船舶网络安全手册
Ver1.0
Ship Cyber Security Manual
Ship’s name：TANG LAND
Call sign：
3E2617
IMO Number：9233595
船舶网络安全手册
Ver1.0
Revision records
Item
Ver1.0 2021
Date
01
Content
Signed
船舶网络安全手册
content
一、前言preface
二、职责分工responsibility
三、网络专业术语Network Terms
四、网络系统组成Network System Composition
五、网络风险管理的要素Elements of network risk management
六、网络风险评估Network Risk Assessment
七、网络安全措施Network security measures
八、应急计划Emergency plans
九、网络事件的发现、反应和恢复Discovery, response and recovery of network
events
十、网络安全培训network security training
十一、网络安全管理规定Provisions on the Management of Cyber Security
十二、网络结构方框图Block diagram of network structure
十三、相关记录Related Records
附录appendix
附录A： 100102-1- 1 《船舶网络安全系统风险评估总表》
Appendix A: 100102- 1-1 General Table of Risk Assessment for Ship Cyber
Security System
附录B： 100102-1-2 《船舶网络安全系统运维记录表》
Appendix B: 100102- 1-2 Operation and Maintenance Record of Ship Cyber
Security System
附录C： 船舶通信软件RYDEX 和FOXMAIL 安装指南
Appendix C: Installation guide for Rydex and Foxmail
Ver1.0
船舶网络安全手册
一、前言preface
1.
本手册是根据国际海事组织海上安全委员会MSC.428(98)决议《安全管理体系中的海事
网络风险管理》的要求，编写制定的具体的船舶网络安全管理指南。This manual is a
specific guide for ship network security management compiled according to the requirements
of the International Maritime Safety Committee resolution MSC.428(98) "Maritime Network
Risk Management in the Security Management System".
2. 体系应将网络风险管理纳入，最迟不晚于2021 年1 月1 日之后公司“符合证明” 的第一
次年度审核。 The IMO MaritiIMO 海事安全委员会已确认将网络风险纳入《国际安全管
理规则》的管理之中。公司的安全管理me Safety Commission has confirmed the inclusion of
cyber risk in the International Safety Management Code.The Company's security management
system shall incorporate cyber risk management no later than the first annual review of the
Company's Certificate of Compliance after January 1, 2021.
3. 本手册是EAST MARITIME SERVICES CO., LTD管理的所有船舶的网络安全管理指南，
自2021 年1 月1 日起生效。This manual is a guide for the cyber security management of all
ships managed by EAST MARITIME SERVICES CO., LTD effective from January 1, 2021.
4. 本手册为控制、管理和保护安装在船舶的网络安全设备提供网络安全管理实务指南。This
manual provides a practical guide for the control, management and protection of cyber
security equipment installed on ships.
5. 本手册的网络安全管理程序， 旨在保护公司船舶的所有系统免受网络攻击。The network
security management procedures in this manual are designed to protect all systems of the
company's ships from network attacks.
二、职责分工responsibility
1. 船舶职责分工Division of ship responsibilities
1) 每条船的船长担任本船的网络安全员。The captain of each ship serves as its own
network security officer.
2) 大副和轮机长分别负责本部门主管的网络设备的安全管理工作。The chief officer and
the chief engineer are respectively responsible for the safety management of the network
equipment in charge of the department.
3) 船舶各主管人员按照《船舶检修、养护分工明细表》分别做好网络设备的维护保养
工作。Each person in charge of the ship shall maintain the network equipment in
accordance with the Schedule of Division of Labor for Ship Overhaul and Maintenance.
2.
公 司 职 责 分 工 和 应 急 联 系 方 式 Division of responsibilities and emergency contact
information of the company
1) 指定人员（DPA）担任公司的网络安全员。 Designated Person (DPA) serves as the
company's network security officer.Contact Information:
2) 船管部主管负责自己所分管的所有船舶的网络安全管理工作。The head of the ship
management department is responsible for the network security management of all ships
under his/her charge.
Ver1.0
船舶网络安全手册
三、 网络专业术语Network Terms
1. 访问控制： 用于支持访问控制的数字系统， 以确保物理防护、船舶及其货物的安全，包
括监视，船上保安警报和电子“船上人员”系统。Access Control: Digital systems used to
support access control to ensure physical protection, the safety of the ship and its cargo,
including surveillance, onboard security alerts and electronic "onboard personnel"
systems.
2. 配置管理：系统性地处理硬件、软件变化的操作和程序，以保持系统或设备的完整性。
Configuration management: operations and procedures that systematically deal with
changes in hardware and software to maintain the integrity of the system or device.
3. 网络安全：计算机化、自动化和自治系统的指南和标准，确保这些系统的设计、构建、
运行和维护，以便只允许可预测的、可重复的行为， 特别是在那些可影响人员、系统、
企业或环境安全的运行或维护领域。网络安全对于在工程功能保证中所存在的确定性行
为是必要的，它包括软件完整性管理以管理软件密集型系统中的技术风险。 Cyber
Security: Guidelines and standards for computerized, automated, and autonomous
systems to ensure that these systems are designed, built, operated, and maintained to
allow only predictable, repeatable behavior, especially in areas of operation or
maintenance that affect the safety of people, systems, enterprises, or the environment.
Network security is necessary for deterministic behavior in engineering function
assurance, which includes software integrity management to manage technical risks in
software-intensive systems.
4. 网络攻击：以访问、危及、损毁公司和/或船舶的系统和数据为目的，针对IT 和OT 系
统、计算机网络、个人计算机设备的任何型式的攻击性操作。 Cyber Attack: any type of
offensive operation against IT and OT systems, computer networks and personal
computer equipment for the purpose of accessing, compromising or damaging the
systems and data of the company and/or the ship.
5. 网络风险： 指由信息或系统的错误、丢失或损坏引发的， 使技术资产面临潜在的问题或
安全事件，并可能导致与航运相关的操作、安全性失效的有关威胁。Network risk: refers
to the related threat caused by the error, loss or damage of information or system, which
exposes technical assets to potential problems or security events and may lead to the
failure of operation and security related to shipping.
6. 网络事件： 对船上系统，网络和计算机或其处理、储存、传输的信息造成实际或潜在负
面影响的事件，且需要通过响应措施来消除其后果。Network Incident: an event that has
an actual or potential negative impact on the systems, networks and computers onboard
the ship or the information processed, stored or transmitted thereon, and that requires
response measures to eliminate the consequences.
7. 网络安保： 指保护信息和通信系统以及其中所包含的信息免受破坏、未授权使用、修改
和盗取的活动或过程、能力及情形。Network security: refers to the activities or processes,
capabilities andcircumstances that protect information and communication systems and
the information contained thereinfrom damage, unauthorized use, modification and
theft.
8. IT技术： 专门用于支持信息数据应用的技术， 包括设备、软件和与其相关联的网络。IT
technology:technology specifically designed to support the application of information
Ver1.0
船舶网络安全手册
and data, including equipment,software, and their associated networks.
9. OT技术： 用于船舶操作和控制方面的技术，包括设备、传感器、软件和与其相关联的网
络。在船舶上面， 这些系统的设备、传感器、软件和网络具体包括：监控系统、动力系
统、通信系统、船舶内的和船舶外的传感器、导航系统。OT technology: technology used
in the operation and control of a ship, including equipment, sensors, software and
associated networks. On the ship, the equipment, sensors, software and networks of
these systems include: monitoring systems, power systems, communication systems,
onboard and externally onboard sensors, and navigation systems.
10. 网络安全员(CySO)：指一条船上面被指定负责管理和协调网路安全工作的一个人或多个
人。 Cyso: A person or persons onboard a ship assigned to manage and coordinate cyber
security efforts.
11. 防火墙：防止对网络系统设施和信息未授权访问的逻辑或物理阻断。Firewall: logical or
physical blocking of unauthorized access to network system facilities and information.
12. 局域网：是一种计算机网络， 它使用网络媒体将家庭， 船舶或办公楼等有限区域内的计
算机相互连接起来。 LAN: A computer network that uses networked media to connect
computers in a limited area,such as a home, ship, or office building.
13. 恢复： 指事件发生后， 在短期、中期对系统重要的服务和操作， 以及较长期对全部能力
的复原活动。Recovery: refers to the services and operations that are important to the
system in the short and medium term after the occurrence of an event, and to the
recovery of full capacity in the longer term.
