• Title/Summary/Keyword: Maritime Cyber Security System

Search Result 33, Processing Time 0.018 seconds

Maritime Cyber Security Status and Establishment of Maritime Cyber Security System (해사 사이버보안 동향 분석 및 해사 사이버보안 시스템 구축)

  • Ahn, Jong-Woo;Lim, Jeoung-Kyu;Park, Kae-Myoung
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2019.05a
    • /
    • pp.29-32
    • /
    • 2019
  • The development of Information and Communication Technology facilitates exchange of information and communication between system in ships or between ships and land facilities, thereby improving the efficiency of their work. However, these changes in the working environment of companies and ships increased the likelihood of cyber security incidents occurance like unauthorized access to company and ship systems or infection of malicious code, which results in significant safety, environmental and business damage to company and ships. Therefore, a cyber-risk-based approach was required to identify and respond to an increasing cyber threats. In this paper, the analysis of maritime cyber security status and guidelines for establishment of maritime cyber security system are provided.

  • PDF

Cybersecurity Development Status and AI-Based Ship Network Security Device Configuration for MASS

  • Yunja Yoo;Kyoung-Kuk Yoon;David Kwak;Jong-Woo Ahn;Sangwon Park
    • Journal of Navigation and Port Research
    • /
    • v.47 no.2
    • /
    • pp.57-65
    • /
    • 2023
  • In 2017, the International Maritime Organization (IMO) adopted MSC.428 (98), which recommends establishing a cyber-risk management system in Ship Safety Management Systems (SMSs) from January 2021. The 27th International Association of Marine Aids to Navigation and Lighthouse Authorities (IALA) also discussed prioritizing cyber-security (cyber-risk management) in developing systems to support Maritime Autonomous Surface Ship (MASS) operations (IALA guideline on developments in maritime autonomous surface ships). In response to these international discussions, Korea initiated the Korea Autonomous Surface Ship technology development project (KASS project) in 2020. Korea has been carrying out detailed tasks for cybersecurity technology development since 2021. This paper outlines the basic concept of ship network security equipment for supporting MASS ship operation in detailed task of cybersecurity technology development and defines ship network security equipment interface for MASS ship applications.

Maritime Cyber Security Issues and Risk Management Trends (해양 사이버 보안사고 및 위험 관리 사항 동향)

  • Dong-Woo Kang;Ki-Hwan Kim;Young-Sil Lee
    • Journal of the Institute of Convergence Signal Processing
    • /
    • v.23 no.4
    • /
    • pp.209-215
    • /
    • 2022
  • The International Maritime Organization, which is in charge of the international maritime environment and ship safety, has rapidly promoted cyber systems for international dimension agreement and efficiency improvement and improved nautical efficiency. Nevertheless, maritime cyber system attacks still occur every year, and in particular, the number of international maritime cyber security incidents in 2021 appeared to increase sharply compared to 2020. This paper discusses the areas that should be taken into account in order to reduce the increasing sophistication of maritime cyber security. To this end, we will look at typical cases of cyber attacks that have increased sharply in 2021 and analyze the causes of the continuous occurrence of maritime cyber security incidents. In addition, we present several cyber system proposals regarding the current state of maritime cyber systems and the solutions to the problems they face, as well as the matters to be addressed for future maritime cyber systems that will be advanced.

A Study on Cybersecurity Risk Assessment in Maritime Sector (해상분야 사이버보안 위험도 분석)

  • Yoo, Yun-Ja;Park, Han-Seon;Park, Hye-Ri;Park, Sang-Won
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2019.11a
    • /
    • pp.134-136
    • /
    • 2019
  • The International Maritime Organization (IMO) issued 2017 Guidelines on maritime cyber risk management. In accordance with IMO's maritime cyber risk management guidelines, each flag State is required to comply with the Safety Management System (SMS) of the International Safety Management Code (ISM) that the cyber risks should be integrated and managed before the first annual audit following January 1, 2021. In this paper, to identify cyber security management targets and risk factors in the maritime sector and to conduct vulnerability analysis, we catagorized the cyber security sector in management, technical and physical sector in maritime sector based on the industry guidelines and international standards proposed by IMO. In addition, the Risk Matrix was used to conduct a qualitative risk assessment according to risk factors by cyber security sector.

  • PDF

Security Information and Event Management System for Ship Cyber Security (해사 사이버 보안 대응을 위한 선박용 보안 정보와 이벤트 관리 시스템)

  • Nam-seon Kang;Chang-sik Lee;Seong-sang Yu;Jong-min Lee;Gum-jun Son
    • Journal of Advanced Navigation Technology
    • /
    • v.28 no.4
    • /
    • pp.497-506
    • /
    • 2024
  • In this study, we proposed security information and event management for ship as a technology to respond to maritime cybersecurity regulations and evolving cyber threats. We analyze the main technologies of network management system and security information and event management, which are representative technologies for responding to ship cyber security, and propose SIEM for ships based on this. Optimized for ships based on the International Maritime Organization's Maritime Cyber Threat Management Guidelines, IACS UR E26, 27, etc. Derive the main functions of the SIEM for ship, linkage and normalization plan for the ship's heterogeneous equipment, ship's cyber threat and ship detection policy to identify ship's cyber security threats, and ship's operating environment and operating personnel.

