|
SLOVENSKI STANDARD
01-junij-2021
Pomorska navigacijska in radiokomunikacijska oprema in sistemi - Kibernetska
varnost - Splošne zahteve, preskusne metode in pričakovani rezultati preskušanja
(IEC 63154:2021)
Maritime navigation and radiocommunication equipment and systems - Cybersecurity -
General requirements, methods of testing and required test results (IEC 63154:2021)
Navigations- und Funkkommunikationsgeräte und -systeme für die Seeschifffahrt -
Cyber-Security - Allgemeine Anforderungen, Prüfverfahren und geforderte
Prüfergebnisse (IEC 63154:2021)
Matériels et systèmes de navigation et de radiocommunication maritimes - Sécurité
informatique - Exigences générales, méthodes d'essai et résultats d'essais exigés (IEC
63154:2021)
Ta slovenski standard je istoveten z: EN IEC 63154:2021
ICS:
35.030 Informacijska varnost IT Security
47.020.70 Navigacijska in krmilna Navigation and control
oprema equipment
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
EUROPEAN STANDARD EN IEC 63154
NORME EUROPÉENNE
EUROPÄISCHE NORM
April 2021
ICS 35.030; 47.020.70
English Version
Maritime navigation and radiocommunication equipment and
systems - Cybersecurity - General requirements, methods of
testing and required test results
(IEC 63154:2021)
Matériels et systèmes de navigation et de Navigations- und Funkkommunikationsgeräte und -systeme
radiocommunication maritimes - Sécurité informatique - für die Seeschifffahrt - Cyber-Security - Allgemeine
Exigences générales, méthodes d'essai et résultats d'essai Anforderungen, Prüfverfahren und geforderte
exigés Prüfergebnisse
(IEC 63154:2021) (IEC 63154:2021)
This European Standard was approved by CENELEC on 2021-04-13. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2021 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN IEC 63154:2021 E
European foreword
The text of document 80/984/FDIS, future edition 1 of IEC 63154, prepared by IEC/TC 80 "Maritime
navigation and radiocommunication equipment and systems" was submitted to the IEC-CENELEC
parallel vote and approved by CENELEC as EN IEC 63154:2021.
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2022-01-13
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2024-04-13
document have to be withdrawn
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
Endorsement notice
The text of the International Standard IEC 63154:2021 was approved by CENELEC as a European
Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standards
indicated:
IEC 61162-1 NOTE Harmonized as EN 61162-1
IEC 61162-2 NOTE Harmonized as EN 61162-2
IEC 61162-3 NOTE Harmonized as EN 61162-3
IEC 61993-2:2018 NOTE Harmonized as EN IEC 61993-2:2018 (not modified)
IEC 62443 (series) NOTE Harmonized as EN IEC 62443 (series)
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1 Where an International Publication has been modified by common modifications, indicated by (mod),
the relevant EN/HD applies.
NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is
available here: www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 60945 2002 Maritime navigation and EN 60945 2002
radiocommunication equipment and
systems - General requirements - Methods
of testing and required test results
IEC 61162-450 - Maritime navigation and EN IEC 61162-450 -
radiocommunication equipment and
systems - Digital interfaces - Part 450:
Multiple talkers and multiple listeners -
Ethernet interconnection
IEC 61162-460 2018 Maritime navigation and EN IEC 61162-460 2018
radiocommunication equipment and
systems – Digital interfaces – Part 460:
Multiple talkers and multiple listeners –
Ethernet interconnection –Safety and
security
IEC 63154
Edition 1.0 2021-03
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Maritime navigation and radiocommunication equipment and systems –
Cybersecurity – General requirements, methods of testing and required test
results
Matériels et systèmes de navigation et de radiocommunication maritimes –
Sécurité informatique – Exigences générales, méthodes d’essai et résultats
d’essai exigés
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 35.030; 47.020.70 ISBN 978-2-8322-9471-0
– 2 – IEC 63154:2021 © IEC 2021
CONTENTS
FOREWORD . 5
INTRODUCTION . 7
1 Scope . 9
2 Normative references . 9
3 Terms, definitions and abbreviated terms . 10
3.1 Terms and definitions . 10
3.2 Abbreviated terms . 13
4 Module A: Data files . 14
4.1 General . 14
4.2 Requirements . 14
4.2.1 Transport integrity . 14
4.2.2 Source authentication . 14
4.3 Methods of testing and required test results . 15
5 Module B: Execution of executables . 16
5.1 General . 16
5.2 Requirements . 16
5.3 Methods of testing and required test results . 17
6 Module C: User authentication . 17
6.1 General . 17
6.2 Requirements . 17
6.3 Methods of testing and required test results . 19
7 Module D: System defence . 20
7.1 General . 20
7.2 Malware protection. 20
7.2.1 Requirements . 20
7.2.2 Methods of testing and required test results. 23
7.3 Denial of service protection . 25
7.3.1 Requirements . 25
7.3.2 Methods of testing and required test results. 27
8 Module E: Network access. 29
8.1 General . 29
8.2 Equipment which connects to a network . 29
8.2.1 Requirements . 29
8.2.2 Methods of testing and required test results. 29
8.3 Equipment providing network access between controlled networks . 30
8.3.1 Requirements . 30
8.3.2 Methods of testing and required test results. 30
8.4 Equipment providing network access between controlled and uncontrolled
networks . 31
8.4.1 Requirements . 31
8.4.2 Methods of testing and required test results. 31
9 Module F: Access to operating system . 32
9.1 General . 32
9.2 Requirements . 32
9.3 Methods of testing and required test results . 32
10 Module G: Booting environment . 32
IEC 63154:2021 © IEC 2021 – 3 –
10.1 General . 32
10.2 Requirements . 32
10.3 Methods of testing and required test results . 33
11 Module H: Maintenance mode . 33
11.1 General . 33
11.2 Requirements . 33
11.3 Methods of testing and required test results . 34
12 Module I: Protection against unintentional crash caused by user input . 35
12.1 General . 35
12.2 Requirements . 35
12.3 Methods of testing and required test results . 36
13 Module J: Interfaces for removable devices including USB . 36
13.1 General . 36
13.2 Requirements . 36
13.2.1 Physica
...