maritime cyber security resilience · cyber security in the class scope for ships and offshore...

DNV GL © SAFER, SMARTER, GREENERDNV GL ©

Maritime Cyber Security Resilience

1

Safe & Secure Ship Design and Operation in a Complex Cyber World

XV INTERNATIONAL MARITIME CONFERENCE 2019

Maritime Cyber Security

DNV GL ©

Source: e-estonia

DNV GL ©

Cyber Security – Why it is important!Incidents and risks, regulation and digital complexity

3


DNV GL ©

Pirates 1.0 → 4.0

4


DNV GL ©

Safety in maritime and offshore today heavily depends on cyber systems

PLCs, SCADA, On-board measurement

and control such as:

▪ Propulsion, Thrusters & Steering

▪ Watertight integrity & Fire Detection

▪ Ballasting

▪ Power generation & Auxiliary systems

▪ Navigation & Communication (ECDIS, …)

▪ Industrial systems (DP, Drilling, … )

▪ IT networks

▪ E-mail

▪ Administration, accounts, crew lists, …

▪ Planned Maintenance

▪ Spares management and requisitioning

▪ Electronic manuals & certificates

▪ Permits to work

▪ Charter party, notice of readiness, bill of lading…

▪ Entertainment, …

on-shore org.

Information Technology (IT)

Operation Technology (OT)

At risk:

Mainly

finance

and

reputation

At risk:

Life,

property

and

environment

+

all of the above

5 5


DNV GL © 20 June 2018

Reported incidents around the world are increasing, however most go unreported or undetected due to lack of transparency

6

GPS jamming

and spoofing

VSAT hacking using

common login

Loss of fuel control and

ballast water valves due to ECDIS update

PMS system shore and

vessel attack

Pirate attack supported by cyber attack

Loss of main switchboard

due to ransomware

AIS spoofing

Hacking of cargo

tracking system for smuggling purposes

Hackers took “full control” of navigation systems for

10 h

ECIDS ransomware

and chart spoofing

Malware allows full access to

vessel systems

NotPetyacause

Maersk uptoUSD 300m

loss

Operational technology (OT)

Source: AV-TEST Institute, Germany & IBM Managed Security Services

Information technology (IT)

Fall 2019Maritime Cyber Security

DNV GL ©

Cyber security regulations are evolving on international, regional and commercial level - and now impact your business and compliance decisions

▪ IMO Resolution MSC.428(98) “AFFIRMS that … safety management

system should take into account cyber risk management in

accordance with the ... ISM Code.” – from January 2021

▪ National and regional Cyber security and Data privacy laws and

regulation such as the US CG Cyber Security Profiles and CG-5P Policy

Letter 08-16, EU GDPR, EU critical infrastructure - Directive

(EU)2016/1148, UK Code of Practice, …

▪ The cyber security exclusion clause in insurance (Clause 380)

exclude coverage of cyber security incidents

▪ Tanker Management and Self Assessment (TMSA) No. 3 with Cyber

requirements from OCIMF

▪ RightShip Inspection & Assessment Report For Dry Cargo Ships

7

…

Com

merc

ial

IMO

Regio

nal


http://www.imo.org/Pages/home.aspx

DNV GL ©

IMO has published a recommended cyber security Resolution MSC.428(98)

▪ AFFIRMS that … safety management system should take

into account cyber risk management in accordance with the

... ISM Code.

▪ Where to start: MSC-FAL.1/Circ.3

– IT and OT systems

– Identify – Protect – Detect – Respond – Recover

– referring to international best practices

▪ However, not addressing:

– how to assess the risk,

– prescriptive or goal-based safety requirements,

– requirements for incidents management

8

Impact:

Cyber risks should be addressed in safety management systems no later than the

first annual verification of DoC after 1 January 2021. This is a non-mandatory

requirement.

