Enhancing Computer Security Incident Analysis at Nuclear Facilities

Closed for proposals

Project Type

Coordinated Research Project

Project Code

J02008

CRP

2119

Approved Date

13 November 2015

Status

Closed

Start Date

14 July 2016

Expected End Date

31 January 2021

Completed Date

10 November 2021

Participating Countries

Argentina

Austria

Brazil

Canada

China

Germany

Ghana

Hungary

Mexico

Pakistan

Poland

Republic of Korea

United States of America

Description

This CRP will explore key areas such as good practices, technology, analytical methods, and recommended procedures for response including forensic activities for computer security incidents at nuclear facilities. The results of this CRP will be published as a nuclear security non-serialized report and will additionally serve to inform nuclear security guidance and training development. This CRP provides the opportunity to participate in four activities to enhance computer security incident analysis and response: (1) Operator support for computer security incident recognition and response; (2) Analysis and technology support for computer security incident response; (3) Computer security Information Exchange; and (4) Cyber Crime Investigation. The objective of this CRP is to conduct activities which improve computer security capabilities at nuclear facilities to support the prevention and detection of, and response to, computer security incidents that have the potential to either directly or indirectly adversely affect nuclear safety and nuclear security.

Objectives

The primary objective of this CRP is to improved computer security capabilities at the nuclear facilities to support the prevention and detection of, and response to, computer security incidents that have the potential to either directly or indirectly adversely affect nuclear safety and nuclear security. The secondary objective is to establish an international community of experts that will facilitate the exchange of good practices in the field of computer security incident response at nuclear facilities.

Specific objectives

Support for cyber crime investigation at nuclear facilities

Provide operator support in computer security incident recognition and response

Promote computer security information exchange among Member States

Provide analysis, methods and technologies to support computer security incident response

Impact

The CRP has been acknowledged as opening up a field of research that was either not available or incredibly burdensome to complete. That is the design and development of targeted computer security measures supporting protection from, detection of, and response to cyber-attacks against nuclear facilities. Previously the only means of embarking on such research was to partner with a nuclear facility and either i) capture data from the facility that would likely be considered sensitive information, or ii) introduce hardware/software within the control system environment in compliance with the local change control processes. Both of these potential approaches were found to be heavily burdensome as they add significant additional engineering time to the development of computer security measures specific to nuclear facilities. The coordinated work performed within the CRP ensured that the development of the components of the Asherah reference hypothetical facility would allow new technologies to be tried and tested against data sets produced by the simulator. These data sets are representative of what would be found within a nuclear facility allowing the early development to occur by research organizations, academia, and other institutions who might not have the resources and connections to partner with a nuclear facility.

CRP results have been published at major IAEA and third-party conferences and in recognized journals and publications. There has been a significant interest in the results and products produced being requested and adopted by other IAEA departments, states (domestically and as part of bilateral nuclear security programmes), competent authorities, academic and private organizations. The outputs have demonstrated value in not just fundamental research but also the practical implementation of ongoing education, training, and awareness activities to advance computer security for nuclear security.

Relevance

The CRP began at a time when computer security measures for nuclear facilities were largely commodity measures, taken from standard information technology environments, and applied to the operational technology environment of a nuclear facility- while these provided a degree of protection it was recognized during the IAEA International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange 2015 that more tailored and systematic approaches to computer security were required to ensure ongoing protection against evolving cyber threats. The CRP provided just that, an early exploration of the use of Artificial Intelligence for computer security purposes, Digital Twins, and the vulnerability assessment of dedicated I&C technologies for nuclear facilities. This work and the open nature of the CRP platform has seen the project and the involved institutes internationally recognised within and supporting the global development of these topical areas. As a subjective evaluation the timing, investment, research objectives, and open ethos of the CRP has significantly contributed to the direction of information and computer security for nuclear facilities particularly in opening up opportunities for global exchange and collaboration without the high cost and regulatory burdens traditionally encountered in this area.

CRP Publications

Type

Press Release

Year

2020

Description

Brasil conduz pesquisas em segurança digital de plantas nucleares, interview June 23, 2020. https://jornal.usp.br/ciencias/brasil-conduz-pesquisas-em-seguranca-digital-de-plantas-nucleares/, acessed in January 24 2021.

Country/Organization

BRA / USP

Type

Presentation

Year

2018

Publication URL

https://www.thinkmind.org/articles/securware_2018_5_30_30092.pdf

Description

Taehee Kim, Soomin Lim, and Sangwoo Kim, "The Probable Cyber Attack Concept Exploiting Interrupt Vulnerability in Nuclear Power Plants", SECURWARE 2018 : The Twelfth International Conference on Emerging Security Information, Systems and Technologies, 2018

Country/Organization

ROK / KINAC

Type

Demonstration

Year

2020

Description

David Allison, Paul Smith: “A Computer Security Attack Targeting a Hypothetical Nuclear Facility,” Demonstration at IAEA International Conference on Nuclear Security: Sustaining and Strengthening Efforts, Vienna, Austria, February 2020.

Country/Organization

AUS / AIT

Type

Paper

Year

2020

Publication URL

https://dl.gi.de/handle/20.500.12116/34718

Description

Deeksha Gupta, Yongjian Ding, Dharini Govindaraj, Mathias Lange, Martin Szemkus, Karl Waedt, “Simulation Model for Threat and Impact Analysis on Modern Electrical Power Systems” INFORMATIK 2020, 28. September – 2. October 2020, Karlsruhe.

Country/Organization

GFR / Framatome

Type

Presentation

Year

2018

Description

Mislav Findrik and Paul Smith: "The SIREN Project: Technologies for Ensuring Safe and Secure Incident Response Strategies for Nuclear Facilities," 1st Workshop on Cyber-Physical Systems Security and Resilience (CPS-SR), April, 2018, Porto Portugal.

Country/Organization

AUS / AIT

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15316/

Description

Chao Guo, Jianghai Li, Wen Si, Xiaojin Huang: “Information Fusion Analysis of Cyberattack Identification Based on D-S Evidence Theory,” IAEA International Conference on Nuclear Security: Sustaining and Strengthening Efforts, Vienna, Austria, February 2020.

Country/Organization

CPR / Tsinghua University

Type

Paper

Year

2021

Publication URL

https://www.researchgate.net/publication/350795851_Development_of_a_method_for_e…

Description

(under review) Annals of Nuclear Energy, "An Integrated Security and Safety State Estimation Method for Improving the Cyberattack Response Capability of NPPs", Chanyoung Lee et al, KAIST

Country/Organization

ROK / KAERI

Type

Webinar

Year

2021

Publication URL

https://elearning.iaea.org/m2/course/view.php?id=786

Description

Building Awareness and Advancing Research in Computer Security for Nuclear Security

Country/Organization

IAEA, UTK / USA, USP / BRA

Type

Paper

Year

2021

Publication URL

https://www.ans.org/meetings/am2021/session/view-640/#paper_1523

Description

K. Szefler, M. Dudek, J. Gajewski, K. Pankiewicz, J. Suchorab, J. Walkiewize "Cybersecurity Threat Scenario for Nuclear Power Plant Simulator", 12th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, Providence, 2021

Country/Organization

POL / NCBJ

Type

Presentation

Year

2018

Description

Karl Waedt and Deeksha Gupta: "Industry 4.0 Standardization on Cybersecurity & Interoperability from the Nuclear Integrator’s Perspective," 3rd Annual Nuclear Industrial Control Cyber Security and Resilience Conference, May, 2018, Warrington.

Country/Organization

GFR / Framatome

Type

Paper

Year

2016

Publication URL

https://inis.iaea.org/search/search.aspx?orig_q=RN%3A50017413

Description

R. Busquim e Silva, J.J. Cruz, A.L.F. Marques, R.P. Marques, J.R.C. Piqueira. Use of State Estimation Methods for Instrumentation and Control Cyber Security Assessment in Nuclear Facilities. International Conference on Nuclear Security: Commitments and Actions, Vienna – Austria, 2016.

Country/Organization

BRA / USP

Type

Paper

Year

2020

Publication URL

http://real.mtak.hu/116116/

Description

Ládi, G., Buttyán, L., & Holczer, T. (2020). GrAMeFFSI: Graph Analysis Based Message Format and Field Semantics Inference For Binary Protocols, Using Recorded Network Traffic. INFOCOMMUNICATIONS JOURNAL, 12(2), 25-33.

