A great 22 minute presentation by Ralph Langner of The Langner Group at S4x16. He provides some very specific examples of a cyber / physical attack on nuclear power plants. For example, a cyber attack on all of the feedwater systems.
What is the key to this type of attack? Studying the design plans, particularly around the last line of defense … the safety systems. Safety systems have not considered malicious cyber attacks, which makes much of the analysis and protection ineffective. He shows how the safety analysis is faulty in the feedwater system example.
Ralph then goes through a three step process that both an attacker and defender should use.