| PDF Pages<\/th>\n | PDF Title<\/th>\n<\/tr>\n | ||||||
|---|---|---|---|---|---|---|---|
| 2<\/td>\n | undefined <\/td>\n<\/tr>\n | ||||||
| 4<\/td>\n | CONTENTS <\/td>\n<\/tr>\n | ||||||
| 8<\/td>\n | FOREWORD <\/td>\n<\/tr>\n | ||||||
| 10<\/td>\n | 1 Scope 2 Normative references <\/td>\n<\/tr>\n | ||||||
| 11<\/td>\n | 3 Terms and definitions <\/td>\n<\/tr>\n | ||||||
| 18<\/td>\n | 4 High-level requirements 4.1 Overview 4.2 Description 4.3 General requirements 4.3.1 Equipment and system requirements Figures Figure 1 \u2013 Functional overview of IEC 61162-460 applications <\/td>\n<\/tr>\n | ||||||
| 19<\/td>\n | 4.3.2 Physical composition requirements 4.3.3 Logical composition requirements 4.4 Physical component requirements 4.4.1 450-Node <\/td>\n<\/tr>\n | ||||||
| 20<\/td>\n | 4.4.2 460-Node 4.4.3 460-Switch 4.4.4 460-Forwarder <\/td>\n<\/tr>\n | ||||||
| 21<\/td>\n | 4.4.5 460-Gateway and 460-Wireless gateway 4.5 Logical component requirements 4.5.1 Network monitoring function 4.5.2 System management function 4.6 System documentation requirements <\/td>\n<\/tr>\n | ||||||
| 22<\/td>\n | 4.7 Secure area requirements 5 Network traffic management requirements 5.1 460-Node requirements 5.2 460-Switch requirements 5.2.1 Resource allocation <\/td>\n<\/tr>\n | ||||||
| 23<\/td>\n | 5.2.2 Loop prevention 5.3 460-Forwarder requirements 5.3.1 Traffic separation <\/td>\n<\/tr>\n | ||||||
| 24<\/td>\n | 5.3.2 Resource allocation 5.3.3 Traffic prioritization Tables Table 1 \u2013 Traffic prioritization with CoS and DSCP <\/td>\n<\/tr>\n | ||||||
| 25<\/td>\n | 5.4 System design requirements 5.4.1 Documentation 5.4.2 Traffic 5.4.3 Connections between secure and non-secure areas <\/td>\n<\/tr>\n | ||||||
| 26<\/td>\n | 6 Security requirements 6.1 Security scenarios 6.1.1 Threat scenarios 6.1.2 Internal threats 6.1.3 External threats <\/td>\n<\/tr>\n | ||||||
| 27<\/td>\n | 6.2 Internal security requirements 6.2.1 General 6.2.2 Denial of service protection 6.2.3 REDS security <\/td>\n<\/tr>\n | ||||||
| 28<\/td>\n | 6.2.4 Access control <\/td>\n<\/tr>\n | ||||||
| 30<\/td>\n | 6.2.5 Executable and non-executable file security <\/td>\n<\/tr>\n | ||||||
| 31<\/td>\n | 6.2.6 Recording of device management activities <\/td>\n<\/tr>\n | ||||||
| 32<\/td>\n | 6.3 External security requirements 6.3.1 Overview 6.3.2 Firewalls Figure 2 \u2013 460-Network with 460-Gateway <\/td>\n<\/tr>\n | ||||||
| 33<\/td>\n | 6.3.3 Direct communication <\/td>\n<\/tr>\n | ||||||
| 34<\/td>\n | 6.3.4 Node requirements for direct communication <\/td>\n<\/tr>\n | ||||||
| 35<\/td>\n | 6.3.5 460-Gateway <\/td>\n<\/tr>\n | ||||||
| 36<\/td>\n | 6.3.6 460-Wireless gateway <\/td>\n<\/tr>\n | ||||||
| 37<\/td>\n | 6.4 Additional security issues <\/td>\n<\/tr>\n | ||||||
| 38<\/td>\n | 6.5 Onboard software maintenance 6.5.1 General 6.5.2 Roll back to previous safe configuration <\/td>\n<\/tr>\n | ||||||
| 39<\/td>\n | 6.5.3 Software maintenance in maintenance mode 6.5.4 Semi-automatic software maintenance by the crew onboard the vessel <\/td>\n<\/tr>\n | ||||||
