Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements

IEC 62645:2019 establishes requirements and provides guidance for the development and management of effective computer security programmes for I&C programmable digital systems. Inherent to these requirements and guidance is the criterion that the power plant I&C programmable digital system security programme complies with the applicable country’s requirements.
This document defines adequate measures for the prevention of, detection of and reaction to malicious acts by digital means (cyberattacks) on I&C programmable digital systems. This includes any unsafe situation, equipment damage or plant performance degradation.
This second edition cancels and replaces the first edition published in 2014. This edition includes the following significant technical changes with respect to the previous edition:
a) to align the standard with the new revisions of ISO/IEC 27001;
b) to review the existing requirements and to update the terminology and definitions;
c) to take account of, as far as possible, requirements associated with standards published since the first edition;
d) to take into account the fact that cybersecurity techniques, but also national practices evolve.

Centrales nucléaires de puissance - Systèmes d'instrumentation, de contrôle-commande et d'alimentation électrique - Exigences relatives à la cybersécurité

L’IEC 62645:2019 établit des exigences et fournit des recommandations pour le développement et la gestion des programmes de sécurité informatique des systèmes numériques programmables d’I&C. Le critère de conformité du programme de sécurité des systèmes numériques programmables d’I&C de la centrale nucléaire aux exigences nationales applicables est inhérent aux exigences et recommandations du présent document.
Le présent document définit les mesures adéquates pour ce qui concerne la prévention, la détection et la réaction à des actes malveillants, réalisés en utilisant des moyens informatiques (cyberattaques), portant atteinte aux systèmes numériques programmables d’I&C. Ceci comprend les situations non sûres, les endommagements d’équipements ou la dégradation des performances.
Cette deuxième édition annule et remplace la première édition parue en 2014. Cette édition inclut les modifications techniques majeures suivantes par rapport à l'édition précédente:
a) aligner la norme sur les nouvelles révisions de l’ISO/IEC 27001;
b) passer en revue les exigences existantes et mettre à jour la terminologie et les définitions;
c) prendre en compte, autant que possible, les exigences associées aux normes publiées depuis la parution de la première édition;
d) prendre en compte le fait que les techniques de cybersécurité, mais aussi les pratiques nationales évoluent.

General Information

Status
Published
Publication Date
12-Nov-2019
Current Stage
PPUB - Publication issued
Completion Date
13-Nov-2019
Ref Project

Buy Standard

Standard
IEC 62645:2019 - Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements
English and French language
112 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

IEC 62645
Edition 2.0 2019-11
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Nuclear power plants – Instrumentation, control and electrical power systems –
Cybersecurity requirements
Centrales nucléaires de puissance – Systèmes d’instrumentation, de contrôle-
commande et d’alimentation électrique – Exigences relatives à la cybersécurité
IEC 62645:2019-11(en-fr)
---------------------- Page: 1 ----------------------
THIS PUBLICATION IS COPYRIGHT PROTECTED
Copyright © 2019 IEC, Geneva, Switzerland

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form

or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from

either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC

copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or

your local IEC member National Committee for further information.

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite

ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie

et les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des

questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez

les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC

The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes

International Standards for all electrical, electronic and related technologies.
About IEC publications

The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the

latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org

The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,

variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English

committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.

and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished

Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary

details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and

once a month by email. French extracted from the Terms and Definitions clause of

IEC publications issued since 2002. Some entries have been

IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and

If you wish to give us your feedback on this publication or CISPR.
need further assistance, please contact the Customer Service
Centre: sales@iec.ch.
A propos de l'IEC

La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des

Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications IEC

Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la

plus récente, un corrigendum ou amendement peut avoir été publié.
Recherche de publications IEC - Electropedia - www.electropedia.org

webstore.iec.ch/advsearchform Le premier dictionnaire d'électrotechnologie en ligne au

La recherche avancée permet de trouver des publications IEC monde, avec plus de 22 000 articles terminologiques en

en utilisant différents critères (numéro de référence, texte, anglais et en français, ainsi que les termes équivalents dans

comité d’études,…). Elle donne aussi des informations sur les 16 langues additionnelles. Egalement appelé Vocabulaire

projets et les publications remplacées ou retirées. Electrotechnique International (IEV) en ligne.

