Graduate Thesis Or Dissertation
 

Risk-Informed Performance-Based Methods for Cyber-Attack on Nuclear Power Facilities

Público Deposited

Contenido Descargable

Descargar PDF
https://ir.library.oregonstate.edu/concern/graduate_thesis_or_dissertations/jh344188g

Descriptions

Attribute NameValues
Creator
Abstract
  • A new approach is described that offers a risk-informed performance-based (RIPB) framework for quantifying the risk associated with a cyber-attack on a nuclear power generating facility. The first part of the method involves 1) the creation of a simplified 10 CFR 73.54 compliant cyber infrastructure, 2) modeling of design basis threats against the network and passive defense of the network and 3) applying the model metrics as inputs into a Bayesian analysis to calculate the exploit probability of a plant controller. The RAVEN code package was used to perform a stochastic calculation to quantify the aleatory uncertainty associated with exploiting a plant controller and produce basic statistics associated with those outputs, such as standard deviation and standard error. Other tools, such as ADAPT are also explored, which could be leveraged for direct DPRA analysis on network topology, such that new failure modes or initiating events could be discovered. The second aspect of the RIPB method considers the impact of the exploited controller on the physical plant. This evaluation was conducted by postulating an accident scenario possibly caused by the dynamics of an exploited process controller, initiating that event in a RELAP5 model controlled by the RAVEN risk analysis package, and demonstrating the types of algorithms that could be used to quantify the consequences of the accident scenario. In addition, the ASHERAH plant simulator tool was introduced as a potential model for performing coupled cyber-physical plant DPRA analysis in the future. The new two-part method explored in this work provides the uncertainty associated with a cyber initiating event and the associated consequences of a postulated accident resulting from that exploit, as well as providing example tools and algorithms for performing the analysis.
  • Keywords: Risk Analysis, Cyber Security, Probabilistic Risk Analysis, Dynamic Probabilistic Risk Analysis, Nuclear Engineering
Contributor
License
Resource Type
Fecha de Emisión
Degree Level
Degree Name
Degree Field
Degree Grantor
Commencement Year
Advisor
Committee Member
Academic Affiliation
Declaración de derechos
Publisher
Peer Reviewed
Language

Relaciones

Parents:

This work has no parents.

En Collection:

Elementos

Miniatura Título Fecha de subida Visibilidad Acciones
file details Andrew_Gisondi_2023.pdf 2023-08-03 Público Descargar