RISS 학술연구정보서비스

검색
자동완성 버튼
다국어입력
다국어 입력

http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.

변환된 중국어를 복사하여 사용하시면 됩니다.

예시)
  • 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
  • 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
Α Β Γ Δ Ε Ζ Η Θ Ι Κ Λ Μ Ν Ξ Ο Π Ρ Σ Τ Υ Φ Χ Ψ Ω α β γ δ ε ζ η θ ι κ λ μ ν ξ ο π ρ σ τ υ φ χ ψ ω
á à Á À é è É È ç Ç ê
Ä Ö Ü ä ö ü ß
ְ ֳ ֲ ֱ ָ ַ ֵ ֶ ִ ֹ ּ ֻ ׂ ׁ ּ פ ם ן ו ט א ר ק ף ך ל ח י ע כ ג ד ש ץ ת צ מ נ ה ב
± × ÷
· ¨ ´ ˇ ˘ ˝ ˚ ˙ ¸ ˛ ¡ ¿ ː _
½ ¼ ¾ ¹ ² ³
Æ Ð Ħ IJ Ł Ø Œ Þ Ŧ Ŋ æ đ ð ħ ı ij ĸ ŀ ł ø œ ß þ ŧ ŋ ʼn
А Б В Г Д Е Ё Ж З И Й К Л М Н О П Р С Т У Ф Х Ц Ч Ш Щ Ъ Ы Ь Э Ю Я а б в г д е ё ж з и й к л м н о п р с т у ф х ц ч ш щ ъ ы ь э ю я
¤
§ ª º
ا ب ت ث ج ح خ د ذ ر ز س ش ص ض ط ظ ع غ ف ق ک ل م ن ه و ی
닫기
    인기검색어 순위 펼치기

    RISS 인기검색어

      SCI SCIE SCOPUS

      Development of a quantitative method for evaluating the efficacy of cyber security controls in NPPs based on intrusion tolerant concept

      한글로보기

      https://www.riss.kr/link?id=A107453444

      • 0

        상세조회

      • 0

        다운로드
      서지정보 열기
      • 내보내기
      • 내책장담기
      • 공유하기
      • 오류접수

      부가정보

      다국어 초록 (Multilingual Abstract)

      <P><B>Abstract</B></P> <P>Many regulatory documents, guides, and standards for cyber security issues in the nuclear industry have been published since Digital Instrumentation and Control (DI&C) systems were introduce...

      <P><B>Abstract</B></P> <P>Many regulatory documents, guides, and standards for cyber security issues in the nuclear industry have been published since Digital Instrumentation and Control (DI&C) systems were introduced to Nuclear Power Plants (NPPs). However, there are still difficulties when it comes to deciding which security controls are needed and to defining appropriate security control requirements for NPPs. With these regard, a quantitative method for evaluating the efficacy of security controls for DI&C systems in NPPs based on the intrusion tolerant concept is proposed in this study. The essence of the suggested method, <B> <I>In</I> </B>trusion <B> <I>To</I> </B>lerance based <B> <I>C</I> </B>yber <B> <I>S</I> </B>ecurity <B> <I>I</I> </B>ndex (<I>InTo-CSI</I>), is defined as a reduction ratio of probability that a cyber-attack damages a target system. The intrusion tolerant concept is applied to the evaluation method because availability of system’s safety functions is the first priority in the nuclear industry. “How much the system is intrusion-tolerant” means that to what extent does the system provide the minimum level of safe operation when facing unexpected intrusions. Based on intrusion tolerant strategies, an event tree was constructed, and <I>InTo-CSI</I> was estimated by failure probability of intrusion tolerant strategies: the resistance strategy, the detection strategy, and the graceful-degradation strategy. Among these three strategies, quantifying failure probability of the resistance strategy is more challenging than the other two strategies because its relation with attack-difficulty. Attack-difficulty has a strong dependence on unexpected and abstract factors such as attacker’s skills and accessibility to information of the target system. For this reason, the model of Mean Time To Compromise (MTTC) was adopted to estimate abstract variables, and the adopted model was revised in accordance with the suggested evaluation method. Validity of the suggested method was proven by conducting a case study. The suggested method can help assess how much the system security can be improved by applying specific cyber security controls, and which types of additional cyber security controls should be taken. Furthermore, <I>InTo-CSI</I> can make security designers achieve efficacy levels of the specific target system by quantitatively evaluating cyber security controls.</P> <P><B>Highlights</B></P> <P> <UL> <LI> A quantitative index was developed to evaluate the efficacy of security controls in NPPs. </LI> <LI> The intrusion tolerant concept was applied to the evaluation method. </LI> <LI> The model of Mean Time To Compromise (MTTC) was adopted to estimate abstract variables. </LI> <LI> The adopted model and concept were revised in accordance with the suggested method. </LI> <LI> The validity of the suggested method was demonstrated by conducting a case study. </LI> </UL> </P>

      더보기

      분석정보

      View

      상세정보조회

      0

      Usage

      원문다운로드

      0

      대출신청

      0

      복사신청

      0

      EDDS신청

      0

      동일 주제 내 활용도 TOP

      더보기

      주제

      연도별 연구동향

      연도별 활용동향

      연관논문

      연구자 네트워크맵

      공동연구자 (7)

      유사연구자 (20) 활용도상위20명

      이 자료와 함께 이용한 RISS 자료

      나만을 위한 추천자료

      해외이동버튼