{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,11]],"date-time":"2026-07-11T10:35:11Z","timestamp":1783766111500,"version":"3.55.0"},"reference-count":60,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2025,10,1]],"date-time":"2025-10-01T00:00:00Z","timestamp":1759276800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["www.mdpi.com"],"crossmark-restriction":true},"short-container-title":["JCP"],"abstract":"<jats:p>Cybersecurity management plays a key role in preserving the operational security of nuclear power plants (NPPs), ensuring service continuity and system resilience. The growing number of sophisticated cyber-attacks against NPPs requires cybersecurity experts to detect, analyze, and defend systems and data from cyber threats in near real time. However, managing a large numbers of attacks in a timely manner is impossible without the support of Artificial Intelligence (AI). This study recognizes the need for a structured and in-depth analysis of the literature in the context of NPPs, referring to the role of AI technology in supporting cyber risk assessment processes. For this reason, a systematic literature review (SLR) is adopted to address the following areas of analysis: (i) critical assets to be preserved from cyber-attacks through AI, (ii) security vulnerabilities and cyber threats managed using AI, (iii) cyber risks and business impacts that can be assessed by AI, and (iv) AI-based security countermeasures to mitigate cyber risks. The SLR procedure follows a macro-step approach that includes review planning, search execution and document selection, and document analysis and results reporting, with the aim of providing an overview of the key dimensions of AI-based cybersecurity in NPPs. The structured analysis of the literature allows for the creation of an original tabular outline of emerging evidence (in the fields of critical assets, security vulnerabilities and cyber threats, cyber risks and business impacts, and AI-based security countermeasures) that can help guide AI-based cybersecurity management in NPPs and future research directions. From an academic perspective, this study lays the foundation for understanding and consciously addressing cybersecurity challenges through the support of AI; from a practical perspective, it aims to assist managers, practitioners, and policymakers in making more informed decisions to improve the resilience of digital infrastructure.<\/jats:p>","DOI":"10.3390\/jcp5040079","type":"journal-article","created":{"date-parts":[[2025,10,1]],"date-time":"2025-10-01T11:06:02Z","timestamp":1759316762000},"page":"79","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["A Systematic Literature Review on AI-Based Cybersecurity in Nuclear Power Plants"],"prefix":"10.3390","volume":"5","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3526-8421","authenticated-orcid":false,"given":"Marianna","family":"Lezzi","sequence":"first","affiliation":[{"name":"Dipartimento di Ingegneria dell\u2019Innovazione, Campus Ecotekne, Universit\u00e0 del Salento, Via per Monteroni, s.n., 73100 Lecce, Italy"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7417-2898","authenticated-orcid":false,"given":"Luigi","family":"Martino","sequence":"additional","affiliation":[{"name":"College of Computing and Mathematical Sciences, Khalifa University, Center for Cyber-Physical Systems (C2PS), Abu Dhabi P.O. Box 127788, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ernesto","family":"Damiani","sequence":"additional","affiliation":[{"name":"College of Computing and Mathematical Sciences, Khalifa University, Center for Cyber-Physical Systems (C2PS), Abu Dhabi P.O. Box 127788, United Arab Emirates"},{"name":"Dipartimento di Informatica, Universit\u00e0 degli Studi di Milano, Via Giovanni Celoria 18, 20133 Milano, Italy"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1398-952X","authenticated-orcid":false,"given":"Chan Yeob","family":"Yeun","sequence":"additional","affiliation":[{"name":"Department of Electrical Engineering and Computer Science, Khalifa University, Abu Dhabi P.O. Box 127788, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2025,10,1]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"100453","DOI":"10.1016\/j.ijcip.2021.100453","article-title":"Cybersecurity Assessment Framework for Digital Interface Between Safety and Security at Nuclear Power Plants","volume":"34","author":"Piqueira","year":"2021","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"488","DOI":"10.1080\/00295450.2022.2092356","article-title":"Overview and Recommendations for Cyber Risk Assessment in Nuclear Power Plants","volume":"209","author":"Zhang","year":"2023","journal-title":"Nucl. Technol."