Developments and research directions in maritime cybersecurity: A systematic literature review and bibliometric analysis

are the leading countries in maritime cybersecurity based on the weighted number of authors. The results also demonstrated that the main research focus in the area was on the development or application of cybersecurity risk assessment techniques and the design of monitoring and intrusion detection tools for cyberattacks in maritime systems. Based on the analysed literature, 53 challenges in various studies were identified and 73 topics for future research were suggested.

Ships and maritime infrastructure are becoming increasingly interconnected as the maritime industry is undergoing the industry 4.0 revolution. This development is associated with novel risk types such as the increased potential for successful cyberattacks. Several review studies have investigated the regulatory framework in connection to maritime cybersecurity, the vulnerabilities in maritime systems, potential cyberattack scenarios, and risk assessment techniques. None of them though, has implemented a systematic literature review and bibliometric analysis of the available academic research studies in the discipline of maritime cybersecurity. The aim of this review, therefore, is to offer a succinct description of the progress in academic research on the arising topic of maritime cybersecurity. To that end, we conducted a bibliometric analysis of maritime cybersecurityrelated studies based on several metrics and analysis tools, identified the topics of academic research in this field, the employed methodologies and identified the main research challenges and directions in connection to maritime cybersecurity. To achieve the objectives, we employed principles from Preferred Reporting Items for Systematic reviews and Metanalysis (PRISMA) for systematic literature review and tailored keywords during a search in Scopus. The results demonstrated that Norway, the United Kingdom, France and the USA are the leading countries in maritime cybersecurity based on the weighted number of authors. The results also demonstrated that the main research focus in the area was on the development or application of cybersecurity risk assessment techniques and the design of monitoring and intrusion detection tools for cyberattacks in maritime systems. Based on the analysed literature, 53

Introduction
As the maritime industry experiences the Industry 4.0 revolution, ships, systems onboard ships and the related infrastructure become more and more interconnected [1]. This is associated with several advantages such as remote and safe control of marine systems parameters, more accurate health status estimation for marine systems, improved human performance through closer cooperation amongst the ship and shore personnel, more accurate ship fuel consumption monitoring, faster identification of faults and faster and more precise decision-making, facilitated cargo monitoring, more transparent compliance to exhaust gases emissions' regulations and more decentralised operations [2]. Furthermore, the increased connectivity constitutes a key enabler for more automated and crewless processes [3], pushing ship operations into completely new realms.
However, these benefits are accompanied by several challenges, with the most eminent related to increased cybersecurity risks [4,5]. Ships constitute assets of significant value or strategical importance in a number of civil and military operations [6,7]. Therefore, it is not a surprise that a number of cyber incidents have been already reported in the maritime industry with many more cyber incidents remaining unreported due to concerns with negative publicity [5,8,9]. One of the most prominent examples is the cyberattack on Maersk, resulting in enormous financial losses for the company even if it was an untargeted attack [10]. The breadth and intensity of cyberattacks are expected to increase in the future considering the developments in shipping and overall industry evolution in post-COVID-19 era [2,11].
Unsurprisingly, maritime cybersecurity has been an area of intense research with several literature reviews published. Oruc, et al. [12] provided an overview of international standards, International Maritime Organisation (IMO) regulations and testbeds relevant to the ship navigation system cybersecurity assessment. Ben Farah, et al. [13] systematically reviewed cyberattacks in the maritime systems and identified several solutions that can be used to mitigate the impact of cyberattacks. Tusher, et al. [14] investigated the existing cyber risk assessment studies for autonomous ships. Ashraf, et al. [15] surveyed the cyber threats in the realm of maritime Internet of Things (IoT). Kessler [16] provided an overview of technical vulnerabilities in the Control Area Network (CAN) used on ships. Larsen and Lund [17] conducted a systematic review of studies on the cybersecurity perception in maritime. de la Peña Zarzuelo [18] provided an overview of challenges related to cybersecurity management in ports. Progoulakis, et al. [19] reviewed available standards and maritime sector guidance, insurance frameworks, risk assessment methods and risk controls measures. Adams, et al. [20], Adams, et al. [21] briefly reviewed the cybersecurity approaches to cyber risk management in ports. Bocayuva [22] investigated the general aspects related to port cybersecurity. Caprolu, et al. [23] provided a list of vulnerabilities and cybersecurity barriers for ship systems. Kavallieratos, et al. [24] investigated various alternative cybersecure architectures for cyber-enabled ships. Ahvenjärvi, et al. [25] reviewed the challenges associated with communication of cybersecurity aspects based on the system safety control structure for a remotely controlled vessel. Shapiro, et al. [26] examined the risks of Trojan horse attacks in the maritime transportation system. Silverajan, et al. [27] provided a list of vulnerabilities and control measures for unmanned ships. Botunac and Gržan [28] presented the software threats to the Automatic Identification System (AIS). You, et al. [29] investigated the cyber security risk assessment techniques and their applicability to the maritime transportation system.
These review studies aimed at understanding the general cybersecurity challenges in the maritime, identifying known system components' vulnerabilities, investigating maritime regulations and class society rules that are available for effective cybersecurity management, standards that can be used for ship cybersecurity assurance, locating cyber risk assessment techniques that can be applied to the maritime systems and, the protection mechanisms (control barriers) that can be used against cybersecurity attacks. Essentially, these studies focused on the practicalities related to cybersecurity risk assessment and management in the maritime ecosystem and therefore were less research orientated. None of the currently available review studies implemented a comprehensive analysis and a thorough bibliometric analysis of the research studies published on the topic of maritime cybersecurity. There is a need for a review which would offer a succinct description of the progress in the arising topic of maritime cybersecurity, would summarise the current state of knowledge with focus on the scientific methods and would distil the findings provided in the various research papers with focus on the future research and known methodological challenges.
The aim of this review is therefore to attempt to answer the following Research Questions (RQs) related to maritime cybersecurity research, which were not answered before: • RQ1: What are the leading countries, authors, time progress, journals, and cluster topics in connection to maritime cybersecurity based on scientific publications' bibliometric analysis? • RQ2: What common themes or categories can be found across the research studies for maritime cybersecurity and what scientific methodologies are used across these studies? • RQ3: What methodological challenges are reported in these studies and what future research directions do they lead to?
The RQ1 aims at identifying the achieved progress in the topic of academic maritime cybersecurity in different countries, journals and established networks of cooperation, RQ2 at the employed scientific methods and common themes and RQ3 at the known challenges and potential future research in the area. In this way, a succinct description of the progress in maritime cybersecurity and future research directions can be realised which is of great support for novel and experienced researchers in the field.
The novelty of the present study stems from the multitude of conference papers and journal articles that we analysed and the breadth of the conducted review in comparison to the previous reviews. Unlike the previous studies, we follow a systematic literature review methodology, we implement a bibliometric analysis and investigate RQs which have not been answered in the previous studies. The scope of the conducted analysis is limited to the Scopus indexed peer-reviewed academic publications. The results depicted in the paper can be used to determine the effectiveness of public policy with respect to investment in academic research and to support establishment of cooperation between different identified research groups. The identified and analysed research studies, methodological challenges and the proposed research directions can support conducting innovative research.
This article is structured as follows. First, the literature review and bibliometric analysis methodology are presented. Then the investigated research questions are answered using the presented methodology. The paper's limitations are also provided. Lastly, we summarise the main review findings in the conclusions section.

Methodology
The review methodology of this article was based on Preferred Reporting Items for Systematic reviews and Metanalysis (PRISMA) [30], which is a structured method for conducting a systematic literature review. There are numerous other literature review techniques [31], but we preferred PRISMA as it is a widely used, systematic and easy-to-follow approach [32]. Here, we adapted the PRISMA methodology to answer the research questions presented in the introduction section. The information flow based on the PRISMA methodology is provided in Fig. 1 and the steps are elaborated in the subsequent sections. In the same figure, we also present the number of identified and finally selected publications.

Step 1: Identification of research studies
The identification of the relevant studies was implemented using Scopus as the search engine. We decided to exclude Google Scholar as the generated results using that search engine included multiple lowquality publications, which were not peer-reviewed or aimed at a more general audience (not academic as we targeted) and contributed to the diffusion of the conducted research. Also, we decided not to conduct the identification for the relevant publications in a series of journal publishers as the returned results were overwhelmingly large in number including many irrelevant publications. For instance, from Taylor and Francis for the term "maritime cyber security" we received 1637 entries in response, more than we totally checked using Scopus, and most of them were found to be irrelevant. Also, most of the journals at Elsevier, Taylor and Francis, Wiley and MDPI were indexed in Scopus. Therefore, the journal articles identified using Scopus would also be found on the relevant publishers' websites when similar search terms are used. It is difficult to specify whether Scopus is more or less suitable than the Web of Science for the identification purposes [33]. Still, there is some indication that Scopus offers a broader coverage for major fields than Web of Science [33]. Therefore, by using Scopus we ensured broader coverage compared to what we would cover using Web of Science.
For the identification generic keywords as below were used: • maritime cybersecurity, • maritime cyber security, • ship cybersecurity, • ship cyber security • port cybersecurity • port cyber security We decided to use the word cyber security and cybersecurity in combination with other words during identification as the observant results, although largely similar, included some additional valuable references. Also, it was noticed that the first two keywords (maritime cybersecurity and maritime cyber security) contributed to the identification of the most research studies that were included in this analysis (126 out of 144 or 88%), even though it resulted in a rather limited number of totally found studies on Scopus (388 out of 1132 or 34%). So, when additional keywords (ship cybersecurity/cyber security, port cybersecurity/cyber security) were used, significant number of additional studies was identified. However, very few research studies were additionally included for these keywords (ship cybersecurity/cyber security, port cybersecurity/cyber security), only 18, much less than using the two first keywords, as most of them had been already included using the first two keywords. Considering this convergent behaviour, we did not perform research in Scopus for additional keywords which could be additionally considered (vessel cybersecurity, autonomous ships cybersecurity, etc.).

Step 2: Screening of research studies
Screening was implemented to reduce the number of identified publications to allow a more thorough analysis of the most relevant ones. Screening was achieved by reading through the publications' title, publication's abstract and, if necessary, a quick reading through publications' contents. This was done by considering whether the research study investigated maritime ecosystem cybersecurity as a whole or through its elements, how much text was allocated to the maritime ecosystem cybersecurity problems or system, and how much the maritime cybersecurity was enhanced. Also, duplicate references were identified and eliminated during this analysis step. We also excluded books from this analysis, as they offer retrospective opinions on the subject, are not so easily accessible and to the large extent cite findings from previously published conference papers and journal articles. Based on the screening, many of the initially identified research studies were excluded (retention rate of 205/1132 or 18%). A limited number of relevant studies were unfortunately inaccessible and had to be excluded.

Step 3: Eligibility assessment of research studies
During the eligibility analysis, the screened studies were further analysed and the most suitable were selected for further processing. This was implemented using the following criteria: the publication source (whether it was published in a credible journal or not), the significance of contents (such as practical implications and whether significant effort to derive some innovative results was realised), the soundness of the research methodology and results (whether some meaningful and rational methodology was applied and whether conclusions were meaningful). For assessing the publications coming from journals we took into account the journal rankings suggested by Scimago [34] and excluded journals belonging to Q4, so very few Scopus-indexed journal publications were excluded. This was implemented to ensure that the good quality research studies receive their proper attention. We did not exclude the conference papers as a group from the analysis, as during the review we found important and interesting contributions presented at conferences. For assessing the conference papers, we applied the criteria referred above. In this step, we were rather tolerant and practically most of the research studies that were screened were included for the analysis (144/205 or 70%). This was implemented to incorporate as broad perspectives as possible in the analysis and to have adequate material to answer the research questions and conduct bibliometric analysis. An overview of the selected research studies is provided in tabular format as part of Appendix A, where their basic characteristics are specified.

Step 4: Included research studies analysis
During the last step, the eligible and selected studies were analysed in further detail. Only these research studies were used for answering the research questions. The analysis process is presented in the subsequent sections.

