Abstract

The Electronic Chart Display and Information System (ECDIS) plays a central role in safe navigation of ships. The ECDIS is basically a software package running on a general operating system that could be comprised of the third-party components. This paper presents an analysis of cyber security weaknesses of a shipboard ECDIS raising from the ECDIS software’s third-party components. The analysis is based on the cyber security testing of the shipboard ECDIS using an industry vulnerability scanner. Detected vulnerabilities are analysed regarding the protection measures implemented on the ship. The results suggest that even the type approved ECDIS system with maintained ECDIS software and the underlying operating system could be vulnerable due to weaknesses in the ECDIS software’s third-party components.

Highlights

  • The Electronic Chart Display and Information System (ECDIS) has significantly changed the ship navigation by providing real-time navigational information and reduction of workload from paper charts (Brčić et al, 2019), and enhancing the efficiency and safety

  • The ECDIS is basically a software package running on a general operating system that could be comprised of the third-party components

  • The analysis is based on the cyber security testing of the shipboard ECDIS using an industry vulnerability scanner

Read more

Summary

Introduction

The Electronic Chart Display and Information System (ECDIS) has significantly changed the ship navigation by providing real-time navigational information and reduction of workload from paper charts (Brčić et al, 2019), and enhancing the efficiency and safety. The ECDIS development for about three decades into the complex computer-based system has raised a need to protect the safe navigation from cyber threats (Svilicic et al, 2019a; Tam and Jones, 2019; Svilicic et al, 2019b; Hareide et al, 2018; Kessler et al, 2018; Lee et al, 2017). The ECDIS is basically a software package with standardized functionality by IMO performance standards (IMO, 2017c), which is running on a general operating system from a different manufacturer than the system itself. It has been shown that the ECDIS underlying operating system is a source of major cyber threats (Svilicic et al, 2019b; Svilicic et al, 2019c).

Shipboard ECDIS
Third-party components Allows for the exploitation of well known
Results and discussion
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call