ISO 16425:2024

International
Standard
ISO 16425
Second edition
Ships and marine technology —
2024-01
Specifications for the installation of
ship communication networks for
shipboard equipment and systems
Navires et technologie maritime — Spécifications pour
l'installation de réseaux de communication des navires pour les
équipements et systèmes embarqués
Reference number
© ISO 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .vi
Introduction .viii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Abbreviated terms . 6
5 Network system architecture . 7
5.1 Scope of networks system architecture .7
5.2 Controlled network requirements .9
5.3 Network system design .9
5.3.1 General .9
5.3.2 Network system separation .10
5.3.3 Network division .10
5.3.4 Traffic division .10
5.3.5 Redundancy .11
5.3.6 Cyber security .11
5.4 Roles and management .11
5.4.1 General .11
5.4.2 Ship owner .11
5.4.3 System integrator .11
5.4.4 Ship operator .11
5.4.5 Manufacturer . 12
5.4.6 After-sales-service provider . 12
6 Organized necessary function .12
6.1 General . 12
6.2 Necessary information . 12
7 Operation plan design .13
7.1 General . 13
7.2 Objectives for managing shipboard network operations . 13
7.3 Items to manage . 15
7.3.1 Items to manage devices and cables to be installed . 15
7.3.2 Items to monitor and details . 15
7.3.3 Details of maintenance . 15
7.3.4 Back-ups and log management . 15
7.3.5 Operation of reports . 15
7.3.6 Service management .16
8 Understanding the equipment to be installed .16
8.1 Understanding the equipment .16
8.1.1 General .16
8.1.2 Inventory lists .16
8.2 Requirements for the 16425-Network device and 16425-equipment installed in the
shipboard network .16
8.2.1 General cyber security requirements for 16425-Network devices and
16425-equipment .16
8.2.2 Network interface for 16425-Network equipment and 16425-Network device .17
8.2.3 Requirements for 16425-Network nodes .17
8.2.4 Requirements for 16425-Network devices .18
8.3 Protocol and traffic . 23
8.3.1 General . 23
8.3.2 Protocol . 23
8.3.3 Traffic . 23
8.3.4 IP address . 23

iii
8.3.5 MAC address . 23
8.4 Cable . 23
8.4.1 General . 23
8.4.2 Cable specification . 23
8.4.3 Cable earth method . 23
9 Network design .24
9.1 General .24
9.2 Concept of shipboard network system . .24
9.2.1 General arrangement.24
9.2.2 Channel .24
9.2.3 Permanent ink .24
9.2.4 Code. 25
9.2.5 Extender connector . 25
9.2.6 Telecommunications outlet . 25
9.3 Design standard . 25
9.3.1 Category of cables and codes . 25
9.3.2 Plug connection method . 25
9.3.3 Specifications for naming cable . 25
9.3.4 Model number of cable, code, plug, jack and crimping tools to be used . 25
9.4 Physical design . 25
9.4.1 Selection of 16425-Network equipment . 25
9.4.2 Cabling .27
9.4.3 Separation of collision domain . 28
9.4.4 Setting of interfaces . . 28
9.4.5 Installation . 28
9.5 Logical design . 28
9.5.1 General . 28
9.5.2 Isolation of network . 28
9.5.3 Broadcast domain . 29
9.6 Reliability design . 29
9.6.1 General . 29
9.6.2 Redundancy . 29
9.6.3 Monitoring of shipboard networks . 29
9.6.4 Load design . 30
9.7 Wireless network design . 30
9.7.1 General . 30
9.7.2 Frequency requirement . 30
9.7.3 Frequency interference . 30
9.7.4 Load design .31
9.7.5 Installation design .31
9.7.6 Wireless network security design .31
9.7.7 Power supply and voltage . .31
9.7.8 Pre-survey .31
9.7.9 Security design .32
9.8 Documentation .32
9.8.1 Network design document .32
9.8.2 List of equipment (device inventory) .32
9.8.3 Schematic diagram .32
9.8.4 Logical topology diagram . 33
9.8.5 List of virtual networks . 33
9.8.6 List of interfaces between (virtual) networks . 33
9.9 Risk assessment (design phase) . 33
10 16425-Network device and cable installation .33
10.1 General . 33
10.2 Installation procedure . 34
10.2.1 16425-Network device . 34
10.2.2 Network cable . 34
10.2.3 Cable end termination . 36

