A method and apparatus for conducting penetration tests based on the NMEA protocol on a ship, and a method and apparatus for controlling the connection of a CBS inside a ship.
The ship NMEA protocol-based penetration test method and apparatus address the lack of ship-specific penetration tests by verifying NMEA communication and controlling CBS connections, enabling efficient penetration testing and authorized access while preventing cyberattacks.
Patent Information
- Authority / Receiving Office
- JP · JP
- Patent Type
- Applications
- Current Assignee / Owner
- HANWHA OCEAN CO LTD (KR)
- Filing Date
- 2024-05-31
- Publication Date
- 2026-06-25
AI Technical Summary
There is a lack of a specific method for conducting penetration tests on ships, which are unique in their network environment, and existing methods do not adequately address the cyber security risks of ship-based computer systems, particularly navigation and communication systems, due to the exposure of IDs and passwords through hacking.
A ship NMEA protocol-based penetration test method and apparatus that verifies NMEA communication, selects and generates attack methods, stores and transfers attack data, and analyzes the data to perform penetration tests, while a device for controlling CBS connections authenticates users and systems based on location and authorized access.
Enables easy and quick NMEA protocol penetration tests within ships, identifies critical systems for authorized access, and prevents remote cyberattacks by authenticating and controlling connections to ship systems.
Smart Images

Figure 2026520905000001_ABST
Abstract
Description
Technical Field
[0001] The present invention, in consideration of the particularity of ships, can perform a penetration test for the NMEA (National Marine Electronics Association) protocol used within a ship, and by utilizing wireless communication functions such as Bluetooth, GPS, and WiFi of a CBS that connects to control systems such as navigation, communication, and propulsion within the ship, it can authenticate multiple ship devices. The present invention relates to a method and device for a penetration test based on the ship NMEA protocol, as well as a method and device for controlling the connection of a CBS within a ship.
Background Art
[0002] As ICT technology is integrated into the shipbuilding and marine industries, the cyber risks to ships are also increasing. Accordingly, international organizations have presented cyber security requirements, among which IACS requires tests for security requirements. However, no specific method for the test has been presented.
[0003] A penetration test is a simulated cyber attack for the security evaluation of a system. Penetration tests on land target ICT systems such as web, information systems, and mobile, as well as OT systems such as smart factories. In the case of automobiles, there is a penetration test method for the CAN protocol, which is a special protocol used in automobiles.
[0004] However, until now, there has been no penetration test method for ships, and in order to conduct a penetration test on ships, the special network environment used in ships must be considered. Therefore, the penetration test method on land has the problem of limitations in that the particularity of ships is not reflected.
[0005] Also, a ship CBS is defined as a computer-based system used / installed within a ship.
[0006] Generally, CBS includes mobile applications, tablet PCs, laptops, and other devices used by the captain and crew on board, as well as navigation and communication systems installed on the ship, such as electronic chart systems and integrated navigation systems.
[0007] After you enter your ID and password, CBS will verify that you are an authorized user if both pieces of information are confirmed in a predefined database of authenticated users.
[0008] However, there was a problem in that if IDs and passwords were exposed through hacking, malicious code, or other means, there was no way to prevent them from connecting to navigation, communication, and control systems used inside the ship.
[0009] Related prior art documents include Korean Patent No. 10-0694248 (March 27, 2007) and Korean Patent No. 10-2328275 (November 17, 2021). [Overview of the project] [Problems that the invention aims to solve]
[0010] The object of the present invention is to provide a shipboard NMEA protocol-based penetration test method and apparatus that allows penetration tests against the NMEA protocol to be performed inside a ship, and that allows NMEA penetration tests to be performed easily and quickly through the apparatus.
[0011] Another object of the present invention is to provide a method and apparatus for controlling CBS connections within a ship, which can identify critical systems that must be connected only to authorized crew members and systems within the ship, such as ship operation management and navigation management, and prevent remote cyberattacks. [Means for solving the problem]
[0012] A ship NMEA protocol-based penetration test method according to one aspect of the present invention for achieving the aforementioned technical problems includes a network connection step of connecting a penetration test device to a ship control network among the ship's networks; and a verification step of confirming whether the network connected through the network connection step is used for NMEA communication by extracting NMEA document structure format and features through packet capture and packet analysis by a verification unit of the penetration test device; and if it is confirmed through the verification step that the network is used for NMEA communication, an attack method selection step of selecting an attack method by an attack method selection unit of the penetration test device; an attack data generation step of generating attack data selected through the attack method selection step; an attack data storage step of storing network packets between the attack data generated through the attack data generation step and the time the attack is performed; an attack data transfer step of transferring the attack data stored through the attack data storage step and the network packets between the time the attack is performed to the ship's network; and an attack data analysis step of analyzing the attack data transferred through the attack data transfer step.
