IEC 61162-460:2015

IEC 61162-460


®


Edition 1.0 2015-08



INTERNATIONAL



STANDARD




colour
inside


Maritime navigation and radiocommunication equipment and systems – Digital
interfaces –
Part 460: Multiple talkers and multiple listeners – Ethernet interconnection –
Safety and security

IEC 61162-460:2015-08(en)

---------------------- Page: 1 ----------------------
THIS PUBLICATION IS COPYRIGHT PROTECTED


Copyright © 2015 IEC, Geneva, Switzerland


All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form

or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from

either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or

your local IEC member National Committee for further information.



IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé Fax: +41 22 919 03 00

CH-1211 Geneva 20 info@iec.ch

Switzerland www.iec.ch

About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.

IEC Catalogue - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
The stand-alone application for consulting the entire The world's leading online dictionary of electronic and
bibliographical information on IEC International Standards, electrical terms containing more than 30 000 terms and
Technical Specifications, Technical Reports and other definitions in English and French, with equivalent terms in 15
documents. Available for PC, Mac OS, Android Tablets and additional languages. Also known as the International
iPad. Electrotechnical Vocabulary (IEV) online.

IEC publications search - www.iec.ch/searchpub IEC Glossary - std.iec.ch/glossary
The advanced search enables to find IEC publications by a More than 60 000 electrotechnical terminology entries in
variety of criteria (reference number, text, technical English and French extracted from the Terms and Definitions
committee,…). It also gives information on projects, replaced clause of IEC publications issued since 2002. Some entries
and withdrawn publications. have been collected from earlier publications of IEC TC 37,

77, 86 and CISPR.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Customer Service Centre - webstore.iec.ch/csc
details all new publications released. Available online and If you wish to give us your feedback on this publication or
also once a month by email. need further assistance, please contact the Customer Service
Centre: csc@iec.ch.

---------------------- Page: 2 ----------------------
IEC 61162-460



®



Edition 1.0 2015-08







INTERNATIONAL





STANDARD












colour

inside










Maritime navigation and radiocommunication equipment and systems – Digital

interfaces –

Part 460: Multiple talkers and multiple listeners – Ethernet interconnection –


Safety and security
























INTERNATIONAL

ELECTROTECHNICAL


COMMISSION





ICS 47.020.70 ISBN 978-2-8322-2850-0



  Warning! Make sure that you obtained this publication from an authorized distributor.


® Registered trademark of the International Electrotechnical Commission

---------------------- Page: 3 ----------------------
– 2 – IEC 61162-460:2015 © IEC 2015


CONTENTS


FOREWORD . 6

1 Scope . 8


2 Normative references. 8

3 Terms and definitions . 9

4 High-level requirements . 13

4.1 Overview. 13

4.2 Description. 14

4.3 General requirements . 14
4.3.1 Equipment and system requirements . 14
4.3.2 Physical composition requirements . 15
4.3.3 Logical composition requirements . 15
4.4 Physical component requirements . 15
4.4.1 450-Node . 15
4.4.2 460-Node . 15
4.4.3 460-Switch . 16
4.4.4 460-Forwarder . 16
4.4.5 460-Gateway and 460-Wireless gateway . 16
4.5 Logical component requirements . 16
4.5.1 Network monitoring function . 16
4.5.2 System management function . 16
4.6 System documentation requirements . 17
4.7 Secure area requirements . 17
5 Network traffic management requirements . 17
5.1 460-Node requirements . 17
5.2 460-Switch requirements . 18
5.2.1 Resource allocation . 18
5.2.2 Loop prevention . 18
5.3 460-Forwarder requirements. 18
5.3.1 Traffic separation . 18
5.3.2 Resource allocation . 18
5.3.3 Traffic prioritization . 19
5.4 System design requirements . 20
5.4.1 Documentation . 20

