• Title/Summary/Keyword: Maritime cyber security

Search Result 61, Processing Time 0.023 seconds

Maritime Cyber Security Status and Establishment of Maritime Cyber Security System (해사 사이버보안 동향 분석 및 해사 사이버보안 시스템 구축)

  • Ahn, Jong-Woo;Lim, Jeoung-Kyu;Park, Kae-Myoung
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2019.05a
    • /
    • pp.29-32
    • /
    • 2019
  • The development of Information and Communication Technology facilitates exchange of information and communication between system in ships or between ships and land facilities, thereby improving the efficiency of their work. However, these changes in the working environment of companies and ships increased the likelihood of cyber security incidents occurance like unauthorized access to company and ship systems or infection of malicious code, which results in significant safety, environmental and business damage to company and ships. Therefore, a cyber-risk-based approach was required to identify and respond to an increasing cyber threats. In this paper, the analysis of maritime cyber security status and guidelines for establishment of maritime cyber security system are provided.

  • PDF

Cybersecurity Development Status and AI-Based Ship Network Security Device Configuration for MASS

  • Yunja Yoo;Kyoung-Kuk Yoon;David Kwak;Jong-Woo Ahn;Sangwon Park
    • Journal of Navigation and Port Research
    • /
    • v.47 no.2
    • /
    • pp.57-65
    • /
    • 2023
  • In 2017, the International Maritime Organization (IMO) adopted MSC.428 (98), which recommends establishing a cyber-risk management system in Ship Safety Management Systems (SMSs) from January 2021. The 27th International Association of Marine Aids to Navigation and Lighthouse Authorities (IALA) also discussed prioritizing cyber-security (cyber-risk management) in developing systems to support Maritime Autonomous Surface Ship (MASS) operations (IALA guideline on developments in maritime autonomous surface ships). In response to these international discussions, Korea initiated the Korea Autonomous Surface Ship technology development project (KASS project) in 2020. Korea has been carrying out detailed tasks for cybersecurity technology development since 2021. This paper outlines the basic concept of ship network security equipment for supporting MASS ship operation in detailed task of cybersecurity technology development and defines ship network security equipment interface for MASS ship applications.

A Study on Cybersecurity Risk Assessment in Maritime Sector (해상분야 사이버보안 위험도 분석)

  • Yoo, Yun-Ja;Park, Han-Seon;Park, Hye-Ri;Park, Sang-Won
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2019.11a
    • /
    • pp.134-136
    • /
    • 2019
  • The International Maritime Organization (IMO) issued 2017 Guidelines on maritime cyber risk management. In accordance with IMO's maritime cyber risk management guidelines, each flag State is required to comply with the Safety Management System (SMS) of the International Safety Management Code (ISM) that the cyber risks should be integrated and managed before the first annual audit following January 1, 2021. In this paper, to identify cyber security management targets and risk factors in the maritime sector and to conduct vulnerability analysis, we catagorized the cyber security sector in management, technical and physical sector in maritime sector based on the industry guidelines and international standards proposed by IMO. In addition, the Risk Matrix was used to conduct a qualitative risk assessment according to risk factors by cyber security sector.

  • PDF

Summary of Maritime Cyber Attacks and Risk Management

  • Al-Absi, Mohammed Abdulhakim;Al-Absi, Ahmed Abdulhakim;Kim, Ki-Hwan;Lee, Young-Sil;Lee, Hoon Jae
    • International journal of advanced smart convergence
    • /
    • v.11 no.3
    • /
    • pp.7-16
    • /
    • 2022
  • The targets of cyber-attacks are not limited to the websites and internal IT systems of shipping agencies. Ships and ports have become important targets for cyber attackers. This paper examines the current state of ship network security, introduces the International Maritime Organization's resolution on ship network security management, and summarizing the cyber-attacks in maritime so the readers can have a general understanding of maritime environment.

Maritime Cyber Security Issues and Risk Management Trends (해양 사이버 보안사고 및 위험 관리 사항 동향)

  • Dong-Woo Kang;Ki-Hwan Kim;Young-Sil Lee
    • Journal of the Institute of Convergence Signal Processing
    • /
    • v.23 no.4
    • /
    • pp.209-215
    • /
    • 2022
  • The International Maritime Organization, which is in charge of the international maritime environment and ship safety, has rapidly promoted cyber systems for international dimension agreement and efficiency improvement and improved nautical efficiency. Nevertheless, maritime cyber system attacks still occur every year, and in particular, the number of international maritime cyber security incidents in 2021 appeared to increase sharply compared to 2020. This paper discusses the areas that should be taken into account in order to reduce the increasing sophistication of maritime cyber security. To this end, we will look at typical cases of cyber attacks that have increased sharply in 2021 and analyze the causes of the continuous occurrence of maritime cyber security incidents. In addition, we present several cyber system proposals regarding the current state of maritime cyber systems and the solutions to the problems they face, as well as the matters to be addressed for future maritime cyber systems that will be advanced.

