UPS & Power Integrity
Operational Requirement: Cyber security infrastructure (Firewalls, IDS, Managed Switches) must remain operational during main power transitions. A “Hard Reboot” caused by power loss can corrupt security databases and leave the vessel blind during a recovery.
A maritime UPS is more than a battery backup; it is a Power Conditioner. It protects sensitive OT hardware from the voltage spikes and frequency fluctuations common during heavy weather or large motor starts (e.g., Bow Thrusters).
Critical UPS Specifications
For UR E26/E27 compliance, standard “Off-the-shelf” consumer UPS units are insufficient. The following maritime-grade specs are required:
1. Double-Conversion (Online)
The UPS must constantly convert AC to DC and back to AC. This ensures Zero Transfer Time during a blackout, keeping firewalls from rebooting.
2. Managed SNMP Monitoring
Every UPS must have a network card. If the UPS goes to battery or the battery health fails, it must send an SNMP Trap to the AMS or the Detect Phase logging server.
The Security Infrastructure Load
The ETO must verify that the UPS is not overloaded. A security UPS should only power “Security & Connectivity” assets to maximize runtime.
| Allowed on Security UPS | NOT Allowed |
|---|---|
| Main OT Firewalls & Gateways | Desktop Monitors / Printers |
| Core Managed Switches | Non-Critical PLCs |
| IDS Sensors & Log Servers | Cabin Outlets / Chargers |
Blackout Drill Verification
During a “Dead Ship” drill, the ETO must confirm the Resilience Chain:
- T-0: Main power lost. UPS takes over immediately (Firewall status: ACTIVE).
- T+10s: Emergency Generator starts. UPS switches back to AC charging.
- Verification: Check the Firewall uptime log. If it shows a “Reboot,” the UPS battery or transfer switch has failed.
Next Security Phase
Protect Phase: Summary & Audit Readiness
Protect Phase: Summary & Audit Readiness Phase Objective The Protect Phase is about Hardening. Using the blueprints from Identify, we implement technical barriers, access controls, and physical safeguards to minimize the vessel's attack surface. Core...