The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)
Current efforts in Ports and Supply Chains Risk
Assessment
Nineta Polemi
UNIPI Security Lab, Department of Informatics
University of Piraeus, UNIPI
Piraeus, Hellas
dpolemi@gmail.com
Abstract— Port services and maritime supply chain processes
depend upon complex interrelated ICT systems hosted in the
ports’ Critical Information Infrastructures (CIIs). Current
research efforts for securing the dual nature (cyber-physical) of
the ports and their supply chain partners are presented here.
Keywords - physical /cyber security, risk assessment, supply
chain
I. INTRODUCTION
Critical Infrastructures (CIs) have become dependent on
ICT technologies (such as networking, telecommunications,
cloud, sensor and SCADA technologies), thereby rendering
Critical Information Infrastructures (CIIs) a vital element of
their functioning. This is very prominent in the case of modern
port infrastructures, which tend to be highly dependent on the
operation of complex, dynamic ICT-based maritime supply
chains. Ports and their supply chains are becoming a target for
hackers [35], which are increasingly launching cyber-attacks
on ports’ systems, including vessels, global navigation systems,
ports’ physical systems and cargo management systems. Such
attacks can disable a vessel, highjack, divert or steal cargo,
while also compromising sensitive customer or corporate data.
Likewise, attacks in the ports’ Industrial Control Systems
(ICSs) (e.g. supervisory control, SCADA, distributed control
systems and programmable logic controllers) may cause
disruption or damage of critical port mechanical devices (e.g.
container cranes, safety and mechanical systems that operate
locks and dams) and even worse they may cause loss of life,
steal of cargo and destroy of ship. According to the US ICS-
CERT report from 2006 to 2012, the number of cyber incidents
in SCADA systems increased 782%. An attack on a container
terminal management system could disrupt intermodal
container services involving maritime, rail and truck
transportation. Older port legacy ICS have long service lives
and they often operate in independent modes with inadequate
password policies and security administration, no data
protection mechanisms and protocols that are prone to
snooping, interruption and interception which may cause the
disruption of various critical ports’ and SC operations and
services.
The emerging landscape of ICT-empowered ports’ CIIs-
requires a paradigm shift in the way it assesses risks and
978-1-908320-52/0/$31.00 ©2015 IEEE
Spyros Papastergiou
UNIPI Security Lab, Department of Informatics
University of Piraeus, UNIPI
Piraeus, Hellas
paps@unipi.gr
vulnerabilities, as well as in relevant risk management
methodologies. For over a decade significant efforts have been
allocated in the introduction of risk management and assurance
methodologies for CIs [1]. Most of these risk management
methodologies focus on the identification and classification of
threats, the identification of the various vulnerabilities and
ultimately the evaluation of the potential impact of threats and
vulnerabilities (e.g., [2], [3]). These methodologies feature
differences in terms of the stakeholders that they address (e.g.,
policy makers, decision makers, asset managers, CI operators,
solution integrators), but also in terms of the assets that they
support and the level of accuracy that can handle. However,
they are not appropriate for dealing with contemporary ICT
based ports CII and dynamic maritime supply chains, due to
their following limitations:
x They are overly focused on physical-security aspects
and pay limited attention to CIIs. At the same time
they tend to ignore the complex nature of the ICT
systems and assets used in the maritime sector (e.g.,
SCADA), along with their interrelationships. This is
for example the case with several international
standards and legislation (e.g., International Ships and
Port Facilities Security Code (ISPS), the International
Safety Management Code and EC Regulation No
725/2004 on enhancing ship and port facility security,
the EC Directive 2005/65 on enhancing port security),
as well as with related risk assessment methodologies
e.g. MSRAM (Maritime Security Risk Analysis
Model) and MARISA (MAritime RISk Assessment)
[4].
x They do not adequately take into account security
processes associated with international supply chains,
which are nowadays ICT enabled and therefore
severely dependent on intentional and unintentional
compromise of CIIs. This is reflected in the fact that
up-to-date we have seen only limited/partial
implementations of relevant standards (such as ISO
28000).
