Abstract
Recent innovations in the smart city and the maritime domains have led to the proposition of a new mode of transportation utilizing Autonomous Passenger Ships (APS) or ferries in inland waterways. The novelty of the APS concept has raised a wide range of challenges regarding the interconnection of various components for the provisioning of navigational tasks. Additionally, the new mode of operation has influenced the cyber risk paradigm and led to different considerations regarding attack objectives, techniques as well as risk management approaches. Due to the fact that the APS technology is recent, defining the technical scope is the first challenge this thesis is addressing. This is sought through the identification of the APS expected operational context, relevant stakeholders, standards, guidelines, and functions. In addition to that, this thesis addresses the technical challenges related to interconnecting the APS components with their operational context in a secure and safe manner. This is sought through the definition of a suitable communication architecture for the APS and a cyber risk management process to develop a cybersecurity architecture capable of identifying and managing the cyber risks against the APS. To realize that, the design science research methodology (DSRM) is followed with a group of relevant system engineering standards and processes. At each phase of the research, the academic and industrial perspectives are gathered to design, develop, demonstrate and evaluate the artifacts that are needed for achieving the research objectives. The work in this thesis has resulted in the design, implementation, and evaluation of a suitable communication architecture for the APS technology supporting the current technology posture and includes flexible, modular, and resilient principles that designate it as candidate architecture for future iterations of the technology. Additionally, a suitable cyber risk management approach has been proposed and evaluated to measure its suitability for the APS technology. The cyber risk management approach named Threat Informed Defense in Depth (TIDiD) combines two cybersecurity strategies, namely, Threat Informed Defense and Defense in Depth. TIDiD includes a cyber risk assessment approach which is another result of this thesis. The approach is named FMECA-ATT&CK as it is based on the Failure mode, effects, and criticality analysis (FMECA) that is enhanced with the knowledge and semantics in the Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework. FMECA-ATT&CK supports the efforts for comprehensive and continuous cyber risk assessment and management through the identification of cyber risks in the APS components and proposes suitable risk mitigation measures. Then, later steps of TIDiD process aim to integrate the proposed risk mitigation measures into a cybersecurity architecture for risk analysis, monitoring, and treatment. Some areas were further explored including navigation data anomaly analysis and detection and the utility of the Automatic Identification System (AIS) in establishing covert channels for command and control activities during the development of cyber attacks. Each produced artifact was demonstrated and evaluated through a combination of evaluation methods including simulation, checklists, adversary emulation, and engagement of experts. Trials involving existing communication technologies have shown success for the APS as a novel maritime transportation technology. By using existing solutions and processes, including those in this thesis, the security of the system has been enhanced. There are still many areas that require additional attention in order to improve the capabilities of remote monitoring and the cybersecurity posture of the APS. Therefore, APS technology and similar maritime technologies are worthy of exploration in the future.