iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST EN IEC 62645:2020

(Main)

Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements (IEC 62645:2019)

Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements (IEC 62645:2019)

This document establishes requirements and provides guidance for the development and
management of effective computer security programmes for I&C programmable digital
systems. Inherent to these requirements and guidance is the criterion that the power plant
I&C programmable digital system security programme complies with the applicable country’s
requirements.
This document defines adequate measures for the prevention of, detection of and reaction to
malicious acts by digital means (cyberattacks) on I&C programmable digital systems. This
includes any unsafe situation, equipment damage or plant performance degradation that could
result from such an act, such as:
– malicious modifications affecting system integrity;
– malicious interference with information, data or resources that could compromise the
delivery of or performance of the required I&C programmable digital functions;
– malicious interference with information, data or resources that could compromise operator
displays or lead to loss of management of I&C programmable digital systems;
– malicious changes to hardware, firmware or software at the programmable logic controller
(PLC) level.
Human errors leading to violation of the security policy and/or easing the aforementioned
malicious acts are also in the scope of this document.
This document describes a graded approach scheme for assets subject to digital compromise,
based on their relevance to the overall plant safety, availability, and equipment protection.
Excluded from the scope of this document are considerations related to:
– non-malevolent actions and events such as accidental failures, human errors (except
those impacting the performance of cybersecurity controls) and natural events. In
particular, good practices for managing applications and data, including back-up and
restoration related to accidental failure, are out of scope;
NOTE 1 Although such aspects are often covered by security programme in other normative contexts (e.g., in
the ISO/IEC 27000 series or in the IEC 62443 series), this document is only focused on the protection against
malicious acts by digital means (cyberattacks) on I&C programmable digital systems. The main reason is that
in the nuclear generation domain, other standards and practices already cover accidental failures,
unintentional human errors, natural events, etc. The focus of IEC 62645 is made to provide the maximum
consistency and the minimum overlap with these other nuclear standards and practices.
– site physical security, room access control and site security surveillance systems. These
systems, while not specifically addressed in this document, are to be covered by plant
operating procedures and programmes;
NOTE 2 This exclusion does not deny that cybersecurity has clear dependencies on the security of the
physical environment (e.g., physical protection, power delivery systems, heating/ventilation/air-conditioning
systems (HVAC), etc.).
– the aspect of confidentiality of information about I&C digital programmable systems is out
of the scope of this document (see 5.4.3.2.3).
Annex A provides a rationale for and comments about the scope, definition and the
document's application, and in particular about the exclusions and limitations previously
mentioned.
Standards such as ISO/IEC 27001 and ISO/IEC 27002 are not directly applicable to the cyber
protection of nuclear I&C programmable digital systems. This is mainly due to the specificities
of these systems, including the regulatory and safety requirements inherent to nuclear
facilities. However, this document builds upon the valid high level principles and main
concepts of ISO/IEC 27001:2013, adapts them and completes them to fit the nuclear context.
This document follows the general principles given in the IAEA reference manual NSS17.

Kernkraftwerke - Leittechnische und elektrische Systeme - Anforderungen an die Cybersicherheit

Centrales nucléaires de puissance - Systèmes d’instrumentation, de contrôlecommande et d’alimentation électrique - Exigences relatives à la cybersécurité (IEC 62645:2019)

L’IEC 62645:2019 établit des exigences et fournit des recommandations pour le développement et la gestion des programmes de sécurité informatique des systèmes numériques programmables d’I&C. Le critère de conformité du programme de sécurité des systèmes numériques programmables d’I&C de la centrale nucléaire aux exigences nationales applicables est inhérent aux exigences et recommandations du présent document.
Le présent document définit les mesures adéquates pour ce qui concerne la prévention, la détection et la réaction à des actes malveillants, réalisés en utilisant des moyens informatiques (cyberattaques), portant atteinte aux systèmes numériques programmables d’I&C. Ceci comprend les situations non sûres, les endommagements d’équipements ou la dégradation des performances.
Cette deuxième édition annule et remplace la première édition parue en 2014. Cette édition inclut les modifications techniques majeures suivantes par rapport à l'édition précédente:
a) aligner la norme sur les nouvelles révisions de l’ISO/IEC 27001;
b) passer en revue les exigences existantes et mettre à jour la terminologie et les définitions;
c) prendre en compte, autant que possible, les exigences associées aux normes publiées depuis la parution de la première édition;
d) prendre en compte le fait que les techniques de cybersécurité, mais aussi les pratiques nationales évoluent.

Jedrske elektrarne - Merilna, nadzorna in elektroenergetska oprema - Zahteve za kibernetsko varnost (IEC 62645:2019)

General Information

Status
Published
Public Enquiry End Date
28-May-2020
Publication Date
02-Sep-2020
ICS
27.120.20 - Nuclear power plants. Safety
Technical Committee
I09 - Imaginarni 09
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
12-Aug-2020
Due Date
17-Oct-2020
Completion Date
03-Sep-2020
Ref Project
EN IEC 62645:2020 - Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements

Buy Standard

EN IEC 62645:2020 - BARVEEN IEC 62645:2020 - BARVE
PreviousNext
Standard
EN IEC 62645:2020 - BARVE
English language
56 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
prEN IEC 62645:2020 - BARVEprEN IEC 62645:2020 - BARVE
PreviousNext
Draft
prEN IEC 62645:2020 - BARVE
English language
56 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN IEC 62645:2020
01-oktober-2020
Jedrske elektrarne - Merilna, nadzorna in elektroenergetska oprema - Zahteve za
kibernetsko varnost (IEC 62645:2019)
Nuclear power plants - Instrumentation, control and electrical power systems -
Cybersecurity requirements (IEC 62645:2019)
Centrales nucléaires de puissance - Systèmes d’instrumentation, de contrôlecommande
et d’alimentation électrique - Exigences relatives à la cybersécurité (IEC 62645:2019)
Ta slovenski standard je istoveten z: EN IEC 62645:2020
ICS:
27.120.20 Jedrske elektrarne. Varnost Nuclear power plants. Safety
SIST EN IEC 62645:2020 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN IEC 62645:2020

---------------------- Page: 2 ----------------------
SIST EN IEC 62645:2020


EUROPEAN STANDARD EN IEC 62645

NORME EUROPÉENNE

EUROPÄISCHE NORM
July 2020
ICS 27.120.20

English Version
Nuclear power plants - Instrumentation, control and electrical
power systems - Cybersecurity requirements
(IEC 62645:2019)
Centrales nucléaires de puissance - Systèmes Kernkraftwerke – Elektro- und leittechnische Systeme –
d'instrumentation, de contrôlecommande et d'alimentation Anforderungen an die IT-Sicherheitskonzeption
électrique - Exigences relatives à la cybersécurité (IEC 62645:2019)
(IEC 62645:2019)
This European Standard was approved by CENELEC on 2020-07-07. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.


European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2020 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
 Ref. No. EN IEC 62645:2020 E

---------------------- Page: 3 ----------------------
SIST EN IEC 62645:2020
EN IEC 62645:2020 (E)
European foreword
The text of document 45A/1289/FDIS, future edition 2 of IEC 62645, prepared by SC 45A
"Instrumentation, control and electrical power systems of nuclear facilities" of IEC/TC 45 "Nuclear
instrumentation" was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as
EN IEC 62645:2020.
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2021-07-07
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2023-07-07
document have to be withdrawn

Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
As stated in the nuclear safety directive 2009/71/EURATOM, Chapter 1, Article 2, item 2, Member
States are not prevented from taking more stringent safety measures in the subject-matter covered by
the Directive, in compliance with Community law.
In a similar manner, this European standard does not prevent Member States from taking more
stringent nuclear safety and/or security measures in the subject-matter covered by this standard.
Endorsement notice
The text of the International Standard IEC 62645:2019 was approved by CENELEC as a European
Standard without any modification.

In the official version, for Bibliography, the following notes have to be added for the standards
indicated:
IEC 60709 NOTE Harmonized as EN IEC 60709
ISO/IEC 27000:2018 NOTE Harmonized as EN ISO/IEC 27000:2020 (not modified)

2

---------------------- Page: 4 ----------------------
SIST EN IEC 62645:2020
EN IEC 62645:2020 (E)
Annex ZA
(normative)

Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1  Where an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.
NOTE 2  Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 60880 2006 Nuclear power plants - Instrumentation and EN 60880 2009
control systems important to safety -
Software aspects for computer-based
systems performing category A functions
IEC 61226 -  Nuclear power plants - Instrumentation and - -
control systems important to safety -
Classification
IEC 61513 -  Nuclear power plants - Instrumentation and - -
control for systems important to safety -
General requirements for systems
IEC 62138 -  Nuclear power plants - Instrumentation and EN IEC 62138 -
control systems important to safety -
Software aspects for computer-based
systems performing category B or C
functions
IEC 62566 -  Nuclear power plants - Instrumentation and EN 62566 -
control important to safety - Development
of HDL-programmed integrated circuits for
systems performing category A functions
IEC 62859 -  Nuclear power plants - Instrumentation and - -
control systems - Requirements for
coordinating safety and cybersecurity
ISO/IEC 27001 2013 Information technology - Security EN ISO/IEC 27001 2017
techniques - Information security
management systems - Requirements
ISO/IEC 27002 2013 Information technology - Security EN ISO/IEC 27002 2017
techniques - Code of practice for
information security controls
ISO/IEC 27005 2018 Information technology_- Security - -
techniques_- Information security risk
management

3

---------------------- Page: 5 ----------------------
SIST EN IEC 62645:2020

---------------------- Page: 6 ----------------------
SIST EN IEC 62645:2020




IEC 62645

®


Edition 2.0 2019-11




INTERNATIONAL



STANDARD




NORME



INTERNATIONALE
colour

inside










Nuclear power plants – Instrumentation, control and electrical power systems –

Cybersecurity requirements




Centrales nucléaires de puissance – Systèmes d’instrumentation, de contrôle-

commande et d’alimentation électrique – Exigences relatives à la cybersécurité
















INTERNATIONAL

ELECTROTECHNICAL

COMMISSION


COMMISSION

ELECTROTECHNIQUE


INTERNATIONALE




ICS 27.120.20 ISBN 978-2-8322-7548-1




Warning! Make sure that you obtained this publication from an authorized distributor.

Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.

® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale

---------------------- Page: 7 ----------------------
SIST EN IEC 62645:2020
– 2 – IEC 62645:2019 © IEC 2019
CONTENTS
FOREWORD . 5
INTRODUCTION . 7
1 Scope . 9
1.1 General . 9
1.2 Application . 10
1.3 Framework . 10
2 Normative references . 12
3 Terms and definitions . 12
4 Abbreviated terms . 17
5 Establishing and managing a nuclear I&C programmable digital system security
programme . 17
5.1 Context of the organization . 17
5.1.1 Understanding the organization and its context . 17
5.1.2 Understanding the needs and expectations of interested parties . 17
5.1.3 Determining the scope of the I&C programmable digital system security
programme . 17
5.2 Programme, policy and plan . 18
5.2.1 I&C digital programmable system security program. 18
5.2.2 Policy . 18
5.2.3 Plan . 19
5.3 Leadership . 19
5.3.1 Leadership and commitment . 19
5.3.2 Roles, responsibilities and authorities . 19
5.4 Planning of the programme . 20
5.4.1 Cybersecurity objectives and planning to achieve them . 20
5.4.2 Addressing risks and opportunities of the programme . 20
5.4.3 Graded approach to I&C security and risk assessment . 21
5.5 Support . 28
5.5.1 Resources . 28
5.5.2 Training, competence and awareness . 28
5.5.3 Communications about cybersecurity . 29
5.5.4 Documented information . 29
5.6 Operation . 29
5.6.1 Operation planning and control . 29
5.6.2 Cybersecurity graded approach, risk assessment and risk treatment . 30
5.7 Performance evaluation . 30
5.7.1 Monitoring, measurement, analysis and evaluation . 30
5.7.2 Internal audit . 30
5.7.3 Management review . 30
5.8 Improvement . 31
5.8.1 General . 31
5.8.2 Nonconformity and corrective action . 31
5.8.3 Continual improvement . 31
6 Life-cycle implementation for I&C programmable digital system security . 31
6.1 General . 31
6.2 System requirements specification . 31

