Operational training for enhanced maritime cyber resilience: Bridging safety and security through maritime education and training

Tam, K. (Supervisor)
Erlend Erstad (Supervisor)

School of Engineering, Computing and Mathematics

Activity: Examination and supervision › Supervision › External

Description

Modern maritime navigation and operations heavily rely on technology. While this has brought many benefits, it has also introduced new risks, especially in cyber security. This thesis investigates how the maritime industry and maritime education and training institutions can be better prepared against cyber threats. By taking a human-centred design approach, the thesis investigates how qualitative research can be utilized to enhance maritime cyber resilience. This thesis explores how the traditional maritime ship safety transition into an industry which not just need to consider normal accidents, like fire onboard or ship collision avoidance, but also needs to address cyber security aspects. Central to this research is the exploration of the International Maritime Organization's (IMO) Resolution for Maritime Cyber Risk Management in Safety Management Systems (MSC.428(98)), which positioned cyber risk on the global maritime safety agenda. By underscoring the need for heightened awareness and urging the maritime sector to evolve and learn continuously, this Resolution has become a cornerstone in discussions about maritime cyber resilience. As a strategic focus for the IMO, MET's potential to fortify human capacity on ships stands out as a pivotal element in the quest to make humans the strongest link in maritime cyber security. Through a rigorous examination of current research trends, industry initiatives, and the pivotal intersection of automation and human interaction, this thesis underscores the importance of integrating maritime cyber security into MET curricula. To provide a comprehensive perspective, the research methodology encompasses a review of existing literature, an evaluation of the development of maritime cyber security, and a deep dive into how the maritime industry responds to regulations and frameworks. The thesis also assesses the relevance and applicability of concepts like maritime cyber resilience in the context of MET. The research approach includes a look at existing studies, an examination of how maritime cyber security has evolved, and a review of how the maritime sector deals with rules and guidelines. The thesis looks at how resilience applies to cyber issues in the maritime context. Key findings come from four major papers and a workshop. These insights stress the importance of teaching maritime cyber resilience widely. The first two papers address how a navigator’s workday now is affected by cyber risks and how the navigator experience those risks. The final papers present humancentred design approach to developing and conducting maritime cyber resilience training, as well as a novel procedural framework. The final discussions in the thesis link these findings with existing knowledge to suggest how MET can really make a difference in improving cyber security at sea. In conclusion, this thesis offers insights both for researchers and for maritime professionals. As technology keeps advancing, the findings here offer a roadmap for future research and training efforts.

Period	2025
Examinee/Supervised Person	Runar Ostnes
Examination/Supervision held at	Norwegian University of Science and Technology

Documents & Links

https://ntnuopen.ntnu.no/ntnu-xmlui/handle/11250/3125566