Cyber security risk assessment for seaports: A case study of a container port

Gunes B., Kayişoğlu G., Bolat P.

Computers and Security, vol.103, 2021 (SCI-Expanded) identifier identifier

  • Publication Type: Article / Article
  • Volume: 103
  • Publication Date: 2021
  • Doi Number: 10.1016/j.cose.2021.102196
  • Journal Name: Computers and Security
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus, PASCAL, ABI/INFORM, Aerospace Database, Applied Science & Technology Source, Business Source Elite, Business Source Premier, Communication Abstracts, Computer & Applied Sciences, Criminal Justice Abstracts, INSPEC, Metadex, Civil Engineering Abstracts
  • Keywords: Cyber physical system, Port cyber security, Cyber security risk assessment
  • Istanbul Technical University Affiliated: Yes


© 2021 Elsevier LtdSeaports are fixed infrastructures of maritime transportation systems. Through Industry 3.0 and Industry 4.0, ports have faced with digital transformation based on networked cyber physical systems to be a part of smart and intelligent transportation systems. However, besides the advantages, this transformation has brought cyber security gaps and threats which can be resulted in breakdowns in maritime transportation domain. Therefore, port and port facilities should be prepared for cyber threats through holistic risk assessment frameworks for developing proactive actions. Based on these facts, this study has proposed to apply an integrated cyber risk assessment method for a container port with a cyber-physical perspective through analyzing four exemplary cyber-attack scenarios. For each cyber-attack scenario, risk assessment methodology has been applied using integrated cyber security management approach by taking into account the cyber physical assets of the container port. Results show that for the specified cyber threats, the risks have been evaluated non acceptable. Mitigation strategies have also been presented briefly in conclusion.