28814 members and growing – the largest networking group in the maritime industry!


Saturday, November 28, 2020

Maritime Logistics Professional

Securely Connected Vessels: Vessel Communications and Maritime Cybersecurity

Posted to Maritime Software....Making It Easy (by on January 23, 2017

As improvements to communication technologies, sensors, and vessel electronics continue to progress, operators are more motivated than ever to provide reliable communication solutions to their fleet. The wide range of options and variables involved in creating a “connected vessel” can be overwhelming, and these options vary dramatically in costs, reliability, capability, and security.

While increased connectivity can lead to a safer, more automated vessel, so too increases the risk of a cybersecurity breech. Historically, cybersecurity was not a major concern for the marine industry, but with the advent of autonomous vessels, sensor-driven predictive analytics, and remote control technologies, the risks associated with an attack are high. For that reason, implementing a connectivity solution must also take cybersecurity into consideration.

This post is designed to serve as a practical guide that helps operators make better decisions on how to best provide connectivity to their fleet, while also factoring in cybersecurity. 

This post was initiated by MarineCFO in response to customer requests for technical guidance on vessel communications options and cybersecurity. While the MarineCFO product Vessel365 is used an example throughout, this document can also serve as a good source for generic information on the subject for any operator.


Communication technology advancements between the mid-19th and early 20th century had a profound effect on the safety of ships and their crews. For millennia, when a vessel left the safety of port, it was for all practical purposes on its own. An incident that occurred at sea almost never ended well, whether it involved a problem with the ship itself, the health of a crew member, or unexpected weather conditions. 

During this period, the pioneering work of scientists like Samuel Morse and Guglielmo Marconi made it possible for vessels to communicate with the shore and nearby ships. While crude by today’s standards, technologies like the spark-gap generator pictured above allowed an onboard radio operator to both send and receive messages using Morse code. The ability for a ship to send a distress signal changed the game, and untold thousands of lives were saved accordingly. 

Today as in the past, shipboard technologies continue to improve. While many of the motivations for a connected vessel remain the same, new reasons exists as well. Distress signals are still vital but can now include precise locations on the earth’s surface using GPS coordinates, dramatically improving the efficiency of a search and rescue mission (SAR). Fast forward 100 years, and modern crew members want to send an email or speak to a family member, too.

Drivers for the Adoption of Vessel Communications
Many operators now see their vessels as branch offices of the company. They are the location where most of the company’s business transactions take place, where it’s primary assets are utilized and maintained, and where the bulk of its employee’s work. Companies often create Wide Area Networks (WAN’s) to electronically unite offices and shore-side facilities, but increasingly, those networks now include the mobile fleet as well.  

Safety and Distress
Starting in the early 1900’s, the primary motivation to equip a vessel with communications was to provide improved safety for the crew and her passengers. These vessels used the Morse telegraph to transmit information, (Morse visual signaling started in 1844) and if a ship found itself in peril, it could now send out a distress signal and potentially receive assistance. 

That same spirit of safety has come a long way, and in 1988 GMDSS was introduced to make ship rescues easier. SOLAS (Safety of Life at Sea), Chapter IV, defines the GMDSS functionality standard and communication equipment applicable to vessels above 300 tons that undertake international voyages. GMDSS is primarily radio based using VHF, MF, and HF, and does not offer data transmission. Digital GMDSS systems that utilize satellite, such as Inmarsat, offer very limited data transmission primarily to support the sending of distress messages only.

GMDSS is an international standard maintained by the IMO, a United Nations agency, and is designed to support alerting, geographic positioning of the vessel in stress, search and rescue coordination, homing, safety broadcasts, general communications, and bridge-to-bridge communications. 

Cospas-Sarsat is an internationally maintained satellite-based search and rescue system, established by Canada, France, the United States, and Russia. Collectively these countries developed the 406MHZ Emergency Position-Indicating Radio Beacon (EPIRB) which operates with Cospas-Sarsat. 

Other technologies that currently provide additional protection to modern mariners include the NAVTEX alerting system, Inmarsat satellite based systems, and High Frequency (HF) radio. 

Compliance and Regulatory Requirements
A more modern driving force for the adoption of on-vessel communications is the need to conform to an increasing number of industry, customer, or governmental based regulations. For example, the United States Coast Guard (USCG) passed Subchapter M (SubM) in July of 2016. SubM affects nearly 6000 vessels that primarily operate within the inland United States waterway system. 

