Qualitative Risk Assessment of Cybersecurity and Development of Vulnerability Enhancement Plans in Consideration of Digitalized Ship
Autor: | Han-Seon Park, Yun-Ja Yoo |
---|---|
Rok vydání: | 2021 |
Předmět: |
cybersecurity
Naval architecture. Shipbuilding. Marine engineering Vulnerability VM1-989 Analytic hierarchy process Ocean Engineering GC1-1581 02 engineering and technology Plan (drawing) Oceanography Computer security computer.software_genre Flag state risk matrix 0202 electrical engineering electronic engineering information engineering Risk management Water Science and Technology Civil and Structural Engineering cyber threat business.industry risk assessment 021001 nanoscience & nanotechnology risk identification Management system 020201 artificial intelligence & image processing Business 0210 nano-technology Risk assessment computer Physical security |
Zdroj: | Journal of Marine Science and Engineering Volume 9 Issue 6 Journal of Marine Science and Engineering, Vol 9, Iss 565, p 565 (2021) |
ISSN: | 2077-1312 |
DOI: | 10.3390/jmse9060565 |
Popis: | The International Maritime Organization (IMO) published the Guidelines on Maritime Cyber Risk Management in 2017 to strengthen cybersecurity in consideration of digitalized ships. As part of these guidelines, the IMO recommends that each flag state should integrate and manage matters regarding cyber risk in the ship safety management system (SMS) according to the International Safety Management Code (ISM Code) before the first annual verification that takes place on or after 1 January 2021. The purpose of this paper is to identify cybersecurity risk components in the maritime sector that should be managed by the SMS in 2021 and to derive priorities for vulnerability improvement plans through itemized risk assessment. To this end, qualitative risk assessment (RA) was carried out for administrative, technical, and physical security risk components based on industry and international standards, which were additionally presented in the IMO guidelines. Based on the risk matrix from the RA analysis results, a survey on improving cybersecurity vulnerabilities in the maritime sector was conducted, and the analytic hierarchy process was used to analyze the results and derive improvement plan priority measures. |
Databáze: | OpenAIRE |
Externí odkaz: |