• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.258-259
• /
• 2020

한국인터넷진흥원에서는 2020년 사이버 공격에 대한 7대 전망을 일상 속 보안 취약점, 공공기관·기업 대상 랜섬웨어, 가상동화 거래소를 통한 해킹 사고, 문자 메시지·이메일을 통한 악성코드 감염, 지능형 표적 공격, 소프트웨어 공급망 공격, 융합 서비스 보안 위협으로 제시하였다. 이에 본 논문에서는 신규 사이버위협에 대한 동향 분석을 통하여 기관의 정보보안을 위해 대응할 수 있는 방안에 대해 살펴보고자 한다.

• Nuclear Engineering and Technology
• /
• v.50 no.6
• /
• pp.820-828
• /
• 2018

The growing nuclear threat has amplified the need for developing diverse and accurate nuclear forensics analysis techniques to strengthen nuclear security measures. The work presented here is part of a research effort focused on developing a methodology for reactor-type discrimination of weapons-grade plutonium. To verify the developed methodology, natural $UO_2$ fuel samples were irradiated in a thermal neutron spectrum at the University of Missouri Research Reactor (MURR) and produced approximately $20{\mu}g$ of weapons-grade plutonium test material. Radiation transport simulations of common thermal reactor types that can produce weapons-grade plutonium were performed, and the results are presented here. These simulations were needed to verify whether the plutonium produced in the natural $UO_2$ fuel samples during the experimental irradiation at MURR was a suitable representative to plutonium produced in common thermal reactor types. Also presented are comparisons of fission product and plutonium concentrations obtained from computational simulations of the experimental irradiation at MURR to the nondestructive and destructive measurements of the irradiated natural $UO_2$ fuel samples. Gamma spectroscopy measurements of radioactive fission products were mostly within 10%, mass spectroscopy measurements of the total plutonium mass were within 4%, and mass spectroscopy measurements of stable fission products were mostly within 5%.

• Nuclear Engineering and Technology
• /
• v.55 no.7
• /
• pp.2628-2641
• /
• 2023

Nuclear safety is the lifeline for the development and application of nuclear energy. In severe accidents of pressurized water reactor (PWR), aerosols, as the main carrier of fission products, are suspended in the containment vessel, posing a potential threat of radioactive contamination caused by leakage into the environment. The gas-phase aerosols suspended in the containment will settle onto the wall or sump water through the natural deposition mechanism, thereby reducing atmospheric radioactivity. Aiming at the low accuracy of the aerosol model in the ISAA code, this paper improves the natural deposition model of aerosol in the containment. The aerosol dynamic shape factor was introduced to correct the natural deposition rate of non-spherical aerosols. Moreover, the gravity, Brownian diffusion, thermophoresis and diffusiophoresis deposition models were improved. In addition, ABCOVE, AHMED and LACE experiments were selected to validate and evaluate the improved ISAA code. According to the calculation results, the improved model can more accurately simulate the peak aerosol mass and respond to the influence of the containment pressure and temperature on the natural deposition rate of aerosols. At the same time, it can significantly improve the calculation accuracy of the residual mass of aerosols in the containment. The performance of improved ISAA can meet the requirements for analyzing the natural deposition behavior of aerosol in containment of advanced PWRs in severe accident. In the future, further optimization will be made to address the problems found in the current aerosol model.

• Nuclear Engineering and Technology
• /
• v.53 no.8
• /
• pp.2454-2463
• /
• 2021

The objective of this research is to the use of americium (AmO₂) as a burnable absorber effectively instead of conventional gadolinium (Gd₂O₃) for VVER-1200 reactor by analyzing its impacts on reactivity, power peaking factor (PPF), safety factor, and quality of the spent fuel. The assembly is burned to 60 GWd/t by using SRAC-2006 code and JENDL-4.0 data library for finding the optimum amount and effective way of using AmO₂ as a burnable absorber. From these studies, it is found that AmO₂ can decrease the excess reactivity like Gd₂O₃ without changing the criticality life span and enrichment of ²³⁵U. A homogeneous mixture of the 0.20% AmO₂+ 4.95% enriched UO₂ fuel rod (model MF-4) decreases the PPF than the reference assembly. The use of AmO₂+UO₂ in the integral burnable absorber (IBA) rod or the outer layer could also decrease the PPF up to 10 GWd/t but increases rapidly after 30 GWd/t, which could be a safety threat. The fuel temperature coefficient and void coefficient of the model MF-4 are the same as the reference assembly. In addition, 22% of initially loaded Am are burning effectively and contributing to the power production.