RQ1: What are the leading countries, authors, time progress, journals and cluster topics researching maritime cybersecurity based on scientific publications' bibliometric analysis?
To identify the impact of each country we considered the following scores/metrics for the included research studies. Therefore, for the analysis, if an author from one country contributed to several papers x, then his/her contribution was counted x times. So, we did not estimate the number of unique authors but rather weighted the number of unique authors by the number of papers they have published, when considering contribution for each country. Also, we considered each author's affiliation at the date of publishing as referred to in the paper and not the actual nationality as the basis for the analysis. In case double affiliation was referred for the author, then each referred country took equal merit, i.e., its metric was increased by 1 for the first metric. However, for the first authors in the second metric, only the first affiliation was counted. Microsoft Excel was used for this analysis.
We also investigated the most prevalent journals that included publications on the topics related to maritime cybersecurity. For that, we used the number of published articles as a metric, without considering the number of citations they received, as they do constantly change and are also dependent on the publication year. Since we used Scopus as our main database and applied eligibility assessment based on Scimago ranking, only Scopus indexed references and top journals were included in the analysis.
We also implemented a historical analysis of publications to identify the attention researchers pay to different topics in the maritime cybersecurity. For that, we used the results of the analysis presented in the next RQ (RQ2) for the studies classification and used the number of publications per year on each research topic to identify historical trends.
Since the collection of articles included 144 documents, a bibliometric analysis was deemed feasible as well. Using the open-source software VOSviewer [35], co-authorship, and term analyses was conducted. The co-authorship analysis was used to determine the cooperation networks and term analysis to identify topics that are investigated by the researchers.
For the co-authorship analysis, there are two options available in VOSviewer: full and fractional counting. In the full counting method, every author of a co-authored article gets assigned the same score (weight) while counting the weights of links. In the fractional counting method, weight is counted as a fraction of the number of authors in an article. For example, if an article has 10 co-authors, each author is assigned 1/10 as the weight. To analyse the network in further detail, it is possible to view the biggest connections (a piece of the whole network that is fully interconnected and has the highest weights) separately. Both full counting and fractional counting can yield different results offering different perspectives with divergence increasing with the dataset size. In the full counting method, a small number of publications by a large group can have a dominant effect on the network [36]. This effect is reduced in fractional counting. Thus, the fractional counting method was preferred in this article.
For a term analysis, the full counting method counts the number of occurrences of a term in the articles. In the binary counting method, a score is assigned on whether a term is present or absent in the article, regardless of the number of occurrences. By default, 60% of the keywords were chosen to be displayed in the figures. This can be manually increased to include the full set. It is again possible to view the entire network with all keywords or to display the biggest network pieces. The full counting method was chosen here, to give more weight to the keywords that are mentioned more often.

RQ2: What common themes or categories can be found across the research studies for maritime cybersecurity and what scientific methodologies are used across these studies?
This constituted a more intricate part of our analysis, as there is no straightforward approach for research studies classification. The approach here resembled a puzzle-solving process. Once the investigated studies were aggregated, the first classification attempt was implemented using some criteria such as the publications' aim, the employed methodology, the investigated and considered systems and addressed problems. Then a second attempt was implemented, where the Mutually Exclusive and Collectively Exhaustive (MECE) principle was applied to the extent possible for the studies' grouping. To that mean, the term analysis presented in the previous section was of great help as it was used to verify the different study categories of classification, even if this information was rather of auxiliary nature. In cases where the paper was falling into two or more categories, we re-evaluated the major contributions and novelty of the paper before assigning it to a group based on the amount of text and the effort in a topic. The classification into various categories was supported by the use of definitions provided in standards such as NIST and ISO and the critical questions pointed by the reviewers of this paper during the review process.
The derived classification was used for the reporting of the found studies, for the identification of research study characteristics, for lowerlevel classification of methods and for identification of associated challenges and research directions in RQ3.

RQ3: what methodological challenges are reported in these studies and what future research directions do they lead to?
This constitutes the last, but not the least contribution of this article. For the identification of challenges introduction, methodology rationale and limitations/discussion sections of the investigated publications were carefully read, but relevant information from other sections was also included. To identify the directions for further research we rehearsed one more time the considered studies with emphasis on the discussion, conclusions, and future research sections. We employed the classification found from the previous research question (RQ2) to present the results. The identified challenges, research topics and directions were presented in a numbered list for better traceability and communication of the potential research directions.

RQ1: Bibliometric analysis of the considered studies with respect to leading authors, co-authorship analysis, leading countries, journals, cluster topics and historical trends
The leading research countries based on the considered metrics (total weighted number of authors and the weighted number of first authors in the selected papers) are provided in Fig. 2 and Fig. 3 respectively. Due to the multitude of identified countries (44 in total), only the legends for the top 14 countries are provided in Figs. 2 and 3. As it can be observed, countries such as Norway, the United Kingdom (UK), the USA and France contributed the most according to both metrics (total weighted number of authors and the weighted number of first authors in the selected papers) in the considered period. The first 8 out of 40 (20%) finally identified countries (Norway, UK, USA, France, Croatia, Greece, Germany, South Korea) contributed the most to the research in maritime cybersecurity based on the metrics (66% and 69% retrospectively) and considering the selected Scopus-indexed publications. This is close to the well-known Pareto rule which states that 80% of the final output is produced by 20% of the total input [37]. Also, the two metrics gave similar results supporting the validity of this finding.
The most prevalent journals based on the number of selected Scopusindex publications on maritime cybersecurity are provided in Fig. 4. As observed, TransNav (the International Journal on Marine Navigation and Safety of Sea Transportation) accommodated most of the journal articles considered in this review. This journal is followed by the Journal of Marine Science and Engineering from MDPI in Fig. 4. Many of the Scopus-indexed studies were published in the Lecture Notes of Computer Science, which have also been included in Fig. 4. Fig. 4 Several other journals reported publications on maritime cybersecurity such as Sensors, Journal of Transportation Security, and World Maritime University (WMU) Journal of Maritime Affairs. Many scientific publications on maritime cybersecurity were also published in the IEEE transactions as can be observed from Fig. 4. Fig. 4 indicates that the authors prefer to publish in a large variety of journals. This could be an indication of the lack of highly focussed journals on maritime cybersecurity. Considering the novelty of the issue, (as elaborated in Fig. 5), this should not be of surprise.
The analysis of historical trends is presented in Fig. 5. As observed, the number of publications only began to increase in 2017, indicating that the research topic only recently received appropriate attention. The steady increase in the number of articles since then indicates the growing significance of this field. It is observed that diversity of topics and methodologies (elaborated further in the next section) investigated in the maritime community is also increasing with time.
Figs. 6 and 7 present results from the bibliometric analysis using VOSviewer. Fig. 6 shows the co-authorship network. Of all the authors of the 144 articles, authors with at least 2 articles affiliated with their names were chosen. This resulted in the inclusion of 68 out of the 401 unique authors satisfying this criteria (17%), indicating that the vast majority of the researchers generated a rather limited number of Scopusindexed publications on maritime cybersecurity. As mentioned earlier, the fractional counting method was preferred, since it reduced the impact of a small number of papers from a large group over the entire network. The results show one big cluster of authors along with multiple smaller clusters. Papastergiou, Mouratidis, Polemi, and others form the core of the biggest cluster, in the centre of the network. These researchers were affiliated with Greece; however, they were also interconnected with the researchers from Norway and UK. The other clusters are isolated from the centre as it seems that the researchers, or at least their publications were isolated from each other and each research group from different countries conducted mostly independent research. This can be attributed to the novelty of the research topic. This hopefully will change in the future as more research is implemented and more collaborative projects are pursued.
Also, it might be noted that most of the researchers referred to in Fig. 6 (who are constantly publishing in Scopus-indexed reference sources) are located in Europe. Very few researchers are coming from the other regions (Asia, America, Africa). Considering the results from Fig. 2 and Fig. 3 we can conclude that despite the significant research in the USA and other non-European countries, the academics that persistently rehearse the topic and publish have been in the European continent so far. As discussed in the problems with validity section, the present conclusion does not depict the intensiveness and steadiness of industrial research though. Fig. 7 demonstrates the results of the co-occurrence of terms analysis. The full counting method was used, instead of the binary counting method, to give more weight to the keywords occurring more frequently. A total of 771 keywords were identified, of which generic terms were filtered out and only 89 terms were retained. The term analysis shows links between terms (keywords) commonly occurring  together. Apart from the obvious terms such as cyber risk, maritime sector, digitalisation, security and management, other frequently occurring terms include autonomous vessels (automation and other variants as well), ports, vulnerability and intrusion detection, maritime supply chain and various maritime systems. A closer look at the keyword analysis also indicates that researchers frequently discussed methodology, case studies and frameworks. Researchers seemed to be concerned with the issues associated with uncertainty, risk evaluation, situation awareness, the applicability of different methods, the relationship between safety and security, various attack types and COVID-19-generated issues.