[0013] Furthermore, in the attack method selection step of the ship NMEA protocol-based penetration test method according to one aspect of the present invention, one of the following can be selected as the attack method: forged NMEA data transfer, replay attack, and denial-of-service attack.
[0014] In the attack method selection step of the shipborne NMEA protocol-based penetration test method according to one aspect of the present invention, the attack method is updateable to include new attack methods.
[0015] Furthermore, in a ship-based NMEA protocol-based infiltration test method according to one aspect of the present invention, the attack data analysis step can analyze the amount and transmission time of the transmitted NMEA attack data to obtain test results.
[0016] Furthermore, a ship NMEA protocol-based penetration testing device according to another aspect of the present invention is a penetration testing device that performs penetration testing by connecting to a ship control network, and can perform penetration testing by including: a verification unit that verifies whether the network is used for NMEA communication by extracting NMEA document structure format and features through packet capture and packet analysis; an attack method selection unit that selects an attack method if it is confirmed through the verification unit that the network is used for NMEA communication; an attack data generation unit that generates attack data selected through the attack method selection unit; an attack data storage unit that stores network packets between the time the attack is performed and the attack data generated by the attack data generation unit; an attack data transfer unit that transfers the network packets between the time the attack is performed and the attack data stored through the attack data storage unit to the ship network; and an attack data analysis unit that analyzes the attack data transferred via the attack data transfer unit.
[0017] Furthermore, in the attack method selection unit of the ship-based NMEA protocol-based penetration test apparatus according to one aspect of the present invention, one of the following can be selected as the attack method: forged NMEA data transfer, replay attack, and denial-of-service attack.
[0018] Furthermore, in the attack method selection unit of the ship-based NMEA protocol-based penetration test apparatus according to one aspect of the present invention, the attack method can be updated with a new attack method.
[0019] Furthermore, in a ship-based NMEA protocol-based penetration test apparatus according to one aspect of the present invention, the attack data analysis unit can analyze the amount and transfer time of the transferred NMEA attack data and obtain test results.
[0020] Furthermore, a device for controlling the connection of a CBS inside a ship, relating to another aspect of the present invention for achieving the aforementioned technical challenges, includes: a CBS (Computer Based System) that authenticates an ID and password to control systems such as navigation, communication, and propulsion inside the ship and logs in via a communication unit; a beacon transmitter that transmits location information when the CBS is logged in or driven; a beacon management server that receives location information from the beacon transmitter and checks whether the device information of the CBS matches the registered information; a location confirmation unit that receives GPS information from the CBS if the ship is located in a blind spot where beacon information is unavailable when the beacon management server checks; a navigation information confirmation unit that compares the GPS information received by the location confirmation unit with an AIS database; and an authentication unit that controls the connection to the ship's internal systems when it is confirmed through the beacon management server or the navigation information confirmation unit that the information matches. The device can control the connection of a CBS inside a ship.
[0021] Furthermore, in a device for controlling the connection of a CBS inside a ship according to another aspect of the present invention, the authentication unit is characterized in that, when it receives a beacon message indicating that the CBS is installed inside the ship, or when the location information of the CBS matches the navigation route, it controls the device to connect to the system inside the ship.
[0022] Furthermore, a method for controlling the connection of a CBS inside a ship, according to yet another aspect of the present invention, includes a login step of authenticating an ID and password to control systems such as navigation, communication, and propulsion inside the ship and logging in to the CBS (Computer Based System) through the communication unit; a location information transmission step of transmitting location information via a beacon transmitter when the CBS is logged in or driven through the login step; a comparison and determination step of receiving location information from the beacon transmitter through the location information transmission step and confirming whether the device information of the CBS matches the information registered in the beacon management server; a navigation information confirmation step of the CBS transferring GPS information to a location confirmation unit and comparing the GPS information received by the location confirmation unit with the AIS database in the navigation information confirmation unit if the beacon information is located in a blind spot area of beacon information where it has not been confirmed in the comparison and determination step; and an authentication step of controlling the connection of the CBS through the authentication unit so that it is connected to the system inside the ship if it is confirmed through the comparison and determination step or the navigation information confirmation step that the information matches.
