IEC TR 63486:2024-核设施.仪表、控制和电力系统.网络安全风险管理方法-国家数字标准馆

现行 IEC TR 63486:2024

到馆提醒

收藏跟踪

购买正版

Nuclear facilities - Instrumentation, control and electrical power systems - Cybersecurity risk management approaches 核设施.仪表、控制和电力系统.网络安全风险管理方法

发布日期： 2024-09-13

                IEC TR 63486:2024为数字I&C可编程系统提供了网络安全框架[2]。IEC 62645[1]与ISO/IEC 27001:2013[2]中详述的信息安全管理系统（ISMS）要素非常一致。ISO/IEC ISMS结构对应于上下文中的“I&C数字可编程系统网络安全计划”（定义见IEC 62645:2019[1]的5.2.1）。
本文件的范围是记录用于管理与核电厂（NPP）的仪表和控制（I&C）以及电力系统（EPS）相关的网络安全风险的国家和国际网络风险方法。
本文件总结了对核设施运营商用于管理网络安全风险的网络风险方法的评估。
本文件的范围一般遵循IEC 62645的除外条款，即:-非恶意行为和事件，如意外故障、人为错误（上述除外，如影响网络安全控制的性能）和自然事件。特别是，管理应用程序和数据的良好实践，包括与意外故障相关的备份和恢复，超出了范围。
本文件总结了核电厂使用的关于ISO/IEC 27005:2018[5]应用的国际和网络风险方法的主要见解。该评估基于网络安全风险管理的11个挑战及其对核电厂风险管理的适用性。这些挑战在第7条中有详细说明。本文件还涉及IEC 62645和IEC 63096的风险管理要素。

IEC TR 63486:2024 provides a cybersecurity framework for digital I&C programmable systems [2]. IEC 62645 [1] aligns strongly with the information security management system (ISMS) elements detailed within ISO/IEC 27001:2013 [2]. The ISO/IEC ISMS structure corresponds to the “I&C digital programmable system cybersecurity program” in the context (as defined in 5.2.1 of IEC 62645:2019 [1]).

The scope of this document is to capture the national and international cyber-risk approaches employed to manage cybersecurity risks associated with Instrumentation and Control (I&C) and Electrical Power Systems (EPS) at a Nuclear Power Plant (NPP).

This document summarizes an evaluation of cyber-risk approaches that are in use by nuclear facility operators to manage cybersecurity risks.

The scope of this document generally follows the exclusions of IEC 62645 which are:

- Non-malevolent actions and events such as accidental failures, human errors (except those stated above, such as impacting the performance of cybersecurity controls), and natural events. In particular, good practices for managing applications and data, including backup and restoration related to accidental failure, are out of scope.

This document summarizes key insights of the international and cyber-risk approaches used at NPPs regarding the application of ISO/IEC 27005:2018 [5]. The evaluation is based on 11 challenges to cybersecurity risk management and their applicability to NPP risk management. The challenges are detailed in Clause 7. This document also relates the risk management elements of IEC 62645 and IEC 63096.

分类信息

发布单位或类别：国际组织-国际电工委员会

ICS分类： 27.100能源和热传导工程 - 电站综合、 27.120.20核能工程 - 核电站、安全

关联关系

研制信息

归口单位： TC 45/SC 45A

相似标准/计划/法规

IEC TR 63468-2023

Nuclear facilities - Instrumentation and control, and electrical power systems - Artificial Intelligence applications
核设施.仪表和控制以及电力系统.人工智能应用

BS IEC 63096-2020

Nuclear power plants. Instrumentation, control and electrical power systems. Security controls
核电站仪表、控制和电力系统安全控制

Nuclear power plants - Instrumentation, control and electrical power systems - Security controls
核电厂.仪表、控制和电力系统.安全控制

BS EN IEC 62645-2020

Nuclear power plants. Instrumentation, control and electrical power systems. Cybersecurity requirements
核电站仪表、控制和电力系统网络安全要求

Nuclear power plants - Instrumentation, control and electrical power systems - Cybersecurity requirements
核电厂.仪表和控制系统.计算机系统安全程序的要求

IEC TR 63400-2021

Nuclear facilities - Instrumentation, control and electrical power systems important to safety - Structure of the IEC SC 45A standards series
核设施.对安全重要的仪表、控制和电力系统.IEC SC 45A标准系列的结构

Nuclear power plants - Instrumentation, control and electrical power systems important to safety - Separation
核电厂 - 对安全至关重要的仪表控制和电力系统 - 分离

BS EN IEC 60709-2019

Nuclear power plants. Instrumentation, control and electrical systems important to safety. Separation
核电站仪表、控制和电气系统对安全至关重要分离

BS IEC 62003-2020

Nuclear power plants. Instrumention, control and electrical power systems. Requirements for electromagnetic compatibility testing
核电站仪表、控制和电力系统电磁兼容性试验要求

BS EN IEC 62003-2020

Nuclear power plants. Instrumentation, control and electrical power systems. Requirements for electromagnetic compatibility testing
核电站仪表、控制和电力系统电磁兼容性试验要求

Nuclear power plants - Instrumentation, control and electrical power systems - Requirements for electromagnetic compatibility testing
核电厂.仪表控制和电力系统.电磁兼容性试验要求

IEEE Recommended Practice for Installation, Inspection, and Testing for Class 1E Power, Instrumentation, and Control Equipment at Nuclear Facilities
IEEE核设施1E级电力、仪表和控制设备的安装、检查和试验推荐规程

NB/T 20053-2011

核电厂安全重要电气、仪表和控制设备安装要求
Installation requirement of electric,instrumentation and control equipment important to safety of nuclear power plant

KS C IEC 61225(2017 Confirm)

원자력발전소－안전에 중요한 계측 제어 계통－전기 공급 요건
核电厂对安全重要的仪表和控制系统对电源的要求

KS C IEC 61225(2022 Confirm)

원자력발전소－안전에 중요한 계측 제어 계통－전기 공급 요건
核电厂－对安全重要的仪表和控制系统－电源要求

NB/T 20071-2012

核电厂安全重要仪表和控制系统的供电要求
Requirements for electrical supplies of instrumentation and control systems important to safety in nuclear power plants

NB/T 20296-2014

核电厂安全重要电气、仪表和控制设备维修要求
Maintenance requirement of electrical,instrumentation and control equipment important to safety of nuclear power plant

BS EN IEC 61226-2021

Nuclear power plants. Instrumentation, control and electrical power systems important to safety. Categorization of functions and classification of systems
核电站仪表、控制和电力系统对安全至关重要功能分类和系统分类

Nuclear power plants - Instrumentation, control and electrical power systems important to safety - Categorization of functions and classification of systems
核电厂.对安全重要的仪表、控制和电力系统.功能分类和系统分类

KS C IEC 62465(2017 Confirm)

원자력 발전소－안전에 중요한 계측제어－전기케이블 계통 노화관리
核电厂对安全重要的仪表和控制电缆系统老化的管理

《国家标准化发展纲要》提出建设国家数字标准馆，推动标准化工作向数字化、网络化、智能化转型。中国标准化研究院正在全力推进国家数字标准馆建设，力争在2026年底建成“一个中心”和“一个平台”，即全球领先的标准数据资源中心，涵盖标准全生命周期的数字化、网络化、智能化研究与服务平台。

关于我们

查新颖性

查有效性

跟踪标准

比对标准

专题数据库

标准管理系统

大数据分析系统

标准智能研制系统