Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements (IEC 62645:2019)

This document establishes requirements and provides guidance for the development and
management of effective computer security programmes for I&C programmable digital
systems. Inherent to these requirements and guidance is the criterion that the power plant
I&C programmable digital system security programme complies with the applicable country’s
requirements.
This document defines adequate measures for the prevention of, detection of and reaction to
malicious acts by digital means (cyberattacks) on I&C programmable digital systems. This
includes any unsafe situation, equipment damage or plant performance degradation that could
result from such an act, such as:
– malicious modifications affecting system integrity;
– malicious interference with information, data or resources that could compromise the
delivery of or performance of the required I&C programmable digital functions;
– malicious interference with information, data or resources that could compromise operator
displays or lead to loss of management of I&C programmable digital systems;
– malicious changes to hardware, firmware or software at the programmable logic controller
(PLC) level.
Human errors leading to violation of the security policy and/or easing the aforementioned
malicious acts are also in the scope of this document.
This document describes a graded approach scheme for assets subject to digital compromise,
based on their relevance to the overall plant safety, availability, and equipment protection.
Excluded from the scope of this document are considerations related to:
– non-malevolent actions and events such as accidental failures, human errors (except
those impacting the performance of cybersecurity controls) and natural events. In
particular, good practices for managing applications and data, including back-up and
restoration related to accidental failure, are out of scope;
NOTE 1 Although such aspects are often covered by security programme in other normative contexts (e.g., in
the ISO/IEC 27000 series or in the IEC 62443 series), this document is only focused on the protection against
malicious acts by digital means (cyberattacks) on I&C programmable digital systems. The main reason is that
in the nuclear generation domain, other standards and practices already cover accidental failures,
unintentional human errors, natural events, etc. The focus of IEC 62645 is made to provide the maximum
consistency and the minimum overlap with these other nuclear standards and practices.
– site physical security, room access control and site security surveillance systems. These
systems, while not specifically addressed in this document, are to be covered by plant
operating procedures and programmes;
NOTE 2 This exclusion does not deny that cybersecurity has clear dependencies on the security of the
physical environment (e.g., physical protection, power delivery systems, heating/ventilation/air-conditioning
systems (HVAC), etc.).
– the aspect of confidentiality of information about I&C digital programmable systems is out
of the scope of this document (see 5.4.3.2.3).
Annex A provides a rationale for and comments about the scope, definition and the
document's application, and in particular about the exclusions and limitations previously
mentioned.
Standards such as ISO/IEC 27001 and ISO/IEC 27002 are not directly applicable to the cyber
protection of nuclear I&C programmable digital systems. This is mainly due to the specificities
of these systems, including the regulatory and safety requirements inherent to nuclear
facilities. However, this document builds upon the valid high level principles and main
concepts of ISO/IEC 27001:2013, adapts them and completes them to fit the nuclear context.
This document follows the general principles given in the IAEA reference manual NSS17.

Kernkraftwerke - Leittechnische und elektrische Systeme - Anforderungen an die Cybersicherheit

Centrales nucléaires de puissance - Systèmes d’instrumentation, de contrôlecommande et d’alimentation électrique - Exigences relatives à la cybersécurité (IEC 62645:2019)

L’IEC 62645:2019 établit des exigences et fournit des recommandations pour le développement et la gestion des programmes de sécurité informatique des systèmes numériques programmables d’I&C. Le critère de conformité du programme de sécurité des systèmes numériques programmables d’I&C de la centrale nucléaire aux exigences nationales applicables est inhérent aux exigences et recommandations du présent document.
Le présent document définit les mesures adéquates pour ce qui concerne la prévention, la détection et la réaction à des actes malveillants, réalisés en utilisant des moyens informatiques (cyberattaques), portant atteinte aux systèmes numériques programmables d’I&C. Ceci comprend les situations non sûres, les endommagements d’équipements ou la dégradation des performances.
Cette deuxième édition annule et remplace la première édition parue en 2014. Cette édition inclut les modifications techniques majeures suivantes par rapport à l'édition précédente:
a) aligner la norme sur les nouvelles révisions de l’ISO/IEC 27001;
b) passer en revue les exigences existantes et mettre à jour la terminologie et les définitions;
c) prendre en compte, autant que possible, les exigences associées aux normes publiées depuis la parution de la première édition;
d) prendre en compte le fait que les techniques de cybersécurité, mais aussi les pratiques nationales évoluent.

