Introduction of IACS Activities related to Maritime Cyber Systems / Cyber Security George Reilly IACS Cyber Systems Panel Chairman Joint Working Group / Cyber Systems Chairman

IMO and Goals of MSC.1 Circ.1526 - Review Introduction of IACS Activities related to Maritime Cyber Systems / Cyber Security Contents: IMO and Goals of MSC.1 Circ.1526 - Review IACS in Industry with a Non-Cyber Mind-Set Activities of the Cyber Systems Panel Activities of the Joint Working Group (JWG/CS) Incorporating Cyber Systems/Security into the process Contents: IMO MSC.1 Circ.1526 Goals + Review Challenges for Industry with a non-Cyber Mind-set Activities of the Cyber Systems Panel Activities of the Joint Working Group (JWG/CS) The wider context of Cyber Systems and Safety Cyber Security in the Class process Collaborating with the industry

The Goal of Cyber Risk Management Support Safe and Secure Shipping which is Operationally Resilient to Cyber Risks (MSC.1 Circ1526)

Risk potential circumstance or event, (JWG/CS) Maritime Cyber Risk = Measure of the extent a technology asset is threatened by potential circumstance or event, (JWG/CS) which may result in operational, safety or security failures (E22) as a consequence of information or systems being corrupted, lost or compromised (E22)

Stakeholders → take the necessary steps to safeguard shipping from threats & vulnerabilities Actual IMO Words: Stakeholders should take the necessary steps to safeguard shipping from current and emerging threats and vulnerabilities related to, digitalization, integration and automation of processes Everybody has their part to play. (E22) digitization, integration & automation of processes and systems

Risk management is fundamental . . . to safe and secure shipping operations . . . traditionally been focused on operations in the physical domain . . . cyber risk management (JWG/CS) greater reliance on: . . created an increasing need for digitization Integration automation and network-based systems (Cyber Systems Panel MCSR10+12, E22)

Predicated on the goal of supporting safe and secure shipping which is Integrated Implementation Predicated on the goal of supporting safe and secure shipping which is operationally resilient to cyber risks; these Guidelines provide recommendations that can be incorporated into existing risk management processes The Guidelines are complementary to the safety and security management practices established by this Organization We too want it to be part of our system and uniform application with other processes as far as possible Complimentary to existing IACS processes (Cyber Systems Panel)

Information technology use of data as information Distinctive IT vs OT Information technology use of data as information Operational technology systems data to control or monitor physical processes information and data exchange within and between these systems (Cyber Systems Panel MCSR 4, 7, 11, 12)

Technologies Gains & Risks the technologies - provide efficiency gains and present risks - to critical systems and processes risks may result from vulnerabilities arising from - inadequate operation, - integration (Cyber Systems Panel MCSR10) - maintenance (Cyber Systems Panel MCSR1+11) - design (Cyber Systems Panel MCSR8) - intentional and unintentional cyberthreats (Cyber Systems Panel MCSR7) You gained – you cover the downside.

IACS and Cyber Systems Challenges in an Industry with a non-Cyber tradition

000011100111111000101011100101011110100001010011001111110000100101000011101001110010100001110011000010001101001100011111100000111111100101010011010010111111000110110101010100011010101010101010101010

.ppt IACS 00110000110011010110101110110Failures0in1010110101circuits1may0not101110 1100appear0to1create1010101010significant0101101 0101maritime0safety11010111or1environmental010110000110threats1011011001 010001100011010100101000

We transferred the power However the potential for significant damage by maritime activity has increased dramatically due to advances in technology and ever larger vessels. The means for controlling almost all vessels has become increasingly dependent on electronics and programmable systems. The consequence is that the larger potential for damage has been accompanied by a dependence on the performance and reliability of the programmable systems. The electronics and software did not create the problem but WE have transferred a great deal of responsibility to them.

Naval / Structural Mechanical Electrical We started with the classic and the comprehendible - and still has primacy Mechanical was more complex but reduced dependence on the weather and improved productivity (But still not as well regarded). Electrical bought improvements in safety

Those in the industry have remained comfortable with the knowledge and experience that they already had. But they were also driven by the benefits that developments in this little understood area had to offer.

WWW Electrical / Electrical Electronic 10010100101110 10011011000101 10001100010100 WWW Electrical / Electronic Electrical Electronics bought more sophisticated control to supplement and/or replace some of the operators skills. This technology was not visible in its operation and while it was adopted and implemented it was not generally understood and not given the respect to match the critical importance that was being transferred to it. Finally - The ability to interconnect previously isolated systems introduced the opportunity for more benefits, but they were also introducing more dependence and complexities to a subject that was already poorly understood by the maritime industry.

The parts that have been introduced over the past 5 to 10 years have not been so visible Those in the industry understand the principles of Naval Architecture, Structures and Machinery very well. Even as we have become aware of this gap in our understanding it has not been possible to get most participants to appreciate it long enough to acknowledge its significance. It is similar to an optical illusion where people can see the alternative image, but we are too busy or distracted to let ourselves be persuaded of the new reality – UNTIL NOW

We want to get back to a more comfortable time The Maritime industry would prefer this Cyber issue would simply pass and go away

To better understand the problem To deal with the problem everybody needs let go of an outdated mental model to accept the reality The apparent ‘GAP’ is not small and it is not empty . . .

