iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
IEC

IEC TR 63074:2019

(Main)

Safety of machinery - Security aspects related to functional safety of safety-related control systems

Safety of machinery - Security aspects related to functional safety of safety-related control systems

IEC TR 63074:2019 gives guidance on the use of IEC 62443 (all parts) related to those aspects of security threats and vulnerabilities that could influence functional safety implemented and realized by safety-related control systems (SCS) and could lead to the loss of the ability to maintain safe operation of a machine.
Considered security aspects of the machine with potential relation to SCS are:
– vulnerabilities of the SCS either directly or indirectly through the other parts of the machine which can be exploited by security threats that can result in security attacks (security breach);
– influence on the safety characteristics and ability of the SCS to properly perform its function(s);
– typical use case definition and application of a corresponding threat model.

General Information

Status
Replaced
Publication Date
01-May-2019
ICS
01 - GENERALITIES. TERMINOLOGY. STANDARDIZATION. DOCUMENTATION
13.110 - Safety of machinery
29.020 - Electrical engineering in general
33.180.01 - Fibre optic systems in general
Technical Committee
TC 44 - Safety of machinery - Electrotechnical aspects
Drafting Committee
WG 15 - TC 44/WG 15
Current Stage
DELPUB - Deleted Publication
Completion Date
09-Feb-2023
Ref Project

Relations

Revised
IEC TS 63074:2023 - Safety of machinery - Security aspects related to functional safety of safety-related control systems
Effective Date
05-Sep-2023

Buy Standard

IEC TR 63074:2019 - Safety of machinery - Security aspects related to functional safety of safety-related control systemsIEC TR 63074:2019 - Safety of machinery - Security aspects related to functional safety of safety-related control systems
PreviousNext
Technical report
IEC TR 63074:2019 - Safety of machinery - Security aspects related to functional safety of safety-related control systems
English language
23 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


IEC TR 63074 ®
Edition 1.0 2019-05
TECHNICAL
REPORT
colour
inside
Safety of machinery – Security aspects related to functional safety of safety-
related control systems
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.

need further assistance, please contact the Customer Service

Centre: sales@iec.ch.
IEC TR 63074 ®
Edition 1.0 2019-05
TECHNICAL
REPORT
colour
inside
Safety of machinery – Security aspects related to functional safety of safety-

related control systems
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 13.110; 29.020 ISBN 978-2-8322-6818-6

– 2 – IEC TR 63074:2019 © IEC 2019
CONTENTS
FOREWORD . 3
INTRODUCTION . 5
1 Scope . 6
2 Normative references . 6
3 Terms and definitions . 6
4 Safety and security overview . 10
4.1 General . 10
4.2 Safety objectives . 10
4.3 Security objectives . 11
5 Security aspects related to functional safety . 13
5.1 General . 13
5.1.1 Security risk assessment . 13
5.1.2 Security risk response strategy . 14
5.2 Security countermeasures . 14
5.2.1 General . 14
5.2.2 Identification and authentication . 16
5.2.3 Use control . 16
5.2.4 System integrity . 16
5.2.5 Data confidentiality . 16
5.2.6 Restricted data flow . 17
5.2.7 Timely response to events . 17
5.2.8 Resource availability . 17
6 Verification and maintenance of security countermeasures . 17
7 Information for the user of the machine(s) . 17
Annex A (informative) Basic information related to threats and threat modelling
approach . 18
A.1 Evaluation of threats . 18
A.2 Examples of threat related to a safety-related device . 19
Annex B (informative) Security risk assessment triggers . 21
B.1 General . 21
B.2 Event driven triggers . 21
Annex C (informative) Example of information flow between device supplier,
manufacturer of machine (integrator) and end user of machine . 22
C.1 General . 22
C.2 Example. 22
Bibliography . 23

Figure 1 – Relationship between threat(s), vulnerabilities, consequence(s) and security
risk(s) for SCS performing safety function(s) . 12
Figure 2 – Possible effects of security risk(s) to a SCS . 12
Figure A.1 –Safety-related device and possible accesses . 20
Figure C.1 – Example of information flow during design phase . 22

Table 1 – Overview of foundational requirements and possible influence(s) on a SCS . 15

INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
SAFETY OF MACHINERY –
SECURITY ASPECTS RELATED TO FUNCTIONAL
SAFETY OF SAFETY-RELATED CONTROL SYSTEMS

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as "IEC
Publication(s)"). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
The main task of IEC technical committees is to prepare International Standards. However, a
technical committee may propose the publication of a technical report when it has collected
data of a different kind from that which is normally published as an International Standard, for
example "state of the art".
Technical Report IEC TR 63074 has been prepared by IEC technical committee 44: Safety of
machinery – Electrotechnical aspects.
The text of this Technical Report is based on the following documents:
DTR Report on voting
44/842/DTR 44/843/RVDTR
Full information on the voting for the approval of this Technical Report can be found in the
report on voting indicated in the above table.

