Test 2 MART 401
BMP5
Best Management Practices
LRIT Purpose
Mandatory as of 2006 All passenger ships Cargo ships 300 gross tonnage and above Mobile offshore drilling units SATCOM based, NOT VHF (as is AIS), usually incorporated into GMDSS suite Reports to Flag Administration 4x daily
Can an officer lower the marsec level below the set marsec level of the port facility
No
Best Practices for AIS In Piracy
Recommended that AIS is left on through high-risk areas, restricted to the ship's identity, position, course, speed, navigational status, and safety-related information. AIS Message " ARMED GUARDS ON BOARD" (Dynamic Data)
Fundamentals of BMP5
Understanding the threats conduct risk assessments implement ship protection measures Report Cooperate
In drafting the ISPS the lead American governing agency was who
United states coast guard
What is AIS spoofing
involves creating a nonexistent vessel or masquerading a vessel's true identity, resulting in hiding or transmitting false positional data, so that a vessel appears to behave legitimately, thus deceiving stakeholders and authorities.
Port facility
is a location, as determined by the Contracting Government or by the Designated Authority, where the ship/port interface takes place. This includes areas such as anchorages, waiting berths and approaches from seaward, as appropriate.
The process of establish the ship security plan (SSA)
is an essential and integral part of the process of developing and updating the ship security plan. The Ship Security Assessment must be completed before the Ship Security Plan can be developed. **Should consider all possible threats. Should be submitted to the coast guard for approval as well.
SSI (Sensitive Security Information)
is information that, if publicly released, would be detrimental to transportation security, as defined by Federal regulation 49 C.F.R. part 1520.
SSI classified or not?
is not classified information, there are specific procedures for recognizing, marking, protecting, safely sharing, and destroying SSI.
Exercise Definition 33 CFR 101.105
means a comprehensive training event that involves several of the functional elements of the vessel security plan and tests communications, coordination, resource availability, and response. Annually.
Ship security plan
means a plan developed to ensure the application of measures on board the ship designed to protect persons on board, cargo, cargo transport units, ship's stores or the ship from the risks of a security incident.
Drill Definition 33 CFR 101.105
means a training event that tests at least one component of the vessel security plan and is used to maintain a high level of security readiness. Every three months. (and after major crew change, vessel alteration, etc)
Ship port interface
means the interactions that occur when a ship is directly and immediately affected by actions involving the movement of persons, goods or the provisions of port services to or from the ship.
Marsec level 2
means the level for which appropriate additional protective security measures shall be maintained for a period of time as a result of heightened risk of a transportation security incident.
Marsec Level 3
means the level for which further specific protective security measures shall be maintained for a limited period of time when a transportation security incident is probable, imminent, or has occurred, although it may not be possible to identify the specific target
Marsec level 1
means the level for which minimum appropriate security measures shall be maintained at all times.
Exercise requirements
which may include participation of company security officers, port facility security officers, relevant authorities of Contracting Governments as well as ship security officers, if available, should be carried out at least once each calendar year with no more than 1 8 months between the exercises. These exercises should test communications, co‐ordination, resource availability, and response. These exercises may be: .1 full‐scale or live;.2 tabletop simulation or seminar; or .3 combined with other exercises held, such as search and rescue or emergency response exercises.
