BS EN IEC 61162-460:2018
$215.11
Maritime navigation and radiocommunication equipment and systems. Digital interfaces – Multiple talkers and multiple listeners. Ethernet interconnection. Safety and security
| Published By | Publication Date | Number of Pages |
| BSI | 2018 | 76 |
This part of IEC 61162 is an add-on to IEC 61162‑450 where higher safety and security standards are needed, for example due to higher exposure to external threats or to improve network integrity. This document provides requirements and test methods for equipment to be used in an IEC 61162‑460 compliant network as well as requirements for the network itself and requirements for interconnection from the network to other networks. This document also contains requirements for a redundant IEC 61162‑460 compliant network.
This document does not introduce new application level protocol requirements to those that are defined in IEC 61162‑450 .
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 2 | undefined |
| 7 | English CONTENTS |
| 11 | FOREWORD |
| 13 | 1 Scope 2 Normative references |
| 14 | 3 Terms and definitions |
| 20 | 4 High-level requirements 4.1 Overview 4.2 Description |
| 21 | 4.3 General requirements 4.3.1 Equipment and system requirements 4.3.2 Physical composition requirements Figures Figure 1 – Functional overview of IEC 61162-460 requirement applications |
| 22 | 4.3.3 Logical composition requirements 4.4 Physical component requirements 4.4.1 450-Node 4.4.2 460-Node |
| 23 | 4.4.3 460-Switch 4.4.4 460-Forwarder 4.4.5 460-Gateway and 460-Wireless gateway 4.5 Logical component requirements 4.5.1 Network monitoring function 4.5.2 System management function |
| 24 | 4.6 System documentation requirements 4.7 Secure area requirements 5 Network traffic management requirements 5.1 460-Node requirements |
| 25 | 5.2 460-Switch requirements 5.2.1 Resource allocation 5.2.2 Loop prevention 5.3 460-Forwarder requirements 5.3.1 Traffic separation |
| 26 | 5.3.2 Resource allocation 5.3.3 Traffic prioritization Tables Table 1 – Traffic prioritization with CoS and DSCP |
| 27 | 5.4 System design requirements 5.4.1 Documentation 5.4.2 Traffic 5.4.3 Connections between secure and non-secure areas |
| 28 | 6 Security requirements 6.1 Security scenarios 6.1.1 Threat scenarios 6.1.2 Internal threats 6.1.3 External threats |
| 29 | 6.2 Internal security requirements 6.2.1 General 6.2.2 Denial of service protection 6.2.3 REDS security |
| 30 | 6.2.4 Access control |
| 31 | 6.3 External security requirements 6.3.1 Overview 6.3.2 Firewalls 6.3.3 Direct communication Figure 2 – 460-Network with 460-Gateway |
| 32 | 6.3.4 460-Node 6.3.5 460-Gateway |
| 33 | 6.3.6 460-Wireless gateway |
| 34 | 6.4 Additional security issues 7 Redundancy requirements 7.1 General requirements 7.1.1 General |
| 35 | 7.1.2 Interface redundancy 7.1.3 Device redundancy 7.2 460-Node requirements Figure 3 –Example of redundancy |
| 36 | 7.3 460-Switch requirements 7.4 460-Forwarder requirements 7.5 460-Gateway and 460-Wireless gateway requirements 7.6 Network monitoring function requirements 7.7 System design requirements 8 Network monitoring requirements 8.1 Network status monitoring 8.1.1 460-Network 8.1.2 460-Node |
| 37 | 8.1.3 460-Switch 8.1.4 460-Forwarder 8.2 Network monitoring function 8.2.1 General |
| 38 | 8.2.2 Network load monitoring function Figure 4 – Example of network status recording information |
| 39 | 8.2.3 Redundancy monitoring function 8.2.4 Network topology monitoring function |
| 40 | 8.2.5 Syslog recording function |
| 41 | 8.2.6 Redundancy of network monitoring function 8.2.7 Alert management Table 2 – Summary of alert of network monitoring |
| 42 | 9 Controlled network requirements |
| 43 | 10 Methods of testing and required test results 10.1 Subject of tests 10.2 Test site 10.3 General requirements |
| 44 | 10.4 450-Node 10.5 460-Node 10.5.1 Network traffic management |
| 45 | 10.5.2 Security |
| 46 | 10.5.3 Redundancy |
| 47 | 10.5.4 Monitoring 10.6 460-Switch 10.6.1 Resource allocation 10.6.2 Loop prevention |
| 48 | 10.6.3 Security |
| 49 | 10.6.4 Monitoring 10.7 460-Forwarder 10.7.1 Traffic separation |
| 50 | 10.7.2 Resource allocation 10.7.3 Traffic prioritisation |
| 51 | 10.7.4 Security |
| 52 | 10.7.5 Monitoring 10.8 460-Gateway 10.8.1 Denial of service behaviour 10.8.2 Access control to configuration setup 10.8.3 Communication security |
| 53 | 10.8.4 Firewall |
| 54 | 10.8.5 Application server 10.8.6 Interoperable access to file storage of DMZ 10.8.7 Additional security 10.9 460-Wireless gateway 10.9.1 General 10.9.2 Security |
| 55 | 10.10 Controlled network 10.11 Network monitoring function 10.11.1 General |
| 56 | 10.11.2 Network load monitoring function 10.11.3 Redundancy monitoring function 10.11.4 Network topology monitoring function |
| 57 | 10.11.5 Syslog recording function 10.11.6 Alert management |
| 58 | 10.12 System level 10.12.1 General |
| 59 | 10.12.2 System management function 10.12.3 System design |
| 61 | 10.12.4 Network monitoring function 10.12.5 Network load monitoring function 10.12.6 Redundancy monitoring function 10.12.7 Network topology monitoring function |
| 62 | Annexes Annex A (informative) Communication scenarios between an IEC 61162-460 network and uncontrolled networks A.1 General A.2 Routine off-ship Figure A.1 – Usage model for communication between a IEC 61162-460 network and shore networks |
| 63 | A.3 Routine on-ship A.4 460-Gateway usage for direct connection with equipment |
| 64 | Annex B (informative) Summary of redundancy protocols in IEC 62439 (all parts) Table B.1 – Redundancy protocols and recovery times |
| 65 | Annex C (informative) Guidance for testing C.1 Methods of test C.2 Observation C.3 Inspection of documented evidence C.4 Measurement |
| 66 | C.5 Analytical evaluation |
| 67 | Annex D (informative) Some examples to use this document Figure D.1 – 460-Forwarder used between two networks Figure D.2 – 460-Forwarder used between two networks |
| 68 | Figure D.3 – 460-Gateway used for e-Navigation services Figure D.4 – 460-Gateway used for remote maintenance |
| 69 | Figure D.5 – 460-Forwarder used to separate an INS system based on its own controlled network from a network of -460 devices |
| 70 | Figure D.6 – 460-Forwarder used to separate a radar system based on its own controlled network from a network of -460 devices |
| 71 | Annex E (normative) IEC 61162 interfaces for the network monitoring function Figure E.1 – Network monitoring function logical interfaces Table E.1 – Sentences received by the network monitoring function Table E.2 – Sentences transmitted by the network monitoring function |
| 72 | Annex F (informative) Distribution of functions around 460-Network Table F.1 – Distribution of functions around 460-Network |
| 73 | Table F.2 – Equipment standards referencing IEC 61162-460 |
| 74 | Bibliography |
Related products
-
BS EN IEC 61162-460:2018 – TC:2020 Edition
Tracked Changes. Maritime navigation and radiocommunication equipment and systems. Digital interfaces – Multiple talkers and…
