IACS adopts cyber safety as ‘third pillar’

Cyber safety of integrated operating systems is the new focus for IACS. Credit: Korean Maritime University.
Cyber safety of integrated operating systems is the new focus for IACS. Credit: Korean Maritime University.

The threat to ship safety from cyber attack has led the International Association of Classification Societies (IACS) to expand its maritime remit beyond hull and machinery to cyber safety.

Describing cyber safety as the ‘third pillar’ of class society oversight, IACS chairman Christopher Wiernicki has been promoting this focus, and said he wanted to create a “cyber system safety framework”. An IACS expert group was set up to look into the issue for a year. But at the 72nd IACS Council meeting this month, it was announced that the matter warrants ongoing attention and a panel will be set up to concentrate on this area for the foreseeable future.

Unlike most cyber focus groups, IACS is homing in on safety, so its panel is known as the Cyber Safety Panel, rather than the cyber security panel. An IACS spokesman told IHS IHS Markit, “IACS considers cyber security to be a ‘subset’ of cyber safety; the former referring only to attacks on ships’ systems.” The Cyber Safety Panel, on the other hand “will consider all shipboard systems affecting the safe operation of the vessel, he said.

The current approach taken to cyber security on ships is, said the spokesman, a “general risk-based approach for computer-controlled automation systems on board vessels”. This, he said, will be developed further to address safety concerns. Thus the approach will “more descriptively address cyber issues related to safety of integrated operating systems on board vessels, inclusive of security”.

Areas of responsibility are currently being documented for the new panel, in addition to which a dedicated joint working group has been established to focus on cyber systems.

The cyber systems joint working group is currently reaching out to work alongside the Baltic and International Maritime Council (BIMCO) and other stakeholders. BIMCO, in partnership with industry partners including Comité International Radio-Maritime, is finalising an initial informal guideline text, Industry Guidelines on Cyber Security On Board Ships, which is expected to be submitted to the IMO in January 2016.