BS IEC 62859-2016 pdf download.Nuclear power plants — Instrumentation and control systems — Requirements for coordinating safety and cybersecurity.
This document provides a framework to manage the interactions between safety and cybersecurity for nuclear power plant (NPP) systems, taking into account the current SC 45A standards addressing these issues and the specifics of nuclear I&C programmable digital systems.
NOTE In this document (as in IEC 62645), cybersecurity relates to prevention of, detection of, and reaction to malicious acts perpetrated by digital means (cyberattacks). In this context, it does not cover considerations related to non-malevolent actions and events such as accidental failures, natural events or human errors (except those degrading cybersecurity). Those aspects are of course of prime importance but they are covered by other SC 45A documents and standards, and are not considered as cybersecurity related in this document.
This document establishes requirements and guidance to:
– integrate cybersecurity provisions in nuclear I&C architectures and systems, which are fundamentally tailored for safety;
– avoid potential conflicts between safety and cybersecurity provisions;
– aid the identification and the leveraging of the potential synergies between safety and cybersecurity.
This document is intended to be used for designing new NPPs, or modernizing existing NPPs, throughout I&C programmable digital systems lifecycle. It is also applicable for assessing the coordination between safety and cybersecurity of existing plants. It may also be applicable to other types of nuclear facilities.
This document addresses I&C programmable digital systems important to safety and I&C programmable digital systems not important to safety. It does not address programmable digital systems dedicated to site physical security, room access control and site security surveillance.
This document is limited to I&C programmable digital systems of NPPs, including their on-site maintenance and configuration tools.
Annex A provides a rationale for and comments about the scope definition and the document application, in particular about the exclusions and limitations previously mentioned.
This document comprises three normative clauses:
• Clause 5 deals with the overall I&C architecture;
• Clause 6 focuses on the system level;
• Clause 7 deals with organizational and operational issues.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
IEC 60709:2004, Nuclear power plants – Instrumentation and control systems important to safety – Separation
IEC 60880:2006, Nuclear power plants – Instrumentation and control systems important to safety – Software aspects for computer-based systems performing category A functions
IEC 61 500:2009, Nuclear power plants – Instrumentation and control systems important to safety – Data communication in systems performing category A functions
IEC 61 51 3:201 1 , Nuclear power plants – Instrumentation and control important to safety – General requirements for systems
IEC 621 38:2004, Nuclear power plants – Instrumentation and control important for safety – Software aspects for computer-based systems performing category B or C functions.BS IEC 62859 pdf download.