没有合适的资源?快使用搜索试试~ 我知道了~
【船级社】 KR Guidance for Maritime Cybersecurity System.pdf
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 73 浏览量
2023-12-01
15:13:06
上传
评论
收藏 332KB PDF 举报
温馨提示
试读
33页
【船级社】 KR Guidance for Maritime Cybersecurity System.pdf
资源推荐
资源详情
资源评论
2020
GUIDANCE FOR MARITIME CYBER
SECURITY SYSTEM
GC-24-E
KR
- i -
APPLICATION OF “GUIDANCE FOR MARITIME CYBER SECURITY SYSTEM”
1. Unless expressly specified otherwise, the requirements in the Guidance apply to companies and
ships when the application for certification of maritime cyber security systems is dated on or after 1
July 2020.
2. The amendments to the Guidance for 2019 edition and their effective date are as follows;
Effective Date : 1 January 2020
CHAPTER 1 GENERAL
Section 1 General
- 104. has been amended.
Effective Date : 1 July 2020
CHAPTER 1 GENERAL
Section 1 General
- 103. 1 has been amended.
- 103. 2 has been deleted.
- 103. 3 moved in front of 103. 1.
- 103. 4 and 5 have been amended.
CHAPTER 2 CLASSIFICATION SURVEYS
Section 2 Surveys for registration of company
- 202. 1 (25) have been amended.
- 203. 4 (3), (5), (6) and (8) have been amended.
- 203. 6 (1) has been amended.
Section 3 Surveys for registration of ship
- 302. 2 has been amended.
- 302. 2 (2) has been amended.
- 302. 2 (25) has been newly added.
- 302. 3 has been amended.
- 302. 3 (2) has been deleted.
- 302. 4 has been amended.
- 302. 4 (1) has been deleted.
- 303. 3 (12) has been newly added.
- 303. 4 has been amended.
- 303. 4 (3), (5), (6), (8) and (19) have been amended.
- 303. 5 and 6 have been amended.
- 304. 1 has been amended.
- ii -
Section 4 Surveys for certification maintenance
- 402. 1 (1) (B), (C) and (F) have been amended.
- 403. 1 (1) (C) and, (F) have been amended.
- 403. 1 (1) (J) has been deleted.
CHAPTER 3 REQUIREMENTS FOR CYBER SECURITY SYSTEM OF THE COMPANY
Section 2 COMPANY CYBER SECURITY COMPLIANCE 1
- 204. 1 has been amended.
- iii -
CONTENTS
CHAPTER 1 GENERAL ··········································································································· 1
Section 1 General ············································································································ 1
CHAPTER 2 SURVEYS ··········································································································· 3
Section 1 General ············································································································ 3
Section 2 Initial Surveys for Company ········································································ 4
Section 3 Initial Surveys for Ship ················································································ 6
Section 4 Surveys for certification maintenance ······················································ 9
CHAPTER 3 REQUIREMENTS FOR CS SYSTEM OF THE COMPANY (2019) ········· 11
Section 1 General ·········································································································· 11
Section 2 Company Cyber Security Compliance 1 ················································ 11
Section 3 Company Cyber Security Compliance 2 ················································ 16
Section 4 Company Cyber Security Compliance 3 ················································ 18
CHAPTER 4 REQUIREMENTS FOR CS SYSTEM OF THE SHIP (2019) ··················· 19
Section 1 General ·········································································································· 19
Section 2 CS Ready ······································································································ 19
Section 3 SHIP CYBER SECURITY COMPLIANCE 1 or CS1 ······························· 22
Section 4 SHIP CYBER SECURITY COMPLIANCE 2 or CS2 ······························· 26
Section 5 SHIP CYBER SECURITY COMPLIANCE 3 or CS3 ······························· 28
Ch 1 General Ch 1
Guidance for Maritime Cyber Security System 2020
1
CHAPTER 1 GENERAL
Section 1 General
101. Application
1. This Guidance is to apply to companies and ships with cyber security management ssystem for in-
formation and operating technologies.
2. This Guidance defines the level of cyber security management and its requirement according to the
level, and the application scope is determined by request of the ship owner.
3. Items not specified in this Guidance are to be in accordance with each relevant requirement in the
Rules for the Classification of Steel Ships(hereafter referred to as "the Rules for Steel Ships") except
for the requirements inapplicable to cyber security system.
4. Items not included in this Guidance may comply with ISO, IEC or equivalent recognized standards by
the appropriate consideration of the Society.
5. Where the specific requirements in international regulation such as IMO are or as Information tech-
nology & operating technology develops, when it deems necessary, additional requirements to this
Guidance may be required.
6. This Guidance specifies the minimum requirements for cyber security system in companies and on-
board of ships, which does not mean that all cyber security incidents can be prevented.
102. Definitions
The definitions of terms are to follow the Rules for Steel ships, unless otherwise specified in this
Guidance.
1. Cyber security refers to process for protecting cyber assets by preventing, detecting and responding
to cyber attacks.
2.
Cyber security system refers to comprehensive system for maintaining the cyber security level re-
quired by the organization on the assets based on cyber security risk assessment.
3. Information technology refers to any equipment or interconnected system or subsystem of equip-
ment that is used in the automatic acquisition, storage, manipulation, management, movement, con-
trol, display, switching, interchange, transmission, or reception of data or information.
4. Operation technology refers to devices, sensors, software and associated networking that monitor
and control onboard systems.
5. Cyber incident refers to an occurrence, which actually or potentially results in adverse consequences
to an onboard system, network and computer or the information that they process, store or trans-
mit, and which may require a response action to mitigate the consequences.
6. Confidentiality refers to the property that information is not disclosed to system entities (users,
processes, devices) unless they have been authorized to access the information.
7. Integrity refers to the property whereby an entity has not been modified in an unauthorized manner.
8. Availability refers to the property of being accessible and useable upon demand by an authorized
entity.
9. Capability refers to the ability to perform certain actions.
10.
Policy refers to the overall intent and direction of the company in related to the goals and ways
officially mentioned by top management.
11.
Risk refers to the likelihood that anticipated threats will occur and the expected loss incurred by
those threats.
12.
Ship Owner refers to the owner of the ship, the chaterer of the ship, the agents of the owner or
the charterer and captain of the ship.
剩余32页未读,继续阅读
资源评论
phyit
- 粉丝: 7663
- 资源: 2803
下载权益
C知道特权
VIP文章
课程特权
开通VIP
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功