SIST EN IEC 62988:2022
(Main)Nuclear power plants - Instrumentation and control systems important to safety - Selection and use of wireless devices (IEC 62988:2018)
Nuclear power plants - Instrumentation and control systems important to safety - Selection and use of wireless devices (IEC 62988:2018)
This document establishes requirements relevant to the selection and use of wireless devices
in instrumentation and control (I&C) systems important to safety used in nuclear power plants
(NPPs). Those I&C systems may fully consist of wireless devices.
NOTE The word “use” refers to the integration of the device, its qualification, administrative control, and every
other activity that may be necessary to use the device in an important to safety application.
This document applies to the I&C of new NPPs and to backfit of I&C in existing NPPs. Every
wireless device or wireless system that is important to safety is in the scope of this document.
Both fixed and mobile devices and all data types (voice, process data, etc.) are included
within the scope if they provide a safety classified function.
This document restricts the use of wireless devices to systems supporting category C
functions according to IEC 61226, excluding explicitly their use for categories A and B.
Non-safety devices and systems may use this document as guidelines, for example to ensure
that important to safety devices are not disturbed.
– Clause 5 describes the fundamental requirements regarding safety and cybersecurity.
– Clause 6 gives wireless-specific requirements that have to be included in the system
design.
– Clause 7 describes the requirements for the selection and integration of wireless devices.
– Clause 8 deals with electromagnetic compatibility and spectrum management.
– Clause 9 gives wireless-specific requirements regarding cybersecurity.
– Clause 10 describes the requirements for the qualification of wireless devices and their
environment.
Kernkraftwerke - Leittechnische Systeme mit sicherheitstechnischer Bedeutung - Auswahl und Einsatz drahtloser Geräte (IEC 62988:2018)
Centrales nucléaires de puissance - Systèmes d'instrumentation et de contrôle-commande importants pour la sûreté - Sélection et utilisation des appareils sans fil (IEC 62988:2018)
L'IEC 62988:2018 établit les exigences applicables pour la sélection et l’utilisation des appareils sans fil intégrés dans les systèmes d’instrumentation et de contrôle-commande (I&C) importants pour la sûreté employés dans les centrales nucléaires de puissance (CNP). Ces systèmes d’I&C peuvent être intégralement constitués d’appareils sans fil. Le présent document est applicable pour la construction des nouvelles CNP et pour la rénovation de l’I&C sur les CNP existantes. Tous les appareils sans fil ou les systèmes sans fil importants pour la sûreté relèvent du domaine du présent document. Les appareils fixes comme les appareils mobiles et tous les types de données (voix, données du procédé, etc.) sont couverts par le domaine du présent document s’ils réalisent une fonction classée de sûreté. Le présent document restreint l’utilisation des appareils sans fil aux systèmes réalisant des fonctions de sûreté de catégorie C telle que définie par l’IEC 61226, et exclut explicitement leur utilisation pour les catégories A et B. On peut utiliser le présent document comme un guide pour les appareils et les systèmes non classés de sûreté, par exemple pour s’assurer que les appareils importants pour la sûreté ne sont pas perturbés.
Jedrske elektrarne - Merilna in nadzorna oprema za zagotavljanje varnosti - Izbira in uporaba brezžičnih naprav (IEC 62988:2018)
Ta dokument določa zahteve v zvezi z izbiro in uporabo brezžičnih naprav pri merilni in nadzorni opremi (I&C), ki so pomembne za zagotavljanje varnosti in se uporabljajo v jedrskih elektrarnah (NPP). To merilno in nadzorno opremo lahko sestavljajo izključno brezžične naprave. OPOMBA: Beseda »uporaba« se navezuje na integracijo naprave, njeno primernost, upravni nadzor in vse druge dejavnosti, ki so lahko potrebne za uporabo naprave za zagotavljanje varnosti. Ta dokument se uporablja za merilno in nadzorno opremo novih jedrskih elektrarn ter za nadgradnjo merilne in nadzorne opreme v obstoječih jedrskih elektrarnah. Ta dokument zajema vse brezžične naprave in opremo, ki so pomembni za zagotavljanje varnosti. Njegovo področje uporabe vključuje tako fiksne kot prenosne naprave in vse vrste podatkov (glasovni podatki, procesni podatki itd.), ki opravljajo varnostno funkcijo. Ta dokument omejuje uporabo brezžičnih naprav na opremo, ki podpirajo funkcije kategorije C v skladu s standardom IEC 61226, in izrecno izključuje njihovo uporabo za kategoriji A in B. Ta dokument se lahko uporablja tudi kot smernica za naprave in opremo, ki niso varnostni, na primer za preprečevanje motenj pri varnostnih napravah. – Točka 5 vsebuje opis glavnih zahtev glede varnosti in kibernetske varnosti. – Točka 6 določa posebne zahteve za brezžične naprave, ki jih je treba vključiti v zasnovo sistema. – Točka 7 vsebuje opis zahtev za izbiro in integracijo brezžičnih naprav. – Točka 8 obravnava elektromagnetno združljivost in upravljanje spektra. – Točka 9 določa zahteve glede kibernetske varnosti za brezžične naprave. – Točka 10 vsebuje opis zahtev na področju primernosti brezžičnih naprav in njihovega okolja.
