Safety related cyber-attacks identification and assessment for autonomous inland ships

Recent advances in the maritime industry include the research and development of new sophisticated ships including the autonomous ships. The new autonomy concept though comes at the cost of additional complexity introduced by the number of systems that need to be installed on-board and on-shore, the software intensiveness of the complete system, the involved interactions between the systems, components and humans and the increased connectivity. All the above results in the increased system vulnerability to cyber-attacks, which may lead to unavailability or hazardous behaviour of the critical ship systems. The aim of this study is the identification of the safety related cyber-attacks to the navigation and propulsion systems of an inland autonomous ship as well as the safety enhancement of the ship systems design. For this purpose, the Cyber Preliminary Hazard Analysis method is employed supported by the literature review of the system vulnerabilities and potential cyber-attacks. The Formal Safety Assessment risk matrix is employed for ranking of the hazardous scenarios. The results demonstrate that a number of critical scenarios can arise on the investigated autonomous vessel due to the known vulnerabilities. These can be sufficiently controlled by introducing appropriate modifications of the system design

A novel risk assessment process : application to an autonomous inland waterways ship

Effectively addressing safety, security and cyber-security challenges is quintessential for progressing the development of next generation maritime autonomous shipping. This study aims at developing a novel hybrid, semi-structured process for the hazardous scenarios identification and ranking. This method integrates the operational and functional hazard identification approaches, whilst considering the safety, security and cybersecurity hazards. This method is applied to comprehensively assess the safety of an autonomous inland waterways ship at a preliminary design phase. The hazardous scenarios are identified and ranked by a number of experts participating in a series of sessions. The identified hazards risk is estimated considering the frequency and severity indices, whereas their uncertainty is estimated by employing the standard deviations in these two indices among the experts ranking results. Epistemic uncertainty is also considered during ranking. Risk control measures are proposed to de-risk the critical hazards. The results reveal that the most critical hazards from the safety, security and cybersecurity perspectives pertain to the situation awareness, remote control and propulsion functions. Based on the derived results, design enhancements along with high-level testing scenarios for the investigated autonomous ship are also proposed

Risk assessment of the operations of maritime autonomous surface ships

Maritime Autonomous Surface Ships (MASS) are attracting increasing attention in the maritime industry. Despite the expected benefits in reducing human error and significantly increasing the overall safety level, the development of autonomous ships would undoubtedly introduce new risks. The overall goal of this work is to develop an approach to evaluate the risk level of major hazards associated with MASS. To that extent, a Failure Modes and Effects Analysis (FMEA) method is used in conjunction with Evidential Reasoning (ER) and Rule-based Bayesian Network (RBN) to quantify the risk levels of the identified hazards. The results show that ‘interaction with manned vessels and detection of objects’ contributes the most to the overall risk of MASS operations, followed by ‘cyber-attacks’, ‘human error’ and ‘equipment failure’. The findings provide useful insights on the major hazards and can aid the overall safety assurance of MASS

Cyber-Attacks Against the Autonomous Ship

Autonomous ships transferring valuable cargoes and humans in a more efficient and cost effective manner will soon be state of the art technology. Yet, their ICT system architecture and operations have not been defined in full detail. Moreover, multiple cyber security issues remain open and should be addressed. No study to date has analyzed fully the architecture of the autonomous ship, even less so have potential cyber threats and cyber attacks been identified. In this paper we identify and categorize systems that make up an autonomous ship, we propose a generic system architecture, and we analyze the cyber security of the ship by leveraging the STRIDE threat modeling methodology to identify potential cyber attacks, and to analyze the accordant risk. The results will support ship designers and industry towards improving the autonomous ship system architecture and making ship operations more secure