Browse > Article
http://dx.doi.org/10.1016/j.net.2021.12.011

Development of a method for securing the operator's situation awareness from manipulation attacks on NPP process data  

Lee, Chanyoung (Department of Nuclear and Quantum Engineering, Korea Advanced Institute of Science and Technology)
Song, Jae Gu (Korea Atomic Energy Research Institute)
Lee, Cheol Kwon (Korea Atomic Energy Research Institute)
Seong, Poong Hyun (Department of Nuclear and Quantum Engineering, Korea Advanced Institute of Science and Technology)
Publication Information
Nuclear Engineering and Technology / v.54, no.6, 2022 , pp. 2011-2022 More about this Journal
Abstract
According to the defense-in-depth concept, not only a preventive strategy but also an integrated cyberattack response strategy for NPPs should be established. However, there are limitations in terms of responding to penetrations, and the existing EOPs are insufficient for responding to intentional disruptions. In this study, we focus on manipulative attacks on process data. Based on an analysis of the related attack vectors and possible attack scenarios, we adopt the Kalman filter to detect process anomalies that can be caused by manipulations of process data. To compensate for these manipulations and secure MCR operators' situational awareness, we modify the Kalman filter such that it can filter out the effects of the manipulations adaptively. A case study was conducted using a hardware-in-the-loop system. The results indicated that the developed method can be used to verify whether the displayed safety-related state data are reliable and to implement the required safety response actions.
Keywords
Cyber attack response; Manipulation attacks on process data; Control theory-based system analysis; Adaptive Kalman filter; Hardware in the loop system;
Citations & Related Records
Times Cited By KSCI : 9  (Citation Analysis)
연도 인용수 순위
1 Dong Hyuk Lim, Lee Sung Han, Na Man Gyun, Smart soft-sensing for the feedwater flowrate at PWRs using a GMDH algorithm, IEEE Trans. Nucl. Sci. 57 (1) (2010) 340-347.   DOI
2 Thomas M. Chen, Saeed Abu-Nimeh, Lessons from stuxnet, Computer 44 (4) (2011) 91-93.   DOI
3 Myeong-Soo Lee, et al., Integrated Performance Validation Facility for KNICS MMIS, the Korean Nuclear Society Spring Meeting, 2007.
4 Caroline Baylon, Roger Brunt, David Livingstone, Cyber Security at Civil Nuclear Facilities: Understanding the Risks: Chatham House Report, Chatham House for the Royal Institute of International Affairs, 2015.
5 Jinsoo Shin, Hanseong Son, Gyunyoung Heo, Cyber security risk evaluation of a nuclear I&C using BN and ET, Nuclear Engineering and Technology 49 (3) (2017) 517-524.   DOI
6 Chanyoung Lee, Sang Min Han, Poong Hyun Seong, Development of a quantitative method for identifying fault-prone cyber security controls in NPP digital I&C systems, Ann. Nucl. Energy 142 (2020) 107398.   DOI
7 Yunfei Zhao, et al., Finite-horizon semi-Markov game for time-sensitive attack response and probabilistic risk assessment in nuclear power plants, Reliab. Eng. Syst. Saf. 201 (2020) 106878.   DOI
8 Nuclear Energy Institute (NEI), Identifying Systems and Assets Subject to the Cyber Security Rule, Jul. 2012. NEI 10-04 Rev.2.
9 Pierre Le Bot, Human reliability data, human error and accident models-illustration through the Three Mile Island accident analysis, Reliab. Eng. Syst. Saf. 83 (2) (2004) 153-167.   DOI
10 Yilin Mo, Sinopoli Bruno, Secure Control against Replay attacks." 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton), IEEE, 2009.
11 Fan Zhang, J. Wesley Hines, Jamie B. Coble, A robust cybersecurity solution platform architecture for digital instrumentation and control systems in nuclear power facilities, Nucl. Technol. 206 (7) (2020) 939-950.   DOI
12 Jae-hee Roh, et al., Cyber security system with FPGA-based network intrusion detector for nuclear power plant, in: IECON 2020 the 46th Annual Conference of the IEEE Industrial Electronics Society, IEEE, 2020.
13 Chanyoung Lee, Poong-Hyun Seong, Development of a framework for NPP process-aware cyber attack detection and diagnosis methodology, in: Transactions of the American Nuclear Society, American Nuclear Society, 2020.
14 Takashi Irita, Toru Namerikawa, Decentralized fault detection of multiple cyber attacks in power network via Kalman filter, in: 2015 European Control Conference (ECC), IEEE, 2015.
