(www.MaritimeCyprus.com) The International Association of Classification Societies (IACS) has introduced Unified Requirement (UR) E27, which establishes a comprehensive framework for the cyber resilience of on-board systems and equipment. UR E27 applies to newbuild vessels contracted for construction on or after 1 July 2024 and represents a significant step in embedding cyber risk considerations into ship design and equipment certification from the outset.
The primary objective of IACS UR E27 is to ensure that equipment manufacturers and system vendors implement robust technical and organizational controls to safeguard system integrity, availability, and reliability against cyber threats. The requirement focuses on confirming that cyber risks are systematically addressed throughout the lifecycle of on-board systems, rather than being treated as an operational afterthought.
UR E27 covers a broad range of shipboard technologies, including on-board systems and equipment, user–computer system interfaces, and interconnected digital components. It also defines clear expectations for product design, development, testing, and documentation when introducing new devices or systems for shipboard use. In doing so, it promotes secure-by-design and defense-in-depth principles across maritime digital systems.
With the progressive development of cyber resilience requirements, computer-based systems (CBS) are now required to comply with both IACS UR E27 and the IEC 62443 series of standards, which are widely recognized as the benchmark for cybersecurity in industrial automation and control systems. This alignment reinforces consistency between maritime classification requirements and established international cybersecurity best practices.
This document has been developed to support equipment manufacturers and technology providers in understanding the scope, intent, and practical application of UR E27, and to assist them in demonstrating compliance with the applicable cyber resilience requirements during design approval and certification processes.
For more information, you can download the below guidance paper from ABS:
Source: ABS
Read more on Cyber Security requirements and resources, HERE