5.4.2 Traffic . 20
6 Security requirements . 20
6.1 Security scenarios . 20
6.1.1 Threat scenarios . 20
6.1.2 Internal threats. 20
6.1.3 External threats . 21
6.2 Internal security requirements . 21
6.2.1 General . 21
6.2.2 Denial of service protection . 21
6.2.3 REDS security . 22
6.2.4 Access control . 22
6.3 External security requirements . 23
6.3.1 Overview . 23

---------------------- Page: 4 ----------------------
IEC 61162-460:2015 © IEC 2015 – 3 –


6.3.2 Firewalls . 24

6.3.3 Communication security . 24

6.3.4 460-Node . 24

6.3.5 460-Gateway . 25

6.3.6 460-Wireless gateway . 26

6.4 Additional security issues . 26

7 Redundancy requirements . 26

7.1 General requirements . 26

7.1.1 General . 26


7.1.2 Interface redundancy . 27
7.1.3 Device redundancy . 27
7.2 460-Node requirements . 27
7.3 460-Switch requirements . 28
7.4 460-Forwarder requirements. 28
7.5 460-Gateway and 460-Wireless gateway requirements . 28
7.6 Network monitoring function requirements . 28
7.7 System design requirements . 28
8 Network monitoring requirements . 28
8.1 Network status monitoring . 28
8.1.1 460-Network . 28
8.1.2 460-Node . 28
8.1.3 460-Switch . 29
8.1.4 460-Forwarder . 29
8.1.5 460-Gateway and 460-Wireless gateway . 29
8.2 Network monitoring function . 29
8.2.1 General . 29
8.2.2 Network load monitoring function . 30
8.2.3 Redundancy monitoring function . 31
8.2.4 Network topology monitoring function . 31
8.2.5 Syslog recording function . 31
8.2.6 Redundancy of network monitoring function . 32
8.2.7 Alert management . 32
9 Controlled network requirements . 32
10 Methods of testing and required test results . 33
10.1 Subject of tests . 33
10.2 Test site . 33
10.3 General requirements . 34
10.4 450-Node . 34
10.5 460-Node . 34
10.5.1 Network traffic management . 34
10.5.2 Security . 35
10.5.3 Redundancy . 37
10.5.4 Monitoring . 37
10.6 460-Switch . 37
10.6.1 Resource allocation . 37
10.6.2 Loop prevention . 37
10.6.3 Security . 38
10.6.4 Monitoring . 39

---------------------- Page: 5 ----------------------
– 4 – IEC 61162-460:2015 © IEC 2015


10.7 460-Forwarder . 39

10.7.1 Traffic separation . 39

10.7.2 Resource allocation . 39

10.7.3 Traffic prioritisation . 40

10.7.4 Security . 40

10.7.5 Monitoring . 41

10.8 460-Gateway . 42

10.8.1 Denial of service behaviour . 42

10.8.2 Access control to configuration setup . 42

10.8.3 Communication security . 42

10.8.4 Firewall . 42
10.8.5 Application server . 43
10.8.6 Interoperable access to file storage of DMZ . 43
10.8.7 Additional security . 44
10.8.8 Monitoring . 44
10.9 460-Wireless gateway . 44
10.9.1 General . 44
10.9.2 Security . 44
10.9.3 Monitoring . 45
10.10 Controlled network . 45
10.11 Network monitoring function . 45
10.11.1 General . 45
10.11.2 Network load monitoring function . 46
10.11.3 Redundancy monitoring function . 46
10.11.4 Network topology monitoring function . 46
10.11.5 Syslog recording function . 47
10.11.6 Alert management . 47
10.12 System level . 48
10.12.1 General . 48
10.12.2 System management function . 49
10.12.3 System design . 49
10.12.4 Network monitoring function . 51
10.12.5 Network load monitoring function . 51
10.12.6 Redundancy monitoring function . 51
10.12.7 Network topology monitoring function . 51

