SIST EN IEC 62645:2020
(Main)Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements (IEC 62645:2019)
Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements (IEC 62645:2019)
This document establishes requirements and provides guidance for the development and
management of effective computer security programmes for I&C programmable digital
systems. Inherent to these requirements and guidance is the criterion that the power plant
I&C programmable digital system security programme complies with the applicable country’s
requirements.
This document defines adequate measures for the prevention of, detection of and reaction to
malicious acts by digital means (cyberattacks) on I&C programmable digital systems. This
includes any unsafe situation, equipment damage or plant performance degradation that could
result from such an act, such as:
– malicious modifications affecting system integrity;
– malicious interference with information, data or resources that could compromise the
delivery of or performance of the required I&C programmable digital functions;
– malicious interference with information, data or resources that could compromise operator
displays or lead to loss of management of I&C programmable digital systems;
– malicious changes to hardware, firmware or software at the programmable logic controller
(PLC) level.
Human errors leading to violation of the security policy and/or easing the aforementioned
malicious acts are also in the scope of this document.
This document describes a graded approach scheme for assets subject to digital compromise,
based on their relevance to the overall plant safety, availability, and equipment protection.
Excluded from the scope of this document are considerations related to:
– non-malevolent actions and events such as accidental failures, human errors (except
those impacting the performance of cybersecurity controls) and natural events. In
particular, good practices for managing applications and data, including back-up and
restoration related to accidental failure, are out of scope;
NOTE 1 Although such aspects are often covered by security programme in other normative contexts (e.g., in
the ISO/IEC 27000 series or in the IEC 62443 series), this document is only focused on the protection against
malicious acts by digital means (cyberattacks) on I&C programmable digital systems. The main reason is that
in the nuclear generation domain, other standards and practices already cover accidental failures,
unintentional human errors, natural events, etc. The focus of IEC 62645 is made to provide the maximum
consistency and the minimum overlap with these other nuclear standards and practices.
– site physical security, room access control and site security surveillance systems. These
systems, while not specifically addressed in this document, are to be covered by plant
operating procedures and programmes;
NOTE 2 This exclusion does not deny that cybersecurity has clear dependencies on the security of the
physical environment (e.g., physical protection, power delivery systems, heating/ventilation/air-conditioning
systems (HVAC), etc.).
– the aspect of confidentiality of information about I&C digital programmable systems is out
of the scope of this document (see 5.4.3.2.3).
Annex A provides a rationale for and comments about the scope, definition and the
document's application, and in particular about the exclusions and limitations previously
mentioned.
Standards such as ISO/IEC 27001 and ISO/IEC 27002 are not directly applicable to the cyber
protection of nuclear I&C programmable digital systems. This is mainly due to the specificities
of these systems, including the regulatory and safety requirements inherent to nuclear
facilities. However, this document builds upon the valid high level principles and main
concepts of ISO/IEC 27001:2013, adapts them and completes them to fit the nuclear context.
This document follows the general principles given in the IAEA reference manual NSS17.
Kernkraftwerke - Leittechnische und elektrische Systeme - Anforderungen an die Cybersicherheit
Centrales nucléaires de puissance - Systèmes d’instrumentation, de contrôlecommande et d’alimentation électrique - Exigences relatives à la cybersécurité (IEC 62645:2019)
L’IEC 62645:2019 établit des exigences et fournit des recommandations pour le développement et la gestion des programmes de sécurité informatique des systèmes numériques programmables d’I&C. Le critère de conformité du programme de sécurité des systèmes numériques programmables d’I&C de la centrale nucléaire aux exigences nationales applicables est inhérent aux exigences et recommandations du présent document.
Le présent document définit les mesures adéquates pour ce qui concerne la prévention, la détection et la réaction à des actes malveillants, réalisés en utilisant des moyens informatiques (cyberattaques), portant atteinte aux systèmes numériques programmables d’I&C. Ceci comprend les situations non sûres, les endommagements d’équipements ou la dégradation des performances.
