Cyber Security Threats And Response Models In Nuclear Power Plants

This SpringerBrief presents a brief introduction to probabilistic risk assessment (PRA), followed by a discussion of abnormal event detection techniques in industrial control systems (ICS). It also provides an introduction to the use of game theory for the development of cyber-attack response models and a discussion on the experimental testbeds used for ICS cyber security research. The probabilistic risk assessment framework used by the nuclear industry provides a valid framework to understand the impacts of cyber-attacks in the physical world. An introduction to the PRA techniques such as fault trees, and event trees is provided along with a discussion on different levels of PRA and the application of PRA techniques in the context of cybersecurity. A discussion on machine learning based fault detection and diagnosis (FDD) methods and cyber-attack detection methods for industrial control systems are introduced in this book as well. A dynamic Bayesian networks based method that can be used to detect an abnormal event and classify it as either a component fault induced safety event or a cyber-attack is discussed. An introduction to the stochastic game formulation of the attacker-defender interaction in the context of cyber-attacks on industrial control systems to compute optimal response strategies is presented. Besides supporting cyber-attack response, the analysis based on the game model also supports the behavioral study of the defender and the attacker during a cyber-attack, and the results can then be used to analyze the risk to the system caused by a cyber-attack. A brief review of the current state of experimental testbeds used in ICS cybersecurity research and a comparison of the structures of various testbeds and the attack scenarios supported by those testbeds is included. A description of a testbed for nuclear power applications, followed by a discussion on the design of experiments that can be carried out on the testbed and the associated results is covered as well. This SpringerBrief is a useful resource tool for researchers working in the areas of cyber security for industrial control systems, energy systems and cyber physical systems. Advanced-level students that study these topics will also find this SpringerBrief useful as a study guide.

The physical security of nuclear power plants (NPP) and their vulnerability to acts of terrorism was elevated to a national security concern following the 9/11 attacks. Since then, Congress has focused oversight and legislative attention on NPP security requirements. The Energy Policy Act of 2005 act required NRC to conduct ¿force-on-force¿ security exercises at NPP at least once every 3 years. In these exercises, a mock adversary force from outside a NPP attempts to penetrate the plant¿s vital area and simulate damage to key safety components. Contents of this report: Overview of Reactor Security; Design Basis Threat; Large Aircraft Crashes; Force-On-Force Exercises; Emergency Response; Spent Fuel Storage; and Security Personnel.

In Nuclear Infrastructure Protection and Homeland Security, authors Frank R. Spellman and Melissa L. Stoudt present all the information needed for nuclear infrastructure employers and employees to handle security threats they must be prepared to meet.

"This publication provides guidance specific to nuclear facilities on implementing a computer security programme and evaluating existing programmes. The use of computer systems to cover an increasing range of functions at nuclear facilities introduces new vulnerabilities that could seriously endanger nuclear security if not addressed in a rigorous and balanced manner. Digital systems are being increasingly introduced in safety, safety-related and security systems throughout facilities. Non-availability or malfunction of these systems can seriously impact nuclear safety and security, and potentially facilitate sabotage of the facility and/or theft of material. Computer security must, therefore, be a key component of overall facility security."--Provided by publisher.

Globally, the number of forcibly displaced persons looked after by the UNHCR has reached 51.2 million--the highest number since World War II. Energy is a major challenge, not only in terms of the high costs to donors but also the health, environmental, and social costs for refugees and their host communities. At present the energy needs of millions of displaced people are being met inadequately and inefficiently, and not through the most effective or carbon-efficient interventions. This Chatham House report will outline the case for finding sustainable energy solutions that improve outcomes for health, security, livelihoods, emissions, and cost savings.

Risk-informed Methods and Applications in Nuclear and Energy Engineering: Modelling, Experimentation, and Validation presents a comprehensive view of the latest technical approaches and experimental capabilities in nuclear energy engineering. Based on Idaho National Laboratory’s popular summer school series, this book compiles a collection of entries on the cutting-edge research and knowledge presented by proponents and developers of current and future nuclear systems, focusing on the connection between modelling and experimental approaches. Included in this book are key topics such as probabilistic concepts for risk analysis, the survey of legacy reliability and risk analysis tools, and newly developed tools supporting dynamic probabilistic risk-assessment. This book is an insightful and inspiring compilation of work from top nuclear experts from INL. Industry professionals, researchers and academics working in nuclear engineering, safety, operations and training will gain a board picture of the current state-of-practice and be able to apply that to their own risk-assessment studies. Based on Idaho National Laboratory’s summer school series, this book is a collection of entries from proponents and developers of current and future nuclear systems Provides an up-to-date view of current technical approaches and experimental capabilities in nuclear energy engineering, covering modeling and validation, and focusing on risk-informed methods and applications Equips the reader with an understanding of various case studies and experimental validations to enable them to carry out a risk-assessment study

The physical security of nuclear power plants and their vulnerability to deliberate acts of terrorism was elevated to a national security concern following the events of September 11, 2001. Title VI of the Energy Policy Act of 2005 regarding nuclear security amended the Atomic Energy Act with the addition of new provisions for security evaluations and rule making to revise the "Design Basis Threat." The act included provisions for fingerprinting and criminal background checks of security personnel, their use of firearms, and the unauthorized introduction of dangerous weapons. The designation of facilities subject to enforcement of penalties for sabotage expanded to include treatment and disposal facilities. As part of security response evaluations, the act requires the Nuclear Regulatory Commission (NRC) to conduct "force-on-force" security exercises at nuclear power plants at least once every three years, and revise the "design-basis threat" to consider a wider variety of potential attacks. The NRC has strengthened its regulations on nuclear power plant security, but critics contend that implementation by the industry has been too slow and that further measures are needed. Vulnerability to a deliberate aircraft crash remains an outstanding issue, as the latest NRC rule making addresses only newly designed plants. Shortcomings in the performance of security contractors has drawn the attention of Congress. This report will be updated as events warrant.

This publication provides detailed guidance on developing, implementing, and integrating computer security as a key component of nuclear security. This guidance applies to computer security aspects of nuclear security and its interfaces with nuclear safety and with other elements of a State’s nuclear security regime, including the security of nuclear material and nuclear facilities, of radioactive material and associated facilities, and of nuclear and other radioactive material outside of regulatory control. The scope of this publication includes: computer-based systems, the compromise of which could adversely affect nuclear security or nuclear safety; the State’s and relevant entities roles and responsibilities in relation to computer security in the nuclear security regime; the activities of the State in establishing and implementing a computer security strategy for nuclear security; the elements and measures for subordinate computer security programmes; and the activities to sustain the strategy.