Read more: Boosty | Sponsr | TG

(ECDIS), radar displays, and critical operational systems

such as steering and ballast.
• Challenges with Conventional Ships: in conventional
ships, the cybersecurity risks are exacerbated by the use
of outdated computer systems, often a decade old, and
vulnerable satellite communication system. These
vulnerabilities make ships susceptible to cyber-attacks
that can compromise critical information and systems
within minutes.
• Increased Risks with Uncrewed Ships: the transition to
uncrewed, autonomous ships introduces a new layer of
complexity to cybersecurity. Every system and operation
on these ships depends on interconnected digital
technologies, making them prime targets for cyber-
attacks including monitoring, communication, and
navigation, relies on digital connectivity.
• Need for Built-in Cybersecurity: the necessity of
incorporating cybersecurity measures right from the
design phase of maritime autonomous surface ships is
crucial to ensure that these vessels are equipped to handle
potential cyber threats and to safeguard their operational
Abstract – This document offers a comprehensive analysis of the integrity.
challenges associated with crewless ships, specifically addressing
• Regulatory and Policy Recommendations: It is
issues related to cybersecurity, technology, law, and regulation of
Maritime Autonomous Surface Ships (MASS). The analysis delves suggested that policymakers and regulators need to be
into various critical aspects of MASS, including the technological well-versed with technological capabilities to shape
advancements, legal and regulatory challenges, and cybersecurity effective cybersecurity policies and regulations for
implications associated with these uncrewed vessels, such as maritime operations, UK's Marine Guidance Note
exploration of the current state and future prospects of MASS (MGN) 669 as an example of regulatory efforts to address
technology, emphasizing its potential to revolutionize the maritime cybersecurity in maritime operations.
industry, the unique cybersecurity risks posed by autonomous ships
and the strategies being implemented to mitigate these risks.
• Stakeholder Interest: ship manufacturers, operators,
insurers, and regulators, all of whom are keen to influence
The analysis highlights the intersection of maritime technology with the development and implementation of MASS
regulatory and security concerns. It is particularly useful for security
professionals, maritime industry stakeholders, policymakers, and II. TAXONOMY
academics. By understanding the implications of MASS deployment, The International Maritime Organization (IMO) has
these professionals can better navigate the complexities of developed a four-point taxonomy to categorize Maritime
integrating advanced autonomous technologies into the global Autonomous Surface Ships (MASS) based on the level of
shipping industry, ensuring safety, security, and compliance with autonomy and human involvement:
international laws and standards.
• Degree 1: Ships with automated systems where humans
I. INTRODUCTION are on board to operate and control.
The transformative potential of MASS is driven by • Degree 2: Remotely controlled ships with seafarers on
advancements in big data, machine learning, and artificial board.
intelligence. These technologies are set to revolutionize the $14
trillion shipping industry, traditionally reliant on human crews. • Degree 3: Remotely controlled ships without seafarers on
board.
• Cybersecurity Lag in Maritime Industry: the maritime
industry is significantly behind other sectors in terms of • Degree 4: Fully autonomous ships that can operate
cybersecurity, approximately by 20 years. This lag without human intervention, either on board or remotely
presents unique vulnerabilities and challenges that are Variety in MASS Design and Operation: The taxonomy
only beginning to be fully understood. underscores the diversity in design and operational capabilities
• Vulnerabilities in Ship Systems: cybersecurity of MASS, ranging from partially automated systems to fully
vulnerabilities in maritime systems are highlighted by the autonomous operations. This diversity necessitates a nuanced
ease with which critical systems can be accessed and approach to regulation and oversight.
manipulated. For example, cyber penetration tests have Terminology Clarification: To avoid confusion due to the
demonstrated the simplicity of hacking into ship systems interchangeable use of terms like "remotely controlled" and
like the Electronic Chart Display and Information System "autonomous," the term MASS is adopted as an overarching
 Read more: Boosty | Sponsr | TG
term for all categories within the taxonomy. Specific terms are • Operational Cost Savings: Despite the high initial
used when referring to particular categories of vessels. costs, the long-term operational savings from crewless
ships can be substantial. These savings come from
Diverse Applications and Sizes: MASS are not limited to a
reduced fuel and crew costs, potentially cutting annual
single type or size of vessel. They encompass a wide range of
operating expenses by up to 90%.
ships, from small, unmanned surface vehicles to large
autonomous cargo ships. This diversity is reflected in their • Insurance Costs: Autonomous ships could also reduce
various applications, including commercial, civilian, law insurance costs. With enhanced security measures and
enforcement, and military uses. reduced human error, the frequency of maritime
Emergence and Integration of MASS: Autonomous ships incidents and the associated claims can decrease,
are already emerging and being integrated into multiple sectors. leading to lower insurance premiums.
This ongoing development necessitates a systematic and IV. TECHNOLOGICAL ADVANCEMENTS IN AUTONOMOUS
comprehensive analysis by policymakers, regulators, academia, SHIPPING
and the public to ensure their safe, secure, and sustainable
integration into international shipping. Technological advancements in autonomous shipping span
across various domains, including artificial intelligence (AI),
III. INVESTMENTS IN MARITIME SECURITY sensor technology, communication systems, and regulatory
The global maritime security market is significant, with frameworks.
projections indicating that it will grow from USD 27.67 billion A. Technological Advancements
in 2024 to USD 39.39 billion by 2029. This growth is driven by
The benefits of uncrewed ships include reduced operational
the need to protect vessels, ports, and other critical maritime
costs, improved safety by reducing human error, more efficient
infrastructure from various threats, including cyber-attacks. The
design leading to fuel efficiencies, and environmental benefits
market includes investments in surveillance and tracking,
from reduced production of waste. Crew-related expenses,
communications, and cybersecurity systems
which can account for up to 30% of a ship's operating budget,
A. Specific Investments in Cybersecurity for Maritime could result in significant savings.
Operations B. Autonomous Technology
• Cybersecurity Systems Integration: The integration of There is a divide among stakeholders regarding the
advanced cybersecurity solutions is crucial for desirability of autonomous technology in shipping and the pace
protecting interconnected systems within maritime at which laws should be revised to accommodate their operation.
operations from cyber threats. This includes the While some advocate for rapid adoption and regulatory
deployment of intrusion detection systems, firewalls, adjustments, others urge a more cautious approach, emphasizing
and encryption technologies to secure data transmitted the need to confront questions regarding the status of unmanned
between ships and shore-based facilities. maritime vehicles under international law.
• Research and Development: Companies and C. Artificial Intelligence and Machine Learning
governments are investing in research and development
to enhance cybersecurity measures. For instance, in May AI and machine learning algorithms are at the core of
2023, BlackSky Technology and Spire Global autonomous shipping, enabling vessels to make informed
collaborated to create a real-time marine tracking decisions, navigate safely, and optimize routes. These
service that includes features for automatic detection technologies process data from various sources, including
and tracking of vessels, which can help in identifying sensors and satellite communications, to predict weather
and responding to cybersecurity threats. conditions, identify obstacles, and determine the most efficient
paths.
• Regulatory Compliance and Enforcement: The
International Maritime Organization (IMO) and other D. Sensor Technology and Situational Awareness
regulatory bodies are emphasizing the need for Advanced sensor technologies, including radar, LiDAR,
cybersecurity within the maritime sector. For example, sonar, and cameras, provide autonomous ships with real-time
the IMO's Resolution MSC 428(98) encourages data about their surroundings. This situational awareness is
administrations to ensure that cyber risks are addressed crucial for obstacle detection, collision avoidance, and
within safety management systems. navigation in complex maritime environments.
B. Investments in Crewless Ships E. Communication Systems
• Development Costs: The development of autonomous, Robust communication systems are essential for the
crewless ships involves significant investment, operation of Maritime Autonomous Surface Ships (MASS).
primarily due to the high costs associated with advanced These systems facilitate data exchange between the vessel and
technologies like AI, machine learning, and sensor shore-based control centers, as well as between ships. The
systems. For instance, an individual autonomous ship integration of satellite communications and the Internet of
might cost around $25 million, which is three times Things (IoT) ensures continuous connectivity, even in remote
higher than a manned ship. areas of the ocean.
