Cyber security regulation updates released by Bureau Veritas

NEW: Updating NR 659 cyber security rules

Jul. 29 2020 - 3 min

This summer Bureau Veritas is updating its NR 659 Rules. Get a first look at how we’re helping shipyards prepare vessels for IMO regulations and IACS guidelines. 

Cyber security and safety are increasingly important topics for ship owners, as ever greater number of assets are connected. Owners of in-service vessels must meet IMO’s January 1, 2021 deadline for Resolution MSC.428(98), which requires the integration of cyber risk into onboard safety management systems.

In April 2020, IACS also released Recommendation 166, a consolidated set of guidelines that defines cyber security goals for design and construction.

To help ship owners and managers achieve compliance, Bureau Veritas will be updating its NR 659 rules on Cyber Security for the Classification of Marine Units. The newest version of NR 659 will include a clear methodology for meeting IMO regulations and two new notations to prepare ships for cyber security.

A step-by-step methodology

In our updated Rules, Bureau Veritas will provide step-by-step templates for undergoing a cyber risk assessment and developing necessary cyber documentation (e.g. Cyber Repository, Cyber Handbook, Cyber Policy).

Our step-by-step methodology will help rule users perform cyber risk analysis, including systems criticality assessment for equipment, design assessment for vessels and risk assessment for vessel management. We will further provide rules for conducting design review and verification, and provide concrete examples of the cyber security technologies and mechanisms that must be integrated onboard.

Cyber-prepared notations for shipyards

Upcoming updates to NR 659 will include a special focus on notations for shipyards to prepare vessels for cyber security, either retroactively or by design. Our CYBER MANAGED PREPARED notation indicates that a shipyard has undertaken all necessary steps to develop a cyber risk management system during the newbuild phase.

Meanwhile, our CYBER SECURE PREPARED notation proves that a shipyard has implemented all relevant cyber security protections and undertaken verification during the newbuild phase.

Enabling smart shipping

Cyber resilience will lay the essential foundations for smart shipping, allowing for the marine industry’s next major leap forward. In anticipation of further regulations, Bureau Veritas’ SmartShip Additional Service Feature requires vessels to receive a cyber security notation if the ship is connected to shore or remotely controlled.