| 40<\/td>\n | 6.5.5 Remote software maintenance <\/td>\n<\/tr>\n | ||||||
| 41<\/td>\n | 6.6 Secure software lifecycle management 7 Redundancy requirements 7.1 General requirements 7.1.1 General 7.1.2 Interface redundancy Figure 3 \u2013 Example of redundancy <\/td>\n<\/tr>\n | ||||||
| 42<\/td>\n | 7.1.3 Device redundancy 7.2 460-Node requirements 7.3 460-Switch requirements 7.4 460-Forwarder requirements 7.5 460-Gateway and 460-Wireless gateway requirements <\/td>\n<\/tr>\n | ||||||
| 43<\/td>\n | 7.6 Network monitoring function requirements 7.7 System design requirements 8 Network monitoring requirements 8.1 Network status monitoring 8.1.1 460-Network 8.1.2 460-Node 8.1.3 460-Switch <\/td>\n<\/tr>\n | ||||||
| 44<\/td>\n | 8.1.4 460-Forwarder 8.2 Network monitoring function 8.2.1 General <\/td>\n<\/tr>\n | ||||||
| 45<\/td>\n | 8.2.2 Network load monitoring function Figure 4 \u2013 Example of network status recording information <\/td>\n<\/tr>\n | ||||||
| 46<\/td>\n | 8.2.3 Redundancy monitoring function <\/td>\n<\/tr>\n | ||||||
| 47<\/td>\n | 8.2.4 Network topology monitoring function <\/td>\n<\/tr>\n | ||||||
| 49<\/td>\n | 8.2.5 Syslog recording function <\/td>\n<\/tr>\n | ||||||
| 50<\/td>\n | 8.2.6 Redundancy of network monitoring function 8.2.7 Alert management Table 2 \u2013 Summary of alert of network monitoring <\/td>\n<\/tr>\n | ||||||
| 51<\/td>\n | 9 Controlled network requirements <\/td>\n<\/tr>\n | ||||||
| 52<\/td>\n | 10 Methods of testing and required test results 10.1 Subject of tests 10.2 Test site <\/td>\n<\/tr>\n | ||||||
| 53<\/td>\n | 10.3 General requirements 10.4 450-Node 10.5 460-Node 10.5.1 Network traffic management <\/td>\n<\/tr>\n | ||||||
| 54<\/td>\n | 10.5.2 Security <\/td>\n<\/tr>\n | ||||||
| 57<\/td>\n | 10.5.3 Redundancy 10.5.4 Monitoring 10.6 460-Switch 10.6.1 Resource allocation <\/td>\n<\/tr>\n | ||||||
| 58<\/td>\n | 10.6.2 Loop prevention 10.6.3 Security <\/td>\n<\/tr>\n | ||||||
| 61<\/td>\n | 10.6.4 Monitoring <\/td>\n<\/tr>\n | ||||||
| 62<\/td>\n | 10.7 460-Forwarder 10.7.1 Traffic separation 10.7.2 Resource allocation <\/td>\n<\/tr>\n | ||||||
| 63<\/td>\n | 10.7.3 Traffic prioritisation 10.7.4 Security <\/td>\n<\/tr>\n | ||||||
| 64<\/td>\n | 10.7.5 Monitoring <\/td>\n<\/tr>\n | ||||||
| 65<\/td>\n | 10.8 460-Gateway 10.8.1 Denial of service behaviour 10.8.2 Access control to configuration setup 10.8.3 Communication security <\/td>\n<\/tr>\n | ||||||
| 66<\/td>\n | 10.8.4 Firewall <\/td>\n<\/tr>\n | ||||||
| 67<\/td>\n | 10.8.5 Application services 10.8.6 Interoperable access to file storage of DMZ <\/td>\n<\/tr>\n | ||||||
| 68<\/td>\n | 10.8.7 Additional security 10.9 460-Wireless gateway 10.9.1 General 10.9.2 Security 10.10 Controlled network <\/td>\n<\/tr>\n | ||||||
| 69<\/td>\n | 10.11 Network monitoring function 10.11.1 General 10.11.2 Network load monitoring function <\/td>\n<\/tr>\n | ||||||
| 70<\/td>\n | 10.11.3 Redundancy monitoring function 10.11.4 Network topology monitoring function <\/td>\n<\/tr>\n | ||||||
| 71<\/td>\n | 10.11.5 Syslog recording function 10.11.6 Alert management <\/td>\n<\/tr>\n | ||||||
