A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants

A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants

Instrumentation and Control (I&C) systems of nuclear power plants (NPPs) have been continuously digitalized. These systems have a critical role in the operation of nuclear facilities by functioning as the brain of NPPs. In recent years, as cyber security threats to NPP systems have increased, re...

Full description

Bibliographic Details
Main Authors: JunYoung Son, Sangkyun Noh, JongGyun Choi, Hyunsoo Yoon
Format: Article
Language:English
Published: Elsevier 2019-10-01
Series:Nuclear Engineering and Technology
Online Access:http://www.sciencedirect.com/science/article/pii/S1738573319303018
id doaj-d862e675438f4aca99d155f36517c174
record_format Article
spelling doaj-d862e675438f4aca99d155f36517c1742020-11-25T01:35:52ZengElsevierNuclear Engineering and Technology1738-57332019-10-0151717911798A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plantsJunYoung Son0Sangkyun Noh1JongGyun Choi2Hyunsoo Yoon3Korea Atomic Energy Institute, ICT Department, Republic of Korea; Department of Graduate School of Information Security, Korea Advanced Institute of Science and Technology, Republic of Korea; Corresponding author. Korea Atomic Energy Institute, ICT Department, Republic of Korea.FairApp, Republic of KoreaKorea Atomic Energy Institute, ICT Department, Republic of KoreaDepartment of Graduate School of Information Security, Korea Advanced Institute of Science and Technology, Republic of KoreaInstrumentation and Control (I&C) systems of nuclear power plants (NPPs) have been continuously digitalized. These systems have a critical role in the operation of nuclear facilities by functioning as the brain of NPPs. In recent years, as cyber security threats to NPP systems have increased, regulatory and policy-related organizations around the world, including the International Atomic Energy Agency (IAEA), Nuclear Regulatory Commission (NRC) and Korea Institute of Nuclear Nonproliferation and Control (KINAC), have emphasized the importance of nuclear cyber security by publishing cyber security guidelines and recommending cyber security requirements for NPP facilities. As described in NRC Regulatory Guide (Reg) 5.71 and KINAC RS015, challenge response authentication should be applied to the critical digital I&C system of NPPs to satisfy the cyber security requirements. There have been no cases in which the most robust response authentication technology like challenge response has been developed and applied to nuclear I&C systems. This paper presents a challenge response authentication mechanism for a Programmable Logic Controller (PLC) system used as a control system in the safety system of the Advanced Power Reactor (APR) 1400 NPP. Keywords: Nuclear power plant, I&C, Regulatory guide, PLC, Cyber security requirements, Challenge response, One time password, Authenticationhttp://www.sciencedirect.com/science/article/pii/S1738573319303018
collection DOAJ
language English
format Article
sources DOAJ
author JunYoung Son
Sangkyun Noh
JongGyun Choi
Hyunsoo Yoon
spellingShingle JunYoung Son
Sangkyun Noh
JongGyun Choi
Hyunsoo Yoon
A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants
Nuclear Engineering and Technology
author_facet JunYoung Son
Sangkyun Noh
JongGyun Choi
Hyunsoo Yoon
author_sort JunYoung Son
title A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants
title_short A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants
title_full A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants
title_fullStr A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants
title_full_unstemmed A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants
title_sort practical challenge-response authentication mechanism for a programmable logic controller control system with one-time password in nuclear power plants
publisher Elsevier
series Nuclear Engineering and Technology
issn 1738-5733
publishDate 2019-10-01
description Instrumentation and Control (I&C) systems of nuclear power plants (NPPs) have been continuously digitalized. These systems have a critical role in the operation of nuclear facilities by functioning as the brain of NPPs. In recent years, as cyber security threats to NPP systems have increased, regulatory and policy-related organizations around the world, including the International Atomic Energy Agency (IAEA), Nuclear Regulatory Commission (NRC) and Korea Institute of Nuclear Nonproliferation and Control (KINAC), have emphasized the importance of nuclear cyber security by publishing cyber security guidelines and recommending cyber security requirements for NPP facilities. As described in NRC Regulatory Guide (Reg) 5.71 and KINAC RS015, challenge response authentication should be applied to the critical digital I&C system of NPPs to satisfy the cyber security requirements. There have been no cases in which the most robust response authentication technology like challenge response has been developed and applied to nuclear I&C systems. This paper presents a challenge response authentication mechanism for a Programmable Logic Controller (PLC) system used as a control system in the safety system of the Advanced Power Reactor (APR) 1400 NPP. Keywords: Nuclear power plant, I&C, Regulatory guide, PLC, Cyber security requirements, Challenge response, One time password, Authentication
url http://www.sciencedirect.com/science/article/pii/S1738573319303018
work_keys_str_mv AT junyoungson apracticalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants
AT sangkyunnoh apracticalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants
AT jonggyunchoi apracticalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants
AT hyunsooyoon apracticalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants
AT junyoungson practicalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants
AT sangkyunnoh practicalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants
AT jonggyunchoi practicalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants
AT hyunsooyoon practicalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants
_version_ 1725065735516979200

Similar Items