Country/Organization

HUN / CrySys

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15513/

Description

David Allison, Paul Smith, Kieran McLaughlin, Fan Zhang, Jamie Coble, Rodney Busquim E Silva: “PLC-based Cyber-Attack Detection: A Last Line of Defence,” IAEA International Conference on Nuclear Security: Sustaining and Strengthening Efforts, Vienna, Austria, February 2020.

Country/Organization

AUS / AIT, USA / UTK, BRA / USP

Type

Paper

Year

2019

Publication URL

https://trace.tennessee.edu/utk_graddiss/5763

Description

Zhang, Fan, "Cybersecurity Solutions for Industrial Control Systems and Key Equipment. " PhD diss., University of Tennessee, 2019.

Country/Organization

UTK / USA

Type

Paper

Year

2021

Publication URL

https://www.ans.org/meetings/am2021/sessions/attachment/paper-2488/version-2/

Description

Wynn, J., “Automated Scenario Generation for Cyber Risk Assessments using Critical Infrastructure Cyberspace Analysis Tool (CICAT),” 12th Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, American Nuclear Society (ANS), 2021.

Country/Organization

USA / MITRE

Type

Presentation

Year

2018

Description

Paul Smith: "Cyber Security for Industry 4.0: Responding to New Threats," OVE Industry 4.0 Working Group Meeting, October, 2018, Vienna.

Country/Organization

AUS / AIT

Type

Book Chapter

Year

2021

Description

Cyber Security Concerns within the Nuclear Energy Sector, Understanding cyber threats and attacks, Book Chapter, Editor: International Journal of Mathematical Modeling, Simulation and Applications (2021).

Country/Organization

BRA / USP

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15481/

Description

Neal, C., Trask, D., Thiyagarajan, K., Doucet, R., Adamson, P., Daley, M., & Fernandez, J. Advancements in Hardening the Cybersecurity Posture of Nuclear Power Plant Defence-in-Depth Network Architecture.

Country/Organization

CNL / CAN

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15627/attachments/8697/1160…

Description

e Silva, R. B., Marques, R. P., Piqueira, J. R. C., Smith, P., Hewes, M., Purvis, S., ... & Altschaffel, R. (2020). Understanding Nuclear Cyber Security Measures, Risks and Consequences: from Tank Levels to Plant Processes. In Third International Conference on Nuclear Security: Sustaining and Strengthening Efforts (ICONS 2020) (p. 6).

Country/Organization

BRA / USP, AUS / AIT, GFR / OVGU

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15456/

Description

Michaela Reisinger, Peter Fröhlich, Paul Smith: “Computer Security Training and Exercises in the Nuclear Sector: Insights from a User-centered Requirements Gathering Process,” IAEA International Conference on Nuclear Security: Sustaining and Strengthening Efforts, Vienna, Austria, February 2020.

Country/Organization

AUS / AIT

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15924/

Description

Jianghai Li, Michael Rowland, Mitchell Hewes: “A Cyber-Capability Model for Compromise of I&C System Functions at Nuclear Facilities,” IAEA International Conference on Nuclear Security: Sustaining and Strengthening Efforts, Vienna, Austria, February 2020.

Country/Organization

CPR / Tsinghua University

Type

Paper

Year

2019

Publication URL

https://doi.org/10.22667/JOWUA.2019.12.31.046

Description

Kim, A., Oh, J., Ryu, J., Lee, J., Kwon, K., & Lee, K. (2019). SoK: A Systematic Review of Insider Threat Detection. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl., 10(4), 46-67.

Country/Organization

ROK / KINAC

Type

Press Release

Year

2018

Publication URL

https://www.gov.pl/web/edukacja-i-nauka/cyberlab-w-wierku-skutecznie-bada-cyberb…

Description

Press release on the discovery of the vulnerability by NCBJ

Country/Organization

POL / Ministry of Education and Science

Type

National Radio Interview

Year

2019

Publication URL

https://audycje.tokfm.pl/podcast/72013,Jak-przeprowadzic-szkoleniowy-cyberatak-i…

Description

“How to conduct (instructional) cyber attacks and defend against them?”, TOK FM, Warsaw, February 2019

Country/Organization

POL / NCBJ

Type

Webinar

Year

2021

Publication URL

https://elearning.iaea.org/m2/course/view.php?id=789

Description

Tailoring Computer Security Detection Techniques to Nuclear Facilities

Country/Organization

IAEA, UTK / USA, AIT / AUS, Tsinghua / CPR

Type

Paper

Year

2016

Publication URL

https://inis.iaea.org/search/search.aspx?orig_q=RN%3A50017467

Description

Kim, Aram, Lim, Soomin, Kim, Siwon, & Shin, Ickhyun (2017). Lesson learned from ROK’s regulatory activities on nuclear facility’s cyber incident response. International Atomic Energy Agency (IAEA): IAEA.

