All large ships today are controlled by computers. The ship’s systems such as radar, propulsion and fuel sensors are linked through a network.
“The largest ships are today just like floating computer centres”, says Andrei Gurtov, professor in the Department of Computer and Information Science at Linköping University.
The fact that the ships are connected to the internet means that they can be targeted by cyberattacks. The most frequently used forms of attack are viruses and ransomware. But in theory, the ships are facing an even greater threat. “It is possible in theory to use the internet to take control of a ship at sea. The hacker becomes a sort of virtual pirate.”
Guarding 20 doors
Gurtov is an expert in network security and has been involved in developing the protocol known as “TCP/IP HIP”. A protocol is a set of rules that decide, among other things, how computers talk to each other. TCP/IP HIP also confers an identity to computers and other online equipment. In this way, a computer knows who it is talking to.
“Imagine travelling around the world without a passport. It would be a nightmare if you had to try to prove your identity at every national border. You could say that our protocol gives a passport to every computer. It confirms identity.”
There are usually several ways for a hacker to penetrate a network, but TCP/IP HIP allows communication only through one node in thenetwork. “If your building has 20 doors, it’s difficult to guard them all. But if you use our protocol such that there is only one door, then you can protect it properly.”
To change the complete internet
Andrei Gurtov started working on the protocol as early as 2004, after returning from the University of California, Berkeley. The work continued at the Helsinki Institute for Information Technology (HIIT), after presenting his doctoral thesis at the University of Helsinki. He wrote a book about HIP, and led the work to develop and standardise the protocol.
“A research group in Helsinki was working on the internet of the future. One aspect of the current internet is deficient: security. The protocol currently in use, TCP/IP, was created 50 years ago, when the types of cyberattack we see today did not exist.”
The person who came up with the idea for TCP/IP HIP was American engineer Bob Moskowitz. The protocol was subsequently developed in an international collaboration between universities and several companies, such as Boeing, Ericsson and Nokia.
“When we started to build it, we hoped that the complete internet would start to use TCP/IP HIP. But it’s difficult to change the complete internet, so we started to look for other areas where it could be used.”
A company in Seattle, TemperedNetworks, was able to successfully commercialise the protocol, under the name “Identity Defined Networking”. It is used not only in the shipping industry, but also in the oil and gas industry, and in medical care.
One reason that the new protocol is particularly suitable for ships is that it allows mobility. Normally, when a network connection moves, activities such as the downloading of files are interrupted, but this problem does not arise with TCP/IP HIP.
Another advantage is that the time needed for installation is reduced to a tenth of what it was previously, which saves money for the shipping companies.
“The traditional ways to protect a network is to use firewalls or virtual private networks. These require a lot of manual configuration, and it’s easy to make mistakes. Not only that, but the installation is pretty boring work. With our protocol, in contrast, it’s all automated.”
It is important that equipment is protected. Many objects today – everything from toys and kitchen equipment to industrial robots – are connected to the internet and must therefore be protected. But in reality this is often not the case.
“One search engine, Shodan, finds equipment connected to the internet. We ran a project here at Linköping University in which students looked for online equipment. One of the things they found was medical equipment in Sweden connected without protection. This is, of course, dangerous.”
TCP/IP HIP is also used for buildings, such as at Pennsylvania State University, which consists of 640 buildings.
“The buildings are spread across the town, and they all have ventilation, heating, door locks, etc. The problem is similar to that of a ship. Everything must be connected, but everything must also be protected such that only the right person can open a particular door.”
TCP/IP HIP is in continuous development, and LiU students are one of the groups working on this.
“We run a student project here every year in which we improve the protocol by adding new functions and keeping it up-to-date.”
A new research project with LiU involvement started in February 2020, looking at aircraft security. Andrei Gurtov is responsible for cybersecurity, and is hoping to be able to use TCP/IP HIP to protect parts of the communication.
“Air traffic control has a huge need for increased security in its communication. It’s easy to fool the systems that deal with communication between the air traffic controllers and the airplanes.”
The project will also include training pilots and air traffic controllers to make them aware that they cannot always rely on the systems.
“We plan, for example, to carry out simulations in which we study how air traffic controllers react in different situations. If they are used to seeing ten airplanes on their screens, what will they do when 50 suddenly appear? How can they check that what they see on the screen is really happening?”
The research project into aircraft security will run for five years and has recently been granted financing by the Swedish Transport Administration.