Fake News - Ships Nostalgia
04:15

Welcome
Welcome!Welcome to Ships Nostalgia, the world's greatest online community for people worldwide with an interest in ships and shipping. Whether you are crew, ex-crew, ship enthusiasts or cruisers, this is the forum for you. And what's more, it's completely FREE.

Click here to go to the forums home page and find out more.
Click here to join.
Log in
User Name Password

Fake News

User Tag List

Reply
 
Thread Tools
  #1  
Old 9th June 2018, 14:32
callpor callpor is offline   SN Supporter
Senior Member
Organisation: Merchant Navy
Department: Deck
Active: 1962 - Present
 
Join Date: Jan 2007
My location
Posts: 768
Fake News

Yesterday the BBC published the following report at https://www.bbc.co.uk/news/technology-44397872 . It was repeated later in the day by multiple news channels.

It is worth reading the detail. Being a simple sailor, would appreciate comments from SN experts who have greater knowledge of this subject than I do. I think it warrants the title of "fake news"?

All my recent experience making short (3-8 day) voyages on a wide variety of vessels brings me to the following conclusion.

Technically total rubbish. I am very surprised that the BBC published this total cr-p before checking the technical veracity.

The only statement that was correct is “(cyber) security on board ships is often dire”.... but it is getting better by the day.

ECDIS (the Electronic Chart Display Information System) which is now the mandated primary navigation system on most vessels, providing that they are equipped with two totally independent systems with separate power supplies. ECDIS has no connection with any form of communication to/from the .vessel. The e-charts (ENC’s) are updated using dedicated memory sticks that are encrypted and generally the connection is locked. Up dates, of course are downloaded onto a dedicated computer linked to the satcom systems. Any corrupted feed would be instantly identified when the download memory stick is inserted into the ECDIS equipment.

ECDIS does not feed the AIS! The AIS information can be fed to the ECDIS display, if desired. It is standard navigational practice not to rely on AIS imput to ECDIS for collision avoidance. Collision Avoidance is electronically managed on another separate function within the ship’s radar, called ARPA (Automatic Radar Plotting Aid) for details see https://en.wikipedia.org/wiki/Automa...r_plotting_aid .

The people at the University of Plymouth's Maritime Cyber Threats research group, were being kind to Mr Munro and his lack of competence to comment on this subject. He and his company Pen Test Partners clearly know very little about the electronic and communications systems onboard most seagoing vessels and even less about the cyber security measures that are built into the kit. It is very robust and most unlikely to be penetrated as he states. Munro’s suggestion that the vulnerability could be exploited to block the English Channel, is absolute rubbish and just shows his ignorance. He’s just trying to get a headline, and the BBC in their ignorance gave him one.

Unfortunately too many ill-informed IT technical people are getting involved in maritime digital developments, particularly employed by equipment manufacturers who lobby IMO the global regulatory body. It is happening at the moment in respect to autonomous ships? Many of the current proposals being submitted to IMO for consideration display the ignorance of these people to how vessels operate and the conditions they inevitably experience over long voyages.

Captain Chris Allport, FNI
Reply With Quote
  #2  
Old 9th June 2018, 15:06
James_C's Avatar
James_C James_C is offline   SN Supporter
Malim Sahib Moderator
Organisation: Merchant Navy
Department: Navigation
 
Join Date: Feb 2005
My location
Posts: 8,553
There are plenty of ships out there where standard memory sticks are in use rather than anything encrypted - less faff factor involved.
Some bridge equipment manufacturers have their AIS setup as part of the Radar fit, i.e. you have to use the radar screen/PC to setup AIS - SAM of Hamburg being an example. On passenger ships in particular it is not unknown for these systems to be directly linked to a satellite for the purposes of monitoring/random downloads by those ashore in head office.
Saying all that, there are still plenty of ships out there also where they have an ECDIS fitted (to meet the regs) and where the primary means of navigation is still by paper chart. In some cases this is on grounds of cost but in others it's because there is a reluctance to dispense with paper charts, this being partly to ensure there's a backup available but also to ensure some form of navigational skills are retained - my current and previous two employers certainly fit in that bracket.
__________________
Regards,

Jim
Reply With Quote
  #3  
Old 9th June 2018, 19:16
Farmer John's Avatar
Farmer John Farmer John is offline  
Senior Member
Organisation: Merchant Navy
Department: Navigation
 
Join Date: Feb 2012
Posts: 3,856
In my experience, any technical matter that is reported in the press that refers to an area of your expertise is reported as if by Gnomes with a poor grasp of any terrestrial language. Nouns used as verbs, quantities being completely mis-applied and such sorts of problems.

