ECDIS Cyber Security Dynamics Analysis based on the Fuzzy-FUCOM Method
ECDIS is one of the most important pieces of navigational and information equipment on board ships, as well as a vital component of the ship's cyberspace. ECDIS has cyber vulnerabilities because of its connections to external systems like RADAR or GPS, sensors via serial (IEC61162-1/2), analogu...
Gespeichert in:
| Veröffentlicht in: | Transactions on Maritime Science 2024-04, Vol.13 (1) |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | 1 |
| container_start_page | |
| container_title | Transactions on Maritime Science |
| container_volume | 13 |
| creator | Kayişoğlu, Gizem Güneş, Bünyamin Bolat, Pelin |
| description | ECDIS is one of the most important pieces of navigational and information equipment on board ships, as well as a vital component of the ship's cyberspace. ECDIS has cyber vulnerabilities because of its connections to external systems like RADAR or GPS, sensors via serial (IEC61162-1/2), analogue, and digital interfaces, as well as onboard Wi-Fi, internet, and LAN technologies. This study identifies and ranks the cyber risks that cause ECDIS control loss, as well as the barriers that can be put in place to stop them, the potential consequences if they are not stopped, and the mitigations that can be utilised to avoid them. Due to a lack of historical data and research on identifying and prioritising ECDIS cyber security dynamics in the literature and the fact that this field necessitates specialised knowledge in terms of computer science and operational maritime navigation, the Fuzzy Triangular Full Consistency Method (FUCOM-F), based on expert opinion, is used in this study. Then, a bow-tie framework is employed to visualize the dynamics of ECDIS cyber security and their hierarchical classification from the analysis as a cyber-architecture. The results indicate that the primary cyber threat for ECDIS is "malware infection via the internet and intranet (M1)." The primary potential consequence, in the event that these cyber threats targeting ECDIS cannot be prevented, is the unavailability of the system (O1). The most efficient barriers against M1 attacks are “up-to-date virus protection” and “scanning software," while the most crucial measure to prevent the impact of O1 is "network segregation." Consequently, in addition to its strong methodological foundation, this research offers significant benefits to maritime professionals and cybersecurity experts by providing valuable insights on preventing cyber-attacks on bridge system infrastructure, particularly ECDIS. |
| doi_str_mv | 10.7225/toms.v13.n01.w09 |
| format | Article |
| fullrecord | <record><control><sourceid>crossref_hrcak</sourceid><recordid>TN_cdi_hrcak_primary_oai_hrcak_srce_hr_316752</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>10_7225_toms_v13_n01_w09</sourcerecordid><originalsourceid>FETCH-LOGICAL-c1919-1cab6c70302a9464a72d4787fbdd859d11de2bfe57ed902d77b69c7e00903d463</originalsourceid><addsrcrecordid>eNo90D1vwjAQBmCraqUiyt7RfyDp2U7ieESBtEggBsps-StKVJJUdmgVfn2DqJju1em9Gx6EXgnEnNL0bejbEP8QFndA4l8QD2hG8iSPGCPs8Z4hfUaLEBoNkOcZoYmYoXJdrDYHXIzaeXxw5uybYcSrsVNtYwJeduo0hiZgrYKzuO_wUDtcni-XMSqPxX6Hd26oe_uCnip1Cm7xP-foWK4_i49ou3_fFMttZIggIiJG6cxwYECVSLJEcWoTnvNKW5unwhJiHdWVS7mzAqjlXGfCcAcggNkkY3MU3f7W3qgv-e2bVvlR9qqRt03wxk1RMpLxlE59uPWN70PwrrqfEJBXOnmlkxOdnOjkRMf-AIzuYwI</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>ECDIS Cyber Security Dynamics Analysis based on the Fuzzy-FUCOM Method</title><source>EZB-FREE-00999 freely available EZB journals</source><creator>Kayişoğlu, Gizem ; Güneş, Bünyamin ; Bolat, Pelin</creator><creatorcontrib>Kayişoğlu, Gizem ; Güneş, Bünyamin ; Bolat, Pelin</creatorcontrib><description>ECDIS is one of the most important pieces of navigational and information equipment on board ships, as well as a vital component of the ship's cyberspace. ECDIS has cyber vulnerabilities because of its connections to external systems like RADAR or GPS, sensors via serial (IEC61162-1/2), analogue, and digital interfaces, as well as onboard Wi-Fi, internet, and LAN technologies. This study identifies and ranks the cyber risks that cause ECDIS control loss, as well as the barriers that can be put in place to stop them, the potential consequences if they are not stopped, and the mitigations that can be utilised to avoid them. Due to a lack of historical data and research on identifying and prioritising ECDIS cyber security dynamics in the literature and the fact that this field necessitates