The above listed limitations are also acknowledged in
reports, standards and regulations produced by prominent
security stakeholders. For example the first ENISA (European
Union Agency for Network and Information Security) report
349
 The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)
on cyber maritime security (2011) [5] concludes that awareness
on cyber security needs in the maritime sector is currently low
to non-existent and highlights the challenges of managing the
interdependencies between ICT systems and other port assets.
As a result, most of the actors involved in the ports CII and
maritime supply chain use varied and nonstandard practices to
guarantee the credibility and the effectiveness of the full
system development life cycle including design/development,
acquisition of custom or commercial off-the-shelf (COTS)
products, delivery, integration, operations, and
disposal/retirement. Most of the adopted components present
significant vulnerabilities and weaknesses and might be flawed
or counterfeit, or might contain malicious elements thereby
jeopardizing the operation of the whole maritime supply chain.
In this context, the lack of visibility and traceability in the often
opaque processes and practices used to develop and acquire
ICT related products and services from each maritime actor
increases the risk of not being able to detect and remedy
intentional and unintentional compromises that may be
introduced through a variety of means, including counterfeit
materials and malicious software.
Enhanced, global risk assessment frameworks that can deal
with ports ICT risks, cascading effects of ports risks to their
supply chain, threats and vulnerabilities, of ICT-based
maritime supply chain are needed. This paper presents the
escalating results from three related projects: CYSM
(http://www.cysm.eu/index.php/en/), Medusa
(medusa.cs.unipi.gr) and Mitigate (www.mitigateproject.eu)
and concludes with various open issues for further research.
II. CII RISK ASSESSMENT: THE CYSM APPROACH
A. State-of-the Art
The main goal of risk management is (in general) to protect
business assets and minimize costs in case of failures and thus
it represents a core duty of successful port management.
Hence, risk management describes a key tool for the security
within organizations and it is essentially based on the
experience and knowledge of best practice methods. These
methods consist of an estimation of the risk situation based on
the business process models and the infrastructure within the
organization. In this context, these models support the
identification of potential risks and the development of
appropriate protective measures. The major focus lies on
companies and the identification, analysis and evaluation of
threats to the respective corporate values.
The outcome of a risk analysis is in most cases a list of
risks or threats to a system, together with the corresponding
probabilities. International standards in the field of risk
management are used to support the identification of these
risks or threats as well as to assess their respective
probabilities. These standards range from general
considerations and guidelines for risk management processes
(e.g. [16], [17], [15]) to specific guidelines for the IT sector
(e.g. [14], [12], [13], [11], [10], [9]) all the way to highly
specific frameworks as, for example, in the maritime sector
(e.g., [8], [7], [6], [18]). Most of these standards specify
framework conditions for the risk management process, but
978-1-908320-52/0/$31.00 ©2015 IEEE
rarely go into detail on specific methods for the risk analysis or
risk assessment. This is one reason why often differences in the
risk assessment arise within the specific areas of application,
making a direct comparison of the results difficult.
In principle, choosing the right method and the right tool
for risk analysis and risk evaluation proves to be complicated.
In recent years, a number of concepts, algorithms and tools
have evolved from research, specially designed to protect the
ICT infrastructure and related systems. Since their historical
background is settled in a business context, in these methods a
quantitative risk assessment is usually performed based on
monetary costs (see [19], [20] and the EBIOS method and the
aforementioned ISO / IEC 27005:2013 standard [13]). In this
context, most of the methods and tools (see [21] for a
comprehensive list) just use the commonly known rule of
thumb "risk = probability x potential damage" [22]. Depending
on the applied method, the terms and scales for the assessment
of the probabilities as well as the potential damage are
predefined (such as in the NIST policy [24] or in the Mehari
method [23]). In practice, the selection of a specific risk-
assessment tool is based on practical considerations, and
depends on how well the present terminology of the application
can be mapped onto the predefined specific terminology of the
risk assessment methodology.
In order to structure the process of risk assessment, there
are various attempts to develop ontologies for general risk
assessments [25], [26]. For example, the AURUM system [27]
provides a graphical tool for the modeling based on ontologies.
Therefore, it uses a Bayesian approach for determining threat
probabilities (which is also done by the method proposed in
[28]). The OCTAVE method [29] is based on subjectively
estimated probabilities and thus can be understood as an apriori
distribution with regards to the Bayesian approach. The
OCTAVE method uses UML as a modeling language and
represents a comprehensive collection of tools and best practice
methods for risk management. The CORAS method [30]
allows the integration of several different risk assessment
processes, whereas the identification of the probability of an
attack is not done automatically but apriori to any risk
assessment.
In contrary to the aforementioned general and IT-specific
guidelines for risk management, the security and risk
management in the maritime sector a huge emphasis is laid on
the physical and object security. In particular, the International
Ship and Port Facility Security (ISPS) Code [6] (as well as the
respective EU regulation [8]) defines a set of measures to
enhance the security of port facilities and ships. Therein,
methodologies to perform security assessments and to detect
security threats are described and a guideline for the
implementation of the respective security measures is given.
Additionally, roles and responsibilities concerning maritime
security at a national and international level are defined.
Nevertheless, due to the increased interaction and exchange of
information of ports with other critical infrastructures in the
maritime eco-system (e.g. port authorities, ministries, maritime
companies, ship industry, etc.) the sole focus on physical
security is not sufficient any more. Moreover, the security of
the port’s cyber-physical systems becomes equally important.
350
 The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)
B. The CYSM approach
CYSM implemented a targeted risk management
methodology (CYSM-RM) that relies on modeling and group
decision making techniques using the collective knowledge of
all users, estimating and rolling up risks (physical and cyber)
across diverse target types, attack modes, and geographic
levels. CYSM evaluates and manages physical and cyber risks
against the requirements specified in the ISPS Code and
ISO27001. The CYSM methodology [31] which constitute the
conceptual pillars for building a solution was implemented in
an innovative, scalable Risk Assessment Toolkit which
facilitates the ports’ security team to efficiently identify, assess
and treat their security and safety incidents involving all port
operators and users. The toolkit adopts and implements a
bouquet of flexible and configurable self-driven functions and
procedures [32] which constitute the conceptual pillars for
building a solution that assists ports to improve their current
cyber and physical level.
III. SUPPLY CHAIN ΟΡΓΑΝISATIONAL RISK ASSESSMENT:
THE MEDUSA APPROACH
A. State-of-the Art
Maritime supply chains comprise globally distributed,
interconnected set of organizations including port authorities,
ministries, maritime companies, ship industries, customs
agencies, maritime/ insurance companies, other transport CIs
(e.g. airports), other CIIs (e.g. transport networks, energy
networks, telco networks), people, processes, services,
products, and more. The interconnection of these actors and
organizations relies typically on an interconnected web of
transportation infrastructures and pathways, information
technology, as well as cyber and energy networks.
The maritime supply chain of the modern era has become
dependent on ICT components to operate, establishing a
complex and dynamic supply chain.
The ports and shipping play a major role in the maritime
supply chain and their infrastructures have interdependencies at
multiple levels (infrastructural, national/intra-sectoral). In this
context, they interact closely with all actors in the complex
maritime eco-system involving port authorities, ministries,
maritime companies, ship industry, customs agencies,
maritime/ insurance companies other transport CIIs (e.g.
airports) and other CIs (e.g. transport networks, energy
networks, telecommunication networks). As a result, port
stakeholders (notably port security operators and port facilities
operators) have to deal with internal, external and diffused
cyber/physical threats come from the whole maritime supply
chain. ISO has published four (4) supply chain security related
standards: ISO 28000:2007 on Specification for security
management systems for the supply chain; ISO 28001:2007 on
Security management systems for the supply chain;
ISO28003:2007 on Security management systems for the
supply chain; ISO 28004:2007 on Security management
systems for the supply chain – Guidelines for the
implementation of ISO 28000. However there are not specific
methodologies to implement these standards and not user-
friendly tools to integrate them.