---------------------- Page: 8 ----------------------
SIST EN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 3 –
6.2.1 General . 31
6.2.2 Security degree assignment . 32
6.3 System specification . 32
6.3.1 Selection of pre-existing components . 32
6.3.2 System architecture . 32
6.4 System detailed design and implementation . 32
6.4.1 General . 32
6.4.2 Risk assessment at the design phase . 33
6.4.3 Design project security plan . 33
6.4.4 Communication pathways . 33
6.4.5 Security zone definition . 34
6.4.6 Security assessment of the final design . 34
6.4.7 Implementation activities . 34
6.5 System integration . 34
6.6 System validation . 34
6.7 System installation . 35
6.8 Operation and maintenance activities . 35
6.8.1 Change control during operations and maintenance . 35
6.8.2 Periodic reassessment of risks and security controls . 35
6.8.3 Change management . 35
6.9 Retirement activities . 36
7 Security controls . 36
7.1 General . 36
7.2 Characterization. 36
7.3 Security defence-in-depth . 37
7.4 Selection and enforcement of cybersecurity controls . 37
Annex A (informative) Rationale for, and notes related to, the scope of this document . 38
A.1 Objective of this annex. 38
A.2 Inclusion of I&C programmable digital system not important to safety . 38
A.3 Exclusion of site physical security, room access control and site security
surveillance systems . 38
A.4 Exclusion of non-malevolent actions and events . 38
A.5 Development tools and platforms . 38
Annex B (informative) Generic considerations about the security degrees . 39
B.1 Rationale for three security degrees. 39
B.1.1 General . 39
B.1.2 Safety categories as input to security degree assignment . 39
B.1.3 Impact on plant availability and performance as input to security degree . 39
B.1.4 Resulting security degree assignment approach . 40
B.2 Considerations about tools associated to on-line systems . 40
B.3 Practical design and implementation . 40
Annex C (informative) Correspondence with ISO/IEC 27001:2013 . 41
Annex D (informative) Overall organisation of IEC SC 45A standards related to
cybersecurity . 43
Annex E (informative) Selection of security controls . 45
Annex F (informative) Considerations about IEC 62645 applicability to non-NPP
nuclear facilities . 47
F.1 Applicability of IEC 62645 security graded approach to Research Reactors . 47
F.1.1 General . 47

---------------------- Page: 9 ----------------------
SIST EN IEC 62645:2020
– 4 – IEC 62645:2019 © IEC 2019
F.1.2 Categorization of RRs in accordance with potential hazards . 47
F.1.3 Safety categories as input to security degree assignment . 48
F.1.4 Impact on operational capacity as input to security degree . 49
F.1.5 Considerations on requirements associated to security degrees . 49
F.2 Applicability of IEC 62645 security graded approach to fuel cycle facilities . 49
F.3 Applicability of IEC 62645 security graded approach to SMR . 49
F.4 Reference documents . 50
Annex G (informative) High-level correspondence table between IEC 62443 series and
IEC 62645. 51
Bibliography . 53


Figure 1 – Overall framework of IEC 62645 . 11
Figure 2 – E/E/PE items . 14
Figure D.1 – Overview of IEC SC 45A standards with cybersecurity relation . 44
Figure E.1 – Selection of security controls . 46

Table C.1 – Correspondence between ISO/IEC 27001:2013 and IEC 62645 . 41
Table F.1 – Correspondence between safety categories and classes as per IEC 61513 . 48

---------------------- Page: 10 ----------------------
SIST EN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 5 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________

NUCLEAR POWER PLANTS – INSTRUMENTATION, CONTROL AND
ELECTRICAL POWER SYSTEMS – CYBERSECURITY REQUIREMENTS

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62645 has been prepared by subcommittee 45A: Instrumentation,
control and electrical power systems of nuclear facilities, of IEC technical committee 45:
Nuclear instrumentation.
This second edition cancels and replaces the first edition published in 2014. This edition
constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous
edition:
a) to align the standard with the new revisions of ISO/IEC 27001;
b) to review the existing requirements and to update the terminology and definitions;
c) to take account of, as far as possible, requirements associated with standards published
since the first edition;
d) to take into account the fact that cybersecurity techniques, but also national practices
evolve.

---------------------- Page: 11 ----------------------
SIST EN IEC 62645:2020
– 6 – IEC 62645:2019 © IEC 2019
The text of this International Standard is based on the following documents:
FDIS Report on voting
45A/1289/FDIS 45A/1295/RVD

Full information on the voting for the approval of this International Standard can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.

---------------------- Page: 12 ----------------------
SIST EN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 7 –
INTRODUCTION
a) Technical background, main issues and organisation of the standard
This International Standard focuses on the issue of cybersecurity requirements to prevent
and/or minimize the impact of attacks against I&C programmable digital systems on nuclear
safety and plant performance. It covers programme level, architectural level and system level
requirements.
This standard was prepared and based on the ISO/IEC 27000 series, IAEA and country
specific guidance in this expanding technical and security focus area.
It is intended that the International Standard be used by designers and operators of nuclear
power plants (NPPs) (utilities), licensees, systems evaluators, vendors and subcontractors,
and by licensors.
b) Situation of the current Standard in the structure of the IEC SC 45A standard
series
IEC 62645 is a second level IEC SC 45A document, tackling the generic issue of NPP I&C
cybersecurity.
IEC 62645 is considered formally as a second level document with respect to IEC 61513,
although IEC 61513 needs revision to actually ensure proper reference to and consistency
with IEC 62645. IEC 62645 is the top-level document with respect to cybersecurity in the
SC 45A standard series. Other documents are developed under IEC 62645 and correspond to
third level documents in the IEC SC 45A standards.
For more details on the structure of the IEC SC 45A standard series, see item d) of this
introduction.
c) Recommendations and limitations regarding the application of this standard
This standard establishes requirements for I&C programmable digital systems, with regard to
computer security, and clarifies the processes that I&C programmable digital systems are
designed, developed and operated under in NPPs.
It is recognized that this standard addresses an evolving area of regulatory requirements, due
to the changing and evolving nature of computer security threats. Therefore, the standard
defines a framework within which the evolving country specific requirements may be
developed and applied.
It is also recognized that products derived from application of this subject matter require
protection. Release of the standard’s country specific requirements should be controlled to
limit the extent to which organizations or individuals intending to access nuclear plant
systems illegally, improperly or without authorization may benefit from this information.
d) Description of the structure of the IEC SC 45A standard series and relationships
with other IEC documents and other bodies documents (IAEA, ISO)
The top-level documents of the IEC SC 45A standard series are IEC 61513 and IEC 63046.
IEC 61513 provides general requirements for I&C systems and equipment that are used to
perform functions important to safety in NPPs. IEC 63046 provides general requirements for
electrical power systems of NPPs; it covers power supply systems including the supply
systems of the I&C systems. IEC 61513 and IEC 63046 are to be considered in conjunction
and at the same level. IEC 61513 and IEC 63046 structure the IEC SC 45A standard series

---------------------- Page: 13 ----------------------
SIST EN IEC 62645:2020
– 8 – IEC 62645:2019 © IEC 2019
and shape a complete framework establishing general requirements for instrumentation,
control and electrical systems for nuclear power plants.
IEC 61513 and IEC 63046 refer directly to other IEC SC 45A standa
...