 Read more: Boosty | Sponsr | TG
F. Cybersecurity Measures • Safety Improvements: By minimizing human error,
As autonomous ships rely heavily on digital technologies, which is a leading cause of maritime accidents,
cybersecurity becomes a paramount concern. Protecting these autonomous vessels can significantly improve safety at
vessels from cyber threats requires advanced security protocols, sea. Advanced navigation and collision avoidance
encryption, and continuous monitoring to safeguard data systems powered by AI and sensor technology contribute
integrity and prevent unauthorized access. to this safety enhancement.

G. Energy Efficiency and Environmental Sustainability B. Environmental Sustainability

Autonomous ships are designed to be more energy-efficient • Reduced Emissions: Autonomous ships, particularly
than traditional vessels, contributing to the maritime industry's those utilizing alternative fuels or hybrid propulsion
decarbonization efforts. The optimization of routes and speed, systems, can significantly reduce greenhouse gas
combined with the potential use of alternative fuels and hybrid emissions and pollutants. Optimized routing and speed
propulsion systems, reduces fuel consumption and greenhouse management further contribute to fuel efficiency and
gas emissions. environmental sustainability.
H. Remote Control and Autonomy Levels • Renewable Energy Integration: The integration of
renewable energy sources, such as solar and wind power,
The degree of autonomy in shipping varies, ranging from
into autonomous vessel designs supports the maritime
remotely controlled vessels with human oversight to fully
autonomous ships capable of independent operation. This industry's shift towards greener operations.
spectrum allows for gradual adoption and testing of autonomous C. Regulatory and Legal Framework
technologies, ensuring safety and reliability.
• Regulatory Adaptation: The advent of Maritime
I. Real-world Applications and Trials Autonomous Surface Ships (MASS) necessitates the
Several projects and collaborations are underway to test and revision of existing maritime regulations and the
refine autonomous shipping technologies. Companies like development of new frameworks to address autonomy-
Rolls-Royce, Kongsberg, and Yara have launched initiatives to specific issues such as liability, insurance, and vessel
develop and trial autonomous vessels, demonstrating the certification.
feasibility and benefits of these innovations. • International Collaboration: Ensuring the safe and
J. Regulatory and Legal Frameworks efficient integration of autonomous ships into global
shipping requires international collaboration and
The development of international regulatory frameworks is consensus-building among regulatory bodies, including
crucial for the safe and efficient integration of autonomous ships the International Maritime Organization (IMO).
into the global fleet. Organizations like the International
Maritime Organization (IMO) are working with industry D. Workforce and Employment
stakeholders to establish standards and regulations that address • Shift in Workforce Requirements: The transition to
safety, liability, and operational aspects of MASS. autonomous shipping is likely to shift workforce
K. Regulatory Efforts requirements within the maritime sector, with a decreased
need for traditional seafaring roles and an increased
National and international agencies have already started the demand for technical expertise in remote operations, AI,
"regulatory marathon" to prepare for the widespread operations and cybersecurity.
of MASS. The primary objective is to ensure that autonomous
vessels operate with an adequate level of safety compared to • Training and Skill Development: This shift underscores
vessels under human control. The IMO's Regulatory Scoping the importance of retraining and skill development
Exercise (RSE) is highlighted as a significant project aimed at programs for maritime professionals to prepare them for
assessing the impact of MASS on existing regulatory new roles in the era of autonomous shipping.
frameworks.
E. Cybersecurity
V. IMPACT ON VARIOUS SECTORS • Increased Cyber Risks: The reliance on digital
The development of uncrewed ships has begun to impact a technologies and remote-control systems in autonomous
wide range of stakeholders involved in shipping, including shipping introduces new cybersecurity challenges,
military, commercial, governmental entities, and those in the including the risk of cyber-attacks that could disrupt
fields of law, insurance, cybersecurity, engineering, ship design, operations or compromise sensitive data.
and more. • Robust Cybersecurity Measures: Addressing these
A. Maritime Operations and Safety risks requires the implementation of robust cybersecurity
measures, continuous monitoring, and the development
• Operational Efficiency: Autonomous shipping promises
of industry-wide cybersecurity standards.
to enhance operational efficiency through optimized
route planning, reduced voyage times, and lower F. Shipping Industry and Global Trade
operational costs, including fuel consumption. • Impact on Global Trade: By reducing operational costs
and enhancing efficiency, autonomous shipping has the
 Read more: Boosty | Sponsr | TG
potential to lower shipping costs, thereby impacting D. Cybersecurity
global trade dynamics and making maritime transport As crewless ships are heavily dependent on digital
more accessible. technologies and remote communications, they are vulnerable to
• Innovation and Investment: The push towards cyber threats such as hacking, spoofing, and malware attacks.
autonomous shipping is driving innovation and Developing advanced cybersecurity measures to protect against
investment within the maritime sector, encouraging the such threats is a significant challenge.
development of new technologies and operational E. Energy and Propulsion Systems
models.
