• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.657-673
• /
• 2019

As various IT and OT systems such as Electronic Chart Display and Information System and Automatic Identification System are used for ships, security elements that take into account even the ship's construction and navigation environment are required. However, cyber security research on the ship and shipbuilding ICT equipment industries is still lacking, and there is a lack of systematic methodologies through threat modeling. In this paper, the Data Flow Diagram was established in consideration of stakeholders approaching the ship system. Based on the Attack Library, which collects the security vulnerabilities and cases of ship systems, STRIDE methodologies and threat modeling using the Attack Tree are designed to identify possible threats from ships and to present ship cyber security measures.

• Journal of Navigation and Port Research
• /
• v.47 no.2
• /
• pp.57-65
• /
• 2023

In 2017, the International Maritime Organization (IMO) adopted MSC.428 (98), which recommends establishing a cyber-risk management system in Ship Safety Management Systems (SMSs) from January 2021. The 27th International Association of Marine Aids to Navigation and Lighthouse Authorities (IALA) also discussed prioritizing cyber-security (cyber-risk management) in developing systems to support Maritime Autonomous Surface Ship (MASS) operations (IALA guideline on developments in maritime autonomous surface ships). In response to these international discussions, Korea initiated the Korea Autonomous Surface Ship technology development project (KASS project) in 2020. Korea has been carrying out detailed tasks for cybersecurity technology development since 2021. This paper outlines the basic concept of ship network security equipment for supporting MASS ship operation in detailed task of cybersecurity technology development and defines ship network security equipment interface for MASS ship applications.

• Journal of the Society of Naval Architects of Korea
• /
• v.61 no.4
• /
• pp.278-288
• /
• 2024

According to International Association of Classification Societies (IACS) Unified Requirement (UR) E26, ships contracted for construction after July 1, 2024 should be designed, constructed, commissioned and operated taking into account of cyber security. In particular, ship network monitoring tools should be installed in accordance with requirement 4.3.1 in IACS UR E26. In this paper, we propose a Security Information and Event Management (SIEM) security policy model for ships as an effective threat detection method by analyzing the cyber security regulations and ship network status in the maritime domain. For this purpose, we derived the items managed in the SIEM from the maritime cyber security regulations such as those of International Maritime Organization (IMO) and IACS, and defined 14 detection policies considering the status of the ship network. We also presents the detection policy for non-expert crews to understand it, and occurrence conditions depending on the ship's network environment to minimize indiscriminate alarms. We expect that the results of this study will help improve the efficiency of ship SIEM to be installed in the future.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.9 no.1
• /
• pp.17-23
• /
• 2003

With the terrorist attacks on 11 September 2001, the ships and their crew' safety and security have become a major issue in the maritime industries, In high-risk terrorism, not only ship owners and port authorities but also crew members on board should take precautions in the conduct of their business. In this paper, the vulnerability and essential elements in overall security of merchant ship are analyzed with a discussion in depth of the concept and principles of maritime security of merchant ship are analyzed with a discussion in depth of the concept and principles of maritime security management. And then, ship's security model and security system to reduce security rish and to minimize damage are proposed.

• Proceedings of KOSOMES biannual meeting
• /
• 2003.05a
• /
• pp.17-22
• /
• 2003

With the terrorist attacks on 11 September 2001, the ships and their crews' safety and security have become a major issue in the maritime industries. In high-risk terrorism. not only ship owners and port authorities but also crew members on board should take precautions in the conduct of their business. In this paper, the vulnerability and essential elements in overall security of merchant ship are analyzed with a discussion in depth of the concept and principles of maritime security management. Author proposes ship's security model to reduce security risk and to minimize damage as a basic study for designing security system for merchant ship.

• Journal of Advanced Navigation Technology
• /
• v.28 no.4
• /
• pp.497-506
• /
• 2024

In this study, we proposed security information and event management for ship as a technology to respond to maritime cybersecurity regulations and evolving cyber threats. We analyze the main technologies of network management system and security information and event management, which are representative technologies for responding to ship cyber security, and propose SIEM for ships based on this. Optimized for ships based on the International Maritime Organization's Maritime Cyber Threat Management Guidelines, IACS UR E26, 27, etc. Derive the main functions of the SIEM for ship, linkage and normalization plan for the ship's heterogeneous equipment, ship's cyber threat and ship detection policy to identify ship's cyber security threats, and ship's operating environment and operating personnel.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.26 no.7
• /
• pp.830-837
• /
• 2020

With the rapid development of information and communication technology, information exchange between ships and shore has become faster and more convenient, However, accessing ship information has also become easier and concerns about cyber security attacks are growing. When a ship suffers a cyber-attack, it may cause considerable damage and incurs enormous costs and time to repair. In response to this threat, the maritime industry now demands that a cyber security officer be assigned to each ship to take charge of cyber security management onboard. In order to reduce the damage cause by an attack and to respond effectively, a specialized training course for the ship's cyber security officer is required. The purpose of this study was to present a training course for the position of the ship's cyber security officer, and to highlight the necessity of amending current legislation, To this end, domestic and foreign trends, ship cyber security incident cases, and cyber security training courses were investigated, and based on the results a standard training course for a ship's cyber security of icer was developed. Additionally, recommendations on the related amendments to legislation ware established. The results of the study can be used as basic data to establish future training courses for cyber security officers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.447-463
• /
• 2022

Artificial Intelligence (AI) technology is a major technology that develops smart ships into autonomous ships in the marine industry. Autonomous ships recognize a situation with the information collected without human judgment which allow them to operate on their own. Existing ship systems, like control systems on land, are not designed for security against cyberattacks. As a result, there are infringements on numerous data collected inside and outside the ship and potential cyber threats to AI technology to be applied to the ship. For the safety of autonomous ships, it is necessary to focus not only on the cybersecurity of the ship system, but also on the cybersecurity of AI technology. In this paper, we analyzed potential cyber threats that could arise in AI technologies to be applied to existing ship systems and autonomous ships, and derived categories that require security risks and the security of autonomous ships. Based on the derived results, it presents future directions for cybersecurity research on autonomous ships and contributes to improving cybersecurity.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.13 no.3
• /
• pp.199-206
• /
• 2007

In analyzing the security threats and their management system and making questions on security awareness to the concerned parties in the field of coastal passenger ship, we draw its security vulnerability and the features of security threats. The countermeasures and security system are proposed in order to response the diverse security threats and to set up the security culture of coastal passenger ship.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.85-90
• /
• 2004

In this paper, we analysed the technical features and characteristics for Ship Security Alert Systems(SSAS). Due to the steady increase in incidents, and partly triggered by the events of 9/11, the International Maritime Organization (IMO) initiated an intense programme of activity, resulting in a conference on maritime security measures during December 2002. IMO SOLAS Regulation XI-2/6 applies to the following types of vessels on international voyages which include passenger ships, including high-speed passenger craft, cargo ships, including high-speed craft, of 500 gross tons and upwards and mobile offshore units. The paper has discussed on international technical trends and its characteristics and provided how to regulate for activating and harmonizing internationally domestic ships.