SLOVENSKI STANDARD
oSIST prEN IEC 62645:2020
01-maj-2020
Nuklearne elektrarne - Merilna, nadzorna in elektroenergetska oprema - Zahteve
glede kibernetske varnosti
Nuclear power plants - Instrumentation, control and electrical power systems -
Cybersecurity requirements
Centrales nucléaires de puissance - Systèmes d’instrumentation, de contrôlecommande
et d’alimentation électrique - Exigences relatives à la cybersécurité
Ta slovenski standard je istoveten z: prEN IEC 62645:2020
ICS:
27.120.20 Jedrske elektrarne. Varnost Nuclear power plants. Safety
oSIST prEN IEC 62645:2020 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN IEC 62645:2020

---------------------- Page: 2 ----------------------
oSIST prEN IEC 62645:2020


EUROPEAN STANDARD DRAFT
prEN IEC 62645
NORME EUROPÉENNE

EUROPÄISCHE NORM

March 2020
ICS

English Version
Nuclear power plants - Instrumentation, control and electrical
power systems - Cybersecurity requirements
(IEC 62645:2019)
Centrales nucléaires de puissance - Systèmes To be completed
d'instrumentation, de contrôlecommande et d'alimentation (IEC 62645:2019)
électrique - Exigences relatives à la cybersécurité
(IEC 62645:2019)
This draft European Standard is submitted to CENELEC members for enquiry.
Deadline for CENELEC: 2020-05-29.

The text of this draft consists of the text of IEC 62645:2019.

If this draft becomes a European Standard, CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which
stipulate the conditions for giving this European Standard the status of a national standard without any alteration.

This draft European Standard was established by CENELEC in three official versions (English, French, German).
A version in any other language made by translation under the responsibility of a CENELEC member into its own language and notified to
the CEN-CENELEC Management Centre has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.

Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to
provide supporting documentation.

Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without notice and
shall not be referred to as a European Standard.


European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2020 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Project: 70988 Ref. No. prEN 62645:2020 E

---------------------- Page: 3 ----------------------
oSIST prEN IEC 62645:2020
prEN IEC 62645:2020 (E)
European foreword
This document (prEN IEC 62645:2020) consists of the text of document IEC 62645:2020, prepared by
IEC/TC 45 "Nuclear instrumentation".
This document is currently submitted to the CENELEC Enquiry.
The following dates are proposed:
• latest date by which the existence of this document (doa) dor + 6 months
has to be announced at national level
• latest date by which this document has to be (dop) dor + 12 months
implemented at national level by publication of an
identical national standard or by endorsement
• latest date by which the national standards (dow) dor + 36 months
conflicting with this document have to be withdrawn (to be confirmed or
modified when voting)

As stated in the nuclear safety directive 2009/71/EURATOM, Chapter 1, Article 2, item 2, Member States
are not prevented from taking more stringent safety measures in the subject-matter covered by the
Directive, in compliance with Community law. In a similar manner, this European standard does not
prevent Member States from taking more stringent nuclear safety measures in the subject-matter
covered by this standard.
Bibliography
In the official version, for Bibliography, the following notes have to be added for the standards indicated:
IEC 60709 NOTE  Harmonized as EN 60709 (not modified).

2

---------------------- Page: 4 ----------------------
oSIST prEN IEC 62645:2020
prEN IEC 62645:2020 (E)
Annex ZA
(normative)

Normative references to international publications
with their corresponding European publications

The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.

NOTE 1 When an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.

NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
www.cenelec.eu.

Publication Year Title EN/HD Year
IEC 60880 2006 Nuclear power plants - Instrumentation and EN 60880 2009
control systems important to safety -
Software aspects for computer-based
systems performing category A functions
IEC 61226 -  Nuclear power plants - Instrumentation and - -
control systems important to safety -
Classification
IEC 61513 -  Nuclear power plants - Instrumentation and - -
control for systems important to safety -
General requirements for systems
IEC 62138 -  Nuclear power plants - Instrumentation and EN IEC 62138 -
control systems important to safety -
Software aspects for computer-based
systems performing category B or C
functions
IEC 62566 -  Nuclear power plants - Instrumentation and EN 62566 -
control important to safety - Development
of HDL-programmed integrated circuits for
systems performing category A functions
IEC 62859 -  Nuclear power plants - Instrumentation and - -
control systems - Requirements for
coordinating safety and cybersecurity
IEC 62988 2018 Nuclear power plants - Instrumentation and - -
control systems important to safety -
Selection and use of wireless devices
ISO/IEC 27001 2013 Information technology - Security EN ISO/IEC 27001 2017
techniques - Information security
management systems - Requirements
ISO/IEC 27002 2013 Information technology - Security EN ISO/IEC 27002 2017
techniques - Code of practice for
information security controls
ISO/IEC 27005 2018 Information technology_- Security - -
techniques_- Information security risk
management

3

---------------------- Page: 5 ----------------------
oSIST prEN IEC 62645:2020

---------------------- Page: 6 ----------------------
oSIST prEN IEC 62645:2020




IEC 62645

®


Edition 2.0 2019-11




INTERNATIONAL



STANDARD




NORME



INTERNATIONALE
colour

inside










Nuclear power plants – Instrumentation, control and electrical power systems –

Cybersecurity requirements




Centrales nucléaires de puissance – Systèmes d’instrumentation, de contrôle-

commande et d’alimentation électrique – Exigences relatives à la cybersécurité
















INTERNATIONAL

ELECTROTECHNICAL

COMMISSION


COMMISSION

ELECTROTECHNIQUE


INTERNATIONALE




ICS 27.120.20 ISBN 978-2-8322-7548-1




Warning! Make sure that you obtained this publication from an authorized distributor.

Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.

® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale

---------------------- Page: 7 ----------------------
oSIST prEN IEC 62645:2020
– 2 – IEC 62645:2019 © IEC 2019
CONTENTS
FOREWORD . 5
INTRODUCTION . 7
1 Scope . 9
1.1 General . 9
1.2 Application . 10
1.3 Framework . 10
2 Normative references . 12
3 Terms and definitions . 12
4 Abbreviated terms . 17
5 Establishing and managing a nuclear I&C programmable digital system security
programme . 17
5.1 Context of the organization . 17
5.1.1 Understanding the organization and its context . 17
5.1.2 Understanding the needs and expectations of interested parties . 17
5.1.3 Determining the scope of the I&C programmable digital system security
programme . 17
5.2 Programme, policy and plan . 18
5.2.1 I&C digital programmable system security program. 18
5.2.2 Policy . 18
5.2.3 Plan . 19
5.3 Leadership . 19
5.3.1 Leadership and commitment . 19
5.3.2 Roles, responsibilities and authorities . 19
5.4 Planning of the programme . 20
5.4.1 Cybersecurity objectives and planning to achieve them . 20
5.4.2 Addressing risks and opportunities of the programme . 20
5.4.3 Graded approach to I&C security and risk assessment . 21
5.5 Support . 28
5.5.1 Resources . 28
5.5.2 Training, competence and awareness . 28
5.5.3 Communications about cybersecurity . 29
5.5.4 Documented information . 29
5.6 Operation . 29
5.6.1 Operation planning and control . 29
5.6.2 Cybersecurity graded approach, risk assessment and risk treatment . 30
5.7 Performance evaluation . 30
5.7.1 Monitoring, measurement, analysis and evaluation . 30
5.7.2 Internal audit . 30
5.7.3 Management review . 30
5.8 Improvement . 31
5.8.1 General . 31
5.8.2 Nonconformity and corrective action . 31
5.8.3 Continual improvement . 31
6 Life-cycle implementation for I&C programmable digital system security . 31
6.1 General . 31
6.2 System requirements specification . 31

---------------------- Page: 8 ----------------------
oSIST prEN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 3 –
6.2.1 General . 31
6.2.2 Security degree assignment . 32
6.3 System specification . 32
6.3.1 Selection of pre-existing components . 32
6.3.2 System architecture . 32
6.4 System detailed design and implementation . 32
6.4.1 General . 32
6.4.2 Risk assessment at the design phase . 33
6.4.3 Design project security plan . 33
6.4.4 Communication pathways . 33
6.4.5 Security zone definition . 34
6.4.6 Security assessment of the final design . 34
6.4.7 Implementation activities . 34
6.5 System integration . 34
6.6 System validation . 34
6.7 System installation . 35
6.8 Operation and maintenance activities . 35
6.8.1 Change control during operations and maintenance . 35
6.8.2 Periodic reassessment of risks and security controls . 35
6.8.3 Change management . 35
6.9 Retirement activities . 36
7 Security controls . 36
7.1 General . 36
7.2 Characterization. 36
7.3 Security defence-in-depth . 37
7.4 Selection and enforcement of cybersecurity controls . 37
Annex A (informative) Rationale for, and notes related to, the scope of this document . 38
A.1 Objective of this annex. 38
A.2 Inclusion of I&C programmable digital system not important to safety . 38
A.3 Exclusion of site physical security, room access control and site security
surveillance systems . 38
A.4 Exclusion of non-malevolent actions and events . 38
A.5 Development tools and platforms . 38
Annex B (informative) Generic considerations about the security degrees . 39
B.1 Rationale for three security degrees. 39
B.1.1 General . 39
B.1.2 Safety categories as input to security degree assignment . 39
B.1.3 Impact on plant availability and performance as input to security degree . 39
B.1.4 Resulting security degree assignment approach . 40
B.2 Considerations about tools associated to on-line systems . 40
B.3 Practical design and implementation . 40
Annex C (informative) Correspondence with ISO/IEC 27001:2013 . 41
Annex D (informative) Overall organisation of IEC SC 45A standards related to
cybersecurity . 43
Annex E (informative) Selection of security controls . 45
Annex F (informative) Considerations about IEC 62645 applicability to non-NPP
nuclear facilities . 47
F.1 Applicability of IEC 62645 security graded approach to Research Reactors . 47
F.1.1 General . 47

---------------------- Page: 9 ----------------------
oSIST prEN IEC 62645:2020
– 4 – IEC 62645:2019 © IEC 2019
F.1.2 Categorization of RRs in accordance with potential hazards . 47
F.1.3 Safety categories as input to security degree assignment . 48
F.1.4 Impact on operational capacity as input to security degree . 49
F.1.5 Considerations on requirements associated to security degrees . 49
F.2 Applicability of IEC 62645 security graded approach to fuel cycle facilities . 49
F.3 Applicability of IEC 62645 security graded approach to SMR . 49
F.4 Reference documents . 50
Annex G (informative) High-level correspondence table between IEC 62443 series and
IEC 62645. 51
Bibliography . 53


Figure 1 – Overall framework of IEC 62645 . 11
Figure 2 – E/E/PE items . 14
Figure D.1 – Overview of IEC SC 45A standards with cybersecurity relation . 44
Figure E.1 – Selection of security controls . 46

Table C.1 – Correspondence between ISO/IEC 27001:2013 and IEC 62645 . 41
Table F.1 – Correspondence between safety categories and classes as per IEC 61513 . 48

---------------------- Page: 10 ----------------------
oSIST prEN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 5 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________

NUCLEAR POWER PLANTS – INSTRUMENTATION, CONTROL AND
ELECTRICAL POWER SYSTEMS – CYBERSECURITY REQUIREMENTS

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62645 has been prepared by subcommittee 45A: Instrumentation,
control and electrical power systems of nuclear facilities, of IEC technical committee 45:
Nuclear instrumentation.
This second edition cancels and replaces the first edition published in 2014. This edition
constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous
edition:
a) to align the standard with the new revisions of ISO/IEC 27001;
b) to review the existing requirements and to update the terminology and definitions;
c) to take account of, as far as possible, requirements associated with standards published
since the first edition;
d) to take into account the fact that cybersecurity techniques, but also national practices
evolve.

---------------------- Page: 11 ----------------------
oSIST prEN IEC 62645:2020
– 6 – IEC 62645:2019 © IEC 2019
The text of this International Standard is based on the following documents:
FDIS Report on voting
45A/1289/FDIS 45A/1295/RVD

Full information on the voting for the approval of this International Standard can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.

