SMI

Search
Menu

R&D Resources

Interview with Mr Howard Fireman

  • Interviews
  • 25 Apr 2018

Maritime Cybersecurity

SMI had the opportunity to speak to Mr Howard Fireman, Senior Vice President & Chief Digital Officer at American Bureau of Shipping (ABS), during the Singapore Maritime Week 2018 on maritime cybersecurity under SMI Horizon, a series of commentaries, interviews and analysis by distinguished academic & industry thought leaders.

  1. “Defining the future of class is all about data and digital technology”. In ABS’s journey to the Class of the Future, what are the key drivers and challenges for digitalization in maritime industry?

    Mr Fireman: Classification is changing, like all other industries because of data, digital and cyber. The way I like to start off with this question is by addressing two views – one of the owner and manager of the asset, and the other of the classification society. If you are the owner, you are concerned with asset management and performance, safety compliance, vessel uptime as well as the financial bottom line. For the classification society, we will be evolving into a data-driven world. We want to insert new advanced technologies for inspection, such as drones. We want to also be less intrusive because when the classification society shows up, it brings the ship to a stop because the surveyor is onboard. Today, we are regulated on a calendar based model. In the future, we want to be transit to a condition-based model. There is a bridge between the asset owner & manager and the classification society – a data, digital and technological connection where there will be a lot of sharing and transparency between the two parties. This will be important.

    We view this opportunity by supporting four key elements. First, how do you get connected? Second, how do you achieve simplification? Third, how do you make things more efficient? Fourth, how do you unlock the data? How do you get the power and value of data – and what does this mean? All of these are underpinned by a digital platform, and what does this platform look like?

    If we go back to the four key elements: Getting connected by building new platforms to help asset owners and managers understand the classification process. Better understanding of how mobile technologies will help users get connected – for instance through mobile applications to help users get connected to classification services. This will help enable more efficient decisions where technologies such as wearable technologies and smart glasses will be useful where surveyors onboard can get connected in real-time to a technical engineer in the shore office for troubleshooting and validation. We talked about simplification where we have regulations such as air emissions where monitoring, verification and reporting of carbon dioxide are performed in the EU and IMO. How do you automate the data by collecting, verifying, calculating and reporting the data to reduce the administrative burden on seafarers onboard vessels who are busy. Lastly, the power of data. There is a lot of intelligence in data. We have several data systems and marine enterprise resource planning that manage a lot of data – how do we bring out the business intelligence to help decision makers get to their original objectives (asset management and performance, safety compliance, vessel uptime and financial bottom line).

    In the long run, we need to go beyond condition-based models to predictive analytics by leveraging the opportunities with advanced computer science and technologies such as machine learning and artificial intelligence.

  2. With ships’ operations become increasingly digitalized and connected to the outside world through satellite communications and other means, there would be greater exposure of ships to cyber risks. On board the ships, IT and OT systems are getting more interconnected. Vulnerabilities in these shipboard systems and GPS could even make ship hijacking possible via cyber attacks.

    What do you think are the key challenges faced by the shipping companies in cybersecurity for both shipboard and onshore systems?

    Mr Fireman: Thank you for the question. I will answer based on what we have seen first before addressing what we should be doing. We have been capturing data on what we have observed and areas for improvement over the past two years. The first area for improvement is this management of change and in my opinion a great thing to start with. Most people have been focusing on IT and not as much on OT (operational technology). The second area is the practice of good cyber hygiene onboard vessels. The third area is the monitoring of OT networks. The fourth and last area is the incident response. These are based on what we have seen.

    At the higher corporate level, there is a need to identify and establish the key performance indicators (KPIs) for onshore and at sea. Be it security architecture, configuration management or training and awareness, users must pick as it is all about risk management at the end of the day. They have to establish and understand their framework, which starts at the top and works it way down in the form of building programmes to support it.

    From our perspective, we emphasise on cyber safety instead of cybersecurity. Classification societies have been focusing on classic aspects for decades such as structures, machinery and mechanical systems. We now have a safety dimension that is growing everyday – these are the things that we cannot see, smell or hear. It is the software naval systems that we call cyber safety. This dimension is composed of four elements. The first is of course cybersecurity, which everyone is familiar with. Secondly, data integrity – we know that GPS can be spoofed and people are making decisions based on what they see. The question is whether the data is secure from the source to the user. Thirdly, the software integrity – where the software that is being developed these days are getting more intense in the control systems of assets. Fourth, the safety of automated systems. While cybersecurity is a critical component of the cyber equation, what we also focus on heavily is OT. At the end of the day, when people talk about critical infrastructure – people, processes and procedures are vital components of a very good cyber system.

