Match!

Cyber-Risk Assessment for Autonomous Ships

Published on Jun 1, 2018
· DOI :10.1109/cybersecpods.2018.8560690
Kimberly Tam4
Estimated H-index: 4
(Plymouth University),
Kevin D. Jones6
Estimated H-index: 6
(Plymouth University)
Abstract
As a $183.3 Billion industry controlling 90 % of all world trade, the shipping community is continuously looking for methods to increase profits while still considering human and environmental safety. As a result of developing technologies and policy that make autonomy a feasible solution, at least three separate organizations are aiming to produce and sail their first autonomous ships by 2020. Thus it is essential to begin assessing their cyber-risk profiles in order to rank and mitigate any vulnerabilities. As existing risk models for physical ship safety and autonomous cars do not adequately represent the unique nature of cyber-threats for autonomous vessels within the maritime sector, this article applies a model-based risk assessment framework named MaCRA which had previous only been used to model existing ships, not those of the near-future.
  • References (14)
  • Citations (4)
📖 Papers frequently viewed together
2016
2 Citations
2016ARES: Availability, Reliability and Security
5 Citations
2 Citations
78% of Scinapse members use related papers. After signing in, all features are FREE.
References14
Newest
#1Kimberly Tam (Plymouth University)H-Index: 4
#2Kevin D. Jones (Plymouth University)H-Index: 6
In the current economy, roughly 90% of all world trade is transported by the shipping industry, which is now accelerating its technological growth. While the demand on mariners, ship owners, and the encompassing maritime community for digital advances (particularly towards digitization and automation) has led to efficient shipping operations, maritime cyber-security is a pertinent issue of equal importance. As hackers are becoming increasingly aware of cyber-vulnerabilities within the maritime s...
4 CitationsSource
#1Andrei CostinH-Index: 7
Video surveillance, closed-circuit TV and IP-camera systems became virtually omnipresent and indispensable for many organizations, businesses, and users. Their main purpose is to provide physical security, increase safety, and prevent crime. They also became increasingly complex, comprising many communication means, embedded hardware and non-trivial firmware. However, most research to date focused mainly on the privacy aspects of such systems, and did not fully address their issues related to cy...
14 CitationsSource
#1Jori Nordström (Ministry of Interior (Bahrain))H-Index: 1
#2Floris Goerlandt (Aalto University)H-Index: 22
Last. Sanna SonninenH-Index: 1
view all 8 authors...
Efficient response to maritime incidents and accidents requires good communication processes and situation awareness by all involved parties, in particular between the Search and Rescue (SAR) response operators and the crew of the distressed vessel. In this paper, a method is proposed for enhancing the communication between the involved parties, by focusing on the safety status of the vessel. Borrowing ideas from well-established working methods in especially emergency medicine, the Vessel TRIAG...
14 CitationsSource
#1Desmond Schmidt (QUT: Queensland University of Technology)H-Index: 7
#2Kenneth Radke (QUT: Queensland University of Technology)H-Index: 6
Last. Michał Ren (Adam Mickiewicz University in Poznań)H-Index: 3
view all 5 authors...
Detection and prevention of global navigation satellite system (GNSS) “spoofing” attacks, or the broadcast of false global navigation satellite system services, has recently attracted much research interest. This survey aims to fill three gaps in the literature: first, to assess in detail the exact nature of threat scenarios posed by spoofing against the most commonly cited targets; second, to investigate the many practical impediments, often underplayed, to carrying out GNSS spoofing attacks in...
29 CitationsSource
#1Floris Goerlandt (Aalto University)H-Index: 22
#2Jakub Montewka (Aalto University)H-Index: 21
Many methods and applications for maritime transportation risk analysis have been presented in the literature. In parallel, there is a recent focus on foundational issues in risk analysis, with calls for intensified research on fundamental concepts and principles underlying the scientific field. This paper presents a review and analysis of risk definitions, perspectives and scientific approaches to risk analysis found in the maritime transportation application area, focusing on applications addr...
92 CitationsSource
#1Don SnyderH-Index: 5
#2James D. PowersH-Index: 1
Last. Michael H PowellH-Index: 1
view all 6 authors...
Abstract : The governance structure for cybersecurity defined by the laws and policies at the federal, DoD, and Air Force levels is voluminous and complicated. Even summarizing this body of oversight would require a document of considerable length. We do not attempt a comprehensive review, but instead describe this governance structure in light of the principal issues raised in Chapter One. We first highlight key facets of legislation and federal and DoD policy, including some relevant history, ...
7 Citations
#1Mordechai Guri (BGU: Ben-Gurion University of the Negev)H-Index: 13
#2Gabi Kedma (BGU: Ben-Gurion University of the Negev)H-Index: 6
Last. Yuval Elovici (BGU: Ben-Gurion University of the Negev)H-Index: 39
view all 4 authors...
Information is the most critical asset of modern organizations, and accordingly coveted by adversaries. When highly sensitive data is involved, an organization may resort to air-gap isolation, in which there is no networking connection between the inner network and the external world. While infiltrating an air-gapped network has been proven feasible in recent years (e.g., Stuxnet), data exfiltration from an air-gapped network is still considered to be one of the most challenging phases of an adv...
