A Robust Cybersecurity Solution Platform Architecture for Digital Instrumentation and Control Systems in Nuclear Power Facilities

Most nuclear power plants (NPPs) under construction or under design are expected to deploy largely digital instrumentation and control (I&C) systems. Current fleets are increasingly looking toward converting to digital I&C systems due to the advantages of precise control, economic operation,...

Full description

Saved in:
Bibliographic Details
Published in:Nuclear technology 2020-07, Vol.206 (7), p.939-950
Main Authors: Zhang, Fan, Hines, J. Wesley, Coble, Jamie B.
Format: Article
Language:English
Subjects:
Bayesian network
Cybersecurity architecture
digital instrumentation and control
false data injection
intrusion detection
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Most nuclear power plants (NPPs) under construction or under design are expected to deploy largely digital instrumentation and control (I&C) systems. Current fleets are increasingly looking toward converting to digital I&C systems due to the advantages of precise control, economic operation, and ease of procurement over conventional analog I&C systems. With all the benefits digital I&C systems bring, challenging cybersecurity concerns are introduced as well. Cyberattacks targeted at industrial control systems have grown in both frequency and capability in recent years. Despite efforts to air-gap digital I&C systems, NPPs can be vulnerable to these cyberattacks, as evidenced by recent cyber incidents at nuclear facilities. Cybersecurity of NPPs should be addressed in three complementary thrusts: cyberattack prevention, detection, and response. Considering the requirements of digital I&C systems, we propose a novel cybersecurity solution platform that consists of a data collection and extraction system, a multilayer cyberattack detection system, a cause analysis system with dynamic risk assessment, a cyberattack response system, and a main control room display system. This architecture also promotes cooperation between information technology experts and the operation technology team to improve cybersecurity by integrating process data together with traditional host system and network data in a unified platform. This paper presents the proposed cybersecurity architecture and demonstrates its efficacy with a simulated cyberattack on a cyber-physical system testbed. Together with traditional intrusion prevention methods and rule-based intrusion detection systems, this platform provides a solution for prevention, detection, and response to cyberattacks that is congruous with the defense-in-depth strategies of other NPP safety and security systems.
ISSN:0029-5450
1943-7471
DOI:10.1080/00295450.2019.1666599