Maritime 4.0: Innovation Driven by AI, Data, and Cyber Security

Aligning Shipbuilding Schedules with Cybersecurity Deliverables With the recent strengthening of cybersecurity regulations by the International Maritime Organization (IMO) and the International Association of Classification Societies (IACS) , cybersecurity management has become an essential aspect of newbuild vessels.  As a result, classification societies now require cybersecurity certification, and shipyards must consider security measures from the design stage. In this post, we will match key shipbuilding milestones with the cybersecurity deliverables outlined in classification society guidelines, particularly those of Classification.  By doing so, we will identify the essential documents and verification procedures that need to be prepared at each stage of the shipbuilding process. 🚢🔐

  IACS UR E27 (Unified Requirement E27) establishes cybersecurity requirements for IT and OT systems on ships to ensure cyber resilience and protection against cyber threats. Suppliers, including OEMs, software vendors, and network solution providers , must comply with these standards to secure type approvals, classification society certifications, and customer trust . Below are the key actions suppliers must take to ensure compliance with IACS UR E27 . 🔹 1. Develop and Deliver Secure Products 📌 Why is this important? IACS UR E27 mandates that hardware and software used on ships must be securely designed, developed, and tested to prevent cyber vulnerabilities. ✅ What Suppliers Must Do: Follow Secure Software Development Lifecycle (SDLC) principles (IEC 62443, ISO/IEC 27001). Conduct threat modeling and risk assessments before product release. Apply secure coding practices (e.g., input validation, memory protection). Implement data encryption and integrity prote...

The order in which subjects are approached may vary depending on the student's major, interests, and learning goals. However, generally, taking courses in the following sequence allows for efficient learning. (Source: Sungkyunkwan University GSIC ) 1. Basic Courses First, it is essential to understand fundamental theories and basic concepts. The following courses help build foundational knowledge: Introduction to Digital Forensics (FSI5056) : Establishes the basics of digital forensics and teaches various methods for collecting and analyzing digital evidence. Korea University Graduate School of Information Security Introduction to Cryptography (GSIS001) : Covers the fundamental principles and applications of encryption technologies for data protection. Life Coding Database (GSID003) : Introduces key concepts and practical skills for data storage and management. Operating Systems (GSID021) : Helps understand the structure and functions of operating systems, which are the core of com...

Hello, maritime and cybersecurity enthusiasts!  Today, we’ll dive into the global organizations that ensure ship and port cybersecurity . With the rapid digitalization of the shipping industry, cyber threats targeting vessels and ports have become a serious issue. So, which organizations are working to strengthen cybersecurity in the maritime sector? Let’s explore together!  We often hear about  IMO (International Maritime Organization) , but many other global institutions are also shaping  maritime cybersecurity regulations and strategies . Here’s a comparative table outlining the  roles and cybersecurity initiatives  of key organizations. 🔍 Global Maritime Leadership & Ship Cybersecurity Comparison Organization Country Overview Key Cybersecurity Initiatives NIST (National Institute of Standards and Technology) 🇺🇸 USA Develops technical and security standards - NIST Cybersecurity Framework (CSF) -  NIST SP 800-171 : Security requirements -...

Today, let's explore classification societies , their roles, and how they impact the shipping industry. Classification societies play a crucial role in ensuring that ships, offshore structures, and maritime facilities meet international safety and quality standards . They set technical guidelines for ship design, construction, and operation, helping shipowners comply with international regulations. In this post, we’ll take a closer look at the major classification societies and their key guidelines. 🚢💡 🔍 What Are Classification Societies? Classification societies are independent organizations that set and enforce technical standards for ships and offshore structures. They work closely with IMO (International Maritime Organization), IACS (International Association of Classification Societies), and national maritime authorities to ensure that vessels meet safety, security, and environmental requirements . Their guidelines cover: ✅ Ship design & construction – Ensuring str...

