Cyber security risk assessment for seaports: A case study of a container port


Gunes B., Kayişoğlu G. , Bolat P.

Computers and Security, vol.103, 2021 (Journal Indexed in SCI) identifier identifier

  • Publication Type: Article / Article
  • Volume: 103
  • Publication Date: 2021
  • Doi Number: 10.1016/j.cose.2021.102196
  • Title of Journal : Computers and Security
  • Keywords: Cyber physical system, Port cyber security, Cyber security risk assessment

Abstract

© 2021 Elsevier LtdSeaports are fixed infrastructures of maritime transportation systems. Through Industry 3.0 and Industry 4.0, ports have faced with digital transformation based on networked cyber physical systems to be a part of smart and intelligent transportation systems. However, besides the advantages, this transformation has brought cyber security gaps and threats which can be resulted in breakdowns in maritime transportation domain. Therefore, port and port facilities should be prepared for cyber threats through holistic risk assessment frameworks for developing proactive actions. Based on these facts, this study has proposed to apply an integrated cyber risk assessment method for a container port with a cyber-physical perspective through analyzing four exemplary cyber-attack scenarios. For each cyber-attack scenario, risk assessment methodology has been applied using integrated cyber security management approach by taking into account the cyber physical assets of the container port. Results show that for the specified cyber threats, the risks have been evaluated non acceptable. Mitigation strategies have also been presented briefly in conclusion.