You are on page 1of 6

The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)

Current efforts in Ports and Supply Chains Risk


Assessment

Nineta Polemi Spyros Papastergiou


UNIPI Security Lab, Department of Informatics UNIPI Security Lab, Department of Informatics
University of Piraeus, UNIPI University of Piraeus, UNIPI
Piraeus, Hellas Piraeus, Hellas
dpolemi@gmail.com paps@unipi.gr

Abstract— Port services and maritime supply chain processes vulnerabilities, as well as in relevant risk management
depend upon complex interrelated ICT systems hosted in the methodologies. For over a decade significant efforts have been
ports’ Critical Information Infrastructures (CIIs). Current allocated in the introduction of risk management and assurance
research efforts for securing the dual nature (cyber-physical) of methodologies for CIs [1]. Most of these risk management
the ports and their supply chain partners are presented here. methodologies focus on the identification and classification of
threats, the identification of the various vulnerabilities and
Keywords - physical /cyber security, risk assessment, supply ultimately the evaluation of the potential impact of threats and
chain
vulnerabilities (e.g., [2], [3]). These methodologies feature
differences in terms of the stakeholders that they address (e.g.,
I. INTRODUCTION policy makers, decision makers, asset managers, CI operators,
Critical Infrastructures (CIs) have become dependent on solution integrators), but also in terms of the assets that they
ICT technologies (such as networking, telecommunications, support and the level of accuracy that can handle. However,
cloud, sensor and SCADA technologies), thereby rendering they are not appropriate for dealing with contemporary ICT
Critical Information Infrastructures (CIIs) a vital element of based ports CII and dynamic maritime supply chains, due to
their functioning. This is very prominent in the case of modern their following limitations:
port infrastructures, which tend to be highly dependent on the x They are overly focused on physical-security aspects
operation of complex, dynamic ICT-based maritime supply and pay limited attention to CIIs. At the same time
chains. Ports and their supply chains are becoming a target for they tend to ignore the complex nature of the ICT
hackers [35], which are increasingly launching cyber-attacks systems and assets used in the maritime sector (e.g.,
on ports’ systems, including vessels, global navigation systems, SCADA), along with their interrelationships. This is
ports’ physical systems and cargo management systems. Such for example the case with several international
attacks can disable a vessel, highjack, divert or steal cargo, standards and legislation (e.g., International Ships and
while also compromising sensitive customer or corporate data. Port Facilities Security Code (ISPS), the International
Likewise, attacks in the ports’ Industrial Control Systems Safety Management Code and EC Regulation No
(ICSs) (e.g. supervisory control, SCADA, distributed control 725/2004 on enhancing ship and port facility security,
systems and programmable logic controllers) may cause the EC Directive 2005/65 on enhancing port security),
disruption or damage of critical port mechanical devices (e.g. as well as with related risk assessment methodologies
container cranes, safety and mechanical systems that operate e.g. MSRAM (Maritime Security Risk Analysis
locks and dams) and even worse they may cause loss of life, Model) and MARISA (MAritime RISk Assessment)
steal of cargo and destroy of ship. According to the US ICS- [4].
CERT report from 2006 to 2012, the number of cyber incidents
in SCADA systems increased 782%. An attack on a container x They do not adequately take into account security
terminal management system could disrupt intermodal processes associated with international supply chains,
container services involving maritime, rail and truck which are nowadays ICT enabled and therefore
transportation. Older port legacy ICS have long service lives severely dependent on intentional and unintentional
and they often operate in independent modes with inadequate compromise of CIIs. This is reflected in the fact that
password policies and security administration, no data up-to-date we have seen only limited/partial
protection mechanisms and protocols that are prone to implementations of relevant standards (such as ISO
snooping, interruption and interception which may cause the 28000).
disruption of various critical ports’ and SC operations and
The above listed limitations are also acknowledged in
services.
reports, standards and regulations produced by prominent
The emerging landscape of ICT-empowered ports’ CIIs- security stakeholders. For example the first ENISA (European
requires a paradigm shift in the way it assesses risks and Union Agency for Network and Information Security) report