---------------------- Page: 12 ----------------------
oSIST prEN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 7 –
INTRODUCTION
a) Technical background, main issues and organisation of the standard
This International Standard focuses on the issue of cybersecurity requirements to prevent
and/or minimize the impact of attacks against I&C programmable digital systems on nuclear
safety and plant performance. It covers programme level, architectural level and system level
requirements.
This standard was prepared and based on the ISO/IEC 27000 series, IAEA and country
specific guidance in this expanding technical and security focus area.
It is intended that the International Standard be used by designers and operators of nuclear
power plants (NPPs) (utilities), licensees, systems evaluators, vendors and subcontractors,
and by licensors.
b) Situation of the current Standard in the structure of the IEC SC 45A standard
series
IEC 62645 is a second level IEC SC 45A document, tackling the generic issue of NPP I&C
cybersecurity.
IEC 62645 is considered formally as a second level document with respect to IEC 61513,
although IEC 61513 needs revision to actually ensure proper reference to and consistency
with IEC 62645. IEC 62645 is the top-level document with respect to cybersecurity in the
SC 45A standard series. Other documents are developed under IEC 62645 and correspond to
third level documents in the IEC SC 45A standards.
For more details on the structure of the IEC SC 45A standard series, see item d) of this
introduction.
c) Recommendations and limitations regarding the application of this standard
This standard establishes requirements for I&C programmable digital systems, with regard to
computer security, and clarifies the processes that I&C programmable digital systems are
designed, developed and operated under in NPPs.
It is recognized that this standard addresses an evolving area of regulatory requirements, due
to the changing and evolving nature of computer security threats. Therefore, the standard
defines a framework within which the evolving country specific requirements may be
developed and applied.
It is also recognized that products derived from application of this subject matter require
protection. Release of the standard’s country specific requirements should be controlled to
limit the extent to which organizations or individuals intending to access nuclear plant
systems illegally, improperly or without authorization may benefit from this information.
d) Description of the structure of the IEC SC 45A standard series and relationships
with other IEC documents and other bodies documents (IAEA, ISO)
The top-level documents of the IEC SC 45A standard series are IEC 61513 and IEC 63046.
IEC 61513 provides general requirements for I&C systems and equipment that are used to
perform functions important to safety in NPPs. IEC 63046 provides general requirements for
electrical power systems of NPPs; it covers power supply systems including the supply
systems of the I&C systems. IEC 61513 and IEC 63046 are to be considered in conjunction
and at the same level. IEC 61513 and IEC 63046 structure the IEC SC 45A standard series

---------------------- Page: 13 ----------------------
oSIST prEN IEC 62645:2020
– 8 – IEC 62645:2019 © IEC 2019
and shape a complete framework establishing general requirements for instrumentation,
control and electrica
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST EN IEC 62988:2022(Main)
Nuclear power plants - Instrumentation and control systems important to safety - Selection and use of wireless devices (IEC 62988:2018)
EN IEC 62988:2022

This document establishes requirements relevant to the selection and use of wireless devices
in instrumentation and control (I&C) systems important to safety used in nuclear power plants
(NPPs). Those I&C systems may fully consist of wireless devices.
NOTE The word “use” refers to the integration of the device, its qualification, administrative control, and every
other activity that may be necessary to use the device in an important to safety application.
This document applies to the I&C of new NPPs and to backfit of I&C in existing NPPs. Every
wireless device or wireless system that is important to safety is in the scope of this document.
Both fixed and mobile devices and all data types (voice, process data, etc.) are included
within the scope if they provide a safety classified function.
This document restricts the use of wireless devices to systems supporting category C
functions according to IEC 61226, excluding explicitly their use for categories A and B.
Non-safety devices and systems may use this document as guidelines, for example to ensure
that important to safety devices are not disturbed.
– Clause 5 describes the fundamental requirements regarding safety and cybersecurity.
– Clause 6 gives wireless-specific requirements that have to be included in the system
design.
– Clause 7 describes the requirements for the selection and integration of wireless devices.
– Clause 8 deals with electromagnetic compatibility and spectrum management.
– Clause 9 gives wireless-specific requirements regarding cybersecurity.
– Clause 10 describes the requirements for the qualification of wireless devices and their
environment.

  • Standard
    21 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    21 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 60987:2021(Main)
Nuclear power plants - Instrumentation and control important to safety - Hardware requirements (IEC 60987:2021)
EN IEC 60987:2021

IEC 60987:2021 provides requirements and recommendations for the hardware aspects of I&C systems whatever the technology and applies for all safety classes in a graded manner (as defined by IEC 61513). The requirements defined within this document guide, in particular, the selection of pre-existing components, hardware aspects of system detailed design and implementation and equipment manufacturing.
This third edition cancels and replaces the second edition published in 2007. This edition includes the following significant technical changes with respect to the previous edition:
a) Title modified;
b) Take account of the fact that hardware requirements apply to all I&C technologies, including conventional hardwired equipment, programmable digital equipment or by using a combination of both types of equipment;
c) Align the standard with the new revisions of IAEA documents SSR-2/1, which include as far as possible an adaptation of the definitions;
d) Replace, as far as possible, the requirements associated with standards published since the edition 2.1, especially IEC 61513, IEC 60880, IEC 62138, IEC 62566 and IEC 62566‑2;
e) Review the existing requirements and update the terminology and definitions;
f) Extend the scope of the standard to all hardware (computerized and non-computerized) and to all safety classes 1, 2 and 3;
g) Complete, update the IEC and IAEA references and vocabulary;
h) Check possible impact of other IAEA requirements and recommendations considering extension of the scope of SC 45A;
i) Highlight the use of IEC 62566 and IEC 62566-2 for HPD development;
j) Introduce specific activities for pre-existing items (selection, acceptability and/or mitigation);
k) Introduce clearer requirements for electronic module-level design, manufacturing and control;
l) Complete reliability assessment methods;
m) Introduce requirements when using automated tests or control activities;
n) Complete description of manufacturing control activities (control process, assessment of manufactured equipment, preservation of products);
o) Define and ensure the inclusion of a graded approach for dealing with the 3 different classes of equipment and related requirements.

  • Standard
    53 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    52 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 62855:2021(Main)
Nuclear power plants - Electrical power systems - Electrical power systems analysis (IEC 62855:2016)
EN IEC 62855:2021