  3. What scares people is that they don’t know what they don’t know. Do you think it is important for them to manage cyber risk?

    Mr Fireman: Cyber awareness and training is very important at every level. It starts with the boss – the C Suite. We all know that boards of companies have their due shares of responsibilities. I talked about the corporate KPIs earlier on. Training is one of them – training awareness, acceptance and acumen by running training exercises to benchmark the company and improve incident response. All of these come with practice. Cyber cuts across all levels of the company – all of the departments have to be horizontally integrated in my view and all the way up to the boss.

  4. What strategy or strategies should the maritime industry adopt to protect their ships and cargoes from cybersecurity attacks?

    Mr Fireman: Again, it starts from the top. The CEO and President will have to bring the awareness and prioritisation across all elements of the company. The awareness and knowledge that the problem is more than IT and also OT. My observation is that OT has not received the same amount of attention. The acumen of an organisation is not as strong in OT as it is in IT. We talked about awareness training, which I cannot emphasise enough. What is the risk framework that companies want to abide by. How are they going to build up their programme and framework. You’re never going to be 100% safe but balancing the risk and budget and determine if everything will work efficiently and meet business objectives. Referencing Mr David Koh, Chief Executive of the Cyber Security Agency of Singapore, in his keynote presentation at the Maritime Cyber Security Seminar on 24 April 2018 where 80 – 90% of the issues are contributed by human factors. I endorse that – yes there is a technical aspect to the problem, but we have work on the human first.

  1. Can you share some of the state of the art cybersecurity technologies that could potentially be adopted by commercial ships to protect the shipboard systems?

    Mr Fireman: A very good technical question. We have been doing a lot of research for the last few years, some of which are with government agencies. We determined that the way that the sector looked at things traditionally is seen as an opportunity to improve. I talked about risk – what will it look like in the future for maritime cybersecurity. We look at a ship or offshore asset, it is different in terms of complexity. It does a lot of things at sea. Be it functional , logical, cyber-physical – a lot of ways you can look at an asset. We have built our own risk approach that is measurable, adaptable, scalable and practical – FCI (Functions, Connections and Identities).

    We look at the architecture in terms of functions, what are the things that it is supposed to do? The connections, what is the system connected to? The identities, what are the threats that come with the connections? Through analysis, we study the nodes of every connection and determine if they should be there in the first place and what is the human element and if it is supposed to be there? All these help to build the equation and calculate the risk index for each asset. Depending on what is perceived as a risk to the system, you take action. Is the risk acceptable? If it is not, do you change the design? If it is a vessel in operation, you somehow make an alteration? We have built a modelling approach, which makes it easier to get to the other side. You do not really know what exactly it is until you decompose it.

    We talked earlier about cyber safety, where we are now getting to the aspects of software connectivity and automated systems in addition to cybersecurity. Based on the calculated risk index, you put the risk mitigation in place before deciding resource wise what is affordable and what is not – and what you want to live with. Because at the end of the day, the asset owner, manager and operator will have to determine if the risk is acceptable or not.

  2. Do you think that the importance of human factor in cyber security is the reason why the top-down approach is suitable?

    Mr Fireman: Yes, management has to take action but do we understand the embedded risk in what the design is? Do we actually understand all the things that are being connected? These functions, connections and identities – do we actually understand what we thought they would be looking like technically when they are pieced together? Is it acceptable or not? Perhaps some of these are human accessed? Maybe we do not want human access to be involved because it could be the cause of the problem. There could also be connections from other systems that people did not know exist due to lack of understanding of the vessel’s topology.

    At the end of the day, we have to decompose and put everything together under configuration management so that when the system changes over time we monitor it for the long term. The human element is as important as the technical element. Vendors are busy changing things because technology improves, but that is alright. We have to understand what is the collected integrated risk.

  3. What are the emerging areas of R&D in maritime cybersecurity that should be looked into? How the maritime industry could work closely together with research institutions and government agencies in these new areas?