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"104738","DOI":"10.1016\/j.pnucene.2023.104738","article-title":"Cyber security in the nuclear industry: A closer look at digital control systems, networks and human factors","volume":"161","author":"Ayodeji","year":"2023","journal-title":"Prog. Nucl. Energy"},{"key":"ref_4","unstructured":"Institute for Security and Safety (2025, May 15). Cyber Security at Nuclear Facilities: National Approaches. Available online: https:\/\/www.nti.org\/wp-content\/uploads\/2015\/06\/Cyber_Security_in_Nuclear_FINAL_UZNMggd.pdf."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Yastrebenetsky, M.A., and Kharchenko, V.S. (2020). Cyber Security Assessment of NPP I&C Systems. Advances in Information Security, Privacy, and Ethics, IGI Global.","DOI":"10.4018\/978-1-7998-3277-5.ch001"},{"key":"ref_6","first-page":"1478","article-title":"Cyber Threat Intelligence for Improving Cybersecurity and Risk Management in Critical Infrastructure","volume":"25","author":"Kure","year":"2019","journal-title":"J. Univ. Comput. Sci."},{"key":"ref_7","unstructured":"International Atomic Energy Agency (2025, May 13). Computer Security for Nuclear Security. Available online: https:\/\/www.iaea.org\/publications\/13629\/computer-security-for-nuclear-security."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"109293","DOI":"10.1016\/j.anucene.2022.109293","article-title":"Machine learning for analysis of real nuclear plant data in the frequency domain","volume":"177","author":"Kollias","year":"2022","journal-title":"Ann. Nucl. Energy"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"100523","DOI":"10.1016\/j.ijcip.2022.100523","article-title":"Estimating the frequency of cyber threats to nuclear power plants based on operating experience analysis","volume":"37","author":"Han","year":"2022","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"2034","DOI":"10.1016\/j.net.2023.03.023","article-title":"Development of the framework for quantitative cyber risk assessment in nuclear facilities","volume":"55","author":"Son","year":"2023","journal-title":"Nucl. Eng. Technol."},{"key":"ref_11","unstructured":"U.S. Nuclear Regulatory Commission (2025, May 13). Cybersecurity Programs for Nuclear Power Reactors., Available online: https:\/\/www.nrc.gov\/docs\/ML2225\/ML22258A204.pdf."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Kim, J.-H., Choi, Y.-S., and Na, J.-C. (2018, January 8\u201310). Cybersecurity Vulnerability Scanner for Digital Nuclear Power Plant Instrumentation and Control Systems. Proceedings of the 2018 2nd International Conference on Computer Science and Artificial Intelligence, Shenzhen China.","DOI":"10.1145\/3297156.3297211"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"15241","DOI":"10.1007\/s00521-022-06959-2","article-title":"An integrated cyber security risk management framework and risk predication for the critical infrastructure protection","volume":"34","author":"Kure","year":"2022","journal-title":"Neural Comput. Appl."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"101804","DOI":"10.1016\/j.inffus.2023.101804","article-title":"Artificial intelligence for cybersecurity: Literature review and future research directions","volume":"97","author":"Kaur","year":"2023","journal-title":"Inf. Fusion"},{"key":"ref_15","unstructured":"Sajedul, T., Syed, A., and Kumar, B.P. (2025, June 30). Developing an AI-Powered Zero-Trust Cybersecurity Framework for Malware Prevention in Nuclear Power Plants, Available online: https:\/\/www.osti.gov\/biblio\/2367312."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"2377","DOI":"10.1007\/s10207-024-00841-z","article-title":"Anomaly detection for early ransomware and spyware warning in nuclear power plant systems based on FusionGuard","volume":"23","author":"Almoqbil","year":"2024","journal-title":"Int. J. Inf. Secur."