Final Report Summary - CONTAIN (Container Security Advanced Information Networking)
Executive Summary:
CONtainer securiTy Advanced Information Networking (CONTAIN) is an EU funded project creating tools and methods that can be applied to increase container transportation security through integration of container security data in a common information distribution and sharing environment. The project has resulted in a comprehensive toolset, interlinked by the CONTAIN software platform, involving both physical devices and risk analysis software.
The project results have been implemented and demonstrated through three demonstrators taking place in Genoa, Valencia, and Bologna. The demonstrators in Genoa and Valencia were focused on specific applications whilst the Bologna demonstrator served to integrate and demonstrate the entire CONTAIN system. The Genoa demonstrator focused particularly on monitoring of container position and door integrity, whilst the Valencia demonstrator focused on detection and management of empty containers. In Bologna, a demonstration of the supply chain security and management improvements along two global supply chain corridors with Bologna as the hub was performed. Alongside the demonstration activities, an assessment of the project has been performed, where the project was critically assessed according to the aim of the project compared to what was actually demonstrated. In order to learn from the assessment, a final conference was arranged to identify open issues, and discuss future directions.
Project Context and Objectives:
The CONTAIN project is aimed at specifying and demonstrating a European shipping containers surveillance system in a global context, which will encompass regulatory, policy and standardization recommendations, new business models, and advanced container security management capabilities. When fully implemented, the CONTAIN system will:
1. Support transport security stakeholders (both business and administrations) in managing container security threats within logistic chains as part of an integrated approach to the efficient management of door to door (D2D) transportation networks;
2. Provide a coherent set of “best of breed,” cost effective and efficient technology options for container-integrated sensor, communication and security hardware and software technologies to monitor container movements and security and business related parameters in real time, whilst addressing the technology, implication of and links to screening and detection technologies;
3. Enable ports and transport networks to establish cost effective upgraded container security processes (including technologies and integration of ICT applications with customs agents and national security forces) and to optimize operational processes both in terms of security performance and efficiency and quality of container transport services;
4. Provide added value to key investments made by EU customs organizations to achieve higher levels of protection of markets and society and to offer favorable conditions for business development focusing on improved real time risk evaluation and control;
5. Provide appropriate information gathering, validation, fusion and situational awareness services to establish dependable near real time “corridor container traffic maps” and their integration into an EU container traffic map for use by organizations and systems established to promote and implement an integrated EU surveillance policy;
6. Enable the establishment of secure trade lanes between the EU and selected trading partners;
7. Assist policy makers at national and EU level to promote container security based on sound economic and technological argumentation and to benchmark container security performance in order to formulate improvement policies;
8. Facilitate the further development of European standards to address and improve container security specifically and supply chain security in general, and progress towards a single international shipping containers security standard.
Project Results:
CONTAIN has produced innovative solutions for the risk-based approach to container targeting and scanning, optimization of container transport, and information interoperability and exchange, including information security aspects. A CONTAIN platform has been established that is used to connect information sources and users. Improved positioning, eSeal technology and container security device equipment have been developed, as well as procedures and technology solutions for finding containers misdeclared as empty. The results of CONTAIN have been demonstrated in two small-scale and one large-scale demonstrations: Genoa in December 2014, Valencia in January 2015, and Bologna in March 2015. The results of CONTAIN have been recorded in the EU Containers Surveillance Framework (ECSF) which can be used as a guide for implementing the results of the project.
The EU Containers Surveillance Framework
The CONTAIN vision is to address the complex legislative and business environments affecting secure container transport. CONTAIN is aimed at specifying, developing and demonstrating a European containers surveillance system in a global context which will encompass innovative business models, technological solutions and advanced container security management capabilities.
The realization of the CONTAIN vision assumes the use of appropriate container security sensors providing monitoring and tracking data which will be fused with additional information sources in order to identify high-risk containers that should be more carefully monitored and investigated. The cornerstone of the CONTAIN approach is the development of an EU Containers Surveillance Framework (ECSF). ECSF reflects a real time container tracking system that is focused on the standardization of interfacing secure containers with the necessary infrastructure while balancing the interests, responsibilities and benefits of the key stakeholders.
ECSF is being built using complementary thematic building blocks aimed at providing a synthetic and structured set of high level specifications to the benefit of the technical work undertaken during the life of the project. On the other hand, it is a knowledge base for beyond the state of the art developments in CONTAIN functioning as a vehicle for practical implementation and future developments by the users and scientific societies respectively. The framework attempts to exploit practical experience from the stakeholders involved in the demonstrators as well as past conceptual, regulatory and architecture knowhow delivered in the field.
Throughout the project, several iterations of the ECSF have been produced. The final version produced at the end of the project takes into account the outcomes and results of the demonstrators and further incorporates stakeholder feedback from the demonstrator, evaluation workshop, and final review meetings. The ECSF constitutes a formal documentation of different facets of container security which is made available to the industry stakeholders. It covers various dimensions, including sensing and monitoring technologies, information exchange, risk assessment, situational awareness, decision support, and “green” corridors.