Should I post this under the grumpy label?
__________________
"The kitten and the snail got off the bus!"
Reply With Quote
  #4  
Old 9th June 2018, 20:02
Mad Landsman's Avatar
Mad Landsman Mad Landsman is offline  
Senior Member
 
Join Date: Dec 2005
Posts: 6,384
Just wait until the Daily Wail gets the story - They are experts at being non-experts. Just pick out the hype and print it without checking, using inappropriate CAPITAL letters to maximise click bait.
__________________
Malcolm.
Reply With Quote
  #5  
Old 10th June 2018, 12:08
Bill.B Bill.B is offline  
Senior Member
Organisation: Merchant Navy
Department: Radio Officer
Active: 1970 - 1985
 
Join Date: Oct 2013
Posts: 619
Whilst I see many ships that have only a feed from the AIS to the ECDIS there are a lot that have two way communication from the ECDIS to the AIS. SAM were the first I saw where the AIS was part of the radar and the AIS had no separate control head. A few ships I see to have a dedicated USB stick for ECDIS updates while others go the Chartco, Navtor direct download via satcom/VSAT. There is always the possibility a virus can be introduced via shore service and my company has strict policies on that. That goes for radars/chart radars as well.
Reply With Quote
  #6  
Old 10th June 2018, 14:34
callpor callpor is offline   SN Supporter
Senior Member
Organisation: Merchant Navy
Department: Deck
Active: 1962 - Present
 
Join Date: Jan 2007
My location
Posts: 768
Quote:
Originally Posted by Bill.B View Post
Whilst I see many ships that have only a feed from the AIS to the ECDIS there are a lot that have two way communication from the ECDIS to the AIS. SAM were the first I saw where the AIS was part of the radar and the AIS had no separate control head. A few ships I see to have a dedicated USB stick for ECDIS updates while others go the Chartco, Navtor direct download via satcom/VSAT. There is always the possibility a virus can be introduced via shore service and my company has strict policies on that. That goes for radars/chart radars as well.
Bill B; I've made many short voyages on modern vessels over the past several years all of which have been fitted with ECDIS, some of them being type approved installations and most use Chartco/Jepsens for ENC's. Not one has had a direct feed connection for Satcom downloads, all use a memory stick transferring via a dedicated bridge PC, which maintains the chart and nautical publications inventory. This PC is connected to the Satcoms. Brgds, Chris
Reply With Quote
  #7  
Old 10th June 2018, 14:40
callpor callpor is offline   SN Supporter
Senior Member
Organisation: Merchant Navy
Department: Deck
Active: 1962 - Present
 
Join Date: Jan 2007
My location
Posts: 768
Quote:
Originally Posted by James_C View Post
There are plenty of ships out there where standard memory sticks are in use rather than anything encrypted - less faff factor involved.
Some bridge equipment manufacturers have their AIS setup as part of the Radar fit, i.e. you have to use the radar screen/PC to setup AIS - SAM of Hamburg being an example. On passenger ships in particular it is not unknown for these systems to be directly linked to a satellite for the purposes of monitoring/random downloads by those ashore in head office.
Saying all that, there are still plenty of ships out there also where they have an ECDIS fitted (to meet the regs) and where the primary means of navigation is still by paper chart. In some cases this is on grounds of cost but in others it's because there is a reluctance to dispense with paper charts, this being partly to ensure there's a backup available but also to ensure some form of navigational skills are retained - my current and previous two employers certainly fit in that bracket.
Jim,
I wish all the ships I ride for check voyages had some paper charts, as I get lost on ECDIS! The latest trend I have found on vessels with IMO type approved twin ECDIS installations is to have a dedicated laptop loaded with a global set of ENC's as their "get me home" backup. Chris
Reply With Quote
  #8  
Old 10th June 2018, 17:26
Bill.B Bill.B is offline  
Senior Member
Organisation: Merchant Navy
Department: Radio Officer
Active: 1970 - 1985
 
