# An unlocked workstation is an open door. 🚢
On a busy vessel, the most dangerous attacker might never touch a keyboard — they just wait for someone to walk away from one.
---
**What UR E27 Requires**
IACS UR E27 mandates that all Computer-Based Systems aboard vessels automatically lock after a configurable period of inactivity — typically set between 5 and 15 minutes. Operators must also have the option to lock sessions manually before leaving a console. Critically, resuming any locked session requires full re-authentication, not just a keypress or mouse click.
---
**Why This Matters on Ships**
Bridge workstations and engine room HMIs operate in a uniquely exposed environment. Watch handovers happen every four to six hours, and in the transition window, authenticated sessions are routinely left active and unattended. A crew member, a port technician with temporary access, or a visitor who happens to be in the wrong place at the right moment can inherit full operational control of a system — with no credentials required. The vessel's own authentication framework becomes irrelevant the moment a screen is left unlocked.
---
**The IEC 62443-3-3 Technical Foundation**
SR 2.5 sits within Foundational Requirement 2 (Use Control) and addresses exactly this physical exploitation vector. The requirement scales across all four Security Levels: at SL 1, basic session lock with re-authentication is expected; at SL 3 and SL 4, timeout intervals become tighter, lock behavior is auditable, and integration with identity management systems may be required. What makes SR 2.5 particularly relevant in maritime OT is that it bridges physical and cyber security — an unlocked ECDIS or propulsion control HMI is simultaneously a physical and a cybersecurity vulnerability.
---
**Implementation Reality**
The practical challenge on vessels is balancing security with operational continuity. Aggressive timeout settings on a dynamic positioning console or an alarm management system can interrupt time-sensitive workflows. The solution is not a single fleet-wide timeout value — it is a risk-based, system-by-system configuration policy that accounts for criticality, operator tempo, and the specific threat environment of each watchkeeping station.
---
**A Question Worth Asking**
Does your vessel's session lock policy differentiate between a cargo management terminal and a bridge navigation workstation — or is one setting applied across every CBS on board?
---
📌 Post 12/41 in my IACS UR E27 series — breaking down all 41 requirements
#SessionLock #IACS #URE27 #IEC62443 #MaritimeCyberSecurity #BridgeSecurity #PhysicalSecurity #OTSecurity #MaritimeOT
'Security > Maritime Cyber Security' 카테고리의 다른 글
| [IACS UR E27] FR2 Use Control - Audit Storage Capacity (0) | 2026.05.14 |
|---|---|
| [IACS UR E27] FR2 Use Control - Auditable Events (0) | 2026.05.13 |
| [IACS UR E27] FR2 Use Control - Mobile Code Control (0) | 2026.05.13 |
| [IACS UR E27] FR2 Use Control - Use Control for Portable & Mobile Devices (0) | 2026.05.13 |
| [IACS UR E27] FR2 Use Control - Wireless Use Control (0) | 2026.05.13 |