Upgraded Container Monitoring Solutions
Container monitoring solutions are the key enabler to providing data, and thereby to achieving the CONTAIN vision. For this reason, a library of key sensors and communication services for container monitoring and tracking has been produced. This library includes a database containing sensor names, functionalities and explicit definitions of the sensor interfaces to facilitate integration with surveillance solutions. Based on the produced library, a range of the listed sensing technologies were further developed, tested, and demonstrated during the project.
The eSeal train scanning system consists of three main components: a train scanning system, an eSeal reader portable device, and the CONTAIN gateway application. In this system, photographs of containers are analyzed by a computer for determining the container number on the container side, which is subsequently compared with the expected list of containers that is loaded on the train. If some of the containers from the list are missing, the system sends an alarm. The scanning station also has an RFID antenna which is able to read the eSeals of the containers passing by, which is used for crosschecking with regard to the list of expected containers according to the CONTAIN platform. The system submits data in XML format to the CONTAIN platform, and if there is no connection the data will be stored until the connection can be established. The ultimate purpose of the system is to deliver time stamps for containers passing by, and real time alarms of detected loss events.
The GNSS On-Board Unit (OBU) is a high precision positioning device specifically developed for containers. The device utilizes EGNOS technology to facilitate positioning beyond the capacity of GPS. The main purpose of the device is to provide a “track & trace” function to the logistics chain, thereby contributing to a monitoring capability on an individual container level. The GNSS OBU has been developed in tandem with the route validator system, within the context of CONTAIN. The design is based on assembly and integration of off-the-shelf components, which should render a more cost-efficient product. Dimensions of the device have been chosen to fit to the groove of a container wall and magnets are used to mount the OBU to the container. It is designed to withstand harsh operational conditions. The device transfers data by dual means of communication in terms of GPRS and satellite communication. The rechargeable battery currently allows an operational time of six months, with one update per day. The polling rate is, however, remotely configurable.
The CONTAIN CBRNe sensor consists of four main parts: the sensors themselves, a short range wireless sensor network, a medium range telecommunications system for transmitting the information gathered from the sensor network, and a monitoring application where sensor data and alarms are presented to a security operator, thereby contributing to situational awareness. The sensor itself uses replaceable sensor-chips for either R-detection or C-detection. The C-detection chip can be customized to detect up to 16 different chemicals on a single chip. In addition to the detection chips, the sensor package also has a microprocessor, a GPS receiver and radio (Zig-Bee) communications, allowing it to be a part of a network of sensors. The proposed software technology – ESTHER – is based on a stack of very flexible wireless communications protocols, to solve most of different possible layouts (short/long range, clustered/not clustered, etc.) The main threats addressed by the system are radioactive material, i.e. spillage, illicit freight or orphan radioactive sources, as well as toxic and flammable chemicals. In a fully implemented CONTAIN environment, the sensors could be integrated into a CSD (as described below), thereby adding further functions to internal environment monitoring.
The Container Security Device (CSD) is designed to address monitoring of container internal environment, tracking of container location, and container door integrity. CSDs can be configured to generate events in response to pre-defined conditions (e.g. if the temperature exceeds a threshold, or the container door is opened unexpectedly). This information may be useful not only in a security context, but also for enabling added-value services, such as condition monitoring of sensitive goods. The CONTAIN proof-of-concept CSD monitors the internal environment (temperature, atmospheric pressure, ambient light and movement), door-state (i.e. open/closed), and location. CSDs use a mobile data network (GPRS) to periodically report observation data to the CSD gateway server. The gateway stores historical CSD data, which is made available to the CONTAIN platform in order to assist with identification and analysis of threats. The CONTAIN prototype system has been developed using a Raspberry Pi processing platform, with environmental sensors on a purpose-built daughter card. A custom-designed mounting bracket attaches the CSD to the container door and keeps the GPS and GPRS antennas outside the container for improved signal strength, even when the doors are closed.
Containers that are declared as empty often contain leftover package material and garbage, which makes it difficult to identify whether there is suspicious content inside. Furthermore, it is also almost impossible to detect whether an “empty container” has a false wall. The CONTAIN empty container inspection system consists of a laser scanner along with software for interpretation of the results. The system makes it possible to detect objects still residing in the container or if false walls exist. After the container has been opened, the scanner is run and the results are compared with reference measures using tailor-made analysis software. In the CONTAIN prototype system, the reference measures relate to the size of a container, i.e. whether the container is a 20 ft., 40 ft., 45 ft. or refrigerated container). Based on differences between the measured volume and the reference volume, a decision is made whether the container is empty or not. If the container is not empty, it will be submitted to an additional inspection by customs.
Situational Awareness Support Platform
The CONTAIN platform (CP) is at the heart of the CONTAIN architecture and is integral for being able to develop the CONTAIN decision support services. The CP is a centralized system that provides a generic framework and infrastructure for any third party who wants to offer sensors, communications, situational awareness services, or decision support services. The CP is to a large extent based on a service-oriented architecture. Thus, the core components are published externally in the form of distinct application programming interfaces (APIs) that can be used for integration of logistics systems, sensor provider systems, and decision support systems. The communication between the stakeholder systems and the CP is established through the use of a secure infrastructure in order to guarantee reliable transfer of the data.
A core prerequisite for a wide-scale adoption of the ECSF and the wider CONTAIN approach is the assurance of the interoperability of existing systems and solutions by harmonizing interfaces between systems complying with different standards. An important requirement is the reuse of computer-readable definitions to the largest extent possible in order to avoid tedious and error prone remodeling whenever possible. CONTAIN stakeholders should share a common language (or family of languages) for communicating their expectations on the functionality, operations, data formats and processes about the platform as the different standards refer to different terminologies and notions. For this reason, the CONTAIN framework makes use of a tailor-made ontology along with connecting technologies/tools in order to support design, implementation, and maintenance. The Smart Semantic Space (SSS) is an example of such a connecting technology, and can be thought of as a middleware for coordinating knowledge-based processes relating to container security. The CONTAIN SSS has been implemented using a graph database in order to demonstrate the potential for knowledge-based processes to contribute to container security.
The physical security of containers passing through the logistics chain is the primary objective for the ECSF. Hence, securing the system communications and information flows is equally important. For this purpose, a system-wide security assessment has been performed, identifying three domains: a commercial domain for assets representing competitive advantage, a business critical domain for all assets that have an impact on business continuity, and a public authority domain for all assets that impact on regulatory or national security concerns. Threat sources and actors were then identified, where sources are the instigators of potential attacks, and actors are those carrying out aspects of the attacks. From this, the attack vectors were identified, starting from the outcomes desired by the threat sources and describing how threat actors could practically attack the system. Risk levels were assessed for each security domain to inform the severity of the risk and inform the strength of the defense mechanisms required. Finally, security requirements were derived for each security domain and for exchanges between domains. The CONTAIN approach to fulfilling the derived requirements exploits content-based security (CBS) to address the most stringent requirements related to cross-security domain interactions. A mapping of the ECSF security requirements with regard to the CBS features has been made, and a demonstration scenario using CBS was implemented.
Decision Support Services
The tools to be part of a pan-European platform for handling container related documents will most likely vary over time dependent on needs and stakeholders. The CONTAIN platform provides the necessary interfaces that are needed in order to construct the tools. A number of proof of concept prototype applications for providing decision support services for different stakeholders and purposes have been developed as part of the CONTAIN project. These applications have been developed through a “system of systems” approach where a number of subsystems, designed for different stakeholders and purposes, are integrated through making use of the CONTAIN situational awareness platform. Two primary stakeholders have been identified, namely customs and logistics operators. To a large extent these stakeholders have different perspectives, but from a general perspective they share the wish to use various kinds of container-related documentation to perform a two-step analysis concerning 1) processing of “incoming containers” in near real time, and 2) making a further analysis of a small subset of the incoming containers using more time-consuming techniques.
A number of candidate methods for computing the risk indices of containers have been identified during the CONTAIN project, and have been further used as a basis for constructing different risk management applications. For customs’ risk management, the CustAware system uses a classification and a construction phase. In the classification phase, a real time risk index is computed for each container, whereas the construction phase serves to help customs officers work with the underlying models. CustAware aims to make use of all relevant and accessible documentation surrounding a shipment in order to provide the means for analysis and visualization of risks related to specific consignments. Due to the nature of customs’ work, CustAware mainly focuses on the pre-arrival situation. It can, however, also be used for analysis related to what happens after the shipment has arrived. In order to find suspicious consignments based on container documents, a two-step decision support process is envisioned: 1) a risk index is calculated in near real time for incoming containers through investigation of documentation related to the container, 2) a further investigation of suspicious containers is undertaken using more time-consuming possibilities using, e.g. the ConTraffic system (as described below).
The ConTraffic system makes use of container status messages (CSMs) for performing route-based risk analysis. CSMs contain specific information regarding the status and movement of containers without referencing the goods carried, the entities involved, the financial details, or other information related to the transportation contract. The operation of ConTraffic is based on a complex IT system that is able to gather and store more than 300 million CSMs every year, describing the movement of around 10 million containers. The collected data is estimated to represent around 30% of the total volume of global CSMs. The value of CSMs and the ConTraffic analysis methods have been demonstrated in previous projects. As part of the CONTAIN project, algorithms for calculating new risk indicators have been implemented and added to the ConTraffic system. The developed indicators are the following: origin misdeclaration, risk based on the list of involved ports, container load-status misdeclaration, risk based on handling time irregularity, and risk based on transshipment pattern irregularity. All these indicators are based on inferences, offering possible crosschecks against the information contained in administrative and legal documents that needs to be submitted to customs for control or other purposes, and can therefore be of specific interest from a wider CONTAIN perspective.
