The new class notations – Cyber secure – help owners and operators protect vital systems from cyber security threats, the class society said in a press release. They will be published on the DNV GL rules page on July 1, 2018.
Other classification societies such as Lloyd’s Register, American Bureau of Shipping and Bureau Veritas have all already released similar notations for cyber safety.
“Whether in machinery, navigation or communication systems, programmable control systems are a longstanding and essential part of ships and offshore units, but the increasing integration and connectivity of these systems represents an ever-larger target for cyber-security threats,” said Knut Ørbeck-Nilssen, ceo of DNV GL – Maritime. “As all programmable components are theoretically vulnerable to cyber security threats we have set out, with the new Cyber secure class notations, to offer owners and operators a framework to improve and demonstrate their cyber resilience.”
The Cyber secure class notations have three different qualifiers: Basic, Advanced and +. Basic is primarily intended for ships in operation, while Advanced has been designed to be applied throughout the newbuilding process, with requirements for asset owners and operators, system integrators such as shipyards for example, and equipment manufacturers. The Basic and Advanced qualifiers cover a number of essential systems, including propulsion, steering, navigation, and power generation.
The third qualifier, +, is intended for systems that are not part of the default scope of Basic/Advanced. This gives owners and operators the flexibility to identify the threats, assess, and secure extra systems which are of particular importance to their operations.
The Cyber secure class notations build on DNV GL’s Recommended Practice (DNVGL-RP-0496) on cyber security and extends to the cyber security assessment of control system components type approval program DNVGL-CP-0231, with which makers can now demonstrate the security of their systems through an independent verification process.
DNV GL has also developed a wide range of services in close collaboration with several major ship owners aimed at enhancing the cyber security of their assets. Through its Maritime Academy, DNV GL offers both classroom training and e-learning modules aimed at developing customised working cyber risk management methodologies and increasing the awareness for cyber security related issues among crews and shore staff.