Security Challenges in Commercial off-the-shelf Equipment Integration for Small Autonomous Vessels: A Security-by-Design Approach

Kalliovaara, Juha; Hallio, Juhani; Väänänen, Jesse; Jokela, Tero
Security Challenges in Commercial off-the-shelf Equipment Integration for Small Autonomous Vessels: A Security-by-Design Approach

Kalliovaara, Juha
Hallio, Juhani
Väänänen, Jesse
Jokela, Tero
Katso/Avaa
Lataukset: 

doi:10.1088/1742-6596/3123/1/012036
URI
https://doi.org/10.1088/1742-6596/3123/1/012036
Näytä kaikki kuvailutiedot
Julkaisun pysyvä osoite on:
https://urn.fi/URN:NBN:fi-fe202601215992
Tiivistelmä
This study examines the security implications of commercial off-the-shelf (COTS) equipment used in small vessels (<25m) transitioning to autonomous operations, emphasizing a comprehensive security-by-design approach. The eM/S Salama autonomous test vessel is introduced as a representative use case, which is used to identify critical vulnerabilities in maritime technologies designed primarily for consumer markets, where usability often compromises security considerations. Our research reveals multifaceted security challenges including communication system weaknesses, cyber-physical integration vulnerabilities, data integrity issues, inadequate cyber-attack response mechanisms, and regulatory compliance gaps. These challenges are compounded by integration difficulties in wireless technologies, cloud connectivity, and Controller Area Network (CAN) bus systems, where manufacturers' security features remain inconsistently implemented due to cost and complexity constraints typical of small vessel operations. We propose a systematic seven-step security assessment framework encompassing asset categorization and inventory, Information Technology (IT) / Operational Technology (OT) integration requirements, physical security controls, device-level security evaluation, communication system security, human-centric security and operational resilience, and continuous monitoring and assessment. The framework provides quantitative scoring methodologies and practical implementation guidance specifically adapted for resource-constrained maritime environments, enabling systematic evaluation of COTS equipment security posture. This security-by-design methodology addresses the fundamental challenge of maintaining robust security while enabling autonomous operations in cost-sensitive maritime environments. The framework offers assessment tools and evaluation matrices suitable for small vessel operations, bridging the gap between theoretical cybersecurity models and practical implementation in autonomous maritime systems.
Kokoelmat