Ocean cargo is vulnerable to a number of potential threats such as radioactive materials, explosives, or even terrorist actions. These threats could cause mass casualties, severe material and infrastructure damage and economic loss from subsequent delays or port closures. Hence, crisis management processes are vital for efficient logistics operations. Today logistics chains operate at high speeds and therefore the abilities of a human operator to detect and respond to operational threats early enough to minimize disruptions are limited. To overcome this problem, a Decision Support System for Logistics (DSSLog) has been developed. DSSLog provides support throughout the entire crisis management cycle allowing for real time situation monitoring and up-to-date information about the status of the logistics chain. DSSLog is a computerized system for incident management support intended for logistics safety and security. Integrating a situational monitoring component with a response management module, the DSSLog system aims to reduce the overall impact of logistics incidents by shortening the response and recovery cycle. Through the description of a use case scenario, the potential power of DSSLog in coping with both unfamiliar and unanticipated events but also frequently occurring logistics incidents have been demonstrated. In addition, additional benefits may be exploited through transferring DSSLog capabilities to support crisis management within other application domains. Henceforth, the DSSLog system offers a holistic and generalizable approach to incident and crisis management, and provides the first steps towards a new way of working in crisis situations for logistics personnel.
The enhanced security technologies and processes contemplated by CONTAIN make available vital information relating to container movements, contents, and logistics. Such information can be used to deliver major benefits in terms of transport logistics management. Three major components that use the CONTAIN platform to access this enhanced and enriched data to drive increased operational and security performance have been specified by the CONTAIN project, namely: 1) a transport decision support system that optimizes container logistics; 2) container security performance services that enable benchmarking of container logistics security; and 3) economic modelling services that allow organizations to optimize their logistics operation. These three components are further described below.
The Transport Decision Support System (TDSS) is able to use real time information obtained via the CONTAIN platform to optimize the container logistics operation while increasing security by detecting suspicious deviations from plan (e.g. a vehicle takes an unusual route or stops unexpectedly). The system can take as input details about required container movements, which can be used to generate a logistics plan. The TDSS can also receive real time status updates about the location of the container, compare this against the latest plan, and flag possible issues. It uses this real time data to refine and update the logistics plan (e.g. to take into account traffic delays). The TDSS is driven by a user-friendly graphical interface, with different roles accessing different areas of functionality (logistics planner, dispatch user, and security administrator).
Container security performance management and benchmarking services in CONTAIN enable benchmarking of container logistics/security activities by combining information obtained from various sources in terms of CONTAIN applications or external systems and sensing technologies. The implemented system called Assessment & Benchmarking (A&B) has a twofold role to collect real time data from systems/applications and demonstrators of CONTAIN thus creating classified historic profiles and implement corresponding KPIs that will facilitate the assessment of the transport services performance with emphasis on container security. Consequently it provides useful feedback/reports to the interested stakeholders and reference/historic information to the CONTAIN platform applications in order to improve their assessment/optimization services. More specifically, A&B can feed the other applications with added value information per transport object and on request thus facilitating them to undertake more complex processing and validation of the under consideration events. This cross fertilization provides added value to the whole CONTAIN system. The customers of CONTAIN will be supported with selected reports according to the implemented KPIs for advancing their decision making and management activities in terms of chain inspections, risk assessment, strategic and operational planning, replanning, etc.
The economic modeling services are based on the information made available by the CONTAIN platform, and constitutes a set of functions for taking an economic perspective. In particular, the Economic Impact Optimization Tool (EIOT) has been specifically developed to assess and quantify the effect of network disruptions. The aim of the web-based tool is to provide reliable estimations when a disruption in the transport network occurs. The economic modeling is based on incoming alerts which are used to re-align the transport network, thereby improving the decision-making in a real time context.
Assessment
An assessment of the systems demonstrated in Genoa, Valencia and Bologna was undertaken in parallel with the systems being demonstrated. The people being part of the assessment team were not directly involved in developing the respective systems, which provided for a reasonable level of independence. In addition to evaluating the individual systems, an assessment of how the systems could potentially contribute to the larger CONTAIN “system of systems” vision, incorporating more functions and links to real information sources and other users, was also performed.
13 different systems were implemented and demonstrated as part of the three demonstrators, and thereby took part in the assessment. All three core capabilities as defined in the CONTAIN description of work – monitoring, situational awareness, and decision support – were represented by the assessed systems, with the greatest number of systems contributing to monitoring. Although many systems were tested in isolation, the demonstrations have also provided information about how each system fits into a more complex CONTAIN “system of systems” platform.
There were some novel capabilities demonstrated, e.g. the combination of two systems for targeting and inspection of empty containers. In this case, the benefits are both for port security (by countering theft in the port) as well as for customs. Even though it was not demonstrated in that way, the combination of the ConTraffic empty container risk analysis function and a new system for physical inspections showed the potential for these kinds of combinations of solutions.
Based on the assessment work and further stakeholder consultations, a number of recommendations were formulated. Some recommendations are related to quality of data, including data integrity, recommending trade data harmonization requirements to be agreed and reinforced with mutual data exchange agreements among government actors. Regarding situational awareness and monitoring systems, the recommendations are a mix of incentives to promote increased information sharing by logistics operators.