Cette deuxième édition annule et remplace la première édition parue en 2014. Cette édition inclut les modifications techniques majeures suivantes par rapport à l'édition précédente:
a) aligner la norme sur les nouvelles révisions de l’ISO/IEC 27001;
b) passer en revue les exigences existantes et mettre à jour la terminologie et les définitions;
c) prendre en compte, autant que possible, les exigences associées aux normes publiées depuis la parution de la première édition;
d) prendre en compte le fait que les techniques de cybersécurité, mais aussi les pratiques nationales évoluent.
Jedrske elektrarne - Merilna, nadzorna in elektroenergetska oprema - Zahteve za kibernetsko varnost (IEC 62645:2019)
General Information
Standards Content (Sample)
SLOVENSKI STANDARD
SIST EN IEC 62645:2020
01-oktober-2020
Jedrske elektrarne - Merilna, nadzorna in elektroenergetska oprema - Zahteve za
kibernetsko varnost (IEC 62645:2019)
Nuclear power plants - Instrumentation, control and electrical power systems -
Cybersecurity requirements (IEC 62645:2019)
Centrales nucléaires de puissance - Systèmes d’instrumentation, de contrôlecommande
et d’alimentation électrique - Exigences relatives à la cybersécurité (IEC 62645:2019)
Ta slovenski standard je istoveten z: EN IEC 62645:2020
ICS:
27.120.20 Jedrske elektrarne. Varnost Nuclear power plants. Safety
SIST EN IEC 62645:2020 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
SIST EN IEC 62645:2020
---------------------- Page: 2 ----------------------
SIST EN IEC 62645:2020
EUROPEAN STANDARD EN IEC 62645
NORME EUROPÉENNE
EUROPÄISCHE NORM
July 2020
ICS 27.120.20
English Version
Nuclear power plants - Instrumentation, control and electrical
power systems - Cybersecurity requirements
(IEC 62645:2019)
Centrales nucléaires de puissance - Systèmes Kernkraftwerke – Elektro- und leittechnische Systeme –
d'instrumentation, de contrôlecommande et d'alimentation Anforderungen an die IT-Sicherheitskonzeption
électrique - Exigences relatives à la cybersécurité (IEC 62645:2019)
(IEC 62645:2019)
This European Standard was approved by CENELEC on 2020-07-07. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2020 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN IEC 62645:2020 E
---------------------- Page: 3 ----------------------
SIST EN IEC 62645:2020
EN IEC 62645:2020 (E)
European foreword
The text of document 45A/1289/FDIS, future edition 2 of IEC 62645, prepared by SC 45A
"Instrumentation, control and electrical power systems of nuclear facilities" of IEC/TC 45 "Nuclear
instrumentation" was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as
EN IEC 62645:2020.
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2021-07-07
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2023-07-07
document have to be withdrawn
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
As stated in the nuclear safety directive 2009/71/EURATOM, Chapter 1, Article 2, item 2, Member
States are not prevented from taking more stringent safety measures in the subject-matter covered by
the Directive, in compliance with Community law.
In a similar manner, this European standard does not prevent Member States from taking more
stringent nuclear safety and/or security measures in the subject-matter covered by this standard.
Endorsement notice
The text of the International Standard IEC 62645:2019 was approved by CENELEC as a European
Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standards
indicated:
IEC 60709 NOTE Harmonized as EN IEC 60709
ISO/IEC 27000:2018 NOTE Harmonized as EN ISO/IEC 27000:2020 (not modified)
2
---------------------- Page: 4 ----------------------
SIST EN IEC 62645:2020
EN IEC 62645:2020 (E)
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1 Where an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.
NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 60880 2006 Nuclear power plants - Instrumentation and EN 60880 2009
control systems important to safety -
Software aspects for computer-based
systems performing category A functions
IEC 61226 - Nuclear power plants - Instrumentation and - -
control systems important to safety -
Classification
IEC 61513 - Nuclear power plants - Instrumentation and - -
control for systems important to safety -
General requirements for systems
IEC 62138 - Nuclear power plants - Instrumentation and EN IEC 62138 -
control systems important to safety -
Software aspects for computer-based
systems performing category B or C
functions
IEC 62566 - Nuclear power plants - Instrumentation and EN 62566 -
control important to safety - Development
of HDL-programmed integrated circuits for
systems performing category A functions
IEC 62859 - Nuclear power plants - Instrumentation and - -
control systems - Requirements for
coordinating safety and cybersecurity
ISO/IEC 27001 2013 Information technology - Security EN ISO/IEC 27001 2017
techniques - Information security
management systems - Requirements
ISO/IEC 27002 2013 Information technology - Security EN ISO/IEC 27002 2017
techniques - Code of practice for
information security controls
ISO/IEC 27005 2018 Information technology_- Security - -
techniques_- Information security risk
management
3
---------------------- Page: 5 ----------------------
SIST EN IEC 62645:2020
---------------------- Page: 6 ----------------------
SIST EN IEC 62645:2020
IEC 62645
®
Edition 2.0 2019-11
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Nuclear power plants – Instrumentation, control and electrical power systems –
Cybersecurity requirements
Centrales nucléaires de puissance – Systèmes d’instrumentation, de contrôle-
commande et d’alimentation électrique – Exigences relatives à la cybersécurité
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 27.120.20 ISBN 978-2-8322-7548-1
Warning! Make sure that you obtained this publication from an authorized distributor.
Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.
® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale
---------------------- Page: 7 ----------------------
SIST EN IEC 62645:2020
– 2 – IEC 62645:2019 © IEC 2019
CONTENTS
FOREWORD . 5
INTRODUCTION . 7
1 Scope . 9
1.1 General . 9
1.2 Application . 10
1.3 Framework . 10
2 Normative references . 12
3 Terms and definitions . 12
4 Abbreviated terms . 17
5 Establishing and managing a nuclear I&C programmable digital system security
programme . 17
5.1 Context of the organization . 17
5.1.1 Understanding the organization and its context . 17
5.1.2 Understanding the needs and expectations of interested parties . 17
5.1.3 Determining the scope of the I&C programmable digital system security
programme . 17
5.2 Programme, policy and plan . 18
5.2.1 I&C digital programmable system security program. 18
5.2.2 Policy . 18
5.2.3 Plan . 19
5.3 Leadership . 19
5.3.1 Leadership and commitment . 19
5.3.2 Roles, responsibilities and authorities . 19
5.4 Planning of the programme . 20
5.4.1 Cybersecurity objectives and planning to achieve them . 20
5.4.2 Addressing risks and opportunities of the programme . 20
5.4.3 Graded approach to I&C security and risk assessment . 21
5.5 Support . 28
5.5.1 Resources . 28
5.5.2 Training, competence and awareness . 28
5.5.3 Communications about cybersecurity . 29
5.5.4 Documented information . 29
5.6 Operation . 29
5.6.1 Operation planning and control . 29
5.6.2 Cybersecurity graded approach, risk assessment and risk treatment . 30
5.7 Performance evaluation . 30
5.7.1 Monitoring, measurement, analysis and evaluation . 30
5.7.2 Internal audit . 30
5.7.3 Management review . 30
5.8 Improvement . 31
5.8.1 General . 31
5.8.2 Nonconformity and corrective action . 31
5.8.3 Continual improvement . 31
6 Life-cycle implementation for I&C programmable digital system security . 31
6.1 General . 31
6.2 System requirements specification . 31
---------------------- Page: 8 ----------------------
SIST EN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 3 –
6.2.1 General . 31
6.2.2 Security degree assignment . 32
6.3 System specification . 32
6.3.1 Selection of pre-existing components . 32
6.3.2 System architecture . 32
6.4 System detailed design and implementation . 32
6.4.1 General . 32
6.4.2 Risk assessment at the design phase . 33
6.4.3 Design project security plan . 33
6.4.4 Communication pathways . 33
6.4.5 Security zone definition . 34
6.4.6 Security assessment of the final design . 34
6.4.7 Implementation activities . 34
6.5 System integration . 34
6.6 System validation . 34
6.7 System installation . 35
6.8 Operation and maintenance activities . 35
6.8.1 Change control during operations and maintenance . 35
6.8.2 Periodic reassessment of risks and security controls . 35
6.8.3 Change management . 35
6.9 Retirement activities . 36
7 Security controls . 36