14. 病毒是一种隐匿、可自我复制的计算机软件，会恶意感染并操纵计算机程序和系统的运
行。 Viruses are hidden, self-replicating computer software that can maliciously infect
and manipulate the operation of computer programs and systems.
15. 广域网络（WAN）：一种跨区域、国家或国际边界的网络。Wide Area Network (WAN) :
A network that crosses regional, national, or international boundaries.
16. 无线网络：是使用某种电磁频谱发送和/或接收信息的所有短程通信。Wireless networks:
All short-range communications using a certain electromagnetic spectrum to send
and/or receive information.
四、 网络系统组成Network System Composition
1. 通常， 船用网络可分为两类， 第一类是用于信息收集和信息管理服务的网络，如， 用于
报告， 调度，库存管理，运营和维护管理， 电子邮件，电话， 打印服务及船岸通信系统，
这类网络通常称为信息网络（IT 网络）， 其组成包括船员使用的计算机、网关、路由
器、文件服务器、数据库服务器、应用服务器等设备； 第二类是负责采集、监视和控制
全船设备的运行状态，服务于船舶操控系统的网络，称为控制网络（OT 网络），例如，
分布于机舱的主推进监控系统、辅机监控系统、电站监控系统、火灾报警系统等以及驾
驶台上的导航系统、综合船桥系统等。Usually, the Marine network can be divided into
two categories, the first is used for information collection and information management
services network, such as, for reporting, scheduling, inventory management, operation
and maintenance management, email, phone, print services and ship-to-shore
communication system, usually referred to as this type of network information network
(IT) network, the components including the crew to use computer, the gateway, router,
file server, database server, application server and other equipment; The second
category is responsible for collecting, monitoring, and control the running status of
Ver1.0
船舶网络安全手册
ship's equipment, in the service of ship control system of the network, known as the
control network (OT), for example, distributed in main propulsion control system of
engine, auxiliary engine monitoring system, power station monitoring system, fire alarm
system and driving on the navigation system, such as integrated bridge system, etc.
2.
船 舶越来越多地使用依靠数字化、集成化和自动化的系统， 这需要船上的网络风险管理。随
着技术的不断发展， 船上的信息技术（ IT）和运营技术（OT）正在联网并更频繁地连接
到互联网。这给船舶系统和网络带来更大的未授权访问或恶意攻击风险。访问系统的人
员也可能带来风险，例如通过可移动媒体引入恶意软件。 Ships are increasingly using
systems that rely on digitization, integration and automation, which requires onboard
cyber risk management. As technology continues to evolve, onboard information
technology (IT) and operational technology (OT) are being networked and more
frequently connected to the Internet. This creates a greater risk of unauthorized access
or malicious attacks on the ship's systems and networks. People accessing the system
can also pose risks, such as the introduction of malware through removable media.
3.
相关方应采取必要的措施保护船舶，以避免出现已有的和新形式的威胁，以及与航运程
序和系统的数字化、集成化和自动化相关的漏洞。 The parties concerned shall take the
necessary measures to protect the vessel against the emergence of existing and new
forms of threats and vulnerabilities related to the digitization, integration and
automation of shipping procedures and systems.
4.
易受网络风险攻击的船舶网络系统包括，但不限于：Ship network systems vulnerable to
cyber risk attack include, but are not limited to:
1) 通信系统Communication system
卫星通信设备Satellite communication equipment
2) 船桥系统Ship bridge system
网络电话（VOIP）
无线网络（WLANs）
定位系统（GPS 等）
雷达设备RADAR
自动舵系统AUTO PILOT
推进/操纵系统Propulsion/control system
电子海图系统（ECDIS）
自动识别系统（AIS）
GMDSS 系统GMDSS
航行数据记录仪（VDR）
通用报警系统GENERAL ALARM SYSTEM
其他监测和数据采集系统Other monitoring and data acquisition systems
3） 推进、机械、电力控制系统Propulsion, mechanical and electrical control systems
柴油机diesel engine
锅炉控制系统Boiler control system
辅助安全系统Auxiliary safety system
电站及电源管理系统Power station and power management system
自动化监控系统Automatic monitoring system
报警系统Alarm system
应急系统Emergency system
Ver1.0
船舶网络安全手册
防污染系统Anti-pollution system
舵机控制系统Steering gear control system
4） 访问控制系统Access control system
监控系统， 如CCTV 系统Monitoring system such as CCTV system
BNWAS 系统BNWAS system
SSAS 系统SSAS system
公共广播系统Public address system
5） 货物管理系统Cargo management system
货物配载系统Cargostowage system
阀门遥控系统Valve remote control system
液位指示系统Liquid level indicating system
起重机控制系统Crane control system
6） 进水、稳性系统Inlet water, stability system
进水报警系统inlet water alarm system
压载水系统Ballast water system
水密门watertight door
舱底水系统bilge water system
7） 锚泊系泊系统ahcnor &mooring system
锚机控制与监控系统Windlass control and monitoring system
系泊控制系统Mooring Control System
8） 防火控制系统Fire control system
火灾监测系统Fire monitoring system
货舱探烟系统Cargo smoke detection system
防火门控制系统Fire door control system
消防泵控制和监测系统Fire pump control and monitoring system
CO2 灭火系统CO2 fire extinguishing system
水雾喷淋系统Water spray system
9） 网络系统network system
防火墙firewall
路由器router
交换机switches
入侵防御系统Intrusion Prevention System
10） 信息管理系统information management system
船舶管理信息系统Ship Management Information System
船舶报告系统ship reporting system
五、 网络风险管理的要素Elements of network risk management
1. 网络风险管理系指识别、分析、评估和交流网络安全的相关风险， 并考虑相关方采取行
动的成本和利益，接受、避免、传递和降低风险到可接受水平的过程。 Network risk
management refers to the process of identifying, analyzing, evaluating and
communicating risks related to network security, taking into account the costs and
benefits of actions taken by the relevant parties, and accepting, avoiding, delivering and
reducing risks to an acceptable level.
Ver1.0
船舶网络安全手册
2. 有效的网络风险管理应从高级管理层开始。高级管理层应将网络风险意识的文化植入于
组织的每个层面，并确保通过有效的反馈机制对全面和灵活的网络风险管理制度进行持
续的实施和评估。Effective cyber risk management starts with senior management.
Senior management should embed a culture of cyber risk awareness at every level of the
organization and ensure that a comprehensive and flexible cyber risk management
system is continuously implemented and evaluated through effective feedback
mechanisms.
3.
以下为网络风险管理的功能性要素。这些要素并非按顺序排列，而是在实践中同时存在
和持续的，并应在风险管理框架中适当地融入。The following are the functional elements
of network risk management. These elements are not ordered, but exist simultaneously
and continuously in practice and should be appropriately integrated into the risk
management framework.
1) 识别： 规定人员从事网络风险管理的角色和职责， 并识别因其中断时将对船舶操作
造成风险的系统、资产、数据和能力。Identification: define the roles and responsibilities
of personnel engaged in network risk management, and identify the systems, assets, data
and capabilities that will pose risks to ship operations due to interruption.
2) 保护： 实施风险控制的过程和措施，并制定应急计划以保护网络事件以确保航运操
作的连续性。Protection: implement risk control processes and measures, and develop
contingency plans to protect network events to ensure the continuity of shipping
operations.
3) 探测： 建立和实施必要的活动以便及时探测网络事件。 Detection: establish and
implement necessary activities to detect network events in a timely manner.
4) 反应： 建立和实施活动和计划以便提供弹性的航运操作系统或恢复网络事件造成的
服务障碍。 Response: establish and implement activities and plans to provide resilient
shipping operating systems or to recover service barriers caused by network events.
5) 恢复：识别因网络事件影响的航运操作所必需的网络系统的备份和修复措施。
Recovery: backup and repair measures of network systems necessary to identify
shipping operations affected by network events.
4. 有效的网络风险管理应确保组织各个层面对网络风险保持恰当的安全意识。这种意识程
度 和准备应 相适于其 网络 风险管理 系统中的 角色 和职责。 Effective cyber risk
management should ensure that appropriate security awareness of cyber risks is
maintained at all levels of the organization. This level of awareness and preparedness
should be commensurate with their roles and responsibilities in the network risk
management system.
六、 网络风险评估Network Risk Assessment
1. 网络风险管理， 应参考成员国政府和船旗国主管机关的要求， 以及相关的国际和行业标
准和最佳实践方法。 Cyber risk management, with reference to the requirements of the
governments of Member States and the competent authorities of flag States, as well as
relevant international and industry standards and best practices.
