The Design of a Cybersecurity Testbed for Diverse Protection System in NPPs

㤦

㤦㩚

┺

┺㟧㎇⽊䢎Ἒ

Ἒ䐋

㌂

㌂㧊⻚⽊

⽊㞞

䎢

䎢㓺䔎⻶✲

㍺

㍺Ἒ

G

The Design of a Cybersecurity Testbed for Diverse

Protection System in NPPs

Sungmin Jung*

*Korea Atomic Energy Research Institute

殚 殚 檃檃 㤦㧦⩻ ⹲㩚㏢㦮 Ἒ䁷㩲㠊㔲㓺䎲㠦 ❪㰖䎎 ὖ⩾ ₆㑶㧊 㩗㣿♮Ⳋ㍲ ㌂㧊⻚⽊㞞 㥚䡧㧊 㯳Ṗ䞮 㡖ἶ, 㧊㠦 ➆⧒ ㌂㧊⻚⽊㞞 㥚䡧㦮 ╖㦧㦖 㭧㣪䞲 䡚㞞㧊 ♮㠞┺. 䞮㰖Ⱒ, 㔺㩲 㤊㡗㭧㧎 㤦㧦⩻ ⹲㩚㏢㠦 䂾䒂 㔲䠮㦖 ⿞Ṗ⓻䞮₆ ➢ⶎ㠦 䎢㓺䔎⻶✲⯒ ῂ㿫 ⹥ 䢲㣿䞮㡂 ㌂㧊⻚⽊㞞 㥚䡧㦚 ⿚㍳ 䟊㟒 䞲┺. Ἒ䁷㩲㠊㔲㓺䎲㦮 ゚㞞㩚Ἒ䐋㦖 ❪㰖䎎 ₆⹮㦮 㩲㠊₆₆㢖 䐋㔶ⰳ㧊 ㌂㣿♮₆ ➢ⶎ㠦 㞞㩚Ἒ䐋⽊┺ Ⱔ㦖 ㌂㧊⻚⽊㞞 䀾㟓㩦㧊 㫊㨂䞲┺. ⽎ 㡆ῂ㠦㍲⓪ ゚㞞㩚Ἒ䐋㧎 ┺㟧㎇⽊䢎Ἒ䐋㦚 㥚䞲 䎢㓺䔎⻶✲㦮 ῂ㎇ὒ 䀾㟓㩦 䢫㧎㦚 㥚䞲 Ὃỿ, ⁎Ⰲἶ ╖㻮 ⹿㞞㠦 ╖䟊 ⏒㦮䞲┺. 1. 昢昢嵦 㤦㧦⩻ ⹲㩚㏢㦮 Ἒ䁷㩲㠊㔲㓺䎲㦖 ⽊㑮㩗㧎 䔏㎇ 㠦 ➆⧒ 㞚⋶⪲⁎ ₆㑶㧊 㧒⹮㩗㦒⪲ ㌂㣿♮㠞㰖Ⱒ, 㾲⁒ ❪㰖䎎 ₆㑶㧊 ㌂㣿♮Ⳋ㍲ ㌂㧊⻚⽊㞞 㥚䡧㧊 㯳Ṗ䞮㡖┺[1]. ㌂㧊⻚⽊㞞 㥚䡧㠦 ╖䞲 䀾㟓㩦㦚 䢫 㧎䞮₆ 㥚䟊 Ἒ䁷㩲㠊㔲㓺䎲㦚 ╖㌗㦒⪲ 䂾䒂 㔲䠮㧊 䞚㣪䞮㰖Ⱒ 㤊㡗㭧㧎 㤦㧦⩻ ⹲㩚㏢㠦㍲⓪ 㧮ⴑ♲ ἆ ὒ㠦 ╖䞲 㥚䠮㧊 䋂₆ ➢ⶎ㠦 㰗㩧㩗㧎 䂾䒂 㔲䠮㦖 ⿞Ṗ⓻䞮┺. ➆⧒㍲ 㥚䡧㦚 ⿚㍳䞮₆ 㥚䟊 䎢㓺䔎⻶ ✲⯒ 㧊㣿䟊㟒 䞲┺. 䎢㓺䔎⻶✲⯒ 䐋䟊 ㌂㧊⻚⽊㞞 Ὃỿ㦮 㡗䟻㦚 Ṛ㩧㩗㦒⪲ 䢫㧎䞮ἶ ⹿䢪⼓㧊⋮ 㞪䢎 䢪 㧻゚㢖 ṯ㦖 ⽊㞞 ☚ῂ✺㦮 㩗䞿㎇㦚 䘟Ṗ䞮㡂㟒 䞲┺. 