Figure 2 - available via license: Creative Commons Attribution 4.0 International
Content may be subject to copyright.
Source publication
As digital instrumentation in Nuclear Power Plants (NPPs) is becoming increasingly complex, both attack vectors and defensive strategies are evolving based on new technologies and vulnerabilities. Continued efforts have been made to develop a variety of measures for the cyber defense of these infrastructures, which often consist in adapting securit...
Context in source publication
Context 1
... work by [45] determined the levels of CS protection for the subsystems and equipment of a digital I&C system of an NPP. These levels were determined using the CS defense-in-depth model, an example of which is shown in Figure 2. The authors tried to identify the potential CS risk factors, namely, assets, threats, and vulnerabilities. ...
Similar publications
The rise of the new generation of cyber threats demands more sophisticated and intelligent cyber defense solutions equipped with autonomous agents capable of learning to make decisions without the knowledge of human experts. Several reinforcement learning methods (e.g., Markov) for automated network intrusion tasks have been proposed in recent year...
Citations
... The method uses the monitoring background database and identifies the access nodes in the network by analyzing the confidence of access nodes. An access node identification model for defect detection is proposed [15]. For the access nodes that have completed the preliminary identification, the vulnerability detection of the network is started. ...
The reliability of nodes is rugged to determine, and the global accuracy is low in identifying secure access nodes of ubiquitous power network gateways. Therefore, this project intends to establish a universal power grid gateway security access node identification model. Sensor technology collects secure access nodes of IoT gateways and evaluates their reliability. It is integrated with the security level of the network to form a virtual security domain. Then, the access node is searched and controlled twice. The access node identification of the universal power IoT gateway is realized according to the reliability calculation. Simulation results show that under the same parameter conditions, when the node size increases and the number of malicious nodes increases, the proposed method can obtain higher accuracy of secure access to nodes. This proves the advantages of the proposed method.
... In [24], the focus is put on the identification of scientific papers discussing cybersecurity frameworks, standards, guidelines, best practices, and any additional cybersecurity protection measures for the nuclear domain. Safety issues are not covered, as well as cybersecurity and safety co-engineering were not addressed in this report. ...
The paper presents a mapping study of safety and cybersecurity assessment techniques used in critical industries such as nuclear power plants, the oil and gas sector, autonomous vehicles, railways, etc., with particular emphasis on instrumentation and control systems (I&C). Modern I&Cs are complex electronic systems comprising thousands of components, therefore their reliability and safety when employed in critical application domains are challenging. With the development and integration of Industry 4.0 technologies such systems become more open for communication and flexible usage due to gradual interconnection with public networks and the Internet, but new cybersecurity and safety challenges are introduced. This paper states research questions and provides analysis results of recent relevant sources. Initially, 320 records (acquired between 2018 and 2022 inclusive) were identified. Later on, 187 studies were processed to check eligibility criteria. Overall, this mapping study includes 49 papers, after examining the pre-defined criteria and guidelines. The results of the analysis performed allow to systemize techniques being utilized in practice right now, as well as to identify trends of further techniques development. In fact, although the techniques used are not novel and most of them have been used for decades, our study shows that there are still some new trends in this field. In particular, the unified safety and cybersecurity assessment technique is a promising research direction, worth further investigation.
... While air-gapping is largely secure, it is not perfect, as malware can still be uploaded to these systems via USB sticks and other portable electronics. A notable example of this is the Stuxnet virus that was uploaded to Iranian nuclear facility networks and destroyed many centrifuges [4]. If necessary, the most critical systems can use data diodes that allow for one-way network flow from more secure systems to less secure systems. ...
In recent years, countries across the world have started developing small modular reactors (SMRs), nuclear reactors that generally produce around 300 megawatts of electricity (MWe). Many believe this type of reactor could be key in helping countries achieve their net-zero goals, as they are theoretically less expensive and safer than their larger counterparts, which usually produce more than 500 MWe. SMRs will be assembled in factories and operated in a mostly remote manner, raising concerns about cybersecurity. This paper attempts to analyze the cybersecurity of traditional nuclear reactors and the cyber-physical systems they rely on, analyze the novel ways in which SMRs will be developed and operated, and then highlight how and why SMRs could be particularly vulnerable to cyber-attacks. This paper finds that SMRs will be more susceptible to cyber-attacks when compared to larger, more traditional reactors. Mitigations are offered that should increase the cyber-resilience of SMRs.
... Sänger et al. [9] investigated critical health infrastructure resilience, focusing primarily on water supply. Guo et al. [4] focus on resilience under disasters and disruptive events, and Chowdhury [22] focuses on cyber-security specifically for nuclear power plants. However, the research in this article stands apart from other works by focusing on human-based waste behaviours within the critical infrastructure domain, where limited work has been conducted. ...
... Within existing SLR reviews, the duration of the paper search period varies. For example, Chowdhury [22] considers works from the last 10 years, whereas Sänger et al. [9] include articles from the last 30. In [25,26], the authors consider articles from the last 5 years, and this is a process we have also adopted in this investigation. ...
... The selection of keywords is based on adopting a novel approach for the investigation. As defined in the Introduction, other SLR works tend to focus on synergies between natural resources [21], disaster management [4] or cyber-security [22]. However, at the time of writing this article, SLRs on waste behaviours within the critical infrastructure domain are lacking. ...
By 2050, according to the UN medium forecast, 68.6% of the world’s population will live in cities. This growth will place a strain on critical infrastructure distribution networks, which already operate in a state that is complex and intertwined within society. In order to create a sustainable society, there needs to be a change in both societal behaviours (for example, reducing water, energy or food waste activities) and future use of smart technologies. The main challenges are that there is a limited aggregated understanding of current waste behaviours within critical infrastructure ecosystems, and a lack of technological solutions to address this. Therefore, this article reflects on theoretical and applied works concerning waste behaviours, the reliability/availability and resilience of critical infrastructures, and the use of advanced technologies for reducing waste. Articles in the Scopus digital library are considered in the investigation, with 51 papers selected by means of a systematic literature review, from which 38 strains, 86 barriers and 87 needs are identified, along with 60 methods of analysis. The focus of the work is primarily on behaviours, barriers and needs that create an excess or wastage.
