Nuclear power plants - Instrumentation and control systems important to safety - Software aspects for computer-based systems performing category B or C functions (IEC 62138:2018)

This document specifies requirements for the software of computer-based instrumentation and
control (I&C) systems performing functions of safety category B or C as defined by
IEC 61226. It complements IEC 60880 which provides requirements for the software of
computer-based I&C systems performing functions of safety category A.
It is consistent with, and complementary to, IEC 61513. Activities that are mainly system level
activities (for example, integration, validation and installation) are not addressed exhaustively
by this document: requirements that are not specific to software are deferred to IEC 61513.
The link between functions categories and system classes is given in IEC 61513. Since a
given safety-classified I&C system may perform functions of different safety categories and
even non safety-classified functions, the requirements of this document are attached to the
safety class of the I&C system (class 2 or class 3).
This document is not intended to be used as a general-purpose software engineering guide. It
applies to the software of I&C systems of safety classes 2 or 3 for new nuclear power plants
as well as to I&C upgrading or back-fitting of existing plants.
For existing plants, only a subset of requirements is applicable and this subset has to be
identified at the beginning of any project.
The purpose of the guidance provided by this document is to reduce, as far as possible, the
potential for latent software faults to cause system failures, either due to single software
failures or multiple software failures (i.e. Common Cause Failures due to software).
This document does not explicitly address how to protect software against those threats
arising from malicious attacks, i.e. cybersecurity, for computer-based systems. IEC 62645
provides requirements for security programmes for computer-based systems.

Kernkraftwerke - Leittechnische Systeme mit sicherheitstechnischer Bedeutung - Softwareaspekte für rechnerbasierte Systeme zur Realisierung von Funktionen der Kategorien B oder C (IEC 62138:2018)

Centrales nucléaires de puissance - Systèmes d’instrumentation et de contrôle-commande importants pour la sûreté - Aspects logiciels des systèmes informatisés réalisant des fonctions de catégorie B ou C (IEC 62138:2018)

This document specifies requirements for the software of computer-based instrumentation and control (I&C) systems performing functions of safety category B or C as defined by IEC 61226. It complements IEC 60880 which provides requirements for the software of computer-based I&C systems performing functions of safety category A. It is consistent with, and complementary to, IEC 61513. Activities that are mainly system level activities (for example, integration, validation and installation) are not addressed exhaustively by this document: requirements that are not specific to software are deferred to IEC 61513. The link between functions categories and system classes is given in IEC 61513. Since a given safety-classified I&C system may perform functions of different safety categories and even non safety-classified functions, the requirements of this document are attached to the safety class of the I&C system (class 2 or class 3). This document is not intended to be used as a general-purpose software engineering guide. It applies to the software of I&C systems of safety classes 2 or 3 for new nuclear power plants as well as to I&C upgrading or back-fitting of existing plants. For existing plants, only a subset of requirements is applicable and this subset has to be identified at the beginning of any project. The purpose of the guidance provided by this document is to reduce, as far as possible, the potential for latent software faults to cause system failures, either due to single software failures or multiple software failures (i.e. Common Cause Failures due to software). This document does not explicitly address how to protect software against those threats arising from malicious attacks, i.e. cybersecurity, for computer-based systems. IEC 62645 provides requirements for security programmes for computer-based systems.

Nuklearne elektrarne - Instrumenti in nadzorni sistemi za zagotavljanje varnosti - Značilnosti programske opreme računalniških sistemov, ki izvajajo funkcije kategorij B ali C (IEC 62138:2018)

