IACS recently issued a report supplementing the UR E22 with regards to digital data assurance of Category I, II and III computer based system on board, ship to ship and ships to shore systems. Data Assurance may be intended as the activity, or set of activities, aimed at enforcing the security of data generated, processed, transferred and stored in the operation of computer based systems on board ships.
Read in this series
- How to conduct proper software maintenance
- Efficient control of software dependent systems
- Contingency plan for onboard computer based systems
- Guidelines on ship board network architecture
- Data assurance of computer-based system onboard
- Protecting network systems onboard from cyber risks
- How to ensure proper operation of integration systems
- Developing an inventory list of computer-based systems
- Recommendations for remote access to onboard IT systems
Security of data includes confidentiality, integrity and availability; the scope of application of Data Assurance covers data whose lifecycle is entirely within on board computer based system, as well as data exchanged with shore systems connected to the on board networks. Data should be categorized by the supplier or system integrator according to the possible consequences of a breach of data assurance.
Security Objectives are defined as:
- Confidentiality: A loss of confidentiality is the unauthorized disclosure of information
- Integrity: A loss of integrity is the unauthorized modification or destruction of information.
- Availability: A loss of availability is the disruption of access to, or use of an information system.
The potential impact of loss of data assurance should be categorized as:
- Low: The loss of confidentiality, integrity, or availability could be expected to have a limited adverse effect on human safety, safety of the vessel and/or threat to the environment.
- Moderate: The loss of confidentiality, integrity, or availability could be expected to have a serious adverse effect on human safety, safety of the vessel and/or threat to the environment.
- High: The loss of confidentiality, integrity, or availability could be expected to have a severe or catastrophic adverse effect on human safety, safety of the vessel and/or threat to the environment.
- Data types having safety implications have been identified by The Data Safety Initiative Working Group (DSIWG) of the Safety Critical Systems Club
- A-non-exhaustive table of data types can be found in Appendix 1 of this document. 4.5.3 Data properties are used to establish what aspects of the data (e.g., timeliness, accuracy) need to be guaranteed in order that the system operates in a safe manner.
- A non-exhaustive table of data properties as identified by DSIWG can be found in Appendix 2 of this document.
- Any missing property definition of data is potentially a hazard to a system. Not all property values might be necessary for the data however an analysis should be carried out with regard to why it is not necessary.
Secured and encrypted data
- An analysis should be carried by the system integrator out to assess the value of data security and its potential impact on system performance.
- The system should be provided with suitable access control measures and other technological and/or procedural measures over computer based systems or means of communication directly interacting with the system.
- As part of Cyber Risk Management, the Owner should also provide appropriate training on risks related to data security to the personnel authorized to interact with cyber systems covered by this recommendation.
- In general where the system has the capability for direct user interaction appropriate authorization and authentication along with diagnostics and logging should be in place.
- The data securing methodology should be fit for purpose using technology currently available for the industry practice.
Data in physical storage
- Devices used to store data for category I, II or III systems should be appropriate for intended use and suitable for the marine environment, UR E10 refers.
- Data used for category II or III, when stored on hard disk drives, should be stored on multiple hard disk drives to protect data in the case of a drive failure, e.g. RAID storage or equivalent. Spare compatible drives should be available onboard.
- Physical devices brought on-board the vessel for the purpose of the updating or upgrading Category I, II or III systems should be free from corruption. There should be a process in place to verify the data integrity before introduction to the ship’s systems.
- Evidence should be provided to the Classification Society of the above mentioned measures upon request.
Explore more herebelow: