Author:
Svilicic Boris,Kamahara Junzo,Rooks Matthew,Yano Yoshiji
Abstract
The maritime transport industry is increasingly reliant on computing and communication technologies, and the need for cyber risk management of critical systems and assets on vessels is becoming critically important. In this paper, a comprehensive cyber risk assessment of a ship is presented. An experimental process consisting of assessment preparation activities, assessment conduct and results communication has been developed. The assessment conduct relies on a survey developed and performed by interviewing a ship's crew. Computational vulnerability scanning of the ship's Electronic Chart Display and Information System (ECDIS) is introduced as a specific part of this cyber security assessment. The assessment process presented has been experimentally tested by evaluating the cyber security level of Kobe University's training ship Fukae-maru. For computational vulnerability scanning, an industry-leading software tool has been used, and a quantitative cyber risk analysis has been conducted to evaluate cyber risks on the ship.
Publisher
Cambridge University Press (CUP)
Subject
Ocean Engineering,Oceanography
Reference20 articles.
1. A security evaluation of AIS automated identification system
2. Consistency in the development of performance assessment methods in the maritime domain
3. International Maritime Organization (IMO). (2013). International Ship and Port Facility Security (ISPS) Code. SOLAS/CONF.5/34. International Maritime Organization.
4. Trojan horse risks in the maritime transportation systems sector;Shapiro;Journal of Transportation Security,2018
5. Cyber-attack path discovery in a dynamic supply chain maritime risk management system
Cited by
42 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献