Country/Organization

ROK / KINAC

Type

Paper

Year

2019

Description

- Transactions of the Korean Nuclear Society Spring Meeting Jeju, Korea, May 23-24, 2019, "Development of a Demonstrable Nuclear Cyber Security Test-Bed and Application Plans", Chanyoung Lee et al, Korea Advanced Institute of Science and Technology (KAIST)

Country/Organization

ROK / KAERI

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15559/attachments/8566/1141…

Description

Altschaffel, R., Hildebrandt, M., & DITTMANN, J. (2019). A Simulated Steam Turbine Generator Subsystem for Research and Training. In International Conference on Nuclear Security.

Country/Organization

GFR / OVGU

Type

Paper

Year

2020

Publication URL

https://doi.org/10.1016/j.net.2021.04.031

Description

Nuclear Engineering and Technology, "Application of STPA-SafeSec for a Cyber-attack Impact Analysis of NPPs with a Test-bed", Jinsoo Shin et al, KAERI

Country/Organization

ROK / KAERI

Type

Paper

Year

2020

Publication URL

https://ieeexplore.ieee.org/document/9078082

Description

Kim, A., Oh, J., Ryu, J., & Lee, K. (2020). A review of insider threat detection approaches with IoT perspective. IEEE Access, 8, 78847-78867.

Country/Organization

ROK / KINAC

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15502/attachments/8570/1156…

Description

ALTSCHAFFEL, R. ; HOLCZER, T. ; BUSQUIM E SILVA, R. A. ; LI, J. ; GYORGY, P. ; HILDEBRANDT, M. ; HEWES, M. NUCLEAR POWER PLANT IN A BOX In: International Conference on Nuclear Security: Sustaining and Strengthening Efforts International Atomic Energy Agency (IAEA), (2020) pp. 1-9. , 9 p. Conference paper/Conference paper (Conference paper)/Scientific[31608031]

Country/Organization

HUN / CrySys, GFR / OVGU, BRA / USP

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15641/

Description

R. Busquim e Silva, D. Correa, F.R. Antunes, F.C.S Souza, R.P. Marques, J.R.C. Piqueira. The Asherah Nuclear Power Plant Simulator (ANS) as a training tool at the Brazilian Guard Cyber Exercise. International Conference on Nuclear Security. Vienna, Austria, 10-14 February 2020.

Country/Organization

BRA / USP

Type

Workshop Presentation

Year

2020

Publication URL

https://www.nrc.gov/public-involve/conference-symposia/virtual-digital-twin-apps…

Description

Virtual Workshop on Digital Twin Applications for Advanced Nuclear Technologies. The U.S. Nuclear Regulatory Commission (NRC), December 1-4, 2020.

Country/Organization

BRA / USP

Type

Webinar

Year

2021

Publication URL

https://elearning.iaea.org/m2/course/view.php?id=787

Description

Delivery of Immersive Simulated Environments for Research, Training, and Exercises

Country/Organization

IAEA, Framatome / GFR, USP / BRA, KAERI / ROK

Type

Presentation

Year

2017

Description

"PLC - CyberLAB", X NATIONAL CONFERENCE about security: Modern IT tools in counteracting security threats, Józefów, November 2017

Country/Organization

POL / NCBJ

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15626/attachments/8575/1142…

Description

HOLCZER, T. ; BERMAN, G. ; DARRICADES, S. M. ; GYÖRGY, P. ; LÁDI, G. VIRTUALIZATION-ASSISTED TESTING OF NETWORK SECURITY SYSTEMS FOR NPPS In: International Conference on Nuclear Security: Sustaining and Strengthening Efforts International Atomic Energy Agency (IAEA), (2020) pp. 1-10. , 10 p.

Country/Organization

HUN / CrySys, ARG / CNEA

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15391/contribution.pdf

Description

Deeksha Gupta: “Blue team support for EPS related cybersecurity readiness.” IAEA International Conference on Nuclear Security: Sustaining and Strengthening Efforts, Vienna, Austria, February 2020.

