Cybersecurity Monitoring During Power Outages: Use Cases for Enhanced Infrastructure Observability and Potential Implications for NPP Combined Events

Cybersecurity Monitoring During Power Outages: Use Cases for Enhanced Infrastructure Observability and Potential Implications for NPP Combined Events

Power outages create significant challenges for information security and incident response, especially in high-risk environments like nuclear power plants, where continuous visibility is essential for safety and security. Traditional cybersecurity approaches assume uninterrupted system stability, wh...

Повний опис

Збережено в:
Бібліографічні деталі
Дата:2025
Автори: Drahuntsov, R., Symonov, A., Potenko, O., Dybach, O., Zubok, V.
Формат: Стаття
Мова:English
Опубліковано: State Scientific and Technical Center for Nuclear and Radiation Safety 2025
Онлайн доступ:https://nuclear-journal.com/index.php/journal/article/view/1289
Теги: Додати тег
Немає тегів, Будьте першим, хто поставить тег для цього запису!
Назва журналу:Nuclear and Radiation Safety

Репозитарії

Nuclear and Radiation Safety
Опис
Резюме:Power outages create significant challenges for information security and incident response, especially in high-risk environments like nuclear power plants, where continuous visibility is essential for safety and security. Traditional cybersecurity approaches assume uninterrupted system stability, which is disrupted during power failures, leading to increased operational uncertainty and difficulty distinguishing between outage-related anomalies and malicious activities. While research typically focuses on securing national grids and local outage management, less attention has been given to how Security Operations Centers and Computer Security Incident Response Teams can function under these conditions. This study addresses this gap by developing Security Operations Center monitoring use cases tailored to power outage challenges at critical infrastructure sites, including nuclear power plants. The methodology involved: (1) identifying infrastructure components most vulnerable to visibility loss; (2) analyzing sources of uncertainty in incident response; and (3) formulating key operational questions for Computer Security Incident Response Teams. A risk assessment highlighted core challenges such as misclassifying disabled assets, inaccurately attributing network outages, and misinterpreting log data loss. To mitigate these risks, a control framework with targeted monitoring use cases was developed to enhance situational awareness and support decision-making during power disruptions.

Схожі ресурси