– 4 – IEC TR 63074:2019 © IEC 2019
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.
The committee has decided that the contents of this publication will remain unchanged until
the stability date indicated on the IEC web site under "http://webstore.iec.ch" in the data
related to the specific publication. At this date, the publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this publication may be issued at a later date.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
INTRODUCTION
Industrial automation systems can be exposed to security attacks due to the fact that:
– access to the control system is possible, e.g. re-programming of machine functions
(including safety);
– "convergence" between standard IT and industrial systems is increasing;
– operating systems have become present in embedded systems, e.g. IP-based protocols
are replacing proprietary network protocols and data is exchanged directly from the
SCADA network into the office world;
– software is developed by reusing existing third party software components;
– remote access from suppliers has become the standard way of operations / maintenance,
with an increased cyber security risk regarding e.g. unauthorized access, availability and
integrity.
As part of an industrial automation system, safety-related control systems of machines can
also be subject to security attacks that can result in a loss of the ability to maintain safe
operation of a machine.
NOTE 1 The risk potential of attack opportunities is significant seeing the trends and developments of threats and
the amount of known vulnerabilities. Security objectives are mainly described in terms of confidentiality, integrity
and availability, which in general need to be identified and prioritized by using a risk based approach.
Functional safety objectives consider the risk by estimating the severity of harm and the
probability of o
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

IEC
IEC 62282-8-201:2024(Main)
Fuel cell technologies - Part 8-201: Energy storage systems using fuel cell modules in reverse mode - Test procedures for the performance of power-to-power systems

IEC 62282-8-201:2024 is available as IEC 62282-8-201:2024 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.IEC 62282-8-201:2024 defines the evaluation methods of typical performances for electric energy storage systems using hydrogen. It is applicable to the systems that use electrochemical reaction devices for both power charge and discharge. This document applies to systems that are designed and used for service and operation in stationary locations (indoor and outdoor). It specifies performance evaluation methods for electric energy storage systems using hydrogen that employ electrochemical reactions both for water and steam electrolysis and electric power generation. This document is intended for power-to-power systems which typically employ a set of electrolyser and fuel cell, or a reversible cell for devices of electric charge and discharge. This second edition cancels and replaces the first edition published in 2020.
This edition includes the following significant technical changes with respect to the previous edition:
a) consideration of systems connected to hydrogen supply infrastructure (hydrogen grids, vessels, caverns or pipelines);
b) hydrogen input and output rate is added in the system parameters (5.10);
c) electric energy storage capacity test is revised (6.2);
d) roundtrip electrical efficiency test is revised (6.5);
e) hydrogen input and output rate test is added (6.6.6).

  • Standard
    116 pages
    English language
    sale 15% off
  • Standard
    75 pages
    English and French language
    sale 15% off
IEC
IEC 61184:2017/AMD2:2024(Amendment)
Amendment 2 - Bayonet lampholders
  • Standard
    5 pages
    English and French language
    sale 15% off
IEC
IEC 61674:2024(Main)
Medical electrical equipment - Dosimeters with ionization chambers and/or semiconductor detectors as used in X-ray diagnostic imaging

IEC 61674:2024 specifies the performance and some related constructional requirements of DIAGNOSTIC DOSIMETERS intended for the measurement of AIR KERMA, AIR KERMA LENGTH PRODUCT or AIR KERMA RATE, in photon radiation fields used in medical X-ray imaging, such as RADIOGRAPHY, RADIOSCOPY and COMPUTED TOMOGRAPHY (CT), for X-RADIATION with generating potentials in the range of 20 kV to 150 kV. This document is applicable to the performance of DOSIMETERS with VENTED IONIZATION CHAMBERS and/or SEMICONDUCTOR DETECTORS as used in X-ray diagnostic imaging.
IEC 61674:2024 cancels and replaces the second edition published in 2012. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) for mammography, the manufacturer specifies the REFERENCE VALUE for the RADIATION QUALITY;
b) for mammography, the manufacturer provides the MINIMUM RATED RANGE of RADIATION QUALITIES for the compliance test on energy dependence of response;
c) the compliance test for analogue displays was removed;
d) the compliance tests for range reset, the effect of leakage and recombination losses were removed. These tests are already covered by the test on linearity and cannot be conducted for modern devices. The estimation of COMBINED STANDARD UNCERTAINTY was changed accordingly;
e) the compliance test for mains rechargeable and battery-operated dosimeters were updated for modern devices