978-1-908320-52/0/$31.00 ©2015 IEEE
B. The Medusa approach
MEDUSA provided a risk management method and an ICT
tool for maritime cyber-security with particular emphasis on
methods that take into account the cascading effects of threat
scenario arising in the scope of the maritime supply chain at
entity level. Medusa Supply Chain risk assessment
methodology, [33] relies on dependency graphs, used to
visualize and analyse the dependencies within the supply chain
business entities (and not within interconnected assets) and to
calculate supply chain risks, individual risks and partial risks
arising from a portion of the supply chain. The goal of Medusa
is twofold. First, to assess the overall security risks of a supply
chain. The derived overall risk values are used in order to
define a baseline supply chain security policy, defining the
least necessary security controls required by each business
partner. Medusa extends ISO28001 in several ways: First it
defines threat categories and uses them to group specific threat
scenarios. Then the threat categories are mapped to specific
subsets of the security controls already defined in the Security
Declaration Statements (as provided by all supply chain
business partners). Thus by using these Statements, it is easy to
quantify the vulnerability (and eventually likelihood) of each
partner for each examined threat scenario. In addition Medusa
allows the efficient assessment of cascading risks within the
SC; by using input data already provided in the previous steps,
all potential dependency chains of the SC are assessed and their
cascading risk values are then used to prioritize risk mitigation.
MEDUSA system [34] expanded CYSM systems’ capabilities
with a range of mechanisms, techniques and components:
x for capturing multi-order dependencies between port
infrastructures and their supply chain business
partners;
x for identifying and visualizing the critical path of the
inter-dependencies across the ports’ supply chain,
x for assessing the potential impact of security incidents
on port infrastructures, given their various
dependencies with their supply chain business partners.
IV. SUPPLY CHAIN CYBER RISK ASSESSMENT: THE
MITIGATE VISION
A. State-of-the Art
The modern ICT supply chain is subject to a variety of
cyber security threats and threat scenario (combination of
threats). These SC threat scenarios and security incidents may
affect the confidentiality, integrity, or availability of the ports’
and SC’ information and information systems and include
counterfeiting, tampering, theft, reduced or unwanted
functionality, or malicious content. Unfortunately related
projects do not address the security problem e.g. MEDUSA
does not cover the propagation of cyber security threats within
the interrelated SC assets, INTEGRITY, IMCOSEC, and
SMART-CM focused on tracking the container;
CASSANDRA focused on consignment data; CORE aimed at
consolidating solutions.
351
 The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)
B. The MITIGATE vision
MITIGATE (9/2015-4/2017) goes a step forward realizing
the need for assessing the cascading effects of cyber threats in
the maritime multi-sector environment. Special emphasis will
be paid in the provision of support for security processes
associated with the dynamic (ICT-based) international
maritime supply chains. It will include technical, policy,
techno-economic and usability perspectives into the risk
assessment process thus taking the viewpoints of a variety of
stakeholders into account. It will develop the MITIGATE Risk
Assessment Framework enabling the simulation of cyber risks,
towards facilitating the training of the various stakeholders,
which also goes beyond the scope of alternative state-of-the-art
tools. Overall, MITIGATE will adequately address the
limitations of existing risk management methodology for
handling cyber-security at asset level and the implications of
international supply chains. MITIGATE system will enable
port operators to manage their security in a holistic, integrated
and cost-effective manner, while at the same time producing
and sharing knowledge associated with the identification,
assessment and quantification of cascading effects of cyber
threats originated from the ports' supply chain. In this way, port
operators will be able to predict potential security incidents, but
also to mitigate and minimize the consequences of divergent
security threats and their cascading effects in the most cost-
effective way i.e. based on evidence associated with simulation
scenarios and security assurance models. MITIGATE will
comprise simulation models, which will enable the production
of timely, accurate, objective, reliable, relevant and high
quality evidence, information, indicators and factors. The latter
will empower a first-of-a-kind analysis and assessment of
multi-dimensional cyber risks, which is not nowadays possible.
