Coast Guard Academy First Class Cadets A.J. Read and Alex Paggi pose for a photo in front of their capstone project poster.
U.S. Coast Guard photo by Petty Officer 2nd Class Lauren Laughlin
A vulnerability assessment and penetration test of the Coast Guard’s hardware and software system called Seawatch is the ultimate goal of the project. Seawatch is installed on a variety of cutter platforms to merge information between the navigation, radar, and common operating picture displays. Seawatch is an exceptional system due to its information assurance. Since technology is constantly adapting and the Coast Guard is a high profile cyber target, the need for continuous defence against cyber attacks is crucial. As an example, spoofing vectors can deceive Coast Guard operators causing miscellaneous mishaps, detrimental to Coast Guard operations. The Seawatch vulnerability assessment of sensor data will ultimately bring about possible defences of various sensor spoofing attacks. Once a vulnerability assessment is completed on the Seawatch system, C3CEN will receive defence recommendations that will give guidance on issues in the system and ways to address them for the next upgrade of the Seawatch system. With the defence recommendations, C3CEN will be able to patch and upgrade Seawatch. On Coast Guard vessels, the operators of the Seawatch system should ultimately feel comfortable with the reliability of information presented to them on VEGA, ECDIS, and from the Common Operational Picture. In the future, C3CEN can repeat the vulnerability assessment in order to find more spoofing vectors and their resulting defences.