COVA CCI awards $581,000 to seven research teams in FY 2023 to support maritime cybersecurity projects


The Coastal Virginia Center for Cyber Innovation Cybersecurity (COVA CCI), southeastern Virginia’s node of the Commonwealth Cyber Initiative, awarded $581,000 for seven cybersecurity research projects focused on maritime industry cybersecurity needs. Teams from Christopher Newport University, Old Dominion University and William & Mary submitted proposals in response to the COVA CCI request for proposals, Addressing Cybersecurity Compliance Challenges to Technology Adoption for the Maritime Industry. This RFP asked researchers to partner with maritime industry partners to address the barriers to technology adoption in the maritime industry due to or related to cybersecurity compliance issues. It is expected that the funded projects will develop a product or concept that overcome or mitigate cybersecurity impediments to the adoption of new technologies such as cloud computing, 5G connectivity, and machine learning.


The awarded projects are.


Applying NIST SP 800-33 Risk Assessment methodology to produce cyber-hardened 5G communication capabilities for autonomous maritime platforms.

This project links SimIS, Inc., a Portsmouth based company with researchers from Old Dominion University, Virginia Modeling, Analysis, and Simulation Center, and FairLead Boatworks to design and integrate an autonomous communications system for SimIS, Inc. Riverscout, a portable autonomous surveillance platform, that implements SP 800-171 R2 and SP 800-30 Risk Assessment processes that assess maritime platform asset threat vulnerability and supports the accelerated commercialization and SP 800-30 compliance of maritime industry products and services.

Project Team: Yiannis Papelis, Old Dominion University/VMASC, Ahmet Saglam, ODU/VMASC, Casey Batten, SimIS Inc.


Automated CMMC compliance for shipbuilding.

Chitra Productions, LLC, a woman-owned small business is partnering with researchers from Old Dominion University, Virginia Modeling, Analysis, and Simulation Center, and ManTech Advanced Systems International Inc.’s shipbuilding cybersecurity team to develop the CMMC compliance tool for the shipbuilding industry.  

Project Team: Safdar Bouk, Old Dominion University/VMASC, Andrew Mixon, Chitra


Maritime Cybersecurity Maturity Model Certification domain handbook.

SimIS, Inc., a Portsmouth based company is working with researchers from Old Dominion University, Virginia Modeling, Analysis, and Simulation Center and FairLead Boatworks to create a Maritime CMMC Domain Handbook based on CMMC version 2.0 level 2 production system controls with implementation guidelines for the 14 individual control domains. Each domain handbook will provide detailed analysis, planning and implementation roadmaps for each of the 14 domains and will be written in language suitable for maritime staff with technical level implementation knowledge.

Project Team: Sachin Shetty, ODU/VMASC, Warren Bizub, SimIS Inc., Michael Humphrey, SimIS Inc.


Machine-learning enabled Dependency Network Analysis for Quantifying Risks and Ripple Effects stemming from Cybersecurity Non-Compliance Issues.

Dr. Rafael Diaz will lead a team of researchers and industry partners from Old Dominion University, Virginia Modeling, Analysis, and Simulation Center, along with his industry partner, Fairlead Boatworks, Inc. This project will build upon the work previously completed under another COVA CCI funded project lead by Dr. Diaz, “A Real-Time Dependency Network Approach to Quantifying Risks and Ripple Effects from Cyberattacks in Shipbuilding and Repair Supply Networks” to develop a machine learning-enabled model and data collection tool that will allow stakeholders to investigate and assess risk trade-offs in their supply networks. To accomplish this, the project team is working with their Industrial Partner, Fairlead Boatworks Inc, to move the project closer to commercialization. In addition, they are seeking to develop a case study to support new interdisciplinary classes that collectively leverage cybersecurity, data sciences, and supply chains.

Project Team: Rafael Diaz, ODU/VMASC, Katherine Smith, ODU/VMASC, and Maryam Salehi, ODU/VMASC.


Spotlighting and Mitigating Cyber Attacks in AIoT-enabled maritime transportation systems.

Dr. Yi He will lead a team of cross-functional researchers from Old Dominion University School of Cybersecurity, Department of Computer Science and Department of Information Technology & Decision Sciences, who will partner with Peregrine Technical Solutions, a veteran owned small business headquartered in Yorktown, VA and a subsidiary of Goldbelt, Inc., an Alaska Native Corporation, to spotlight specific cybersecurity challenges faced by Artificial-Intelligence-of-Things (AIoT)-enabled maritime transportation systems and propose strategies for mitigating these challenges. This will be done through a comprehensive set of penetration tests tailored and preformed on a maritime transportation system testbed to enable experiments and analyses of real-world cyberattacks on AIoT-enabled maritime transportation systems. Based on results of these tests, they will develop two defense models for improving the cybersecurity of the AIoT-enable maritime transportation systems; one will defend against the neural backdoor attacks that target multi-modal data inputs, and the other will detect malicious signals hidden behind the background traffic of a complex communication network.

Project Team: Yi He, Old Dominion University, Rui Ning, ODU, Yuhong Li, ODU, Peng Jiang, ODU, and Leigh Armistead, Peregrine Technical Solutions


Navigating Cybersecurity Compliance Challenges for the Maritime Industry in Southeast Virginia.

Researchers from Christopher Newport University, led by Dr. Mohammad Almalag, will team with Peregrine Technical Solutions to develop a screening process to help the maritime industry to ensure compliance with a variety of cybersecurity requirements. The research team will conduct a series of surveys of the maritime industry to gather information on the cybersecurity regimes included in CMMC, NIST controls, Maritime Cyber Risk Management in Safety Managements Systems, and other designated regimes. The results of these surveys will be used to make recommendations on actions that should be taken to be compliant across these regimes.

Project Team: Mohammad Almalag, Christopher Newport University, Michael Lapke, CNU, Chris Kreider, CNU, Leigh Armistead, Peregrine Technical Solutions


Exploring Challenges and Adoption Enablers of Cybersecurity Maturity Model Certification in Maritime Industries.

A research team led by Dr. Chon Abraham, William & Mary, working with G2Ops, Inc., a woman owned small business located in Virginia Beach, VA, will build upon previously Commonwealth Cybersecurity Initiative funded research that resulted in preliminary systems analysis and design of the Cybersecurity Maturity Model Certification Assessment Assistant (CyMMCAA) tool for meeting CMMC compliance requirements and it will continue to develop and refine the CyMMCAA tool, consolidate insight for its use in CMMC compliance via a cyber roadmap, and provide guidance for cyber risk valuation costs which the tool and roadmap can aid in avoiding.

Project Team: Chon Abraham, William & Mary, Tracy Gregorio, G2Ops


COVA CCI is supported by the Commonwealth Cyber Initiative and funded through the Commonwealth of Virginia.