The Journal of the Korea institute of electronic communication sciences (한국전자통신학회논문지)

Korea Institute of Electronic Communication Science (한국전자통신학회)
권호 표지
DOI QR코드

DOI QR Code

Implementation Plan and Requirements Analysis of Access Control for Cyber Security of Nuclear Power Plants

원전 사이버보안을 위한 접근제어 요건분석 및 구현방안

  • Kim, Do-Yeon (Dept. of Computer Engineering, Sunchon National University)
  • Received : 2015.10.26
  • Accepted : 2016.01.24
  • Published : 2016.01.30
Download PDF
⟨ Previous Next ⟩

Abstract

The Nuclear Power Plants(: NPP) are being protected as national infrastructure, and instrumentation and control(: I&C) systems are one of the principle facilities of the NPP, which perform the protection, control, and monitoring function. The I&C systems are being evolved into digitalization based on computer and network technology from analog system. In addition, the I&C systems are mostly employ the specialized logic controllers which are dedicated for the NPP, but the usage of generalized IT resources are steadily increased. The cyber security issues for the NPP are being emerged due to cyber incidents by Stuxnet and various accidents in the NPP. In this paper, hybrid access control model is proposed which are applicable to I&C system by analyzing the access control requirements specified in regulatory guides. The safety of in-service and under construction of NPP are effectively increased by applying proposed hybrid model.

원자력발전소는 주요 국가기반시설로 보호되고 있으며, 계측제어계통은 보호, 제어 및 감시등의 기능을 수행하는 원전을 구성하는 핵심 설비로서, 과거의 아날로그 장비에서 컴퓨터와 네트워크에 기반 한 디지털 기술로 진화하고 있다. 또한, 계측제어계통에서는 대부분 원전용 제어기를 사용하지만, 일반적인 IT 자원의 사용도 증가하고 있는 실정이다. 스턱스넷으로 인한 원자력 시설의 제어기 침해 사고 및 여타 원전의 사이버 사고로 인해 원자력발전소에 대한 사이버보안 문제가 대두되고 있다. 본 논문에서는 원전 사이버 보안을 위해 규제지침의 접근제어 요건분석을 통하여 원전 계측제어계통에 적용 가능한 혼합형 접근제어 모델을 제시하였다. 제안하는 혼합형 접근제어 모델은 가동 중인 국내 원전 및 건설 중인 신규 원전에 구현하여, 원전의 안전성을 효율적으로 증대 시킬 수 있을 것으로 판단된다.

Keywords

References

  1. M. Chung, W. Ahn, B. Min, and J. Seo, "A Study on Method to Establish Cyber Security Technical System in NPP Digital I&C," J. of the Korea Institute of Information Security & Cryptology, vol. 24, no. 3, 2014, pp. 561-570. https://doi.org/10.13089/JKIISC.2014.24.3.561
  2. Y. Choi, Y. Choi, J. Lee, J. Cho, I. Koo, and S. Hong, "Study on the Construction of Cyber Security for the Nuclear Power Plants," Fall Conf. from Korea Society of IT Services, vol. 16, Seoul, Korea, Nov., 2009, pp. 537-538.
  3. Y. Cha, B. Cho, and J. Na, "Security Technology Trends and Prospective of Industrial Control System," KEIT (Korea Evaluation Institute of Industrial Technology) PD Issue Report, vol. 13, no. 6, Jun., 2013, pp. 79-100.
  4. D. Kim, "Security Criteria for Design and Evaluation of Secure Plant Data Network on Nuclear Power Plants," J. of the Korea Institute of Electronic Communication Sciences, vol. 9, no. 2, 2013, pp. 267-271. https://doi.org/10.13067/JKIECS.2014.9.2.267
  5. D. Kim, "Vulnerability Analysis for Industrial Control System Cyber Security," J. of the Korea Institute of Electronic Communication Sciences, vol. 9, no. 1, 2013, pp. 137-142. https://doi.org/10.13067/JKIECS.2014.9.1.137
  6. I. Koo, K. Kim, S. Hong, G. Park, and J. Park, "Digital Asset Analysis Methodology against Cyber Threat to I&C System in NPP," J. of the Korea Institute of Electronic Communication Sciences, vol. 6, no. 6, 2011, pp. 839-847.
  7. N. Falliere, L. O. Murchu, and E. Chien, Win32.stuxnet Dossier. Cupertino, CA, USA, Symantec Security Response, 2011.
  8. NRC Information Notice 2003-14, "Potential Vulnerability of Plant Computer Network to Worm Infection," Nuclear Regulatory Commission, Mar., 2003.
  9. NRC Information Notice 2007-15, "Effects of Ethernet based, no-safety related controls on the safe and continued operation of nuclear power stations," Nuclear Regulatory Commission, Sep., 2007.
  10. US NRC, "Cyber Security Programs for Nuclear Power Facilities," NRC Regulatory Guide 5.71, Jan., 2010.
  11. C. Park, "Current Status for Cyber Security of Nuclear Power Plants and Long-term R&D Strategy", J. of Electrical World, vol. 430, 2012, pp. 59-65.
  12. C. Lee, "Trend of Technology of instrumentation and control system in Nuclear Power Plants," J. of The Korea Institute of Information Security & Cryptology, vol. 22, no. 5, 2012, pp. 28-34.
  13. W. Stallings and L. Brown, Computer Security - principles and practice, 2nd ed. Essex: Pearson Education, 2012.
  14. D. Lee, C. Lee, I. Hwang, and I. Oh, "Development of the Digital Reactor Safety Systems," Korea Atomic Energy Research Institute: Daejeon, Technical Report KAERI/RR-2914, Apr, 2007.
  15. IEC Std. 62351-8, Power System Management associated information exchange - Data and Communication Security - Part 8 : Role-based Access Control. International Electronical Committee, Geneva, Switzerland, 2014.