ECDIS Cyber Security Dynamics Analysis based on the Fuzzy-FUCOM Method

Authors

  • Gizem Kayişoğlu Istanbul Technical University, Maritime Faculty, Istanbul, Türkiye
  • Bünyamin Güneş Ministry of Transport and Infrastructure, Maritime General Directorate, Ankara, Türkiye
  • Pelin Bolat Istanbul Technical University, Maritime Faculty, Istanbul, Türkiye

DOI:

https://doi.org/10.7225/toms.v13.n01.w09

Keywords:

ECDIS cyber security, Maritime cyber security, FUCOM, ECDIS IT and OT dynamic

Abstract

ECDIS is one of the most important pieces of navigational and information equipment on board ships, as well as a vital component of the ship's cyberspace. ECDIS has cyber vulnerabilities because of its connections to external systems like RADAR or GPS, sensors via serial (IEC61162-1/2), analogue, and digital interfaces, as well as onboard Wi-Fi, internet, and LAN technologies. This study identifies and ranks the cyber risks that cause ECDIS control loss, as well as the barriers that can be put in place to stop them, the potential consequences if they are not stopped, and the mitigations that can be utilised to avoid them. Due to a lack of historical data and research on identifying and prioritising ECDIS cyber security dynamics in the literature and the fact that this field necessitates specialised knowledge in terms of computer science and operational maritime navigation, the Fuzzy Triangular Full Consistency Method (FUCOM-F), based on expert opinion, is used in this study. Then, a bow-tie framework is employed to visualize the dynamics of ECDIS cyber security and their hierarchical classification from the analysis as a cyber-architecture. The results indicate that the primary cyber threat for ECDIS is "malware infection via the internet and intranet (M1)." The primary potential consequence, in the event that these cyber threats targeting ECDIS cannot be prevented, is the unavailability of the system (O1). The most efficient barriers against M1 attacks are “up-to-date virus protection” and “scanning software," while the most crucial measure to prevent the impact of O1 is "network segregation." Consequently, in addition to its strong methodological foundation, this research offers significant benefits to maritime professionals and cybersecurity experts by providing valuable insights on preventing cyber-attacks on bridge system infrastructure, particularly ECDIS.

Author Biographies

Gizem Kayişoğlu, Istanbul Technical University, Maritime Faculty, Istanbul, Türkiye

Department of Maritime Transportation Management Engineering

Bünyamin Güneş, Ministry of Transport and Infrastructure, Maritime General Directorate, Ankara, Türkiye

Istanbul Technical University Maritime Faculty, PhD candidate

Ministry of Transport and Infrastructure, Maritime General Directorate, Department of Maritime Safety and Security, Ankara, Türkiye

Pelin Bolat, Istanbul Technical University, Maritime Faculty, Istanbul, Türkiye

Department of Basic Sciences

Published

2024-02-20

How to Cite

Kayişoğlu, G., Güneş, B. and Bolat, P. (2024) “ECDIS Cyber Security Dynamics Analysis based on the Fuzzy-FUCOM Method”, Transactions on Maritime Science. Split, Croatia, 13(1). doi: 10.7225/toms.v13.n01.w09.
Bookmark and Share