Cyber hardening of Nuclear Power Plants with real-time nuclear reactor operation, 1. Preliminary operational testing

Abstract

Maintaining and extending the lifetime of the domestic Nuclear Power Plant fleet is predicated on digitalization. However, digitalization also gives rise to increasing vulnerabilities. This paper is the first in a body of novel research at the Idaho Falls Center for Higher Education focusing on the cyber hardening of currently operating and aging Nuclear Power Plants that uses the Western Services Corporation Generic Pressurized Water Reactor real-time operational platform. The Western Services Corporation platform was used here natively to collect data during atypical plant events that could be initiated by cyberattacks. The goals of this first phase of work is to identify data ‘fingerprints’ unique to each of the initiating events, determine when or if the reactor trips, and suggest operator actions that could mitigate the cyberattack and possibly avoid a trip and maintain operations. First, a cyber-informed Preliminary Hazards Analysis was conducted to determine plant systems most vulnerable to a cyberattack. Then, the associated malfunction as an analogue to a potential cyberattack on the selected system was executed during operation of the reactor. Relevant data was collected during these events until the reactor tripped. The data was then processed to determine if a fingerprint could be crafted, and mitigating operator actions were formulated. Finally, we demonstrate a proof-of-concept for simulating cyberattacks on the Western Services Corporation platform in real-time during reactor operation. This development will open possibilities for ‘Red Team/Blue Team’ exercises for cyber hardening of the domestic Nuclear Power Plant fleet.