As the maritime sector embraces more technology to increase efficiency, lower carbon emissions, and adapt to meet modern challenges, cyber and cyberphysical safety become a more significant issue. However, unfortunately, much of past research view cyber-security issues in transportation as primarily information technology problems. This paper designs and uses a case study to illustrate how cyber-security and physical safety should be viewed together, cyber and physical (i.e. cyber-physical), when considering ship-to-ship and ship-to-shore interactions. While there is some scenario designing, this case study is built with real port data and ship systems to demonstrate a real-world cyber-attack on a ship. It shows plausible physical effects that affect the safety of those involved. This case study is also made realistic with a novel hybrid cyber range and hardware testbed environment, designed to examine the different effects a ship-based cyber-attack could potentially have on a port. This informs several solutions, technical and social, that could enhance cyberphysical safety in marine transportation.
Due to the increase in the digitalization on board ships, the potential consequences of a cyber-induced incident can threaten the safety of the ships. A known challenge in the maritime industry is communication between ship owner management onshore and the crew on board a ship, especially during incident handling. To mitigate this issue and enhance cooperation in the digital age, crew and ship owner management need to meet, train for, and discuss cyber risks and their challenges. One way to enhance cohesive teams and effective communication is through the application of a human-centred design (HCD) approach to holistic team training. This paper proposes how simulator instructors should utilise HCD for the development of maritime cyber resilience training, tailored to a variety of maritime stakeholders including ship’s crew and onshore support personnel. To do this, this paper will explore relevant learning theories and current maritime and cyber-related training methods. The paper will then demonstrate, through a practical application, the effectiveness of adopting HCD when designing maritime cyber resilience training. This application will argue that maritime simulators present an effective training solution for new cyber-related incidents. The authors demonstrate the application of HCD by showcasing a ballast water handling system cyber incident designed for the simulator. The development of such a training resource allows all participants to experience the consequences of a cyber-attack in a safe environment whilst enhancing their ability to respond (i.e. communicate with each other) effectively.
Voyage Data Recorders (VDRs), often referred to as the ‘black boxes’ of the shipping industry, collect and store vital data from key sensors and locations around the ship. This data plays a pivotal role in incident investigation, as was seen in the grounding of the Costa Concordia in 2012, and the sinking of the El Faro in 2015. With such an important role to play, the International Maritime Organization (IMO) has mandated that all SOLAS registered ships carry a VDR, which can demonstrate compliance with internationally agreed standards. Without a VDR compliant with these standards a ship cannot sail. However, the rise in the number, and sophistication, of digital devices are making the sector increasingly vulnerable to cyber-attacks. This paper will demonstrate a number of high-risk VDR cyber security vulnerabilities and review the current international technical standards covering all VDR devices being manufactured and used today, drawing attention to the minimum security requirements. The paper will go on to discuss how these standards fail to promote the necessary levels of cyber security needed to protect VDRs from today’s cyber risks, amidst increased demands for digital connectivity for remote and autonomous operations. The paper will conclude by proposing several amendments (technical and non-technical) to the current standards which, if adopted, will help increase the minimum level of security of VDRs. Industry opinions were gathered on this topic, and their beliefs have been included across this paper.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.