BS IEC 62859 pdf free download

BS IEC 62859 pdf free download.Nuclear power plants一Instrumentation and control systems一Requirements for coordinating safety and cybersecurity.
5.3 Thematic requirements and recommendations
5.3.1 Delineation of security zones
5.3.1.1 General
As defined in IEC 62645, security zones are practical and architectural implementations of a graded approach to cybersecurity; they allow l&C systems with similar importance concerning safety and plant performance (i.e. having the same security degree) to be grouped together for administration and application of protective measures. As per IEC 62645, criteria for defining a security zone include organizational issues (such as ownership/responsibility), localisation, architectural or technical aspects. In practice, security zones are implemented as means against the propagation of cyberattacks. In such context, when a zone model is enforced as recommended by IEC 62645, the following applies:
a) The delineation of security zones, as per IEC 62645, shall take into account and leverage independence and physical separation requirements introduced for the purpose of enhancing safety.
b) Data communication aspects (md. logical separation) and geographical/physical separation as well as independence aspects shall be considered together to delineate security zones.
NOTE Geographical separation and independence features are not sufficient to delineate security zones.
5.3.1.2 Dealing with systems with several divisions
a) The divisions (or trains) of a given l&C programmable digital system should be grouped in the same security zone, unless the communications between divisions can be efficiently filtered and monitored from a cybersecurity perspective.
b) The divisions (or trains) of a given l&C programmable digital system shall be grouped in the same security zone if a common engineering tool is used to configure them.
NOTE This requirement holds even if the tool is connected only to one division at a time: if the tool is
compromised, it can support an asynchronous attack, compromising divisions one after the other.
5.3.1.3 Dealing with systems sharing common resources
a) l&C programmable digital systems sharing common computer-based tools (e.g. configuration, testing, and/or maintenance tools) shall be grouped in the same security zone, unless it is demonstrated from a cybersecurity perspective that the tools cannot directly impact the systems they are connected to.
b) l&C programmable digital systems sharing a common network or communication bus without cybersecurity technical provisions securing the communications should be grouped in the same security zone, even if they perform functions of different safety categories. As per IEC 62645, the security degree assignment shall take into account the most sensitive safety category.
5.3.2 ProvIsions for coping with common cause failures (Including diversity)
a) In some cases, provisions taken in order to cope with common cause failures (CCF), including diversity, can be leveraged from a cybersecurity perspective, and should be leveraged in such cases. When claimed in cybersecurity oriented analyses, the cybersecurity benefit shall be assessed and validated by staff responsible for cybersecurity, taking into account context-relevant malicious threats and potential cyberattacks (consistently with 5.2 f).
NOTE 1 Provisions resulting from requirements, recommendations and associated safety practices as per 5.4.2.6 of IEC 61513:2011 (for all l&C systems important to safety), Clause 13 of IEC 60880:2006 (for software aspects of systems performing category A functions), IEC 62340 or equivalent (for systems performing category A functions), are for instance directly concerned by 5.3.2a).
NOTE 2 As for safety, diversity is also commonly used in cybersecurity: examples include the use of diverse penetration testing tools, diverse skills of cybersecurity team members or auditors. However, expecting benefit from diversity in all situations for both safety and cybersecurity is questionable. Diversity is generally used “in series” to bring cybersecurity benefit (involving the need to compromise one system after another to reach a target), whereas it is generally used TMin parallel” to bring benefit in safety.BS IEC 62859 pdf download.