[0023] Furthermore, in a method for controlling the connection of a CBS inside a ship according to yet another aspect of the present invention, the authentication step is characterized in that, when a beacon message indicating that the CBS is installed inside the ship is received, or when the location information of the CBS matches the navigation route, the system is controlled to connect to the system inside the ship. [Effects of the Invention]
[0024] According to the present invention, penetration tests for the NMEA protocol can be performed inside a ship, and the NMEA penetration tests can be performed easily and quickly through the device.
[0025] Furthermore, according to the present invention, it has the effect of identifying critical systems that must be connected only to authorized crew terminals and systems inside a ship, such as ship operation management and navigation management, and preventing cyberattacks from remote locations. [Brief explanation of the drawing]
[0026] [Figure 1] It is a block configuration diagram showing the network classification in which the ship NMEA protocol-based penetration test device according to the present invention is used. [Figure 2] It is a flowchart showing a ship NMEA protocol-based penetration test method according to the present invention. [Figure 3] It is a diagram showing the configuration of a device for controlling the connection of CBS inside a ship according to an embodiment of the present invention. [Figure 4] It is a flowchart showing a method for controlling the connection of CBS inside a ship according to an embodiment of the present invention.
Embodiments for Carrying Out the Invention
[0027] Details regarding the object, technical configuration, and the resulting actions and effects of the present invention will be more clearly understood from the detailed description based on the drawings attached to the specification of the present invention.
[0028] The terms used in this specification are merely for explaining specific embodiments and are not intended to limit the present invention. For example, terms such as "configured" or "including" used in this specification should not be construed as necessarily including all of the many components or many steps described in the invention, and it should be construed that they may not include some of the components or some of the steps, or may further include additional respective components or respective steps. Also, the singular expressions used in this specification include plural expressions unless they clearly have different meanings in the context.
[0029] Hereinafter, the present invention will be described in detail by explaining preferred embodiments of the present invention with reference to the accompanying drawings. Each of the embodiments described below is provided so that those skilled in the art can easily understand the technical idea of the present invention, and it should not be construed that the present invention is limited thereby. Naturally, each embodiment of the present invention can be variously applied by an ordinary technician in this field.
[0030] The shipboard NMEA (National Marine Electronics Association) protocol-based penetration test apparatus 20 according to the present invention can be connected to a ship network 10, as shown in Figure 1, and the ship network 10 may include a management network 11, a ship control network 12, an equipment network 13, and a dedicated connection 14.
[0031] At this time, the penetration test device 20 is connected to the ship's control network 12, and it is possible to verify whether the network on board the ship is used for NMEA communication.
[0032] The NMEA protocol, commonly known as NMEA, is a standard for transmitting information such as time, location, and direction.
[0033] The NMEA protocol is defined by the National Marine Electronics Association in the United States, and each data point is primarily used in gyrocompasses, GPS, magnetic compasses, and inertial navigation systems (INS).
[0034] Furthermore, a ship NMEA protocol-based penetration test device 20 relating to another aspect of the present invention is a penetration test device that connects to a ship control network and performs a penetration test, and may include: a verification unit 21 that verifies whether the connected network is used for NMEA communication by extracting the format and characteristics of NMEA document structure through packet capture and packet analysis; an attack method selection unit 22 that selects an attack method if the network is confirmed to be used for NMEA communication through the verification unit 21; an attack data generation unit 23 that generates attack data selected through the attack method selection unit 22; an attack data storage unit 24 that stores the attack data generated through the attack data generation unit 23 and network packets between the time the attack is performed; an attack data transfer unit 25 that transfers the attack data and network packets stored through the attack data storage unit 24 to the ship network; and an attack data analysis unit 26 that analyzes the attack data transferred via the attack data transfer unit 25.
[0035] Furthermore, the attack method selection unit 22 of the penetration test device 20 allows the user to select one of the following attack methods: forged NMEA data transfer, replay attack, and denial-of-service attack.
[0036] Furthermore, the attack method selection unit 22 of the penetration test device 20 allows for updates to new attack methods.
[0037] This allows for diverse penetration testing through the attack method selection unit 22, enabling users to test various attack methods they wish to test and to update with new attack methods.
[0038] Furthermore, the attack data analysis unit 26 of the penetration test device 20 can analyze the amount and transfer time of the transferred NMEA attack data to obtain the penetration test results.
