Browse > Article
http://dx.doi.org/10.13089/JKIISC.2014.24.3.561

A Study on Method to Establish Cyber Security Technical System in NPP Digital I&C  

Chung, Manhyun (The Attached Institute of ETRI)
Ahn, Woo-Geun (The Attached Institute of ETRI)
Min, Byung-Gil (The Attached Institute of ETRI)
Seo, Jungtaek (The Attached Institute of ETRI)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.24, no.3, 2014 , pp. 561-570 More about this Journal
Abstract
Nuclear Power Plant Instrumentation and Control System(NPP I&C) which is used to operate safely is changing from analog technology to digital technology. Ever since NPP Centrifuge of Iran Bushehr was shut down by Stuxnet attack in 2010, the possibility of cyber attacks against the NPP has been increasing. However, the domestic and international regulatory guidelines that was published to strengthen the cyber security of the NPP I&C describes security requirements and method s to establish policies and procedures. These guidelines are not appropriate for the development of real applicable cyber security technology. Therefore, specialized cyber security technologies for the NPP I&C need to be developed to enhance the security of nuclear power plants. This paper proposes a cyber security technology development system which is exclusively for the development of nuclear technology. Furthermore, this method has been applied to the ESF-CCS developed by The KINCS R&D project.
Keywords
CyberSecurity; Digital Instrumentation & Control System; Logical; Logical Architecture; Threat;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 KISA, "ISMS certification criteria of detailed inspection items," KISA, 2013.
2 International Organization for Standardization, "Information technology - Security techniques - Information security management systems - Requirements," ISO/IEC 27001:2005, International Organization for Standardization, 2013.
3 KISA, "G-ISMS specification of information protection measures," KISA, 2013
4 Ministry of Security and public Administration, "Information and Communication Security business rules," Ministry of Security and public Administration, 2009.
5 Ministry of Security and public Administration, "Critical information and communication infrastructure vulnerability assessment, evaluation criteria," Notice No. 2012-54, Ministry of Security and public Administration, 2012.
6 Korea Communications Commission, "Information Security Management Guidelines," Directive No.109, Korea Communications Commission, 2012.
7 KINS, "instrumentation and control system," RG chapter 8, KINS, 2011.
8 In-Soo Koo, Kwan-Woong Kim, Seok-Boong Hong, Geun-Ok Park, and Jae-Yoon Park, "Digital asset analysis methodology against cyber threat to instrumentation and control system in nuclear power plants," The Journal of Korea Information and Communications society, 6(6), pp.839-847, Dec. 2011.   과학기술학회마을
9 Nicolas Falliere, Liam O Murchu a, and Eric Chien, "W32.Stuxnet Dossier," Version 1.4, Symantec Security Response, February 2011.
10 Dong-Hoon Kim, "Concept of KNICS Development," The proceedings of KIEE, 52(9), pp.24-32, Sep. 2003.
11 US NRC, "Cyber Security Programs for Nuclear Power Facilities," NRC Regulatory Guide 5.71, January. 2010.
12 US NRC, "Criteria for Use of Computers in Safety Systems of Nuclear Power Plants," Regulatory Guide 1.152, Rev. 03, June. 2010.
13 Nuclear Energy Institute, "Cyber Security Plan for Nuclear Power Reactors," NEI 08-09 ,January. 2010.
14 IAEA, "Computer Security at Nuclear Facilities," IAEA Nuclear Security Series N0.17, 2010.
15 KAERI, "Development of digital reactor safety systems: Development of network protocol for the integrated safety system," KAERI, 2007.
16 KAERI, "Development of digital reactor safety system - Production of the digital reactor safety systems," KAERI, 2004
17 Ministry of Trade, Industry and Energy, "Development of digital reactor safety system," Ministry of Trade, Industry and Energy, 2008
18 KAERI, "Development of digital reactor safety system - Design support for ESF-CCS," KAERI, 2008.
19 US.ICS-CERT, http://ics-cert.us-cert.gov/ics-archive
20 Louis Marinos, ENISA, "ENISA Threat Landscape 2013," European Network and Information Security Agency, 2013.
21 Gunhee Lee, Jungtaek Seo, and Eung-ki Park, "Smart Grid Security Threats and Security Requirements Analysis," Review of KIISC, 21(7), pp 7-17, Nov. 2011.
22 National Institute of Standards and Technology, "Special Publication 800-53," National Institute of Standards and Technology, August. 2009
23 Cheol-kwon Lee, "Trend of technology of instrumentation and control system in nuclear power plants," Review of KIISC, 22(5), pp 28-34, Aug. 2012.
24 National Institute of Standards and Technology, "Special Publication 800-82," National Institute of Standards and Technology, June. 2011