Integral Approach to Vulnerability Assessment of Ship’s Critical Equipment and Systems

IF 0.8 Q3 ENGINEERING, MARINE

Transactions on Maritime Science-ToMS Pub Date : 2023-04-20 DOI:10.7225/toms.v12.n01.002

O. Melnyk, S. Onyshchenko, O.А. Onishchenko, O.V. Lohinov, Valentyna Ocheretna

{"title":"Integral Approach to Vulnerability Assessment of Ship’s Critical Equipment and Systems","authors":"O. Melnyk, S. Onyshchenko, O.А. Onishchenko, O.V. Lohinov, Valentyna Ocheretna","doi":"10.7225/toms.v12.n01.002","DOIUrl":null,"url":null,"abstract":"The digital transformation of the maritime industry is almost a fait accompli. Merchant ships today use computing and cyber-dependent technologies for navigation, communications, cargo operations, environmental monitoring, and many other purposes. Nowadays, entire industries and businesses are becoming increasingly dependent on data arrays, and the maritime sector is fully experiencing this transformation. A modern commercial ship is unthinkable without digital technology, and the reasons for the deep digitalization of the fleet are numerous. Emergency systems such as safety monitoring, fire detection and alarms are increasingly reliant on cyber technology. Therefore, cybersecurity is a critical component of ship and shipping safety, and cyber-attacks on maritime transport are a very likely problem. These risks will only increase with the further development of information technology. This article proposes approaches to identifying cyber threats as well as a probabilistic assessment of ship cybersecurity, which is based on an integral approach to assessing the vulnerability of shipboard critical equipment and systems. Estimated probabilities of target and non-target cybersecurity breaches of the ship, as well as their overall probability, which allows considering all chains of events leading to a certain consequence associated with potential losses. The model of probability assessment of ship cybersecurity violation and its consequences, which allows evaluation of possible losses as a result of these events, is presented and mathematically described.","PeriodicalId":42576,"journal":{"name":"Transactions on Maritime Science-ToMS","volume":"4 9 1","pages":""},"PeriodicalIF":0.8000,"publicationDate":"2023-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Transactions on Maritime Science-ToMS","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.7225/toms.v12.n01.002","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENGINEERING, MARINE","Score":null,"Total":0}

引用次数: 3

Abstract

The digital transformation of the maritime industry is almost a fait accompli. Merchant ships today use computing and cyber-dependent technologies for navigation, communications, cargo operations, environmental monitoring, and many other purposes. Nowadays, entire industries and businesses are becoming increasingly dependent on data arrays, and the maritime sector is fully experiencing this transformation. A modern commercial ship is unthinkable without digital technology, and the reasons for the deep digitalization of the fleet are numerous. Emergency systems such as safety monitoring, fire detection and alarms are increasingly reliant on cyber technology. Therefore, cybersecurity is a critical component of ship and shipping safety, and cyber-attacks on maritime transport are a very likely problem. These risks will only increase with the further development of information technology. This article proposes approaches to identifying cyber threats as well as a probabilistic assessment of ship cybersecurity, which is based on an integral approach to assessing the vulnerability of shipboard critical equipment and systems. Estimated probabilities of target and non-target cybersecurity breaches of the ship, as well as their overall probability, which allows considering all chains of events leading to a certain consequence associated with potential losses. The model of probability assessment of ship cybersecurity violation and its consequences, which allows evaluation of possible losses as a result of these events, is presented and mathematically described.

查看原文本刊更多论文

船舶关键设备和系统脆弱性综合评估方法

海运业的数字化转型几乎是一个既成事实。今天的商船使用计算机和网络技术进行导航、通信、货物操作、环境监测和许多其他目的。如今，整个行业和企业越来越依赖于数据阵列，海事部门正在充分经历这种转变。没有数字技术，现代商船是不可想象的，舰队深度数字化的原因是多方面的。安全监控、火灾探测和警报等应急系统越来越依赖于网络技术。因此，网络安全是船舶和航运安全的重要组成部分，海上运输的网络攻击是一个很可能出现的问题。这些风险只会随着信息技术的进一步发展而增加。本文提出了识别网络威胁的方法以及基于评估船上关键设备和系统脆弱性的综合方法的船舶网络安全概率评估。船舶目标和非目标网络安全漏洞的估计概率，以及它们的总体概率，这允许考虑所有事件链，导致与潜在损失相关的某种后果。提出了船舶网络安全违规及其后果的概率评估模型，该模型允许评估这些事件造成的可能损失，并进行了数学描述。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Transactions on Maritime Science-ToMS ENGINEERING, MARINE-

CiteScore

1.50

自引率

12.50%

发文量

期刊介绍： ToMS is a scientific journal with international peer review which publishes papers in the following areas: ~ Marine Engineering, ~ Navigation, ~ Safety Systems, ~ Marine Ecology, ~ Marine Fisheries, ~ Hydrography, ~ Marine Automation and Electronics, ~ Transportation and Modes of Transport, ~ Marine Information Systems, ~ Maritime Law, ~ Management of Marine Systems, ~ Marine Finance, ~ Bleeding-Edge Technologies, ~ Multimodal Transport, ~ Psycho-social and Legal Aspects of Long-term Working Aboard. The journal is published in English as an open access journal, and as a classic paper journal (in limited editions). ToMS aims to present best maritime research from South East Europe, particularly the Mediterranean area. Articles will be double-blind reviewed by three reviewers. With the intention of providing an international perspective at least one of the reviewers will be from abroad. ToMS also promotes scientific collaboration with students and has a section titled Students’ ToMS. These papers also undergo strict peer reviews. Furthermore, the Journal publishes short reviews on significant papers, books and workshops in the fields of maritime science.