Speaker
Description
ABSTRACT
This paper provides an overview of the existing and new cybersecurity standards for I&C and Electrical Systems tailored for nuclear power plants, including SMRs, around the world.
The IEC 62645 is a standard by the International Electrotechnical Commission (IEC) focused on the issue of requirements for computer security programs and system development processes to prevent and/or minimize the impact of cyberattacks against digital instrumentation and control (I&C) systems. It was approved in 2020 as a European Standard as well (EN IEC 62645).
The IEC 62859 is a standard, issued at the end of 2016, which coordinates the safety and cybersecurity requirements. With an amendment this standard is also since 2020 a European one (EN IEC 62859).
The IEC 63069 adopts all controls from the ISO/IEC 27002 specific for the nuclear field and was issued 2020.
Several technical reports (non-prescriptive) complete the standard. IEC TR 63415 on security modeling has been in issued in 2023. IEC TR 63486 was on security risk analysis was started in 2020 and will produce additional guidance on these subjects as relates to the available analysis methods to be used in the cyber security software development and operating cycle.
An additional new project on software vulnerabilities (patch management) and end-of-life management was introduced in 2022 and will result in an issued technical specification in the coming years.
Perspectives regarding evolution of these standards and development of new ones are provided in the conclusion. These standards define a common international framework, consistent with the IAEA NSS series principles, and within which the evolving country specific requirements can be developed and applied, depending on their own contexts and installations (including SMRs).
Such a converged and complete international framework is a key success condition for SMR development.
Keywords: Cyber, Software, Digital, Security, Vulnerabilities
| Country OR International Organization | United States |
|---|---|
| Email address | tedquinn@cox.net |
| Confirm that the work is original and has not been published anywhere else | YES |