For the first time in USCG history, SubM officially recognizes and supports the concept of an electronic record, in contrast to the centuries old manual, paper logs. Vessel activities, such as safety drills, maintenance tasks performed, and job related events, can all be stored in a database that resides on the vessel. The USCG reserves the right to interrogate and audit these records to look for objective evidence in the event of an incident with the vessel, or to confirm that the vessel is operating under the spirit of its Safety Management System (SMS), or Towing Safety Management System (TSMS).

This has led some operators to think in terms of taking the records generated on the vessel and migrating them to the shore to drive automation around maintenance, billing, and dispatching. To support that model, operators need communications with the vessel to both receive those records and also push tasks and notifications back to the vessel.  

Navigational Aids 
Communications are also used by navigation systems, and to report information back to regulatory authorities, including:
•Virtual Buoys (eATON’s) - Traditional ATON’s (Aid to Navigation) are physical structures that assist a captain by identifying lanes of passage based on water depth, underwater obstructions to be avoided, and similar purposes. Unlike the static paper charts used for centuries, modern navigation systems thrive on real-time, dynamic data often maintained by third parties, and communications are used to send updated navigation information to the vessel. Recently, that model also began to include Virtual Buoys. From a captain’s perspective, a virtual buoy appears as an icon on the navigation system, perhaps representing the presence of another vessel nearby, or a recently discovered underwater obstruction. Virtual buoys are dramatically reducing fogbound collisions and allisions, so the need for a reliable communication pipeline to the vessel to render these virtual buoys, in near real-time, is critical for improved safety.  

•Automatic Identification System (AIS) - The Automatic Identification System (AIS) is an automatic tracking system used on ships and by vessel traffic services (VTS) for identifying and locating vessels by electronically exchanging data with other nearby ships, AIS base stations, and satellites.

What you see on AIS

•Voice Communications - Voice communications allow the vessel to communicate with the shore, emergency authorities, pleasure crafts, colleagues, or nearby vessels. This vital line of communication can provide critical and timely information as to weather conditions, route choices, or other incidental hazards to navigation.
•Long Range Identification and Tracking (LRIT) - Established by the International Maritime Organization (IMO), this standard mandates that a vessel reports its geographic location to its flag administration four times a day. 
•Vessel Traffic Service (VTS) - Used by harbor or port authorities to manage incoming or outbound traffic, this system is similar to the system air traffic controllers use. It typically operates using radar, CCTV, AIS, or VHF. VTS is governed by SOLAS, Chapter V, Regulation 12, together with the Guidelines for Vessel Traffic Services [IMO Resolution A.857(20)] adopted by the International Maritime Organization on 27, November, 1997.

The Internet of Things (IoT), Predictive Analytics, and Machine Learning
The internet and cloud have revolutionized many industries, and while there is still a long way to go to realize its full benefit, so too will it have a profound effect on the marine transportation industry. 

More and more things in our lives are now “connected” to the internet. Our doorbell allows us to see and speak to a visitor even when we are thousands of miles from home. Our car can receive roadside assistance with the push of a button, and our refrigerator can email us when the water filter needs to be changed. 

Most modern vessels have sensors on-board, whether they come built into OEM equipment like an engine, or if they were added during the original construction or a repowering. Some vessels have many thousands of sensors measuring things like temperature, hull vibrations, runtime hours, fuel consumption, and when a bilge pump activates. Traditionally these sensors were designed to culminated in the wheelhouse to alert the captain of anomalies. Most of the data collected by these sensors, often voluminous amounts of it, were at best archived somewhere on the vessel, or more typically, not preserved at all. Some companies would send a person out, occasionally, to fetch the data and burn it to a DVD for some future, unknown potential use. 

With the advent of the public cloud, larger data pipes to the vessel, and the inexpensive nature of storing large volumes of data, it now makes sense to consider transmitting this data to the cloud or internal server for a variety of purposes, such as monitoring asset usage in a conditional maintenance strategy, or tracking runtime hours in a waterway segment for precise tax calculations. 

Sensor set-points are the thresholds defined for each sensor that when exceeded or triggered, alert the captain or crew, typically via an alarm or another indicator in the wheelhouse. For example, a vibration sensor may be attached to the hull wall near an engine. Normally the vibration stays within a fixed range, but when it goes outside of that range, the captain is alerted.