    Mr Fireman: Firstly, we have heard that a lot of things start with people here in Singapore (during the Singapore Maritime Week 2018). Getting people to have that cybersecurity acumen. Universities have that responsibility to help get students in to study these important areas. It all starts with the people if we are going to build a platform for the industry. Getting people interested in the maritime sector and then maritime cyber-physical systems, data analytics, machine learning and artificial intelligence. We have to build that acumen and it all starts with people.

    As we heard from Mr Koh at the Maritime Cybersecurity Seminar in April 2018, what is the balance between the cost, risk (how much cybersecurity do you want), and usability when we talk about critical information infrastructure. We can make ourselves incredibly safe at great expense and slow the whole world down because we have put so much protection in place around us. There is a need for a balance where we probably cannot get all three. This is the second point that I would like to share – how do we figure out the optimal investment within these three domains?

    The last point that I would like to make is with reference to critical infrastructure, what is the capability maturity model that we want across the different pillars of investment for the maritime sector? There is a role for the government, the shipping community, and classification societies. Can we all come together in the area of maritime cybersecurity and determine what these investments should be?

    Based on what I have seen in Singapore, it is very impressive and exciting with various players such as start-ups and venture capitalists. A lot of good ideas will start to realise as they explore how they can fit into the maritime industry.

Recommended Articles

Interviews

Interview with Prof Adam Sobey

Interviews

Interview with Prof Nigel Brandon

Interviews

Interview with Prof Jessika Trancik

Interviews

Interview with Prof Low Teck Seng

Simulation & Modelling (SAM)

Awarded on 17 Oct 2014

In addition to being one of the busiest ports in the world, Singapore has also likewise thrived as one of the leading global maritime capitals that is highly driven by knowledge-based services and expertise. With changing demands and complexity of port and shipping activities, there would be a need for better management of complex port and ship systems.

With global trend drivers, such as shipping market volatility, environmental regulations, and energy cost-efficiency, advanced technological solutions would be required to address these concerns through innovation in port infrastructure and ship design. Hydrodynamics, physical modelling, and mathematical modelling are some of the scientific means towards more cost-effective and environmentally friendly operations. There has also been proposed methodology that focuses more on integrated systems-approach over independent components-approach.

An integrated systems strategy would also drive the need to manage sophisticated engineering and technology through risk-based approach for higher reliability and asset lifecycle management to bring cost benefits. This would enable users to complement both business and technical objectives.

Building upon the above technological trend towards a greater need for advanced complex systems, higher end training would also be required to produce competent manpower with the critical domain knowledge and skillsets. Looking beyond the conventional field of training through simulation, research in the human-machine interface through applied human engineering studies of maritime ergonomics would also be applicable to optimise interaction between people and technology for safety and productivity best practices.

As part of Singapore Maritime Institute’s (SMI) efforts to support the maritime industry in Singapore, a research grant amounting to S$5 million has been allocated to promote research through this thematic R&D programme. The Simulation & Modelling (SAM) R&D Programme aims to support projects involving the research and development of innovative technologies, approaches and ideas towards simulation & modelling for maritime applications.

 

Programme Themes

  • Risk Management
  • Human Factor Studies
  • Maritime Training & Operation

Asset Integrity & Risk Management (AIM)

Awarded on 02 Nov 2015

In oil & gas E&P, safe and reliable operations are of paramount importance to the industry. Asset integrity should never be compromised and risk management is critical to ensure lives and marine environment are safeguarded.

With enhanced oil recovery techniques, operators are stretching the existing reserves with assets that are reaching their design service life. These aged assets are often susceptible to failures due to mechanical degradations and harsh offshore environment.

Oil exploration has also inevitably moved into deep-sea as shallower oil wells become depleted. The offshore assets are installed in deeper water and are increasingly inaccessible. The associated cost of asset maintenance increases exponentially for deep-water regions resulting in the need for technological innovations in asset integrity & risk management. Integrity assessment and risk management solutions, anticipation of possible failures of systems and emergency response plans in the event of asset failures would be critical.

The offshore assets covered include offshore structures, subsea and down-hole equipment. The key research objectives are:

a) Identification of safety critical elements (SCEs)
The weakest structural components that are most susceptible to external forces, cyclic loadings and harsh environment known as safety critical elements should be identified.

b) Reduction of reliance on manual inspection
The inaccessible assets in deeper water and harsher environment drive the need for remote and autonomous inspection and maintenance which are increasingly reliant on sensor based technologies.

c) Low hardware overheads
Cost is one of the major considerations when sensors and wireless systems are installed. Such overheads include the cost of manufacturing the sensors and systems, power requirement as well installation compatibility with the existing assets.

d) High reliability systems under harsh environment
The increasingly harsh environment at deeper water with strong waves and currents as well as deeper wells with hostile chemicals and high pressure high temperature (HPHT) pose significant technical challenges. Sensors and systems must survive such environment with high reliability.

 

Programme Themes

  • Software Development
  • Hardware Development & Deployment
  • New Asset Installation
  • System Level Management

Projects awarded (will be updated progressely):

Joint Call for Proposals in Maritime Research between Norway and Singapore (MNS)

Awarded on 21 Mar 2016

Maritime Research between Norway and Singapore (MNS)

The Maritime and Port Authority of Singapore (“MPA”) and the Research Council of Norway (“RCN”) executed a Memorandum of Understanding on 6th March 2000 (“MOU”) relating to joint co-operation in maritime research, development, education and training. The MOU will be extended for its sixth successive three-year term in 2015.
To further enhance this co-operation, and to facilitate the creation of collaborative projects between the research communities in Singapore and Norway, RCN, MPA and Singapore Maritime Institute (“SMI”) have launched a joint call for bilateral funding of research projects in mutually agreed fields. A total of NOK 15 million is available from RCN for Norwegian partners and up to S$3 million is available from SMI for the Singaporean partners.

Research areas covered

The call is in the field of maritime research. The applications in this call must cover one or more of the following topics:
 
Maritime arctic research
  • Operational decision support systems and logistics solutions
  • Emergency preparedness, prevention & response

Maritime navigation safety

  • e-Navigation
  • Vessel Traffic Management
  • Data analytics on traffic pattern and risk
  • Ship-shore communication
  • Internet of things at sea

Ship operation & safety

  • Simulation & Training
  • Human factors studies
  • Unmanned ships
  • Remote Piloting
  • Control Room Systems
  • Hull structural design

Green shipping

  • Green fuels
  • Energy efficiency
  • Ballast water
  • Hull cleaning
  • Optimizing routing and operation
  • Hull and propeller design
  • Energy saving devices
  • LNG Bunkering in Shipping

Ship-port operations

  • Port optimization
  • Smart ports

Advanced Materials and Manufacturing (Amm)

Awarded on 01 Aug 2016

Oil and gas exploration and production (E&P) has inevitably moved into harsher operating environment. While oil price has slumped to a very low level, industry is focusing on technology developments to lower the cost of E&P. The fundamental sciences such as chemistry, physics and materials have attracted more attention than before in seeking innovative and disruptive technologies to enhance operational efficiency and improve reliability.

 

Operations in deeper waters with strong waves and currents pose challenges on structural integrity. Operations in Arctic pose a different set of challenges with extreme low temperature. As industry moves into ultra-deep wells with extreme high pressure and high temperature (HPHT), higher reliability is required in meeting the performance specifications to ensure safe and reliable operations. The underpinning material sciences in different operating regimes are the fundamental challenges to the increasingly harsh E&P environment.

 

Industry is also constantly innovating new materials for offshore applications as well as smart materials which allow more perimeters to be measured for condition monitoring of offshore structures and processes.

 

SMI through its engagements with the industry and academia has identified the following research thrusts and corresponding research focus areas under the grant call.  The materials covered in this grant call should be used in offshore structures, subsea and down-hole equipment with the following key research objectives:

 

  1. New materials development and materials enhancement to meet the operating needs under harsher environment while maintaining cost competitiveness
  2. Smart materials developments which allow condition monitoring and improve operational efficiency in the E&P lifecycle
  3. Testing methodologies developments to improve the accuracy of materials assessment and/or allow in-situ assessment to determine real-life residual life and fatigue conditions
  4. Enhancement of materials processability to improve performance and reliability of processed materials and structures

 

Programme Themes

  • New Materials Development
  • Materials Enhancement
  • Material Testing
  • Material Processing & Manufacturing

Maritime Sustainability (MSA)

Awarded on 04 Jan 2016

Given its location at the crossroad between East and West trade, Singapore is one of the busiest ports in the world for commercial shipping and maritime services. Last year, the Port of Singapore welcomed more than 135,000 vessels and handled a total of 560 million tonnes of cargo. The maritime industry is an important part of Singapore’s economy as it is one of the fastest growing economic sectors, contributing to 7% of Singapore’s GDP.