Jedrske elektrarne - Merilna, nadzorna in elektroenergetska oprema - Zahteve za kibernetsko varnost (IEC 62645:2019)

General Information

Status
Published
Public Enquiry End Date
28-May-2020
Publication Date
02-Sep-2020
Technical Committee
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
12-Aug-2020
Due Date
17-Oct-2020
Completion Date
03-Sep-2020

Buy Standard

Standard
SIST EN IEC 62645:2020 - BARVE na PDF-str 17,50,52
English language
56 pages
sale 10% off
Preview
sale 10% off
Preview

e-Library read for
1 day

Standards Content (sample)

SLOVENSKI STANDARD
SIST EN IEC 62645:2020
01-oktober-2020
Jedrske elektrarne - Merilna, nadzorna in elektroenergetska oprema - Zahteve za
kibernetsko varnost (IEC 62645:2019)
Nuclear power plants - Instrumentation, control and electrical power systems -
Cybersecurity requirements (IEC 62645:2019)

Centrales nucléaires de puissance - Systèmes d’instrumentation, de contrôlecommande

et d’alimentation électrique - Exigences relatives à la cybersécurité (IEC 62645:2019)

Ta slovenski standard je istoveten z: EN IEC 62645:2020
ICS:
27.120.20 Jedrske elektrarne. Varnost Nuclear power plants. Safety
SIST EN IEC 62645:2020 en

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN IEC 62645:2020
---------------------- Page: 2 ----------------------
SIST EN IEC 62645:2020
EUROPEAN STANDARD EN IEC 62645
NORME EUROPÉENNE
EUROPÄISCHE NORM
July 2020
ICS 27.120.20
English Version
Nuclear power plants - Instrumentation, control and electrical
power systems - Cybersecurity requirements
(IEC 62645:2019)

Centrales nucléaires de puissance - Systèmes Kernkraftwerke – Elektro- und leittechnische Systeme –

d'instrumentation, de contrôlecommande et d'alimentation Anforderungen an die IT-Sicherheitskonzeption

électrique - Exigences relatives à la cybersécurité (IEC 62645:2019)
(IEC 62645:2019)

This European Standard was approved by CENELEC on 2020-07-07. CENELEC members are bound to comply with the CEN/CENELEC

Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC

Management Centre or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by translation

under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the

same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,

Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the

Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,

Turkey and the United Kingdom.
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels

© 2020 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.

Ref. No. EN IEC 62645:2020 E
---------------------- Page: 3 ----------------------
SIST EN IEC 62645:2020
EN IEC 62645:2020 (E)
European foreword

The text of document 45A/1289/FDIS, future edition 2 of IEC 62645, prepared by SC 45A

"Instrumentation, control and electrical power systems of nuclear facilities" of IEC/TC 45 "Nuclear

instrumentation" was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as

EN IEC 62645:2020.
The following dates are fixed:

• latest date by which the document has to be implemented at national (dop) 2021-07-07

level by publication of an identical national standard or by endorsement

• latest date by which the national standards conflicting with the (dow) 2023-07-07

document have to be withdrawn

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.

As stated in the nuclear safety directive 2009/71/EURATOM, Chapter 1, Article 2, item 2, Member

States are not prevented from taking more stringent safety measures in the subject-matter covered by

the Directive, in compliance with Community law.

In a similar manner, this European standard does not prevent Member States from taking more

stringent nuclear safety and/or security measures in the subject-matter covered by this standard.

Endorsement notice

The text of the International Standard IEC 62645:2019 was approved by CENELEC as a European

Standard without any modification.

In the official version, for Bibliography, the following notes have to be added for the standards

indicated:
IEC 60709 NOTE Harmonized as EN IEC 60709
ISO/IEC 27000:2018 NOTE Harmonized as EN ISO/IEC 27000:2020 (not modified)
---------------------- Page: 4 ----------------------
SIST EN IEC 62645:2020
EN IEC 62645:2020 (E)
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments)

applies.

NOTE 1 Where an International Publication has been modified by common modifications, indicated by (mod), the relevant

EN/HD applies.

NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available here:

www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 60880 2006 Nuclear power plants - Instrumentation and EN 60880 2009
control systems important to safety -
Software aspects for computer-based
systems performing category A functions
IEC 61226 - Nuclear power plants - Instrumentation and - -
control systems important to safety -
Classification
IEC 61513 - Nuclear power plants - Instrumentation and - -
control for systems important to safety -
General requirements for systems
IEC 62138 - Nuclear power plants - Instrumentation and EN IEC 62138 -
control systems important to safety -
Software aspects for computer-based
systems performing category B or C
functions
IEC 62566 - Nuclear power plants - Instrumentation and EN 62566 -
control important to safety - Development
of HDL-programmed integrated circuits for
systems performing category A functions
IEC 62859 - Nuclear power plants - Instrumentation and - -
control systems - Requirements for
coordinating safety and cybersecurity
ISO/IEC 27001 2013 Information technology - Security EN ISO/IEC 27001 2017
techniques - Information security
management systems - Requirements
ISO/IEC 27002 2013 Information technology - Security EN ISO/IEC 27002 2017
techniques - Code of practice for
information security controls
ISO/IEC 27005 2018 Information technology_- Security - -
techniques_- Information security risk
management
---------------------- Page: 5 ----------------------
SIST EN IEC 62645:2020
---------------------- Page: 6 ----------------------
SIST EN IEC 62645:2020
IEC 62645
Edition 2.0 2019-11
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Nuclear power plants – Instrumentation, control and electrical power systems –
Cybersecurity requirements
Centrales nucléaires de puissance – Systèmes d’instrumentation, de contrôle-
commande et d’alimentation électrique – Exigences relatives à la cybersécurité
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 27.120.20 ISBN 978-2-8322-7548-1

Warning! Make sure that you obtained this publication from an authorized distributor.

Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.

® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale
---------------------- Page: 7 ----------------------
SIST EN IEC 62645:2020
– 2 – IEC 62645:2019 © IEC 2019
CONTENTS

FOREWORD ........................................................................................................................... 5

INTRODUCTION ..................................................................................................................... 7

1 Scope .............................................................................................................................. 9

1.1 General ................................................................................................................... 9

1.2 Application ............................................................................................................ 10

1.3 Framework ............................................................................................................ 10

2 Normative references .................................................................................................... 12

3 Terms and definitions .................................................................................................... 12

4 Abbreviated terms ......................................................................................................... 17

5 Establishing and managing a nuclear I&C programmable digital system security

programme .................................................................................................................... 17

5.1 Context of the organization ................................................................................... 17

5.1.1 Understanding the organization and its context .............................................. 17

5.1.2 Understanding the needs and expectations of interested parties .................... 17

5.1.3 Determining the scope of the I&C programmable digital system security

programme .................................................................................................... 17

5.2 Programme, policy and plan .................................................................................. 18

5.2.1 I&C digital programmable system security program........................................ 18

5.2.2 Policy ............................................................................................................ 18

5.2.3 Plan ............................................................................................................... 19

5.3 Leadership ............................................................................................................ 19

5.3.1 Leadership and commitment .......................................................................... 19

5.3.2 Roles, responsibilities and authorities ............................................................ 19

5.4 Planning of the programme ................................................................................... 20

5.4.1 Cybersecurity objectives and planning to achieve them ................................. 20

5.4.2 Addressing risks and opportunities of the programme .................................... 20

5.4.3 Graded approach to I&C security and risk assessment .................................. 21

5.5 Support ................................................................................................................. 28

5.5.1 Resources ..................................................................................................... 28

5.5.2 Training, competence and awareness ............................................................ 28

5.5.3 Communications about cybersecurity ............................................................. 29

5.5.4 Documented information ................................................................................ 29

5.6 Operation .............................................................................................................. 29

5.6.1 Operation planning and control ...................................................................... 29

5.6.2 Cybersecurity graded approach, risk assessment and risk treatment ............. 30

5.7 Performance evaluation ........................................................................................ 30

5.7.1 Monitoring, measurement, analysis and evaluation ........................................ 30

5.7.2 Internal audit ................................................................................................. 30

5.7.3 Management review ....................................................................................... 30

5.8 Improvement ......................................................................................................... 31

5.8.1 General ......................................................................................................... 31

5.8.2 Nonconformity and corrective action .............................................................. 31

5.8.3 Continual improvement .................................................................................. 31

6 Life-cycle implementation for I&C programmable digital system security ........................ 31

6.1 General ................................................................................................................. 31

6.2 System requirements specification ........................................................................ 31

---------------------- Page: 8 ----------------------
SIST EN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 3 –

6.2.1 General ......................................................................................................... 31

6.2.2 Security degree assignment ........................................................................... 32

6.3 System specification ............................................................................................. 32

6.3.1 Selection of pre-existing components ............................................................ 32

6.3.2 System architecture ....................................................................................... 32

6.4 System detailed design and implementation .......................................................... 32

6.4.1 General ......................................................................................................... 32