A limitation caused by a lack of communications is that usually, by the time the measured vibrations goes outside of the known-good range, damage to the engine has already occurred or is now imminent. Set-points are often configured pessimistically as to not generate false alarms or heckle the captain. In reality, the abnormal vibration started trending much earlier, often months earlier, likely indicating a problem with the bearings. If the sensor data had been shipped to the shore daily, a different set-point could have been used by a person behind a desk, and the problem could have been identified much earlier. A day of downtime is costly, and worse, machinery failure could affect human safety. Proactively dealing with the situation as opposed to reactively responding to it could save both money and lives. 

More recently, machine learning can apply proven algorithms to sensor data accumulated over time to predict machinery failures, human-error accidents, and related situations. For that reason, migrating the data from the vessel to long-term storage onshore is often useful and cost-justifiable to operators. Not only can these algorithms interrogate sensor data, but they can now integrate with other sources of data to add more meaningful variables to calculations. For example, NOAA atmospheric and ocean condition data could be married to the crew’s social media and training data, and factored in with sensor data, to more accurately predict incidents.     

A common IoT vessel architecture used to drive a predictive analytic scheme, using the Microsoft Azure public cloud as an example

Another use of vessel communications is to support the use of software applications and devices that automate the functional purpose of the vessel. Those systems typically include:
•Electronic logging applications, such as Vessel365
•Operational computer systems that manage the job function of the vessel, such as a tow diagram
•Cargo and logistics monitoring applications
•Fuel monitoring solutions
•Transmission of captured data, such as scientific research vessels, environmental, or seismic data
•Reporting notable vessel activities to customers in real-time, such as the delivery of goods or the pickup of crew members 
•Dispatch communications between the vessel and shore-side personnel

These systems will vary from operator to operator and are largely determined by their particular line of business, such as transporting cargo, moving passengers, or doing scientific research. Each system will also have a varying degree as to the amount of data it requires. For example, electronic logging systems will require a relatively small data pipe, whereas vessels that scientifically collect data will require a much larger one.   

Some vessels will also use connectivity to provide entertainment to crew members or passengers. Examples include:
•Onboard Wi-Fi for the crew to use for their cell phone or personal device
•Television feeds
•Subnetworks to provide Wi-Fi to passengers
•IP based telephony

Photos and Video Monitoring
Some operators also benefit from live video feeds from the vessel. Shore-side personnel can monitor crew activities in real-time for safety purpose. Engineers can evaluate vessel issues, such as nonconformities and deficiencies, by evaluating video or photos from observations made by crew members. They can often make a more accurate assessment of a particular situation and respond accordingly.

Voice and Data Communication Technologies 

Modern operators often face a daunting challenge in determining what is appropriate for their specific needs. Variables include operational and job requirements, startup and recurring costs, reliability, uptime guarantee, bandwidth needs, and the geographical areas and waterways in which the vessel operates.
Some systems offer regional support, whereas others offer global coverage. Some have fixed costs data plans, while others are costly and charge for the number of characters transmitted. Solutions vary in resiliency as well, where one may go down for days at a time after a hurricane, while others practically never go down. Each of these systems have their own pros and cons, and it is vital for operators to select the solution best suited for their particular needs, to both control costs and to also deliver the required level of operational service to the vessel. 

Radio systems VHF, MF, and HF, are common place in the marine industry and provide the following communication services:
•Two-way voice communications
•Distress alerting
•Telex with printing. Telex is an international system of telegraphy with printed messages transmitted and received by teleprinters using the public telecommunications network.

The typical range for the different radio bands are as follows:
VHF30-300 MHz74-110 km / 40-60 nautical miles
MF300 Khz - 3 MHz275-370 km / 150-200 nautical miles
HF3-30 MHzworldwide during optimal conditions

Radio services are often maintained by maritime authorities and typically free, but as a result, there has not been a lot of innovation around using radio waves to transmit data. Initiatives like Packet Radio and VHF Data Exchange may make the use of radio to transmit data a more viable solution in the near future. So, while radio can provide an excellent solution for voice and telex, it does not currently offer a good data solution. 

Mobile Satellite Systems (L-band)
Companies like Inmarast, Iridium, Thuraya, OrbComm, DirectTV, and others maintain satellite based systems that offer a variety of communication packages and solutions for marine transportation companies. Their satellites operate in different levels of stationary orbit and generally provide reliable services covering the vast majority of the worlds navigable waters. 

Their solutions are typically proprietary.

