DNV GL releases first cyber security class notations

Classification society DNV GL last week announced the forthcoming publication of class notations to help shipowners and operators protect their assets from cyber security incidents. DNV GL said that the new class notations – Cyber secure – would help owners and operators protect vital systems from cyber security threats. They will be published on the DNV GL rules page on July 1st.

DNV GL – Maritime CEO Knut Ørbeck-Nilssen, said that “whether in machinery, navigation or communication systems, programmable control systems are a longstanding and essential part of ships and offshore units, but the increasing integration and connectivity of these systems represents an ever-larger target for cyber-security threats”, adding that “as all programmable components are theoretically vulnerable to cyber security threats we have set out, with the new Cyber secure class notations, to offer owners and operators a framework to improve and demonstrate their cyber resilience.”

The Cyber secure class notations have three different qualifiers, Basic, Advanced and +.

Basic is primarily intended for ships in operation. Advanced has been designed to be applied throughout the newbuilding process, with requirements for asset owners and operators, system integrators (e.g. yards), and equipment manufacturers. The Basic and Advanced qualifiers cover a number of essential systems, including propulsion, steering, navigation, and power generation.

The third qualifier, +, is intended for systems that are not part of the default scope of Basic/Advanced. This, said DNV GL, would give owners and operators the flexibility to identify the threats, assess, and secure extra systems which are of particular importance to their operations.

The Cyber secure class notations build on DNV GL’s Recommended Practice (DNVGL-RP-0496) on cyber security and extends to the cyber security assessment of control system components type approval program DNVGL-CP-0231, with which makers can now demonstrate the security of their systems through an independent verification process.

DNV GL recently worked with the P&I Club Gard on a video to build awareness and competence among crews and others. It focuses on daily tasks and routines, and aims to de-mystify the cyber security issue as well as providing concrete recommendations on how to prevent cyber incidents. The video can be found here: https://www.dnvgl.com/maritime/webinars-and-videos/videos/cyber-security-awareness.html

There will be a panel discussion to understand the cyber threat at this year’s Marine Insurance London conference on the 5th July

Moderator – Ant Gould, Freelance award and Editor

► George Devereese, Senior Loss Prevention Executive, UK P&I Club
► Charles Fernandez, Head of Marine Liability & Hull, Canopius
► Monica Tigleanu, Partner, Cyber, Content & New Technology Risks, JLT Specialty Ltd
► Andrew Hannay, Senior Underwriter, Norwegian Hull Club