Maritime IT Security
The goal of the Maritime IT Security research group is to conduct impactful research into cyber threats to the Maritime Transportation System (MTS). This will be achieved by leveraging our skills across disciplines within NHL Stenden in Ethical Hacking, Secure Programming, Serious Gaming, Maritime Technology, Maritime Officer Training, Marine Shipping Innovations and Cyber Safety. Student groups from all these disciplines contribute to the research, and our scope, apart from traditional maritime activities, includes inland water, port facilities and other critical elements of the MTS.
The research group organises webinars on a regular base. Often with guest speakers who have expertise on the topic. Watch the recording of the first two webinars via the links below:
- 'Current cyber threats in maritime security' (13 April 2022)
- 'Cyber attacks on maritime navigation' (29 November 2022)
Simulation exercise Dutch Coast Guard
The Dutch Coast Guard visited the MSTC simulators at the Maritime Institute Willem Barentsz (MIWB) on Terschelling. During this exercise, a hack on a ship was simulated by the MITS research group.
The professorship was established in September 2021 and is currently focusing on three major research projects/initiatives:
Database of Maritime Cyber Incidents
This project involves building a database of all maritime cyber incidents that have occurred where information is available from open sources. The database will utilise Structured Threat Information Expression (STIX™), which is a language and serialization format used to exchange cyber threat intelligence (CTI). In student projects, data will be collected and a database built, and then maintained and updated. The database will have a public online presence and will be used to produce reports and research papers. It will also be used as input for simulations and other research.
Maritime Technology Hacking Lab
A lab environment is being built using equipment from maritime industry technology providers including Kongsberg Maritime and Schneider Electrical. Based on known issues from maritime and other ICS/SCADA industries, vulnerability research will be conducted in the lab environment. Technical research will be conducted into AIS spoofing in combination with exercises and other research. Also, a virtual ship Honeynet is being built to study current active scanning of maritime technology. A Honeynet is a network set up with intentional vulnerabilities hosted on a decoy server so as to attract hackers.
The Honeynet data and the discovered vulnerabilities can be used for research reports/publications, to report vulnerabilities and in maritime cyber incident simulations.
Maritime Cyber Incident Simulations
Maritime Cyber Incident simulations will be developed to enhance security awareness, train participants in correct response procedures and study human factors in these types of scenarios. These simulations will include:
- Crew simulations using facilities at the Maritime Institute on Terschelling
- Software simulation based on existing work by Serious Gaming
- Tabletop exercises for executives, conferences, etc.
- Large scale exercises utilising a combination of the above across multiple sites
If you have a question about one of our projects or you’d like to know about the possibilities for collaborating with students, then contact us!
Professorship Maritime IT Security
firstname.lastname@example.org (Management Assistant Future Design Center)