Designing energy-efficient and reliable propulsion systems
G. Logistics and Supply Chain for crewless ships is another challenge. These systems must
• Revolutionizing Logistics: Autonomous shipping is support long-duration missions without the need for refueling or
expected to revolutionize logistics and transportation by maintenance interventions. Exploring alternative energy sources
enabling more efficient and reliable delivery of goods. and propulsion technologies is part of this challenge.

• Impact on Global Trade: By reducing operational costs F. Regulatory Compliance and Standardization
and enhancing efficiency, autonomous shipping has the Adapting existing maritime laws and regulations to
potential to lower shipping costs, thereby impacting accommodate crewless ships is a complex issue. This includes
global trade dynamics and possibly making maritime revising international conventions such as SOLAS, COLREGs,
transport more accessible. and UNCLOS to ensure that autonomous ships can operate
legally and safely. Developing new standards and certification
H. Technology and Innovation processes for autonomous ship technologies and operations is
• Advancements in AI and Automation: The also required.
development and deployment of MASS drive
advancements in AI, machine learning, sensor G. Human Factor and Training
technology, and automation, fostering innovation across Even though crewless, human oversight from shore-based
the technology sector. control centers is still necessary. Training personnel to operate,
monitor, and intervene in the operations of autonomous ships
• Growth in Autonomous Technology Providers: The presents new challenges. Developing training programs and
need for specialized technologies for MASS operations is simulators to prepare operators for this new paradigm is
expected to spur growth in companies providing essential.
autonomous navigation systems, communication
technologies, and cybersecurity solutions. H. Integration with Existing Fleet
Integrating autonomous ships into the existing fleet and
VI. TECHNOLOGICAL CHALLENGES AND ISSUES ensuring they can coexist safely with crewed vessels is a
A. Autonomy and Decision-Making challenge. This includes developing systems for autonomous
and crewed ships to communicate and coordinate their
Developing sophisticated autonomy systems capable of movements to prevent collisions and ensure smooth operations
making complex navigational decisions without human in busy maritime corridors.
intervention is crucial. These systems must process vast amounts
of data from sensors and other sources to navigate safely, avoid I. Reliability and Redundancy
obstacles, and comply with maritime laws. Ensuring the reliability of all systems on board crewless
B. Sensor and Data Processing Technologies ships is critical to prevent failures that could lead to accidents.
This includes designing redundant systems and fail-safes to take
Crewless ships rely heavily on sensors and data processing over in case of a malfunction.
technologies to accurately perceive their environment.
Developing reliable sensors that can function in various weather VII. TECHNOLOGICAL THREATS AND VULNERABILITIES
conditions and processing systems capable of interpreting sensor
data in real-time is essential. This includes radar, satellite A. Cybersecurity Threats
imagery, and underwater sensors for navigation and obstacle Crewless ships rely heavily on interconnected systems and
detection. automation, making them susceptible to various cybersecurity
C. Communication and Connectivity threats
• System Hacking: Unauthorized access to the ship's
Maintaining robust and secure communication links between control systems could allow attackers to take control of
the ship and shore-based control centers (SCC) or between the vessel, potentially leading to piracy, cargo theft, or
autonomous ships is vital. Overcoming challenges related to even using the ship for illicit activities.
bandwidth limitations, latency, and the risk of communication
loss or hacking is critical for remote monitoring, control, and • Data Breach: Sensitive data such as operational
intervention when necessary. patterns, cargo details, and crew information could be
stolen, leading to significant financial and reputational
damage.
