Part of the PROTECT Playbook ← Return to Hub

Supply Chain & Vendor Security

Regulatory Context: IACS UR E27 (Section 4.5) mandates the management of third-party risks. This includes verifying the integrity of hardware/software delivered to the ship and controlling the tools used by service engineers during onboard visits.

Modern vessels are ecosystems of components from dozens of different manufacturers (OEMs). Each vendor is a potential “backdoor” into your ship. Supply chain security ensures that every piece of software, firmware, or hardware brought onto the gangway is verified before it touches a critical system.

The “Dirty Laptop” Problem

The most common way malware enters a “gapped” OT network is through a service engineer’s toolset. Technicians travel from ship to ship, often connecting their laptops to multiple uncontrolled networks. This creates a “cross-contamination” risk where a virus picked up on a bulk carrier in Asia can be transferred to a tanker in Europe via the technician’s Ethernet cable or USB drive.

Uncontrolled Access

Service engineers often carry laptops that have been connected to multiple ship networks globally. If one of those ships was infected, the laptop acts as a carrier for malware.

Shadow Software

Vendors may install “temporary” remote access tools (like TeamViewer) for convenience during sea trials and forget to remove them, leaving a permanent hole in the firewall.

The Vendor Engagement Protocol

To comply with E27, the Master and ETO must enforce a “Zero Trust” policy for all visiting technicians:

Stage Requirement Enforcement Action
Pre-Arrival Verification of OEM Cyber-Security Status. Request a “Cleanliness Certificate” for service tools.
Onboarding Physical Inspection & Scanning. Scan all vendor USB drives via the “USB Kiosk” (Pillar C).
Active Service Supervised Network Connection. Only allow connection to “Service VLAN”—never Main Bus.
Post-Service Sanitization & Audit. Revoke accounts and verify no new services were left running.
ETO Service Engineer Checklist
No Direct Connections

If possible, provide a “Vessel Laptop” for the vendor to use. If they must use their own, connect them through a Jump Server (Pillar B) to log all actions.

Software Inventory Check

Check the Software Bill of Materials (SBOM). Ensure the vendor is not installing components with known critical vulnerabilities (CVEs).

Pro Tip: The “Witness” Rule. IACS E26 suggests that critical software changes should be witnessed. The ETO should not just hand over the keys; they should watch the process to ensure no “any-to-any” rules are added to the firewall for “temporary testing” and forgotten.

Compliance Documentation Previews

Standardized templates and technical logs. View watermarked previews below; premium SOPs and fillable forms require the Pro Bundle.

Implementation tools for IACS UR E27 §4.5. Use these assets to verify third-party toolsets and enforce the “Zero Trust” gangway policy.

TAG-OT-SEP-02
Service Entry Permit
View Form
TAG-OT-VND-02
OEM Pre-Arrival Letter
Unlock with Pro Bundle
TAG-OT-XLS-03
Sanitization Checklist
Unlock with Pro Bundle
TAG-OT-SOP-03
Media Sanitization SOP
Unlock with Pro Bundle

Compliance: Media Scanning (E27)

IACS UR E27 Requirement: All external media must be scanned before connection to the System Under Consideration (SuC). Use the Media Sanitization SOP included in this kit to ensure your crew follows a consistent, auditable process for verifying OEM hardware.

Unlock Full Compliance & Intelligence

Upgrade to the TAGSIA Pro Bundle to get all 40+ fillable documents, editable SOPs, and unlimited access to our real-time Threat Intel feed, CVE Library, and Vendor Advisories.

Upgrade to Pro Bundle
Includes Unlimited Intel Search
Instant access to IACS E26/E27 Templates

Next Section

Configuration Backups & Golden Images

Configuration Backups & Golden Images Regulatory Context: IACS UR E27 (Section 4.6) mandates the creation and secure sto...

Login
Login
Scroll to Top