IACS Unified Requirements on the cyber resilience of ships

IACS Unified Requirements [1] (URs) on the cyber resilience of ships – mandatory requirements to come into effect as of April 2022

The International Association of Classification Societies (IACS) has adopted two new IACS Unified Requirements (URs) on the cyber resilience of Ships:

  • UR E26 aims to ensure the secure integration of both Operational Technology (OT) and Information Technology (IT) equipment into the vessel’s network during the design, construction, commissioning, and operational life of the ship. This UR targets the ship as a collective entity for cyber resilience and covers five key aspects: equipment identification, protection, attack detection, response, and recovery.
  • UR E27 aims to ensure system integrity is secured and hardened by third-party equipment suppliers. This UR provides requirements for cyber resilience of onboard systems and equipment and provides additional requirements relating to the interface between users and computer-based systems onboard, as well as product design and development requirements for new devices before their implementation onboard ships.

These URs will be applied to new ships contracted for construction on and after 1 January 2024 although the information contained therein may be applied in the interim as non-mandatory guidance.

Cydome solutions ensure compliance with these URs as part of its unified approach to protect the ship as a whole.

Cydome’s technology allows shipping companies to fast track their IMO compliance procedure with its automated tools, whether assisting its first Regulation Audit or for all such next annual audits with its implemented autofill and auto-mapping tools on board.