The vast majority of worldwide goods exchanges are made by sea. In some parts of the world, the concurrence for dominance at sea is very high and definitely seen as a main military goal. Meanwhile, new generation ships highly rely on information systems for communication, navigation and platform management. This ever-spreading attack surface and permanent satellite links have grown a concern about the potential impact of cyberattacks on a ship at sea or on naval shore infrastructures. Therefore, on top of the usual cyberprotection measures taken for safety reasons, it is essential to implement an ongoing cyber monitoring of ships in order to detect, react accordingly, and stop any incoming threat.In this paper, we explain the specific constraints when trying to assess the cyber situation awareness of maritime information systems. As we will demonstrate, those systems combine physical and logical constraints which complexify their cyber monitoring process and architecture. Gathering valuable data while having a limited and controlled impact on the satellite bandwidth, maintaining a high level of integrity on remote systems in production are, for instance, thriving challenges for both civilian and military ships. We have designed and set up a research platform which fulfils those specifications to streamline the cyber monitoring process. We will then describe the architecture used to detect cyber-threats and collect potential Indices of Compromise from naval systems, as well as the results we have currently achieved.
With over 80% of goods transportation in volume carried by sea, ports are key infrastructures within the logistics value chain. To address the challenges of the globalized and competitive economy, ports are digitizing at a fast pace, evolving into smart ports. Consequently, the cyber-resilience of ports is essential to prevent possible disruptions to the economic supply chain. Over the last few years, there has been a significant increase in the number of disclosed cyber-attacks on ports. In this paper, we present the capabilities of a high-end hybrid cyber range for port cyber risks awareness and training. By describing a specific port use-case and the first results achieved, we draw perspectives for the use of cyber ranges for the training of port actors in cyber crisis management.
To ensure a ship's fully operational status in a wide spectrum of missions, as passenger transportation, international trade, and military activities, numerous interdependent systems are essential. Despite the potential critical consequences of misunderstanding or ignoring those interdependencies, there are very few documented approaches to enable their identification, representation, analysis, and use. From the cybersecurity point of view, if an anomaly occurs on one of the interdependent systems, it could eventually impact the whole ship, jeopardizing its mission success. This paper presents a proposal to identify the main dependencies of layers within and between generic ship's functional blocks. An analysis of one of these layers, the platform systems, is developed to examine a naval cyber-physical system (CPS), the water management for passenger use, and its associated dependencies, from an intrinsic perspective. This analysis generates a three layers graph, on which dependencies are represented as oriented edges. Each abstraction level of the graph represents the physical, digital, and system variables of the examined CPS. The obtained result confirms the interest of graphs for dependencies representation and analysis. It is an operational depiction of the different systems interdependencies, on which can rely a cybersecurity evaluation, like anomaly detection and propagation assessment.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.