Marine Network Protocols and Security Risks

Tran, Ky; Keene, Sid; Fretheim, Erik; Tsikerdekis, Michail

doi:10.3390/jcp1020013

Cited by 17 publications

(14 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…NMEA 0183 is a standard which supports one-way serial data transmission from a single talker to multiple listeners (NMEA, 2021). Tran et al (2021) stated that NMEA 0183 does not include any encryption, authentication or validation. Therefore, data are transmitted to VDRs (e.g.…”

Section: Identification Of Cyber Vulnerabilities and Cyber-attacks Fo...mentioning

confidence: 99%

Cybersecurity risk assessment of VDR

et al. 2023

View full text Add to dashboard Cite

The voyage data recorder (VDR) is a data recording system that aims to provide all navigational, positional, communicational, sensor, control and command information for data-driven investigation of accidents onboard ships. Due to the increasing dependence on interconnected networks, cybersecurity threats are one of the most severe issues and critical problems when it comes to safeguarding sensitive information and assets. Cybersecurity issues are extremely important for the VDR, considering that modern VDRs may have internet connections for data transfer, network links to the ship's critical systems and the capacity to record potentially sensitive data. Thus, this research adopted failure modes and effects analysis (FMEA) to perform a cybersecurity risk assessment of a VDR in order to identify cyber vulnerabilities and specific cyberattacks that might be launched against the VDR. The findings of the study indicate certain cyberattacks (false information, command injection, viruses) as well as specific VDR components (data acquisition unit (DAU), remote access, playback software) that required special attention. Accordingly, preventative and control measures to improve VDR cybersecurity have been discussed in detail. This research makes a contribution significantly to the improvement of ship safety management systems, particularly in terms of cybersecurity.

show abstract

Section: Identification Of Cyber Vulnerabilities and Cyber-attacks Fo...mentioning

confidence: 99%

Cybersecurity risk assessment of VDR

et al. 2023

View full text Add to dashboard Cite

show abstract

“…An investigation and quantification of the attack surfaces of ships in 2019 found that the email, NMEA 0183 protocol, ECDIS, AIS, Ship Planning System, Cobham Satcom terminal, and VDR used by crews were the attack surfaces posing the highest risk [8]. In 2021, the risk level of the network protocols NMEA 2000, NMEA 0183, and AIS used in the steering and navigation systems of ships was described to be higher than that of general TCP/IPv6 with respect to attack types such as denial-of-service (DoS) attacks, spoofing attacks, packet sniffing attacks, and relay or man-in-the-middle (MiTM) attacks [9]. In 2021, the Islamic Revolutionary Guard Corps (IRGC) investigated how to sink ships through a cyberattack on the ballast water management system (BWMS) [10].…”

Section: Introductionmentioning

confidence: 99%

Cyberattack Models for Ship Equipment Based on the MITRE ATT&CK Framework

Jo¹,

Choi²,

You³

et al. 2022

Sensors

View full text Add to dashboard Cite

Cybersecurity is important on ships that use information and communication technology. On such ships, the work, control, and sensor systems are connected for steering, navigation, and cargo management inside the hull, and a cyberattack can have physical consequences such as sinking and crashing. Research on ship cybersecurity is a new challenge, and related studies are lacking. Cyberattack models can provide better insight. With this study, we aim to introduce a cyberattack analysis method based on the MITRE ATT&CK framework so that a cyberattack model for ships can be established. In addition, we identify the characteristics of the attack phase by analyzing cases of hacking and vulnerability research for ship systems using tactics, techniques, and procedures, and suggest the minimum measures essential for defense. Using the ship cyberattack model, we aim to identify the characteristics of the systems used for ship navigation, communication, and control; provide an understanding of the threats and vulnerabilities; and suggest mitigation measures through the proposed model. We believe the results of this study could guide future research.

show abstract

“…Figure 95 exemplifies equipment and protocols that may exist on a single marine vessel [TRAN et al, 2021].…”

Section: External Integrationmentioning

confidence: 99%

“…Source: [TRAN et al, 2021] Several considerations must be addressed in order to implement a network for interconnecting marine equipment. As with almost any network protocol, marine network protocols are potentially vulnerable against malicious attacks or unintentional human errors.…”

Section: External Integrationmentioning

confidence: 99%

See 1 more Smart Citation

Maritime navigational assistance by visual augmentation.

Leite¹

View full text Add to dashboard Cite

The incorporation of arising technology in maritime processes and equipment have been historically very important for the development of commercial navigation. Several types of equipment have been developed over the years to assist ship operators with their tasks. Generally, the incorporation of new technologies on maritime equipment are associated with an increase on the amount of information and alerts displayed to the corresponding users. Note that information from new equipment needs to be efficiently presented to avoid the introduction of unnecessary cognitive load. A potentially optimal option for the presentation of combined navigational information is the deployment of augmented-reality systems (AR). In such a system, virtual elements are rendered on top of the navigation scene to assist operators in their perception. In this context, the present work is a preliminary investigation towards the development of an AR system for navigational assistance. Particularly, foundations regarding AR systems are presented and a simple conceptual design for navigational assistance is proposed. Additionally, important components from the proposed conceptual design are exemplified with numerical implementations. Proposed methodologies are validated with experiments from videos of a ship navigating through a channel delimited by nautical buoys. Enhanced scenes combining pertinent virtual elements are shown on top of the navigation scene exemplifying potential assistance applications for this scenario. As there are still many challenges for the development of operational maritime tools with AR methods, the author also expects to contribute with the popularization of AR systems in maritime environments.

show abstract

Marine Network Protocols and Security Risks

Cited by 17 publications

References 27 publications

Cybersecurity risk assessment of VDR

Cybersecurity risk assessment of VDR

Cyberattack Models for Ship Equipment Based on the MITRE ATT&CK Framework

Maritime navigational assistance by visual augmentation.

Contact Info

Product

Resources

About