Skip to main content
Top

2022 | Book

Cyber-Security Threats and Response Models in Nuclear Power Plants

Authors: Carol Smidts, Indrajit Ray, Quanyan Zhu, Pavan Kumar Vaddi, Yunfei Zhao, Linan Huang, Xiaoxu Diao, Rakibul Talukdar, Michael C. Pietrykowski

Publisher: Springer International Publishing

Book Series : SpringerBriefs in Computer Science

share
SHARE
insite
SEARCH

About this book

This SpringerBrief presents a brief introduction to probabilistic risk assessment (PRA), followed by a discussion of abnormal event detection techniques in industrial control systems (ICS). It also provides an introduction to the use of game theory for the development of cyber-attack response models and a discussion on the experimental testbeds used for ICS cyber security research. The probabilistic risk assessment framework used by the nuclear industry provides a valid framework to understand the impacts of cyber-attacks in the physical world. An introduction to the PRA techniques such as fault trees, and event trees is provided along with a discussion on different levels of PRA and the application of PRA techniques in the context of cybersecurity. A discussion on machine learning based fault detection and diagnosis (FDD) methods and cyber-attack detection methods for industrial control systems are introduced in this book as well.
A dynamic Bayesian networks based method that can be used to detect an abnormal event and classify it as either a component fault induced safety event or a cyber-attack is discussed. An introduction to the stochastic game formulation of the attacker-defender interaction in the context of cyber-attacks on industrial control systems to compute optimal response strategies is presented. Besides supporting cyber-attack response, the analysis based on the game model also supports the behavioral study of the defender and the attacker during a cyber-attack, and the results can then be used to analyze the risk to the system caused by a cyber-attack. A brief review of the current state of experimental testbeds used in ICS cybersecurity research and a comparison of the structures of various testbeds and the attack scenarios supported by those testbeds is included. A description of a testbed for nuclear power applications, followed by a discussion on the design of experiments that can be carried out on the testbed and the associated results is covered as well.
This SpringerBrief is a useful resource tool for researchers working in the areas of cyber security for industrial control systems, energy systems and cyber physical systems. Advanced-level students that study these topics will also find this SpringerBrief useful as a study guide.