RQ2: Categories of research studies An overview of identified research study categories
For the categorisation of the research studies, we used the different definitions provided for the risk assessment in ISO 31,000 [38] and NIST [39,40], vulnerability assessment in CISSP handbook [41] and NIST glossary [42], threat modelling in NIST SP800-53 [43], penetration testing in NIST glossary [44,45], cyber incidents analysis in [46], resilience [47] and previous review studies on the topic such as [48]. Based on the term analysis results and definitions provided, we categorized the research studies as follows (also in Fig. 8): 1 Cyber risk assessment and treatment studies -Studies implementing risk identification, analysis, evaluation and treatment of cyberattack scenarios on ships, ship systems and maritime ecosystem. Into this category we also included studies, which focus on threat modelling, as threat modelling is part of risk assessment [43]. We also included studies focusing on vulnerability assessment, as vulnerability assessment is very frequently used as a part of risk assessment [41]. This constituted the largest category of the identified maritime cybersecurity-related studies.
In this category, we also included those approaches that employed penetration testing results for the cyber security risk assessment, so there is an overlap between the studies in this category and the others and the MECE principle was not fully followed. This was implemented for those studies, whose main research contribution was in the area of risk assessment, rather than penetration testing. To be consistent, these studies were called as combinatory.
2 Design -Studies suggesting technical solutions for deterrence, identification, prevention and mitigation of the cyberattacks in the maritime ecosystem and maritime systems. This also constituted an important category of studies in maritime cybersecurity as can be observed from Fig. 8.  3 Review studiesstudies providing an overview of the known ship vulnerabilities, potential attack scenarios, available regulations, methods, studies and cybersecurity issues based on the reported literature. This category of studies also attracted significant attention from researchers. The review studies were described in the introduction section of this article to justify the novelty of the present study and therefore the discussion with respect to this category of studies was not repeated herein. The findings from these studies were still used as input for the identification of research directions and challenges in the other study categories (RQ3) as well as for bibliometric analysis in RQ1. Studies which concentrated on identification of vulnerabilities and control measures lists, although constitute a valuable input to the risk assessment studies were not included in the relevant category. This was due to the fact that no formal cybersecurity assessment/ analysis method was applied there. 4 Penetration testing studies -Studies demonstrating the penetration testing techniques and vulnerability scanning applied to the maritime systems. Also, some studies related to the management of testing procedures were included herein. Although input from penetration testing can be used to the risk assessment studies, since penetration testing is a different process according to NIST [44], we assigned it to a different category. 5 Cybersecurity framework -Studies focusing on cybersecurity risk management, therefore investigating more the enhancement of cybersecurity management processes and the relevant regulations and standards. 6 Maritime law -Studies investigating the impact of cyberattacks on maritime law and relevant insurance and liabilities aspects. 7 Survey studies -Studies conducting questionnaire surveys of maritime practitioners such as management personnel, seafarers, policymakers, etc. on the issues related to maritime cybersecurity. 8 Training development for cybersecurity studies -Studies aiming at the development of efficient training frameworks for maritime personnel such as seafarers or ship operators. 9 Cyber incidents analysis studies or cyber forensics studies -Studies identifying and analysing the causes of previously reported cybersecurity breaches or successful cyberattacks on the maritime systems as per definition in [46,49,50]. 10 Cyber resilience studies -Studies investigating the resilience aspects of maritime cybersecurity as per definition in [47].
The employed categorisation correlated quite well with the terms identified and described in Fig. 7. It can be observed that the terms such as cyber risk assessment, management and framework were quite frequently repeated in the reported studies, indicating that separate categories should be dedicated to them. Also, term such as intrusion detection system, which is a part of technical solutions was frequently reported in the previous studies.
The research studies are analysed in more detail in the next sections of this article.