䎢㓺䔎⻶✲⯒ ῂ㿫䞮₆ 㥚䟊 㞞㩚ὒ ὖ⩾ ㌂䟃, ㍺䂮 ゚㣿 ⹥ ′⳾, ⁎Ⰲἶ 㔲䠮㦮 㣿㧊㎇㦚 ἶ⩺䞮 㡂 ゚㞞㩚Ἒ䐋㧎 ┺㟧㎇⽊䢎Ἒ䐋㠦 ╖䟊 䎢㓺䔎⻶✲ 㦮 ῂ㎇ὒ 㔲䠮 ⹥ ㌂㧊⻚⽊㞞 ╖㦧 ⹿㞞㠦 ╖䟊 ⏒ 㦮䞲┺. 2. 埪檗昷懺笾凊皻 癒枪瞾憦姢 割昷 㤦㧦⩻ ⹲㩚㏢ Ἒ䁷㩲㠊㔲㓺䎲㦖 ₆⓻ὒ ′㩲 ❇  㠦 ➆⧒ 㞞㩚Ἒ䐋ὒ ゚㞞㩚Ἒ䐋㦒⪲ ⋮③ 㑮 㧞┺[2]. 㞞㩚Ἒ䐋㦖 㤦㧦⩻ ⹲㩚㏢㦮 ㌂ἶ⯒ ⹿㰖䞮ἶ ㌂ἶ ἆὒ⯒ 㢚䢪䞮₆ 㥚䞲 Ἒ䐋㧊ἶ, ゚㞞㩚Ἒ䐋㦖 㤦㧦 ⩻ ⹲㩚㏢ 㤊㩚㦚 㥚䟊 Ἒ䁷, Ṧ㔲, 㩲㠊 ₆⓻㦚 㑮䟟 䞮⓪ Ἒ䐋㧊┺. ┺㟧㎇⽊䢎Ἒ䐋(DPS, Diverse Protection System)㦖 ゚㞞㩚Ἒ䐋㦒⪲ 㤦㧦⪲Ṗ 㩫㰖♮㠊㟒 䞶 㫆Ị㧚㠦☚ 㩫㰖♮㰖 㞠⓪ ὒ☚㌗䌲㦮 㥚䠮㦚 㭚㧊₆ 㥚䟊, 㤦㧦⩻ ⹲㩚㏢㦮 ㌗䌲 㩫⽊⯒ 㧛⩻ ⹱㞚 ㍺㩫 䂮㢖 ゚ᾦ䞮㡂 㤦㧦⪲ 㩫㰖, 䎆ゞ 㩫㰖, ⁎Ⰲἶ ⽊㫆  㑮 㧧☯ ₆⓻㦚 㑮䟟䞲┺[3]. ┺㟧㎇⽊䢎Ἒ䐋㦖 ❪㰖䎎 ₆⹮㦮 㩲㠊₆₆㢖 䐋㔶 ⰳ㧊 ㌂㣿♮₆ ➢ⶎ㠦 ㌂㧊⻚⽊㞞 㥚䡧㠦 䀾㟓䞮ἶ, 㞞㩚Ἒ䐋㧎 㤦㧦⪲⽊䢎Ἒ䐋(RPS, Reactor Protection System)ὒ ┺㟧㎇㦚 㥚䞮㡂 ㍺Ἒ♲ Ἒ䐋㧊₆ ➢ⶎ㠦 ㌂㧊⻚⽊㞞 Ὃỿ㦒⪲ 㧎䞲 㡺㧧☯ ⡦⓪ Ṛ┾䧞 㫆㧧 ♲ 㩫⽊㦮 㧛⩻Ⱒ㦒⪲ 㤦㧦⪲ 㩫㰖㢖 ṯ㦖 㧮ⴑ♲ ἆ ὒ⯒ Ṗ㪎㢂 㑮 㧞┺. ➆⧒㍲ ┺㟧㎇⽊䢎Ἒ䐋㠦 ╖䞲 ㌂㧊⻚⽊㞞㦮 㥚䡧㦚 ⿚㍳䞮㡂 ╖㦧 ⹿㞞㦚 Ⱎ⩾䞮⓪ ộ㦖 㭧㣪䞮ἶ 䂾䒂 㔲䠮㧊 ⿞Ṗ⓻䞲 㤦㧦⩻ ⹲㩚㏢ ⓪ 䎢㓺䔎⻶✲⯒ 䢲㣿䞮⓪ ộ㧊 㾲㍶㦮 ⹿⻫㧊┺. 䎢 㓺䔎⻶✲⯒ 㧊㣿䞲 䂾䒂 㔲䠮㦚 㑮䟟䞮₆ 㥚䟊 Ⲓ㩖 ┺㟧㎇⽊䢎Ἒ䐋㦮 㡆Ἒ ㌂䟃㦚 䕢㞛䟊㟒 䞲┺. ⁎Ⰲ ἶ 䀾㟓䞲 ῂṚ㦚 ㍶㩫䞮㡂 Ṗ⓻䞲 䀾㟓㩦㦚 䢫㧎䞮 ₆ 㥚䞲 㔲䠮㦚 㑮䟟䞮ἶ ⿚㍳♲ ἆὒ⯒ ⹪䌫㦒⪲ ㌂ 㧊⻚⽊㞞 㥚䡧㠦 ╖䞲 ╖㦧㦚 Ⱎ⩾䟊㟒 䞲┺. (⁎Ⱂ 1)㦖 ┺㟧㎇⽊䢎Ἒ䐋ὒ ┺⯎ Ἒ䐋ὒ㦮 㭒㣪 䞲 㡆Ἒ ㌂䟃㦚 ⽊㡂㭖┺[4]. 㡂⩂ Ἒ䐋ὒ ┾⹿䟻 ⡦

