# It's Not Just About Who's Logged In — It's About What's Connecting
Your vessel's condition monitoring system receives a data request from what appears to be your OEM's remote diagnostics platform. It looks right. It behaves right. But is it actually your OEM?
**IACS UR E27 demands more than human authentication.**
Under Foundational Requirement 1 (Identification & Authentication), every software process, automated agent, and connected device communicating with a Cyber-Based System (CBS) must be verified — not assumed trustworthy based on network location or IP address alone.
**For ships, this changes the threat model significantly.**
Vessels increasingly rely on machine-to-machine communication: OEM telemetry agents pulling engine data, shore-based monitoring platforms polling ECDIS or power management systems, automated scripts running condition-based maintenance routines. Each of these connections represents an authentication gap if the communicating entity is never formally verified.
An attacker who compromises a shore-side monitoring server doesn't need to steal a crew member's password. They just need the CBS to accept an unauthenticated connection — which it will, if device authentication isn't enforced.
**IEC 62443-3-3 SR 1.2 provides the technical framework. 🔐**
SR 1.2 extends identity verification beyond human users to devices, software processes, and automated services. The Security Level mapping matters here:
→ SL 2 requires device authentication for systems with untrusted network interfaces
→ SL 3 demands stronger cryptographic assurance and tighter identity binding
→ SL 4 requires the highest-assurance cryptographic mechanisms with rigorous key management
For CBS with untrusted network interfaces — which describes virtually every system with shore connectivity — SL 2 compliance is the baseline, not the ceiling.
**The practical challenge aboard vessels is PKI management.**
Certificate-based device authentication is the right answer, but it requires a managed Public Key Infrastructure — issuing, rotating, and revoking certificates for every authenticated device and process. On a ship with a small crew and limited IT expertise, maintaining certificate validity across OEM agents, monitoring platforms, and IoT sensors is operationally demanding. This is where vessel-shore PKI integration and clear lifecycle management policies become critical implementation requirements, not optional enhancements.
When your CBS receives an automated connection request, does your current architecture ask *who are you and can you prove it* — or does it simply ask *are you on the right network segment?*
Those are very different questions with very different security outcomes.
📌 Post 32/41 in my IACS UR E27 series — breaking down all 41 requirements
