查看文章

The widespread adoption of software-intensive IT systems in ships has brought huge benefits, yet it also has offered new avenues for malicious cyberattacks to potentially disrupt shipping operations. It follows that a focus on the security and resilience properties of IT-enabled ship systems (CyberShip) to understand cyber threats and their potential risks, can result in a system design that is better prepared to detect and react to these attacks. This paper explores the vulnerabilities that can be exploited, beyond component failure, by understanding the interaction between the components in a ship, through the use of the system theoretic process analysis (STPA) method, which considers both physical and cyber components. From this analysis, two main advantages of STPA are highlighted. First, STPA uncovers more hazardous situations at the design level. Second, STPA analysis results in design recommendations to secure shipping system against cyber attacks, and independent of the source of the attacks, by focusing on the system structure.