Environmental Engineering Reference
In-Depth Information
Additionally, the document outlines a design life
cycle that could be used by the designers and the
reviewers for FPGA-based safety systems. Also
NUREG/CR 7006 presents results for survey of
FPGA design guides and experience relevant to
NPP application, as well as search results for
technical standards related to FPGA design.
Next two documents (EPRI TR1019181, 2009
and EPRI TR1022983, 2011) were prepared by
the Electric Power Research Institute (EPRI) in
order to assist utilities in understanding, evalu-
ating, and applying FPGA technology in NPP
I&C systems and to address the use of FPGA
technology in retrofits to operating NPPs and
in new NPPs designs. These documents discuss
advantages and limitations of FPGA technology
on the basis of experience and lessons learned
from previous applications, provide guidance on
planning and conceptual design of modifications
employing FPGA technology and on specifying
and selecting FPGA-based systems; guidance on
designing an FPGA application is also included,
addressing the full life cycle of requirements,
design, verification, and validation.
Category related to security is represented by
IEC 62566. This document focuses on activities
applied for developed Hardware Description
Languages (HDL)-based integrated circuits (i.e.
developed with HDL and related software tools)
within an I&C system development project. In
particular, it covers the following aspects: an ap-
proach to specify the requirements of, to design,
to implement and to verify HDL-based integrated
circuits, and to handle the corresponding aspects
of system integration and validation; an approach
to analyze and select the blank integrated circuits,
micro-electronic technologies and Pre-Developed
Blocks used to develop HDL-based integrated
circuits; procedures for the modification and
configuration control of HDL-based integrated
circuits; and requirements for selection and use
of software tools used to develop HDL-based
integrated circuits.
In IEC 60880 standard (IEC 60880, 2006) only
separate items are related to problems of security
assurance. It is noted that main measures for soft-
ware security assurance are applied at the systems
level (for example, physical security measures).
Some requirements for minimization of
software vulnerabilities related to supporting of
protective measures, implemented at the system
level, are presented, in particular:
•
Requirements for software security analy-
sis coverage.
•
Requirements for accounting of the analy-
sis results at diferent stages of software
life cycle.
•
Requirements related to users' access.
•
Requirements related to security during
software design process.
IEC 61513 standard (IEC 61513, 2011)
contains security requirements at I&C system's
architecture level and also at the level of their
separate components. It is noted that software
(code, parameters and data) is especially vulner-
able during design and maintenance.
A general plan of safety assurance that deter-
mines procedural and technical measures used
for protection of I&C architecture from both
intentional and planned attacks is introduced.
Also character is determined, and requirements
for content of the systems security assurance plan
are provided.
IEC 62138 standard (IEC 62138, 2004) supple-
ments IEC 61513 with the following software
requirements:
•
Performing of threats and vulnerabilities
analysis of I&C system software that takes
into account security life cycle stages and
determines requirements for protection,
availability, privacy and integrity of data
and functions (that can include: identiica-
tion of security critical data and functions;
Search WWH ::
Custom Search