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Rustam, F., Ranaweera, P., and Jurcut, A.D. (2024, January 9\u201313). AI on the Defensive and Offensive: Securing Multi-Environment Networks from AI Agents. Proceedings of the ICC 2024\u2014IEEE International Conference on Communications, Denver, CO, USA.","DOI":"10.1109\/ICC51166.2024.10622943"},{"key":"ref_18","first-page":"489","article-title":"Malicious Traffic Detection in IoT and Local Networks Using Stacked Ensemble Classifier","volume":"71","author":"Petinrin","year":"2022","journal-title":"Comput. Mater. Contin."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"803","DOI":"10.3390\/signals2040046","article-title":"CS Measures for Nuclear Power Plant Protection: A Systematic Literature Review","volume":"2","author":"Chowdhury","year":"2021","journal-title":"Signals"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"15229","DOI":"10.1109\/ACCESS.2023.3244991","article-title":"Cyber Security Controls in Nuclear Power Plant by Technical Assessment Methodology","volume":"11","author":"Jung","year":"2023","journal-title":"IEEE Access"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"108270","DOI":"10.1016\/j.ress.2021.108270","article-title":"Hybrid ontology for safety, security, and dependability risk assessments and Security Threat Analysis (STA) method for industrial control systems","volume":"220","author":"Alanen","year":"2022","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_22","unstructured":"Bryman, A., and Bell, E. (2011). Business Research Methods, Oxford University Press. [3rd ed.]."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"103614","DOI":"10.1016\/j.compind.2022.103614","article-title":"Cybersecurity awareness in the context of the Industrial Internet of Things: A systematic literature review","volume":"137","author":"Corallo","year":"2022","journal-title":"Comput. Ind."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"n71","DOI":"10.1136\/bmj.n71","article-title":"The PRISMA 2020 statement: An updated guideline for reporting systematic reviews","volume":"372","author":"Page","year":"2021","journal-title":"BMJ"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Pranckut\u0117, R. (2021). Web of Science (WoS) and Scopus: The Titans of Bibliographic Information in Today\u2019s Academic World. Publications, 9.","DOI":"10.3390\/publications9010012"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1016\/j.compind.2018.09.004","article-title":"Cybersecurity for Industry 4.0 in the current literature: A reference framework","volume":"103","author":"Lezzi","year":"2018","journal-title":"Comput. Ind."},{"key":"ref_27","unstructured":"IBM (2025, June 03). AI Versus Machine Learning Versus Deep Learning Versus Neural Networks: What\u2019s the Difference?. Available online: https:\/\/www.ibm.com\/think\/topics\/ai-vs-machine-learning-vs-deep-learning-vs-neural-networks."},{"key":"ref_28","unstructured":"Pfleeger, C.P., Pfleeger, S.L., and Margulies, J. (2015). Security in Computing, Prentice Hall. [5th ed.]."},{"key":"ref_29","unstructured":"NIST (2025, June 20). Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, Available online: https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-161r1.pdf."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Jharko, E., Promyslov, V., and Iskhakov, A. (2019, January 8\u201314). Extending Functionality of Early Fault Diagnostic System for Online Security Assessment of Nuclear Power Plant. Proceedings of the 2019 International Russian Automation Conference (RusAutoCon), Sochi, Russia.","DOI":"10.1109\/RUSAUTOCON.2019.8867790"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"4267","DOI":"10.1007\/s11227-018-2440-4","article-title":"An effective security measures for nuclear power plant using big data analysis approach","volume":"75","author":"Lee","year":"2019","journal-title":"J. Supercomput."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"138","DOI":"10.1016\/j.net.2018.09.009","article-title":"Probabilistic safety assessment-based importance analysis of cyber-attacks on nuclear power plants","volume":"51","author":"Park","year":"2019","journal-title":"Nucl. Eng. Technol."