iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
IEC

IEC TR 63486:2024

(Main)

Nuclear facilities - Instrumentation, control and electrical power systems - Cybersecurity risk management approaches

Nuclear facilities - Instrumentation, control and electrical power systems - Cybersecurity risk management approaches

IEC TR 63486:2024 provides a cybersecurity framework for digital I&C programmable systems [2]. IEC 62645 [1] aligns strongly with the information security management system (ISMS) elements detailed within ISO/IEC 27001:2013 [2]. The ISO/IEC ISMS structure corresponds to the “I&C digital programmable system cybersecurity program” in the context (as defined in 5.2.1 of IEC 62645:2019 [1]).
The scope of this document is to capture the national and international cyber-risk approaches employed to manage cybersecurity risks associated with Instrumentation and Control (I&C) and Electrical Power Systems (EPS) at a Nuclear Power Plant (NPP).
This document summarizes an evaluation of cyber-risk approaches that are in use by nuclear facility operators to manage cybersecurity risks.
The scope of this document generally follows the exclusions of IEC 62645 which are:
- Non-malevolent actions and events such as accidental failures, human errors (except those stated above, such as impacting the performance of cybersecurity controls), and natural events. In particular, good practices for managing applications and data, including backup and restoration related to accidental failure, are out of scope.
This document summarizes key insights of the international and cyber-risk approaches used at NPPs regarding the application of ISO/IEC 27005:2018 [5]. The evaluation is based on 11 challenges to cybersecurity risk management and their applicability to NPP risk management. The challenges are detailed in Clause 7. This document also relates the risk management elements of IEC 62645 and IEC 63096.

General Information

Status
Published
Publication Date
12-Sep-2024
ICS
27.100 - Power stations in general
27.120.20 - Nuclear power plants. Safety
Technical Committee
SC 45A - Instrumentation, control and electrical power systems of nuclear facilities
Current Stage
PPUB - Publication issued
Start Date
19-Jul-2024
Completion Date
13-Sep-2024
Ref Project

Buy Standard

IEC TR 63486:2024 - Nuclear facilities - Instrumentation, control and electrical power systems - Cybersecurity risk management approaches Isbn:9782832293805IEC TR 63486:2024 - Nuclear facilities - Instrumentation, control and electrical power systems - Cybersecurity risk management approaches Isbn:9782832293805
PreviousNext
Technical report
IEC TR 63486:2024 - Nuclear facilities - Instrumentation, control and electrical power systems - Cybersecurity risk management approaches Isbn:9782832293805
English language
160 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


IEC TR 63486 ®
Edition 1.0 2024-09
TECHNICAL
REPORT
colour
inside
Nuclear facilities – Instrumentation, control and electrical power systems –
Cybersecurity risk management approaches
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.
IEC Secretariat Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.
IEC publications search - webstore.iec.ch/advsearchform IEC Products & Services Portal - products.iec.ch
The advanced search enables to find IEC publications by a Discover our powerful search engine and read freely all the
variety of criteria (reference number, text, technical publications previews, graphical symbols and the glossary.
committee, …). It also gives information on projects, replaced With a subscription you will always have access to up to date
and withdrawn publications. content tailored to your needs.
IEC Just Published - webstore.iec.ch/justpublished
Electropedia - www.electropedia.org
Stay up to date on all new IEC publications. Just Published
The world's leading online dictionary on electrotechnology,
details all new publications released. Available online and once
containing more than 22 500 terminological entries in English
a month by email.
and French, with equivalent terms in 25 additional languages.
Also known as the International Electrotechnical Vocabulary
IEC Customer Service Centre - webstore.iec.ch/csc
(IEV) online.
If you wish to give us your feedback on this publication or need
further assistance, please contact the Customer Service
Centre: sales@iec.ch.
IEC TR 63486 ®
Edition 1.0 2024-09
TECHNICAL
REPORT
colour
inside
Nuclear facilities – Instrumentation, control and electrical power systems –
Cybersecurity risk management approaches
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 27.120.20; 27.100 ISBN 978-2-8322-9380-5
– 2 – IEC TR 63486:2024  IEC 2024
CONTENTS
FOREWORD . 13
INTRODUCTION . 15
1 Scope . 17
1.1 General . 17
1.2 Framework . 20
1.3 Limitations . 20
2 Normative references . 20
3 Terms and definitions . 20
4 Abbreviated terms . 25
5 IEC 62645 risk management elements . 27
5.1 General . 27
5.2 Assignment of security degrees in the management of risk . 27
5.3 Safety correlation . 28
6 NPP cyber risk management challenges and analyses . 28
6.1 General . 28
6.2 Challenge 1: Aggregate risk of multiple units / locations. 31
6.3 Challenge 2: Complexity of interdependencies and interactions . 32
6.4 Challenge 3: Incident likelihood determination . 32
6.5 Challenge 4: Unknown or lacking sufficient detail for pre-developed
components . 32
6.6 Challenge 5: Differences in cyber-risk management . 33
6.7 Challenge 6: Lack of abstract analysis methods . 33
6.8 Challenge 7: Uncertainty in vulnerability / Susceptibility analysis . 33
6.9 Challenge 8: Adversary characterization uncertainty . 34
6.10 Challenge 9: Excessive information volume . 34
6.11 Challenge 10: Lack of a common and comprehensive risk management
process . 34
6.12 Challenge 11: Advanced security capabilities incompatibility . 35
7 Cyber-risk approaches versus challenges by ISO/IEC 27005 . 35
7.1 General . 35
7.2 ISO/IEC 27005:2018, 7.1 General considerations . 35
7.2.1 Summary . 35
7.2.2 Applicable challenges . 36
7.2.3 Summary of key approaches . 36
7.2.4 Cross-reference table (Table 4) . 37
7.3 ISO/IEC 27005:2018, 7.2 Basic criteria . 37
7.3.1 Summary . 37
7.3.2 Applicable challenges . 37
7.3.3 Key approaches . 38
7.3.4 Cross-reference table (Table 6) . 40
7.4 ISO/IEC 27005:2018, 7.3 Scope and boundaries . 40
7.4.1 Summary . 40
7.4.2 Applicable challenges . 40
7.4.3 Key approaches . 41
7.4.4 Cross-reference table (Table 8) . 42
7.5 ISO/IEC 27005:2018, 7.4 Organization for information security risk
management . 42

