Naslov
Assessing ship cyber risks: a framework and case study of ECDIS security

Autori
Sviličić, Boris ; Kamahara, Junzo ; Ćelić, Jasmin ; Bolmsten, Johan

Izvornik
WMU journal of maritime affairs (1651-436X) 18 (2019), 3; 509-520

Vrsta, podvrsta i kategorija rada
Radovi u časopisima, članak, znanstveni

Ključne riječi
maritime cyber risk management ; ship security assessment ; ship cyber critical systems ; cyber risk assessment ; assessment framework ; cyber security testing

Sažetak
The growing reliance of the shipping industry on information and communication technologies places a high premium on cyber risk management. The International Mar- itime Organization has imposed improvement of the approved safety management system of ships by incorporating the cyber risk management no later than the first annual verification of a shipping company’s document of compliance following 1 January 2021. In this paper, we present a framework for assessing cyber risks that affect safe operation of ships. The framework relies on an on-board survey to identify existing safeguards, cyber security testing to detect vulnerabilities and threats, and determination of the cyber risk level. The cyber security testing of the ship’s critical systems and assets, as the specific part of the framework, is introduced and studied. The cyber security testing method is based on computational vulnerability scanning and penetration testing tech- niques, which is aligned with the upcoming maritime standard IEC 63154. For a case study, the testing of a shipboard Electronic Chart Display and Information System cyber security was performed using an industry vulnerability scanning tool.

Izvorni jezik
Engleski

Znanstvena područja
Elektrotehnika, Tehnologija prometa i transport

POVEZANOST RADA