Acknowledgement
This research was supported by the National R&D Program through the National Research Foundation of Korea (NRF) funded by the Korean Government. (MSIP: Ministry of Science, ICT and Future Planning) (No. NRF-2016R1A5A1013919)
References
- Burns, D. Robert, WASH 1400-reactor safety study, Prog. Nucl. Energy 6 (1-3) (1980) 117-140. https://doi.org/10.1016/0149-1970(80)90016-5
- William C. Potter, Less Well Known Cases of Nuclear Terrorism and Nuclear Diversion in Russia, 8, 1997, p. 2015. NTI. Retrieved November.
- Ted G. Lewis, Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation, John Wiley & Sons, 2019.
- Nicolas Falliere, Liam O. Murchu, Eric Chien, "W32. Stuxnet dossier." White Paper, 6, Symantec Corp., 2011, p. 29. Security Response 5.
- Albright David, et al., "Stuxnet malware and Natanz" Institute for science and international security, 16 Feb, https://isis-online.org/uploads/isis-reports/documents/stuxnet_update_15Feb2011.pdf, 2011. (Accessed 2 February 2021). accessed.
- Japan Today, Monju power plant facility PC infected with virus, 07 January, http://www.japantoday.com/category/national/view/monju-power-plantfacility-pc-infected-with-virus, 2014. (Accessed 2 February 2021). accessed.
- T.D. Maiziere, Die lage der it-sicherheit in deutschland 2014, Bundesamt fur Sicherheit in der Informationstechnik (2014).
- Christoph Steitz, Eric Auchard, German Nuclear Plant Infected with Computer Viruses, Operator Says, Reuters, 2016. http://www.reuters.com/article/usnuclearpower-cyber-germany-idUSKCN0XN2OS. (Accessed 18 September 2021). accessed.
- Top 10 web application security risks, open web application security project. https://owasp.org/www-project-top-ten/, 2019. (Accessed 18 September 2021) accessed.
- The STRIDE threat model, microsoft. https://docs.microsoft.com/en-us/previous-versions/commerce-server/ee823878(v=cs.20)?redirected From=MSDN, 2009. (Accessed 18 September 2021) accessed.
- Christopher Alberts, et al., Introduction to the OCTAVE Approach, Carnegie-Mellon Univ Pittsburgh Pa Software Engineering Inst, 2003.
- Common Vulnerability Scoring System, V3 development update. First.org, inc., Retrieved November 13, 2015, https://www.first.org/cvss/. (Accessed 18 September 2021). accessed.
- Cybersecurity Risks, National Institute of standards and technology, Retrieved August 11, 2015, https://www.nist.gov/itl/smallbusinesscyber/cybersecuritybasics/cybersecurity-risks. (Accessed 18 September 2021). accessed.
- Cynthia Phillips, Laura Painton Swiler, A graph-based system for network-vulnerability analysis, in: Proceedings of the 1998 Workshop on New Security Paradigms, 1998.
- Sheung Yin Kevin Mo, Peter A. Beling, Kenneth G. Crowther, Quantitative assessment of cyber security risk using Bayesian Network-based model, in: 2009 Systems and Information Engineering Design Symposium, IEEE, 2009.
- Silvia Tolo, John Andrews, Nuclear Facilities and Cyber Threats, 2019.
- Rafiullah Khan, et al., STRIDE-based threat modeling for cyber-physical systems, in: 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), IEEE, 2017.
- Rahat. Masood, Assessment of Cyber Security Challenges in Nuclear Power Plants Security Incidents, Threats, and Initiatives, Cybersecurity and Privacy Research Institute the George Washington University, 2016.
- Woogeun Ahn, et al., Development of cyber-attack scenarios for nuclear power plants using scenario graphs, Int. J. Distributed Sens. Netw. 11 (9) (2015) 836258. https://doi.org/10.1155/2015/836258
- I. Lee, H. Kang, H. Son, An Analysis of Cyber-Attack on NPP Considering Physical Impact, Korean Nuclear Society Spring Meeting, 2016.
- Seungmin Kim, et al., Cyber attack taxonomy for digital environment in nuclear power plants, Nuclear Engineering and Technology 52 (5) (2020) 995-1001. https://doi.org/10.1016/j.net.2019.11.001
- Regulations (NRC, 10 CFR), U.S. NRC. https://www.nrc.gov/reading-rm/doccollections/cfr/part073/part073-0001.html, 2021. (Accessed 14 June 2021) accessed.
- Enforcement Decree of the act on physical protection and radiological emergency, Presidential Decree No. 28211, Jul. 26, https://elaw.klri.re.kr/kor_service/lawView.do?hseq=46895&lang=ENG, 2017. (Accessed 14 June 2021). accessed.
- Development, Use and Maintenance of the Design Basis Threat. IAEA. NSS. No.10-G, Development, Use and Maintenance of the Design Basis Threat, 2009.
- Engineering safety aspects of the protection of nuclear power plants against sabotage: technical guidance, IAEA. NSS. No 4 (2011).
- US Nuclear Regulatory Commission, Cyber Security Programs for Nuclear Facilities. US Nuclear Regulatory Commission, Office of Nuclear Regulatory Research, 2010.
- Status of NRC licensees' implementation of cyber security plans, US. NRC. NRC/FERC Joint Commission Meeting, February 23 (, 2017).
- KINAC/RS-015.01, "Regulatory Standard on Cyber Security for Nuclear Facilities", 2016. December.
- Hyundoo. Kim, Study on the position enhancement for cyber security organization of the nuclear facilities. Proceedings of the Korean Radioactive Waste Society Conference, Korean Radioactive Waste Society, 2017.
- Y.D. Kang, Nuclear I&C and Huma Factor Engineering from the Regulator Perspective, in: Nuclear Safety & Security Information Conference 2016, DCC, Daejeon, South Korea, 2016.
- Sang Min Han, Poong Hyun Seong, Development of Initiating Cyber Threat Scenarios and the Probabilities Based on Operating Experience Analysis, Transactions of the Korean Nuclear Society Spring Meeting, Jeju, Korea, 2020.
- Sang Min Han, Poong Hyun Seong, Suggestion of initiating threats and bounding groups for nuclear power plant cyber-risk assessment, Annals of DAAAM & Proceedings 30 (2019).