An abridged version of a speech given by Frank Coles, CEO of Transas, to the UAE Maritime Leaders Seminar in Dubai.
As we discuss the oncoming advent of smart shipping, we seem to concentrate on the technologies and possibilities to our operations.
There is one key factor that is crucial for all of this to occur. The connectivity. It is it obvious that we assume that connectivity has improved to make this possible? Today I will consider what has improved and what is left to be done.
If the connectivity has improved this should logically improve the life of the seafarer, and therefore I want to also examine the human factor in smart shipping but more importantly the human factor when considering connectivity and operations.
From my perspective, when considering connectivity, it is hard to see a fundamental technological improvement. Indeed, in one area things have become critical. There is one area though where things are better and are only going to get better. Price.
It used to be that in a simple way, you could have two out of the three choices of good, fast and cheap service. If you wanted a good service that was fast, it would not be cheap. In the same vein, if you wanted a fast and cheap service it would not be very good quality. Or a cheap and good service would not be very fast. This has changed because of the increased competition and increased capacity in the industry.
With Inmarsat getting into the VSAT market and the large FSS operators determined to break into maritime, prices are under pressure. Also, the large distributors like Marlink and Speedcast are determined to present a diverse choice of providers for the user. This will also lead to more choice and more competition.
The recent Euroconsult report on HTS capacity showed that there is forecast to be three times more capacity by 2020 than is available currently. In 2020 there is going to be 3,000 gbps available, up from less than 700 gbps today. Demand is not set to grow to more than 1,000 gbps. Despite some suggestions that this capacity is not focused on maritime, much of it is, and maritime does not demand as much capacity anyway. Shipowners also know only to well about the demand and supply curve and more importantly the impact of over supply. Only this time the shipowners will get to enjoy the situation.
However, despite the price pressure is going to improve matters we have some way to go before shipping gets to enjoy the same prices as other transport areas. Currently, owners and crew pay significantly more than aviation. A customer on an Emirates flight is paying $2 per 1GB. This is pay as you go based on actual usage. Yet maritime users are paying anywhere from 40 times more to five times more, provided they commit to paying anywhere from $3,200 to $1,500 per month. This assumes an average of 40GB for the month. So with more satellites to come and additional capacity and a clear opportunity for price reductions for maritime, smart shipping and owners are going to benefit.
If the pricing is good news for improved connectivity, the risk of cyber security breaches is not good news. The threat of cyber issues suggests, in fact, we do not have improved connectivity. We have increased connectivity, but there is more at risk.
The operator or human represents the largest threat. By nature, humans are gullible and prepared to take risks, we can be lazy or tired, and that’s when mistakes will be made. Something we hear about all to often when we think about the crew on board ship.
The ‘cyber missile’ that presents itself as being most threatening is the thumb drive. Putting the thumb drive into an active USB port represents a significant risk. Nothing really new here, but the essence of cybersecurity is smart information technology system, process and procedures. We have standardisation and regulatory controls for the ships systems, and this needs to include connectivity. We should not allow such a wide open risk to exist.
Everything on the ship is connected to its position, even more so with the discussion about smart operations. The position of the ship is also important to communications; the antenna uses positional data to find the right satellite.
I don’t want to dwell on GPS, but I do want to discuss AIS. Automatic Identification System. When I think of AIS in terms of cyber security, I think of Attack, Infiltrate and Spoof.
Our industry has seemed to have a complete blind spot to AIS. This is a system that has regulatory controls for its design, the IMO and IEC require compliance for its design and manufacture. However, this is only good insofar as it was designed to be used. It is easy to hack; it is open to spoofing, open to hijacking and open to service disruption. This anti-collision device and identification device is a window into world maritime trade. There is a plethora of services being offered on the back of AIS data, and while this seems great, the inherent cyber weakness provides the potential for large economic and environmental damage to arise. It is quite possible to move a ship, hide a ship, add buoys or objects and create false tracks of ships. What if you spoofed a ship showing it staying on track while all the while it had been hijacked, or driven onto the rocks?
Having mentioned AIS, I would like to refer to the ships navigation system and look at the ECDIS. The architecture of a connected ECDIS requires a VPN, two firewalls and user authentications to ensure the security of the ECDIS and the multi-functional displays on the bridge. The cyber security is well established.
It is controlled through regulation, compliance and strict certification on a global industrial basis by the IMO and IEC. All manufacturers have to comply with the same standards. The costs of compliance for making equipment changes or connection changes are over $100,000 per incident. Just changing the router or connection box in the connected ECDIS requires a new certification process.
The connectivity of the smart ship is not subject to this type of industry compliance and control. There is no standard for the teleport, the satellite, the antenna and the communications rack on board. There are international maritime standards for GMDSS or AIS, but for the smart shipping, connection nothing exists. This means the cyber security risk is left to each satellite operator, each service provider and each hardware provider. If we are to have an accepted level of cyber security for the connected ship and the smart ship and even move to a remotely operated ship, this will have to change.
So the move towards the remote or unmanned and smart ships will require the fidelity of the connection, the robustness of the positional data and compliant equipment to IMO/IEC standards yet to be put in place. We are not there yet and not even close. GMDSS equipment and service has to comply with an IMO/IEC regulatory compliance, but this does not exist for the various VSAT services or FBB or FX or Iridium equipment, teleports or associated hubs and routers.
It is crucial that for smart shipping we need standardised, regulated equipment across the board. We cannot afford to have weak links in this chain; all components should be subject to regulatory compliance.
And now to the human factor.
We speak of unmanned ships at the same time as the industry continues with paper charts and paper log books. This even while they have electronic charts and electronic log books on board but not accepted or required within the company.
The human on board is loaded with more and more regulations, administrative tasks, technology all with little clarity on how this is supposed to help the human to operate with the technology. We add technology without lightening the load of the tasks. We add technology without considering how it impacts those that must use it. This is at the core of the reluctance to adopt the technology into the decision-making process.
Smart shipping needs to involve removing the drudgery from the bridge and engine room, passing this to the shore and allowing the human to focus on the key critical issues. However, when this happens, we will then have to be careful to ensure training is enhanced and focused. Otherwise when an incident occurs the human will not be able to react appropriately. Turning the human into a technology game watcher, will result in boredom and then mistakes and then environmental and other incidents.
Improved connectivity will allow for better off-duty conditions for the crew on a ship, but that worries some that the crew won’t sleep or rest. They think the crew will simply watch movies and play on the web all the time. My thoughts are, while you treat people like children they will continue to act like children.
In summary, better, faster, cheaper communications are available. Aviation has it, so shipping needs to demand it, but first, they need to understand the use of it. They need to appreciate the benefits and value of it. Even then cyber security needs to address at a regulatory and industry-wide level.
Without this, we have simply moved the barrier from price to security. All of this is requires an attitude change, a mindset and approach to modern day transportation. It requires an understanding of the technology benefits but crucially the interface between man and machine.