MaCRA: a model-based framework for maritime cyber-risk assessment

In the current economy, roughly 90% of all world trade is transported by the shipping industry, which is now accelerating its technological growth. While the demand on mariners, ship owners, and the encompassing maritime community for digital advances (particularly towards digitization and automation) has led to efficient shipping operations, maritime cyber-security is a pertinent issue of equal importance. As hackers are becoming increasingly aware of cyber-vulnerabilities within the maritime sector, and as existing risk assessment tools do not adequately represent the unique nature of maritime cyber-threats, this article introduces a model-based risk assessment framework which considers a combination of cyber and maritime factors. Confronted with a range of ship functionalities, configurations, users, and environmental factors, this framework aims to comprehensively present maritime cyber-risks and better inform those in the maritime community when making cyber-security decisions. By providing the needed maritime cyber-risk profiles, it becomes possible to support a range of parties, such as operators, regulators, insurers, and mariners, in increasing overall global maritime cyber-security.