{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,13]],"date-time":"2026-07-13T18:04:27Z","timestamp":1783965867856,"version":"3.55.0"},"reference-count":43,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,6,25]],"date-time":"2026-06-25T00:00:00Z","timestamp":1782345600000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Computers &amp; Security"],"published-print":{"date-parts":[[2026,11]]},"DOI":"10.1016\/j.cose.2026.105039","type":"journal-article","created":{"date-parts":[[2026,6,25]],"date-time":"2026-06-25T07:30:01Z","timestamp":1782372601000},"page":"105039","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["Design and exploratory evaluation of a digital tabletop exercise for maritime cybersecurity"],"prefix":"10.1016","volume":"170","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-7164-2894","authenticated-orcid":false,"given":"Muhammed","family":"Erbas","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-4275-1171","authenticated-orcid":false,"given":"Sandesh Kumar","family":"Kafle","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-9026-7707","authenticated-orcid":false,"given":"Daniel","family":"Volf","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3425-0951","authenticated-orcid":false,"given":"Jan","family":"Vykopal","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Leonidas","family":"Tsiopoulos","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7781-5863","authenticated-orcid":false,"given":"Risto","family":"Vaarandi","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2012-5700","authenticated-orcid":false,"given":"Ricardo Gregorio","family":"Lugo","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"78","reference":[{"key":"10.1016\/j.cose.2026.105039_b1","doi-asserted-by":"crossref","first-page":"474","DOI":"10.46799\/jst.v6i12.1121","article-title":"Integration of the electronic chart display and information system (ECDIS) and automatic radar plotting aid (arpa) to enhance object detection, identification, and tracking","volume":"6","author":"Amirullah","year":"2025","journal-title":"J. Syntax. Transform."},{"issue":"2","key":"10.1016\/j.cose.2026.105039_b2","doi-asserted-by":"crossref","DOI":"10.1145\/3571733","article-title":"Assessing cyber risk in cyber-physical systems using the att&ck framework","volume":"26","author":"Amro","year":"2023","journal-title":"ACM Trans. Priv. Secur."},{"key":"10.1016\/j.cose.2026.105039_b3","doi-asserted-by":"crossref","DOI":"10.7225\/toms.v10.n02.w08","article-title":"Impact of spoofing of navigation systems on maritime situational awareness","volume":"10","author":"Androjna","year":"2021","journal-title":"Trans. Marit. Sci."},{"key":"10.1016\/j.cose.2026.105039_b4","series-title":"Entertainment Computing and Serious Games","first-page":"1","article-title":"Bridging the cyber security skills gap: Using tabletop exercises to solve the CSSG crisis","volume":"vol. 12434","author":"Angafor","year":"2020"},{"issue":"6","key":"10.1016\/j.cose.2026.105039_b5","article-title":"Game-based learning: A review of tabletop exercises for cybersecurity incident response training","volume":"3","author":"Angafor","year":"2020","journal-title":"Secur. Priv."},{"key":"10.1016\/j.cose.2026.105039_b6","article-title":"Scenario-based incident response training: Lessons learnt from conducting an experiential learning virtual incident response tabletop exercise","volume":"31","author":"Angafor","year":"2023","journal-title":"Inf. Comput. Secur."},{"key":"10.1016\/j.cose.2026.105039_b7","doi-asserted-by":"crossref","DOI":"10.1016\/j.ssci.2020.104908","article-title":"A novel cyber-risk assessment method for ship systems","volume":"131","author":"Bolbot","year":"2020","journal-title":"Saf. Sci."},{"key":"10.1016\/j.cose.2026.105039_b8","series-title":"Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media","first-page":"75","article-title":"Holistic approach of integrated navigation equipment for cybersecurity at sea","author":"Boudehenn","year":"2023"},{"key":"10.1016\/j.cose.2026.105039_b9","unstructured":"Brilingait\u0117, A., Bukauskas, L., Krinickij, V., Kutka, E., 2017. Environment for Cybersecurity Tabletop Exercises. In: Proceedings of the European Conference on Games Based Learning. pp. 1\u201310."},{"key":"10.1016\/j.cose.2026.105039_b10","doi-asserted-by":"crossref","DOI":"10.1016\/j.oceaneng.2024.117171","article-title":"From integrated bridge system to marine bridge domain: A computational perspective","volume":"298","author":"Chen","year":"2024","journal-title":"Ocean Eng."},{"issue":"10","key":"10.1016\/j.cose.2026.105039_b11","doi-asserted-by":"crossref","DOI":"10.3390\/jmse12101844","article-title":"Challenges in maritime cybersecurity training and compliance","volume":"12","author":"Chupkemi","year":"2024","journal-title":"J. Mar. Sci. Eng."},{"key":"10.1016\/j.cose.2026.105039_b12","doi-asserted-by":"crossref","DOI":"10.1016\/j.oceaneng.2022.112605","article-title":"Cyber-resilience for marine navigation by information fusion and change detection","volume":"266","author":"Dagdilelis","year":"2022","journal-title":"Ocean Eng."