AN ANALYSIS OF TECHNICAL SECURITY CONTROL REQUIREMENTS FOR DIGITAL I&C SYSTEMS IN NUCLEAR POWER PLANTS |
Song, Jae-Gu
(Korea Atomic Energy Research Institute)
Lee, Jung-Woon (Korea Atomic Energy Research Institute) Park, Gee-Yong (Korea Atomic Energy Research Institute) Kwon, Kee-Choon (Korea Atomic Energy Research Institute) Lee, Dong-Young (Korea Atomic Energy Research Institute) Lee, Cheol-Kwon (Korea Atomic Energy Research Institute) |
1 | Kee-choon Kwon and Myeongsoo Lee, Technical review on the localized digital instrumentation and control systems, Nuclear engineering and technology Vol.41 No.4 May 2009 - Special issue in celebration of the 40th anniversary of the Korean Nuclear Society, 2009. 과학기술학회마을 DOI ScienceOn |
2 | 10 CFR Part 73.54, Protection of Digital Computer and Communication Systems and Networks, U.S. Nuclear Regulatory Commission, Washington, DC., 2009. |
3 | Regulatory Guide 5.71, Cyber Security Programs for Nuclear Facilities, U.S. Nuclear Regulatory Commission, January 2010. |
4 | KINS/RG-N08.22, Cyber Security of Instrumentation and Control Systems, Korea Institute of Nuclear Safety, 2009. |
5 | IAEA Nuclear Security Series No.17 Technical guidance Computer security at nuclear facilities, 2011. |
6 | IEEE Standard 7-4.3.2-2010, Standard Criteria for Digital Computers in Safety Systems of Nuclear Power Generating Stations, August 2, 2010. |
7 | Marcelo Masera, Igor Nai Fovino, Bogdan Vamanu, ICT aspects of power systems and their security, Institute for the Protection and Security of the Citizen, Joint Research Centre, November 2010. |
8 | Igor Nai Fovino, Luca Guidi, Marcelo Masera, and Alberto Stefanini, Cyber security assessment of a power plant, Electric Power Systems Research, (81), pp518-526, Elsevier, 2011. |
9 | NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security, June 2011. |
10 | Common Cyber Security Vulnerabilities Observed in DHS Industrial Control Systems Assessments, Homeland Security, July 2009. |
11 | Recommended Practice: Improving Industrial Control Systems Cyber security with Defense-In-Depth Strategies, Homeland Security, October 2009. |
12 | Control Systems Cyber Security: Defense in Depth Strategies, INL/EXT-06-11478, David Kuipers, Mark Fabro, Idaho National Laboratory, Idaho Falls, Idaho, May 2006. |
13 | Critical Infrastructure Protection, Challenges and Efforts to Secure Control Systems, GAO-04-354, United States General Accounting Office, March 2004. |
14 | Gee-Yong Park, Cheol Kwon Lee, Jong Gyun Choi, Dong Hoon Kim, Young Jun Lee, and Kee-Choon Kwon, Cyber Security Analysis by Attack Trees for a Reactor Protection System, Transactions of the Korean Nuclear Society Autumn Meeting PyeongChang, Korea, October 30-31, 2008. |
15 | Jung-Woon Lee, Cheol-Kwon Lee, Jae-Gu Song, and Dong-Young Lee, Cyber Security Considerations in the Development of I&C Systems for Nuclear Power Plants, The 2011 International Conference on Security and Management (SAM'11), Las Vegas, USA, July 18-21, 2011. |
16 | Jae-Gu Song, Jung-Woon Lee, Cheol-Kwon Lee, Kee-Choon Kwon, and Dong-Young Lee, A cyber security risk assessment for the design of I&C systems in nuclear power plants, Nuclear engineering and technology, Vol.44 No.8 December 2012. 과학기술학회마을 DOI ScienceOn |
17 | Jung-Woon Lee, Jae-Gu Song, Cheol-Kwon Lee, and Dong-Young Lee, A Conceptual Framework for Securing Digital I&C Systems in Nuclear Power Plants, The 2012 International Conference on Security and Management (SAM'12), Las Vegas, USA, July 16 - 19, 2012. |
18 | NIST Special Publication 800-53 Revision 3, Recommended Security Controls for Federal Information Systems, August 2009. |
19 | NIST Special Publication 800-30, Risk Management Guide for Information Technology Systems, July 2002. |
20 | http://searchsecurity.techtarget.com/definition/attack-vector |
21 | NEI 04-04 Revision 1, Cyber Security Program for Power Reactors, Nuclear Energy Institute, November 18, 2005. |
22 | NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security, June 2011. |
23 | Common Vulnerability and Exposures (CVE), http://cve.mitre.org. |
24 | NEI 03-12 Revision 6, Security Plan, Training and Qualification Plan, and Safeguards Contingency Plan, Nuclear Energy Institute. |
![]() |