Application of Bayesian Networks for Real Time Cyber Security Crisis Classification in Passenger Ships

The shipping industry increasingly relies on Information Technology (IT) and Operational Technology (OT), which undoubtedly improve operations but also jeopardize vessel safety and security. Risks may arise from vulnerabilities in the design, operation, integration, connection and maintenance of these systems, that external or internal threat agents could exploit. This paper presents a cyber-risk assessment model utilizing Bayesian Networks (BN) for real-time crisis classification of cyber security incidents attributed to detected vulnerabilities in the IT and OT systems on passenger ships. The model is part of a crisis classification module under development for the EU-funded project ISOLA, which visions an intelligent security superintendence ecosystem to enhance the existing ship security processes and the protective measures applied onboard passenger ships. ISOLA's services provide functions for continuous surveillance, including cyber security functions. The BN model receives specific IT and OT vulnerability data generated by a specialized ISOLA service and employs Bayesian probabilistic techniques to evaluate any identified vulnerability. The model performs real-time crisis classification of the cyber security-related incident, utilizing a six-level ascending scale for crisis taxonomy and generates relevant warnings to alert the crew and facilitate early detection of potential or actual safety- and security-threatening occurrences.

Keywords: Cyber security, Crisis classification, Cyber-risk assessment, Bayesian networks, Maritime cybersecurity, Cyber vulnerability.

Download PDF