Politecnico di Torino (logo)

Attack surface in maritime industry: analysis of attack vectors and countermeasures for systems on board vessels

Filippo Baudanza

Attack surface in maritime industry: analysis of attack vectors and countermeasures for systems on board vessels.

Rel. Antonio Lioy, Bruno Sicchieri. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2022


In the last decade, the maritime industry has undergone a strong digitalization process, moving from mechanical systems to digital and automated systems thanks to the technological evolution that has also allowed the use of IOT systems. As a result, the ships are increasingly connected to external environments. Having systems interconnected with the outside world increases the ship’s exposure to possible cyberattacks. In this thesis, the focus was the analysis of the ship attack surface considering the systems more used on board the ships; for this reason, an analysis of those systems is also carried out in this thesis. The behaviour of external systems which are used for managing containers, has also been described since, although they are not inside the ship, can indirectly affect their safety. The various on-board devices communicate internally with each other via TCP/IP networks or via the NMEA serial network. For this reason, in the thesis also the inner network of the vessel is treated as well as their communication protocol. After the study of the main shipping systems and their communication ways, the attack vectors that can lead exploiting the present vulnerabilities were analysed. In this thesis the use of OSINT techniques was studied and tested in order to obtain useful information on the vulnerable devices on board the ships. Two attack scenarios, between those analysed, have been implemented in a lab scenario, starting in both cases from the compromise of the satellite unit on board the ship. The first is related to a spoofing attack with the aim to display fake, not existent vessels, in the ECDIS navigation system on board the vessel, to produce noise and alerting messages. The second scenario is based on an ARP poisoning attack to run a man in the middle between the ECDIS and the GPS antenna in order to intercept this connection and modify the data: in this case the aim is to display a fake position of the vessel on the ECDIS system. The two scenarios were tested in a physical laboratory created to emulate a ship’s network and devices. To contrast the attack vectors analysed, the possible countermeasures that should be used by the maritime companies were in the last part of the thesis described.

Relators: Antonio Lioy, Bruno Sicchieri
Academic year: 2022/23
Publication type: Electronic
Number of Pages: 90
Additional Information: Tesi secretata. Fulltext non presente
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING
Aziende collaboratrici: MSC Technology Italia
URI: http://webthesis.biblio.polito.it/id/eprint/25390
Modify record (reserved for operators) Modify record (reserved for operators)