Outcome:

MSC 98 adopted the recommendatory

MSC-FAL.1/Circ.3 superseding the

interim guidelines


http://www.imo.org/Pages/home.aspx

DNV GL ©

Maritime & Offshore trends – More complexity and (inter)connectivity

9

Software & Automation

Interconnectivity

Crew size


DNV GL ©

The “next” future holds more… with further increase of the attack surfaces

Digital wearables for crew

Enhancing passenger experience

10


DNV GL ©

Cyber resilience is needed to enable companies to safely reap the benefits of interconnected, automated and digital ship and offshore operation

11

Cyber Security Resilience

Dig

italization &

auto

mation

serv

ices

Security

Com

munic

ation

Infr

astr

uctu

re

Remote operationReal-time Process

optimization

Condition based

maintenance

Automation, system integration & connectivity

…


DNV GL ©

Building Cyber ResilienceImportant defenses and how to establish them

12


DNV GL ©

All Three Pillars of Cyber Security needs to be addressed to ensure an holistic cyber resilience of your company and fleet

▪ Training & Awareness

▪ Professional skills

& qualifications

▪ Emergency drills

▪ Authorizations &

authentication

▪ Physical Security

▪ Management Systems

▪ Governance Frameworks

▪ Policies & procedures

▪ Vendor/Third party contracts-follow up

▪ Audit regimes

▪ System design

▪ Hardening of connections

▪ Software configuration

▪ Encryption protocols

▪ Jamming & spoofing

▪ Detection & monitoring

People

Process

Technology

13


DNV GL ©

Cyber Security resilience is built by assessing status quo, closing the gaps and continuously verifying the cyber defences

14

Predictive &

Proactive

Cyb

er S

ecu

rity

Matu

rity

Cyber Security Improvement Roll-out

Reactive

Security Testing

(e.g. pentesting)

Annual or n-year

Inspections / Audits

Risk

assessment

ISMS Gap

analysisISMS Certification

Corrective actions/

Roll-out of Cyber Security

Management System

Cyber Secure Class

Notation

Verification of

corrective actions

Onboard

Assessment

Assess Improve Verify


DNV GL ©

Building Cyber ResilienceCyber safe ship operation

15


DNV GL ©

An On-board Cyber Security Assessment is a good starting point for uncovering gaps toward best practice cyber resilience

16

Interviews and spot checking (comparing the current safeguards with target protection levels):

− against policy, procedures, responsibilities and competence

− existence of controls and barriers

Vulnerability testing, spot-checking of most critical IT/OT systems using white/grey box testing

Cyber Security Advisory for the Maritime Industry

DNV GL ©

Building Cyber Security resilience typically start a gap analyses

Based on requirements from IEC 62443-3-3,

including:

▪ Identification and authentication

▪ Use control

▪ Systems integrity

▪ Data confidentiality

▪ Restricted data flow

▪ Timely response to events

▪ Resource availability

Based on requirements from IEC 62443-2-1,

including e.g.:

▪ Organizing for security

▪ Staff training and security awareness

▪ System inventory, major devices, segmentation and

physical location

▪ Physical and environmental security

▪ Network segmentation

▪ Access control: Account administration and

Authentication

▪ Incident planning and response

▪ Business continuity plan

17

Technical Design Management System


DNV GL ©

Building Cyber ResilienceCyber safe ship design

18


DNV GL ©

Illustration of

a complex

process:

19

There are

known quality

control steps

and expected

traceable

documents:

OT track assessments: using a common language for cyber systems engineering

In Out

How to control

EMERGENT

properties?

When welding is

introduced to a

structure, how

is the reliability

of the weld

controlled?

DNV GL ©

In Out

Illustration of

a complex

process:

20

When software

is introduced,

then what?


How to control

EMERGENT

properties?

When welding is

introduced to a

structure, how

is the reliability

of the weld

controlled?

