IACS: Cyber Safety Recommendations Published

Books, IACS, News, Safety and Security — By on September 28, 2018 at 5:47 PM

Jeong-kie Lee,

IACS recommendations result from extensive collaboration across industry and provide much needed guidance on how to develop and maintain the cyber integrity of vessels.

IACS has today published 9 (nine) of its 12 (twelve) recommendations[i] on cyber safety with the aim of enabling the delivery of cyber resilient ships whose resilience can be maintained throughout their working lives.  These eagerly anticipated recommendations are the result of a long-term initiative from IACS that has benefited considerably from cross industry input and support.

IACS initially addressed the subject of software quality with the publication of UR E22 in 2006.  Recognising the huge increase in the use of onboard cyber-systems since that time, IACS has developed this series of Recommendations with a view to reflecting the resilience requirements of a ship with many more interdependencies.  As a result, the IACS Recommendations address the need for:

  • A more complete understanding of the interplay between ship’s systems
  • Protection from events beyond software errors
  • In the event that protection failed, the need for an appropriate response and ultimately recovery.
  • In order that the appropriate response could be put in place, a means of detection is required.

IACS also recognised at an early stage that, in order for ships to be resilient against cyber incidents, all parts of the industry needed to be actively involved, and so convened a Joint Working Group (JWG) on Cyber Systems.  A significant part of the JWG work has been in identifying best practice and appropriate existing standards in risk and cyber security and identifying a practical risk approach.  Consequently, the 12 IACS Recommendations, collectively, not only provide guidance on the most pressing areas of concern but work as building blocks for the broader objective of system resilience.

The IACS Chairman, Mr Jeong-kie Lee of the Korean Register, stated “These 12 Recommendations represent a significant mile-stone in addressing safety concerns related to cyber issues.  IACS focus on Cyber Safety reflects our recognition that cyber systems are now as integral a part of a ship’s safety envelope as its structure and machinery and IACS is committed to providing industry with the necessary tools as part of our wider mission to deliver safer, cleaner, shipping.”

Importantly, and noting the challenge of bringing traditional technical assurance processes to bear against new and unfamiliar technologies, IACS has launched these Recommendations in the expectation that they will rapidly evolve as a result of the experience gained from their practical implementation.  Furthermore, IACS recognises that these Recommendations are only an ‘interim’ product and that they will be subject to amalgamation into a larger document with more consistent language, overlaps removed and common material consolidated.

Commenting on this approach, IACS Secretary General, Robert Ashdown, explained “The decision to publish these Recommendations as twelve stand-alone documents was made explicitly to give industry stakeholders access to the developing material.  IACS continues to make significant efforts to work ever more closely with industry and believes this approach provides the right balance between delivering the detailed guidance that is urgently required while remaining receptive to input from the industry stakeholders via the JWG/CS on how they would like to see IACS proceed.”

IACS recognises that the delivery of these important series of Recommendations is only the start in the ongoing struggle to maintain the cyber integrity of vessels.  IACS remains confident, however, that the flexible and structured approach being adopted positions it well to further evolve and enhance these offerings, quickly and responsively, and in a manner which is practical and supportive of the needs of the largest number of industry stakeholders.

[i] The 12 Recommendations are:

 

Rec No

Title

Status

Rec 153

Recommended procedures for software maintenance of shipboard equipment and systems

Published

Rec 154

Recommendation concerning manual / local control capabilities for software dependent machinery systems

Published

Rec 155

Contingency plan for onboard computer based systems

Published

Rec 156

Network Architecture

Published

Rec 157

Data Assurance

Published

Rec 158

Physical Security of onboard computer based systems

Target date Q4 2018

Rec 159

Network Security of onboard computer based systems

Published

Rec 160

Vessel System Design

Target date Q4 2018

Rec 161

Inventory List of computer based systems

Published

Rec 162

Integration

Published

Rec 163

Remote Update / Access

Published

Rec 164

Communication and Interfaces

Target date Q4 2018

Tags:

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)

What is 2 + 7 ?
Please leave these two fields as-is:

Trackbacks

Leave a Trackback