2. 按照风险的来源进行划分，网络风险可以分为内部风险和外部风险两大类。内部风险是
指公司或船舶内部人员由于移动存储设备的使用、不当操作等造成的网络风险。外部风
险是指来源于公司和船舶外部人员引发的风险，主要是指来源于外部的网络攻击。6.2 网
Ver1.0
船舶网络安全手册
Ver1.0
络攻击主要分为随机性攻击和特定性攻击两大类。According to the sources of risks,
network risks can be divided into internal risks and external risks. Internal risk refers to
the network risk caused by the use and improper operation of themobile storage
equipment by the company or the internal personnel of the ship. External risks refer to
the risks caused by external personnel of the company and the ship, mainly referring to
external network attacks.6.2 Network attacks are mainly divided into random attacks
and specific attacks.
3. 随机性网络攻击的主要表现形式，包括但不限于：
network attacks, including but not limited to:
Main manifestations of random
1) 恶意软件： 用于在使用者不知晓的情况下进入或损坏计算机的恶意软件。有各种类
型的恶意软件， 包括木马、勒索软件、间谍软件、病毒和蠕虫。Malware: Malware used
to enter or damage a computer without the user's knowledge. There are various types of
malware, including Trojans, ransomware, spyware, viruses, and worms.
2) 社交技术： 是潜在的网络攻击者植入系统内部的个体的用来破坏安全程序的非技术
性手段， 通常但不仅限于通过社交媒体进行交互。 Social technology: Non-technical
means used by potential cyber attackers to implant in the system individuals to disrupt
security procedures, usually but not limited to interaction through social media.
3) 网络钓鱼： 向大量潜在目标发送电子邮件， 询问特定的敏感或机密信息。此种电子
邮件还可以邀请阅读人使用电子邮件中的超链接访问虚假网站。Phishing: sending
emails to a large number of potential targets asking for specific sensitive or confidential
information. The E-mail can also invite the reader to visit a fake Web site using a
hyperlink in the E-mail.
4) 虚假网站：建立虚假网站或整合真实的网站以利用访问者。Fake websites: build fake
websites or integrate real websites to take advantage of visitors.
5) 随机扫描：随机攻击大量的互联网。Random Scan: Random attacks on a large number
of Internet.
4.
随机性网络攻击的主要表现形式，包括但不限于： Main manifestations of random
network attacks, including but not limited to:
1) 暴风算法：攻击尝试许多密码，希望最终得到正确的猜测。攻击者系统地检查所有
可能的密码，直到找到正确的密码。 Storm algorithm: the attack tries many passwords,
hoping to finally get the right guess. The attacker systematically checks all possible
passwords until he finds the right one.
2) 拒绝服务（DoS）：阻止合法和授权的用户访问信息，通常是使用数据冲灌网络。
Denial of Service(DOS) : To prevent legitimate and authorized users from accessing
information, usually by flooding the network with data.
3) 鱼叉式网络钓鱼：与网络钓鱼类似，但以个人的电子邮件为目标，通常包含恶意软
件或自动下载恶意软件的链接。 Spear-phishing: Similar to phishing, but targeting an
individual's email, usually contains malware or links to automatically download the
malware.
4) 颠覆供应链：通过危害交付给公司或船舶的设备、软件或支持服务等来攻击公司或
船舶。 Supply chain disruption: attacking a company or ship by compromising
equipment, software, or support services delivered to the company or ship.
以上列举并非详尽无遗，网络攻击中使用的工具和技术的潜在数量和复杂性在不断发展
和更新，网络攻击的种类也要根据现实的发展不断进行同步更新。网络攻击的种类，应
船舶网络安全手册
Ver1.0
在风险评估中体现。 The above list is not exhaustive. The potential number and
complexity of tools and technologies used in cyber attacks are constantly developing
and updating, and the types of cyber attacks should also be updated in accordance with
the development of reality. The type of cyber attack should be reflected in the risk
assessment.
5. 识别漏洞Identify vulnerabilities
1) 对可能面临的潜在威胁进行初始评估。然后对相关系统和船上的程序进行评估， 以
确定其处理当前的威胁级别的稳健性。这些漏洞和脆弱性的评估应当作为高级管理层讨
论/研究的基础。可以通过内部专家或熟悉海运业及其关键流程的外部专家提供支持，
从而形成以关键风险为中心的战略。应当考虑区分信息技术系统IT 和操作技术OT 系统，
IT 系统专注于将数据作为信息来使用，
而OT 系统则专注于使用数据来控制或监控物
理过程。Conduct an initial assessment of potential threats that you may face. Systems
and onboard procedures are then evaluated to determine how robust they are to deal
with the current threat level. The assessment of these vulnerabilities and vulnerabilities
should form the basis of senior management discussion/research. A strategy centred on
key risks can be supported by internal experts or external experts familiar with the
shipping industry and its key processes. Consideration should be given to distinguishing
between information technology systems (IT), which focus on using data as information,
and operational technology (OT)systems, which focus on using data to control or
monitor physical processes
2) 与那些连接到不受控制的网络或直接连接到互联网的系统相比， 独立的系统比较不
易受外部网络攻击。应谨慎注意船上的关键系统可能连接到不受控制的网络，且应考虑
人为的因素，因为许多事件都是由个人的行为引发的。 Standalone systems are less
vulnerable to external network attacks than those connected to uncontrolled networks
or directly connected to the Internet. Caution should be taken that critical systems on
board ships may be connected to uncontrolled networks and that human factors should
betaken into account as many incidents are triggered by the actions of individuals.
3)
船到岸界面Ship-to-shore interface由于数字通信在开展业务、管理操作以及与总部的
联系中的应用， 船舶与岸上操作的联系越来越紧密。此外， 对于航行、动力和货物管理
的安全至关重要的关键船舶系统正在日益数字化并连接到互联网，以执行各种合法功能。
Ships are increasingly linked to shore-based operations due to the use of digital
communications in conducting business, managing operations and communicating with
headquarters. In addition, critical ship systems critical to the safety of navigation, power
and cargo management are increasingly digitized and connected to the Internet to
perform a variety of legitimate functions.
4) 通常的漏洞Common vulnerabilities以下是常见的网络漏洞， 可能存在于现有船舶上
以及一些新建船舶上：The following are common network vulnerabilities that may exist
on existing ships as well as on some newly built ships:
过时的和不支持的操作系统； Outdated and unsupported operating systems;
防病毒软件和防恶意软件过时或缺失； Virus software and anti-malware software is
outdated or missing;
安全配置和最佳实践不足，包括无效的网络管理和使用默认的管理员帐户和密码，以
及不是基于最小权限原则的无效网络管理；Inadequate security configuration and best
船舶网络安全手册
Ver1.0
practices, including invalid network administration and use of default administrator
accounts and passwords, and invalid network administration that is not based on the
minimum privileges principle;
船上计算机网络，缺乏边界保护措施和网络隔离；On-board computer networks, lack of
border protection and network isolation;
始终与岸上连接的安全关键设备或系统； Safety critical equipment or systems that are
always connected to shore;
对第三方（包括合同方和服务提供商）的访问控制不足。has inadequate access control
over third parties, including contractors and service providers.