292

⓪ 㟧⹿䟻㦒⪲ ◆㧊䎆⯒ ㏷㑮㔶 䞮⓪◆, 㧒⿖ ῂṚ㦖 ☛㧦㩗㧎 䐋㔶ⰳ㧊⋮ 㞚⋶⪲⁎ 㔺⺆㍶㦚 ㌂㣿䞮₆ ➢ ⶎ㠦 ⽊㞞㌗ 㡗䟻㧊 Ệ㦮 㠜㰖Ⱒ 㩫⽊㻮ⰂἚ䐋(IPS, Information Processing System)ṯ㦖 㧒⿖ 㔲㓺䎲 ㌂㧊㠦 ❪㰖䎎 ₆⹮㦮 䐋㔶ⰳ㦚 ㌂㣿䞮₆ ➢ⶎ㠦 㔲㓺䎲㦮 䀾㟓㩦㧊 ♶ 㑮 㧞㦒⸖⪲ 䟊╏ ῂṚ㠦㍲ ㌂㧊⻚⽊㞞 㥚䡧㦚 ⿚㍳䟊㟒 䞲┺. ڃ⁎Ⱂٻڌڄٻ┺㟧㎇⽊䢎Ἒ䐋ٻ㭒㣪ٻ㡆Ἒٻ㌂䟃ٻ (⁎Ⱂ 2)⓪ ┺㟧㎇⽊䢎Ἒ䐋㦮 䎢㓺䔎⻶✲ ῂ㎇㦚 ⽊ 㡂㭖┺. 䎢㓺䔎⻶✲⓪ 䎢㓺䔎⻶✲ 䃦゚┱ὒ 㔲⸂⩞㧊 䎆 䃦゚┱㦒⪲ ῂ㎇♶ 㑮 㧞┺. ┺㟧㎇⽊䢎Ἒ䐋㦖 ㎒ ㍲ ◆㧊䎆 㑮㰧ὒ Ὃ㩫㩲㠊 㑮䟟㦚 㥚䟊 ゚㞞㩚 㩲㠊 ₆㧎 FCU(Field Control Unit)⯒ ㌂㣿䞲┺. 䎢㓺䔎⻶✲ 䃦゚┱㠦⓪ MTP(Maintenance and test panel), FCU(Field Control Unit), PDU(Power Distribution Unit), ⁎Ⰲἶ 㩲㠊 ⰳ, 㩫⽊ⰳ㦚 㥚䞲 㓺㥚䂮⪲ ῂ㎇♲┺. 㔲⸂⩞㧊䎆 䃦 ゚┱㦖 䌖 Ἒ䐋 ⹥ 䡚㧻 ㎒㍲㦮 㧛⩻㔶䢎⯒ ⳾㌂䞮₆ 㥚䞲 FCU 㢖 PDU, ⁎Ⰲἶ ⪲ₛὒ 㔲䠮㦚 㥚䞲 㓺㥚 䂮⪲ ῂ㎇♲┺. ڃ⁎Ⱂٻڍڄٻ┺㟧㎇⽊䢎Ἒ䐋ٻ䎢㓺䔎⻶✲ٻῂ㎇㞞ٻ 3. 埪埪檗昷懺笾凊皻 狮檃洖 把昣 䎢㓺䔎⻶✲⯒ 䐋䟊 㡞㌗♮⓪ 䀾㟓㩦㦚 䢫㧎䞮㡂 ┺ 㟧㎇⽊䢎Ἒ䐋㦮 ㌂㧊⻚⽊㞞 㥚䡧㦚 ⿚㍳䞶 㑮 㧞┺. Ⲓ㩖 䎢㓺䔎⻶✲㠦㍲ 㓺㥚䂮 㧻゚㦮 䀾㟓㩦㦚 䢫㧎 䟊㟒 䞲┺. 