IEC Just Published - webstore.iec.ch/justpublished Glossaire IEC - std.iec.ch/glossary

Restez informé sur les nouvelles publications IEC. Just 67 000 entrées terminologiques électrotechniques, en anglais

Published détaille les nouvelles publications parues. et en français, extraites des articles Termes et Définitions des

Disponible en ligne et une fois par mois par email. publications IEC parues depuis 2002. Plus certaines entrées

antérieures extraites des publications des CE 37, 77, 86 et
Service Clients - webstore.iec.ch/csc CISPR de l'IEC.
Si vous désirez nous donner des commentaires sur cette
publication ou si vous avez des questions contactez-nous:
sales@iec.ch.
---------------------- Page: 2 ----------------------
IEC 62645
Edition 2.0 2019-11
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Nuclear power plants – Instrumentation, control and electrical power systems –
Cybersecurity requirements
Centrales nucléaires de puissance – Systèmes d’instrumentation, de contrôle-
commande et d’alimentation électrique – Exigences relatives à la cybersécurité
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 27.120.20 ISBN 978-2-8322-7548-1

Warning! Make sure that you obtained this publication from an authorized distributor.

Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.

® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale
---------------------- Page: 3 ----------------------
– 2 – IEC 62645:2019 © IEC 2019
CONTENTS

FOREWORD ........................................................................................................................... 5

INTRODUCTION ..................................................................................................................... 7

1 Scope .............................................................................................................................. 9

1.1 General ................................................................................................................... 9

1.2 Application ............................................................................................................ 10

1.3 Framework ............................................................................................................ 10

2 Normative references .................................................................................................... 12

3 Terms and definitions .................................................................................................... 12

4 Abbreviated terms ......................................................................................................... 17

5 Establishing and managing a nuclear I&C programmable digital system security

programme .................................................................................................................... 17

5.1 Context of the organization ................................................................................... 17

5.1.1 Understanding the organization and its context .............................................. 17

5.1.2 Understanding the needs and expectations of interested parties .................... 17

5.1.3 Determining the scope of the I&C programmable digital system security

programme .................................................................................................... 17

5.2 Programme, policy and plan .................................................................................. 18

5.2.1 I&C digital programmable system security program........................................ 18

5.2.2 Policy ............................................................................................................ 18

5.2.3 Plan ............................................................................................................... 19

5.3 Leadership ............................................................................................................ 19

5.3.1 Leadership and commitment .......................................................................... 19

5.3.2 Roles, responsibilities and authorities ............................................................ 19

5.4 Planning of the programme ................................................................................... 20

5.4.1 Cybersecurity objectives and planning to achieve them ................................. 20

5.4.2 Addressing risks and opportunities of the programme .................................... 20

5.4.3 Graded approach to I&C security and risk assessment .................................. 21

5.5 Support ................................................................................................................. 28

5.5.1 Resources ..................................................................................................... 28

5.5.2 Training, competence and awareness ............................................................ 28

5.5.3 Communications about cybersecurity ............................................................. 29

5.5.4 Documented information ................................................................................ 29

5.6 Operation .............................................................................................................. 29

5.6.1 Operation planning and control ...................................................................... 29

5.6.2 Cybersecurity graded approach, risk assessment and risk treatment ............. 30

5.7 Performance evaluation ........................................................................................ 30

5.7.1 Monitoring, measurement, analysis and evaluation ........................................ 30

5.7.2 Internal audit ................................................................................................. 30

5.7.3 Management review ....................................................................................... 30

5.8 Improvement ......................................................................................................... 31