The apparent ‘GAP’ is not small … and it is not empty WWW It contains: - navigational aids, - collections of data, protective devices, communication protocols, drivers, equipment control, internet connections 10010100101110 10011011000101 10001100010100

It also contains ‘System Knowledge’ It also contains ‘System Knowledge’ and is filled with multiple layers of sophisticated engineering that need to be understood and addressed in the same way that other branches of engineering are. PID controller Nyquist Stability Criterion Network Storm e x =1+ 𝑥² 1! + 𝑥² 2! + 𝑥³ 3! +… Von Mises RS232 Fourier Series Data Validation Stuxnet Kalman Filter Software Lifecycle 𝑓 𝑥 = 𝑎 0 + 𝑛=1 ∞ 𝑎 𝑛 cos 𝑛𝜋𝑥 𝐿 + 𝑏 𝑛 sin 𝑛𝜋𝑥 𝐿 IEC 61508

However, the Maritime industry must now also face the problems that have come to affect all industries around the world. With the WWW comes the maritime industry quickly and at a time of Cyber Security issues and growing awareness

Context and Activities of the Cyber Systems Panel Planning a Way Ahead Engineering Organizations Need to support Human IACS Recognition of Cyber The steps underway

Planning a Way Ahead It is important to know the realities of: ourselves – and our responsibilities our industry – and its responsibilities the world in which we operate In order to establish where we need to be and what steps we need to take to get there We need a practical effective and ongoing process

Engineering Organizations IACS Members are Engineering organizations Operate internationally Regulate ship design Verify construction Verify components in the supply chain Follow-up during regular Surveys Widely recognized by port and flag states Automatically incorporating Cyber into the process – though it will need to adapt

Need to support Human IACS Members are Engineering organizations that appreciate the need for the process to support the ‘Human’: Satisfies end user Reduces degrees of freedom System interfaces that minimise unplanned functions

IACS Recognition of Cyber IACS Members are Engineering organizations Recognized Cyber Systems with a full Panel Coordinating with industry Initially developing recommendations: For widest consultation with industry To create awareness prior to regulation To populate a framework for applying risk To create no more burden than necessary

IACS - The Steps Underway Initially a set of 12 basic subjects To be developed in 4 phases Initially non-mandatory Recommendations Industry advised of availability in order to encourage feedback At end of 12th document, decisions on how the 12 topics would be reformatted and combined to address risk levels Practical application process implemented and validated

A B C D 12 Maritime Cyber System Recommendations (MCSR 1 to 12) Four Phases A, B, C & D MCSR 1 Procedure for Software Maintenance MCSR 2 Manual Backup MCSR 3 Contingency Post Failure A MCSR 4 Network Architecture MCSR 5 Data Assurance MCSR 6 Physical Security B Initiated in Phases in order to allow early release for comment to a wider industry. These are the initial recommendations. There will eventually be more. MCSR 7 Network Security MCSR 8 Vessels’ System Design MCSR 9 Programmable System Equipment Inventory C MCSR 10 Integration MCSR 11 Remote Update / Access MCSR 12 Communications and Interfaces D

Maritime Cyber System Recommendations

Activities with the Joint Working Group (JWG/CS) Primary aim of the Industry Joint Working Group is to facilitate active cooperation and communication amongst industry groups that have an interest in the production, use and operation of cyber systems. The experience of the JWG members will assist as direction and strategy are developed by providing a practical and expert input. The IACS Cyber Systems Panel will also benefit from the availability of the JWG expertise and will be able to assist in the review of early drafts of recommendations and requirements as the are developed.

IACS Cyber System Panel To develop requirements Relationship between Panel and JWG/CS IACS Cyber System Panel Formed 1 July 2016 All 12 Class Societies Ongoing Communicate with IMO & EU Industry To develop requirements Industry Joint Working Group / Cyber Systems 1st meet 10 Nov 2016 2nd JWG/CS risk assessment 3rd meet JWG/CS + Industry forum

Relationship between Panel and JWG/CS

Activities with the Joint Working Group (JWG/CS) One of the first activities of the JWG is to participate in a Risk Assessment to consider aspects such as: - criticality focus and priorities, - threat focus and priorities Industry risk framework goals and resulting requirements Suggested security levels (e.g. security level 1,2, 3 and 4) and mapping into IACS and other standards work The risk assessments are being led by Professor Paul Dorey who also undertook a similar role in the UK Energy Sector covering generation and distribution for both Gas and Electricity. Prof. Dorey is retained by Inmarsat and it is planned that Risk Assessment work with the JWG will be the subject of a White Paper later this year.

Coordination of Implementation Port Authorities Owners Insurers Shipbuilders Cargo owners Flag States Manufacturers Communications

contacts: ABCyberChair@Eagle.org Thank you! contacts: ABCyberChair@Eagle.org