Join Date: Oct 2013
Posts: 619
I was speaking from experience Callpor. I work about 3-4 ships a week and see a lot. I agree with you that ECDIS has a lot of drawbacks. The screen size always seems too small no matter how much you zoom in or out. A paper chart is much easier for me to deal with. Most night time screens I have seen are horrible and if they have all the marks on is just a mess of symbols. Add AIS targets and radar overlay the screen fills up pretty quickly. At least the latest IMO requirement has helped alleviate the cocophany of alarms ECDIS generates. I am fully aware of the benefits of ECDIS for enabling the second mate time to do other things. Route planning and updates are a great improvement. I am hearing from a lot of seafarers that they still like to have access to paper charts but we see quite a few paperless vessels. Have also had a couple that came in with both systems out.
Navtor system comes through the SAT/VSAT and depending on ECDIS via a gateway. Transas being one that uses a gateway. However as we have seen if someone invented it someone can hack it. In a Transas system the operator can, using the ECDIS keyboard, select his route, make up a file of that route send it straight from the ECDIS to Transas and get back in a very short time the necessary permits to open up that route, providing they are in credit, so there is a path both out to land and in from land to the ECDIS which can be exploited. From experience I have found bridge computers to be very dirty machines. On one ship I found 800+ infections of a virus called "FUjack" on the satcom connected bridge PC. When they tried to use it the PC made a raspberry sound and the DVD drawer shot out. The masters laptop had over 400 infections. Crews will bring onboard pirated videos and music plus work programs and all have the capability to carry infections. The above mentioned vessel could not clean up their system using a major Antivirus brand. I had to find a little known brand of antivirus software that the virus did not recognize to clean the drives and start over again.
After an ECDIS installation I always advise to use email and USB to update charts but invariably am asked if there is a simpler way using direct connection automatically.
Reply With Quote
  #9  
Old 11th June 2018, 16:12
callpor callpor is offline   SN Supporter
Senior Member
Organisation: Merchant Navy
Department: Deck
Active: 1962 - Present
 
Join Date: Jan 2007
My location
Posts: 768
Quote:
Originally Posted by Bill.B View Post
I was speaking from experience Callpor. I work about 3-4 ships a week and see a lot. I agree with you that ECDIS has a lot of drawbacks. The screen size always seems too small no matter how much you zoom in or out. A paper chart is much easier for me to deal with. Most night time screens I have seen are horrible and if they have all the marks on is just a mess of symbols. Add AIS targets and radar overlay the screen fills up pretty quickly. At least the latest IMO requirement has helped alleviate the cocophany of alarms ECDIS generates. I am fully aware of the benefits of ECDIS for enabling the second mate time to do other things. Route planning and updates are a great improvement. I am hearing from a lot of seafarers that they still like to have access to paper charts but we see quite a few paperless vessels. Have also had a couple that came in with both systems out.
Navtor system comes through the SAT/VSAT and depending on ECDIS via a gateway. Transas being one that uses a gateway. However as we have seen if someone invented it someone can hack it. In a Transas system the operator can, using the ECDIS keyboard, select his route, make up a file of that route send it straight from the ECDIS to Transas and get back in a very short time the necessary permits to open up that route, providing they are in credit, so there is a path both out to land and in from land to the ECDIS which can be exploited. From experience I have found bridge computers to be very dirty machines. On one ship I found 800+ infections of a virus called "FUjack" on the satcom connected bridge PC. When they tried to use it the PC made a raspberry sound and the DVD drawer shot out. The masters laptop had over 400 infections. Crews will bring onboard pirated videos and music plus work programs and all have the capability to carry infections. The above mentioned vessel could not clean up their system using a major Antivirus brand. I had to find a little known brand of antivirus software that the virus did not recognize to clean the drives and start over again.
After an ECDIS installation I always advise to use email and USB to update charts but invariably am asked if there is a simpler way using direct connection automatically.
Bill, You obviously have a lot more experience with this kit than me and can respond to the BBC article more appropriately? The dual Transas ECDIS on the last ship I rode last month were new and ENC permits were inserted using a USB memory stick. Recognising that the "dedicated" bridge computer linked to the Satcom for nav. publications, chart inventory and ENC permits was the weak link I checked the cyber protection. From delivery the Master had introduced a rigorous system of password protection which appeared to be respected by the OOW's, but as you say, this box is open to abuse and will probably not remain virus free for long, but due to abuse by those onboard. The likelyhood of a hack through the satcom is unlikely?
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off




Support SN


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.