EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Cyber risk assessment of cyber-enabled autonomous cargo vessel

Awais Yousaf, Ahmed Amro, Philip Teow Huat Kwa, Meixuan Li and Jianying Zhou

International Journal of Critical Infrastructure Protection, 2024, vol. 46, issue C

Abstract: The increasing interest in autonomous ships within the maritime industry is driven by the pursuit of revenue optimization, operational efficiency, safety improvement and going greener. However, the industry’s increasing reliance on emerging technologies for the development of autonomous ships extends the attack surface, leaving the underlying ship systems vulnerable to potential exploitation by malicious actors. In response to these emerging challenges, this research extends an existing cyber risk assessment approach called FMECA-ATT&CK based on failure modes, effects and criticality analysis (FMECA), and the MITRE ATT&CK framework. As a part of our work, we have expanded the FMECA-ATT&CK approach to assessing cyber risks related to systems with artificial intelligence components in cyber-enabled autonomous ships (e.g. autonomous engine monitoring and control). This new capability was developed using the information and semantics encoded in the MITRE ATLAS framework. FMECA-ATT&CK has been adopted due to its comprehensive and adaptable nature and its promising venue for supporting continuous cyber risk assessment. It helps evaluate the cyber risks associated with the complex and state-of-the-art operational technologies on board autonomous ships. The cyber risk assessment approach assists cybersecurity experts in aligning mitigation strategies for the cyber defence of autonomous ships. It also contributes towards advancing overall cybersecurity in the maritime industry and ensures the safe and secure sailing of autonomous ships. Our key findings after applying the proposed approach against a model of an autonomous cargo ship is the identification of the Navigation Situation Awareness System (NSAS) of the ship as being at the highest risk followed by the Autonomous Engine Monitoring and Control (AEMC) system. Additionally, we identified 3 high, 48 medium, and 5776 low risks across 29 components.

Keywords: Cyber risk assessment; FMECA; MITRE ATLAS; MITRE ATT&CK; Autonomous ship; Cybersecurity (search for similar items in EconPapers)
Date: 2024
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (2)

Downloads: (external link)
http://www.sciencedirect.com/science/article/pii/S1874548224000362
Full text for ScienceDirect subscribers only

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:eee:ijocip:v:46:y:2024:i:c:s1874548224000362

DOI: 10.1016/j.ijcip.2024.100695

Access Statistics for this article

International Journal of Critical Infrastructure Protection is currently edited by Leon Strous

More articles in International Journal of Critical Infrastructure Protection from Elsevier
Bibliographic data for series maintained by Catherine Liu ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:eee:ijocip:v:46:y:2024:i:c:s1874548224000362