},{"key":"10.1016\/j.cose.2026.105039_b13","doi-asserted-by":"crossref","DOI":"10.1016\/j.oceaneng.2024.118059","article-title":"Systematic literature review of threat modeling and risk assessment in ship cybersecurity","volume":"306","author":"Erbas","year":"2024","journal-title":"Ocean Eng."},{"key":"10.1016\/j.cose.2026.105039_b14","series-title":"2025 IEEE International Conference on Cyber Security and Resilience","first-page":"133","article-title":"Integrating cyber threat intelligence into threat modeling for autonomous ships using PASTA and MISP","author":"Erbas","year":"2025"},{"key":"10.1016\/j.cose.2026.105039_b15","series-title":"2025 IEEE International Conference on Cyber Security and Resilience","first-page":"358","article-title":"PASTA threat modeling for cyber resilience and COLREG compliance in autonomous ship systems","author":"Erbas","year":"2025"},{"key":"10.1016\/j.cose.2026.105039_b16","doi-asserted-by":"crossref","DOI":"10.1007\/s13437-023-00304-7","article-title":"A human-centred design approach for the development and conducting of maritime cyber resilience training","author":"Erstad","year":"2023","journal-title":"WMU J. Marit. Aff."},{"key":"10.1016\/j.cose.2026.105039_b17","series-title":"Human Factors in Cybersecurity","first-page":"84","article-title":"Navigating through cyber threats, a maritime navigator\u2019s experience","volume":"vol. 53","author":"Erstad","year":"2022"},{"issue":"1","key":"10.1016\/j.cose.2026.105039_b18","first-page":"125","article-title":"International safety management - safety management systems and the challenges of changing a culture","volume":"11","author":"Hanchrow","year":"2017","journal-title":"TransNav, Int. J. Mar. Navig. Saf. Sea Transp."},{"issue":"1","key":"10.1016\/j.cose.2026.105039_b19","first-page":"35","article-title":"BRAT: A bridge attack tool for cyber security assessments of maritime systems","volume":"15","author":"Hemminghaus","year":"2021","journal-title":"TransNav, Int. J. Mar. Navig. Saf. Sea Transp."},{"key":"10.1016\/j.cose.2026.105039_b20","article-title":"What if you had been in charge? Exploring historical case studies through experiential learning and tabletop exercises","volume":"42","author":"Hern\u00e1ndez","year":"2015","journal-title":"Dev. Bus. Simul. Exp. Learn."},{"issue":"3","key":"10.1016\/j.cose.2026.105039_b21","doi-asserted-by":"crossref","first-page":"2293","DOI":"10.1007\/s43681-024-00554-y","article-title":"Navigating modern era at sea: legal challenges and opportunities of unmanned and autonomous shipping","volume":"5","author":"Islam","year":"2025","journal-title":"AI Ethics"},{"key":"10.1016\/j.cose.2026.105039_b22","article-title":"MaCRA: A model-based framework for maritime cyber-risk assessment","volume":"18","author":"Jones","year":"2019","journal-title":"WMU J. Marit. Aff."},{"key":"10.1016\/j.cose.2026.105039_b23","series-title":"Computer Security","first-page":"20","article-title":"Cyber-attacks against the autonomous ship","author":"Kavallieratos","year":"2019"},{"key":"10.1016\/j.cose.2026.105039_b24","doi-asserted-by":"crossref","DOI":"10.1016\/j.ijcip.2022.100526","article-title":"Digital transformation of the maritime industry: A cybersecurity systemic approach","volume":"37","author":"Kechagias","year":"2022","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"10.1016\/j.cose.2026.105039_b25","series-title":"Proceedings of the 30th European Safety and Reliability Conference and the 15th Probabilistic Safety Assessment and Management Conference","first-page":"255","article-title":"Tabletop exercise as a tool to foster resilience in the energy sector: Lessons learned in the baltic states","author":"Kopustinskas","year":"2020"},{"issue":"3\u20134","key":"10.1016\/j.cose.2026.105039_b26","first-page":"68","article-title":"NMEA communication standard for shipboard data architecture","volume":"60","author":"Krile","year":"2013","journal-title":"Na\u0160e more"},{"issue":"6","key":"10.1016\/j.cose.2026.105039_b27","doi-asserted-by":"crossref","first-page":"607","DOI":"10.1007\/s00190-015-0802-8","article-title":"Accuracy and reliability of multi-GNSS real-time precise positioning: GPS, GLONASS, BeiDou, and Galileo","volume":"89","author":"Li","year":"2015","journal-title":"J. Geod."},{"key":"10.1016\/j.cose.2026.105039_b28","series-title":"ICT Systems Security and Privacy Protection","first-page":"311","article-title":"Understanding collaborative challenges in IT security preparedness exercises","volume":"vol. 455","author":"Line","year":"2015"},{"issue":"1","key":"10.1016\/j.cose.2026.105039_b29","article-title":"Information extraction from automatic identification system (AIS) data for identifying shipping line based on maritime mobile service identity (MMSI)","volume":"1423","author":"Ma\u2019ruf","year":"2024","journal-title":"IOP Conf. Ser.: Earth Environ. Sci."