A Taxonomy Framework for Maritime Cybersecurity: A Demonstration Using the Automatic Identification System

Kessler, Gary C.; Craiger, J. Philip; Haass, Jon

doi:10.12716/1001.12.03.01

Cited by 41 publications

(28 citation statements)

References 9 publications

(17 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In [ 24 ], considering the growth of cyberattacks in the maritime sector, the authors describe a taxonomy that supports the creation of adversarial cyber models, risk mitigation and resilience plans applied to the maritime industry. The authors transfer the methods from the aviation sector to the maritime sector and demonstrate the approach using the AIS.…”

Section: Related Workmentioning

confidence: 99%

“…Despite the significant utility and importance of AIS to the safety at sea, these systems lack cybersecurity mechanisms and are prone to attacks. The literature demonstrates techniques where AIS data can be spoofed or hacked to malicious activities [ 24 , 25 , 45 ]. By forging and broadcasting false AIS messages, for instance [ 45 ], it is possible to insert false AIS plots in electronic navigation systems, such as an ECDIS.…”

Section: Attack Triggering Mechanismmentioning

confidence: 99%

See 1 more Smart Citation

A Triggering Mechanism for Cyber-Attacks in Naval Sensors and Systems

Leite

Moraes

Albuquerque

et al. 2021

Sensors

View full text Add to dashboard Cite

In the maritime sector, the integration of radar systems, Automatic Identification System (AIS) and Electronic Chart Display and Information System (ECDIS) through digital technologies enables several benefits to maritime operations, but also make ships prone to cyberattacks. In this context, this work investigates the feasibility of an attacker using a radar system or AIS as open door to remotely send commands to a cyber threat hosted on a ship, even if the ship’s systems are air gapped—i.e., are not connected to other networks. The received commands are intended to trigger a cyber threat located in the ship. Although the literature covers several analyzes on cyber risks and vulnerabilities in naval systems, it lacks exploiting mechanisms capable of acknowledging attack commands received through radar and AIS. To this end, this work proposes a triggering mechanism that uses a template matching technique to detect specific patterns transmitted by the attacker to the ship’s radar or AIS. The results show the effectiveness of the proposed technique as a tool to acknowledge the received attack commands and activate a malicious code previously installed on the ship. In the case of attacks on a radar system, the accuracy achieved by the proposed method is 0.90. In the case of attacks on an AIS/ECDIS setup it presents an accuracy of 0.93. In both cases the proposed mechanism maintains the due safety against accidental attack activations.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Attack Triggering Mechanismmentioning

confidence: 99%

A Triggering Mechanism for Cyber-Attacks in Naval Sensors and Systems

Leite

Moraes

Albuquerque

et al. 2021

Sensors

View full text Add to dashboard Cite

show abstract

“…Ship operational technology systems for a last two decades have been intensively developed by means of digitalization, integration and networking. The development resulted in complex and computerbased technology systems, and therefore there is urgent need for safeguarding shipping from cyber threats and vulnerabilities (Svilicic et al 2019, Tam et al 2019, Filic 2018, Kessler et al 2018, Polatid et al 2018, Hareide et al 2018, Shapiro et al, 2018, Svilicic et al 2018, Lee et al 2017, Hassani et al 2017, Burton 2016, Balduzzi et al 2014, Svilicic et al 2005. The International Maritime Organization (IMO) has recently published the Guidelines on high-level recommendations for maritime cyber risk management (IMO MSC-FAL.1/Circ.3 2017), and imposed to include cyber risk assessment in the implementation of the International Safety Management (ISM) Code safety management system on ships by 1st of January 2021 (IMO MSC.428(98) 2017).…”

Section: Introductionmentioning

confidence: 99%

Raising Awareness on Cyber Security of ECDIS

Sviličić¹,

Brčić²,

Žuškin³

et al. 2019

TransNav

View full text Add to dashboard Cite

In the maritime transport, the Electronic Chart Display and Information System (ECDIS) has been developed into a complex computer-based ship critical operational technology system, playing central roles in the safe ship navigation and transport. While ECDIS software maintenance is regulated by the International Maritime Organization (IMO) ECDIS performance standards and related circulars, underlying software and hardware arrangements are implemented by ship-owners and supported by ECDIS equipment manufacturers. In this paper, we estimate ECDIS cyber security in order to study the origin of ECDIS cyber security risks. A set of ECDIS systems is examined using an industry-leading vulnerability scanning software tool, and cyber threats regarding the ECDIS backup arrangement, underlying operating system and third party applications are studied.

show abstract

“…The Electronic Chart Display and Information System (ECDIS) has significantly changed the ship navigation by providing real-time navigational information and reduction of workload from paper charts (Brčić et al, 2019), and thus enhancing the efficiency and safety. The ECDIS development for about three decades into the complex computer-based system has raised a need to protect the safe navigation from cyber threats (Svilicic et al, 2019a;Tam and Jones, 2019;Svilicic et al, 2019b;Hareide et al, 2018;Kessler et al, 2018;Lee et al, 2017). Therefore, International Maritime Organization (IMO) has imposed to include cyber risk assessment in the International Safety Management (ISM) Code by the 1 st January 2021 (IMO, 2017a).…”

Section: Introductionmentioning

confidence: 99%

“…[5][6][7][8][9][10][11][12][13][14] Web server The version of the Apache web server running on the ECDIS is affected by multiple vulnerabilities. An attacker could cause a denial of service condition, execute code, obtain sensitive information, execute cross-site scripting attacks or cause the ECDIS to crash.…”

mentioning

confidence: 99%

Shipboard ECDIS Cyber Security

et al. 2019

View full text Add to dashboard Cite

The Electronic Chart Display and Information System (ECDIS) plays a central role in safe navigation of ships. The ECDIS is basically a software package running on a general operating system that could be comprised of the third-party components. This paper presents an analysis of cyber security weaknesses of a shipboard ECDIS raising from the ECDIS software’s third-party components. The analysis is based on the cyber security testing of the shipboard ECDIS using an industry vulnerability scanner. Detected vulnerabilities are analysed regarding the protection measures implemented on the ship. The results suggest that even the type approved ECDIS system with maintained ECDIS software and the underlying operating system could be vulnerable due to weaknesses in the ECDIS software’s third-party components.

show abstract

A Taxonomy Framework for Maritime Cybersecurity: A Demonstration Using the Automatic Identification System

Cited by 41 publications

References 9 publications

A Triggering Mechanism for Cyber-Attacks in Naval Sensors and Systems

A Triggering Mechanism for Cyber-Attacks in Naval Sensors and Systems

Raising Awareness on Cyber Security of ECDIS

Shipboard ECDIS Cyber Security

Contact Info

Product

Resources

About