IEC TR 63415:2023 provides an overview over the formalized modelling and designing of cybersecure architectures to apply for I&C system cybersecurity enforcement at NPPs. The plant-specific risk assessment can use the techniques covered by this TR. This document considers the complex problem of NPP I&C architecture synthesis to address particular issues:
- asset classification,
- barrier measures assignment,
- the information transfer and links conformity with security requirements.
This document provides guidance on creating a comprehensive security model applicable to NPP I&C systems that describes NPP I&C cybersecurity architecture and aids in accomplishing the main tasks of I&C system secure design, which are:
- specification of system designs with increased determinism that enhance security,
- mapping of the security requirements into the security architecture of the I&C system,
- definition of the security requirements for information exchange between components within the I&C system, operators and other systems,
- assistance in the determination of the security degree assignment with a model-based technique considering asset properties and formal grouping of the assets,
design and establishment of security zones boundaries.