Cyber security approval of components and systems
Certify your components or systems and secure digital services with DNV’s Cyber secure type approval
It is recognised that today’s software-based maritime and offshore control systems are increasingly being integrated, connected to Internet, remotely accessed and implemented by use of commercially available software and communication protocols. The drivers are e.g. optimization of performance, improved operations, reduced costs and regulatory compliance.
However, this comes with an increased cyber risk, as such technologies are more often susceptible to malicious codes and attacks.
What is cyber security type approval and why do it?
The “DNVGL-CP-0231 Cyber security capabilities of systems and components” type approval programme is a flexible certification regime that demonstrates the cyber security capabilities of on-board control and bridge systems.
By choosing this voluntary type approval class programme, manufacturers can demonstrate compliance with recognized security requirements. DNV type approval is based on the IEC 62443 standard for industrial automation and control systems as well as the IEC 61162-460 for navigation and communication systems. Securing control and bridge systems is especially important in today’s trends of Information Technology (IT) and Operational Technology (OT) connectivity and complexity, as well as the need for live updates on an asset’s status and the increase in cyber-criminal activities.
The type approval process follows the normal type approval process as given in DNVGL-CP-0231:
- Manufacturer selects the desired security profile
- Verification of security capabilities performed via document assessment
- Testing of security functions
- On successful completion, a certificate is issued
With DNV’s Cyber security type approval, your products are certified to be cyber secure, and the foundation for digital value adding services is established:
- Reduced risk of down-time, negative publicity and cyber security incidents
- Positive marketing by having an independent cyber security certification
- Type approval of systems are pre-qualified installation on board vessels with DNV Cyber Secure Class Notation
- Reduced scope of document approval in projects
- Type approved systems facilitates more digital and additional value adding services such as e.g. condition-based maintenance and remote support
- Increased security and quality of your products due to 3rd party verification based on recognised IEC standards