Assessing ship cyber risks: a framework and case study of ECDIS security

Sviličić, Boris; Kamahara, Junzo; Ćelić, Jasmin; Bolmsten, Johan

doi:10.1007/s13437-019-00183-x

Cited by 36 publications

(31 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The cybersecurity testing of the INS was conducted with the world's most widely deployed industry vulnerability scanner, Nessus Professional version 8.0.1 [29]. Vulnerability scanning is a passive method of reviewing the INS to gain comprehensive insight into all vulnerabilities that are already known to the cybersecurity community, attackers, and software developers [6,30]. A laptop with the installed vulnerability scanner was connected directly to the INS with a crossover Ethernet cable.…”

Section: Cybersecurity Testingmentioning

confidence: 99%

A Study on Cyber Security Threats in a Shipboard Integrated Navigational System

Sviličić

Rudan

Jugović

et al. 2019

JMSE

View full text Add to dashboard Cite

The integrated navigational system (INS) enhances the effectiveness and safety of ship navigation by providing multifunctional display on the basis of integration of at least two navigational functions, the voyage route monitoring with Electronic Chart Display and Information System (ECDIS) and collision avoidance with radar. The INS is essentially a software platform for fusion of data from the major ECDIS and radar systems with sensors for the additional navigation functions of route planning, status and data display, and alert management. This paper presents a study on cyber security resilience examination of a shipboard INS installed on a RoPax ship engaged in international trade. The study was based on a mixed-method approach, combining an interview of the ship's navigational ranks and cyber security testing of the INS using an industry vulnerability scanner. The identified threats were analyzed qualitatively to study the source of cyber risks threatening the INS. The results obtained point out cyber threats related to weaknesses of the INS underlying operating system, suggesting a need for occasional preventive maintenance in addition to the regulatory compliance required.

show abstract

Section: Cybersecurity Testingmentioning

confidence: 99%

A Study on Cyber Security Threats in a Shipboard Integrated Navigational System

Sviličić

Rudan

Jugović

et al. 2019

JMSE

View full text Add to dashboard Cite

show abstract

“…The cyber security testing of the ECDIS was performed using the industry most widely used vulnerability scanner, the Nessus Professional version 8.0.1 (Nessus, 2019). The vulnerability scanning is a computational method of detecting cyber vulnerabilities, which are known not only to the manufactures of the software and the underlying operating system, but also to potential attackers (Svilicic et al, 2019c;Svilicic et al, 2018). Figure 3 shows the testing setup.…”

Section: Cyber Security Testingmentioning

confidence: 99%

“…The ECDIS is basically a software package with standardized functionality by IMO performance standards (IMO, 2017c), which is running on a general operating system from a different manufacturer than the system itself. It has been shown that the ECDIS underlying operating system is a source of major cyber threats (Svilicic et al, 2019b;Svilicic et al, 2019c). However, most of the today`s software is comprised of third-party components, which are developed by an entity other than the manufactures of the software or the underlying operating system.…”

Section: Introductionmentioning

confidence: 99%

Shipboard ECDIS Cyber Security

et al. 2019

Self Cite

View full text Add to dashboard Cite

The Electronic Chart Display and Information System (ECDIS) plays a central role in safe navigation of ships. The ECDIS is basically a software package running on a general operating system that could be comprised of the third-party components. This paper presents an analysis of cyber security weaknesses of a shipboard ECDIS raising from the ECDIS software’s third-party components. The analysis is based on the cyber security testing of the shipboard ECDIS using an industry vulnerability scanner. Detected vulnerabilities are analysed regarding the protection measures implemented on the ship. The results suggest that even the type approved ECDIS system with maintained ECDIS software and the underlying operating system could be vulnerable due to weaknesses in the ECDIS software’s third-party components.

show abstract

“…More advanced tools are used to overcome the privacy of user by cybercriminals and obtaining the required results. 2 billion data records have been compromised by the year of 2017 [10], more over additional 4.5 billion records were breach in the first half of 2018 alone. The rising trends and the security issues are listed below.…”

Section: Cybercrimesmentioning

confidence: 99%

“…It may make improper function of IOT connected devices. So we must be safe and secure our devices and by the knowledgeable application to given permissions on [10] your devices. Malware may use your devices and access to get hardware access to network database in wireless IOT.…”

Section: Device Authenticationmentioning

confidence: 99%

Secure Integration of Cyber Security and Internet of Things in Addressing its Challenges

S*,

Vanitha

2019

IJRTE

View full text Add to dashboard Cite

The main objective of this paper is to give details about the security problems related to IoT and ways to overcome it. Almost everyone are accessing to internet daily. Most crucial data are shared over internet among various persons. Things which are connected to internet are known to be Internet of Things. Even though Indians are facing the huge attack, they are the leading internet users around the world. The main type of attacks are Phishing, smart phone attacks etc. This the main reason for the raise of internet security which is termed as cyber security. Setting strong passwords, preventing illegal access using two factor authentications are most common ways for preventing the things from internet.

show abstract

Assessing ship cyber risks: a framework and case study of ECDIS security

Cited by 36 publications

References 10 publications

A Study on Cyber Security Threats in a Shipboard Integrated Navigational System

A Study on Cyber Security Threats in a Shipboard Integrated Navigational System

Shipboard ECDIS Cyber Security

Secure Integration of Cyber Security and Internet of Things in Addressing its Challenges

Contact Info

Product

Resources

About