ONR moves to protect ships’ systems from cyberattacks

ONR moves to protect ships’ systems from cyberattacks

The Navy is developing a robust cybersecurity system to protect its shipboard systems.  The Resilient Hull, Mechanical, and Electrical Security (RHIMES) system, developed by the Office of Naval Research, is designed to make electrical and mechanical shipboard systems more resilient to cyberattacks. 

The RHIMES system is not focused on data theft, which poses an inherent and separate risk. Instead, it seeks to protect against attacks like the infamous Stuxnet virus that targeted logic controllers in Iranian centrifuges, forcing them to spin so fast they destroyed themselves.   

“The purpose of RHIMES is to enable us to fight through a cyberattack,” said Chief of Naval Research Rear Adm. Mat Winter. “This technology will help the Navy protect its shipboard physical systems, but it may also have important applications to protecting our nation’s physical infrastructure.”

The program is designed to prevent access to programmable logic controllers, which are the embedded hardware components that interface with physical systems, according to Ryan Craven, one of the program officers heading efforts associated with RHIMES. Those components are used in shipboard systems for damage control and firefighting, climate control, electric power, steering and engine control. “It essentially touches all parts of the ship,” Craven explained.    

Rather than relying on virus definitions that depend on previously identified vulnerabilities, “RHIMES introduces diversity via a slightly different implementation for each controller’s program,” Craven said. “In the event of a cyberattack, RHIMES makes it so that a different hack is required to exploit each controller.  The same exact exploit can’t be used against more than one.”

While many physical controllers have redundant backups that allow systems to remain operational during controller failure, “without diversity in their programming, if one gets hacked, they all get hacked,” ONR documents state. 

“Vulnerabilities exist wherever computing intersects with the physical world, such as in factories, cars and aircraft,” Craven added, “and these vulnerabilities could potentially benefit from the same techniques for cyber resilience.”

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.


  • senior center (vuqarali/Shutterstock.com)

    Bmore Responsive: Home-grown emergency response coordination

    Working with the local Code for America brigade, Baltimore’s Health Department built a new contact management system that saves hundreds of hours when checking in on senior care centers during emergencies.

  • man checking phone in the dark (Maridav/Shutterstock.com)

    AI-based ‘listening’ helps VA monitor vets’ mental health

    To better monitor veterans’ mental health, especially during the pandemic, the Department of Veterans Affairs is relying on data and artificial intelligence-based analytics.

Stay Connected