Table of Contents

Frontmatter
Chapter 1. Introduction
Abstract
Nuclear power currently generates approximately 10% of the world’s electricity using 440 nuclear power plants. Nuclear power delivers 29% of the low carbon power used in the world. In addition to these, 220 nuclear research reactors exist, some of which are used in the production of medical isotopes used for instance in cancer therapy [1]. As the world’s concern over climate change rises, this source of low carbon emission power is considered by many countries as a viable source of energy in the energy mix [2]. According to the International Atomic Energy Agency high case scenario, nuclear power could constitute 12% of the world’s energy mix in 2050. This would roughly correspond to a doubling of nuclear energy capacity since the world’s energy production is deemed to double in the next 30 years. Concurrently, the nuclear sector has been revitalizing its fleet through the introduction of digital systems that create opportunities for added functionalities such as real-time monitoring of the assets and reduced operating costs. Digital systems are to be used in the new reactor designs such as small modular reactors, advanced reactors, and microreactors with their functions slowly evolving from passive monitoring to a more autonomous on-site control with possibly remote monitoring [3]. A 2015 Chatham House report [4] findings point to issues which raise cybersecurity concerns such as the fact that air gapping might be a myth due to reliance on VPNs in some facilities and that air gaps are easily crossed with flash drives, communication breakdowns, lack of training, and the use of a reactive rather than proactive posture toward attacks. Attacks such as the 2010 Stuxnet attack on Iran’s nuclear facilities and the 2017 Saudi Arabia Triconex attack both testify to that effect. Cybersecurity is therefore an increasingly important area of investigation for nuclear power plants and other nuclear facilities.
Carol Smidts, Indrajit Ray, Quanyan Zhu, Pavan Kumar Vaddi, Yunfei Zhao, Linan Huang, Xiaoxu Diao, Rakibul Talukdar, Michael C. Pietrykowski
Chapter 2. Probabilistic Risk Assessment: Nuclear Power Plants and Introduction to the Context of Cybersecurity
Abstract
Nuclear power plants (NPPs) are some of the most complex engineering systems that consist of thousands of components working together to maintain a controlled nuclear fission to generate heat and convert that heat into usable energy. Failure of one or more components may have significant consequences. Hence, it is important to understand what can go wrong and what are the consequences if something went wrong and to quantify how likely it is for something to go wrong. The field of engineering that attempts to answer these is probabilistic risk assessment (PRA).
Carol Smidts, Indrajit Ray, Quanyan Zhu, Pavan Kumar Vaddi, Yunfei Zhao, Linan Huang, Xiaoxu Diao, Rakibul Talukdar, Michael C. Pietrykowski
Chapter 3. Machine Learning-Based Abnormal Event Detection and Classification
Abstract
The utilization of digital networks has improved the ease of monitoring and control and significantly optimized the operations in industrial control systems (ICSs). With the rapid growth of artificial intelligence techniques and hardware in recent years, industries are moving toward nearly or fully autonomous operation, i.e., industry 4.0, where smart machines with improved communication, control, and monitoring capabilities are introduced into ICSs. Recently, nuclear industry, where safety is of utmost importance, is migrating toward digitalization as well.
Carol Smidts, Indrajit Ray, Quanyan Zhu, Pavan Kumar Vaddi, Yunfei Zhao, Linan Huang, Xiaoxu Diao, Rakibul Talukdar, Michael C. Pietrykowski
Chapter 4. Game-Theoretic Design of Response Systems
Abstract
The nuclear energy industry has seen wider applications of digital technologies. These advanced technologies are intended to improve the efficiency and safety of Nuclear Power Plants (NPPs). However, recent industry experiences have shown that the use of such technologies can lead to unexpected events, specifically an increase in cybersecurity risk. Past cyber incidents include the one at Davis Besse nuclear power plant in 2003, caused by the infection of the process control network by the Slammer worm through a remote connection, the one at Browns Ferry nuclear power plant in 2006, caused by the failures of the controllers for two critical reactor components due to traffic overwhelming, and the one at Hatch nuclear power plant in 2008, caused by the interruption of the process control network due to business network update.
Carol Smidts, Indrajit Ray, Quanyan Zhu, Pavan Kumar Vaddi, Yunfei Zhao, Linan Huang, Xiaoxu Diao, Rakibul Talukdar, Michael C. Pietrykowski
Chapter 5. Experimental Testbeds and Design of Experiments
Abstract
With the computerization of control and management systems deployed in nuclear power plants (NPPs), new requirements for cybersecurity assessment are emerging, which motivate the studies on new methodologies and technologies for analyzing the impacts and consequences of cyber-attacks that potentially target the instrumentation and control systems in NPPs. These analyses can also evaluate the reliability and robustness of various system designs of the NPP environment in the resistance to cyber-attacks. Several testing platforms that can emulate cyber-attacks and deduce their impacts on NPPs have recently been studied and developed. This chapter compares these platforms from the perspectives of system structures and the supported attack scenarios.
Carol Smidts, Indrajit Ray, Quanyan Zhu, Pavan Kumar Vaddi, Yunfei Zhao, Linan Huang, Xiaoxu Diao, Rakibul Talukdar, Michael C. Pietrykowski
Chapter 6. Conclusions
Abstract
This book addressed some of the major techniques that can help in developing a response to the cyber threat in nuclear power plants.
Carol Smidts, Indrajit Ray, Quanyan Zhu, Pavan Kumar Vaddi, Yunfei Zhao, Linan Huang, Xiaoxu Diao, Rakibul Talukdar, Michael C. Pietrykowski
Backmatter
Metadata
Title
Cyber-Security Threats and Response Models in Nuclear Power Plants
Authors
Carol Smidts
Indrajit Ray
Quanyan Zhu
Pavan Kumar Vaddi
Yunfei Zhao
Linan Huang
Xiaoxu Diao
Rakibul Talukdar
Michael C. Pietrykowski
Copyright Year
2022
Electronic ISBN
978-3-031-12711-3
Print ISBN
978-3-031-12710-6
DOI
https://doi.org/10.1007/978-3-031-12711-3

Premium Partner