䎢㓺䔎⻶✲㠦 㩫⽊ⰳὒ 㩲㠊ⰳ㦚 㥚䞲 㓺 㥚䂮㠦 ⽊㞞 ₆⓻㧊 㠜Ệ⋮ ₆⽎㩗㧎 ㍺㩫Ⱒ 㩗㣿♮ 㠊 㧞⓪ ἓ㤆㠦 䀾㟓㩦㧊 ♶ 㑮 㧞┺. 㓺㥚䂮 㧻゚㠦 ╖䟊 MAC 䝢⩂❿(Flooding)㧊⋮ ICMP Ⰲ┺㧊⩟䔎 (Redirect) Ὃỿ㦚 䢫㧎䞲┺. MAC 䝢⩂❿㦮 ἓ㤆㠦 ⼖ 㫆♲ ╖⨟㦮 ARP relay 䕾䌍㦚 ⹲㌳㔲䅲 Ὃỿ ⳿䚲㧎 㩫⽊ⰳ ⡦⓪ 㩲㠊ⰳ 㓺㥚䂮㦮 MAC 䎢㧊な㠦 㡺⻚䝢 ⪲㤆(Overflow) Ὃỿ㦚 㑮䟟䞮㡂 䕾䌍㦚 ṫ㩲⪲ 䝢⩂ ❿(Flooding)䞲┺. 㧊䤚 㓺㥚䂮㦮 Fail Open 㩫㺛㠦 ➆ ⧒ 䠞ぢ(Hub)㢖 ṯ㦖 ⹿㔳㦒⪲ ☯㧧䞮Ợ ♲┺. 㧊 䀾 㟓㩦㦖 ⍺䔎㤢䋂㠦㍲ 㓺┞䞧(Sniffing)㧊 Ṗ⓻䞮Ợ 䞮 㡂 㤊㡗ὒ ὖ⩾䞲 䕾䌍 㩫⽊Ṗ ⏎㿲♶ 㑮 㧞┺. ⡦䞲, ICMP Ⰲ┺㧊⩟䔎⓪ Ὃỿ ⳿䚲 IP 㭒㏢⯒ 䣣✳䞮ἶ 㧊⯒ Ὃỿ㧦㦮 IP 㭒㏢⪲ ⼖㫆♲ ICMP Ⰲ┺㧊⩟䔎 Ⲫ㔲㰖⯒ ぢ⪲✲䃦㓺䔎䞲┺. 㧊 䀾㟓㩦㠦 㦮䟊 ┺⯎ ⍺䔎㤢䋂㦮 㩲㠊₆₆ ㌂㧊㠦 ㏷㑮㔶 ♮⓪ 䕾䌍㧊 ⏎ 㿲♶ 㑮 㧞┺. 㓺㥚䂮 㧻゚ 㧊㣎㠦 ❪㰖䎎 ₆⹮㦮 䐋㔶ⰳ㦚 ㌂㣿 䞮⓪ FCU(TB)㢖 FCU(SIM), MTP 㢖 FCU(TB), ⁎Ⰲἶ MTP 㢖 FCU(SIM) ῂṚ㠦㍲ 䀾㟓㩦㦚 䢫㧎䟊㟒 䞲┺. 