评估关键实体：港口物联网设备的风险管理

IF 2.7 3区地球科学 Q1 ENGINEERING, MARINE

Journal of Marine Science and Engineering Pub Date : 2024-09-09 DOI:10.3390/jmse12091593

Ioannis Argyriou, Theocharis Tsoutsos

{"title":"评估关键实体：港口物联网设备的风险管理","authors":"Ioannis Argyriou, Theocharis Tsoutsos","doi":"10.3390/jmse12091593","DOIUrl":null,"url":null,"abstract":"Integrating Internet of Things (IoT) devices into port operations has brought substantial improvements in efficiency, automation, and connectivity. However, this technological advancement has also introduced new operational risks, particularly in terms of cybersecurity vulnerabilities and potential disruptions. The primary objective of this scientific article is to comprehensively analyze and identify the primary security threats and vulnerabilities that IoT devices face when deployed in port environments. This includes examining potential risks, such as unauthorized access, cyberattacks, malware, etc., that could disrupt critical port operations and compromise sensitive information. This research aims to assess the critical entities associated with IoT devices in port environments and develop a comprehensive risk-management framework tailored to these settings. It also aims to explore and propose strategic measures and best practices to mitigate these risks. For this research, a risk-management framework grounded in the principles of ORM, which includes risk avoidance, reduction, sharing, and retention strategies, was developed. The primary outcome of this research is the development of a comprehensive risk-management framework specifically tailored for IoT devices in port environments, utilizing Operational Risk-Management (ORM) methodology. This framework will systematically identify and categorize critical vulnerabilities and potential threats for IoT devices. By addressing these objectives, the article seeks to provide actionable insights and guidelines that can be adopted by port authorities and stakeholders to safeguard their IoT infrastructure and maintain operational stability in the face of emerging threats.","PeriodicalId":16168,"journal":{"name":"Journal of Marine Science and Engineering","volume":"5 1","pages":""},"PeriodicalIF":2.7000,"publicationDate":"2024-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Assessing Critical Entities: Risk Management for IoT Devices in Ports\",\"authors\":\"Ioannis Argyriou, Theocharis Tsoutsos\",\"doi\":\"10.3390/jmse12091593\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Integrating Internet of Things (IoT) devices into port operations has brought substantial improvements in efficiency, automation, and connectivity. However, this technological advancement has also introduced new operational risks, particularly in terms of cybersecurity vulnerabilities and potential disruptions. The primary objective of this scientific article is to comprehensively analyze and identify the primary security threats and vulnerabilities that IoT devices face when deployed in port environments. This includes examining potential risks, such as unauthorized access, cyberattacks, malware, etc., that could disrupt critical port operations and compromise sensitive information. This research aims to assess the critical entities associated with IoT devices in port environments and develop a comprehensive risk-management framework tailored to these settings. It also aims to explore and propose strategic measures and best practices to mitigate these risks. For this research, a risk-management framework grounded in the principles of ORM, which includes risk avoidance, reduction, sharing, and retention strategies, was developed. The primary outcome of this research is the development of a comprehensive risk-management framework specifically tailored for IoT devices in port environments, utilizing Operational Risk-Management (ORM) methodology. This framework will systematically identify and categorize critical vulnerabilities and potential threats for IoT devices. By addressing these objectives, the article seeks to provide actionable insights and guidelines that can be adopted by port authorities and stakeholders to safeguard their IoT infrastructure and maintain operational stability in the face of emerging threats.\",\"PeriodicalId\":16168,\"journal\":{\"name\":\"Journal of Marine Science and Engineering\",\"volume\":\"5 1\",\"pages\":\"\"},\"PeriodicalIF\":2.7000,\"publicationDate\":\"2024-09-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Marine Science and Engineering\",\"FirstCategoryId\":\"89\",\"ListUrlMain\":\"https://doi.org/10.3390/jmse12091593\",\"RegionNum\":3,\"RegionCategory\":\"地球科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"ENGINEERING, MARINE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Marine Science and Engineering","FirstCategoryId":"89","ListUrlMain":"https://doi.org/10.3390/jmse12091593","RegionNum":3,"RegionCategory":"地球科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, MARINE","Score":null,"Total":0}

引用次数: 0

摘要

将物联网（IoT）设备整合到港口作业中，大大提高了效率、自动化和连接性。然而，这一技术进步也带来了新的运营风险，特别是在网络安全漏洞和潜在干扰方面。这篇科普文章的主要目的是全面分析和识别物联网设备在港口环境中部署时面临的主要安全威胁和漏洞。这包括研究潜在的风险，如未经授权的访问、网络攻击、恶意软件等，这些风险可能会破坏关键的港口运营并泄露敏感信息。本研究旨在评估与港口环境中物联网设备相关的关键实体，并针对这些环境制定全面的风险管理框架。本研究还旨在探索和提出降低这些风险的战略措施和最佳实践。在这项研究中，我们开发了一个以 ORM 原则为基础的风险管理框架，其中包括风险规避、减少、分担和保留策略。本研究的主要成果是利用运营风险管理（ORM）方法，专门为港口环境中的物联网设备开发了一个全面的风险管理框架。该框架将系统地识别和分类物联网设备的关键漏洞和潜在威胁。通过实现这些目标，文章力求提供可操作的见解和指南，供港口当局和利益相关方采用，以保护其物联网基础设施，并在面对新出现的威胁时保持业务稳定。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Assessing Critical Entities: Risk Management for IoT Devices in Ports

Integrating Internet of Things (IoT) devices into port operations has brought substantial improvements in efficiency, automation, and connectivity. However, this technological advancement has also introduced new operational risks, particularly in terms of cybersecurity vulnerabilities and potential disruptions. The primary objective of this scientific article is to comprehensively analyze and identify the primary security threats and vulnerabilities that IoT devices face when deployed in port environments. This includes examining potential risks, such as unauthorized access, cyberattacks, malware, etc., that could disrupt critical port operations and compromise sensitive information. This research aims to assess the critical entities associated with IoT devices in port environments and develop a comprehensive risk-management framework tailored to these settings. It also aims to explore and propose strategic measures and best practices to mitigate these risks. For this research, a risk-management framework grounded in the principles of ORM, which includes risk avoidance, reduction, sharing, and retention strategies, was developed. The primary outcome of this research is the development of a comprehensive risk-management framework specifically tailored for IoT devices in port environments, utilizing Operational Risk-Management (ORM) methodology. This framework will systematically identify and categorize critical vulnerabilities and potential threats for IoT devices. By addressing these objectives, the article seeks to provide actionable insights and guidelines that can be adopted by port authorities and stakeholders to safeguard their IoT infrastructure and maintain operational stability in the face of emerging threats.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Marine Science and Engineering Engineering-Ocean Engineering

CiteScore

4.40

自引率

20.70%

发文量

1640

审稿时长

18.09 days

期刊介绍： Journal of Marine Science and Engineering (JMSE; ISSN 2077-1312) is an international, peer-reviewed open access journal which provides an advanced forum for studies related to marine science and engineering. It publishes reviews, research papers and communications. Our aim is to encourage scientists to publish their experimental and theoretical results in as much detail as possible. There is no restriction on the length of the papers. The full experimental details must be provided so that the results can be reproduced. Electronic files and software regarding the full details of the calculation or experimental procedure, if unable to be published in a normal way, can be deposited as supplementary electronic material.