Cyber risk assessment and treatment studies
A plethora of methods were reported to be in use for cybersecurity risk assessment and cyber risk treatment in the maritime industry. An overview of the used so far methods in Scopus indexed publications is provided in Fig. 9 and the relevant studies are briefly presented in the next paragraphs. We separated the studies into those which use some type of executable, mathematical or formal model for cybersecurity risk assessment (model-based) and the one that are more dependent on manual analysis. Such as separation is frequently implemented for safety assessment methods as in [51]. The studies dependent more on manual analysis were classified further into those which incorporated safety and security analyses in line with work presented in [48] and the one which focused only on security aspects. Studies which were interlinked to several categories as elaborated in section 3.2.1 were assigned a special group.
Some of the reported studies combined the existing hazard analysis techniques with other techniques coming from the area of cybersecurity or computer science to implement joint analysis of safety and cybersecurity hazards/threats. Most of such studies concentrated on remotely controlled, crewless and autonomous ships. From the hazard analysis techniques, the use of System-Theoretic Process Analysis (STPA) [52] was reported frequently. In the research of Dghaym, et al. [53], STPA was combined with Event-B modelling language for cybersecurity analysis of a crewless ship. Zhou, et al. [54] used STPA to identify insecure control actions for a remotely controlled ship. Glomsrud, et al. [55] used STPA together with attack trees to identify how cyberattacks might result in unsafe control actions and hazards in an autonomous ship. Omitola, et al. [56], Cardellicchio [57] considered the use of STPA for safety and security analysis of navigational aspects in autonomous ships.
In other studies, other methods were used as a basis for joint analysis of safety and cybersecurity hazards/threats. The use of Hazard Identification (HAZID) and its modifications for cybersecurity risk assessment of a crewless inland waterway ship was reported in [58][59][60]. Amro, et al. [61] used the six-step model for cybersecurity and safety analysis of a small autonomous passenger ship. Vicenzutti, et al. [62] combined Fault Tree Analysis (FTA) with some identified cybersecurity scenarios for modelling threats in a ship propulsion system. Recently, a research study employing Failure Modes, Vulnerabilities and Effects Analysis (FMVEA) was conducted for identification of cyber risks in marine dual-fuel engine [63].
Some other studies focused on the elicitation of purely cybersecurity requirements in the maritime systems based on the cybersecurity risk analysis and other methods. Kavallieratos, et al. [64] identified some cyberattacks on an autonomous ship using Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege (STRIDE). In another study, Kavallieratos, et al. [65] used Secure Tropos to identify the cybersecurity requirements in an autonomous and remotely controlled ship. Meland, et al. [66] used a customized version of the Open Web Application Security Project (OWASPR) [67] to support the identification and ranking of the threat scenarios in maritime systems where little historical data was available. Jo, et al. [68] used the MITRE ATT&CK database for the identification of cyberattacks in ship systems. Similarly, de Peralta [69,70] used the MITRE ATT&CK database for the identification of cyber threats in marine renewable systems in combination with guidance from the National  Institute of Standards and Technology (NIST) [40]. Yoo and Park [71] employed a questionnaire and Analytical Hierarchical Process (AHP) to support the ranking and prioritization of cyber risk sources for cybersecurity risk management. Gunes, et al. [72] employed the Integrated Cyber Security Risk Assessment (ICSRA) model for the risk assessment of port elements. Paul, et al. [73] presented the application of Expression des Besoins et Identification des Objectifs de Sécurité (EBIOS) [74]based customized tool Oberisk for risk assessment of maritime systems. Kessler, et al. [75] suggested the use of Parkerian hexads [76] and specialised taxonomy for risk assessment of marine systems with application to AIS ship system.
Other approaches for the risk assessment involved modelling techniques for cybersecurity analysis. Weaver, et al. [77] employed an adjacency matrix to model the dependencies between the different elements of a port and used Nearly-Orthogonal Latin Hypercube and Dynamic Discretization Discovery algorithm to identify the impact of various cyberattacks considering the dependencies. Enoch, et al. [78] developed a graph-based security model which incorporated the interactions between systems on a higher level and between vulnerabilities using attack trees on a lower level to understand the effect of connections on the cybersecurity of ship systems. Another graph-based approach for risk assessment of autonomous and remotely controlled ships was proposed in [79], where DREAD (Damage, Reproducibility, Exploitability, Affected users, Discoverability) and STRIDE [80] together with interconnected nodes supported the implementation of an automatic risk assessment along with an allocation of risk control measures. Attack graphs were used to automatically identify the attack paths to maritime supply chain elements in [81]. In [82][83][84][85][86] a six-step approach MITIGATE (Multidimensional, IntegraTed, rIsk assessment framework and dynamic, collaborative Risk ManaGement tools for critical information infrAstrucTurEs) compliant with International Standard Organisation (ISO) standards for cyber-risk assessment of maritime supply chain was proposed, where dependencies were modelled using graphs.
Carreras Guzman, et al. [87,88] proposed integrating the STPA control structure with multilayer thinking and flow of information diagrams developing a master model for an autonomous ship and subsequent cybersecurity analysis. Tam and Jones [7] proposed a distinct  V. Bolbot et al. approach named MaCRA (MAritime Cyber Risk Analysis model) where the mapping between effects, systems and technologies was used as a basis for systems and attacks ranking. Laso, et al. [89] investigated the use of role access control models to identify unauthorized access to remotely controlled ships due to the improper access models. The use of Secure Tropos for modelling and risk assessment was suggested for maritime IoT modelling in [90]. Bou-Harb, et al. [91] investigated the use of UPAAL model checker for the simulation of distributed Denial of Service attacks in marine transportation. Hassani, et al. [92] developed ship manoeuvrability models to assess the impact of Global Positioning System (GPS) spoofing attack. Penera and Chasaki [93] exploited simulations for the investigation of cyberattacks in Ethernet cables, which are widely used in ship networks.
An independent research approach for maritime cybersecurity risk assessment was demonstrated in [94][95][96]. In this approach, the results from a survey and penetration testing were used to support the ranking of various cyberattack scenarios. In this way, the risk assessment became evidence based.
In conclusion, it was deduced that the joint cybersecurity and safety analysis methods were quite widespread in the context of autonomous and remotely controlled ships, especially the one combining STPA with other methods. Also, an adaptation of the cybersecurity methods from other industries for cyber risk assessment of maritime systems was reported. Extensive use of graph-based risk assessment techniques from the research studies by multiple researchers was observed, whilst some of the researchers used combinatory approaches to the cyber risk assessment.

