IACS is pleased to announce the publication of its Recommendation on Cyber Resilience (No. 166). This single, standalone Recommendation consolidates IACS’ previous 12 Recommendations related to cyber resilience (Nos. 153 to 164) and applies to the use of computer-based systems which provide control, alarm, monitoring, safety or internal communication functions which are subject to the requirements of a Classification society. Part of the objective in consolidating the 12 Recommendations was to define responsibilities and harmonise and simplify the language used therein. This Recommendation has benefited from the valuable input of a wide range of industry partners contributing via the Joint Industry Working Group on Cyber Systems and covers the constructional aspects of the 12 previously published Recommendations. It provides information on matters such as reference guidelines and standards, terms and definitions, goals for design and construction, functional requirements, technical requirements and verification testing.
IACS Chairman, Arun Sharma, said ‘The publication of this important Recommendation marks a significant milestone in IACS’ work to support the maritime industry in the delivery of cyber resilient ships. I am pleased to note the significant cross-industry cooperation that led to its development and we look forward to maintaining that dialogue as we assess its practical implementation and effectiveness’.
This new recommendation is applicable to a vessel’s network systems using digital communication to interconnect systems within the ship and ship systems which can be accessed by equipment or networks off the ship. Robert Ashdown, IACS Secretary General, added ‘The network design forms the basis for a reliable and robust network. Issues such as compatibility of various devices, communication between devices, communication from various systems and sub systems, need due consideration during design phase. This Recommendation is an important step in addressing cyber resilience from the earliest stages of a vessel’s life.’
Operational aspects that were included in the superseded 12 Recommendations have been identified and grouped under a separate annexure. Following the publication of this consolidated Recommendation the earlier 12 Recommendations have been officially deleted by IACS.
IACS will continue to work with its industry partners and look for their feedback regarding its practical implementation and effectiveness. Based on the experience gained from the practical implementation of this Recommendation IACS will assess the suitability of using it as the basis for a Unified Requirement on Cyber Resilience.
Link for downloading Rec 166 (New Apr 2020): Recommendation on Cyber Resilience