General Information
Standards Content (Sample)
SLOVENSKI STANDARD
SIST EN IEC 62988:2022
01-oktober-2022
Jedrske elektrarne - Merilna in nadzorna oprema za zagotavljanje varnosti - Izbira
in uporaba brezžičnih naprav (IEC 62988:2018)
Nuclear power plants - Instrumentation and control systems important to safety -
Selection and use of wireless devices (IEC 62988:2018)
Kernkraftwerke - Leittechnische Systeme mit sicherheitstechnischer Bedeutung -
Auswahl und Einsatz drahtloser Geräte (IEC 62988:2018)
Centrales nucléaires de puissance - Systèmes d'instrumentation et de contrôle-
commande importants pour la sûreté - Sélection et utilisation des appareils sans fil (IEC
62988:2018)
Ta slovenski standard je istoveten z: EN IEC 62988:2022
ICS:
27.120.20 Jedrske elektrarne. Varnost Nuclear power plants. Safety
SIST EN IEC 62988:2022 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
SIST EN IEC 62988:2022
---------------------- Page: 2 ----------------------
SIST EN IEC 62988:2022
EUROPEAN STANDARD EN IEC 62988
NORME EUROPÉENNE
EUROPÄISCHE NORM August 2022
ICS 27.120.20
English Version
Nuclear power plants - Instrumentation and control systems
important to safety - Selection and use of wireless devices
(IEC 62988:2018)
Centrales nucléaires de puissance - Systèmes Kernkraftwerke - Leittechnische Systeme mit
d'instrumentation et de contrôle-commande importants pour sicherheitstechnischer Bedeutung - Auswahl und Einsatz
la sûreté - Sélection et utilisation des appareils sans fil drahtloser Geräte
(IEC 62988:2018) (IEC 62988:2018)
This European Standard was approved by CENELEC on 2022-08-08. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Türkiye and the United Kingdom.
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2022 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN IEC 62988:2022 E
---------------------- Page: 3 ----------------------
SIST EN IEC 62988:2022
EN IEC 62988:2022 (E)
European foreword
This document (EN IEC 62988:2022) consists of the text of document IEC 62988:2018, prepared by
IEC/TC 45 "Instrumentation, control and electrical power systems of nuclear facilities"
The following dates are fixed:
• latest date by which this document has to be (dop) 2023-08-08
implemented at national level by publication of an
identical national standard or by endorsement
• latest date by which the national standards (dow) 2025-08-08
conflicting with this document have to be withdrawn
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN-CENELEC shall not be held responsible for identifying any or all such patent rights.
As stated in the nuclear safety directive 2009/71/EURATOM, Chapter 1, Article 2, item 2, Member States
are not prevented from taking more stringent safety measures in the subject-matter covered by the
Directive, in compliance with Community law.
In a similar manner, this European standard does not prevent Member States from taking more stringent
nuclear safety and/or security measures in the subject-matter covered by this standard.
Any feedback and questions on this document should be directed to the users’ national standards
body/national committee. A complete listing of these bodies can be found on the CEN and CENELEC
websites.
Endorsement notice
The text of the International Standard IEC 62988:2018 was approved by CENELEC as a European
Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standards indicated:
IEC 61000-4-3 NOTE Harmonized as EN IEC 61000-4-3
IEC 61226 NOTE Harmonized as EN IEC 61226
IEC 62003 NOTE Harmonized as EN IEC 62003
IEC 62657-1:2017 NOTE Harmonized as EN 62657-1:2017 (not modified)
IEC 62657-2:2017 NOTE Harmonized as EN 62657-2:2017 (not modified)
2
---------------------- Page: 4 ----------------------
SIST EN IEC 62988:2022
EN IEC 62988:2022 (E)
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
NOTE 1 When an International Publication has been modified by common modifications, indicated by (mod), the
relevant EN/HD applies.
NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available
here: www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 60987 2007 Nuclear power plants - Instrumentation and EN 60987 2015
control important to safety - Hardware
design requirements for computer-based
systems
IEC 61513 2011 Nuclear power plants - Instrumentation and EN 61513 2013
control important to safety - General
requirements for systems
IEC 62138 - Nuclear power plants - Instrumentation and EN IEC 62138 -
control systems important to safety -
Software aspects for computer-based
systems performing category B or C
functions
IEC 62645 - Nuclear power plants - Instrumentation, EN IEC 62645 -
control and electrical power systems -
Cybersecurity requirements
IEC 62671 - Nuclear power plants - Instrumentation and - -
control important to safety - Selection and
use of industrial digital devices of limited
functionality
IEC/IEEE 60780-323 - Nuclear facilities - Electrical equipment EN 60780-323 -
important to safety - Qualification
3
---------------------- Page: 5 ----------------------
SIST EN IEC 62988:2022
---------------------- Page: 6 ----------------------
SIST EN IEC 62988:2022
IEC 62988
®
Edition 1.0 2018-05
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
Nuclear power plants – Instrumentation and control systems important to
safety – Selection and use of wireless devices
Centrales nucléaires de puissance – Systèmes d’instrumentation et de contrôle-
commande importants pour la sûreté – Sélection et utilisation des appareils
sans fil
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 27.120.20 ISBN 978-2-8322-5655-8
Warning! Make sure that you obtained this publication from an authorized distributor.
Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.
® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale
---------------------- Page: 7 ----------------------
SIST EN IEC 62988:2022
– 2 – IEC 62988:2018 © IEC 2018
CONTENTS
FOREWORD . 3
INTRODUCTION . 5
1 Scope . 7
2 Normative references . 7
3 Terms and definitions . 8
4 Symbols and abbreviations . 11
5 Fundamental requirements . 11
5.1 Safety classification . 11
5.2 Physical separation and isolation . 11
5.3 Cybersecurity . 12
6 Wireless application: system requirements . 12
6.1 General . 12
6.2 Network architecture . 12
6.3 Network performance . 12
6.4 Network surveillance and monitoring . 12
6.5 Power supply requirements . 13
6.6 Physical security . 13
6.7 Electromagnetic security . 13
7 Device selection: evidence of correctness and device integration . 13
7.1 General . 13
7.2 Quality assurance . 13
7.3 Functional and performance suitability . 14
7.4 Integration into the application . 14
7.5 Device self-monitoring . 14
7.6 Solution preferences . 14
8 Radio emissions . 14
8.1 Electromagnetic compatibility . 14
8.2 Radio coverage requirements . 15
8.3 Spectrum management . 15
8.3.1 General . 15
8.3.2 Flexibility . 15
8.3.3 Mobility . 16
9 Cybersecurity . 16
9.1 General requirements . 16
9.2 Wireless-specific requirements . 16
9.2.1 Data logging . 16
9.2.2 Site topology . 16
9.2.3 Connection to a wired network . 16
9.2.4 Network surveillance . 16
10 Qualification . 17
10.1 Hardware qualification . 17
10.2 Software qualification . 17
11 Documentation . 17
Bibliography . 18
---------------------- Page: 8 ----------------------
SIST EN IEC 62988:2022
IEC 62988:2018 © IEC 2018 – 3 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
NUCLEAR POWER PLANTS – INSTRUMENTATION AND CONTROL
SYSTEMS IMPORTANT TO SAFETY – SELECTION
AND USE OF WIRELESS DEVICES
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62988 has been prepared by subcommittee 45A: Instrumentation,
control and electrical power systems of nuclear facilities, of IEC technical committee 45:
Nuclear instrumentation.
The text of this International Standard is based on the following documents:
FDIS Report on voting
45A/1187/FDIS 45A/1198/RVD
Full information on the voting for the approval of this International Standard can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.
---------------------- Page: 9 ----------------------
SIST EN IEC 62988:2022
– 4 – IEC 62988:2018 © IEC 2018
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
---------------------- Page: 10 ----------------------
SIST EN IEC 62988:2022
IEC 62988:2018 © IEC 2018 – 5 –
INTRODUCTION
a) Technical background, main issues and organization of this document
This document sets out requirements applicable to wireless devices that are used to perform
functions important to safety in nuclear power plants (NPPs).
It is intended that this document be used by operators of NPPs (utilities), systems evaluators
and by licensors.
b) Situation of this document in the structure of the IEC SC 45A standard series
IEC 62988 is a third level IEC SC 45A document covering the selection and use of wireless
devices in instrumentation and control (I&C) systems important to safety used in NPPs.
For more details on the structure of the IEC SC 45A standard series, see item d) of this
introduction.
c) Recommendations and limitations regarding the application of this document
It is important to note that this document is applicable to all important to safety systems
containing wireless devices, including systems performing category A and B functions (and in
such systems, wireless devices are prohibited by this document). Therefore, only systems
performing category C functions are required to follow the requirements of this document.
To ensure that this document will continue to be relevant in future years, the emphasis has
been placed on issues of principle, rather than specific technologies.
d) Description of the structure of the IEC SC 45A standard series and relationships
with other IEC documents and other bodies' documents (IAEA, ISO)
The top-level documents of the IEC SC 45A standard series are IEC 61513 and IEC 63046.
IEC 61513 provides general requirements for I&C systems and equipment that are used to
perform functions important to safety in NPPs. IEC 63046 provides general requirements for
electrical power systems of NPPs; it covers power supply systems including the supply
systems of the I&C systems. IEC 61513 and IEC 63046 are to be considered in conjunction
and at the same level. IEC 61513 and IEC 63046 structure the IEC SC 45A standard series
and shape a complete, coherent et consistent framework establishing general requirements
for instrumentation, control and electrical systems for nuclear power plants.
IEC 61513 and IEC 63046 refer directly to other IEC SC 45A standards for general topics
related to categorization of functions and classification of systems, qualification, separation,
defence against common cause failure, control room design, electromagnetic compatibility,
cybersecurity, software and hardware aspects for programmable digital systems, coordination
of safety and security requirements and management of ageing. The standards referenced
directly at this second level should be considered together with IEC 61513 and IEC 63046 as
a consistent document set.