㯟, 㩲㠊₆₆㢖 㩲㠊₆₆ Ṛ, ⁎Ⰲἶ 㩲㠊₆₆㢖 MTP ㌂㧊㦮 ◆㧊䎆 ㏷㑮㔶㔲 䟊╏ ῂṚ㠦㍲ ARP 㓺䛎䞧 (Spoofing)ὒ 㓺┞䞧(Sniffing)ὒ ṯ㦖 䀾㟓㩦㦚 䢫㧎䞲 ┺. ARP 㓺䛎䞧㦮 ἓ㤆㠦 Ὃỿ ⳿䚲㧎 FCU ⡦⓪ MTP 㦮 IP 㢖 MAC 㭒㏢⯒ 䕢㞛䞲┺. MAC 㭒㏢Ṗ ⼖㫆♲ ARP relay 䕾䌍㦚 㰖㏣㩗㦒⪲ ⍺䔎㤢䋂㠦 ぢ⪲✲䃦㓺 䔎 䞮Ⳋ Ὃỿ ╖㌗㧊 ♮⓪ FCU ⋮ MTP ⓪ ⼖㫆♲ 㩫⽊⯒ 㧊㣿䞮㡂 ⌊⿖㦮 ARP 䃦㓂⯒ 㠛◆㧊䔎 䞲┺. 㧊䤚 䟊╏ 㩫⽊⓪ Ὃỿ㧦㠦Ợ 㩚㏷♮₆ ➢ⶎ㠦 Ὃỿ ⳿䚲㦮 ㏷㑮㔶 䕾䌍㦚 Ṗ⪲㺚Ệ⋮ 㭧Ṛ㧦(MITM) Ὃ ỿ㦚 䐋䞮㡂 FCU 㩲㠊ⳛ⪏ ❇㧊 ⏎㿲♶ 㑮 㧞┺. ⁎ Ⰲἶ, 㓺┞䞧㦮 ἓ㤆㠦⓪ ⶊ㹾⼚(Promiscuous) ⳾✲ 䢏 㦖 ARP 㓺䛎䞧㧊⋮ MAC 䝢⩂❿㦚 㧊㣿䞮㡂 㓺㥚䂮 㧻゚⯒ 㡺⻚䝢⪲㤆㔲䅲 䕾䌍㦚 ṫ㩲⪲ 䝢⩂❿㔲䌂 㑮 㧞┺. 㧊 䀾㟓㩦㦚 㧊㣿䞮㡂 㩲㠊 ⳛ⪏ ❇ 㭧㣪 㩫⽊ ⯒ 㔋✳䞶 㑮 㧞┺. 4. 冶嵦 㤦㧦⩻ ⹲㩚㏢ Ἒ䁷㩲㠊㔲㓺䎲㦮 ㌂㧊⻚⽊㞞 㥚䡧 㦮 ⿚㍳ὒ ╖㦧㦚 㥚䟊 䎢㓺䔎⻶✲㦮 ῂ㿫㦖 㭧㣪䞮 ┺. ⽎ ⏒ⶎ㠦㍲⓪ ゚㞞㩚Ἒ䐋㧎 ┺㟧㎇⽊䢎Ἒ䐋㠦㍲ 䎢㓺䔎⻶✲㦮 ῂ㎇ὒ 䀾㟓䞲 ῂṚὒ ╖㌗ ⹥ 䀾㟓㩦 䢫㧎㧊 䞚㣪䞲 Ὃỿ㦚 㞢㞚⽊㞮┺. ┺㟧㎇⽊䢎Ἒ䐋㠦 ㍲ ㌂㧊⻚⽊㞞 㥚䡧㠦 ╖㦧䞮₆ 㥚䟊 ⍺䔎㤢䋂 㧻゚ 㠦 ╖䞲 㩧⁒ῢ䞲 ὖⰂ, ㏷㑮㔶 ◆㧊䎆㦮 㞪䢎䢪, 㩫

