Abstract
After striking event of Stuxnet in Iran, international society recognizes that sabotage using cyber attack on nuclear facilities is no longer a hypothetical. The International Atomic Energy Agency, the IAEA, and the US nuclear facility regulatory authority recommends that nuclear licensees establish security measures to prevent/detect/response the cyber attack. Moreover, storing logs at the system to trace and support the incident investigation and analysis by their guidelines. In particular, since vital digital assets (VDA) to prevent and mitigate severe accidents in nuclear facilities, that possibly be direct targets for sabotage. Therefore, security measures for cyber attack detection and log collection are essential. SIEM is typical attack detection model through security information and log management, and various solutions are already used in many IT industries. But VDAs are difficult to purchase and implement commercial log collection and detection solutions. Because industrial control systems which used in VDAs are develop specifically for nuclear facilities, designed and performing safety and safety related functions. And nuclear facilities are necessary to meet safety and security requirements such as defense-in-depth strategy and boundary protection system to licensees designing SIEN network to implement central monitoring method. So we proposed DID-SIEM that is a security information and event management model based on defense-in-depth strategy. DID-SIEM is SIEM model that incorporates the design requirements to meet both the cyber security guidelines and operational constraints of nuclear facilities.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Lee S, Huh J-H (2018) An effective security measures for nuclear power plant using big data analysis approach. J Supercomput 1–28
Hwang M, Kwon K (2018) Development of an identification method for vital digital assets selection on nuclear cyber security. In: Transactions of the Korean nuclear society spring meeting
US Nuclear Regulatory Commission (2010) Regulatory guide 5.71. Cyber Security Programs for Nuclear Facilities, Washington, DC
KINAC, KINAC (2014) RS-015. Technical standard on cyber security for computer and information system of nuclear facilities
Kuipers D, Fabro M (2006) Control systems cyber security: defense in depth strategies. No. INL/EXT-06-11478. Idaho National Laboratory (INL)
IAEA, NSS (2011) No. 17: 2011. Computer security at nuclear facilities: reference manual: technical guidance. International Atomic Energy Agency, Vienna
Miller D (2011) Security information and event management (SIEM) implementation. McGraw-Hill
Coppolino L et al (2013) Enhancing SIEM technology to protect critical infrastructures. Critical information infrastructures security. Springer, Berlin, Heidelberg, pp 10–21
Novikova E, Kotenko I (2013) Analytical visualization techniques for security information and event management. In: 2013 21st Euromicro international conference on parallel, distributed, and network-based processing. IEEE
Bhatt S, Manadhata PK, Zomlot L (2014) The operational role of security information and event management systems. IEEE Secur Priv 12(5):35–41
Anastasov I, Davcev D (2014) SIEM implementation for global and distributed environments. In: 2014 world congress on computer applications and information systems (WCCAIS). IEEE
Gu P et al (2016) A study about safety I&C system software V&V in nuclear power plant. In: 2016 24th international conference on nuclear engineering. American Society of Mechanical Engineers
Acknowledgements
This work was supported by the Nuclear Safety Research Program through the Korea Foundation Of Nuclear Safety (KoFONS), granted financial resource from the Nuclear Safety and Security Commission (NSSC), Republic of Korea (No. 1605007).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kim, S., Kim, Sm., Nam, Kh., Kim, S., Kwon, Kh. (2021). Security Information and Event Management Model Based on Defense-in-Depth Strategy for Vital Digital Assets in Nuclear Facilities. In: Park, J.J., Fong, S.J., Pan, Y., Sung, Y. (eds) Advances in Computer Science and Ubiquitous Computing. Lecture Notes in Electrical Engineering, vol 715. Springer, Singapore. https://doi.org/10.1007/978-981-15-9343-7_46
Download citation
DOI: https://doi.org/10.1007/978-981-15-9343-7_46
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-9342-0
Online ISBN: 978-981-15-9343-7
eBook Packages: Computer ScienceComputer Science (R0)