[0039] Therefore, NMEA penetration testing can be performed easily and quickly through the penetration test device 20.
[0040] Furthermore, a ship NMEA protocol-based penetration test method relating to another aspect of the present invention includes a network connection step (S10) in which the penetration test device 20 is connected to the ship control network 12 via NMEA communication; and a verification step (S20) in which the ship network connected through the network connection step (S10) is used for NMEA communication by the verification unit 21 extracting the format and characteristics of the NMEA document structure through packet capture and packet analysis.
[0041] The verification phase (S20) checks whether the network is used for NMEA communication. If the network is not used for NMEA communication, the penetration test is terminated.
[0042] Furthermore, if it is confirmed through the verification stage (S20) that the network will be used for NMEA communication, the process may proceed to the attack method selection stage (S31) in which the attack method selection unit 22 of the penetration test device 20 selects an attack method, then to the attack data generation stage (S32) in which the attack data generation unit 23 generates the attack data selected through the attack method selection stage (S31), then to the attack data storage stage (S33) in which the attack data generated through the attack data generation stage (S32) is stored in the attack data storage unit 24, then to the attack data transfer stage (S34) in which the attack data stored through the attack data storage stage (S33) is transferred to the ship network via the attack data transfer unit 25, and finally to the attack data analysis stage (S35) in which the attack data transferred through the attack data transfer stage (S34) is analyzed by the attack data analysis unit 26.
[0043] Furthermore, in the attack method selection stage (S31) of the shipborne NMEA protocol-based infiltration test method, one of the following can be selected as the attack method: forged NMEA data transfer, replay attack, and denial-of-service attack.
[0044] Furthermore, in the attack method selection stage (S31) of the ship-based NMEA protocol-based penetration test method, the attack method can be updated to include new attack methods.
[0045] Furthermore, in a ship-based NMEA protocol-based infiltration test method, the attack data analysis step (S35) can analyze the amount and transmission time of the transferred NMEA attack data to obtain test results.
[0046] Therefore, according to the present invention, penetration tests for the NMEA protocol can be performed inside a ship, and the NMEA penetration tests can be performed easily and quickly through the device.
[0047] Figure 3 shows the configuration of a device for controlling the connection of a CBS inside a ship according to an embodiment of the present invention, and Figure 4 is a flowchart showing a method for controlling the connection of a CBS inside a ship according to an embodiment of the present invention.
[0048] Referring to Figures 3 and 4, the present invention relates to an authentication device and method for controlling CBS connections within a ship, which uses an ID and password, as well as CBS equipment information used within the ship, to control the connection.
[0049] As shown in Figure 3, the device for controlling the connection of the CBS inside a ship according to the present invention may include a communication unit 100, a beacon transmitter 140, a beacon management server unit 150, a position confirmation unit 160, a navigation information confirmation unit 170, an authentication unit 180, and an AIS (Automatic Identification System) database 200.
[0050] In this case, the beacon management server unit 150 may refer to the database registered on the beacon management server.
[0051] Furthermore, CBS (Computer Based System) refers to a computer-based system that authenticates IDs and passwords to control systems such as navigation, communication, and propulsion inside a ship, and allows users to log in through the communication unit 100.
[0052] The communication unit 100 may include Bluetooth 110, GPS 120, and Wi-Fi 130.
[0053] Furthermore, the beacon transmitter 140 transmits location information when the CBS is logged in or activated, and the beacon management server unit 150 can receive location information from the beacon transmitter 140 and verify whether it matches the registered information of the CBS device.
[0054] Furthermore, if the beacon management server unit 150 confirms that the vessel is located in a blind spot area for beacon information, the CBS transfers GPS information to the position confirmation unit 160, and the navigation information confirmation unit 170 compares the GPS information received by the position confirmation unit 160 with the AIS database 200.
[0055] Furthermore, the system includes an authentication unit 180 that controls the connection to the ship's internal system when the information compared via the beacon management server unit 150 or the navigation information verification unit 170 matches, and the connection to the CBS can be controlled from within the ship via the authentication unit 180.
[0056] In other words, if the beacon management server unit 150 cannot confirm any one of the comparison pieces of information, the comparison pieces are compared through the navigation information confirmation unit 170.
[0057] Furthermore, the authentication unit 180 can be controlled to connect to the ship's internal systems when it receives a beacon message indicating that the CBS is installed inside the ship, or when the CBS's location information matches the navigation route.
