BSI 19/30398396 DC:2019 Edition
$13.70
BS EN 63154. Maritime navigation and radiocommunication equipment and systems. Cybersecurity. General requirements, methods of testing and required test results
| Published By | Publication Date | Number of Pages |
| BSI | 2019 | 54 |
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 4 | CONTENTS |
| 7 | FOREWORD |
| 9 | 1 Scope 2 Application |
| 11 | 3 Normative references 4 Terms and definitions |
| 15 | 5 Module A: Data files 5.1 General 5.2 Requirements |
| 17 | 5.3 Methods of testing and required test results 6 Module B: Execution of executables 6.1 General 6.2 Requirements for executable program file verification 6.3 Methods of testing and required test results |
| 18 | 7 Module C: User authentication 7.1 General 7.2 Requirements |
| 19 | 7.3 Methods of testing and required test results |
| 20 | 8 Module D: System defence 8.1 General 8.2 Requirements – Malware protection |
| 22 | 8.3 Methods of testing and required test results |
| 23 | 8.4 Requirements – Denial of service |
| 24 | 8.5 Methods of testing and required test results |
| 25 | 9 Module E: Network access 9.1 General |
| 26 | 9.2 Equipment which connects to a network 9.2.1 Requirements 9.2.2 Methods of testing and required test results 9.3 Equipment providing network access between controlled networks 9.3.1 Requirements |
| 27 | 9.3.2 Methods of testing and required test results 9.4 Equipment providing network access between controlled and uncontrolled networks 9.4.1 Requirements 9.4.2 Methods of testing and required test results |
| 28 | 10 Module F: Access to operating system 10.1 General 10.2 Requirements 10.3 Methods of testing and required test results 11 Module G: Booting environment 11.1 General 11.2 Requirements |
| 29 | 11.3 Methods of testing and required test results 12 Module H: Maintenance mode 12.1 General 12.2 Requirements |
| 30 | 12.3 Methods of testing and required test results 13 Module I: Protection against unintentional crash caused by user input 13.1 General 13.2 Requirements 13.3 Methods of testing and required test results |
| 31 | 14 Module J: Interfaces for removable devices including USB 14.1 General 14.2 Requirements for procedural method option 14.3 Methods of testing and required test results for procedural method option 14.4 Requirements for technical method option 14.4.1 Physical protection 14.4.2 Operational protection |
| 32 | 14.5 Methods of testing and required test results for technical method option 14.5.1 Physical protection 14.5.2 Operational protection |
| 33 | 15 Module K: IEC 61162-1 or IEC 61162-2 as interface 15.1 General 15.2 Requirements 16 Module L: IEC 61162-450 as interface 16.1 General 16.2 Requirements related to IEC 61162-1 sentences 16.3 Requirements related to IEC 61162-450 used for file transfer |
| 34 | 17 Module M: Other interfaces 17.1 General 18 Module N: Software maintenance 18.1 General 18.2 Software maintenance in maintenance mode 18.2.1 Requirements 18.2.2 Methods of testing and required test results |
| 35 | 18.3 Semi-automatic software maintenance by the crew onboard the vessel 18.3.1 General 18.3.2 Requirements |
| 36 | 18.3.3 Methods of testing and required test results 19 Module O: Remote maintenance 19.1 General |
| 37 | 19.2 Requirements 20 Documentation 20.1 Requirements 20.2 Methods of testing and required test results |
| 38 | Annex A (informative) Guidance on implementing virus and malware protection on type approved equipment for IMO SOLAS regime and practical limitations |
| 40 | Annex B (Normative) File authentication B.1 General B.1.1 Digital Signatures |
| 41 | B.1.2 Digital signatures – Methods of testing and required test results B.1.3 Symmetric means based upon pre-shared secret keys |
| 42 | B.1.4 Symmetric means based upon pre-shared secret keys – Methods of testing and required test results |
| 43 | Annex C (informative) Methods of authentication of data files and executables – some examples C.1 General C.2 Terms and definitions |
| 44 | C.3 Asymmetric Cryptography C.4 Digital Signatures |
| 45 | C.5 Public Key Infrastructure C.5.1 General theory |
| 47 | C.5.2 Notes about shipboard use |
| 48 | C.6 Symmetric key authentication based on ‘pre-shared secret key’ |
| 50 | Annex D (normative) USB class codes D.1 General |
| 51 | Annex E (Informative) Cyber security configuration document for equipment E.1 General for the document E.2 Document parts E.2.1 Hardening of the operating system E.2.2 Update strategy for cyber security reasons E.2.3 Strategies for detecting and reacting to future vulnerabilities |
| 52 | Annex F (Informative) Guidance on interconnection between networks F.1 General F.2 Guidance |
| 54 | Bibliography |
