From Water Plants to Nuclear Reactors: Mapping SCADA Vulnerabilities in Small Modular Energy Systems

Abstract

Supervisory Control and Data Acquisition (SCADA) systems are responsible for helping to manage a
large portion of the industrial process, which keeps the economy running. In Small Modular Reactors (SMRs),
SCADA helps with monitoring reactor conditions but is responsible for the careful variable control, which keeps
reactors running optimally. Due to the far-reaching benefits of SCADA involvement, when there is a SCADA
related attack, the consequences are also far-reaching. SMRs rely even more heavily on interconnected digital
systems, meaning similar attacks could destabilize reactors, shut down industrial sites, or disrupt critical
facilities such as refineries and military bases. This paper takes a closer look at SCADA vulnerabilities in the
context of SMRs. Through analysis of the National Vulnerability Database, we compiled likely attacks on SMRs
and evaluated them for threat severity and likelihood. Using trend analysis, topic modelling, and economic
impact assessment, we show how these weaknesses could affect energy infrastructure and, more importantly,
the many industries that rely upon it. Our findings underline the urgent need to strengthen the infrastructure
defences, specifically in the realm of small modular nuclear reactors.