Framework for evaluating cyber incident response capabilities of nuclear facility operators through operation-based exercises

IF 2.6 3区工程技术 Q1 NUCLEAR SCIENCE & TECHNOLOGY

Nuclear Engineering and Technology Pub Date : 2025-06-26 DOI:10.1016/j.net.2025.103772

Heewon Aneka Choi , Cheonho Park , JuHyeon Lee , Seungho Jeon , Jung Taek Seo

{"title":"Framework for evaluating cyber incident response capabilities of nuclear facility operators through operation-based exercises","authors":"Heewon Aneka Choi , Cheonho Park , JuHyeon Lee , Seungho Jeon , Jung Taek Seo","doi":"10.1016/j.net.2025.103772","DOIUrl":null,"url":null,"abstract":"<div><div>Cyberattacks on nuclear facilities can cause unauthorized information leakage and critical impacts on nuclear safety, making an effective cyber incident response system essential. The International Atomic Energy Agency (IAEA) emphasizes the protection of computer-based systems for physical security, nuclear safety, and nuclear material control from cyber threats. Nuclear facility operators must possess the capability to detect and respond to cyber incidents, and this capability can be evaluated through cyber incident response exercises. This study proposes a framework for evaluating nuclear operators' incident response capabilities. The framework analyzes and builds upon IAEA's cyber incident response phases, breaking them down into six phases, defines key activities and evaluation requirements for each phase, and incorporates existing cyber response evaluation technologies. It also presents criteria and performance indicators to evaluate whether these requirements are met. To examine the applicability and practical relevance of the framework, a cyberattack scenario tailored for nuclear facilities is applied to a simulator replicating real-world conditions. The findings of this study provide a systematic and objective way to evaluate response exercises, offering a foundation for effective cyber incident management and minimizing impacts on nuclear facilities.</div></div>","PeriodicalId":19272,"journal":{"name":"Nuclear Engineering and Technology","volume":"57 11","pages":"Article 103772"},"PeriodicalIF":2.6000,"publicationDate":"2025-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Nuclear Engineering and Technology","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1738573325003407","RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"NUCLEAR SCIENCE & TECHNOLOGY","Score":null,"Total":0}

引用次数: 0

Abstract

Cyberattacks on nuclear facilities can cause unauthorized information leakage and critical impacts on nuclear safety, making an effective cyber incident response system essential. The International Atomic Energy Agency (IAEA) emphasizes the protection of computer-based systems for physical security, nuclear safety, and nuclear material control from cyber threats. Nuclear facility operators must possess the capability to detect and respond to cyber incidents, and this capability can be evaluated through cyber incident response exercises. This study proposes a framework for evaluating nuclear operators' incident response capabilities. The framework analyzes and builds upon IAEA's cyber incident response phases, breaking them down into six phases, defines key activities and evaluation requirements for each phase, and incorporates existing cyber response evaluation technologies. It also presents criteria and performance indicators to evaluate whether these requirements are met. To examine the applicability and practical relevance of the framework, a cyberattack scenario tailored for nuclear facilities is applied to a simulator replicating real-world conditions. The findings of this study provide a systematic and objective way to evaluate response exercises, offering a foundation for effective cyber incident management and minimizing impacts on nuclear facilities.

查看原文本刊更多论文

通过基于操作的演习评估核设施运营商网络事件响应能力的框架

针对核设施的网络攻击会造成未经授权的信息泄露，对核安全造成严重影响，因此建立有效的网络事件响应系统至关重要。国际原子能机构（IAEA）强调保护基于计算机的系统免受网络威胁，以实现物理安全、核安全和核材料控制。核设施运营商必须具备探测和响应网络事件的能力，这种能力可以通过网络事件响应演习进行评估。本研究提出一个评估核营运商事件应变能力的框架。该框架分析并建立在原子能机构网络事件响应阶段的基础上，将其分解为六个阶段，定义了每个阶段的关键活动和评估要求，并纳入了现有的网络响应评估技术。它还提出了评估是否满足这些要求的标准和绩效指标。为了检验该框架的适用性和实际相关性，将为核设施量身定制的网络攻击场景应用于复制现实世界条件的模拟器。本研究结果提供了一个系统和客观的方法来评估响应演习，为有效的网络事件管理和最大限度地减少对核设施的影响提供了基础。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Nuclear Engineering and Technology 工程技术-核科学技术

CiteScore

4.80

自引率

7.40%

发文量

431

审稿时长

3.5 months

期刊介绍： Nuclear Engineering and Technology (NET), an international journal of the Korean Nuclear Society (KNS), publishes peer-reviewed papers on original research, ideas and developments in all areas of the field of nuclear science and technology. NET bimonthly publishes original articles, reviews, and technical notes. The journal is listed in the Science Citation Index Expanded (SCIE) of Thomson Reuters. NET covers all fields for peaceful utilization of nuclear energy and radiation as follows: 1) Reactor Physics 2) Thermal Hydraulics 3) Nuclear Safety 4) Nuclear I&C 5) Nuclear Physics, Fusion, and Laser Technology 6) Nuclear Fuel Cycle and Radioactive Waste Management 7) Nuclear Fuel and Reactor Materials 8) Radiation Application 9) Radiation Protection 10) Nuclear Structural Analysis and Plant Management & Maintenance 11) Nuclear Policy, Economics, and Human Resource Development