On 1 January 2021, stricter maritime cyber security rules enter into force. To help combat the maritime industry’s growing cyber security risks, ABB Marine & Ports has opened a cyber security laboratory. The lab features different hardware and software systems, developed in line with the guidelines set out by the IMO.

With the rise of smarter, more connected systems, the International Maritime Organization (IMO) urges all shipping companies to demonstrate that cyber threats have been part of every vessel’s Safety Management Systems (SMS) risk assessment from 2021 onwards. According to IMO’s guidelines on maritime risk management, ‘ships with complex cyber-related systems may require a greater level of care and should seek additional resources through reputable industry and government partners.’

‘Cyber security is not a product, but an evolving target which needs constant monitoring, managing and updating,’ says Ahmed Hassan, head of Cyber Security, ABB Marine & Ports. ‘As a single vendor offering operating technology (OT) and cyber security, we recognise that managing cyber security is a careful balance between risk, functionality and cost. The principles of cyber security must apply across all maritime stakeholders, from designers and builders, to owners, operators and crew; and from classification societies to universities and research bodies, government departments and insurers.’

Various levels of cyber security requirements

ABB Marine & Ports’ new laboratory will offer cyber security support for shipping companies at all stages of digitalisation and has the flexibility to meet various levels of cyber security requirements. While some companies may only require a one-off assessment of existing OT installations, others may need a long-term approach with continuing support.

New services offered by the ABB Marine & Ports cyber security lab include:

  • Reference architecture that targets network segmentation and segregation.
  • Enforcing security policies to zones and conduits.
  • Ability to monitor network traffic and act on vulnerabilities.
  • Ability to collect and manage security logs for the control system components.
  • ABB Ability Cyber Asset Inventory solution, which discovers and records system inventory, as well as notifies about vulnerabilities.
  • Event monitoring, which enables sending alerts to crew members as well as ABB Ability Collaborative Operations Centers worldwide.

‘Our systems have been developed to address the very latest threats and solutions available in cyber risk management, Hassan concludes.