WAYPOINT - ‘Applying Information Safely’ – an alternative meaning for AIS

George Shaw from the Royal Institute of Navigation looks at how to use AIS safely and explores some of the risks that must be overcome to ensure its ongoing value

AIS has an intentionally open design, and data is unsecured, due to insufficient bandwidth. This means more vessels are likely to use it – but it can also leave users open to cybersecurity threats. These data security issues require mariners to use information provided by AIS with caution, and in conjunction with other information. In isolation, the standalone picture presented by AIS can be untrustworthy, so mariners must use ‘all available means’ to assess vessel encounters. Unlike AIS, radar/ARPA is not easily jammed or spoofed and provides accurate relative information based on vessels’ movements through the water. You should base your avoidance actions primarily on radar data and frequent observation through the window, cautiously supplemented by AIS.

Is that vessel really there?

Since information transmitted by AIS is not authenticated, AIS signals can be easily spoofed to create false information, either creating non-existent vessels or misreporting positions of ships located elsewhere. In 2021, spoofed AIS reports of HMS Defender infamously appeared to show the vessel approaching Sevastopol while it was actually moored in Odessa. Criminals can readily falsify AIS reports to offset own vessel positions away from sensitive areas. Inaccurate information can also occur unintentionally, due to mis-typed manual data entry or sensor errors. In addition, quality of data will vary according to the type and accuracy of sensors on the reporting vessel.

Crucially, positioning information on AIS is almost totally dependent on input from Global Navigational Satellite Systems (GNSS), which also have cybersecurity issues. GNSS are highly vulnerable to natural and deliberate interference. Low levels of jamming can introduce position offsets, sufficiently misleading to present a severe risk to the safety of navigation – with no alarm raised. Higher levels of jamming may prevent position fixing entirely, triggering bridge alarms, while subsequent drift in dead-reckoning may rapidly increase the uncertainty in position estimates.

IN 2021, SPOOFED AIS REPORTS OF HMS DEFENDER INFAMOUSLY APPEARED TO SHOW THE VESSEL APPROACHING SEVASTOPOL WHILE IT WAS ACTUALLY MOORED IN ODESSA

GNSS positioning can also be spoofed, potentially inducing gradual position offsets that are difficult to detect. Such position errors can be widely transmitted over AIS to multiple vessels, affecting their situational awareness, CPA calculations and collision alarms.

Treading cautiously

Digital services are expanding the use of AIS, for example in virtual aids-to-navigation that provide a valuable rapid response to incidents before physical intervention can take place. However, mariners must treat virtual indications cautiously, especially where there is no physical entity to cross-check. Additionally, the limited data capacity within AIS risks being overloaded by the rapid growth in maritime services. One solution currently under discussion at the IMO is the future VHF Data Exchange System (potentially ‘AIS2.0’), which would offer more data bandwidth, authentication and cyber resilience.
 

• The inherent limitations of AIS are currently compounded by cyber vulnerabilities and may result in incomplete, uncertain data. These include:
• Vessels that are not fitted with AIS – and vessels legitimately switching off AIS in risk areas – are simply not visible.
• VHF transmissions are essentially line-of-sight, limiting reception to around 15-20NM, depending on antenna heights.
• Signals can be blocked by headlands and infrastructure, (although they may reach some radar blind spots).
• In heavy traffic, overload of message slots may prevent reception of in-range AIS reports.
• Unless there are specific ASM Area Notices, AIS will not warn of mammals crossing the vessel’s path.
• Consequently, mariners must treat AIS information with caution, always assessing and comparing all available sources of information.

 

Contact RIN at: www.rin.org.uk | 1 Kensington Gore, London, SW7 2AT | Tel: +44 (0)20 7591 3134