• Nuclear Engineering and Technology
• /
• v.55 no.1
• /
• pp.25-36
• /
• 2023

Nuclear power plants have recognized the importance of nuclear cybersecurity. Based on regulatory guidelines and security-related standards issued by regulatory agencies around the world including IAEA, NRC, and KINAC, nuclear operating organizations and related systems manufacturing organizations, design companies, and regulatory agencies are considering methods to prepare for nuclear cybersecurity. Cryptographic algorithms have to be developed and applied in order to meet nuclear cybersecurity requirements. This paper presents methodologies for validating cryptographic algorithms that should be continuously applied at the critical control system of I&C in NPPs. Through the proposed schemes, validation programs are developed in the PLC, which is a critical system of a NPP's I&C, and the validation program is verified through simulation results. Since the development of a cryptographic algorithm validation program for critical digital systems of NPPs has not been carried out, the methodologies proposed in this paper could provide guidelines for Cryptographic Module Validation Modeling for Control Systems in NPPs. In particular, among several CMVP, specific testing techniques for ECB mode-based block ciphers are introduced with program codes and validation models.

• Proceedings of the Korean Radioactive Waste Society Conference
• /
• 2018.11a
• /
• pp.31-32
• /
• 2018

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.471-478
• /
• 2013

Industrial control system was designed mainly in the form of analog in early days. However, necessity of digital system engineering is increasing recently because systems become complicated. Consequently, stability of digital systems is improved so most industrial control systems are designed with digital. Because Using digital design of Industrial control system is expanded, various threatening possibilities such as penetration or destruction of systems are increasing enormously. Domestic and overseas researchers accordingly make a multilateral effort into risk analysis and preparing countermeasures. In this paper, this report chooses common security requirement in industrial control system and nuclear control system through relevant guidelines analysis. In addition, this report suggests the development plan of nuclear cyber security system which will be an essential ingredient of planning approvals.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.877-884
• /
• 2019

As technology advances, equipment installed in Nuclear facilities are changing from analog system to digital system. Nuclear facilities have been exposed to cyber threats as the proportion of computers and digital systems increases. As a result, interest in cyber security has increased and there has been a need to protect the system from cyber attacks. KINAC presented 101 cyber security controls for critical digital asset. However, this is a general measure that does not take into account the characteristics of digital assets. Applying all cyber security controls to critical digital assets is a heavy task and can be lower efficient. In this paper, we propose an effective cyber security controls by identifying the characteristics of critical digital assets and presenting proper security measures.

• Nuclear Engineering and Technology
• /
• v.56 no.4
• /
• pp.1234-1243
• /
• 2024

The pressing need to mitigate greenhouse gas emissions has stimulated a renewed interest in nuclear energy worldwide. However, while numerous countries have shown interest in nuclear power over the course of history, many of them have not continued their pursuit and chosen to defer or abandon their peaceful nuclear power projects. Scrapping a national nuclear power program after making initial efforts implies significant challenges in such a course or a waste of national resources. Therefore, this study aims to identify the crucial factors that influence a country's decision to terminate or hold off its peaceful nuclear power programs. Our empirical analyses demonstrate that major nuclear accidents and leadership changes are significant factors that lead countries to terminate or defer their nuclear power programs. Additionally, we highlight that domestic politics (democracy), lack of military alliance with major nuclear suppliers, low electricity demand, and national energy security environments (energy import, crude oil price) can hamper a country's possibility of regaining interest in a nuclear power program after it has been scrapped, suspended, or deferred. The findings of this study have significant implications for policymakers and stakeholders in the energy sector as they strive to balance the competing demands of energy security, and environmental sustainability.

• Journal of Public Diplomacy
• /
• v.3 no.1
• /
• pp.43-63
• /
• 2023

Objectives: Nuclear security and atomic energy industry have always been the domain of political and economical diplomatic affairs. The issue of nuclear proliferation must be resolved politically or militarily given the importance of the problem, the impact it has on global security, the influence of major powers, and non-proliferation regimes. Considering scope of the budget, manpower, and scale of the project, the atomic energy issue was also viewed from an economic perspective. Therefore, the goal of this study is to depart from the conventional viewpoint and investigate if public diplomacy may be extended to a new issue domain of nuclear security and atomic energy. Methods: In order to determine whether there are any areas that overlap, the uniqueness of Korea's position in the nuclear security and atomic power domains is evaluated and compared with the traits of public diplomacy. Results: It seems plausible to broaden the scope and function of public diplomacy in that field given Korea's uniqueness in nuclear security and atomic energy issue and overlap with public diplomacy. This is especially true given that the state must take the leading role and that ongoing policy demands are made in light of Korea's security and economic structure. In reality, it is assessed that the Summer Fellows Program, run by the KAIST Nuclear Nonproliferation Education and Research Center (KAIST NEREC), has had a considerable impact on public diplomacy in the area of nuclear security and atomic energy. Conclusions: Nuclear security and atomic energy issues have traditionally been handled from the perspectives of political diplomacy, summit diplomacy, and economic diplomacy. However, this paper evaluate that the possibility of enhancing the role of public diplomacy in this issue area is high and underscore that the budget support, programs, and manpower for similar public diplomacy activities are needed. Through this, South Korea's nuclear security policy and atomic energy industry could be supported from international community and it will advance national interest.

