An Investigation into the Applicability of Biodata, from Health Wearable Devices, to Insider Threat Detection in Nuclear Power Plants

The objective of this study is to investigate the feasibility of predicting and detecting an insider threat by using human biodata, from smart wearable devices. The potential severity of the insider threat has emerged as a key security issue at Nuclear Power Plants (NPPs) as well as other industries. However, the potential insider threat issue is difficult to detect because existing physical protection systems, at an NPP, are designed to identify “outsider” threats. The only system currently in place to identify a person who might pose a threat to the NPP is the initial recruiting and vetting process. Previous nuclear industry studies focused on how to assess the probability of unintentional human errors, not of intentional human error associated with detection of insider threats. These assessments were crude in that they relied on determining a subject’s mental state, through a self- assessment. The self-assessment approach is vulnerable to a subject’s ability to hide their current state-of-mind. None of these studies included the use of human physical data i.e., heart rate, respiration rate, etc. Recently, healthcare wearable smart band technology has made it possible to monitor the physical and mental state of humans. In addition to the technology being increasingly sensitive to monitoring a broader range of physical attributes, the technology has become very popular with people of all ages. From this technical innovation, the question arises. “Can we detect and predict an insider threat by using bio-signals?” To answer this question, we will examine how biodata can be monitored to detect suspicious employee behavior. For example, can monitoring brainwaves, heart rate, respiration rate, galvanic skin conductivity and sweat provide sufficient insights into the mental state of an employee. After selecting the representative signal or signals, this study will perform pilot experiments for verifying the relationship between biodata from a health wearable device and the potential for identifying an insider. This may have direct application to insider threat monitoring and human error monitoring, not only in NPPs, but also in areas demanding high reliability, such as aerospace military and transportation industries.