System-aware security for nuclear power systems

Jones, Rick A.; Nguyen, Trung‐Kien; Horowitz, Barry M.

doi:10.1109/ths.2011.6107875

Cited by 7 publications

(4 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, the operation of a turbine may be automatically controlled, but operators can observe critical information regarding the turbine's operation, such as vibration levels, temperature, and rotation rate. If the operator observes measurements that are outside the designated region of proper operation, specific manual actions can be required of the operator in order to avoid undesirable consequences [Jones, Nguyen, and Horowitz, 2011]. However, as was the case in the Stuxnet attacks, a cyber attacker can not only manipulate a physical system's performance through infections in its control system, but also can manipulate data presented to operators; data that can, when utilized within standard operating procedures, either stimulate inappropriate control actions or serve to prevent needed control actions on an operator's part.…”

Section: Introductionmentioning

confidence: 99%

The integration of diversely redundant designs, dynamic system models, and state estimation technology to the cyber security of physical systems

Horowitz

Pierce

2013

Systems Engineering

Self Cite

View full text Add to dashboard Cite

As exemplified in the 2010 Stuxnet attack on Iranian nuclear facilities, cyber attackers have capabilities to embed disruptive infections into equipment that is employed within physical systems. This paper presents a cyber security design approach that addresses cyber attacks that include modification of operator displays used for support in managing software controlled automated systems. This class of problems is especially important because our nation's critical infrastructures include such systems. In addition, many other systems, such as surveillance systems, navigation systems, and communications systems, are candidates for such solutions as they continue to become more and more automated. The suggested design approach builds upon fault–tolerant and automatic control system techniques that, with important and necessary modifications, are the basis for providing improved cyber security. In particular, the appropriate combination of diversely redundant security designs coupled with system dynamics models and state estimation techniques provide a potential means for detecting purposeful adjustments to operator displays. This paper provides a theoretical approach for designing such solutions and a corresponding set of examples with simulation–based results. In addition, the paper includes a discussion of important implementation requirements for greater assurance of such physical system security solutions. © 2013 Wiley Periodicals, Inc. Syst Eng 16

show abstract

Section: Introductionmentioning

confidence: 99%

The integration of diversely redundant designs, dynamic system models, and state estimation technology to the cyber security of physical systems

Horowitz

Pierce

2013

Systems Engineering

Self Cite

View full text Add to dashboard Cite

show abstract

“…The authors of [47] laid out a new systems-engineering-focused approach for addressing threats to NPPs, which they named System-Aware Security (SAS) for NPPs. The authors theoretically demonstrated a possible application of the methodology in order to address cyber attacks employed via embedded infections in NP systems.…”

mentioning

confidence: 99%

CS Measures for Nuclear Power Plant Protection: A Systematic Literature Review

Chowdhury

2021

Signals

View full text Add to dashboard Cite

As digital instrumentation in Nuclear Power Plants (NPPs) is becoming increasingly complex, both attack vectors and defensive strategies are evolving based on new technologies and vulnerabilities. Continued efforts have been made to develop a variety of measures for the cyber defense of these infrastructures, which often consist in adapting security measures previously developed for other critical infrastructure sectors according to the requirements of NPPs. That being said, due to the very recent development of these solutions, there is a lack of agreement or standardization when it comes to their adoption at an industrial level. To better understand the state of the art in NPP Cyber-Security (CS) measures, in this work, we conduct a Systematic Literature Review (SLR) to identify scientific papers discussing CS frameworks, standards, guidelines, best practices, and any additional CS protection measures for NPPs. From our literature analysis, it was evidenced that protecting the digital space in NPPs involves three main steps: (i) identification of critical digital assets; (ii) risk assessment and threat analysis; (iii) establishment of measures for NPP protection based on the defense-in-depth model. To ensure the CS protection of these infrastructures, a holistic defense-in-depth approach is suggested in order to avoid excessive granularity and lack of compatibility between different layers of protection. Additional research is needed to ensure that such a model is developed effectively and that it is based on the interdependencies of all security requirements of NPPs.

show abstract

“…To this extent, this study develops, and validates detection methods based on the behavior of residuals between disparate navigation units commonly used in UAV navigation. Section 3.1 argues for the use of a set of diverse, redundant navigation components to diminish the chances of adversarial supply chain attacks [7,21].…”

Section: Section 3: Methodsmentioning

confidence: 99%

“…Jones et al [7] introduces architecture has been conceptually applied to controllers for nuclear power systems [21] and shipboard control systems [22] using design patterns under the System-Aware umbrella. Unlike the traditional perimeter defense where users are interested in authentication, signature defense, information anomalies, etc., System-Aware simplified defense to fact-checking and searching for inconsistencies among its critical components.…”

Section: System-aware Cyber Securitymentioning

confidence: 99%

A Method for the Detection and Diagnosis of Stealthy False Data Injection Attacks in Cyber-Physical Systems

Pulido¹

View full text Add to dashboard Cite

Cyber-Physical Systems (CPS) combine computational, communication, sensory and control capabilities to monitor and regulate physical domain processes. CPSs are becoming increasingly networked with the cyber world, opening access to communication with control rooms, command and control stations, other computer based systems, or even the Internet. Examples of cyber-physical systems include transportation networks, Unmanned Aerial Vehicle Systems (UAV's), nuclear power generation, electric power distribution networks, water and gas distribution networks, and advanced communication systems. In all cases, current technology has introduced the capability of integrating information from numerous instrumentation and control systems and transmitting needed information to operations personnel in a timely manner. While the application of perimeter security technologies has been utilized to help manage the possibility of cyber attackers exploiting highly automated cyber physical systems, the rate of successful attacks against critical infrastructures continues to be problematic and increasing [1]. Furthermore, the trend in adversarial attacks is moving toward well-formed coordinated multi-vector attacks that compromise the system in such a way that detection and identification is challenging for perimeter security solutions and human monitoring. This research effort constructed a methodology to defend against stealthy, low probability of detection, and high impact cyber-attacks on CPS. The goal is to increase the level of difficulty to perform a stealthy attack by improving the probability of detection, isolation and limiting the impact of an attack. The study uses the example of a UAV navigation system comprising of a redundant set of INS and GPS units solving the problem posed by Kwon et al [2] that there exist false injection attacks that evade fault detection techniques, allowing the adversary to deviate an aircraft. The examined architecture is comprised of a diverse sensory architecture within the CPS, avoiding supply chain vulnerabilities, and provides several possible trustworthy references. Expanding from a system with multiple components, a similarity measurement between INSs and GPSs is developed leveraging their unique characteristics and relationship. Assuming that an adversary is restricted to attacking a singular navigation component, the method is able to detect and isolate persistent cyber-attack for a large enough deviation.

show abstract

System-aware security for nuclear power systems

Cited by 7 publications

References 8 publications

The integration of diversely redundant designs, dynamic system models, and state estimation technology to the cyber security of physical systems

The integration of diversely redundant designs, dynamic system models, and state estimation technology to the cyber security of physical systems

CS Measures for Nuclear Power Plant Protection: A Systematic Literature Review

A Method for the Detection and Diagnosis of Stealthy False Data Injection Attacks in Cyber-Physical Systems

Contact Info

Product

Resources

About