skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: An Approach for Evaluating the Consequence of Cyber Attacks on Nuclear Power Plants

; ;
Publication Date:
Research Org.:
Brookhaven National Laboratory (BNL), Upton, NY (United States)
Sponsoring Org.:
American Nuclear Society
OSTI Identifier:
Report Number(s):
R&D Project: 80956
DOE Contract Number:
Resource Type:
Resource Relation:
Conference: PSA 2017 Conference (Probabilistic Safety Assessment); Pittsburgh, PA; 20170924 through 20170928
Country of Publication:
United States
98 NUCLEAR DISARMAMENT, SAFEGUARDS, AND PHYSICAL PROTECTION; Cyber security; thermal-hydraulics; Industrial Control systems (ICS)

Citation Formats

Varuttamaseni A., Bari R., and Youngblood, R. An Approach for Evaluating the Consequence of Cyber Attacks on Nuclear Power Plants. United States: N. p., 2017. Web.
Varuttamaseni A., Bari R., & Youngblood, R. An Approach for Evaluating the Consequence of Cyber Attacks on Nuclear Power Plants. United States.
Varuttamaseni A., Bari R., and Youngblood, R. Sun . "An Approach for Evaluating the Consequence of Cyber Attacks on Nuclear Power Plants". United States. doi:.
title = {An Approach for Evaluating the Consequence of Cyber Attacks on Nuclear Power Plants},
author = {Varuttamaseni A. and Bari R. and Youngblood, R.},
abstractNote = {},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Sun Sep 24 00:00:00 EDT 2017},
month = {Sun Sep 24 00:00:00 EDT 2017}

Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share:
  • The Stuxnet attack at the Natanz facility is an example of a targeted and successful cyber attack on a nuclear facility. Snowden's release of National Security Agency documents demonstrated the consequences of the insider threat. More recently, the United States tried to attack North Korea but failed, South Korea was attempting to attack North Korea, and both applied Stuxnet-like approaches. These sophisticated targeted attacks differ from web-site hacking events that are reported almost daily in the news mainly because targeted attacks require detailed design and operation information of the systems attacked and/or are often carried out by insiders. For instance,more » in order to minimize disruption of facilities around the world, Stuxnet remained idle until it recognized the specific configuration of the Natanz facility, demonstrating that the attackers possessed extremely detailed information about the facility. Such targeted cyber attacks could become a national-level military weapon and be used in coercion of hostile countries.« less
  • This paper provides an approach for developing potential attacks on I and C systems of NPPs and assessing their consequences. An important concept is that the NPPs were not designed to cope with Stuxnet-type of attacks (and any other cyber attacks). That is, the plants were only designed for design basis accidents. The safety margins and redundancies built in the design are all based on design basis accidents. They may be helpful in mitigating cyberattacks, but may not be adequate.
  • The consequences of severe accidents at nuclear power plants can be limited by various protective actions, including emergency responses and long-term measures, to reduce exposures of affected populations. Each of these protective actions involve costs to society. The costs of the long-term protective actions depend on the criterion adopted for the allowable level of long-term exposure. This criterion, called the ``long term interdiction limit,`` is expressed in terms of the projected dose to an individual over a certain time period from the long-term exposure pathways. The two measures of offsite consequences, latent cancers and costs, are inversely related and themore » choice of an interdiction limit is, in effect, a trade-off between these two measures. By monetizing the health effects (through ascribing a monetary value to life lost), the costs of the two consequence measures vary with the interdiction limit, the health effect costs increasing as the limit is relaxed and the protective action costs decreasing. The minimum of the total cost curve can be used to calculate an optimal long term interdiction limit. The calculation of such an optimal limit is presented for each of five US nuclear power plants which were analyzed for severe accident risk in the NUREG-1150 program by the Nuclear Regulatory Commission.« less
  • Abstract not provided.