BSI 18/30368904 DC:2018 Edition
$13.70
BS EN 63154. Maritime navigation and radiocommunication equipment and systems. Cybersecurity. General requirements, methods of testing and required test results
| Published By | Publication Date | Number of Pages |
| BSI | 2018 | 28 |
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 1 | 30368904 |
| 3 | 80_883e_CD |
| 4 | CONTENTS |
| 7 | FOREWORD |
| 9 | 1 Scope 2 Normative references 3 Terms and definitions |
| 10 | 4 Module A: Data files 4.1 Requirements |
| 11 | 4.2 Methods of testing and required test results |
| 12 | 5 Module B: Auto-run of executables 5.1 Requirements for executable program file verification 5.2 Methods of testing and required test results 6 Module C: User authentication 6.1 Requirements |
| 13 | 6.2 Methods of testing and required test results 7 Module D: System defence 7.1 General 7.2 Requirements |
| 14 | 7.3 Methods of testing and required test results 8 Module E: Network access 8.1 General 8.2 Requirements 8.3 Methods of testing and required test results |
| 15 | 9 Module F: Access to operating system 9.1 General 9.2 Requirements 9.3 Methods of testing and required test results 10 Module G: Booting environment 10.1 General 10.2 Requirements 10.3 Methods of testing and required test results |
| 16 | 11 Module H: Configuration management 11.1 Requirements 11.2 Methods of testing and required test results 12 Module I: Protection against unintentional crash caused by user input 12.1 Requirements 12.2 Methods of testing and required test results 13 Module J: USB interfaces for other than storage purposes 13.1 General 13.2 Requirements for training option |
| 17 | 13.3 Methods of testing and required test results for training option 13.4 Requirements for technical method option 13.5 Methods of testing and required test results for technical method option 14 Module K: USB ports and interfaces for REDS 14.1 Requirements 14.1.1 Physical protection 14.1.2 Operational protection |
| 18 | 14.2 Methods of testing and required test results 15 Module L: IEC 61162-1 or IEC 61162-2 as interface 16 Module M: IEC 61162-450 as interface 16.1 General 16.2 Requirements related to IEC 61162-1 sentences |
| 19 | 16.3 Requirements related to IEC 61162-450 used for file transfer 16.4 Requirements related to Denial of Service (DoS) 16.4.1 General 16.4.2 Requirement 16.5 Methods of testing and required test results |
| 20 | 17 Module N: Other interfaces 17.1 General 17.2 Requirements 17.3 Methods of testing and required test results 18 Module O: Software maintenance 18.1 General 18.2 Requirements for software maintenance by the authorized persons using maintenance mode 18.3 Methods of testing and required test results for software maintenance by the authorized person using maintenance mode 18.4 Requirements for semi-automatic software maintenance by the crew onboard the vessel 18.4.1 General |
| 21 | 18.4.2 Requirement for software update requiring manual transfer into the equipment 18.4.3 Requirement for software update readily available for the equipment 18.5 Methods of testing and required test results for semi-automatic software maintenance by the crew onboard the vessel 19 Module P: Remote maintenance 20 Documentation 20.1 Requirements 20.2 Methods of testing and required test results |
| 22 | Annex A (informative) IMO SOLAS regime and practical limitations for equipment |
| 23 | Annex B (informative) Methods of authentication of data files and executables – some examples B.1 General B.2 Authentication based on Certificates B.3 Authentication based on Private key and pre-shared Public key |
| 24 | B.4 Authentication based on pre-shared key B.5 Authentication based on pre-shared key – Diffie-Hellmann |
| 25 | Annex C (informative) Malware protection in type approved systems based on anti-virus software which uses signatures for malware detection C.1 General C.2 Issues |
| 26 | Annex D (normative) USB class codes D.1 General |
| 27 | Annex E (Informative) Cyber security configuration document for equipment E.1 General for the document E.2 Document parts E.2.1 Hardening of the operating system E.2.2 Upgrade strategy for cyber security reasons E.2.3 Strategies for detecting and reacting to future vulnerabilities |
| 28 | Bibliography |