• Nuclear Engineering and Technology
• /
• v.45 no.5
• /
• pp.637-652
• /
• 2013

Instrumentation and control systems in nuclear power plants have been digitalized for the purpose of maintenance and precise operation. This digitalization, however, brings out issues related to cyber security. In the most recent past, international standard organizations, regulatory institutes, and research institutes have performed a number of studies addressing these systems cyber security.. In order to provide information helpful to the system designers in their application of cyber security for the systems, this paper presents methods and considerations to define attack vectors in a target system, to review and select the requirements in the Regulatory Guide 5.71, and to integrate the results to identify applicable technical security control requirements. In this study, attack vectors are analyzed through the vulnerability analyses and penetration tests with a simplified safety system, and the elements of critical digital assets acting as attack vectors are identified. Among the security control requirements listed in Appendices B and C to Regulatory Guide 5.71, those that should be implemented into the systems are selected and classified in groups of technical security control requirements using the results of the attack vector analysis. For the attack vector elements of critical digital assets, all the technical security control requirements are evaluated to determine whether they are applicable and effective, and considerations in this evaluation are also discussed. The technical security control requirements in three important categories of access control, monitoring and logging, and encryption are derived and grouped according to the elements of attack vectors as results for the sample safety system.

• Nuclear Engineering and Technology
• /
• v.53 no.10
• /
• pp.3319-3326
• /
• 2021

As a form of industrial control systems (ICS), nuclear instrumentation and control (I&C) systems have been digitalized increasingly. This has raised in turn cyber security concerns. Cyber security for ICS is important because cyber-attacks against ICS can cause not only equipment damage and loss of production but also personal and public safety hazards unlike in general IT environments. Numerous risk analyses have been carried out to enhance the safety of ICS and recently, many studies related to the cyber security of ICS are being conducted. Many existing risk analyses and cyber security studies have considered safety and cyber security separately. However, both safety and cyber security perspectives should be considered when analyzing risks for complex and critical ICS facilities such as nuclear power plants (NPPs). In this paper, the STPA-SafeSec methodology is selected to consider both safety and security perspectives when performing a risk analysis for NPPs in order to assess impacts on the safety by cyber-attacks against the digital I&C systems. The STPA-SafeSec methodology was applied to a test-bed system that simulates a condensate water (CD) system in an NPP. The process of the application up to the development of mitigation strategies is described in detail.

• Nuclear Engineering and Technology
• /
• v.53 no.8
• /
• pp.2445-2453
• /
• 2021

Since the nuclear data forms a vital component in reactor physics computations, the nuclear community needs processing codes as tools for translating the Evaluated Nuclear Data Files (ENDF) to simulate nuclear-related problems such as an ACE format that is used for MCNP. Errors, inaccuracies or discrepancies in library processing may lead to a calculation that disagrees with the experimentally measured benchmark. This paper provides an overview of the processing and preparation of ENDF/B-VIII.0 incident neutron data with NECP-Atlas and NJOY codes for implementation in the MCNP code. The resulting libraries are statistically inter-compared and tested by conducting benchmark calculations, as the mutualcomparison is a source of strong feedback for further improvements in processing procedures. The database of the benchmark experiments is based on a selection taken from the International Handbook of Evaluated Criticality Safety Benchmark Experiments (ICSBEP handbook) and those proposed by Russell D. Mosteller. In general, there is quite good agreement between the NECP-Atlas1.2 and NJOY21^(1.0.0.json) results with no substantial differences, if the correct input parameters are used.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.264-266
• /
• 2015

Currently as cyber threats grow up targeting nuclear power plants(NPP), licensees must guarantee that computer and information systems of nuclear facilities can be adequately protected against cyber attack. Especially critical system that cause illegal transfer of nuclear material and adverse impact to public safety need protecting. In this paper, we surveying the cyber threat examples targeted at NPP, and taxonomy the method of cyber security for NPPs in korea through analyzing the methodology to identify critical system and address cyber security controls for nuclear facilities.