DPS
Drejtoria e Përgjithshme e Standardizimit
Tel/Cel: +355 4 222 62 55
E-mail: info@dps.gov.al
Adresa: Rr.: "Reshit Collaku", (pranë ILDKPKI, kati VI), Kutia Postare 98, Tiranë - Shqipëri
Main menu

IEC TR 63486:2024 ED1

Nuclear facilities - Instrumentation, control and electrical power systems - Cybersecurity risk management approaches
13 sht 2024

General information

60.60     13 sht 2024

IEC

TC 45/SC 45A

Technical Report

27.120.20     27.100  

anglisht  

Buying

Publikuar

Language in which you want to receive the document.

Scope

IEC TR 63486:2024 provides a cybersecurity framework for digital I&C programmable systems [2]. IEC 62645 [1] aligns strongly with the information security management system (ISMS) elements detailed within ISO/IEC 27001:2013 [2]. The ISO/IEC ISMS structure corresponds to the “I&C digital programmable system cybersecurity program” in the context (as defined in 5.2.1 of IEC 62645:2019 [1]).
The scope of this document is to capture the national and international cyber-risk approaches employed to manage cybersecurity risks associated with Instrumentation and Control (I&C) and Electrical Power Systems (EPS) at a Nuclear Power Plant (NPP).
This document summarizes an evaluation of cyber-risk approaches that are in use by nuclear facility operators to manage cybersecurity risks.
The scope of this document generally follows the exclusions of IEC 62645 which are:
- Non-malevolent actions and events such as accidental failures, human errors (except those stated above, such as impacting the performance of cybersecurity controls), and natural events. In particular, good practices for managing applications and data, including backup and restoration related to accidental failure, are out of scope.
This document summarizes key insights of the international and cyber-risk approaches used at NPPs regarding the application of ISO/IEC 27005:2018 [5]. The evaluation is based on 11 challenges to cybersecurity risk management and their applicability to NPP risk management. The challenges are detailed in Clause 7. This document also relates the risk management elements of IEC 62645 and IEC 63096.

Life cycle

NOW

PUBLISHED
IEC TR 63486:2024 ED1
60.60 Standard published
13 sht 2024