7.5.1 Summary . 42
7.5.2 Applicable challenges . 42
7.5.3 Key approaches . 43
7.5.4 Cross-reference table (Table 10) . 43
7.6 ISO/IEC 27005:2018, 8.1 General description of information security risk

assessment. 44
7.6.1 Summary . 44
7.6.2 Applicable challenges . 44
7.6.3 Key approaches . 44
7.6.4 Cross-reference table (Table 12) . 45
7.7 ISO/IEC 27005:2018, 8.2 Risk identification . 45
7.7.1 Summary . 45
7.7.2 Applicable challenges . 46
7.7.3 Key approaches . 46
7.7.4 Cross-reference table (Table 14) . 48
7.8 ISO/IEC 27005:2018, 8.3 Risk analysis . 48
7.8.1 Summary . 48
7.8.2 Applicable challenges . 49
7.8.3 Key approaches . 49
7.8.4 Cross-reference table (Table 16) . 51
7.9 ISO/IEC 27005:2018, 8.4 Risk evaluation . 51
7.9.1 Summary . 51
7.9.2 Applicable challenges . 51
7.9.3 Key approaches . 52
7.9.4 Cross-reference table (Table 18) . 53
7.10 ISO/IEC 27005:2018, 9.1 General description of risk treatment . 54
7.10.1 Summary . 54
7.10.2 Applicable challenges . 54
7.10.3 Key approaches . 54
7.10.4 Cross-reference table (Table 20) . 55
7.11 ISO/IEC 27005:2018, 9.2 Risk modification . 55
7.11.1 Summary . 55
7.11.2 Applicable challenges . 56
7.11.3 Key approaches . 56
7.11.4 Cross-reference table (Table 22) . 57
7.12 ISO/IEC 27005:2018, 9.3 Risk retention . 58
7.12.1 Summary . 58
7.12.2 Applicable challenges . 58
7.12.3 Key approaches . 58
7.12.4 Cross-reference table (Table 23) . 59
7.13 ISO/IEC 27005:2018, 9.4 Risk avoidance . 59
7.13.1 Summary . 59
7.13.2 Applicable challenges . 59
7.13.3 Key approaches . 60
7.13.4 Cross-reference table (Table 25) . 60
7.14 ISO/IEC 27005:2018, 9.5 Risk sharing . 60
7.14.1 Summary . 60
7.14.2 Applicable challenges . 60
7.14.3 Key approaches . 61

– 4 – IEC TR 63486:2024  IEC 2024
7.14.4 Cross-reference table (Table 27) . 61
7.15 ISO/IEC 27005:2018, Clause 10 Information security risk acceptance . 61
7.15.1 Summary . 61
7.15.2 Applicable challenges . 62
7.15.3 Key approaches
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

IEC
IEC TS 63331:2024(Main)
Electric dishwashers for household use - Methods for measuring the microbiological efficacy of the dishwashing process

IEC TS 63331:2024 applies to electric dishwashers for household and similar use that are supplied with hot and/or cold water.
This document deals with measurement procedures regarding the reduction of microbial contamination resulting from the use of electric dishwashers for household and similar use.
This document specifies methods that enable reproducible measurements. These derived measurement results can only be used for a relative statement. Absolute statements, i.e. health-related claims or conclusions about prevention or treatment of a disease or health improvement, are reserved for explicit regulatory action after a medical assessment.
This document does not apply to appliances intended to be used in medical, veterinary, or pharmaceutical applications.
This document does not address sanitization, disinfection or sterilization measures.
The dishwashing process is a complex operation consisting of cleaning dish items and cleaning the dishwasher itself. This document only focusses on the dish items to be cleaned.

