We fulfill our mission at Project Gunsway primarily through vulnerability research, and ethical, coordinated disclosure of vulnerability information. Our most recent efforts have centered on diesel engine control units (DCUs) used in marine propulsion and electric power systems.
This week Carnegie Mellon University's CERT CC has issued four Common Vulnerability Enumeration (CVE) notices related to our work analyzing Auto-Maskin brand equipment. In the coming weeks we will post additional "deep-dive" information on the reverse-engineering work that led to this release.
We thank all parties involved in assisting us with coordinating disclosure including the Maritime and Port Security ISAO (MPS-ISAO), US-CERT and ICS-CERT, as well as Norway CERT.
Please refer to the following link for the full notice: https://www.kb.cert.org/vuls/id/176301
Project Gunsway's boarding party is headed to DEF CON 27 . Our proposal for a maritime ICS/OT and ship hacking village has been of...
We are bringing together what is probably the largest to date concentration of actual SMEs in ICS/OT maritime tech security this year for th...
Today, our reliance on computers and information technology is increasing faster than our ability to safeguard ourselves. Modern ships are i...