• Transactions of the Korean Society of Pressure Vessels and Piping
• /
• v.19 no.1
• /
• pp.6-10
• /
• 2023

Only about 10% of selected equipment in nuclear power plants are monitored by wiring to address failures or problems caused by vibration. The purpose is primarily for preventive maintenance, not for predictive maintenance. This paper shows that vibration monitoring and diagnosis using Industrial 4.0 enables the complete predictive maintenance for all vibrating equipments in nuclear power plants with the convergence of internet of things; wireless technology, big data through periodic collection and artificial intelligence. Predictive maintenance using wireless technology is possible in all areas of nuclear power plants and in all systems, but it should satisfy regulatory guides on electromagnetic interference and cyber security.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.491-494
• /
• 2019

The results from the analysis of recent security breach cases of industrial control systems revealed that most of them were caused by the employees of a partner company who had been managing the control system. For this reason, the majority of the current company security management systems have been developed focusing on their performances. Despite such effort, many hacking attempts against a major company, public institution or financial institution are still attempted by the partner company or outsourced employees. Thus, the institutions or organizations that manage Industrial Control Systems (ICSs) associated with major national infrastructures involving traffic, water resources, energy, etc. are putting emphasis on their security management as the role of those partners is increasingly becoming important as outsourcing security task has become a common practice. However, in reality, it is also a fact that this is the point where security is most vulnerable and various security management plans have been continuously studied and proposed. A system that enhances the security level of a partner company with a Virtual Desktop Infrastructure (VDI) has been developed in this study through research on the past performances of partner companies stationed at various types of industrial control infrastructures and its performance outcomes were statistically compiled to propose an appropriate model for the current ICSs by comparing vulnerabilities, measures taken and their results before and after adopting the VDI.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.21-31
• /
• 2018

Cyber penetration attacks can not only damage cyber space but can attack entire infrastructure such as electricity, gas, water, and nuclear power, which can cause enormous damage to the lives of the people. Also, cyber space has already been defined as the fifth battlefield, and strategic responses are very important. Most of recent cyber attacks are caused by malicious code, and since the number is more than 1.6 million per day, automated analysis technology to cope with a large amount of malicious code is very important. However, it is difficult to deal with malicious code encryption, obfuscation and packing, and the dynamic analysis technique is not limited to the performance requirements of dynamic analysis but also to the virtual There is a limit in coping with environment avoiding technology. In this paper, we propose a machine learning based malicious code analysis technique which improve the weakness of the detection performance of existing analysis technology while maintaining the light and high-speed analysis performance applicable to commercial endpoints. The results of this study show that 99.13% accuracy, 99.26% precision and 99.09% recall analysis performance of 71,000 normal file and malicious code in commercial environment and analysis time in PC environment can be analyzed more than 5 per second, and it can be operated independently in the endpoint environment and it is considered that it works in complementary form in operation in conjunction with existing antivirus technology and static and dynamic analysis technology. It is also expected to be used as a core element of EDR technology and malware variant analysis.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.274-276
• /
• 2016

2014년 12월, 한국수력원자력의 사이버테러, 이란의 원자력 농축시설을 대상으로 한 사이버공격 등 국내외에서 원자력시설을 대상으로 한 사이버공격이 발생하고 있다. 이에 따라, 사이버보안 중요성이 증가하면서 방사선 재해방지와 공공의 안전을 위한 효과적인 규제체계의 필요성이 증가하였다. 한국원자력통제기술원은 개정된 방사능방재법에 따라 2014년부터 사이버보안 정기검사를 수행하고 있으며, 정기검사에 활용할 취약점 점검툴을 통해 정기검사의 효과성 및 수행능력을 향상시키고자 한다.

• Nuclear Engineering and Technology
• /
• v.52 no.12
• /
• pp.2687-2698
• /
• 2020

Most of the machine learning-based intrusion detection tools developed for Industrial Control Systems (ICS) are trained on network packet captures, and they rely on monitoring network layer traffic alone for intrusion detection. This approach produces weak intrusion detection systems, as ICS cyber-attacks have a real and significant impact on the process variables. A limited number of researchers consider integrating process measurements. However, in complex systems, process variable changes could result from different combinations of abnormal occurrences. This paper examines recent advances in intrusion detection algorithms, their limitations, challenges and the status of their application in critical infrastructures. We also introduce the discussion on the similarities and conflicts observed in the development of machine learning tools and techniques for fault diagnosis and cybersecurity in the protection of complex systems and the need to establish a clear difference between them. As a case study, we discuss special characteristics in nuclear power control systems and the factors that constraint the direct integration of security algorithms. Moreover, we discuss data reliability issues and present references and direct URL to recent open-source data repositories to aid researchers in developing data-driven ICS intrusion detection systems.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.11-17
• /
• 2022

