• Title/Summary/Keyword: 사이버리스크평가

Search Result 8, Processing Time 0.018 seconds

해사 사이버보안의 이해

  • 최성민
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2022.11a
    • /
    • pp.392-393
    • /
    • 2022
  • 선박에 IT/OT가 도입되면서 사이버 위협이 증가하고 있습니다. 선박에서의 사이버 리스크 관리를 위해 현존하는 선박 내 사이버자산을 식별하고, 노출된 사이버 위협을 인지하고, 사이버 리스크 평가를 통한 대응방안을 이론적, 사례적으로 분석한 내용을 공유합니다.

  • PDF

자율운항선박 사이버안전체계 구축방안

  • 임정규;최상훈;박개명
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2022.06a
    • /
    • pp.350-352
    • /
    • 2022
  • 자율운항선박을 IMO 자율화등급 3단계 이상으로 운용하기 위해서는 내·외부 통신시스템의 사이버보안뿐만 아니라 실시간으로 데이터를 교환하는 데이터 및 시스템 사이버안전에 대한 고려가 필수적으로 요구된다. 본 연구에서는 자율운항선박 사이버안전체계 구축방안에 대해서 살펴본다. 자율운항선박 사이버안전체계 구축을 위해서는 선박 내 사이버위협을 실시간으로 탐지하고 영향을 모니터링하는 통합 보안 시스템 구축이 필요하며, 선박 사이버안전 설계 타당성을 검증하는 사이버리스크평가 기술, 사이버안전체계를 검증하기 위한 CVE(Common Vulnerabilities Enumeration)기반 취약성 진단 및 침투테스트 기술, V-Model을 활용한 통합 소프트웨어 품질인증 기술, ISO 25024 기반 데이터 무결성 검증 기술 적용이 필요하다.

  • PDF

A Study on Cybersecurity Risk Assessment in Maritime Sector (해상분야 사이버보안 위험도 분석)

  • Yoo, Yun-Ja;Park, Han-Seon;Park, Hye-Ri;Park, Sang-Won
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2019.11a
    • /
    • pp.134-136
    • /
    • 2019
  • The International Maritime Organization (IMO) issued 2017 Guidelines on maritime cyber risk management. In accordance with IMO's maritime cyber risk management guidelines, each flag State is required to comply with the Safety Management System (SMS) of the International Safety Management Code (ISM) that the cyber risks should be integrated and managed before the first annual audit following January 1, 2021. In this paper, to identify cyber security management targets and risk factors in the maritime sector and to conduct vulnerability analysis, we catagorized the cyber security sector in management, technical and physical sector in maritime sector based on the industry guidelines and international standards proposed by IMO. In addition, the Risk Matrix was used to conduct a qualitative risk assessment according to risk factors by cyber security sector.

  • PDF

Research on Cybersecurity Risk Management System in Smart Factory Environment (스마트팩토리 환경의 사이버보안 리스크 관리 체계 연구)

  • YoungSun Shin
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.29 no.4
    • /
    • pp.43-54
    • /
    • 2024
  • This study presented a cybersecurity risk management system in a smart factory environment. A smart factory refers to a factory that optimizes the production system and increases efficiency. However, this digitized environment is vulnerable to cyber attacks, and manufacturing companies can suffer serious damage from disruptions in production systems or information leaks. Therefore, a systematic approach to effectively managing cyber security risks is essential in smart factories. In this study, a continuous security risk management system for each stage of the smart factory was proposed along with business process-based security risk assessment. These studies will help to further improve cybersecurity risk management in smart factories. It will also play an important role in ensuring that smart factories operate safely and efficiently.

Maritime Cyber Security Status and Establishment of Maritime Cyber Security System (해사 사이버보안 동향 분석 및 해사 사이버보안 시스템 구축)

  • Ahn, Jong-Woo;Lim, Jeoung-Kyu;Park, Kae-Myoung
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2019.05a
    • /
    • pp.29-32
    • /
    • 2019
  • The development of Information and Communication Technology facilitates exchange of information and communication between system in ships or between ships and land facilities, thereby improving the efficiency of their work. However, these changes in the working environment of companies and ships increased the likelihood of cyber security incidents occurance like unauthorized access to company and ship systems or infection of malicious code, which results in significant safety, environmental and business damage to company and ships. Therefore, a cyber-risk-based approach was required to identify and respond to an increasing cyber threats. In this paper, the analysis of maritime cyber security status and guidelines for establishment of maritime cyber security system are provided.

  • PDF

Study on Strengthening the Maritime Sector Cybersecurity (해상 사이버보안 강화방안 연구)

  • Yoo, Yun-Ja;Park, Han-Seon;Park, Hye-Ri
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2019.05a
    • /
    • pp.238-239
    • /
    • 2019
  • Cyber attacks can be caused by all equipment that perform communication functions, and the link between ship and land due to the development of communication technology means that the ship sector as well as the land sector can be easily exposed to cyber threat vulnerability. In this paper, we analyze cyber threat trend changes to identify cyber security vulnerabilities in the maritime sector and propose measures to enhance cyber security through other industry case studies.

  • PDF

A Study on the Guidelines for IMO Maritime Autonomous Surface Ships(MASS) (IMO 자율운항선박 가이드라인 분석에 관한 연구)

  • Park, Han-Seon;Cha, Chong-ju;Jo, Min-chul
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2019.11a
    • /
    • pp.137-138
    • /
    • 2019
  • The International Maritime Organization (IMO) adopted the Circular 101 (MSC / Circ. 1604) as an interim guidelines for MASS trials at the 101st Maritime Safety Committee. This guideline will be used as a guideline for the sea trials of Maritime Autonomous Surface Ships(MASS) in the future and will be used by government authorities and stake-holders to secure infrastructure for MASS safety, environmental protection and remote operation. The purpose of this study is to analyze the Interim Guidelines for MASS Trials adopted by IMO and to clearly classify the responsibilities and obligations of governments of stake-holders, and to present the main points of risk management necessary for maritime test operation from the perspective of human factors.

  • PDF

Analysis of the Influence of Design Score and Price Score for Design Build Bidding (설계시공일괄입찰에서 설계점수와 가격점수의 영향력 분석)

  • Lee, Jinhak;Woo, Sungkwon;Lee, Siwook
    • Korean Journal of Construction Engineering and Management
    • /
    • v.24 no.5
    • /
    • pp.44-51
    • /
    • 2023
  • Selecting appropriate bidding system in construction projects considering the characteristic of project can be a make-or-break element, so the understanding for bidding system of public construction projects is ever more important from the perspective of both the owner and the contractor. The design-build bidding is commonly referred to as turnkey in Korea, and is a bidding method that is often applied to large public construction projects because it allows new technologies to be applied to the design and facilitates risk management for the owner. In this bidding method, there are only two factors (design score and price score) that affect the selection of the winning bidder, so it is important to understand the influence of each factor, but there is little research on the subject. This study aims to provide a basis for establishing bidding strategies for understanding the influence between design score and price score by analyzing various design-build bidding data of public construction projects. The results of the study show that design score is the factor that has more influence on the ranking of bidders in all three weighted evaluation methods: design-emphasized, price-emphasized, and equalized evaluation. In addition, we found that the correlation between design and price scores was not significant due to the unique bid evaluation structure in Korea.