Country/Organization

GFR / Framatome

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15399/

Description

Agbemava, N. K., "Computer and information Security (Cyber Security) Training and Awareness Program for Nuclear Facility", IAEA International Conference on Nuclear Security: Sustaining and Strengthening Efforts, Vienna, Austria, February 2020.

Country/Organization

GHA / GNRA

Type

Paper

Year

2020

Description

Transactions of the Korean Nuclear Society Spring Meeting Jeju, Korea, July 9-10, 2020, "A Study of Cyber-attack Impact to Condenser Test-bed by Using STPA-SafeSec", Jinsoo Shin et al, KAERI

Country/Organization

ROK / KAERI

Type

Paper

Year

2020

Description

Transactions of the Korean Nuclear Society Spring Meeting, Jeju, Korea, July 9-10, 2020, "Preparation for Cyber Security Incident Response Training in Nuclear Power Plants", Jae-Gu Song et al, Korea Atomic Energy Research Institute(KAERI)

Country/Organization

ROK / KAERI

Type

Paper

Year

2019

Publication URL

https://link.springer.com/chapter/10.1007/978-3-030-26601-1_9

Description

Robert Altschaffel, Mario Hildebrandt, Stefan Kiltz, Jana Dittmann, "Digital Forensics in Industrial Control Systems", In Proceedings of 38th International Conference of Computer Safety, Reliability, and Security (Safecomp 2019), Turku, Finland, September 11-13, Springer Nature Switzerland, ISBN 978-3-030-26600-4 pp. 128-136, 2019

Country/Organization

GFR / OVGU

Type

Presentation

Year

2019

Publication URL

https://www.ans.org/pubs/proceedings/article-45905/

Description

M.T. Rowland, R. Busquim e Silva. IAEA Coordinated Research Project on Enhancing Incident Response at Nuclear Facilities. 11th Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies. Orlando-Florida, 2019.

Country/Organization

BRA / USP, IAEA

Type

Paper

Year

2021

Publication URL

https://doi.org/10.1016/j.ijcip.2021.100453

Description

R. Busquim e Silva, J.J. Cruz, R.P. Marques, J.R.C. Piqueira. Cybersecurity Assessment Framework for Digital Interface Between Safety and Security at Nuclear Power Plants. International Journal of Critical Infrastructure Protection. (This manuscript has been accepted for publication).

Country/Organization

BRA / USP

Type

Paper

Year

2018

Publication URL

http://www.thinkmind.org/index.php?view=article&articleid=sec_v11_n12_2018_8

Description

Robert Altschaffel, Kevin Lamshöft, Stefan Kiltz, Mario Hildebrandt, Jana Dittmann, "A Survey on Open Forenscis in Embedded Systems of Systems", In International Journal on Advances in Security Vol. 11 No. 1 and 2, pp. 104-117, ISSN 1942-2636, 2018

Country/Organization

GFR / OVGU

Type

Paper

Year

2020

Publication URL

https://asmedigitalcollection.asme.org/ICONE/proceedings/ICONE2020/83785/V003T12…

Description

Wen Si, Jianghai Li, Ronghong Qu, Xiaojin Huang: "Anomaly detection for network traffic of I&C systems based on neural network," Proceedings of 28th International Conference on Nuclear Engineering (ICONE), Anaheim, California, USA, August 2-6, 2020.

Country/Organization

CPR / Tsinghua University

Type

Paper

Year

2017

Description

R. Altschaffel, M. Hildebrandt, S. Kiltz, J. Dittmann: "Exploring the Possibility of Forensic Investigations on Steam Turbine Governing Systems", International Conference on Physical Protection of Nuclear Material and Nuclear Facilities (CN-254), Vienna, Austria 13–17 November 2017, 2017

Country/Organization

GFR / OVGU

Type

Paper

Year

2020

Publication URL

https://www.crysys.hu/publications/files/SzekelyLHB2020cscs.pdf

Description

Székely, G., Ládi, G., Holczer, T., & Buttyán, L. Towards Reverse Engineering Protocol State Machines., The 12th Conference of PhD Students in Computer Science - Volume of short papers (2020) pp. 70-73. , 4 p.