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Si, W., Li, J., Qu, R., and Huang, X. (2020). Anomaly Detection for Network Traffic of I&C Systems Based on Neural Network. Volume 3: Student Paper Competition; Thermal-Hydraulics; Verification and Validation, American Society of Mechanical Engineers.","DOI":"10.1115\/ICONE2020-16900"},{"key":"ref_34","unstructured":"Si, W., Li, J., and Huang, X. (2019, January 9\u201314). One-class Anomaly Detection for Instrumentation and Control Systems based on Replicator Neural Networks. Proceedings of the 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, Orlando, FL, USA."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"108748","DOI":"10.1016\/j.anucene.2021.108748","article-title":"Evaluating attractiveness of cyberattack path using resistance concept and page-rank algorithm","volume":"166","author":"Chae","year":"2022","journal-title":"Ann. Nucl. Energy"},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"113277","DOI":"10.1016\/j.nucengdes.2024.113277","article-title":"Wavy-attention network for real-time cyber-attack detection in a small modular pressurized water reactor digital control system","volume":"424","author":"Ayodeji","year":"2024","journal-title":"Nucl. Eng. Des."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Jharko, E., Meshcheryakov, R., and Promyslov, V. (2021, January 13\u201315). Aspects of Nuclear Power Plant Digital Decommissioning. Proceedings of the 2021 International Siberian Conference on Control and Communications (SIBCON), Kazan, Russia.","DOI":"10.1109\/SIBCON50419.2021.9438885"},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"162","DOI":"10.1080\/00295639.2024.2372520","article-title":"Self-Healing Control of Nuclear Power Plants Under False Data Injection Attacks","volume":"199","author":"Yoo","year":"2024","journal-title":"Nucl. Sci. Eng."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Chaudhary, A., Han, J., Kim, S., Kim, A., and Choi, S. (2024). Anomaly Detection and Analysis in Nuclear Power Plants. Electronics, 13.","DOI":"10.3390\/electronics13224428"},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"666","DOI":"10.3390\/iot5040030","article-title":"A Survey of Artificial Intelligence Applications in Nuclear Power Plants","volume":"5","author":"Jendoubi","year":"2024","journal-title":"IoT"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"57","DOI":"10.1109\/MELE.2024.3473329","article-title":"Digital Substations: Cyberattack detection system for small modular reactor-based power plants","volume":"12","author":"Salehpour","year":"2024","journal-title":"IEEE Electrific. Mag."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"2687","DOI":"10.1016\/j.net.2020.05.012","article-title":"A new perspective towards the development of robust data-driven intrusion detection for industrial control systems","volume":"52","author":"Ayodeji","year":"2020","journal-title":"Nucl. Eng. Technol."},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"111643","DOI":"10.1016\/j.anucene.2025.111643","article-title":"Advancements and challenges of machine learning and deep learning in autonomous control of nuclear reactors","volume":"223","author":"Hsieh","year":"2025","journal-title":"Ann. Nucl. Energy"},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"104960","DOI":"10.1016\/j.pnucene.2023.104960","article-title":"Cyber threat assessment of machine learning driven autonomous control systems of nuclear power plants","volume":"166","author":"Yockey","year":"2023","journal-title":"Prog. Nucl. Energy"},{"key":"ref_45","unstructured":"Lou, X., Guo, Y., Gao, Y., Waedt, K., and Parekh, M. (2019, January 23\u201326). An idea of using Digital Twin to perform the functional safety and cybersecurity analysis. Proceedings of the Standardization of Industry 4.0 Automation and Control Systems, Kassel, Germany."