(A) study on risk-based cyber security test scenario development

Abstract

The digitalized NPPs caused cyber security issue. Unlike other industrial critical systems, safety should be considered with the cyber security of NPPs. The test is one of method to evaluate the cyber security. To test the cyber security, proper test scenario is needed, however, there was no method for developing test scenario considering safety. In this study, the method to develop a test scenario considering NPP safety is proposed. Then, the proposed method is applied to an example NPP. The research scopes are utilization of level 1 PRA results for identifying safety critical digital I&C systems, development of the failure modes analysis method to match the component failure and digital I&C system failure and possible attack scenario identification to reflect to the test. Proposed method uses level 1 PRA results to identify the digital I&C systems which can induce initiating event and mitigation action failure. After identifying the digital I&C systems, based on the component failure mode, normal state in normal operation and control signal information, signal failure modes of digital I&C systems are identified. Also, to construct the attack scenario, attack vector is defined. The signal failure modes of digital I&C systems are utilized to identify the attack objective and other vector elements are identified from database or specification. The attack scenarios are constructed using identified attack vectors. This method is applied to an example plant in case study. From the case study, the attack scenario gives insights such as weakness system of the example plant and test targets. And test strategy to reduce the number of tests is proposed. In this study, the cyber-attack test scenario development method is applied to one core damage sequence. However, to generalize the method, the method should be applied to other core damage sequences. Also, it is expected that this study can give a framework to evaluate the cyber security of NPP and can be used for constructing the cyber security test plan considering safety.