Ta dokument določa zahteve za programsko opremo računalniških instrumentov in nadzornih sistemov (I&C) za izvajanje funkcij varnostne kategorije B ali C, kot je definirana v standardu IEC 61226. Dopolnjuje standard IEC 60880, ki določa zahteve za programsko opremo računalniških instrumentov in nadzornih sistemov za izvajanje funkcij varnostne kategorije A. Skladen je s standardom IEC 61513, katerega tudi dopolnjuje. Dejavnosti, ki so predvsem dejavnosti na ravni sistema (na primer integracija, validacija in namestitev), v tem dokumentu niso izčrpno naslovljene: zahteve, ki se ne navezujejo na programsko opremo, so navedene v standardu IEC 61513. Povezava med funkcijskimi kategorijami in sistemskimi razredi je podana v standardu IEC 61513. Ker lahko dani sistem I&C z varnostno razvrstitvijo izvaja funkcije različnih varnostnih kategorij in celo funkcij, ki nimajo varnostne razvrstitve, so zahteve tega dokumenta dodane varnostnemu razredu sistema I&C (razred 2 ali razred 3). Namen tega dokumenta ni, da bi se uporabljal kot vodilo za inženiring programske opreme za splošni namen. Uporablja se za programsko opremo računalniških instrumentov in nadzornih sistemov varnostnega razreda 2 ali 3 za nove jedrske elektrarne in tudi za nadgradnjo ali posodobitev obstoječih elektrarn z računalniškimi instrumenti in nadzornimi sistemi. Za obstoječe elektrarne se uporablja samo podnabor zahtev in ta podnabor je treba identificirati na začetku posameznega projekta. Namen vodil, navedenih v tem dokumentu, je v največji možni meri zmanjšati potencial, da bi latentne okvare programske opreme povzročile odpovedi sistema, in sicer zaradi okvar posamezne programske opreme
ali okvar več programskih oprem (tj. okvare s skupnim vzrokom zaradi programske opreme). Ta dokument ne naslavlja izrecno zaščite programske opreme pred grožnjami, ki izhajajo iz zlonamernih napadov, tj. kibernetske varnosti, za računalniške sisteme. Zahteve za varnostne programe za računalniške sisteme določa standard IEC 62645.

General Information

Status
Published
Public Enquiry End Date
25-Apr-2019
Publication Date
20-Oct-2019
Technical Committee
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
04-Oct-2019
Due Date
09-Dec-2019
Completion Date
21-Oct-2019

RELATIONS

Buy Standard

Standard
SIST EN IEC 62138:2019
English language
55 pages
sale 10% off
Preview
sale 10% off
Preview

e-Library read for
1 day

Standards Content (sample)

SLOVENSKI STANDARD
SIST EN IEC 62138:2019
01-december-2019
Nadomešča:
SIST EN 62138:2009

Nuklearne elektrarne - Instrumenti in nadzorni sistemi za zagotavljanje varnosti -

Značilnosti programske opreme računalniških sistemov, ki izvajajo funkcije
kategorij B ali C (IEC 62138:2018)
Nuclear power plants - Instrumentation and control systems important to safety -

Software aspects for computer-based systems performing category B or C functions (IEC

62138:2018)
Kernkraftwerke - Leittechnische Systeme mit sicherheitstechnischer Bedeutung -
Softwareaspekte für rechnerbasierte Systeme zur Realisierung von Funktionen der
Kategorien B oder C (IEC 62138:2018)
Centrales nucléaires de puissance - Systèmes d’instrumentation et de contrôle-
commande importants pour la sûreté - Aspects logiciels des systèmes informatisés
réalisant des fonctions de catégorie B ou C (IEC 62138:2018)
Ta slovenski standard je istoveten z: EN IEC 62138:2019
ICS:
27.120.20 Jedrske elektrarne. Varnost Nuclear power plants. Safety
SIST EN IEC 62138:2019 en

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN IEC 62138:2019
---------------------- Page: 2 ----------------------
SIST EN IEC 62138:2019
EUROPEAN STANDARD EN IEC 62138
NORME EUROPÉENNE
EUROPÄISCHE NORM
September 2019
ICS 27.120.20 Supersedes EN 62138:2009 and all of its amendments
and corrigenda (if any)
English Version
Nuclear power plants - Instrumentation and control systems
important to safety - Software aspects for computer-based
systems performing category B or C functions
(IEC 62138:2018)

Centrales nucléaires de puissance - Systèmes Kernkraftwerke - Leittechnische Systeme mit

d'instrumentation et de contrôle-commande importants pour sicherheitstechnischer Bedeutung - Softwareaspekte für

la sûreté - Aspects logiciels des systèmes informatisés rechnerbasierte Systeme zur Realisierung von Funktionen

réalisant des fonctions de catégorie B ou C der Kategorien B oder C
(IEC 62138:2018) (IEC 62138:2018)

This European Standard was approved by CENELEC on 2019-09-09. CENELEC members are bound to comply with the CEN/CENELEC

Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC

Management Centre or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by translation

under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the

same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,

Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the

Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,

Turkey and the United Kingdom.
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels

© 2019 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.