V. EVOLUTION FROM CYSM TO MEDUSA AND FINALLY TO
MITIGATE
This Section outlines the objectives and targets of the three
E.C. projects (CYSM, Medusa, MITIGATE) in ten areas
revealing the evolution of results, as follows:
1) Scope & Context-Boundaries:
a) CYSM emphasizes on the protection of Port
facilities, based on the provision of a dynamic risk
management methodology for ports’ CII considering their
physical-cyber nature.
b) MEDUSA focuses on the protection of the port
supply chain. It defines a methodological approach for the
identification of multi-order dependencies of security
incidents and risks, in the scope of multi-sector cross-border
scenarios.
c) MITIGATE enhances CYSM & Medusa towards
protecting port facilities in the scope of interacting supply
chains. MITIGATE will adopt an evidence-driven Maritime
Supply Chain Risk Assessment model in order to capture and
deal with cascading effects risks, threats and vulnerabilities,
associated with the ICT-based maritime supply chain.
2) Threats Landscape:
978-1-908320-52/0/$31.00 ©2015 IEEE
a) CYSM supports identification and measurement of
organization-wise threats. These include internal threats
pertaining to the ports’ ICT and physical infrastructure.
b) MEDUSA supports identification and measurement
of cross-sectoral and cross-border threats, including threats
associated with cascading effects.
c) MITIGATE supports identification and measurement
of combined cross-sectoral and cross-border attacks/threats
paths and patterns arising from the ports’ supply chain, Both
organization-wise and interdependent cyber threats deriving
from the interconnection of the ports with other entities (e.g.,
ships, port authorities, maritime / insurance companies,
customs, ship-industry) will be evaluated.
3) Impact Analysis Model:
a) CYSM is based on models that determine the value
of the corporate assets and estimate the potential impact of
threats in terms of specific criteria (availability confidentiality,
integrity) and based on various organizational scenarios (cost,
legal, technical…).
b) MEDUSA aims at modeling, visualizing and
simulating security scenarios and their cascading effects cross
CIs that are dependent on port CIs.
c) MITIGATE enhances CYSM and MEDUSA in order
to perform impact analysis for threats/assets involved in
supply chain operations. This will require the integration of
appropriate assurance
4) Countermeasures:
a) CYSM introduces countermeasures for reducing
ports’ risks.
b) MEDUSA identifies and documents security
measures that could minimize the consequences of cascading
effects in multi-sector cross-border port security scenarios.
c) MITIGATE introduces additional countermeasures
towards reducing risks associated with the whole supply
chains. The countermeasures will be produced based on an
Open Risk Assessment Simulation Environment, thereby
exploiting the project’s evidence based approach.
5) Cartography capabilities:
a) CYSM operates based on the identification and
representation of the ports’ architectural structure.
b) MEDUSA introduces algorithms for identifying
multi-order dependencies between entities involved in the
maritime supply chain.
c) MITIGATE adopts algorithms and techniques for
capturing and analyzing the multi-order dependencies between
ports’ ICT infrastructures and multiple Critical Information
Infrastructures (CIIs) participating in the global supply chain.
6) Risk Analysis:
a) CYSM risk analysis of the ports’ facilities is based on
a straightforward approach that relies only on the ports’ users
knowledge.
b) MEDUSA assesses security incidents and risks, in
the scope of multi-sector cross-border scenarios.
352
 The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)
c) Risk analysis in MITIGATE for the ports’ supply
chain is based on a more rigorous, rational approach that
produces high quality scientific and experimental based proofs
and findings (e.g. simulation results, indicators,
recommendations).