Country/Organization

HUN / CrySys

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15518/

Description

R. ALTSCHAFFEL, T. HOLCZER, C. NEAL, M. HILDEBRANDT: THE NUCLEAR SIEM, ICONS 2020

Country/Organization

GFR / OVGU, CAN / CNL, HUN / CrySys

Type

Paper

Year

2017

Publication URL

https://www.koreascience.or.kr/article/CFKO201722651477652.pdf

Description

Lee, C., & Lim, S. (2017). Applied Parallel Coordinates for ICS Network Traffic in Simulated Nuclear Power Plant Environments. In Proceedings of the Korean Radioactive Waste Society Conference (pp. 55-56). Korean Radioactive Waste Society.

Country/Organization

ROK / KINAC

Type

Presentation

Year

2017

Description

Presentation of CyberLAB concept at 9th Industry Forum TIME, Warsaw, 2017

Country/Organization

POL / NCBJ

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15608/attachments/8569/1140…

Description

Hildebrandt, M., Altschaffel, R., Lamshöft, K., Lange, M., Szemkus, M., Neubert, T., ... & Dittmann, J. (2020, February). Threat Analysis of Steganographic and Covert Communication in Nuclear I&; C Systems. In International Conference on Nuclear Security: Sustaining and Strengthening Efforts. International Atomic Energy Agency, Vienna, Austria.

Country/Organization

GFR / OVGU

Type

Paper

Year

2017

Description

M. Findrik, I. Friedberg, E. Piatkowska, C. Schmittner, P. Smith, C. Spirito, and K. Waedt, "Bridging the Gap Between Cyber-Attacks and Hazards in Nuclear Facilities: the STPA-SafeSec and Attack Tree Approach", in International Conference on Physical Protection of Nuclear Material and Nuclear Facilities, Vienna, Austria, 13-17 November, 2017

Country/Organization

AUS / AIT

Type

Paper

Year

2018

Publication URL

https://doi.org/10.1115/ICONE26-82411

Description

Deeksha Gupta, Edita Bajramovic, Mithil Parekh, Karl Waedt: “Cyber Threat Scenarios for Electrical Systems of Nuclear Power Plants,” International Conference on Nuclear Engineering (ICONE), London, England, July 2018, doiI: https://doi.org/10.1115/ICONE26-82411

Country/Organization

AUS / AIT, GFR / Framatome

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15925/

Description

Effective fuzz testing for programable logic controllers vulnerability research to ensure nuclear safety, International Conference on Nuclear Security: Sustaining and Strengthening Efforts, Vienna, 2020

Country/Organization

POL / NCBJ

Type

Presentation

Year

2018

Description

M. Dudek, "ICS z punktu widzenia atakujacego - ataki na sterowniki PLC", What the H@ck, 2018.

Country/Organization

POL / NCBJ

Type

Paper

Year

2018

Publication URL

https://ieeexplore.ieee.org/abstract/document/8555813/

Description

Ládi, G., Buttyán, L., & Holczer, T. (2018, September). Message format and field semantics inference for binary protocols using recorded network traffic. In 2018 26th International Conference on Software, Telecommunications and Computer Networks (SoftCOM) (pp. 1-6). IEEE.

Country/Organization

HUN / CrySys

Type

Webinar

Year

2021

Publication URL

https://elearning.iaea.org/m2/course/view.php?id=788

Description

Generation of Threat Scenarios with Operational Consequences for Nuclear Facilities

Country/Organization

IAEA, INL / USA, AIT / AUS, NCBJ / POL, OVGU / GFR, MITRE / USA

Type

News Interview

Year

2018

Publication URL

https://warszawa.tvp.pl/39630531/25102018

Description

National News Interview on the activity of the laboratory related to the IAEA CRP

Country/Organization

POL / NCBJ

Type

CERT Issued Vulnerability Notification

Year

2018

Publication URL

https://cert-portal.siemens.com/productcert/pdf/ssa-347726.pdf

Description

Siemens CERT publication of the vulnerability found during research under this project, October 2018

Country/Organization

POL / NCBJ

Type

Paper

Year

2019

Publication URL

https://link.springer.com/book/10.1007/978-981-16-3456-7

Description

Jianghai LI, Chao Guo, Wen Si, Xiaojin Huang: "The approaches of prevention, detection, and response for cybersecurity of I&C systems in NPPs", Lecture Notes in Electrical Engineering, 2019, Vol 507, 283-290.