  • Standard
    116 pages
    English language
    sale 15% off
  • Standard
    75 pages
    English and French language
    sale 15% off
IEC
CISPR 15:2018/AMD1:2024(Amendment)
Amendment 1 - Limits and methods of measurement of radio disturbance characteristics of electrical lighting and similar equipment

CISPR 15:2024 Amendment 1

  • Standard
    71 pages
    English and French language
    sale 15% off
IEC
CISPR 15:2018(Main)
Limits and methods of measurement of radio disturbance characteristics of electrical lighting and similar equipment

CISPR 15:2018 applies to the emission (radiated and conducted) of radiofrequency disturbances from:
- lighting equipment (3.3.16);
- the lighting part of multi-function equipment where this lighting part is a primary function;
- UV and IR radiation equipment for residential and non-industrial applications;
- advertising signs;
- decorative lighting;
- emergency signs.
Excluded from the scope of this document are:
- components or modules intended to be built into lighting equipment and which are not user-replaceable;
- lighting equipment operating in the ISM frequency bands (as defined in Resolution 63 (1979) of the ITU Radio Regulation);
- lighting equipment for aircraft and airfield facilities (runways, service facilities, platforms);
- video signs;
- installations;
- equipment for which the electromagnetic compatibility requirements in the radio-frequency range are explicitly formulated in other CISPR standards, even if they incorporate a built-in lighting function.
The frequency range covered is 9 kHz to 400 GHz. No measurements need to be performed at frequencies where no limits are specified in this document.
Multi-function equipment which is subjected simultaneously to different clauses of this document and/or other standards need to meet the provisions of each clause/standard with the relevant functions in operation.
For equipment outside the scope of this document and which includes lighting as a secondary function, there is no need to separately assess the lighting function against this document, provided that the lighting function was operative during the assessment in accordance with the applicable standard. The radiated emission requirements in this document are not intended to be applicable to the intentional transmissions from a radio transmitter as defined by the ITU, nor to any spurious emissions related to these intentional transmissions.
Within the remainder of this document, wherever the term "lighting equipment" or "EUT" is used, it is meant to be the electrical lighting and similar equipment falling in the scope of this document as specified in this clause. This ninth edition cancels and replaces the eighth edition published in 2013 and its Amendment 1:2015. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition:
a) full editorial revision and restructuring;
b) the restriction to mains and battery operation is deleted in the scope;
c) radiated disturbance limits in the frequency range 300 MHz to 1 GHz have been introduced;
d) the load terminals limits and the CDNE (alternative to radiated emissions) limits have changed;
e) deletion of the insertion-loss requirements and the associated Annex A;
f) introduction of three basic ports: wired network ports, local wired ports and the enclosure port;
g) introduction of a more technology-independent approach;
h) replacement of Annex B (CDNE) by appropriate references to CISPR 16-series of standards;
i) modified requirements for the metal holes of the conical housing;
j) new conducted disturbance measurement method for GU10 self-ballasted lamp;
k) addition of current probe measurement method and limits for various types of ports (in addition to voltage limits and measurement methods);
l) introduction of the term ‘module’ (instead of independent auxiliary) and requirements for measurement of modules using a host (reference) system;
m) modified specifications for stabilization times of EUTs;
n) for large EUT (> 1,6 m), addition of the magnetic field measurement method using a 60 cm loop antenna at 3 m distance (method from CISPR 14-1) as an alternative to the 3 m and 4 m LAS.
Keywords: emission (radiated and conducted) of radiofrequency disturbance
The contents of the Interpretation Sheet 1 of November 2019 have been included in this copy.

  • Standard
    170 pages
    English language
    sale 15% off
  • Standard
    153 pages
    English and French language
    sale 15% off
IEC
IEC 62631-3-12:2024(Main)
Dielectric and resistive properties of solid insulating materials - Part 3-12: Determination of resistive properties (DC methods) - Volume resistance and volume resistivity - Method for casting resins

IEC 62631-3-12:2024 specifies a method of test for the determination of volume resistance and volume resistivity of electrical insulation materials by applying a DC voltage. It covers casting resins described in IEC 60455-3-1, IEC 60455-3-2, IEC 60455-3-3, IEC 60455-3-4, IEC 60455-3-8 and similar products.
For other specific types of materials, other standards or the general method described in IEC 62631-3-1 can be more suitable.