7.1 General . 36
7.2 Characterization. 36
7.3 Security defence-in-depth . 37
7.4 Selection and enforcement of cybersecurity controls . 37
Annex A (informative) Rationale for, and notes related to, the scope of this document . 38
A.1 Objective of this annex. 38
A.2 Inclusion of I&C programmable digital system not important to safety . 38
A.3 Exclusion of site physical security, room access control and site security
surveillance systems . 38
A.4 Exclusion of non-malevolent actions and events . 38
A.5 Development tools and platforms . 38
Annex B (informative) Generic considerations about the security degrees . 39
B.1 Rationale for three security degrees. 39
B.1.1 General . 39
B.1.2 Safety categories as input to security degree assignment . 39
B.1.3 Impact on plant availability and performance as input to security degree . 39
B.1.4 Resulting security degree assignment approach . 40
B.2 Considerations about tools associated to on-line systems . 40
B.3 Practical design and implementation . 40
Annex C (informative) Correspondence with ISO/IEC 27001:2013 . 41
Annex D (informative) Overall organisation of IEC SC 45A standards related to
cybersecurity . 43
Annex E (informative) Selection of security controls . 45
Annex F (informative) Considerations about IEC 62645 applicability to non-NPP
nuclear facilities . 47
F.1 Applicability of IEC 62645 security graded approach to Research Reactors . 47
F.1.1 General . 47
---------------------- Page: 9 ----------------------
SIST EN IEC 62645:2020
– 4 – IEC 62645:2019 © IEC 2019
F.1.2 Categorization of RRs in accordance with potential hazards . 47
F.1.3 Safety categories as input to security degree assignment . 48
F.1.4 Impact on operational capacity as input to security degree . 49
F.1.5 Considerations on requirements associated to security degrees . 49
F.2 Applicability of IEC 62645 security graded approach to fuel cycle facilities . 49
F.3 Applicability of IEC 62645 security graded approach to SMR . 49
F.4 Reference documents . 50
Annex G (informative) High-level correspondence table between IEC 62443 series and
IEC 62645. 51
Bibliography . 53
Figure 1 – Overall framework of IEC 62645 . 11
Figure 2 – E/E/PE items . 14
Figure D.1 – Overview of IEC SC 45A standards with cybersecurity relation . 44
Figure E.1 – Selection of security controls . 46
Table C.1 – Correspondence between ISO/IEC 27001:2013 and IEC 62645 . 41
Table F.1 – Correspondence between safety categories and classes as per IEC 61513 . 48
---------------------- Page: 10 ----------------------
SIST EN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 5 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
NUCLEAR POWER PLANTS – INSTRUMENTATION, CONTROL AND
ELECTRICAL POWER SYSTEMS – CYBERSECURITY REQUIREMENTS
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62645 has been prepared by subcommittee 45A: Instrumentation,
control and electrical power systems of nuclear facilities, of IEC technical committee 45:
Nuclear instrumentation.
This second edition cancels and replaces the first edition published in 2014. This edition
constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous
edition:
a) to align the standard with the new revisions of ISO/IEC 27001;
b) to review the existing requirements and to update the terminology and definitions;
c) to take account of, as far as possible, requirements associated with standards published
since the first edition;
d) to take into account the fact that cybersecurity techniques, but also national practices
evolve.
---------------------- Page: 11 ----------------------
SIST EN IEC 62645:2020
– 6 – IEC 62645:2019 © IEC 2019
The text of this International Standard is based on the following documents:
FDIS Report on voting
45A/1289/FDIS 45A/1295/RVD
Full information on the voting for the approval of this International Standard can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
---------------------- Page: 12 ----------------------
SIST EN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 7 –
INTRODUCTION
a) Technical background, main issues and organisation of the standard
This International Standard focuses on the issue of cybersecurity requirements to prevent
and/or minimize the impact of attacks against I&C programmable digital systems on nuclear
safety and plant performance. It covers programme level, architectural level and system level
requirements.
This standard was prepared and based on the ISO/IEC 27000 series, IAEA and country
specific guidance in this expanding technical and security focus area.
It is intended that the International Standard be used by designers and operators of nuclear
power plants (NPPs) (utilities), licensees, systems evaluators, vendors and subcontractors,
and by licensors.
b) Situation of the current Standard in the structure of the IEC SC 45A standard
series
IEC 62645 is a second level IEC SC 45A document, tackling the generic issue of NPP I&C
cybersecurity.