  • Technical specification
    32 pages
    English language
    sale 15% off
IEC
IEC TR 63484:2024(Main)
Guidance on fungus resistance of optical fibre cables

IEC TR 63484:2024 information about fungal growth on the outer sheath of optical fibre cables and on the inner components of the cable. It also provides guidance for specifying fungus resistance performance of optical cable outer sheath and internal cable components, including recommendations for fungus resistance test method as well as evaluation after test.
This document applies to optical fibre cables for use with telecommunication equipment and devices employing similar techniques, and to hybrid telecommunication cables having a combination of both optical fibres and electrical conductors.
Since conditions suitable for fungal growth include high relative humidity and a warm atmosphere, the document is applicable to optical cables intended for transportation, storage and use under such environment over certain period, for instance, some days at least.

  • Technical report
    15 pages
    English language
    sale 15% off
IEC
IEC 63145-22-20:2024/COR1:2024(Corrigendum)
Corrigendum 1 - Eyewear display - Part 22-20: Specific measurement methods for AR type - Image quality

IEC 63145-22-20:2024 specifies the standard measuring conditions and measurement methods for determining the image quality of augmented reality (AR) type eyewear displays. This document applies to see-through type (AR glasses) eyewear displays using virtual image optics.
See-through type displays (VR glasses), contact lens-type displays, and retina direct projection displays are out of the scope of this document.

  • Standard
    1 page
    English language
    sale 15% off
IEC
IEC 61196-1-113:2024(Main)
Coaxial communication cables - Part 1-113: Electrical test methods - Test for attenuation constant

IEC 61196-1-113:2024 applies to coaxial communications cables. It specifies a test method for determining the attenuation constant of coaxial cables for use in communications systems. The test is applicable preferably at frequencies ≥5 MHz but also for lower frequencies if the magnitude of the complex characteristic impedance is approximately equal to the nominal characteristic impedance of the test sample (TS) or if a form fitting function is applied.
This third edition cancels and replaces the second edition published in 2018. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) add Clause 3 "Terms and definitions";
b) add Clause 4 "Test environment";
c) add Clause 5 "Preconditioning";
d) add Subclause 7.1 "General";
e) add detail test methods including 7.2 "long cable methods" and 7.3 "double-cable method";
f) add "Annex A Stability of attenuation constant at different temperatures";
g) add "Annex B Test examples of stability of attenuation constants at different temperature".

  • Standard
    16 pages
    English language
    sale 15% off
IEC
IEC TS 62271-319:2024(Main)
High-voltage switchgear and controlgear – Part 319: Alternating current circuit-breakers intended for controlled switching

IEC TS 62271-319:2024 is applicable to alternating current circuit-breakers with intentional non-simultaneous pole operation designed for indoor or outdoor installations and for operation at frequencies of 50 Hz and 60 Hz on systems having voltages above 1 000 V. This document provides additional ratings and type tests to be conducted for this type of circuit-breaker and is intended to be used in conjunction with IEC 62271‑100:2021. Intentional non-simultaneous pole operation can be implemented by mechanical or electrical means and both methods are within the scope of this document.

  • Technical specification
    75 pages
    English language
    sale 15% off
IEC
IEC 60308:2024(Main)
Hydraulic turbines - Testing of governing systems

IEC 60308:2024 deals with the definition and the characteristics of control systems. It is not limited to the actual controller tasks but also includes other tasks which may be assigned to a control system, such as sequence control tasks, safety and provision for the actuating energy. The following systems are included, speed, power, opening, water level and flow control for all turbine types; electronic, electrical and fluid power devices; safety devices as well as start-up and shutdown devices. The significant technical changes introduced by the third edition are the adoption of parts of IEC 61362:2024 which deal with test matters and the introduction of new technical aspects.

