1、 Guidance Notes on Data Integrity for Marine and Offshore Operations ABS CyberSafetyTMVolume 3 GUIDANCE NOTES ON DATA INTEGRITY FOR MARINE AND OFFSHORE OPERATIONS ABS CyberSafetyTMVOLUME 3 SEPTEMBER 2016 American Bureau of Shipping Incorporated by Act of Legislature of the State of New York 1862 201
2、6 American Bureau of Shipping. All rights reserved. ABS Plaza 16855 Northchase Drive Houston, TX 77060 USA Foreword Foreword The marine and offshore industries are integrating connected sensors, communications, storage and processing capabilities into vessels, offshore units and facilities as networ
3、king and computational power penetrates all aspects of industry operations. The “Big Data” phenomenon has emerged as a direct result of this growth, enabling development of tremendous new sources of data and information. But challenges have also emerged. Sensors and data must be trustworthy in order
4、 to support the new analytic and decision methods available for maritime industry use. These Guidance Notes are intended to clarify the basic principles and concepts of Data Integrity for marine and offshore assets. The document is intended to help the industry realize the new benefits from data sou
5、rces and data analytics systems via implementation of Data Integrity concepts. It also supports owners who are increasingly required to provide data reporting to regulatory agencies. The intended users for these Guidance Notes are cybersecurity specialists, data specialists, owners, shipyards, opera
6、tors, designers, suppliers, review engineers and Surveyors. These Guidance Notes are Volume 3 of the ABS CyberSafetyTM series, and are intended to be used in conjunction with other volumes. These Guidance Notes become effective on the first day of the month of publication. Users are advised to check
7、 periodically on the ABS website www.eagle.org to verify that this version of these Guidance Notes is the most current. We welcome your feedback. Comments or suggestions can be sent electronically by email to rsdeagle.org. Terms of Use The information presented herein is intended solely to assist th
8、e reader in the methodologies and/or techniques discussed. These Guidance Notes do not and cannot replace the analysis and/or advice of a qualified professional. It is the responsibility of the reader to perform their own assessment and obtain professional advice. Information contained herein is con
9、sidered to be pertinent at the time of publication, but may be invalidated as a result of subsequent legislations, regulations, standards, methods, and/or more updated information and the reader assumes full responsibility for compliance. This publication may not be copied or redistributed in part o
10、r in whole without prior written consent from ABS. ii ABSGUIDANCE MOTES ON DATA INTEGRITY FOR MARINE open transmitting of data between equipment, system controllers and data analyzers. Chain of Custody (CoC): Chronological documentation, showing the seizure, custody, control, transfer, analysis, and
11、 disposition of physical or electronic evidence. Data At-Rest (DAR): Data that resides in storage (a device or backup medium in any form) but excludes any data frequently transferred in the network or residing in temporary memory. Data In-Motion (DIM): Data in transit, traveling across a network or
12、contained in a computers RAM ready to be read, updated, or processed. Data Integrity: Accuracy, consistency (validity), and completeness of data over its lifecycle. ABSGUIDANCE MOTES ON DATA INTEGRITY FOR MARINE such as satisfactory operation, impending degradation, and prognostics or forecasting. D
13、ata conditioned for human use may include trend analysis visualizations, short-term performance parameter alerting, and similar reporting that can accelerate human decision making by reducing the steps required to interpret the aggregated data. 9 Actionable Data Sources (Applied Knowledge) The last
14、stage on the peak of the data sources model is the actionable data sources which includes the applied knowledge. The applied knowledge contained in the data is actually applied to the system to control the outcomes and for health and performance monitoring where it may be provided by a 3rdparty vend
15、or. At this stage, the data quantity has been significantly decreased compared to the previous process. 9.1 Manual Systems Control Manual system control requires that a human operator be involved in all controlling activities in order to perform system functions. In these systems, the operator alone
16、 senses control data, makes control decisions, and implements the control actions without support by mechanical or computerized equipment. On contemporary offshore assets, very few control systems are purely manual. The most common application of actionable data is in automated control, discussed in
17、 2/9.5 below. Onboard the vessel, the operator can view the automated control systems from diesel engine control to power management system, from alarm and monitoring system to DP control system. Programmable Logic Controller (PLC), Distributed Control System (DCS) and Supervisory Control and Data A
18、cquisition (SCADA) systems are commonly used in automatic control systems. The actionable data sources play key roles in these automated systems. For example, a DP control system aggregates multiple actionable data sources to implement the automatic control required in dynamic positioning operations
19、. 10 ABSGUIDANCE MOTES ON DATA INTEGRITY FOR MARINE Perform real-time analytics for accelerated decision making; and Achieve mission-critical reliability and scale with continuous system adjustments based on real-time/ near-real-time data reporting. The IoT/IIoT connects bidirectional-communicating
20、devices with one another in real time. With computational systems becoming more ubiquitous as processors become cheaper and more capable, more and more real-time data will be available among networked devices. Streaming data has been designed for improved security. An example is a 4-way handshake to
