Security and Resilience for a 4.0 Ship

Information and communication technology is widely adopted in modern ships to manage and control a wide range of subsystems such as those that control navigation and access to ship or to entertain people on board. Furthermore, to maximize efficiency and saving, all these systems are interconnected to the Internet and accessible from remote locations. The reliance on information and communication technology and system interconnection results in new vulnerabilities exposed to adversarial agents. The system interconnection also blurs the distinction between safety and security because an attack on one of the two properties may have a side effect on the other one. We briefly review the cyber risk posed by the increasing adoption of the Industry 4.0 technology in the maritime sector and discuss how the existence of several IT and OT components may increase the resulting risk. We briefly review some strategies to analyze possible attacks and describe an automated solution to assess and manage the overall resulting risk. Lastly, we discuss a risk assessment and management of a real ship and a strategy to increase the ship resiliency.