The Critical need for a Paradigm Shift for the Prevention and Mitigation of Risk
This GSDM ‘Emerging Issues’ piece explores a significant, recurring issue of security and disaster risk concern whereby legal frameworks are not keeping pace with technological innovation, with the potential for catastrophic harm especially in a context of inter-connected and inter-dependent critical national infrastructure (CNI). These issues are illustrated by technological innovation in the domain of Maritime Autonomous Surface Ships (MASS) following the recent world’s first unmanned commercial shipping operation. In particular, the piece urges that a new approach be adopted when scoping and drafting the new MASS legal framework, i.e. one which better integrates security and disaster risk factors in order to reduce gaps and vulnerabilities as necessary to prevent or mitigate disaster risk and impacts. It further discusses the potential role of soft law instruments to plug the current regulatory gap which may last a decade.
The World’s First Unmanned Commercial Shipping Operation
Recently, it was reported that “the world’s first unmanned commercial shipping operation” was carried out on 7 May 2019 when a 12 metre aluminium-hulled, unmanned vessel transported a box of oysters caught in Essex, UK to customs officers in Ostend, Belgium. The vessel was controlled from its designer Hushcraft’s remote control centre based in Tollersbury, Essex.
Though the operation was carried out successfully and without incident, translating what previously was a theoretical possibility into a practical reality, it heralds in a new era of both opportunity and risk: opportunity in terms of potential cost savings, increased efficiency and environmental benefits, and possibly (though not uncontroversially) improved safety and the reduced occurrence of accidents through the reduction or removal of human errors; versus the risk of significant adverse impacts should a technical failure, security breach or other incident occur.
Of particular interest here is the fact – as with much recent, ongoing and most likely also future innovation – that this technology has leapt ahead of the necessary legal frameworks to regulate it. Despite the fact that Maritime Autonomous Surface Ships (MASS) technology has been progressing for approximately a decade, with much of the necessary automation technologies being in existence before now, the necessary legal frameworks have not been developed in parallel.
This is unfortunate since the current framework of maritime law, including national legislation and international treaties, was developed before MASS was envisaged. As one expert, Professor Brennan, has observed, “[t]he legal regime is decades, if not a century-and-a-half out of date….As unmanned ships were never contemplated until recently, legislation says manning is essential for having a ship that is seaworthy, classified, and authorised to operate in national“. Therefore, significant changes and updates, accompanied by a very different approach to standard shipping safety and security issues, will be necessary if the revised framework and related instruments are to address adequately all likely associated and often integrated risks, threats, hazards and vulnerabilities.
This emerging issue briefly considers some of the associated challenges and steps taken so far towards reviewing – and ultimately amending or where necessary further developing with new instruments – the current international maritime safety regulatory framework. In particular it argues that it will be critical for stakeholders involved in this regulatory exercise not to adopt a conventional approach which tends to separate out relevant security from disaster risk factors, as is typically the case in response to technological innovation despite a changing threat and risk landscape. Rather, it is imperative that a willingness exist to adopt a paradigm shift in their regulatory approach which fully considers and integrates all relevant factors, extending existing conceptual and regulatory parameters where needed.
Definition of Maritime Autonomous Surface Ships (MASS)
Currently a regulatory scoping exercise is being carried out under the auspices of the Maritime Safety Committee (MSC), which is the highest technical body of the International Maritime Organization (IMO), comprising IMO Member States. The MSC’s mandate includes maritime safety and security such as the prevention of collisions, security of ships and ports as well as piracy.
For the purpose of its regulatory scoping exercise, a number of working definitions have been developed which are widely drawn upon by diverse stakeholders. MASS has been defined as “as a ship which, to a varying degree, can operate independently of human interaction”. The MSC has identified also four degrees of autonomy which are not intended to be hierarchical, which were revised during the MSC 100th session (December 2018):
- Degree one: Ship with automated processes and decision support: Seafarers are on board to operate and control shipboard systems and functions. Some operations may be automated and at times be unsupervised but with seafarers on board ready to take control.
- Degree two: Remotely controlled ship with seafarers on board: The ship is controlled and operated from another location. Seafarers are available on board to take control and to operate the shipboard systems and functions.