6. 风险评估Risk assessment
1) 危害的评估Hazard assessment
我司采用机密性，完整性和可用性（CIA）模型作为评估网络风险危害的框架：Our
company uses the Confidentiality, Integrity and Availability (CIA) model as the
framework for assessing network risk hazards:
未经授权访问和披露有关船舶、船员、货物和乘客的信息或数据；Unauthorised
access to and disclosure of information or data concerning the ship, crew, cargo and
passengers;
丧失完整性，会改变或破坏有关船舶安全有效运行和管理的信息和数据； Loss of
integrity may alter or destroy information and data relating to the safe and effective
operation and management of the ship;
由于信息和数据的破坏和/或船舶系统的服务/运行中断而导致的丧失可用性；Loss
of availability due to destruction of information and data and/or interruption of
service/operation of the ship's systems;
2) 机密性、完整性和可用性的相对重要性取决于信息或数据的使用情况。例如，评估
与商业操作相关的IT 系统的漏洞可能会关注机密性和完整性，而不是可用性。相反，
评估船上OT 系统的漏洞， 特别是对安全至关重要的系统，可能会关注可用性和/或
完整性，而不是保密性。 The relative importance of confidentiality, integrity, and
availability depends on how the information or data is used. For example, assessing
vulnerabilities in IT systems related to business operations might focus on
confidentiality and integrity rather than availability. Instead, assessing
vulnerabilities in shipboard OT systems, especially those that are critical to security,
may focus on availability and/or integrity rather than confidentiality
潜在影响
定义
实践中
低
机密性、完整性或可用性的
丧失预计对公司和船舶运
营、公司和船舶资产或个人
产生有限的不利影响；
有限的不利影响意味着安全漏洞可能：
（i）导致船舶运行退化到组织能够履行其主
要职能的程度和
持续时间， 但功能的有效性明显降低;
（ii）导致组织资产轻微损害;
（iii）导致轻微财务损失; 或
船舶网络安全手册
Ver1.0
（iv）对个人造成轻微伤害。
中
机密性、完整性或可用性的
丧失会对公司和船舶运营、
公司和船舶资产或个人产
生重大不利影响
重大的不利影响意味着安全漏洞可能：
（i）造成船舶运行的严重恶化，使组织能够
执行其主要功能
的程度和持续时间显着减少，但功能的有效
性显着降低;
（ii）对组织资产造成重大损害;
（iii）导致重大财务损失; 或
（iv）对个人造成重大伤害，但不会造成生命
损失或严重危
及生命的伤害。
高
机密性、完整性或可用性的
丧失会对公司和船舶运营，
公司和船舶资产或个人产
生严重或灾难性的不利影
响。
严重或灾难性的不利影响意味着安全漏洞可
能：
（i）导致组织无法执行其一项或多项主要功
能的程度和持续
时间的严重降级或船舶运行损失;
（ii）对组织资产造成重大损害;
（iii）导致重大财务损失; 或
（iv）导致严重或灾难性伤害， 涉及人员伤亡
或严重危及生
命的伤害。
Potential
definition
in practice
the loss of confidentiality,
integrity or availability is
expected to have a limited
adverse effect on the
The limited adverse
security vulnerabilities
impact
低low
operations of the Company
and the Vessel, the assets
of
the Company and the
Vessel
or persons;
effects mean that
may:
(I) To the extent and for the duration of the
degradation of the
ship's operation to the extent that the
organization is able to
perform its primary functions, but with a
significant reduction
in the effectiveness of the functions;
(ii) causes minor damage to the assets of the
organization;
(iii) causes a minor financial loss;or
(iv) minor personal injury.
中medium
Loss of confidentiality,
integrity or availability can
have a material adverse
effect on the Company and
ship operations, the
Company and ship assets
A significant adverse effect means that a
security breach may:
(I) resulting in a significant deterioration in
the operation of the
ship, resulting in a significant reduction in
the degree and
船舶网络安全手册
or
persons
Ver1.0
duration of the organization's ability to
perform its primary
functions, but a significant reduction in the
effectiveness of the
functions;
(ii) causes material damage to the assets of
the organization;
(iii) causes a material financial loss;or
(iv) causing significant injury to an individual
but not causing
loss of life or serious life-threatening injury.
高high
Loss of confidentiality,
integrity or availability can
have a serious or
A serious or catastrophic adverse effect
means that a security
breach may:
catastrophic adverse effect
on the Company and the
(I) a serious degradation or loss of operation
of the ship to the
ship's operations, the
extent and duration of which the
organization is unable to
perform one or more of its principal
Company and the ship's
assets or persons.
functions;
(ii) causes material damage to the assets of
the organization;
(iii) causes a material financial loss;or
(iv) causing serious or catastrophic injury
involving loss of life
or serious life-threatening injury.
7. 船舶网络风险评估的一般原则General principles of ship network risk assessment
根据船舶网络工作的特殊性， 船舶网络风险评估可以参考以下原则进行分类：According
to the particularity of ship network work, ship network risk assessment can be classified
by referring to the following principles:
1）带有操作系统（OS）的网络安全设备：Network security devices with operating system
(OS) :操作系统一般是指WINDOWS 系统、 LINUX 系统等。带有这些系统的设备， 一方
面， 在连接船舶外部卫星或WIFI 网络时， 容易受到外部网络的不可控制的攻击； 另一方
面，在船舶内部，也容易受到局域网、移动存储媒介、人为错误操作等因素的损坏。因
此，这类设备，一般定义为高风险设备。The operating system generally refers to Windows
system, Linux system, etc. Devices with these systems, on the one hand, are vulnerable to
uncontrollable attacks from external networks when they are connected to the ship's
external satellite or WiFi network ;On the other hand, inside the ship, it is also vulnerable
to local area network, mobile storage media, human error operation and other factors of
damage. Therefore, this type of device is generally defined as a high-risk device.
2） 带有PLC 等芯片控制的网络安全设备：Network security equipment with PLC and
other chip control:这类设备在调试、升级的过程中，容易受到连接设备的攻击。但是，
这种设备，如果没有公司的指导，船舶主管人员一般不会无缘无故的触碰这些设备的软
船舶网络安全手册
件，而且调试这些设备一般需要专用的接口。这类设备受到攻击的可能性， 比上述第一
类高风险有很显著的降低。因此，这类设备， 一般定义为中风险设备。 In the process of
debugging and upgrading, this kind of equipment is vulnerable to the attack of connected
devices. However, such equipment, without the company's guidance, will generally not
be unintentionally touched by the ship's officer's software, and commissioning of such
equipment will generally require a dedicated interface. Such devices are significantly less
likely to be attacked than those in the first category. Therefore, this kind of equipment is
generally defined as medium risk equipment.
3） 其他网络安全设备：Other Network Security Devices:上述第一种和第二种设备之外
的设备。这类设备，受到攻击的可能性最低。因此，这类设备，一般定义为低风险设备。
Devices other than the first and second devices mentioned above. These are the types of
devices that are least likely to be attacked. Therefore, these devices are generally defined
aslow-risk devices.
七、 网络安全措施Network security measures
1. 根据网络管理的特殊性， 网络安全措施可以分为技术性安全措施和程序性安全措施两大
类。According to the particularity of network management, network security measures
can be divided into two categories: technical security measures and procedural security
measures.
1） 技术型安全措施关注通过增加硬件、安装软件、管理权限、设定要求等方式，使网
络系统及其管理，在技术方面受到保护， 且能损坏后恢复。Technical security measures
focus on increasing hardware, installing software, management authority, setting
requirements and other ways, so that the network system and its management, in terms
of technical protection, and can be damaged after recovery.
2） 程序型安全措施关注人员如何使用船上的系统。对于包含敏感信息应程序型安全措
施关注人员如何使用船上的系统。对于包含敏感信息应保密，且根据公司策略操作。
Procedural safety measures focus on how personnel use onboard systems.Procedural
security measures that contain sensitive information are concerned with how personnel
use onboard systems. Containing sensitive information shall be kept confidential and
shall be handled in accordance with company policy.
2.
技术型安全措施， 包括但不限于：Technical safety measures, including but not limited
to:
1) 对网络端口、协议和服务的限制和控制；Restrictions and controls on network ports,
protocols and services;
2) 配置防火墙、路由器、交换机等网络设备；Configuration of firewalls, routers, switches
and other network equipment;
3) 物理安全；physical security;
4) 检测，阻止和警报；Detection, Prevention and Alarm;
5) 卫星和无线电通信；Satellite and radio communications;
6) 无线访问控制；Wireless access control;
7) 恶意软件检测；Malware detection;
8) 硬件和软件的安全配置； Hardware and software security configuration;
9) 电子邮件和Web 浏览器保护；email and Web browser protection;
10) 数据恢复能力； Data recovery capability;
Ver1.0
船舶网络安全手册
11) 应用软件安全（补丁管理） Application Software Security (Patch Management)
3. 程序型安全措施，包括但不限于： Procedural security measures, including but not limited
to:
1) 培训和意识； Training and awareness;
2) 对访问者的限定接近； Restricted proximity to visitors;
3) 升级和软件维护； Upgrading and software maintenance;
4) 防病毒和反恶意软件工具更新；Update antivirus and anti-malware tools;
5) 远程访问；Remote access;
6) 使用管理员权限； Use administrator privileges;
7) 密码管理和记录； Password management and record;
8) 物理和可移动媒体控制, 例如USB 控制； Physical and removable media control, such
as USB control;
9) 承包商对公司政策的遵守； The Contractor's compliance with the Company's policies;
10) 设备处理， 包括数据销毁； Equipment processing, including data destruction;
11) 获得岸上和应急计划的支持；To obtain support from shore and emergency planning;
八、 应急计划Emergency plans
1. 操作技术系统（OT）和信息技术系统（IT）的丧失可能对船舶的安全运行产生重大而直
接的影响。如果网络事件导致OT 系统或IT 系统丢失或发生故障， 则必须采取有效措施
确保船员、船舶和海洋环境的直接安全。The loss of operational technology systems (OT)
and information technology systems(IT) may have a significant and direct impact on the
safe operation of the ship. If a cyber event results in the loss or failure of an OT or IT
system, effective measures must be taken to ensure the direct safety of the crew, ship
and Marine environment.