Annex A (informative) Communication scenarios between an IEC 61162-460 network
and uncontrolled networks . 52
A.1 General . 52
A.2 Routine off-ship . 52
A.3 Routine on-ship . 53
A.4 460-Gateway usage for direct connection with equipment . 53
Annex B (informative) Summary of redundancy protocols in the IEC 62439 series . 54
B.1 Summary of redundancy protocols . 54
B.2 RSTP recovery time . 54
Annex C (informative) Guidance for testing. 56
C.1 Methods of test . 56
C.2 Observation . 56
C.3 Inspection of documented evidence . 56
C.4 Measurement . 56

---------------------- Page: 6 ----------------------
IEC 61162-460:2015 © IEC 2015 – 5 –


C.5 Analytical evaluation . 57

Annex D (informative) Some examples to use this standard . 58


Annex E (normative) IEC 61162 interfaces for the network monitoring function . 60

Bibliography . 61



Figure 1 – Functional overview of IEC 61162-460 requirement applications . 14


Figure 2 – 460-Network with 460-Gateway . 23

Figure 3 – An example of redundancy . 27

Figure 4 – Example of network status recording information . 30

Figure A.1 – Usage model for communication between a IEC 61162-450 network and
shore networks . 52
Figure D.1 – 460-Forwarder used between two networks . 58
Figure D.2 – 460-Forwarder used between two networks . 58
Figure D.3 – 460-Gateway used for e-Navigation services . 59
Figure D.4 – 460-Gateway used for remote maintenance . 59
Figure E.1 – Network monitoring function logical interfaces. 60

Table 1 – Traffic prioritization with CoS and DSCP . 19
Table B.1 – Redundancy protocols and recovery times . 54
Table E.1 – Sentences received by the network monitoring function . 60
Table E.2 – Sentences transmitted by the network monitoring function . 60

---------------------- Page: 7 ----------------------
– 6 – IEC 61162-460:2015 © IEC 2015



INTERNATIONAL ELECTROTECHNICAL COMMISSION

____________




MARITIME NAVIGATION AND RADIOCOMMUNICATION

EQUIPMENT AND SYSTEMS – DIGITAL INTERFACES –



Part 460: Multiple talkers and multiple listeners –

Ethernet interconnection – Safety and security


FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.

9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 61162-460 has been prepared by IEC technical committee 80:
Maritime navigation and radiocommunication equipment and systems.
The text of this standard is based on the following documents:
FDIS Report on voting
80/764/FDIS 80/769/RVD

Full information on the voting for the approval of this standard can be found in the report on
voting indicated in the above table.
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.

---------------------- Page: 8 ----------------------
IEC 61162-460:2015 © IEC 2015 – 7 –


This International Standard is to be used in conjunction with IEC 61162-450:2011.


A list of all parts in the IEC 61162 series, published under the general title Maritime

navigation and radiocommunication equipment and systems – Digital interfaces, can be found

on the IEC website.


The committee has decided that the contents of this publication will remain unchanged until

the stability date indicated on the IEC web site under "http://webstore.iec.ch" in the data

related to the specific publication. At this date, the publication will be


• reconfirmed,

• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this publication may be issued at a later date.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.

---------------------- Page: 9 ----------------------
– 8 – IEC 61162-460:2015 © IEC 2015


MARITIME NAVIGATION AND RADIOCOMMUNICATION

EQUIPMENT AND SYSTEMS – DIGITAL INTERFACES –



Part 460: Multiple talkers and multiple listeners –

Ethernet interconnection – Safety and security








1 Scope

This part of IEC 61162 is an add-on to the IEC 61162-450 standard where higher safety and
security standards are needed, e.g. due to higher exposure to external threats or to improve
network integrity. This standard provides requirements and test methods for equipment to be
used in an IEC 61162-460 compliant network as well as requirements for the network itself
and requirements for interconnection from the network to other networks. This standard also
contains requirements for a redundant IEC 61162-460 compliant network.
This standard extends the informative guidance given in Annex D of IEC 61162-450:2011. It
does not introduce new application level protocol requirements to those that are defined in
IEC 61162-450.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and
are indispensable for its application. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any
amendments) applies.
IEC 60945, Maritime navigation and radiocommunication equi
...