Designtechnical solutions for cybersecurity development
An overview of various research studies focusing on the design of cybersecurity technical risk control measures is provided in Fig. 10. The relevant studies are briefly presented in the next paragraphs. We split these studies into the ones focusing on the design of intrusion detection systems, studies related to the design of systems supporting the visualisation and monitoring of cyber-attacks on the distributed maritime network, studies aiming at enhancing the confidentiality of ship communication through cryptography. The remaining studies were classified under another category.
One of the most frequently encountered published systems that were designed for the control of cybersecurity attack scenarios in the maritime are the intrusion detection systems (Fig. 10). The identified Scopusindexed studies are referred to below. Liu, et al. [97] developed an intrusion detection system, which can be used to identify problems in communication systems amongst ships addressing the lack of data problem. Amro, et al. [98] proposed a systematic approach for the design of intrusion detection systems with a focus on NMEA networks considering cause-effect analysis. Gyamfi, et al. [99] used a machine learning-based intrusion detection system, which learns as new attacks appear. Nissov, et al. [100] exploited behaviour relations for the development of intrusion detection systems in a marine navigation system based on signal analysis. Boudehenn, et al. [101] proposed machine learning techniques for the development of concept intrusion detection systems for the identification of attacks in a ship communication network such as GPS spoofing attacks. Çakmakçı, et al. [102] developed an intrusion detection framework for the identification of Distributed Denial of Service attacks using formal language. Leite Junior, et al. [103] designed an intrusion detection system, which compared the known threat scenarios and the observed radar images to identify cybersecurity attacks on ships' radar or AIS. Pelissero, et al. [104] exploited graph modelling to support the identification of attacks. Iphar, et al. [105] proposed the use of an expert-designed rule-based system for the detection of spoofing attacks in AIS data. Jakovlev, et al. [106] suggested the use of simulators and statistical analysis for the detection of AIS attacks. Marcos, et al. [107] developed a system that by using statistical metrics can identify maritime GPS signal disturbances. Alincourt, et al. [108] used signal analysis and comparison with historical data for detecting the AIS attacks. Babineau, et al. [109] proposed a simple voting mechanism for the detection of attacks in a ship communication system. Onishchenko, et al. [110] proposed a detection algorithm based on the identification of "dangerous" keywords in communication messages.
Some of the studies investigated how to monitor cyberattacks in maritime ecosystem or maritime supply chain (Fig. 10). Laso, et al. [111] proposed a general framework for monitoring cyberattacks in the cruise ship industry by employing data fusion techniques. Zhao and Silverajan [112] presented a visualization platform for monitoring cyber-attacks' spread and locations by considering various stakeholders under the context of remote pilotage. An XML-based automatic cyber incidents reporting system was developed by Silverajan and Vistiaho [113] tailored to the needs of maritime. Jacq, et al. [114,115] proposed a concept system for monitoring cyber-attacks on military ships. Pitropakis, et al. [116] developed a framework for threat detection and analysis in the maritime ecosystem with application to the Liquefied Natural Gas carrier. It can be observed that many of the studies proposed conceptual frameworks for cyberattack monitoring and not actual solutions.
A set of other studies focused on encrypting the ship communications (Fig. 10). Hemminghaus, et al. [117] proposed an encrypted communication channel for nautical communication on ships using asymmetric cryptography algorithms. Struck and Stoppe [118] proposed to encrypt AIS messages using pairing-based elliptic curve cryptography. Song, et al. [119] used a recursive watermark method for hardening a ship propulsion communication. Similarly for AIS, Aziz, et al. [120] suggested the use of elliptic curve Qu-Vanstone and elliptic curve Diffie Hellman certification schemes for encrypting the communication. Goudossis and Katsikas [121] proposed the use of public key symmetric cryptography for AIS data. Wimpenny, et al. [122] investigated the use of Public Key Cryptography for low bandwidth Very High-Frequency communications based on elliptic curve schemes. Xing, et al. [123] obscured the cyberattacks by manipulating messages opacity. Wiseman [124] proposed the use of steganography for encrypting the messages in the port's ecosystem. As it can be observed most of the encryption developments concentrated on AIS communication systems and communication algorithms.
Several studies proposed enhancement of ship secure communication through communication certificates based on asymmetric cryptography (Fig. 10) and blockchain. The development of communication certificates was often accompanied by relevant cryptographic algorithms testing [118]. Wang, et al. [125] suggested the use of blockchain for autonomous ships' communication. Grigoriadis, et al. [126] presented a series of solutions for improving maritime cybersecurity, including the novel secure communication algorithms based on SHA256 and public infrastructure certificates. Similar concepts related to public communication certificates were presented in [127][128][129], where different certificate types were analysed and discussed. Freire, et al. [130] proposed the use of blockchain in the maritime cybersecurity monitoring system.
In the last category (Fig. 10), a firewall for enforcing communication policy on ship networks was developed by [131]. A cyberattack fighting system in ship propulsion was proposed in [132], which was developed with the support of simulation and heuristic defence algorithms.
Concluding it can be observed that most of the encryption algorithms development effort was so far absorbed by the AIS. Also, it can be noted that the development of intrusion detection and monitoring systems received strong attention from the researchers. The development of public certificates based on asymmetric cryptography is another area of intensive research. Many of the proposed design solutions yet remained at conceptual level.

Penetration testing and vulnerability scanning studies
The penetration testing and vulnerability scanning studies were rather limited in number compared to the previously considered research study categories. This probably can be attributed to the fact that due to commercial interests and the sensitivity of the issue; the researchers were reluctant to publish their findings. The identified studies are analysed below.
Yi and Kim [133] developed guidance and framework for software security testing aligned with V design approach. Amro and Gkioulos [134] proposed a general testbed with its components for testing the maritime systems. Hemminghaus, et al. [135] developed a virtual model of an integrated bridge system, which allowed the detection of vulnerabilities and validation of cyber defences. Eichenhofer, et al. [136] demonstrated the results of vulnerability scanning in a container terminal software system using a dedicated software tool. Croteau, et al. [137] conducted penetration testing in ship systems using real equipment. Svilicic, et al. [138,[139][140][141] employed an industrial tool for identifying critical vulnerabilities in the ECDIS and radar systems. Hareide, et al. [142] presented a practical example of installing and detecting malware on ECDIS during a realistic exercise. Balduzzi, et al. [143] conducted a real experiment with spoofing AIS system using specially dedicated equipment. Khandker, et al. [144] investigated the impact of various cyberattack scenarios on the AIS performance using simulations. Lee, et al. [145] employed the Model-View-View-Model design pattern for simulating naval systems and conducting the testing.

Survey studies
The survey studies mostly focused on aspects related to cybersecurity awareness as is demonstrated below. This study category is generally not so resource intensive but require access to the participants and proper questions selection and design to be successful.
Pavlinović, et al. [146] used a questionnaire to determine the cyber-awareness of the Croatian seafarers. Karamperidis, et al. [147] surveyed the perspectives of various stakeholders concerning maritime cybersecurity. Knight and Sadok [148] investigated the cybersecurity perception and readiness amongst cruise ship companies. Senarak [149,150] investigated the required cybersecurity knowledge and skills for port facility security officers of international seaports using a survey. Heering [151] surveyed the cybersecurity awareness and management in shipping companies in Estonia. Alcaide and Llave [152] used an online questionnaire to explore the level of knowledge and training required in the general marine ecosystem. Lee and Wogan [153] investigated the preparedness and perception of cyber threats in the maritime industry.