2. 公司的安全管理体系已经包括报告事故或危险情况的程序。针对已经发生的、对公司和
船舶、资产或个人产生重大不利影响的网络事件，根据体系文件中的《应急反应程序》，
制定应急反应措施 ，以便将 产生的危害降低到最低程度。 The company's safety
management system has included procedures for reporting accidents or dangerous
situations. In view of the network events that have occurred and have significant adverse
effects on the company, ships, assets or individuals, the emergency response measures
shall be formulated in accordance with the Emergency Response Procedures in the
system documents, so as to reduce the harm to the lowest extent.
3. 网络事件可能对船舶的安全运行产生重大而直接的影响，包括但不限于： Cyber incidents
may have a significant and direct impact on the safe operation of the ship, including but
not limited to:
1) 电子导航设备可用丧失，或航行相关数据的完整性丧失；
2) 外部数据源的可用性或完整性丧失，包括但不限于GNSS；
3) 丧失与岸上的必要连接，包括但不限于全球海上遇险和安全系统通信；
4) 失去行业控制系统的可用性，包括推进系统、辅助系统和其他关键系统，以及数据管
理和控制的完整性的丧失；
5) 勒索软件或拒绝或服务事件。
1) Loss of availability of electronic navigation equipment or loss of integrity of
navigation-related data;
Ver1.0
船舶网络安全手册
2) loss of availability or integrity of external data sources, including but not limited to
GNSS;
3) Loss of necessary connections to shore, including, but not limited to,
communications with the Global Maritime Distress and Safety System;
4) Loss of availability of industry control systems, including propulsion systems,
auxiliary systems and other critical systems, as well as loss of data management
and control integrity;
5) Ransomware or denial or service events.
4. 由于网络事件造成的OT 系统或IT 系统的丧失，必须像其他任何设备故障一样处理。Loss
of OT or IT systems due to network events must be treated like any other equipment
failure.
5. 由于此类事件的复杂性或严重性，对网络事件的反应可能会超出船上或公司内部的能力。
在这些情况下， 由公司联系外部专家寻求协助或登轮维修。 Due to the complexity or
severity of such incidents, the response to a cyber incident may exceed the capabilities
onboard or within the company. In these cases, it is up to the company to contact outside
experts for assistance or to board the vessel for repairs.
九、 网络事件的发现、反应和恢复Discovery, response and recovery of network events
1. 网络发现：不符合操作和管理规定的网络事件， 应当被及时发现和制止， 并制定相应的
管理措施加以预防。不符合的网络事件， 包括但不限于： Network discovery: Network
events that do not conform to the operation and management provisions shall be found
and stopped in time, and corresponding management measures shall be formulated to
prevent them. Non-conforming network events, including but not limited to:
1) 未经授权的网络访问； Unauthorized network access;
2) 未经授权或不当的使用管理员权限；Unauthorized or improper use of administrator
rights;
3) 可疑的网络活动； Suspicious network activity;
4) 未经授权访问关键系统；Unauthorized access to critical systems;
5) 未经授权使用可移动介质； Unauthorized use of removable media;
6) 未经授权连接个人设备；Unauthorized connection to personal devices;
7) 不遵守软件维护程序； Failure to comply with software maintenance procedures;
8) 未进行防范恶意软件和网络保护的更新；Not updated to prevent malicious software
and network protection;
9) 关键系统可用性的丢失或受损；Loss or damage to the availability of critical systems;
10) 关键系统所需数据可用性的丢失或受损。 Loss or impairment of the availability of
data required by critical systems.
2.
应当明白，网络事件不太可能自行消失。例如，如果ECDIS 感染了恶意软件， 则启动
备份ECDIS可能会导致另一次网络事件。因此， 应当计划如何执行感染系统的清洁和恢
复。Be aware that cyber events are unlikely togo away on their own. For example, if the
ECDIS is infected with malware, starting a backup ECDIS may cause another network
event. Therefore, it is important to plan how to carryout cleansing and recovery of
infected systems.
3.
有效的反应行动至少包括以下步骤： An effective response includes, at a minimum, the
Ver1.0
船舶网络安全手册
following steps:
1) 初步行动和评估：为确保采取适当的应对措施，相关主管人员必须找出：Initial action and
evaluation: To ensure appropriate response measures are taken, the relevant
supervisor must identify:
※事件是如何发生的How did the incident happen
※哪些IT 和/或OT 系统受到影响以及影响如何Which IT and/or OT systems are
affected and how
※对IT 和OT 系统的威胁到什么程度What is the threat to IT and OT systems
※找出什么症状Look for the symptoms.
※商业和/或运营数据受到影响的程度The extent to which business and/or operational
data are affected
※评估对航行造成的风险，及其预防措施Assess risks to navigation and preventive
measures
※是否有备用系统， 能否启动备用系统Whether there is a backup system, can start the
backup system
※能否自修，并排除故障，需要多长时间Can self-repair, and troubleshooting, how long
will it take
※如果不能自修，能否坚持到下一港口安排修理f you cannot repair by yourself, can you
insist on arranging repair at the next port
※是否需要申请船旗国豁免Whether it is necessary to apply for a flag state exemption
※记录时间发生的日期、时间、地点Record the date, time and place where the time
occurred
※做好相关证据保存，以便配合后续调查，例如VDR/ECDIS/CCTV 等历史数据存储Keep
relevant evidence for follow-up investigation, such as VDR/ECDIS/CCTV and other historical
data storage
2) 相关网络事件的《不符合规定情况、事故、险情报告单》 ，发给公司主管人员、公司网
络安全员、公司指定人员A。报告的内容， 包括但不限于： Report Form of Non-Conformity,
Accident and Threatened Situation of relevant network events shall be sent to the company's
supervisor, the company's network security officer and the designated person A.Contents of
the report, including but not limited to:
※根据本手册所有涉嫌的网络安全漏洞（例如信息故障、服务损失、检测恶意代码、拒
绝服务攻击、不完整或不准确的业务数据引起的错误） All suspected network security
vulnerabilities (such as information failures, loss of service, detection of malicious code,
denial-of-service attacks, errors caused by incomplete or inaccurate business data)
according to this manual
※注意所有重要的细节（例如破坏类型、屏幕上的消息、不寻常事件的细节）Note all
important details (such as type of damage, messages on the screen, details of unusual
events)
※如果没有紧迫危险的情况下，不要试图自行采取补救行动Do not attempt to take
remedial action on your own if there is no immediate danger
※为使船舶摆脱危险，自从事件发生后所采取的措施Measures taken since the incident to
keep the ship out of danger
※评估是否需要申请船旗国豁免
※评估是否需要港口当局或相关利益攸关方Assess whether it is necessary to apply for a
Ver1.0
船舶网络安全手册
flag State exemption
※需要公司提供的援助needs assistance from the company
3) 恢复系统和数据Restore the system and data
※如果申请了船旗国豁免，恢复系统和数据后， 要通知船旗国取消豁免If the flag State
has applied for immunity, notify the flag State of the cancellation of immunity when the
system and data are restored
※或通知港口当局或相关利益相关方已经修复的结果or notify the port authorities or
relevant interested parties of the results of the repairs that have been made
4) 对事件进行调查， 包括但不限于Investigate the incident, including but not limited to
※ 确定相关责任人Identify the responsible person
※确定网络事件的产生原因Determine the cause of the network event
5) 防止重复发生to prevent repetition
※通过修改操作规程等，防止重复发生by modifying the operating procedures, etc., to
prevent the recurrence
※通过培训，防止重复发生by training to prevent the recurrence
4. 恢复计划Recovery plan
恢复计划应在船上和岸上可以获得。该计划的目的是帮助恢复系统和必要的数据，以便
IT 和OT 回复到运行状态。为确保船上人员的安全， 计划中应优先考虑船舶的操作和航
行。负责网络安全的人员应当了解恢复计划。恢复计划的细节和复杂性将取决于船舶的
类型以及船上安装的IT 、OT 和其他系统的情况。 Recovery plans should be available on
board and ashore. The purpose of this plan is to help restore the system and the
necessary data so that IT and OT can get back to a running state. In order to ensure the
safety of those on board, priority should be given to the operation and navigation of the
ship in the plan. Those responsible for cyber security should be aware of the recovery
plan. The details and complexity of the recovery plan will depend on the type of ship and
the IT, OT and other systems installed on the ship.
