Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

Comparative Analysis of Network-based Vulnerability Scanner for application in Nuclear Power Plants

원전 적용을 위한 네트워크 기반 취약점 스캐너의 비교 분석

  • Lim, Su-chang (Department of Computer Engineering, Sunchon National University) ;
  • Kim, Do-yeon (Department of Computer Engineering, Sunchon National University)
  • Received : 2018.08.31
  • Accepted : 2018.09.11
  • Published : 2018.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

Nuclear power plants(NPPs) are protected as core facilities managed by major countries. Applying general IT technology to facilities of NPPs, the proportion of utilizing the digitized resources for the rest of the assets except for the existing installed analog type operating resources is increasing. Using the network to control the IT assets of NPPs can provide significant benefits, but the potential vulnerability of existing IT resources can lead to significant cyber security breaches that threaten the entire NPPs. In this paper, we analyze the nuclear cyber security vulnerability regulatory requirements, characteristics of existing vulnerability scanners and their requirements and investigate commercial and free vulnerability scanners. Based on the proposed application method, we can improve the efficiency of checking the network security vulnerability of NPPs when applying vulnerability scanner to NPPs.

원자력 발전소는 주요 국가에서 관리하는 핵심 시설로 보호되고 있으며, 원자력 발전소의 설비들에 일반적인 IT 기술을 적용하여 기존에 설치된 아날로그 방식의 운용자원을 제외한 나머지 자산에 대해 디지털화된 자원을 활용하는 비중이 높아지고 있다. 네트워크를 사용하여 원전의 IT자산을 제어하는 것은 상당한 이점을 제공할 수 있지만 기존 IT자원이 지닌 잠정적인 보안 취약점(Vulnerability)으로 인해 원자력 시설 전반을 위협하는 중대한 사이버 보안 침해사고를 야기할 수 있다. 이에 본 논문에서는 원전 사이버 보안 취약점 규제 요건과 기존 취약점 스캐너의 특징 및 이들이 지닌 요건들을 분석하였고, 상용 및 무료 취약점 스캐너를 조사 하였다. 제안된 적용 방안을 바탕으로 취약점 스캐너를 원전에 적용할 시 원전의 네트워크 보안 취약점 점검 효율성을 향상시킬 수 있을 것으로 판단된다.

Keywords

References

  1. G. I. Jeong, J. K. Lee, and G. O. Park, "Application Trend of Cyber Security in Nuclear Power Plant Measurement Control System," Journal of the Korea Information Processing Society Review, vol. 19, no. 5, pp. 69-77, Sept. 2012.
  2. S. S. Kang, T. H. Lim, J. Y. Choo, H. T. Kim, D. H. Kim, G. G. Byun, J. E. Park, J. Y. Lee, and H. S. Choo, "Analysis on the EMC evaluating method for applying wireless communications in NPP," Journal of the Korea Institute of Information and Communication Engineering, vol. 21, no. 12, pp. 2221-2231, Dec. 2017. https://doi.org/10.6109/JKIICE.2017.21.12.2221
  3. D. Kim, "Vulnerability Analysis for Industrial Control System Cyber Security," Journal of the Korea Institute of Electronic Communication Sciences, vol. 9, no. 1, pp. 137-142, Jan. 2013. https://doi.org/10.13067/JKIECS.2014.9.1.137
  4. S. H. Kim, S. C. Lim and D. Y. Kim, "Regulatory Requirements Analysis for Development of Nuclear Power Plants Cyber Security Vulnerability Inspection Tool," Journal of the Korea Institute of Electronic Communication Sciences, vol. 12, no. 5, pp. 725-730, Oct. 2017. https://doi.org/10.13067/JKIECS.2017.12.5.725
  5. D. Y. Kim, "Security Criteria for Design and Evaluation of Secure Plant Data Network on Nuclear Power Plants," Journal of the Korea Institute of Electronic Communication Sciences, vol. 9, no. 2, pp. 267-271, Feb. 2014. https://doi.org/10.13067/JKIECS.2014.9.2.267
  6. D. Y. Kim, "Cyber security issues imposed on nuclear power plants," Annals of Nuclear Energy, vol. 65, pp. 141-143, Nov. 2014. https://doi.org/10.1016/j.anucene.2013.10.039
  7. The Government of the Hong Kong Special Administrative Region [Internet]. Available: https://www.infosec.gov.hk/english/technical/files/vulnerability.pdf.
  8. P. Lindstrom, (2004, July). Network VS. Host-based Vulnerability Management. A Spire Research Report [Internet]. Available : http://spiresecurity.com/?page_id=1307.
  9. K. Scarfone, S. Murugiah, C. Amanda, and O. Angela, "Technical guide to information security testing and assessment." NIST Special Publication 800, no. 115, pp. 2-25, Sept. 2008.
  10. High-Tech Bridge Web Security Company [Internet]. Available: https://www.htbridge.com/immuniweb/.
  11. Netsparker Web Application Security Scanner [Internet]. Available: https://www.netsparker.com/.
  12. Tenable - Nessus [Internet]. Available: https://www.tenable.com/.
  13. OpenVAS [Internet]. Available: http://www.openvas.org/.
  14. BeyondTrust -Retina CS Community [Internet]. Available: https://www.beyondtrust.com/products/retina-network-community/.
  15. Microsoft - MBSA [Internet]. Available: https://www.microsoft.com/en-us/download/details.aspx?id=7558.
  16. US Nuclear Regulatory Commission, "Syber Security Programs for Nuclear Power Facilities," Nuclear Regulatory Commission Regulatory Guide 5.71, Jan. 2010.
  17. IBM QRadar [Internet]. Available : https://www.ibm.com/security/security-intelligence/qradar.