This document provides a framework to manage the interactions between safety and cybersecurity for nuclear power plant (NPP) systems, taking into account the current SC 45A standards addressing these issues and the specifics of nuclear I&C programmable digital systems.<\/p>\n
\nNOTE In this document (as in IEC 62645), cybersecurity relates to prevention of, detection of, and reaction to malicious acts perpetrated by digital means (cyberattacks). In this context, it does not cover considerations related to non-malevolent actions and events such as accidental failures, natural events or human errors (except those degrading cybersecurity). Those aspects are of course of prime importance but they are covered by other SC 45A documents and standards, and are not considered as cybersecurity related in this document.<\/p>\n<\/blockquote>\n
This document establishes requirements and guidance to:<\/p>\n
\n
- \n
integrate cybersecurity provisions in nuclear I&C architectures and systems, which are fundamentally tailored for safety;<\/p>\n<\/li>\n
- \n
avoid potential conflicts between safety and cybersecurity provisions;<\/p>\n<\/li>\n
- \n
aid the identification and the leveraging of the potential synergies between safety and cybersecurity.<\/p>\n<\/li>\n<\/ul>\n
This document is intended to be used for designing new NPPs, or modernizing existing NPPs, throughout I&C programmable digital systems lifecycle. It is also applicable for assessing the coordination between safety and cybersecurity of existing plants. It may also be applicable to other types of nuclear facilities.<\/p>\n
This document addresses I&C programmable digital systems important to safety and I&C programmable digital systems not important to safety. It does not address programmable digital systems dedicated to site physical security, room access control and site security surveillance.<\/p>\n
This document is limited to I&C programmable digital systems of NPPs, including their on-site maintenance and configuration tools.<\/p>\n
Annex A provides a rationale for and comments about the scope definition and the document application, in particular about the exclusions and limitations previously mentioned.<\/p>\n
This document comprises three normative clauses:<\/p>\n
\n
- \n
Clause 5 deals with the overall I&C architecture;<\/p>\n<\/li>\n
- \n
Clause 6 focuses on the system level;<\/p>\n<\/li>\n
- \n
Clause 7 deals with organizational and operational issues.<\/p>\n<\/li>\n<\/ul>\n
PDF Catalog<\/h4>\n
\n
\n PDF Pages<\/th>\n PDF Title<\/th>\n<\/tr>\n \n 2<\/td>\n undefined <\/td>\n<\/tr>\n \n 5<\/td>\n Annex ZA(normative)Normative references to international publicationswith their corresponding European publications <\/td>\n<\/tr>\n \n 7<\/td>\n English
CONTENTS <\/td>\n<\/tr>\n\n 9<\/td>\n FOREWORD <\/td>\n<\/tr>\n \n 11<\/td>\n INTRODUCTION <\/td>\n<\/tr>\n \n 13<\/td>\n 1 Scope
2 Normative references <\/td>\n<\/tr>\n\n 14<\/td>\n 3 Terms and definitions <\/td>\n<\/tr>\n \n 16<\/td>\n 4 Symbols and abbreviations <\/td>\n<\/tr>\n \n 17<\/td>\n 5 Coordinating safety and cybersecurity at the overall architecture level
5.1 General
5.2 Fundamental and generic principles <\/td>\n<\/tr>\n\n 18<\/td>\n 5.3 Thematic requirements and recommendations
5.3.1 Delineation of security zones
5.3.2 Provisions for coping with common cause failures (including diversity) <\/td>\n<\/tr>\n\n 19<\/td>\n 5.3.3 Separation provisions
5.3.4 Data communications
6 Coordinating safety and cybersecurity at the individual system level
6.1 General
6.2 Fundamental and generic principles <\/td>\n<\/tr>\n\n 20<\/td>\n 6.3 Safety and cybersecurity coordination during the I&C system lifecycle
6.3.1 General
6.3.2 Requirements and planning activities
6.3.3 Design activities <\/td>\n<\/tr>\n\n 21<\/td>\n 6.3.4 Implementation activities
6.3.5 Verification and validation activities
6.3.6 Installation and acceptance testing activities
6.3.7 Operations and maintenance activities
6.3.8 Change management
6.3.9 Decommissioning activities <\/td>\n<\/tr>\n\n 22<\/td>\n 6.4 Selected technical aspects of I&C systems constrained by safety and cybersecurity
6.4.1 General
6.4.2 Logical access control for HMIs of I&C programmable digital systems in control rooms
6.4.3 Software modification <\/td>\n<\/tr>\n\n 23<\/td>\n 6.4.4 Logging and audit capability
6.4.5 Use of cryptography by I&C systems <\/td>\n<\/tr>\n\n 24<\/td>\n 6.4.6 System availability and function continuity
7 Organizational and operational issues
7.1 Governance and responsibilities
7.2 Coordination between safety and cybersecurity staff during operations
7.3 Safety and cybersecurity culture
7.4 Emergency response management <\/td>\n<\/tr>\n\n 26<\/td>\n Annex A (informative)Rationale for, and notes related to,the scope of this document
A.1 General
A.2 Inclusion of I&C programmable digital system not important to safety
A.3 Exclusion of physical security, room access control and site security surveillance systems
A.4 Exclusion of non-malevolent actions and events <\/td>\n<\/tr>\n\n 27<\/td>\n A.5 Exclusion of development tools and platforms <\/td>\n<\/tr>\n \n 28<\/td>\n Bibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":" Nuclear power plants. Instrumentation and control systems. Requirements for coordinating safety and cybersecurity<\/b><\/p>\n
\n\n
\n Published By<\/td>\n Publication Date<\/td>\n Number of Pages<\/td>\n<\/tr>\n \n BSI<\/b><\/a><\/td>\n 2020<\/td>\n 30<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":423319,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[463,2641],"product_tag":[],"class_list":{"0":"post-423310","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-27-120-20","7":"product_cat-bsi","9":"first","10":"instock","11":"sold-individually","12":"shipping-taxable","13":"purchasable","14":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/423310","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/423319"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=423310"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=423310"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=423310"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}