iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
IEC

IEC 62645:2019

(Main)

Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements

Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements

IEC 62645:2019 establishes requirements and provides guidance for the development and management of effective computer security programmes for I&C programmable digital systems. Inherent to these requirements and guidance is the criterion that the power plant I&C programmable digital system security programme complies with the applicable country’s requirements.
This document defines adequate measures for the prevention of, detection of and reaction to malicious acts by digital means (cyberattacks) on I&C programmable digital systems. This includes any unsafe situation, equipment damage or plant performance degradation.
This second edition cancels and replaces the first edition published in 2014. This edition includes the following significant technical changes with respect to the previous edition:
a) to align the standard with the new revisions of ISO/IEC 27001;
b) to review the existing requirements and to update the terminology and definitions;
c) to take account of, as far as possible, requirements associated with standards published since the first edition;
d) to take into account the fact that cybersecurity techniques, but also national practices evolve.

Centrales nucléaires de puissance - Systèmes d'instrumentation, de contrôle-commande et d'alimentation électrique - Exigences relatives à la cybersécurité

L’IEC 62645:2019 établit des exigences et fournit des recommandations pour le développement et la gestion des programmes de sécurité informatique des systèmes numériques programmables d’I&C. Le critère de conformité du programme de sécurité des systèmes numériques programmables d’I&C de la centrale nucléaire aux exigences nationales applicables est inhérent aux exigences et recommandations du présent document.
Le présent document définit les mesures adéquates pour ce qui concerne la prévention, la détection et la réaction à des actes malveillants, réalisés en utilisant des moyens informatiques (cyberattaques), portant atteinte aux systèmes numériques programmables d’I&C. Ceci comprend les situations non sûres, les endommagements d’équipements ou la dégradation des performances.
Cette deuxième édition annule et remplace la première édition parue en 2014. Cette édition inclut les modifications techniques majeures suivantes par rapport à l'édition précédente:
a) aligner la norme sur les nouvelles révisions de l’ISO/IEC 27001;
b) passer en revue les exigences existantes et mettre à jour la terminologie et les définitions;
c) prendre en compte, autant que possible, les exigences associées aux normes publiées depuis la parution de la première édition;
d) prendre en compte le fait que les techniques de cybersécurité, mais aussi les pratiques nationales évoluent.

General Information

Status
Published
Publication Date
12-Nov-2019
ICS
01 - GENERALITIES. TERMINOLOGY. STANDARDIZATION. DOCUMENTATION
27.120.20 - Nuclear power plants. Safety
Technical Committee
SC 45A - Instrumentation, control and electrical power systems of nuclear facilities
Drafting Committee
WG 9 - TC 45/SC 45A/WG 9
Current Stage
PPUB - Publication issued
Start Date
22-Nov-2019
Completion Date
13-Nov-2019
Ref Project

Relations

Revises
IEC 62645:2014/COR1:2015 - Corrigendum 1 - Nuclear power plants - Instrumentation and control systems - Requirements for security programmes for computer-based systems
Effective Date
05-Sep-2023
Revises
IEC 62645:2014 - Nuclear power plants - Instrumentation and control systems - Requirements for security programmes for computer-based systems
Effective Date
05-Sep-2023

Buy Standard

IEC 62645:2019 - Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirementsIEC 62645:2019 - Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements
PreviousNext
Standard
IEC 62645:2019 - Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements
English and French language
112 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


IEC 62645 ®
Edition 2.0 2019-11
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Nuclear power plants – Instrumentation, control and electrical power systems –
Cybersecurity requirements
Centrales nucléaires de puissance – Systèmes d’instrumentation, de contrôle-
commande et d’alimentation électrique – Exigences relatives à la cybersécurité

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite
ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie
et les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.

need further assistance, please contact the Customer Service

Centre: sales@iec.ch.
A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.

Recherche de publications IEC - Electropedia - www.electropedia.org
webstore.iec.ch/advsearchform Le premier dictionnaire d'électrotechnologie en ligne au
La recherche avancée permet de trouver des publications IEC monde, avec plus de 22 000 articles terminologiques en
en utilisant différents critères (numéro de référence, texte, anglais et en français, ainsi que les termes équivalents dans
comité d’études,…). Elle donne aussi des informations sur les 16 langues additionnelles. Egalement appelé Vocabulaire
projets et les publications remplacées ou retirées. Electrotechnique International (IEV) en ligne.

