Skip to main content
SpringerLink
Log in

Maritime Cybersecurity. Navigational Aspect

  • Published:
Gyroscopy and Navigation Aims and scope Submit manuscript

Abstract

This article is a review of publications on maritime cybersecurity with the focus made on navigation support. Cyber threats to electronic chart display and information system (ECDIS), automatic identification system (AIS), voyage data recorder (VDR), and integrated navigation system (INS) as a whole are considered. The specific features of cybersecurity of maritime autonomous surface ships (MASS) as well as the impact of the human factor on cybersecurity are discussed, and the regulatory framework for preventing cyber threats is analyzed.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

REFERENCES

  1. The Review of Maritime Transport https://unctad. org/system/files/official-document/rmt2017_en.pdf (Accessed January 15, 2024)

  2. Cyber-enabled ships, Lloyd’s Register, 2016.

  3. Fosen, J., Cyber Security Awareness in the Maritime Industry, January 2019.

  4. Cyber security threats in maritime industry, DNV, 2019.

  5. Akpan, F., Bendiab, G., Shiaeles, S., et al., Cybersecurity challenges in the maritime sector, Network, 2022, 2(1), pp. 123–138. https://doi.org/10.3390/network2010009

    Article  Google Scholar 

  6. Semenov, S., Maritime Cybersecurity: Situation, Problems and Risks, Russian International Affairs Council https://russiancouncil.ru/analytics-and-comments/ columns/cybercolumn/morskaya-kiberbezopasnost-situatsiya-problemy-i-riski/ (Accessed January 16, 2024)

  7. Roberts, F.S., Egan, D., Nelson, C., and Whytlaw, R., Combined cyber and physical attacks on the maritime transportation system. NMIOTC Marit. Interdiction Oper. J., 2019, vol. 18, no. 22.

  8. Cohen, Z., US Navy ship collides with South Korean fishing boat, CNN, 2024. https://edition.cnn.com/2017/05/09/politics/fishing-vessel-hits-us-navy-ship-south-korea/index.html (Accessed January 18, 2024)

  9. The Guidelines on Cyber Security Onboard Ships. Version 3 https://safety4sea.com/wp-content/uploads/2018/12/BIMCO-Guidelines-on-cyber-security-onboard-ships-2018_12.pdf (Accessed January 19, 2024)

  10. Al-Mhiqani, M.N., Ahmad, R., Yassin, W., Hassan, A., Abidin, Z.Z., Ali, N.S., and Abdulkare-em, K.H., Cyber-security incidents: A review cases in cyber-physical systems, Int. J. Adv. Comput. Sci. Appl. 2018, vol. 9, no. 1, pp. 499–508.

  11. Andersen, I., The 12 Most Common Types of Cyber Security Attacks Today, May 15, 2018 https://blog.netwrix.com/2018/05/15/top-10-most-common-types-of-cyber-attacks/ (Accessed January 16, 2024)

  12. The Guidelines on Cyber Security Onboard Ships. Version 4 https://www.bimco.org/about-us-and-our-members/publications/the-guidelines-on-cyber-security-onboard-ships (Accessed January 13, 2024)

  13. Mednikarov, B., Tsonev, Y., and Lazarov, A., Analysis of cybersecurity issues in the maritime industry, Information & Security, 2020, vol. 47, no. 1, pp. 27–43. https://doi.org/10.11610/isij.4702

    Article  Google Scholar 

  14. Dyryavyy, Ye., Preparing for Cyber Battleships – Electronic Chart Display and Information System Security, 2014. https://research.nccgroup.com/wp-content/uploads/2020/07/2014-03-03_-_ncc_group_-_whitepaper_-_cyber_battle_ship_v1-0.pdf (Accessed January 15, 2024)

  15. Svilicic, B., Brčić, D., Žuškin, S., and Brčić, D., Raising awareness on cyber security of ECDIS, TransNav the Int. J. on Marine Navigation and Safety of Sea Transportation, 13(1), pp. 231–236. https://doi.org/10.12716/1001.13.01.24

  16. 'Petya' ransomware attack: what is it and how can it be stopped? The Guardian, 2017. https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-cyber-attack-who-what-why-how (Accessed January 17, 2024)

  17. Svilicic, B., Kristić, M., Žuškin, S., and Brčić, D., Paperless ship navigation: Cyber security weaknesses, Journal of Transportation Security, 2020, 13, pp. 203–214.

    Article  Google Scholar 

  18. Revised guidelines for onboard operational use of AIS https://safety4sea.com/revised-guidelines-for-the-onboard-operational-use-of-shipboard-ais/ (Accessed January 16, 2024)

  19. Botunac Ive, Analysis of software threats to the automatic identification system, Brodogradnja, 2017, 68(1), pp. 97–105.https://doi.org/10.21278/brod68106

    Article  Google Scholar 

  20. Kessler, G., Craiger, P., and Haass, J., A taxonomy framework for maritime cybersecurity: a demonstration using the automatic identification system, TransNav, the International Journal on Marine Navigation and Safety of Sea Transportation, 2018, 12(3), pp. 429–437. https://doi.org/10.12716/1001.12.03.01

  21. Strohmeier, M., Lenders, V., & Martinovic, I. (2015), On the Security of the Automatic Dependent Surveillance-Broadcast Protocol, IEEE Communications Surveys & Tutorials, 17(2), pp. 1066–1087

    Article  Google Scholar 

  22. Balduzzi, M., Pasta, A. and Wilhoit, K., A security evaluation of AIS automated identification system, in Proc. 30th Annual Computer Security Applications Conference, New Orleans, 2014, pp. 436–445.

  23. Gallagher, S., Hacked at sea: Researchers find ships’ data recorders vulnerable to attack https://arstechnica.com/information-technology/2015/12/hacked-at-sea-researchers-find-ships-data-recorders-vulnerable-to-attack/ (Accessed January 16, 2024)

  24. Anand, N., Voyage Data Recorder of Prabhu Daya may have been tampered with http://www.thehindu.com/news/national/tamil-nadu/voyage-data-recorder-of-prabhu-daya-may-have-been-tampered-with/article2982183.ece (Accessed January 16, 2024)

  25. Soner, O., Kayişoğlu, G., Bolat, P.Y., and Tam, K., Cybersecurity risk assessment of VDR, 2023, Journal of Navigation, pp. 1–18. https://doi.org/10.1017/S0373463322000595

  26. Lund, M.S., Gulland, J.E., Hareide, O.S., Jøsok, Ø., and Weum, K.O.C., Integrity of Integrated Navigation Systems, 2018 IEEE Conference on Communications and Network Security (CNS). https://doi.org/10.1109/CNS.2018.8433151

  27. Resolution MSC.252(83): Adoption of the Revised Performance Standard for Integrated Navigation Systems (INS), International Maritime Organization (IMO), 2007.

  28. Shim, K.-A., A survey of public-key cryptographic primitives in wireless sensor networks, IEEE Commun. Surveys Tuts., 2016, vol. 18, no. 1, pp. 577–601.

  29. Svilicic, B., Rudan, I., Jugović, A., and Zec, D., A study on security threats in a shipboard integrated navigational system, Journal of Marine Science and Engineering, 2019, vol. 7, no. 10. https://doi.org/10.3390/jmse7100364

  30. Hareide, O. S., Jøsok, Ø., Lund, M.S., Ostnes, R., and Helkala, K.M., Enhancing navigator competence by demonstrating maritime cyber security, Journal of Navigation, 2018, 71 (5), pp. 1025–1039. https://doi.org/10.1017/S0373463318000164

    Article  Google Scholar 

  31. Hutchins, E. M., Cloppert, M. J. & Amin, R. M., Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains, Leading Issues in Information Warfare & Security Research, 2011, vol. 1, pp. 78−104.