Ref. No. EN IEC 62138:2019 E
---------------------- Page: 3 ----------------------
SIST EN IEC 62138:2019
EN IEC 62138:2019 (E)
European foreword

This document (EN IEC 62138:2019) consists of the text of IEC 62138:2018 prepared by SC 45A

"Instrumentation, control and electrical power systems of nuclear facilities" of IEC/TC 45 "Nuclear

instrumentation".
The following dates are fixed:
• latest date by which this document has to be (dop) 2020-09-09
implemented at national level by publication of an
identical national standard or by endorsement
• latest date by which the national standards (dow) 2022-09-09
conflicting with this document have to be
withdrawn

This document supersedes EN 62138:2009 and all of its amendments and corrigenda (if any).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.

As stated in the nuclear safety directive 2009/71/EURATOM, Chapter 1, Article 2, item 2, Member

States are not prevented from taking more stringent safety measures in the subject-matter covered by

the Directive, in compliance with Community law. In a similar manner, this European standard does

not prevent Member States from taking more stringent nuclear safety and/or security measures in the

subject-matter covered by this standard.
Endorsement notice

The text of the International Standard IEC 62138:2018 was approved by CENELEC as a European

Standard without any modification.

In the official version, for Bibliography, the following notes have to be added for the standards

indicated:
IEC 61508-3:2010 NOTE Harmonized as EN 61508-3:2010 (not modified)
IEC 61508-4:2010 NOTE Harmonized as EN 61508-3:2010 (not modified)
IEC 61511-1:2016
NOTE Harmonized as EN 61511-1:2016 (not modified)
ISO 9001:2015
NOTE Harmonized as EN ISO 9001:2015 (not modified)
---------------------- Page: 4 ----------------------
SIST EN IEC 62138:2019
EN IEC 62138:2019 (E)
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments)

applies.

NOTE 1 When an International Publication has been modified by common modifications, indicated by (mod), the relevant

EN/HD applies.

NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available here:

www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 60880 2006 Nuclear power plants - Instrumentation EN 60880 2009
and control systems important to safety -
Software aspects for computer-based
systems performing category A functions
IEC 61226 - Nuclear power plants - Instrumentation EN 61226 -
and control important to safety -
Classification of instrumentation and
control functions
IEC 61513 2011 Nuclear power plants - Instrumentation EN 61513 2013
and control important to safety - General
requirements for systems
IEC 62671 2013 Nuclear power plants - Instrumentation - -
and control important to safety - Selection
and use of industrial digital devices of
limited functionality
---------------------- Page: 5 ----------------------
SIST EN IEC 62138:2019
---------------------- Page: 6 ----------------------
SIST EN IEC 62138:2019
IEC 62138
Edition 2.0 2018-07
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
Nuclear power plants – Instrumentation and control systems important to
safety – Software aspects for computer-based systems performing category
B or C functions
Centrales nucléaires de puissance – Systèmes d’instrumentation et de contrôle-
commande importants pour la sûreté – Aspects logiciels des systèmes
informatisés réalisant des fonctions de catégorie B ou C
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 27.120.20 ISBN 978-2-8322-5830-9

Warning! Make sure that you obtained this publication from an authorized distributor.

Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.

® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale
---------------------- Page: 7 ----------------------
SIST EN IEC 62138:2019
– 2 – IEC 62138:2018 © IEC 2018
CONTENTS

FOREWORD ......................................................................................................................... 4

INTRODUCTION ................................................................................................................... 6

1 Scope ............................................................................................................................ 8

2 Normative references..................................................................................................... 8

3 Terms and definitions .................................................................................................... 9

4 Symbols and abbreviated terms ................................................................................... 17

5 Key concepts and assumptions .................................................................................... 17

5.1 General ............................................................................................................... 17

5.2 Types of software ................................................................................................ 17