5.8.1 General ......................................................................................................... 31

5.8.2 Nonconformity and corrective action .............................................................. 31

5.8.3 Continual improvement .................................................................................. 31

6 Life-cycle implementation for I&C programmable digital system security ........................ 31

6.1 General ................................................................................................................. 31

6.2 System requirements specification ........................................................................ 31

---------------------- Page: 4 ----------------------
IEC 62645:2019 © IEC 2019 – 3 –

6.2.1 General ......................................................................................................... 31

6.2.2 Security degree assignment ........................................................................... 32

6.3 System specification ............................................................................................. 32

6.3.1 Selection of pre-existing components ............................................................ 32

6.3.2 System architecture ....................................................................................... 32

6.4 System detailed design and implementation .......................................................... 32

6.4.1 General ......................................................................................................... 32

6.4.2 Risk assessment at the design phase ............................................................ 33

6.4.3 Design project security plan ........................................................................... 33

6.4.4 Communication pathways .............................................................................. 33

6.4.5 Security zone definition ................................................................................. 34

6.4.6 Security assessment of the final design ......................................................... 34

6.4.7 Implementation activities ............................................................................... 34

6.5 System integration ................................................................................................ 34

6.6 System validation .................................................................................................. 34

6.7 System installation ................................................................................................ 35

6.8 Operation and maintenance activities .................................................................... 35

6.8.1 Change control during operations and maintenance ....................................... 35

6.8.2 Periodic reassessment of risks and security controls ..................................... 35

6.8.3 Change management ..................................................................................... 35

6.9 Retirement activities ............................................................................................. 36

7 Security controls ............................................................................................................ 36

7.1 General ................................................................................................................. 36

7.2 Characterization.................................................................................................... 36

7.3 Security defence-in-depth ..................................................................................... 37

7.4 Selection and enforcement of cybersecurity controls ............................................. 37

Annex A (informative) Rationale for, and notes related to, the scope of this document ......... 38

A.1 Objective of this annex.......................................................................................... 38

A.2 Inclusion of I&C programmable digital system not important to safety ................... 38

A.3 Exclusion of site physical security, room access control and site security

surveillance systems ............................................................................................. 38

A.4 Exclusion of non-malevolent actions and events ................................................... 38

A.5 Development tools and platforms .......................................................................... 38

Annex B (informative) Generic considerations about the security degrees ............................ 39

B.1 Rationale for three security degrees...................................................................... 39

B.1.1 General ......................................................................................................... 39

B.1.2 Safety categories as input to security degree assignment .............................. 39

B.1.3 Impact on plant availability and performance as input to security degree ....... 39

B.1.4 Resulting security degree assignment approach ............................................ 40

B.2 Considerations about tools associated to on-line systems ..................................... 40

B.3 Practical design and implementation ..................................................................... 40

Annex C (informative) Correspondence with ISO/IEC 27001:2013 ....................................... 41

Annex D (informative) Overall organisation of IEC SC 45A standards related to

cybersecurity ........................................................................................................................ 43

Annex E (informative) Selection of security controls ............................................................. 45

Annex F (informative) Considerations about IEC 62645 applicability to non-NPP

nuclear facilities .................................................................................................................... 47

F.1 Applicability of IEC 62645 security graded approach to Research Reactors .......... 47

F.1.1 General ......................................................................................................... 47

---------------------- Page: 5 ----------------------
– 4 – IEC 62645:2019 © IEC 2019

F.1.2 Categorization of RRs in accordance with potential hazards .......................... 47

F.1.3 Safety categories as input to security degree assignment .............................. 48

F.1.4 Impact on operational capacity as input to security degree ............................ 49

F.1.5 Considerations on requirements associated to security degrees .................... 49

F.2 Applicability of IEC 62645 security graded approach to fuel cycle facilities ........... 49

F.3 Applicability of IEC 62645 security graded approach to SMR ................................ 49

