Smart Terminal System of Systems’ Cyber Threat Impact Evaluation
Simola, J., Pöyhönen, J., & Lehto, M. (2023). Smart Terminal System of Systems’ Cyber Threat Impact Evaluation. In A. Andreatos, & C. Douligeris (Eds.), Proceedings of the 22nd European Conference on Cyber Warfare and Security (pp. 439-449). Academic Conferences International. Proceedings of the European Conference on Cyber Warfare and Security, 22. https://doi.org/10.34190/eccws.22.1.1070
Date
2023Copyright
© 2023 European Conference on Cyber Warfare and Security
Systems of system-level thinking is required when the purpose is to develop a coherent understanding of the ecosystem where every user and system requirements are divided into specific parts. The smarter project, as a part of the Sea4value program of DIMECC, aims to develop harbor operations, including passenger and cargo transportation, in a way that port processes will improve, emissions will decrease, and overall security will enhance in smart ports. This paper describes cyber-attack impacts against the Smart terminal system of systems in the cyber realm by utilizing the MITRE ATTACK® framework to map the objectives of threat actors. The Smart Terminal system environment includes ICT, ICS networks and components, communication systems, and port service systems. Internal and external threat sources or actors are hard to divide exactly because of the diversity of the threats. Hybrid threats challenge maritime domain awareness globally. The cyber threat impacts on IT and OT environments are connected to each other because of the use of internal and external networks that impact each other by combining vulnerabilities and threats. Well-working port and terminal operations require not only protected operational systems or sensor systems, but human errors must also be minimized. Objectives of threat actors are presented, categorized, and listed. Threat scenarios illustrate that cyber threats and risks are mainly similar in the maritime global-linked port community and basic hinterland trade. The networked supply chain of the business causes evolving and combined threat scenarios. European and international standards, regulations, policies, recommendations, and, e.g., guidelines by the IMO, set new cyber-threat requirements for port and terminal services and facilities. Therefore, overall security must be considered when cyber-security is the development area. Information exchange in an understandable form is essential for maintaining business continuity. Threat information has to be transferred among stakeholders as well as cyber security codes have to be followed in the port operations of partners that are involved, for example, in operational and system-level actions. Digitalization in smart ports and terminals enhances the capacity to handle cargo and passengers more efficiently, but cyber threats evolve.
...
Publisher
Academic Conferences InternationalParent publication ISBN
978-1-914587-69-6Conference
European Conference on Cyber Warfare and SecurityIs part of publication
Proceedings of the 22nd European Conference on Cyber Warfare and SecurityISSN Search the Publication Forum
2048-8602Keywords
Publication in research information system
https://converis.jyu.fi/converis/portal/detail/Publication/183733020
Metadata
Show full item recordCollections
License
Related items
Showing items with similar title or keywords.
-
Cyber Threat Analysis in Smart Terminal Systems
Simola, Jussi; Pöyhönen, Jouni; Martti, Lehto (Academic Conferences International Ltd, 2023)Cyber threats create significant factors that challenge traditional threat prevention mechanisms in harbor areas and port terminals. It has been recognized that understanding security functionalities in the harbor area is ... -
Comprehensive cyber security for port and harbor ecosystems
Pöyhönen, Jouni; Lehto, Martti (Frontiers Media, 2023)Global maritime transportation and logistics systems are essential parts of critical infrastructures in every society, and a crucial part of maritime logistics processes are seaports. In the coming years, digitalization ... -
TARA+AD: Threat Analysis and Risk Assessment for Automated Driving : cybersecurity of road vehicles
Loskin, Ilona (2023)Cybersecurity of road vehicles has become a genuine matter as vehicles are not manufactured anymore as plain mechanical devices but containing numerous amounts of computers and millions of lines of code. The intelligent ... -
On the (In)Security of 1090ES and UAT978 Mobile Cockpit Information Systems : An Attacker Perspective on the Availability of ADS-B Safety- and Mission-Critical Systems
Khandker, Syed; Turtiainen, Hannu; Costin, Andrei; Hämäläinen, Timo (Institute of Electrical and Electronics Engineers (IEEE), 2022)Automatic dependent surveillance-broadcast (ADS-B) is a key air surveillance technology and a critical component of next-generation air transportation systems. It significantly simplifies aircraft surveillance technology ... -
Basic Elements of Cyber Security for a Smart Terminal Process
Pöyhönen, Jouni; Simola, Jussi; Lehto, Martti (Academic Conferences International Ltd, 2023)Global maritime transportation and logistics systems are essential parts of critical infrastructures in every society, and a crucial part of maritime logistics processes are seaports. Digitalization helps improve the ...