Potential Impact:
The CONTAIN project has developed a European containers surveillance framework that includes enhanced sensing technology, decision support systems for authorities and other stakeholders, and methods for using the security information for improving business procedures. The project results have the potential to lead to enhanced information sharing between stakeholders and authorities, and enable more accurate and timely processing of entry summary declarations as well as customs declarations. The technology devices developed in CONTAIN offer more accurate situational awareness concerning the positions and statuses of containers, thereby enabling more efficient container handling for logistics operators. The implementation of a transport decision support system and an assessment and benchmarking tool provides the possibility to streamline the logistics procedures and improve the efficiency for logistics operators.
In addition to the security and business aspects mentioned above, the CONTAIN solution has been designed to support:
• adaptability in the sense that systems are able to take new technologies into account, and to extend information exchange agreements with regard to differing legal and regulatory constraints and/or international standards for security,
• scalability, i.e. systems are able to grow or shrink dynamically to meet new challenges including variations of container throughput, and
• resilience, i.e. the failure of a single container monitoring system will only to a minor extent affect the surveillance process as a whole.
The CONTAIN project is expected to lead to increased visibility of the supply chain using new and improved sensory and positioning devices and increased situational awareness for logistics operators as well as authorities (including customs) through using new information sharing and decision support systems.
List of Websites:
Project website: http://containproject.com/
Contact details:
Dr. Joel Brynielsson
CONTAIN Project Coordinator
FOI Swedish Defence Research Agency
SE-164 90 Stockholm
Sweden
Telephone: +46 8 555 036 97
Telefax: +46 8 555 037 00
E-mail: joel.brynielsson@foi.se
CONtainer securiTy Advanced Information Networking (CONTAIN) is an EU funded project creating tools and methods that can be applied to increase container transportation security through integration of container security data in a common information distribution and sharing environment. The project has resulted in a comprehensive toolset, interlinked by the CONTAIN software platform, involving both physical devices and risk analysis software.
The project results have been implemented and demonstrated through three demonstrators taking place in Genoa, Valencia, and Bologna. The demonstrators in Genoa and Valencia were focused on specific applications whilst the Bologna demonstrator served to integrate and demonstrate the entire CONTAIN system. The Genoa demonstrator focused particularly on monitoring of container position and door integrity, whilst the Valencia demonstrator focused on detection and management of empty containers. In Bologna, a demonstration of the supply chain security and management improvements along two global supply chain corridors with Bologna as the hub was performed. Alongside the demonstration activities, an assessment of the project has been performed, where the project was critically assessed according to the aim of the project compared to what was actually demonstrated. In order to learn from the assessment, a final conference was arranged to identify open issues, and discuss future directions.
Project Context and Objectives:
The CONTAIN project is aimed at specifying and demonstrating a European shipping containers surveillance system in a global context, which will encompass regulatory, policy and standardization recommendations, new business models, and advanced container security management capabilities. When fully implemented, the CONTAIN system will:
1. Support transport security stakeholders (both business and administrations) in managing container security threats within logistic chains as part of an integrated approach to the efficient management of door to door (D2D) transportation networks;
2. Provide a coherent set of “best of breed,” cost effective and efficient technology options for container-integrated sensor, communication and security hardware and software technologies to monitor container movements and security and business related parameters in real time, whilst addressing the technology, implication of and links to screening and detection technologies;
3. Enable ports and transport networks to establish cost effective upgraded container security processes (including technologies and integration of ICT applications with customs agents and national security forces) and to optimize operational processes both in terms of security performance and efficiency and quality of container transport services;
4. Provide added value to key investments made by EU customs organizations to achieve higher levels of protection of markets and society and to offer favorable conditions for business development focusing on improved real time risk evaluation and control;
5. Provide appropriate information gathering, validation, fusion and situational awareness services to establish dependable near real time “corridor container traffic maps” and their integration into an EU container traffic map for use by organizations and systems established to promote and implement an integrated EU surveillance policy;
6. Enable the establishment of secure trade lanes between the EU and selected trading partners;
7. Assist policy makers at national and EU level to promote container security based on sound economic and technological argumentation and to benchmark container security performance in order to formulate improvement policies;
8. Facilitate the further development of European standards to address and improve container security specifically and supply chain security in general, and progress towards a single international shipping containers security standard.
Project Results:
CONTAIN has produced innovative solutions for the risk-based approach to container targeting and scanning, optimization of container transport, and information interoperability and exchange, including information security aspects. A CONTAIN platform has been established that is used to connect information sources and users. Improved positioning, eSeal technology and container security device equipment have been developed, as well as procedures and technology solutions for finding containers misdeclared as empty. The results of CONTAIN have been demonstrated in two small-scale and one large-scale demonstrations: Genoa in December 2014, Valencia in January 2015, and Bologna in March 2015. The results of CONTAIN have been recorded in the EU Containers Surveillance Framework (ECSF) which can be used as a guide for implementing the results of the project.
The EU Containers Surveillance Framework
The CONTAIN vision is to address the complex legislative and business environments affecting secure container transport. CONTAIN is aimed at specifying, developing and demonstrating a European containers surveillance system in a global context which will encompass innovative business models, technological solutions and advanced container security management capabilities.