IEC Just Published - webstore.iec.ch/justpublished Glossaire IEC - std.iec.ch/glossary
Restez informé sur les nouvelles publications IEC. Just 67 000 entrées terminologiques électrotechniques, en anglais
Published détaille les nouvelles publications parues. et en français, extraites des articles Termes et Définitions des
Disponible en ligne et une fois par mois par email. publications IEC parues depuis 2002. Plus certaines entrées
antérieures extraites des publications des CE 37, 77, 86 et
Service Clients - webstore.iec.ch/csc CISPR de l'IEC.

Si vous désirez nous donner des commentaires sur cette
publication ou si vous avez des questions contactez-nous:
sales@iec.ch.
IEC 62645 ®
Edition 2.0 2019-11
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Nuclear power plants – Instrumentation, control and electrical power systems –

Cybersecurity requirements
Centrales nucléaires de puissance – Systèmes d’instrumentation, de contrôle-

commande et d’alimentation électrique – Exigences relatives à la cybersécurité

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 27.120.20 ISBN 978-2-8322-7548-1

– 2 – IEC 62645:2019 © IEC 2019
CONTENTS
FOREWORD . 5
INTRODUCTION . 7
1 Scope . 9
1.1 General . 9
1.2 Application . 10
1.3 Framework . 10
2 Normative references . 12
3 Terms and definitions . 12
4 Abbreviated terms . 17
5 Establishing and managing a nuclear I&C programmable digital system security
programme . 17
5.1 Context of the organization . 17
5.1.1 Understanding the organization and its context . 17
5.1.2 Understanding the needs and expectations of interested parties . 17
5.1.3 Determining the scope of the I&C programmable digital system security
programme . 17
5.2 Programme, policy and plan . 18
5.2.1 I&C digital programmable system security program. 18
5.2.2 Policy . 18
5.2.3 Plan . 19
5.3 Leadership . 19
5.3.1 Leadership and commitment . 19
5.3.2 Roles, responsibilities and authorities . 19
5.4 Planning of the programme . 20
5.4.1 Cybersecurity objectives and planning to achieve them . 20
5.4.2 Addressing risks and opportunities of the programme . 20
5.4.3 Graded approach to I&C security and risk assessment . 21
5.5 Support . 28
5.5.1 Resources . 28
5.5.2 Training, competence and awareness . 28
5.5.3 Communications about cybersecurity . 29
5.5.4 Documented information . 29
5.6 Operation . 29
5.6.1 Operation planning and control . 29
5.6.2 Cybersecurity graded approach, risk assessment and risk treatment . 30
5.7 Performance evaluation . 30
5.7.1 Monitoring, measurement, analysis and evaluation . 30
5.7.2 Internal audit . 30
5.7.3 Management review . 30
5.8 Improvement . 31
5.8.1 General . 31
5.8.2 Nonconformity and corrective action . 31
5.8.3 Continual improvement . 31
6 Life-cycle implementation for I&C programmable digital system security . 31
6.1 General . 31
6.2 System requirements specification . 31

6.2.1 General . 31
6.2.2 Security degree assignment . 32
6.3 System specification . 32
6.3.1 Selection of pre-existing components . 32
6.3.2 System architecture . 32
6.4 System detailed design and implementation . 32
6.4.1 General . 32
6.4.2 Risk assessment at the design phase . 33
6.4.3 Design project security plan . 33
6.4.4 Communication pathways . 33
6.4.5 Security zone definition . 34
6.4.6 Security assessment of the final design . 34
6.4.7 Implementation activities . 34
6.5 System integration . 34
6.6 System validation . 34
6.7 System installation . 35
6.8 Operation and maintenance activities . 35
6.8.1 Change control during operations and maintenance . 35
6.8.2 Periodic reassessment of risks and security controls . 35
6.8.3 Change management . 35
6.9 Retirement activities . 36
7 Security controls . 36
7.1 General . 36
7.2 Characterization. 36
7.3 Security defence-in-depth . 37
7.4 Selection and enforcement of cybersecurity controls . 37
Annex A (informative) Rationale for, and notes related to, the scope of this document . 38
A.1 Objective of this annex.
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

IEC
IEC 63260:2020(Main)
Guide for incorporating human reliability analysis into probabilistic risk assessments for nuclear power generating stations and other nuclear facilities

IEC 63260:2020 provides a structured framework for the incorporation of human reliability analysis (HRA) into probabilistic risk assessments (PRAs).
This document is to enhance the analysis of human-system interactions in PRAs, to help ensure reproducible conclusions, and to standardize the documentation of such assessments. To do this, a specific HRA framework is developed from standard practices to serve as a benchmark to assess alternative ways of incorporating HRA into PRA. This standard is an adoption of IEEE 1082-2017 by IEC.

