Cybersecurity: a general framework in the maritime and military world
Keywords:Maritime cybersecurity, ships – military vessels, maritime risk management, cybersecurity threats
In recent decades, the production of information in studies and research papers on the subject of cybersecurity have addressed the convenience of developing cyberdefense capabilities regardless of whether the scope is industrial or military, corporate or State. However, despite the generation of policies to contribute to the synergy of protection, cybersecurity threats continue to grow, affecting all organizations regardless of their size. The article deals with the existing guidelines, policies and environments within the international framework of cybersecurity in the maritime environment and identifies how these are taken through particular measures to the environments of military maritime units.
G. A. WEAVER, B. FEDDERSEN, L. MARLA, D. WEI, A. ROSE, AND M. VAN MOER, "Estimating economic losses
from cyber- attacks on shipping ports: An optimization-based approach," Transp Res Part C Emerg Technol, vol. 137, Apr. 2022, https://doi.org/10.1016/j.trc.2021.103423
A. AMRO, A. ORUC, V. GKIOULOS, AND S. KATSIKAS, "Navigation Data Anomaly Analysis and Detection," Information (Switzerland), vol. 13, no. 3, Mar. 2022, https://doi.org/10.3390/info13030104
P. H. MELAND, K. BERNSMED, E. WILLE, J. RØDSETH, AND D. A. NESHEIM, "A Retrospective Analysis of Maritime Cyber Security Incidents," 519-530, vol. 15, no. 3, pp. 519-530, 2021, https://doi.org/10.12716/1001.15.03.04
K. TAM AND K. JONES, "MaCRA: a model-based framework for maritime cyber- risk assessment," WMU Journal of Maritime Affairs, vol. 18, no. 1, pp. 129-163, Mar. 2019,https://doi.org/10.1007/s13437-019-00162-2
T. P. AVANESOVA, L. K. GRUZDEVA, R. A. IUSKAEV, D. YU GRUZDEV, AND M. L. SOMKO, "Analysis of cyber-security aspects both ashore and at sea," IOP Conf Ser Earth Environ Sci, vol. 872, no. 1, Oct. 2021, https://doi.org/10.1088/1755-1315/872/1/012024
W. C. LEITE JUNIOR, C. C. DE MORAES, C. E. P. DE ALBUQUERQUE, R. C. S. MACHADO, AND A. O. DE SÁ, "A Triggering Mechanism for Cyber-Attacks in Naval Sensors and Systems," Sensors (Basel), vol. 21, no. 9, May 2021, https://doi.org/10.3390/s21093195
INTERNATIONAL MARITIME ORGANIZATION, "The ISPS Code and Chapter XI-2 of the SOLAS Convention." https://www.imo.org/es/OurWork/Security/Paginas/SOLAS-XI-2%20ISPS%20Code.aspx (accessed Feb. 06, 2023).
INTERNATIONAL MARITIME ORGANIZATION, "ISM Code and Guidelines for Implementation of the ISM Code." https://www.imo.org/es/OurWork/HumanElement/paginas/ismcode.aspx (accessed Feb. 06, 2023).
OMI, "GUIDELINES ON MARITIME CYBER RISK MANAGEMENT," MSC- FAL 1-Circ 3.docx, Jul. 05, 2017.
S. PAPASTERGIOU, N. POLEMI, AND P. KOTZANIKOLAOU, "Design and validation of the Medusa supply chain risk assessment methodology and system," International Journal of Critical Infrastructures, vol. 14, no. 1, pp. 1-39, 2018, https://doi.org/10.1504/IJCIS.2018.090647
K. NEWMEYER, E. CUBEIRO, AND M. SANCHEZ, "Cyberspace, Cybersecurity and Cyberwarfare," 2015, Accessed: Jan. 23, 2023. [Online]. Available: https://repositorio.esup.edu.pe/handle/20.500.12927/113
ORGANIZATION OF AMERICAN STATES, "Executive Summary Maritime Cybersecurity ," MARITIME CYBERNETIC SECURITY IN THE WESTERN HEMISPHERE , vol. 1, pp. 9-10, 2021, Accessed: Mar. 13, 2023. [Online]. Available: https://www.oas.org/es/sms/cicte/docs/La-seguridad-cibernetica-maritima-en-el-Hemisferio-Occidental-introduccion-y-directrices.pdf
ORGANIZATION OF AMERICAN STATES, "OAS Cybersecurity Program," OAS : CICTE: Cybersecurity: Activities, Feb. 02, 2022. https://www.oas.org/es/sms/cicte/prog-ciberseguridad.asp (accessed Mar. 12, 2023).
D. HEERING, "Ensuring cybersecurity in shipping: Reference to Estonian shipowners," TransNav, vol. 14, no. 2, pp. 271- 278, Jun. 2020, https://doi.org/10.12716/1001.14.02.01
NORTH ATLANTIC TREATY ORGANIZATION - NATO, “NATO - A POLITICAL AND MILITARY ALLIANCE,” 2.1 A Political and Military Alliance, 2016. https://www.nato.int/nato-welcome/index_es.html (accessed Mar. 12, 2023).
IMO, “International Maritime Organization ,” 2020. https://www.imo.org/es/About/Paginas/Default.aspx (accessed Mar. 25, 2023).
B. XING, J. DAI, AND S. LIU, “Enforcement of opacity security properties for ship information system,” International Journal of Naval Architecture and Ocean Engineering, vol. 8, no. 5, pp. 423–433, Sep. 2016, https://doi.org/10.1016/j.ijnaoe.2016.05.012
INTERNATIONAL MARITIME ORGANIZATION, “MARITIME CYBER RISK MANAGEMENT IN SAFETY MANAGEMENT SYSTEMS ,” 2017. https://wwwcdn.imo.org/localresources/en/OurWork/Security/Documents/Resolution%20MSC.428(98).pdf (accessed Mar. 28, 2023).
OCIMF - Oil Companies International Marine Forum, “Tanker Management and Self Assessment 3 - A Best PracticeGuide,” 2014. https://www.ocimf.org/es/publicaciones-y-promoci%C3%B3n/publicaciones/libros/tanker-management-and-self-assessment-3 (accessed Mar. 27, 2023).
IMCA, “International Maritime Contractors Association,” 2022. https://www.imca-int.com/about-imca/ (accessed Mar.13, 2023).
IMCA, “Security measures and emergency response guidelines - IMCA,” 2021. https://www.imca-int.com/product/security-measures-and-emergency-response-guidelines/ (accessed Mar. 13, 2023).
COLOMBIAN MINISTRY OF NATIONAL DEFENSE, “Permanent DirectiveDIR2014-18, ”2014. https://marinanet.armada.mil.co/system/files/basicpagefiles/A_Directiva2014-18_SeguridadInformaci%C3%B3n.pdf (accessed Jan. 25, 2023).
NATIONAL NAVY OF COLOMBIA, "Manual de Seguridad Digital," MANUAL DE SEGURIDAD DIGITAL ARMADA NACIONAL, 2022, Accessed: Jan. 25, 2023. [Online]. Available: https://marinanet.armada.mil.co/system/files/basicpagefiles/Manual%20de%20Seguridad%20Digital%20Armada%20Nacional.%20Segunda%20Edicion.%202022.%20V.%20Final%20Preliminar%20%20%28FP.%2018NOV2022%29.pdf
R. TALAS, "Port security," Advanced Sciences and Technologies for Security Applications, pp. 161-172, 2020, https://doi.org/10.1007/978-3-030-34630-0_10
Ž. TURK, B. GARCÍA DE SOTO, B. R. K. MANTHA, A. MACIEL, AND A. GEORGESCU, "A systemic framework for addressing cybersecurity in construction," Autom Constr, vol. 133, p. 103988, Jan. 2022, https://doi.org/10.1016/j.autcon.2021.103988
IEC, "Spanish Standardization IEC 61162- 460:2018 ," 2018. https://www.une.org/encuentra-tu-norma/busca-tu-norma/iec?c=63097 (accessed Mar. 11, 2023).
The MITRE Corporation, "MITRE ATT&CK®." https://attack.mitre.org/ (accessed Mar. 26, 2022).
A. C. AMORIM, M. MIRA DA SILVA, R. PEREIRA, AND M. GONÇALVES, "Using agile methodologies for adopting COBIT," Inf Syst, vol. 101, Nov. 2021, https://doi.org/10.1016/j.is.2020.101496
ISACA, "COBIT | Control Objectives for Information Technologies | ISACA," Mar. 19, 2022. https://www.isaca.org/resources/cobit
"BSI - Federal Office for Information Security." https://www.bsi.bund.de/DE/Home/home_ node.html (accessed Mar. 27, 2023).
"OWASP Foundation, the Open Source Foundation for Application Security | OWASP Foundation." https://owasp.org/ (accessed Mar. 27, 2023).
... A. P.-R. general and undefined 2022, "La gestión de los riesgos cibernéticos en los sistemas de seguridad en buques y empresas navieras," armada.defensa.gob.es, Accessed: Jan. 23, 2023. [Online]. Available: https://armada.defensa.gob.es/archivo/rgm/2022/03/rgmmar2022cap03.pdf
How to Cite
Copyright (c) 2023 Cotecmar
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors who publish in this Journal certify that:
- The work submitted for publication in The Ship Science and Technology journal, was written by the author, given that its content is the product of his/her direct intellectual contribution.
- All data and references to material already published are duly identified with their respective credits and are included in the bibliographic notes and quotations highlighted as such.
- All materials submitted for publication are completely free of copyrights; consequently, the author accepts responsibility for any lawsuit or claim related with Intellectual Property Rights thereof, Exonerating of responsibility to The Science and Technology for the Development of Naval, Maritime, and Riverine Industry Corporation, COTECMAR.
- In the event that the article is chosen for publication by The Ship Science and Technology journal, the author state that he/she totally transfers reproduction rights of such to The Science and Technology for the Development of Naval, Maritime, and Riverine Industry Corporation, COTECMAR.
- The authors retain the copyright and transfer to COTECMAR the right of publication and reproduction of the work which will be simultaneously subject to the Creative Commons Attribution License (CC -BY) , which allows the license to copy, distribute, display and represent the work and to make derivative works as long as it recognizes and cites the work in the manner specified by the author or licensor.
- For more information about the Creative Commons Attribution License (CC -BY) and his use and scope, please visit the following web page https://creativecommons.org/licenses/by-sa/4.0/legalcode