Part of the PROTECT Playbook ← Return to Hub

UPS & Power Integrity

Operational Requirement: Cyber security infrastructure (Firewalls, IDS, Managed Switches) must remain operational during main power transitions. A “Hard Reboot” caused by power loss can corrupt security databases and leave the vessel blind during a recovery.

A maritime UPS is more than a battery backup; it is a Power Conditioner. It protects sensitive OT hardware from the voltage spikes and frequency fluctuations common during heavy weather or large motor starts (e.g., Bow Thrusters).

Critical UPS Specifications

For UR E26/E27 compliance, standard “Off-the-shelf” consumer UPS units are insufficient. The following maritime-grade specs are required:

1. Double-Conversion (Online)

The UPS must constantly convert AC to DC and back to AC. This ensures Zero Transfer Time during a blackout, keeping firewalls from rebooting.

2. Managed SNMP Monitoring

Every UPS must have a network card. It must send an SNMP Trap to the AMS if battery health fails, ensuring the ETO is alerted before the next blackout.

>

The Security Infrastructure Load

The ETO must verify that the UPS is not overloaded. A security UPS should only power “Security & Connectivity” assets to maximize runtime.

Allowed on Security UPS NOT Allowed
Main OT Firewalls & Gateways Desktop Monitors / Printers
Core Managed Switches Non-Critical PLCs
IDS Sensors & Log Servers Cabin Outlets / Chargers

Blackout Drill Verification

During a “Dead Ship” drill, the ETO must confirm the Resilience Chain:

  1. T-0: Main power lost. UPS takes over immediately (Firewall status must remain ACTIVE).
  2. T+10s: Emergency Generator starts. UPS switches back to AC charging.
  3. Verification: Check the Firewall uptime log. If it shows a “System Restart,” the UPS battery or transfer switch has failed the test.

Next Section

Protect Phase: Summary & Audit Readiness

Protect Phase: Summary & Audit Readiness Phase Objective The Protect Phase is about Hardening. Using the blueprints from...

Scroll to Top