As the maritime sector embraces more technology to increase efficiency, lower carbon emissions, and adapt to meet modern challenges, cyber and cyberphysical safety become a more significant issue. However, unfortunately, much of past research view cyber-security issues in transportation as primarily information technology problems. This paper designs and uses a case study to illustrate how cyber-security and physical safety should be viewed together, cyber and physical (i.e. cyber-physical), when considering ship-to-ship and ship-to-shore interactions. While there is some scenario designing, this case study is built with real port data and ship systems to demonstrate a real-world cyber-attack on a ship. It shows plausible physical effects that affect the safety of those involved. This case study is also made realistic with a novel hybrid cyber range and hardware testbed environment, designed to examine the different effects a ship-based cyber-attack could potentially have on a port. This informs several solutions, technical and social, that could enhance cyberphysical safety in marine transportation.
A rise in catastrophic loss-of-life events as a result of poor safety management (e.g., the capsizing of the Herald of Free Enterprise and the Costa Concordia) has driven the maritime sector to improve its safety management practices. This paper will explore the vital role of the human element within safety management, and why, as part of that safety management, organizations must foster a safety culture. This development must be achieved if organizations are to make a significant step forward in preventing similar catastrophes in the future. It is important to note that the development of safety cultures is not new to the maritime sector. However, the increase in connected systems within the sector (e.g., satellite communications) means these safety cultures must now consider the new, or altered, risks posed by digital systems. Therefore, the paper, through a high-level literature review, will consider what the core elements of a cyber safety culture are, and how an organization company can nurture its development, both internally and across the wider sector. The paper will discuss the various benefits of developing a robust cyber safety culture, including demonstrable compliance to the International Maritime Organization’s (IMO) cyber regulation, Resolution MSC.428(98). The paper will conclude by arguing the development of a cyber safety culture is not going to remove all risk completely, but rather will allow organizations to be better prepared for when incidents do occur. Highlights This paper argues that managing maritime cyber risks is not easy. However, through the inclusion of cyber risk into an organisations safety culture, operations can become more resilient to cyber incidents. Safety cultures have been a mandated part of maritime risk management for many years. Through the ratification of the International Maritime Organizations Resolution MSC.428(98) cyber risks are now included within this remit. This paper explores the benefits to an organisation by developing a cyber safety culture, including: demonstration of compliance, reduction in the human risk, lower financial implications and potentially better insurance premiums. The paper also discusses the practical implications of developing a cyber safety culture, and how through experiencing these cultures early on in their career can have positive improvements on the safety of operations.
Modern Cyber-Physical Systems (CPS) show increasing levels of automation, intelligence, and optimization capabilities. Both creators and adopters of these technologies emphasize the benefits: safety, cost-savings, and efficiencies. Existing literature under-represents the potential risks associated with the adoption of individually complex systems and interconnected Systems-of-Systems (SoS). Research primarily focuses on the potential benefits, and many recent deployments of new technology have received little rigorous scrutiny. The studies that do explore issues, such as cyber-attacks on CPS, often lack an analysis of the potential impact based on the way cyber-physical risks are communicated. Due to high levels of interaction and inter dependencies in CPS, disruptions in one sector can propagate to other sectors. The initial economic impacts may start locally but will often lead to global effects if response mechanisms prove insufficient. This case study aims to address a research gap in modeling, and quantifies how a cyber-attack, with physical consequences, can affect local and global trade if a single maritime port is affected. Additionally, to further understanding of the public's perception of risk about cyber-attacks and its emergent threat to global supply chains, members of the public were asked to react to the potential econometric losses. This study produced the five-part CyPEM (Cyber Physical Econometric Model) that has the capability to translate a cyber-attack to an econometric loss. Each framework part may also be swapped out to analyze different CPS. With this, we discovered a gap in the perceptions of cyber-physical risk regarding maritime transport.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.