15 Jae-Gu Song, et al., An analysis of technical security control requirements for digital I&C systems in nuclear power plants, Nuclear Engineering and Technology 45 (5) (2013) 637-652.   DOI
16 Jae-gu Song, et al., Development of hardware in the loop system for cyber security training in nuclear power plants, Journal of The Korea Institute of Information Security & Cryptology 29 (4) (2019) 867-875.   DOI
17 Harold Booth, Doug Rike, Gregory A. Witte, The National Vulnerability Database (Nvd): Overview, 2013.
18 Marshall Abrams, Joe Weiss, Malicious Control System Cyber Security Attack Case Study-Maroochy Water Services, MITRE CORP MCLEAN VA MCLEAN, Australia, 2008.
19 Anton Cherepanov, WIN32/INDUSTROYER: a new threat for industrial control systems, White paper, ESET (June 2017) (2017).
20 Robert M. Lee, M.J. Assante, T. Conway, Crashoverride: Analysis of the Threat to Electric Grid Operations, Dragos Inc., March, 2017.
21 U.S., Nuclear Regulatory Commission, "The U.S. Nuclear Regulatory Commission's Cyber Security Regulatory Framework for Nuclear Power Reactors, " NUREG/CR-7141 November, 2014, pp. 1-77.
22 Chanyoung Lee, Young Ho Chae, Poong Hyun Seong, Development of a method for estimating security state: supporting integrated response to cyber-attacks in NPPs, Ann. Nucl. Energy 158 (2021) 108287.   DOI
23 Seung Geun Kim, Young Ho Chae, Poong Hyun Seong, Development of a generative-adversarial-network-based signal reconstruction method for nuclear power plants, Ann. Nucl. Energy 142 (2020) 107410.   DOI
24 Xinan Zhang, et al., Sensor fault detection, isolation and system reconfiguration based on extended Kalman filter for induction motor drives, IET Electr. Power Appl. 7 (7) (2013) 607-617.   DOI
25 International Atomic Energy Agency (IAEA), Computer Security Incident Response Planning at Nuclear Facilities, IAEA-TDL-005, IAEA, Vienna, 2016.
26 International Atomic Energy Agency (IAEA), Computer Security of Instrumentation and Control Systems at Nuclear Facilities, IAEA Nuclear Security Series No. 33-T, IAEA, Vienna, 2018.
27 Derui Ding, et al., A survey on security control and attack detection for industrial cyber-physical systems, Neurocomputing 275 (2018) 1674-1683.   DOI
28 Lee, Chanyoung, et al. "Development of a cyberattack response planning method for nuclear power plants by using the Markov decision process model." Ann. Nucl. Energy 166 (2022): 108725.   DOI
29 Hyun Gook Kang, Seung-Cheol Jang, A quantitative study on risk issues in safety feature control system design in digitalized nuclear power plant, J. Nucl. Sci. Technol. 45 (8) (2008) 850-858.   DOI
30 Elias Levy, Crossover: online pests plaguing the off line world, IEEE Security & Privacy 1 (6) (2003) 71-73.   DOI
31 Jong Woo Park, Seung Jun Lee, A quantitative assessment framework for cyber-attack scenarios on nuclear power plants using relative difficulty and consequence, Ann. Nucl. Energy 142 (2020) 107432.   DOI
32 Yanhua Zou, et al., Human reliability analysis for digitized nuclear power plants: case study on the LingAo II nuclear power plant, Nuclear Engineering and Technology 49 (2) (2017) 335-341.   DOI
33 Won Dea Jung, Dae Il Kang, Jae Whan Kim, Development of a Standard Method for Human Reliability Analysis of Nuclear Power Plants, 2005. KAERI/TR-2961/2005.
34 Hee Eun Kim, et al., Systematic development of scenarios caused by cyber-attack-induced human errors in nuclear power plants, Reliab. Eng. Syst. Saf. 167 (2017) 290-301.   DOI
35 Samira Roshany-Yamchi, et al., Kalman filter-based distributed predictive control of large-scale multi-rate systems: application to power networks, IEEE Trans. Control Syst. Technol. 21 (1) (2011) 27-39.   DOI
36 Francois Auger, et al., Industrial applications of the Kalman filter: a review, IEEE Trans. Ind. Electron. 60 (12) (2013) 5458-5471.   DOI
37 U.S, Nuclear Regulatory Commission, "REGULATORY GUIDE 5.71 Cyber Security Programs for Nuclear Facilities, 2010, pp. 1-105. January.
38 International Atomic Energy Agency, (IAEA), Computer Security for Nuclear Security, IAEA Nuclear Security Series No. 42-G, IAEA, Vienna, 2021.
39 International Atomic Energy Agency (IAEA), Computer security at nuclear facilities, in: IAEA Nuclear Security Series No., vol. 17, IAEA, Vienna, 2011.
40 Jae-Gu Song, et al., A cyber security risk assessment for the design of I&C systems in nuclear power plants, Nuclear engineering and technology 44 (8) (2012) 919-928.   DOI
41 Venkata Reddy Palleti, Yu Chong Tan, Lakshminarayanan Samavedham, A mechanistic fault detection and isolation approach using Kalman filter to improve the security of cyber physical systems, J. Process Control 68 (2018) 160-170.   DOI
42 Jairo Giraldo, et al., A survey of physics-based attack detection in cyber-physical systems, ACM Comput. Surv. 51 (4) (2018) 1-36.
