Supply Equipment (EVSE) are fragmented due to no single certification covering all aspects of the device and additionally the existence of multiple programs and under different levels of regulation. These devices are also confronted by the intricate assembly of product software, firmware, and hardware. Devices contain both logical and physical interfaces. These multifaceted devices have vulnerabilities at many levels and interconnect with other potentially vulnerable systems including the electric vehicle, the cloud where data and payment information are stored, and the electric grid and electric grid equipment including utilities. Of the EVSE certification programs that are found, none are directly for the cybersecurity of EVSE. Many standards are for safety, specifically battery safety, some are cybersecurity standards for other types of equipment and can be modeled for EVSE. In specific, ISA/IEC 62443 is found to be significantly in line with EVSE security needs and will be used in future testing to certify EVSE and help guide the project to demonstrate where gaps exist, where strengths lie in the standard and how this can be used to lead the certification efforts in harmonizing EVSE cybersecurity standards. In addition, there are multiple efforts that are currently seeking to build EVSE standards or revise existing standards to address gaps. This effort is seeking to establish a cybersecurity program for EVSE that will inform customers and help increase the level of security across products and state EVSE procurements to achieve consistency across different jurisdictions.

This report presents the design of defensive cybersecurity architectures (DCSAs) for High Temperature, Gas-Cooled Reactors (HTGRs). A DCSA is a cybersecurity design feature that places systems into security zones in a graded approach according to the importance of the functions performed by the systems. DCSA design efforts for advanced reactors may commence as early as the system-level design phase. This design approach is consistent with the draft regulatory guide for advanced reactor cybersecurity programs (DG-5075) and enables advanced reactor designers to consider the effects of security-by-design (SeBD) features on their DCSAs. Integration of DCSA design and other cybersecurity activities with the traditional design process as part of a SeBD framework may enable advanced reactor designers to improve the security posture of their plants while reducing implementation and operating costs. This report provides a DCSA template for an exemplar HTGR and describes a DCSA design process using event tree analysis so that the template may be optimized for a given HTGR design.