The realization of the CONTAIN vision assumes the use of appropriate container security sensors providing monitoring and tracking data which will be fused with additional information sources in order to identify high-risk containers that should be more carefully monitored and investigated. The cornerstone of the CONTAIN approach is the development of an EU Containers Surveillance Framework (ECSF). ECSF reflects a real time container tracking system that is focused on the standardization of interfacing secure containers with the necessary infrastructure while balancing the interests, responsibilities and benefits of the key stakeholders.
ECSF is being built using complementary thematic building blocks aimed at providing a synthetic and structured set of high level specifications to the benefit of the technical work undertaken during the life of the project. On the other hand, it is a knowledge base for beyond the state of the art developments in CONTAIN functioning as a vehicle for practical implementation and future developments by the users and scientific societies respectively. The framework attempts to exploit practical experience from the stakeholders involved in the demonstrators as well as past conceptual, regulatory and architecture knowhow delivered in the field.
Throughout the project, several iterations of the ECSF have been produced. The final version produced at the end of the project takes into account the outcomes and results of the demonstrators and further incorporates stakeholder feedback from the demonstrator, evaluation workshop, and final review meetings. The ECSF constitutes a formal documentation of different facets of container security which is made available to the industry stakeholders. It covers various dimensions, including sensing and monitoring technologies, information exchange, risk assessment, situational awareness, decision support, and “green” corridors.
Upgraded Container Monitoring Solutions
Container monitoring solutions are the key enabler to providing data, and thereby to achieving the CONTAIN vision. For this reason, a library of key sensors and communication services for container monitoring and tracking has been produced. This library includes a database containing sensor names, functionalities and explicit definitions of the sensor interfaces to facilitate integration with surveillance solutions. Based on the produced library, a range of the listed sensing technologies were further developed, tested, and demonstrated during the project.
The eSeal train scanning system consists of three main components: a train scanning system, an eSeal reader portable device, and the CONTAIN gateway application. In this system, photographs of containers are analyzed by a computer for determining the container number on the container side, which is subsequently compared with the expected list of containers that is loaded on the train. If some of the containers from the list are missing, the system sends an alarm. The scanning station also has an RFID antenna which is able to read the eSeals of the containers passing by, which is used for crosschecking with regard to the list of expected containers according to the CONTAIN platform. The system submits data in XML format to the CONTAIN platform, and if there is no connection the data will be stored until the connection can be established. The ultimate purpose of the system is to deliver time stamps for containers passing by, and real time alarms of detected loss events.
The GNSS On-Board Unit (OBU) is a high precision positioning device specifically developed for containers. The device utilizes EGNOS technology to facilitate positioning beyond the capacity of GPS. The main purpose of the device is to provide a “track & trace” function to the logistics chain, thereby contributing to a monitoring capability on an individual container level. The GNSS OBU has been developed in tandem with the route validator system, within the context of CONTAIN. The design is based on assembly and integration of off-the-shelf components, which should render a more cost-efficient product. Dimensions of the device have been chosen to fit to the groove of a container wall and magnets are used to mount the OBU to the container. It is designed to withstand harsh operational conditions. The device transfers data by dual means of communication in terms of GPRS and satellite communication. The rechargeable battery currently allows an operational time of six months, with one update per day. The polling rate is, however, remotely configurable.
The CONTAIN CBRNe sensor consists of four main parts: the sensors themselves, a short range wireless sensor network, a medium range telecommunications system for transmitting the information gathered from the sensor network, and a monitoring application where sensor data and alarms are presented to a security operator, thereby contributing to situational awareness. The sensor itself uses replaceable sensor-chips for either R-detection or C-detection. The C-detection chip can be customized to detect up to 16 different chemicals on a single chip. In addition to the detection chips, the sensor package also has a microprocessor, a GPS receiver and radio (Zig-Bee) communications, allowing it to be a part of a network of sensors. The proposed software technology – ESTHER – is based on a stack of very flexible wireless communications protocols, to solve most of different possible layouts (short/long range, clustered/not clustered, etc.) The main threats addressed by the system are radioactive material, i.e. spillage, illicit freight or orphan radioactive sources, as well as toxic and flammable chemicals. In a fully implemented CONTAIN environment, the sensors could be integrated into a CSD (as described below), thereby adding further functions to internal environment monitoring.
The Container Security Device (CSD) is designed to address monitoring of container internal environment, tracking of container location, and container door integrity. CSDs can be configured to generate events in response to pre-defined conditions (e.g. if the temperature exceeds a threshold, or the container door is opened unexpectedly). This information may be useful not only in a security context, but also for enabling added-value services, such as condition monitoring of sensitive goods. The CONTAIN proof-of-concept CSD monitors the internal environment (temperature, atmospheric pressure, ambient light and movement), door-state (i.e. open/closed), and location. CSDs use a mobile data network (GPRS) to periodically report observation data to the CSD gateway server. The gateway stores historical CSD data, which is made available to the CONTAIN platform in order to assist with identification and analysis of threats. The CONTAIN prototype system has been developed using a Raspberry Pi processing platform, with environmental sensors on a purpose-built daughter card. A custom-designed mounting bracket attaches the CSD to the container door and keeps the GPS and GPRS antennas outside the container for improved signal strength, even when the doors are closed.
Containers that are declared as empty often contain leftover package material and garbage, which makes it difficult to identify whether there is suspicious content inside. Furthermore, it is also almost impossible to detect whether an “empty container” has a false wall. The CONTAIN empty container inspection system consists of a laser scanner along with software for interpretation of the results. The system makes it possible to detect objects still residing in the container or if false walls exist. After the container has been opened, the scanner is run and the results are compared with reference measures using tailor-made analysis software. In the CONTAIN prototype system, the reference measures relate to the size of a container, i.e. whether the container is a 20 ft., 40 ft., 45 ft. or refrigerated container). Based on differences between the measured volume and the reference volume, a decision is made whether the container is empty or not. If the container is not empty, it will be submitted to an additional inspection by customs.
Situational Awareness Support Platform
The CONTAIN platform (CP) is at the heart of the CONTAIN architecture and is integral for being able to develop the CONTAIN decision support services. The CP is a centralized system that provides a generic framework and infrastructure for any third party who wants to offer sensors, communications, situational awareness services, or decision support services. The CP is to a large extent based on a service-oriented architecture. Thus, the core components are published externally in the form of distinct application programming interfaces (APIs) that can be used for integration of logistics systems, sensor provider systems, and decision support systems. The communication between the stakeholder systems and the CP is established through the use of a secure infrastructure in order to guarantee reliable transfer of the data.
A core prerequisite for a wide-scale adoption of the ECSF and the wider CONTAIN approach is the assurance of the interoperability of existing systems and solutions by harmonizing interfaces between systems complying with different standards. An important requirement is the reuse of computer-readable definitions to the largest extent possible in order to avoid tedious and error prone remodeling whenever possible. CONTAIN stakeholders should share a common language (or family of languages) for communicating their expectations on the functionality, operations, data formats and processes about the platform as the different standards refer to different terminologies and notions. For this reason, the CONTAIN framework makes use of a tailor-made ontology along with connecting technologies/tools in order to support design, implementation, and maintenance. The Smart Semantic Space (SSS) is an example of such a connecting technology, and can be thought of as a middleware for coordinating knowledge-based processes relating to container security. The CONTAIN SSS has been implemented using a graph database in order to demonstrate the potential for knowledge-based processes to contribute to container security.
The physical security of containers passing through the logistics chain is the primary objective for the ECSF. Hence, securing the system communications and information flows is equally important. For this purpose, a system-wide security assessment has been performed, identifying three domains: a commercial domain for assets representing competitive advantage, a business critical domain for all assets that have an impact on business continuity, and a public authority domain for all assets that impact on regulatory or national security concerns. Threat sources and actors were then identified, where sources are the instigators of potential attacks, and actors are those carrying out aspects of the attacks. From this, the attack vectors were identified, starting from the outcomes desired by the threat sources and describing how threat actors could practically attack the system. Risk levels were assessed for each security domain to inform the severity of the risk and inform the strength of the defense mechanisms required. Finally, security requirements were derived for each security domain and for exchanges between domains. The CONTAIN approach to fulfilling the derived requirements exploits content-based security (CBS) to address the most stringent requirements related to cross-security domain interactions. A mapping of the ECSF security requirements with regard to the CBS features has been made, and a demonstration scenario using CBS was implemented.
Decision Support Services
The tools to be part of a pan-European platform for handling container related documents will most likely vary over time dependent on needs and stakeholders. The CONTAIN platform provides the necessary interfaces that are needed in order to construct the tools. A number of proof of concept prototype applications for providing decision support services for different stakeholders and purposes have been developed as part of the CONTAIN project. These applications have been developed through a “system of systems” approach where a number of subsystems, designed for different stakeholders and purposes, are integrated through making use of the CONTAIN situational awareness platform. Two primary stakeholders have been identified, namely customs and logistics operators. To a large extent these stakeholders have different perspectives, but from a general perspective they share the wish to use various kinds of container-related documentation to perform a two-step analysis concerning 1) processing of “incoming containers” in near real time, and 2) making a further analysis of a small subset of the incoming containers using more time-consuming techniques.
A number of candidate methods for computing the risk indices of containers have been identified during the CONTAIN project, and have been further used as a basis for constructing different risk management applications. For customs’ risk management, the CustAware system uses a classification and a construction phase. In the classification phase, a real time risk index is computed for each container, whereas the construction phase serves to help customs officers work with the underlying models. CustAware aims to make use of all relevant and accessible documentation surrounding a shipment in order to provide the means for analysis and visualization of risks related to specific consignments. Due to the nature of customs’ work, CustAware mainly focuses on the pre-arrival situation. It can, however, also be used for analysis related to what happens after the shipment has arrived. In order to find suspicious consignments based on container documents, a two-step decision support process is envisioned: 1) a risk index is calculated in near real time for incoming containers through investigation of documentation related to the container, 2) a further investigation of suspicious containers is undertaken using more time-consuming possibilities using, e.g. the ConTraffic system (as described below).
