Published November 5, 2019 | Version v1
Conference paper Open

Cyber-SHIP: Developing Next Generation Maritime Cyber Research Capabilities

  • 1. University of Plymouth, Plymouth, UK

Description

As a growing global threat, cyber-attacks can cost millions of dollars or endanger national stability and human lives. While relatively well understood in most sectors, it is becoming clear that, although the maritime sector is becoming more digitally advanced (e.g., autonomy), it is not well protected against cyber or cyber-physical attacks and accidents. To help improve sector-wide safety and resiliency, the University of Plymouth (UoP) is creating a specialised maritime-cyber lab, which combines maritime technology and traditional cyber-security labs. This is in response to the lack of research and mitigation capabilities and will create a new resource capability for academia, government, and industry research into maritime cybersecurity risks and threats. These lab capabilities will also enhance existing maritime-cyber capabilities across the world, including risk assessment frameworks, cybersecurity ranges/labs, ship simulators, mariner training programmes, autonomous ships, etc. The goal of this paper is to explain the need for next generation maritime-cyber research capabilities, and demonstrate how something like the proposed Cyber-SHIP Lab (Hardware, Software, Information and Protections) will help industry, government, and academia understand and mitigate cyber threats in the maritime sector. The authors believe a next generation cyber-secure lab should host a range of real, non-simulated, maritime systems. With multiple configurations to mirror existing bridge system set-ups, the technology can be studied for individual system weakness as well as the system-of-systems vulnerabilities. Such as lab would support a range of research that cannot be achieved with simulators alone and help support the next generation of cyber-secure marine systems.

Files

Paper 5 - Cyber-SHIP Developing Next Generation Maritime Cyber Research Capabilities.pdf

Additional details

References

  • Allianz, 2019. Safety & Shipping Review, London. Allianz
  • Arkin B, Stender S, McGraw G. 2005. Software penetration testing. New York. IEEE Security & Privacy.
  • Baldauf M, Procee S. 2014. Augmented REality in Ships Bridge Operation. London, Human Factors.
  • BIMCO, 2016. The Guidelines on Cyber Security onboard Ships Version 2.0. London. UNITED KINGDOM International Chamber of Shipping, INTERTANKO, BIMCO,CLIA, and INTERCARGO.
  • C4ADS, 2019. Above us only Stars: Exposing GPS Spoofing in Russia and Syria. Washingon DC USA. Center for Advanced Defense Studies.
  • Calder A, Watkins S. 2010. Information Security Risk Management for ISO27001/ISO27002. 1st edition. Cambridgeshire. IT Governance Publishing.
  • Cankar M, Stanovik S. 2018. Maritime IoT Solutions in Fog and Cloud. New York. IEEE/ACM International Conference on Utility and Cloud Computing Companion.
  • Choo K. 2011. The cyber threat landscape: Challenges and future research directions. Computers & Security.
  • Climpanu C. 2019. Report deems Russia a pioneer in GPS spoofing attacks. [Online] Available at: www.zdnet.com/ Davis J, Magrath S. 2013. A Survey of Cyber Ranges and Testbeds. Australia. Cyber Electronic Warfare Division
  • Davis J, Magrath S. 2013. A Survey of Cyber Ranges and Testbeds. Australia. Cyber Electronic Warfare Division
  • ENSIA. 2011. Cyber Security Aspects in the Maritime Sector. St. Paul: www.enisa.europa.eu/publications/cyber-security-aspects-in-the-maritime-sector-1.
  • Frydenberg S, Nordby K, Eikenes JO. 2018. Exploring designs of augmented reality systems for ship bridges in artic wters. London. Human Factors.
  • Griffin J. 2002. Timing-accurate Storage Emulation. Louis USENIX File and Storage Technologies.
  • Ha S. 2018. A Novel Solution for NB-IoT Cell Coverage Expansion. New York. Global IoT Summit.
  • ICS. 2018. Shipping and world trade. London. ICS
  • IMO. 2003. Code of practice on security in ports. London.
  • IMO. 2018. International Maritime Organisation. [Online]
  • Lewis J. 2002. Assessing the Risks of Cyber Terrorism, Cyber War and Other Cyber Threats. DC. CSIS.
  • Maersk. 2017. A. P. Moller Maersk improves underlying profit and grows revenue in first half of the year. [Online] Available at: https://edit.maersk.com/.
  • Man Y, Lundh M, MacKinnon S. 2018. Manicaging unruly technologies in the engine control room: from problem patching to an architectural thinking and standardization. s.l.: WMU Journal of Maritime Affairs.
  • Moorthy K, Vincent C, Darzi A. 2005. Simulation based training Is being extended from training individuals to teams. BMJ (Clinical research ed.) vol. 330,7490 (2005): 493-4. doi:10.1136/bmj.330.7490.493.
  • Pizzo S. 2018. IoT for Buoy Monitoring System. IEEE International Workshop on Metrology for the Sea. Learning to Measure Sea Health Parameters (MetroSea).
  • Rajamanickam V. 2018. COSCO's cyber attack and the importance of maritime cybersecurity. Available at: www.freightwaves.com/news/technology/.
  • Salman AKMDW. 2013. The Maritime Commons: Digital Repository of the World Maritime University. World Maritime University Dissertations.
  • Tam K, Jones K. 2018. Cyber-Risk Assessment for Autonomous Ships. New York. IEEE C-MRIC Cyber SA.
  • Tam K, Jones K. 2019a. Forensic Readiness within the Maritime Sector. New York. IEEE C-MRIC Cyber SA.
  • Tam K, Jones K. 2019b. MaCRA: A Model-Based Framework for Maritime Cyber-Risk Assessment. New York. WMU Maritime Affairs.
  • Tam K, Jones K. 2019c. Review of Cyber-security in emerging technology. International Conference of Maritime Science & Technology [accepted].
  • Tao, F. 2018. Digital twin-driven product design framework. Journal of Production Research.
  • Zolich, A. 2019. Survey on Communication and Networks for Autonomous Marine Systems. New York. Journal of Intelligent & Robotic Systems.