BS EN 60987:2015 - Nuclear power plants. Instrumentation and control important to safety. Hardware design requirements for computer-based systems

BS EN 60987:2015

Nuclear power plants. Instrumentation and control important to safety. Hardware design requirements for computer-based systems

Status : Current, Work in hand   Published : April 2015



1.1 General

This International Standard is applicable to NPP computer-system hardware for systems of Class 1 and 2 (as defined by IEC 61513).

The structure of this standard has not changed significantly from the original 1989 issue; however, some issues are now covered by standards which have been issued in the interim (for example, IEC 61513 for system architecture design) and references to new standards have been provided where applicable. The text of the standard has also been modified to reflect developments in computer system hardware design, the use of pre-developed (for example, COTS) hardware and changes in terminology.

Computer hardware facilities used for software loading and checking are not considered to form an intrinsic part of a system important to safety and, as such, are outside the scope of this standard.


Class 3 computer-system hardware is not addressed by this standard, and it is recommended that such systems should be developed to commercial grade standards.


In 2006 the development of a new standard to address hardware requirements for “very complex” hardware was discussed within IEC SC 45A. If such a standard is developed then that standard would be used for the development of “very complex” hardware in preference to IEC 60987.

1.2 Use of this standard for pre‑developed (for example, COTS) hardware assessment

Although the primary aim of this standard is to address aspects of new hardware development, the processes defined within this standard may also be used to guide the assessment and use of pre-developed hardware, such as COTS hardware. Guidance has been provided in the text concerning the interpretation of the requirements of this standard when used for the assessment of such components. In particular, the quality assurance requirements of 4.3, concerning configuration control, apply.

Pre-developed components may contain firmware (as defined in 3.8), and, where firmware software is deeply imbedded, and effectively “transparent” to the user, then IEC 60987 should be used to guide the assessment process for such components. An example of where this approach is considered appropriate is in the assessment of modern processors which contain a microcode. Such a code is generally an integral part of the “hardware”, and it is therefore appropriate for the processor (including the microcode) to be assessed as an integrated hardware component using this standard.

Software which is not firmware, as described above, should be developed or assessed according to the requirements of the relevant software standard (for example, IEC 60880 for Class 1 systems and IEC 62138 for Class 2 systems).

1.3 Applicability of this standard to programmable logic devices development

I&C components may include programmable logic devices that are given their specific application logic design by the designer of the I&C component, as opposed to the chip manufacturer. Examples of such devices include complex programmable logic devices (CPLD) and field programmable gate arrays (FPGA).

While the programmable nature of these devices gives the development processes used for these devices, some of the characteristics of a software development process and the design processes used for such devices, are very similar to those used to design logic circuits implemented with discrete gates and integrated circuit packages. Therefore, the design processes and design verification applied to programmable logic devices should comply with the relevant requirements of this standard (i.e. taking into account the particular features of the design processes of such devices). To the extent that software-based tools are used to support the design processes for programmable logic devices, those software tools should generally follow the guidance provided for software-based development tools in the appropriate software standard, i.e. IEC 60880 (Class 1 systems) or IEC 62138 (Class 2 systems).

Standard NumberBS EN 60987:2015
TitleNuclear power plants. Instrumentation and control important to safety. Hardware design requirements for computer-based systems
StatusCurrent, Work in hand
Publication Date30 April 2015
Confirm Date01 August 2016
Normative References(Required to achieve compliance to this standard)EN ISO 9001, EN 22768-2, IEC 62671, IEC 62138, IAEA 50-C/SG-Q:1996, IEC 61513:2001, IEC 61000, EN 61000, EN 62138, IAEA NS-G-1.3, ISO 3951-2, IEC 60880, IEC 60780, IEC 61025, ISO 2768-2, EN 60880, ISO 3951-1, EN 22768-1, EN 60812, EN 61025, ISO 9001, ISO 2768-1, IEC 60812
Informative References(Provided for Information)IAEA Safety Glossary:2006, IAEA NS-R-1:2000, IEC 61226, ISO 12207, EN 61226
ReplacesBS EN 60987:2009
International RelationshipsEN 60987:2015
Draft Superseded By11/30245953 DC
DescriptorsSafety measures, Computer hardware, Computer applications, Nuclear safety, Nuclear technology, Instruments, Electric power stations, Computerized control, Control systems, Nuclear-electric power stations, Control equipment
Title in FrenchCentrales nucléaires de puissance. Instrumentation et contrôle-commande importants pour la sûreté. Exigences applicables à la conception du matériel des systèmes informatisés
Title in GermanKernkraftwerke. Leittechnische Systeme mit sicherheitstechnischer Bedeutung. Anforderungen an die Hardware-Auslegung rechnerbasierter Systeme
ISBN978 0 580 86300 4
File Size995 KB

 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


The faster, easier way to work with standards

Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version

Worldwide Standards
We can source any standard from anywhere in the world