Classification society ClassNK has outlined its basic approach to ensuring onboard cyber security for ships in the ClassNK Cyber Security Approach, released alongside its Guidelines for Designing Cyber Security Onboard Ships for newbuilding design.
The ClassNK Cyber Security Approach has been compiled as a basic way of thinking to helping stakeholders take appropriate measures for onboard cyber security and is based on trends in international institutions and maritime bodies.
In the ClassNK Cyber Security Approach, ensuring navigational safety is regarded as the most important goal of onboard cyber security. To achieve this, it is a high priority to ensure availability of systems in terms of operation technology (OT) as well as information technology (IT) systems, that support the operation of ships.
To mitigate cyber risks in both IT and OT, the Society will propose measures based on a balanced combination of physical, technical, and organizational approaches/.
Specifically, ClassNK will classify cyber security controls into different layers, and clarify what each stakeholder should do for each layer by adopting requirements from the existing standards on cyber security that are considered applicable to ships. In light of the increased use of IT for the operation of ships and international trends in cyber security, the Society will analyze the latest information with experts and propose current best practices in cyber security controls for ships.
Based on these concepts, ClassNK will continually publish guidelines and standards that specify the parties responsible for implementing cyber security controls and the related details as part of the “ClassNK Cyber Security Series”.
ClassNK’s Guidelines for Designing Cyber Security Onboard Ships for newbuilding designs target shipyards and newbuilding owners and are being released as the first part of the ClassNK Cyber Security Series. The guidelines include security measures from the NIST SP800-53 compiled for the U.S. Government that can apply to ships, and the latest IACS recommendations.
The guidelines which include the ClassNK Cyber Security Approach are available to download free of charge via ClassNK’s website www.classnk.com for those who have registered for the ClassNK “My Page” service.
ClassNK will also be releasing the Cyber Security Management System for Ships that targets ship management, and Software Security Guidelines that target ship software in the near future.