5. 对网络事件的调查Investigation of network incidents
对网络事件的调查可以提供有关漏洞被利用的方式的宝贵信息。公司应尽可能根据程序
对影响船上IT 和OT 系统的网络事件进行调查。详细的调查可能需要外部专家的支持。
Investigations into cyber incidents can provide valuable information about the ways in
which vulnerabilities are exploited. Company shall investigate, as far as possible,
network incidents affecting onboard IT and OT systems in accordance with procedures.
A detailed investigation may require the support of outside experts.
6. 网络事件将引起的损失Loss that will becaused by network events
一般来说，在许多提供海事财产保险的市场中，会覆盖船舶事故造成的船舶及其设备的
损失或损坏，例如搁浅， 碰撞， 火灾或浸水等，即使事件的根本原因是网络事件。但也
要注意到， 目前在一些市场上存在针对网络攻击的排除条款。如果包含网络攻击的排除
条款，则其损失或损害将不被保险覆盖。公司提前向他们的保险公司/经纪人确认其政
策是否涵盖网络事件和/或网络攻击造成的索赔。In general, in many markets that offer
maritime property insurance, loss or damage to a ship and its equipment is covered by a
ship accident, such as grounding, collision, fire or flooding, even if the root cause of the
event is a network event. However, it is also important to note that there are currently
exclusions for cyber attacks in some markets. If an exclusion clause for cyber attacks is
included, the loss or damage will not be covered by insurance. Companies check with
Ver1.0
船舶网络安全手册
their insurance company/broker in advance to see if their policies cover claims arising
from cyber incidents and/or cyber attacks.
7. 事故报告 accident report 一旦成功处理了网络安全事故， 将要求对内部和外部利益攸
关方提交正式报告， 或向有关当局进行自愿/强制报告。 Once a cyber security incident
has been successfully addressed, formal reporting to internal and external stakeholders
or voluntary/mandatory reporting to the relevant authorities will be required.
※详细描述事故的性质、历史和采取的修复行动。 Describe in detail the nature of the
accident, history, and repair actions taken.
※对事故的财务成本以及对业务的其他影响（如声誉受损，管理控制权丧失或增长受损）
进行现实地估计。Realistic estimates of the financial cost of the accident and other
impacts on the business, such as reputational damage, loss of management control, or
loss of growth.
※为了更有效地防止，检测， 修复或从网络安全事故中恢复， 提供其所需加强或增添控
制的建议。 Suggestions for strengthening or adding controls needed to prevent, detect,
repair, or recover from cyber security incidents.
8. 事故经验教训 Lessons learned from accidents
跟进网络安全事故的一个重要部分是记录、交流和借鉴经验教训。为了从以前的错误、
事故和经验中学习， 这应该被看作一个持续的过程。与所有的利益相关方的沟通应该清
晰、简明， 重点放在解决问题和改进控制上。应该清楚地找出仍然存在的差距， 并提出
为减小这些差距应做的努力。应该制定一个行动计划，说明公司如何从事件中吸取教训，
以便在未来的网络安全攻击面前有更强的复原能力。行动方案应包括技术性和非技术性
的项目或计划，这有助于减少攻击者成功的机率并且更加迅速和有效地应对攻击者的活
动。分析网络安全事故时应考虑是否是技术力量差距促成了攻击者的成功，或者人员或
流程的差距才是主要的罪魁祸首。An important part of following up on cyber security
incidents is documenting, communicating and learning from lessons learned. This
should be seen as an ongoing process in order to learn from previous mistakes,
accidents, and experiences. Communication with all stakeholders should be clear and
concise, with a focus on problem solving and improved controls. The gaps that still exist
should be clearly identified and the efforts that should be made to reduce them. An
action plan should be developed that Outlines how the company can learn from the
incident so that it is more resilient to future cyber security attacks. The action plan
should include both technical and non-technical projects or plans that help reduce the
chance of success and respond more quickly and effectively to the attacker's activities.
When analyzing network security accidents, it is necessary to consider whether the gap
of technical power contributes to the success of the attacker, or whether the gap of
personnel or process is the main culprit.
十、 网络安全培训 network security training
1. 船长负责全船所有人员的培训。The captain is responsible for the training of all
personnel on the ship.
2. 大副和轮机长负责本部门人员的培训，每半年培训一次，并填写体系文件 SPR060304
《船员培训记录》。 The chief officer and chief engineershall be responsible for the training
of the department personnel every six months, and shall fill in the system document
SPR060304 "Seafarers Training Record".
Ver1.0
船舶网络安全手册
3. 培训材料，应包含以下内容：Training materials shall include the following contents:
1） 本网络安全手册的内容 Content of this Network Security Manual
2） 船旗国关于网络安全的特殊规定 Special regulations on cyber security of flag states
3） 船级社或其他相关机构关于网络安全的指导文件 Guidance documents on network
security from classification societies or other relevant institutions
4）其他需要重点培训的内容，包括但不限于：Other key training contents, including but not
limited to:
※ 邮件风险及如何安全操作； email risks and how to operate safely;
※ 上网的风险； the risks of surfing the Internet;
※ 使用自有设备的风险； the risk of using your own equipment;
※ 避免使用被感染的硬件或软件在船舶电脑上安装和维护； Avoid installation
and maintenance of infected hardware or software on the ship's computers;
※保护信息、密码和数字证书；Secure information, passwords, and digital
certificates;
※ 非公司人员导致 的网络风险 ；Network risks caused by non-company
personnel;
※检测可疑行为或设备及网络事件正在发生时如何报告； Detect suspicious
behavior or devices and how to report when network events are occurring;
※网络事件对船舶安全和操作的后果或影响； Consequences or effects of
network incidents on ship safety and operation;
※熟悉日常安全措施的操作； Familiar with the operation of daily safety
measures;
※用于合作方移动介质在连接船舶系统前的保护措施； for the partner's mobile
media before connecting to the ship's system protection measures;
※杀毒软件的使用， 不能因杀毒软件和防恶意攻击的使用而降低其他要求。the
use of anti-virus software, can not reduce other requirements due to the use of
anti-virus software and anti-malicious a
5）网络风险管理中承担职责的人员， 应能识别计算机受损后迹象例如：The person
responsible for network risk management should be able to identify signs of computer
damage such as:
※没有响应或慢； is not responding or slow;
※意料之外的密码变更或合法用户被系统阻挡；Unexpected password change
or legitimate user blocked by the system;
※程序中的意外错误；Unexpected error in program;
※磁盘空间或内存的意外突然变化；Unexpected sudden change in disk space or
memory;
※意外退回的邮件； Accidentally returned mail;
※意外的网络连接困难； Unexpectedly difficult network connection;
※系统崩溃频发；system crashes frequently;
※不正常活动的硬件或进程； Abnormally active hardware or processes;
※浏览器、软件设置权限的异常变化。 Exceptional changes in browser and
software Settings
十一、网络安全管理规定 Provisions on the Management of Cyber Security
Ver1.0
船舶网络安全手册
为保障船舶网络安全，根据船舶网络的组成和预估的风险，制定本管理规定。由于网络风险
的复杂性、隐蔽性和潜伏性，本规定不可能涵盖所有网络管理内容。本规定包括但不限于：
In order to guarantee the network security of ships, these regulations are formulated
according to the composition of the network of ships and the estimated risks. Due to the
complexity, concealment and latent nature of network risks, it is impossible for this
regulation to coverall network management contents. This provision includes but is not
limited to:
1. 通信电脑的管理 Management of communication computers
1) 防火墙：严禁通信电脑未经防火墙，直接连接卫星通信设备。Firewall: it is forbidden for
communication computers to connect directly to satellite communication equipment
without firewall.
2) 每次收发报等通信完成后，必须手动断开卫星通信设备和防火墙之间的物理连接， 以
防由于防火墙不能控制的因素，造成卫星流量的大量流失，造成通信费的巨大浪费。After the
completion of each communication, the physical connection between the satellite
communication equipment and the firewall must be disconnected manually to prevent the
loss of a large number of satellite traffic and a huge waste of communication expense due to
factors that the firewall cannot control.
