Ports prepare for cyber-storms, too
Critical infrastructure, like ports, face growing threats - both physical and cybernetic. In response, EU-funded researchers have developed novel 'hybrid' situation-awareness tools, including visualisation techniques for detecting, preventing, and mitigating the impacts of potential attacks.
© Sychugina Elena #59958005, 2019 source: stock.adobe.com
With global maritime trade of around 10.3 billion tonnes and some 23.6 million passengers annually, ports are clearly vital to trade and mobility in Europe. They rely on split-second timing and critical systems to run smoothly 24/7.
When things go wrong, the consequences can be dire for shipping operators, passengers, traders and the ports themselves. As more and more logistics, data and planning takes place on line, the risks of attack have grown to include cyber-threats and combined physical and digital attacks.
‘Critical infrastructures like ports have advanced security mechanisms to protect them from both physical and cybernetic threats, but these systems are usually stand-alone with different people in charge,’ explains Rafael Company, R&D Manager of Fundación Valenciaport, Spain. ‘This means it’s hard to detect attacks of a combined nature, as warnings in one domain can be the first step of a sophisticated attack in the other.’
The EU-funded SAURON project he coordinates is developing tools to help port operators protect physical and digital infrastructure, as well as passengers, staff, workers and neighbouring communities. The work combines advanced holistic techniques, such as cyber-3D models and highly intuitive user interfaces, in threat prevention, detection and mitigation.
Last year’s WannaCry ransom-ware attack is a case in point. It affected more than 150 countries and shut down operations in some commercial ports, resulting in big losses. And shipping giant A.P. Moller-Maersk’s terminal operations were hit by a worldwide Petya cyber-attack.
The juggle struggle
Ports, as key logistics hubs, are exposed to multiple threats. Security departments struggle to juggle multiple sources of threats to cargo, passengers and infrastructure, and digital assets, such as servers, networks, and data.
The challenge facing port security services is to stop attacks, but not impede the flow of cargo or passengers unnecessarily. That balance has been helped by advanced detection and sensor technology, but with that has come more data, more screens, and generally more complex situation-awareness scenarios.
The Hybrid Situation Awareness (HSA) tools being developed by SAURON will integrate and analyse incoming data from CCTVs, fire alarms, intrusion detection systems and other sensors in real time and process it all using machine-learning and game theory techniques.
The HSA’s user-friendly visualisation tools will then help operators determine the threat, clearly showing combined and potential cascading effects from which critical, life-saving decisions affecting physical and digital infrastructure as well as people in and around the port can be made. The net result is safer, more resilient facilities capable of keeping cargo and people flowing smoothly in and out of Europe’s ports.
More information about the HSA system is presented in a new publication ‘Hybrid architecture for securing critical maritime infrastructures’. The SAURON team has also been presenting its work to ports to show its potential and gather feedback from them as eventual end-users.