Throughout its duration, the project fully achieved its objectives delivering significant results. Following focused end-user workshops and online questionnaires, user requirements were collected and analysed. Specific pilot scenarios and use cases were defined, system requirements and functional specifications mapped to the user requirements were elucidated, leading to the definition of the overall Cyber-MAR architecture. Based on that, Cyber Ranges and Ship Simulator interconnected were deployed and the Cyber-MAR components, offering capabilities of network security and intrusion detection (IDS, L-ADS, XL-SIEM), data fusion and analysis (Prediction Engine) and visualization (High-Level SA, Expert SA), were developed and tested.
The capabilities of Cyber Ranges were extended allowing the simulation of highly realistic maritime environments through the interconnection with real automation equipment (SCADA, PLCs, sensors and actuators) and virtual PLCs. A physical I/O system was implemented, adding support for analogue and digital stimuli used by real automation equipment. Native hybrid support of AIS was added to the Cyber-MAR Cyber Range allowing the connection of real AIS transceivers to the platform and simulating the sending and receiving of AIS messages.
A specific maritime MISP community for increased threat intelligence, facilitating the communication with CERT/CSIRT networks, was created. The Maritime Cyber-Risk Assessment (MaCRA) framework was introduced and validated using data from CERT/CSIRTs, providing comprehensive quantifiers and visual aids for understanding maritime cyber-risks. An Econometric Model was developed, validated for the three pilot scenarios and connected to the MaCRA framework for quantifying the propagation of port’s operations disruption through multiple global value chains.
All components and elements were integrated, tested and deployed in the Cyber-MAR platform following a three-phases incremental integration approach based on the maturity level of the components. Three pilots related to cyber-attacks to i) energy sources at the port of Valencia, ii) vessel navigation and automation systems and iii) SCADA systems at the Port of Piraeus, each one associated with the end of each integration phase, have been successfully implemented and evaluated using defined KPIs. Furthermore, a Learning Management System was developed and seamlessly integrated in the Cyber-MAR platform for supporting the delivery of the designed agile learning process with a focus on hands-on training through the Cyber-MAR environment. A total of 12 training sessions and 1 major CTF were delivered, with a total of 373 trainees participating.
Finally, based on the results from pilots and training, guidelines and recommendations for cybersecurity training in Europe, with Cyber Ranges as a core element, were produced. Key Exploitable Results were identified, and a joint exploitation strategy was formulated. From a dissemination perspective, to make the findings of Cyber-MAR known as widely as possible among scientific community, maritime stakeholders and the general public, the project has been presented in several events such as workshops, symposiums and webinars. Moreover, a significant number of scientific publications in prestigious conferences and journals have been published and are available on the Cyber-MAR’s website.
