Cyber Resilience of Ships: An Evaluation of Guideline and Frameworks
The increasing adoption of smart ship design and the rising proportion of IT equipment on ships have significantly increased the frequency and severity of maritime cyber incidents. To address this issue, the International Association of Classification Societies introduced UR E26 in 2022. However, co...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/11007106/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850124812561678336 |
|---|---|
| author | Jin Kim Sam Youl Lee |
| author_facet | Jin Kim Sam Youl Lee |
| author_sort | Jin Kim |
| collection | DOAJ |
| description | The increasing adoption of smart ship design and the rising proportion of IT equipment on ships have significantly increased the frequency and severity of maritime cyber incidents. To address this issue, the International Association of Classification Societies introduced UR E26 in 2022. However, compared to the cybersecurity frameworks established by the National Institute of Standards and Technology (NIST), such as the Cybersecurity Framework (CSF) and Cyber Resilient Systems (CRS), Unified Requirement (UR) E26 lacks comprehensiveness and specificity. This study employed the Analytic Hierarchy Process (AHP) method to assess the prioritization of key elements of UR E26 across the four stages of the ship lifecycle, based on pairwise comparison surveys from 18 maritime cybersecurity experts. The analysis revealed that the critical elements of UR E26 vary by lifecycle phase and that UR E26 fails to adequately address these phase-specific requirements. In the comparative framework analysis, UR E26 was found to align with only 8.5% of the evaluation items in NIST CSF and 53.8% of the objectives in NIST CRS, indicating significant gaps in coverage. Furthermore, this study proposes practical improvement measures for UR E26 to enhance its applicability and effectiveness, ultimately contributing to the advancement of cyber resilience in the maritime industry. |
| format | Article |
| id | doaj-art-1eabb49be49340148dd96838db934015 |
| institution | OA Journals |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-1eabb49be49340148dd96838db9340152025-08-20T02:34:14ZengIEEEIEEE Access2169-35362025-01-0113973379734710.1109/ACCESS.2025.357143811007106Cyber Resilience of Ships: An Evaluation of Guideline and FrameworksJin Kim0https://orcid.org/0000-0001-5451-3766Sam Youl Lee1Yonsei University, Seoul, South KoreaYonsei University, Seoul, South KoreaThe increasing adoption of smart ship design and the rising proportion of IT equipment on ships have significantly increased the frequency and severity of maritime cyber incidents. To address this issue, the International Association of Classification Societies introduced UR E26 in 2022. However, compared to the cybersecurity frameworks established by the National Institute of Standards and Technology (NIST), such as the Cybersecurity Framework (CSF) and Cyber Resilient Systems (CRS), Unified Requirement (UR) E26 lacks comprehensiveness and specificity. This study employed the Analytic Hierarchy Process (AHP) method to assess the prioritization of key elements of UR E26 across the four stages of the ship lifecycle, based on pairwise comparison surveys from 18 maritime cybersecurity experts. The analysis revealed that the critical elements of UR E26 vary by lifecycle phase and that UR E26 fails to adequately address these phase-specific requirements. In the comparative framework analysis, UR E26 was found to align with only 8.5% of the evaluation items in NIST CSF and 53.8% of the objectives in NIST CRS, indicating significant gaps in coverage. Furthermore, this study proposes practical improvement measures for UR E26 to enhance its applicability and effectiveness, ultimately contributing to the advancement of cyber resilience in the maritime industry.https://ieeexplore.ieee.org/document/11007106/Shipcyber resiliencecybersecurityIACS UR E26framework |
| spellingShingle | Jin Kim Sam Youl Lee Cyber Resilience of Ships: An Evaluation of Guideline and Frameworks IEEE Access Ship cyber resilience cybersecurity IACS UR E26 framework |
| title | Cyber Resilience of Ships: An Evaluation of Guideline and Frameworks |
| title_full | Cyber Resilience of Ships: An Evaluation of Guideline and Frameworks |
| title_fullStr | Cyber Resilience of Ships: An Evaluation of Guideline and Frameworks |
| title_full_unstemmed | Cyber Resilience of Ships: An Evaluation of Guideline and Frameworks |
| title_short | Cyber Resilience of Ships: An Evaluation of Guideline and Frameworks |
| title_sort | cyber resilience of ships an evaluation of guideline and frameworks |
| topic | Ship cyber resilience cybersecurity IACS UR E26 framework |
| url | https://ieeexplore.ieee.org/document/11007106/ |
| work_keys_str_mv | AT jinkim cyberresilienceofshipsanevaluationofguidelineandframeworks AT samyoullee cyberresilienceofshipsanevaluationofguidelineandframeworks |