2020
DOI: 10.1007/s12198-020-00222-2
|View full text |Cite
|
Sign up to set email alerts
|

Paperless ship navigation: cyber security weaknesses

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
5
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
4
3

Relationship

0
7

Authors

Journals

citations
Cited by 14 publications
(5 citation statements)
references
References 15 publications
0
5
0
Order By: Relevance
“…However, in this study, the tasks related with ECDIS are determined by referencing the guide of operational handbook for ECDIS (Weintrit, 2009), and OCIMF's guide related to the recommendations on usage of ECDIS and preventing incidents (OCIMF, 2020). Then, these determined ECDIS tasks are integrated with the cybersecurity by referencing ECDIS cyber incidents (Svilicic et al, 2019a(Svilicic et al, , 2019d(Svilicic et al, , 2020Karahalios, 2020;Kristic et al, 2021;Tam et al, 2022), various recommended international IT and OT cybersecurity standards for maritime such as International Organization for Standardization (ISO), IEC standards and NIST framework (ISO/IEC, 2010; BSI, 2011BSI, , 2017BSI, , 2018BSI, , 2021Cichonski et al, 2012), and other codes of cybersecurity for ships (ICS and other organizations, 2016;Boyes and Isbell, 2017;IACS, 2020). Moreover, the developed final ECDIS tasks integrated with cybersecurity are checked by referencing a safety management manual of a shipping company, which is required by the IMO Maritime Safety Committee (MSC) according to the Resolution MSC.428(98) 'Maritime Cyber Risk Management in Safety Management Systems' (IMO, 2017a).…”
Section: Tasks Identificationmentioning
confidence: 99%
See 1 more Smart Citation
“…However, in this study, the tasks related with ECDIS are determined by referencing the guide of operational handbook for ECDIS (Weintrit, 2009), and OCIMF's guide related to the recommendations on usage of ECDIS and preventing incidents (OCIMF, 2020). Then, these determined ECDIS tasks are integrated with the cybersecurity by referencing ECDIS cyber incidents (Svilicic et al, 2019a(Svilicic et al, , 2019d(Svilicic et al, , 2020Karahalios, 2020;Kristic et al, 2021;Tam et al, 2022), various recommended international IT and OT cybersecurity standards for maritime such as International Organization for Standardization (ISO), IEC standards and NIST framework (ISO/IEC, 2010; BSI, 2011BSI, , 2017BSI, , 2018BSI, , 2021Cichonski et al, 2012), and other codes of cybersecurity for ships (ICS and other organizations, 2016;Boyes and Isbell, 2017;IACS, 2020). Moreover, the developed final ECDIS tasks integrated with cybersecurity are checked by referencing a safety management manual of a shipping company, which is required by the IMO Maritime Safety Committee (MSC) according to the Resolution MSC.428(98) 'Maritime Cyber Risk Management in Safety Management Systems' (IMO, 2017a).…”
Section: Tasks Identificationmentioning
confidence: 99%
“…Although there are apparent benefits, as mentioned, with the integration of several operational navigation equipment with ECDIS, the risk of cyber-attacks on the ECDIS system or its integrated items emerges. Because ECDIS and its typical back arrangement have high-level connectivity and digitalisation, they are an excellent environment for cyber-security threats associated with the distribution of malicious code (Svilicic et al, 2020). For this reason, cyber-attacks aimed directly at ECDIS or its integrated items should be considered as a critical issue to ensure safety of life, property and environment (Kristic et al, 2021).…”
Section: Introductionmentioning
confidence: 99%
“…It did so through different means than Denmark. The legal implementation is done through the Network and Information Systems Regulations 2018 43 which designates competent authorities as those that can enforce the rules, and defines which types of penalties that are supposed to encourage compliance. Furthermore, the UK implemented a series of thorough guidance and systems, such as the Cyber Assessment Framework.…”
Section: United Kingdommentioning
confidence: 99%
“…As of the time of writing, there are measures in place to mitigate current attacks, ships can be sailed without any of these systems. But in the future, this may not be the case, and the entire infrastructure of the whole world may be at risk from Supply Chain Attacks [43], and past incidents further support this [30].…”
Section: Regulating Adversarial Supply Chain Attacks In the Futurementioning
confidence: 99%
“…In [ 23 ], the authors examine cybersecurity weaknesses in paperless ships that depend on two internetworked ECDIS workstations operated in a backup arrangement. As in [ 13 , 21 , 22 ] their method employs cyber security tests using a vulnerability scanning tool.…”
Section: Related Workmentioning
confidence: 99%