Transas has called for the International Maritime Organisation (IMO) to set standards of compliance for the communication connections between ship and shore or else create a significant cyber security risk.
Cybersecurity is without a doubt a highly-debated topic in the maritime industry; compared to the highly regulated ship equipment environment, the connectivity environment is relatively uncontrolled in terms of maritime certification and compliance.
Frank Coles, CEO of Transas, said: “The connected ship is like a long chain, with each piece linking to the next and at every point there is the opportunity for a failure. It can be hardware or software or both and it can be a cyber virus penetration or simply a denial of service, either of which can cause damage,
“Before we get to unmanned ship discussions, we should recognise that although connectivity is not new, what is new is the connection in smart shipping. There are international maritime standards for GMDSS or AIS, but for the big data nothing exists. This means the cyber security risk is left to each satellite operator, each service provider and each hardware manufacturer.”
With the current growing demand and use of the Fleet Operations Centres ashore, operating alongside the Vessel Monitoring Services of the various government bodies, the security of connectivity is going to be very important, and the industry is going to need contingency plans in the event that the link is broken.
Coles, said: “This is where the human will become important, both on board and in the monitoring centres, as they will be able to communicate with each other and maintain a safe environment,
“It is time for the IMO to apply the same standards of compliance used for GMDSS, ECDIS and other bridge equipment to the standard communication networks and equipment. If these networks and the associated equipment is going to be used for operational, remote management and technical decision, it must be cyber secure and compliant with a global set of international maritime standards. Until then we will have a cyber risk associated with a non-standard approach to connectivity.”