Korea Internet & Security Agency (KISA) said on the 19th that it has prepared five key outcomes to embed cybersecurity across the maritime industry and strengthen cyber resilience.
The outcomes are: ▲ a security model for autonomous ships ▲ a commentary and casebook for the smart ship security model ▲ security requirements guidelines for shipping companies ▲ training materials to raise crew security awareness ▲ eight on-board security rules for attachment. KISA formed an expert council with 25 institutions from industry, academia, and research to develop related standards and materials.
The autonomous ship security model systematizes threat identification, risk analysis, and response procedures by actual operation scenario based on International Maritime Organization (IMO) autonomous level 3. The smart ship security model was advanced into a commentary and casebook format by adding field application examples.
Practical standards reflecting international regulations and private-sector standards were also prepared. Since 2021, the IMO has required that cyber risk management be incorporated into a shipping company's Safety Management System (SMS), and the International Association of Classification Societies (IACS) has required cyber resilience for new ships from July 2024. As cargo owners' demands have also strengthened, KISA revised security standards in line with domestic conditions.
The "security requirements guidelines" for shipping companies is a resource that systematizes requirements across all stages of operation and management, reflecting input from major domestic shipping companies. Training materials and a set of eight security rules were also produced to raise the security awareness of embarked crew. The materials are organized in the order of incident cases, preventive actions, and remedial measures, and will be provided as a booklet and poster.
The related guidelines and training materials will be released in stages at the end of the year after a public comment process.
Kim Seon-mi, head of the Security Certification Division at the Korea Internet & Security Agency (KISA), said, "These security models and guidelines align international standards to the environment of the domestic maritime industry," and added, "We will advance the security systems of autonomous ships and the broader maritime sector, including shipping companies and shipyards, to enhance the cyber safety and industrial competitiveness of the national maritime logistics infrastructure."