IEC 62645 is considered formally as a second level document with respect to IEC 61513,
although IEC 61513 needs revision to actually ensure proper reference to and consistency
with IEC 62645. IEC 62645 is the top-level document with respect to cybersecurity in the
SC 45A standard series. Other documents are developed under IEC 62645 and correspond to
third level documents in the IEC SC 45A standards.
For more details on the structure of the IEC SC 45A standard series, see item d) of this
introduction.
c) Recommendations and limitations regarding the application of this standard
This standard establishes requirements for I&C programmable digital systems, with regard to
computer security, and clarifies the processes that I&C programmable digital systems are
designed, developed and operated under in NPPs.
It is recognized that this standard addresses an evolving area of regulatory requirements, due
to the changing and evolving nature of computer security threats. Therefore, the standard
defines a framework within which the evolving country specific requirements may be
developed and applied.
It is also recognized that products derived from application of this subject matter require
protection. Release of the standard’s country specific requirements should be controlled to
limit the extent to which organizations or individuals intending to access nuclear plant
systems illegally, improperly or without authorization may benefit from this information.
d) Description of the structure of the IEC SC 45A standard series and relationships
with other IEC documents and other bodies documents (IAEA, ISO)
The top-level documents of the IEC SC 45A standard series are IEC 61513 and IEC 63046.
IEC 61513 provides general requirements for I&C systems and equipment that are used to
perform functions important to safety in NPPs. IEC 63046 provides general requirements for
electrical power systems of NPPs; it covers power supply systems including the supply
systems of the I&C systems. IEC 61513 and IEC 63046 are to be considered in conjunction
and at the same level. IEC 61513 and IEC 63046 structure the IEC SC 45A standard series
---------------------- Page: 13 ----------------------
SIST EN IEC 62645:2020
– 8 – IEC 62645:2019 © IEC 2019
and shape a complete framework establishing general requirements for instrumentation,
control and electrical systems for nuclear power plants.
IEC 61513 and IEC 63046 refer directly to other IEC SC 45A standa
...
SLOVENSKI STANDARD
oSIST prEN IEC 62645:2020
01-maj-2020
Nuklearne elektrarne - Merilna, nadzorna in elektroenergetska oprema - Zahteve
glede kibernetske varnosti
Nuclear power plants - Instrumentation, control and electrical power systems -
Cybersecurity requirements
Centrales nucléaires de puissance - Systèmes d’instrumentation, de contrôlecommande
et d’alimentation électrique - Exigences relatives à la cybersécurité
Ta slovenski standard je istoveten z: prEN IEC 62645:2020
ICS:
27.120.20 Jedrske elektrarne. Varnost Nuclear power plants. Safety
oSIST prEN IEC 62645:2020 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
oSIST prEN IEC 62645:2020
---------------------- Page: 2 ----------------------
oSIST prEN IEC 62645:2020
EUROPEAN STANDARD DRAFT
prEN IEC 62645
NORME EUROPÉENNE
EUROPÄISCHE NORM
March 2020
ICS
English Version
Nuclear power plants - Instrumentation, control and electrical
power systems - Cybersecurity requirements
(IEC 62645:2019)
Centrales nucléaires de puissance - Systèmes To be completed
d'instrumentation, de contrôlecommande et d'alimentation (IEC 62645:2019)
électrique - Exigences relatives à la cybersécurité
(IEC 62645:2019)
This draft European Standard is submitted to CENELEC members for enquiry.
Deadline for CENELEC: 2020-05-29.
The text of this draft consists of the text of IEC 62645:2019.
If this draft becomes a European Standard, CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which
stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
This draft European Standard was established by CENELEC in three official versions (English, French, German).
A version in any other language made by translation under the responsibility of a CENELEC member into its own language and notified to
the CEN-CENELEC Management Centre has the same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to
provide supporting documentation.
Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without notice and
shall not be referred to as a European Standard.
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2020 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Project: 70988 Ref. No. prEN 62645:2020 E
---------------------- Page: 3 ----------------------
oSIST prEN IEC 62645:2020
prEN IEC 62645:2020 (E)
European foreword
This document (prEN IEC 62645:2020) consists of the text of document IEC 62645:2020, prepared by
IEC/TC 45 "Nuclear instrumentation".