At a third level, IEC SC 45A standards not directly referenced by IEC 61513 or by IEC 63046
are standards related to specific equipment, technical methods, or specific activities. Usually
these documents, which make reference to second-level documents for general topics, can be
used on their own.
A fourth level extending the IEC SC 45 standard series, corresponds to the Technical Reports,
which are not normative.
---------------------- Page: 11 ----------------------
SIST EN IEC 62988:2022
– 6 – IEC 62988:2018 © IEC 2018
The IEC SC 45A standards series consistently implements and details the safety and security
principles and basic aspects provided in the relevant IAEA safety standards and in the
relevant documents of the IAEA nuclear security series (NSS). In particular, this includes the
IAEA requirements SSR-2/1, establishing safety requirements related to the design of nuclear
power plants (NPPs), the IAEA safety guide SSG-30 dealing with the safety classification of
structures, systems and components in NPPs, the IAEA safety guide SSG-39 dealing with the
design of instrumentation and control systems for NPPs, the IAEA safety guide SSG-34
dealing with the design of electrical power systems for NPPs and the implementing guide
NSS17 for computer security at nuclear facilities. The safety and security terminology and
definitions used by IEC SC 45A standards are consistent with those used by the IAEA.
IEC 61513 and IEC 63046 have adopted a presentation format similar to the basic safety
publication IEC 61508 with an overall life-cycle framework and a system life-cycle framework.
Regarding nuclear safety, IEC 61513 and IEC 63046 provide the interpretation of the general
requirements of IEC 61508-1, IEC 61508-2 and IEC 61508-4, for the nuclear application
sector. In this framework, IEC 60880, IEC 62138 and IEC 62566 correspond to IEC 61508-3
for the nuclear application sector. IEC 61513 and IEC 63046 refer to ISO as well as to
IAEA GS-R-3 and IAEA GS-G-3.1 and IAEA GS-G-3.5 for topics related to quality assurance
(QA). At level 2, regarding nuclear security, IEC 62645 is the entry document for the
IEC SC 45A security standards. It builds upon the valid high level principles and main
concepts of the generic security standards, in particular ISO/IEC 27001 and ISO/IEC 27002; it
adapts them and completes them to fit the nuclear context and coordinates with the
IEC 62443 series. At level 2, IEC 60964 is the entry document for the IEC SC 45A control
rooms standards and IEC 62342 is the entry document for the IEC SC 45A ageing
management standards.
NOTE 1 It is assumed that for the design of I&C systems in NPPs that implement conventional safety functions
(e.g. to address worker safety, asset protection, chemical hazards, process energy hazards) international or
national standards would be applied.
NOTE 2 IEC SC 45A domain was extended in 2013 to cover electrical systems. In 2014 and 2015 discussions
were held in IEC SC 45A to decide how and where general requirements for the design of electrical systems were
to be considered. IEC SC 45A experts recommended that an independent standard be developed at the same level
as IEC 61513 to establish general requirements for electrical systems. Project IEC 63046 is now launched to cover
this objective. When IEC 63046 is published this NOTE 2 of the introduction of IEC SC 45A standards will be
suppressed.
---------------------- Page: 12 ----------------------
SIST EN IEC 62988:2022
IEC 62988:2018 © IEC 2018 – 7 –
NUCLEAR POWER PLANTS – INSTRUMENTATION AND CONTROL
SYSTEMS IMPORTANT TO SAFETY – SELECTION
AND USE OF WIRELESS DEVICES
1 Scope
This document establishes requirements relevant to the selection and use of wireless devices
in instrumentation and control (I&C) systems important to safety used in nuclear power plants
(NPPs). Those I&C systems may fully consist of wireless devices.
NOTE The word “use” refers to the integration of the device, its qualification, administrative control, and every
other activity that may be necessary to use the device in an important to safety application.
This document applies to the I&C of new NPPs and to backfit of I&C in existing NPPs. Every
wireless device or wireless system that is important to safety is in the scope of this document.
Both fixed and mobile devices and all data types (voice, process data, etc.) are included
within the scope if they provide a safety classified function.
This document restricts the use of wireless devices to systems supporting category C
functions according to IEC 61226, excluding explicitly their use for categories A and B.
Non-safety devices and systems may use this document as guidelines, for example to ensure
that important to safety devices are not disturbed.
– Clause 5 describes the fundamental requirements regarding safety and cybersecurity.
– Clause 6 gives wireless-specific requirements that have to be included in the system
design.
– Clause 7 describes the requirements for the selection and integration of wireless devices.
– Clause 8 deals with electromagnetic compatibility and spectrum management.
– Clause 9 gives wireless-specific requirements regarding cybersecurity.
– Clause 10 describes the requirements for the qualification of wireless devices and their
environment.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their
content constitutes requirements of this document. For dated references, only the edition
cited applies. For undated references, the latest edition of the referenced document (including
any amendments) applies.