  • Standard
    160 pages
    English and French language
    sale 15% off
IEC
IEC 60335-2-83:2024(Main)
Household and similar electrical appliances - Safety - Part 2-83: Particular requirements for heated gullies for roof drainage

IEC 60335-2-83:2024 deals with the safety of electrically heated gullies for de-icing the inlet of the drainage system of flat roofs, balconies, and similar structures, their rated voltage being not more than 250 V including direct current (DC) supplied appliances and battery-operated appliances. As far as is practicable, this standard deals with the common hazards presented by appliances which are encountered by all persons in and around the home.
However, in general, it does not take into account
- persons (including children) whose physical, sensory or mental capabilities; or lack of experience and knowledge prevents them from using the appliance safely without supervision or instruction;
- children playing with the appliance.
Attention is drawn to the fact that in many countries additional requirements are specified by the national health authorities, the national authorities responsible for the protection of labour and similar authorities.
This standard does not apply to appliances intended to be used in locations where special conditions prevail, such as the presence of a corrosive or explosive atmosphere (dust, vapour or gas).
This second edition cancels and replaces the first edition published in 2001 and Amendment 1:2008. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) alignment with IEC 60335-1:2020;
b) removal of test probe 18 (8.1.1, 20.2, B.22.3, B.22.4).
This part 2 is to be used in conjunction with the latest edition of IEC 60335-1 and its amendments unless that edition precludes it; in that case, the latest edition that does not preclude it is used. It was established on the basis of the sixth edition (2020) of that standard.

  • Standard
    45 pages
    English language
    sale 15% off
  • Standard
    241 pages
    English language
    sale 15% off
  • Standard
    30 pages
    English and French language
    sale 15% off
IEC
IEC 60704-2-15:2024(Main)
Household and similar electrical appliances - Test code for the determination of airborne acoustical noise - Part 2-15: Particular requirements for household food waste disposers

IEC 60704-2-15:2024 applies to single unit electric food waste disposers for household use, with or without automatic program control, for cold water supply, for permanent connection to water supply and sewage systems, intended for connection to the kitchen sink drain and contained within a kitchen cabinet enclosure. Food waste disposers for restaurants, hotels and industry purposes are excluded. This first edition cancels and replaces the first edition of IEC/PAS 60704-2-15, published in 2008. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to IEC/PAS 60704 2-15:2008:
a) measurement uncertainty and standard deviations have been reviewed;
b) definitions of standard test programme and standard test load have been reviewed;
c) definition of the test enclosure has been reviewed;
d) additional microphone position for test in free field environment;
e) information to be reported has been reviewed;
f) aligned to IEC 60704-1:2021.
This Part 2-15 is intended to be used in conjunction with the fourth edition of IEC 60704-1:2021, Household and similar electrical appliances - Test code for the determination of airborne acoustical noise - Part 1: General requirements.

  • Standard
    18 pages
    English language
    sale 15% off
  • Standard
    53 pages
    English language
    sale 15% off
IEC
IEC TS 62271-318:2024(Main)
High-voltage switchgear and controlgear - Part 318: DC gas-insulated metal-enclosed switchgear for rated voltages including and above 100 kV

IEC TS 62271-318:2024 specifies requirements for gas-insulated metal-enclosed switchgear in which the insulation is obtained, at least partly, by an insulating gas or gas mixture other than air at atmospheric pressure, for direct current of rated voltages including and above 100 kV, for indoor and outdoor installation. This document includes rules for service conditions, ratings, design, and construction requirements. Test requirements and criteria for proof for passing type and routine tests are defined in this document for development and manufacturing of DC switchgear. For the purpose of this document, the terms "DC GIS" and "DC switchgear" are used for "DC gas-insulated metal-enclosed switchgear". This specification is applicable for both Line Commutated Converter (LCC) and Voltage Sourced Converter (VSC) for HVDC systems. The DC gas-insulated metal-enclosed switchgear covered by this document consists of individual components intended to be directly connected together and able to operate only in this manner. This document completes and amends, if applicable, the various relevant documents applying to the individual components constituting DC gas-insulated metal-enclosed switchgear.

  • Technical specification
    86 pages
    English language
    sale 15% off
  • Technical specification
    290 pages
    English language
    sale 15% off
IEC
IEC 62471-7:2023/COR2:2024(Corrigendum)
Corrigendum 2 - Photobiological safety of lamps and lamp systems - Part 7: Light sources and luminaires primarily emitting visible radiation

IEC 62471-7:2023 specifies an assessment of the photobiological safety of electrical light sources and luminaires in normal use as well as some basic product requirements. It applies to electrical light sources and luminaires that emit radiation predominantly in the visible spectral range (380 nm to 780 nm) and are used to illuminate spaces or objects or used for signalling.
The contents of the corrigendum of June 2023 have been included in this copy.

  • Standard
    2 pages
    English and French language
    sale 15% off