- Degree three: Remotely controlled ship without seafarers on board: The ship is controlled and operated from another location. There are no seafarers on board.
- Degree four: Fully autonomous ship: The operating system of the ship is able to make decisions and determine actions by itself.
Notably, the MSC is of the view that “truly autonomous ships operating without human monitoring and control, either onboard or from a shore station, is not a realistic goal at this time. It would require a level of Artificial General Intelligence that does not yet exist”. Consequently, this scenario will not be included within the MSC’s current scoping exercise.
The primary focus here is on degree three automation/remote control where there are no seafarers on board since these ships are considered to pose the greatest potential risk and, therefore, should take priority in terms of the development of an appropriate regulatory framework. Notably, the challenges and principles discussed here would apply equally to a degree four scenario if and when the technology exists.
Current Steps towards the Development of a new Regulatory Framework
Since 2018, the IMO has been examining how best to address safety, security and environmental issues relating to MASS within IMO instruments. This work is being undertaken by its MSC through an endorsed framework for a regulatory scoping exercise which is currently in progress. Essentially it has two parts – to review the adequacy of current potentially applicable instruments, and then to assess and determine the most appropriate way of addressing MASS operations. It is focussing especially on the human element, technology and operational factors.
To this end, the MSC, in conjunction with the Legal Committee, is reviewing an agreed list of IMO instruments, including those governing safety (SOLAS), collisions (COLREG) and search and rescue (SAR). Each of the instruments are being categorised according to maritime safety and security, as well as degree of autonomy.
One of the principal outcomes of the scoping exercise will be to determine next steps by identifying the need for:
- Equivalences as provided for by the instruments or developing interpretations; and/or
- Amending existing instruments; and/or
- Developing new instruments; or
- None of the above as a result of the analysis.
The initial phase of the exercise is currently underway with an intersessional MSC working group due to report on progress in September 2019. Originally, it was hoped to have completed this exercise by 2020, but more realistically this is likely to be by 2022 or even 2023.
Identification of all Relevant Factors Critical to the Prevention and Mitigation of Risk
Currently, there are various initiatives in place aimed at identifying risks relating to MASS, whether existing risks which will shift due to the changing nature of shipping operations – such as safety related ones or risks attributable to regulatory gaps – or other forms of (novel) emerging risks.
A significant concern here is whether all relevant factors will be considered under this heading of ‘risk’. I.e., not only safety and broader security risks, but also other forms of specific threats (such as those posed by state or non-state sponsored organised criminal groups and/or terrorist groups, between whom a nexus can exists in terms of cooperation or even convergence), hazards (natural, man-made and technological, including na-tech scenarios when a natural disaster event, such as an extreme weather event, triggers a technological incident) or other forms of vulnerabilities (e.g., the extent to which disaster risk reduction/management strategies and systems are in place, for instance comprehensive preparedness and response plans for different types of incidents).
The accurate and comprehensive initial identification of all relevant sources of potential vulnerability is critical since these will inform all other key stages of risk mitigation decision-making and business continuity processes which are essential for ensuring not only the safety and security, but also the resilience of systems, processes, etc supporting MASS. These include informing planning assumptions; which in turn feed into preparedness decision-making (at the strategic, operational and tactical levels, including related capacity development, equipment procurement, manpower recruitment, etc); which directly affect how effectively an organisation (or community) not only responds in the immediate aftermath of an incident, but also recovers from it longer term.
In this regard, it is interesting that in 2016 a largely industry led consortium – ‘Maritime Unmanned Navigation through Intelligence in Networks’ (MUNIN) – funded by the European Commission’s Seventh Framework Programme, published its report ‘Research in Maritime Autonomous Systems Project Results and Technology Potentials’ (2016) which summaries key findings of the three-year project.
Notably, the MUNIN report concluded that “[R]isks from cyber-attacks and pirates are issues that cause concern. However, software systems as well as ships can be designed and built providing a very high resilience against digital and physical. Furthermore, it is unclear whether unmanned and autonomous ships are attractive to such attacks at all.” (p.3) It is respectfully submitted that such findings significantly over simplify and underestimate a complex and increasingly inter-connected landscape of security and disaster risk, as is explained further below. Indeed, as Ben Simpson, managing director of Hushcraft, observed following the inaugural unmanned commercial shipping operation in May, “problems such as the risk of piracy plague both manned and unmanned vessels”.