},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Lou, X., Waedt, K., Gao, Y., Zid, I.B., and Watson, V. (2018, January 28\u201330). Combining Artificial Intelligence planning advantages to assist preliminary formal analysis on Industrial Control System cybersecurity vulnerabilities. Proceedings of the 2018 10th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), Iasi, Romania.","DOI":"10.1109\/ECAI.2018.8678949"},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Thiyagarajan, K., and Hammad, I. (2024, January 28\u201329). Anomaly Detection in Air-Gapped Industrial Control Systems of Nuclear Power Plants. Proceedings of the 2024 Cyber Awareness and Research Symposium (CARS), Grand Forks, ND, USA.","DOI":"10.1109\/CARS61786.2024.10778886"},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"100493","DOI":"10.1016\/j.ijcip.2021.100493","article-title":"Bayesian games for the cybersecurity of nuclear power plants","volume":"37","author":"Maccarone","year":"2022","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Lee, S., Huh, J.-H., and Kim, Y. (2020). Python TensorFlow Big Data Analysis for the Security of Korean Nuclear Power Plants. Electronics, 9.","DOI":"10.3390\/electronics9091467"},{"key":"ref_50","unstructured":"International Atomic Energy Agency (2025, May 20). Computer Security at Nuclear Facilities. Available online: https:\/\/www.iaea.org\/publications\/8691\/computer-security-at-nuclear-facilities."},{"key":"ref_51","unstructured":"Defense Science Board (2025, May 25). Resilient Military Systems and the Advanced Cyber Threat. Available online: https:\/\/apps.dtic.mil\/sti\/pdfs\/ADA569975.pdf."},{"key":"ref_52","unstructured":"Intel Corporation (2025, May 22). Threat Agent Library Helps Identify Information Security Risks. Available online: https:\/\/www.researchgate.net\/profile\/Timothy-Casey\/publication\/324091298_Threat_Agent_Library_Helps_Identify_Information_Security_Risks\/links\/5abd353445851584fa6fb597\/Threat-Agent-Library-Helps-Identify-Information-Security-Risks.pdf."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"103165","DOI":"10.1016\/j.compind.2019.103165","article-title":"Cybersecurity in the context of industry 4.0: A structured classification of critical assets and business impacts","volume":"114","author":"Corallo","year":"2020","journal-title":"Comput. Ind."},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"977","DOI":"10.1080\/00295639.2021.1897731","article-title":"Validation of Covert Cognizance Active Defenses","volume":"195","author":"Sundaram","year":"2021","journal-title":"Nucl. Sci. Eng."},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"80218","DOI":"10.1109\/ACCESS.2023.3300381","article-title":"From ChatGPT to ThreatGPT: Impact of Generative AI in Cybersecurity and Privacy","volume":"11","author":"Gupta","year":"2023","journal-title":"IEEE Access"},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1007\/s10462-024-10805-3","article-title":"A review of digital twins and their application in cybersecurity based on artificial intelligence","volume":"57","author":"Homaei","year":"2024","journal-title":"Artif. Intell. Rev."},{"key":"ref_57","doi-asserted-by":"crossref","unstructured":"Mishra, B.K. (2024). Integration of AI and Quantum Computing in Cyber Security. Advances in Mechatronics and Mechanical Engineering, IGI Global.","DOI":"10.4018\/979-8-3693-7076-6"},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"142194","DOI":"10.1109\/ACCESS.2024.3463976","article-title":"AICyber-Chain: Combining AI and Blockchain for Improved Cybersecurity","volume":"12","author":"Ullah","year":"2024","journal-title":"IEEE Access"},{"key":"ref_59","doi-asserted-by":"crossref","first-page":"3745","DOI":"10.1109\/TEM.2021.3084687","article-title":"Cybersecurity Challenges for Manufacturing Systems 4.0: Assessment of the Business Impact Level","volume":"70","author":"Corallo","year":"2022","journal-title":"IEEE Trans. Eng. Manag."},{"key":"ref_60","unstructured":"Joint Task Force Transformation Initiative (2012). Guide for Conducting Risk Assessments, National Institute of Standards and Technology. NIST SP 800-30r1."}],"container-title":["Journal of Cybersecurity and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2624-800X\/5\/4\/79\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,1]],"date-time":"2025-10-01T11:29:53Z","timestamp":1759318193000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2624-800X\/5\/4\/79"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,10,1]]},"references-count":60,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2025,12]]}},"alternative-id":["jcp5040079"],"URL":"https:\/\/doi.org\/10.3390\/jcp5040079","relation":{},"ISSN":["2624-800X"],"issn-type":[{"value":"2624-800X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,10,1]]}}}