Extended Operational and Trade Vocabulary

Maritime Cybersecurity, IACS Cyber Rules, and Incidents glossary (page 2)

Terminology of shipboard cybersecurity under IACS rules: class notations and capability levels such as ABS CyberSafety, access control lists segmenting OT networks, Active Directory footholds in ransomware incidents, AIS spoofing of identity and position, and the cyber-resilience requirements and recorded attacks shaping merchant-fleet and offshore-unit defenses.

288 defined terms.

Showing 38 on this page (page 2 of 2).

U

UNECE WP.29 Cyber: The automotive parallel often cited as a model for IACS UR E26's "type approval plus management system" approach.
Unidirectional Gateway: See Data Diode.
UR-E26: IACS UR on Cyber Resilience of Ships, in force for vessels contracted on or after 1 July 2024.
UR-E27: IACS UR on Cyber Resilience of On-board Systems and Equipment, in force from 1 July 2024.
USB Control: A policy controlling removable media use on bridge and engine workstations, frequently breached and a known infection vector.
USCG (US Coast Guard): The US maritime regulator, source of NVICs 01-20, 09-02 Ch.6, 02-24, and CG-FAC and CG-CVC cyber guidance.
USCG Cyber Strategic Outlook: The 2021 USCG strategy document elevating cyber to a core operational mission.
USCG Final Rule on Cybersecurity in the Marine Transportation System: 33 CFR Part 101 amendments published 17 January 2025 (effective 16 July 2025) setting minimum cyber requirements for US-flag vessels and MTSA facilities.
USCG Maritime Cyber Readiness Branch: The USCG unit issuing cyber bulletins and supporting MTSA facilities.

V

VDR (Voyage Data Recorder): SOLAS V/20 mandated black box per MSC.333(90).
Vendor Remote Access: Connection used by a supplier to support shipboard equipment, typically a high value target.
Vessel General Permit (VGP): A US EPA permit unrelated to cyber but often confused with cyber compliance; included to clarify scope.
Vetting Inspection: Tanker SIRE or CDI inspection on behalf of charterers.
VHF Data Exchange System (VDES): The successor to AIS, introducing IP-based payloads and explicit security provisions in ITU-R M.2092.
Virtual AIS Aids to Navigation: AtoN broadcast by shore stations rather than physically present, a category exploitable for spoofing.
VLAN: Virtual Local Area Network, a logical subdivision of a physical network.
Voice over IP (VoIP): A bridge and accommodation telephony technology that bridges OT and IT in some installations.
VPN: Virtual Private Network providing encrypted tunneling between endpoints.
VSAT (Very Small Aperture Terminal): Maritime broadband satcom.
VSAT Modem Compromise: A class of incident in which web-managed VSAT modems are accessed via default credentials or unpatched firmware.

W

WannaCry (May 2017): The 12 May 2017 ransomworm exploiting EternalBlue (CVE-2017-0144) that affected multiple shipping companies and shipboard ECDIS units running unsupported Windows.
Wartsila NACOS Platinum: Integrated bridge, automation, and power management product line from Wartsila SAM Electronics.
Wartsila WECS (Wartsila Engine Control System): The Wartsila two-stroke engine control system, an OT asset in IACS UR E27 scope.
Watering Hole: Compromise of a website frequented by a target community to deliver malware.
Weather Routing Services: SaaS platforms (StormGeo, DTN, ABS Nautical Systems) whose API tokens, if stolen, can leak fleet operations.
Web Application Firewall (WAF): A shoreside control for shipping company portals and booking systems.
Whaling: Hunting of whales; commercial whaling moratorium adopted by IWC in 1982 (effective 1986).
Wi-Fi Access Point: A crew or business AP, frequently misconfigured and used as initial access vector.
Wireless Bridge: A point-to-point link between ship and terminal, requiring authentication and encryption to avoid eavesdropping.

X

X-band radar: 9.4 GHz band marine radar.
X.509 Certificate: PKI certificate format used in eBL and SSAS.
XML S-100 Exchange Set: The data envelope for next-generation hydrographic products, with explicit signature and integrity profiles.

Y

Yard Acceptance Test: The newbuilding test phase at which IACS UR E26 cyber design verification must be evidenced.
Yokogawa CENTUM: Distributed control system from Yokogawa used in process and some marine applications.

Z

Zero Day: Vulnerability unknown to the vendor at the time of exploitation.
Zero Trust Architecture: Cyber paradigm assuming breach; verifying every request.
Zone and Conduit Model: The IEC 62443 segmentation construct adopted as the reference architecture in IACS UR E26.
Zone Security Level (SL): An IEC 62443 rating (SL 1-4) assigned to each shipboard zone based on threat capability it must resist.