Journal of the Society of Naval Architects of Korea (대한조선학회논문집)

The Society of Naval Architects of Korea (대한조선학회)
권호 표지
DOI QR코드

DOI QR Code

Research on Security Detection Policy Model in the SIEM for Ship

선박용 Security Information Event Management (SIEM) 개발을 위한 보안 정책 모델에 관한 연구

  • Received : 2024.06.05
  • Accepted : 2024.07.09
  • Published : 2024.08.20
Download PDF
⟨ Previous Next ⟩

Abstract

According to International Association of Classification Societies (IACS) Unified Requirement (UR) E26, ships contracted for construction after July 1, 2024 should be designed, constructed, commissioned and operated taking into account of cyber security. In particular, ship network monitoring tools should be installed in accordance with requirement 4.3.1 in IACS UR E26. In this paper, we propose a Security Information and Event Management (SIEM) security policy model for ships as an effective threat detection method by analyzing the cyber security regulations and ship network status in the maritime domain. For this purpose, we derived the items managed in the SIEM from the maritime cyber security regulations such as those of International Maritime Organization (IMO) and IACS, and defined 14 detection policies considering the status of the ship network. We also presents the detection policy for non-expert crews to understand it, and occurrence conditions depending on the ship's network environment to minimize indiscriminate alarms. We expect that the results of this study will help improve the efficiency of ship SIEM to be installed in the future.

Keywords

Acknowledgement

본 연구는 2024년도 산업통상자원부 조선해양산업핵심기술개발사업(20026436)의 지원에 의하여 이루어진 연구로서, 관계부처에 감사드립니다.

References

  1. Baltic International Maritime Conference(BIMCO), 2016. The Guidelines on cyber security onboard ships edition 1.
  2. Cha, B.R., Choi, M.S, KANG, E.J., Park, S. and Kim, J.W., 2017. Trends of SOC & SIEM Technology for Cybersecurity. Smart media Journal, v.6 no.4, pp.41-49.
  3. Gang, N.S., 2018. Analysis of onboard ship cybersecurity. Journal of the Korean Society of Marine Engineering, 42(6) pp.463-471. https://doi.org/10.5916/jkosme.2018.42.6.463
  4. International association of classification societies(IACS), 2020. Rec 166 - Recommendation on Cyber Resilience, URL: https://iacs.org.uk/resolutions/recommendations/161-180/rec-166-new-corr2-cln.
  5. International association of classification societies(IACS), 2022. unified- requirements E26 Cyber resilience of ships - Rev.1, URL : https://iacs.s3.af-south-1.amazo naws.com/wp-content/uploads/2022/02/04140503/UR-E26-Rev.1-Nov-2023-CR.pdf.
  6. International association of classification societies(IACS), 2022. unified- requirements E27 cyber resilience of on-board systems and equipment-Rev.1, URL : Available :https://iacs.s3.af-south-1.amazonaws.com/wp-content/uploads/2022/05/29103853/UR-E27-Rev.1-Sep-2023-CLN.pdf.
  7. International Maritime Organization(IMO), 2017. Maritime cyber risk management in safety management systems, resolution MSC.428(98), pp.1.
  8. International Maritime Organization(IMO), 2022. Guidelines on maritime cyber risk management, MSC-FAL/Circ.3/Rev.2, pp.1-6, 2022.
  9. Ko, K.J. and Jo, I.J., 2021. Application of integrated security control of artificial intelligence technology and improvement of cyber-threat response process. The Journal of the Korea Contents Association, 21, pp.59-66. https://doi.org/10.5392/JKCA.2021.21.10.059
  10. Korea Maritime Institute(KMI), 2023. IMO International Maritime Policy Trends, 126, pp.3.
  11. Lee, E.S, Ahn, Y.J. and Park, S.H., 2020. A study on the development of a training course for ship cyber security officers. Journal of the Korean Society of Marine Environment & Safety, 26(7), pp.830-837. https://doi.org/10.7837/kosomes.2020.26.7.830
  12. National institute of standards and technology(NIST), 2018. Framework for improving critical infrastructure cybersecurity ver 1.1, pp.6-8 URL: https://csrc.nist.gov/pubs/cswp/6/cybersecurity-framework-v11/final.
  13. Oil Companies International Marine Forum(OCIMF), 2017. Tanker management and self assessment 3 - A Best Practice Guide, pp.2.
  14. Oil Companies International Marine Forum(OCIMF), 2018. SIRE-overview-factsheet, pp.1-2, 2022.
  15. Park, J.S., 2020. The components of a cyber ship model. Bulletin of the Society of Naval Architects of Korea, 57(4), pp.7-13.
  16. Shibata J, 2023. Journey towards cyber-resilience of ship. Maritime cyber security and resilience symposium.
  17. The Korea Economic Daily, 2024. HD Hyundai Marine Solution to enter ship cyber security, URL: https://www.kedglobal.com/shipping-shipbuilding/newsView/ked202401220008.