As an example of the types of services these providers offer, Inmarsat provides the following services, along with others:
•FleetBroadband - Delivers global voice and broadband data, with a range of capabilities and antenna sizes.
•SwiftBroadband - 
Provides high-quality voice and high-speed data, simultaneously, through a single antenna on a global basis.
•Low Profile BGAN - Remote controlled broadband service with lie-flat antenna that delivers high-speed IP communications for covert and discreet operations.
•Fleet Media - Maritime entertainment solution that brings films, sports and TV shows to your crew on-demand, anywhere at sea.
•Fleet One - Satellite voice and data services for fishing, merchant and leisure vessels of any size.

Iridium, Thuraya, and others have similar packages that offer Broadband, Data, and voice solutions for vessel operators.

Land-based mobile technologies have experienced rapid growth in the last 20 years, primarily to support the proliferation of smart phones and related devices. Given the proper antenna configuration and power, current technologies such as 4G can work over a range of 100Km, or 50 nautical miles. Some systems can reach offshore as far as 120 km, making them a viable solution to operators working within that range of the shore.

Mobile based solutions, including the use of air cards or mobile “hot spots” can provide useful data and voice solutions for operators that work along coastal waters on inland river systems. Many now offer unlimited data plans with guaranteed data speeds.

Wi-Fi is another technology useful to some operators, particularly those operating around ports or harbors. Some standards such as IEE 802.11 and IEE 802.16 can offer ranges up to 15 km and data speeds between 512 kbps-8Mbps. 

Some companies provide regional cellular services that are designed to cover a particular area at sea where vessel traffic is high. For example, Broadpoint operates a cellular network in the U.S. Gulf of Mexico that targets the OSV (Offshore Supply Vessels) market which services the oil production platforms in the area. Unlimited voice and text packages start at US $79 per month, and data packages starting at 1 GB per month for US $119. These solutions are relatively reliable and offer compelling costs/value propositions to operators.

Notes on the Limitation of Mobile as a Distress Technology
The United States Coast Guard does not endorse cellular phones as a primary means of distress notification in the maritime environment.  Cell phones have several shortcomings in the maritime environment that can delay search and rescue authorities.

During a search and rescue (SAR) case, the Coast Guard attempts to broadcast as much information as possible about the case. These broadcasts provide information to mariners that may be in the vicinity of the SAR case so that they can respond appropriately. A cell phone limits communications between the Coast Guard and the mariner in distress, because other possible rescuers in the area are not immediately made aware of the SAR case. In contrast, a marine radio call allows all other mariners in the area to overhear the distress call and respond if possible.

Most cellular phones are designed for a land-based service. Their offshore coverage is limited and may change without notice.

Locating a cellular caller can be difficult.  If you don't know your position precisely, the Coast Guard may have difficulty locating you.

Two United Nations-chartered organizations, the International Maritime Organization and the International Telecommunications Union, are responsible for defining and regulating maritime telecommunications systems. The most current system adopted by these two organizations is the Global Maritime Distress and Safety System, or GMDSS.  Morse wireless telegraphy, used by ships for distress and safety communications since the beginning of the century, was discontinued by the USCG in 1995, and ceased worldwide on February 1, 1999.  Many people owe their lives to this system.
Satellite VSAT
VSAT satellites operate on C-, Ku and Ka bands which have a broader spectrum. As a result, data rates are typically much higher and costs much lower than L-band systems like Inmarsat and Iridium. Because of the way a ship typically moves, a VSAT antenna must be extremely stable and accurate so that it constantly points toward the satellite. 

Typical VSAT plans offer data speeds up to 6 Mbits per second capped at a certain amount of consumption. Overages are charged for additional usage, typically in the $1 or less per MB range.

The VSAT market is more competitive than the L-band satellite market, and as a result, there are more innovations happening there. Low antenna gains make it an excellent choice for deep-sea operators.

Bandwidth Comparisons

Source: Euroconsult, Maritime Telecom, Solutions by Satellite, 2014


No conversation on ship connectivity would be complete without also factoring in the risks associated with cybersecurity. As ships become more connected, automated, and with autonomous vessels a reality, the marine transportation industry is placing greater focus on cybersecurity. 

It is strongly recommended that operators develop a cybersecurity policy that resides and is maintained within the SMS or TSMS.   
Current Challenges in the Marine Industry
While there are common cybersecurity issues across industries, the marine industry has unique challenges.

