The NCBJ Cybersecurity Laboratory has prepared an installation illustrating the hypothetical course of an attack on a controller in a nuclear power plant. Scientists show that devices responsible for even seemingly insignificant elements of the system can cause an emergency shutdown of the reactor when its weaknesses are found and exploited.
The main part of the installation is a model of a nuclear reactor made of blocks, with programmed lighting and movable control rods, controlled by a servo. The model is connected to the nuclear power plant simulator and is intended to visualize its state. Programmable logic controllers, which are used in real industrial installations, have been connected to some of the processes taking place in the simulator. In the presented case, they are responsible for the pressure control in the primary circuit of the reactor. The set also includes interactive software that allows you to manually change the reactor output power level and presents its current parameters, e. g. the condition of the heating or spraying installation in the pressure regulator – used to maintain appropriate operating parameters. An important part is the script which is an attack on the controller responsible for pressure regulation in the primary circuit, which breaks its connection to the network. As a result of this attack, the installation fails to respond to pressure changes and, ultimately, causes an emergency shutdown of the reactor.
„Conducting such attacks is possible after gaining access to the network, and the controller itself may not show any signs of being affected by this type of attack. "– explains eng. Krystian Szefler from CyberLAB NCBJ. – „Just by looking at the controller in the control cabinet, we would not notice that something is wrong. " This means that devices responsible for even seemingly insignificant system components can cause an emergency shutdown when found and exploited their weaknesses.
The laboratory has been successful in increasing cybersecurity, including by searching for vulnerabilities in programmable logic controllers (PLCs). Shortly after its inception, the CyberLAB team was able to find a flaw in the Simens S7–1500 PLC software, often used, among others. in nuclear installations. A similar success was the disclosure of a bug in the Schneider Electric M241 and M251 PLCs. All such errors are thoroughly documented, reports are sent to the manufacturer, and the software is quickly updated. The detection of such sensitivities in systems is carried out by the so-called fuzzing or fuzz testing. The technique involves sending a significant number of modified data packets to the device using an appropriate communication protocol. The device’s response and any unexpected behavior are then monitored. In the event of a vulnerability, the connection with the controller may be lost or suspended, and it may be necessary to restart it, which not only poses a threat to the continuity of the entire system or the production chain, but may also pose a serious security risk.
Another branch of the Laboratory’s activity is the preparation of training materials. CyberLAB was responsible, inter alia, for generating examples of network traffic occurring during a cyber attack. Thanks to the unique infrastructure, the team was able to produce real data reflecting the attack much more accurately than the usual simulations. This data has been incorporated into the training material of the European Network and Information Security Agency (ENISA) and allows course participants to analyze and detect cyber attacks.
Additionally, the CyberLAB team actively participates in increasing public awareness of cybersecurity by participating in seminars and conferences on this subject. The hypothetical scenario of an attack on the built model has already been presented, among others during the NPIC & HMIT 2021 conference (12th Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies), as well as during the Advanced Research Workshop on Cybersecurity of Industrial Control Systems, or the conference „Cybersecurity of the energy sector – presentation of sector recommendations”, organized by the Ministry of Climate and the Environment. The model was also part of the Polish stand during the World Nuclear Exhibition in Paris.
Below we present a short video presenting the entire scenario of a hypothetical attack on the driver: