Integral Approach to Vulnerability Assessment of Ship’s Critical Equipment and Systems

Abstract

The digital transformation of the maritime industry is almost a fait accompli. Merchant ships today use computing and cyber-dependent technologies for navigation, communications, cargo operations, environmental monitoring, and many other purposes. Nowadays, entire industries and businesses are becoming increasingly dependent on data arrays, and the maritime sector is fully experiencing this transformation.  A modern commercial ship is unthinkable without digital technology, and the reasons for the deep digitalization of the fleet are numerous. Emergency systems such as safety monitoring, fire detection and alarms are increasingly reliant on cyber technology. Therefore, cybersecurity is a critical component of ship and shipping safety, and cyber-attacks on maritime transport are a very likely problem. These risks will only increase with the further development of information technology. This article proposes approaches to identifying cyber threats as well as a probabilistic assessment of ship cybersecurity, which is based on an integral approach to assessing the vulnerability of shipboard critical equipment and systems. Estimated probabilities of target and non-target cybersecurity breaches of the ship, as well as their overall probability, which allows considering all chains of events leading to a certain consequence associated with potential losses. The model of probability assessment of ship cybersecurity violation and its consequences, which allows evaluation of possible losses as a result of these events, is presented and mathematically described.