Cyber Security System with FPGA-based Network Intrusion Detector for Nuclear Power Plant

As the general-purpose network technologies were introduced into the factory automation network, the importance of a high performance network intrusion detection system (NIDS) has rapidly increased. In this paper, we proposed a cyber security system that can be used in control networks that require...

Full description

Saved in:
Bibliographic Details
Published inIECON 2020 The 46th Annual Conference of the IEEE Industrial Electronics Society pp. 2121 - 2125
Main Authors Roh, Jae-hee, Lee, Seok-ki, Son, Choul-Woong, Hwang, Cheonghwan, Kang, Jiwoong, Park, Jaehyun
Format Conference Proceeding
LanguageEnglish
Published IEEE 18.10.2020
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:As the general-purpose network technologies were introduced into the factory automation network, the importance of a high performance network intrusion detection system (NIDS) has rapidly increased. In this paper, we proposed a cyber security system that can be used in control networks that require high levels of reliability, such as nuclear power plants. The proposed system consists of DACS(Detection on Attacking Control System), DACS management program(DMP) to centrally manage multiple DACS, and central monitoring system(CMS) to store system logs. The packet detection function of DACS is handled by a real-time packet detector implemented in FPGA that handles a 7-tuple whitelist; MAC address, IP address, protocol, and TCP/UDP port number of the source and destination network nodes. This paper showed the usefulness of the proposed system by presenting an example of applying the proposed system to the nuclear power plant safety system. However, it was shown that the proposed system is not limited to nuclear power plants, but can be applied to control networks in various fields.
ISSN:2577-1647
DOI:10.1109/IECON43393.2020.9255158