随着船舶系统数字化、网络化、智能化水平的不断提高,船舶网络面临的安全形势日趋严峻,预防和控制船舶网络安全风险、保障船舶系统的稳定运行尤为必要。分析波罗的海国际航运公会、国际工程技术学会、国际海事组织、国际船级社协会、国家标准化组织等国际组织在船舶网络安全风险管理方面主要研究进展及其标准化成果;总结国内船舶网络安全风险管理方面的相关进展;结合船舶网络系统特点提出船舶网络安全防护的发展建议,对提升船舶网络安全防护水平具有积极意义。
With the continuous improvement of the digital, networking and intelligent level of ship systems, the security situation faced by ship networks is becoming increasingly severe, so it is particularly necessary to prevent and control the security risks of ship networks and ensure the stable operation of ship systems. This paper analyzes the major research progress and standardization achievements of international organizations such as Baltic and International Maritime Council, International Society for Engineering and Technology, International Maritime Organization, International Association of Classification Societies and International Standardization Organization in ship network risk management. Summarizes the relevant progress of domestic ship network risk management. Combined with the characteristics of ship network system to make suggestions for the development of ship network security protection, which is of positive significance to improve the level of ship network security protection.
2025,47(11): 155-159 收稿日期:2024-7-5
DOI:10.3404/j.issn.1672-7649.2025.11.027
分类号:U665.261
基金项目:国家重点研发计划课题(2022YFB3104601)
作者简介:吴建鲁(1985-),男,硕士,高级工程师,研究方向为网络系统及设备
参考文献:
[1] JO Y. Cyberattack models for ship equipment based on the MITRE ATT&CK Framework[J]. Sensors 2022, 22(5):1860.
[2] MELAND P H. A retrospective analysis of maritime cyber security incidents[J] TransNav, 2021,15(3):519-530.
[3] 吴中岱, 韩德志, 蒋海豹, 等. 海洋船舶通信网络安全综述[J/OL]. 计算机应用, 1–17[2024–06–29].
[4] BIMCO. ABOUT US AND OUR MEMBERS [EB/OL]. https://www.bimco.org/about-us-and-our-members
[5] BIMCO. The Guidelines on Cyber Security onboard Ships V1[S]. 2016.
[6] BIMCO. The Guidelines on Cyber Security onboard Ships V2[S]. 2017.
[7] BIMCO. The Guidelines on Cyber Security onboard Ships V3[S]. 2018.
[8] BIMCO. The Guidelines on Cyber Security onboard Ships V4[S]. 2021.
[9] IET. About the IET [EB/OL]. https://www.theiet.org/about
[10] IET. Code of Practice - Cyber Security for Ships[S]. 2017.
[11] IMO. Introduction to IMO [EB/OL]. https://www.imo.org/en/About/Pages/Default.aspx
[12] 中国船级社. 关于IMO发布MSC. 428(98)决议-安全管理体系中海事网络风险管理的技术通告[R]. 2018.
[13] 中国船级社. 海事网络风险管理指南(MSC-FAL. 1/Circ. 3/Rev. 1通函)[R]. 2021.
[14] IACS. Vision & Mission [EB/OL]. https://iacs.org.uk/about-us/our-vision-mission.
[15] 中国船级社. 关于IACS发布船舶网络安全相关建议案的技术通告[R]. 2020.
[16] 中国船级社. 关于IACS发布船舶网络韧性相关UR E26、UR E27技术通告[R]. 2022.
[17] ISO. About ISO [EB/OL]. https://www.iso.org/about
[18] ISO 23806 Ships and marine technology — Cyber safety[S], 2022.
[19] ISO 23799 Ships and marine technology — Assessment of onboard cyber safety[S]. 2024.
[20] 中国船级社. 关于我们[EB/OL]. https://www.ccs.org.cn/ccswz/about?columnid=201912240228526379
[21] 中国船级社. 船舶网络系统要求及安全评估指南(2017)[S]. 2017.
[22] 中国船级社. 船舶网络系统要求及安全评估指南(2020)[S]. 2020.
[23] 中国船级社. 船舶网络安全指南(2023)[S]. 2023.
[24] 中国船级社. 船舶网络防火墙检验指南(2023)[S]. 2023.
