Skip to main content
SpringerLink
Log in

Security Information and Event Management Model Based on Defense-in-Depth Strategy for Vital Digital Assets in Nuclear Facilities

  • Conference paper
  • First Online:
Advances in Computer Science and Ubiquitous Computing

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 715))

  • 919 Accesses

Abstract

After striking event of Stuxnet in Iran, international society recognizes that sabotage using cyber attack on nuclear facilities is no longer a hypothetical. The International Atomic Energy Agency, the IAEA, and the US nuclear facility regulatory authority recommends that nuclear licensees establish security measures to prevent/detect/response the cyber attack. Moreover, storing logs at the system to trace and support the incident investigation and analysis by their guidelines. In particular, since vital digital assets (VDA) to prevent and mitigate severe accidents in nuclear facilities, that possibly be direct targets for sabotage. Therefore, security measures for cyber attack detection and log collection are essential. SIEM is typical attack detection model through security information and log management, and various solutions are already used in many IT industries. But VDAs are difficult to purchase and implement commercial log collection and detection solutions. Because industrial control systems which used in VDAs are develop specifically for nuclear facilities, designed and performing safety and safety related functions. And nuclear facilities are necessary to meet safety and security requirements such as defense-in-depth strategy and boundary protection system to licensees designing SIEN network to implement central monitoring method. So we proposed DID-SIEM that is a security information and event management model based on defense-in-depth strategy. DID-SIEM is SIEM model that incorporates the design requirements to meet both the cyber security guidelines and operational constraints of nuclear facilities.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Lee S, Huh J-H (2018) An effective security measures for nuclear power plant using big data analysis approach. J Supercomput 1–28

    Google Scholar 

  2. Hwang M, Kwon K (2018) Development of an identification method for vital digital assets selection on nuclear cyber security. In: Transactions of the Korean nuclear society spring meeting

    Google Scholar 

  3. US Nuclear Regulatory Commission (2010) Regulatory guide 5.71. Cyber Security Programs for Nuclear Facilities, Washington, DC

    Google Scholar 

  4. KINAC, KINAC (2014) RS-015. Technical standard on cyber security for computer and information system of nuclear facilities

    Google Scholar 

  5. Kuipers D, Fabro M (2006) Control systems cyber security: defense in depth strategies. No. INL/EXT-06-11478. Idaho National Laboratory (INL)

    Google Scholar 

  6. IAEA, NSS (2011) No. 17: 2011. Computer security at nuclear facilities: reference manual: technical guidance. International Atomic Energy Agency, Vienna

    Google Scholar 

  7. Miller D (2011) Security information and event management (SIEM) implementation. McGraw-Hill

    Google Scholar 

  8. Coppolino L et al (2013) Enhancing SIEM technology to protect critical infrastructures. Critical information infrastructures security. Springer, Berlin, Heidelberg, pp 10–21

    Google Scholar 

  9. Novikova E, Kotenko I (2013) Analytical visualization techniques for security information and event management. In: 2013 21st Euromicro international conference on parallel, distributed, and network-based processing. IEEE

    Google Scholar 

  10. Bhatt S, Manadhata PK, Zomlot L (2014) The operational role of security information and event management systems. IEEE Secur Priv 12(5):35–41

    Article  Google Scholar 

  11. Anastasov I, Davcev D (2014) SIEM implementation for global and distributed environments. In: 2014 world congress on computer applications and information systems (WCCAIS). IEEE

    Google Scholar 

  12. Gu P et al (2016) A study about safety I&C system software V&V in nuclear power plant. In: 2016 24th international conference on nuclear engineering. American Society of Mechanical Engineers

    Google Scholar 

Download references

Acknowledgements

This work was supported by the Nuclear Safety Research Program through the Korea Foundation Of Nuclear Safety (KoFONS), granted financial resource from the Nuclear Safety and Security Commission (NSSC), Republic of Korea (No. 1605007).

Author information

Authors and Affiliations

  1. Korea Institute of Nuclear Nonproliferation and Control, 1534, Youseong-daero, Youseong-Gu, Daejeon, Korea

    Sangwoo Kim, Seung-min Kim, Ki-haeng Nam, Seonuk Kim & Kook-huei Kwon

Authors
  1. Sangwoo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seung-min Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ki-haeng Nam
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Seonuk Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Kook-huei Kwon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sangwoo Kim .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Seoul University of Science and Technology, Nowon-gu, Korea (Republic of)

    James J. Park

  2. Faculty of Science, Department of Computer and Information Science, University of Macau, Taipa, Macao

    Simon James Fong

  3. Department of Computer Science, Georgia State University, Atlanta, GA, USA

    Yi Pan

  4. Department of Multimedia Engineering, Dongguk University, Seoul, Korea (Republic of)

    Yunsick Sung

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kim, S., Kim, Sm., Nam, Kh., Kim, S., Kwon, Kh. (2021). Security Information and Event Management Model Based on Defense-in-Depth Strategy for Vital Digital Assets in Nuclear Facilities. In: Park, J.J., Fong, S.J., Pan, Y., Sung, Y. (eds) Advances in Computer Science and Ubiquitous Computing. Lecture Notes in Electrical Engineering, vol 715. Springer, Singapore. https://doi.org/10.1007/978-981-15-9343-7_46

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-9343-7_46

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-9342-0

  • Online ISBN: 978-981-15-9343-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation