FORMAT
BOOKS
PACKAGES
EDITION
PUBLISHER
CONTENT TYPE
Act
Admin Code
Announcements
Bill
Book
CADD File
CAN
CEU
Charter
Checklist
City Code
Code
Commentary
Comprehensive Plan
Conference Paper
County Code
Course
DHS Documents
Document
Errata
Executive Regulation
Federal Guideline
Firm Content
Guideline
Handbook
Interpretation
Journal
Land Use and Development
Law
Legislative Rule
Local Amendment
Local Code
Local Document
Local Regulation
Local Standards
Manual
Model Code
Model Standard
Notice
Ordinance
Other
Paperback
PASS
Periodicals
PIN
Plan
Policy
Product
Product - Data Sheet
Program
Provisions
Requirements
Revisions
Rules & Regulations
Standards
State Amendment
State Code
State Manual
State Plan
State Standards
Statute
Study Guide
Supplement
Sustainability
Technical Bulletin
All
|
Description of BS EN IEC 62645:2020 20201.1 General This document establishes requirements and provides guidance for the development and management of effective computer security programmes for I&C programmable digital systems. Inherent to these requirements and guidance is the criterion that the power plant I&C programmable digital system security programme complies with the applicable country’s requirements. This document defines adequate measures for the prevention of, detection of and reaction to malicious acts by digital means (cyberattacks) on I&C programmable digital systems. This includes any unsafe situation, equipment damage or plant performance degradation that could result from such an act, such as:
Human errors leading to violation of the security policy and/or easing the aforementioned malicious acts are also in the scope of this document. This document describes a graded approach scheme for assets subject to digital compromise, based on their relevance to the overall plant safety, availability, and equipment protection. Excluded from the scope of this document are considerations related to:
Annex A provides a rationale for and comments about the scope, definition and the document's application, and in particular about the exclusions and limitations previously mentioned. Standards such as ISO/IEC 27001 and ISO/IEC 27002 are not directly applicable to the cyber protection of nuclear I&C programmable digital systems. This is mainly due to the specificities of these systems, including the regulatory and safety requirements inherent to nuclear facilities. However, this document builds upon the valid high level principles and main concepts of ISO/IEC 27001:2013, adapts them and completes them to fit the nuclear context. This document follows the general principles given in the IAEA reference manual NSS17.
About BSIBSI Group, also known as the British Standards Institution is the national standards body of the United Kingdom. BSI produces technical standards on a wide range of products and services and also supplies certification and standards-related services to businesses. |
GROUPS
|