Analysis and Study of Intelligent Testbed for Safeguarding Nuclear and Defense Industry from AI-Enabled Cyberattacks

Using traditional (probabilistic) methods to analyse the safety risks of severe accidents in non-digital systems, structures, and components at nuclear power plants or the defence sector is a well-established practice. However, when assessing the cyber risks associated with digital assets, this field is still in its early stages and lacks proven techniques. At this point, the threat landscape in the digital palatinate is constantly changing, and digital assets can fail unexpectedly. As nuclear, defence and security sectors incorporate digital instrumentation and control systems, developing effective and efficient techniques for analysing cyber risks becomes more crucial. These techniques are needed to make informed decisions about managing risks, whether by redesigning systems to eliminate or implementing security measures to mitigate them. To gain insight into the current state of cyber risk analysis, we analysed several publications spanning several application domains and the UK government reports. Our survey framework evaluated each technique based on its scope, scalability, feasibility, complexity, and capability. We also considered the specific challenges faced by the nuclear, defence and other security industries and assessed how well these cyber risk analysis techniques could be applied. Our analysis highlights the strengths and weaknesses of these techniques within the industry, and we identify gaps in the current approaches. Furthermore, we search into the difficulties and potential paths for future research in advancing the science of cyber risk analysis. This discussion encompasses the existing nuclear and defence reactor technologies and the potential directions for new advanced reactors.