Cyber Security Analysis for Nuclear Reactor Control Systems (Final Technical Report)

Hawrylak, Peter J.; Hale, John; Papa, Mauricio; Edgar, Thomas; Craig, Philip; Wall, Donald; Hines, Corey

doi:10.2172/1650024

Title: Cyber Security Analysis for Nuclear Reactor Control Systems (Final Technical Report)

Technical Report · Tue Dec 29 00:00:00 EST 2020

DOI:https://doi.org/10.2172/1650024· OSTI ID:1650024

^[1]; Hale, John ^[1]; Papa, Mauricio ^[1]; Edgar, Thomas ^[2]; Craig, Philip ^[2]; Wall, Donald ^[3]; Hines, Corey ^[3]

Univ. of Tulsa, OK (United States)
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Washington State Univ., Pullman, WA (United States)

This project investigated the cyber-security impacts of moving from an all analog, point-to-point, instrumentation and control (I&C) system to a digital I&C system based on Modbus and a shared communication medium. A formalism called a hybrid attack graph was expanded to support the nuclear research reactor system. The hybrid attack graph allows one to check a system for vulnerabilities, in this case cyber-security vulnerabilities, and to document the attack vectors (scenarios) causing those vulnerabilities. In parallel, a simulation of the system was developed to model both the physical reactor parameters and operations, as well as the network interconnects and communications. This simulation platform was modeled on the nuclear research reactor located at Washington State University. The simulation platform provided a sandbox to evaluate and quantify the impact of identified and proposed vulnerabilities in the system and to determine the effectiveness of countermeasures at stopping these attacks. The simulation and hybrid attack graph tools were integrated to provide a streamlined process of generating attack scenarios, playing those scenarios out in the simulation, and then analyzing the results to correlate system state to states in the hybrid attack graph. This process was used to (1) quantify the impact of attack scenarios and (2) to determine if the system moved through the hybrid attack graph as anticipated. The hybrid attack graph tool was extended and customized to produce a tool to automatically identify critical assets (CAs) and critical digital assets (CDAs) as defined by NRC Regulatory Guide 5.71. This tool was verified using the nuclear research reactor at Washington State University. Finally, a series of educational modules covering the findings of the different aspects of this research have been created.

View Technical Report

Cite

Export

Save

Research Organization:: Univ. of Tulsa, OK (United States); Washington State Univ., Pullman, WA (United States); Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

Sponsoring Organization:: USDOE Office of Nuclear Energy (NE)

DOE Contract Number:: NE0008422

OSTI ID:: 1650024

Report Number(s):: DOE-TULSA-8422-1; 15-8228; TRN: US2202061

Country of Publication:: United States

Language:: English

Similar Records

RiskFirst WholF Platform Tool: A Probabilistic, Risk-Informed Whole of Facility Modeling and Simulation For Effective Nuclear System A2D Transition

Technical Report · Tue Apr 23 00:00:00 EDT 2019 · OSTI ID:1650024

Schultz, Craig; Compton, John; Evancich, Nicholas; +3 more

Nuclear Power Plant Cyber Security Discrete Dynamic Event Tree Analysis (LDRD 17-0958) FY17 Report

Technical Report · Fri Sep 01 00:00:00 EDT 2017 · OSTI ID:1650024

Wheeler, Timothy A.; Denman, Matthew R.; Williams, R. A.; +2 more

A critical review of cyber-physical security for building automation systems

Journal Article · Thu Mar 09 00:00:00 EST 2023 · Annual Reviews in Control · OSTI ID:1650024

Li, Guowen; Ren, Lingyu; Fu, Yangyang; +7 more

Related Subjects

97 MATHEMATICS AND COMPUTING
cyber-security
cyber-physical security
attack modeling
hybrid attack graphs
simulation
digital instrumentation and control
instrumentation and control system

Title: Cyber Security Analysis for Nuclear Reactor Control Systems (Final Technical Report)

Citation Formats

Similar Records

Related Subjects