6.4.2 Risk assessment at the design phase ............................................................ 33

6.4.3 Design project security plan ........................................................................... 33

6.4.4 Communication pathways .............................................................................. 33

6.4.5 Security zone definition ................................................................................. 34

6.4.6 Security assessment of the final design ......................................................... 34

6.4.7 Implementation activities ............................................................................... 34

6.5 System integration ................................................................................................ 34

6.6 System validation .................................................................................................. 34

6.7 System installation ................................................................................................ 35

6.8 Operation and maintenance activities .................................................................... 35

6.8.1 Change control during operations and maintenance ....................................... 35

6.8.2 Periodic reassessment of risks and security controls ..................................... 35

6.8.3 Change management ..................................................................................... 35

6.9 Retirement activities ............................................................................................. 36

7 Security controls ............................................................................................................ 36

7.1 General ................................................................................................................. 36

7.2 Characterization.................................................................................................... 36

7.3 Security defence-in-depth ..................................................................................... 37

7.4 Selection and enforcement of cybersecurity controls ............................................. 37

Annex A (informative) Rationale for, and notes related to, the scope of this document ......... 38

A.1 Objective of this annex.......................................................................................... 38

A.2 Inclusion of I&C programmable digital system not important to safety ................... 38

A.3 Exclusion of site physical security, room access control and site security

surveillance systems ............................................................................................. 38

A.4 Exclusion of non-malevolent actions and events ................................................... 38

A.5 Development tools and platforms .......................................................................... 38

Annex B (informative) Generic considerations about the security degrees ............................ 39

B.1 Rationale for three security degrees...................................................................... 39

B.1.1 General ......................................................................................................... 39

B.1.2 Safety categories as input to security degree assignment .............................. 39

B.1.3 Impact on plant availability and performance as input to security degree ....... 39

B.1.4 Resulting security degree assignment approach ............................................ 40

B.2 Considerations about tools associated to on-line systems ..................................... 40

B.3 Practical design and implementation ..................................................................... 40

Annex C (informative) Correspondence with ISO/IEC 27001:2013 ....................................... 41

Annex D (informative) Overall organisation of IEC SC 45A standards related to

cybersecurity ........................................................................................................................ 43

Annex E (informative) Selection of security controls ............................................................. 45

Annex F (informative) Considerations about IEC 62645 applicability to non-NPP

nuclear facilities .................................................................................................................... 47

F.1 Applicability of IEC 62645 security graded approach to Research Reactors .......... 47

F.1.1 General ......................................................................................................... 47

---------------------- Page: 9 ----------------------
SIST EN IEC 62645:2020
– 4 – IEC 62645:2019 © IEC 2019

F.1.2 Categorization of RRs in accordance with potential hazards .......................... 47

F.1.3 Safety categories as input to security degree assignment .............................. 48

F.1.4 Impact on operational capacity as input to security degree ............................ 49

F.1.5 Considerations on requirements associated to security degrees .................... 49

F.2 Applicability of IEC 62645 security graded approach to fuel cycle facilities ........... 49

F.3 Applicability of IEC 62645 security graded approach to SMR ................................ 49

F.4 Reference documents ........................................................................................... 50

Annex G (informative) High-level correspondence table between IEC 62443 series and

IEC 62645............................................................................................................................. 51

Bibliography .......................................................................................................................... 53

Figure 1 – Overall framework of IEC 62645 ........................................................................... 11

Figure 2 – E/E/PE items ........................................................................................................ 14

Figure D.1 – Overview of IEC SC 45A standards with cybersecurity relation ......................... 44

Figure E.1 – Selection of security controls ............................................................................ 46

Table C.1 – Correspondence between ISO/IEC 27001:2013 and IEC 62645 ......................... 41

Table F.1 – Correspondence between safety categories and classes as per IEC 61513 ........ 48

---------------------- Page: 10 ----------------------
SIST EN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 5 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
NUCLEAR POWER PLANTS – INSTRUMENTATION, CONTROL AND
ELECTRICAL POWER SYSTEMS – CYBERSECURITY REQUIREMENTS
FOREWORD

1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising

all national electrotechnical committees (IEC National Committees). The object of IEC is to promote

international co-operation on all questions concerning standardization in the electrical and electronic fields. To

this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,

Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC

Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested

in the subject dealt with may participate in this preparatory work. International, governmental and non-

governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely

with the International Organization for Standardization (ISO) in accordance with conditions determined by

agreement between the two organizations.

2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international

consensus of opinion on the relevant subjects since each technical committee has representation from all

interested IEC National Committees.

3) IEC Publications have the form of recommendations for international use and are accepted by IEC National

Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC

Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any

misinterpretation by any end user.