F.4 Reference documents ........................................................................................... 50

Annex G (informative) High-level correspondence table between IEC 62443 series and

IEC 62645............................................................................................................................. 51

Bibliography .......................................................................................................................... 53

Figure 1 – Overall framework of IEC 62645 ........................................................................... 11

Figure 2 – E/E/PE items ........................................................................................................ 14

Figure D.1 – Overview of IEC SC 45A standards with cybersecurity relation ......................... 44

Figure E.1 – Selection of security controls ............................................................................ 46

Table C.1 – Correspondence between ISO/IEC 27001:2013 and IEC 62645 ......................... 41

Table F.1 – Correspondence between safety categories and classes as per IEC 61513 ........ 48

---------------------- Page: 6 ----------------------
IEC 62645:2019 © IEC 2019 – 5 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
NUCLEAR POWER PLANTS – INSTRUMENTATION, CONTROL AND
ELECTRICAL POWER SYSTEMS – CYBERSECURITY REQUIREMENTS
FOREWORD

1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising

all national electrotechnical committees (IEC National Committees). The object of IEC is to promote

international co-operation on all questions concerning standardization in the electrical and electronic fields. To

this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,

Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC

Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested

in the subject dealt with may participate in this preparatory work. International, governmental and non-

governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely

with the International Organization for Standardization (ISO) in accordance with conditions determined by

agreement between the two organizations.

2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international

consensus of opinion on the relevant subjects since each technical committee has representation from all

interested IEC National Committees.

3) IEC Publications have the form of recommendations for international use and are accepted by IEC National

Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC

Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any

misinterpretation by any end user.

4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications

transparently to the maximum extent possible in their national and regional publications. Any divergence

between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in

the latter.

5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity

assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any

services carried out by independent certification bodies.

6) All users should ensure that they have the latest edition of this publication.

7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and

members of its technical committees and IEC National Committees for any personal injury, property damage or

other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and

expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC

Publications.

8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is

indispensable for the correct application of this publication.

9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of

patent rights. IEC shall not be held responsible for identifying any or all such patent rights.

International Standard IEC 62645 has been prepared by subcommittee 45A: Instrumentation,

control and electrical power systems of nuclear facilities, of IEC technical committee 45:

Nuclear instrumentation.

This second edition cancels and replaces the first edition published in 2014. This edition

constitutes a technical revision.

This edition includes the following significant technical changes with respect to the previous

edition:
a) to align the standard with the new revisions of ISO/IEC 27001;

b) to review the existing requirements and to update the terminology and definitions;

c) to take account of, as far as possible, requirements associated with standards published

since the first edition;

d) to take into account the fact that cybersecurity techniques, but also national practices

evolve.
---------------------- Page: 7 ----------------------
– 6 – IEC 62645:2019 © IEC 2019
The text of this International Standard is based on the following documents:
FDIS Report on voting
45A/1289/FDIS 45A/1295/RVD

Full information on the voting for the approval of this International Standard can be found in

the report on voting indicated in the above table.

This document has been drafted in accordance with the ISO/IEC Directives, Part 2.

The committee has decided that the contents of this document will remain unchanged until the

stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to

the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates

that it contains colours which are considered to be useful for the correct

understanding of its contents. Users should therefore print this document using a

colour printer.
---------------------- Page: 8 ----------------------
IEC 62645:2019 © IEC 2019 – 7 –
INTRODUCTION
a) Technical background, main issues and organisation of the standard

This International Standard focuses on the issue of cybersecurity requirements to prevent

and/or minimize the impact of attacks against I&C programmable digital systems on nuclear

safety and plant performance. It covers programme level, architectural level and system level

requirements.

This standard was prepared and based on the ISO/IEC 27000 series, IAEA and country

specific guidance in this expanding technical and security focus area.