  32. Kavallieratos, G., Katsikas, S., and Gkioulos, V. (2019). Cyber-attacks against the autonomous ship, in Katsikas, S., et al. Computer Security. SECPRE CyberICPS 2018. Lecture Notes in Computer Science, vol. 11387. Springer, Cham. https://doi.org/10.1007/978-3-030-12786-2_2

  33. Shostack, A., Threat Modeling: Designing for Security, 1st edn, Wiley, Hoboken, 2014.

    Google Scholar 

  34. Silverajan, B., Ocak, M., and Nagel, B., Cybersecurity attacks and defences for unmanned smart ships, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). https://doi.org/10.1109/cybermatics_2018.2018.00037

  35. Santamarta, R., Maritime Security: Hacking into Voyage https://blog.ioactive.com/2015/12/maritime-security-hacking-into-voyage.html (Accessed January 16, 2024)

  36. Hammerschmidt, Ch., CAN FD vulnerability threatens vehicle security https://www.eenewseurope.com/en/can-fd-vulnerability-threatens-vehicle-security/ (Accessed January 19, 2024)

  37. Bosnjak, R., Simunovic, L., and Kavran, Z., Automatic Identification System in Maritime Traffic and Error Analysis, Transactions on Maritime Science, 1(02), 2012, pp. 77–84.

    Article  Google Scholar 

  38. Zhou, X., Liu, Z., Wu, Z., and Wang, F., Quantitative processing of situation awareness for autonomous ships navigation. TransNav Int. J. Mar. Navig. Saf. Sea Transport, 2019, 13 (1), pp. 25–31. https://doi.org/10.12716/1001.13.01.01

    Article  Google Scholar 

  39. Wróbel, K., Montewka, J., and Kujala, P., Towards the development of a system-theoretic model for safety assessment of autonomous merchant vessels, Reliability Engineering & System Safety, 2018, vol. 178, pp. 209–224. https://doi.org/10.1016/j.ress.2018.05.019

    Article  Google Scholar 

  40. Endsley, M.R., Toward a theory of situation awareness in dynamic systems, Human factors, 1995, vol. 37, pp. 32–64. https://doi.org/10.1518/001872095779049543

    Article  Google Scholar 

  41. Taylor, R.M., Situational awareness rating technique (SART): The development of a tool for aircrew systems design, in Situational Awareness, Routledge, 2017, pp. 111–128. https://doi.org/10.4324/9781315087924-8

    Book  Google Scholar 

  42. Wróbel, K., Montewka, J., and Kujala, P., System-theoretic approach to safety of remotely-controlled merchant vessel, Ocean Engineering, 2018, vol. 152, pp. 334–345. https://doi.org/10.1016/j.oceaneng.2018.01.020

    Article  Google Scholar 

  43. Zhou, X., Liu, Z., Wang, F., and Ni, S., Collision risk identification of autonomous ships based on the synergy ship domain, 2018 Chinese Control and Decision Conference (CCDC), 2018, pp. 6746–6752. https://doi.org/10.1109/CCDC.2018.8408320

  44. Silverajan, B., Ocak, M., and Nagel, B., Cybersecurity attacks and defences for unmanned smart ships, in Proc. 2018 IEEE Int. Conf. on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Halifax, NS, Canada, 30 July–3 August 2018, pp. 15–20.

  45. Zhou, X., Liu, Z., Wu, Z., and Wang, F., Quantitative processing of situation awareness for autonomous ships navigation. Int. J. Mar. Navig. Saf. Sea Transp., 2019, vol. 13, pp. 25–31.

