IACS issued a recommendation report citing broad guidelines on ship board network architecture. The recommendation broadly covers various aspects from design to installation phases which should be addressed by the Supplier, system integrator and yard.
- How to conduct proper software maintenance
- Efficient control of software dependent systems
- Contingency plan for onboard computer based systems
- Guidelines on ship board network architecture
- Data assurance of computer-based system onboard
- Protecting network systems onboard from cyber risks
- How to ensure proper operation of integration systems
- Developing an inventory list of computer-based systems
- Recommendations for remote access to onboard IT systems
The recommendation does not apply to standalone navigation systems. However, where navigation systems and /or Category I systems , IT systems are integrated with category II and III systems, then such systems should be included in the scope of the present recommendation. For devices, which are connected to computer based systems through analog transmission, the monitoring, installation and safety requirements should be as per existing Classification rules as applicable to the particular system.
-Design Philosophy Document
The basic design philosophy of the system (All OT systems and IT systems as defined in Scope of this recommendation should be documented during conceptual phase in Design Philosophy Document (DPD). The DPD can be referred for any subsequent changes to confirm that the intent of the original design philosophy is maintained or not compromised, due to new changes. (The changes may also arise due to modifications carried to address field problems or technology changes).
Following information should be documented in DPD:
- Purpose of the integrated system with brief description of functional recommendations;
- Block diagram of the system clearly identifying various systems which can be controlled;
- Type of Information exchange with external network to Control, monitoring, administrative functions;
- Details of various hardware devices and software applications used in network;
- Dependent systems which could be effected by changes in design philosophy. f) Failure Mode Effect Analysis (FMEA) and vulnerability assessment for networks dedicated to essential services (as defined in UI SC134) in order to identify the need of redundancy and testing.
-Network Communication Document
Network communication document should be used for specifying means of communication between various sub systems and various components of sub system. The criterion for communication network design should be based on following:
Following information should be documented in Network Communication Documents:
- Physical areas covered by the system (engine room, bridge, accommodation etc.);
- Systems integrated (propulsion, steering, power, safety, navigation etc.);
- Whether the integrated system is confined to single LAN or interconnected with more than one LAN or Connected to WAN;
- Type of communication network topology: ex Series, Series star, Mesh etc.;
- Network LAN technologies ex Ethernet, Fast Ethernet;
- Connection media – twisted pair, coaxial, fibre optic etc.;
- Details of Network communication software;
- Communication from field controllers to field devices MODBUS, Fieldbus etc.;
- Location of each network device;
- Software configuration version control;
All Network cables for category I, II, III systems (as defined by IACS UR E 22) should be flame retardant and should be designed, manufactured and tested as per relevant National or International Standards. Cables should be fire resistant type where required by Classification Society.
The network devices for Category II and III systems should be suitable for marine application and should be tested to requirements specified in IACS UR E10.
Wireless equipment should be designed and tested as per requirements specified in UR E10.
The data sizing calculations considering following factors should be carried out to identify suitable network data throughput
- Data Speed requirement for particular application;
- Data format.
The data sizing calculations should be submitted for review on request. The data categorisation, data classification, data format and data content should be as per acceptable international standards such as IEC 61162 or other equivalent standards
Network testing to verify the intended operation of network should be carried out after complete installation of network cables and devices.
-Scope of testing
The scope of testing of the network system should be as follows:
- All cabling and network devices making up the network system;
- All functionality relating to network communication by nodes connected to the network system;
- If the network system is connected to other networks, test the communication functionality with the connected network(s), and blocking of communication (packets) that should be blocked;
- Network monitoring (administration) devices and functionality;
- Network loading;
- Network storm test.
-Network device connection testing
The objective of the test is intended to verify operation and function of network device connections. The network-monitoring devices and monitoring functions should operate normally in the network system, as follows:
- Function to display physical architecture diagram;
- Alarm function;
- Logging function;
- Traffic display function;
- Setting configuration function;
- Fault recovery support function.
Explore more herebelow: