Interview

“We Are Doing Too Little with the Data We Collect!”

Interview with Andrea Grün, Senior Principal Engineer for electrical systems and automation at DNV GL

What would happen if there were a chance to deeply access the engine room level – even from afar? Completely new challenges for approvals and certification of components and systems have arisen for international classifying agencies because of this scenario. Agencies, like the Norwegian-German DNV GL, must factor cybersecurity for operational safety on board ships into their certifications. As Andrea Grün, Senior Principal Engineer for Electrical Systems and Automation DNV GL in Hamburg explains, remote access is the primary cause for concern.

In mechanical engineering, remote connections for remote maintenance, system optimization or streamlined maintenance cannot be wished away. From the standpoint of a classification agency, what do you consider important in network connections from ship to land?

Grün: System manufacturers want to equip their systems with remote access because this eases maintenance and service. We have established corresponding guidelines for such tasks. We have considered, for example, that there should be no updates while a ship is underway. We are not the police; however, we do prohibit access from land to the systems when the ship is at sea.

Why? In factory automation, optimization occurs during production.

Grün: We simply cannot accept the risk. That is, the risk of setting systems to undefined states because the data have been incorrectly or incompletely transmitted. Imagine that this happens on the high seas beyond sight of land. There aren't any service technicians who can reach you. These types of activities belong in harbors, and not on the international shipping lanes. Therefore, we have also determined that systems must be capable of returning to the old software status after an update. Regulating remote access thus provides operational safety, from our point of view, and guiding these initiatives is essentially why classification agencies like DNV GL exist.

How would this type of remote access, which conforms to regulation, look aboard a ship?

Grün: As I mentioned, connections are only permissible in harbors. As soon as the work is completed, the crew must verify that everything is in order and resume control of their ship – that is, sever the connection. There are clearly controlled hand-off and acceptance procedures.

»

It's about control, or, more accurately, the loss of control, however you want to look at it.

«

Andrea Grün, DNV GL

How does the crew deal with this type of remote access?

Grün: Frankly, most crews are not really happy about this technology, but then, they were not pleased about the introduction of ship data recorders, VDRs, either.

What is the crew afraid of?

Grün: It's about control, or, more accurately, the loss of control, however you want to look at it. There are shipping companies that want remote access in order to maintain control during the ship's travel via network. It's one thing to read data, it's quite another to engage with the controls.

How can a classification agency anticipate what is planned with remote access?

Grün: During certification, we always ask about specific topics. Let's take an alarm system as an example, which now has diverse functions as an integrated automation-, alarm-, monitoring- and control system, and is extremely powerful. These systems can just as easily control as monitor, and they are connected to the entire automation network. During the approval process, we are given descriptions of these systems that list all of the functions. If we come across the designation “remote access” in the documentation, we investigate further with the company. In general, we then request further specifications and ask them to demonstrate why the function is necessary.

The DNV GL is headquartered in the German harbor city of Hamburg.

What answers do you get?

Grün: That depends completely on who answers the question. Shipping companies use remote access to call up travel, consumption or cargo data, for example, to optimize their logistics chain. Machine manufacturers or system designers require remote access to diagnose their subsystems, which also includes service.

Are these the type of answers you can live with?

Grün: It is what it is. Even if we consider remote access to be just as critical to the crew’s safety on board as it is to IT security, we must also accept the fact that there are also inherently positive aspects of the technology. The systems aboard ships are becoming more complex – this trend can be compared with the automotive industry, where this has been the case for years. The proportion of IT and automation in vehicles has steadily risen. That's why repair shops are no longer looking for talented mechanics – instead, they need mechatronics technicians who can operate a laptop and read the onboard computer. The career track of sailors is currently changing in the same way. The demands for technical qualifications are growing at a relatively low rate of pay. Support from land is becoming increasingly necessary under these conditions. In this respect, the answers as to “why” are completely comprehensible.

There is currently a generational change playing out in the maritime sector – does this provide fertile ground for Maritime 4.0?

Grün: Absolutely! The inspectors in the shipping companies are younger, on average, and they are natural technophiles. For them, there are attractive possibilities stemming from the rise of Maritime 4.0. Just consider what could arise simply from the ability to gather fleet-wide data and compare it. The person who knows, which ships in a fleet run best and the reasons behind this, can optimize the entire operation – from fleet fuel consumption up to an exceptionally well-tuned logistics chain.

»

What still needs to be completed, in my opinion, is the targeted evaluation of data that we currently gather from everywhere.

«

Andrea Grün, DNV GL

Where are we going, in your opinion?

Grün: Basically, I think that we can use the technological developments within the context of Maritime 4.0 to leverage potentials: for example, to implement a perfectly tuned logistics system, for container tracking, for monitoring cooling chains or conserving resources and increasing energy efficiency. We just certified a network in which a ship's quarters function together with the fire alarm system. Such combinations are interesting – especially for cruise ships, because they provide cost savings. However, the demands on cybersecurity will grow in conjunction with Maritime 4.0. From the perspective of cybersecurity, it is extremely important in the case that I just mentioned that no passenger can penetrate the fire alarm system through the cabin network.

What needs to be done?

Grün: What still needs to be completed, in my opinion, is the targeted evaluation of data that we currently gather from everywhere. My impression is that we create immense mountains of data, and still do too little with what we collect. As this relates to remote access, which we have discussed in detail here, we need logical rules and technologies that support cybersecurity. I'm thinking of an architecture or an authorization concept – for example, defined remote access at specific intervals that the crew would determine. As well as technologies, which would also protect the infrastructure if various points are accessed externally and extend from the control center to the depths of the engine room.

Ms. Grün, thank you for the conversation.

Concise Personal Information

Andrea Grün has worked for DNV GL for more than 25 years and is the Senior Principal Engineer for Automation in the Head Office of the Hamburg Maritime. The DNV GL is the leading global classification agency for the maritime industry. They promote safety in the global maritime sector and work to improve ship performance, energy efficiency and environmental compatibility. Furthermore, she is the technical project manager for complex networks and innovative software systems, and is an expert and auditor for the MED (Maritime Equipment Directive) and ISO 9001, with an emphasis on the maritime sector. She contributes significantly to the development of new regulations and international standards in automation and for the approval of software-based systems in the maritime sector.