IDENTIFY - tagsia.com

Identify: Asset Management & Mapping

IACS UR E26 Control 4.1: System Identification & Inventory

The foundation of vessel cyber security. You cannot protect what you cannot see. This playbook provides procedures for discovering OT assets and establishing the criticality matrix required for Class survey.

Phase: Identify (Step 01)

NIST CSF v2.0 Aligned

01
Identify
Asset Library & Protocol Mapping

→

→

→

→

Inventory Blueprint: Mapping the Cyber-Physical Ship

A compliant Asset Inventory is more than a list of IP addresses. It must define the Logical Connectivity between navigation, propulsion, and administrative systems. This blueprint visualizes how data flows across the vessel’s digital topography.

Reference: Tagsia Asset Discovery Standard (IACS UR E26 / NIST Aligned)

PILLAR A

Asset Management

Requirement 4.1.1: Full inventory of hardware, software, and firmware. Categorize systems (I, II, or III).

→ Inventory & Mapping Guide → System Criticality Mapping → Software & Firmware Tracking

PILLAR B

Communication Mapping

Document information flows, marine protocols, and critical system interdependencies across the vessel.

→ Marine Protocol Guides → Traffic Baselining Procedures → System Interdependency Matrix

PILLAR C

Governance

Finalizing audit readiness. Establishing roles, Management of Change (MoC) policies, and CSDD reports.

→ Roles & Change Management → CSDD & Exclusion Assessment → Audit Evidence Templates

Step 01 Deliverables: Inventory Evidence

Complete these artifacts to support segmentation (Protect) and certification (Certify):

Master Asset Register: MAC/IP and physical locations.
Criticality Assignment: Rank (I, II, III) based on safety.
Data Flow Map: Logical visualization of protocols.