• Journal of Advanced Navigation Technology
• /
• v.28 no.1
• /
• pp.27-36
• /
• 2024

In this paper, we analyze the unified requirements of international association of classification societies - cyber resilience of ships, ahead of implementation of the agreement on July 1, 2024, and respond to ship cyber security and resilience programs based on 5 requirements, 17 details, and documents that must be submitted or maintained according to the ship's cyber resilience,. Measures include document management such as classification certification documents and design documents, configuration of a network with enhanced security, establishment of processes for accident response, configuration management using software tools, integrated network management, malware protection, and detection of ship network security threats with security management solutions. proposed a technology capable of real-time response.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.1149-1159
• /
• 2024

With the rapid increase in the construction of smart ships and the growing proportion of IT equipment on vessels, the frequency and severity of maritime cyber incidents have significantly escalated. Recognizing this situation, the International Association of Classification Societies recently enacted the UR E26 regulation. This study investigates the definition of cyber resilience and reviews existing research, using the Analytic Hierarchy Process to determine the priority of factors across the ship lifecycle as presented in the E26 regulation. Additionally, the E26 regulation is compared and analyzed against Cybersecurity Framework and Cyber Resiliency System of the NIST. Through this analysis, the study aims to assist companies that are unfamiliar with maritime cybersecurity in effectively responding to the IACS UR E26 regulation and proposes recommendations for the improvement of the UR E26 regulation.

• Journal of Advanced Navigation Technology
• /
• v.28 no.4
• /
• pp.497-506
• /
• 2024

In this study, we proposed security information and event management for ship as a technology to respond to maritime cybersecurity regulations and evolving cyber threats. We analyze the main technologies of network management system and security information and event management, which are representative technologies for responding to ship cyber security, and propose SIEM for ships based on this. Optimized for ships based on the International Maritime Organization's Maritime Cyber Threat Management Guidelines, IACS UR E26, 27, etc. Derive the main functions of the SIEM for ship, linkage and normalization plan for the ship's heterogeneous equipment, ship's cyber threat and ship detection policy to identify ship's cyber security threats, and ship's operating environment and operating personnel.