Cyber
Type Approval
Support
Original equipment manufacturers (OEMs) for the marine and offshore industries often lack the in-house cybersecurity expertise needed to obtain Type Approval certification. Today, they must not only have an overall understanding of the approval framework, but knowledge from a cyber perspective as well.
BV Solutions M&O powered by Secura can produce the documentation required for the certification process. Combining maritime and cybersecurity expertise, we tailor our Type Approval support to each client, their cybersecurity maturity, and their specific cyber needs. By acting as flexible, attentive partners, we improve their cybersecurity.
Our added-value
BV Solutions M&O’s and Secura’s combined maritime and cybersecurity expertise uniquely positions us to provide global, high-level and technical solutions
We understand that every client is different, which is why we adapt to specific requirements and work closely with them to ensure production of all necessary documentation to attain certification
Our experts provide Type Approval support for both software and hardware equipment, producing all needed documentation to ensure certification
Identifying and assessing threats
As a first step, we identify all assets, alongside possible security threats on those assets. We review the OEM’s risk analysis and clarify it through interviews with client contacts—either onsite or remotely. We then prepare a full threat assessment report, which summarizes and analyzes deployed security controls, while listing possible gaps.
Technical assessments for standalone products
Our experts aid in reducing surface attacks on asset equipment by carrying out active penetration testing (“pentesting”). These simulated cyber-attacks against systems and system updates help identify and list potential cybersecurity vulnerabilities.
Expert recommendations
Adhering to Type Approval requirements, our technical experts work hand in hand with our clients to produce documentation that proves equipment is compliant with rule note BV NR 659. From the cyber repository and list of assets through to a review and testing of technical security controls implemented on the product, we help ensure compliance with operational regulatory requirements at international, flag, and coastal state levels.
Onsite testing
We go onsite to perform pentesting on equipment along with certified test delivery as required for BV NR 659 approval. We provide a complete summary of executed testing and clearly indicate potential instances of non-compliance.