BLOCKCHAIN SECURITY OF AUTONOMOUS MARITIME TRANSPORT

Autonomous ships are in experimental stage nowadays with Maritime Autonomous Surface Ships (MASS) already defi ned by IMO. Since MASS rely heavily on communications, security of communication systems and data security is critical. Secure communication is required to avoid bad actors to interfere with the communications or seizing control of a autonomous ship. In this paper, implementation of blockchain technology to improve autonomous vessels control security is investigated. This technology is already used in maritime bill of lading, acts on ship’s technical inspection and for more accurate container tracking etc. The paper is organized as follows: fi rst section describes current status on autonomous ships, basic defi nitions and terms, second section describes what is blockchain technology and how does it work, third section deals with blockchain technology applications with the proposed usage of the technology in autonomous vessels control scheme.


INTRODUCTION
Marine Autonomous Surface Ships (MASS) are becoming reality. First autonomous ferries are under testing since 2018 in Finland [1] and small autonomous Unmanned Surface Vessels (USV's) are widely used in ocean research, coast guard and military applications etc. Remotely operated local vessels are expected by 2020 and ocean-going ships for maritime transport by 2030 [2]. In this paper, improving security of communication systems and data security of MASS ships using new technologies is investigated. Since connectivity is a critical component of MASS, communication need to be twoway, secure and supported by multiple systems. Secure communication is mandatory, to avoid bad actors to interfere with ships communication or taking the control of the ship [3]. Security based on blockchain technology (BT) is proposed to enable secure communication and secure data storage exchanged between MASS and shore control center. Implementation of BT will eliminate some threats for ships communication, i.e. losing the data, data change by bad actors or data hijacking [2]. BT will play a major role in identifi cation and certifi cation, ensuring data integrity and information security.

AUTONOMOUS SHIPS CURRENT STATUS
Automated ships can be divided into two groups: MASS and unmanned surface vehicle (USV). Moreover, if we differentiate MASS by control level and legal regulation, we can group them into four classes [4]: Autonomy Assisted Bridge (AAB), Periodically Unmanned Bridge (PUB), Periodically Unmanned Ship (PUS) and Continuously Unmanned Ships (CUS). Benefi t of autonomous ships is elimination of human errors as a cause of accidents [5], and to obtain faster, safer, more precise, productive and cheaper ship's operation. Research done by [6] on MUNIN project in 2018 pointed out three topics for future design of autonomous ships: • New hull design ( no crew onboard means no need for habitat, toilet, resting, etc. ) • Introduction of new fuel types ( LNG as a thrust fuel) • Alternative modes of operation (more ships in convoys) MASS require programming of voyage path, navigation and collision avoidance systems. International collision avoidance rules (COLREG) should be taken into consideration. Also, situation awareness protocols should be included e.g. when visibility is low, standard procedure is to reduce speed. Ship's systems should be monitored by Shore Control Center (SCC) at all-time. SCC can be connected to MASS by any communication technology (GSM, VHF, WiMax or satellite) to send refreshed data relevant to ship's voyage. Autonomous Ship Controller (ASC) consists of Autonomous Navigation System (ANS) and Autonomous Engine and Monitoring Control (AEMC). These systems should make independent navigation decisions while being monitored by SCC operator. Operator should identify all unexpected threats and errors and pass it to others involved in SCC operation. Human-Machine interface (HMI) could be taken into consideration as a new operator-ship interface. This interface could improve operator's knowledge and situation awareness with fi nal goal of easier decision making. Autonomous ships navigation can be divided into two groups: ship's with primary navigation and secondary navigation. Hybrid system can be combination of two general alternatives:

Original Scientifi c Paper
• Remotely controlled ships, controlled by SCC operator through satellite link • Self-guided automated ships with integrated advanced systems of decision making

BLOCKCHAIN CURRENT STATUS
Blockchain is not a single technology or new one, it is a product of many existing technologies integrated into one. It is a reliable and unique database, decentralized and trustful. BT comprises of many peer-to-peer computers connected into self-organizing distributed network. This approach is completely different from the traditional distributed database, where data consistency is not guaranteed and communication between nodes can be non-existent or unreliable. Fundamental difference between BT and traditional distributed database is its ability to deal with confl icts, as described in [7]. Since BT is decentralized and distributed digital ledger, it can be used to record transaction across a network of peer-to-peer computers. Transactions, which are not necessarily fi nance or money related, are stored on immutable ledger and cannot be changed retroactively without changing all subsequent blocks and the collusion of the network [7] (to validate false block as correct one, 50% of the nodes are needed). Therefore, BT successfully withstood cyber-attacks for more than 10 years. Fig. 1 shows simplifi ed structure of blocks in Blockchain. Block is a data element connected through index information to form a chain like structure. Block structure contains the block header and block data, block header links the current block with previous block to ensure the integrity and consistency of the entire blockchain database [8]. When the new block is created and linked to the end of the chain, data index of the previous block forms the head of the new block, data information forms the block data, then the timestamp is attached [9]. Thus, blockchain data structure consist: a block (contains complete history) chain (proof off authentication) equals a timestamp, which is most important innovation in the blockchain technology. The network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, form- ing a record that cannot be changed without redoing the proof-of-work [7]. Most importantly, timestamps shows that the blocks are connected in chronological order and marks the time of each transaction on the blockchain, proving when and what has happened on the network. Unlike centralized data architectures, BT does not record and store data on centralized data center. Instead, all nodes on the network work together to maintain all data.
Their task is to act as validators because honest nodes are not going to accept an invalid transaction or block containing them. As described in [7], nodes are maintaining the data information of its own and other nodes, for verifi cation. Hence, updating of block data relies on the fact that most nodes or all of them consider data correct and authenticity is approved. Hacking or damaging one of the nodes will not affect the data. There are several approaches to BT architecture, they are categorized as Private, Permissioned or Public. Main distinction between these architectures is within way the nodes are involved in securing and/or verifying the blockchain database and its entries. Difference in implementation has implications for some of the benefi ts of BT as represented in the Table 1.