33 CFR 105
A facility that receives vessels certificated to carry more than 150 passengers, except those vessels not carrying and not embarking or disembarking passengers at the facility
Marsec level inspection percentages
M1: 5% M2: 50% M3: 100%
International Ship security certificate
Good for 5 years
LRIT Stands for
Long Range Identification and Tracking
What the escort ratio
1-5
Records addressed in the ship security plan shall be kept on board for at least
2 years
Port Facility subject to
33 cfr 126.127 and 159
CCC
Cancel card list (if lost or disabled)
CISO
Chief Information Security Officer
Who is responsible for carrying out the ship security assessment
Company security officer
9-11 and the terrorist attack on the VLCC Limburg caused
Development and implementation were sped up
What are threats to Cyber Security
Disrupt Automation / SCADA 2. GPS Jamming 3. Steal / Alter Negotiable Documents 4. Manipulate Electronic Cargo Data (EDI) 5. Degrade ECDIS Information 6. AIS Spoofing
What events occurred during the Achille Largo
Docked at Alexandria, Egypt • Four men posing as passengers • Armed with AK-47 machine guns • Forced the captain to leave port; many passengers remained ashore • Members of a PLF faction - Headed by Mohammed Zaidan • Demanded that Israel release 50 Palestinian prisoners
FSP
Facility security plan; if need to change anything, an amendment must be submitted (USCG takes 60 days for approval)
Researchers: Discovered significant holes in the three key technologies sailors use to navigate
GPS, AIS, ECDIS (Gyro compass can also be effected)
ISPS CODE is under which governing agency
IMO and chapter 11 of SOLAS
Drill requirements
In addition, in cases where more than 25% of the ship's personnel has been changed, at any one time, with personnel that has not previously participated in any drill on that ship within the last 3 months, a drill should be conducted within one week of the change. These drills should test individual elements of the plan such as those security threats listed in
SSAS purpose
Initiate & transmit Ship‐To‐Shore Security Alert to competent Authority •Does not transmit to other ships (unlike AIS) •No on‐board alarm •Continuous until reset / deactivated•Activated from navigation bridge and at least one other location •"Bank Teller Alarm"
ISPS (compered to MTSA)
International Maritime OrganizationSOLAS XI‐2•Part A - Mandatory Requirements•Part B -Recommendations for Implementation
ISPS
International ship and port facility safety code is a comprehensive set of measures to enhance the security of ships and port facilities, developed in response to the perceived threats to ships and port facilities in the wake of the 9/11 attacks in the United States"
Part A of the ISPS Code
Is mandatory
MTSA Definition
Maritime Transportation Security Act U.S. Law **33 CFR Subchapter H: MARITIME SECURITY Part 104 MARITIME SECURITY: VESSELS
The 1985 terrorist/ hijacking attack on the cruise ship achille lauro caused
Measures to prevent unlawful acts which threaten safety of ships and security of passengers
Achille Largo basic definition
October 1985 cruise ship hijacking in the Mediterranean Combination of Terrorism and Hijacking
The biggest Cyber Threat is
People (plugging in a USB drive to the ship's computer), spoofing
Equipment Immune to Spoofing
Sextant, paper charts, magnetic compass
SSAS
Ship Security Alert System
MTSA (compared to ISPS)
The Maritime Transportation Security Act (MTSA) is the U.S. National adoption of ISPS
BMP5 Purpose
The purpose of this publication is to help ships plan their voyage and to detect, avoid, deter,delay and report attacks
Examples of SSI
Vessel Security Assessments Vessel Security Plans MARSEC Directives issued by the Coast Guard Security Directives issued by TSA Some NVICs Threat Information Security Measures Training Materials & Records
What was the outcome of The Achille Largo terrorism/hijacking
Vessel headed to Tartus, Syria• Syrian authorities refused to allow the vessel to dock when it arrived the next day• Militants shot Leon Klinghoffer, an elderly American Jewish man confined to a wheelchair, and threw his body overboard. He was thought to have been singled out because of his religion. In 1986 the four hijackers were tried • received sentences ranging from 30 to 15 years in prison
Can an officer raise the marsec level
Yes
MTSA Mandates every five year it will include
access control measures TWIC implementation Identify visitors Gate Lists Declaration of security (marsec levels) (TWIC) (escort foreign)
Part B of the ISPS Code
recommendations
BMP5 what do you find in that
to DeterPiracy and Enhance Maritime Security in the Red Sea, Gulf of Aden, Indian Oceanand Arabian Sea