IEC 62855 provides the electrotechnical engineering guidelines for analysis of AC and DC
electrical power systems in nuclear power plants (NPPs) in order to demonstrate that the
power sources and the distribution systems have the capability for safe operation and shut
down of the NPP, bringing it to a controlled state after an anticipated operational occurrence
or accident conditions and finally reaching a safe state.
The analytical studies discussed in this document provide assurance that the design bases
are satisfied to meet their functional requirements under the conditions produced by the
applicable design basis events. The studies provide assurance that the electrical power
system is capable of supporting safety functions during all required plant conditions.
NOTE The safety functions are described in IAEA Specific Safety Requirements SSR-2/1 related to the design of
the nuclear power plants..
Analytical studies validate the robustness and adequacy of design margins and demonstrate
the capability of electrical power systems to support plant operation for normal, abnormal,
degraded and accident conditions.
The analyses are used to verify that the electrical power system can withstand minor
disturbances and that the consequences of major disturbances or failures do not degrade the
capability of the electrical power systems to support safe shutdown of the plant and maintain
the plant in shutdown condition.
The analyses are performed with one or more of
• simulation tools (software and hardware) that have been verified and validated,
• hand calculations, and
• tests.
This document provides guidance on the types of analyses required to demonstrate that the
plant's auxiliary power system can perform the required safety functions. This document does
not provide specific details on how the analysis should be conducted.
This document does not cover digital controllers (such as controllers for rectifiers, inverters,
sequencers and electrical protection devices) used in electrical power systems. IEC 61513
gives recommendations that apply to the electronic controls and protective elements of the
electrical power systems.
This document does not include environmental conditions (i.e. temperature, humidity, etc.) or
external events (seismic, flooding, fire, high energy electromagnetic pulse, etc.) that may
impact equipment sizing or protection requirements. The external events lightning and
geomagnetic storms are included.
This document does not cover additional or unique requirements for stand-alone power
system, such as power supplies for security measures in NPPs. Pertinent clauses of this
document may be used as a guideline for such systems.
Redundancy in the power system design can increase the availability of electrical power to
critical plant equipment. Performing a probabilistic risk assessment (PRA) is a method of
assessing system availability and optimizing design for high reliability. This document does
not cover improving the reliability of NPP electrical power systems using statistical or diverse
and redundant schemes.
Requirements for safeguards of personnel involved with installation, maintenance and
operation of electrical systems and general personal safety are outside the scope of this
document. General guidance for lightning protection of equipment is provided in relevant
clauses of this document.
This document is intended to be used:
• for verification of the design of new nuclear power plants,
• for demonstrating the adequacy and impact of major modifications of electrical power
systems in operating nuclear power plants, and
• where there is a requirement to assess and establish operating limits and constraints for
existing plants.
Pertinent parts of this document can be used as guidance for decommissioning stages.

  • Standard
    60 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    60 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC/IEEE 62582-6:2021(Main)
Nuclear power plants - Instrumentation and control important to safety - Electrical equipment condition monitoring methods - Part 6: Insulation resistance (IEC/IEEE 62582-6:2019)
EN IEC/IEEE 62582-6:2021

This part of IEC/IEEE 62582 contains methods for condition monitoring of organic and
polymeric materials in instrumentation and control cables using insulation resistance
measurements in the detail necessary to produce accurate and reproducible results during
simulated accident conditions. It includes the requirements for the measurement system and
measurement procedure, and the reporting of the measurement results.
NOTE Measurement of insulation resistance during simulated accident conditions with the aim of determining the
lowest value during the accident in order to assess cable performance involves special requirements given in this
document. Methods for measurement under stable (non-accident) conditions are available in other international
standards, e.g. IEC 62631-3-3.
The different parts of the IEC/IEEE 62582 series are measurement standards, primarily for
use in the management of ageing in initial qualification and after installation. IEC/IEEE 62582-
1 includes requirements for the application of the other parts of the IEC/IEEE 62582 series
and some elements which are common to all methods. Information on the role of condition
monitoring in qualification of equipment important to safety is found in IEC/IEEE 60780-323.

  • Standard
    27 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    27 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 61226:2021(Main)
Nuclear power plants - Instrumentation, control and electrical power systems important to safety - Categorization of functions and classification of systems (IEC 61226:2020)
EN IEC 61226:2021

This document establishes, for nuclear power plants2, a method of assignment of the
functions specified for the plant into categories according to their importance to safety.
Subsequent classification of the I&C and electrical power systems performing or supporting
these functions, based on the assigned category, then determines relevant design criteria.
The design criteria, when applied, ensure the achievement of each function in accordance to
its importance to safety. In this document, the criteria are those of functionality, reliability,
performance, environmental qualification (e.g. seismic) and quality assurance (QA).
This document is applicable to:
- the functions important to safety that are performed by I&C systems and supported by
electrical power systems (categorization of I&C functions),
- the I&C systems that enable those functions to be implemented (classification of I&C
systems),
- the electrical power systems that support those functions (classification of electrical power
systems).
The systems under consideration provide automated protection, closed or open loop control,
information to the operating staff, and electrical power supply to systems. These systems
keep the NPP conditions inside the safe operating envelope and provide automatic actions, or
enable manual actions, that prevent or mitigate accidents, or that prevent or minimize
radioactive releases to the site or wider environment. The I&C and electrical power systems
that fulfil these roles safeguard the health and safety of the NPP operators and the public.
This document follows the general principles given in IAEA Safety Requirement SSR-2/1 and
Safety Guides SSG-30, SSG-34 and SSG-39, and it defines a structured method of applying
the guidance contained in those codes and standards to the I&C and electrical power systems
that perform functions important to safety in a NPP. This document is read in association with
the IAEA guides together with IEC 61513 and IEC 63046 in implementing the requirements of
the IEC 61508 series. The overall classification scheme of structures, systems and
components for NPPs can be summarized as follows by Figure 1.

  • Standard
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 62954:2021(Main)
Nuclear power plants - Control rooms - Requirements for emergency response facilities (IEC 62954:2019)
EN IEC 62954:2021

This document presents the requirements for the on-site emergency response facilities
(referred to hereinafter as the “ERF”) which are to be used in case of incidents or accidents
occurring on the associated Nuclear Power Plant (NPP). The ERF consists of the Emergency
Response Centre (ERC), the Technical Support Centre (TSC) and the Operational Support
Centre (OSC), as shown in Figure 1.
It establishes requirements for the ERF features and ERF I&C equipment to:
• coordinate on-site operational efforts with respect to safety and radioprotection;
• optimize the design in terms of environment control, lighting, power supplies and access
control of the ERF;
• enhance the identification and resolution of potential conflicts between the traditional
operational means and emergency means (MCR/SCR and ERF, operating staff and
emergency teams, operational procedures and emergency procedures);
• aid the identification and the enhancement of the potential synergies between the
traditional operational means and emergency means.
This document is intended for application to new nuclear power plants whose conceptual
design is initiated after the publication of this document, but it may also be used for designing
and implementing ERF in existing nuclear power plants or in any other nuclear facility.
Detailed equipment design is outside the scope of this document.
This document does not define the situations (reactor plant conditions, hazards and
magnitudes of hazards) leading to mobilisation of emergency response teams and activation /
use of the ERF. These aspects are usually addressed in the NPP Emergency Plan. However,
the need for consistency of the ERF design and operation with the NPP Emergency Plan is
within scope.