7) Computational model:
a) In CYSM a multi–criteria group decision making
model has been developed and adopted in order to calculate
the actual risk factor. The proposed model takes into
consideration a set of criteria and parameters as well as the
opinion of various users’ groups with different vision angle.
b) MEDUSA adopts an approach based on game theory
and graph theory techniques to minimize the consequences of
cascading effects in multi-sector cross-border port security
scenarios.
c) MITIGATE leverages simulation models (based on
game theory and graph theory techniques) combined with a
multi–criteria group decision making approach in order to
produce timely, accurate, objective, reliable, relevant and high
quality evidence, information, indicators, factors and
parameters associated based on which the multi-dimensional
risks will be assessed.
8) Standards Compliance:
a) CYSM is in-line with the requirement, rules and
obligations imposed by security and safety related standards
(ISO27001, 27005, ISPS) that focus on the protection of the
ports’ facilities.
b) MEDUSAs’ emphasis on the supply chain is
reflected in the provision of support for ISO28000.
c) MITIGATE leverages and implements existing
security standards (such as ISO27001, 27005, ISPS, ISO2800,
ISO28001) associated with the protection of the maritime
ICT-based maritime supply chain.
9) Predictive and forecasting capabilities:
a) CYSM evaluates a predefined list of threats
associated with ports’ ICT and physical infrastructures.
b) MEDUSA evaluates a predefined list of threats
associated with ports supply chain
c) MITIGATE leverages appropriate simulation models
and processes for the representation and prediction of the
possible attacks/threats paths and patterns. These models will
be used to measure their effectiveness and applicability, as
well as to and to determine the exploitation, resilience and
reliability level of ports’ supply chains.
10) Risk Assessment (RA) tool:
a) The CYSM RA tool is based on a set of interactive
and collaborative technologies.
b) MEDUSA tool is based on a set of visualization tools
and techniques to model and simulating ports supply chain
scenarios.
c) The MITIGATE tool adapts and integrates a number
of risk management components, modules and sub-systems
developed in the CYSM and MEDUSA and also incorporates
978-1-908320-52/0/$31.00 ©2015 IEEE
a set of ICT technologies, including semantic web
technologies (for ontology management, context management
and profiling), cloud computing and BigData and crowd-
sourcing technologies (i.e. in order to collect and analyze open
information from public resources).
VI. CONCLUSIONS AND FURTHER RESEARCH
The security of global maritime supply chains remains an
open, multi-dimensional problem requiring technological
interoperability, maritime policy harmonization, common legal
framework respecting security, privacy and accountability
principles at international level. The security of the EU
commercial ports require the facilitation and implementation of
an EU Maritime Security Policy acknowledging the dual
nature of the ports (physical and cyber) and their importance as
Critical Information Infrastructures to EU and global digital
economy. Finally a series of maritime governance issues seek
solutions:
x Harmonisation of critical maritime practices (e.g.
border control, container authentication, logistics);
x Strengthening the compatibility of the security
approaches adopted by the EU Countries with
international standards and EU legislation;
x Establishment of trust chains of maritime entities at
national, regional and European level, the lack of
which is considered the most important obstacle in the
way they manage security processes in the e-maritime
world;
x Development of the local and regional business and
manufacturing sector facilitating the effective and
efficient transport of bulk cargos and manufactured
goods.
ACKNOWLEDGMENT
The author is grateful to the European Commission
("Prevention, Preparedness and Consequence Management of
Terrorism and other Security related Risks for the Period 2007-
2013" and Digital Security: CyberSecurity, Privacy and Trust
(H2020-DS-2014-1) Programme) for funding the projects:
CYSM, MEDUSA, MITIGATE. Special thanks to the
consortium members of these projects for their work in
achieving the above mentioned results. Finally the author
acknowledges the contribution of the Research Center of
University of Piraeus (UPRC).
