ClassNK releases “Guidelines for Cyber resilience of ships”
Explaining IACS UR E26 requirements and necessary actions
Tokyo – ClassNK has released the “Guidelines for Cyber Resilience of Ships.” These guidelines outline the new IACS Unified Requirements (UR) aimed at ensuring the cybersecurity of ships.
IACS has established UR E26 for ships and UR E27 for on-board systems and equipment. These URs set minimum requirements for cyber resilience, defined as the ability to reduce the occurrence and mitigate the effects of cyber incidents due to cyber-attacks or other threats. These requirements apply to new ships contracted for construction on or after July 1, 2024.
ClassNK has incorporated these requirements into Part X of its “Rules for the Survey and Construction of Steel Ships,” focusing on computer-based systems, and “Guidance for the Approval and Type Approval of Materials and Equipment for Marine Use.” To support clients in smoothly responding to cyber resilience requirements, ClassNK has also set up a portal site aggregating related information.
The newly issued guidelines are mainly for shipbuilders, shipowners, and ship management companies. They cover the application scope of the rules, approval process, required documents, and surveys. The guidelines are available for download on the portal site.
ABS Grants Approval in Principle to SHI for Cyber Resilience
UR E26: Cyber Resilience of Ships
UR E26 ensures the secure integration of both Operational Technology (OT) and Information Technology (IT) equipment into the vessel’s network during the design, construction, commissioning, and operational life of the ship. It targets the ship as a collective entity for cyber resilience, covering five key aspects: equipment identification, protection, attack detection, response, and recovery.
UR E27: Cyber Resilience of On-Board Systems and Equipment
UR E27 aims to ensure system integrity is secured and hardened by third-party equipment suppliers. It provides requirements for the cyber resilience of on-board systems and equipment, addressing the interface between users and computer-based systems on-board, as well as product design and development requirements for new devices before their implementation on-board ships.
The guidance applies to tests and inspections of materials and equipment for marine use requiring advance approval or type approval by ClassNK as per relevant rules.
For more details, visit the ClassNK Cybersecurity Portal.
