Cyber Security in Aviation, Maritime and Automotive

  • Martti LehtoEmail author
Part of the Computational Methods in Applied Sciences book series (COMPUTMETHODS, volume 54)


Critical information infrastructures support vital services such as energy, transport, telecommunications, financial services, etc., that are so essential that their unavailability may adversely affect the well-being of a nation. Transport is a critical national infrastructure. Disruption to the transport network has significant impacts on everyday life of citizens, national defence, security, and the vital functions of the state. This critical infrastructure is managed and maintained by a complex set of actors, each of whom tackle cyber security differently. The cyber security risk landscape in transport is currently evolving towards the point that risks that were once considered unlikely began occurring with regularity. This ongoing trend can be attributed to higher maturity of attack tools and methods, increased exposure, and increased motivation of attackers. In the past, most of the attacks were conventional and the attackers individuals or small groups of hackers. Now these very-high-impact risks will also force us to become better at protecting our assets and devising creative solutions to mitigate risks. Safety and security are two sides of the same coin. The cyber security threat is increasingly becoming cyber-physical, as vehicles, aircrafts, vessels, infrastructure, and control systems become increasingly connected. Accordingly, physical safety—an established practice across transport sectors—and cyber security will become one and the same. This necessitates a significant shift in the manufacturing and operation culture of the transport. This article introduces cyber security threat and risk environment in aviation, maritime and automotive. In addition, the article presents examples cyber-attacks against those systems. The article also discusses the principles that should be implemented in cyber security in transport.


Cyber-security Aviation Maritime Automotive Threat Risk 


  1. 1.
    Aitken K (2016) Cyber security in intelligent mobility transport systems catapultGoogle Scholar
  2. 2.
    Automotive IQ (2017) Safety & security reportGoogle Scholar
  3. 3.
    Biesecker C (2017) Boeing 757 testing shows airplanes vulnerable to hacking, DHS saysGoogle Scholar
  4. 4.
    BIMCO (2017) The guidelines on cyber security onboard ships.
  5. 5.
    Bodeau D, Graubart R (2013) Cyber resiliency and NIST special publication 800-53 Rev. 4 controls. MITRE Tech RepGoogle Scholar
  6. 6.
    Boyes H, Isbell R, Luck A (2017) Code of practice cyber security for ships.
  7. 7.
    Boyes H, Isbell R (2017) Code of practice cyber security for shipsGoogle Scholar
  8. 8.
    Brewster T (2015) Attack on LOT polish airline grounds 10 flights. ForbesGoogle Scholar
  9. 9.
    Cooper P (2017) Aviation cybersecurity - finding lift. Minimizing drag.
  10. 10.
    ENISA (2011) ENISA Analysis of cyber security aspects in the maritime sectorGoogle Scholar
  11. 11.
    ENISA (2016) ENISA securing smart airports.
  12. 12.
    EU (2010) Directive 2010/64/EU of the European Parliament and of the Council on the right to interpretation and translation in criminal proceedings: transposition strategies with regard to interpretation and translationGoogle Scholar
  13. 13.
    Eurocontrol (2019) Eurocontrol just culture.
  14. 14.
    Forbes VL (2018) The global maritime industry remains unprepared for future cybersecurity challenges. Future Directions, NedlandsGoogle Scholar
  15. 15.
    Greenberg A (2015) Hackers remotely kill a jeep on the highway - With me in it. WiredGoogle Scholar
  16. 16.
    Hunt T (2016) Controlling vehicle features of Nissan LEAFs across the globe via vulnerable APIs. Blog post, FebruaryGoogle Scholar
  17. 17.
    Huq N, Vosseler R, Swimmer M (2017) Cyberattacks against intelligent transportation systems. TrendLabs Research PaperGoogle Scholar
  18. 18.
    ICAO (2016) ICAO aviation securityGoogle Scholar
  19. 19.
    ICAO (2019) ICAO civil aviation cybersecurity information repository.
  20. 20.
    IMO (2017) IMO guidelines on maritime cyber risk management.
  21. 21.
    IMO (2019) IMO maritime cyber risk.
  22. 22.
    Kallio H (2016) Literature review on cyber security of vehiclesGoogle Scholar
  23. 23.
    Koscher K, Czeskis A, Roesner F, Patel S, Kohno T, Checkoway S, McCoy D, Kantor B, Anderson D, Shacham H et al (2010) Experimental security analysis of a modern automobile. 2010 IEEE symposium on security and privacy. IEEE, Berkeley, pp 447–462CrossRefGoogle Scholar
  24. 24.
    Lodge D (2016) Hacking the Mitsubishi outlander PHEV hybrid. PenTestPartners, June 5Google Scholar
  25. 25.
    Miller C, Valasek C (2013) Adventures in automotive networks and control units. DefCon 21:260–264Google Scholar
  26. 26.
    Miller C, Valasek C (2014) A survey of remote automotive attack surfaces. Black Hat USA 2014:94Google Scholar
  27. 27.
    Miller C, Valasek C (2015) Remote exploitation of an unaltered passenger vehicle. Black Hat USA 2015:91Google Scholar
  28. 28.
    Miller C, Valasek C (2016) CAN message injection. Black Hat USAGoogle Scholar
  29. 29.
    Osborne C (2018) NonPetya ransomware forced Maersk to reinstall 4000 servers, 45000 PCs. ZDNetGoogle Scholar
  30. 30.
    SAFETY4SEA (2018) SAFETY4SEA 2018 highlights: major cyber attacks reported in maritime industry.
  31. 31.
    Sydell L (2018) This ‘Gray Hat’ hacker breaks into your car.

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Faculty of Information TechnologyUniversity of JyväskyläJyväskyläFinland

Personalised recommendations