Maritime navigation and radiocommunication equipment and systems - Digital interfaces - Part 460: Multiple talkers and multiple listeners - Ethernet interconnection - Safety and security (IEC 61162-460:2018)

This part of IEC 61162 is an add-on to IEC 61162-450 where higher safety and security
standards are needed, for example due to higher exposure to external threats or to improve
network integrity. This document provides requirements and test methods for equipment to be
used in an IEC 61162-460 compliant network as well as requirements for the network itself
and requirements for interconnection from the network to other networks. This document also
contains requirements for a redundant IEC 61162-460 compliant network.
This document does not introduce new application level protocol requirements to those that
are defined in IEC 61162-450.

Navigations- und Funkkommunikationsgeräte und -systeme für die Seeschifffahrt - Digitale Schnittstellen - Teil 460: Mehrere Datensender und mehrere Datenempfänger - Ethernet-Verbund - Funktionale und Informationssicherheit (IEC 61162-460:2018)

Matériels et systèmes de navigation et de radiocommunication maritimes - Interfaces numériques - Partie 460 : Emetteurs multiples et récepteurs multiples - Interconnexion Ethernet - Sûreté et sécurité (IEC 61162-460:2018)

NEW!IEC 61162-460:2018 est disponible sous forme de IEC 61162-460:2018 RLV qui contient la Norme internationale et sa version Redline, illustrant les modifications du contenu technique depuis l'édition précédente.

L'IEC 61162-460:2018 vient s'ajouter à la norme IEC 61162-450 lorsque des normes plus rigoureuses en matière de sûreté et de sécurité sont nécessaires, par exemple en raison d'une exposition plus importante aux menaces externes ou afin de renforcer l'intégrité du réseau. Le présent document spécifie des exigences et des méthodes d'essai pour les matériels à utiliser dans un réseau conforme à l'IEC 61162-460 ainsi que des exigences relatives au réseau proprement dit et des exigences relatives à l'interconnexion du réseau avec d'autres réseaux. Le présent document comprend également des exigences s'appliquant aux réseaux redondants conformes à l'IEC 61162-460. Le présent document n'introduit pas de nouvelles exigences relatives aux protocoles des niveaux d'application par rapport à celles définies dans l'IEC 61162-450. Cette deuxième édition de l'IEC 61162-460 annule et remplace la première édition parue en 2015. Cette édition constitue une révision technique. Cette édition inclut les modifications techniques majeures suivantes par rapport à l'édition précédente:
a) les commutateurs-460 et les redirecteurs-460 sont exigés pour la mise en œuvre de la surveillance du trafic des protocoles Internet de gestion de groupe (IGMP – Internet group management protocol);
b) le raccordement entre des zones protégées et des zones non protégées exige un redirecteur-460 en tant qu'élément isolant;
c) ajout de la détection de collision par ID de fonction du système (SFI – system function ID) comme fonction de surveillance du réseau;
d) la consignation de la passerelle-460 et de la passerelle sans fil-460 à la surveillance du réseau n'est plus exigée;
e) toutes les alertes issues de la surveillance du réseau ont des identificateurs d'alerte normalisés.

Pomorska navigacijska in radiokomunikacijska oprema in sistemi - Digitalni vmesniki - 460. del: Več govorcev in poslušalcev - Povezovanje prek eterneta - Varnost in zaščita (IEC 61162-460:2018)

Ta del standarda IEC 61162 je dodatek k standardu IEC 61162-450 za področja, na katerih so zahtevani strožji standardi varnosti in zaščite, npr. zaradi visoke stopnje izpostavljenosti zunanjim nevarnostnim ali izboljšanja integritete omrežja. Ta dokument določa zahteve in preskusne metode za opremo, ki se uporabi v omrežju, skladnim s standardom IEC 61162-460, ter zahteve za omrežje samo in zahteve za povezovanje zadevnega omrežja z drugimi omrežji. Ta dokument vsebuje tudi zahteve za redundantno omrežje, skladno s standardom EC 61162-460.
Dokument ne uvaja novih zahtev za protokol aplikacijske plasti k zahtevam, opredeljenim v standardu IEC 61162-450.