It is intended that the International Standard be used by designers and operators of nuclear

power plants (NPPs) (utilities), licensees, systems evaluators, vendors and subcontractors,

and by licensors.
b) Situation of the current Standard in the structure of the IEC SC 45A standard
series

IEC 62645 is a second level IEC SC 45A document, tackling the generic issue of NPP I&C

cybersecurity.

IEC 62645 is considered formally as a second level document with respect to IEC 61513,

although IEC 61513 needs revision to actually ensure proper reference to and consistency

with IEC 62645. IEC 62645 is the top-level document with respect to cybersecurity in the

SC 45A standard series. Other documents are developed under IEC 62645 and correspond to

third level documents in the IEC SC 45A standards.

For more details on the structure of the IEC SC 45A standard series, see item d) of this

introduction.
c) Recommendations and limitations regarding the application of this standard

This standard establishes requirements for I&C programmable digital systems, with regard to

computer security, and clarifies the processes that I&C programmable digital systems are

designed, developed and operated under in NPPs.

It is recognized that this standard addresses an evolving area of regulatory requirements, due

to the changing and evolving nature of computer security threats. Therefore, the standard

defines a framework within which the evolving country specific requirements may be

developed and applied.

It is also recognized that products derived from application of this subject matter require

protection. Release of the standard’s country specific requirements should be controlled to

limit the extent to which organizations or individuals intending to access nuclear plant

systems illegally, improperly or without authorization may benefit from this information.

d) Description of the structure of the IEC SC 45A standard series and relationships

with other IEC documents and other bodies documents (IAEA, ISO)

The top-level documents of the IEC SC 45A standard series are IEC 61513 and IEC 63046.

IEC 61513 provides general requirements for I&C systems and equipment that are used to

perform functions important to safety in NPPs. IEC 63046 provides general requirements for

electrical power systems of NPPs; it covers power supply systems including the supply

systems of the I&C systems. IEC 61513 and IEC 63046 are to be considered in conjunction

and at the same level. IEC 61513 and IEC 63046 structure the IEC SC 45A standard series

---------------------- Page: 9 ----------------------
– 8 – IEC 62645:2019 © IEC 2019

and shape a complete framework establishing general requirements for instrumentation,

control and electrical systems for nuclear power plants.

IEC 61513 and IEC 63046 refer directly to other IEC SC 45A standards for general topics

related to categorization of functions and classification of systems, qualification, separation,

defence against common cause failure, control room design, electromagnetic compatibility,

cybersecurity, software and hardware aspects for programmable digital systems, coordination

of safety and security requirements and management of ageing. The standards referenced

directly at this second level should be considered together with IEC 61513 and IEC 63046 as

a consistent document set.

At a third level, IEC SC 45A standards not directly referenced by IEC 61513 or by IEC 63046

are standards related to specific equipment, technical methods, or specific activities. Usually

these documents, which make reference to second-level documents for general topics, can be

used on their own.

A fourth level extending the IEC SC 45 standard series, corresponds to the Technical Reports

which are not normative.

The IEC SC 45A standards series consistently implement and detail the safety and security

principles and basic aspects provided in the relevant IAEA safety standards and in the

relevant documents of the IAEA nuclear security series (NSS). In particular this includes the

IAEA requirements SSR-2/1, establishing safety requirements related to the design of nuclear

power plants (NPPs), the IAEA safety guide SSG-30 dealing with the safety classification of

structures, systems and components in NPPs, the IAEA safety guide SSG-39 dealing with the

design of instrumentation and control systems for NPPs, the IAEA safety guide SSG-34

dealing with the design of electrical power systems for NPPs and the implementing guide

NSS17 for computer security at nuclear facilities. The safety and security terminology and

definitions used by SC 45A standards are consistent with those used by the IAEA.

IEC 61513 and IEC 63046 have adopted a presentation format similar to the basic safety

publication IEC 61508 with an overall life-cycle framework and a system life-cycle framework.

Regarding nuclear safe
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.