The International Association of Classification Societies (IACS) has published nine new recommendations on cyber security, with a further 3 to be released by the end of the year.
Recognising the huge increase in the use of onboard cyber-systems since that time, IACS has developed this series of Recommendations with a view to reflecting the resilience requirements of a ship with many more interdependencies. As a result, the IACS Recommendations address the need for:
- A more complete understanding of the interplay between ship’s systems
- Protection from events beyond software errors
- In the event that protection fails, the need for an appropriate response and ultimately recovery
- In order that the appropriate response could be put in place, a means of detection is required.
The 12 recommendations are:
Rec 153 Recommended procedures for software maintenance of shipboard equipment and systems (Published)
Rec 154 Recommendation concerning manual / local control capabilities for software dependent machinery systems (Published)
Rec 155 Contingency plan for onboard computer based systems (Published)
Rec 156 Network Architecture (Published)
Rec 157 Data Assurance (Published)
Rec 158 Physical Security of onboard computer based systems (Target date Q4 2018)
Rec 159 Network Security of onboard computer based systems (Published)
Rec 160 Vessel System Design (Target date Q4 2018)
Rec 161 Inventory List of computer based systems (Published)
Rec 162 Integration (Published)
Rec 163 Remote Update / Access (Published)
Rec 164 Communication and Interfaces (Target date Q4 2018)
Links to those of the recommendations that are already published can be found at:
IACS has launched these Recommendations in the expectation that they will rapidly evolve as a result of the experience gained from their practical implementation, and they should be seen as only the start in the ongoing struggle to maintain the cyber integrity of vessels.