The scope of this document is to capture the national and international cyber-risk approaches employed to manage cybersecurity risks associated with Instrumentation and Control (I&C) and Electrical Power Systems (EPS) at a Nuclear Power Plant (NPP).
This document summarizes an evaluation of cyber-risk approaches that are in use by nuclear facility operators to manage cybersecurity risks.
The scope of this document generally follows the exclusions of IEC 62645 which are:
- Non-malevolent actions and events such as accidental failures, human errors (except those stated above, such as impacting the performance of cybersecurity controls), and natural events. In particular, good practices for managing applications and data, including backup and restoration related to accidental failure, are out of scope.
This document summarizes key insights of the international and cyber-risk approaches used at NPPs regarding the application of ISO/IEC 27005:2018 [5]. The evaluation is based on 11 challenges to cybersecurity risk management and their applicability to NPP risk management. The challenges are detailed in Clause 7. This document also relates the risk management elements of IEC 62645 and IEC 63096.">
Nuclear facilities - Instrumentation, control and electrical power systems - Cybersecurity risk management approaches
Currently Viewing
Expand Your Knowledge and Unlock Your Learning Potential - Your One-Stop Source for Information!
© Copyright 2024 BSB Edge Private Limited.