  "Have You Tried?" – A Journey of Challenge and Growth Waiting for my turn at the 2024 Jung Ju-young Startup Competition , I felt something different from school and work. On my way back after presenting my business plan, it felt like I had just finished performing on a grand stage. This challenge for a new life was not a mistake— this moment became a turning point that convinced me of that. During the preparation process, I worried about my age and the financial struggles ahead. I feared both making it to the finals and failing midway. But looking back, I realize how sincere I was about this competition and how much effort I put in. Strangely, along with the overwhelming emotions, regret also washes over me. The biography of Jung Ju-young and the inspiring quotes shared with participants give me strength. Now, I understand— this, too, is an experience. "Have you tried?" No matter what it is, let's take on the challenge! 🚀

최근 기업들이 인공지능 기술, 특히 대규모 언어 모델(LLM)을 활용하여 비즈니스 가치를 창출하는 방법에 대한 관심이 높아지고 있습니다. 오늘은 LLM 서비스/솔루션 개발을 위한 접근 방안을 소개하고자 합니다. 효율적인 개발 환경 설정부터 방법론 선택, 그리고 기술적 접근 키워드까지, 체계적으로 다루어 보겠습니다. 1. 환경 설정 LLM 애플리케이션의 개발, 모니터링, 테스트 및 배포를 지원하는 플랫폼으로 LangChine 을 활용할 수 있습니다. 이 플랫폼은 다음과 같은 도구들과 함께 활용 됩니다. 1) LangSmith : 통합 DevOps 플랫폼으로, LLM 앱을 프로토타입에서 프로덕션 단계로 원활하게 전환할 수 있게 돕습니다. 2) LangGraph : 상태 저장 다중 행위자 애플리케이션을 구축할 수 있는 라이브러리로, LangChain과 함께 사용됩니다. 3) LangServe : 개발자가 LangChain 실행 가능 파일을 REST API를 통해 쉽게 배포할 수 있도록 지원합니다. 개발 초기 단계에서는 VSCode 와 Google Colab 을 활용하여 GPU나 서버 구매 전까지 저비용으로 시작하는 것이 좋습니다. 이 도구들은 기능 개발 및 테스트를 위한 강력한 지원을 제공합니다. 2. 방법론 LLM을 통한 서비스 개발에 있어, 다음 두 가지 방법론을 고려할 수 있습니다: 1) PEFT (Parameter Efficient Fine-Tuning) : 특정 도메인이나 기업 맞춤형 솔루션 개발에 유리하며, 보안과 데이터 프라이버시 측면에서 강점을 가집니다. 2) RAG (Retrieval-Augmented Generation) : 기존 지식 베이스를 활용하여 LLM의 성능을 강화하고, 더 다양하고 풍부한 콘텐츠 생성이 가능합니다. 3. 기술적 접근 키워드 기업 서비스나 제품에 Gen AI / LLM 활용 서비스 개발 및 접목하는 것은 다음과 같은 기술적 접근을 요구합니다 1) LLM 서비스 개발 방안 (PEFT vs RAG ).  * sLLM...

"Completion of the 4th Cohort of 'Early-Stage Investment Analyst Training' VC Sprint" In my mid-40s, I believed there was nothing left I hadn't experienced, having lived a busy life. However, curiosity sparked when an MZ-generation colleague introduced me to the world of startups and investment markets . Seeking answers, I applied for an early-stage investment analyst course , which became an opportunity to finally confront a long-held dream— entrepreneurship. It also became the push I needed to break free from the "addictive salary" cycle. I am deeply grateful to the instructors who guided us and to my fellow cohort members who shared this journey. Let's keep in touch and meet often in the future! #KoreaEarlyStageInvestmentAssociation #EOSStudio #StartupEntrepreneurship http://www.hitnews.co.kr/news/articleView.html?idxno=53059&fbclid=IwY2xjawIpQGtleHRuA2FlbQIxMQABHZr2lKcG5IkNKa9WIWiuhdUMfxcBurm65tCP_VMsWsPGYlknTzZakFkuXw_aem_iYj-y2yd9C4lg9xIw...

Now that you've completed the basic hacking exercises, let's move on to real-world attack techniques and security countermeasures . This guide covers web hacking, system hacking, network hacking, wireless hacking, and digital forensics in a detailed, step-by-step format. 🚀 1️⃣ Advanced Web Hacking: OWASP Top 10 Learn how to exploit and secure common web vulnerabilities. ✅ Requirements Kali Linux (Attacker) DVWA (Damn Vulnerable Web App) or bWAPP (Vulnerable Web Application) Burp Suite (Web request interception tool) 📌 Exercise 1: Cross-Site Scripting (XSS) Attack XSS allows attackers to inject malicious scripts into web pages. 1️⃣ Install and Run DVWA Open DVWA on the target machine ( http://[Target IP]/dvwa/ ). Login Credentials: Username: admin Password: password Set Security Level to "Low" in the settings. 2️⃣ Perform an XSS Attack Navigate to "Vulnerabilities" → "XSS Stored" . In the input field, enter the follo...