General Information

Status
Published
Publication Date
06-Sep-2018
Technical Committee
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
22-Aug-2018
Due Date
27-Oct-2018
Completion Date
07-Sep-2018

Relations

Buy Standard

Standard
EN IEC 61162-460:2018 - BARVE
English language
74 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN IEC 61162-460:2018
01-oktober-2018
1DGRPHãþD
SIST EN 61162-460:2016
3RPRUVNDQDYLJDFLMVNDLQUDGLRNRPXQLNDFLMVNDRSUHPDLQVLVWHPL'LJLWDOQL
YPHVQLNLGHO9HþJRYRUFHYLQSRVOXãDOFHY3RYH]RYDQMHSUHNHWHUQHWD
9DUQRVWLQ]DãþLWD ,(&
Maritime navigation and radiocommunication equipment and systems - Digital interfaces
- Part 460: Multiple talkers and multiple listeners - Ethernet interconnection - Safety and
security (IEC 61162-460:2018)
Navigations- und Funkkommunikationsgeräte und -systeme für die Seeschifffahrt -
Digitale Schnittstellen - Teil 460: Mehrere Datensender und mehrere Datenempfänger -
Ethernet-Verbund - Funktionale und Informationssicherheit (IEC 61162-460:2018)
Matériels et systèmes de navigation et de radiocommunication maritimes - Interfaces
numériques - Partie 460 : Emetteurs multiples et récepteurs multiples - Interconnexion
Ethernet - Sûreté et sécurité (IEC 61162-460:2018)
Ta slovenski standard je istoveten z: EN IEC 61162-460:2018
ICS:
35.200 Vmesniška in povezovalna Interface and interconnection
oprema equipment
47.020.70 Navigacijska in krmilna Navigation and control
oprema equipment
SIST EN IEC 61162-460:2018 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST EN IEC 61162-460:2018

---------------------- Page: 2 ----------------------

SIST EN IEC 61162-460:2018


EUROPEAN STANDARD EN IEC 61162-460

NORME EUROPÉENNE

EUROPÄISCHE NORM
August 2018
ICS 47.020.70 Supersedes EN 61162-460:2015
English Version
Maritime navigation and radiocommunication equipment and
systems - Digital interfaces - Part 460: Multiple talkers and
multiple listeners - Ethernet interconnection - Safety and security
(IEC 61162-460:2018)
Matériels et systèmes de navigation et de Navigations- und Funkkommunikationsgeräte und -systeme
radiocommunication maritimes - Interfaces numériques - für die Seeschifffahrt - Digitale Schnittstellen -
Partie 460: Émetteurs multiples et récepteurs multiples - Teil 460: Mehrere Datensender und mehrere
Interconnexion Ethernet - Sûreté et sécurité Datenempfänger - Ethernet-Verbund - Funktionale und
(IEC 61162-460:2018) Informationssicherheit
(IEC 61162-460:2018)
This European Standard was approved by CENELEC on 2018-06-08. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,
Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden,
Switzerland, Turkey and the United Kingdom.


European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2018 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
 Ref. No. EN IEC 61162-460:2018 E

---------------------- Page: 3 ----------------------

SIST EN IEC 61162-460:2018
EN IEC 61162-460:2018
European foreword
The text of document 80/879/FDIS, future edition 2 of IEC 61162-460, prepared by
IEC/TC 80 "Maritime navigation and radiocommunication equipment and systems" was submitted to
the IEC-CENELEC parallel vote and approved by CENELEC as EN IEC 61162-460:2018.

The following dates are fixed:
(dop) 2019-03-08
• latest date by which the document has to be
implemented at national level by
publication of an identical national
standard or by endorsement
• latest date by which the national (dow) 2021-06-08
standards conflicting with the
document have to be withdrawn

This document supersedes EN 61162-460:2015.

Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.

