Abstract
Cybersecurity regulations require new I&C (Instrumentation & Control) systems in nuclear power plants to develop software in accordance with secure software development methodology to prevent the digital systems from cyber attacks. One of the common aspects of various secure software development methodologies is that widely-accepted practices should be followed throughout programming. As PLC (Programmable Logic Controller) is used to implement digital I&Cs, C programs are often translated automatically from design specifications such as FBD programs. This paper tries to analyze a part of preliminary version of C codes of a Korean I&C system with a static source code analysis tool of Microsoft. It shows that the automatic translator from FBD to C had a few critical defects, not concerned with security directly. It also recommends to select appropriate analysis tools and rule sets to check best practices in secure programming, even if the C code is produced mechanically.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.