Constrained Autonomy for a Better Human–Automation Interface

The concept of autonomous or uncrewed ships is not new. Japan investigated remote control of ships in the “Highly reliable intelligent ship” project from 1982 to 1988 (Hasegawa 2004). The rocket launching platform L/P Odyssey, classified as a mobile offshore unit (MOU), was remotely controlled during the launch phase. Thus, it operated as a de facto uncrewed ship in international waters from 1999 to 2014 (Tass 2018). The first large-scale study on uncrewed and autonomous merchant ships was the EU project MUNIN, running from 2012 to 2015 (Rødseth & Burmeister 2012). Since then, there has been a steady increase in new investigations and concept studies. M/S Yara Birkeland is probably the best known and is at the time of writing planned to operate autonomously and uncrewed from 2022 (Yara 2018). A major benefit of ship autonomy is that the ship can be uncrewed, although uncrewed operation can also be achieved through remote control as for L/P Odyssey. Uncrewed ships save capital cost when removing the living quarters and life support systems from the ship; it can save crew cost and it allows new and innovative designs of the ship (Rødseth 2018).publishedVersio

A taxonomy for autonomy in industrial autonomous mobile robots including autonomous merchant ships

The concept of autonomous mobile robots (AMR) has gained much popularity in recent years, particularly in commercial settings where the name industrial autonomous mobile robot (IAMR) is proposed. In addition to automatic guided vehicles and automated mining trucks, IAMR also includes autonomous merchant ships. AMR is an old concept which was first introduced in the 1980s. Although the concept of AMRs is old and broadly used, there is still no common definition of autonomy when mobile robots are concerned. This paper will review some of the most known definitions and develop a taxonomy for autonomy in mobile autonomous robots. This will be used to compare the different definitions of robotic autonomy. This paper will mainly look at industrial autonomous mobile robots, i.e. systems that are designed to operate with a clear commercial objective in mind and which are normally supported by a remote control centre. This means that the robot is not fully autonomous, but to varying degrees dependent on humans in some control and monitoring functions.publishedVersio

Keeping the human element to secure autonomous shipping operations

Autonomous shipping operations are becoming economically and technically feasible, but this development also requires new human roles and responsibilities onshore for managing cyber events. The goal of this paper is to present a methodology for describing autonomous shipping operations and risks caused by potential cyber-attacks, focusing on critical situations to the interplay between the automation and human operators. We have applied our methodology on a case study for planned autonomous operations in European waterways. Our results show that the reliance on new technologies such as sensors, computer vision and AI reasoning onboard the autonomous ships or cranes opens to new types of attacks that the industry has little experience with as of now. Unmanned systems should therefore be designed with assurance methods that can bring the human into the loop, providing situational awareness and control. At the same time, human resource exhaustion is a potential attack goal against remote operations. We could see from our threat likelihood estimation that attacks related to deny- and injure-motivations have the highest values in all mission phase patterns. This is in accordance with the general attack trends within the maritime domain and many other sectors, where financially motivated attackers will try to demand a ransom to stop business disruption.publishedVersio

Expanding the Possibilities of AIS Data with Heuristics

Automatic Identification System (AIS) is primarily used as a tracking system for ships, but with the launch of satellites to collect these data, new and previously untested possibilities are emerging. This paper presents the development of heuristics for establishing the specific ship type using information retrieved from AIS data alone. These heuristics expand the possibilities of AIS data, as the specific ship type is vital for several transportation research cases, such as emission analyses of ship traffic and studies on slow steaming. The presented method for developing heuristics can be used for a wider range of vessels. These heuristics may form the basis of large-scale studies on ship traffic using AIS data when it is not feasible or desirable to use commercial ship data registers

D2.2 Updated cyber risk assessment for the maritime industry

This report presents an updated assessment of the cyberthreat landscape in the context of CySiMS-SE. It is based on the previous work from CySiMS “D1.1 Risk Model and Analysis” and the methodology from CySiMS-SE “D2.1 Expanded risk and CBA methodology”. The goal has been to show how we obtain required means and opportunities of attack vectors for the PKI and motivation factors for potential threat actors.978-82-14-06467-4publishedVersio

A Retrospective Analysis of Maritime Cyber Security Incidents

The maritime industry is undergoing a rapid evolution through the introduction of new technology and the digitization of existing services. At the same time, the digital attack surface is increasing, and incidents can lead to severe consequences. This study analyses and gives an overview of 46 maritime cyber security incidents from the last decade (2010-2020). We have collected information from open publications and reports, as well as anonymized data from insurance claims. Each incident is linked to a taxonomy of attack points related to onboard or off-ship systems, and the characteristics have been used to create a Top-10 list of maritime cyber threats. The results show that the maritime sector typically has incidents with low frequency and high impact, which makes them hard to predict and prepare for. We also infer that different types of attackers use a variety of attack points and techniques, hence there is no single solution to this problem.publishedVersio

Improving Safety by Learning from Automation in Transport Systems with a Focus on Sensemaking and Meaningful Human Control

Automated transport systems are deployed in many areas and transport modes. The predominant engineering perspective has been to automate as much as possible and minimize human interaction. However, a balanced integration between human factors and technology is often missing, as well as the “hand-over” process between humans and machine. The risks of automated and autonomous systems are emerging, and there is a need to explore how risks can be mitigated through design, focusing on sensemaking, meaningful human control and resilience engineering. This chapter presents key issues from an ongoing research project exploring safety, security and human control of autonomous transport systems in road, sea, rail and air. The chapter aims to answer: (1) What are the major safety and security challenges of autonomous industrial transport systems? (2) What can the various transport modes learn from each other? (3) What are suggested key measures related to organizational, technical and human issues? We have performed literature reviews, interviews and reviewed on-going automation projects. We see the importance of involving humans in the loop during design and operations, support sensemaking, focus on learning from projects through data gathering and risk-based regulation. Unanticipated deviations are key challenges in automated systems, together with how to design for human–automation interaction and meaningful user involvement. Limiting the operational envelope seems to be a key issue for successful implementation and operation of autonomous systems.publishedVersio

Hazards and Risks of Automated Passenger Ferry Operations in Norway

This paper describes the hazards and mitigation of risks for operating automated ferries in sheltered waters in Norway. Two cases have been explored, one with max 25Pax (persons on board) close to shore, and another involving fjord crossing with max 130Pax. The approach is based on the formal safety assessment FSA framework specified by IMO (International Maritime Organization). The first step has been a Hazard Identification-HAZID in collaboration with key stakeholders (manufacturers, maritime authority, operators, and researchers), based on action research, building on experience and risk perception of the stakeholders. The HAZIDs have been based on prior incidents, safety critical task analysis, and hazards that may impact personnel safety and security. We have identified key areas of concern: Fire, Collision/Grounding, Man Overboard, Evacuation, or Ferry capsizes. We have suggested design approaches/measures to reduce probabilities of hazards occurrence and/or mitigate consequences. Challenges of non-failsafe situations must be handled through emergency response centres, and mobilization of passengers.publishedVersio

The IMO Reference Data Model: One Solution Fits Most!

In 2019, the International Maritime Organization (IMO) made it mandatory to support the electronic clearance of ships entering foreign ports. In preparation, the IMO Facilitation Committee started to develop a reference data model to harmonise the most important standards for ship clearance. The first version was published in 2020. The model is already extending into other areas of ship-port data exchanges and it is now increasingly seen as a tool to coordinate development of new electronic data exchange standards for ship operations. The lack of such coordination has, up until now, been a significant problem—much better coordination is essential in the relatively small and highly international market that shipping represents.acceptedVersio