  • Standard
    35 pages
    English language
    sale 15% off
IEC
IEC 62566-2:2020(Main)
Nuclear power plants - Instrumentation and control systems important to safety - Development of HDL-programmed integrated circuits - Part 2: HDL-programmed integrated circuits for systems performing category B or C functions

IEC 62566-2:2020 provides requirements for achieving highly reliable HDL-Programmed Devices (HPDs), for use in I&C systems of nuclear power plants performing functions of safety category B or C as defined by IEC 61226.
The programming of HPDs relies on Hardware Description Languages (HDL) and related software tools. They are typically based on blank Field Programmable Gate Arrays (FPGAs) or similar micro-electronic technologies such as Programmable Logic Devices (PLD), Complex Programmable Logic Devices (CPLDs), etc. General purpose integrated circuits such as microprocessors are not HPDs.
This document provides requirements on:
a) a dedicated HPD life-cycle addressing each phase of the development of HPDs, including specification of requirements, design, implementation, integration and validation, as well as verification activities associated with each phase,
b) planning and complementary activities such as modification and production,
c) selection of pre-developed components. This includes micro-electronic technologies and Pre-Developed Blocks (PDBs),
d) tools used to design, implement and verify HPDs.

  • Standard
    120 pages
    English and French language
    sale 15% off
IEC
IEC 61226:2020(Main)
Nuclear power plants - Instrumentation, control and electrical power systems important to safety - Categorization of functions and classification of systems

IEC 61226:2020 establishes, for nuclear power plants , a method of assignment of the functions specified for the plant into categories according to their importance to safety. Subsequent classification of the I&C and electrical power systems performing or supporting these functions, based on the assigned category, then determines relevant design criteria.
The design criteria, when applied, ensure the achievement of each function in accordance to its importance to safety. In this document, the criteria are those of functionality, reliability, performance, environmental qualification (e.g. seismic) and quality assurance (QA).
This edition includes the following significant technical changes with respect to the previous edition:
- to align on IAEA requirements, recommendations and terminology, particularly to take into account the replacement of NS-R-1 by SSR 2/1 and publication of SSG 30;
- to extend the scope to electrical power systems;
- to move the detailed requirements applying to functions and I&C systems to a normative annex, which will be removed after updating IEC 61513.

  • Standard
    80 pages
    English and French language
    sale 15% off
IEC
IEC 62003:2020(Main)
Nuclear power plants - Instrumentation, control and electrical power systems - Requirements for electromagnetic compatibility testing

IEC 62003:2020 establishes requirements for electromagnetic compatibility testing of instrumentation, control, and electrical equipment supplied for use in systems important to safety at nuclear power plants and other nuclear facilities. The document lists the applicable IEC standards (principally the IEC 61000 series) which define the general test methods, and provides the necessary application-specific parameters and criteria to ensure that nuclear safety requirements are met.
This second edition cancels and replaces the first edition published in 2009. This edition includes the following significant technical changes with respect to the previous edition:
a) title modified.
b) expand the scope to encompass Electromagnetic Magnetic Compatibility (EMC) considerations for electrical equipment.
c) provide guidance for addressing the use of wireless technology.
d) enhance the description of the electromagnetic environment to provide clarification when selecting custom test levels or for test exemptions.
e) include example information to be contained within an EMC test plan.
f) provide guidance for characterization of the electromagnetic environment at the point of installation within a nuclear facility.

  • Standard
    80 pages
    English and French language
    sale 15% off
IEC
IEC TR 63214:2019(Main)
Nuclear power plants - Control rooms - Human factors engineering

IEC TR 63214:2019 provides a summary of arguments and a technical basis for the development of a new Human Factors Engineering IEC standard and the alignment of IEC 60964. Based on the provided argumentation, the participating members will vote for such an approach. The proposed content of the new standard provides the basis for fruitful discussion within IEC SC 45A WG 8 and raises interest in the development of the new standard.
The scope of the new HFE IEC standard will follow a holistic approach towards the design of the plant-wide control rooms and all HMI, including e.g. the local control stations located throughout the plant. The general principle is to consider the complete nuclear installation design as a sociotechnical system, in a holistic and integrated way.

