Original scientific paper
https://doi.org/10.31217/p.33.2.7
Shipboard ECDIS Cyber Security: Third-Party Component Threats
Boris Svilicic
orcid.org/0000-0002-7280-9525
; University of Rijeka, Faculty of Maritime Studies, Rijeka, Croatia
Igor Rudan
; University of Rijeka, Faculty of Maritime Studies, Studentska 2, 51000 Rijeka, Croatia
Vlado Frančić
; University of Rijeka, Faculty of Maritime Studies, Rijeka, Croatia
Mateo Doričić
; University of Rijeka, Faculty of Maritime Studies, Rijeka, Croatia
Abstract
The Electronic Chart Display and Information System (ECDIS) plays a central role in safe navigation of ships. The ECDIS is basically a software package running on a general operating system that could be comprised of the third-party components. This paper presents an analysis of cyber security weaknesses of a shipboard ECDIS raising from the ECDIS software’s third-party components. The analysis is based on the cyber security testing of the shipboard ECDIS using an industry vulnerability scanner. Detected vulnerabilities are analysed regarding the protection measures implemented on the ship. The results suggest that even the type approved ECDIS system with maintained ECDIS software and the underlying operating system could be vulnerable due to weaknesses in the ECDIS software’s third-party components.
Keywords
Navigation safety; ECDIS; Maritime cyber security; Cyber security testing; Third-party threat
Hrčak ID:
229306
URI
Publication date:
19.12.2019.
Visits: 3.118 *