One challenge derives from the ad-hoc nature of the various systems onboard a vessel. Often these systems are a cobbled together from a variety of OEM providers during the original construction, and further fragmented over the lifespan of a vessel, such as during a repowering event or a change in wheelhouse electronic equipment. This leads to the lack of a top-down, comprehensive cybersecurity plan that contemplates all of the systems onboard, as a single securable asset.

Another common challenge stems from a misunderstanding between the OEM provider and the operator. OEM providers often think that the operator is ultimately responsible for cybersecurity, while the operator assumes that the responsibility lies with the OEM provider. Operators often falsely assume that OEM equipment, usually installed by third parties, is innately secure, and that the providers have contemplated cybersecurity on their behalf. This is usually not the case and leads to a false sense of security. 

To overcome these challenges, OEM providers should focus on:
•Product assurance statements that the operator can rely on
•Third party cybersecurity validation of equipment
•Certification and training of third party integrators         

Operators should:
•Ask for assurance statements from the OEM provider, and/or the integrator
•Understand the limitations and vulnerabilities of systems as detailed by the provider
•Request and validate the segregation of onboard networks, such as engine, cooling, steering, AIS, GMDSS, Wi-Fi, back office, etc.  

Types of Attacks
Cyber-attacks come in multiple and unsuspecting forms including, but not limited to the following practices:
•Social engineering - An attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.
•Phishing - An email that will typically direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers, that the legitimate organization already has.
•Waterholing - A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit. The goal is to infect a targeted user's computer and gain access to the vessels network.
•Ransomware - A type of malicious software designed to block access to a computer system until a sum of money is paid.
•Scanning - An attacker launches a port scan to see what ports are open, with a listening service, on your machine. A port scan attack, therefore, occurs when an attacker sends packets to your machine, varying the destination port.
•Spear-phishing - Spear phishing is an email that appears to be from an individual or business that you know, but in reality, is not. Instead it is from a hacker looking for vital information from your system, such as the vessels current location, the cargo it is carrying, and to which port and at what time it will arrive.
•Deploying botnets - A network of private computers infected with malicious software and controlled as a group without the owners' knowledge, e.g., to send spam messages.
•Subverting the supply chain - A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less-secure elements in the supply network. Cybercriminals typically tamper with the manufacturing process of a product by installing a rootkit or hardware-based spying components.

Venerable Onboard Systems
Vulnerable onboard systems can include, but are not limited to:
•Cargo management systems.
•Bridge systems.
•Propulsion and machinery management and power control systems.
•Access control systems.
•Passenger servicing and management systems.
•Passenger facing public networks.
•Administrative and crew welfare systems.
•Communications systems.
•Edge and distributed computing devices that support an IoT enabled ship