5.3 Types of configuration data ................................................................................. 18

5.4 Software and system safety lifecycles .................................................................. 19

5.5 Gradation principles ............................................................................................ 21

6 Requirements for the software of class 2 and class 3 I&C systems ............................... 22

6.1 Applicability of the requirements .......................................................................... 22

6.2 General requirements .......................................................................................... 22

6.2.1 Software safety lifecycle – Software quality assurance .................................. 22

6.2.2 Verification .................................................................................................. 23

6.2.3 Configuration management ........................................................................... 24

6.2.4 Selection and use of software tools .............................................................. 25

6.2.5 Selection of languages ................................................................................. 26

6.3 Selection of pre-developed software .................................................................... 27

6.3.1 General ....................................................................................................... 27

6.3.2 Documentation for safety.............................................................................. 27

6.3.3 Evidence of correctness ............................................................................... 28

6.3.4 Functional suitability .................................................................................... 35

6.3.5 Selection and use of digital devices of limited functionality ............................ 35

6.4 Software requirements specification .................................................................... 35

6.4.1 General ....................................................................................................... 35

6.4.2 Objectives .................................................................................................... 35

6.4.3 Inputs .......................................................................................................... 36

6.4.4 Contents ...................................................................................................... 36

6.4.5 Properties .................................................................................................... 37

6.5 Software design .................................................................................................. 38

6.5.1 Objectives .................................................................................................... 38

6.5.2 Inputs .......................................................................................................... 38

6.5.3 Contents ...................................................................................................... 39

6.5.4 Properties .................................................................................................... 40

6.6 Implementation of software .................................................................................. 40

6.6.1 General requirements ................................................................................... 40

6.6.2 Configuration of software and of devices containing software ........................ 40

6.6.3 Implementation with application-oriented languages ...................................... 41

6.6.4 Implementation with general-purpose languages ........................................... 41

6.7 Software aspects of system integration ................................................................ 43

6.7.1 General ....................................................................................................... 43

6.8 Software aspects of system validation ................................................................. 43

6.8.1 General ....................................................................................................... 43

---------------------- Page: 8 ----------------------
SIST EN IEC 62138:2019
IEC 62138:2018 © IEC 2018 – 3 –

6.9 Installation of software on site ............................................................................. 45

6.9.1 General ....................................................................................................... 45

6.10 Anomaly reports .................................................................................................. 45

6.11 Software modification .......................................................................................... 46

6.11.1 General ....................................................................................................... 46

6.12 Defences against common cause failure due to software ...................................... 47

Annex A (informative) Typical list of software documentation .............................................. 48

Annex B (informative) Correspondence between IEC 61513:2011 and this document .......... 49

Annex C (informative) Relations of this document with IEC 61508 ....................................... 50

C.1 General ............................................................................................................... 50

C.2 Comparison of scope and concepts ..................................................................... 50

C.3 Correspondence between this document and IEC 61508-3:2010 .......................... 51

Bibliography ....................................................................................................................... 52

Figure 1 – Typical software parts in a computer-based I&C system ...................................... 18

Figure 2 – Activities of the system safety lifecycle (as defined by IEC 61513:2011) .............. 19

Figure 3 – Software related activities in the system safety lifecycle ...................................... 20

Figure 4 – Development activities of the IEC 62138 software safety lifecycle ........................ 21

Figure 5 – Overview of the typical qualification process for pre-developed complete

operational system software ................................................................................................ 30

Figure 6 – Overview of the typical qualification process for pre-developed software

components ........................................................................................................................ 31

Table A.1 – Typical list of software documentation ............................................................... 48

Table B.1 – Correspondence between IEC 61513:2011 and this document ........................... 49

Table C.1 – Correspondence between this document and IEC 61508-3:2010 ....................... 51

---------------------- Page: 9 ----------------------
SIST EN IEC 62138:2019
– 4 – IEC 62138:2018 © IEC 2018
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
NUCLEAR POWER PLANTS – INSTRUMENTATION
AND CONTROL SYSTEMS IMPORTANT TO SAFETY –
SOFTWARE ASPECTS FOR COMPUTER-BASED SYSTEMS
PERFORMING CATEGORY B OR C FUNCTIONS
FOREWORD

1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising

all national electrotechnical committees (IEC National Committees). The object of IEC is to promote

international co-operation on all questions concerning standardization in the electrical and electronic fields. To

this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,

Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC

Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested

in the subject dealt with may participate in this preparatory work. International, governmental and non-

governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely

with the International Organization for Standardization (ISO) in accordance with conditions determined by

agreement between the two organizations.