specialised knowledge in terms of computer science and operational maritime navigation, the Fuzzy Triangular Full Consistency Method (FUCOM-F), based on expert opinion, is used in this study. Then, a bow-tie framework is employed to visualize the dynamics of ECDIS cyber security and their hierarchical classification from the analysis as a cyber-architecture. The results indicate that the primary cyber threat for ECDIS is "malware infection via the internet and intranet (M1)." The primary potential consequence, in the event that these cyber threats targeting ECDIS cannot be prevented, is the unavailability of the system (O1). The most efficient barriers against M1 attacks are “up-to-date virus protection” and “scanning software," while the most crucial measure to prevent the impact of O1 is "network segregation." Consequently, in addition to its strong methodological foundation, this research offers significant benefits to maritime professionals and cybersecurity experts by providing valuable insights on preventing cyber-attacks on bridge system infrastructure, particularly ECDIS.</description><identifier>ISSN: 1848-3305</identifier><identifier>EISSN: 1848-3313</identifier><identifier>DOI: 10.7225/toms.v13.n01.w09</identifier><language>eng</language><publisher>Sveučilište u Splitu, Pomorski fakultet</publisher><subject>ECDIS cyber security ; ECDIS IT ; FUCOM ; Maritime cyber security ; OT dynamic</subject><ispartof>Transactions on Maritime Science, 2024-04, Vol.13 (1)</ispartof><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>230,314,780,784,885,27923,27924</link.rule.ids></links><search><creatorcontrib>Kayişoğlu, Gizem</creatorcontrib><creatorcontrib>Güneş, Bünyamin</creatorcontrib><creatorcontrib>Bolat, Pelin</creatorcontrib><title>ECDIS Cyber Security Dynamics Analysis based on the Fuzzy-FUCOM Method</title><title>Transactions on Maritime Science</title><description>ECDIS is one of the most important pieces of navigational and information equipment on board ships, as well as a vital component of the ship's cyberspace. ECDIS has cyber vulnerabilities because of its connections to external systems like RADAR or GPS, sensors via serial (IEC61162-1/2), analogue, and digital interfaces, as well as onboard Wi-Fi, internet, and LAN technologies. This study identifies and ranks the cyber risks that cause ECDIS control loss, as well as the barriers that can be put in place to stop them, the potential consequences if they are not stopped, and the mitigations that can be utilised to avoid them. Due to a lack of historical data and research on identifying and prioritising ECDIS cyber security dynamics in the literature and the fact that this field necessitates specialised knowledge in terms of computer science and operational maritime navigation, the Fuzzy Triangular Full Consistency Method (FUCOM-F), based on expert opinion, is used in this study. Then, a bow-tie framework is employed to visualize the dynamics of ECDIS cyber security and their hierarchical classification from the analysis as a cyber-architecture. The results indicate that the primary cyber threat for ECDIS is "malware infection via the internet and intranet (M1)." The primary potential consequence, in the event that these cyber threats targeting ECDIS cannot be prevented, is the unavailability of the system (O1). The most efficient barriers against M1 attacks are “up-to-date virus protection” and “scanning software," while the most crucial measure to prevent the impact of O1 is "network segregation." Consequently, in addition to its strong methodological foundation, this research offers significant benefits to maritime professionals and cybersecurity experts by providing valuable insights on preventing cyber-attacks on bridge system infrastructure, particularly ECDIS.</description><subject>ECDIS cyber security</subject><subject>ECDIS IT</subject><subject>FUCOM</subject><subject>Maritime cyber security</subject><subject>OT dynamic</subject><issn>1848-3305</issn><issn>1848-3313</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><recordid>eNo90D1vwjAQBmCraqUiyt7RfyDp2U7ieESBtEggBsps-StKVJJUdmgVfn2DqJju1em9Gx6EXgnEnNL0bejbEP8QFndA4l8QD2hG8iSPGCPs8Z4hfUaLEBoNkOcZoYmYoXJdrDYHXIzaeXxw5uybYcSrsVNtYwJeduo0hiZgrYKzuO_wUDtcni-XMSqPxX6Hd26oe_uCnip1Cm7xP-foWK4_i49ou3_fFMttZIggIiJG6cxwYECVSLJEcWoTnvNKW5unwhJiHdWVS7mzAqjlXGfCcAcggNkkY3MU3f7W3qgv-e2bVvlR9qqRt03wxk1RMpLxlE59uPWN70PwrrqfEJBXOnmlkxOdnOjkRMf-AIzuYwI</recordid><startdate>20240401</startdate><enddate>20240401</enddate><creator>Kayişoğlu, Gizem</creator><creator>Güneş, Bünyamin</creator><creator>Bolat, Pelin</creator><general>Sveučilište