Objectives of the service
The digital revolution also impacts the shipping industry by integrating automated navigation, cargo-tracking systems and digital platforms which facilitate operations, trade and the exchange of data. To achieve this transformation, the mitigation of cybersecurity risks is critical.
There are vulnerabilities in many existing maritime communication and positionning/navigation systems. In particular, the Global Navigation and Positioning System (GNSS) provided by multiple satellite constellations has been the subject of spoofing and jamming attacks that led to a partial or total loss of the ability to locate the ship. Such a failure can be disastrous if the ship is, for example, navigating narrow straits or near the shore. Another critical piece of equipment on board is the Automatic Identification System (AIS). Ships have used multiple techniques to tamper with AIS data and entered zones from which they are legally excluded, for fishing or performing other illegal activities.
Both GNSS and AIS collect signals from satellites and are regarded as critical to improve the safety of maritime navigation and the reliability of data for downstream services. Using its family of secured servers and its experience in satellite communications, CYSEC SA will lead a feasibility study to investigate the mitigation of security risks for both GNSS and Satellite-AIS (SAT-AIS) communications.
Users and their needs
S-AIS data providers collect, process, and sell services around AIS data. Their clients need to be able to trust the data they receive from S-AIS providers. They have an interest in ensuring the entire S-AIS value chain can be trusted
Ship Operators leverage GNSS / AIS data for managing their fleets and many critical operations onboard a ship depend on this data. When it become compromised, so does the operability of the ship. As ship operators want to avoid ship downtime, such a solution could be of interest to them
End-Users of such data include insurances, commodity traders, oil&gas and many others. As they leverage this data to run their business, they need to be able to trust the data they receive.
Service/ system concept
1. GNSS signal secure validation: Our service aims at providing reliable positioning, velocity and time information by validating raw GNSS information and returning an alarm or error code if any threats or errors are detected. This provides value to Ship operators, their crews and ships’ IT systems, GNSS receiver and chip providers. The solution enables these stakeholders to validate GNSS signals, adding a layer of trust to existing solutions that is critical to navigating and operating, with attacks being frequent in the maritime sector. The service will be delivered either as a complete GNSS receiver, installed on a ship, with interfaces with the GNSS antennas and the ship IT system, or as an add-on to a GNSS receiver. This way receivers will gain in reliability and ship crews can trust the data they receive, while the impact on existing ship IT architecture will be limited.
Space Added Value
Cybersecurity is a very important topic for ESA, not only to protect their own infrastructure and missions, but also regarding all the services using satellite-based data. Ship tracking is one of them and cybersecurity is a complex issue that needs to be addressed.
To achieve this, CYSEC leverages its secure execution environment “ARCA”. ARCA leverages state-of-the-art hardware and software components to securely host and store critical data and applications. This general-purpose security platform enables the secure execution of critical applications like those collecting, processing, storing, and distributing GNSS/AIS data. The long-term vision is to establish a secure execution environment along all parts of the value-chain, including on satellites.
After project kick-off in March 2020, we began to consolidate our understanding of the maritime user and industry community, their needs, as well as the business and technical requirements surrounding solutions to secure maritime applications. Throughout this phase, we relied heavily on valuable input from industry, user and stakeholder representatives. To this point, we have conducted over 15 interviews and scheduled many more. Furthermore, we are dedicating time to diving deeper into the literature. These insights will allow us to develop a solution that is aligned with market needs.