Shipping 4.0: Security Requirements for the Cyber-Enabled Ship

The cyber-enabled ship (C-ES) is either an autonomous or a remotely controlled vessel which relies on interconnected cyber physical-systems for its operations. Such systems are not well protected against cyberattacks. Considering the criticality of the functions that such systems provide, it is important to address their security challenges, thereby ensuring the ship's safe voyage. In this article, we leverage the maritime architectural framework reference architecture to analyze and describe the environment of the C-ES. We then apply the Secure Tropos methodology to systematically elicit the security requirements of the three most vulnerable cyber-physical systems (CPSs) onboard a C-ES, namely the automatic identification system (AIS), the electronic chart display information system, and the global maritime distress and safety system. The outcome is a set of cyber-security requirements for the C-ES ecosystem in general and these systems in particular.