DNV GL ©

Illustration of

a complex

process:

21

The trick is to

breakdown the

cyber process

best practices

in roles and

stages:


In Out

The DNV GL rule

set ‘ISDS’

(Intergraded

Software

Dependent

Systems) is a

standard Cyber

Systems

Engineering

framework

made for

Maritime &

Offshore

DNV GL ©

Bridging the Physical and the Cyber domains

Physical

▪ Risk assessment

▪ Fire drills

▪ Permit to work

▪ Drawings

▪ Changing slowly

▪ Easy to test

Cyber physical

▪ Threat analysis

▪ System restore drills

▪ SW Change management

▪ Software topology, CMDB

▪ Changing fast

▪ Difficult to test

22

DNV GL ©

Bridging the Physical and the Cyber domains

Physical

▪ Risk assessment

▪ Fire drills

▪ Permit to work

▪ Drawings

▪ Changing slowly

▪ Easy to test

Cyber physical

▪ Threat analysis

▪ System restore drills

▪ SW Change management

▪ Software topology, CMDB

▪ Changing fast

▪ Difficult to test

23

Software has

to be tracked

as a

component

just like it’s

done in the

physical world

DNV GL ©

Symphony of the Seas Celebrity Edge

“Using the proposed methodology, we can address cyber security threats together with the vendors, and that is something we were never able to do before. This is the first time in this industry that we can achieve this level of communication and collaboration from the yard and

the vendors to effectively resolve cyber-security-related questions and issues during newbuilding, and do this as an integrated team.”

Will Perez, Cyber Security Director for Royal Caribbean Cruises

Supplier

System

integratorOwner

Independent

verifier

Cyber Security verification project of RCL mega cruise ships

“The on-board penetration testing executed by DNV GL’s ethical hackers has not only allowed us to detect cyber security weaknesses that we

could fix in time, but once fixed, it has also helped with the troubleshooting of other unrelated network issues we were

having, so this has actually saved us a lot of time.”

Thierry Gambier, Fire & Safety System Engineer for STX France

DNV GL ©

Cyber Security in the Class scope for ships and offshore unitsMain rules, Class Notation & Type Approval – verify the holistic cyber resilience

Cyber Secure Class Notation (DNVGL-RU-SHIPS Pt.6 Ch.5 Sec.21) Cyber Secure Type Approval (DNVGL-CP-0231)

25

▪ Pre-qualification of system or component security capabilities

▪ Requirements given in rules for class notation Cyber secure

▪ Components type approved in DNVGL-CP-0231 are certified to

have security capabilities, e.g.

– Remote access/connection, Integrated and inter-connected control

and monitoring systems, Safety systems, Other systems

subjected to requirements for redundancy and/or separation

▪ According to recognized standards such as IEC62443 (control) and

IEC61162-460 (bridge)


Main Rules: Applies to all ships and offshore units in DNV GL class. Few requirements. Principles related to network segmentation, prevent

unauthorized human access, network storm mitigation, fail-to-safe response, encryption, remote access. (DNVGL-RU-SHIPS Pt.4 Ch.9 or DNVGL-OS-D202)

▪ Pre-defined important systems on board a vessel with the voluntary class notation Cyber secure. Requirements to technical security barriers, management system and human behaviour

▪ Applies recognized standards, ISO-27001 & IEC-62443 to shipping

▪ Cyber Secure as entry with IMO compliance, remote & segregation

▪ Cyber Secure Essential for existing ships/units

▪ Cyber Secure Advanced for newbuilds with higher requirements

▪ Cyber secure (+) is intended for additional systems beyond navigation, power generation, propulsion and steering

DNV GL ©

Our recommended approach and potential DNV GL support on the path to an holistic approach to cyber resilience

People

Process

Technology

27

▪ Train your onboard & shore personnel

▪ Perform Emergency drills

▪ Assess your IT and OT management system

▪ Update your procedures to reflect cyber security

best practices

▪ Implement procedures into your organisation

▪ Ensure segregation of your networks

▪ Ensure system security and hardening

of connections

▪ Perform penetration testing of systems

▪ Select suppliers with secure components

Assess Cyber Security RiskVerify compliance using 3rd party

– The DNV GL Cyber Secure Class Notation


DNV GL ©

SAFER, SMARTER, GREENER

www.dnvgl.com

The trademarks DNV GL®, DNV®, the Horizon Graphic and Det Norske Veritas®

are the properties of companies in the Det Norske Veritas group. All rights reserved.

Thank you very much for you attention!


28

Jarle Coll Blomhoff, Group Leader Cyber Safety & Security

DNV GL Ship Classification

[email protected]

+47 970 61 347

mailto:[email protected]

maritime cyber security resilience · cyber security in the class scope for ships and offshore...

Documents