ISSN 2083-6473
ISSN 2083-6481 (electronic version)




Associate Editor
Tomasz Neumann

Published by
TransNav, Faculty of Navigation
Gdynia Maritime University
3, John Paul II Avenue
81-345 Gdynia, POLAND
www http://www.transnav.eu
e-mail transnav@am.gdynia.pl
A Taxonomy Framework for Maritime Cybersecurity: A Demonstration Using the Automatic Identification System
1 Embry-Riddle Aeronautical University, FL, Daytona Beach, United States
2 Embry-Riddle Aeronautical University, AZ, Prescott, United States
ABSTRACT: The maritime transportation system is increasingly a target of cyber attacks. This paper describes a taxonomy that supports the creation of adversarial cyber models, risk mitigation, and resiliency plans as applied to the maritime industry, using the Automatic Identification System as a specific illustration of the approach. This method has already been applied to the aviation sector; retooling it for a maritime example demonstrates its broad applicability to the transportation sector, in general.
Balduzzi, M., Wilhoit, K., & Pasta, A. (2014, December). A Security Evaluation of AIS. Trend Micro Research Paper. Retrieved from https://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-a-security-evaluation-of-ais.pdf
Barki, D., & Délèze-Black, L. (Eds.) (2017). Review of Maritime Transport 2017. United Nations Conference On Trade And Development, UNCTAD/RMT/2017. New York: United Nations. Retrieved from http://unctad.org/en/PublicationsLibrary/rmt2017_en.pdf
Boukhtouta, A., Mouheb, D., Debbabi, M., Alfandi, O., Iqbal, F., & El Barachi, M. (2015). Graph-theoretic characterization of cyber-threat infrastructures. Digital Investigation, 14, S3-S15. Retrieved from https://www.dfrws.org/sites/default/files/session-files/paper-graph-theoretic_characterization_ of_cyber-threat_infrastructures.pdf - doi:10.1016/j.diin.2015.05.002
Gauthier, R., & Seker, R. (2018, January). Addressing Operator Privacy in Automatic Dependent Surveillance - Broadcast (ADS-B). In Proceedings of the 51st Hawaii International Conference on System Sciences (HICSS), Waikoloa Village, HI, USA, pp. 52-61. - doi:10.24251/HICSS.2018.693
Haass, J., Craiger, J.P., & Kessler, G.C. (2018). A Framework and Taxonomy for Aviation Cybersecurity. In Proceedings of the 2018 IEEE National Aerospace & Electronics Conference (NAECON) 2018, July 23-26, 2018, Dayton, Ohio. Los Alamitos (CA): IEEE Press.
Haass, J.C., Sampigethaya, K., & Capezzuto, V. (2016, July). Aviation Cybersecurity: Opportunities for Applied Research. Transportation Research Board TR News Magazine, (304)39-43.
Hexeberg, S., Flåten, A.L., Eriksen, B.H., & Brekke, E.F. (2017). AIS-Based Vessel Trajectory Prediction. In Proceedings of the 2017 20th International Conference on Information Fusion (Fusion), Xi'an, pp. 1-8. https://doi.org/10.23919/ICIF.2017.8009762 - doi:10.23919/ICIF.2017.8009762
Hrala, J. (2016, February 12). The Scary, Practical Reason The US Navy Is Once Again Teaching Celestial Navigation. Science Alert Web site. Retrieved from https://www.sciencealert.com/the-scary-practical-reason-the-navy-is-once-again-teaching-celestial-navigation
International Maritime Organization (IMO). (2002, July 1). International Convention for the Safety of Life at Sea (SOLAS), Chapter V (Safety of Navigation), Regulation 19 (Carriage requirements for shipborne navigational systems and equipment). Retrieved from https://mcanet.mcga.gov.uk /public/c4/solas/index.html
International Maritime Organization (IMO). (2018). Maritime Security - AIS Ship Data. AIS Transponders Web page. Retrieved from http://www.imo.org/en/OurWork/Safety/Navigation/Pages/AIS.aspx
International Telecommunication Union (ITU). (2014, February). Technical Characteristics for an Automatic Identification System Using Time Division Multiple Access in the VHF Maritime Mobile Frequency Band. M-Series: Mobile, radiodetermination, Amateur and Related Satellite Services. ITU-R Recommendation M.1371-5. Retrieved from https://www.itu.int/dms_pubrec/itu-r/rec/m/R-REC-M.1371-5-201402-I!!PDF-E.pdf
International Telecommunication Union (ITU). (2015, March). Assignment and Use of Identities in the Maritime Mobile Service. M-Series: Mobile, radiodetermination, Amateur and Related Satellite Services. ITU-R Recommendation M.585-7. Retrieved from https://www.itu.int /dms_pubrec/itu-r/rec/m/R-REC-M.585-7-201503-I!!PDF-E.pdf
Johnston, R.G. (2018, August). Vulnerabilities Trump Threats Maxim. Security Maxims. Right Brain Sekurity. Retrieved from http://rbsekurity.com/Papers/security maxims with axe.pdf
Kessler, G.C. (2018, August 11). An Overview of Cryptography. Retrieved from https://www.garykessler.net/library/crypto.html
Kessler, G.C. (In press, expected 2019, Spring). Cybersecurity in the Maritime Domain. Proceedings of the USCG Marine Safety & Security Council.
Last, P., Bahlke, C., Hering-Bertram, M., & Linsen, L. (2014, September). Comprehensive Analysis of Automatic Identification System (AIS) Data in Regard to Vessel Movement Prediction. The Journal of Navigation, 67(5), 791-809. https://doi.org/10.1017/S0373463314000253 - doi:10.1017/S0373463314000253
Mansouri, M., Gorod, A., Wakeman, T.H., & Sauser, B. (2009). A Systems Approach to Governance in Maritime Transportation System of Systems. Proceedings of the IEEE International Conference on System of Systems Engineering (SoSE). Albuquerque, NM.
MarEx. (2018, April 3). Kongsberg and Wilhelmsen Launch Autonomous-Shipping JV. The Maritime Executive. Retrieved from https://www.maritime-executive.com/article/kongsberg-and-wilhelmsen-launch-autonomous-shipping-jv
Mazzarella, F., Arguedas, V.F., & Vespe, M. (2015). Knowledge-Based Vessel Position Prediction Using Historical AIS Data. In Proceedings of 2015 Sensor Data Fusion: Trends, Solutions, Applications (SDF), Bonn, 2015, pp. 1-6. https://doi.org/10.1109/SDF.2015.7347707 - doi:10.1109/SDF.2015.7347707
Parker, D.B. (2015). Toward a New Framework for Information Security? In S. Bosworth, M.E. Kabay, & E. Whyne (Eds.), Computer Security Handbook, 6th ed. (pp 3.1-3.23). Hoboken, NJ: John Wiley & Sons, Inc.
Purton, L., Abbass, H., & Alam, S. (2010). Identification of ADS-B System Vulnerabilities and Threats. In Proceedings of the Australasian Transport Research Forum 2010, 29 September - 1 October 2010, Canberra, Australia.
Raymond, E.S. (2016, August). AIVDM/AIVDO Protocol Decoding. Version 1.52. Retrieved from http://catb.org/gpsd/AIVDM.html
Ridden, P. (2018, September 4). Unmanned Surface Vessel Successfully Crosses Atlantic. New Atlas Web site. Retrieved from https://newatlas.com/offshore-sensing-sailbuoy-met-atlantic/56204/
Roberts, F.S. (2015, January). Vulnerabilities of Cyber-Physical Systems: From Football to Oil Rigs. Retrieved from http://www.dimacs.rutgers.edu/People/Staff/ froberts/CyberPhysicalSystemsFootballOilRigs1-3-15.pptx.pdf
Serpanos, D. (2018, March). The Cyber-Physical Systems Revolution. Computer, 51(3), 70-73. - doi:10.1002/9781118851678.ch3
Shine Micro. (n.d.). AIS Overview. Retrieved from https://www.shinemicro.com/ais-overview/
Strohmeier, M., Lenders, V., & Martinovic, I. (2015). On the Security of the Automatic Dependent Surveillance-Broadcast Protocol. IEEE Communications Surveys & Tutorials, 17(2), 1066-1087. - doi:10.1109/COMST.2014.2365951
U.S. Coast Guard (USCG). (2014, June 4). Encrypted Automatic Identification System (EAIS) Interface Design Description (IDD). Command, Control, and Communications Engineering Center (C3Cen).Retrieved from https://epic.org/foia/dhs/uscg/nais/EPIC-15-05-29-USCG-FOIA-20151030-Production-2.pdf
U.S. Coast Guard (USCG). (2018, July 24). AIS Requirements. USCG Navigation Center Web site. Retrieved from https://www.navcen.uscg.gov/?pageName=AISRequirementsRev
U.S. Department of Transportation (DOT). (n.d.). Marine Transportation System (MTS). Maritime Administration (MARAD) Web site. Retrieved from https://www.marad.dot.gov/ports/marine-transportation-system-mts/
Wikipedia. (2018, July 17). Automatic Identification System. Retrieved from https://en.wikipedia.org /wiki/Automatic_identification_system
World Shipping Council. (n.d.). Trade Statistics. Retrieved from http://www.worldshipping.org/about-the-industry/global-trade/trade-statistics
Citation note:
Kessler G.C., Craiger J.P., Haass J.C.: A Taxonomy Framework for Maritime Cybersecurity: A Demonstration Using the Automatic Identification System. TransNav, the International Journal on Marine Navigation and Safety of Sea Transportation, Vol. 12, No. 3, doi:10.12716/1001.12.03.01, pp. 429-437, 2018
Authors in other databases:
Gary C. Kessler: Scopus icon23976166100 Scholar iconnj-uIMUAAAAJ
Philip Craiger: Scopus icon23666920900 Scholar icon9BoltZQAAAAJ
Jon C. Haass: Scholar icon-s4XeE4AAAAJ

File downloaded 49 times

Important: TransNav.eu cookie usage
The TransNav.eu website uses certain cookies. A cookie is a text-only string of information that the TransNav.EU website transfers to the cookie file of the browser on your computer. Cookies allow the TransNav.eu website to perform properly and remember your browsing history. Cookies also help a website to arrange content to match your preferred interests more quickly. Cookies alone cannot be used to identify you.
Akceptuję pliki cookies z tej strony