• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.135-140
• /
• 2022

Scientific and technological progress is also fundamental to the evolving merchant shipping industry, both in terms of the size and speed of modern ships and in the level of their technical capabilities. While the freight performance of ships is growing, the number of crew on board is steadily decreasing, as more work processes are being automated through the implementation of information technologies, including ship management systems. Although there have been repeated appeals from international maritime organizations to focus on building effective maritime security defenses against cyber attacks, the problems have remained unresolved. Owners of shipping companies do not disclose information about cyberattack attempts or incidents against them due to fear of commercial losses or consequences, such as loss of image, customer and insurance claims, and investigations by independent international organizations and government agencies. Issues of cybersecurity of control systems in the world today have gained importance, due to the fact that existing threats concern not only the security of technical means and devices, but also issues of environmental safety and safety of life at sea. The article examines the implementation of cyber risk management in the shipping industry, providing recommendations for the safe ship operation and its systems in order to improve vulnerability to external threats related to cyberattacks, and to ensure the safety and security of such a technical object as a seagoing ship.

• Proceedings of KOSOMES biannual meeting
• /
• 2007.11a
• /
• pp.109-114
• /
• 2007

The changed environment on marine security and the security activities such as coast guard and sea patrol in civil domain are analyzed. In order to respond diverse threats and requirements of sea petrol, the system of civil patrolman and coast guard's auxiliary are discussed. The civil boats and aircraft and civilian's security activities make an important role to enhance the effectiveness and the efficiency of coast guard and patrol.

• Proceedings of KOSOMES biannual meeting
• /
• 2006.11a
• /
• pp.37-45
• /
• 2006

On the analysis of safety and security management in the coastal passengerships, the counterplan is proposed in order to copy with new situation including various threats of safety and security. In addition, throughout the questionnaire to the related employees, we develop the program to enhance maritime security awareness and to supplement its vulnerability.

• Journal of Advanced Navigation Technology
• /
• v.28 no.4
• /
• pp.497-506
• /
• 2024

In this study, we proposed security information and event management for ship as a technology to respond to maritime cybersecurity regulations and evolving cyber threats. We analyze the main technologies of network management system and security information and event management, which are representative technologies for responding to ship cyber security, and propose SIEM for ships based on this. Optimized for ships based on the International Maritime Organization's Maritime Cyber Threat Management Guidelines, IACS UR E26, 27, etc. Derive the main functions of the SIEM for ship, linkage and normalization plan for the ship's heterogeneous equipment, ship's cyber threat and ship detection policy to identify ship's cyber security threats, and ship's operating environment and operating personnel.

• Maritime Security
• /
• v.7 no.1
• /
• pp.1-29
• /
• 2023

For the last 70 years, the U.S.-led bilateral security system, or "Hub-and-Spokes" system, has been applied to Northeast Asia, and the system has been successfully settled in terms of stability and economic achievements of the region. Given the increasing complexity of the security environment of East Asia, it is plausible to consider the possibility of a security system shift from bilateral alliances to collective security. In order to analyze the driver of collective security system, this study developed three factors of formation and development of collective security system - main threat, intensity of the threat, and confidence among countries in the system - by reviewing international political theories related to security cooperation. Comparing the formation, development, and achievements of NATO and SEATO, the study figures out that the existence of the main threat, the high intensity of the threat, and the strong confidence among countries in the security system are the primary drivers for a successful collective security system. Based on the result, the study also analyzed the possibility of a security system shift in East Asia. Considering contemporary international conflicts such as U.S.-China strategic competition, Russia-Ukraine War, and growing threats posed by North Korean nuclear and missiles, the study anticipates that the necessity of a collective security system that will replace the current security system of the region would arise. Still, although some issues between countries should be overcome, the growing intensity of the threats will promote cooperation among countries by improving their confidence.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.42
• /
• pp.247-274
• /
• 2009

The supply chain security programs are designed to prevent terrorist attacks on world transit system, and to help protect the passengers and workers who use these systems on a daily basis. as evidenced by the train bombings in London and Madrid in recent years, the threats to America's transit systems are real. After 9 11 terrors in 2001, security problem is appearing to every nations and international organizations main pending issue than any problem and various countermeasure is prepared. Security is the major issue in international trade, with significant potential costs and economic impact. So, We need to ensure that supply chain security does not become a new non-tariffs barrier. The aim of this study is to examine the international maritime and aviation law on the supply chain security. Also I review the supply chain security in U.S. and other countries.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.37
• /
• pp.217-250
• /
• 2008

The International Ship and Port Facility Security (ISPS) Code which was developed as the main response of the shipping sector to the miserable event of 11 September 2001 came into effect on 1 July 2004. The ISPS Code designed to detect and eliminate security threats affecting ships and port facilities used in international trade will significantly impact not only on the management and operation of the shipping industry but also on maritime law despite the fact that it is the regulatory framework of public law. It is expected that implementing the ISPS Code will contribute to reinforcement of maritime security on the one hand. However, on the other hand, more intensified security inspection and control measures of port states will also cause delay and additional costs which cause uncertainty in allocating security risk and cost between the contracting parties. Therefore, it is desire to insert new security clause dealing with main security issues or adapt existing clauses to new shipping environments to minimize disputes.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2019.05a
• /
• pp.29-32
• /
• 2019

The development of Information and Communication Technology facilitates exchange of information and communication between system in ships or between ships and land facilities, thereby improving the efficiency of their work. However, these changes in the working environment of companies and ships increased the likelihood of cyber security incidents occurance like unauthorized access to company and ship systems or infection of malicious code, which results in significant safety, environmental and business damage to company and ships. Therefore, a cyber-risk-based approach was required to identify and respond to an increasing cyber threats. In this paper, the analysis of maritime cyber security status and guidelines for establishment of maritime cyber security system are provided.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.30 no.3
• /
• pp.263-274
• /
• 2024

The digitization of ship environments has increased the risk of cyberattacks on ships. The smartization and automation of ships are also likely to result in cyber threats. The International Maritime Organization (IMO) has discussed the establishment of regulations at the autonomous level and has revised existing agreements by dividing autonomous ships into four stages, where stages 1 and 2 are for sailors who are boarding ships while stages 3 and 4 are for those not boarding ships. In this study, the level of a smart ship was classified into LEVELs (LVs) 1 to 3 based on the autonomous levels specified by the IMO. Furthermore, a risk assessment for smart ships at various LVs in different risk scenarios was conducted The cyber threats and vulnerabilities of smart ships were analyzed by dividing them into administrative, physical, and technical security; and mitigation measures for each security area were derived. A total of 22 cyber threats were identified for the cyber asset (target system). We inferred that the higher the level of a smart ship, the greater the hyper connectivity and the remote access to operational technology systems; consequently, the greater the attack surface. Therefore, it is necessary to apply mitigation measures using technical security controls in environments with high-level smart ships.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.11a
• /
• pp.137-139
• /
• 2022

As cyber threats in the maritime industry increase due to the digital transformation, the needs for cyber security training for ship's crew and port engineers has increased. The training of seafarers is related to the IMO's STCW convention, so cyber security training also managed and certified, and it is necessary to develop a cybersecurity training system that reflects the characteristics of the OT systemof ships and ports. In this paper, with the goal of developing a training model based on the IMO cyber risk management guideline, developing a cyber security training model based on the characteristics of maritime industry threats, and improving the effectiveness of cyber security training using AR/VR and metaverse, A method for developing a system for nurturing cyber security experts is presented.