|Nuclear safety research is a very specific domain. History offers us just a small number of events that had serious radiological consequences for people and the environment. In the field of nuclear security, and with focus on cyber security in the nuclear sector, the number of serious events is even smaller. Even in the case of such events, not everybody wants to share this information.
In our doctoral dissertation we presented a comprehensive view on cyber security and cyber security incident response planning at nuclear facilities, and nuclear sector in general. We conducted research on this topic, which was the first one of this kind in Slovenia, and one of only a few such studies in the world.
Using the method of description, we have analyzed articles, bachelor diplomas, master diplomas, doctoral dissertations, professional web pages, scientific magazines, many different standards, recommendations, guides; and other publicly available sources like national legislations, member state reports, regulations, guides, good practices, nuclear facility operator and competent authority procedures, and reports of international organizations. Based on the analysis of all these sources, the theoretical starting point was constructed. We then further analyzed the state of cyber security in nuclear sector with guided structured interviews, involving international experts from nuclear facilities, competent authorities, technical support organizations, computer equipment suppliers, and other stakeholders involved in cyber security activities in nuclear sector. Data were processed with the grounded theory. All the data gathered represented a starting point for the development of a response model to cyber-attacks at nuclear facilities, which we developed, verified and validated with the modelling method.
Based on the sources and expert opinions, we came to the conclusion about the topic, and identified the problems that stand out the most. One example lies with the nuclear facility operators and their implementation of appropriate measures, based on regulatory guides, issued or pointed out by the competent authorities. Nuclear facility operators are also left to implement computer security to themselves, especially because there is a lack of information exchange within the entire nuclear sector on both a domestic and international level.
Based on knowledge gained, and our understanding of the situation, we built a response model to cyber-attacks at nuclear facilities, which is intended for use by all stakeholders in the nuclear sector, for organizing internal and joint activities in preparation for a cyber-attack. The model consists of four dimensions; stakeholders, communication, escalation and phases. The model was additionally validated by all key stakeholders.
With assistance from the Slovenian Nuclear Safety Administration and key stakeholders, we tested the model during the first exercise on cyber-attack at nuclear facility in nuclear sector ever held in Slovenia. During the exercise we focused only on two dimensions; stakeholders and communication between them. The first reason for this approach was that it is a quite complex model, and the second reason was the current lack of communication in the entire nuclear sector.
The model is general enough to be implemented in other sectors of critical infrastructure, with minimal modification. Results of the doctoral dissertation are available to the public and bring an important contribution for a national and international security of critical infrastructure. From a scientific perspective, they bring innovative and comprehensive model for cyber-attack response planning in entire critical infrastructure sector, with a focus on assuring effective nuclear security and nuclear safety.