Endorsement notice
The text of the International Standard IEC 61162-460:2018 was approved by CENELEC as a
European Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standards indicated:

IEC 60812 NOTE Harmonized as EN 60812.
IEC 61162 Series NOTE Harmonized as EN 61162 Series.
IEC 61162-1 NOTE Harmonized as EN 61162-1.
IEC 61162-2 NOTE Harmonized as EN 61162-2.
IEC 62388 NOTE Harmonized as EN 62388.
IEC 62439 Series NOTE Harmonized as EN 62439 Series.
IEC 62439-1 NOTE Harmonized as EN 62439-1.
IEC 62439-2 NOTE Harmonized as EN 62439-2.
IEC 62439-3 NOTE Harmonized as EN 62439-3.
IEC 62439-4 NOTE Harmonized as EN 62439-4.
IEC 62439-5 NOTE Harmonized as EN 62439-5.
IEC 62439-6 NOTE Harmonized as EN 62439-6.
IEC 62940 NOTE Harmonized as EN 62940.
1
ISO 9241-12 NOTE Harmonized as EN ISO 9241-12 .

1
Superseded by EN ISO 9241-112 (ISO 9241-112) and EN ISO 9241-125 (ISO 9241-125).
2

---------------------- Page: 4 ----------------------

SIST EN IEC 61162-460:2018
EN IEC 61162-460:2018
Annex ZA
(normative)

Normative references to international publications
with their corresponding European publications

The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.

NOTE 1  Where an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.

NOTE 2  Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
www.cenelec.eu.

Publication Year Title EN/HD Year

IEC 60945 -  Maritime navigation and EN 60945 -
radiocommunication equipment and
systems - General requirements - Methods
of testing and required test results
Maritime navigation and
IEC 61162-450 2018 EN IEC 61162-450 2018
radiocommunication equipment and
systems - Digital interfaces -
Part 450: Multiple talkers and multiple
listeners - Ethernet interconnection
IEC 61924-2 2012 Maritime navigation and EN 61924-2 2013
radiocommunication equipment and
systems - Integrated navigation systems -
Part 2: Modular structure for INS -
Operational and performance
requirements, methods of testing and
required test results
IEC 62288 2014 Maritime navigation and EN 62288 2014
radiocommunication equipment and
systems - Presentation of navigation-
related information on shipborne
navigational displays - General
requirements, methods of testing and
required test results
IEEE 802.1D 2004 IEEE Standard for local and metropolitan - -
area networks - Media Access Control
(MAC) Bridges
IEEE 802.1Q -  IEEE Standard for Local and metropolitan - -
area networks - Media Access Control
(MAC) Bridges and Virtual Bridges
IETF RFC 792 1981 Internet Control Message Protocol (ICMP) - -
IETF RFC 1112 1989 Host Extensions for IP Multicasting - -
(SNMP)
IETF RFC 1157 1990 Simple Network Management Protocol - -
(SNMP)
Remote Network Monitoring Management
IETF RFC 2021 1997 - -
Information Base
3

---------------------- Page: 5 ----------------------

SIST EN IEC 61162-460:2018
EN IEC 61162-460:2018
Publication Year Title EN/HD Year

IETF RFC 2236 1997 Internet Group Management Protocol, - -
Version 2
IETF RFC 2819 2000 Remote Network Monitoring Management - -
Information Base
IETF RFC 3411 2002 An Architecture for Describing Simple - -
Network Management Protocol (SNMP)
Management Frameworks
IETF RFC 3577 2003 Introduction to the RMON family of MIB - -
modules
IETF RFC 4604 2006 Using Internet Group Management - -
Protocol Version 3 (IGMPv3) and Multicast
Listener Discovery Protocol Version 2
(MLDv2) for Source-Specific Multicast
IETF RFC 5424 2009 The Syslog Protocol - -

4

---------------------- Page: 6 ----------------------

SIST EN IEC 61162-460:2018




IEC 61162-460

®


Edition 2.0 2018-05




INTERNATIONAL



STANDARD




NORME



INTERNATIONALE
colour

inside










Maritime navigation and radiocommunication equipmentand systems – Digital

interfaces –

Part 460: Multiple talkers and multiple listeners – Ethernet interconnection –


Safety and security



Matériels et systèmes de navigation et de radiocommunication maritimes –


Interfaces numériques –

Partie 460: Émetteurs multiples et récepteurs multiples – Interconnexion

Ethernet – Sûreté et sécurité










INTERNATIONAL

ELECTROTECHNICAL

COMMISSION


COMMISSION

ELECTROTECHNIQUE


INTERNATIONALE




ICS 47.020.70 ISBN 978-2-8322-5522-3



Warning! Make sure that you obtained this publication from an authorized distributor.

Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.

® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale

---------------------- Page: 7 ----------------------

SIST EN IEC 61162-460:2018
– 2 – IEC 61162-460:2018 © IEC 2018
CONTENTS
FOREWORD . 6
1 Scope . 8
2 Normative references . 8
3 Terms and definitions . 9
4 High-level requirements . 15
4.1 Overview. 15
4.2 Description . 15
4.3 General requirements . 16
4.3.1 Equipment and system requirements . 16
4.3.2 Physical composition requirements . 16
4.3.3 Logical composition requirements . 17
4.4 Physical component requirements . 17
4.4.1 450-Node. 17
4.4.2 460-Node. 17
4.4.3 460-Switch . 18
4.4.4 460-Forwarder . 18
4.4.5 460-Gateway and 460-Wireless gateway . 18
4.5 Logical component requirements . 18
4.5.1 Network monitoring function . 18
4.5.2 System management function . 18
4.6 System documentation requirements . 19
4.7 Secure area requirements . 19
5 Network traffic management requirements . 19
5.1 460-Node requirements. 19
5.2 460-Switch requirements. 20
5.2.1 Resource allocation . 20
5.2.2 Loop prevention . 20
5.3 460-Forwarder requirements . 20
5.3.1 Traffic separation . 20
5.3.2 Resource allocation . 21
5.3.3 Traffic prioritization . 21
5.4 System design requirements . 22
5.4.1 Documentation . 22
5.4.2 Traffic . 22
5.4.3 Connections between secure and non-secure areas . 22
6 Security requirements . 23
6.1 Security scenarios . 23
6.1.1 Threat scenarios . 23
6.1.2 Internal threats . 23
6.1.3 External threats . 23
6.2 Internal security requirements . 24
6.2.1 General . 24
6.2.2 Denial of service protection . 24
6.2.3 REDS security . 24
6.2.4 Access control . 25
6.3 External security requirements . 26

---------------------- Page: 8 ----------------------

SIST EN IEC 61162-460:2018
IEC 61162-460:2018 © IEC 2018 – 3 –
6.3.1 Overview . 26
6.3.2 Firewalls . 26
6.3.3 Direct communication . 26
6.3.4 460-Node. 27
6.3.5 460-Gateway . 27
6.3.6 460-Wireless gateway. 28
6.4 Additional security issues . 29
7 Redundancy requirements . 29
7.1 General requirements . 29
7.1.1 General . 29
7.1.2 Interface redundancy . 30
7.1.3 Device redundancy . 30
7.2 460-Node requirements. 30
7.3 460-Switch requirements. 31
7.4 460-Forwarder requirements . 31
7.5 460-Gateway and 460-Wireless gateway requirements . 31
7.6 Network monitoring function requirements . 31
7.7 System design requirements . 31
8 Network monitoring requirements . 31
8.1 Network status monitoring . 31
8.1.1 460-Network . 31
8.1.2 460-Node. 31
8.1.3 460-Switch . 32
8.1.4 460-Forwarder . 32
8.2 Network monitoring function . 32
8.2.1 General . 32
8.2.2 Network load monitoring function . 33
8.2.3 Redundancy monitoring function . 34
8.2.4 Network topology monitoring function . 34
8.2.5 Syslog recording function . 35
8.2.6 Redundancy of network monitoring function . 36
8.2.7 Alert management . 36
9 Controlled network requirements . 37
10 Methods of testing and required test results . 38
10.1 Subject of tests . 38
10.2 Test site . 38
10.3 General requirements . 38
10.4 450-Node . 39
10.5 460-Node . 39
10.5.1 Network traffic management . 39
10.5.2 Security . 40
10.5.3 Redundancy . 41
10.5.4 Monitoring . 42
10.6 460-Switch . 42
10.6.1 Resource allocation . 42
10.6.2 Loop prevention . 42
10.6.3 Security . 43
10.6.4 Monitoring . 44

