The security of the digital Instrumentation and Control (I&C) system of the Nuclear Power Plant depends as on external security as on internal security. The security of the operational environment on any life cycle stage forms the external security. The external security includes a set of security controls for the development and engineering stages; else it includes the organizational and physical protection of the I&C system on site. The internal security commonly depends on the I&C system security policy and how correct it will be reflected in the security architecture of the I&C system. The security modeling might be successfully applied to harden as external as internal security. The paper is targeting the following security activities as: the partitioning the system architecture into several interconnected subsystems and components; evaluation of the communication pathways; establishing subsystem boundaries. The paper outlines the mathematical foundations to formalize the above-mentioned activities.