A Comparative Study on Type Approval of Maritime Cyber Security and RMF in the View of System Development Lifecycle (개발 전주기 사이버보안 관점에서의 해상 사이버보안 형식 승인과 RMF 비교 연구)

  • Lee, Suwon;Hwang, Seyoung;Hong, Jina;Kim, Byeong-jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.2
    • /
    • pp.279-287
    • /
    • 2022
  • With the advancement of cyber threats and the development of hacking technologies, cyber security is being emphasized in various fields such as automobiles and ships. According to this trend, various industrial fields are demanding cybersecurity, and related certifications. In this paper, cybersecurity type approval is compared with the RMF stage under the premise that there are common elements with RMF in that cybersecurity elements must be reflected in the entire system development cycle. For comparison, type approval of maritime cyber security of the Korean Register of Shipping was selected. In conclusion, although type approval of maritime cyber security acquisition procedure is not divided by development stage like the RMF, there are the commonalities in the procedure to apply the cybersecurity element to the System development lifecycle like the RMF. Accordingly, the possibility of determining that the cybersecurity element was applied to the entire development cycle was confirmed.

A study on the development of cybersecurity experts and training equipment for the digital transformation of the maritime industry (해양산업 디지털전환을 위한 사이버보안 전문 인력양성 방안연구)

  • Jinho Yoo;Jeounggye Lim;Kaemyoung Park
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2022.11a
    • /
    • pp.137-139
    • /
    • 2022
  • As cyber threats in the maritime industry increase due to the digital transformation, the needs for cyber security training for ship's crew and port engineers has increased. The training of seafarers is related to the IMO's STCW convention, so cyber security training also managed and certified, and it is necessary to develop a cybersecurity training system that reflects the characteristics of the OT systemof ships and ports. In this paper, with the goal of developing a training model based on the IMO cyber risk management guideline, developing a cyber security training model based on the characteristics of maritime industry threats, and improving the effectiveness of cyber security training using AR/VR and metaverse, A method for developing a system for nurturing cyber security experts is presented.

  • PDF

A Study on Cyber Security Management Awareness of Vessel Traffic Service Personnel Using IPA (IPA분석을 활용한 해상교통관제 인원의 사이버 보안 관리 인식 연구)

  • Sangwon Park;Min-Ji Jeong;Yunja Yoo;Kyoung-Kuk Yoon
    • Journal of the Korean Society of Marine Environment & Safety
    • /
    • v.28 no.7
    • /
    • pp.1140-1147
    • /
    • 2022
  • With the development of digital technology, the marine environment is expected to change rapidly. In the case of autonomous vessels, technology is being developed in many countries, and the international community has begun to discuss ways to operate it. Changes in ships cause changes in the marine traffic environment and urge changes to aids to navigation. This study aims to analyze the cyber security management awareness of VTS personnel to improve the cyber security system for aids to navigation. To this end, the current status of cyber security management was reviewed with a focus on VTS, and a survey was conducted on VTS personnel. The survey analysis used the IPA methodology, and as a result of the analysis, a clear difference was observed in the perception of cybersecurity between those with experience in security and those without experience. In addition, technical measures related to cyber-attack detection and blocking should be implemented with the highest priority. The results of this study can be used as basic data for improving the cyber security management system for aids to navigation.

A Basic Study on the Development of Network Security Equipment to Support MASS Operation in Digital Maritime-Communication System Environment (디지털 해상통신시스템 환경에서 자율운항선박 운용 지원을 위한 네트워크 보안장비 개발 기초연구)

  • Yunja Yoo;Sang-Won Park;Jin-Hyuk Jung;David Kwak
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2021.11a
    • /
    • pp.72-73
    • /
    • 2021
  • As discussions of the International Maritime Organization for the introduction of the Marine Autonomous Surface Ship (MASS) began in earnest, discussions were conducted to prioritize cybersecurity (Cyber Risk Management) when developing a system to support MASS operation at the 27th ENAV Committee Working Group (WG2). Korea launched a technology development project for autonomous ships in 2020, and has been promoting detailed tasks for cybersecurity technology development since 2021. MASS operation in a digital maritime communication system environment requires network security of various digital equipment that was not considered in the existing maritime communication environment. This study introduces the basic concept of network security equipment to support MASS operation in the detailed task of cybersecurity technology development, and defines the network security equipment interface for MASS ship application in the basic stage.

  • PDF

Experiment on countermeasures against cyber security vulnerabilities using redundancy of ISO 19847 Shipboard Data Server (ISO 19847 선박 데이터 서버 이중화를 통한 사이버 보안 취약성 대응 방안 실험)

  • Lee, ChangUi;Lee, Seojeong
    • Journal of Korea Multimedia Society
    • /
    • v.25 no.6
    • /
    • pp.793-806
    • /
    • 2022
  • As the IMO introduced MASS (Maritime Autonomous Surface Ships), ISO(International Organization for Standardization) announced ISO 19847 of a maritime data sharing standard for collecting and remotely managing data of ship systems. Previous literature evaluated the risk using HAZOP for ISO 19847 and proved that risk assessment is useful through experiments. However, redundancy of ISO 19847 ship data server which is one of the risk reduction method suggested in previous literature, was designed but couldn't tested due to the limitations of the conditions. So, in this study, to prove the usefulness of the ship data server redundancy of ISO 19847 which was not tested in previous literature. It based on the design of previous literature, and the network of ship data servers was modeled using the SES/DEVS format and simulated using the DEVS# open source library.