To address one of the key challenges facing the maritime industry on sustainable shipping, research and development into innovative technologies to transform maritime transportation and port operations will enhance both regulatory compliance and better service offerings by the industry.

SMI through its engagements with the industry and academia has identified the following research areas and possible corresponding research topics under the Maritime Sustainability grant call to support maritime developments and environment protection:

 

a) Ballast Water Management
Possible Research Topics include Detection and Measuring Equipment / Treatment System, Treatment Technology, and Risk Assessment for Ballast Water Management System.

 

b) Exhaust Emission Control
Possible Research Topics include Scrubbing / Cleaning Technology, Tools and Systems.

 

c) Ship Noise & Vibration
Possible Research Topics include Simulation & Modelling, Materials, and Ship Design and Construction.

 

d) Port Sustainability
Possible Research Topics include Port Air Emission Control Technology, Cleaner Energy for Port, Port Waste-to-Resource Management, and Energy Conservation.

Programme Themes

  • Ballast Water Management
  • Exhaust Emission Control
  • Ship Noise & Vibration
  • Port Sustainability

MPA and SMI Joint Call for Proposals 2020 on Harbour Craft Electrification

Awarded on 01 Oct 2021

The Maritime and Port Authority of Singapore (MPA) and the Singapore Maritime Institute (SMI) have awarded funding to three consortiums led by Keppel FELS Limited, SeaTech Solutions and Sembcorp Marine, and comprising a total of 30 enterprises and research institutions, to research, design, build and operate a fully electric harbourcraft over the next five years. These electrification pilot projects will demonstrate both commercial and technical viability of specific use cases for full electric harbourcraft and will support Singapore’s broader plans to mitigate greenhouse gas (GHG) emissions by the maritime transport sector.

 

Harbourcraft Electrification Projects

No Consortium lead  Consortium members Project Scope
1 Keppel FELS Limited

Industry

  1. DNV
  2. Eng Hup Shipping

(Vessel owner/operator)

  1. Envision Digital
  2. Surbana Jurong

IHLs/ research institutes

  1. Nanyang Technological University (NTU)
  2. Technology Centre for Offshore and Marine, Singapore
 To develop Solid State Transformer based shore charger & electric kit on an existing 30 pax ferry
2 SeaTech Solutions International (S) Pte Ltd

Industry

  1. Batam Fast Ferry Pte Ltd
  2. Bernhard Schulte (Singapore) Holdings Pte Ltd
  3. DM Sea Logistics Pte Ltd
  4. Jurong Port Pte Ltd
  5. Kenoil Marine Services Pte Ltd
  6. Lita Ocean Pte Ltd
  7. Marina Offshore Pte Ltd
  8. Rina Hong Kong Limited Singapore Branch
  9. Sterling PBES Energy Solutions Ltd.
  10. Yinson Production Offshore Pte Ltd

(Vessel owner)

IHLs/ research institutes

  1. Singapore Institute of Technology
  2. Technology Centre for Offshore and Marine, Singapore
 To develop a full electric lighter craft[i]
3 Sembcorp Marine Integrated Yard Pte Ltd

Industry

  1. ABB Pte Ltd
  2. Durapower Holdings Pte Ltd
  3. Jurong Marine Services Pte Ltd
  4. OPL Services Pte Ltd
  5. Rolls-Royce Singapore Pte Ltd
  6. SP One Pte Ltd
  7. Tian San Shipping Pte Ltd

(Vessel Owner/ operator)

  1. York Launch Pte Ltd

IHLs/ research institutes

  1. A-STAR Institute of High-Performance Computing
  2. Nanyang Technological University
  3. National University of Singapore
  4. Singapore Institute of Technology
 To develop and build a full electric ferry for 200 persons for a specific route
[i] A lighter craft is a vessel used for the carriage of dry or packaged cargoes.