978-1-908320-52/0/$31.00 ©2015 IEEE 349


The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)

on cyber maritime security (2011) [5] concludes that awareness rarely go into detail on specific methods for the risk analysis or
on cyber security needs in the maritime sector is currently low risk assessment. This is one reason why often differences in the
to non-existent and highlights the challenges of managing the risk assessment arise within the specific areas of application,
interdependencies between ICT systems and other port assets. making a direct comparison of the results difficult.
As a result, most of the actors involved in the ports CII and In principle, choosing the right method and the right tool
maritime supply chain use varied and nonstandard practices to for risk analysis and risk evaluation proves to be complicated.
guarantee the credibility and the effectiveness of the full In recent years, a number of concepts, algorithms and tools
system development life cycle including design/development, have evolved from research, specially designed to protect the
acquisition of custom or commercial off-the-shelf (COTS) ICT infrastructure and related systems. Since their historical
products, delivery, integration, operations, and background is settled in a business context, in these methods a
disposal/retirement. Most of the adopted components present quantitative risk assessment is usually performed based on
significant vulnerabilities and weaknesses and might be flawed monetary costs (see [19], [20] and the EBIOS method and the
or counterfeit, or might contain malicious elements thereby aforementioned ISO / IEC 27005:2013 standard [13]). In this
jeopardizing the operation of the whole maritime supply chain. context, most of the methods and tools (see [21] for a
In this context, the lack of visibility and traceability in the often comprehensive list) just use the commonly known rule of
opaque processes and practices used to develop and acquire thumb "risk = probability x potential damage" [22]. Depending
ICT related products and services from each maritime actor on the applied method, the terms and scales for the assessment
increases the risk of not being able to detect and remedy of the probabilities as well as the potential damage are
intentional and unintentional compromises that may be predefined (such as in the NIST policy [24] or in the Mehari
introduced through a variety of means, including counterfeit method [23]). In practice, the selection of a specific risk-
materials and malicious software. assessment tool is based on practical considerations, and
depends on how well the present terminology of the application
Enhanced, global risk assessment frameworks that can deal can be mapped onto the predefined specific terminology of the
with ports ICT risks, cascading effects of ports risks to their risk assessment methodology.
supply chain, threats and vulnerabilities, of ICT-based
maritime supply chain are needed. This paper presents the In order to structure the process of risk assessment, there
escalating results from three related projects: CYSM are various attempts to develop ontologies for general risk
(http://www.cysm.eu/index.php/en/), Medusa assessments [25], [26]. For example, the AURUM system [27]
(medusa.cs.unipi.gr) and Mitigate (www.mitigateproject.eu) provides a graphical tool for the modeling based on ontologies.
and concludes with various open issues for further research. Therefore, it uses a Bayesian approach for determining threat
probabilities (which is also done by the method proposed in
II. CII RISK ASSESSMENT: THE CYSM APPROACH [28]). The OCTAVE method [29] is based on subjectively
estimated probabilities and thus can be understood as an apriori
A. State-of-the Art distribution with regards to the Bayesian approach. The
OCTAVE method uses UML as a modeling language and
The main goal of risk management is (in general) to protect represents a comprehensive collection of tools and best practice
business assets and minimize costs in case of failures and thus methods for risk management. The CORAS method [30]
it represents a core duty of successful port management. allows the integration of several different risk assessment
Hence, risk management describes a key tool for the security processes, whereas the identification of the probability of an
within organizations and it is essentially based on the attack is not done automatically but apriori to any risk
experience and knowledge of best practice methods. These assessment.
methods consist of an estimation of the risk situation based on
the business process models and the infrastructure within the In contrary to the aforementioned general and IT-specific
organization. In this context, these models support the guidelines for risk management, the security and risk
identification of potential risks and the development of management in the maritime sector a huge emphasis is laid on
appropriate protective measures. The major focus lies on the physical and object security. In particular, the International
companies and the identification, analysis and evaluation of Ship and Port Facility Security (ISPS) Code [6] (as well as the
threats to the respective corporate values. respective EU regulation [8]) defines a set of measures to
enhance the security of port facilities and ships. Therein,
The outcome of a risk analysis is in most cases a list of methodologies to perform security assessments and to detect
risks or threats to a system, together with the corresponding security threats are described and a guideline for the
probabilities. International standards in the field of risk implementation of the respective security measures is given.
management are used to support the identification of these Additionally, roles and responsibilities concerning maritime
risks or threats as well as to assess their respective security at a national and international level are defined.
probabilities. These standards range from general Nevertheless, due to the increased interaction and exchange of
considerations and guidelines for risk management processes information of ports with other critical infrastructures in the
(e.g. [16], [17], [15]) to specific guidelines for the IT sector maritime eco-system (e.g. port authorities, ministries, maritime
(e.g. [14], [12], [13], [11], [10], [9]) all the way to highly companies, ship industry, etc.) the sole focus on physical
specific frameworks as, for example, in the maritime sector security is not sufficient any more. Moreover, the security of
(e.g., [8], [7], [6], [18]). Most of these standards specify the port’s cyber-physical systems becomes equally important.
framework conditions for the risk management process, but

978-1-908320-52/0/$31.00 ©2015 IEEE 350


The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)

B. The CYSM approach B. The Medusa approach


CYSM implemented a targeted risk management MEDUSA provided a risk management method and an ICT
methodology (CYSM-RM) that relies on modeling and group tool for maritime cyber-security with particular emphasis on
decision making techniques using the collective knowledge of methods that take into account the cascading effects of threat
all users, estimating and rolling up risks (physical and cyber) scenario arising in the scope of the maritime supply chain at
across diverse target types, attack modes, and geographic entity level. Medusa Supply Chain risk assessment
levels. CYSM evaluates and manages physical and cyber risks methodology, [33] relies on dependency graphs, used to
against the requirements specified in the ISPS Code and visualize and analyse the dependencies within the supply chain
ISO27001. The CYSM methodology [31] which constitute the business entities (and not within interconnected assets) and to
conceptual pillars for building a solution was implemented in calculate supply chain risks, individual risks and partial risks
an innovative, scalable Risk Assessment Toolkit which arising from a portion of the supply chain. The goal of Medusa
facilitates the ports’ security team to efficiently identify, assess is twofold. First, to assess the overall security risks of a supply
and treat their security and safety incidents involving all port chain. The derived overall risk values are used in order to
operators and users. The toolkit adopts and implements a define a baseline supply chain security policy, defining the
bouquet of flexible and configurable self-driven functions and least necessary security controls required by each business
procedures [32] which constitute the conceptual pillars for partner. Medusa extends ISO28001 in several ways: First it
building a solution that assists ports to improve their current defines threat categories and uses them to group specific threat
cyber and physical level. scenarios. Then the threat categories are mapped to specific
subsets of the security controls already defined in the Security
III. SUPPLY CHAIN ΟΡΓΑΝISATIONAL RISK ASSESSMENT: Declaration Statements (as provided by all supply chain
THE MEDUSA APPROACH business partners). Thus by using these Statements, it is easy to
quantify the vulnerability (and eventually likelihood) of each
A. State-of-the Art partner for each examined threat scenario. In addition Medusa
allows the efficient assessment of cascading risks within the
Maritime supply chains comprise globally distributed, SC; by using input data already provided in the previous steps,
interconnected set of organizations including port authorities, all potential dependency chains of the SC are assessed and their
ministries, maritime companies, ship industries, customs cascading risk values are then used to prioritize risk mitigation.
agencies, maritime/ insurance companies, other transport CIs MEDUSA system [34] expanded CYSM systems’ capabilities
(e.g. airports), other CIIs (e.g. transport networks, energy with a range of mechanisms, techniques and components:
networks, telco networks), people, processes, services,
products, and more. The interconnection of these actors and x for capturing multi-order dependencies between port
organizations relies typically on an interconnected web of infrastructures and their supply chain business
transportation infrastructures and pathways, information partners;
technology, as well as cyber and energy networks.
x for identifying and visualizing the critical path of the
The maritime supply chain of the modern era has become inter-dependencies across the ports’ supply chain,
dependent on ICT components to operate, establishing a
complex and dynamic supply chain. x for assessing the potential impact of security incidents
on port infrastructures, given their various
The ports and shipping play a major role in the maritime dependencies with their supply chain business partners.
supply chain and their infrastructures have interdependencies at
multiple levels (infrastructural, national/intra-sectoral). In this IV. SUPPLY CHAIN CYBER RISK ASSESSMENT: THE
context, they interact closely with all actors in the complex
MITIGATE VISION
maritime eco-system involving port authorities, ministries,
maritime companies, ship industry, customs agencies,
A. State-of-the Art
maritime/ insurance companies other transport CIIs (e.g.
airports) and other CIs (e.g. transport networks, energy The modern ICT supply chain is subject to a variety of
networks, telecommunication networks). As a result, port cyber security threats and threat scenario (combination of
stakeholders (notably port security operators and port facilities threats). These SC threat scenarios and security incidents may
operators) have to deal with internal, external and diffused affect the confidentiality, integrity, or availability of the ports’
cyber/physical threats come from the whole maritime supply and SC’ information and information systems and include
chain. ISO has published four (4) supply chain security related counterfeiting, tampering, theft, reduced or unwanted
standards: ISO 28000:2007 on Specification for security functionality, or malicious content. Unfortunately related
management systems for the supply chain; ISO 28001:2007 on projects do not address the security problem e.g. MEDUSA
Security management systems for the supply chain; does not cover the propagation of cyber security threats within
ISO28003:2007 on Security management systems for the the interrelated SC assets, INTEGRITY, IMCOSEC, and
supply chain; ISO 28004:2007 on Security management SMART-CM focused on tracking the container;
systems for the supply chain – Guidelines for the CASSANDRA focused on consignment data; CORE aimed at
implementation of ISO 28000. However there are not specific consolidating solutions.
methodologies to implement these standards and not user-
friendly tools to integrate them.

978-1-908320-52/0/$31.00 ©2015 IEEE 351


The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)

B. The MITIGATE vision a) CYSM supports identification and measurement of


MITIGATE (9/2015-4/2017) goes a step forward realizing organization-wise threats. These include internal threats
the need for assessing the cascading effects of cyber threats in pertaining to the ports’ ICT and physical infrastructure.
the maritime multi-sector environment. Special emphasis will b) MEDUSA supports identification and measurement
be paid in the provision of support for security processes of cross-sectoral and cross-border threats, including threats
associated with the dynamic (ICT-based) international associated with cascading effects.
maritime supply chains. It will include technical, policy,
techno-economic and usability perspectives into the risk c) MITIGATE supports identification and measurement
assessment process thus taking the viewpoints of a variety of of combined cross-sectoral and cross-border attacks/threats
stakeholders into account. It will develop the MITIGATE Risk paths and patterns arising from the ports’ supply chain, Both
Assessment Framework enabling the simulation of cyber risks, organization-wise and interdependent cyber threats deriving
towards facilitating the training of the various stakeholders, from the interconnection of the ports with other entities (e.g.,
which also goes beyond the scope of alternative state-of-the-art ships, port authorities, maritime / insurance companies,
tools. Overall, MITIGATE will adequately address the customs, ship-industry) will be evaluated.
limitations of existing risk management methodology for 3) Impact Analysis Model:
handling cyber-security at asset level and the implications of
international supply chains. MITIGATE system will enable a) CYSM is based on models that determine the value
port operators to manage their security in a holistic, integrated of the corporate assets and estimate the potential impact of
and cost-effective manner, while at the same time producing threats in terms of specific criteria (availability confidentiality,
and sharing knowledge associated with the identification, integrity) and based on various organizational scenarios (cost,
assessment and quantification of cascading effects of cyber legal, technical…).
threats originated from the ports' supply chain. In this way, port b) MEDUSA aims at modeling, visualizing and
operators will be able to predict potential security incidents, but simulating security scenarios and their cascading effects cross
also to mitigate and minimize the consequences of divergent CIs that are dependent on port CIs.
security threats and their cascading effects in the most cost-
effective way i.e. based on evidence associated with simulation c) MITIGATE enhances CYSM and MEDUSA in order
scenarios and security assurance models. MITIGATE will to perform impact analysis for threats/assets involved in
comprise simulation models, which will enable the production supply chain operations. This will require the integration of
of timely, accurate, objective, reliable, relevant and high appropriate assurance
quality evidence, information, indicators and factors. The latter 4) Countermeasures:
will empower a first-of-a-kind analysis and assessment of a) CYSM introduces countermeasures for reducing
multi-dimensional cyber risks, which is not nowadays possible.
ports’ risks.

V. EVOLUTION FROM CYSM TO MEDUSA AND FINALLY TO


b) MEDUSA identifies and documents security
MITIGATE measures that could minimize the consequences of cascading
effects in multi-sector cross-border port security scenarios.
This Section outlines the objectives and targets of the three
E.C. projects (CYSM, Medusa, MITIGATE) in ten areas c) MITIGATE introduces additional countermeasures
revealing the evolution of results, as follows: towards reducing risks associated with the whole supply
chains. The countermeasures will be produced based on an
1) Scope & Context-Boundaries: Open Risk Assessment Simulation Environment, thereby
a) CYSM emphasizes on the protection of Port exploiting the project’s evidence based approach.
facilities, based on the provision of a dynamic risk 5) Cartography capabilities:
management methodology for ports’ CII considering their a) CYSM operates based on the identification and
physical-cyber nature. representation of the ports’ architectural structure.
b) MEDUSA focuses on the protection of the port b) MEDUSA introduces algorithms for identifying
supply chain. It defines a methodological approach for the multi-order dependencies between entities involved in the
identification of multi-order dependencies of security maritime supply chain.
incidents and risks, in the scope of multi-sector cross-border
scenarios. c) MITIGATE adopts algorithms and techniques for
capturing and analyzing the multi-order dependencies between
c) MITIGATE enhances CYSM & Medusa towards ports’ ICT infrastructures and multiple Critical Information
protecting port facilities in the scope of interacting supply Infrastructures (CIIs) participating in the global supply chain.
chains. MITIGATE will adopt an evidence-driven Maritime
Supply Chain Risk Assessment model in order to capture and 6) Risk Analysis:
deal with cascading effects risks, threats and vulnerabilities, a) CYSM risk analysis of the ports’ facilities is based on
associated with the ICT-based maritime supply chain. a straightforward approach that relies only on the ports’ users
knowledge.
2) Threats Landscape:
b) MEDUSA assesses security incidents and risks, in
the scope of multi-sector cross-border scenarios.

978-1-908320-52/0/$31.00 ©2015 IEEE 352


The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)

c) Risk analysis in MITIGATE for the ports’ supply a set of ICT technologies, including semantic web
chain is based on a more rigorous, rational approach that technologies (for ontology management, context management
produces high quality scientific and experimental based proofs and profiling), cloud computing and BigData and crowd-
and findings (e.g. simulation results, indicators, sourcing technologies (i.e. in order to collect and analyze open
recommendations). information from public resources).
7) Computational model:
VI. CONCLUSIONS AND FURTHER RESEARCH
a) In CYSM a multi–criteria group decision making
model has been developed and adopted in order to calculate The security of global maritime supply chains remains an
the actual risk factor. The proposed model takes into open, multi-dimensional problem requiring technological
consideration a set of criteria and parameters as well as the interoperability, maritime policy harmonization, common legal
opinion of various users’ groups with different vision angle. framework respecting security, privacy and accountability
principles at international level. The security of the EU
b) MEDUSA adopts an approach based on game theory commercial ports require the facilitation and implementation of
and graph theory techniques to minimize the consequences of an EU Maritime Security Policy acknowledging the dual
cascading effects in multi-sector cross-border port security nature of the ports (physical and cyber) and their importance as
scenarios. Critical Information Infrastructures to EU and global digital
c) MITIGATE leverages simulation models (based on economy. Finally a series of maritime governance issues seek
game theory and graph theory techniques) combined with a solutions:
multi–criteria group decision making approach in order to x Harmonisation of critical maritime practices (e.g.
produce timely, accurate, objective, reliable, relevant and high border control, container authentication, logistics);
quality evidence, information, indicators, factors and
parameters associated based on which the multi-dimensional x Strengthening the compatibility of the security
approaches adopted by the EU Countries with
risks will be assessed.
international standards and EU legislation;
8) Standards Compliance:
a) CYSM is in-line with the requirement, rules and x Establishment of trust chains of maritime entities at
obligations imposed by security and safety related standards national, regional and European level, the lack of
which is considered the most important obstacle in the
(ISO27001, 27005, ISPS) that focus on the protection of the
way they manage security processes in the e-maritime
ports’ facilities.
world;
b) MEDUSAs’ emphasis on the supply chain is
reflected in the provision of support for ISO28000. x Development of the local and regional business and
manufacturing sector facilitating the effective and
c) MITIGATE leverages and implements existing efficient transport of bulk cargos and manufactured
security standards (such as ISO27001, 27005, ISPS, ISO2800, goods.
ISO28001) associated with the protection of the maritime
ICT-based maritime supply chain. ACKNOWLEDGMENT
9) Predictive and forecasting capabilities:
The author is grateful to the European Commission
a) CYSM evaluates a predefined list of threats ("Prevention, Preparedness and Consequence Management of
associated with ports’ ICT and physical infrastructures. Terrorism and other Security related Risks for the Period 2007-
b) MEDUSA evaluates a predefined list of threats 2013" and Digital Security: CyberSecurity, Privacy and Trust
associated with ports supply chain (H2020-DS-2014-1) Programme) for funding the projects:
CYSM, MEDUSA, MITIGATE. Special thanks to the
c) MITIGATE leverages appropriate simulation models consortium members of these projects for their work in
and processes for the representation and prediction of the achieving the above mentioned results. Finally the author
possible attacks/threats paths and patterns. These models will acknowledges the contribution of the Research Center of
be used to measure their effectiveness and applicability, as University of Piraeus (UPRC).
well as to and to determine the exploitation, resilience and
reliability level of ports’ supply chains. REFERENCES
10) Risk Assessment (RA) tool: [1] Georgios Giannopoulos, Roberto Filippini, Muriel Schimmer, «Risk
a) The CYSM RA tool is based on a set of interactive assessment methodologies for Critical Infrastructure Protection. Part I: A
and collaborative technologies. state of the art», Joint Research Center Publication, JRC 70046, EUR
25286 EN, ISBN 978-92-79-23839-0, ISSN 1831-9424, doi:
b) MEDUSA tool is based on a set of visualization tools 10.2788/22260, Luxembourg: Publications Office of the European
and techniques to model and simulating ports supply chain Union, 2012.
scenarios. [2] J. P. G. Sterbenz, D. Hutchison, E. K. etinkaya, A. Jabbar, J. P. Rohrer,
M. Schoeler et al., (2010) Resilience and survivability in communication
c) The MITIGATE tool adapts and integrates a number networks: Strategies, principles, and survey of disciplines, Computer
of risk management components, modules and sub-systems Networks, Vol 54, pp. 1245-1265.
developed in the CYSM and MEDUSA and also incorporates [3] Chuvieco E, Aguado I, Yebra M, Nieto H, Salas J, Martín P, Vilar L,
Martínez J, Martín S, Ibarra P, de la Riva J, Baeza J, Rodríguez F,

978-1-908320-52/0/$31.00 ©2015 IEEE 353


The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)

Molina JR, Herrera MA, Zamora R (2010) Development of a framework [22] CCRA Working Group, “Common Criteria for Information Technology
for fire risk assessment using remote sensing and geographic Security Evaluation“, CCRA, [Online]. Available:
information system technologies. Ecological Modelling 221, 46–58. www.commoncriteriaportal.org (Access Date: 27 November, 2015).
[4] Jean-François Balmat, Frédéric Lafont, Robert Maifret, Nathalie Pessel, [23] Clusif Methods Commission, “MEHARI V3 Risk Analysis Guide”,
«MAritime RISk Assessment (MARISA), a fuzzy approach to define an 2004.
individual ship risk factor», Ocean Engineering - OCEAN ENG [24] G. Stoneburner, A. Goguen und A. Feringa, “Special Publication 800-
01/2009; 36(15):1278-1286. DOI: 10.1016/j.oceaneng.2009.07.003 30: Risk Management Guide for Information Technology Systems“,
[5] European Network and Information Security Agency, «Analysis of National Institute of Standards and Technology, 2002.
Cyber Security Aspects in the Maritime Sector», November 2011. [25] S. Kollarits, N. Wergles und H. Siegel et al., “MONITOR - An
[6] International Maritime Organisation, “International Ship and Port ontological basis for risk management“, 2008. [Online]. Available:
Facility Security Code”, London, United Kingdom, 2004 http://www.monitor-
[7] International Standardization Organization, “Ships and marine cadses.org/documents/MONITOR_BaseOntology_Report_1_0.pdf
technology – Maritime port facility security assessments and security (Access Date: 27 November, 2015).
plan development”, Geneva, Switzerland, 2007. [26] T. J. Chiang, J. S. Kouh und R. I. Chang, „Ontology-based Risk Control
[8] European Commission, “Regulation (EC) No 725/2004 of the European for the Incident Management,“ International Journal of Computer
Parliament and of the Council of 31 March 2004 on enhancing ship and Science and Network Security, Bd. 9, Nr. 11, p. 181, 2009.
port facility security”, Official Journal of the European Union, L 129/6, [27] A. Ekelhart, S. Fenz und T. Neubauer, “Automated Risk and Utility
p. 6-91, 2004. Management,“ in Proceedings of the Sixth International Conference on
[9] Common Criteria Working Group, “Common Methodology for Information Technology: New Generations, IEEE Computer Society,
Information Technology Security Evaluation - Evaluation 2009, pp. 393-398.
methodology”, CCMB-2007-09-004, [28] F. Foroughi, „Information Security Risk Assessment by Using Bayesian
http://www.commoncriteriaportal.org, 2007. Learning Technique“, in Proceedings of the World Congress on
[10] The Stationery Office (TSO), “Continual Service Improvement”, 2007, Engineering, Bd. 1, International Association of Engineers, 2008, pp. 2-
ITIL V3. 6.
[11] Bundesamt für Sicherheit in der Informationstechnik, „IT-Grundschutz [29] C. J. Alberts und A. Dorofee, “Managing Information Security Risks:
Kataloge“, 2013 online: The Octave Approach”, Addison-Wesley Longman Publishing Co., Inc.,
https://www.bsi.bund.de/DE/Themen/ITGrundschutz/itgrundschutz_nod 2002.
e.html (Access Date: 27 November, 2015). [30] K. Stolen, F. D. Braber, S. Lund and J. Aagedal, “Model-based risk
[12] International Standardization Organization, “ISO 27001: Information assessment – the CORAS approach,” 2002. Available:
Security Management System Requirements”, Geneva, Switzerland, https://heim.ifi.uio.no/massl/publications/nik02-coras.pdf (Access Date:
2013. 27 November, 2015).
[13] International Standardization Organization, “ISO 27005: Information [31] Makridimitris G., Polemi D., Douligeris C. "Security Risk Assessment
security risk management”, Geneva, Switzerland, 2011. Challenges in Port Information Technology Systems", Volume 441 of
the Communications in Computer and Information Science series., 2014
[14] International Standardization Organization, “ISO 20000: Information
Technology Ser-vice Management”, Geneva, Switzerland, 2005. [32] Papastergiou S., Polemi D. and Karantjias A. “CYSM: An innovative
physical/cyber security management system for ports”. Special Session
[15] Austrian Standards Institute, “ONR 49000: Risikomanagement für on “Innovative Risk Management Methodologies and Tools for Critical
Organisationen und Systeme: Begriffe und Grundlagen“, Wien, Information Infrastructures (CII)” within the 6th International
Österreich, 2004
Conference on Digital Human Modeling and Applications in Health,
[16] International Standardization Organization, “ISO 31000: Risk Safety, Ergonomics and Risk Management (HCI International 2015), 2-7
Management – Principles and Guidelines”, Geneva, Switzerland, 2009. August, 2015, Los Angeles, CA, USA.
[17] International Standardization Organization, “ISO 31010: Risk [33] Polemi N., Kotzanikolaou P. “Medusa: A Supply Chain Risk
management -- Risk assessment techniques”, Geneva, Switzerland, Assessment Methodology, CSP Forum " Cyber Security and Privacy
2009. Innovation Forum" 28- 29/4/15 https://www.cspforum.eu/2015, Lecture
[18] International Standardization Organization, “ISO 20858: Ships and Notes, Springer Verlag, 2015.
marine technology -- Maritime port facility security assessments and [34] Papastergiou S., Polemi D. and Papagiannopoulos I.. “Business and
security plan development”, Geneva, Switzerland, 2009. threat analysis of Ports’ Supply Chain Services”. Special Session on
[19] T. R. Peltier, “Information security risk analysis”, Auerbach “Innovative Risk Management Methodologies and Tools for Critical
Publications, 2001. Information Infrastructures (CII)” within the 6th International
[20] S. E. Schechter, “Computer security strength and risk: a quantitative Conference on Digital Human Modeling and Applications in Health,
approach,“ Harvard University, 2004. Safety, Ergonomics and Risk Management (HCI International 2015), 2-7
August, 2015, Los Angeles, CA, USA.
[21] European Network and Information Security Agency, “Inventory of Risk
Management / Risk Assessment Methods“, 2010. [Online], Available: [35] Allianz Global Corporate & Specialty SE’s (AGCS) third annual Safety
https://www.enisa.europa.eu/activities/risk-management/current- and Shipping Review 2015, An annual review of trends and
risk/risk-management-inventory (Access Date: 27 November, 2015). developments in shipping losses and safety, available at
http://www.agcs.allianz.com/assets/PDFs/Reports/Shipping-Review-
2015.pdf (Access Date: 27 November, 2015).

978-1-908320-52/0/$31.00 ©2015 IEEE 354