REFERENCES
[1] Georgios Giannopoulos, Roberto Filippini, Muriel Schimmer, «Risk
assessment methodologies for Critical Infrastructure Protection. Part I: A
state of the art», Joint Research Center Publication, JRC 70046, EUR
25286 EN, ISBN 978-92-79-23839-0, ISSN 1831-9424, doi:
10.2788/22260, Luxembourg: Publications Office of the European
Union, 2012.
[2] J. P. G. Sterbenz, D. Hutchison, E. K. etinkaya, A. Jabbar, J. P. Rohrer,
M. Schoeler et al., (2010) Resilience and survivability in communication
networks: Strategies, principles, and survey of disciplines, Computer
Networks, Vol 54, pp. 1245-1265.
[3] Chuvieco E, Aguado I, Yebra M, Nieto H, Salas J, Martín P, Vilar L,
Martínez J, Martín S, Ibarra P, de la Riva J, Baeza J, Rodríguez F,
353
 The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)
Molina JR, Herrera MA, Zamora R (2010) Development of a framework
for fire risk assessment using remote sensing and geographic
information system technologies. Ecological Modelling 221, 46–58.
[4] Jean-François Balmat, Frédéric Lafont, Robert Maifret, Nathalie Pessel,
«MAritime RISk Assessment (MARISA), a fuzzy approach to define an
individual ship risk factor», Ocean Engineering - OCEAN ENG
01/2009; 36(15):1278-1286. DOI: 10.1016/j.oceaneng.2009.07.003
[5] European Network and Information Security Agency, «Analysis of
Cyber Security Aspects in the Maritime Sector», November 2011.
[6] International Maritime Organisation, “International Ship and Port
Facility Security Code”, London, United Kingdom, 2004
[7] International Standardization Organization, “Ships and marine
technology – Maritime port facility security assessments and security
plan development”, Geneva, Switzerland, 2007.
[8] European Commission, “Regulation (EC) No 725/2004 of the European
Parliament and of the Council of 31 March 2004 on enhancing ship and
port facility security”, Official Journal of the European Union, L 129/6,
p. 6-91, 2004.
[9] Common Criteria Working Group, “Common Methodology for
Information Technology Security Evaluation - Evaluation
methodology”, CCMB-2007-09-004,
http://www.commoncriteriaportal.org, 2007.
[10] The Stationery Office (TSO), “Continual Service Improvement”, 2007,
ITIL V3.
[11] Bundesamt für Sicherheit in der Informationstechnik, „IT-Grundschutz
Kataloge“, 2013 online:
https://www.bsi.bund.de/DE/Themen/ITGrundschutz/itgrundschutz_nod
e.html (Access Date: 27 November, 2015).
[12] International Standardization Organization, “ISO 27001: Information
Security Management System Requirements”, Geneva, Switzerland,
2013.
[13] International Standardization Organization, “ISO 27005: Information
security risk management”, Geneva, Switzerland, 2011.
[14] International Standardization Organization, “ISO 20000: Information
Technology Ser-vice Management”, Geneva, Switzerland, 2005.
[15] Austrian Standards Institute, “ONR 49000: Risikomanagement für
Organisationen und Systeme: Begriffe und Grundlagen“, Wien,
Österreich, 2004
[16] International Standardization Organization, “ISO 31000: Risk
Management – Principles and Guidelines”, Geneva, Switzerland, 2009.
[17] International Standardization Organization, “ISO 31010: Risk
management -- Risk assessment techniques”, Geneva, Switzerland,
2009.
[18] International Standardization Organization, “ISO 20858: Ships and
marine technology -- Maritime port facility security assessments and
security plan development”, Geneva, Switzerland, 2009.
[19] T. R. Peltier, “Information security risk analysis”, Auerbach
Publications, 2001.
[20] S. E. Schechter, “Computer security strength and risk: a quantitative
approach,“ Harvard University, 2004.