4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications

transparently to the maximum extent possible in their national and regional publications. Any divergence

between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in

the latter.

5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity

assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any

services carried out by independent certification bodies.

6) All users should ensure that they have the latest edition of this publication.

7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and

members of its technical committees and IEC National Committees for any personal injury, property damage or

other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and

expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC

Publications.

8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is

indispensable for the correct application of this publication.

9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of

patent rights. IEC shall not be held responsible for identifying any or all such patent rights.

International Standard IEC 62645 has been prepared by subcommittee 45A: Instrumentation,

control and electrical power systems of nuclear facilities, of IEC technical committee 45:

Nuclear instrumentation.

This second edition cancels and replaces the first edition published in 2014. This edition

constitutes a technical revision.

This edition includes the following significant technical changes with respect to the previous

edition:
a) to align the standard with the new revisions of ISO/IEC 27001;

b) to review the existing requirements and to update the terminology and definitions;

c) to take account of, as far as possible, requirements associated with standards published

since the first edition;

d) to take into account the fact that cybersecurity techniques, but also national practices

evolve.
---------------------- Page: 11 ----------------------
SIST EN IEC 62645:2020
– 6 – IEC 62645:2019 © IEC 2019
The text of this International Standard is based on the following documents:
FDIS Report on voting
45A/1289/FDIS 45A/1295/RVD

Full information on the voting for the approval of this International Standard can be found in

the report on voting indicated in the above table.

This document has been drafted in accordance with the ISO/IEC Directives, Part 2.

The committee has decided that the contents of this document will remain unchanged until the

stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to

the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates

that it contains colours which are considered to be useful for the correct

understanding of its contents. Users should therefore print this document using a

colour printer.
---------------------- Page: 12 ----------------------
SIST EN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 7 –
INTRODUCTION
a) Technical background, main issues and organisation of the standard

This International Standard focuses on the issue of cybersecurity requirements to prevent

and/or minimize the impact of attacks against I&C programmable digital systems on nuclear

safety and plant performance. It covers programme level, architectural level and system level

requirements.

This standard was prepared and based on the ISO/IEC 27000 series, IAEA and country

specific guidance in this expanding technical and security focus area.

It is intended that the International Standard be used by designers and operators of nuclear

power plants (NPPs) (utilities), licensees, systems evaluators, vendors and subcontractors,

and by licensors.
b) Situation of the current Standard in the structure of the IEC SC 45A standard
series

IEC 62645 is a second level IEC SC 45A document, tackling the generic issue of NPP I&C

cybersecurity.

IEC 62645 is considered formally as a second level document with respect to IEC 61513,

although IEC 61513 needs revision to actually ensure proper reference to and consistency

with IEC 62645. IEC 62645 is the top-level document with respect to cybersecurity in the

SC 45A standard series. Other documents are developed under IEC 62645 and correspond to

third level documents in the IEC SC 45A standards.

For more details on the structure of the IEC SC 45A standard series, see item d) of this

introduction.
c) Recommendations and limitations regarding the application of this standard

This standard establishes requirements for I&C programmable digital systems, with regard to

computer security, and clarifies the processes that I&C programmable digital systems are

designed, developed and operated under in NPPs.

It is recognized that this standard addresses an evolving area of regulatory requirements, due

to the changing and evolving nature of computer security threats. Therefore, the standard

defines a framework within which the evolving country specific requirements may be

developed and applied.

It is also recognized that products derived from application of this subject matter require

protection. Release of the standard’s country specific requirements should be controlled to

limit the extent to which organizations or individuals intending to access nuclear plant

systems illegally, improperly or without authorization may benefit from this information.

d) Description of the structure of the IEC SC 45A standard series and relationships

with other IEC documents and other bodies documents (IAEA, ISO)

The top-level documents of the IEC SC 45A standard series are IEC 61513 and IEC 63046.

IEC 61513 provides general requirements for I&C systems and equipment that are used to

perform functions important to safety in NPPs. IEC 63046 provides general requirements for

electrical power systems of NPPs; it covers power supply systems including the supply

systems of the I&C systems. IEC 61513 and IEC 63046 are to be considered in conjunction

and at the same level. IEC 61513 and IEC 63046 structure the IEC SC 45A standard series

---------------------- Page: 13 ----------------------
SIST EN IEC 62645:2020
– 8 – IEC 62645:2019 © IEC 2019

and shape a complete framework establishing general requirements for instrumentation,

control and electrical systems for nuclear power plants.
IEC 61513 and IEC 63046 refer directly to other IEC SC 45A standa
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.