3) 手动断开卫星通信设备和防火墙之间的物理连接的方式，可以通过断开网线开关的方
式，也可以通过拔掉连接防火墙的网线的方式等。 Manually disconnect the physical
connection between the satellite communication equipment and the firewall, either by
disconnecting the network cable switch or by unplugging the network cable connected to
the firewall.
4) 通信软件 RYDEX 和 FOXMAIL 的安装调试方法，见附录 C 。See Appendix C for
installation and debugging methods of communication software Rydex and Foxmail.
5) 驾驶台通信电脑，作为主用通信电脑；船长房间工作电脑，作为备用通信电脑。两台
电脑， 都必须安装好通信软件， 并随时处于可用的状态。Bridge communication computer as
the main communication computer; Captain's room working computer, as backup
communications computer. Both computers must have communication software installed
and available at all times.
6) 如果驾驶台通信电脑和船长房间工作电脑同时出现故障， 要根据附录 C，将通信软件
安装在一台干净的没有病毒的电脑上，尽快恢复通信畅通。In case of simultaneous failure of
the bridge communication computer and the working computer in the captain's room, the
communication software shall be installed on a clean computer free of virus according to
Appendix C to restore the smooth communication as soon as possible.
7) 电脑要设置登录密码，要设置固定的 IP 地址，由船长统一管理。The computershall
set the login password and fixed IP address, which shall be under the unified management of
the captain.
8) 识别可疑的电子邮件， 永远不要打开其附件中的任何文件。 Identify suspicious emails
and never open any files attached to them.
9) 删除可疑的电子邮件，不要转发或发送到任何其他地址。Delete suspicious emails and
do not forward or send them to any other address.
10) 没有得到船舶主管人员的同意，不得连接外部移动存储设备。Do not connect external
Ver1.0
船舶网络安全手册
mobile storage devices without the consent of the ship's officer in charge.
11) 不得安装与工作无关的软件，不得做与工作无关的事情。 Do not install any software
unrelated to work or do anything unrelated to work.
2. 卫星通信防火墙 Satellite communication firewall
1） 严禁不经过防火墙， 将任何船舶电脑，直接连接到卫星通信设备上面， 造成跑流量
的风险。It is strictly prohibited to connect any ship's computer directly to the satellite
communication equipment without passing the firewall, which will cause the risk of
running traffic.
2） 严禁私自复位，私自修改防火墙中的配置文件的任何内容。It is strictly prohibited to
reset or modify any content of the configuration file in the firewall.
7. 操作权限： 本船人员必须先征求相关主管人员的许可， 才能操作网络安全设备。外来人
员必须先征求船长/大副/轮机长的许可， 并在相关主管人员的监督下， 才能操作网络安
全设备。Operation authority: the ship's personnel must first seek the permission of the
relevant supervisor before operating the network security equipment. Foreigners must
first seek the permission of the captain/first mate/chief engineer, and under the
supervision of the relevant supervisor, before operating the network security
equipment.
4. 重要文件的备份：Backup of important files:
1）每船配备 2 个移动硬盘，分别由大副和轮机长负责管理；Each ship is equipped with 2
mobile hard disks, respectively by the chief officer and chief engineer responsible for the
management;
2）大副和轮机长负责将本部门的重要文件信息进行备份， 每月备份一次；The chief officer
and chief engineer are responsible for backing up the important files of the department once
a month;
3）文件备份管理的时间，计入本部门的《网络安全系统运维记录表》。 The time for file
backup management is included in the "Network Security System Operation and
Maintenance Record Form" of the department.
5. 个人电子设备： 除非工作需要，在船长/大副/轮机长的许可，并能确保安全的情况下，
严禁个人电子设备连接船舶网络安全设备。Personal Electronic Devices: Unless required
for work, it is strictly prohibited to connect personal electronic devices to the ship's
network security equipment with the permission of the Master/First Officer/Chief
Engineer and with the assurance of safety.
6. 可以上网的设备：严格控制上网人员，严禁上网做与工作无关的事情。如果船舶卫星设
备提供船员上网的服务，应配备专门的电脑提供这项服务。 Internet-enabled equipment:
Strictly control the Internet users, strictly prohibit the Internet to do things unrelated to
work. If the ship's satellite equipment provides the crew with Internet access, special
computers should be provided to provide this service.
7. 开关机管理：船舶停电之前，所有网络安全设备要提前关机，以防电压波动造成损坏，
尤其是修船的时候。开关机的操作， 要严格按照说明书的指导进行，不能野蛮关机。
Switching and switching management: before the ship power outage, all network
security equipment should be shut down in advance to prevent damage caused by
Ver1.0
船舶网络安全手册
voltage fluctuations, especially during ship repair. The operation of the switch machine
should be carried out in strict accordance with the instructions, and can not be brutally
shutdown.
8. 接口管理： interface management:
1） 所有设备上面的 USB 接口和其他可以用来数据交换的接口，由船长/大副/轮机长
/相关主管人员统一管理，不经过同意不可以使用。All USB interfaces and other
interfaces that can be used for data exchange shall be under the unified
management of the captain/first mate/chief engineer/relevant supervisor, and
shall not be used without permission.
2） 船长/大副/轮机长必须确认欲将与网络安全设备连接的设施是安全的， 用前必须采
取格式化、杀毒等措施进行安全检查。The captain/first mate/chief engineer must
confirm that the facilities to be connected with the network security equipment are
safe, and must take measures such as formatting and anti-virus for security
inspection before use.
3） 特定网络安全设备， 必须使用专用的移动存储设备， 比如：专用的 U 盘。 Specific
network security equipment, must use special mobile storage devices, such as:
special U disk.
4） 减少因 U 盘、移动硬盘、手机等设施，通过接口与网络安全设备相连接，导致中
毒的事件发生。 Reduce the occurrence of poisoning caused by U disk, mobile hard
disk, mobile phone and other facilities connected with network security equipment
through interfaces.
9. U 盘和移动存储设备的管理 U disk and mobile storage device management
1) 船长 / 大副 / 轮机长 负责全面监控 USB 存 储设备的使用。
Captain/Chief
Officer/Chief Engineer is responsible for monitoring the use of USB storage devices.
2) 没有得到船舶主管人员的同意，不得连接外部移动存储设备。Do not connect external
mobile storage devices without the consent of the ship's officer in charge.
3) 外部移动设备连接电脑前，要用干净的电脑杀毒后，或者格式化以后，才能和电脑
交换数据。Before the external mobile device is connected to the computer, it should
use a clean computer after antivirus, or after formatting, before exchanging data
with the computer.
10. 服务器的管理 Server management
1） 应该处在一个安全的位置， 并指定专人负责。You should be in a safe location and
designate someone to be responsible.
2） 除非在公司的指导下，个人不得擅自进入服务器修改程序和数据。Unless under the
guidance of the company, individuals shall not enter the server to modify the
program and data without authorization.
3） 系统管理员账户和密码由公司统一保管。当需要船方配合做调试或升级时， 公司可
以将密码告知船长， 并指导船长完成服务器的维护。The account and password of
the system administrator shall be kept by the company. When the ship needs to
cooperate in debugging or upgrading, the company can inform the captain of the
password, and guide the captain to complete the maintenance of the server.
4） 不得安装与工作无关的软件，不得做与工作无关的事情。Do not install any software
unrelated to work or do anything unrelated to work.
Ver1.0
船舶网络安全手册
Ver1.0
11. 办公电脑的管理 Management of office computers
1） 电脑要设置登录密码， 要设置固定的 IP 地址，由船长/大副/轮机长分别管理，由
船长/大副/轮机长分别管理，并制作相应的信息资料管理清单。 The computer shall set a
login password and a fixed IP address, which shall be separately managed by the
captain/first mate/chief engineer, and separately managed by the captain/first mate/chief
engineer, and the corresponding information management list shall be made.
2） 每台电脑的 IP 地址，要求张贴在电脑主机上面。The IP address of each computer
should be posted on the host computer.
3） 没有得到船舶主管人员的同意，不得连接外部移动存储设备。Do not connect
external mobile storage devices without the consent of the ship's officer in charge.
4） 当你怀疑办公电脑感染了恶意软件时，请立即断开电脑本机和局域网的连接。
When you suspect that your office computer is infected with malicious software, please
disconnect the connection between the local computer and the LAN immediately.
5） 如果条件许可，船上设置一个专用的电脑和打印机供外来人员使用。此电脑和打
印机应该清楚标识， 供外来人员使用。 If conditions permit, setup a special computer and
printer on board for outsiders to use. The computer and printer should be clearly identified
for use by outsiders.
