Literature Review: Cyber Security Monitoring in Maritime

In recent years, many cyber incidents have happened in the maritime sector, targeting the information technology (IT) and operational technology (OT) infrastructure. Although several systematization-of-knowledge papers have been published in the maritime field, none of the previous studies has focused on cyber security monitoring, which aims at timely detection of cyber attacks with automated methods. The current article addresses this research gap and surveys the methods, algorithms, tools and architectures used for cyber security monitoring in the maritime sector. For the survey, a systematic literature review of cyber security monitoring studies is conducted in this article, following the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) protocol. The first contribution of this article is the bibliometric analysis of related literature and the identification of the main research themes in previous works. For that purpose, our article presents a taxonomy for existing studies which highlights the main properties of maritime cyber security monitoring research. The second contribution of this article is an in-depth analysis of previous works and the identification of research gaps and limitations in existing literature. Based on our findings, we outline future research directions for cyber security monitoring in the maritime field.