52 CitationsSource
#1Jakub Montewka (Aalto University)H-Index: 21
#2Sören Ehlers (NTNU: Norwegian University of Science and Technology)H-Index: 2
Last. Pentti Kujala (Aalto University)H-Index: 27
view all 6 authors...
Abstract Maritime accidents involving ships carrying passengers may pose a high risk with respect to human casualties. For effective risk mitigation, an insight into the process of risk escalation is needed. This requires a proactive approach when it comes to risk modelling for maritime transportation systems. Most of the existing models are based on historical data on maritime accidents, and thus they can be considered reactive instead of proactive. This paper introduces a systematic, transfera...
100 CitationsSource
#1Christian Berger (Chalmers University of Technology)H-Index: 15
#2Bernhard RumpeH-Index: 39
In November 2007 the international competition DARPA Urban Challenge took place on the former George Airforce Base in Victorville, California to significantly promote the research and development on autonomously driving vehicles for urban environments. In the final race only eleven out of initially 89 competitors participated and “Boss” from Carnegie Mellon University succeeded. This paper summarizes results of the research carried out by all finalists within the last five years after the compet...
54 Citations
#1Kevin D. Jones (PSU: Plymouth State University)H-Index: 6
#2Kimberly TamH-Index: 4
Last. Maria Papadaki (PSU: Plymouth State University)H-Index: 15
view all 3 authors...
In an increasingly connected and technologically dependent world, new areas of vulnerability are emerging. This article explores the unique challenges of maritime cyber security in order to better understand the issues with securing vessels at sea, together with the shore based infrastructure supporting this industry. In particular, this article explores the cyber-attacks possible on maritime-related systems for navigation, propulsion, and cargo-related functions. The authors illustrate the pote...
6 CitationsSource
Cited By4
Newest
Source
#1Georgios Kavallieratos (NTNU: Norwegian University of Science and Technology)H-Index: 1
#2Σωκράτης Κ. Κατσικάς (NTNU: Norwegian University of Science and Technology)H-Index: 20
Last. Vasileios Gkioulos (NTNU: Norwegian University of Science and Technology)H-Index: 4
view all 3 authors...
Cyber-physical systems are being increasingly employed in everyday applications, including critical ones. This integration of operational technology systems, originally designed to operate in physical isolation -hence with no or little cyber security defences- with information technology systems, by default meant to be networked, dramatically increases the cyber-attack surface of the resulting composite systems. Thus, the assessment of the security posture of cyber-physical systems, as well as t...
Source
#1Kimberly Tam (Plymouth University)H-Index: 4
#2Kevin D. Jones (Plymouth University)H-Index: 6
Forensic investigation is an essential response strategy following a cyber-related incident, and forensic readiness is the capability to gather critical digital information and maximize its use as evidence. The effectiveness of this data is highly dependent on the readiness, quality, and trustworthiness of the data itself. Far from a passive post-analysis tool, there have been many instances where an organization has benefited from gathering, and using, digital evidence to improve their cyber-se...
Source
#1Kimberly TamH-Index: 4
#2Kevin D. JonesH-Index: 6
To ensure the safety of ships and ports, groups and individuals, at all levels of the maritime sector, use analysis to identify potential hazards and their outcomes. One of the most relied upon methods is using a risk assessment tool to define and prioritise threats. A disadvantage of most existing assessment frameworks, however, is their inability to update risks dynamically as factors, such as the environment, change. In the maritime sector, a range of dynamic factors is needed to measure risk...
Source
#1Kimberly Tam (Plymouth University)H-Index: 4
#2Kevin D. Jones (Plymouth University)H-Index: 6
In the current economy, roughly 90% of all world trade is transported by the shipping industry, which is now accelerating its technological growth. While the demand on mariners, ship owners, and the encompassing maritime community for digital advances (particularly towards digitization and automation) has led to efficient shipping operations, maritime cyber-security is a pertinent issue of equal importance. As hackers are becoming increasingly aware of cyber-vulnerabilities within the maritime s...
4 CitationsSource
#1Olivier Jacq (École Navale)H-Index: 1
#2Xavier Boudvin (École Navale)H-Index: 1
Last. Jacques Simonin (École Navale)
view all 5 authors...
The vast majority of worldwide goods exchanges are made by sea. In some parts of the world, the concurrence for dominance at sea is very high and definitely seen as a main military goal. Meanwhile, new generation ships highly rely on information systems for communication, navigation and platform management. This ever-spreading attack surface and permanent satellite links have grown a concern about the potential impact of cyberattacks on a ship at sea or on naval shore infrastructures. Therefore,...
Source
#1Georgios Kavallieratos (NTNU: Norwegian University of Science and Technology)H-Index: 1
#2Σωκράτης Κ. Κατσικάς (NTNU: Norwegian University of Science and Technology)H-Index: 20
Last. Vasileios Gkioulos (NTNU: Norwegian University of Science and Technology)H-Index: 4
view all 3 authors...
Autonomous ships transferring valuable cargoes and humans in a more efficient and cost effective manner will soon be state of the art technology. Yet, their ICT system architecture and operations have not been defined in full detail. Moreover, multiple cyber security issues remain open and should be addressed. No study to date has analyzed fully the architecture of the autonomous ship, even less so have potential cyber threats and cyber attacks been identified. In this paper we identify and cate...
2 CitationsSource