Mitigation Strategies
(RE: ASTM, Best Standard Practice/Guide for Cyber Security, for Cyber Attack Mitigation for Marine and Mariner Use, 2017 Proposed)
•Companies should adopt policies for appropriate use of, and access to, automated systems aboard ships, vessels and offshore assets.  At a minimum, this includes an IT Security Policy and an Acceptable Use Policy to ensure that employees and users within each company understand how company resources and data should be used. This also ensures that standards are consistent, understood and enforced.
•Access policies are expected to limit individual access to critical or sensitive data and records onboard seagoing ships, starting from the top of the organization down. By doing so, fewer people will have the credentials to information onboard ships; therefore, not allowing for the credentials to be circumvented by hackers.
•A company is expected to grant access privileges according to employee roles and responsibilities, and according to the employee’s need to know.  
•Local administrative privileges can allow mariners too many rights for normal work, and they can provide cyber-intruders a way to move through a ship’s network. This can mean the difference between a single system and user account being compromised and the entire organization’s computer systems. 
•System Administrator privileged accounts are the most sensitive accesses, and they can be the difference between a simple perimeter breach and a major data loss, malicious activity or financial fraud occurring. Organizations are expected to ensure that they continuously audit and discover privileged accounts and applications that require privileged access, remove administrator rights where they are not required and adopt two factor authentications to mitigate user accounts from easily being compromised.
•The company is expected to define a distinction between how the informational resources onboard a ship are utilized (i.e. personal and work systems, company resources etc.). 
•All employees, regardless of seniority or experience, should subscribe to the training program adopted by the company, agency or international governmental body on the risks, approach and prevention of cyberattacks.
•Companies should, where possible, secure digital assets through the use biometric access, such as a fingerprint scanner or a TWIC card, for example. Such access is superior to the traditional user name/password architecture, as a password is more easily compromised and does not require a physical presence.
•The use of personal devices, such as a crew members smart phone or wireless hotspot, presents and unknown but significant variable in the overall security of a ship. In addition, the popularity of mobile apps and social media expose additional vulnerabilities that are unique to the specific app, site, API, or service. For that reason, a company should adopt policies as to the usage of personal devices, and whether those devices are allowed to connect to onboard services, such as a vessels wireless network.  
•All communication devices onboard, such as a router, satellite phone, laptop, PC, or smart phone, should be restricted to use secured protocols, such as HTTPS instead of HTTP. Other protocols not used should be disabled, such as RDP or FTP.
•All applications, devices, or systems transmitting data to or from the vessel should encrypt and compress the data prior to transmittal. This could include software systems, IoT devices, and OEM enabled sensors. 
•Client certificates or cookies used to cache access credentials should be set to low expiration periods, and renewed frequently as needed. While this may slightly increase data consumption, if a credential is ever compromised, a short expiration period limits the exposure to a small window of time.  
•All I/O connections to PC’s, laptops, PLC boards, etc. should be contemplated in an overall security strategy, and only those that are absolutely necessary should be enabled. That could include disabling things like USB ports, CD/DVD drives, Bluetooth, WiFi, VPN, built-in modems, and related I/O points. 
•Vessels should install software recommended by the Department of Homeland Security, the International Maritime Organization and BIMCO to update and protect all onboard information systems. Updating IT and OT systems will allow for evaluation and analysis and will provide a measurable response to potential or active threats for the 21st century. This should be looked to as a vessel’s first line of defense when a human does not detect a cyberattack. 
•Companies, governments and organizations should consult the National Institute of Standards and Technology (NIST) Cyber Security Framework; which can help companies quantify the approach being taken to cyber security using common principles and standards.
• Employee training programs should educate mariners on the different stages of a cyberattack in order to recognize when a cyberattack or data breach is suspected.
•Officers and crewmembers on board vessels should perform at least one cybersecurity risk assessment training exercise or course during a three or six-month voyage. It should be done before entering international waters.
•The companies’ SMS policy should include, as a forethought, the concept of cyber security, and the potential damages that could occur on a vessel by vessel basis, based on the configuration and systems onboard.
•Companies and organizations should continuously update their IT and control systems with each generation of newly developed software, while carefully tracking software versions and adhering to their company or organizational Management of Change policies and procedures.
•Companies and Governments should adopt perimeter defenses and protections for their databases and onboard record keeping systems through local access networks. 
•Networks that provide suppliers with remote access to navigation and other OT system software on shipboard equipment, are expected to be controlled. Such networks may be necessary for suppliers to allow upload of system upgrades or perform remote servicing.
•Companies and organizations are expected to control their systems and software deliberately.  No third party (supplier, maintenance organization, etc.) can be allowed to make software changes to critical systems without direct permission from the Owner and Master of the vessel. 
•Companies and vessels should join the Department of Homeland Security’s Automated Indicator Sharing (AIS) Initiative. By sharing unclassified cyber threat indicators, DHS enables the detection, prevention, and mitigation of cyber threats. The AIS initiative is available to partners in critical infrastructure; the private sector; state, local, tribal, and territorial governments; federal departments and agencies; information sharing and analysis centers (ISACs) and information sharing and analysis organizations (ISAOs); and foreign partners and companies (For more information, see https://www.us-cert.gov/ais ).
•Companies should review the NIST Special Publication 800-184, “Guide for Cybersecurity Event Recovery”. (http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-184.pdf)

Selecting the Appropriate Communication Solution

With the wide variety of vessel types, waterways of operation, communication technologies, and operational needs, operators may find it difficult to make decisions that best fit their needs. This section will discuss the variables to consider when making those decisions.
Vessel Types and Machinery
The type of vessel and the machinery it contains should be considered when deciding on a communication infrastructure and provider. Factors include:
•The number and type of operational applications the vessel uses to operate, such as the ones described earlier in this document
•The number of sensors the vessel contains that are remitting data
•The maintenance plans associated with the onboard equipment
•The typical crew size of the vessel, and the amount of data consumption each individual may consume if Wi-Fi is provided
•Voice strategy
•Data strategy
•The importance of timely e-Navigation updates (eATON’s, for example)

