Compliance-Driven Cybersecurity Planning Based on Formalized Attack Patterns for Instrumentation and Control Systems of Nuclear Power Plants

<table class="table-group" id="tab11"><tr><td><table class="table"><tr><td class="thead-hr" colspan="2"><hr/></td></tr><tr class="thead"><td class="align_left">Target component</td><td class="align_center">Security controls</td></tr><tr><td class="thead-hr" colspan="2"><hr/></td></tr><tr><td class="align_left" rowspan="15">MTP platform</td><td class="align_center">B.1.2 account management</td></tr><tr><td class="align_center">B.1.3 access enforcement</td></tr><tr><td class="align_center">B.1.5 separation of functions</td></tr><tr><td class="align_center">B.1.6 least privilege</td></tr><tr><td class="align_center">B.1.7 unsuccessful logic attempts</td></tr><tr><td class="align_center">B.1.8 system use notification</td></tr><tr><td class="align_center">B.1.9 Previous logon notification</td></tr><tr><td class="align_center">B.1.10 session lock</td></tr><tr><td class="align_center">B.1.22 use of external systems</td></tr><tr><td class="align_center">B.2.9 Protection of audit information</td></tr><tr><td class="align_center">B.2.10 nonrepudiation</td></tr><tr><td class="align_center">B.3.2 application Partitioning and security function isolation</td></tr><tr><td class="align_center">B.3.11 unauthorized remote activation of services</td></tr><tr><td class="align_center">B.3.13 public key infrastructure certificates</td></tr><tr><td class="align_center">B.3.19 thin nodes</td></tr><tr class="table-tr"><td colspan="2"><hr class="tbody-hr"/></td></tr></table></td></tr></table>

<div>Security controls for MTP platform.</div>

Security and Communication Networks

tab11

Table 11

Table 11: Compliance-Driven Cybersecurity Planning Based on Formalized Attack Patterns for Instrumentation and Control Systems of Nuclear Power Plants 

Table 11 | Compliance-Driven Cybersecurity Planning Based on Formalized Attack Patterns for Instrumentation and Control Systems of Nuclear Power Plants 