Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Information Security Applications

WISA 2018: Information Security Applications pp 68–80Cite as

A Study on the Vulnerability Assessment for Digital I&C System in Nuclear Power Plant

  • Conference paper
  • First Online:

  • 614 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11402))

Abstract

NPP (Nuclear Power Plant) Operators have approached the problem of cyber security by simply keep up with the never-ending stream of new vulnerability alerts from suppliers and groups like ICS-CERT. Keeping Cyber Security Compliance, NPP Owner must patch vulnerabilities according to their CVSS Score. In fact, NPP Owner often has to deal with hundreds of vulnerabilities, which is not a trivial task to carry out. Unfortunately, the CVSS Score has been shown to be poor indicator for actual exploitation in NPP. This paper analyzes Vulnerability Assessment Methodology about Critical digital asset in NPP. And then give an effective methodology. It approaches the cyber security regulations of NPP from a technical vulnerability point of view, where any given Critical Digital Asset can be assessed for vulnerabilities.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. NIST Special Publication 800-82: Guide to Industrial Control Systems Security. Revision 2 (2015)

    Google Scholar 

  2. Ahn, J.: Research on software vulnerability scoring systems, p. 23 (2013)

    Google Scholar 

  3. Common Vulnerability Scoring System v3.0: Specification Document

    Google Scholar 

  4. Ahn, J.: Quantitative scoring system on the importance of software vulnerabilities, p. 4 (2015)

    Article  Google Scholar 

  5. Shank, J.: Cyber Alert & Notification System Update (2016)

    Google Scholar 

  6. Skybox Security Vulnerability and Threat Trends Report (2018)

    Google Scholar 

  7. Jang, D.: A study on the IoT software and network vulnerability assessment system, pp. 4–6 (2017)

    Google Scholar 

  8. Song, J.G.: A cyber security risk assessment for the design of I&C systems in nuclear power plants, pp. 1–3 (2012)

    Google Scholar 

  9. Kostadinov, V.: Vulnerability assessment as a missing part of efficient regulatory emergency preparedness system for nuclear critical infrastructure (2011)

    Google Scholar 

  10. Holt, M.: Nuclear Power Plant Security and Vulnerabilities. Congressional Research Service, Washington, DC (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. KEPCO KDN, Naju, Republic of Korea

    SungCheol Kim, IeckChae Euom, ChangHyun Ha & JooHyoung Lee

  2. Chonnam National University, Gwangju, Republic of Korea

    BongNam Noh

Authors
  1. SungCheol Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. IeckChae Euom
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. ChangHyun Ha
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. JooHyoung Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. BongNam Noh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to SungCheol Kim , IeckChae Euom , ChangHyun Ha , JooHyoung Lee or BongNam Noh .

Editor information

Editors and Affiliations

  1. Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)

    Brent ByungHoon Kang

  2. Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)

    JinSoo Jang

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kim, S., Euom, I., Ha, C., Lee, J., Noh, B. (2019). A Study on the Vulnerability Assessment for Digital I&C System in Nuclear Power Plant. In: Kang, B., Jang, J. (eds) Information Security Applications. WISA 2018. Lecture Notes in Computer Science(), vol 11402. Springer, Cham. https://doi.org/10.1007/978-3-030-17982-3_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-17982-3_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-17981-6

  • Online ISBN: 978-3-030-17982-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation