ONR moves to protect ships’ systems from cyberattacks

ONR moves to protect ships’ systems from cyberattacks

The Navy is developing a robust cybersecurity system to protect its shipboard systems.  The Resilient Hull, Mechanical, and Electrical Security (RHIMES) system, developed by the Office of Naval Research, is designed to make electrical and mechanical shipboard systems more resilient to cyberattacks. 

The RHIMES system is not focused on data theft, which poses an inherent and separate risk. Instead, it seeks to protect against attacks like the infamous Stuxnet virus that targeted logic controllers in Iranian centrifuges, forcing them to spin so fast they destroyed themselves.   

“The purpose of RHIMES is to enable us to fight through a cyberattack,” said Chief of Naval Research Rear Adm. Mat Winter. “This technology will help the Navy protect its shipboard physical systems, but it may also have important applications to protecting our nation’s physical infrastructure.”

The program is designed to prevent access to programmable logic controllers, which are the embedded hardware components that interface with physical systems, according to Ryan Craven, one of the program officers heading efforts associated with RHIMES. Those components are used in shipboard systems for damage control and firefighting, climate control, electric power, steering and engine control. “It essentially touches all parts of the ship,” Craven explained.    

Rather than relying on virus definitions that depend on previously identified vulnerabilities, “RHIMES introduces diversity via a slightly different implementation for each controller’s program,” Craven said. “In the event of a cyberattack, RHIMES makes it so that a different hack is required to exploit each controller.  The same exact exploit can’t be used against more than one.”

While many physical controllers have redundant backups that allow systems to remain operational during controller failure, “without diversity in their programming, if one gets hacked, they all get hacked,” ONR documents state. 

“Vulnerabilities exist wherever computing intersects with the physical world, such as in factories, cars and aircraft,” Craven added, “and these vulnerabilities could potentially benefit from the same techniques for cyber resilience.”

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected