Cyber security risk assessment in autonomous shipping

Abstract

Autonomous ships would require higher cyber-physical interaction in comparison with traditional shipping operations, thus increasing the vulnerabilities associated with cyber security. The increasing complexity surrounding the innate characteristics of the shipping industry makes it challenging to build a resilient framework for ensuring cyber security. This study proposes a multi-criteria decision-making (MCDM) framework for assessing cyber security risk in the autonomous shipping context. The research was validated through surveying subject matter experts, system designers and seafarers. Different types of equipment and systems are ranked based on their perceived vulnerability to cyber threats. Survey data from 28 subject matter experts are collected and analysed through the Bayesian best–worst method (BWM). At system level, the results indicate that navigational systems are the most vulnerable to potential cyber threats, while propulsion systems are the least vulnerable element in the context of future autonomous shipping operations. On a sub-system level, the three most vulnerable parts are Global Navigation Satellite System (GNSS), Electronic Chart Display and Information System (ECDIS) and the communication devices on shore control centres (SCC), while the least vulnerable parts are engine controls, SCC integration platforms and cargo handling at ports.