  • Technical report
    18 pages
    English language
    sale 15% off
IEC
IEC/IEEE 62582-6:2019(Main)
Nuclear power plants - Instrumentation and control important to safety - Electrical equipment condition monitoring methods - Part 6: Insulation resistance

IEC/IEEE 62582-6:2019 contains methods for condition monitoring of organic and polymeric materials in instrumentation and control cables using insulation resistance measurements in the detail necessary to produce accurate and reproducible results during simulated accident conditions. It includes the requirements for the measurement system and measurement procedure, and the reporting of the measurement results.
NOTE Measurement of insulation resistance during simulated accident conditions with the aim of determining the lowest value during the accident in order to assess cable performance involves special requirements given in this document. Methods for measurement under stable (non-accident) conditions are available in other international standards, e.g. IEC 62631-3-3.
The different parts of the IEC/IEEE 62582 series are measurement standards, primarily for use in the management of ageing in initial qualification and after installation. IEC/IEEE 62582-1 includes requirements for the application of the other parts of the IEC/IEEE 62582 series and some elements which are common to all methods. Information on the role of condition monitoring in qualification of equipment important to safety is found in IEC/IEEE 60780-323.

  • Standard
    48 pages
    English and French language
    sale 15% off
IEC
IEC 62859:2016/AMD1:2019(Amendment)
Amendment 1 - Nuclear power plants - Instrumentation and control systems - Requirements for coordinating safety and cybersecurity
  • Standard
    4 pages
    English and French language
    sale 15% off
IEC
IEC 61225:2019(Main)
Nuclear power plants - Instrumentation, control and electrical power systems - Requirements for static uninterruptible DC and AC power supply systems

IEC 61225:2019 specifies the performance and the functional characteristics of the low voltage static uninterruptible power supply (SUPS) systems in a nuclear power plant and, for applicable parts, in general for nuclear facilities. An uninterruptible power supply is an electrical equipment which draws electrical energy from a source, stores it and maintains supply in a specified form by means inside the equipment to output terminals. A static uninterruptible power supply (SUPS) has no rotating parts to perform its functions.
This third edition cancels and replaces the second edition published in 2005. This edition includes the following significant technical changes with respect to the previous edition:
a) the principal objective of this edition is to address the requirements on the static uninterruptible power supplies in nuclear power plants;
b) in addition to Instrumentation and Control (I&C) power supplies include all static uninterruptible power supplies;
c) emphasize that the static uninterruptible power supplies shall protect the connected equipment (loads) from transients on the on-site AC distribution system (the immunity concept);
d) in accordance with the defence-in-depth concept, this standard applies to static uninterruptible power supplies for all equipment, not only for equipment important to safety, with a graded approach to verification and validation;
e) addition of the requirement that, when batteries are connected in parallel under abnormal operating conditions, they shall be properly protected with isolation devices to avoid any failure that may impair more than one division of the uninterruptible power supply.

  • Standard
    69 pages
    English and French language
    sale 15% off
IEC
IEC 62765-2:2019(Main)
Nuclear power plants - Instrumentation and control important to safety - Management of ageing of sensors and transmitters - Part 2: Temperature sensors

IEC 62765-2:2019 identifies minimum requirements and applicable practices for correcting and preventing any potential impacts on nuclear power plant (NPP) safety due to the ageing of temperature sensors, such as NPP resistance temperature detectors (RTDs) and thermocouples (TCs).
This document provides strategies, technical requirements, and recommended practices for the management of the ageing of temperature sensors important to safety in nuclear power plants (NPPs) to ensure that ageing can be identified and that suitable remedial actions are undertaken as necessary to demonstrate that the safety of the plant will not be impaired. This document is aligned with IEC 62342, which provides guidance on ageing management for instrumentation and control (I&C) systems important to safety in NPPs

  • Standard
    70 pages
    English and French language
    sale 15% off
IEC
IEC 62954:2019(Main)
Nuclear power plants - Control rooms - Requirements for emergency response facilities

IEC 62954:2019 presents the requirements for the on-site emergency response facilities (referred to hereinafter as the “ERF”) which are to be used in case of incidents or accidents occurring on the associated Nuclear Power Plant (NPP).
The ERF consists of the Emergency Response Centre (ERC), the Technical Support Centre (TSC) and the Operational Support Centre (OSC).
It establishes requirements for the ERF features and ERF I&C equipment to:
· coordinate on-site operational efforts with respect to safety and radioprotection;
· optimize the design in terms of environment control, lighting, power supplies and access control of the ERF;
· enhance the identification and resolution of potential conflicts between the traditional operational means and emergency means (MCR/SCR and ERF, operating staff and emergency teams, operational procedures and emergency procedures);
· aid the identification and the enhancement of the potential synergies between the traditional operational means and emergency means.

  • Standard
    56 pages
    English and French language
    sale 15% off