Vessels Cybersecurity: Issues, Challenges, and the Road Ahead

Caprolu, Maurantonio; Pietro, Roberto Di; Raponi, Simone; Sciancalepore, Savio; Tedeschi, Pietro

doi:10.1109/mcom.001.1900632

Cited by 62 publications

(30 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our review of the protocol further identified that NMEA 2000 is vulnerable to spoofing attacks [31], where the Parameter Group Number (PGN) used to identify the sending node is copied and used by a malicious device. This imposes an added problem because in NMEA 2000, the PGN is also used to indicate the priority of the message.…”

Section: Spoofingmentioning

confidence: 99%

Marine Network Protocols and Security Risks

Tran¹,

Keene²,

Fretheim³

et al. 2021

JCP

View full text Add to dashboard Cite

Marine network protocols are domain-specific network protocols that aim to incorporate particular features within the specialized marine context that devices are implemented in. Devices implemented in such vessels involve critical equipment; however, limited research exists for marine network protocol security. In this paper, we provide an analysis of several marine network protocols used in today’s vessels and provide a classification of attack risks. Several protocols involve known security limitations, such as Automated Identification System (AIS) and National Marine Electronic Association (NMEA) 0183, while newer protocols, such as OneNet provide more security hardiness. We further identify several challenges and opportunities for future implementations of such protocols.

show abstract

Section: Spoofingmentioning

confidence: 99%

Marine Network Protocols and Security Risks

Tran¹,

Keene²,

Fretheim³

et al. 2021

JCP

View full text Add to dashboard Cite

show abstract

“…The AIS transceivers consist of a VHF transmitter, two VHF Time Division Multiple Access (TDMA) receivers, a VHF Digital Selective Calling (DSC) receiver, a positioning module (GNSS) and other sensors connected via standard marine electronic communication links (Caprolu et al, 2020). From a technical point of view, the AIS transmits and receives standardised messages on two dedicated VHF channels 87B and 88B (AIS 1 and AIS 2) using the self-organised TDMA protocol (SOTDMA), where the unit of time (one minute) is divided into time slots of equal length of 26.7 ms, allowing a nominal AIS capability of 2,250 messages per minute and per one dedicated AIS channel (IALA, 2016).…”

Section: Vulnerabilities Of Aismentioning

confidence: 99%

“…Vulnerabilities of AIS arise primarily from its technical performance as AIS is an open broadcasting system with no security features. The data sent by the transponders are not encrypted and do not have authentication, integrity checking, and confidentiality features (Goudossis & Katsikas, 2018;Caprolu et al, 2020). Therefore, there are risks for malicious transmissions and data manipulations (IALA, 2016).…”

Section: Strengths Weaknessesmentioning

confidence: 99%

Impact of Spoofing of Navigation Systems on Maritime Situational Awareness

Androjna¹,

Perkovič

2021

Trans. Marit. Sci.

View full text Add to dashboard Cite

The development of contemporary navigation and positioning systems have significantly improved reliability and speeds in maritime navigation. At the same time, the vulnerabilities of these systems to cyber threats represent a remarkable issue to the safety of navigation. Therefore, the maritime community has raised the question of cybersecurity of navigation systems in recent years. This paper aims to analyse the vulnerabilities of the Global Navigation Satellite System (GNSS), Electronic Chart Display Information System (ECDIS) and Automatic Identification System (AIS). The concepts of these systems were developed at a time when cybersecurity issues have not been among the top priorities. Open broadcasts, the absence of or limited existence of data encryption and authentication can be considered as their primary security weaknesses. Therefore, these systems are vulnerable to cyber-attacks. The GPS as the data source of a ship’s position can relatively easily be jammed and/or spoofed, increasing the vulnerabilities of ECDIS and AIS. A systematic literature review was conducted for this article, supplemented by a SWOT analysis of the AIS service and particular case studies of recent cyber-attacks on these systems. The analysis of selected case studies confirmed that these systems could easily be spoofed and become a subject of data manipulation with significant consequences for the safety of navigation. The paper provides conclusions and recommendations highlighting the necessity for the users to be aware of the vulnerabilities of modern navigation systems.

show abstract

“…For instance, Inmarsat [23] is a provider of SATCOM services that adopt GEO satellites to provide telephone and data services to users worldwide. Companies like SpaceX [24] and Iridium [25], [26] are planning to launch in orbit thousands of LEO satellites to provide low latency, broadband internet systems, voice, and data services anywhere on Earth.…”

Section: A Satellite Constellationsmentioning

confidence: 99%

Satellite-Based Communications Security: A Survey of Threats, Solutions, and Research Challenges

Tedeschi¹,

Sciancalepore²,

Pietro³

2021

Preprint

Self Cite

View full text Add to dashboard Cite

Satellite-based Communication (SATCOM) systems are gaining renewed momentum in Industry and Academia, thanks to innovative services introduced by leading tech companies and the promising impact they can deliver towards the global connectivity objective tackled by early 6G initiatives. On the one hand, the emergence of new manufacturing processes and radio technologies promises to reduce service costs while guaranteeing outstanding communication latency, available bandwidth, flexibility, and coverage range. On the other hand, cybersecurity techniques and solutions applied in SATCOM links should be updated to reflect the enormous advancements in attacker capabilities characterizing the last two decades. However, business urgency and opportunities are leading operators towards challenging system trade-offs, leading to an increased attack surface and a general relaxation of the available security services.This paper tackles the cited problems and presents a comprehensive survey on the security threats, solutions, and challenges faced when deploying and operating SATCOM systems. Specifically, we classify the literature on security for SATCOM systems into two main branches, i.e., physical-layer security and cryptography schemes. Then, we further identify specific research domains for each of the identified branches, focusing on dedicated security issues, including, e.g., physical-layer confidentiality, antijamming schemes, anti-spoofing strategies, and quantum-based key distribution schemes. For each of the above domains, we highlight the most essential techniques, peculiarities, advantages, disadvantages, lessons learned, and future directions. Finally, we also identify emerging research topics whose additional investigation by Academia and Industry could further attract researchers and investors, ultimately unleashing the potential behind ubiquitous satellite communications.

show abstract

Vessels Cybersecurity: Issues, Challenges, and the Road Ahead

Cited by 62 publications

References 10 publications

Marine Network Protocols and Security Risks

Marine Network Protocols and Security Risks

Impact of Spoofing of Navigation Systems on Maritime Situational Awareness

Satellite-Based Communications Security: A Survey of Threats, Solutions, and Research Challenges

Contact Info

Product

Resources

About