Communication architecture for autonomous passenger ship

Amro, Ahmed; Gkioulos, Vasileios; Katsikas, Sokratis K.

doi:10.1177/1748006x211002546

Cited by 13 publications

(20 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The later activities are achieved through the formalization of a model developed using Architecture Analysis and Design Language (AADL) [46] and OSATE, an open-source tool that supports it [47]. AADL is utilized to facilitate the architecture description and analysis considering that the underlying communication architecture is modeled using the same modeling language [10]. Moreover, AADL which can extend SysML has been utilized for analyzing critical systems due to its ability to describe information related to hardware, operating system, and code, allowing it to be applied at different stages during system development life-cycle [48,49].…”

Section: Design Definition Processmentioning

confidence: 99%

“…A defense strategy is modeled using a mapping between the AT T &C K controls and the architectural components which are within the scope of the control function. In order to demonstrate our approach, we will utilize a use case of an APS during different system development stages, namely an APS model which has been developed in our earlier work [10] as well as an implemented APS prototype named milliAmpere2.…”

Section: Threat-informed Defense-in-depthmentioning

confidence: 99%

“…The requirements for reliable communication included aspects related to redundancy for high availability, resiliency, network segregation, and others. The communication requirements have been addressed in the design and development of the communication architecture presented in [10]. On the other hand, the requirements related to the cybersecurity of the APS are addressed in this paper with the milliAmpere2 as a use case.…”

Section: Use Case: Autonomous Passenger Shipmentioning

confidence: 99%

“…The established requirements were communicated by the identified APS stakeholders with a prime focus on communication reliability and cybersecurity toward safe operations. Toward addressing these requirements, a communication architecture for the APS has been proposed to satisfy the communication-related requirements [10]. This paper on the other hand addresses the cybersecurity requirements through the development of a cybersecurity architecture complementing the previously proposed communication architecture.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Cyber risk management for autonomous passenger ships using threat-informed defense-in-depth

Amro

Gkioulos

2022

Int. J. Inf. Secur.

Self Cite

View full text Add to dashboard Cite

Recent innovations in the smart city domain have led to the proposition of a new mode of transportation utilizing Autonomous Passenger Ships (APS) or ferries in inland waterways. The novelty of the APS concept influenced the cyber risk paradigm and led to different considerations regarding attack objectives, techniques as well as risk management approaches. The main factor that has led to this is the autoremote operational mode, which refers to autonomous operations and remote supervision and control in case of emergency. The autoremote operational mode influences the risk of cyber attacks due to the increased connectivity and reliance on technology for automating navigational functions. On the other hand, the presence of passengers without crew members imposes a safety risk factor in cyber attacks. In this paper, we propose a new cyber risk management approach for managing the cyber risks against cyber physical systems in general and Autonomous Passenger Ships in particular. Our proposed approach aims to improve the Defense-in-Depth risk management strategy with additional components from the Threat-Informed Defense strategy allowing for more evolved cyber risk management capabilities. Moreover, we have utilized the proposed cyber risk management approach for the proposition of a cybersecurity architecture for managing the cyber risks against an APS use case named milliAmpere2. Additionally, we present our results after conducting a Systematic Literature Review (SLR) in cybersecurity evaluation in the maritime domain. Then, the findings of the SLR were utilized for a suitable evaluation of the proposed risk management approach. Our findings suggest that our proposed risk management approach named Threat-Informed Defense-in-Depth is capable of enriching several risk management activities across different stages in the system development life cycle. Additionally, a comprehensive evaluation of the cybersecurity posture of milliAmpere2 has been conducted using several approaches including risk evaluation, simulation, checklist, and adversary emulation. Our evaluation has uncovered several limitations in the current cybersecurity posture and proposed actions for improvement.

show abstract

Section: Design Definition Processmentioning

confidence: 99%

Section: Threat-informed Defense-in-depthmentioning

confidence: 99%

Section: Use Case: Autonomous Passenger Shipmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Cyber risk management for autonomous passenger ships using threat-informed defense-in-depth

Amro

Gkioulos

2022

Int. J. Inf. Secur.

Self Cite

View full text Add to dashboard Cite

show abstract

“…The tasks of the INS were defined in the Resolution MSC.252(83) Adoption of the revised performance standards for Integrated Navigation System (INS)" by the IMO [36]. On the other hand, the functions for the APS are defined by Amro et al [37].…”

Section: Step 1 -Navigational Tasks and Functionsmentioning

confidence: 99%

Navigation Data Anomaly Analysis and Detection

Amro¹,

Oruc²,

Gkioulos³

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

Several disruptive attacks against companies in the maritime industry have led experts to consider the increased risk imposed by cyber threats as a major obstacle to undergoing digitization. The industry is heading toward increased automation and connectivity, leading to reduced human involvement in the different navigational functions and increased reliance on sensor data and software for more autonomous modes of operations. To meet the objectives of increased automation under the threat of cyber attacks, the different software modules that are expected to be involved in different navigational functions need to be prepared to detect such attacks utilizing suitable detection techniques. Therefore, we propose a systematic approach for analyzing the navigational NMEA messages carrying the data of the different sensors, their possible anomalies, malicious causes of such anomalies as well as the appropriate detection algorithms. The proposed approach is evaluated through two use cases, traditional Integrated Navigation System (INS) and Autonomous Passenger Ship (APS). The results reflect the utility of specification and frequency-based detection in detecting the identified anomalies with high confidence. Also, the analysis is found to facilitate the communication of threats through indicating the possible impact of the identified anomalies against the navigational operations. Moreover, we have developed a testing environment that facilitates conducting the analysis. The environment includes a developed tool, NMEA−Manipulator that enables the invocation of the identified anomalies through a group of cyber attacks on sensor data. Our work paves the way for future work in the analysis of NMEA anomalies toward the development of an NMEA intrusion detection system.

show abstract

Communication and Cybersecurity Testbed for Autonomous Passenger Ship

Amro

Gkioulos

2022

Computer Security. ESORICS 2021 International Workshops

Self Cite

View full text Add to dashboard Cite

Many industrial sectors are undergoing a digital transformation, including maritime. New technological advancements and modes of operations are being introduced to maritime infrastructure, which includes ships, ports, and other facilities. Digital transformation in maritime has among its goals reducing human involvement and improving remote connectivity. The achievement of these goals hinges on several components, including communication technologies and cybersecurity. Consequently, maritime-related communication and cybersecurity solutions are in high demand. This paper targets the development of a maritimethemed testbed utilized to evaluate and analyze several maritime use cases, including autonomous passenger ships (APS) with a prime focus on the communication and cybersecurity aspects. We have proposed abstraction of processes guiding the utilization of the testbed capabilities. Also, we proposed an approach for replicating the target system of analysis which facilitates the analysis and evaluation activities. The proposed testbed and its processes have been evaluated by discussing some of the projects that utilized it, including evaluating communication and cybersecurity architectures for an APS use case. Additionally, after comparison with the state-of-the-art in cybersecurity testbeds, the testbed was found to be supporting the majority of the concepts and properties observed in the literature while the missing elements were highlighted and designated as suggestions for future work. Moreover. we provide a discussion of the challenges in cybersecurity evaluation in maritime in general and autonomous ships in particular.

show abstract

Communication architecture for autonomous passenger ship

Cited by 13 publications

References 22 publications

Cyber risk management for autonomous passenger ships using threat-informed defense-in-depth

Cyber risk management for autonomous passenger ships using threat-informed defense-in-depth

Navigation Data Anomaly Analysis and Detection

Communication and Cybersecurity Testbed for Autonomous Passenger Ship

Contact Info

Product

Resources

About