    Google Scholar 

  46. Bechtsis, D., Tsolakis, N., Bizakis, A., and Vlachos, D., A blockchain framework for containerized food supply chains, in Computer Aided Chemical Engineering, Elsevier: Amsterdam, The Netherlands, 2019; Vol. 46, pp. 1369–1374 https://doi.org/10.1016/B978-0-12-818634-3.50229-0

    Book  Google Scholar 

  47. Wullems, C., Pozzobon, O., and Kubik, K., Signal authentication and integrity schemes for next generation global navigation satellite systems, in European Navigation Conference (ENC-GNSS 2005), 2005-07-19 - 2005-07-22

  48. Caparra, G., Sturaro, S., Laurenti, N., Wullems, C., and Ioannides, R.T., A novel navigation message authentication scheme for GNSS open service, in Proc. 29th Int. Tech. Meeting of the Satellite Division of the Institute of Navigation (ION GNSS+ 2016), Portland, OR, USA, 12–16 September 2016, pp. 2938–2947. https://doi.org/10.33012/2016.14692

  49. Reddy, G.N. and Reddy, G., A study of cybersecurity challenges and its emerging trends on latest technologies. arXiv 2014, arXiv:1402.1842.

  50. Bour, G., Bernsmed, K., Borgaonkar, R., and Meland, P.H. (2021). On the Certificate Revocation Problem in the Maritime Sector, in Asplund, M., Nadjm-Tehrani, S. (eds) Secure IT Systems. NordSec 2020. Lecture Notes in Computer Science, vol. 12556. Springer, Cham. https://doi.org/10.1007/978-3-030-70852-8_9

  51. Pseftelis, T. and Chondrokoukis, G., A Study about the role of the human factor in maritime cybersecurity, SPOUDAI Journal of Economics and Business, 2021, vol. 71, no. 1–2, pp. 55–72.

    Google Scholar 

  52. Maritime Cybersecurity https://maritimecybersecurity.org/ (Accessed January 17, 2024)

  53. Heering, D. and Lovell, K.N., Exercise Neptune: Maritime cybersecurity training using the navigational simulators, 5th Interdisciplinary Cyber Research Conference, Tallinn, Estonia, 2019.

  54. Caprolu, M., DiPietro, R., Raponi, S., Sciancalepo-re, S., and Tedeschi, P., 2020, Vessels Cybersecurity: Issues, Challenges, and the Road Ahead, IEEE Communications Magazine 58 (6): 90–96, 2020. https://doi.org/10.1109/MCOM.001.1900632

    Article  Google Scholar 

  55. Kamlesh Kanwal, Wenming Shi, Christos Kontovas, Zaili Yang & Chia-Hsun Chang: Maritime cybersecurity: Are onboard systems ready? Maritime Policy & Management, 16 Sep 2022. https://www.tandfonline.com/doi/full/https://doi.org/10.1080/03088839.2022.2124464 (Accessed January 17, 2024) 10.1080/03088839.2022.2124464

  56. Wu, Z., Pan, Q., Yue, M., and Ma, S., An approach of security protection for VSAT network, Proc.17th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), New York, NY, USA, 1–3 August 2018, pp. 1511–1516. https://doi.org/10.1109/TrustCom/BigDataSE.2018.00214

  57. Maritime Security: Hacking into a Voyage Data Recorder (VDR), December 9, 2015, https://ioactive.com/maritime-security-hacking-into-a-voyage-data-recorder-vdr/ (Accessed January 16, 2024)

  58. Heffner, C., Exploiting network surveillance cameras like a Hollywood hacker https://privacy-pc.com/articles/exploiting-network-surveillance-cameras-like-a-hollywood-hacker.html

  59. Ben Farah, M.A., Ukwandu, E., Hindy, H., Brosset, D., Bures, M., Andonovic, I., and Bellekens, X., Cybersecurity in the maritime industry: A systematic survey of recent advances and future trends, Information, 2022, 13(1), Article 22. https://doi.org/103390/info13010022

  60. Bugeja, J., Jönsson, D., and Jacobsson, A., An investigation of vulnerabilities in smart connected cameras, in Proc 2018 IEEE Int. Conf. on Pervasive Computing and Communications Workshops (PerCom Workshops), Athens, Greece, 19–23 March 2018; pp. 537–542. https://doi.org/10.1109/PERCOMW.2018.8480184