},{"key":"10.1016\/j.cose.2026.105039_b30","series-title":"14th International Symposium on Process Systems Engineering","first-page":"1471","article-title":"Designing framework for tabletop exercise to promote resilience against cyber attacks","volume":"vol. 49","author":"Ota","year":"2022"},{"issue":"4","key":"10.1016\/j.cose.2026.105039_b31","doi-asserted-by":"crossref","first-page":"579","DOI":"10.1515\/jhsem-2014-0031","article-title":"Light weight tabletop exercise for cybersecurity education","volume":"11","author":"Ottis","year":"2014","journal-title":"J. Homel. Secur. Emerg. Manag."},{"key":"10.1016\/j.cose.2026.105039_b32","doi-asserted-by":"crossref","DOI":"10.1080\/20464177.2024.2330176","article-title":"Future of maritime autonomy: Cybersecurity, trust and mariner\u2019s situational awareness","author":"Palbar Misas","year":"2024","journal-title":"J. Mar. Eng. Technol."},{"key":"10.1016\/j.cose.2026.105039_b33","series-title":"Maritime Systems, Transport and Logistics I: Safety and Efficiency of Operation","first-page":"197","article-title":"Measures to counter cyber attacks on maritime transportation","author":"Polikarovskykh","year":"2025"},{"key":"10.1016\/j.cose.2026.105039_b34","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2023.103585","article-title":"A systematic review of current cybersecurity training methods","author":"Pr\u00fcmmer","year":"2024","journal-title":"Comput. Secur."},{"key":"10.1016\/j.cose.2026.105039_b35","article-title":"Cybersecurity knowledge and skills for port facility security officers of international seaports: Perspectives of IT and security personnel","volume":"37","author":"Senarak","year":"2021","journal-title":"Asian J. Shipp. Logist."},{"key":"10.1016\/j.cose.2026.105039_b36","series-title":"Cybersecurity, Situational Awareness and Social Media","first-page":"39","article-title":"Criteria for realistic and expedient scenarios for tabletop exercises on cyber attacks against industrial control systems in the petroleum industry","author":"Skytterholm","year":"2023"},{"key":"10.1016\/j.cose.2026.105039_b37","series-title":"Proceedings of the 2024 on Innovation and Technology in Computer Science Education V. 1","first-page":"213","article-title":"From paper to platform: Evolution of a novel learning environment for tabletop exercises","author":"\u0160v\u00e1bensk\u00fd","year":"2024"},{"key":"10.1016\/j.cose.2026.105039_b38","doi-asserted-by":"crossref","first-page":"17114","DOI":"10.1109\/ACCESS.2024.3357082","article-title":"Maritime autonomous surface ships: A review of cybersecurity challenges, countermeasures, and future perspectives","volume":"12","author":"Tabish","year":"2024","journal-title":"IEEE Access"},{"key":"10.1016\/j.cose.2026.105039_b39","doi-asserted-by":"crossref","DOI":"10.33175\/mtr.2021.241410","article-title":"The use of cyber ranges in the maritime context: Assessing maritime-cyber risks, raising awareness, and providing training","volume":"3","author":"Tam","year":"2020","journal-title":"Marit. Technol. Res."},{"key":"10.1016\/j.cose.2026.105039_b40","doi-asserted-by":"crossref","DOI":"10.1016\/j.techfore.2021.120879","article-title":"Digital transformation in the maritime transport sector","volume":"170","author":"Tijan","year":"2021","journal-title":"Technol. Forecast. Soc. Change"},{"key":"10.1016\/j.cose.2026.105039_b41","series-title":"Maritime Cybersecurity","first-page":"103","article-title":"A scope review of secure broadcasting protocols for the automatic identification system","author":"Tsiopoulos","year":"2025"},{"key":"10.1016\/j.cose.2026.105039_b42","series-title":"Proceedings of the 2024 on Innovation and Technology in Computer Science Education V. 1","first-page":"220","article-title":"Research and practice of delivering tabletop exercises","author":"Vykopal","year":"2024"},{"key":"10.1016\/j.cose.2026.105039_b43","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10207-024-00812-4","article-title":"From sinking to saving: MITRE ATT&CK and D3FEND frameworks for maritime cybersecurity","volume":"23","author":"Yousaf","year":"2024","journal-title":"Int. J. Inf. Secur."}],"container-title":["Computers &amp; Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404826002154?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404826002154?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,7,13]],"date-time":"2026-07-13T17:14:33Z","timestamp":1783962873000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0167404826002154"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,11]]},"references-count":43,"alternative-id":["S0167404826002154"],"URL":"https:\/\/doi.org\/10.1016\/j.cose.2026.105039","relation":{},"ISSN":["0167-4048"],"issn-type":[{"value":"0167-4048","type":"print"}],"subject":[],"published":{"date-parts":[[2026,11]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Design and exploratory evaluation of a digital tabletop exercise for maritime cybersecurity","name":"articletitle","label":"Article Title"},{"value":"Computers & Security","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.cose.2026.105039","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 The Authors. Published by Elsevier Ltd.","name":"copyright","label":"Copyright"}],"article-number":"105039"}}