Cybersecurity frameworks and management studies
Several studies investigated the aspects related to cybersecurity regulatory frameworks and cybersecurity management. They employed either existing standards or the existing maritime guidance as the basis for their analysis.
Lim, et al. [154] proposed a strategy for cybersecure management of big data in the maritime based on information in several cybersecurity standards. In [9] a systemic approach to the management of cybersecurity in a ship operating company was presented. Drazovich, et al. [155] proposed updates in the regulatory framework based on the review of existing maritime guidance. Pappalardo, et al. [156] developed a framework for cybersecurity management based on the comparison between risk management frameworks in different transportation sectors. Hopcraft and Martin [157] elaborated the principles for a detailed maritime cybersecurity code. Trimble, et al. [158] identified the main risk factors and proposed an independent public entity for assessing, containing, and mitigating cyber risks in the maritime. Bernsmed, et al. [159] demonstrated how the cyber-risks can be depicted on the Bow-Tie and how the classical Bow-Tie can be used to support risk management using a ship communication system as example. Papastergiou, et al. [160], Papastergiou and Polemi [161] presented an innovative physical/cyber security management system for ports and principles for cyber security risk management.

Maritime law and insurance framework studies
The intersection between maritime law, liabilities, insurance, and cybersecurity received little research attention despite its importance in Scopus-indexed publications. The few identified studies are demonstrated below.
Al Ali, et al. [162] reviewed the legal basis for cybersecurity in maritime transportation and various legal acts. de Faria [163] recommended a new legal code based on the analysis of existing regulations for maritime cybersecurity and some legal principles. Greiman [164] analysed the maritime security laws and investigated the shipowners' liability principles and national and maritime strategies in connection to maritime cybersecurity. Ramluckan [165] investigated the applicability of the Tallinn manuals to the problems related the maritime cybersecurity in the South Africa region. Daum [166] reviewed the international law in connection to maritime cyberattacks based on factual circumstances and cyber-attack cases.

Training development studies
The number of research studies on training framework development is also limited in number. As described below though, the use of simulators for the training of maritime personnel becomes more popular.
Hopcraft [167] proposed integration between the International Convention on Standards of Training, Certification and Watchkeeping for Seafarers and NIST frameworks to develop a set of requirements for seafarers training. Potamos, et al. [168] proposed a training framework employing cyber range as a basis for development. Jacq, et al. [169] considered the use of cyber simulations for personnel training. Kuhn, et al. [170] conducted a training exercise in the case of a cyber-attack on a maritime system. Shapo and Levinskyi [171] investigated the aimed skills and the equipment necessary for seafarers' training in maritime cybersecurity.

Cyber incidents analysis studies
The number of studies investigating previous cyber incident analysis was also limited. This can be attributed to the fact that the ship operating companies avoid reporting cyber incidents to avoid negative publicity [5,8], therefore the available input information can be scarce.
Androjna, et al. [172], Androjna, et al. [173] investigated a case of AIS spoofing on a ship. In [5] 49 maritime cyber incidents were analysed to identify the intensity and aims of cyberattacks. Awan and Al Ghamdi [174] investigated 59 safety and cybersecurity incidents concerning the ship systems components to identify vulnerabilities and potential cyber-attacks. Tam and Jones [175] examined the maritime industry readiness for implementation of systematic cyber incidents investigation and provided recommendations for relevant process enhancement and application.

Cyber resilience studies
Cyber resilience in maritime received even less attention than the previous studies categories in terms of Scopus-indexed publications. This can be attributed partially to the fact that some of the resilience aspects were discussed in the papers on training program development and partially to the fact that this issue is still arising. It is a noteworthy area as the ability to respond to unanticipated cyber-attacks is of high importance [176].
Brew, Drazovich and Wetzel [2] investigated the impact of COVID-19 on the resilience of maritime supply chains in the view of an increased potential for cyber-attacks. Hutschenreuter, et al. [177] proposed an ontology for the development of relevant cybersecurity and resilience framework. Erstad, Ostnes and Lund [176] provided a working definition of maritime cybersecurity resilience based on the analysis of relevant terminology and relevant incidents.

RQ3: The methodological challenges and research directions and topics in connection to the maritime cybersecurity
Based on the investigated papers several challenges and research directions and topics were identified. They are presented in Table 1. Table 1 Methodological challenges, research directions and topics based on the literature.