u Splitu, Pomorski fakultet</general><scope>AAYXX</scope><scope>CITATION</scope><scope>VP8</scope></search><sort><creationdate>20240401</creationdate><title>ECDIS Cyber Security Dynamics Analysis based on the Fuzzy-FUCOM Method</title><author>Kayişoğlu, Gizem ; Güneş, Bünyamin ; Bolat, Pelin</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c1919-1cab6c70302a9464a72d4787fbdd859d11de2bfe57ed902d77b69c7e00903d463</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>ECDIS cyber security</topic><topic>ECDIS IT</topic><topic>FUCOM</topic><topic>Maritime cyber security</topic><topic>OT dynamic</topic><toplevel>online_resources</toplevel><creatorcontrib>Kayişoğlu, Gizem</creatorcontrib><creatorcontrib>Güneş, Bünyamin</creatorcontrib><creatorcontrib>Bolat, Pelin</creatorcontrib><collection>CrossRef</collection><collection>Hrcak: Portal of scientific journals of Croatia</collection><jtitle>Transactions on Maritime Science</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kayişoğlu, Gizem</au><au>Güneş, Bünyamin</au><au>Bolat, Pelin</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>ECDIS Cyber Security Dynamics Analysis based on the Fuzzy-FUCOM Method</atitle><jtitle>Transactions on Maritime Science</jtitle><date>2024-04-01</date><risdate>2024</risdate><volume>13</volume><issue>1</issue><issn>1848-3305</issn><eissn>1848-3313</eissn><abstract>ECDIS is one of the most important pieces of navigational and information equipment on board ships, as well as a vital component of the ship's cyberspace. ECDIS has cyber vulnerabilities because of its connections to external systems like RADAR or GPS, sensors via serial (IEC61162-1/2), analogue, and digital interfaces, as well as onboard Wi-Fi, internet, and LAN technologies. This study identifies and ranks the cyber risks that cause ECDIS control loss, as well as the barriers that can be put in place to stop them, the potential consequences if they are not stopped, and the mitigations that can be utilised to avoid them. Due to a lack of historical data and research on identifying and prioritising ECDIS cyber security dynamics in the literature and the fact that this field necessitates specialised knowledge in terms of computer science and operational maritime navigation, the Fuzzy Triangular Full Consistency Method (FUCOM-F), based on expert opinion, is used in this study. Then, a bow-tie framework is employed to visualize the dynamics of ECDIS cyber security and their hierarchical classification from the analysis as a cyber-architecture. The results indicate that the primary cyber threat for ECDIS is "malware infection via the internet and intranet (M1)." The primary potential consequence, in the event that these cyber threats targeting ECDIS cannot be prevented, is the unavailability of the system (O1). The most efficient barriers against M1 attacks are “up-to-date virus protection” and “scanning software," while the most crucial measure to prevent the impact of O1 is "network segregation." Consequently, in addition to its strong methodological foundation, this research offers significant benefits to maritime professionals and cybersecurity experts by providing valuable insights on preventing cyber-attacks on bridge system infrastructure, particularly ECDIS.</abstract><pub>Sveučilište u Splitu, Pomorski fakultet</pub><doi>10.7225/toms.v13.n01.w09</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1848-3305 |
| ispartof | Transactions on Maritime Science, 2024-04, Vol.13 (1) |
| issn | 1848-3305 1848-3313 |
| language | eng |
| recordid | cdi_hrcak_primary_oai_hrcak_srce_hr_316752 |
| source | EZB-FREE-00999 freely available EZB journals |
| subjects | ECDIS cyber security ECDIS IT FUCOM Maritime cyber security OT dynamic |
| title | ECDIS Cyber Security Dynamics Analysis based on the Fuzzy-FUCOM Method |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-13T07%3A24%3A29IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-crossref_hrcak&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=ECDIS%20Cyber%20Security%20Dynamics%20Analysis%20based%20on%20the%20Fuzzy-FUCOM%20Method&rft.jtitle=Transactions%20on%20Maritime%20Science&rft.au=Kayi%C5%9Fo%C4%9Flu,%20Gizem&rft.date=2024-04-01&rft.volume=13&rft.issue=1&rft.issn=1848-3305&rft.eissn=1848-3313&rft_id=info:doi/10.7225/toms.v13.n01.w09&rft_dat=%3Ccrossref_hrcak%3E10_7225_toms_v13_n01_w09%3C/crossref_hrcak%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |