Identify: Asset Management & Mapping

IACS UR E26 Control 4.1: System Identification & Inventory

The foundation of vessel cyber security. You cannot protect what you cannot see. This playbook provides procedures for discovering OT assets and establishing the criticality matrix required for Class survey.

Phase: Identify (Step 01)
NIST CSF v2.0 Aligned
01
Identify
Asset Library & Protocol Mapping
02
Protect
03
Detect
04
Respond
05
Recover
Inventory Blueprint: Mapping the Cyber-Physical Ship

A compliant Asset Inventory is more than a list of IP addresses. It must define the Logical Connectivity between navigation, propulsion, and administrative systems. This blueprint visualizes how data flows across the vessel’s digital topography.

Vessel Asset Mapping Model

Reference: Tagsia Asset Discovery Standard (IACS UR E26 / NIST Aligned)

PILLAR A

Asset Management

Requirement 4.1.1: Full inventory of hardware, software, and firmware. Categorize systems (I, II, or III).

PILLAR B

Communication Mapping

Document information flows, marine protocols, and critical system interdependencies across the vessel.

PILLAR C

Governance

Finalizing audit readiness. Establishing roles, Management of Change (MoC) policies, and CSDD reports.

Step 01 Deliverables: Inventory Evidence

Complete these artifacts to support segmentation (Protect) and certification (Certify):

  • Master Asset Register: MAC/IP and physical locations.
  • Criticality Assignment: Rank (I, II, III) based on safety.
  • Data Flow Map: Logical visualization of protocols.
Scroll to Top