Abstract The cyber security of NPPs recently has become a major issue, and a utility in Korea is requested to follow cyber security controls and to perform cyber security risk management based on the regulatory guide RS-015. Since it is difficult to fully implement the controls with limited resources, it is necessary to find which controls are relatively more important than other controls. The aim of this study is to develop a method for quantifying the relative importance of NPP cyber attack probability variables. These variables were investigated, and rearrangement and classification of them was validated by the factor analysis method. The relative importance among the variables was quantified by the AHP method. By applying the relative importance to the regulatory guide, the controls that have higher priority to be implemented were identified. Considering the relatively more important controls, it is expected that the utility can follow cyber security controls efficiently.

中文翻译：

---

基于因子分析和层次分析法的核电厂网络攻击概率变量相对重要性量化方法的开发

摘要 核电厂的网络安全最近成为一个主要问题，要求韩国的公用事业公司遵循网络安全控制并根据监管指南 RS-015 进行网络安全风险管理。由于在资源有限的情况下难以完全实施控制，因此需要找出哪些控制比其他控制相对更重要。本研究的目的是开发一种量化核电厂网络攻击概率变量的相对重要性的方法。对这些变量进行了调查，并通过因子分析方法验证了它们的重排和分类。变量之间的相对重要性通过层次分析法进行量化。通过将相对重要性应用于监管指南，确定了具有更高优先级实施的控制措施。