  • Standard
    24 pages
    English and French language
    sale 15% off
IEC
IEC TR 61643-03:2024(Main)
Low-voltage surge protective devices - Part 03: SPD Testing Guide

IEC TR 61643-03:2024 applies to SPD testing in accordance with the IEC 61643-x1 series and for SPD coordination and system level immunity purposes.
It aims to provide guidance and helpful information for correct test execution and accurate interpretation of measurement results. It is also intended to further enhance repeatability and comparability throughout different test laboratories and to establish an acceptable accuracy level for the test results obtained.
The main subjects are: Test application, Test arrangement/setup, Probe application, SPD coordination testing, and System level immunity testing

  • Technical report
    56 pages
    English language
    sale 15% off
IEC
IEC TS 62600-103:2024(Main)
Marine energy - Wave, tidal and other water current converters - Part 103: Guidelines for the early stage development of wave energy converters - Best practices and recommended procedures for the testing of pre-prototype devices

IEC TS 62600-103:2024 is available as IEC TS 62600-103:2024 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.IEC TS 62600-103:2024 is concerned with the sub-prototype scale development of wave energy converters (WECs). It includes wave tank test programmes, where wave conditions are controlled so they can be scheduled, and first sea trials, where sea states occur naturally and the programmes are adjusted and flexible to accommodate the conditions. Commercial-scale prototype tests are not covered in this document.
This document addresses:
- Planning an experimental programme, including a design statement, technical drawings, facility selection, site data and other inputs as specified in Clause 5.
- Device characterisation, including the physical device model, PTO components and mooring arrangements where appropriate.
- Environment characterisation, concerning either the tank testing facility or the sea deployment site, depending on the stage of development.
- Specification of specific test goals, including power conversion performance, device motions, device loads and device survival.
This document prescribes the minimum test programmes that form the basis of a structured technology development schedule. For each testing campaign, the prerequisites, goals and minimum test plans are specified. This document serves a wide audience of wave energy stakeholders, including device developers and their technical advisors; government agencies and funding councils; test centres and certification bodies; private investors; and environmental regulators and NGOs.

  • Technical specification
    66 pages
    English language
    sale 15% off
  • Technical specification
    135 pages
    English language
    sale 15% off
IEC
IEC 61400-8:2024(Main)
Wind energy generation systems - Part 8: Design of wind turbine structural components

IEC 61400-8:2024 outlines the minimum requirements for the design of wind turbine nacelle-based structures and is not intended for use as a complete design specification or instruction manual. This document focuses on the structural integrity of the structural components constituted within and in the vicinity of the nacelle, including the hub, mainframe, main shaft, associated structures of direct-drives, gearbox structures, yaw structural connection, nacelle enclosure. It also addresses connections of the structural components to control and protection mechanisms, as well as structural connections of electrical units and other mechanical systems. This document focuses primarily on ferrous material-based nacelle structures but can apply to other materials also as appropriate

  • Standard
    133 pages
    English and French language
    sale 15% off
IEC
IEC 60601-2-37:2024(Main)
Medical electrical equipment - Part 2-37: Particular requirements for the basic safety and essential performance of ultrasonic medical diagnostic and monitoring equipment

IEC 60601-2-37:2024 is available as IEC 60601-2-37:2024 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.IEC 60601-2-37:2024 applies to the BASIC SAFETY and ESSENTIAL PERFORMANCE of ULTRASONIC DIAGNOSTIC EQUIPMENT as defined in 201.3.217, hereinafter referred to as ME EQUIPMENT. If a clause or subclause is specifically intended to be applicable to ME EQUIPMENT only, or to ME SYSTEMS only, the title and content of that clause or subclause will say so. If that is not the case, the clause or subclause applies both to ME EQUIPMENT and to ME SYSTEMS, as relevant. HAZARDS inherent in the intended physiological function of ME EQUIPMENT or ME SYSTEMS within the scope of this document are not covered by specific requirements in this document except in 201.7.2.13. This document does not cover ultrasonic therapeutic equipment. Equipment used for the imaging or diagnosis of body structures by ultrasound in conjunction with other medical procedures is covered. IEC 60601-2-37:2024 cancels and replaces the second edition published in 2007 and Amendment 1:2015. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) technical and editorial changes resulting from the amended general standard IEC 60601 1:2005, IEC 60601-1:2005/AMD1:2012 and IEC 60601-1:2005/AMD2:2020 and its collateral standards IEC 60601-1-xx,
b) technical and editorial changes as a result of maintenance to normative references;
c) technical and editorial changes resulting from relevant developments in TC 87 Ultrasonics standards. In particular, Clause 201.11 about protection against excessive temperatures and other hazards has been fully revised.

  • Standard
    181 pages
    English language
    sale 15% off
  • Standard
    118 pages
    English and French language
    sale 15% off