Cybersecurity Risk Assessment for Tankers and Defence Methods

Master Thesis
Oruc, Aybars
Piri Reis University Graduate Program in Maritime Transportation Management Engineering
Publication year: 2020


Ships take significant place in the maritime transport, and technological developments are rapidly reflected on ships. A wide range of equipments, such as GPS ECDIS, AIS and ARPA-Radar is utilized in this field in order to ensure safe navigation on a ship. However, several studies have also been published that show cyber vulnerabilities in navigational equipments. Moreover, cyber attacks in the maritime industry also have led to gain importance of cybersecurity at sea. When compared to other vessel types, such as dry cargo vessels and RO-ROs, tankers are more likely to pollute the environment, to cause more people to be injured or died and more economic loss after an arising accident due to the cargo they carry. Due to this known fact, inspections on cybersecurity have been started firstly on tankers through vetting programmes of TMSA, SIRE and CDI. IMO requires all maritime companies to carry out a cyber risk assessment by 2021. In this study, the potential cyber risks of equipments in the bridge, engine room and cargo control room on a tanker underway were assessed. As a result of the assessment, a total of 31 risks are identified in nine categories, and 37 procedural and technical measures that could be taken against these risks are examined. The risks either before taking measure or after taking measures are evaluated by using the Fuzzy Fine-Kinney method. Thus, effectiveness of the suggested measures is approached.