Full Program

PASTA Threat Modeling for Cyber Resilience and COLREG Compliance in Autonomous Ship Systems

Summary:

As autonomous vessels have advanced Operational Technology (OT) and Information Technology (IT) systems, they face cyberthreats that can compromise their security and make it difficult for them to comply with International Regulations for Preventing Collisions at Sea (COLREG). This research addresses cybersecurity issues in the maritime sector, focusing on autonomous ship systems' vulnerabilities and compliance with the COLREG. The Process of Attack Simulation and Threat Analysis (PASTA) framework for threat modeling is applied, specifically adapted to the decision-making mechanisms of navigation systems of autonomous ships, to categorize these threats and examine COLREG compliance in potentially complex situations for navigation. The findings of this study reveal vulnerabilities in communication protocols, decision-making algorithms, and sensor data integrity.

Author(s):

Muhammed Erbas    
Tallinn University of Technology
Estonia

Muhammed Erbas is a PhD student at Tallinn University of Technology, specializing in cybersecurity for AI-driven autonomous ship systems. He holds a Master’s degree in Cybersecurity from TalTech and the University of Tartu. His research focuses on threat modeling, cyber resilience, and AI security in maritime navigation. As a researcher in the EU-funded MariCybERA project, he contributes to developing cybersecurity frameworks for autonomous maritime technologies.

Gabor Visky    
Tallinn University of Technology
Estonia

Olaf Maennel    
University of Adelaide
Australia

Leonidas Tsiopoulos    
Tallinn University of Technology
Estonia

Risto Vaarandi    
Tallinn University of Technology
Estonia