  61. The Guidelines on Cyber Security onboard Ships (Updated October 05, 2023). https://www.intercargo.org/guidelines-cyber-security-onboard-ships/ (Accessed January 18, 2024)

  62. The Guidelines on Cyber Security Onboard Ships, Version 4, December 2020 https://www.ics-shipping.org/wp-content/uploads/2021/02/2021-Cyber-Security-Guidelines.pdf (Accessed January 17, 2024)

  63. Maritime cyber risk management in safety management systems (RESOLUTION MSC.428(98), adopted on  16  June 2017) https://wwwcdn.imo.org/localresources/en/KnowledgeCentre/IndexofIMOResolutions/ MSCResolutions/MSC.428(98).pdf (Accessed January 17, 2024)

  64. Ahvenjärvi, S., Czarnowski, I., Kåla, J., Kyster, A., Meyer, I., Mogensen, J., and Szyman, P., Safe information exchange on board of the ship, TransNav : International Journal on Marine Navigation and Safety of Sea Transportation, 2019, vol. 13, no. 1. https://paperity.org/p/275182587/safe-information-exchange-on-board-of-the-ship (Accessed January 17, 2024). https://doi.org/10.12716/1001.13.01.17

  65. Dean, M., New ECDIS Cyber Security Regulations & Requirements Feb 08, 2020. https://www.amnautical.com/es/blogs/news/keep-ecdis-secure-with-software-updates (Accessed January 19, 2024)

  66. Recommendation on Cyber Resilience No. 166 (Apr 2020) https://www.steamshipmutual.com/sites/default/files/downloads/articles/2020/IACS-Recommendation-on-Cyber-resilience-No-166-2020_04.pdf (Accessed January 18, 2024)

  67. Cybersecurity for the maritime industry https://www.maritime-cybersecurity.com/ (Accessed January 18, 2024)

  68. National Maritime Cybersecurity Plan Released, Vincent Milano, Jan 12, 2021 https://www.hsdl.org/c/national-maritime-cybersecurity-plan-released/ (Accessed January 17, 2024)

  69. Guidelines on maritime cyber risk management MSC-FAL.1/Circ.3/Rev.1, 14 June 2021. https://wwwcdn.imo.org/localresources/en/OurWork/Facilitation/Facilitation/MSC-FAL.1-Circ.3-Rev.1.pdf (Accessed January 19, 2024)

  70. Afonin, A., Cybersecurity in shipping. Current challenges, 2021 https://www.korabel.ru/news/comments/kiberbezopasnost_v_sudohodstve_aktualnye_vyzovy.html (Accessed January 17, 2024)

  71. Semenov, S., Maritime News of Russia, Maritime cybersecurity. Novelties in 2021. https://morvesti.ru/analitika/1692/92320/

  72. Rivkin, B.S., E-Navigation: Ten years, Giroskopiya i Navigatsiya, 2015, no. 4, pp. 173–191. https://doi.org/10.17285/0869-7035.2015.23.4.173-191

  73. NaviSailot 4000 ECDIS Overview Brochure https:// static.mackaycomm.com/wp-content/uploads/2021/ 08/Transas_ECDIS_NaviSailor_4000_Summary_Dec11_Mackay_v01HR.pdf

Download references

Funding

This work was supported by ongoing institutional funding. No additional grants to carry out or direct this particular research were obtained.

Author information

Authors and Affiliations

  1. Concern CSRI Elektropribor, JSC, St. Petersburg, Russia

    B. S. Rivkin

Authors
  1. B. S. Rivkin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to B. S. Rivkin.

Ethics declarations

The author of this work declares that he has no conflicts of interest.

Additional information

Publisher’s Note.

Pleiades Publishing remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rivkin, B.S. Maritime Cybersecurity. Navigational Aspect. Gyroscopy Navig. 14, 386–400 (2023). https://doi.org/10.1134/S207510872470010X

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1134/S207510872470010X

Keywords:

Search

Navigation