Abstract
The integrated navigational system (INS) enhances the effectiveness and safety of ship navigation by providing multifunctional display on the basis of integration of at least two navigational functions, the voyage route monitoring with Electronic Chart Display and Information System (ECDIS) and collision avoidance with radar. The INS is essentially a software platform for fusion of data from the major ECDIS and radar systems with sensors for the additional navigation functions of route planning, status and data display, and alert management. This paper presents a study on cyber security resilience examination of a shipboard INS installed on a RoPax ship engaged in international trade. The study was based on a mixed-method approach, combining an interview of the ship's navigational ranks and cyber security testing of the INS using an industry vulnerability scanner. The identified threats were analyzed qualitatively to study the source of cyber risks threatening the INS. The results obtained point out cyber threats related to weaknesses of the INS underlying operating system, suggesting a need for occasional preventive maintenance in addition to the regulatory compliance required.
Highlights
IntroductionShip navigation systems have been increasingly relying on cyber technologies to improve the effectiveness and safety of navigation, which has resulted in a need for safeguarding the shipping from cyber threats [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21]
This paper presents a study on cyber security resilience examination of a shipboard integrated navigational system (INS) installed on a RoPax ship engaged in international trade
The examination was based on the mixed-method approach, combining an interview of the ship’s navigational ranks and the following cyber security testing of the INS
Summary
Ship navigation systems have been increasingly relying on cyber technologies to improve the effectiveness and safety of navigation, which has resulted in a need for safeguarding the shipping from cyber threats [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21]. The ship navigational ranks training was conducted by the INS vendor, and cyber security awareness was at quite a high level. Strong physical protection policy was in place for unauthorized personnel, and INS hardware interfaces were kept in a locked case. The electronic navigation chart (ENC) update portable storage device was strictly controlled, the device provided by the INS vendor was used, and the ship navigational ranks cyber hygiene was at a high level. –Ship navigational ranks training is provided by the integrated navigational system (INS) vendor –Quite a high level of awareness. –Access controls are in place and enforced –Physical access allowed for authorized personnel –Hardware interfaces are kept in a locked case –Portable storage device handling is controlled. –Access controls are in place and enforced –Physical access allowed for authorized personnel –Hardware interfaces are kept in a locked case. –Authentication controls are in place and enforced –Default passwords are changed
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