Job Functions
Other considerations include the type of work the vessel typically performs. Factors may include:
•Digital interactions with ports, locks, bridges, tunnels, and other facilities
•Customer driven requirements, such as the need to notify them immediately when cargo has been picked up or dropped, or a VGP report
•The benefits to the company for automating billing. Activities performed by the vessel can be sent shore-side immediately to create just-in-time billing scenarios 
•Automation of dispatching, change orders, turnarounds, etc.
•Maintenance of vessel status in real-time, such as lives on board, cargo in transit, or barges in tow
•Distribution of digital documents to physical reside on vessel, such as COI’s, strapping tables, SMS policies, etc. 

Operational Waterways
Another major factor involves the waterways that a vessel typically operates within.

Inland, or “brown water” operators can often benefit from terrestrial systems, such as mobile cellular, for their data strategy. Many inland waterways are substantially covered by cellular, 5G, or similar networks. Operators can use air cards, hot spots, or similar devices to provide bandwidth to the vessel in a fixed-costs manner, with data speeds that can support the bi-directional transmission of application data, video feeds, sensor data, or Wi-Fi. Additionally, relatively inexpensive antenna boosters can be installed to increase range coverage. While there are still “dark spots” without cellular coverage in the rural areas of some waterways, those spots are quickly going away, and applications that are built with connectivity-resilience can often deal with intermittent data outages.

Many deep-water operators, or vessels that primarily operate in blue water, are typically limited to satellite based systems. Some work continental shelves where terrestrial technologies are available part of the time, and at other times will not be within range. Those that can switch between available networks often use a least-cost-routing concept. In that model, the vessel will use a primary, often more cost effective connection when it is available. When the system detects the primary connection is no longer available, it will automatically switch over to a defined secondary connection, usually more expensive, to maintain communications. There can also be additional connections defined with an order of precedence. The switching between defined connections can be performed by hardware systems that range in price from $2500-$6000. 

A viable alternative to least-cost routing hardware is to allow an operating system, such as Microsoft Windows, to recognize and manage all available connections. In this model, the OS handles the switching between the networks by monitoring the health of each, and always using the highest priority network where possible.  

Terrestrial networks often offer more consistent billing rates and affordable data plans. Data plans can run from $60-150 per month for unlimited data, and typically cover the vast majority of inland and coastal waterway systems. Additionally, hot spots can be used to make the vessel Wi-Fi enabled, allowing crew the ability to connect their personal devices for business or personal reasons.

Satellite systems are typically more expensive but offer a larger geographical coverage area, which typically includes the vast majority of the world’s navigable waterways. Data plans often contain fixed pricing for a certain amount of data, and then so much per data unit (i.e. MB) thereafter.  

Business Continuity
Many operators are concerned with the potential for terrestrial systems, such as cellular, to go down for extended periods of time. For example, in the South-Eastern portion of the United States, hurricanes have been known to disrupt cellular service for days at a time. If your vessel has only one form of communication, then this is often not acceptable. Whether by radio or other proprietary systems, it is important for the shore to stay in touch with the vessel for operational and safety reasons. This often leads operators down a path of considering multiple, redundant systems, often incorporating a least-cost-routing concept.

Many of the onboard software applications are built with communication resiliency in mind, meaning, that intermittent data outages will not affect the functionality of the system. With that in mind, some operators can simply use terrestrial technologies, and perhaps keep a prepaid satellite phone on board in the rare cases where it goes down for extended periods of time.

For those operators that cannot use terrestrial technologies because they are typically at sea, satellite is often the most viable option. Compared to other technologies, satellite systems are typically more reliable from an always-on perspective, but typically cost more to maintain.  

Vessel365 and Related Applications

MarineCFO offers an integrated shore-to-vessel solution called Vessel365. 

Shore-side personnel login to a cloud based portal to perform the following tasks:
•Disseminate job tasks and notifications to vessels
•Configure checklists that must be completed on a recurring interval and disseminate them to the appropriate vessels
•Distribute physical documents, such as COI’s and an SMS plan, that must by regulation physically exist on the vessel
•Manage the complete lifecycle of deficiencies and nonconformities 
•Monitor all inbound fleet activities, such as the status of schedule items, maintenance plans, or logging
•Monitor crew activities and track their physical presence onboard

Each vessel contains an application used on one or more PC’s, tablet’s, or laptop’s, that remits data to and from the shore cloud component and offers the following:
•Event logging    
•Alerts and notifications
•Document management
•Compliance and e-records
•Planned Maintenance
•Remittance of sensor data to the shore

The following diagram show the basic architecture of the system:

Smart Client

Vessel365 is a “smart client”, meaning that while it constantly attempts to bi-directionally replicate data to and from the shore, it assumes that connectivity is intermittent and costly. For that reason, it is built to be resilient in the case of data outages. The crew can work unencumbered during extended periods of data outage (weeks or months) and the system will replicate the moment it comes back into coverage, or when another network is activated under a multiple, least-cost routing scheme.

Encryption and Compression

To reduce costs, Vessel365 only remits the actual changed or newly created data to the shore. It also compresses the data using industry standard technology to minimize packet sizes. This works particularly well for operators using communication technologies that charge by the amount of data being transmitted. 
Vessel365 also encrypts the data in-motion to and from the vessel. This encryption uses sophisticated algorithms preventing hackers from intercepting or altering information.  

Calculating Costs and Data sizes

The amount of data being sent to or from the vessel varies through the configuration of the system. Primary factors include:
•The number of scheduled items to be completed by the vessel, and how often the shore decides to receive these completed items
•The verboseness of daily logging
•The number of notifications sent to or from the vessel
•The number of sensors connected, and the verboseness of the data configured to be sent shore-side
•The number and size of physical documents sent from the shore to the vessel
•The number of and size of documents completed by the vessel and sent to the shore

The following table shows approximations as to the amount of data transmitted by certain features of Vessel365:
Checklist Sent to VesselAround 145 bytes per item in checklist
Documents/Folders Sent to VesselAround 220 bytes per document/folder (plus actual document download)
Waterways Sent to Vessel 342 bytes per
Mob Location Sent to Vessel350 bytes per
Vessel Activities Sent to Vessel 255 bytes per
Notifications Sent from Vessel Around 921 bytes per notification
Completed Checklist Sent from Vessel Around 2600 bytes per checklist item
Completed Documents Sent from VesselAround 840 bytes per document (plus actual document upload)

Example: If you complete 2 documents a day, 5 checklists of 10 lines each, and send/receive 20 notifications your daily bandwidth usage would be estimated around 149 kb a day.

Sensor Integration
Vessel365 can also be configured to send onboard sensor information from the vessel to the cloud for analytical and machine learning purposes. Under this scenario, the amount of data transmitted can increase significantly.  

Vessel365 supports the concept of fog, edge, and distributed computing, whereby sensor compute processing happens both onboard and in the cloud. For example, a sensor monitoring the vibration of the hull in the engine room will typically take a reading every second. During the course of an hour, 3600 rows will be created, identifying the sensor, the time, and the reading value. If the reading value is the same for each row, or within a defined range of values, Vessel365 does not need to transmit all of the rows. Instead it can transmit a single row to the cloud without any loss of granularity, and the cloud can reconstruct the rows if needed.

Example: Native onboard format

ENGVIB18/1/2016 9:00.01.23
ENGVIB1 8/1/2016 9:00.02.23
ENGVIB1 8/1/2016 9:00.03.22
ENGVIB1 8/1/2016 9:00.04.23
+ 3594 more rows like this

Simplified and reduced size row

SensorID From TimeTo TimeReading# of Readings
ENGVIB1 8/1/2016 9:00.018/1/2016 9:59.00.233600

APPENDIX A: References
•ABS, Guidance Notes on The Application of Cybersecurity Principles to Marine and Offshore Operations
•Lloyd’s Register, Cyber-enabled ships, First Edition, February 2016
•IMO Standard Marine Communication Phrases, April 2000
•DNV, Ship Connectivity, April 2015
•ASTM, Best Standard Practice/Guide for Cyber Security, for Cyber Attack Mitigation for Marine and Mariner Use (2017 Proposed)
•ENISA, Methodologies for the identification of Critical Information Infrastructure assets and services, December 2014
•United States Coast Guard, Cyber Strategy, June 2015
•DHS, Automated Indicator Sharing Initiative
•USCG, Cyber Risks in the Marine Transportation System
•DNV, Integrated Software Dependent Systems (ISDS)
•IMO, Interim Guidelines on Maritime Cyber Risk Management
•ESC Global Security, Maritime Cyber Security White Paper
•Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies, DHS, October 2009