Cyber attacks on national infrastructure, including large-scale power outages in Ukraine, have continued in recent years. As a result, ICS-CERT vulnerabilities have doubled compared to last year, and vulnerabilities to industrial control systems are increasing day by day. Most control system operators develop vulnerability countermeasures based on the vulnerability information sources provided by ICS-CERT in the United States. However, it is not applicable to the security of domestic control systems because it does not provide weaknesses in Korean manufacturers' products. Therefore, this study presents a vulnerability analysis framework that integrates CVE, CWE, CAPE, and CPE information related to the vulnerability based on ICS-CERT information (1843 cases). It also identifies assets of nuclear facilities by using CPE information and analyzes vulnerabilities using CVE and ICS-CERT. In the past, only 8% of ICS-CERT's vulnerability information was searched for information on any domestic nuclear facility during vulnerability analysis, but more than 70% of the vulnerability information could be searched using the proposed methodology.

• Nuclear Engineering and Technology
• /
• v.55 no.3
• /
• pp.801-813
• /
• 2023

The events at Three Mile Island in the United States brought about fundamental changes in the ways that simulation would be used in nuclear operations. The need for research simulators was identified to scientifically study human-centered risk and make recommendations for process control system designs. This paper documents the human factors research conducted at the Human Systems and Simulation Laboratory (HSSL) since its inception in 2010 at Idaho National Laboratory. The facility's primary purposes are to provide support to utilities for system upgrades and to validate modernized control room concepts. In the last decade, however, as nuclear industry needs have evolved, so too have the purposes of the HSSL. Thus, beyond control room modernization, human factors researchers have evaluated the security of nuclear infrastructure from cyber adversaries and evaluated human-in-the-loop simulations for joint operations with an integrated hydrogen generation plant. Lastly, our review presents research using human reliability analysis techniques with data collected from HSSL-based studies and concludes with potential future directions for the HSSL, including severe accident management and advanced control room technologies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.243-253
• /
• 2022

Recently, cyber attacks on national infrastructure facilities have continued to occur. As a result, the vulnerabilities of ICS-CERTs have more than doubled from last year, and the vulnerabilities to industrial control systems such as nuclear facilities are increasing day by day. Most control system operators formulate vulnerability countermeasures based on the vulnerability information sources of industrial control systems provided by ICS-CERT in the United States. However, it is difficult to apply this to the security of domestic control systems because ICS-CERT does not contain all relevant vulnerability information and does not provide vulnerabilities to domestic manufacturer's products. In this research, we will utilize publicly available vulnerability-related information such as CVE, CWE, ICS-CERT, and CPE to discover vulnerabilities that may exist in control system assets and may occur in the future. I proposed a plan that can predict possible vulnerabilities and applied it to information on major domestic control systems.

• Nuclear Engineering and Technology
• /
• v.47 no.6
• /
• pp.729-737
• /
• 2015

Wireless communication technologies, especially smartphones, have become increasingly common. Wireless technology is widely used in general industry and this trend is also expected to grow with the development of wireless technology. However, wireless technology is not currently applied in any domestic operating nuclear power plants (NPPs) because of the highest priority of the safety policy. Wireless technology is required in operating NPPs, however, in order to improve the emergency responses and work efficiency of the operators and maintenance personnel during its operation. The wired telephone network in domestic NPPs can be simply connected to a wireless local area network to use wireless devices. This design change can improve the ability of the operators and personnel to respond to an emergency situation by using important equipment for a safe shutdown. IEEE 802.11 smartphones (Wi-Fi standard), Internet Protocol (IP) phones, personal digital assistant (PDA) for field work, notebooks used with web cameras, and remote site monitoring tablet PCs for on-site testing may be considered as wireless devices that can be used in domestic operating NPPs. Despite its advantages, wireless technology has only been used during the overhaul period in Korean NPPs due to the electromagnetic influence of sensitive equipment and cyber security problems. This paper presents the electromagnetic verification results from major sensitive equipment after using wireless devices in domestic operating NPPs. It also provides a solution for electromagnetic interference/radio frequency interference (EMI/RFI) from portable and fixed wireless devices with a Wi-Fi communication environment within domestic NPPs.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.4
• /
• pp.47-56
• /
• 2018

National-scale industrial control systems for gas, electric power, water processing, nuclear power, and traffic control systems increasingly use open networks and open standards protocols based on advanced information and communications technologies. The frequency of cyberattacks increases steadily because of the use of open networks and open standards protocols, but follow-up actions are limited. Therefore, the application of security solutions to an industrial control system is very important. However, it is not possible to apply security solutions to a real system because of the characteristics of industrial control systems. And a security system that can detect attacks without affecting the existing system is imperative. Therefore, in this paper, we propose an intrusion detection system based on packet analysis that can detect anomalous behaviors without affecting the industrial control system, and we verify the effectiveness of the proposed intrusion detection system by applying it in a test bed simulating a real environment.