Cybersecurity Monitoring During Power Outages: Use Cases for Enhanced Infrastructure Observability and Potential Implications for NPP Combined Events

Cybersecurity Monitoring During Power Outages: Use Cases for Enhanced Infrastructure Observability and Potential Implications for NPP Combined Events

Power outages create significant challenges for information security and incident response, especially in high-risk environments like nuclear power plants, where continuous visibility is essential for safety and security. Traditional cybersecurity approaches assume uninterrupted system stability, wh...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Datum:2025
Hauptverfasser: Drahuntsov, R., Symonov, A., Potenko, O., Dybach, O., Zubok, V.
Format: Artikel
Sprache:English
Veröffentlicht: State Scientific and Technical Center for Nuclear and Radiation Safety 2025
Online Zugang:https://nuclear-journal.com/index.php/journal/article/view/1289
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Назва журналу:Nuclear and Radiation Safety

Institution

Nuclear and Radiation Safety
Beschreibung
Zusammenfassung:Power outages create significant challenges for information security and incident response, especially in high-risk environments like nuclear power plants, where continuous visibility is essential for safety and security. Traditional cybersecurity approaches assume uninterrupted system stability, which is disrupted during power failures, leading to increased operational uncertainty and difficulty distinguishing between outage-related anomalies and malicious activities. While research typically focuses on securing national grids and local outage management, less attention has been given to how Security Operations Centers and Computer Security Incident Response Teams can function under these conditions. This study addresses this gap by developing Security Operations Center monitoring use cases tailored to power outage challenges at critical infrastructure sites, including nuclear power plants. The methodology involved: (1) identifying infrastructure components most vulnerable to visibility loss; (2) analyzing sources of uncertainty in incident response; and (3) formulating key operational questions for Computer Security Incident Response Teams. A risk assessment highlighted core challenges such as misclassifying disabled assets, inaccurately attributing network outages, and misinterpreting log data loss. To mitigate these risks, a control framework with targeted monitoring use cases was developed to enhance situational awareness and support decision-making during power disruptions.

Ähnliche Einträge