**1. Introduction**

Nuclear reactors rely on instrumentation and control (I&C) systems to maintain critical primary and secondary processes within desired parameters to ensure safe and efficient operation. Safety-related I&C systems are specifically designed to protect against critical failures that can lead to high consequence events. Designers rely on traditional safety-analyses, such as failure modes and effects analysis and probabilistic risk assessments (PRA), to inform them of specific protections needed in the design of these systems to maintain safe operation and the health and safety of the public.

I&C systems maintain real-time response, high availability, predictability, reliability, and distributed intelligence via a set of interconnected assets and subsystems that perform three main operations: acquisition, control, and supervision. Reactors have historically used analog I&C systems. As modernization occurs in the existing reactor fleet and as new advanced reactors are designed and commissioned, analog systems are replaced with digital I&C (DI&C) systems due to their many advantages, including reliability, efficiency, additional functionality, and data analytics. While DI&C provides enhanced operational capabilities, new risks associated with adverse impacts from cyber incidents are introduced. Whereas nuclear safety is the primary focus of reactor design, cyber risk must now also be considered in any digital-based reactor design. Cyber risk not only includes digital

failures and unintentional cyber incidents, but the possibility that an adversary may try to purposefully disrupt, deter, deny, degrade, or compromise digital systems in such a manner as to place a reactor outside its intended design.

Since the complete set of failure modes for DI&C may never be fully known, and since DI&C can never be completely secured, a robust process is required to address and reduce cyber risk throughout the entire systems engineering lifecycle. Specifically, engineering and design personnel must be fully cognizant of the cyber risks and understand how to protect against intentional and unintentional cyber incidents. Cyber-Informed Engineering (CIE) is an approach in which cyber risks are considered at the earliest design stages and are continually reanalyzed throughout the entire lifecycle. Regardless of reactor design, cyber risk must be eliminated or reduced as much as possible to sustain a safe and secure nuclear industry.

The remainder of this chapter is organized as follows: Section 2 provides a background on nuclear reactor I&C systems, both analog and digital, as well as considerations for use of DI&C in new advanced reactor designs and applications. Section 3 steps through aspects of cyber risk analysis and cyber risk management for nuclear reactors. Section 4 provides an overview of CIE along with detailed descriptions of each CIE principle prior to concluding the chapter in Section 5.