---------------------- Page: 9 ----------------------

SIST EN IEC 61162-460:2018
– 4 – IEC 61162-460:2018 © IEC 2018
10.7 460-Forwarder . 44
10.7.1 Traffic separation . 44
10.7.2 Resource allocation . 45
10.7.3 Traffic prioritisation . 45
10.7.4 Security . 46
10.7.5 Monitoring . 47
10.8 460-Gateway . 47
10.8.1 Denial of service behaviour. 47
10.8.2 Access control to configuration setup. 47
10.8.3 Communication security . 47
10.8.4 Firewall . 48
10.8.5 Application server . 49
10.8.6 Interoperable access to file storage of DMZ . 49
10.8.7 Additional security . 49
10.9 460-Wireless gateway . 49
10.9.1 General . 49
10.9.2 Security . 49
10.10 Controlled network . 50
10.11 Network monitoring function . 50
10.11.1 General . 50
10.11.2 Network load monitoring function . 51
10.11.3 Redundancy monitoring function . 51
10.11.4 Network topology monitoring function . 51
10.11.5 Syslog recording function . 52
10.11.6 Alert management . 52
10.12 System level . 53
10.12.1 General . 53
10.12.2 System management function . 54
10.12.3 System design . 54
10.12.4 Network monitoring function . 56
10.12.5 Network load monitoring function . 56
10.12.6 Redundancy monitoring function . 56
10.12.7 Network topology monitoring function . 56
Annex A (informative) Communication scenarios between an IEC 61162-460 network
and uncontrolled networks . 57
A.1 General . 57
A.2 Routine off-ship . 57
A.3 Routine on-ship. 58
A.4 460-Gateway usage for direct connection with equipment . 58
Annex B (informative) Summary of redundancy protocols in IEC 62439 (all parts) . 59
Annex C (informative) Guidance for testing . 60
C.1 Methods of test . 60
C.2 Observation . 60
C.3 Inspection of documented evidence . 60
C.4 Measurement . 60
C.5 Analytical evaluation . 61
Annex D (informative) Some examples to use this document . 62
Annex E (normative) IEC 61162 interfaces for the network monitoring function . 66

---------------------- Page: 10 ----------------------

SIST EN IEC 61162-460:2018
IEC 61162-460:2018 © IEC 2018 – 5 –
Annex F (informative) Distribution of functions around 460-Network . 67
Bibliography . 69

Figure 1 – Functional overview of IEC 61162-460 requirement applications . 16
Figure 2 – 460-Network with 460-Gateway . 26
Figure 3 –Example of redundancy . 30
Figure 4 – Example of network status recording information . 33
Figure A.1 – Usage model for communication between a IEC 61162-460 network and
shore networks . 57
Figure D.1 – 460-Forwarder used between two networks . 62
Figure D.2 – 460-Forwarder used between two networks . 62
Figure D.3 – 460-Gateway used for e-Navigation services . 63
Figure D.4 – 460-Gateway used for remote maintenance . 63
Figure D.5 – 460-Forwarder used to separate an INS system based on its own
controlled network from a network of -460 devices . 64
Figure D.6 – 460-Forwarder used to separate a radar system based on its own
controlled network from a network of -460 devices . 65
Figure E.1 – Network monitoring function logical interfaces . 66

Table 1 – Traffic prioritization with CoS and DSCP . 21
Table 2 – Summary of alert of network monitoring . 36
Table B.1 – Redundancy protocols and recovery times . 59
Table E.1 – Sentences received by the network monitoring function . 66
Table E.2 – Sentences transmitted by the network monitoring function .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.