Catalogo dei prodotti della ricerca

The advancement of the maritime industry towards technologically integrated and automated systems has significantly increased the complexity of onboard Industrial Control Systems (ICS), raising concerns about cybersecurity risks. In this paper, we examine typical onboard ICS configurations through an adversarial lens. We introduce a threat model that leverages domain -specific peculiarities, e.g., maritime protocols, and targets vulnerability vectors to execute software attacks against the infrastructures of shipboard ICS. This includes a case study on a critical subsystem of ship machinery: the steering gear system. We have developed a novel attack methodology intended for use by targeted malware. A comprehensive experimental assessment confirms the feasibility of attacks devised according to our methodology.

Physics-aware targeted attacks against maritime industrial control systems / Longo, Giacomo; Lupia, Francesco; Pugliese, Andrea; Russo, Enrico. - In: JOURNAL OF INFORMATION SECURITY AND APPLICATIONS. - ISSN 2214-2126. - 82:(2024). [10.1016/j.jisa.2024.103724]

Physics-aware targeted attacks against maritime industrial control systems

Giacomo Longo;
2024

Abstract

The advancement of the maritime industry towards technologically integrated and automated systems has significantly increased the complexity of onboard Industrial Control Systems (ICS), raising concerns about cybersecurity risks. In this paper, we examine typical onboard ICS configurations through an adversarial lens. We introduce a threat model that leverages domain -specific peculiarities, e.g., maritime protocols, and targets vulnerability vectors to execute software attacks against the infrastructures of shipboard ICS. This includes a case study on a critical subsystem of ship machinery: the steering gear system. We have developed a novel attack methodology intended for use by targeted malware. A comprehensive experimental assessment confirms the feasibility of attacks devised according to our methodology.
2024
Physics-awareness; Targeted attacks; Process mining; Maritime industry; Industrial control systems
01 Pubblicazione su rivista::01a Articolo in rivista
Physics-aware targeted attacks against maritime industrial control systems / Longo, Giacomo; Lupia, Francesco; Pugliese, Andrea; Russo, Enrico. - In: JOURNAL OF INFORMATION SECURITY AND APPLICATIONS. - ISSN 2214-2126. - 82:(2024). [10.1016/j.jisa.2024.103724]
01a Articolo in rivista
File allegati a questo prodotto
File Dimensione Formato  
Longo_postprint_Physics-aware_2024.pdf

accesso aperto

Note: https://doi.org/10.1016/j.jisa.2024.103724
Tipologia: Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza: Creative commons
Dimensione 3.55 MB
Formato Adobe PDF
3.55 MB Adobe PDF
Longo_Physics-aware_2024.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 2.57 MB
Formato Adobe PDF
  Contatta l'autore
2.57 MB Adobe PDF   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1709686
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 10
  • ???jsp.display-item.citation.isi??? 6
social impact