Journal of Korea Society of Digital Industry and Information Management (디지털산업정보학회논문지)

Korea Society of Digital Industry and Information Management (디지털산업정보학회)
권호 표지
DOI QR코드

DOI QR Code

An Analysis Measure for Cybersecurity linked Threat against Diverse Protection Systems

다양성보호계통 사이버보안 연계 위협 분석 방안

  • 정성민 (명지전문대학 인터넷보안공학과) ;
  • 김태경 (명지전문대학 인터넷보안공학과)
  • Received : 2021.03.03
  • Accepted : 2021.03.17
  • Published : 2021.03.30
Download PDF
⟨ Previous Next ⟩

Abstract

With the development of information technology, the cybersecurity threat continues as digital-related technologies are applied to the instrumentation and control system of nuclear power plants. The malfunction of the instrumentation and control system can cause economic damage due to shutdown, and furthermore, it can lead to national disasters such as radioactive emissions, so countering cybersecurity threats is an important issue. In general, the study of cybersecurity in instrumentation and control systems is concentrated on safety systems, and diverse protection systems perform protection and reactor shutdown functions, leading to reactor shutdown or, in the worst case, non-stop situations. To accurately analyze cyber threats in the diverse protection system, its linked facilities should be analyzed together. Risk analysis should be conducted by analyzing the potential impact of inter-facility cyberattacks on related facilities and the impact of cybersecurity on each configuration module of the diverse protection system. In this paper, we analyze the linkage of the diverse protection system and discuss the cybersecurity linkage threat by analyzing the availability of equipment, the cyber threat impact of the linked equipment, and the configuration module's cybersecurity vulnerability.

Keywords

References

  1. 송동훈.임현종.김상우.류진호.신익현, "사이버보안 위협평가를 통한 원자력시설 등 중요시설대상 최신 사이버 위협 사례 분석 연구," 한국정보보호학회, 정보보호학회지, 제28권, 제2호, 2018, pp.51-60.
  2. Seungmin Kim, Gyunyoung Heo, EnricoZio, Jinsoo Shin, Jaegu Song, "Cyber attack taxonomy for digital environment in nuclear power plants," Nuclear Engineering and Technology, Vol. 52, No. 5, 2020, pp.995-1001. https://doi.org/10.1016/j.net.2019.11.001
  3. 엄익채, "핵심기반시설 사이버 보안 평가 모델링 기법 연구," 한국디지털정책학회, 디지털융복합연구지, 제17권, 제8호, 2019, pp.105-113.
  4. 정성민, "원전 무선 센서 네트워크에 적합한 클러스터 헤드 체인 라우팅 프로토콜," 디지털산업정보학회, 디지털산업정보학회 논문지, 제16권, 제2호, 2020, pp.61-68.
  5. 원자력안전위원회고시 제2018-6호, "원자로시설의 안전등급과 등급별 규격에 관한 규정," 2018.
  6. 원자력안전위원회규칙 제24호, "원자로시설 등의 기술기준에 관한 규칙," 2020.
  7. KHNP, "APR1400 Design Control Document," NRC ADAMS, 2018, pp.7.1-43
  8. Jungwoon Lee, Cheolkwon Lee, Jaegu Song, and Dongyoung Lee, "Cyber Security Considerations in the Development of I&C Systems for Nuclear Power Plants," The 2011 International Conference on Security and Management (SAM'11), Las Vegas, USA, 2011.
  9. 권기춘, "원전 계측제어시스템 현재와 미래," 대한전자공학회 ICS '2016 정보 및 제어심포지엄 논문집, 서울, 2016, pp.46-62.
  10. USNRC, "Section 50.62 Requirements for Reduction of Risk from Anticipated Transients without Scram(ATWS) Events for Light-WaterCooled Nuclear Power Plants", 10CFR50, 1996.
  11. 한국원자력안전기술원 규제기준, "제8장 계측제어계통," KINS/RS-N08.00, 2015.
  12. Yanggyun Oh, Jinkwon Jeong, Changjae Lee, Yoonhee Lee, "Fault-tolerant design for advanced diverse protection system," Nuclear Engineering and Technology, Vol. 45, No. 6, 2013, pp.795-802. https://doi.org/10.5516/NET.02.2013.526
  13. 강동주.이종주.이영.이임섭.김휘강, "전력 SCADA 시스템의 사이버 보안 위험 평가를 위한 정량적 방법론에 관한 연구," 한국정보보호학회, 정보보호학회논문지, 제23권, 제3호, 2013, pp.445-457.
  14. 정성민, "원전 다양성 보호계통 사이버보안 테스트베드 설계," 한국정보처리학회, 2020온라인 춘계학술발표대회 논문집, 제27권, 제1호, 2020, pp.292-294.
  15. DHS, "Common Cybersecurity Vulnerabilities in Industrial Control Systems," 2011.