New ASTM standard aims to reduce maritime cyber-risk

The following is text of a news release from ASTM International (American Society for Testing and Materials):

(WEST CONSHOHOCKEN, Pa.) — A new standard from ASTM International’s ships and marine technology committee (F25) is designed to assist and support the maritime industry in addressing cyber-risks by leveraging existing safety management systems (SMS).

The new standard (soon to be published as F3449) would include guidelines to improve cyber safety, address vulnerability, recommend and outline training, and raise knowledge and awareness of cyberthreats by leveraging documented, auditable SMS mechanisms. Most maritime operating companies have SMS as required by the International Maritime Organization's (IMO) International Safety Management (ISM) Code, and more recently Subchapter M in Title 46 Code of Federal Regulations (CFR) for the tug and barge industry.

“The intention of this guide is to use mandatory or voluntary safety management systems already in place to identify and proactively address cybersecurity issues that are a critical and ever-increasing safety concern in maritime operations,” said ASTM International member Todd Ripley, who serves in the Office of Safety at the U.S. Maritime Administration (MarAd).

According to Ripley, “this guide is intended to service the entire maritime community but will be most beneficial to resource-constrained organizations that may not have significant infrastructure or resources, or both, to secure comprehensive cybersecurity services and solutions.”

To purchase standards, contact ASTM International customer relations (1-877-909-ASTM;

By Professional Mariner Staff