• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.1149-1159
• /
• 2024

With the rapid increase in the construction of smart ships and the growing proportion of IT equipment on vessels, the frequency and severity of maritime cyber incidents have significantly escalated. Recognizing this situation, the International Association of Classification Societies recently enacted the UR E26 regulation. This study investigates the definition of cyber resilience and reviews existing research, using the Analytic Hierarchy Process to determine the priority of factors across the ship lifecycle as presented in the E26 regulation. Additionally, the E26 regulation is compared and analyzed against Cybersecurity Framework and Cyber Resiliency System of the NIST. Through this analysis, the study aims to assist companies that are unfamiliar with maritime cybersecurity in effectively responding to the IACS UR E26 regulation and proposes recommendations for the improvement of the UR E26 regulation.

• Review of KIISC
• /
• v.33 no.6
• /
• pp.51-54
• /
• 2023

국제해사기구(IMO)는 2017년 해사안전위원회(Maritime Safety Committee, MSC)에서 안전관리시스템으로의 해상 사이버 리스크 관리 결의하였다. 또한 국제선급협회(IACS)는 선박 사이버 사고가 인명, 재산 및 환경에 심각한 영향을 미칠 수 있음을 인식하여, 사이버 이슈를 체계적으로 논의하기 위한 사이버시스템 패널을 2016년 신설하였다. IACS 는 2022년 4월, 신조선 사이버보안 통합 요구사항(UR E26) 및 기자재 시스템 사이버보안 통합 요구사항(UR E27)을 배포하였다. 이 규정은 2024년 건조 계약을 체결한 신조선에 강제 적용될 예정이다. 본 논문에서는 신조선에 대한 리스크 기반 사이버 설계보안 접근 방식을 제안한다.

• Journal of the Society of Naval Architects of Korea
• /
• v.61 no.4
• /
• pp.278-288
• /
• 2024

According to International Association of Classification Societies (IACS) Unified Requirement (UR) E26, ships contracted for construction after July 1, 2024 should be designed, constructed, commissioned and operated taking into account of cyber security. In particular, ship network monitoring tools should be installed in accordance with requirement 4.3.1 in IACS UR E26. In this paper, we propose a Security Information and Event Management (SIEM) security policy model for ships as an effective threat detection method by analyzing the cyber security regulations and ship network status in the maritime domain. For this purpose, we derived the items managed in the SIEM from the maritime cyber security regulations such as those of International Maritime Organization (IMO) and IACS, and defined 14 detection policies considering the status of the ship network. We also presents the detection policy for non-expert crews to understand it, and occurrence conditions depending on the ship's network environment to minimize indiscriminate alarms. We expect that the results of this study will help improve the efficiency of ship SIEM to be installed in the future.

• Journal of Advanced Navigation Technology
• /
• v.28 no.4
• /
• pp.497-506
• /
• 2024

In this study, we proposed security information and event management for ship as a technology to respond to maritime cybersecurity regulations and evolving cyber threats. We analyze the main technologies of network management system and security information and event management, which are representative technologies for responding to ship cyber security, and propose SIEM for ships based on this. Optimized for ships based on the International Maritime Organization's Maritime Cyber Threat Management Guidelines, IACS UR E26, 27, etc. Derive the main functions of the SIEM for ship, linkage and normalization plan for the ship's heterogeneous equipment, ship's cyber threat and ship detection policy to identify ship's cyber security threats, and ship's operating environment and operating personnel.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.11a
• /
• pp.205-207
• /
• 2023

국제선급연합회(International Association of Classification Societies: IACS)에서는 2022년 선박 및 기자재시스템 사이버 복원력 달성을 위한 공통규칙 UR E26, E27을 발행하였으며, 이 규정은 2024년 1월 이후 건조 계약되는 선박에 의무적으로 적용될 예정이다. 현존선의 경우, OT 시스템 네트워크 변경 및 사이버보안 기능을 신규 구현하기가 어렵기 때문에 사이버 위험관리에 한계가 있으나, 본 규정을 통해 신조선 건조 단계에서 설계 보안 (secure by design)을 고려한 선박 사이버 복원력 네트워크 및 기능 구현이 가능하다. 사이버복원력 생태계가 잘 형성되기 위해서는 선주, 조선소, 제조사, 선급 등 주요 이해관계자의 역할이 중요하며 향후 다양한 프로젝트를 통한 사이버복원력 체계 내재화, 재직자 사이버보안 역량 강화, 선박 사이버안전 기술 지속적 연구가 필요하다.

• Journal of Advanced Navigation Technology
• /
• v.28 no.1
• /
• pp.27-36
• /
• 2024

In this paper, we analyze the unified requirements of international association of classification societies - cyber resilience of ships, ahead of implementation of the agreement on July 1, 2024, and respond to ship cyber security and resilience programs based on 5 requirements, 17 details, and documents that must be submitted or maintained according to the ship's cyber resilience,. Measures include document management such as classification certification documents and design documents, configuration of a network with enhanced security, establishment of processes for accident response, configuration management using software tools, integrated network management, malware protection, and detection of ship network security threats with security management solutions. proposed a technology capable of real-time response.