Files
Abstract
Maritime Industry keeping in line with the recent technology is moving from stand alone computer based systems to integrated computer systems. Be it a Dynamic position system, integrated platform management system or integrated bridge system, critical process are getting automated and integrated.
Originally confined to large vessels the trend to integrate multiple systems is seen as requirement in various types of vessels. At the same time, the demand for ship to shore connectivity is increasing for better monitoring of ship systems, advice on route planning and maintenance. IN the recent past globally number of projects have been initiated to demonstrate vessels with advance autonomy. . Digitalisation, remote connectivity and use of smart systems are resulting in increased cyber vulnerabilities, leading to more and more systems being affected by cyber attacks . The critical question now is, how to protect a cyber asset, not “does it need protection ?”.
Use of advanced automation systems is not without problems. In the recent past with growing risk of cyber incidents, the maritime industry has been exposed to new risks which traditionally have been attributed to IT industry. Whether it’s ransomware or Denial of service (DOS) attack or attack from unsecured ports or through software , assessing and mitigating cyber attacks need specific focus
In the process of cyber risk management, Risk assessment is a crucial activity to be carried out before implementing controls. It is important to note that the approach to address risks for an information technology system and operation technology system, is different. It is extremely important that Vessel and facility operators should view cyber risks along with the physical, human factor, and other types of risks. It is essential to protect critical systems and data with multiple layers of protection measures which should include role of personnel, procedures and technology.
In fact, many companies have taken the initiative quite some time back for the upcoming requirements . It is not new for maritime sector to prepare itself for new regulations , however the present regulation is in a comparatively less familiar area, Cyber risk. Though industry has been using the cyber technology for its various operational systems , typically termed as OT systems for more than couple of decades, the focus was more on their usage, than on issues of cyber security, the later term being generally associated with information systems. (IT systems).
There are different challenges faced by implementer while dealing with vessels of various ages.
particularly while trying to implement cyber risk mitigation controls in existing vessels with legacy systems, which have minimum security features
The paper intends to bring out existing challenges in ship control systems with specific reference to cyber security and initiatives taken by IRS to address them for new builds and ships in service.