Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Governance of Dual-Use Technologies: Theory and Practice

The term dual-use characterizes technologies that can have both military and civilian applications. What is the state of current efforts to control the spread of these powerful technologies—nuclear, biological, cyber—that can simultaneously advance social and economic well-being and also be harnessed for hostile purposes? What have previous efforts to govern, for example, nuclear and biological weapons taught us about the potential for the control of these dual-use technologies? What are the implications for governance when the range of actors who could cause harm with these technologies include not just national governments but also non-state actors like terrorists? These are some of the questions addressed by Governance of Dual-Use Technologies: Theory and Practice, the new publication released today by the Global Nuclear Future Initiative of the American Academy of Arts and Sciences. The publication's editor is Elisa D. Harris, Senior Research Scholar, Center for International Security Studies, University of Maryland School of Public Affairs. Governance of Dual-Use Technologies examines the similarities and differences between the strategies used for the control of nuclear technologies and those proposed for biotechnology and information technology. The publication makes clear the challenges concomitant with dual-use governance. For example, general agreement exists internationally on the need to restrict access to technologies enabling the development of nuclear weapons. However, no similar consensus exists in the bio and information technology domains. The publication also explores the limitations of military measures like deterrence, defense, and reprisal in preventing globally available biological and information technologies from being misused. Some of the other questions explored by the publication include: What types of governance measures for these dual-use technologies have already been adopted? What objectives have those measures sought to achieve? How have the technical characteristics of the technology affected governance prospects? What have been the primary obstacles to effective governance, and what gaps exist in the current governance regime? Are further governance measures feasible? In addition to a preface from Global Nuclear Future Initiative Co-Director Robert Rosner (University of Chicago) and an introduction and conclusion from Elisa Harris, Governance of Dual-Use Technologiesincludes:On the Regulation of Dual-Use Nuclear Technology by James M. Acton (Carnegie Endowment for International Peace)Dual-Use Threats: The Case of Biotechnology by Elisa D. Harris (University of Maryland)Governance of Information Technology and Cyber Weapons by Herbert Lin (Stanford University

Regulatory Perspective on Nuclear Cyber Security: The Fundamental Issues

We are living in a digital and information-driven age; hence need to retain information on virtually every aspect of our lives, nuclear information inclusive. Security in computer systems is strongly related to the notion of dependability. For such system to be reliable and secure in a nuclear facility, unauthorized logic changes must be prevented - confidentiality, field device inputs and outputs must remain immutable throughout their usable lifetime - integrity, and everything should remain in an operable state - availability. The dynamic and complex nature of cyber threats has made it a serious challenge to secure computer systems in nuclear facilities. Despite the adoption of varied cyber security services, policies, mechanisms, strategies and regulatory frameworks like confidentiality, integrity, availability, non-repudiation, encipherment, defence-in-depth, design basis threat, IAEA technical guidance documents such as: GS-R-1, GS-R-2, NSS13, NSS17, NST036, NST045, and NST047, IEEE standard 7-4.3.2-2010, NIST SP 800-53, NIST SP 800-82, NEI 08-09 and country-specific requirements such as: 10 CFR 73.54, 10 CFR 73.1, RG 5.71 (USNRC), KINS/RG-N08.22 (South Korea) respectively, the threats remain persistent. This paper is aimed at providing a regulatory perspective on nuclear cyber security, its relationship to nuclear safety and security, regulatory requirements and cyber security global best practice recommendations and strategies to prevent its occurrence. This is imperative as Nigeria prepares to join the league of countries with operational nuclear power plants and reactors by its approval and adoption of the nuclear power programme roadmap in 2007

Model-Based Cyber-Security Framework for Nuclear Power Plant

A model-based cyber-security framework has been developed to address the new challenges of cyber threats due to the increasing implementation of digital components in the instrumentation and control (I&C) system of modern nuclear power plants. The framework is developed to detect intrusions to pressurized water reactor (PWR) systems that could result in unnecessary reactor shutdown events due to out-of-range water levels of steam generators. The generation of potential attack scenarios demonstrated a process for identifying the most susceptible attack pathways and components in the I&C system. It starts with identifying two key I&C divisions of the modern AP1000 design related to the reactor trip functions, protection and safety monitoring system, and plant control system. The attack tree analysis is performed on the steam generator (SG) water level control system using the SAPHIRE 8.0.9 code. To quantify the system susceptibility to cyber-attack events, causing reactor trips, we propose sensitivity metrics to identify the low-order sets of components that may be compromised and the degree of perturbations needed for each component. The multi-path event tree (MPET) structures are developed to efficiently and intuitively display a large number of dominant or risk-significant attack scenarios instead of the traditional event trees representing minimal cut sets. A reduced order model (ROM) has been developed to efficiently represent the SG dynamics and facilitate the detection of potential cyber-attacks. The dynamic ROM is built on the energy balance equation for a single vertical boiling channel approximating a U-tube steam generator. The ROM provides an essential relationship connecting the reactor power, water level, and feedwater flow rate. An application programming interface (API) for the I&C systems serving as the interface between the RELAP5 system code and the ROM has been developed. A Kalman filtering based detection method has been proposed, providing optimal tracking of SG water level combining the uncertain simulation results with the observation data subject to statistical fluctuations. An observed plant state with significant deviation from the optimal system projection could then indicate potential intrusions into the system. Finally, a mitigation strategy considering the controller feedback is proposed to avoid the reactor trip due to attack on SG water level sensors. The worst-case attack within this issue space is defined, and the maximum delay time allowed for the mitigation is obtained.PHDNuclear Engineering & Radiological SciencesUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/162955/1/gjunjie_1.pd

Cyber Security for Microreactors in Advanced Energy Systems

Demand for clean and resilient energy has led to new and advancing frontiers of energy development in nuclear technology, specifically in the development of microreactors. These miniaturised modular reactors are generally \u3c 20 megawatts thermal (MWt) or 10 megawatts electric (MWe) and offer new opportunities to meet energy needs in remote locations and mobile operations. As with the slightly larger small modular reactors (\u3c 300 MWe), microreactor development must demonstrate security and safety, as well as economic competitiveness, to be seen as potential opportunities for new applications. Current research focuses on passive safety features, capital costs, reliability, semi-autonomous or autonomous control, cyber informed design, digital twins and non-proliferation. This paper focuses specifically on microreactor cyber informed design and cyber risk. An overview of microreactor technology provides a basis for examining the cyber nuclear playing field, with an emphasis on the USA. Frameworks for evaluating cyber security threats, and thereby designing for them, are reviewed. Recommendations follow with ideas for future research