| 72<\/td>\n | 10.12 System level 10.12.1 General <\/td>\n<\/tr>\n | ||||||
| 73<\/td>\n | 10.12.2 System management function 10.12.3 System design <\/td>\n<\/tr>\n | ||||||
| 75<\/td>\n | 10.12.4 Network monitoring function 10.12.5 Network load monitoring function 10.12.6 Redundancy monitoring function 10.12.7 Network topology monitoring function <\/td>\n<\/tr>\n | ||||||
| 76<\/td>\n | Annexes Annex A (informative) Communication scenarios between an IEC 61162-460 network and uncontrolled networks A.1 General A.2 Routine off-ship Figure A.1 \u2013 Usage model for communication between a IEC 61162-460network and shore networks <\/td>\n<\/tr>\n | ||||||
| 77<\/td>\n | A.3 Routine on-ship A.4 460-Gateway usage for direct connection with equipment <\/td>\n<\/tr>\n | ||||||
| 78<\/td>\n | Annex B (informative) Summary of redundancy protocols in IEC 62439 (all parts) Table B.1 \u2013 Redundancy protocols and recovery times <\/td>\n<\/tr>\n | ||||||
| 79<\/td>\n | Annex C (informative) Guidance for testing C.1 Methods of test C.2 Observation C.3 Inspection of documented evidence C.4 Measurement <\/td>\n<\/tr>\n | ||||||
| 80<\/td>\n | C.5 Analytical evaluation <\/td>\n<\/tr>\n | ||||||
| 81<\/td>\n | Annex D (informative) Some examples to use this document Figure D.1 \u2013 460-Forwarder used between two networks Figure D.2 \u2013 460-Forwarder used between two networks <\/td>\n<\/tr>\n | ||||||
| 82<\/td>\n | Figure D.3 \u2013 460-Gateway used for e-Navigation services Figure D.4 \u2013 460-Gateway used for remote maintenance <\/td>\n<\/tr>\n | ||||||
| 83<\/td>\n | Figure D.5 \u2013 460-Forwarder used to separate an INS system based on its owncontrolled network from a network of -460 devices <\/td>\n<\/tr>\n | ||||||
| 84<\/td>\n | Figure D.6 \u2013 460-Forwarder used to separate a radar system based on its own controlled network from a network of -460 devices <\/td>\n<\/tr>\n | ||||||
| 85<\/td>\n | Annex E (normative) IEC 61162 interfaces for the network monitoring function Figure E.1 \u2013 Network monitoring function logical interfaces Table E.1 \u2013 Sentences received by the network monitoring function Table E.2 \u2013 Sentences transmitted by the network monitoring function <\/td>\n<\/tr>\n | ||||||
| 86<\/td>\n | Annex F (informative) Distribution of functions around 460-Network Table F.1 \u2013 Distribution of functions around 460-Network <\/td>\n<\/tr>\n | ||||||
| 87<\/td>\n | Table F.2 \u2013 Equipment standards referencing IEC 61162-460 <\/td>\n<\/tr>\n | ||||||
| 88<\/td>\n | Annex G (normative) USB class codes Table G.1 \u2013 USB class codes <\/td>\n<\/tr>\n | ||||||
| 89<\/td>\n | Annex H (informative) Cross reference between IACS UR E26\/E27 and IEC 61162460 Table H.1 \u2013 Cross reference between IACS UR E26\/E27 and IEC 61162-460 <\/td>\n<\/tr>\n | ||||||
| 92<\/td>\n | Bibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":" Maritime navigation and radiocommunication equipment and systems. Digital interfaces – Multiple talkers and multiple listeners. Ethernet interconnection. Safety and security<\/b><\/p>\n |