A software development security is of a big importance for the shipping sector nowadays, as the cyber attacks and threats seem to be increasing and shipping companies are facing challenges on how to deal with cyber activity.
Mainly, software development security is an activity to grow and operate secure software through a series of security activities that are carried out at each stage of software development by removing security weaknesses, such as developer error, logical error, etc.
These security weaknesses are caused by cyber attack in advance from software development stage.
Yet, in order to develop a safe software in the shipping industry, each member taking part at the project should have clear responsibilities.
Also, the security activities should be conducted at each stage of the software development life cycle, and standards for development security must be established.
Moreover, Korean Register published its guidance for Maritime Cyber Security System requirement, as:
- Establish test procedures: Procedures should be established to conduct security test before the introduction of software and applications;
- Security testing: Software test should be carried out to identify defects. If the software fails the test, it should be forbidden to apply to the actual operating system;
- Security acceptance testing: The environment for test execution should be established and tested according to the procedures;
- Technical review for operating platform changes: The software that has passed the test should be applied to the operating system after obtaining approval from the responsible person.