Enhancing Navigator Competence by Demonstrating Maritime Cyber Security

Hareide, Odd Sveinung; Jøsok, Øyvind; Lund, Mass Soldal; Ostnes, Runar; Helkala, Kirsi

doi:10.1017/s0373463318000164

Cited by 40 publications

(39 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Ships are increasingly using information and operational technology systems that depend on digitisation, networking and integration. As the reliance on computing and communication technologies is growing, the need for cyber risk management is becoming critically important (Polatid et al 2018; Hareide et al, 2018; Shapiro et al, 2018; Botunac and Grz̆an, 2017; Lee et al, 2017; Hassani et al, 2017; Burton, 2016; Balduzzi et al, 2014; Svilicic and Kras, 2005). Recently, the International Maritime Organization (IMO) has published Guidelines on high-level recommendations for maritime cyber risk management (IMO MSC, 2017c).…”

Section: Introductionmentioning

confidence: 99%

Maritime Cyber Risk Management: An Experimental Ship Assessment

et al. 2019

View full text Add to dashboard Cite

The maritime transport industry is increasingly reliant on computing and communication technologies, and the need for cyber risk management of critical systems and assets on vessels is becoming critically important. In this paper, a comprehensive cyber risk assessment of a ship is presented. An experimental process consisting of assessment preparation activities, assessment conduct and results communication has been developed. The assessment conduct relies on a survey developed and performed by interviewing a ship's crew. Computational vulnerability scanning of the ship's Electronic Chart Display and Information System (ECDIS) is introduced as a specific part of this cyber security assessment. The assessment process presented has been experimentally tested by evaluating the cyber security level of Kobe University's training ship Fukae-maru. For computational vulnerability scanning, an industry-leading software tool has been used, and a quantitative cyber risk analysis has been conducted to evaluate cyber risks on the ship.

show abstract

Section: Introductionmentioning

confidence: 99%

Maritime Cyber Risk Management: An Experimental Ship Assessment

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Ship operational technology systems for a last two decades have been intensively developed by means of digitalization, integration and networking. The development resulted in complex and computerbased technology systems, and therefore there is urgent need for safeguarding shipping from cyber threats and vulnerabilities (Svilicic et al 2019, Tam et al 2019, Filic 2018, Kessler et al 2018, Polatid et al 2018, Hareide et al 2018, Shapiro et al, 2018, Svilicic et al 2018, Lee et al 2017, Hassani et al 2017, Burton 2016, Balduzzi et al 2014, Svilicic et al 2005. The International Maritime Organization (IMO) has recently published the Guidelines on high-level recommendations for maritime cyber risk management (IMO MSC-FAL.1/Circ.3 2017), and imposed to include cyber risk assessment in the implementation of the International Safety Management (ISM) Code safety management system on ships by 1st of January 2021 (IMO MSC.428(98) 2017).…”

Section: Introductionmentioning

confidence: 99%

Raising Awareness on Cyber Security of ECDIS

Sviličić¹,

Brčić²,

Žuškin³

et al. 2019

TransNav

View full text Add to dashboard Cite

In the maritime transport, the Electronic Chart Display and Information System (ECDIS) has been developed into a complex computer-based ship critical operational technology system, playing central roles in the safe ship navigation and transport. While ECDIS software maintenance is regulated by the International Maritime Organization (IMO) ECDIS performance standards and related circulars, underlying software and hardware arrangements are implemented by ship-owners and supported by ECDIS equipment manufacturers. In this paper, we estimate ECDIS cyber security in order to study the origin of ECDIS cyber security risks. A set of ECDIS systems is examined using an industry-leading vulnerability scanning software tool, and cyber threats regarding the ECDIS backup arrangement, underlying operating system and third party applications are studied.

show abstract

“…Remarkable advances in computer technology over the last two decades have also influenced radar development, resulting in complex software-based systems. With the increasing reliance on digitalisation, software development and network integration – not only of radar but other shipboard navigational equipment – the need to safeguard shipping from cyber threats has acquired great importance (Lee et al, 2017; Fernández-Hernández et al, 2018; Hareide et al, 2018; Lewis et al, 2018; Polatid et al, 2018; Shapiro et al, 2018; Svilicic et al, 2019; Tam and Jones, 2019).…”

Section: Introductionmentioning

confidence: 99%

Towards a Cyber Secure Shipboard Radar

et al. 2019

View full text Add to dashboard Cite

This paper presents a comparative cyber security resilience estimation of shipboard radars that are implemented on two oil/chemical tankers certified as SOLAS ships. The estimated radars were chosen from the same manufacturer, but belonged to different generations. The estimation was conducted by means of ships' crew interviews and computational testing of the radars using a widely deployed vulnerability scanning software tool. The identified cyber threats were analysed qualitatively in order to gain a holistic understanding of cyber risks threatening shipboard radar systems. The results obtained experimentally indicate that potential cyber threats mainly relate to maintenance of the radars' underlying operating system, suggesting the need for regulatory standardisation of periodic cyber security testing of radar systems.

show abstract

Enhancing Navigator Competence by Demonstrating Maritime Cyber Security

Cited by 40 publications

References 19 publications

Maritime Cyber Risk Management: An Experimental Ship Assessment

Maritime Cyber Risk Management: An Experimental Ship Assessment

Raising Awareness on Cyber Security of ECDIS

Towards a Cyber Secure Shipboard Radar

Contact Info

Product

Resources

About