[21] European Network and Information Security Agency, “Inventory of Risk
Management / Risk Assessment Methods“, 2010. [Online], Available:
https://www.enisa.europa.eu/activities/risk-management/current-
risk/risk-management-inventory (Access Date: 27 November, 2015).
978-1-908320-52/0/$31.00 ©2015 IEEE
[22] CCRA Working Group, “Common Criteria for Information Technology
Security Evaluation“, CCRA, [Online]. Available:
www.commoncriteriaportal.org (Access Date: 27 November, 2015).
[23] Clusif Methods Commission, “MEHARI V3 Risk Analysis Guide”,
2004.
[24] G. Stoneburner, A. Goguen und A. Feringa, “Special Publication 800-
30: Risk Management Guide for Information Technology Systems“,
National Institute of Standards and Technology, 2002.
[25] S. Kollarits, N. Wergles und H. Siegel et al., “MONITOR - An
ontological basis for risk management“, 2008. [Online]. Available:
http://www.monitor-
cadses.org/documents/MONITOR_BaseOntology_Report_1_0.pdf
(Access Date: 27 November, 2015).
[26] T. J. Chiang, J. S. Kouh und R. I. Chang, „Ontology-based Risk Control
for the Incident Management,“ International Journal of Computer
Science and Network Security, Bd. 9, Nr. 11, p. 181, 2009.
[27] A. Ekelhart, S. Fenz und T. Neubauer, “Automated Risk and Utility
Management,“ in Proceedings of the Sixth International Conference on
Information Technology: New Generations, IEEE Computer Society,
2009, pp. 393-398.
[28] F. Foroughi, „Information Security Risk Assessment by Using Bayesian
Learning Technique“, in Proceedings of the World Congress on
Engineering, Bd. 1, International Association of Engineers, 2008, pp. 2-
6.
[29] C. J. Alberts und A. Dorofee, “Managing Information Security Risks:
The Octave Approach”, Addison-Wesley Longman Publishing Co., Inc.,
2002.
[30] K. Stolen, F. D. Braber, S. Lund and J. Aagedal, “Model-based risk
assessment – the CORAS approach,” 2002. Available:
https://heim.ifi.uio.no/massl/publications/nik02-coras.pdf (Access Date:
27 November, 2015).
[31] Makridimitris G., Polemi D., Douligeris C. "Security Risk Assessment
Challenges in Port Information Technology Systems", Volume 441 of
the Communications in Computer and Information Science series., 2014
[32] Papastergiou S., Polemi D. and Karantjias A. “CYSM: An innovative
physical/cyber security management system for ports”. Special Session
on “Innovative Risk Management Methodologies and Tools for Critical
Information Infrastructures (CII)” within the 6th International
Conference on Digital Human Modeling and Applications in Health,
Safety, Ergonomics and Risk Management (HCI International 2015), 2-7
August, 2015, Los Angeles, CA, USA.
[33] Polemi N., Kotzanikolaou P. “Medusa: A Supply Chain Risk
Assessment Methodology, CSP Forum " Cyber Security and Privacy
Innovation Forum" 28- 29/4/15 https://www.cspforum.eu/2015, Lecture
Notes, Springer Verlag, 2015.
[34] Papastergiou S., Polemi D. and Papagiannopoulos I.. “Business and
threat analysis of Ports’ Supply Chain Services”. Special Session on
“Innovative Risk Management Methodologies and Tools for Critical
Information Infrastructures (CII)” within the 6th International
Conference on Digital Human Modeling and Applications in Health,
Safety, Ergonomics and Risk Management (HCI International 2015), 2-7
August, 2015, Los Angeles, CA, USA.
[35] Allianz Global Corporate & Specialty SE’s (AGCS) third annual Safety
and Shipping Review 2015, An annual review of trends and
developments in shipping losses and safety, available at
http://www.agcs.allianz.com/assets/PDFs/Reports/Shipping-Review-
2015.pdf (Access Date: 27 November, 2015).
354