IEC TR 63415:2023

Nuclear Power plants - Instrumentation and control systems - Use of formal security models for I&C security architecture design and assessment
IEC TR 63415:2023 provides an overview over the formalized modelling and designing of cybersecure architectures to apply for I&C system cybersecurity enforcement at NPPs. The plant-specific risk assessment can use the techniques covered by this TR. This document considers the complex problem of NPP I&C architecture synthesis to address particular issues: - asset classification, - barrier measures assignment, - the information transfer and links conformity with security requirements. This document provides guidance on creating a comprehensive security model applicable to NPP I&C systems that describes NPP I&C cybersecurity architecture and aids in accomplishing the main tasks of I&C system secure design, which are: - specification of system designs with increased determinism that enhance security, - mapping of the security requirements into the security architecture of the I&C system, - definition of the security requirements for information exchange between components within the I&C system, operators and other systems, - assistance in the determination of the security degree assignment with a model-based technique considering asset properties and formal grouping of the assets, design and establishment of security zones boundaries.
SDO:
IEC
Language:
English
ICS Codes:
27.120.20
Status:
Published
Publish date:
2023-08-29
Standard Number:
IEC TR 63415:2023