21、 protect against synchronized flooding attacks, and large “cookies” for association verification and authenticity. Multi-homing and redundant paths increase resilience and reliability. 3 Data Classification (Protection Level) Data Classification is the process of organizing data into categories for
22、its most effective and efficient use. Data Classification facilitates assignment of protection level based on its importance. As noted in Section 4, data has different criticality based on its supporting systems. Once a data-classification scheme has been created, security requirements that specify
23、appropriate handling practices for each category and storage standards that define the datas lifecycle requirements are to be defined. In this document, data is classified in terms of criticality to the mission of the vessel. Four categories have been defined as follows and shown in Section 5, Table
24、 2. The data classification has immediate relevance to Integrity Level (IL) (defined in the ISQM Guide and the Cybersecurity Guide). The relationship is also represented in Section 5, Table 2: ABSGUIDANCE MOTES ON DATA INTEGRITY FOR MARINE however, an unauthorized accidental intrusion is also a pene
25、tration that can have serious consequences. A successful intrusion that is detected and characterized may reveal weaknesses in the systems protective capabilities. Intrusion characterization is also intended to reveal the actual and potentially corruptive nature of the intrusion upon hardware, firmw
26、are, processing applications, networks, and data. For these reasons penetration protection is to be implemented in the interest of protecting data integrity during data creation, transport, processing, and storage. Penetration testing is commonly used to attempt to penetrate a digital system environ
27、ment in order to test the capabilities of protective measures (system architecture, hardware, software, and procedures). A penetration test is performed to determine sufficiency of protective measures. It is also performed to detect and characterize weaknesses in protective measures. Based upon the
28、outcomes of the test, protective measures can be corrected and enhanced as necessary to prevent an attack or accidental data corruption incident. Routine penetration testing is recommended for systems that collect, process, store, and transport/transfer protected data. 9.5 Handling Policies and Proc
29、edures Detailed data handling policies and procedures are to be defined for secure management of protected data. Data handling policies and procedures are provided in the Cybersecurity Guide, and are to minimally include: Documented data protection policies and procedures pertinent to each phase of
30、the data management lifecycle include: i) Procedures documenting authorization process for accessing or handling protected data, including read/write privileges, use locks, blocking devices, and strong login credentials; ii) Procedures documenting process for updating or modifying protected data; an
31、d iii) What type of operation can be run on the data 22 ABSGUIDANCE MOTES ON DATA INTEGRITY FOR MARINE & OFFSHORE OPERATIONS ABS CyberSafetyTMVOL 3 .2016 Section 5 Data Security 11 Security Measures and Controls Security measures for DAR, DIM, and DIU are found in the Cybersecurity Guide. ABSGUIDANC
32、E MOTES ON DATA INTEGRITY FOR MARINE & OFFSHORE OPERATIONS ABS CyberSafetyTMVOL 3 .2016 23 Section 6: Data Integrity SECTION 6 Data Integrity 1 General As more sophisticated automation systems become common in marine and offshore assets, growing concerns regarding data integrity have been raised. Th
33、e concerns cover various topics in data integrity, such as basic concepts of data integrity in marine and offshore assets, how the data integrity is best managed, and what are the measurement tools for data integrity. Traditional definitions and concepts may not adequately support specialized data i
34、ntegrity applications in marine and offshore assets. This section adopts a holistic view to define the data integrity concept, the systematic process of data integrity, and the verification of data integrity. 1.1 Definition As defined in ISO/IEC 27000 Information technology - Security techniques Inf
35、ormation security management systems Overview and vocabulary, Integrity means the “property of accuracy and completeness”. Integrity can have a large number of meanings depending on the context. For example, it can refer to accuracy, functionality, uncorrupted data, and absence of interference, rest
36、riction of access, code structure, and calculation accuracy. In these Guidance Notes, Data Integrity refers to the accuracy, consistency (validity), and completeness of data over its lifecycle. Compromised data is almost no use to the marine and offshore asset, and could cause a dangerous situation
37、to human safety, safety of the vessel, and/or an environmental threat. For this reason, maintaining data integrity is a core focus of marine and offshore asset cybersecurity. Maintaining data integrity helps improve recoverability and searchability, traceability (to origin), and connectivity. Data i
38、ntegrity may be compromised in various ways. Some representative failures that can affect data integrity include: Physical broken hardware devices (such as sensors or disk crash) Human error, including unintentional actions and malicious intent Transfer errors, including unintended alterations or ch
39、ange during the transfer process Cyber threats, including viruses/malware, hacking Data integrity is a fundamental component of information security. It can be used to describe a state, a process or a function and is always used as a representation for data quality. The three descriptions are listed
40、 as follows: As a state: Data integrity defines a data set that is both valid and accurate and maintains fidelity. As a process: Data integrity verifies that data has remained unchanged in transit from sending to receiving. As a function, related to security: Data integrity maintains information accuracy, is auditable, and supports reliability. 24 ABSGUIDANCE MOTES ON DATA INTEGRITY FOR MARINE & OFFSHORE OPERATIONS ABS CyberSafetyTMVOL 3 .2016