 Read more: Boosty | Sponsr | TG
• Spoofing and Tampering: GPS spoofing attacks could • DoS & DDoS: DoS and DDoS attacks could target the
mislead a crewless ship’s navigation system, causing it communication infrastructure of crewless ships,
to deviate from its intended course or even collide with overwhelming the system with traffic to disrupt
other vessels or obstacles. operations. This could lead to loss of control, inability to
navigate safely, or failure to respond to critical system
• Ransomware: Attackers could lock down the ship’s alerts.
operating systems and demand ransom for release,
disrupting shipping operations and causing economic D. Lack of Human Oversight
losses. The absence of a crew eliminates the possibility of human
• Insider Threats: Insider threats could come from intervention in unforeseen situations, which can be critical in
individuals within the organization or supply chain with complex or hazardous scenarios:
access to the ship's systems. Malicious insiders could • Automated Decision-Making Flaws: Automated
intentionally introduce vulnerabilities, sabotage systems may not always be capable of handling
systems, or provide external attackers with access ambiguous or novel situations as effectively as a human
credentials, significantly compromising the security of crew, potentially leading to improper decisions.
crewless ships.
• Maintenance Challenges: Routine maintenance or
• Identity Spoofing and AIS Manipulation: Automatic emergency repairs that require human intervention may
Identification System (AIS) spoofing involves not be possible, leading to prolonged system downtime
manipulating the AIS data to create ghost ships or alter or failure.
the perceived location and identity of a vessel. This
could be used maliciously to cause confusion, facilitate E. Regulatory and Compliance Challenges
smuggling, or enable piracy by making it difficult for As crewless technology is relatively new, existing maritime
authorities to track and identify vessels accurately. laws and regulations may not adequately address the unique
challenges posed by autonomous vessels:
• Supply Chain Vulnerabilities: Crewless ships rely on
a complex supply chain of software and hardware • Liability and Accountability: Determining liability in
components. Vulnerabilities within this supply chain, the event of an accident involving a crewless ship can be
such as compromised software updates or hardware complex, especially when autonomous decision-making
components with built-in backdoors, could pose systems are involved.
significant security risks. Attackers could exploit these
vulnerabilities to gain unauthorized access or control • Compliance with International Laws: Adhering to
over the vessel. international maritime laws and standards designed for
crewed ships can be challenging for autonomous
B. Communication System Vulnerabilities vessels, particularly in terms of safety and
Crewless ships depend on continuous and secure environmental regulations.
communication links for remote monitoring and control.
F. Physical Security Concerns
Vulnerabilities in these systems can lead to:
Without a crew, physical security of the vessel becomes a
• Signal Interception: Unauthorized interception of concern, particularly in piracy-prone areas:
communication signals between the ship and shore
control centers could lead to information leakage or • Boarding and Robbery: Crewless ships may be easier
manipulation of operational commands. targets for pirates and robbers since there is no crew to
offer resistance.
• Communication Blackouts: Loss of communication
due to system failure or deliberate jamming attacks • Physical Tampering and Sabotage: The risk of
could leave a ship stranded or uncontrolled, posing risks sabotage increases without the deterrence of a human
to the vessel and its cargo. presence on board, including the placement of explosive
devices or other forms of sabotage that could disable the
C. Software and Hardware Failures ship or cause environmental damage.
The reliance on software-driven operations and electronic
hardware presents risks associated with system reliability: VIII. RESOLVING TECHNOLOGICAL THREATS AND
VULNERABILITIES
• Software Bugs and Glitches: Software errors can lead
Addressing the technological threats and vulnerabilities
to incorrect operational commands being executed,
associated with Maritime Autonomous Surface Ships (MASS)
potentially leading to navigation errors or system
or crewless ships requires a multifaceted approach that
malfunctions.
encompasses advancements in cybersecurity, communication
• Hardware Malfunctions: Failure of critical hardware systems, software and hardware reliability, regulatory
components such as sensors, navigation systems, or compliance, and human factors training.
propulsion controls can compromise the safety and
operational integrity of the vessel.
