TY - JOUR
T1 - Quantifying potential cyber-attack risks in maritime transportation under Dempster–Shafer theory FMECA and rule-based Bayesian network modelling
AU - Uflaz, Esma
AU - Sezer, Sukru Ilke
AU - Tunçel, Ahmet Lutfi
AU - Aydin, Muhammet
AU - Akyuz, Emre
AU - Arslan, Ozcan
N1 - Publisher Copyright:
© 2023 Elsevier Ltd
PY - 2024/3
Y1 - 2024/3
N2 - Maritime cyber security is a growing concern in the shipping industry as reliance on technology increases. With the potential for cyber attacks to disrupt vessel operations, compromise sensitive information, and endanger crew and cargo, assessing the risks and developing effective risk management strategies is crucial. On the other hand, cyber risk assessments in maritime transportation have been limited, and there is a lack of probabilistic databases of cyber threats. To remedy this gap, this paper presents a probabilistic approach to estimate cyber threats, especially for the bridge navigational systems in the maritime sector, focusing on the Bayesian network model to evaluate cyber risks for integrated bridge navigational systems onboard, and marine security experts evaluate 32 threats with respect to FMECA (Failure modes, Effect and Criticality Analysis) parameters. Dempster-Shafer theory is utilised to consolidate expert opinions for cyber risk analysis. The findings of the research showed that AIS spoofing poses the highest risk. GPS jamming is the other significant threat to ship bridge navigational systems during cyber attacks. The research provides a basis for identifying cyber threats and risks, calculating the highest risk values and developing control actions to maintain effective risk management strategies for safe and secure maritime transportation.
AB - Maritime cyber security is a growing concern in the shipping industry as reliance on technology increases. With the potential for cyber attacks to disrupt vessel operations, compromise sensitive information, and endanger crew and cargo, assessing the risks and developing effective risk management strategies is crucial. On the other hand, cyber risk assessments in maritime transportation have been limited, and there is a lack of probabilistic databases of cyber threats. To remedy this gap, this paper presents a probabilistic approach to estimate cyber threats, especially for the bridge navigational systems in the maritime sector, focusing on the Bayesian network model to evaluate cyber risks for integrated bridge navigational systems onboard, and marine security experts evaluate 32 threats with respect to FMECA (Failure modes, Effect and Criticality Analysis) parameters. Dempster-Shafer theory is utilised to consolidate expert opinions for cyber risk analysis. The findings of the research showed that AIS spoofing poses the highest risk. GPS jamming is the other significant threat to ship bridge navigational systems during cyber attacks. The research provides a basis for identifying cyber threats and risks, calculating the highest risk values and developing control actions to maintain effective risk management strategies for safe and secure maritime transportation.
KW - Bayesian network
KW - Cyber risk
KW - Cyber-attack
KW - Dempster–Shafer theory
KW - FMECA
KW - Ship navigation system
UR - http://www.scopus.com/inward/record.url?scp=85178465620&partnerID=8YFLogxK
U2 - 10.1016/j.ress.2023.109825
DO - 10.1016/j.ress.2023.109825
M3 - Article
AN - SCOPUS:85178465620
SN - 0951-8320
VL - 243
JO - Reliability Engineering and System Safety
JF - Reliability Engineering and System Safety
M1 - 109825
ER -