The nuclear supply chain cyber-attack surface is a large, complex network of interconnected stakeholders and activities. The global economy has widened and deepened the supply chain resulting in larger numbers of geographically dispersed locations and increased difficulty ensuring the authenticity and security of digital assets. Although the nuclear industry has made significant strides in securing facilities from cyber-attacks, the supply chain remains vulnerable. This paper provides further details on each of the elements in the Digital I&C System Supply Chain Cyber-Attack Surface, including supply chain lifecycle activities, key stakeholders, touchpoints, and attack types. Deconstructing this attack surface provides insights into supply chain threats, vulnerabilities, and consequences. These insights will lead to improvements in cybersecurity supply chain risk analysis, development of new cybersecurity supply chain processes and tools, and enhancement of overall supply chain resilience.
Year
2020
Abstract