43 Jean-Yves Keller, Dominique Sauter, Monitoring of stealthy attack in networked control systems, in: 2013 Conference on Control and Fault-Tolerant Systems (SysTol), IEEE, 2013.
44 Young Gyu No, Poong Hyun Seong, Monitoring the performance of Aux. Feedwater pump using smart sensing model, KNS Autumn Meeting (2015) 29-30.
45 Hamed Orojloo, Mohammad Abdollahi Azgomi, A game-theoretic approach to model and quantify the security of cyber-physical systems, Comput. Ind. 88 (2017) 44-57.   DOI
46 Chanyoung Lee, Yim Ho Bin, Seong Poong Hyun, Development of a quantitative method for evaluating the efficacy of cyber security controls in NPPs based on intrusion tolerant concept, Ann. Nucl. Energy 112 (2018) 646-654.   DOI
47 Chuadhry Mujeeb Ahmed, Adepu Sridhar, Aditya Mathur, Limitations of state estimation based cyber attack detection schemes in industrial control systems, in: 2016 Smart City Security and Privacy Workshop, SCSP-W). IEEE, 2016.
48 Kee-choon Kwon, Myeong-Soo Lee, Technical review on the localized digital instrumentation and control systems, Nuclear engineering and technology 41 (i) (2009) 447-454.   DOI
49 Korea Institute of Nuclear Nonproliferation and Control (KINAC), "Regulatory Standard on Cyber Security for Computer and Information System of Nuclear Facilities" RS-015, 2014.
50 International Atomic Energy Agency (IAEA), Objective and Essential Elements of a State's Nuclear Security Regime, IAEA Nuclear Security Series No. 20, IAEA, Vienna, 2013.
51 Andre Teixeira, et al., A secure control framework for resource-limited adversaries, Automatica 51 (2015) 135-148.   DOI
52 S.I.L.V.A. e, R.A. Busquim, et al., Advanced method for neutronics and system code coupling RELAP, PARCS, and MATLAB for instrumentation and control assessment, Ann. Nucl. Energy 140 (2020) 107098.   DOI
53 e Silva, RA Busquim, et al. "Cybersecurity assessment framework for digital interface between safety and security at nuclear power plants." International Journal of Critical Infrastructure Protection 34 (2021): 100453.   DOI
54 Kebina Manandhar, et al., Detection of faults and attacks including false data injection attack in smart grid using Kalman filter, IEEE transactions on control of network systems 1 (4) (2014) 370-379.   DOI
55 Chanyoung Lee, et al., Development of a demonstrable nuclear cyber security test-bed and application plans, in: In Transactions of the, vol. 2019, KNS Spring Meeting, 2019, pp. 23-25.
56 MathWorks, System Identification Toolbox User's Guide, MathWorks, 2016.
57 Jae-gu Song, et al., Preparation for cyber security incident response training in nuclear power plants, in: In Transactions of the 2020, KNS Spring Meeting, 2020, pp. 9-11.
58 Suvi Leppanen, Shohel Ahmed, Robin Granqvist, Cyber security incident report-Norsk Hydro, Procedia Economics and Finance (2019).
59 Roy S. Smith, Covert misappropriation of networked control systems: presenting a feedback structure, IEEE Control Syst. Mag. 35 (1) (2015) 82-92.   DOI
60 Hyun Gook Kang, Poong Hyun Seong, Information theoretic approach to manmachine interface complexity evaluation, IEEE Trans. Syst. Man Cybern. Syst. Hum. 31 (3) (2001) 163-171.   DOI
61 Jong Hyun Kim, Poong Hyun Seong, A quantitative approach to modeling the information flow of diagnosis tasks in nuclear power plants, Reliab. Eng. Syst. Saf. 80 (1) (2003) 81-94.   DOI
62 Francesco Di Maio, Ajit Rai, Enrico Zio, A dynamic probabilistic safety margin characterization approach in support of Integrated Deterministic and Probabilistic Safety Analysis, Reliab. Eng. Syst. Saf. 145 (2016) 9-18.   DOI
63 Wei Wang, et al., A Monte Carlo-based exploration framework for identifying components vulnerable to cyber threats in nuclear power plants, Reliab. Eng. Syst. Saf. 175 (2018) 24-37.   DOI
64 Theodore J. Williams, The Purdue enterprise reference architecture, Comput. Ind. 24 (2-3) (1994) 141-158.   DOI
65 Jinsoo Shin, et al., Application of STPA-SafeSec for a cyber-attack impact analysis of NPPs with a condensate water system test-bed, Nucl. Eng. Technol. 53 (10) (2021) 3319-3326.   DOI