Challenges
Research directions and topics Cybersecurity risk assessment

Limitations to the review process
One of the limitations of this study is the use of Scopus as the search engine, which may have resulted in the exclusion of some scientific publications with significant contributions. However, Scopus can be deemed as a credible search engine and the number of publications that were considered in this review is significant. In addition, the number of research directions and topics identified in this article is substantial and this is indicative of the breadth and depth of the conducted analysis.
The review and research investigation focused primarily on academic publications. White papers or industrial perspectives and research initiatives, as well as governmental and regulatory documents, were not included. The research conducted by the navies in naval cybersecurity is an important area in maritime cybersecurity. However, most of the results are highly classified and not accessible for general readers. Some of the work from the navy that appeared in Scopus was included in the analysis. Still, it is hoped that some of the best practises and methodologies identified in this article would be of interest to all stakeholders, including navies and industries.  28. Challenges with the testbed mobility, scalability and integration into the design and management process [134]. 29. The heterogeneity of systems to be modelled to allow effective simulations of cyberattacks [144]. Survey studies 30. The limited number of professionals [148]. 31. The maritime practitioners might be very conservative and restrained in their responses [151].
44. Survey on wider public opinions related to maritime cybersecurity and on how this influences trust. 45. Investigation of other stakeholders' readiness and perspectives on maritime cybersecurity [148,150] using advanced statistical tools [147]. 46. Survey of interrelationships between cybersecurity, autonomous ships and public perspectives. 47. Survey of cyber awareness in a wide number of countries in a periodical manner [151]. Cybersecurity frameworks and management studies 32. The increased window of opportunities and constant evolution of the cyber threats [18,58]. 33. Fragmentation in the regulations [20,22]. 34. Lack of cyber incidents monitoring entity [158]. 35. A large lifetime of ships extending up to 25 years [9]. 36. A large variety of involved stakeholders [9]. 37. Low cybersecurity awareness [9]. 38. The impact of COVID-19 [9] 39. The heterogeneity of maritime equipment suppliers [15]. 40. As it is also believed by some researchers, the current maritime cyber security regulations are not grounded in research, do not address the aspects holistically, refer to industry agnostic guidelines and are lagging behind the research developments [155,157]. 48. Development of tools allowing traceability of cybersecurity requirements and integration between requirements and systems with a focus on the maritime systems [53,180]. 49. Development of novel efficient tools for risk communication [73]. 50. Development of tools for constant update of vulnerabilities databases [7]. 51. Use of tools for constant access management [89] and efficient audit of maritime systems [19]. 52. Enhancement of cyber risk management processes and tools [160]. 53. Standardisation of approaches for cyber risk management [22]. 54. Investigation of interactions between technical cybersecurity and business topics management. 55. Research on cybersecure management of big data in maritime [154]. Maritime law and insurance framework studies 41. As for maritime regulations, due to the international character of shipping industry, any legislative developments are inhibited [162,163,165]. 42. The development of legislative tools is also inhibited due to the fragmentation in the legislative frameworks [164]. 43. The lack of awareness, complexity and interdependency between stakeholders [22] 44. The lack of regulations and laws enforcement entity [181]. 45. The lack of specificity [181]. 56. More high quality collaborative research in the area is required to develop legislative measures [162,181] by ensuring clarity and promoting uniform application and deterrent punishment [181].
Training development studies 46. The lack of standardization in the required competencies [20,167] 47. Constant development of new cyber-attack types [167,170]. 57. Development of training schemes for cyber incident reporting [175]. 58. Increasing awareness of cybersecurity vulnerabilities in the maritime community [7,25,68,71]. 59. Training on ensuring mitigation and resilience in cyberattacks and general management of cyberattacks [20,25,152,167]. 60. Training development for use of formal methods [53]. 61. Use of simulations for the training of maritime personnel [12,168,169]. 62. Rehearsal of the minimum set of digital skills for seafarers and maritime practitioners [167,168]. 63. Development of performance measurement metrics for training [170] Cyber incidents analysis studies 48. Lack of complete information about the cyber incidents [175]. 49. Lack of relevant regulatory framework [69,175]. 50. Technical limitations for data aggregation [175]. 51. Difficulty of classifying the cyber-attack into major or minor as the consequence can be not visible at the moment of occurrence [20]. 64. Development of a regulatory framework for cyber-incidents reporting [69]. 65. Development of forensic technology for automatic incidents analysis [68,175]. 66. Development of advanced classification for incidents reporting [113,175]. 67. Development of comprehensive methodology for cyber incidents analysis similarly to the accident investigation methods. 68. Development of information platforms for sharing experiences about cybersecurity incidents [5]. 69. Development of novel incidents reporting formats [113,114]. 70. Development of processes for cyber incidents investigation management [175]. Cyber resilience studies 52. The lack of standardization in emergency response plans [20]. 71. Development of emergency procedures management including training for addressing unexpected cyber events [18,26]. 72. Development of model-based approaches for cyber security resilience [177]. 73. More empirical studies on maritime cyber-resilience are required [177].

Conclusions
In this article, a systematic literature review and bibliometric analysis of the available research studies in Scopus on maritime cybersecurity were implemented. The bibliometric analysis helped to identify the leading countries, the most prevalent journals, researchers, and their cooperation links, as well as historical trends in maritime cybersecurity (RQ1). The literature review further identified the categories of research studies and the methodologies employed so far for maritime studies (RQ2). An analysis of the investigated papers also resulted in the identification of research challenges and directions for future research (RQ3). In this way, this article provides a succinct summary of the advancements in maritime cybersecurity through academic publications.
The main findings of this study are as follows: • Norway, the United Kingdom (UK), France and the USA had the highest contributions, based on the number of Scopus indexed publications. Europe leads the field when considering authors with two or more articles. • Journal of Marine Science and Engineering and TransNav were found to have the highest number of publications on maritime cybersecurity. Other notable journals included Lecture Notes in Computer Science, Journal of Transportation Security, Sensors, and WMU Journal of Maritime Affairs. • The annual number of scientific publications on maritime cybersecurity is consistently on the rise. The research topics' diversity and employed methodologies have also increased since 2017. • Joint publications amongst two or more research groups are not common, with most of the articles coming from within individual research groups. • The topics of concern for maritime cybersecurity researchers included cyber risk and uncertainty management, risk modelling, risk evaluation, increasing cybersecurity awareness, and investigating the applicability of different methods to the maritime systems.
Researchers also examined the relationship between safety and cybersecurity on ships, various attack types and the impact of COVID-19 on the industry, development of novel cybersecurity solutions and cybersecure autonomous ships. • The most frequent research studies included cyber risk assessment and developing novel systems for cyber security control. They contributed to over 50% of the total considered studies. • Other topics in connection to maritime cybersecurity such as penetration testing techniques, regulatory cybersecurity framework and management development, interactions between maritime law and cybersecurity, training for cybersecurity, cyber incidents analysis and cyber resilience received much less attention than the topics related to cybersecurity risk assessment and design of technical solutions. • Based on the considered studies, 52 methodological challenges and 73 research directions in different topics were identified.
The results from the bibliometric analysis can be used by policy makers to gain insights on research groups, cooperation's and direction of research. This information may help shape the course of future investments in research. The identified and analysed research studies, methodological challenges and the proposed research directions can support conducting focused innovative research. Therefore, it is expected that this review paper will support the development of research proposals, novel methodologies and technical solutions and generally will promote maritime cybersecurity. A future review study could consider additional research questions or could focus on a more detailed analysis of any considered topic in this review paper. A more extensive review could consider including also non-Scopus indexed research studies and incorporating to greater extent industrial perspectives in the review.

Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Data availability
Data is available in Appendix A, as a part of supplementary material.

Acknowledgments
The study was carried out in the framework of AutoMare project funded by Finnish Ministry of Education and Culture under application number 117784. Constructive feedback from anonymous reviewers is also acknowledged. The opinions expressed herein are those of the authors and should not be construed to reflect the views of Finnish Ministry of Education and Culture, acknowledged individuals and other involved partners in the AutoMare project.

Supplementary materials
Supplementary material associated with this article can be found, in the online version, at doi:10.1016/j.ijcip.2022.100571.