IEC/IEEE 60780-323, Nuclear facilities – Electrical equipment important to safety –
Qualification
IEC 60987:2007, Nuclear power plants – Instrumentation and control important to safety –
Hardware design requirements for computer-based systems
IEC 61513:2011, Nuclear power plants – Instrumentation and control important to safety –
General requirements for systems
IEC 62138, Nuclear power plants – Instrumentation and control important for safety –
Software aspects for computer-based systems performing category B or C functions
---------------------- Page: 13 ----------------------
SIST EN IEC 62988:2022
– 8 – IEC 62988:2018 © IEC 2018
IEC 62645, Nuclear power plants – Instrumentation and control systems – Requirements for
security programmes for computer-based systems
IEC 62671, Nuclear power plants – Instrumentation and control important to safety – Selection
and use of industrial digital devices of limited functionality
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following
addresses:
• IEC Electropedia: available at http://www.electropedia.org/
• ISO Online browsing platform: available at http://www.iso.org/obp
3.1
authentication
provision of assurance that a claimed characteristic of an entity is correct
[SOURCE: ISO/IEC 27000:2018, 3.5]
3.2
category of an I&C function
one of three possible safety assignments (A, B, C) of I&C functions resulting from
considerations of the safety relevance of the function to be performed. An unclassified
assignment may be made if the function has no importance to safety.
Note 1 to entry: See also "class of an I&C system".
Note 2 to entry: IEC 61226 defines categories of I&C functions. To each category there corresponds a set of
requirements applicable on both the I&C function (concerning its specification, design, implementation, verification
and validation) and the whole chain of items which are necessary to implement the function (concerning the
properties and the related qualification) regardless of how these items are distributed in a number of
interconnected I&C systems. For more clarity, this document defines categories of I&C functions and classes of
I&C systems and establishes a relationship between the category of the function and the minimal required class for
the associated systems and equipment.
[SOURCE: IEC 61513:2011, 3.4]
3.3
class of an I&C system
one of three possible assignments (1, 2 or 3) of I&C systems important to safety resulting
from consideration of their requirement to implement I&C functions of different safety
importance. An unclassified assignment is made if the I&C system does not implement
functions important to safety.
Note 1 to entry: See also "category of an I&C function", "safety system".
[SOURCE: IEC 61513:2011, 3.6]
3.4
spectrum management
coexistence management
process to establish and to maintain coexistence that includes technical and organizational
measures
[SOURCE: IEC 62657-2:2017, 3.1.15, modified – The preferred term "spectrum
management" has been added.]
-----
...
SLOVENSKI STANDARD
oSIST prEN IEC 62988:2022
01-junij-2022
Jedrske elektrarne - Merilna in nadzorna oprema za zagotavljanje varnosti - Izbira
in uporaba brezžičnih naprav
Nuclear power plants - Instrumentation and control systems important to safety -
Selection and use of wireless devices
Kernkraftwerke - Leittechnische Systeme mit sicherheitstechnischer Bedeutung -
Auswahl und Einsatz drahtloser Geräte
Centrales nucléaires de puissance - Systèmes d'instrumentation et de contrôle-
commande importants pour la sûreté - Sélection et utilisation des appareils sans fil
Ta slovenski standard je istoveten z: prEN IEC 62988:2022
ICS:
27.120.20 Jedrske elektrarne. Varnost Nuclear power plants. Safety
oSIST prEN IEC 62988:2022 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
oSIST prEN IEC 62988:2022
---------------------- Page: 2 ----------------------
oSIST prEN IEC 62988:2022
EUROPEAN STANDARD DRAFT
prEN IEC 62988
NORME EUROPÉENNE
EUROPÄISCHE NORM
April 2022
ICS 27.120.20 -
English Version
Nuclear power plants - Instrumentation and control systems
important to safety - Selection and use of wireless devices
(IEC 62988:2018)
Centrales nucléaires de puissance - Systèmes Kernkraftwerke - Leittechnische Systeme mit
d'instrumentation et de contrôle-commande importants pour sicherheitstechnischer Bedeutung - Auswahl und Einsatz
la sûreté - Sélection et utilisation des appareils sans fil drahtloser Geräte
(IEC 62988:2018) (IEC 62988:2018)
This draft European Standard is submitted to CENELEC members for enquiry.
Deadline for CENELEC: 2022-07-01.
The text of this draft consists of the text of IEC 62988:2018 (45A/1187/FDIS).
If this draft becomes a European Standard, CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which
stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
This draft European Standard was established by CENELEC in three official versions (English, French, German).
A version in any other language made by translation under the responsibility of a CENELEC member into its own language and notified to
the CEN-CENELEC Management Centre has the same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to
provide supporting documentation.
Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without notice and
shall not be referred to as a European Standard.
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2022 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Project: 75690 Ref. No. prEN IEC 62988:2022 E
---------------------- Page: 3 ----------------------
oSIST prEN IEC 62988:2022
prEN IEC 62988:2022 (E)
European foreword
This document (prEN IEC 62988:2022) consists of the text of document IEC 62988:2018, prepared by
IEC/TC 45 "Instrumentation, control and electrical power systems of nuclear facilities"
This document is currently submitted to the CENELEC Enquiry.
