Configuration Backups & Golden Images
Regulatory Context: IACS UR E27 (Section 4.6) mandates the creation and secure storage of backups for all critical systems. This module focuses on the “Golden Image” strategy, ensuring that Category II and III systems can be restored to a “Known-Good” state without internet access.
In the middle of the ocean, a system crash or a ransomware infection can be a life-safety issue. You cannot wait for a technician to fly out with a recovery disk. A Golden Image is a complete “snapshot” of a system—OS, drivers, and OT applications—that allows an ETO to rebuild a workstation in less than 30 minutes.
The 3-2-1 Maritime Backup Rule
Standard IT backup rules must be adapted for the high-vibration and disconnected environment of a ship:
3 Copies
Original data + Local backup + Offline vault.
2 Media Types
SSD/NAS and an Optical Disc or encrypted Tape.
1 Off-Ship
A copy kept at the Home Office (updated annually).
What Needs to be Backed Up?
ETOs often prioritize the AMS server but forget the “glue” that holds the network together:
| Asset Type | Backup Method | Frequency |
|---|---|---|
| HMI/Workstations | Full “Golden Image” (Full Disk) | After every major OS/Patch update. |
| PLC/Controllers | Logic & Project Files (.bin, .pro) | Whenever code logic is modified. |
| Switches & Firewalls | Running Configuration (.conf) | After every VLAN or ACL change. |
Next Security Phase
Data Diodes & Unidirectional Flows
Data Diodes & Unidirectional Flows Regulatory Context: IACS UR E26 (Section 4.2.3) emphasizes the need for high-integrity protection for mission-critical zones. Data diodes provide a hardware-enforced "unidirectional flow," ensuring that data can exi...