American Nuclear Society
Home

Home / Publications / Journals / Nuclear Technology / Volume 206 / Number 7

A Robust Cybersecurity Solution Platform Architecture for Digital Instrumentation and Control Systems in Nuclear Power Facilities

Fan Zhang, J. Wesley Hines, Jamie B. Coble

Nuclear Technology / Volume 206 / Number 7 / July 2020 / Pages 939-950

Technical Paper – Special section on the 2019 ANS Student Conference / dx.doi.org/10.1080/00295450.2019.1666599

Received:August 2, 2019
Accepted:September 6, 2019
Published:July 15, 2020

Most nuclear power plants (NPPs) under construction or under design are expected to deploy largely digital instrumentation and control (I&C) systems. Current fleets are increasingly looking toward converting to digital I&C systems due to the advantages of precise control, economic operation, and ease of procurement over conventional analog I&C systems. With all the benefits digital I&C systems bring, challenging cybersecurity concerns are introduced as well. Cyberattacks targeted at industrial control systems have grown in both frequency and capability in recent years. Despite efforts to air-gap digital I&C systems, NPPs can be vulnerable to these cyberattacks, as evidenced by recent cyber incidents at nuclear facilities. Cybersecurity of NPPs should be addressed in three complementary thrusts: cyberattack prevention, detection, and response. Considering the requirements of digital I&C systems, we propose a novel cybersecurity solution platform that consists of a data collection and extraction system, a multilayer cyberattack detection system, a cause analysis system with dynamic risk assessment, a cyberattack response system, and a main control room display system. This architecture also promotes cooperation between information technology experts and the operation technology team to improve cybersecurity by integrating process data together with traditional host system and network data in a unified platform. This paper presents the proposed cybersecurity architecture and demonstrates its efficacy with a simulated cyberattack on a cyber-physical system testbed. Together with traditional intrusion prevention methods and rule-based intrusion detection systems, this platform provides a solution for prevention, detection, and response to cyberattacks that is congruous with the defense-in-depth strategies of other NPP safety and security systems.