• Nuclear Engineering and Technology
• /
• v.44 no.8
• /
• pp.919-928
• /
• 2012

The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the lifecycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.4
• /
• pp.285-296
• /
• 2018

Among many hacking attempts carried out in the past few years, the cyber-attacks that could have caused a national-level disaster were the attacks against nuclear facilities including nuclear power plants. The most typical one was the Stuxnet attack against Iranian nuclear facility and the cyber threat targeting one of the facilities operated by Korea Hydro and Nuclear Power Co., Ltd (Republic of Korea; ROK). Although the latter was just a threat, it made many Korean people anxious while the former showed that the operation of nuclear plant can be actually stopped by direct cyber-attacks. After these incidents, the possibility of cyber-attacks against industrial control systems has become a reality and the security for these systems has been tightened based on the idea that the operations by network-isolated systems are no longer safe from the cyber terrorism. The ROK government has established a realistic control systems defense concept and in the US, the relevant authorities have set up several security frameworks to prepare for the threats. This paper presented various cyber security attack cases and their scenarios against control systems, along with the analysis of countermeasures for them. Though this task, we attempt to identify the items that need to be considered when designing a domestic security framework to improve security and secure stability.

• Journal of the Korean Society of Systems Engineering
• /
• v.14 no.2
• /
• pp.73-82
• /
• 2018

In this work, a hardware based cryptographic module for the cyber security of nuclear power plant is developed using a system engineering approach. Nuclear power plants are isolated from the Internet, but as shown in the case of Iran, Man-in-the-middle attacks (MITM) could be a threat to the safety of the nuclear facilities. This FPGA-based module does not have an operating system and it provides protection as a firewall and mitigates the cyber threats. The encryption equipment consists of an encryption module, a decryption module, and interfaces for communication between modules and systems. The Advanced Encryption Standard (AES)-128, which is formally approved as top level by U.S. National Security Agency for cryptographic algorithms, is adopted. The development of the cyber security module is implemented in two main phases: reverse engineering and re-engineering. In the reverse engineering phase, the cyber security plan and system requirements are analyzed, and the AES algorithm is decomposed into functional units. In the re-engineering phase, we model the logical architecture using Vitech CORE9 software and simulate it with the Enhanced Functional Flow Block Diagram (EFFBD), which confirms the performance improvements of the hardware-based cryptographic module as compared to software based cryptography. Following this, the Hardware description language (HDL) code is developed and tested to verify the integrity of the code. Then, the developed code is implemented on the FPGA and connected to the personal computer through Recommended Standard (RS)-232 communication to perform validation of the developed component. For the future work, the developed FPGA based encryption equipment will be verified and validated in its expected operating environment by connecting it to the Advanced power reactor (APR)-1400 simulator.