2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international

consensus of opinion on the relevant subjects since each technical committee has representation from all

interested IEC National Committees.

3) IEC Publications have the form of recommendations for international use and are accepted by IEC National

Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC

Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any

misinterpretation by any end user.

4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications

transparently to the maximum extent possible in their national and regional publications. Any divergence

between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in

the latter.

5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity

assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any

services carried out by independent certification bodies.

6) All users should ensure that they have the latest edition of this publication.

7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and

members of its technical committees and IEC National Committees for any personal injury, property damage or

other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and

expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC

Publications.

8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is

indispensable for the correct application of this publication.

9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of

patent rights. IEC shall not be held responsible for identifying any or all such patent rights.

International Standard IEC 62138 has been prepared by subcommittee 45A: Instrumentation,

control and electrical power systems of nuclear facilities, of IEC technical committee 45:

Nuclear instrumentation.

This second edition cancels and replaces the first edition published in 2004. This edition

constitutes a technical revision.

This edition includes the following significant technical changes with respect to the previous

edition:

a) align the standard with standards published or revised since the first edition, in particular

IEC 61513, IEC 60880, IEC 62645 and IEC 62671;

b) merge Clause 5 and Clause 6 of the first edition into a single clause in order to avoid the

repetition of the vast majority of the text which proves to be extremely difficult to maintain

in consistency;
---------------------- Page: 10 ----------------------
SIST EN IEC 62138:2019
IEC 62138:2018 © IEC 2018 – 5 –

c) revise clause on the selection of pre-developed software based on experiences from the

application of the first edition of the standard on industrial projects. More precise criteria

are proposed for the evidence of correctness of pre-developed software;
d) introduce requirements on traceability in consistency with IEC 61513;
e) introduce an Annex A that gives a typical list of software documentation;

f) introduce an Annex B that establishes relationship between IEC 61513 and this document;

g) introduce an Annex C that establishes relationship between IEC 61508 and this document.

The text of this standard is based on the following documents:
FDIS Report on voting
45A/1201/FDIS 45A/1209/RVD

Full information on the voting for the approval of this International Standard can be found in

the report on voting indicated in the above table.

This document has been drafted in accordance with the ISO/IEC Directives, Part 2.

In this document, the following print types are used:

• Requirements and recommendations applicable specifically to class 2 or to class 3

systems appear in italics in Clause 6.

The committee has decided that the contents of this document will remain unchanged until the

stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to

the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
---------------------- Page: 11 ----------------------
SIST EN IEC 62138:2019
– 6 – IEC 62138:2018 © IEC 2018
INTRODUCTION
a) Technical background, main issues and organisation of this document

This International Standard provides requirements on the software aspects for computer-

based instrumentation and control (I&C) systems performing category B or C functions as

defined by IEC 61226. It complements IEC 60880 which provides requirements for the

software of computer-based I&C systems performing category A functions.

It is consistent with, and complementary to, IEC 61513:2011. Activities that are mainly

system level activities (for example, integration, validation and installation) are not

addressed exhaustively by this document: requirements that are not specific to software

are deferred to IEC 61513:2011.

This document takes into account the current practices for the development of software for

I&C systems, in particular:

– the use of pre-developed software, equipment and equipment families that were not

necessarily designed to nuclear industry sector standards;
– the use of application-oriented languages.

b) Situation of the current document in the structure of the IEC SC 45A standard series

IEC 61513 is a first level IEC SC 45A document and gives guidance applicable to I&C at

system level.
IEC 62138 is a second level IEC SC 45A document that supplements IEC 61513

concerning software development of computer-based I&C systems performing category B

or C functions.

For more details on the structure of the IEC SC 45A standard series, see item d) of this

introduction.
c) Recommendations and limitations regarding the application of this document

This document is not intended to be used as a general-purpose software engineering

guide. It applies to the software of I&C systems performing category B or C functions for

new nuclear power plants as well as to I&C upgrading or back-fitting of existing plants.

For existing plants, only a subset of requirements is applicable and this subset has to be

identified at the beginning of any project.

The purpose of the guidance provided by this document is to reduce, as far as possible,

the potential for latent software faults to cause system failures, either due to single

software failures or multiple software failures (i.e. Common Cause Failures due to

software).

