COP_2023_V7_pages

More documents

Recommendations

Info

Table 5-1 Remote Control Centre Domain Sub Domain Threat/Attack Vector Mitigation procedure Remote Control Centre Building security Equipment Operations Access Control Security Equipment Specification Access Control policy Keycards Security zoning depending on role Security patrols during quiet times Security cameras/recording and erasing policy Regular log of events Security breach procedure Reference list of emergency contact numbers Duty call out register Procedures to follow in an emergency Separate recreation area where staff can access net for social media for personal access - not connected to operational networks Robust IT/OT policy, encryption, regular tests IT and communications equipment, servers and routers In secure, access controlled location Regular security exercises to check staff responses Monitor for unusual activity/response Consider segmenting network to ensure that staff net access is not connected to operational systems Regular checks to ensure no devices have been added Regular system scans for run authorised software System components specifically designed to be integrated to ensure correct functionality Back-up power supplies Alternative networks available Suitable spare equipment level maintained Ensure equipment compliance with appropriate standards for cyber/ communications etc Ensure adequate cooling Ensure adequate fire suppression system Robust access and security policy Appropriate training and qualifications Maintain environment appropriate to operations Adequate back up control positions Reserve controllers available in event of illness etc No unauthorised "Smart" devices in the operations area Equipment logs for equipment, serial no. etc 44 MASS UK Industry Conduct Principles and Code of Practice Version 7
Table 5-1 Vessel CREWED Domain Sub Domain Threat/Attack Vector Mitigation procedure Personnel See Domain 1 on page 38 Vessel Access See Building security in Domain 2 on page 39 Appropriate control for emergency services, pilots etc Vessel Shoreside security Equipment See equipment section on page 39 Secure dockside location with access control Operations See operations in Domain 2 on page 39 UNCREWED Domain Sub Domain Threat/Attack Vector Mitigation procedure Equipment security Control, network, and communications equipment located in secure, access controlled compartments Full system checks and inspection for unusual devices Vessel As for Crewed above Prior to deployment Full IT and communications system checks for normal operations and control Full system checks and inspection for unusual devices Post deployment Full IT and communications system checks for normal operations and control Analyse all activity logs for anomalies MASS UK Industry Conduct Principles and Code of Practice Version 7 45
Page 1 and 2: BEING A RESPONSIBLE INDUSTRY Mariti
Page 3 and 4: Contents FOREWORD 1 Background 4 2
Page 5 and 6: 1.9 The intent is to ensure equival
Page 7 and 8: 5 CONTRIBUTING ORGANISATIONS 5.1 Th
Page 9 and 10: 1 Scope 1.1 SUMMARY 1.1.1 This is a
Page 11 and 12: 5 Environment 5.1 ENVIRONMENTAL MAN
Page 13 and 14: Assuranc INDUSTRY PRINCIPLE 4 - CUS
Page 15 and 16: 11 Regulatory and Legislative Compl
Page 17 and 18: 1 Terms and Terminology In this Cod
Page 19 and 20: “Coxswain” refers to any person
Page 21 and 22: Definitions for Level of Control (L
Page 23 and 24: 2 Application This Code applies to
Page 25 and 26: 2.6 CARRIAGE OF ADDITIONAL EQUIPMEN
Page 27 and 28: 3.4 SHIP TYPE 3.4.1 MASS will have
Page 29 and 30: 3.7.5 For trials activities, as opp
Page 31 and 32: Schedule: Dates / times Location Ac
Page 33 and 34: 4 MASS Shoreside Interface Guidance
Page 35 and 36: 4.6.2 There are in the South Coast
Page 37 and 38: 5 Cyber Security Considerations for
Page 39 and 40: n 60% of fraud goes through mobile
Page 41 and 42: 5.9 CYBER SECURITY 5.9.1 Cyber secu
Page 43: THREAT/ATTACK VECTOR RISK MANAGEMEN
Page 47 and 48: 2. NIST Cyber security Framework NI
Page 49 and 50: ecommends communication processes f
Page 51 and 52: equires vendors or third-parties in
Page 53 and 54: 5.14 CYBER GLOSSARY “Access contr
Page 55 and 56: 6 Safety Management 6.1 OBJECTIVE T
Page 57 and 58: 6.5.6 The Operator should ensure th
Page 59 and 60: 6.10.2 The Operator should pay due
Page 61 and 62: n Loss of Control of MASS for a cri
Page 63 and 64: 6.17.2 The ISM Code regulates and r
Page 65 and 66: Data to be recorded - General Princ
Page 67 and 68: 7.2 INTERNATIONAL DEFINITION OF AUT
Page 69 and 70: 8 Ship Design and Manufacturing Sta
Page 71 and 72: 8.7 ELECTRICAL SYSTEMS 8.7.1 The el
Page 73 and 74: RNMB Hussar engaged in operational
Page 75 and 76: 9 Navigation Lights, Shapes and Sou
Page 77 and 78: Table 9-2: Sound Appliances Overall
Page 79 and 80: 10.3.7 It may be necessary to exert
Page 81 and 82: 10.6.3 The level at which these may
Page 83 and 84: tide tables and atlases, and the la
Page 85 and 86: 10.10.4 Where applicable and deemed
Page 87 and 88: 10.15.4 The performance of Sense an
Page 89 and 90: n If fitted with a satellite instal
Page 91 and 92: 12 Remote Control Centre - Operatio
Page 93 and 94: PHASE 2. MISSION PLANNING Task Pre-
Page 95 and 96:
12.5 ROLES AND RESPONSIBILITIES WIT
Page 97 and 98:
- Assist in USV pilotage and berthi
Page 99 and 100:
12.8.2 When designing the RCC, the
Page 101 and 102:
12.12.3 Human factors, including ma
Page 103 and 104:
13.4 SENSOR TESTS 13.4.1 Any sensor
Page 105 and 106:
14 Operator Standards of Training,
Page 107 and 108:
on an operator. In addition, where
Page 109 and 110:
n Management of records, reports, a
Page 111 and 112:
14.13 OPERATIONAL DEVELOPMENT 14.13
Page 113 and 114:
14.15.2 Operation Assessed. Once al
Page 115 and 116:
Competence Knowledge & Skills Contr
Page 117 and 118:
SECTION 2 - OPERATIONAL LEVEL Stand
Page 119 and 120:
Function: Safety and Security at th
Page 121 and 122:
Function: MASS Manoeuvring at the M
Page 123 and 124:
ANNEX B TO CHAPTER 14 The blank pro
Page 125 and 126:
Table 15-1: Identification Requirem
Page 127 and 128:
Table 15-2: Certification Considera
Page 129 and 130:
16.2.3 Marine casualties (accidents
Page 131 and 132:
16.5.2 The concept of the confident
Page 133 and 134:
17 Security 17.1 OBJECTIVE The obje
Page 135 and 136:
17.5 MASS SECURITY PLAN 17.5.1 The
Page 137 and 138:
17.9 VERIFICATION AND CERTIFICATION
Page 139 and 140:
18.5 AIR POLLUTION 18.5.1 All engin
Page 141 and 142:
19.2.6 For MASS engaged on internat
Page 143 and 144:
19.6.3 Documentation: n When carryi
Page 145 and 146:
19.9 DANGEROUS GOODS CLASSES 19.9.1
Page 147 and 148:
20.4.2 The duty is qualified by wha
Page 149 and 150:
21.4.4 MASS owners should exercise
Page 151 and 152:
MGO Marine Gas Oil MIA Marine Indus
show all

COP_2023_V7_pages

Create successful ePaper yourself

Delete template?

Save as template?