Why Maritime Cybersecurity Became a System Engineering Issue (3/9)

Analyst / Contributor :
💡 Insight IACS UR E26 / E27 System Engineering Maritime Cybersecurity

Chapter 3. Why Cybersecurity Became a System Engineering Issue

From Security Controls to System Engineering Thinking

Blue Horizonist
Blue Horizonist (Lew)
Maritime & Cyber Security Consultant · ISP Consultant
 
📚 Blue Horizonist Series Chapter 3 of 9

Why Maritime Cybersecurity Became a System Engineering Challenge

  1. 01 Digitalization of Modern Ships ↗
  2. 02 Increasing OT System Interdependency ↗
  3. 03 📍 Why Cybersecurity Became a System Engineering Issue
  4. 04 Purpose of IACS UR E26/E27
  5. 05 From Functional Design to Explainable Design
  6. 06 Required Engineering Evidence
  7. 07 Role of Shipyard and Supplier
  8. 08 Practical Documentation Approach
  9. 09 Progressive Documentation Maturity Model
← Ch.2 Chapter 3 of 9 Ch.4 → Coming soon

In Chapter 1, we explored how modern vessels are evolving into digital OT environments. In Chapter 2, we examined how increasing System Interdependency is making it increasingly difficult to understand overall system behavior by looking at individual CBSs alone. This naturally leads to a critical question: Why are these changes turning Cybersecurity into a System Engineering issue?

Ⅰ. Security Controls Alone Cannot Solve System Problems

When people think about Cybersecurity, the first things that usually come to mind are security controls such as Firewalls, Authentication, Access Control, Malware Protection, and Logging. These capabilities are undoubtedly important. However, real-world projects frequently encounter a troubling pattern:

  • The Firewall is operating correctly.
  • Account management has been properly implemented.
  • Malware protection mechanisms are in place.

Yet operational problems can still occur. The root cause is often not the absence of security controls, but rather the way the system has been designed and operated.

In other words, Cybersecurity is no longer simply about adding security features. It is increasingly becoming an activity focused on ensuring that the overall system can operate safely, reliably, and sustainably.

Ⅱ. Engineering Decisions Can Create Cybersecurity Consequences

Many Cybersecurity challenges encountered in shipboard environments are directly linked to engineering decisions made during system design. Consider these examples:

Zone Assignment
Which Zone should a particular CBS be assigned to?
Data Flows
Which data flows should be permitted?
Remote Access
How should remote access be provided?
Recovery Priority
Which functions should be restored first during recovery?
At first glance, these questions may not appear to be security-related. However, each has a direct impact on the Cybersecurity posture of the vessel — influencing risk exposure, operational resilience, and recovery capability. This is one of the key reasons why Cybersecurity must increasingly be considered from the earliest stages of system design.

Ⅲ. Operational Requirements and Security Requirements Must Coexist

One of the most common challenges faced by shipyards and equipment suppliers is finding the right balance between operational requirements and security requirements. These objectives are often in tension:

⚙ Operational Need

Remote access is necessary to support maintenance activities.

Data sharing is essential for operational efficiency.

⚠ Security Concern

Unrestricted remote access can introduce significant risks.

Not all data exchanges should be permitted without control.

The challenge is not choosing one over the other. Instead, the challenge is designing a solution that satisfies both. This balancing process is fundamentally an engineering activity.

Ⅳ. Recovery Is No Longer a Security Function

Many people naturally associate Cybersecurity with prevention. However, Recovery is becoming an increasingly important topic within modern ship environments. During actual incidents, questions such as the following often arise:

  • Which functions should be restored first?
  • What is the minimum operational capability required to continue safe operation?
  • Which CBS serves as a prerequisite for restoring other CBSs?
  • Does the recovery process introduce additional risks?
Answers to these questions cannot be provided solely through Firewalls, Authentication mechanisms, or other security controls. Recovery is closely related to operational procedures, system architecture, dependencies, and business priorities — and must be approached from a System Engineering perspective.

Ⅴ. Verification Becomes More Important Than Assumptions

In the past, functional testing of individual CBSs was often considered sufficient. In interconnected environments, however, new questions emerge that cannot be resolved through design documents alone:

  • Does the system behave the same way in the integrated environment?
  • Does it respond as expected during failure scenarios?
  • Can the recovery procedures actually be executed in practice?
  • Are communications between Zones restricted to their intended paths?

Consequently, modern Cybersecurity extends beyond design and implementation activities to include verification and validation activities as well.

Ⅵ. Why E26/E27 Emphasize Engineering Activities

One of the most interesting aspects of IACS UR E26 and E27 is that they do not focus solely on security controls. Instead, they consistently emphasize activities that resemble System Engineering far more than traditional security practices:

  • Zone Definition — establishing security boundaries across the vessel
  • Interface Identification — mapping all system interactions and data flows
  • Recovery Planning — defining restoration sequences and minimum operational capability
  • Verification & Testing — confirming system behavior under integrated conditions
  • Documentation — maintaining evidence throughout the system lifecycle
This reflects an important reality. In modern ship environments, Cybersecurity is no longer limited to technical security mechanisms. It increasingly encompasses system design, integration, operation, verification, and lifecycle management.
Closing Remarks

Today, Maritime Cybersecurity is no longer limited to protecting individual devices or CBSs. In modern vessels:

  • Design decisions influence Cybersecurity.
  • Operational practices influence Cybersecurity.
  • Recovery strategies influence Cybersecurity.
  • Verification activities influence Cybersecurity outcomes.

Ultimately, Cybersecurity should not be viewed merely as a collection of security controls. It should be understood as an integral part of System Engineering. In the next chapter, we will explore why IACS UR E26 and E27 emerged and what specific challenges these requirements were intended to address within modern ship environments.

← Ch.2
Why Maritime Cybersecurity Became a System Engineering Challenge
Chapter 3 of 9
Ch.4 →Coming soon
#MaritimeCybersecurity #SystemEngineering #CyberResilience #IACS #URE26 #URE27 #OTSecurity #ShipCyberSecurity #Maritime40
Blue Horizonist
Blue Horizonist (Lew)
Maritime & Cyber Security Consultant · ISP Consultant

Maritime cybersecurity professional specializing in IACS UR E26/E27 compliance, OT security architecture, and System Engineering integration. Writing for engineers, consultants, and operators navigating Maritime 4.0.

Comments

Post a Comment