This document does not explicitly address how to protect software against those threats

arising from malicious attacks, i.e. cybersecurity, for computer-based systems. IEC 62645

provides requirements for security programmes for computer-based systems.

To ensure that this document will continue to be relevant in future years, the emphasis

has been placed on issues of principle, rather than specific technologies.

d) Description of the structure of the IEC SC 45A standard series and relationships

with other IEC documents and other bodies documents (IAEA, ISO)
The top-level documents of the IEC SC 45A standard series are IEC 61513 and

IEC 63046. IEC 61513 provides general requirements for I&C systems and equipment that

are used to perform functions important to safety in nuclear power plants (NPPs).

IEC 63046 provides general requirements for electrical power systems of NPPs; it covers

power supply systems including the supply systems of the I&C systems. IEC 61513 and

IEC 63046 are to be considered in conjunction and at the same level. IEC 61513 and

IEC 63046 structure the IEC SC 45A standard series and shape a complete framework

establishing general requirements for instrumentation, control and electrical systems for

nuclear power plants.

IEC 61513 and IEC 63046 refer directly to other IEC SC 45A standards for general topics

related to categorization of functions and classification of systems, qualification,

separation, defence against common cause failure, control room design, electromagnetic

compatibility, cybersecurity, software and hardware aspects for programmable digital

---------------------- Page: 12 ----------------------
SIST EN IEC 62138:2019
IEC 62138:2018 © IEC 2018 – 7 –

systems, coordination of safety and security requirements and management of ageing.

The standards referenced directly at this second level should be considered together with

IEC 61513 and IEC 63046 as a consistent document set.

At a third level, IEC SC 45A standards not directly referenced by IEC 61513 or by

IEC 63046 are standards related to specific equipment, technical methods, or specific

activities. Usually these documents, which make reference to second-level documents for

general topics, can be used on their own.

A fourth level extending the IEC SC 45A standard series, corresponds to the Technical

Reports which are not normative.

The IEC SC 45A standards series consistently implements and details the safety and

security principles and basic aspects provided in the relevant IAEA safety standards and

in the relevant documents of the IAEA nuclear security series (NSS). In particular this

includes the IAEA requirements SSR-2/1, establishing safety requirements related to the

design of nuclear power plants (NPPs), the IAEA safety guide SSG-30 dealing with the

safety classification of structures, systems and components in NPPs, the IAEA safety

guide SSG-39 dealing with the design of instrumentation and control systems for NPPs,

the IAEA safety guide SSG-34 dealing with the design of electrical power systems for

NPPs and the implementing guide NSS17 for computer security at nuclear facilities. The

safety and security terminology and definitions used by SC 45A standards are consistent

with those used by the IAEA.

IEC 61513 and IEC 63046 have adopted a presentation format similar to the basic safety

publication IEC 61508 with an overall life-cycle framework and a system life-cycle

framework. Regarding nuclear safety, IEC 61513 and IEC 63046 provide the interpretation

of the general requirements of IEC 61508-1, IEC 61508-2 and IEC 61508-4, for the
nuclear application sector. In this framework IEC 60880, IEC 62138 and IEC 62566

correspond to IEC 61508-3 for the nuclear application sector. IEC 61513 and IEC 63046

refer to ISO as well as to IAEA GS-R-3 and IAEA GS-G-3.1 and IAEA GS-G-3.5 for topics

related to quality assurance. At level 2, regarding nuclear security, IEC 62645 is the entry

document for the IEC SC 45A security standards. It builds upon the valid high level

principles and main concepts of the generic security standards, in particular ISO/IEC

27001 and ISO/IEC 27002; it adapts them and completes them to fit the nuclear context

and coordinates with the IEC 62443 series. At level 2, regarding control rooms, IEC 60964

is the entry document for the IEC SC 45A control rooms standards and IEC 62342 is the

entry document for the IEC SC 45A ageing management standards.

NOTE 1 It is assumed that for the design of I&C systems in NPPs that implement conventional safety functions

(e.g. to address worker safety, asset protection, chemical hazards, process energy hazards) international or

national standards would be applied.

NOTE 2 IEC SC 45A domain was extended in 2013 to cover electrical systems. In 2014 and 2015 discussions

were held in IEC SC 45A to decide how and where general requirement for the design of electrical systems were to

be considered. IEC SC 45A experts recommended that an
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.