According to the defense-in-depth concept, not only a preventive strategy but also an integratedcyberattack response strategy for NPPs should be established. However, there are limitations in terms ofresponding to penetrations, and the existing EOPs are insufficient for responding to intentional disruptions. In this study, we focus on manipulative attacks on process data. Based on an analysis of therelated attack vectors and possible attack scenarios, we adopt the Kalman filter to detect processanomalies that can be caused by manipulations of process data. To compensate for these manipulationsand secure MCR operators' situational awareness, we modify the Kalman filter such that it can filter outthe effects of the manipulations adaptively. A case study was conducted using a hardware-in-the-loopsystem. The results indicated that the developed method can be used to verify whether the displayedsafety-related state data are reliable and to implement the required safety response actions.