Maritime 4.0: Innovation Driven by AI, Data, and Cyber Security

IACS UR E26 / E27 Cyber Resilience Maritime OT Security Redefining System Suppliers' IACS UR E26/E27 Interpretation Trends in Alignment with Cyber Resilience Principles ⚓ Captain Ethan Maritime 4.0 · AI, Data & Cyber Security 📅 February 10, 2026 Recently, during the application of IACS UR E26 and E27 , ongoing cases are being observed in which certain system suppliers are refusing to submit required information , despite their systems clearly falling under CBS (Computer-Based Systems) and the existence of explicit classification society guidelines. The information in question includes key inputs such as asset inventory , system configuration diagrams , communication interface information , as well as the foundational cybersecurity domains of Identify and Detect . A Transitional Phenom...

The Next Competitive Edge in Shipbuilding Is  Cybersecurity, Data, and AI For decades, the shipbuilding industry has grown on the strength of human experience and on-site craftsmanship . Skill, intuition, and field knowledge have always been the core assets of shipyards. However, over the past few years—especially through my hands-on experience with Smart Yard and Smart Ship projects —one realization has become very clear. Reference “Everyone Talks About AI… Korean Shipbuilders Accelerate Organizational Restructuring and Investment” MoneyToday https://www.mt.co.kr/industry/2026/01/25/2026012313464346731 The next competitive edge in shipbuilding will ultimately be operational efficiency, built on data and AI secured by strong cybersecurity. What I Learned from Experiencing a Smart Yard Smart yards are often described in terms of robots and automation equipment. But from an on-site perspective, a smart yard is fundamentally a data-driven system . What stood out to me was not just ...

Why Shipowners Must Establish an Owner Cybersecurity Policy The Single Standard That Determines the Future of the Entire Fleet 1. The biggest issue in the shipbuilding and maritime industry has been the absence of a unified standard Shipyards work based on their own standards. Suppliers produce documents based on their own interpretations. Classification societies enforce their own requirements. System integrators act according to their own methodologies. And in the middle of this fragmented ecosystem, the party that suffers the most is the shipowner . Because cybersecurity is not a “single-vessel problem.” It is a fleet-wide operational model that affects decades of operation. Despite this reality, many shipowners still rely on: Shipyard-provided documents Supplier-provided documentation Class-driven interpretations without having their own Owner Policy. This approach is no longer sustainable. In the era of UR E26 and UR E27, the shipowner must define the standard. 2...

현대 조직생활의 금기 최근 들어 조직을 운영하면서 많은 생각을 하게 된다. 조직원들의 성장과 발전, 그리고 무엇보다도 안정적으로 일할 수 있는 환경 을 어떻게 만들어야 할지에 대한 고민이다. 그런데 이런 고민을 하다 보니 한 가지 놓치고 있었던 부분이 눈에 들어왔다. 나는 리더십에 대해서는 계속 고민해 왔지만, 정작 팔로워십에 대해서는 깊이 생각해 본 적이 거의 없었다 는 사실이다. 그래서 삼국지를 다시 떠올리게 됐다. 리더로서의 나, 팔로워로서의 나, 그리고 내가 팀원들에게 무엇을 기대하고 있는지를 삼국지 속 인물들의 이야기를 통해 다시 돌아보고 싶어졌다. 우리는 리더십에 대해서는 자주 이야기한다. 어떤 리더가 좋은 리더인지, 어떻게 이끌어야 하는지에 대해서는 끝없이 말한다. 하지만 팔로워십에 대해서는 거의 말하지 않는다. 곰곰이 생각해 보면 꽤 이상한 일이다. 대부분의 사람은 리더로 있는 시간보다 팔로워로 지내는 시간이 훨씬 길기 때문이다. 좋은 리더가 되기 전에, 우리는 사실 좋은 팔로워로 살아가는 시간을 더 오래 보낸다 . 훌륭한 팔로워가 되는 방법을 몇 가지 공식처럼 정리하는 건 쉽지 않다. 현실은 늘 상황마다 다르고, 조직마다 조건도 다르다. 다만 조직생활을 하면서 이것만은 하지 말아야 한다 는 기준만큼은 의외로 분명하다. 그리고 그 기준은 삼국지에 등장하는 인물들의 말로를 보면 꽤 선명하게 드러난다.

Why SCARP Is an Owner’s Responsibility, Not a Newbuilding Document Whenever UR E26 comes up on site, there’s a reaction I hear all the time: “Isn’t that just something the yard prepares during newbuilding to satisfy Class?” That’s not entirely wrong. But it’s only half the story . If you look at International Association of Classification Societies (IACS) UR E26 purely as a documentation requirement , you miss the most important question for owners: “Who is responsible for this ship — and this fleet — for the next 20 years, and how?” This post reframes UR E26 from a shipowner responsibility perspective . 1️⃣ What question does UR E26 really ask? UR E26 is actually very straightforward. It asks only one thing: “Does this ship have cyber resilience?” That’s why UR E26 requires the following six Deliverables : No UR E26 Deliverable Nature 01 Ship Asset Inventory Technical document 02 Zones & Conduit Diagram Network architecture 03 CSDD Design description 04 Ris...

Where and How OT Security Is Applied on a Ship ? One of the most common misconceptions when discussing shipboard OT security is the belief that “security is something applied to a specific piece of equipment or system.” In reality, OT security is not about installing something inside a device. It is far closer to deciding where connections should exist, and where they must be restricted , within the overall structure of a ship. To understand OT security properly, we must first revisit a fundamental question: Where is OT security actually applied? 1. OT Security Is Applied at the “Boundaries,” Not Inside the Equipment Most shipboard OT systems function exactly as intended. Engines run, generators supply power, and control systems operate based on control logic that has been validated over decades. The problem rarely lies within the system itself. It emerges at the points where systems are connected to one another . This is why OT security is primarily applied at: The bou...

— Why E26/E27 Had to Emerge “Isn’t security just about installing a firewall?” This is often the first question that arises when people encounter shipboard OT security for the first time. Organizations with strong IT security experience tend to ask this question even more frequently. Install a firewall Deploy antivirus software Apply patches on a regular basis At first glance, this feels like sufficient security. However, in the context of shipboard OT security, this approach almost always fails. The reason is simple. A ship is not an IT system. It is a physically operating system . The Top Priority of Shipboard OT Security Is Not Confidentiality In IT security, the fundamental triad is CIA: Confidentiality Integrity Availability In typical IT environments, this order makes sense. In shipboard OT environments, however, the order is completely reversed. The highest priority in shipboard OT security is Availability — the ability to continue safe operation at this ...

— How the Choices of Owners, Shipyards, Suppliers, and Nations Will Shape Completely Different Futures 1. E26/E27 Is Not Just a “Regulation,” but a Structural Turning Point for the Industry Formally, E26/E27 is a regulation. However, its impact goes far beyond simple compliance. This is because E26/E27 functions as a common industrial language that connects design – construction – operation – maintenance – audit into a single, integrated structure. In other words, depending on how E26/E27 is interpreted and who takes leadership over it, the future of the shipbuilding and maritime industry will diverge in fundamentally different directions. As a result, the industry is now branching into four distinct future scenarios . 🌊 Scenario 1: Owner-Centered Standardization – The Rise of the “Golden Owner” ▶ When shipowners take control of regulatory leadership Key Characteristics Establishment of an integrated cyber standard based on Owner Policy Shipyard and supplier doc...