This document is currently submitted to the CENELEC Enquiry.
The following dates are proposed:
• latest date by which the existence of this document (doa) dor + 6 months
has to be announced at national level
• latest date by which this document has to be (dop) dor + 12 months
implemented at national level by publication of an
identical national standard or by endorsement
• latest date by which the national standards (dow) dor + 36 months
conflicting with this document have to be withdrawn (to be confirmed or
modified when voting)
As stated in the nuclear safety directive 2009/71/EURATOM, Chapter 1, Article 2, item 2, Member States
are not prevented from taking more stringent safety measures in the subject-matter covered by the
Directive, in compliance with Community law. In a similar manner, this European standard does not
prevent Member States from taking more stringent nuclear safety measures in the subject-matter
covered by this standard.
Bibliography
In the official version, for Bibliography, the following notes have to be added for the standards indicated:
IEC 60709 NOTE Harmonized as EN 60709 (not modified).
2
---------------------- Page: 4 ----------------------
oSIST prEN IEC 62645:2020
prEN IEC 62645:2020 (E)
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1 When an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.
NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 60880 2006 Nuclear power plants - Instrumentation and EN 60880 2009
control systems important to safety -
Software aspects for computer-based
systems performing category A functions
IEC 61226 - Nuclear power plants - Instrumentation and - -
control systems important to safety -
Classification
IEC 61513 - Nuclear power plants - Instrumentation and - -
control for systems important to safety -
General requirements for systems
IEC 62138 - Nuclear power plants - Instrumentation and EN IEC 62138 -
control systems important to safety -
Software aspects for computer-based
systems performing category B or C
functions
IEC 62566 - Nuclear power plants - Instrumentation and EN 62566 -
control important to safety - Development
of HDL-programmed integrated circuits for
systems performing category A functions
IEC 62859 - Nuclear power plants - Instrumentation and - -
control systems - Requirements for
coordinating safety and cybersecurity
IEC 62988 2018 Nuclear power plants - Instrumentation and - -
control systems important to safety -
Selection and use of wireless devices
ISO/IEC 27001 2013 Information technology - Security EN ISO/IEC 27001 2017
techniques - Information security
management systems - Requirements
ISO/IEC 27002 2013 Information technology - Security EN ISO/IEC 27002 2017
techniques - Code of practice for
information security controls
ISO/IEC 27005 2018 Information technology_- Security - -
techniques_- Information security risk
management
3
---------------------- Page: 5 ----------------------
oSIST prEN IEC 62645:2020
---------------------- Page: 6 ----------------------
oSIST prEN IEC 62645:2020
IEC 62645
®
Edition 2.0 2019-11
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Nuclear power plants – Instrumentation, control and electrical power systems –
Cybersecurity requirements
Centrales nucléaires de puissance – Systèmes d’instrumentation, de contrôle-
commande et d’alimentation électrique – Exigences relatives à la cybersécurité
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 27.120.20 ISBN 978-2-8322-7548-1
Warning! Make sure that you obtained this publication from an authorized distributor.
Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.
® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale
---------------------- Page: 7 ----------------------
oSIST prEN IEC 62645:2020
– 2 – IEC 62645:2019 © IEC 2019
CONTENTS
FOREWORD . 5
INTRODUCTION . 7
1 Scope . 9
1.1 General . 9
1.2 Application . 10
1.3 Framework . 10
2 Normative references . 12
3 Terms and definitions . 12
4 Abbreviated terms . 17
5 Establishing and managing a nuclear I&C programmable digital system security
programme . 17
5.1 Context of the organization . 17
5.1.1 Understanding the organization and its context . 17
5.1.2 Understanding the needs and expectations of interested parties . 17
5.1.3 Determining the scope of the I&C programmable digital system security
programme . 17
5.2 Programme, policy and plan . 18
5.2.1 I&C digital programmable system security program. 18
5.2.2 Policy . 18
5.2.3 Plan . 19
5.3 Leadership . 19
5.3.1 Leadership and commitment . 19
5.3.2 Roles, responsibilities and authorities . 19
5.4 Planning of the programme . 20
5.4.1 Cybersecurity objectives and planning to achieve them . 20
5.4.2 Addressing risks and opportunities of the programme . 20
5.4.3 Graded approach to I&C security and risk assessment . 21
5.5 Support . 28
5.5.1 Resources . 28
5.5.2 Training, competence and awareness . 28
5.5.3 Communications about cybersecurity . 29
5.5.4 Documented information . 29
5.6 Operation . 29
5.6.1 Operation planning and control . 29
5.6.2 Cybersecurity graded approach, risk assessment and risk treatment . 30
5.7 Performance evaluation . 30
5.7.1 Monitoring, measurement, analysis and evaluation . 30
5.7.2 Internal audit . 30
5.7.3 Management review . 30
5.8 Improvement . 31
5.8.1 General . 31
5.8.2 Nonconformity and corrective action . 31
5.8.3 Continual improvement . 31
6 Life-cycle implementation for I&C programmable digital system security . 31
6.1 General . 31
6.2 System requirements specification . 31
---------------------- Page: 8 ----------------------
oSIST prEN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 3 –
6.2.1 General . 31
6.2.2 Security degree assignment . 32
6.3 System specification . 32
6.3.1 Selection of pre-existing components . 32
6.3.2 System architecture . 32
6.4 System detailed design and implementation . 32
6.4.1 General . 32
6.4.2 Risk assessment at the design phase . 33
6.4.3 Design project security plan . 33
6.4.4 Communication pathways . 33
6.4.5 Security zone definition . 34
6.4.6 Security assessment of the final design . 34
6.4.7 Implementation activities . 34
6.5 System integration . 34
6.6 System validation . 34
6.7 System installation . 35
6.8 Operation and maintenance activities . 35
6.8.1 Change control during operations and maintenance . 35
6.8.2 Periodic reassessment of risks and security controls . 35
6.8.3 Change management . 35
6.9 Retirement activities . 36
7 Security controls . 36
7.1 General . 36
7.2 Characterization. 36
7.3 Security defence-in-depth . 37
7.4 Selection and enforcement of cybersecurity controls . 37
Annex A (informative) Rationale for, and notes related to, the scope of this document . 38
A.1 Objective of this annex. 38
A.2 Inclusion of I&C programmable digital system not important to safety . 38
A.3 Exclusion of site physical security, room access control and site security
surveillance systems . 38
A.4 Exclusion of non-malevolent actions and events . 38
A.5 Development tools and platforms . 38
Annex B (informative) Generic considerations about the security degrees . 39
B.1 Rationale for three security degrees. 39
B.1.1 General . 39
B.1.2 Safety categories as input to security degree assignment . 39
B.1.3 Impact on plant availability and performance as input to security degree . 39
B.1.4 Resulting security degree assignment approach . 40
B.2 Considerations about tools associated to on-line systems . 40
B.3 Practical design and implementation . 40
Annex C (informative) Correspondence with ISO/IEC 27001:2013 . 41
Annex D (informative) Overall organisation of IEC SC 45A standards related to
cybersecurity . 43
Annex E (informative) Selection of security controls . 45
Annex F (informative) Considerations about IEC 62645 applicability to non-NPP
nuclear facilities . 47
F.1 Applicability of IEC 62645 security graded approach to Research Reactors . 47
F.1.1 General . 47
---------------------- Page: 9 ----------------------
oSIST prEN IEC 62645:2020
– 4 – IEC 62645:2019 © IEC 2019
F.1.2 Categorization of RRs in accordance with potential hazards . 47
F.1.3 Safety categories as input to security degree assignment . 48
F.1.4 Impact on operational capacity as input to security degree . 49
F.1.5 Considerations on requirements associated to security degrees . 49
F.2 Applicability of IEC 62645 security graded approach to fuel cycle facilities . 49
F.3 Applicability of IEC 62645 security graded approach to SMR . 49
F.4 Reference documents . 50
Annex G (informative) High-level correspondence table between IEC 62443 series and
IEC 62645. 51
Bibliography . 53
Figure 1 – Overall framework of IEC 62645 . 11
Figure 2 – E/E/PE items . 14
Figure D.1 – Overview of IEC SC 45A standards with cybersecurity relation . 44
Figure E.1 – Selection of security controls . 46
Table C.1 – Correspondence between ISO/IEC 27001:2013 and IEC 62645 . 41
Table F.1 – Correspondence between safety categories and classes as per IEC 61513 . 48
---------------------- Page: 10 ----------------------
oSIST prEN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 5 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
NUCLEAR POWER PLANTS – INSTRUMENTATION, CONTROL AND
ELECTRICAL POWER SYSTEMS – CYBERSECURITY REQUIREMENTS
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62645 has been prepared by subcommittee 45A: Instrumentation,
control and electrical power systems of nuclear facilities, of IEC technical committee 45:
Nuclear instrumentation.
