Yesterday the Coast Guard published a copy of “The
Application of Cybersecurity Principles to Marine and Offshore Operations” on
their Homeport web site (sorry the CG does not use real links on Homeport – You
can find this under the Cybersecurity tab). The publication is apparently the
first volume in a series of publications on maritime cybersecurity being
published by the American Bureau of Shipping.
A quick look at the table of contents looks like the 35-page
publication covers the basics of cybersecurity (both IT and OT). It will be interesting
to see what specific changes are being recommended for the maritime
environment.
There is a nice brief discussion about cybersecurity in
general in the first section of the publication. It makes a significant comment
that applies to a variety of environments beyond just the maritime (pg 2):
“Most organizations arguably understand
the need for protecting and monitoring cyber-linked business support and
control systems. Even so, the breadth and complexity of protecting such systems
may present a daunting challenge to many organizations that do not have a comprehensive
picture of cybersecurity.”
There is also an important discussion of how cybersecurity
and safety intersect, particularly in cyber-physical systems (CPS). The authors
make an important point (pg 3):
“A cybersecurity incident on a
ship, on a platform, or within a facility, might result from system fault or failure,
operator error or inaction, inadvertent conflicts in incompatible software, or
deliberate malfeasance or malice. Any such incident may result in intrusion or
malfunction in a general purpose network, resulting in a cascading failure that
can spread into ship or platform CPS to cause unexpected consequences for any number
of systems.”
This looks like a document that will be well worth reading
by anyone in control system management as well as cybersecurity professionals.
Certainly the maritime community should, as the Coast Guard intended, take a
specific interest in this publication and the remainder of the series as it
becomes available.
Posts
No comments:
Post a Comment