Study on Strengthening the Maritime Sector Cybersecurity (해상 사이버보안 강화방안 연구)

  • Yoo, Yun-Ja;Park, Han-Seon;Park, Hye-Ri
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2019.05a
    • /
    • pp.238-239
    • /
    • 2019
  • Cyber attacks can be caused by all equipment that perform communication functions, and the link between ship and land due to the development of communication technology means that the ship sector as well as the land sector can be easily exposed to cyber threat vulnerability. In this paper, we analyze cyber threat trend changes to identify cyber security vulnerabilities in the maritime sector and propose measures to enhance cyber security through other industry case studies.

  • PDF

A Study on the Development of a Training Course for Ship Cyber Security Officers (선박 사이버보안 책임자를 위한 교육과정 개발에 관한 연구)

  • Lee, Eunsu;Ahn, Young-Joong;Park, Sung-ho
    • Journal of the Korean Society of Marine Environment & Safety
    • /
    • v.26 no.7
    • /
    • pp.830-837
    • /
    • 2020
  • With the rapid development of information and communication technology, information exchange between ships and shore has become faster and more convenient, However, accessing ship information has also become easier and concerns about cyber security attacks are growing. When a ship suffers a cyber-attack, it may cause considerable damage and incurs enormous costs and time to repair. In response to this threat, the maritime industry now demands that a cyber security officer be assigned to each ship to take charge of cyber security management onboard. In order to reduce the damage cause by an attack and to respond effectively, a specialized training course for the ship's cyber security officer is required. The purpose of this study was to present a training course for the position of the ship's cyber security officer, and to highlight the necessity of amending current legislation, To this end, domestic and foreign trends, ship cyber security incident cases, and cyber security training courses were investigated, and based on the results a standard training course for a ship's cyber security of icer was developed. Additionally, recommendations on the related amendments to legislation ware established. The results of the study can be used as basic data to establish future training courses for cyber security officers.

A study on the development of cybersecurity experts and training equipment for the digital transformation of the maritime industry (해양산업 디지털전환을 위한 사이버보안 전문 인력양성 방안연구)

  • Jinho Yoo;Jeounggye Lim;Kaemyoung Park
    • Proceedings of the Korean Institute of Navigation and Port Research Conference
    • /
    • 2022.11a
    • /
    • pp.137-139
    • /
    • 2022
  • As cyber threats in the maritime industry increase due to the digital transformation, the needs for cyber security training for ship's crew and port engineers has increased. The training of seafarers is related to the IMO's STCW convention, so cyber security training also managed and certified, and it is necessary to develop a cybersecurity training system that reflects the characteristics of the OT systemof ships and ports. In this paper, with the goal of developing a training model based on the IMO cyber risk management guideline, developing a cyber security training model based on the characteristics of maritime industry threats, and improving the effectiveness of cyber security training using AR/VR and metaverse, A method for developing a system for nurturing cyber security experts is presented.

  • PDF

Security Information and Event Management System for Ship Cyber Security (해사 사이버 보안 대응을 위한 선박용 보안 정보와 이벤트 관리 시스템)

  • Nam-seon Kang;Chang-sik Lee;Seong-sang Yu;Jong-min Lee;Gum-jun Son
    • Journal of Advanced Navigation Technology
    • /
    • v.28 no.4
    • /
    • pp.497-506
    • /
    • 2024
  • In this study, we proposed security information and event management for ship as a technology to respond to maritime cybersecurity regulations and evolving cyber threats. We analyze the main technologies of network management system and security information and event management, which are representative technologies for responding to ship cyber security, and propose SIEM for ships based on this. Optimized for ships based on the International Maritime Organization's Maritime Cyber Threat Management Guidelines, IACS UR E26, 27, etc. Derive the main functions of the SIEM for ship, linkage and normalization plan for the ship's heterogeneous equipment, ship's cyber threat and ship detection policy to identify ship's cyber security threats, and ship's operating environment and operating personnel.

A Study on Cyber Security Management Awareness of Vessel Traffic Service Personnel Using IPA (IPA분석을 활용한 해상교통관제 인원의 사이버 보안 관리 인식 연구)

  • Sangwon Park;Min-Ji Jeong;Yunja Yoo;Kyoung-Kuk Yoon
    • Journal of the Korean Society of Marine Environment & Safety
    • /
    • v.28 no.7
    • /
    • pp.1140-1147
    • /
    • 2022
  • With the development of digital technology, the marine environment is expected to change rapidly. In the case of autonomous vessels, technology is being developed in many countries, and the international community has begun to discuss ways to operate it. Changes in ships cause changes in the marine traffic environment and urge changes to aids to navigation. This study aims to analyze the cyber security management awareness of VTS personnel to improve the cyber security system for aids to navigation. To this end, the current status of cyber security management was reviewed with a focus on VTS, and a survey was conducted on VTS personnel. The survey analysis used the IPA methodology, and as a result of the analysis, a clear difference was observed in the perception of cybersecurity between those with experience in security and those without experience. In addition, technical measures related to cyber-attack detection and blocking should be implemented with the highest priority. The results of this study can be used as basic data for improving the cyber security management system for aids to navigation.