This second edition cancels and replaces the first edition published in 2014. This edition
constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous
edition:
a) to align the standard with the new revisions of ISO/IEC 27001;
b) to review the existing requirements and to update the terminology and definitions;
c) to take account of, as far as possible, requirements associated with standards published
since the first edition;
d) to take into account the fact that cybersecurity techniques, but also national practices
evolve.
---------------------- Page: 11 ----------------------
oSIST prEN IEC 62645:2020
– 6 – IEC 62645:2019 © IEC 2019
The text of this International Standard is based on the following documents:
FDIS Report on voting
45A/1289/FDIS 45A/1295/RVD
Full information on the voting for the approval of this International Standard can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
---------------------- Page: 12 ----------------------
oSIST prEN IEC 62645:2020
IEC 62645:2019 © IEC 2019 – 7 –
INTRODUCTION
a) Technical background, main issues and organisation of the standard
This International Standard focuses on the issue of cybersecurity requirements to prevent
and/or minimize the impact of attacks against I&C programmable digital systems on nuclear
safety and plant performance. It covers programme level, architectural level and system level
requirements.
This standard was prepared and based on the ISO/IEC 27000 series, IAEA and country
specific guidance in this expanding technical and security focus area.
It is intended that the International Standard be used by designers and operators of nuclear
power plants (NPPs) (utilities), licensees, systems evaluators, vendors and subcontractors,
and by licensors.
b) Situation of the current Standard in the structure of the IEC SC 45A standard
series
IEC 62645 is a second level IEC SC 45A document, tackling the generic issue of NPP I&C
cybersecurity.
IEC 62645 is considered formally as a second level document with respect to IEC 61513,
although IEC 61513 needs revision to actually ensure proper reference to and consistency
with IEC 62645. IEC 62645 is the top-level document with respect to cybersecurity in the
SC 45A standard series. Other documents are developed under IEC 62645 and correspond to
third level documents in the IEC SC 45A standards.
For more details on the structure of the IEC SC 45A standard series, see item d) of this
introduction.
c) Recommendations and limitations regarding the application of this standard
This standard establishes requirements for I&C programmable digital systems, with regard to
computer security, and clarifies the processes that I&C programmable digital systems are
designed, developed and operated under in NPPs.
It is recognized that this standard addresses an evolving area of regulatory requirements, due
to the changing and evolving nature of computer security threats. Therefore, the standard
defines a framework within which the evolving country specific requirements may be
developed and applied.
It is also recognized that products derived from application of this subject matter require
protection. Release of the standard’s country specific requirements should be controlled to
limit the extent to which organizations or individuals intending to access nuclear plant
systems illegally, improperly or without authorization may benefit from this information.
d) Description of the structure of the IEC SC 45A standard series and relationships
with other IEC documents and other bodies documents (IAEA, ISO)
The top-level documents of the IEC SC 45A standard series are IEC 61513 and IEC 63046.
IEC 61513 provides general requirements for I&C systems and equipment that are used to
perform functions important to safety in NPPs. IEC 63046 provides general requirements for
electrical power systems of NPPs; it covers power supply systems including the supply
systems of the I&C systems. IEC 61513 and IEC 63046 are to be considered in conjunction
and at the same level. IEC 61513 and IEC 63046 structure the IEC SC 45A standard series
---------------------- Page: 13 ----------------------
oSIST prEN IEC 62645:2020
– 8 – IEC 62645:2019 © IEC 2019
and shape a complete framework establishing general requirements for instrumentation,
control and electrica
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.