Sensor Ships: Managing Big Data Generated in the Maritime World
Vanessa DiDomenico, Sharon Klein, Karen Shin March 30, 2022 https://www.jdsupra.com/legalnews/sensor-ships-managing-big-data-1519797/
Big data is not a “trend” or fad; big data is a concept of gathering, deciphering, and analyzing massive quantities of information to ultimately reveal patterns and associations, and it’s here to stay. Companies have proven how useful it can be to interpret performance trends to expose areas of vulnerability or underperformance within a company. Big data can be used to make strategic decisions within a company’s operating profile. In particular, the maritime industry is using big data to revolutionize the way engine performance and maintenance is carried out aboard vessels. Understanding how to effectively capture data—and the risks involved—will enable users to apply big data in ways never considered before.
The Value of Big Data
The maritime industry has progressed at a moderately stable speed with various innovations to proven mechanical systems, such as energy reducing pumps and updated models of equipment; however, compared to other industries it is decades behind digitally. To capitalize on the benefits of big-data technology, maritime companies must define the goals they will achieve, such as reducing fuel consumption. By clearly defining a goal, systems can be constructed to deliver the required data points.
Once the goals are defined, sensors and instruments can be installed onboard to capture new data points that, when spliced with existing readings already extracted from the vessel’s automation, such as weather patterns and engine load signals, create interconnected data ecosystems that can be used to examine performance.
This combined data set is sent to an onboard personal logic controller (plc) and downloaded in a readable format to an onboard server, where it can be uploaded at four-to-five second frequencies to a cloud server via the vessels’ satellite at sea or LAN connection in port. The data is then downloaded from the cloud to the designated monitoring center, where programs will scrub the data and further process it by using algorithms.
After collecting and processing the data, it can be shown on a platform or user-friendly dashboard designed to match the company’s needs. Viewing multiple layers of information on one screen is one of the many appealing factors encouraging companies to invest in big data. Analysis of the data generated onboard can guide crew operation and assist in identifying abnormal states of energy efficiency or trim optimization and can enable the company to make informed decisions with planned maintenance or hull fouling treatment. Different departments within the same organization can examine and extract information specific to their needs. For example, environmental departments can use the dashboard fed with big data in real time to understand the vessel’s location, fuel type, and engine usage all together to ensure compliance within certain emission control areas that may require the use of low sulphur fuel. Marketing departments can compare costs of adding additional ports by understanding vessel performance. Technical departments can filter data to see engine measurements after an overhaul or dry docking and view monthly and yearly reports to better plan fuel and spare-part budgets. Maritime companies can tailor the platforms toward their specific needs; they can start small by compiling data from past voyages and move into real time continuous-based monitoring and even predictive analytics. Furthermore, engine manufacturers can enter into data sharing agreements to partner with vessel owners to share in research and development. Partnerships with manufacturers can also help to offset some of the upfront costs of developing the system and installing the required sensors.
Other companies are using tools onboard to gather and share metrics with outside organizations. For example, Maersk, as part of its Environmental, Sustainability, and Governance (commonly referred to as “ESG”) plan, is sharing ocean-weather-observation data generated onboard its vessels with the National Meteorological Service of Germany. Maersk announced that it will collect and share ocean-weather observations for climate science and various inputs for weather forecasts. (See Maersk Vessels Live Feed Meteorologists around the Globe with Weather Data.) The ever-growing pool of data generated onboard vessels may serve to cross-pollinate ideas and generate new solutions to industry and global challenges.
Cyber Risks and Concerns
Big data has many advantages that may offset various risks, but with enormous amounts of data being sent, there are increased concerns from industry. There are no clear channel markers or buoys set up in the cyber world. Navigating through complex security concerns and privacy issues are hazards associated with the gathering, transmittal, and usage of the data. Maritime transportation companies are concerned with firewall protections to ensure that hackers cannot access their automated systems to gain control or take over a vessel at sea. Vessel owners are also concerned about the storage of this data and the access of other competitors to the sensitive operating measurements. There are also concerns about costs in relation to pilot programs, installation, data transmission through satellites, and continuous monitoring.
Officers onboard also have raised their own concerns as it relates to the daily vessel operations. Captains and chief engineers are already consumed with tasks to ensure safe day-to-day operations, and crew members are concerned that additional work is created by the new sensors, and if the system goes offline, it can jeopardize other work priorities. These concerns are well-founded—in 2017, an ocean container carrier fell victim to a ransomware attack destroying all end-user devices, including 49,000 laptops and print capability, making 1,200 applications inaccessible and destroying approximately 1,000 more and destroying around 3,500 of its 6,200 servers, costing the company between $250 million and $300 million; again in 2017, the GPS systems of 20 ships sailing in the Black Sea were altered in such a way that the position displayed on the GPS device of the ships did not match the actual position; in 2019, a spoofing incident caused the transponders on multiple ships in the port of Shanghai to show various erroneous positions that formed odd ring-like patterns.
Cybersecurity Policy Measures
With the rise in cybersecurity attacks on the supply chain, there has been a heightened focus on incident response procedures and security standards. For instance, the United States, using the purchasing power of the government through President Biden’s Executive Order on Improving the Nation’s Cybersecurity, has attempted to strengthen its cybersecurity practices by requiring government-information-technology-service providers to notify the government agencies with which they contract of cyber incidents and establishing new cybersecurity standards through amendments to the Federal Acquisition Regulation (“FAR”) and the Defense Federal Acquisition Regulation Supplement (“DFARS”).[1] President Biden also issued the Executive Order on Protecting Americans’ Sensitive Data from Foreign Adversaries, which requires the U.S. Department of Commerce to evaluate transactions involving connected software applications that may pose an unacceptable risk to U.S. information and communications technology, critical infrastructure, the digital economy, or national security, and to take appropriate action based on its evaluation.[2] On January 24, 2022, the Port of Los Angeles debuted its Cyber Resilience Center (“CRC”), a cyber-defense solution created to improve the cybersecurity readiness of the Port by enabling participating stakeholders to automatically share cyber-threat indicators and potential defensive measures with each other.
Sailing Ahead: Maritime Cybersecurity Awareness
Maritime transportation companies should pay close attention to and monitor developments in the privacy and security landscape to ensure that they and their service providers, who provide sensors and automation programs, are compliant with the applicable security standards to not only protect data, but also protect the vessel’s enterprise systems that receive inputs from sensors and automation programs. Cybersecurity in the maritime industry is especially problematic with ocean transits exposing the vessel’s systems to a higher number of unknown networks and across international lines and with usually outdated legacy hardware on board (as vessels are designed and built to last for decades). Thus, it will be important for vessel operators to make strategic security investments in implementing incident monitoring and response software and other appropriate security controls, making continued updates, timely installing patches to the technology on board, and training crew on cybersecurity (especially during crew turnover at various points on a voyage).
There are also misunderstood motives behind the big-data push in the maritime world. Companies are reluctant to share data that may expose legal liabilities to regulators or provide a competitive advantage to other market participants. However, the EU, for instance, unveiled new proposed rules on February 23, 2022, to make it easier for the sharing and transferring of non-personal data (i.e., data that does not contain any information that can or does identify an individual). The European Commission’s Data Act, among other things, includes measures to allow users of connected devices to gain access to data generated by them and to share such data with third parties to provide aftermarket or other data-driven innovative services, and clarifies that databases containing data from Internet-of-Things (“IoT”) devices and objects are not subject to separate legal protection, thereby allowing end users to more easily access data generated by IoT devices.
Nevertheless, companies should evaluate any cybersecurity vulnerabilities and perform due diligence on the service providers that provide sensors and automation programs for the reasons described above. Maritime transportation companies should also ensure that they (and not their service providers) own the data being collected via sensors and automation programs for intellectual property purposes, so that the service provider cannot freely use the data for its own purposes or to monetize outside of performing its obligations under the agreement with the company. Additionally, some officers and crew members may view continuous monitoring as a “big brother” watching over from the office critiquing every decision made at sea. However, vessel operators can address the misconceptions behind data measuring by explaining the benefits of improving performance and providing more in-depth trends to those serving afloat, including reducing paperwork and presenting helpful data onboard to assist in decision making and maintenance.
Final Thoughts and Opportunities
In conclusion, big data may prove incredibly useful to maritime companies if specific goals are created, data is captured correctly, appropriate cybersecurity and data protection safeguards are implemented, and utilization is optimized. Data privacy concerns should be addressed from the industry as a whole to seek assistance from policy makers and regulatory bodies. Employing big data within the maritime industry can create new jobs and opportunities for technology companies to market to the world fleet, generating tremendous opportunities for companies to revolutionize and propel the industry forward.
Data storage costs and concerns with transmission should not stop the industry from advancing and should not deter innovation. Big data will not only allow companies more insight into their current assets, it may also open doors to new companies, greater research, visibility within the supply chain, and collaboration. The data generated onboard vessels may also assist informed decision making onboard and ashore while also providing necessary aid to support decarbonization and autonomous shipping.
[1] Exec. Order No. 14028 86 C.F.R. 26633 (2021).
[2] Exec. Order No. 14034 86 C.F.R. 31423 (2021).