Country/Organization

CPR / Tsinghua University

Type

Paper

Year

2021

Publication URL

https://www.ans.org/pubs/proceedings/article-49770/

Description

R. Busquim e Silva, R.P. Marques, J.R.C. Piqueira. Use of the Extended Kalman Filter for Cybersecurity Assessment in a Closed-Loop Digital Twin Testbed. 12th Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies. (This abstract has been accepted for publication).

Country/Organization

BRA / USP

Type

Paper

Year

2019

Publication URL

https://www.sciencedirect.com/science/article/pii/S0306454919306085

Description

R. Busquim e Silva, K. Shirvan, J.J. Cruz, A.L.F. Marques, R.P. Marques, J.R.C. Piqueira. Advanced Method for Neutronics and System Code Coupling RELAP, PARCS, and MATLAB for Instrumentation and Control Assessment. Annals of Nuclear Energy, V.140, 107098, 2019.

Country/Organization

BRA / USP

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/16059/

Description

Perez, J. M., "Cybersecurity in Research Centers: Focus on nuclear and radioactive facilities.". In International Conference on Nuclear Security: Sustaining and Strengthening Efforts. International Atomic Energy Agency, Vienna, Austria.

Country/Organization

MEX / ININ

Type

Paper

Year

2017

Publication URL

https://www.iaea.org/sites/default/files/17/11/cn-254-busquim-e-silva-presentati…

Description

R. Busquim e Silva, J.J. Cruz, R.P. Marques, A.L.F. Marques, J.R.C Piqueira. Physical, Corporative and Industrial Digital Security Convergence: Gaps to Close. International Conference on Physical Protection of Nuclear Material and Nuclear Facilities, Vienna, Austria, 2017.

Country/Organization

BRA / USP

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15642/

Description

R. Busquim e Silva, K. Shirvan, J.J. Cruz, R.P. Marques, J.R.C. Piqueira. Development of the Asherah Nuclear Power Plant Simulator for Cyber Security Assessment. International Conference on Nuclear Security. Vienna, Austria, 10-14 February 2020.

Country/Organization

BRA / USP

Type

Paper

Year

2020

Publication URL

https://www.sciencedirect.com/science/article/pii/S0149197020301980

Description

Zhang, F., & Coble, J. B. (2020). Robust localized cyber-attack detection for key equipment in nuclear power plants. Progress in Nuclear Energy, 128, 103446.

Country/Organization

UTK / USA

Type

Presentation

Year

2018

Description

Presentation and laboratory tour during XI NATIONAL CONFERENCE ABOUT SECURITY, Swierk, October 2018

Country/Organization

POL / NCBJ

Type

Dissertation

Year

2020

Publication URL

http://dx.doi.org/10.25673/35364

Description

Altschaffel, Robert. "Computer forensics in cyber-physical systems: applying existing forensic knowledge and procedures from classical IT to automation and automotive." (2020).

Country/Organization

GFR / OVGU

Type

Paper

Year

2020

Description

Transactions of the American Nuclear Society, Vol. 122, Virtual Conference, June 8–11, 2020, "Development of a Framework for NPP Process-Aware Cyber Attack Detection and Diagnosis Methodology", Chanyoung Lee et al, KAIST

Country/Organization

ROK / KAERI

Type

Paper

Year

2021

Publication URL

https://www.ans.org/pubs/proceedings/article-49813/

Description

R. Busquim e Silva, R.P. Marques, J.R.C. Piqueira. Integration of the Asherah NPP Simulator into a Closed-Loop Digital Twin Environment for Cybersecurity Assessment. 12th Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies. (This abstract has been accepted for publication).

Country/Organization

BRA / USP

Type

Panel Discussion

Year

2019

Description

Panel discussion on the NCBJ CyberLAB occuring at Gazterm XXII 2019, Miedzyzdroje, 2019.

Country/Organization

POL / NCBJ

Type

Paper

Year

2020

Publication URL

https://www.mitre.org/publications/technical-papers/critical-infrastructure-cybe…

Description

Whitepaper describing Critical Infrastructure Cyberspace Analysis Tool (CICAT). Wynn, J., et al., "Critical Infrastructure Cyberspace Analysis Tool (CICAT) Capability Description," MTR19065, The MITRE Corporation, MTR19065, 2020.

