Evaluation of a Cyber Risk Assessment Approach for Cyber-Physical Systems: Maritime and Energy Use Cases

Amro, Ahmed; Gkioulos, Vasileios

doi:10.20944/preprints202303.0135.v1

Cited by 2 publications

(2 citation statements)

References 15 publications

(27 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, the RS-232 of serial interface family, which supports baud rate 4800 for NMEA 0183 using in the VDR, has vulnerability against buffer overflow attacks (Malviya, 2020). Previous research has shown that NMEA 0183 High Speed is similarly vulnerable (Amro, 2021).…”

Section: Identification Of Cyber Vulnerabilities and Cyber-attacks Fo...mentioning

confidence: 97%

“…NMEA 2000 shares vulnerabilities with its underlying CAN serial bus technology. Malicious code can be executed on sniffed packets in the broadcast and packets can be played back (replay attack), invalidate data or inject revised traffic (Amro, 2021). The replay attacks can be performed especially on the audio-visual system because of the insecure communication line between the cameras or microphone and receiving systems, such as VDR.…”

Section: Identification Of Cyber Vulnerabilities and Cyber-attacks Fo...mentioning

confidence: 99%

See 1 more Smart Citation

Cybersecurity risk assessment of VDR

et al. 2023

View full text Add to dashboard Cite

The voyage data recorder (VDR) is a data recording system that aims to provide all navigational, positional, communicational, sensor, control and command information for data-driven investigation of accidents onboard ships. Due to the increasing dependence on interconnected networks, cybersecurity threats are one of the most severe issues and critical problems when it comes to safeguarding sensitive information and assets. Cybersecurity issues are extremely important for the VDR, considering that modern VDRs may have internet connections for data transfer, network links to the ship's critical systems and the capacity to record potentially sensitive data. Thus, this research adopted failure modes and effects analysis (FMEA) to perform a cybersecurity risk assessment of a VDR in order to identify cyber vulnerabilities and specific cyberattacks that might be launched against the VDR. The findings of the study indicate certain cyberattacks (false information, command injection, viruses) as well as specific VDR components (data acquisition unit (DAU), remote access, playback software) that required special attention. Accordingly, preventative and control measures to improve VDR cybersecurity have been discussed in detail. This research makes a contribution significantly to the improvement of ship safety management systems, particularly in terms of cybersecurity.

show abstract

Section: Identification Of Cyber Vulnerabilities and Cyber-attacks Fo...mentioning

confidence: 97%

Section: Identification Of Cyber Vulnerabilities and Cyber-attacks Fo...mentioning

confidence: 99%

Cybersecurity risk assessment of VDR

et al. 2023

View full text Add to dashboard Cite

show abstract

Fuzzy-Based Unified Decision-Making Technique to Evaluate Security Risks: A Healthcare Perspective

et al. 2023

View full text Add to dashboard Cite

Neoteric biomedical, technological, and normative shifts have prompted care firms to establish clinical governance as a contrivance to assure high-quality service in an exceedingly intricate milieu. Web security is an epochal concern in the healthcare sector, although it has garnered scant attention since the inception of web applications. The necessity to provide adequate security for healthcare web applications (HWAs) cannot be exaggerated, as umpteen health agencies are contingent on them to carry out their operations. Every healthcare organization renders a humongous volume of data available online to practitioners, pharmacies, and patients. Researchers are continually endeavoring to ameliorate techniques to increase the security and longevity of HWAs. In this context, experts examined certain imperative security risks in HWAs to quantitatively evaluate them in the design phase and covered numerous facets of HWAs, along with their security attributes and risk factors. The authors have proposed a combined approach of fuzzy-based symmetric techniques, i.e., AHP-TOPSIS (Analytic Hierarchy Process–Technique for Order of Preference by Similarity to Ideal Solution), for the assessment of alternative HWAs, leveraging the multi-criteria decision-making (MCDM) approach. Ten consecutive HWAs from local hospitals in Uttar Pradesh, India, have been taken to estimate the security risk, incorporating this methodology to evaluate the priority of weightage and the impact of security attributes. Henceforth, the findings and methodology employed in this study can assist security practitioners in identifying and prioritizing the most influential risk factors to secure HWAs and encourage them to develop revamped or novel methods.

show abstract

Evaluation of a Cyber Risk Assessment Approach for Cyber-Physical Systems: Maritime and Energy Use Cases

Cited by 2 publications

References 15 publications

Cybersecurity risk assessment of VDR

Cybersecurity risk assessment of VDR

Fuzzy-Based Unified Decision-Making Technique to Evaluate Security Risks: A Healthcare Perspective

Contact Info

Product

Resources

About