The following dates are proposed:
• latest date by which the existence of this document (doa) dor + 6 months
has to be announced at national level
• latest date by which this document has to be (dop) dor + 12 months
implemented at national level by publication of an
identical national standard or by endorsement
• latest date by which the national standards (dow) dor + 36 months
conflicting with this document have to be withdrawn (to be confirmed or
modified when voting)
As stated in the nuclear safety directive 2009/71/EURATOM, Chapter 1, Article 2, item 2, Member States
are not prevented from taking more stringent safety measures in the subject-matter covered by the
Directive, in compliance with Community law.
In a similar manner, this European standard does not prevent Member States from taking more stringent
nuclear safety and/or security measures in the subject-matter covered by this standard.
In the official version, for Bibliography, the following notes have to be added for the standards indicated:
IEC 61000-4-3 NOTE Harmonized as EN IEC 61000-4-3
IEC 61226 NOTE Harmonized as EN IEC 61226
IEC 62003 NOTE Harmonized as EN IEC 62003
IEC 62657-1:2017 NOTE Harmonized as EN 62657-1:2017 (not modified)
IEC 62657-2:2017 NOTE Harmonized as EN 62657-2:2017 (not modified)
2
---------------------- Page: 4 ----------------------
oSIST prEN IEC 62988:2022
prEN IEC 62988:2022 (E)
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1 When an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.
NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 60987 2007 Nuclear power plants - Instrumentation and EN 60987 2015
control important to safety - Hardware
design requirements for computer-based
systems
IEC 61513 2011 Nuclear power plants - Instrumentation and EN 61513 2013
control important to safety - General
requirements for systems
IEC 62138 - Nuclear power plants - Instrumentation and EN IEC 62138 -
control systems important to safety -
Software aspects for computer-based
systems performing category B or C
functions
IEC 62645 - Nuclear power plants - Instrumentation, EN IEC 62645 -
control and electrical power systems -
Cybersecurity requirements
IEC 62671 - Nuclear power plants - Instrumentation and - -
control important to safety - Selection and
use of industrial digital devices of limited
functionality
IEC/IEEE 60780- - Nuclear facilities - Electrical equipment EN 60780-323 -
323 important to safety - Qualification
3
---------------------- Page: 5 ----------------------
oSIST prEN IEC 62988:2022
---------------------- Page: 6 ----------------------
oSIST prEN IEC 62988:2022
IEC 62988
®
Edition 1.0 2018-05
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
Nuclear power plants – Instrumentation and control systems important to
safety – Selection and use of wireless devices
Centrales nucléaires de puissance – Systèmes d’instrumentation et de contrôle-
commande importants pour la sûreté – Sélection et utilisation des appareils
sans fil
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 27.120.20 ISBN 978-2-8322-5655-8
Warning! Make sure that you obtained this publication from an authorized distributor.
Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.
® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale
---------------------- Page: 7 ----------------------
oSIST prEN IEC 62988:2022
– 2 – IEC 62988:2018 © IEC 2018
CONTENTS
FOREWORD . 3
INTRODUCTION . 5
1 Scope . 7
2 Normative references . 7
3 Terms and definitions . 8
4 Symbols and abbreviations . 11
5 Fundamental requirements . 11
5.1 Safety classification . 11
5.2 Physical separation and isolation . 11
5.3 Cybersecurity . 12
6 Wireless application: system requirements . 12
6.1 General . 12
6.2 Network architecture . 12
6.3 Network performance . 12
6.4 Network surveillance and monitoring . 12
6.5 Power supply requirements . 13
6.6 Physical security . 13
6.7 Electromagnetic security . 13
7 Device selection: evidence of correctness and device integration . 13
7.1 General . 13
7.2 Quality assurance . 13
7.3 Functional and performance suitability . 14
7.4 Integration into the application . 14
7.5 Device self-monitoring . 14
7.6 Solution preferences . 14
8 Radio emissions . 14
8.1 Electromagnetic compatibility . 14
8.2 Radio coverage requirements . 15
8.3 Spectrum management . 15
8.3.1 General . 15
8.3.2 Flexibility . 15
8.3.3 Mobility . 16
9 Cybersecurity . 16
9.1 General requirements . 16
9.2 Wireless-specific requirements . 16
9.2.1 Data logging . 16
9.2.2 Site topology . 16
9.2.3 Connection to a wired network . 16
9.2.4 Network surveillance . 16
10 Qualification . 17
10.1 Hardware qualification . 17
10.2 Software qualification . 17
11 Documentation . 17
Bibliography . 18
---------------------- Page: 8 ----------------------
oSIST prEN IEC 62988:2022
IEC 62988:2018 © IEC 2018 – 3 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
NUCLEAR POWER PLANTS – INSTRUMENTATION AND CONTROL
SYSTEMS IMPORTANT TO SAFETY – SELECTION
AND USE OF WIRELESS DEVICES
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62988 has been prepared by subcommittee 45A: Instrumentation,
control and electrical power systems of nuclear facilities, of IEC technical committee 45:
Nuclear instrumentation.