BLOCKCHAIN IN MARITIME INDUSTRY
Both MASS and BT are in top ten technologies that will change maritime industry [10]. Some work regarding implementation of BT into maritime industry has been done by [11] , they established consortium with a goal of building global shipping on blockchain that will improve data sharing. Result is in a pilot project of administrative and fi nancial integration within international distribution chains . The shipping company Maersk invested in BT [12], they expect that "The shipping industry will save billions of dollars through more accurate container tracking capability and automating shipping transactions". In August 2018 container, processed with new blockchain based bill of lading, has been released successfully in Port of Koper, Slovenia [13]. The bill of lading for this shipment has been issued electronically and transferred with the secure and reliable public blockchain network in just few minutes instead of days or weeks. Chances   [13], cost of issuance has been reduced to approximately 15% of the estimated usual price for sending paper document through courier services. Audit company Deloitte signed a partnership with the Norwegian certifi cation company DNV GL [14]. They transferred all its 90 000 certifi cates to a private blockchain. In addition, acts on technical inspections of ships and oil installations were transferred to a private blockchain since such documents can be faked and tampered with. BT block counterfeit certifi cates, allowing maritime industry to manage their certifi cation in a transparent and secure way. Cyber attacks against COSCO and ransomware breach against Maersk in 2018, proved that more effort is needed to defend against cyber incidents [15]. Author pointed that blockchain should be considered as effective protection against unauthorized data tampering and could be used as a deterrent against cyber threats. He also mentioned that ship owners and vessel operators are more occupied with environmental compliance than pursuing investments in the technology.

Authentication using BT
Increasing cases of identity thefts and data leaks makes authentication a major concern. Most internet application systems e.g. (email system, messaging application systems and websites) are based on central authority technique which issues and activates certifi cates, and store all the data [8]. This approach pose a fatal security risk since bad actors or hackers could attack the central authority, steal or counterfeit user's identity or crack encrypted information.
Identity authentication system based on blockchain with its decentralized characteristics doesn't challenge existing central institutions or authority's. Moving central authority role, from providing data storage for identity verification, to verifi er of user's identity, improves the security of authentication system since no data is stored. This type of identity authentication system is already used, Estonian citizen and e-residents are issued with a cryp-tographically secure digital identifi cation card based on BT on the backend, granting access to various public services [16].

BT as storage network
Storing data on a single host (trusted or untrusted) doesn't guarantee availability, bandwidth or general of quality service. Component failure is a guarantee, servers providing network access to hard drives where data is stored will also fail, network links may collapse and storage may become unreliable. So, data must be stored with enough redundancy to recover from these failures. We propose storing data across multiple hosts on a decentralized network. On this type of network, data fi les are broken apart and spread over multiple hosts in a process called sharding [17]. Also, data is encrypted with a private key which makes it secure and tamper proof. On network made by [17], hosts prove their storage by providing a segment of the original fi le and list of hashes from fi le's Merkle tree, this information is suffi cient to prove that segment came from original fi le. Thus, since proofs are written on the blockchain, anyone can verify their validity or invalidity [17]. Storage host's are awarded for every proof they submit, and are penalized for missing proofs. Data encryption protects privacy of data and any tampering will be identifi ed. Authorized users will be able to edit, add and remove fi les.

Proposed scheme for Autonomous Vessels Control
Usage of BT for autonomous vessels control is proposed and illustrated in Fig. 2. Vessels' control data and essential ship data are sharded and stored on distributed consensus network and can be accessed only by certifi ed user. Every new user has to pass through Certifi cation Authority (CA) before accessing the network. CA is core of authentication system. Its role is to verify users' identity, issue, update, revoke or confi rm certifi cates. Cryptographically secure digital identifi cation certifi cates are issued to all certifi ed users. This approach removes threat of bad actors tampering with the data or stealing sensitive data.

Figure 2: Proposed usage of the BT for autonomous vessels control Source: Authors CONCLUSION
This paper considers blockchain technology as improvement in security of communications and data security for MASS. Scheme for implementation is proposed that eliminates some threats for MASS communication systems. Since blockchain technology is already making its way into industry, its benefi ts in fi eld of secure authentication should be used in maritime industry. This scheme makes unauthorized access blocked at start and easily detectable. Storing data on distributed consensus network ensure only authorized users can access the content. Blockchain technology is already introduced to maritime industry in form of bill of lading, regulation compliance, etc. and is expected to bring signifi cant cost-saving opportunities in the industry. This technology shows a great potential for researches and investigations in both science and technology and it is a desire that this paper will be of use in further development of technology projects in this fi eld.