Key Requirements and Checklist for Ship Cybersecurity Certification

3/04/2025

Strengthened Cybersecurity Requirements of IMO and IACS: Key Checklist for Classification Society Cybersecurity Certification

As IMO and IACS reinforce cybersecurity requirements, specific criteria must be met to obtain cybersecurity certification from classification societies.

In this post, we will summarize the key checklist for acquiring classification society cybersecurity certification.

✅ Key Requirements and Checklist for Classification Society Cybersecurity Certification

Category	Checklist Items	Description	Applicable to
1. Cybersecurity Policy & Management	Cybersecurity and Resilience Program	Establishing a protection and response framework for ship IT/OT systems	Owner
	Management of Change (MoC)	Security assessment and approval procedures when modifying ship IT/OT systems	Owner
	Cyber Risk Assessment	Conducting risk assessments in compliance with IACS UR E26/E27	Shipyard
2. Network Security Design	Zones and Conduit Diagram	Defining network segmentation and data flow	Shipyard
	Firewall Configuration & Access Control	Firewall setup, network access control, and monitoring policies	Owner
	Remote Access Security	Applying multi-factor authentication (MFA), VPN, and logging for remote access	Owner
	Wireless Communication Security	Security settings and control measures for wireless networks	Owner
3. Equipment Cybersecurity Requirements	Supplier Security Compliance	Verifying security certification (ClassNK, DNV, ABS) of equipment suppliers	Supplier
	Secure Development Lifecycle (SDL)	Ensuring security validation procedures during equipment development and maintenance	Supplier
	TA (Type Approval) Certification	Obtaining classification society approval, including cybersecurity features	Supplier
4. System Security Management	Software & Firmware Updates	Managing security patches and updates for IT/OT systems	Owner
	Malware Protection & Endpoint Security	Applying antivirus, ransomware protection, and EDR	Owner
	Data Backup & Disaster Recovery (BCP/DRP)	Establishing data protection and recovery plans for emergencies	Owner
5. Security Monitoring & Incident Response	Intrusion Detection System (IDS) & SIEM	Operating real-time security anomaly detection and log analysis systems	Owner
	Incident Response Plan (IRP)	Defining detection, response, and recovery processes for cyber incidents	Owner
	Penetration Testing & Cyber Resilience Test	Conducting security checks and penetration testing on ship IT/OT systems	Shipyard
6. Testing & Validation	FAT (Factory Acceptance Test)	Performing security function tests before equipment shipment	Supplier
	SAT (Site Acceptance Test)	Conducting security verification and performance testing after ship installation	Shipyard
	Security Configuration Audit	Checking security settings and ensuring regulatory compliance	Shipyard
7. Training & Maintenance	Crew Cybersecurity Training	Developing cybersecurity training and education plans for crew members	Owner
	Regular Security Audits & Compliance Checks	Conducting regular security audits to comply with ClassNK requirements	Owner
	Continuous Security Improvement Plan	Establishing a plan for ongoing improvement of cybersecurity policies and systems	Owner

🔍 Essential Documents for Cybersecurity Certification

To obtain classification society cybersecurity certification, the following essential documents must be submitted:

📌 Documents Submitted by Ship Owners (Owner)
✅ Ship Cybersecurity and Resilience Program
✅ Management of Change (MoC) Plan
✅ Firewall & Remote Access Policy
✅ Incident Response Plan (IRP) and Response Procedures
✅ Disaster Recovery Plan (DRP) and Backup Policy
✅ Security Awareness Training & Crew Education Plan
✅ Intrusion Detection System (IDS) and Log Monitoring Policy
✅ Regular Security Audit & Compliance Check Report

📌 Documents Submitted by Shipyards (Shipyard)
✅ Zones and Conduit Diagram (Network Security Design)
✅ Cybersecurity Risk Assessment Report
✅ Ship Cyber Resilience Test Procedure
✅ Security Configuration Guidelines
✅ Site Acceptance Test (SAT) Report

📌 Documents Submitted by Equipment Suppliers (Supplier)
✅ Type Approval (TA) Certification
✅ Secure Development Lifecycle (SDL) Documentation
✅ FAT (Factory Acceptance Test) Report
✅ Security Configuration Guidelines
✅ Test Reports for Security Capabilities

🚀 Preparation Strategy for Cybersecurity Certification

1️⃣ Consider Security from the Design Stage!

Incorporate network security architecture (Zones & Conduits Diagram) and firewall settings into the initial design.
Conduct security reassessments through Management of Change (MoC) when design changes occur.

2️⃣ Ensure Security Certification (Type Approval, TA) for Equipment

Major equipment such as engines, propulsion systems, and navigation systems must be certified by ClassNK, DNV, ABS, etc.
Security functions must be verified through FAT/SAT testing.

3️⃣ Maintain Security and Establish Regular Inspection Plans During Operation

Conduct Security Audit & Compliance Checks to ensure ongoing security during ship operation.
Cybersecurity training for crew members (Security Awareness Training) is essential.

🚢 Conclusion: Cybersecurity Certification Requires Thorough Preparation!

As IMO and classification societies strengthen cybersecurity requirements, security measures must be applied across design, equipment, and operations to obtain certification.

✅ Incorporate security requirements during the design phase (Shipyard)
✅ Secure equipment cybersecurity certification (Supplier)
✅ Maintain and conduct regular security inspections during ship operations (Owner)

Classification society cybersecurity certification is not just about regulatory compliance—it is an essential element for safe and reliable ship operations.

🚢 Is your ship ready for classification society cybersecurity certification?
Share your thoughts and let's discuss together! 😊

🔍 Stay tuned for our next post, where we will introduce FAT/SAT Security Testing and Certification Procedures! 🚢✨

Search This Blog

Maritime 4.0: Innovation Driven by AI, Data, and Cyber Security