293

㩗 ARP 䎢㧊な ὖⰂ, 㓺㥚䂮㦮 ☯㧧㌗䌲 䢫㧎, VLAN 㦚 㧊㣿䞲 ⍺䔎㤢䋂 ⿚Ⰲ, 㓺㥚䂮 ⽊㞞 ㍺㩫, ICMP Ⰲ ┺㧊⩟䔎 ₆⓻㦮 ゚䢲㎇䢪 ❇㧊 ㌂㧊⻚⽊㞞 㥚䡧㠦 ╖䞲 ╖㦧 ⹿⻫㧊 ♶ 㑮 㧞┺. 㿪䤚 䂾䒂 㔲䠮 ἆὒ 㢖 䟊╏ ╖㦧 ⹿⻫㦚 ⿚㍳䞮㡂 ┾⹿䟻 䐋㔶ὒ ṯ㦖 ₆⽎㩗㧎 ⽊㞞 ╖㦧 ⹿㞞ὒ 䞾℮ Ἒ䐋㠦 㾲㩗䢪♲ ㍶ ⼚㩗 ㌂㧊⻚⽊㞞 ╖㦧 ⹿㞞㦚 Ⱎ⩾䞮ἶ㧦 䞲┺. 焾 焾処怾竒

[1] Seungmin Kim, Gyunyoung Heo, EnricoZio, Jinsoo Shin, Jae-gu Song, “Cyber attack taxonomy for digital environment in nuclear power plants,” Nuclear Engineering and Technology, Volume 52, Issue 5, pp.995-1001, 2020. [2] 㧊㻶ῢ, ದ 㤦㩚 Ἒ䁷㩲㠊㔲㓺䎲 ㌂㧊⻚⽊㞞 ₆㑶 ☯䟻,ಧ 䞲ῃ㩫⽊⽊䢎䞯䣢, 㩫⽊⽊䢎䞯䣢㰖, 㩲 22 ῢ, 㩲 5 䢎, 2012, pp.28-34. [3] 㤦㧦⩻㞞㩚㥚㤦䣢′䂯 㩲 24 䢎, “㤦㧦⪲㔲㍺ ❇㦮 ₆㑶₆㭖㠦 ὖ䞲 ′䂯,” 2020.

[4] Oh, Y.G., Jeong, J.K., Lee, J.J., Lee, Y.H., Baek, S.M., Lee, S.J., “Fault-tolerant design for advanced diverse protection system,” Nuclear Engineering and Technology, Volume 45, Issue 6, pp.795–802, 2013.

294