Country/Organization

USA / MITRE

Type

Presentation

Year

2017

Publication URL

https://inis.iaea.org/search/search.aspx?orig_q=RN%3A50017506

Description

Gajewski, J., Sobkowicz, P., Maj, M., Dudek, M., Chlebowski, T., & Adamczyk, M. (2017). Testing of PLCs used in Nuclear Installations by Bug Fuzzing Search for Cyber Vulnerabilities. International Atomic Energy Agency (IAEA): IAEA.

Country/Organization

POL / NCBJ

Type

Paper

Year

2019

Publication URL

https://www.ans.org/pubs/proceedings/article-45907/

Description

Wen SI, Jianghai LI, Xiaojin Huang: "One-class Anomaly Detection for Instrumentation and Control Systems based on Replicator Neural Networks," Proceedings of the 11th Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies (NPIC&HMIT), Orlando, FL, U. S., 2019.

Country/Organization

CPR / Tsinghua University

Type

Presentation

Year

2018

Description

Gajewski, J., M., Dudek, K. Pankiewicz, J. Suchorab, J. Walkiewize, "CyberLAB- NCBJ case study: finding PLC vulnerability as a result of fuzzing"

Country/Organization

POL / NCBJ

Type

Paper

Year

2017

Description

Mislav Findrik, Ivo Friedberg, Ewa Piatkowska, Paul Smith, Jae-Gu Song: “Trustworthy Computer Security Incident Response for Nuclear Facilities,” ISOFIC 2017, Gyeongju, Korea, November 26-30, 2017.

Country/Organization

AUS / AIT

Type

Paper

Year

2017

Publication URL

https://www.thinkmind.org/articles/cyber_2017_4_20_80046.pdf

Description

Lee, C. A Study on Introducing Cyber Security Incident Reporting Regulations for Nuclear Facilities. International Journal on Advances in System and Measurement. 2017.

Country/Organization

ROK / KINAC

Type

Paper

Year

2020

Publication URL

https://conferences.iaea.org/event/181/contributions/15391/contribution.pdf

Description

Gupta, D., Govindaraj, D., Altschaffel, R., & Waedt, K. (2020). Blue Team Support for EPS Related Cybersecurity Readiness. In International Conference on Nuclear Security: Sustaining and Strengthening Efforts. International Atomic Energy Agency, Vienna, Austria.

Country/Organization

GFR / Framatome, GFR / OVGU

Type

Webinar

Publication URL

https://www.ener-connect.com/new-events/2020/6/16/computer-security-for-nuclear-…

Description

Ener-Connect Webinar, Computer Security for Nuclear Instrumentation & Control Overview: SafetySecurity Integration Assessment, June 26, 2020.

Country/Organization

BRA / USP

Type

Paper

Year

2018

Publication URL

http://dx.doi.org/10.14236/ewic/ICS2018.12

Description

Mislav Findrik, Paul Smith, Kevin Quill, Kieran McLaughlin: “PLCBlockMon: Data Logging and Extraction on PLCs for Cyber Intrusion Detection,” 5th International Symposium for ICS & SCADA Cyber Security Research 2018 (ICS-CSR '18), Hamburg, Germany, August 2018, doi: http://dx.doi.org/10.14236/ewic/ICS2018.12

Country/Organization

AUS / AIT

Click here to learn more about the Coordinated Research Activities and get involved →

Legal

Review missions and advisory services

General interest material

Official documents

Legal

Other resources

Management team

Organizational structure

Procurement

Search form

Enhancing Computer Security Incident Analysis at Nuclear Facilities

Project Type

Project Code

CRP

Approved Date

Status

Start Date

Expected End Date

Completed Date

Participating Countries

Description

Objectives

Specific objectives

Impact

Relevance

CRP Publications

Type

Year

Description

Country/Organization

Type

Year

Publication URL

Description

Country/Organization

Type

Year

Description

Country/Organization

Type

Year

Publication URL

Description

Country/Organization

Type

Year

Description

Country/Organization

Type

Year

Publication URL

Description

Country/Organization

Type

Year

Publication URL

Description

Country/Organization

Type

Year

Publication URL

Description

Country/Organization

Type

Year

Publication URL

Description

Country/Organization

Type

Year

Description

Country/Organization

Type

Year

Publication URL

Description

Country/Organization

Type

Year

Publication URL