The text of this International Standard is based on the following documents:
FDIS Report on voting
45A/1187/FDIS 45A/1198/RVD
Full information on the voting for the approval of this International Standard can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.
---------------------- Page: 9 ----------------------
oSIST prEN IEC 62988:2022
– 4 – IEC 62988:2018 © IEC 2018
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
---------------------- Page: 10 ----------------------
oSIST prEN IEC 62988:2022
IEC 62988:2018 © IEC 2018 – 5 –
INTRODUCTION
a) Technical background, main issues and organization of this document
This document sets out requirements applicable to wireless devices that are used to perform
functions important to safety in nuclear power plants (NPPs).
It is intended that this document be used by operators of NPPs (utilities), systems evaluators
and by licensors.
b) Situation of this document in the structure of the IEC SC 45A standard series
IEC 62988 is a third level IEC SC 45A document covering the selection and use of wireless
devices in instrumentation and control (I&C) systems important to safety used in NPPs.
For more details on the structure of the IEC SC 45A standard series, see item d) of this
introduction.
c) Recommendations and limitations regarding the application of this document
It is important to note that this document is applicable to all important to safety systems
containing wireless devices, including systems performing category A and B functions (and in
such systems, wireless devices are prohibited by this document). Therefore, only systems
performing category C functions are required to follow the requirements of this document.
To ensure that this document will continue to be relevant in future years, the emphasis has
been placed on issues of principle, rather than specific technologies.
d) Description of the structure of the IEC SC 45A standard series and relationships
with other IEC documents and other bodies' documents (IAEA, ISO)
The top-level documents of the IEC SC 45A standard series are IEC 61513 and IEC 63046.
IEC 61513 provides general requirements for I&C systems and equipment that are used to
perform functions important to safety in NPPs. IEC 63046 provides general requirements for
electrical power systems of NPPs; it covers power supply systems including the supply
systems of the I&C systems. IEC 61513 and IEC 63046 are to be considered in conjunction
and at the same level. IEC 61513 and IEC 63046 structure the IEC SC 45A standard series
and shape a complete, coherent et consistent framework establishing general requirements
for instrumentation, control and electrical systems for nuclear power plants.
IEC 61513 and IEC 63046 refer directly to other IEC SC 45A standards for general topics
related to categorization of functions and classification of systems, qualification, separation,
defence against common cause failure, control room design, electromagnetic compatibility,
cybersecurity, software and hardware aspects for programmable digital systems, coordination
of safety and security requirements and management of ageing. The standards referenced
directly at this second level should be considered together with IEC 61513 and IEC 63046 as
a consistent document set.
At a third level, IEC SC 45A standards not directly referenced by IEC 61513 or by IEC 63046
are standards related to specific equipment, technical methods, or specific activities. Usually
these documents, which make reference to second-level documents for general topics, can be
used on their own.
A fourth level extending the IEC SC 45 standard series, corresponds to the Technical Reports,
which are not normative.
---------------------- Page: 11 ----------------------
oSIST prEN IEC 62988:2022
– 6 – IEC 62988:2018 © IEC 2018
The IEC SC 45A standards series consistently implements and details the safety and security
principles and basic aspects provided in the relevant IAEA safety standards and in the
relevant documents of the IAEA nuclear security series (NSS). In particular, this includes the
IAEA requirements SSR-2/1, establishing safety requirements related to the design of nuclear
power plants (NPPs), the IAEA safety guide SSG-30 dealing with the safety classification of
structures, systems and components in NPPs, the IAEA safety guide SSG-39 dealing with the
design of instrumentation and control systems for NPPs, the IAEA safety guide SSG-34
dealing with the design of electrical power systems for NPPs and the implementing guide
NSS17 for computer security at nuclear facilities. The safety and security terminology and
definitions used by IEC SC 45A standards are consistent with those used by the IAEA.
IEC 61513 and IEC 63046 have adopted a presentation format similar to the basic safety
publication IEC 61508 with an overall life-cycle framework and a system life-cycle framework.
Regarding nuclear safety, IEC 61513 and IEC 63046 provide the interpretation of the general
requirements of IEC 61508-1, IEC 61508-2 and IEC 61508-4, for the nuclear application
sector. In this framework, IEC 60880, IEC 62138 and IEC 62566 correspond to IEC 61508-3
for the nuclear application sector. IEC 61513 and IEC 63046 refer to ISO as well as to
IAEA GS-R-3 and IAEA GS-G-3.1 and IAEA GS-G-3.5 for topics related to quality assurance
(QA). At level 2, regarding nuclear security, IEC 62645 is the entry document for the
IEC SC 45A security standards. It builds upon the valid high level principles and main
concepts of the generic security standards, in particular ISO/IEC 27001 and ISO/IEC 27002; it
adapts them and completes them to fit the nuclear context and coordinates with the
IEC 62443 series. At level 2, IEC 60964 is the entry document for the IEC SC 45A control
rooms standards and IEC 62342 is the entry document for the IEC SC 45A ageing
management standards.
