Compliance-driven cybersecurity based on formalized attack pattern for NPPs

Abstract

The I&C system of Nuclear Power Plants(NPPs) employ a cybersecurity program what government leads. The government requires that apply the security controls of regulation to develop and operate the system. Accordingly, the licensee of NPPs tries to comply with this requirement from the development phase. Michael Muckin called this method a compliance-driven approach in his paper[1]. This approach is efficient when the government supervises NPPs, but it is not efficient when the licensee produces NPPs. The security controls include all the NPP-related controls without consideration of system characteristics. In other words, the development organization spends much time to exclude unnecessary controls and to write the evidence. Also, the security of the system can weaken according to the security knowledge level of the developer, and this can lead to differences in security levels between systems. This dissertation proposes a method for selecting the security control that can be applied in the early development phase to ensure the security of the system and to reduce the cost of excluding unnecessary security control. We formalize an attack pattern and the security controls pattern and use a relationship between patterns. We conduct a case study on applying R.G. 5.71 in the PPS(Plant Protection System) to confirm the validation of our method.