6）不得安装与工作无关的软件，不得做与工作无关的事情。Do not install any software
unrelated to work, or do anything unrelated to work.
12. 局域网的管理 LAN management
1） 局域网中各台电脑，分别采用固定的 IP 地址： Each computer in the LAN shall
have a fixed IP address:
IP 地址 IP address:
子网掩码 Subnet mask:
默认网关 Default gateway:
首选 DNS 地址 Preferred DNS address:
2） IP 地址的分配，参照如下分配原则：
following assignment principles:
For IP address assignment, follow the
驾驶台电脑 X=101-102； 船长房间电脑 X=103-105；
甲板部电脑 X=110-120； 轮机部电脑 X=121-130；
服务器电脑 X=200-210
Bridge computer X=101-102;Captain's room computer X=103-105;
X=110-120;Engine department computer X=121-130;
Server computer X=200-210
3） 每台电脑要张贴本机的 IP 地址， 以便迅速排除故障。 Each computer should post
the IP address of the machine for quick troubleshooting.
4） 不得在局域网内传播与工作无关的信息资料。Do not spread information irrelevant
to work in the LAN.
5） 个人电脑，除非工作需要，不得接入船舶局域网中。Personal computers shall not be
connected to the ship's LAN unless necessary for work.
6） 当怀疑局域网中的某台电脑感染了恶意软件时，立即拔除网线， 从局域网中移除，
以免感染局域网中的其他电脑。When a computer in the LAN is suspected to be infected with
船舶网络安全手册
malicious software, pull out the network cable immediately and remove it from the LAN to
avoid infecting other computers in the LAN.
13. 杀毒软件的管理 Management of antivirus software
1) 公司选定的杀毒软件是 360 杀毒软件。The antivirus software selected by the
company is 360 antivirus software.
2) 杀毒软件，每月更新一次；长航线船舶，每次靠泊港口更新一次。Anti-virus software,
updated once a month; Long route ships, each port of call to update once.
3) 可以连接 WIFI 的电脑，直接联网升级杀毒软件。The computer that can connect to
WiFi can update the anti-virus software directly.
4) 无法连接 WIFI 进行在线升级的电脑，使用 360 官方网站的增量病毒库更新包或
全量病毒库更新包进行升级。方法是： 在可以连接 WIFI 的电脑上，下载好增量病毒库更
新包或全量病毒库更新包，拿到不能连接 WIFI 的电脑去进行升级或安装。安装有 360 杀
毒软件的电脑， 安装增量病毒库更新包进行升级。未安装 360 杀毒软件的电脑， 直接安装
全量病毒库更新包。 For
computers that cannot connect to WiFi for online upgrade, use the incremental virus
library update package or the full virus library update package on the official website of 360
to upgrade .The method is: on the computer that can connect to WiFi, download the
incremental virus library update package or the full virus library update package, take the
computer that can not connect to WiFi to upgrade or install. For computers with 360
antivirus software installed, install the Incremental Virus Repository Update Pack to
upgrade. Computer without 360 antivirus software installed, directly install the full amount
of virus library update package.
4) 杀毒软件更新时间、查杀病毒等要素，计入《网络安全系统运维记录表》，见附录 B 。
Antivirus software update time, virus killing and other factors are included in the
Network Security System Operation and Maintenance Record Form (see Appendix
B).
14. 货物配载电脑的管理 Management of cargostowage computers
1) 配载电脑之外，必须在另外一台工作电脑上安装好配载软件，作为备用措施。不会安
装的话，找公司主管人员协助安装。 In addition to the stowage computer, the stowage
software must be installed on another working computer as a backup measure. If you can't
install, look for the company's supervisor to assist in the installation.
2) 配载软件（光盘）、配载软件的加密狗， 由大副妥善保管。 The encryption dog of the
stowage software (CD) and the stowage software shall be properly kept by the chief officer.
3) 配载软件，严禁办公使用，严禁做与工作无关的事情。 Stowage software is strictly
prohibited for office use and for doing things unrelated to work.
15.VDR 的管理 The management of the system 15. VDR
1) VDR 的核心是一个电脑系统， 开关机要严格按照说明书的步骤执行， 否则，容易造成
存储设备和系统的损坏。 The core of VDR is a computer system. The switch machine should
be executed in strict accordance with the instructions. Otherwise, it is easy to cause damage
to the storage equipment and system.
2) 在船舶出现应急情况时，二副在船长的指挥下， 对事故发生时间的数据进行备份，作
为配合海事调查的证据。 In case of emergency, the second officershall, under the command
Ver1.0
船舶网络安全手册
of the captain, backup the data of the time of the accident as evidence to cooperate with the
maritime investigation.
3) 外部存储设备到 VDR 之前， 要对存储设备进行杀毒或者格式化， 确保去没有病毒之
后，才能连接 VDR 。 Before the external storage device is connected to VDR, the storage
device should be antivirus or formatted to ensure that there is no virus before connecting to
VDR.
4) 外部电脑连接到 VDR 之前，要确保外部电脑没有病毒之后， 才能连接。 Before
connecting the external computer to VDR, it is necessary to ensure that the external
computer is free of viruses before connecting
.
16. 电子海图的管理 Administration of electronic charts
1) 使用 U 盘升级海图数据时，要先将 U 盘格式化， 再拷贝海图升级包到 U 盘连接电
子海图，连接之前， 要确保 U 盘没有被病毒感染。When using the U disk to upgrade the
chart data, you should format the U disk first, and then copy the chart upgrade package to
the U disk to connect the electronic chart. Before connecting, you should ensure that the U
disk is not infected by the virus.
2) 使用其他移动存储设备连接电子海图之前， 要确保没有病毒才能连接。Before using
other mobile storage devices to connect electronic charts, make sure there are no viruses
before connecting them.
3) 电子海图要按照正常的程序开关机。Electronic charts should be switched on and off
according to normal procedures.
17. LRIT 设备/SSAS 设备：外部电脑连接设备之前，要确保外部电脑没有病毒之后， 才能
连接。 .LRIT device /SSAS device: Before connecting the external computer to the device,
make sure the external computer is free of viruses before connecting.
18. 系统软件/光盘管理：用于船舶各个系统安装/调试的软件、光盘等信息资料，由船长/
大副/轮机长分别管理，并制作相应的信息资料管理清单。System software/CD management:
The master/chief officer/chief engineer shall manage the software, CD and other
information materials used for the installation/commissioning of each system of the ship
separately, and make corresponding information and data management lists.
19. 其他网络安全设备：参照上述网络安全管理规定执行。 Other network security
equipment: refer to the above network security management regulations.
20. 《船舶网络安全系统运维记录表》：如实填写设备软件升级、杀毒软件升级和查杀记录、
重要文件备份、网络安全设备修理等有关网络安全设备运维的相关内容。每半年上报公司一
次。Ship Network Security System Operation and Maintenance Record Form: truthfully fill in
equipment software upgrade, anti-virus software upgrade and killing record, important file
backup, network security equipment repair and other related contents of network security
equipment operation and maintenance. Report to the company every six months.
Ver1.0
船舶网络安全手册
十二、船舶网络结构方框图 Block diagram of network structure
Ver1.0
船舶网络安全手册
十三、相关记录 Related Records
1. 附录 A《船舶网络安全系统风险评估总表》，每半年填报一次，由大副和轮机长负
责填写， 由船长负责审核。Appendix A General Risk Assessment Form for Ship Cyber Security
System shall be filled out every six months, and shall be filled out by the Chief Officer and
Chief Engineer, and reviewed by the Captain.
2. 附录 B《船舶网络安全系统运维记录表》，每半年填报一次，由大副和轮机长分别
填写，由船长负责审核。Appendix B "Ship Cyber Security System Operation and Maintenance
Record Form" should be filled out every six months by the chief officer and chief engineer
respectively, and the captain should be responsible for checking.
附录
附录 A：100102-1-1 《船舶网络安全系统风险评估总表》
Appendix A: 100102-1-1 General Table of Risk Assessment for Ship Cyber Security
System
附录 B：100102-1-2 《船舶网络安全系统运维记录表》
Appendix B: 100102-1-2 Operation and Maintenance Record of Ship Cyber Security
System
附录 C：船舶通信软件 RYDEX 和 FOXMAIL 安装指南
Appendix C: Installation guide for Rydex and Foxmail
Ver1.0