Assessing maritime assets using cyber risk framework based on MITRE CAPEC

The maritime industry has been playing a vital role in international trade since the first times of human history. It facilitates the movement of approximately 90% of world goods. In the meantime, modern vessels are increasingly equipped with computing infrastructure to enhance navigation, communication, and operational efficiency. Even the computer technology brings many benefits for both seafarers and maritime companies, it opens door for significant cyber threats. Ensuring robust cyber security measures and adopting a comprehensive cyber risk framework are critical to safeguarding maritime assets. This study is based on the MITRE CAPEC and involves the creation of a detailed list of cyber risks associated with each vessel component. Utilizing the Multiplicative Effect Approach and traditional cyber risk management methods, we developed a risk calculation table to assess the potential impact of cyber threats on vessel systems. This paper also includes a case study that demonstrates the application of our methodology to an example scenario, highlighting the practical implications and effectiveness of our risk assessment framework.