A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants
Instrumentation and Control (I&C) systems of nuclear power plants (NPPs) have been continuously digitalized. These systems have a critical role in the operation of nuclear facilities by functioning as the brain of NPPs. In recent years, as cyber security threats to NPP systems have increased, re...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Elsevier
2019-10-01
|
Series: | Nuclear Engineering and Technology |
Online Access: | http://www.sciencedirect.com/science/article/pii/S1738573319303018 |
id |
doaj-d862e675438f4aca99d155f36517c174 |
---|---|
record_format |
Article |
spelling |
doaj-d862e675438f4aca99d155f36517c1742020-11-25T01:35:52ZengElsevierNuclear Engineering and Technology1738-57332019-10-0151717911798A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plantsJunYoung Son0Sangkyun Noh1JongGyun Choi2Hyunsoo Yoon3Korea Atomic Energy Institute, ICT Department, Republic of Korea; Department of Graduate School of Information Security, Korea Advanced Institute of Science and Technology, Republic of Korea; Corresponding author. Korea Atomic Energy Institute, ICT Department, Republic of Korea.FairApp, Republic of KoreaKorea Atomic Energy Institute, ICT Department, Republic of KoreaDepartment of Graduate School of Information Security, Korea Advanced Institute of Science and Technology, Republic of KoreaInstrumentation and Control (I&C) systems of nuclear power plants (NPPs) have been continuously digitalized. These systems have a critical role in the operation of nuclear facilities by functioning as the brain of NPPs. In recent years, as cyber security threats to NPP systems have increased, regulatory and policy-related organizations around the world, including the International Atomic Energy Agency (IAEA), Nuclear Regulatory Commission (NRC) and Korea Institute of Nuclear Nonproliferation and Control (KINAC), have emphasized the importance of nuclear cyber security by publishing cyber security guidelines and recommending cyber security requirements for NPP facilities. As described in NRC Regulatory Guide (Reg) 5.71 and KINAC RS015, challenge response authentication should be applied to the critical digital I&C system of NPPs to satisfy the cyber security requirements. There have been no cases in which the most robust response authentication technology like challenge response has been developed and applied to nuclear I&C systems. This paper presents a challenge response authentication mechanism for a Programmable Logic Controller (PLC) system used as a control system in the safety system of the Advanced Power Reactor (APR) 1400 NPP. Keywords: Nuclear power plant, I&C, Regulatory guide, PLC, Cyber security requirements, Challenge response, One time password, Authenticationhttp://www.sciencedirect.com/science/article/pii/S1738573319303018 |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
JunYoung Son Sangkyun Noh JongGyun Choi Hyunsoo Yoon |
spellingShingle |
JunYoung Son Sangkyun Noh JongGyun Choi Hyunsoo Yoon A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants Nuclear Engineering and Technology |
author_facet |
JunYoung Son Sangkyun Noh JongGyun Choi Hyunsoo Yoon |
author_sort |
JunYoung Son |
title |
A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants |
title_short |
A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants |
title_full |
A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants |
title_fullStr |
A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants |
title_full_unstemmed |
A practical challenge-response authentication mechanism for a Programmable Logic Controller control system with one-time password in nuclear power plants |
title_sort |
practical challenge-response authentication mechanism for a programmable logic controller control system with one-time password in nuclear power plants |
publisher |
Elsevier |
series |
Nuclear Engineering and Technology |
issn |
1738-5733 |
publishDate |
2019-10-01 |
description |
Instrumentation and Control (I&C) systems of nuclear power plants (NPPs) have been continuously digitalized. These systems have a critical role in the operation of nuclear facilities by functioning as the brain of NPPs. In recent years, as cyber security threats to NPP systems have increased, regulatory and policy-related organizations around the world, including the International Atomic Energy Agency (IAEA), Nuclear Regulatory Commission (NRC) and Korea Institute of Nuclear Nonproliferation and Control (KINAC), have emphasized the importance of nuclear cyber security by publishing cyber security guidelines and recommending cyber security requirements for NPP facilities. As described in NRC Regulatory Guide (Reg) 5.71 and KINAC RS015, challenge response authentication should be applied to the critical digital I&C system of NPPs to satisfy the cyber security requirements. There have been no cases in which the most robust response authentication technology like challenge response has been developed and applied to nuclear I&C systems. This paper presents a challenge response authentication mechanism for a Programmable Logic Controller (PLC) system used as a control system in the safety system of the Advanced Power Reactor (APR) 1400 NPP. Keywords: Nuclear power plant, I&C, Regulatory guide, PLC, Cyber security requirements, Challenge response, One time password, Authentication |
url |
http://www.sciencedirect.com/science/article/pii/S1738573319303018 |
work_keys_str_mv |
AT junyoungson apracticalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants AT sangkyunnoh apracticalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants AT jonggyunchoi apracticalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants AT hyunsooyoon apracticalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants AT junyoungson practicalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants AT sangkyunnoh practicalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants AT jonggyunchoi practicalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants AT hyunsooyoon practicalchallengeresponseauthenticationmechanismforaprogrammablelogiccontrollercontrolsystemwithonetimepasswordinnuclearpowerplants |
_version_ |
1725065735516979200 |