A testbed to simulate cyber attacks on nuclear power plants

Nuclear power plants are critical infrastructures that must be safe and secure from undesirable intrusions: these intrusions are both physical and cyber. The increasing usage of digital control and computer systems, for supervisory control and data acquisition in the control rooms of new generation nuclear reactors, has introduced several cyber security issues that must be addressed. One of the most significant problems is that this new technology has increased the vulnerability of the nuclear power plant to cyber security threats. Furthermore, this exposed vulnerability is one of the main reasons that the transition to digital control rooms connected to enterprise network (or the internet) has been slow and hesitant. In order to address these issues and ensure that a digital control system is safe and secure from undesirable intrusions, the system must go through extensive tests and validation. These tests will verify that systems are safe and properly functioning. The vulnerabilities of a nuclear power plant can be determined through conducting cyber security exercises, cyber security attacks scenarios, and simulated attacks. All these events can be performed using the control room in the nuclear power plant, but it is a complicated and hampered process because of the complex hardware and software interactions that must be considered. Control rooms are also not ideal places to test various cyber attacks and scenarios because any mishap can lead to detrimental impacts on the nearby surroundings. This research attempts to present our approach to build a comparative testbed that captures the relevant complexity of a nuclear power plant. A testbed is developed and designed to assess the vulnerabilities that are introduced by using public networks for communications. The testbed is also used to simulate different cyber attack scenarios and it will serve to present detection mechanisms that are based on the understanding of the controlled physical system

Continued safe operation of nuclear power generation plants during the Covid-19 pandemic

An important goal of any pandemic response strategy is to assure the continued reliability of the electricity grid. Electricity production and delivery, two of the most important elements of economic and social infrastructure, must remain reliable during a pandemic because many parts of the infrastructure (e.g. food supply, water, transportation, public health) cannot function without a stable, reliable supply of electricity. More than 100 nuclear power reactor units are currently in operation in the EU and their continued operation during a pandemic is essential to maintain grid stability and ensure the needed power supplies in combination with the other sources of power generation. This report provides an overview of the findings of an investigation into the pandemic preparedness and response actions of nuclear power plant operating organisations in EU and some third countries operating nuclear power reactors. The investigation has been performed by means of media monitoring and information gathering during approximately three weeks, from 16 March – 3 April 2020.JRC.G.10-Knowledge for Nuclear Security and Safet

Legal Feasibility of Schengen-like Agreements in European Energy Policy: The Cases of Nuclear Cooperation and Gas Security of Supply

European energy policy is characterized by a complex allocation of authority between the European Union and its Member States which results in an intricate interplay of regulatory competence. Knowing the difficulties European countries face in coordinating and proposing common solutions in the area of energy, there is the urgent need to question the legal foundations underlying the decisionmaking process. Institutional paralysis, low reactivity to events and changes as well as systematic political horse-trading across all questions call for an alternative framework allowing some pioneering Member States to promote ad hoc common policies escaping the formal and procedural requirements of EU law. Our paper assesses the legal feasibility of short-run differentiation by means of partial international agreements inspired by the Schengen regime, namely entirely outside the EU framework. The key challenge from a legal point of view is to assess the substantive compatibility of such agreements in energy with the existing rules of the Union. Short run differentiation in energy cannot indeed be assessed at a high level of generalities. We therefore take two areas where legally-binding coordination at the sub-Union level is often called for: nuclear policy and gas security of supply. The possible substantive content of such cooperation is derived from the economic and political literature before legal feasibility is assessed. Our findings suggest that the scope for such agreements is limited for security of gas supply whereas it could be an improved cooperation device in certain areas of nuclear policy.Schengen

DYNAMIC BEHAVIOR OF OPERATING CREW IN COMPLEX SYSTEMS: AN OBJECT-BASED MODELING & SIMULATION APPROACH

High-risk environments such as the control room of Nuclear Power Plants are extremely stressful for the front line operators; during accidents and under high task load situations, the operators are solely responsible for the ultimate decision-making and control of such complex systems. Individuals working as a team constantly interact with each other and therefore introduce team related issues such as coordination, supervision and conflict resolution. The aggregate impact of multiple human errors inside communication and coordination loops in a team context can give rise to complex human failure modes and failure mechanisms. This research offers a model of operating crew as an interactive social unit and investigates the dynamic behavior of the team under upset situations through a simulation method. The domain of interest in this work is the class of operating crew environments that are subject to structured and regulated guidelines with formal procedures providing the core of their response to accident conditions. In developing the cognitive models for the operators and teams of operators, their behavior and relations, this research integrates findings from multiple disciplines such as cognitive psychology, human factors, organizational factors, and human reliability. An object-based modeling methodology is applied to represent system elements and different roles and behaviors of the members of the operating team. The proposed team model is an extended version of an existing cognitive model of individual operator behavior known as IDAC (Information, Decision, and Action in Crew context). Scenario generation follows DPRA (Dynamic Probabilistic Risk Assessment) methodologies. The method capabilities are demonstrated through building and simulating a simplified model of a steam/power generating plant. Different configurations of team characteristics and influencing factors have been simulated and compared. The effects of team factors and crew dynamics on system risk with main focus on team errors, associated causes and error management processes and their impact on team performance have been studied through a large number of simulation runs. The results are also compared with several theoretical models and empirical studies