 Read more: Boosty | Sponsr | TG
A. Enhanced Cybersecurity Measures F. Integration with Existing Fleet
• Intrusion Detection Systems (IDS): Implement • Collision Avoidance Algorithms: Implement advanced
advanced IDS to monitor network traffic for suspicious collision avoidance algorithms that comply with the
activities and potential threats. International Regulations for Preventing Collisions at Sea
(COLREGs), ensuring safe navigation among crewed
• Encryption: Use strong encryption for data at rest and in and uncrewed vessels.
transit to protect sensitive information from unauthorized
access. • Inter-Vessel Communication Systems: Develop
systems that enable seamless communication between
• Regular Software Updates and Patch Management: crewless and crewed ships, facilitating coordination and
Ensure that all software components are regularly situational awareness.
updated to fix vulnerabilities and enhance security
features. G. Acceptance and Trust
• Security by Design: Incorporate cybersecurity measures • Transparency and Reporting: Foster transparency by
from the initial design phase of MASS, ensuring that sharing safety records, incident reports, and technological
security is an integral part of the development process. advancements with the maritime community and the
public to build trust.
B. Robust Communication Systems
• Stakeholder Engagement: Engage with stakeholders,
• Redundant Communication Links: Establish multiple, including regulators, industry partners, and the public, to
independent communication channels to ensure address concerns and gather feedback on the integration
continuous connectivity even if one link fails. of MASS into the maritime sector.
• Secure Communication Protocols: Implement secure H. Physical Tampering and Sabotage
and authenticated communication protocols to prevent
unauthorized access and ensure data integrity. • Tamper Detection Sensors: Install sensors that alert
control centers when unauthorized access or physical
• Satellite Communication Diversity: Utilize a tampering occurs.
combination of satellite communication systems to
reduce the risk of signal jamming and interception. • Surveillance Systems: Use advanced surveillance
systems, including cameras and drones, to monitor the
C. Software and Hardware Reliability ship remotely.
• Fault Tolerance: Design systems with fault tolerance in • Physical Locks and Barriers: Implement robust
mind, allowing them to continue operating correctly even physical security measures such as locks and barriers
in the presence of hardware or software failures. that are difficult to bypass without proper authorization.
• Regular System Testing: Conduct comprehensive I. Identity Spoofing and AIS Manipulation
testing, including penetration testing and vulnerability
assessments, to identify and address potential • Encryption and Authentication: Encrypt AIS signals
weaknesses. and implement strict authentication measures to prevent
spoofing.
• Predictive Maintenance: Implement predictive
maintenance technologies that use data analytics to • Anomaly Detection Systems: Deploy systems that
predict equipment failures before they occur, allowing for detect anomalies in AIS data to identify potential
proactive repairs and replacements. spoofing activities.

D. Regulatory Compliance and Standardization • Cross-Verification: Use cross-verification with other

data sources such as radar and satellite to confirm vessel
• International Standards: Develop and adhere to locations.
international standards for the design, construction, and
operation of MASS to ensure safety and interoperability. J. Insider Threats
• Certification Processes: Establish clear certification • Access Controls: Implement strict access controls and
processes for MASS technologies, ensuring they meet role-based access to sensitive systems.
safety, security, and environmental standards. • Behavior Monitoring: Use behavior monitoring tools
E. Human Factor and Training to detect unusual activities that could indicate malicious
insider actions.
• Remote Operator Training: Develop comprehensive
training programs for remote operators, focusing on the • Regular Security Training: Conduct regular security
unique challenges of operating MASS, including awareness training to educate employees about the risks
emergency response and decision-making. and signs of insider threats
• Simulation-Based Training: Utilize advanced
simulators to train operators in a variety of scenarios,
enhancing their skills in managing autonomous ships
 Read more: Boosty | Sponsr | TG
IX. NATIONAL AND INTERNATIONAL REGULATORY • Norway is a leader in developing and testing autonomous
FRAMEWORKS ships, such as the Yara Birkeland, the world's first zero-
The legal and cybersecurity landscape for crewless maritime emission, fully autonomous container ship.
(autonomous) vessels varies significantly across different • Norwegian authorities are actively developing
countries, reflecting a complex interplay of national regulations, regulations in collaboration with industry stakeholders to
international guidelines, and the specific challenges posed by the enable safe and efficient autonomous operations within
deployment of Maritime Autonomous Surface Ships (MASS). their waters.
