Cyber-Informed Engineering

Anderson, Robert S.; Benjamin, Jacob; Wright, Virginia L; Quinones, Luis; Paz, Jonathan

doi:10.2172/1369373

Cited by 7 publications

(5 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cyber-Informed Engineering (CIE) is a methodology or approach that can be used by engineers to characterize the risks presented by the implementation of digital assets in control system environments and provides a strategy to apply engineering risk processes to mitigate those risks [47]. CIE is applied throughout the entire systems engineering lifecycle, from conceptual design to decommissioning.…”

Section: Cyber-informed Engineeringmentioning

confidence: 99%

Attack Surface Analysis of the Digital Twins interface with Advanced Sensor and Instrumentation Interfaces: Cyber Threat Assessment and Attack Demonstration for Digital Twins in Advanced Reactor Architectures

Spirito,

Ly,

Veretennikov

2023

View full text Add to dashboard Cite

Section: Cyber-informed Engineeringmentioning

confidence: 99%

Attack Surface Analysis of the Digital Twins interface with Advanced Sensor and Instrumentation Interfaces: Cyber Threat Assessment and Attack Demonstration for Digital Twins in Advanced Reactor Architectures

Spirito,

Ly,

Veretennikov

2023

View full text Add to dashboard Cite

“…CIE is a multidisciplinary approach that advocates the use of CIE principles in each of the systems engineering lifecycle stages to ensure that cyber considerations are included in every aspect of design, testing, implementation, operation, maintenance, and disposal or decommissioning [36]. CIE is fundamentally a cyber risk management tool that complements existing OT cybersecurity risk standards and guidelines by incorporating engineering solutions along with ICT and OT cyber solutions to minimize risks from malicious and unintentional cyber incidents.…”

Section: Cie Overviewmentioning

confidence: 99%

“…On the other hand, implementing engineering risk treatments during design stages can actually eliminate specifically identified risks by designing it out altogether or more efficiently and effectively reduce risk by incorporating security controls into the design. CIE principles adapted from [36].…”

Section: Engineering Risk Treatmentmentioning

confidence: 99%

Cyber-Informed Engineering for Nuclear Reactor Digital Instrumentation and Control

Eggers¹,

Anderson²

2022

Nuclear Reactors - Spacecraft Propulsion, Research Reactors, and Reactor Analysis Topics

View full text Add to dashboard Cite

As nuclear reactors transition from analog to digital technology, the benefits of enhanced operational capabilities and improved efficiencies are potentially offset by cyber risks. Cyber-Informed Engineering (CIE) is an approach that can be used by engineers and staff to characterize and reduce new cyber risks in digital instrumentation and control systems. CIE provides guidance that can be applied throughout the entire systems engineering lifecycle, from conceptual design to decommissioning. In addition to outlining the use of CIE in nuclear reactor applications, this chapter provides a brief primer on nuclear reactor instrumentation and control and the associated cyber risks in existing light water reactors as well as the digital technology that will likely be used in future reactor designs and applications.

show abstract

“…CIE is a multidisciplinary approach to integrating cybersecurity concepts into all phases of the systems engineering lifecycle. Using CIE provides stakeholders unfamiliar with cybersecurity practices the knowledge to incorporate risk management techniques to understand, eliminate, and/or mitigate cyber risks from the conceptual design phase through operation, maintenance, and disposal phases [12]. Considering and designing for cyber risks early in the lifecycle provides a simplified, more secure solution at lower cost.…”

Section: Cyber-informed Engineering Throughout the Systems Engineerin...mentioning

confidence: 99%

“…Figure 3 illustrates CIE elements adapted from the framework provided by Anderson et al [12]. The CIE secure-bydesign elements are those fundamental cybersecurity engineering design practices and techniques that build cybersecurity and cyber-resilience into the system early in the lifecycle.…”

Section: Cie Elementsmentioning

confidence: 99%

Cyber-Informed Engineering Case Study of an Integrated Hydrogen Generation Plant

Eggers¹,

Blanc²,

Youngblood³

et al. 2021

12th Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies (NPIC&HMIT 2021)

View full text Add to dashboard Cite

Strategies for securing digital instrumentation and control (I&C) systems within the nuclear industry are provided by multiple standards and guidance documents. However, since selection and use of security controls outlined in these documents are frequently only considered during or after installation, there are often limitations on their use, such as technological constraints related to design or operation. Furthermore, alternative controls intended to provide the same or similar security countermeasure as the primary control may also be infeasible at these stages, leaving the I&C system vulnerable to cyber-attacks. The limitations associated with 'bolting on' security controls late in the systems engineering lifecycle can be reduced by integrating Cyber-Informed Engineering (CIE) into the process. This paper evaluates the use of CIE during the high-level design stage of a hydrogen generation project where heat and electricity are provided by a nuclear power plant. Applying CIE to this project highlighted potential cyber vulnerabilities of the initial design, leading to recommendations for process flow and I&C system design modifications to reduce, and at times eliminate, the risk from both deliberate and unintentional cyber incidents.

show abstract

Cyber-Informed Engineering

Cited by 7 publications

References 0 publications

Attack Surface Analysis of the Digital Twins interface with Advanced Sensor and Instrumentation Interfaces: Cyber Threat Assessment and Attack Demonstration for Digital Twins in Advanced Reactor Architectures

Attack Surface Analysis of the Digital Twins interface with Advanced Sensor and Instrumentation Interfaces: Cyber Threat Assessment and Attack Demonstration for Digital Twins in Advanced Reactor Architectures

Cyber-Informed Engineering for Nuclear Reactor Digital Instrumentation and Control

Cyber-Informed Engineering Case Study of an Integrated Hydrogen Generation Plant

Contact Info

Product

Resources

About