[0058] This has the effect of identifying critical systems that must be connected only to authorized crew terminals and systems inside the ship, such as operational management and navigation management systems, and preventing cyberattacks from remote locations.
[0059] Furthermore, a method for controlling the connection of a CBS inside a vessel according to another aspect of the present invention may include a login stage (S110), a location information transfer stage (S120), a comparison and judgment stage (S130), a navigation information confirmation stage (S140), and an authentication stage (S150).
[0060] More specifically, the method for controlling the connection of a CBS (Computer Based Network System) inside a ship according to the present invention involves authenticating an ID and password to the control systems for navigation, communication, propulsion, etc., inside the ship, and communicating with the CBS (Computer Based Network System) through the communication unit. The system includes a login step (S110) to log in to the System; a location information transmission step (S120) to transmit location information via a beacon transmitter when logging in or driving the CBS through the login step (S110); a comparison and determination step (S130) to receive location information from the beacon transmitter through the location information transmission step (S120) and to confirm whether the device information of the CBS matches the information registered in the beacon management server; a navigation information confirmation step (S140) in which, if the CBS is located in a blind spot area where the beacon information cannot be confirmed in the comparison and determination step (S130), the CBS transfers GPS information to the location confirmation unit, and the navigation information confirmation unit compares the GPS information received by the location confirmation unit with the AIS database; and an authentication step (S150) to control the connection of the CBS via the authentication unit to connect to the system inside the ship if it is confirmed through the comparison and determination step (S130) or the navigation information confirmation step (S140), thereby allowing the connection of the CBS to be controlled inside the ship.
[0061] Furthermore, the authentication stage (S150) is characterized by controlling the system to connect to the ship's internal systems when it receives a beacon message indicating that the CBS is installed inside the ship, or when the CBS's location information matches the navigation route.
[0062] Therefore, according to the present invention, it is possible to identify critical systems that must be connected only to authorized crew terminals and systems inside a ship, such as ship operation management and navigation management, and to prevent cyberattacks from remote locations.
[0063] The embodiments of the present invention described above are embodied in the form of program instructions that can be executed through a variety of computer components and can be recorded on a computer-readable recording medium. The computer-readable recording medium may include program instructions, data files, data structures, etc., individually or in combination. The program instructions recorded on the computer-readable recording medium may be specially designed and configured for the present invention, or they may be known and usable by those skilled in the field of computer software. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tapes, optical recording media such as CD-ROMs and DVDs, magneto-optical mediums such as floptical disks, and hardware devices specially configured to store and execute program instructions, such as ROMs, RAMs, and flash memories. Examples of program instructions include not only machine code produced by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like. Hardware devices may be modified into one or more software modules to perform the processing according to the present invention, and vice versa.
[0064] The embodiments described above are provided so that those skilled in the art can easily understand the technical concept of the present invention, and should not be construed as limiting the present invention. It is obvious to those ordinary skill in the art that each embodiment of the present invention can be modified and transformed in various ways without departing from the spirit and scope of the present invention. Therefore, such modifications or variations can be said to fall within the scope of the claims of the present invention. [Explanation of Symbols]
[0065] 10 Networks 11 Management Network 12. Ship control network 13. Device Network 14 Dedicated connection 20 Penetration Testing Apparatus 21 Verification Section 22 Attack Method Selection Section 23 Attack Data Generation Unit 24 Attack Data Storage Unit 25 Attack Data Transfer Unit 26 Attack Data Analysis Department 100 Communications Department 110 Bluetooth 120 GPS (Global Positioning System) 130 Wi-Fi (WiFi) 140 Beacon Transmitters 150 Beacon Management Server Section 160 Position confirmation part 170 Navigation Information Verification Department 180 Authentication Department 200 AIS(Automatic Identification System)
Claims
1. Network connection stage in which the penetration test device is connected to the ship control network within the ship network; and The network connected through the aforementioned network connection stage includes a verification stage in which the verification unit of the penetration test device verifies whether the network is used for NMEA communication by extracting NMEA document structure format and features through packet capture and packet analysis; If it is confirmed through the aforementioned verification stage that the network will be used for NMEA communication, Attack method selection stage in the attack method selection unit of the penetration test device; An attack data generation stage for generating attack data selected through the aforementioned attack method selection stage; An attack data storage stage that stores the attack data generated through the aforementioned attack data generation stage and network packets during the time the attack is performed; An attack data transfer step that transfers the attack data stored through the attack data storage step and network packets during the time the attack takes place to the ship network; and A shipboard NMEA protocol-based penetration test method, comprising: an attack data analysis step of analyzing the attack data transferred through the aforementioned attack data transfer step; and a penetration test method that performs a penetration test by including an attack data analysis step of analyzing the attack data transferred through the aforementioned attack data transfer step.
2. In the aforementioned attack method selection step, The ship NMEA protocol-based penetration test method according to claim 1, wherein the attack method can be selected from any one of the following: forged NMEA data transfer, replay attack, and denial-of-service attack.
3. In the aforementioned attack method selection step, The aforementioned attack method is a shipborne NMEA protocol-based penetration test method according to claim 2, wherein the attack method is updateable to include new attack methods.
4. The aforementioned attack data analysis stage is, A shipborne NMEA protocol-based penetration test method according to claim 1, comprising analyzing the amount and transmission time of transferred NMEA attack data to obtain test results.
5. In a penetration test apparatus that connects to a ship control network and performs penetration tests, A verification unit that confirms whether a network is used for NMEA communication by extracting NMEA document structure format and features through packet capture and packet analysis; If the verification unit confirms that the network is used for NMEA communication, the penetration test device selects an attack method from the attack method selection unit; An attack data generation unit that generates attack data selected through the aforementioned attack method selection unit; An attack data storage unit that stores the attack data generated by the attack data generation unit and network packets during the time the attack is performed; An attack data transfer unit that transfers attack data stored through the attack data storage unit and network packets during the time the attack is performed to the ship's network; and A shipboard NMEA protocol-based penetration test apparatus, comprising: an attack data analysis unit that analyzes attack data transferred through the attack data transfer unit; and an attack data analysis unit that analyzes attack data transferred through the attack data transfer unit.
6. In the attack method selection unit, The shipborne NMEA protocol-based penetration test apparatus according to claim 5, wherein the attack method can be selected from one of the following: forged NMEA data transfer, replay attack, and denial-of-service attack.
7. In the attack method selection unit, The attack method is an updateable new attack method, as described in claim 6, for the shipborne NMEA protocol-based penetration test apparatus.
8. The aforementioned attack data analysis unit, A shipborne NMEA protocol-based penetration test apparatus according to claim 5, which analyzes the amount and transmission time of transferred NMEA attack data to obtain test results.
9. A Computer-Based System (CBS) is a system that authenticates an ID and password to the ship's internal control systems for navigation, communication, and propulsion, and allows login through the communications department. A beacon transmitter that transmits location information when the aforementioned CBS is logged in or activated; A beacon management server unit that receives location information from the beacon transmitter and checks whether the device information of the CBS matches the registered information; A location confirmation unit that receives GPS information from CBS when the location is in a blind spot area where beacon information is unavailable during confirmation by the aforementioned beacon management server; A navigation information confirmation unit that compares GPS information received by the position confirmation unit with the AIS database; and A device for controlling the connection of the CBS inside a ship, including an authentication unit that controls the connection to the ship's internal system when the information is confirmed to match through the beacon management server or the navigation information verification unit;
10. The device for controlling the connection of a CBS inside a ship according to claim 9, characterized in that the authentication unit controls the connection to a system inside the ship when it receives a beacon message indicating that the CBS is installed inside the ship, or when the location information of the CBS matches the navigation route.
11. The login phase involves authenticating an ID and password to the ship's internal control systems for navigation, communication, and propulsion, and logging into the CBS (Computer-Based System) via the communications department; When logging in to or activating CBS through the aforementioned login stage, a location information transmission stage is performed in which location information is transmitted via a beacon transmitter; A comparison and determination step is taken to receive location information from the beacon transmitter through the location information transmission step and to confirm whether the device information of the CBS matches the information registered in the beacon management server unit; In the comparison and judgment stage, if the vessel is located in a blind spot area where beacon information has not been confirmed, the CBS transmits GPS information to the position confirmation unit, and the navigation information confirmation unit compares the GPS information received by the position confirmation unit with the AIS database in the navigation information confirmation stage; and A method for controlling the connection of a CBS inside a ship, including an authentication step which controls the connection via an authentication unit to a system inside the ship if the information is found to match through the comparison and judgment step or the navigation information verification step.
12. The aforementioned authentication step is, A method for controlling the connection of a CBS inside a ship according to claim 11, characterized in that when a beacon message indicating that the CBS is installed inside the ship is received, or when the location information of the CBS matches the navigation route, the CBS is controlled to connect to a system inside the ship.