• Strategy21
• /
• s.39
• /
• pp.5-46
• /
• 2016

North Korea's 4th nuclear test on Jan. 6 and following developments once again awakened the world into seriousness of the nuclear matters on the Korean peninsula. On March 2, UNSC adopted Resolution 2270 which is complemented by Seoul government's measures such as withdrawal from the Gaesung Industrial Complex (Feb. 9) and announcement of unilateral sanction (March 8). Seoul government also strongly urged the international community to strangle North Korea's 'financial resources.' The U.S., Japan, China, and other countries have issued unilateral sanctions to complement the UNSC measure. South Korea and the U.S. conducted their annual joint military drill (Resolve-Foal Eagle) in the largest-ever scale. North Korea, however, responded with demonstration of its nuclear capabilities and announcement of de facto 'nuclear-first' politics. North Korea test-fired a variety of delivery vehicles, threatened nuclear strikes against South Korea and the U.S., and declared itself as an 'invincible nuclear power armed with hydrogen bombs' at the 7th Workers 'Party Congress held in May, 2016. Considering the circumstantial evidences, the North's 4th nuclear test may have been a successful boosted fission bomb test. North Korea, and, if allowed to go on with its nuclear programs, will become a nuclear power armed with more than 50 nuclear weapons including hydrogen bombs. The North is already conducting nuclear blackmail strategy towards South Korea, and must be developing 'nuclear use' strategies. Accordingly, the most pressing challenge for the international community is to bring the North to 'real dialogue for denuclearization through powerful and consistent sanctions. Of course, China's cooperation is the key to success. In this situation, South Korea has urgent challenges on diplomacy and security fronts. A diplomatic challenge is how to lead China, which had shown dual attitudes between 'pressure and connivance' towards the North's nuclear matters pursuant to its military relations with the U.S, to participate in the sanctions consistently. A military one is how to offset the 'nuclear shadow effects' engendered by the North's nuclear blackmail and prevent its purposeful and non-purposeful use of nuclear weapons. Though South Korea's Ministry of Defense is currently spending a large portion of defense finance on preemption (kill-chain) and missile defense, they pose 'high cost and low efficiency' problems. For a 'low cost and high efficiency' of deterrence, South Korea needs to switch to a 'retaliation-centered' deterrence strategy. Though South Korea's response to the North's nuclear threat can theoretically be boiled down into dialogue, sanction and deterrence, now is the time to concentrate on strong sanction and determined deterrence since they are an inevitable mandatory course to destroy the North' nuclear-first delusion and bring it to a 'real denuclearization dialogue.'

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.363-374
• /
• 2015

Instrumentation and control(I&C) system has been mainly designed and operated based on analog technologies in existing Nuclear Power Plants(NPPs). However, As the development of Information Technology(IT), digital technologies are gradually being adopted in newly built NPPs. I&C System based on digital technologies has many advantages but it is vulnerable to cyber threat. For this reason, cyber threat adversely affects on safety and reliability of I&C system as well as the entire NPPs. Therefore, the software equipped to NPPs should be developed with cyber security attributes from the initiation phase of software development life cycle. Moreover through cyber security assessment, the degree of confidence concerning cyber security should be measured and if managerial, technical and operational work measures are implemented as intended should be reviewed in order to protect the I&C systems and information. Currently the overall cyber security program, including cyber security assessment, is not established on I&C systems. In this paper, we propose cyber security assessment methods in the Software Development Life Cycle by drawing cyber security activities and assessment items based on regulatory guides and standard technologies concerned with NPPs.

• Convergence Security Journal
• /
• v.17 no.3
• /
• pp.73-81
• /
• 2017

In April 2009, in the wake of President Obama's Prague speech, the international community held four nuclear sec urity summits from 2010 to 2016 to promote nuclear security and prevent nuclear terrorism. The Nuclear Security S ummit has made significant progress in preventing terrorists from attempting to acquire nuclear weapons or fissile materials, but it still has limitations and problems. To solve this problem, the international community should resume the joint efforts for strengthening bilateral cooperation and multilateral nuclear security regime, and the participating countries should strive to protect their own nuclear materials and fulfill their commitments to secure nuclear facilitie s. Second, the United Nations(UN), the IAEA(International Atomic Energy Agency), International Criminal Police Or ganization(INTERPOL), the Global Initiative to Combat Nuclear Terrorism(GICNT), and the Global Partnership(G P) must continue their missions to promote nuclear security in accordance with the five action plans adopted at the Fourth Nuclear Security Summit. Third, the participating countries should begin discussions on the management and protection of military nuclear materials that could not be covered by the Nuclear Security Summit. Fourth, the intern ational community must strive to strengthen the implementation of the Convention on the Physical Protection of Nuc lear Material(CPPNM) Amendment and International Convention for the Suppression of Acts of Nuclear Terrori sm(ICSANT), prepare for cyber attacks against nuclear facilities, and prevent theft, illegal trading and sabotage invo lving nuclear materials.