skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Construction of a Cyber Attack Model for Nuclear Power Plants

Abstract

The consideration of how one compromised digital equipment can impact neighboring equipment is critical to understanding the progression of cyber attacks. The degree of influence that one component may have on another depends on a variety of factors, including the sharing of resources such as network bandwidth or processing power, the level of trust between components, and the inclusion of segmentation devices such as firewalls. The interactions among components via mechanisms that are unique to the digital world are not usually considered in traditional PRA. This means potential sequences of events that may occur during an attack may be missed if one were to only look at conventional accident sequences. This paper presents a method where, starting from the initial attack vector, the progression of a cyber attack can be modeled. The propagation of the attack is modeled by considering certain attributes of the digital components in the system. These attributes determine the potential vulnerability of a component to a class of attack and the capability gained by the attackers once they are in control of the equipment. The use of attributes allows similar components (components with the same set of attributes) to be modeled in the same way, therebymore » reducing the computing resources required for analysis of large systems.« less

Authors:
; ;
Publication Date:
Research Org.:
Idaho National Lab. (INL), Idaho Falls, ID (United States)
Sponsoring Org.:
USDOE Office of Nuclear Energy (NE)
OSTI Identifier:
1378337
Report Number(s):
INL/CON-17-41862
DOE Contract Number:
DE-AC07-05ID14517
Resource Type:
Conference
Resource Relation:
Conference: 10th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human Machine Interface Technologies, San Francisco, CA, USA, June 11–15, 2017
Country of Publication:
United States
Language:
English
Subject:
22 GENERAL STUDIES OF NUCLEAR REACTORS; Cyberattack

Citation Formats

Varuttamaseni, Athi, Bari, Robert A., and Youngblood, Robert. Construction of a Cyber Attack Model for Nuclear Power Plants. United States: N. p., 2017. Web.
Varuttamaseni, Athi, Bari, Robert A., & Youngblood, Robert. Construction of a Cyber Attack Model for Nuclear Power Plants. United States.
Varuttamaseni, Athi, Bari, Robert A., and Youngblood, Robert. Mon . "Construction of a Cyber Attack Model for Nuclear Power Plants". United States. doi:. https://www.osti.gov/servlets/purl/1378337.
@article{osti_1378337,
title = {Construction of a Cyber Attack Model for Nuclear Power Plants},
author = {Varuttamaseni, Athi and Bari, Robert A. and Youngblood, Robert},
abstractNote = {The consideration of how one compromised digital equipment can impact neighboring equipment is critical to understanding the progression of cyber attacks. The degree of influence that one component may have on another depends on a variety of factors, including the sharing of resources such as network bandwidth or processing power, the level of trust between components, and the inclusion of segmentation devices such as firewalls. The interactions among components via mechanisms that are unique to the digital world are not usually considered in traditional PRA. This means potential sequences of events that may occur during an attack may be missed if one were to only look at conventional accident sequences. This paper presents a method where, starting from the initial attack vector, the progression of a cyber attack can be modeled. The propagation of the attack is modeled by considering certain attributes of the digital components in the system. These attributes determine the potential vulnerability of a component to a class of attack and the capability gained by the attackers once they are in control of the equipment. The use of attributes allows similar components (components with the same set of attributes) to be modeled in the same way, thereby reducing the computing resources required for analysis of large systems.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Mon May 01 00:00:00 EDT 2017},
month = {Mon May 01 00:00:00 EDT 2017}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share:
  • Abstract not provided.
  • A cyber security self-assessment method (the Method) has been developed by Pacific Northwest National Laboratory. The development of the Method was sponsored and directed by the U.S. Nuclear Regulatory Commission. Members of the Nuclear Energy Institute Cyber Security Task Force also played a substantial role in developing the Method. The Method's structured approach guides nuclear power plants in scrutinizing their digital systems, assessing the potential consequences to the plant of a cyber exploitation, identifying vulnerabilities, estimating cyber security risks, and adopting cost-effective protective measures. The focus of the Method is on critical digital assets. A critical digital asset is amore » digital device or system that plays a role in the operation, maintenance, or proper functioning of a critical system (i.e., a plant system that can impact safety, security, or emergency preparedness). A critical digital asset may have a direct or indirect connection to a critical system. Direct connections include both wired and wireless communication pathways. Indirect connections include sneaker-net pathways by which software or data are manually transferred from one digital device to another. An indirect connection also may involve the use of instructions or data stored on a critical digital asset to make adjustments to a critical system. The cyber security self-assessment begins with the formation of an assessment team, and is followed by a six-stage process.« less
  • The international community agrees that the safe operation of civilian nuclear infrastructure is in every population’s best interest. One challenge each government must address is defining and agreeing to a set of acceptable norms of behavior in cyberspace as they relate to these facilities. The introduction of digital systems and networking technologies into these environments has led to the possibility that control and supporting computer systems are now accessible and exploitable, especially where interconnections to global information and communications technology (ICT) networks exist. The need for norms of behavior in cyberspace includes what is expected of system architects and cybermore » defenders as well as adversaries who should abide by rules of engagement even while conducting acts that violate national and international laws. The goal of this paper is to offer three behavioral cyber norms to improve the overall security of the ICT and Operational Technology (OT) networks and systems that underlie the operations of nuclear facilities. These norms of behavior will be specifically defined with the goals of reducing the threats associated to the theft of nuclear materials, accidental release of radiation and sabotage of nuclear processes. These norms would also include instances where an unwitting attacker or intelligence collection entity inadvertently makes their way into a nuclear facility network or system and can recognize they are in a protected zone and an approach to ensuring that these zones are not exploitable by bad actors to place their sensitive cyber effect delivery systems.« less