Asset Inventory & Mapping Guide
Requirement: IACS UR E26 (§3.1.1) and IEC 62443-2-4 require a documented inventory of all Computer Based Systems (CBS). This module provides the technical methodology for discovering and categorizing these assets.
You cannot protect what you cannot see. In the maritime environment, asset management is the process of identifying every PLC, HMI, Sensor, and Gateway that contributes to the safe operation of the vessel.
1. The Maritime Discovery Framework
Listening to network traffic via SPAN ports to identify assets without sending any data. Safe for all maritime OT systems.
On-deck verification of serial numbers and firmware from nameplates on non-networked equipment.
Safety Warning: Active Scanning
Never perform active vulnerability scans or “NMAP” scans while the vessel is underway. High-frequency pings can cause PLCs to enter a “Fail-Safe” state.
2. Mandatory Data Points for E26
The “Golden” Inventory Row
REQUIRED EVIDENCE| Data Point | Importance |
|---|---|
| System Role / Function | Defines Zone placement. |
| Firmware Version | Vulnerability tracking. |
| MAC / IP Address | Conduit enforcement. |
Inventory Logged?
Step 1 Complete. Now that you have your list of assets, you must determine their importance to the ship’s safety and environment.