Development of a monitoring system for the data integrity of reactor protection system using blockchain technology

Abstract

Nuclear Power Plants (NPPs) are physically isolated from external networks and have different operational environments than conventional information technology (IT) systems. Accordingly, NPPs were regarded as safe from external cyber-attacks. However, it was later determined that isolated networks are not safe from cyber-attacks. Malicious data injection attacks on Programmable Logic Controllers (PLCs) deployed in the safety system of NPPs are critical to nuclear facilities, as they were in the Stuxnet attack. It is necessary to monitor the integrity of PLC data and protect the PLCs from cyber threats such as modification of deployed logic or setpoints. To address this problem, this paper proposes a novel system for monitoring data integrity of PLCs using blockchain technologies. Considering the NPP environment, we developed a private blockchain system to monitor the data integrity of PLCs. The new concept that is Proof of Monitoring (PoM) for data integrity of PLCs was proposed to overcome the limitation for applying the private blockchain to the cybersecurity of NPPs. By applying the concept of time interval hopping for mining blocks, it prevented attackers from deciding attack plans using previous regular detection interval. Platform for communicating PLC and the blockchain was developed. (Blockchain structure, communication function, HMI, etc.) Additionally, A prototype Reactor Protection System (RPS)—a safety system in NPPs—integrity monitoring system was developed using the developed blockchain. It can detect cyber-attacks (such as false code injection attacks on PLCs) and monitor which PLC integrity has been compromised in real-time. A validation experiment using a false data injection attack on PLCs was performed on the developed system, and the results confirmed that the developed system successfully monitored the modification of data in the PLCs. It is expected that the prototype RPS monitoring system can detect cyber attacks such as false code injection attacks to PLC logic (Stuxnet), and monitor which PLC's data integrity has been compromised. The security level of NPPs is expected to be improved because the attacker's stealth is impossible and the integrity of systems is continuously monitored. The usability of this technology can be extended to monitor the data integrity of any other digital systems.