BIMCO Archives - SHIP IP LTD

BIMCO.png

There is little doubt the major topic making headlines during the current phase of the pandemic is the challenges related to crew change. For several months, seafarers have been marooned on board ships due to border closures, lock-downs and other preventive measures imposed by port states and governments.

Since 13 March, BIMCO has provided an overview of the challenges related to crew changes. Initially the overview was divided into three sections depending on how the restrictions were applied:

  1. Depending on travel history
  2. Depending on nationalities on board
  3. Full prohibition or closure of borders

While observing a general trend with authorities easing restrictions, BIMCO has added a new section with a list of confirmed countries that allows disembarkation for the purpose of crew change. Currently, this positive list numbers more than 30 countries. It is not unusual for port states to refer to applicable International Maritime Organization items, such as circ. 4204/add. 6 which outlines the importance of undertaking a pragmatic approach to facilitation of maritime trade.

Considering the reports of successful industry initiatives to facilitate crew change on some occasions, the primary obstacle appears to be the absence of commercial flights. However, facilitating crew change is much more than chartering flights. Visa restrictions have proven another major obstacle as well as the different protocols and approaches to testing procedures for airlines and national governments.

All incoming information is carefully assessed and BIMCO spends a considerable amount of time locating the relevant official circulars to provide every detail possible to our members. In this way BIMCO is playing an active role in the informal exchange between industry stakeholders.

Please see the following BIMCO content pages:

  • Crew challenges, for a fast overview of the current restriction regimes to crew change
  • Crew extensions, for an overview of regulations to seafarers certificates and employment contracts
  • Implementations, for a detailed picture of national and international measures

 

Source: https://www.bimco.org/news/ports/20200522-bimco-offers-detailed-overview-of-covid-19-implementations


BIMCO.png

The Maritime Anti-Corruption Network (MACN) has launched a survey to obtain a better understanding of the possible link between the COVID-19 outbreak and corrupt demands faced by the shipping industry, and how such demands are affecting seafarers and vessel operations. BIMCO supports MACN’s efforts to fight corruption in shipping and is therefore encouraging members to respond to the survey.

The survey, which is designed as a short 3-minutes “tick-the-box” questionnaire, gives stakeholders in the shipping industry the possibility to indicate, amongst other things, if they continue to face challenges during vessel clearance and/or Port State Control inspections. At the same time, MACN would also like to receive feedback on any new innovative or best practices which have been observed for e.g. use of remote technologies which may reduce the opportunity for corrupt demands. Please share this questionnaire among your vessels as their input is highly valuable.

Deadline for responding to the survey is 15 June 2020.
Source: BIMCO


BIMCO.png

The Guidelines were written by a broad cross section of industry stakeholders and published in their third version in December 2018. Since the publishing of the guidelines the concepts for cyber risk management have continued to develop in several areas. For example the International Maritime Organisation has fine tuned their views on the topic, IACS has developed a set of recommendations for cyber resilience on newbuildings, and shipowners are gaining experience with regards to the cyber threat and the associated practical cyber risk management techniques. All these developments have taken place against the backdrop of rapidly developing information technology where the information transmission speed is growing exponentially and the complexity of networks and the possibilities for data sharing and data cross utilization seem endless.

It is with all this in mind that the cyber working group is casting off and commences the review of the 3rd version of The Guidelines on Cyber Security Onboard Ships.

The review will take place over the coming weeks and it is expected that a new version of the guidelines will be ready for release during the autumn 2020.

Source: https://www.bimco.org/news/security/20200513-the-guidelines-on-cyber-security-onboard-ships-up-for-review


CyberWorkbook2019-960x540.jpg

BIMCO And ICS Publish New Cyber Security Guide For Crew On Board.

The digitalisation of maritime operations and the reliance on technology and network connectivity for daily onboard and on shore operations means that shipping is vulnerable to the threat of cyber incidents.

To help crew prepare, both on the bridge and in the engine room, the new “Cyber Security Workbook for On Board Ship Use” includes several checklists of how to protect, detect, respond and recover from a cyber incident, and thereby offers a practical and easy to use guide for the master and the officers.

BIMCO is continuously raising awareness to shipowners on issues such as the cyber threat and helps lead the work by issuing industry guidelines to assist companies in formulating their own approaches to cyber risk management onboard. Based on contributions by BIMCO, IMO recently decided to identify cyber risks as specific threats, which companies should try to address to the same extend as any other risk that may affect the safe operation of a ship and protection of the environment. Guidance on these issues can be found in the Guidelines on Cyber Security Onboard Ships.

To protect multimillion-dollar floating assets, cyber risk should be managed as any other risk that may affect the safe operation of a ship and jeopardize the protection of the environment. The new workbook gives an easy introduction to incorporating cyber security into the ship’s management system.

“Cyber security risk management is not just an IT issue. Managing the complex interactions between technology and humans correctly will be key to avoid a cyber incident, and to recover from them, should an incident happen,” says Aron Frank Sørensen, Head of Maritime Technology and Regulation at BIMCO.

“I see the workbook as a valuable tool that will help officers manage cyber risks while carrying out their daily routines on board,” Sørensen says.
Source: BIMCO

 


CyberSecurityShip2-1200x801.jpg

Maritime Cyber security

The University of Plymouth has created a cyber security research lab that focuses on challenges faced by the shipping industry.

The £3 million ‘Cyber-SHIP‘ lab will complement the university’s existing maritime facilities which includes a simulator dedicated to training professional sailors.

The lab is a transformational step towards developing a national centre for research into maritime cyber security, according to Professor Kevin Jones, the executive dean for science and engineering and principal investigator for the project.

Jones believes that the lab will support a range of research and training that cannot be achieved with simulators alone. These will also facilitate the development and delivery of new maritime cyber provision for graduates, postgraduates, and industry.

“Cyber attacks are a Tier1 National UK threat. But, although the maritime sector is advancing technologically, it is not well protected against cyber or cyber-physical attacks and accidents,” he said.

“Worth trillions, it has an unmatched reach across international waters, which exposes people and goods to a diverse range of factors, putting the shipping industry at high risk. As such, this facility has never been more timely.”

The lab has been developed in partnership with shipping equipment manufacturers, port operators, shipbuilders, classification agencies, and insurance companies. Some of the areas it will look at include the cyber risk of autonomous ships, maritime cyber risk assessment, and the scope and impact of evolving tech on international shipping.

The project, which has been funded by Research England will last for three years with the hope that it will be self-sustaining by then. It aims to bring together a host of connected maritime systems currently found on an actual ship’s bridge. Cyber security experts will then assess these systems for vulnerabilities and identify the technology and skillsets needed to make them more secure.

The lab will feature cutting edge maritime technology including radar equipment, a voyage data recorder, an electronic chart display and information system, an automatic identification system, and communications devices.

 

SOURCE ITPRO


Cyber Adversaries Targeting Commercial Vessels

This bulletin is to inform the maritime industry of recent email phishing and malware intrusion attempts that targeted commercial vessels. Cyber adversaries are attempting to gain sensitive information including the content of an official Notice of Arrival (NOA) using email addresses that pose as an official Port State Control (PSC) authority such as: port @ pscgov.org. Additionally, the Coast Guard has received reports of malicious software designed to disrupt shipboard computer systems. Vessel masters have diligently reported suspicious activity to the Coast Guard National Response Center (NRC) in accordance with Title 33 Code of Federal Regulations (CFR) §101.305 – Reporting, enabling the Coast Guard and other federal agencies to counter cyber threats across the global maritime network.

As a reminder, suspicious activity and breaches of security must be reported to the NRC at (800) 424-8802. For cyber attempts/attacks that do not impact the operating condition of the vessel or result in a pollution incident, owners or operators may alternatively report to the 24/7 National Cybersecurity and Communications Integration Center (NCCIC) at (888) 282-0870 in accordance with CG-5P Policy Letter 08-16, “Reporting Suspicious Activity and Breaches of Security.” When reporting to the NCCIC, it is imperative that the reporting party notify the NCCIC that the vessel is a Coast Guard regulated entity in order to satisfy 33 CFR §101.305 reporting requirements. The NCCIC will in turn forward the report to the NRC that will then notify the cognizant Coast Guard Captain of the Port (COTP).

The Coast Guards urges maritime stakeholders to verify the validity of the email sender prior to responding to unsolicited email messages. If there is uncertainty regarding the legitimacy of the email request, vessel representatives should try contacting the PSC authority directly by using verified contact information. Additionally, vessel owners and operators should continue to evaluate their cyber defense meaures to reduce the effect of a cyber-attack. For more information on the NCCIC’s services, cyber-related information, best practices, and other resources, please visit: https://www.dhs.gov/CISA.

The Coast Guard applauds companies and their vessels for remaining vigilant in the identification and prompt reporting of suspicious cyber-related activities. Questions pertaining to this bulletin may be directed to the Coast Guard Office of Commercial Vessel Compliance’s Port State Control Division (CG-CVC-2) at PortStateControl@uscg.mil.

DOWNLOAD THE BULLETIN

 

 

 


Final preparations are underway for a 12-metre-long ship to set sail from Canada and attempt the world’s first transatlantic crossing without a crew.

 

TOLLESBURY, England: 

Final preparations are underway for a 12-metre-long ship to set sail from Canada and attempt the world’s first transatlantic crossing without a crew.

The USV Maxlimer, an unmanned surface vessel, is bound for the south coast of England and will conduct deep sea surveys on the way, guided by a skipper in a control station in Britain. The voyage is expected to take about 35 days.

The ship was built by Sea-Kit International, which develops vessels for the maritime and research industries, for the Shell Ocean Discovery XPRIZE, a competition to autonomously survey the sea bed.It can launch and recover autonomous underwater vehicles but has the potential to operate in different roles with different cargo.”(It is) almost like a utility pick-up vehicle of the sea, it’s robust, it’s adaptable, it’s got a huge range,” said SEA-KIT International Managing Director Ben Simpson.

The vessel is operated by a hand-held remote control when in harbour and when at sea it can stream live data to the controller via multiple satellite links.

“What is now available through technology is very, very similar to what you have on the bridge of a ship and in many ways, I would argue, even more comprehensive,” said James Fanshawe, a director of SEA-KIT.”The controller here in this station can actually see all the way round on the horizon near real-time and in many ships it’s quite difficult to actually even see what’s behind you from the bridge of that ship,” said Fanshawe.

COMMENT

The company said it sees a future for unmanned vessels as they can remove humans from harm’s way.The team said ships that do not need to accommodate people also have significant economic and environmental benefits.”You don’t need a bridge, you don’t need a galley, you don’t need water supplies, you don’t need air conditioning and suddenly the size of that vessel becomes a fraction of the size of vessels currently being used offshore,” Simpson said.The combination of size and hybrid diesel-electric propulsion cuts fuel use by around 95 percent, the company said.

 

SOURCE READ FULL ARTICLE


Singapore, Airbus Helicopters’ Skyways unmanned air vehicle has successfully completed its first flight demonstration at the National University of Singapore (NUS). The drone took off from its dedicated maintenance centre and landed on the roof of a specially designed parcel station where a parcel was automatically loaded via a robotic arm. Once successfully loaded with the parcel, the Skyways drone took off again and returned to land, demonstrating its automatic unloading capability.

This inaugural flight demonstration follows the launch of the experimental project with the Civil Aviation Authority of Singapore (CAAS) in February 2016 to develop an urban unmanned air system to address the safety, efficiency, and sustainability of the air delivery business in cities such as Singapore. The collaboration was subsequently extended in April 2017 with Singapore Post (SingPost) becoming the local logistics partner to the project.

Airbus Helicopters is the overall Skyways system architect and provider, contributing its capabilities in drone platforms as well as its concept of future parcel delivery. This concept involves systems and structures that allow drones to land, dock with secure structures, discharge or take on payloads, and then fly off to other destinations.

“Today’s flight demonstration paves the way positively to our local trial service launch in the coming months. It is the result of a very strong partnership among the stakeholders involved, especially the close guidance and confidence from the CAAS,” said Alain Flourens, Airbus Helicopters’ Executive Vice President of Engineering and Chief Technical Officer. “Safe and reliable urban air delivery is a reality not too distant into the future, and Airbus is certainly excited to be a forerunner in this endeavour.”

Airbus Helicopters is at an advanced stage of the Skyways project. The research and development phase is progressing well, with equipment and facilities installed at the NUS campus. Various tests are already underway, and the unmanned air system will be demonstrated in the university when the trial service commences this year. Campus students and staff will be able to make use of Skyways to have small parcels between 2kg and 4kg delivered to designated parcel stations within the campus, which is the size of 150 football fields.

“The Skyways project is an important innovation for the aviation industry. CAAS has been working closely with Airbus on the project, with an emphasis on co-developing systems and rules to ensure that such aircraft can operate in an urban environment safely and optimally. For Singapore, this project will help to develop innovative rules to support the development of the unmanned aircraft industry in Singapore. We are pleased with the good progress that Skyways is making and look forward to deepening our partnership with Airbus,” said Mr Kevin Shum, Director-General, CAAS.

“The urban logistics challenge is complex and an ecosystem of parcel lockers and autonomous vehicles will be a key piece to solving this puzzle,” said SingPost Group Chief Information Officer, Alex Tan. “The trial service that is taking off later this year will be an important step forward for SingPost in our efforts to develop solutions for the future logistics needs of Singapore and other cities of the world.”

“Project Skyways aligns with NUS’ vision of serving as a living lab to pilot innovative technologies and solutions. The NUS community is very excited to be the first in Singapore to experience this novel concept of parcel delivery by drones – an endeavour that could redefine urban logistics,” said NU Senior Deputy President and Provost, Professor Ho Teck Hua. “Students from the NUS Faculty of Engineering also have the opportunity to gain valuable experience as interns with Airbus for this project. We look forward to working closely with Airbus, CAAS and SingPost to carry out the campus-wide trial.”

An experimental project aimed at developing a safe and economically viable aerial unmanned parcel delivery system for use in dense urban environments, Skyways is one of a number of innovative Urban Air Mobility projects currently being researched at Airbus. These also include the Racer high-speed helicopter demonstrator, as well as the Vahana and CityAirbus autonomous flying vehicle concepts.

About Airbus
Airbus is a global leader in aeronautics, space and related services. In 2016 it generated revenues of €67 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats and business aviation products. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as one of the world’s leading space companies. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.

SOURCE READ FULL ARTICLE


Overview

BIMCO’s Documentary Committee has agreed a new standard Cyber Security Clause that requires the parties to implement cyber security procedures and systems, to help reduce the risk of an incident and mitigate the consequences should a security breach occur.

In the wake of recent costly cyber security incidents involving large shipping companies, cyber security has become a major focus in the maritime industry.

BIMCO has taken a lead position on cyber security issues through its active role at the International Maritime Organization and by co-authoring the “Industry Guidelines on cyber security onboard ships”. The development of the BIMCO Cyber Security Clause has been an important part of this initiative.

The clause has been written by a small drafting team, led by Inga Frøysa of Klaveness, with representatives from shipowners, P&I clubs and a law firm, and will be published towards the end of May.

“I am very pleased to see BIMCO as the first mover on this important topic. Recent years have shown that there is a clear need for a clause addressing the contractual issues that can arise from a cyber security incident,” says Inga Frøysa.

Sharing relevant information

The clause is drafted in broad and generic language which allows for it to be used in a wide range of contracts and in a string of contracts for easy back-to-back application. It is hoped that the clause will assist parties in obtaining affordable insurance for their cyber security exposure, as the clause introduces a cap on the liability for breaches.

“It was very important to the subcommittee to impose an obligation on the parties to keep each other informed if a cyber security incident should occur, and to share any relevant information, which could assist the other party in mitigating and resolving an incident as quickly as possible,” Frøysa says.

This is done through a two-fold notification process. Firstly, through an immediate notification from the party who becomes aware of an incident to the other party. Secondly, through a more detailed notification once the affected party has had the chance to investigate the incident.

The clause also requires the parties to always share subsequent information, which could assist the other party in mitigating or preventing any effects from the incident.

The level of required cyber security will depend on many elements such as the size of the company, its geographical location and nature of business.

The clause takes this into account by stipulating that the parties must implement “appropriate” cyber security. The clause also requires each party to use reasonable endeavors to ensure that any third-party providing services on its behalf in connection with the contract, has appropriate cyber security.

SOURCE BIMCO


Maritime cyber risk management: boiling the ocean or storm in a tea cup?

 

Is the shipping industry’s most valuable commodity also its biggest risk?

As one of the world’s oldest industries, the shipping industry has capitalised on its capability to move assets around the world for thousands of years. Whether for trade, military or tourism, there are more than 50,000 ships world-wide that currently navigate our waters and facilitate both thriving economies and promote nation state security.

Know your risks and implement security measures

Our recent maritime report has explored the cyber security challenges that the maritime industry is facing now and will likely face in the future. With the increasing trend of attackers turning their attention to ships and shipping operations, more needs to be done to identify cyber risks at sea and mitigate them – a method to begin this process is to perform a risk assessment. Traditionally, a business might perform a risk-assessment periodically, say on a yearly basis, to identify what security risks need addressing, and follow this with implementing the right measures to protect against these risks occurring.

But what happens when your risk profile is constantly changing? All variables such as a ship’s cargo, employees and geography can change drastically within 24 hours as a ship makes its journey across the world and participates in trading. The main inputs to assessing risk are therefore constantly changing, significantly more than your standard business who needs to implement cyber security measures – so how is it feasible to have confidence that ships are implementing the right security in such a unique situation?

What are the key changing risk factors?

We have identified the main factors impacting cyber security that are associated with the constant movement of trade ships as follows:

  • Route: A ship relies on multiple navigation technologies to get it safely from point A to point B without damaging it, its cargo or risking life onboard. But what if malware could ever so slightly change measurements over time, à la Stuxnet. This would have little impact in the Pacific; but in the Panama Strait it would be catastrophic and the perfect attack for criminals to launch in order to then loot a ship.
  • Cargo: A ship will be carrying multiple cargos of different market value during its route and over time. These cargos may also have different value to different territories and groups.  Cargo systems can be compromised providing intelligence to criminals who can subsequently target specific cargo ships and resell on the black market. For example, pharmaceuticals would be an attractive target due their high value on the black market.
  • Piracy: There are certain areas of the world which may be at higher risk of attack from piracy, such as the seas that border Eastern Africa. Not only could the cargo training systems be tracked to identify when ships are carrying precious cargo like gold; we understand that pirates could also manipulate systems and spoof the position of ships in distress. This would result in a longer period of time for them to carry out their physical attacks.
  • Ports and business operations: Shipping staff may engage with multiple ports and succumb to various operational processes each time, notably payment and administration regarding docking. Threat groups have been known to track ships and spoof emails to shipping companies to request payment for their upcoming or previous docking. This has resulted in ships losing money as they have been unable to distinguish what is the legitimate process for these payments – made harder when a ship uses many ports over a short period of time.

READ FULL ARTICLE