American Nuclear Society

Home / Publications / Journals / Nuclear Technology / Volume 197 / Number 3

Security Analysis of Safety Critical and Control Systems: A Case Study of a Nuclear Power Plant System

Raj Kamal Kaur, Lalit Kumar Singh, Babita Pandey

Nuclear Technology / Volume 197 / Number 3 / March 2017 / Pages 296-307

Technical Paper /

First Online Publication:February 10, 2017
Updated:April 14, 2017

Digital computers have been chosen in the implementation of safety critical systems in newly constructed nuclear facilities. These safety critical systems are designed to operate in a secure manner so that their failure should not prompt any serious damage or catastrophic effects. Due to the security significance of critical systems, there is a need to ensure the secrecy of systems at an early stage. Existing work focused on evaluating security by considering at the requirement phase only integrity, confidentiality, access control, and availability attributes. However, many essential critical attributes have not been taken into consideration, like deadlock, liveness, etc. To improve the security of software systems, this paper introduces a threat-driven modeling framework. It predicts security threats, it figures out which threats require mitigation and how to alleviate these threats, and it incorporates the essential missing attributes. We specify the functionality of the system with a Petri net, and we analyze the behavioral and structural properties of the system and threat mitigation. Aspect-oriented stochastic Petri nets are used as a formal amplified model. The technique has been validated on 11 safety critical systems of a nuclear power plant and it is shown for one case study in this paper.

Questions or comments about the site? Contact the ANS Webmaster.