Performance Testing of Cyber Incident Response at Nuclear Power Plant Operators
Abstract not provided.
Publications
Search results
Jump to search filtersEvaluation of Joint Cyber/Safety Risk in Nuclear Power Systems
This report presents an analysis of the Emergency Core Cooling System (ECCS) for a generic Boiling Water Reactor (BWR)-4 NPP. The Electric Power Research Institute (EPRI) developed Hazards and Consequences Analysis for Digital Systems (HAZCADS) process is applied to the ECCS and its subsystems to identify unsafe control actions (UCAs) which act as possible cyber events of concern. The analysis is performed for two design basis events: Small-break Loss of Coolant Accident (SLOCA) and general transients (TRANS), such as unintended reactor trip. In previous work, HAZCADS UCAs were combined with other cyber-attack analysis to develop a risk-informed approach; however, this was for a single system. This report explores advanced systems engineering modeling approaches to model the interactions between digital assets across multiple systems which may be targeted by cyber adversaries. The complex and interdependent design of digital systems has the potential to introduce emergent cyber properties that are generally not covered by hazard analyses nor formal nuclear Probabilistic Risk Assessment (PRA). The R&D and supporting analysis presented here explores approaches to predict and manage how interdependent system properties effect risk. To show the potential impact of a successful cyber-attack to formal PRA event tree probabilities, HAZCADS analysis was also used. HAZCADS was also used to model the automatic depressurization system (ADS) automatic actuation. This analysis extended to an integrated system analysis for common-cause failure (CCF). In this aspect, the HAZCADS analysis continued by analyzing plant design details for system connectivity in support of critical plant functions. A dependency matrix was developed to depict the integrated functionality of the interconnected systems. Areas of potential CCF are indicated. Future work could include adversary attack development to show how CCF could be caused, resulting in PRA events. Across the multiple systems that comprise the ECCS, the analysis shows that the change in such probabilities was very different between systems. This indicates that some systems have a larger potential risk impact from successful cyber-attack or digital failure, which indicates a need for these systems to have a higher priority for design and defensive measures. Furthermore, we were able to establish that a risk analysis using any arbitrary threat model establishes an ordering of components with regard to cyber-risk. This ordering can be used to influence the overall system design with an eye to lowering risk, or as a way to understand real-time risk to operational systems based on a current threat landscape. Expert knowledge of both the analysis process and the system being analyzed is required to perform a HAZCADS analysis. The need for a tiered risk analysis is demonstrated by the results of this report.
MANAGING CYBERSECURITY SUPPLY CHAIN RISKS FOR THE SECURITY OF RADIOACTIVE SOURCES
Abstract not provided.
A Review of Technologies that can Provide a 'Root of Trust' for Operational Technologies
The supply chain attack pathway is being increasingly used by adversaries to bypass security controls and gain unauthorized access to sensitive networks and equipment (e.g., Critical Digital Assets). Cyber-attacks targeting supply chain generally aim to compromise the environments, products, or services of vendors and suppliers to inject, add, or substitute authentic software and hardware with malicious elements. These malicious elements are deemed to be authentic as they arise from the vendor or supplier (i.e., the supply chain). This research aims at providing a survey of technologies that have the potential to reduce exposure of sensitive networks and equipment to these attacks, thereby improving tamper resistance. The recent advances in the performance and capabilities of these technologies in recent years has increased their potential applications to reduce or mitigate exposure of the supply chain attack pathway. The focus being on providing an analysis of the benefits and disadvantages of smart cards, secure tokens, and elements to provide root of trust. This analysis provides evidence that these roots of trust can increase the technical capability of equipment and networks to authenticate changes to software and configuration thereby increasing resilience to some supply chain attacks, such as those related to logistics and ICT channels, but not development environment attacks.
Safety and Security Defense-in-Depth for Nuclear Power Plants
This report describes the risk-informed technical elements that will contribute to a defense-in-depth assessment for cybersecurity. Risk-informed cybersecurity must leverage the technical elements of a risk-informed approach appropriately in order to evaluate cybersecurity risk insights. HAZCADS and HAZOP+ are suitable methodologies to model the connection between digital harm and process hazards. Risk assessment modeling needs to be expanded beyond HAZCADS and HAZOP+ to consider the sequence of events that lead to plant consequences. Leveraging current practices in PRA can lead to categorization of digital assets and prioritizing digital assets commensurate with the risk. Ultimately, the culmination of cyber hazard methodologies, event sequence modeling, and digital asset categorization will facilitate a defense-in-depth assessment of cybersecurity.
DEFENSIVE COMPUTER SECURITY ARCHITECTURES FOR FACILITIES WITH RADIOACTIVE MATERIALS
Abstract not provided.
Defensive Computer Security Architectures for Facilities with Radioactive Materials
Abstract not provided.
DEFENSIVE COMPUTER SECURITY ARCHITECTURES FOR FACILITIES WITH RADIOACTIVE MATERIALS
Abstract not provided.
Application of the IHT to inform defensive strategies for the protection of NPP I&C systems
Abstract not provided.
Asherah Minimega & ManiPIO Briefing
Abstract not provided.
Development of a new IEC TR on Cybersecurity Risk Management for I&C and ES in NPPs
Abstract not provided.
Application of the Information Harm Triangle to inform defensive strategies for the protection of NPP I&C systems
Abstract not provided.
CYBER RISKS TO THE OPERATIONAL TECHNOLOGY ARCHITETURES OF NEXT GENERATION NUCLEAR REACTORS
Abstract not provided.
Application of Information Harm Triangle to inform defensive strategies for the protection of NPP I&C systems
Abstract not provided.
CYBER RISKS TO THE OPERATIONAL TECHNOLOGY ARCHITETURES OF NEXT GENERATION NUCLEAR REACTORS
Abstract not provided.
FORMAL APPROACH TO USE THE SECURITY MODELS FOR DESIGN AND EVALUATION OF THE NPP I&C SECURITY ARCHITECTURE
Abstract not provided.
Development of a new IEC Technical Report on Cybersecurity Risk Management for I&C and ES in Nuclear Power Plants
Abstract not provided.
Analysis of National and International Standards to Identify Priority Control Methods
Abstract not provided.
A CYBER-CAPABILITY MODEL FOR COMPROMISE OF I&C SYSTEM FUNCTIONS AT NUCLEAR FACILITIES
Abstract not provided.
Evaluation of the Appropriateness of Trust Models to specify Defensive Computer Security Architectures for Physical Protection Systems
Abstract not provided.
Application of a simplified process to Identify and Manage Sensitive Digital Assets
Abstract not provided.
APPLICATION OF A SIMPLIFIED PROCESS TO IDENTIFY AND MANAGE SENSITIVE DIGITAL ASSETS
Abstract not provided.
COMPUTER AND INFORMATION SECURITY TRAINING AND AWARENESS PROGRAMMES FOR NUCLEAR FACILITIES
Abstract not provided.
IAEA CRP on Enhancing Incident Response at Nuclear Facilities
Abstract not provided.
EVALUATION OF THE APPROPRIATENESS OF TRUST MODELS TO SPECIFY DEFENSIVE COMPUTER SECURITY ARCHITECTURES FOR PHYSICAL PROTECTION SYSTEMS
Abstract not provided.
Results 26–50 of 51