A constantly changing global security environment brings increased demands to those who protect us. Thus, it is essential that OSI practices and adheres to some of the stringent requisitions in the industry, ranging from global cyber security measures to ensure the safety of navies and that our equipment meets military specification testing standards. We view our security ecosystem as being built around Cyber Security and a Protection Series or processes; this includes:
Internal Protection, Secure by Design, External Protection.
ISO 9001
ISO 9001 Quality Management System is recognized around the world, helping organizations operate more efficiently. It provides a framework for consistent business performance, customer focus, and long-term continuous improvement. OSI Maritime Systems quality management system is compliant to ISO 9001, and has held its certification since the year 2001. Canadian and UK operational sites are included within its QMS scope, and its certification is granted via independent assessment.
Our cyber security ecosystem is built around standards that best represent industry practices.
Through those standards, OSI deploys a series of measures that include OS lockdown, Red/Black Separation, Firewalls, User Authentication, and other advanced security protocols. These standards are not only applied to the technology we develop, build, and deliver to our customers, but the same protocols we use to manage our internal operations.
OSI is proud to comply with some of the industry’s most rigorous standards. Among those standards is the Cyber Essential Plus certification.
The rigorous certification process, awarded by DigitalXRAID, evaluates a candidate’s Boundary Firewalls and Internet Gateways, Secure Configuration, Patch Management, Access Control, and Malware Protection.
The certification is offered at two levels, and we chose the highest: Cyber Essentials Plus. The “Plus” indicates third-party verification, and for us, it is also a measure of the importance we place on verification for security and our processes and products.
Our security standards ecosystem is built around three levels of protection:
Internal Protection, Secure by Design, and External Protection.
Internal Protection
OSI employs a series of measures that include OS lockdown, Red/Black Separation, Firewalls, User Authentication, as well as other advanced security protocols. These standards are applied to the technology we develop, build, and deliver to our customers and the same protocols we use to manage our internal operations.
Secure by Design
The advanced design of systems and the stress testing of equipment is paramount. OSI software and systems from ECPINS to INTS (Warship IBS) are developed by staff and in facilities that satisfy required security standards; one reference is the Government of Canada guidelines.
Similarly, OSI solutions are designed to manage the handling of sensitive data in order to avoid being compromised. For example, built into OSI solutions are capabilities that are meant to capture and report incidents and log security-related events to a central repository. Advanced protocols are used to route classified data, such as Red network-only transfers and workstation restrictions.
OSI observes a variety of classifications and standards for electrical, electronic and related technologies, as well as shock testing of equipment.
Electronic Technologies
Among the standards that OSI adheres to is the international IEC 60945 standard – Maritime Navigation and Radiocommunication Equipment and Systems – General Requirements. The standard specifies minimum performance requirements, methods of testing, and required test results for maritime navigation and radio communication equipment and systems. This standard meets, in part, the International Convention for Safety of Life at Sea (SOLAS), adopted by the International Maritime Organization (IMO).
To ensure that OSI solutions meet Electromagnetic Interference/Electromagnetic Compatibility (EMI/EMC) standards based on customer requirements, OSI equipment can be tested against and designed to meet MIL-STD-461 and DEF STAN 59-411. These military testing standards are specific to electrical, electronic, electro-mechanical equipment, materials, and sub-systems for shipboard, above and below deck, and submarines.
Shock Test
High Impact Shock Test Military Specification MIL-S-901D is a military-grade specification for high-impact mechanical shock which applies to equipment mounted on ships. The MIL-S-901D specification covers shock testing requirements for shipboard machinery, equipment, systems, and structures. The fundamental purpose of abiding by these requirements is to verify the ability of shipboard installations to withstand shock loading, which may be incurred during wartime service due to the effects of nuclear or conventional weapons. Over a number of years, OSI has developed the design skills necessary to take marine grade equipment and systems through these demanding tests.
External Protection
The Internal Protection and Protection by Design lead to the final stage, which addresses the operational integrity of OSI systems when deployed in the field. Critical incoming, external data flowing into OSI systems undergo a baseline testing that follows a Validity, Integrity, and Plausibility protocol. External situational awareness monitoring is performed to detect fraudulent or suspicious activity and includes integrity checks for all charts, map data, and digital signature authentication.
ECPINS Chart Standards Supported
