Cyber Operators Course (Op) – Module 7
Specific Compartment equipment – Network segregation and bridging
The ECDIS is an ideal candidate for the hacker to ‘bridge’ between the IT and OT networks on the vessel. An ECDIS consumes multiple data feeds, for example:
- GPS
- ARPA
- Log
- AIS
- Gyro
- Chart updates
This image shows the inside of an ECDIS computer case. The smaller wires are serial data feeds from several OT sources. The whole computer is also connected to the vessel IP network, meaning a skilled hacker could use an ECDIS as the route between the IT and OT networks.
OT and IT networks are often joined on board, often for reasons of convenience such as being able to review engine parameters and efficiency from a computer on the vessel business network.
Discuss the following with the operator and on board engineering team:
Where on board are the OT and IT networks joined?
The VDR is another common source of network convergence: the data recorder needs to monitor both sets of networks in order to gather useful telemetry for accident analysis