UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

- Trained on our vast library of engineering resources.

ABS - 251

GUIDE FOR CYBERSECURITY IMPLEMENTATION FOR THE MARINE AND OFFSHORE INDUSTRIES VOLUME 2

active, Most Current
Organization: ABS
Publication Date: 1 February 2021
Status: active
Page Count: 54
scope:

The requirements in this Guide are applicable to standalone, federated, and integrated computer-based information technology and operational technology systems installed on a vessel.

Classification Scope

Compliance with the requirements in this Guide may result in issuance of a CS-System, CS‑Ready, CS-1, or CS-2 notation to an ABS-classed vessel with cyber-enabled functions. The scope of each notation is limited to Primary Essential Services and ancillary OT or IT systems or functions digitally connected to Primary Essential Services systems.

Primary Essential Services are those services considered necessary for continuous operation to maintain propulsion and steering as well as services that are essential for safety in an emergency. See 4‑8‑1/7.3.3 of the Marine Vessel Rules or other applicable Rule set (see Note 1 below). For examples of Primary Essential Services, refer to 4‑8‑1/Table 1 of the Marine Vessel Rules, 4‑1‑1/ Table 3 of the MOU Rules, and Section 1/Table 1 of this Guide. The assessment is also to include ancillary integrated OT control and related IT systems that potentially impact automated systems integrity and security. Composite or integrated functions such as propulsion management systems will be reviewed as priority combinations of Primary Essential Services.

Non-safety-related connected control systems or information systems, and non-safety-related ancillary connected equipment are not included in the notation unless detailed in the verification plan. However, if a review of the vessel's Primary Essential Services and connected system architecture determines that the verification plan omits cyber-enabled equipment deemed important by the Company, that equipment may be added to the verification plan and included in the business agreement in place for the notation assessment.

Notes:

1 The Marine Vessel Rules (4-9-3/1) define relevant automated systems as, "Computer-based systems used for control, monitoring, safety, or internal communication systems". For vessels classed with the notation ACCU or those built after 2012, computerized control interface systems and controllers are automatically categorized Primary Essential Services. For all other vessels, inclusion of such systems and controllers in the scope of the notation depends on their relevance to safety and security or potential effects on Primary Essential Services.

2 This Guide applies to manned and self-propelled, existing and new marine vessels and offshore units (including liftboats), referred to as "vessels" in this Guide, for which the optional CS‑System, CS-Ready, CS-1, and CS-2 notations have been requested.

Document History

251
February 1, 2021
GUIDE FOR CYBERSECURITY IMPLEMENTATION FOR THE MARINE AND OFFSHORE INDUSTRIES VOLUME 2
The requirements in this Guide are applicable to standalone, federated, and integrated computer-based information technology and operational technology systems installed on a vessel. Classification...
251
January 1, 2021
GUIDE FOR CYBERSECURITY IMPLEMENTATION FOR THE MARINE AND OFFSHORE INDUSTRIES ABS CYBERSAFETY VOLUME 2
The requirements in this Guide are applicable to standalone, federated, and integrated computer-based information technology and operational technology systems installed on a vessel. Classification...
251
September 1, 2016
GUIDE FOR CYBERSECURITY IMPLEMENTATION FOR THE MARINE AND OFFSHORE INDUSTRIES ABS CyberSafety VOLUME 2
General This Guide for ABS CyberSafety™ has been developed so as to reduce cybersecurity-related conditions or incidents that may negatively affect systems, ships, offshore assets, safety, or the...

References

Advertisement