skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Construction of a Cyber Attack Model for Nuclear Power Plants

Abstract

The consideration of how one compromised digital equipment can impact neighboring equipment is critical to understanding the progression of cyber attacks. The degree of influence that one component may have on another depends on a variety of factors, including the sharing of resources such as network bandwidth or processing power, the level of trust between components, and the inclusion of segmentation devices such as firewalls. The interactions among components via mechanisms that are unique to the digital world are not usually considered in traditional PRA. This means potential sequences of events that may occur during an attack may be missed if one were to only look at conventional accident sequences. This paper presents a method where, starting from the initial attack vector, the progression of a cyber attack can be modeled. The propagation of the attack is modeled by considering certain attributes of the digital components in the system. These attributes determine the potential vulnerability of a component to a class of attack and the capability gained by the attackers once they are in control of the equipment. The use of attributes allows similar components (components with the same set of attributes) to be modeled in the same way, therebymore » reducing the computing resources required for analysis of large systems.« less

Authors:
; ;
Publication Date:
Research Org.:
Idaho National Lab. (INL), Idaho Falls, ID (United States)
Sponsoring Org.:
USDOE Office of Nuclear Energy (NE)
OSTI Identifier:
1378337
Report Number(s):
INL/CON-17-41862
DOE Contract Number:  
DE-AC07-05ID14517
Resource Type:
Conference
Resource Relation:
Conference: 10th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human Machine Interface Technologies, San Francisco, CA, USA, June 11–15, 2017
Country of Publication:
United States
Language:
English
Subject:
22 GENERAL STUDIES OF NUCLEAR REACTORS; Cyberattack

Citation Formats

Varuttamaseni, Athi, Bari, Robert A., and Youngblood, Robert. Construction of a Cyber Attack Model for Nuclear Power Plants. United States: N. p., 2017. Web.
Varuttamaseni, Athi, Bari, Robert A., & Youngblood, Robert. Construction of a Cyber Attack Model for Nuclear Power Plants. United States.
Varuttamaseni, Athi, Bari, Robert A., and Youngblood, Robert. Mon . "Construction of a Cyber Attack Model for Nuclear Power Plants". United States. doi:. https://www.osti.gov/servlets/purl/1378337.
@article{osti_1378337,
title = {Construction of a Cyber Attack Model for Nuclear Power Plants},
author = {Varuttamaseni, Athi and Bari, Robert A. and Youngblood, Robert},
abstractNote = {The consideration of how one compromised digital equipment can impact neighboring equipment is critical to understanding the progression of cyber attacks. The degree of influence that one component may have on another depends on a variety of factors, including the sharing of resources such as network bandwidth or processing power, the level of trust between components, and the inclusion of segmentation devices such as firewalls. The interactions among components via mechanisms that are unique to the digital world are not usually considered in traditional PRA. This means potential sequences of events that may occur during an attack may be missed if one were to only look at conventional accident sequences. This paper presents a method where, starting from the initial attack vector, the progression of a cyber attack can be modeled. The propagation of the attack is modeled by considering certain attributes of the digital components in the system. These attributes determine the potential vulnerability of a component to a class of attack and the capability gained by the attackers once they are in control of the equipment. The use of attributes allows similar components (components with the same set of attributes) to be modeled in the same way, thereby reducing the computing resources required for analysis of large systems.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Mon May 01 00:00:00 EDT 2017},
month = {Mon May 01 00:00:00 EDT 2017}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share: