MEDIA RELEASES

Collective Efforts to Strengthen Maritime Cybersecurity

Apr 24, 2024, 10:41 by Hazel SIM
The Maritime and Port Authority of Singapore (MPA) today signed two memorandum of understanding (MoUs) at the Accelerating Decarbonisation and Digitalisation Conference, during the Singapore Maritime Week 2024. The first MoU, signed between MPA, Estonia-based Tallinn University of Technology (TalTech), Foundation CR14, Singapore Maritime Institute (SMI), and Singapore University of Technology and Design (SUTD) aims to enhance cybersecurity in the maritime industry, in particular joint cybersecurity research and development, test bedding, and skills training projects.

The second MOU, signed between MPA, Singapore Shipping Association (SSA), Singapore Institute of Technology (SIT) and SUTD aims to improve collaboration and information sharing on cybersecurity among maritime companies, develop maritime cybersecurity capabilities, and strengthen the cybersecurity talent pipeline.


MoU between  MPA, TalTech, Foundation CR14, SMI and SUTD

2.   A key area of collaboration is the conduct of joint cyber training exercises with  Foundation CR14  using the SUTD-based Maritime Testbed of Shipboard Operational Technology (MariOT) system, scheduled to be delivered by March 2025. The MariOT system will be an industrial grade cyber-physical model of the essential shipboard operational technology systems. When operational, it will be used to support the testing of a host of cyber vulnerabilities and solutions through simulation drills and exercises with industry partners. Foundation CR14’s expertise lies in cybersecurity ranges and cyber range solutions, including cyber range trainings, exercises, testing, validation and experimentation. 

3.   TalTech and SUTD will collaborate on research into the role of human factors   in maritime cybersecurity, the related risks and mitigation strategies. They will also study the risk to port and ships’ digital systems posed by the irresponsible use of artificial intelligence (AI), and the substantial opportunities presented for cyber defenders through use of AI-enabled technological solutions.   

4.   The MoU also seeks to develop student and academia exchange programmes. The universities will explore integration of the universities’ cyber simulation centres to expand the representations of networks, systems, and applications, which can be simulated. 

5.   The MoU was signed by David Foo, Assistant Chief Executive (Operations Technology), MPA; Mr Roomet Leiger, Director, TalTech; Mr Silver Andre, Chief Executive Officer, Foundation CR14; Mr Tan Cheng Peng, Executive Director, SMI; and Prof Chua Chee Kai, Associate Provost, SUTD.  

MoU between MPA, SSA, SIT and SUTD

6.   The MoU is an initiative under the Maritime Cybersecurity Roundtable, spearheaded by SSA and involving MPA and the industry. Established in April 2022, the Roundtable aims to strengthen the industry’s cybersecurity capabilities and cyber resilience as the sector becomes increasingly digitalised and interconnected.

7.   Aside from drawing on the shipping industry’s inputs in the development and use of the MariOT testbed to validate new cyber-security technologies, the MoU also aims to develop broad-based and specialised training curriculum for the industry, set training standards, and use simulation technologies to accelerate learning and skills acquisition.

8.   The MoU industry partners will create more career opportunities for cybersecurity talents through career conversion for mid-career professionals and other talent attraction initiatives for youths, including expanding cybersecurity-related curriulum at SIT and SUTD to include maritime operational technology (OT) systems.

9.   The MoU was signed by Mr Teo Eng Dih, Chief Executive, MPA; Ms Caroline Yang, President, SSA; Professor Chua Kee Chaing, President, SIT; and Professor Chong Tow Chong, President, SUTD. 


Launch of MaritimeSG Shipping CyberSafe Scorecard for Fleet Operations

10.  The launch of the MaritimeSG Shipping CyberSafe Scorecard, another initiative under the Maritime Cybersecurity Roundtable developed by SSA and supported by MPA, was announced today by Dr Amy Khor, Senior Minister of State, Ministry of Transport and Ministry of Sustainability and the Environment. 

11.  Developed according to the US National Institute of Standards and Technology (NIST) Cybersecurity Framework and industry feedback, the Scorecard is tailored to vessel operations. Ship owners and operators, including SMEs, can now perform self-assessments through a portal. The self-assessment will help maritime companies determine the cybersecurity maturity level of their fleet operations, identify potential weaknesses and enable early actions to be taken to mitigate cyber risks. More than 30 maritime companies have completed their self-assessments as part of SSA’s pilot efforts prior to this launch.

Tabletop Exercise to Validate Maritime Cyber Assurance and Operations Centre Prototype       

12.  Ten companies from across various maritime sectors  are participating in the MPA-led annual cybersecurity tabletop exercise (TTX) together with international participants from the Port Authorities CIO Cybersecurity Network (Pacc-Net) and other like-minded ports and port authorities. This year’s TTX will see about 40 participants gathered, with new participants from Port of Nagoya, Port of Tokyo and Port of Sines.

13.  The TTX will simulate cyberattacks affecting multiple ports across regions, test and validate the pilot implementaton of MPA-hosted Maritime Cyber Assurance and Operations Centre (MCAOC) capabilities, a joint MPA-Industry cybersecurity operations centre. The MCAOC prototype  will  provide real-time cybersecurity monitoring of members’ cybersecurity systems, disseminate information on cyber threats for members to take early actions, and offer advisory on system recovery and response measures. Through the MCAOC service, manpower currently engaged in monitoring tasks can be freed up by organisations to focus on more productive and higher-value work. Insights from the TTX and feedback from participants will help enhance the MCAOC’s detection and response capabilities. 

 

Footnotes:

1 iTrust was awarded S$4.77M by the Singapore Maritime Institute (SMI) in October 2022 to develop a Maritime Testbed of Shipboard Operational Technology (MariOT) system, in collaboration with the American Bureau of Shipping (ABS) and Singapore Polytechnic’s Centre of Excellence in Maritime Safety (CEMS).  
2 TalTech is a technology and research-based university and hosts the Centre for Maritime Cybersecurity. This centre combines multidisciplinary research expertise in maritime and engineering, computer science and cybersecurity.
3 The objectives of the Cybersecurity Roundtable include improving collaboration and information sharing on cybersecurity among maritime companies, developing Singapore into a Cybersecurity Centre of Excellence for Shipping, and growing Singapore into a leading talent pool for cybersecurity skills in the shipping industry.
4 National Institute of Standards and Technology (NIST) is involved in developing cybersecurity standards, guidelines, best practices and other resources to meet the needs of the US industry, federal agencies and the broader public. The NIST Cybersecurity Framework provides a common language and systematic methodology for managing cybersecurity risk to helps business of all sizes better understand, manage, and reduce their cybersecurity risk and protect their networks and data.
5 BatamFast Ferry, Bintan Resort Ferries, Equatoria Marine Fuel Management Services Pte Ltd, Golden Island Diesel Oil Trading Pte Ltd, Hong Lam Marine Pte Ltd, Horizon Fast Ferry, Jurong Port Pte Ltd, PSA Corporation Limited, Singapore Cruise Centre Pte Ltd and SATS Creuers Services Pte Ltd (Marina Bay Cruise Centre Singapore).
6 Port of Seattle, Port of Los Angeles, National Ports of Agency of Morocco, Port of Sines, Hamburg Port Authority, Tanger Med Port Authority and Port of Nagoya.

 

 

Published 16 Apr 2024