NOTE 1 It is assumed that for the design of I&C systems in NPPs that implement conventional safety functions
(e.g. to address worker safety, asset protection, chemical hazards, process energy hazards) international or
national standards would be applied.
NOTE 2 IEC SC 45A domain was extended in 2013 to cover electrical systems. In 2014 and 2015 discussions
were held in IEC SC 45A to decide how and where general requirements for the design of electrical systems were
to be considered. IEC SC 45A experts recommended that an independent standard be developed at the same level
as IEC 61513 to establish general requirements for electrical systems. Project IEC 63046 is now launched to cover
this objective. When IEC 63046 is published this NOTE 2 of the introduction of IEC SC 45A standards will be
suppressed.
---------------------- Page: 12 ----------------------
oSIST prEN IEC 62988:2022
IEC 62988:2018 © IEC 2018 – 7 –
NUCLEAR POWER PLANTS – INSTRUMENTATION AND CONTROL
SYSTEMS IMPORTANT TO SAFETY – SELECTION
AND USE OF WIRELESS DEVICES
1 Scope
This document establishes requirements relevant to the selection and use of wireless devices
in instrumentation and control (I&C) systems important to safety used in nuclear power plants
(NPPs). Those I&C systems may fully consist of wireless devices.
NOTE The word “use” refers to the integration of the device, its qualification, administrative control, and every
other activity that may be necessary to use the device in an important to safety application.
This document applies to the I&C of new NPPs and to backfit of I&C in existing NPPs. Every
wireless device or wireless system that is important to safety is in the scope of this document.
Both fixed and mobile devices and all data types (voice, process data, etc.) are included
within the scope if they provide a safety classified function.
This document restricts the use of wireless devices to systems supporting category C
functions according to IEC 61226, excluding explicitly their use for categories A and B.
Non-safety devices and systems may use this document as guidelines, for example to ensure
that important to safety devices are not disturbed.
– Clause 5 describes the fundamental requirements regarding safety and cybersecurity.
– Clause 6 gives wireless-specific requirements that have to be included in the system
design.
– Clause 7 describes the requirements for the selection and integration of wireless devices.
– Clause 8 deals with electromagnetic compatibility and spectrum management.
– Clause 9 gives wireless-specific requirements regarding cybersecurity.
– Clause 10 describes the requirements for the qualification of wireless devices and their
environment.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their
content constitutes requirements of this document. For dated references, only the edition
cited applies. For undated references, the latest edition of the referenced document (including
any amendments) applies.
IEC/IEEE 60780-323, Nuclear facilities – Electrical equipment important to safety –
Qualification
IEC 60987:2007, Nuclear power plants – Instrumentation and control important to safety –
Hardware design requirements for computer-based systems
IEC 61513:2011, Nuclear power plants – Instrumentation and control important to safety –
General requirements for systems
IEC 62138, Nuclear power plants – Instrumentation and control important for safety –
Software aspects for computer-based systems performing category B or C functions
---------------------- Page: 13 ----------------------
oSIST prEN IEC 62988:2022
– 8 – IEC 62988:2018 © IEC 2018
IEC 62645, Nuclear power plants – Instrumentation and control systems – Requirements for
security programmes for computer-based systems
IEC 62671, Nuclear power plants – Instrumentation and control important to safety – Selection
and use of industrial digital devices of limited functionality
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following
addresses:
• IEC Electropedia: available at http://www.electropedia.org/
• ISO Online browsing platform: available at http://www.iso.org/obp
3.1
authentication
provision of assurance that a claimed characteristic of an entity is correct
[SOURCE: ISO/IEC 27000:2018, 3.5]
3.2
category of an I&C function
one of three possible safety assignments (A, B, C) of I&C functions resulting from
considerations of the safety relevance of the function to be performed. An unclassified
assignment may be made if the function has no importance to safety.
Note 1 to entry: See also "class of an I&C system".
Note 2 to entry: IEC 61226 defines categories of I&C functions. To each category there corresponds a set of
requirements applicable on both the I&C function (concerning its specification, design, implementation, verification
and validation) and the whole chain of items which are necessary to implement the function (concerning the
properties and the related qualification) regardless of how these items are distributed in a number of
interconnected I&C systems. For more clarity, this document defines categories of I&C functions and classes of
I&C systems and establishes a relationship between the category of the function and the minimal required class for
the associated systems and equipment.
[SOURCE: IEC 61513:2011, 3.4]
3.3
class of an I&C system
one of three possible assignments (1, 2 or 3) of I&C systems important to safety resulting
from consideration of their requirement to implement I&C functions of different safety
importance. An unclassified assignment is made if the I&C system does not implement
functions important to safety.
Note 1 to entry: See also "category of an I&C function", "safety system".
[SOURCE: IEC 61513:2011, 3.6]
3.4
spectrum management
coexistence management
process to establish and to maintain coexistence that includes technical and organizational
measures
[SOURCE: IEC
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.