WTEC panel report on European nuclear instrumentation and controls

Control and instrumentation systems might be called the 'brain' and 'senses' of a nuclear power plant. As such they become the key elements in the integrated operation of these plants. Recent developments in digital equipment have allowed a dramatic change in the design of these instrument and control (I&C) systems. New designs are evolving with cathode ray tube (CRT)-based control rooms, more automation, and better logical information for the human operators. As these new advanced systems are developed, various decisions must be made about the degree of automation and the human-to-machine interface. Different stages of the development of control automation and of advanced digital systems can be found in various countries. The purpose of this technology assessment is to make a comparative evaluation of the control and instrumentation systems that are being used for commercial nuclear power plants in Europe and the United States. This study is limited to pressurized water reactors (PWR's). Part of the evaluation includes comparisons with a previous similar study assessing Japanese technology

Electric System Vulnerabilities: a State of the Art of Defense Technologies

Vulnerability of the European electrical infrastructure appears to be growing due to several factors: - demand is always growing, and, although this growth may be forecast, it cannot be anytime easily faced; - transactions increase, following electrical system liberalisation, and this involves operating the whole infrastructure closer to the system capacity and security limits; - an increased control systems complexity, required for secure system operation, may in turn raise system vulnerability, due both to accidental faults and malicious attacks; - critical infrastructures, and the electrical system primarily, are well known to be a privileged target in warfare, as well as terrorist attacks. In recent years, both Europe and America have experienced a significant number of huge blackouts, whose frequency and impact looks progressively growing. These events had common roots in the fact that current risk assessment methodologies and current system controls appear to be no longer adequate. Beyond the growing complexity of the electrical system as a whole, two main reasons can be listed: - system analysis procedures based on these methodologies did not identify security threats emerging from failures of critical physical components; - on-line controls were not able to avoid system collapse. This report provides a state-of-the-art of the technology on both regards: - as far as risk assessment methodologies are concerned, an overview of the conceptual power system reliability framework is provided, and the current N-1 principle for risk assessment in power systems is introduced, together with off-the-shelf enforcement methodologies, like optimal power flow. Emerging methodologies for dynamic security assessment are also discussed. The power system reliability approach is compared with the global approach to dependability introduced by computer scientists, and the conceptual clashes pointed out. Ways ahead to conciliate both views are outlined. - concerning power system controls, the report overviews the existing defense plans, making specific reference to the current Italian situation. The two major recent blackout events in the American North East and Italy are analysed, and the drawbacks of the existing arrangements and the installed control systems are discussed. Emerging technologies, such as phasor measurement units and wide area protection are introduced. Their likely impact on the existing control room is discussed. Finally, potential cyber vulnerabilities of the new control systems are introduced, the role of communication standards in that context is discussed, and an overview of the current state of the art is presented.JRC.G.6-Sensors, radar technologies and cybersecurit

Challenges in Collaborative HRI for Remote Robot Teams

Collaboration between human supervisors and remote teams of robots is highly challenging, particularly in high-stakes, distant, hazardous locations, such as off-shore energy platforms. In order for these teams of robots to truly be beneficial, they need to be trusted to operate autonomously, performing tasks such as inspection and emergency response, thus reducing the number of personnel placed in harm's way. As remote robots are generally trusted less than robots in close-proximity, we present a solution to instil trust in the operator through a `mediator robot' that can exhibit social skills, alongside sophisticated visualisation techniques. In this position paper, we present general challenges and then take a closer look at one challenge in particular, discussing an initial study, which investigates the relationship between the level of control the supervisor hands over to the mediator robot and how this affects their trust. We show that the supervisor is more likely to have higher trust overall if their initial experience involves handing over control of the emergency situation to the robotic assistant. We discuss this result, here, as well as other challenges and interaction techniques for human-robot collaboration.Comment: 9 pages. Peer reviewed position paper accepted in the CHI 2019 Workshop: The Challenges of Working on Social Robots that Collaborate with People (SIRCHI2019), ACM CHI Conference on Human Factors in Computing Systems, May 2019, Glasgow, U

Regulatory oversight of nuclear safety in Finland : Annual report 2020

Introduction This report is an account on regulatory oversight in the field of nuclear energy provided by the Radiation and Nuclear Safety Authority (STUK) to the Ministry of Economic Affairs and Employment (TEM) once a year as required by Section 121 of the Nuclear Energy Decree (161/1988). The report will also be provided to the Ministry of Social Affairs and Health, the Ministry of the Environment, the Finnish Environment Institute and to the environmental authorities of the nuclear facility municipalities. The report is a summary of regulatory oversight of safety in the use of nuclear energy performed by STUK and of the related results in 2020. STUK’s nuclear safety regulation, as presented in the report, covers the essential oversight data related to the design, construction, commissioning, operation and decommissioning of nuclear facilities. In addition, the report covers similar data on other uses of nuclear energy, including nuclear waste management and nuclear materials. In addition to actual oversight of safety, the report describes, among other things, the development and implementation of the regulations concerning the use of nuclear energy during the year and the main characteristics of the safety research programmes pertaining to nuclear safety and nuclear waste management in Finland. The report appendices contain significant events at the nuclear power plants and inspection summaries of STUK’s inspection programmes. In addition, a summary of the licences accordant with the Nuclear Energy Act granted by STUK in 2020, as required by the Nuclear Energy Decree, is appended to the report. STUK’s Financial Statements and Annual Report 2020 includes an assessment of meeting the performance targets under the performance agreement between the Ministry of Social Affairs and Health and STUK also in view of regulatory oversight in the use of nuclear energy