Research of Cyber Security Function Test Method for Digital I&C Device in Nuclear Power Plants
![]() |
Song, Jae-gu
(Korea Atomic Energy Research Institute)
Shin, Jin-soo (Korea Atomic Energy Research Institute) Lee, Jung-woon (Korea Atomic Energy Research Institute) Lee, Cheol-kwon (Korea Atomic Energy Research Institute) Choi, Jong-gyun (Korea Atomic Energy Research Institute) |
1 | Schneider-electric, "NERC CIP compliance for the power generation industry, Developing a comprehensive program to comply with NERC CIP cyber security requirements," https://www.schneider-electric.com/en/download/document/PAS_63680_CPM16120/ (accessed Aug. 2019). |
2 | ISA Security, "Schneider Electric achieves industry-first ISA Secure(R) Level Two Security Development Lifecycle Assurance certification," https://www.isasecure.org/en-US/News-Events/Schneider-Electric-achieves-industry-first-ISASecu (accessed Aug. 2019). |
3 | SANS, "Waterfall for NRC Compliance with regard to NIST 800.53 and 800.82: Using Waterfall's Unidirectional Security Solution to Achieve True Security & NRC Compliance Ver. 1.4," https://www.sans.org/cyber-security-summit/archives/file/summit_archive_1493758233.pdf (accessed Aug. 2019). |
4 | SIEMENS, "Security with SIMATIC-S7 controllers," https://support.industry.siemens.com/cs/document/77431846/security-with-simatic-s7-controllers?dti=0&lc=en-WW (accessed Aug. 2019). |
5 | LogRhythm, "LogRhythm Support for NRC RG. 5.71," White paper - Compliance Support for NRC RG 5.71. LogRhythm Inc. Jul. 2014. |
6 | Regulatory Standard 015, "Regulatory standard on computer security of nuclear facilities," KINAC, Oct. 2014. |
7 | Regulatory Guide 5.71, "Cyber Security Programs for Nuclear Facilities," U.S. Nuclear Regulatory Commission, Jan. 2010. |
8 | NIST SP800-53A Revision 1, "Guide for assessing the security controls in federal information systems," National Institute of Standards and Technology, Jun. 2010. |
9 | IAEA Nuclear Security Series No.17, "Computer security at nuclear Facilities," International Atomic Energy Agency, Dec. 2011. |
10 | NEI 13-10 Revision 5, "Cyber Security Control Assessments," Nuclear Energy Institute, Feb. 2017. |
11 | NEI 08-09 Revision 6, "Cyber Security Plan for Nuclear Power Reactors," Nuclear Energy Institute, Apr. 2010. |
12 | IEEE Standard 1012-2016, "IEEE Standard for System, Software, and Hardware Verification and Validation," Institute of Electrical and Electronics Engineers, Sep. 2017. |
13 | TTA.KO-12.0307-part4, "Security Requirements for Industrial Control System - Part 4: Operation Layer," Telecommunications Technology Association, Jun. 2017. |
14 | K. C. Kwon, J. S. Lee, and E. Jee, "Application and Analysis of the Paradigm of Software Safety Assurance for a Digital Reactor Protection System in Nuclear Power Plants," KIISE Transactions on Computing Practices, vol. 23, pp. 335-342, Jun. 2017. DOI |
15 | ITSCC, "Korea IT Security Evaluation and Certification Scheme," https://itscc.kr/svc/svc/openPage.do?pageId=010200 (accessed Aug. 2019). |
16 | TTA.KO-12.0307-part1, "Security Requirements for Industrial Control System - Part 1: Concepts and Reference Model," Telecommunications Technology Association, Jun. 2017. |
17 | TTA.KO-12.0307-part2, "Security Requirements for Industrial Control System - Part 2: Field Device Layer," Telecommunications Technology Association, Jun. 2017. |
18 | TTA.KO-12.0307-part3, "Security Requirements for Industrial Control System - Part 3: Control Layer," Telecommunications Technology Association, Jun. 2017. |
19 | J. G. Song, J. W. Lee, G. Y. Park, K. C. Kwon, D. Y. Lee, and C. K. Lee, "An Analysis of Technical Security Control Requirements for Digital I&C System in Nuclear Power Plants," Nuclear Engineering and Technology, vol. 45, pp. 637-652, Oct. 2013. DOI |
20 | NEI 18-08, "Portable Media Scanning Stations / Kiosk cyber Security Controls Evaluation Template," Nuclear Energy Institute, Aug. 2018. |
21 | J. Searle, G. Rasche, A. Wright, S. Dinnage, "Guide to Penetration Testing for Electric Utilities Revision 3," National Electric Sector Cybersecurity Organization Resource, 2016. |
![]() |