  • Standard
    29 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    29 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 63046:2021(Main)
Nuclear power plants - Electrical power system - General requirements (IEC 63046:2020)
EN IEC 63046:2021

This document:
• provides requirements and recommendations for the overall Electrical Power System. In
particular, it covers interruptible and uninterruptible Electrical Power Systems including
the systems supplying the I&C systems;
• is consistent and coherent with IEC 61513. Like IEC 61513, this document also highlights
the need for complete and precise requirements, derived from the plant safety goals.
Those requirements are prerequisites for generating the comprehensive requirements for
the overall Electrical Power System architecture, and for the electrical power supply subsystems;
• has to be considered in conjunction with and at the same level as IEC 61513. These two
standards provide a complete framework establishing general requirements for
instrumentation, control, and Electrical Power System for Nuclear Power Plants.
This document establishes:
• the high level specification and requirement to implement a suitable Electrical Power
System in a NPP that supports reactor systems important to safety. It also enables
electrical energy production providing the transmission grid with active and reactive power
and electro-mechanical inertia;
• the relationships between:
– the plant safety requirements and the architecture of the overall Electrical Power
System and its sub-systems (see Figure 1) including:
a) the contribution to the plant Defence in Depth;
b) the independency and redundancy provisions;
– the electrical requirements and the architecture of the Electrical Power System and its
sub-systems;
– the functional requirements and the architecture of the Electrical Power System and its
sub-systems;
– the requirements associated with the maintenance strategy and the architecture of the
Electrical Power System and its sub-systems;
• the design of Electrical power sub-systems (e.g. interruptible and uninterruptible);
• the requirements for supporting systems of Electrical Power System (HVAC, I&C, etc.);
• the Electrical Power System life-cycle framework.
This document does not cover the specification of:
• I&C systems;
• the transmission lines connecting to substations outside the NPP;
• electrical equipment requirements already defined in the industrial IEC standards;
• electrical power for security systems (e.g., fences, surveillance systems, entrance
control);
• lighting and socket facility.
This document does not consider power production requirements.

  • Standard
    91 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    91 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC/IEEE 60980-344:2021(Main)
Nuclear facilities - Equipment important to safety - Seismic qualification (IEC/IEEE 60980-344:2020)
EN IEC/IEEE 60980-344:2021

This International Standard describes methods for establishing seismic qualification procedures
that will yield quantitative data to demonstrate that the equipment can meet its performance
requirements. This document is applicable to electrical, mechanical, instrumentation and control
equipment/components that are used in nuclear facilities. This document provides methods and
documentation requirements for seismic qualification of equipment to verify the equipment’s
ability to perform its specified performance requirements during and/or after specified seismic
demands. This document does not specify seismic demand or performance requirements. Other
aspects, relating to quality assurance, selection of equipment, and design and modification of
systems, are not part of this document. As seismic qualification is only a part of equipment
qualification, this document is used in conjunction with IEC/IEEE 60780-323.
The seismic qualification demonstrates equipment’s ability to perform its safety function(s)
during and/or after the time it is subjected to the forces resulting from at least one safe shutdown
earthquake (SSE/S2). This ability is demonstrated by taking into account, prior to the SSE/S2,
the ageing of equipment and the postulated occurrences of a given number of lower intensity
operating basis earthquake (OBE/S1). Ageing phenomena to be considered, if specified in the
design specification, are those which could increase the vulnerability of equipment to vibrations
caused by an SSE/S2.

  • Standard
    85 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    85 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 62566-2:2021(Main)
Nuclear power plants - Instrumentation and control systems important to safety - Development of HDL-programmed integrated circuits - Part 2: HDL-programmed integrated circuits for systems performing category B or C functions (IEC 62566-2:2020)
EN IEC 62566-2:2020

This part of IEC 62566 provides requirements for achieving highly reliable HDL-Programmed
Devices (HPDs), for use in I&C systems of nuclear power plants performing functions of safety
category B or C as defined by IEC 61226.
The programming of HPDs relies on Hardware Description Languages (HDL) and related
software tools. They are typically based on blank Field Programmable Gate Arrays (FPGAs) or
similar micro-electronic technologies such as Programmable Logic Devices (PLD), Complex
Programmable Logic Devices (CPLDs), etc. General purpose integrated circuits such as
microprocessors are not HPDs. Annex B.8 provides descriptions of a number of different types
of integrated circuits.
This document provides requirements on:
a) a dedicated HPD life-cycle addressing each phase of the development of HPDs, including
specification of requirements, design, implementation, integration and validation, as well as
verification activities associated with each phase,
b) planning and complementary activities such as modification and production,
c) selection of pre-developed components. This includes micro-electronic technologies and
Pre-Developed Blocks (PDBs),
d) tools used to design, implement and verify HPDs.
This document does not put requirements on the development of the micro-electronic
technologies, which are usually available as "commercial off-the-shelf" items and are not
developed under nuclear quality assurance standards. It addresses the developments made
with these micro-electronic technologies in an I&C project with HDLs and related tools.
This document provides guidance to avoid as far as possible latent faults remaining in HPDs,
and to reduce the susceptibility to single failures as well as to potential Common Cause Failures
(CCFs).
Reliability aspects related to environmental qualification and failures due to ageing or physical
degradation are not handled in this document. Other standards, especially IEC 60987,
IEC/IEEE 60780-323 and IEC 62342, address these topics.
This document does not cover cybersecurity for HDL aspects of I&C systems. IEC 62645
provides requirements for security programmes for I&C programmable digital systems.
This document provides guidance and requirements to produce verifiable HPD designs and
implementations requiring justification due for their role in carrying out category B or C safety
functions. This document describes the activities to develop HPDs, organized in the framework
of a dedicated life-cycle. It also describes activities and guidelines to be used in addition to the
requirements of IEC 61226 for system classification and IEC 61513 for system integration and
validation when HPDs are included.

  • Standard
    61 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    61 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 62003:2020(Main)
Nuclear power plants - Instrumentation, control and electrical power systems - Requirements for electromagnetic compatibility testing (IEC 62003:2020)
EN IEC 62003:2020

IEC 62003:2020 establishes requirements for electromagnetic compatibility testing of instrumentation, control, and electrical equipment supplied for use in systems important to safety at nuclear power plants and other nuclear facilities. The document lists the applicable IEC standards (principally the IEC 61000 series) which define the general test methods, and provides the necessary application-specific parameters and criteria to ensure that nuclear safety requirements are met.
This second edition cancels and replaces the first edition published in 2009. This edition includes the following significant technical changes with respect to the previous edition:
a) title modified.
b) expand the scope to encompass Electromagnetic Magnetic Compatibility (EMC) considerations for electrical equipment.
c) provide guidance for addressing the use of wireless technology.
d) enhance the description of the electromagnetic environment to provide clarification when selecting custom test levels or for test exemptions.
e) include example information to be contained within an EMC test plan.
f) provide guidance for characterization of the electromagnetic environment at the point of installation within a nuclear facility.

  • Standard
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day