Recent high profile cyber events – such as the global Wannacry cyber attack in 2017 which, amongst its estimated 200,000 casualties in over 150 countries, crippled the UK’s National Health Service with an estimated cost of £92 million, or the cyber attacks against South Korea’s Defense Ministry in 2017 and 2018 which resulted in the theft of highly sensitive arms procurement and military strategic operational documents – suggest that information and communications technology vulnerabilities should never be underestimated, especially against prime critical infrastructure targets.
Similarly, the report seemed to not fully comprehend the likely scale of, and challenges associated with, the development as well as implementation of new MASS related legal instruments. For example, it observed that “there is no reason to think that the legal framework cannot be adapted to allow autonomous vessels in maritime transport”, when much of the current framework will not be readily adaptable to new risks and vulnerabilities posed by MASS. Though the report acknowledges that “there will be a high number of issues to be resolved” legally, it does not seem to fully recognise the breadth and depth of complexity to be grappled with including in terms of non-standard risk related considerations.
Whilst some of the “principal areas of concern are navigation and manning” (perhaps, at least in part explicable by the project being framed round the IMO’s Formal Safety Assessment guidelines), with a primary identified legal issue relating to attribution of potential liability (p. 3), in a MASS context a diverse range of broadly defined disaster risk issues need to be integrated with existing international and national legal frameworks. The drafting, negotiation, adoption, implementation, etc challenges associated with the development and implementation of new legal instruments is likely to be a politically sensitive, complex and drawn out process. E.g., reflecting broader national sensitivities as to whether or not cyber security and disaster risk issues should be approached in a separate or integrated manner, both more generally as well as within a MASS specific context. Nor is there any guarantee that developed frameworks will be utilised in practice by all stakeholders since, e.g., new international instruments are normally voluntary in nature and/or may not be fully implemented in practice even if formally signed up to.
If the MUNIN findings are representative of the views of the broader shipping/technology sectors involved in the development and implementation of MASS then they are not reassuring. Instead, they suggest that all relevant issues pertaining to threat, risk, etc may not be approached in a comprehensive, integrated manner despite the likelihood of (arguably unnecessary and significant) resultant critical gaps and vulnerabilities, including in relation to core shipping safety and security matters.
Need for a Paradigm Shift: The Convergence of Security and Disaster Risk Factors
The fact that security and disaster risk factors are indivisibly linked in relation to MASS technological innovation is captured succinctly in a further observation of Professor Brennan during the recent BBC feature in the following terms:
‘…..[T]he first Achilles heel of unmanned shipping might be the very technology that created it.
A failure in communications between vessel and base will render it a ghost ship, hopelessly drifting without a soul on board, a hazard to its owners, the owners of its cargo, and the environment, he argues.
“Unmanned ships may be stopped by pirates by disabling shots or damaging the ship’s propeller and rudder”.’
A recurring and common weakness with technological innovation, which is not confined to the MASS context, is that accompanying systems (including their legal frameworks) for its safe and secure use do not generally give sufficient consideration to the intersection between security (e.g., terrorism, organised crime, piracy, cyber/radio frequency/satellite attacks, drone strikes, holding to ransom, diversion of sensitive cargo to hostile actors) and disaster risk management (e.g., resultant collisions, pollution, loss of business continuity, search and rescue of crew, disaster impacts, etc) factors (Figure 1). This is despite the reasonable foreseeability of potentially catastrophic harm when the two traditionally separate paradigms meet. (Figure 2). For instance, at the time of writing a widespread national power grid blackout which affected half of Venezuela was blamed on an electromagnetic attack. A similar loss of power, whether due to non-malicious factors such as an electro-magnetic pulse or a malicious attack, could result in the loss of connectivity between a MASS remote control centre and a ship with potentially significant consequences, especially in a degree 3 (or future degree 4) scenario with no manpower on board to manually take control of ship operating systems.