TY - JOUR
T1 - Cyber security risk assessment for seaports
T2 - A case study of a container port
AU - Gunes, Bunyamin
AU - Kayisoglu, Gizem
AU - Bolat, Pelin
N1 - Publisher Copyright:
© 2021 Elsevier Ltd
PY - 2021/4
Y1 - 2021/4
N2 - Seaports are fixed infrastructures of maritime transportation systems. Through Industry 3.0 and Industry 4.0, ports have faced with digital transformation based on networked cyber physical systems to be a part of smart and intelligent transportation systems. However, besides the advantages, this transformation has brought cyber security gaps and threats which can be resulted in breakdowns in maritime transportation domain. Therefore, port and port facilities should be prepared for cyber threats through holistic risk assessment frameworks for developing proactive actions. Based on these facts, this study has proposed to apply an integrated cyber risk assessment method for a container port with a cyber-physical perspective through analyzing four exemplary cyber-attack scenarios. For each cyber-attack scenario, risk assessment methodology has been applied using integrated cyber security management approach by taking into account the cyber physical assets of the container port. Results show that for the specified cyber threats, the risks have been evaluated non acceptable. Mitigation strategies have also been presented briefly in conclusion.
AB - Seaports are fixed infrastructures of maritime transportation systems. Through Industry 3.0 and Industry 4.0, ports have faced with digital transformation based on networked cyber physical systems to be a part of smart and intelligent transportation systems. However, besides the advantages, this transformation has brought cyber security gaps and threats which can be resulted in breakdowns in maritime transportation domain. Therefore, port and port facilities should be prepared for cyber threats through holistic risk assessment frameworks for developing proactive actions. Based on these facts, this study has proposed to apply an integrated cyber risk assessment method for a container port with a cyber-physical perspective through analyzing four exemplary cyber-attack scenarios. For each cyber-attack scenario, risk assessment methodology has been applied using integrated cyber security management approach by taking into account the cyber physical assets of the container port. Results show that for the specified cyber threats, the risks have been evaluated non acceptable. Mitigation strategies have also been presented briefly in conclusion.
KW - Cyber physical system
KW - Cyber security risk assessment
KW - Port cyber security
UR - http://www.scopus.com/inward/record.url?scp=85099774949&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2021.102196
DO - 10.1016/j.cose.2021.102196
M3 - Article
AN - SCOPUS:85099774949
SN - 0167-4048
VL - 103
JO - Computers and Security
JF - Computers and Security
M1 - 102196
ER -