iv
10.3 Installation confirmation .37
10.3.1 Conductivity confirmation .37
10.3.2 Wire map confirmation .37
10.3.3 Length confirmation .37
10.3.4 Insertion loss test .37
10.3.5 Near end crosstalk loss .37
10.3.6 Power meter checking . 38
10.3.7 Cable ID . 38
10.3.8 End termination . 38
10.4 16425-Wireless-Gateway installation procedures . 38
10.4.1 Environmental resistance . 38
11 Network cable installation and wireless installation test and inspection .38
11.1 Cable installation . 38
11.2 16425-Wireless Gateway installation confirmation . 44
12 Network operation .45
12.1 General .45
12.2 Identify vulnerabilities .45
12.2.1 Operation policy and procedure.45
12.2.2 Inventory and assessment .45
12.3 Develop protection and detection measures . 46
12.3.1 P olicy and procedure . 46
12.3.2 Access control . 46
12.4 Response and recovery . 46
12.4.1 Contingency plan . 46
12.4.2 Response to shipboard network incidents . 46
12.4.3 Recovery from shipboard network incidents . 46
12.5 Maintenance .47
12.5.1 Maintenance policy and procedure .47
12.5.2 Maintenance document and report .47
13 Network cyber security . 47
13.1 Network cyber security requirements .47
13.1.1 General .47
13.1.2 Cyber security management system .47
13.1.3 Operation plan design. 48
13.1.4 16425-Network equipment access security. 49
13.1.5 Wireless network access authentication method . 50
13.1.6 Network design .51
Annex A (informative) Implementing the content provided in this document .56
Annex B (informative) 16425-Network nodes and network monitoring specifications .77
Annex C (informative) 16425-Network implementation example .81
Bibliography .83

v
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO document should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent
rights in respect thereof. As of the date of publication of this document, ISO had not received notice of (a)
patent(s) which may be required to implement this document. However, implementers are cautioned that
this may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 8, Ships and marine technology, Subcommittee
SC 6, Navigation and ship operations.
This second edition cancels and replaces the first edition (ISO 16425:2013), which has been technically
revised.
The main changes compared are as follows:
— the title of this document has been changed from “guidelines” to “specification”;
— all Clauses have been revised in line with the shipboard network design procedure;
— designs for Wi-Fi networks, networks equipped with a shipboard data server that conform to ISO 19847
and ISO 19848, and requirements for cybersecurity for shipboard networks have been added;
— in Clause 5, the scope of this document has been included in the network system architecture;
— in Clause 6, information necessary for network design has been provided;
— in Clause 7, the requirements for the operation plan design of the shipboard network have been added;
— in Clause 8, information on shipboard network devices has been added;
— in Clause 9, the network design methods for the physical design of cable and connector for shipboard
network equipment and for the logical design of network separation and communication between
networks with cyber security have been updated;
— in Clause 10, the equipment, grounding and termination of cables and network equipment have been
clarified;
— in Clause 11, network testing and inspection objectives, conditions, methods and criteria have been
added;
— in Clause 12, information necessary for network operation has been provided;

vi
— in Clause 13, cyber security requirements for networks have been added;
— in Annex A examples of input/output information required for network design have been added;
— in Annex B, examples of monitoring and managing the shipboard network and the nodes connected to
the network have been added;
— in Annex C, an example of secure-network implementation compliant with this document has been
added.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

vii
Introduction
This document gives specifications relating to communication network-system architecture, data
requirements, administration, operation, commissioning, inspection and testing for shipboard equipment
and systems.
This document also takes into account differences between shipboard communication networks and
networks that are used outside of ships, and stipulates requirements and specifications relating to matters
unique to shipboard use.
Until the publication of this document, there has been a lack of comprehensive specifications for connecting
devices that are provided by many different manufacturers to a network via a generic means. This gap has
impeded the wider use of shipboard networks.
This document aims to improve the convenience for all involved parties, including manufacturers,
engineering firms, shipbuilders, and shipping companies.

viii
International Standard ISO 16425:2024(en)
Ships and marine technology — Specifications for the
installation of ship communication networks for shipboard
equipment and systems
1 Scope
This document provides installation specifications for ship communication networks, so as to improve
communication between shipboard equipment and within shipboard systems that are independent from
navigational equipment networks and engine-control networks. This document can also be applied to
operational technology (OT) networks that use software and hardware to control and monitor devices and
infrastructure such as navigational equipment networks and machinery control networks in ship.
The ship communication networks covered in this document are intended for information sharing and are
not directly related to safety of navigation.
This document utilizes existing standards relating to protocols, and provides new specifications for aspects
such as communication network-system architecture, administration, operation and installation.
The new specifications in this document include: redundancy, if necessary, for a shipboard communication
network system; a network administration that does not require experts; physical as well as logical security;
and network installation.
This document uses the standard communication network Internet protocol.
This document applies to shipboard wired networks for IP communication, using Fast Ethernet and Gigabit
Ethernet as specified in IEEE 802.3 and to shipboard wireless networks for IP communication, using the
unlicensed 2,4 GHz and 5 GHz bands as specified in IEEE 802.11.
NOTE Other wireless technologies based on non-IP communication such as IEEE 802.15.1, IEEE 802.15.4 or
wireless communication methods using 920 MHz band are not covered in this document.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO 24060:2021, Ships and marine technology — Ship software logging system for operational technology
ISO/IEC 11801-1, Information technology — Generic cabling for customer premises — Part 1: General
requirements
ISO/IEC 14763-3, Information technology — Implementation and operation of customer premises cabling —
Part 3: Testing of optical fibre cabling
ISO/IEC 20000 (all parts), Information technology — Service management
IEC 60092-504:2016, Electrical installations in ships— Part 504: Automation, control and instrumentation
IEC 60945, Maritime navigation and radiocommunication equipment and systems - General requirements -
Methods of testing and required test results
IEC 61162-450, Maritime navigation and radio communication equipment and systems — Digital interfaces —
Part 450: Multiple talkers and multiple listeners — Ethernet interconnection

