Full Program

Integrating Cyber Threat Intelligence into Threat Modeling for Autonomous Ships Using PASTA and MISP

Summary:

Autonomous maritime systems rely on the complex interplay of operational technology (OT) and information technology (IT), making them increasingly vulnerable to cyber threats. This paper presents an integrated approach to autonomous ships cybersecurity by combining the Process for Attack Simulation and Threat Analysis (PASTA) threat modeling framework with Malware Information Sharing Platform (MISP) threat intelligence. The autonomous ship architecture is divided into three security layers, which include OT and IT assets, decision-making entities, and decision inputs. Cyber Threat Intelligence (CTI) is systematically integrated into dynamic threat models to enhance cybersecurity. By mapping maritime-specific attack models to MITRE ATT&CK and MITRE ATLAS, we enable a structured and adaptive threat representation. The results demonstrate that integrating MISP with PASTA enhances situational awareness, facilitates real-time updates of threat models, and improves cyber resilience in autonomous maritime operations.

Author(s):

Muhammed Erbas    
Tallinn University of Technology
Estonia

Muhammed Erbas is a PhD student at Tallinn University of Technology, specializing in cybersecurity for AI-driven autonomous ship systems. He holds a Master’s degree in Cybersecurity from TalTech and the University of Tartu. His research focuses on threat modeling, cyber resilience, and AI security in maritime navigation. As a researcher in the EU-funded MariCybERA project, he contributes to developing cybersecurity frameworks for autonomous maritime technologies.

Jani Vanharanta    
Turku University of Applied Sciences
Finland

Jarkko Paavola    
Turku University of Applied Sciences
Finland

Leonidas Tsiopoulos    
Tallinn University of Technology
Estonia

Risto Vaarandi    
Tallinn University of Technology
Estonia