The ongoing efforts by the IMO and national authorities aim to
create a cohesive and comprehensive regulatory environment 3) United Kingdom:
that can adapt to the rapid advancements in maritime • The UK's Maritime and Coastguard Agency (MCA) is
autonomous technologies. involved in setting standards and certifications for
MASS, focusing on ensuring that these vessels meet
A. International Regulatory Framework safety and operational requirements.
1) International Maritime Organization (IMO) Initiatives:
• The UK is also exploring the legal implications of
• The IMO has conducted a Regulatory Scoping Exercise
autonomous operations, particularly concerning liability
(RSE) to assess how existing international conventions
and insurance.
apply to MASS and identify gaps that need to be
addressed. 4) European Union:
• This exercise has led to ongoing discussions about • The EU has not yet established a unified regulatory
developing a goal-based code for MASS, which would framework for autonomous ships but is actively
set broad safety and performance standards without researching and supporting trials through various
prescribing specific technological solutions. initiatives.

• The IMO continues to work on developing a regulatory • Issues under consideration include cross-border
framework specifically for MASS, which includes operations and the harmonization of standards across
cybersecurity as a critical component member states.

2) International Conventions: • The EU's cybersecurity agency, ENISA, supports the

maritime sector by providing cybersecurity
• Current international maritime conventions, such as
recommendations and facilitating information exchange
SOLAS (Safety of Life at Sea), MARPOL (Prevention of
Pollution from Ships), and COLREGs (Collision C. Cybersecurity Considerations
Regulations), are under review to accommodate • Increased Cyber Risks: The shift to more automated
autonomous ships. and remotely controlled systems increases vulnerability
• These conventions traditionally assume a human to cyber threats, including data breaches, unauthorized
presence on board, necessitating significant revisions to access, and sabotage.
integrate crewless operations. • Cyber Risk Management: International and national
B. National Regulations and Developments bodies emphasize the need for robust cyber risk
management strategies. This includes implementing
1) United States:
layered defense mechanisms, regular vulnerability
• The U.S. has shown interest in autonomous vessels assessments, and ensuring that cybersecurity measures
primarily for military purposes but is also exploring evolve with technological advancements.
commercial applications.
• Need for Robust Cybersecurity Measures: Effective
• Regulatory adjustments are being considered to address cybersecurity frameworks for MASS must include risk
the deployment of autonomous vessels, including assessment, threat mitigation strategies, continuous
cybersecurity measures to protect against the increased monitoring, and incident response plans.
risk of cyber-attacks due to higher reliance on digital
systems. • Collaboration and Standardization: There is a
significant need for international collaboration to
• The U.S. Coast Guard has issued guidelines for develop standardized cybersecurity practices that can be
addressing cyber risks at Maritime Transportation adopted globally to protect MASS operations
Security Act (MTSA) regulated facilities, which
indirectly affect autonomous ships D. Stakeholder Engagement
• The U.S. continues to explore the implications of 1) International Collaboration:
autonomous maritime vessels through research and Both the IMO and national bodies like the MCA emphasize
development projects, focusing on integrating the importance of international collaboration and stakeholder
cybersecurity measures into the design and operation of engagement. This is crucial for developing a unified and
comprehensive regulatory framework that can be applied
these vessels
globally. Engaging various stakeholders ensures that the
2) Norway:
 Read more: Boosty | Sponsr | TG
regulations are robust, inclusive, and supportive of international Stakeholder engagement in these projects helps in
maritime operations. identifying practical security requirements and effective risk
management strategies that are informed by both theoretical
The IMO's goal-based instruments are developed in knowledge and industry practices.
consultation with a wide range of stakeholders, including
member states, shipping companies, technology providers, and 3) Public and Private Sector Cooperation:
international regulatory bodies. This collaborative approach The development of cybersecurity architectures and the
helps in addressing the diverse challenges and requirements of implementation of defense-in-depth (DiD) strategies for MASS
autonomous maritime operations. involve cooperation between the public and private sectors. This
includes sharing best practices, conducting joint risk
2) Industry and Academic Involvement:
assessments, and developing standardized security protocols
Research and development projects often involve that can be adopted across the industry.
partnerships between academia, industry, and regulatory bodies.
For example, cybersecurity frameworks and risk management Engaging stakeholders from both sectors ensures that the
strategies for autonomous ships are developed through cybersecurity measures are comprehensive, addressing the
collaborative research that includes universities, maritime needs and concerns of all parties involved in maritime operations
companies, and cybersecurity experts.