IEC 61162-460:2018/AMD1: 2020, Maritime navigation and radio communication equipment and systems —
Digital interfaces — Part 460: Multiple talkers and multiple listeners — Ethernet interconnection — Safety and
security
IEEE 802.3, Ethernet (Formerly: Carrier Sense Multiple Access with Collision Detection)
IEEE 802.11, Ethernet (Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications)
ANSI/TIA-568.0:2020, Generic Telecommunications Cabling for Customer Premises
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
16425-Network
controlled network consisting of devices that meet the requirements of the 16425-Network node (3.4)
3.2
16425-Network device
hubs (3.21), layer 2 switches, layer 3 switches, routers and other devices that connect and relay between
networks
3.3
16425-Network equipment
shipboard equipment for processing, sending and receiving data
3.4
16425-Network node
16425-Network equipment (3.3) and 16425-Network device (3.2)
3.5
AES
advanced encryption standard
symmetric key cryptosystem
3.6
application level gateway
network infrastructure device that connects 16425-Networks with other networks and which satisfies the
safety and security requirements as specified in this document
3.7
business local area network
business LAN
network that crewmembers use for ship operation duties
3.8
broadcast domain
domain on a computer network where broadcasted frames (broadcasts) are received
3.9
collision domain
domain in a computer network where simultaneous transmission cause collisions or congestion

3.10
controlled network
network that has been designed to operate such that authorities are satisfied by documented evidence that
the network does not pose any security risks to any connected network nodes
Note 1 to entry: For example, any network compliant to IEC 61162-450 or this document that is approved by
classification society, flag state or recognized organization (RO) is considered as a controlled network.
3.11
Crew local area network
Crew LAN
network that crewmembers use for personal matters or in their spare time
3.12
extender connector
non-powered connections, including telecommunication outlets
3.13
data base system
systems equipped on the internet working or shore to manage data efficiently
3.14
DIAMETER
authentication, authorisation, and accounting protocol for computer networks
3.15
DMZ
demilitarized zone
physical or logical sub-network that contains and exposes an organization's external-facing services to a
larger and un-trusted network, usually the Internet
3.16
firewall
system installed at network nodes to ensure security by controlling unwanted traffic among different
network segments and to and from the internet and other external sources
3.17
gateway
communication device that connects computer networks to networks with differing protocols
3.18
hub
concentrator that is centrally located in a network comprising a star physical topology
3.19
ICMP
internet control message protocol
communication rules that are used for such purposes as notifications of errors in the processing of
datagrams, and notifications of information relating to communication
3.20
IP
internet protocol
network layer communications protocol in the Internet protocol suite for relaying datagrams across network
boundaries
3.21
IT network
information network not related to onboard control system

3.22
layer 2 switch
hub (3.18) that can direct traffic on an open systems interconnection reference model (3.28) layer 2 (data link
layer)
3.23
layer 3 switch
hub (3.18) that can direct traffic on an open systems interconnection reference model (3.28) layer 3 (network
layer)
3.24
log rotation
automated process used in system administration in which log files are compressed, moved (archived),
renamed or deleted once they are too old or too big
3.25
MAC address
media access control address
identifier used to identify network interfaces
3.26
MD5
message digest algorithm 5
hash function producing a 128-bit hash value
3.27
MIB
management information base
type of database for managing devices in a network
3.28
OSI reference model
open systems interconnection reference model
model that divides the communication functions for computers into layers
Note 1 to entry: See ISO/IEC 7498 for further details.
3.29
operation technology network
OT network
exclusive network of control and operational technology for optimal operation of products, equipment, and
systems on board
3.30
proxy
component acting as an intermediary between two equipment on the network
3.31
port trunk
method of raising transmission speed by governing two or more physical cables
3.32
RADIUS
remote authentication dial-in user service
networking protocol that provides centralized authentication, authorization, and accounting management
for users who connect and use a network service

3.33
REDS
removable external data source
user removable non-network data source, including, but not limited to, compact discs, memory sticks and
devices compliant with IEEE 802.15.1
3.34
SNMP
simple network management protocol
communication rules that define methods for communicating information in order to monitor and control
network devices within a network
3.35
shore network
non-shipboard networks, including internet working
3.36
SSI
...