The ConTraffic system makes use of container status messages (CSMs) for performing route-based risk analysis. CSMs contain specific information regarding the status and movement of containers without referencing the goods carried, the entities involved, the financial details, or other information related to the transportation contract. The operation of ConTraffic is based on a complex IT system that is able to gather and store more than 300 million CSMs every year, describing the movement of around 10 million containers. The collected data is estimated to represent around 30% of the total volume of global CSMs. The value of CSMs and the ConTraffic analysis methods have been demonstrated in previous projects. As part of the CONTAIN project, algorithms for calculating new risk indicators have been implemented and added to the ConTraffic system. The developed indicators are the following: origin misdeclaration, risk based on the list of involved ports, container load-status misdeclaration, risk based on handling time irregularity, and risk based on transshipment pattern irregularity. All these indicators are based on inferences, offering possible crosschecks against the information contained in administrative and legal documents that needs to be submitted to customs for control or other purposes, and can therefore be of specific interest from a wider CONTAIN perspective.
Ocean cargo is vulnerable to a number of potential threats such as radioactive materials, explosives, or even terrorist actions. These threats could cause mass casualties, severe material and infrastructure damage and economic loss from subsequent delays or port closures. Hence, crisis management processes are vital for efficient logistics operations. Today logistics chains operate at high speeds and therefore the abilities of a human operator to detect and respond to operational threats early enough to minimize disruptions are limited. To overcome this problem, a Decision Support System for Logistics (DSSLog) has been developed. DSSLog provides support throughout the entire crisis management cycle allowing for real time situation monitoring and up-to-date information about the status of the logistics chain. DSSLog is a computerized system for incident management support intended for logistics safety and security. Integrating a situational monitoring component with a response management module, the DSSLog system aims to reduce the overall impact of logistics incidents by shortening the response and recovery cycle. Through the description of a use case scenario, the potential power of DSSLog in coping with both unfamiliar and unanticipated events but also frequently occurring logistics incidents have been demonstrated. In addition, additional benefits may be exploited through transferring DSSLog capabilities to support crisis management within other application domains. Henceforth, the DSSLog system offers a holistic and generalizable approach to incident and crisis management, and provides the first steps towards a new way of working in crisis situations for logistics personnel.
The enhanced security technologies and processes contemplated by CONTAIN make available vital information relating to container movements, contents, and logistics. Such information can be used to deliver major benefits in terms of transport logistics management. Three major components that use the CONTAIN platform to access this enhanced and enriched data to drive increased operational and security performance have been specified by the CONTAIN project, namely: 1) a transport decision support system that optimizes container logistics; 2) container security performance services that enable benchmarking of container logistics security; and 3) economic modelling services that allow organizations to optimize their logistics operation. These three components are further described below.
The Transport Decision Support System (TDSS) is able to use real time information obtained via the CONTAIN platform to optimize the container logistics operation while increasing security by detecting suspicious deviations from plan (e.g. a vehicle takes an unusual route or stops unexpectedly). The system can take as input details about required container movements, which can be used to generate a logistics plan. The TDSS can also receive real time status updates about the location of the container, compare this against the latest plan, and flag possible issues. It uses this real time data to refine and update the logistics plan (e.g. to take into account traffic delays). The TDSS is driven by a user-friendly graphical interface, with different roles accessing different areas of functionality (logistics planner, dispatch user, and security administrator).
Container security performance management and benchmarking services in CONTAIN enable benchmarking of container logistics/security activities by combining information obtained from various sources in terms of CONTAIN applications or external systems and sensing technologies. The implemented system called Assessment & Benchmarking (A&B) has a twofold role to collect real time data from systems/applications and demonstrators of CONTAIN thus creating classified historic profiles and implement corresponding KPIs that will facilitate the assessment of the transport services performance with emphasis on container security. Consequently it provides useful feedback/reports to the interested stakeholders and reference/historic information to the CONTAIN platform applications in order to improve their assessment/optimization services. More specifically, A&B can feed the other applications with added value information per transport object and on request thus facilitating them to undertake more complex processing and validation of the under consideration events. This cross fertilization provides added value to the whole CONTAIN system. The customers of CONTAIN will be supported with selected reports according to the implemented KPIs for advancing their decision making and management activities in terms of chain inspections, risk assessment, strategic and operational planning, replanning, etc.
The economic modeling services are based on the information made available by the CONTAIN platform, and constitutes a set of functions for taking an economic perspective. In particular, the Economic Impact Optimization Tool (EIOT) has been specifically developed to assess and quantify the effect of network disruptions. The aim of the web-based tool is to provide reliable estimations when a disruption in the transport network occurs. The economic modeling is based on incoming alerts which are used to re-align the transport network, thereby improving the decision-making in a real time context.
Assessment
An assessment of the systems demonstrated in Genoa, Valencia and Bologna was undertaken in parallel with the systems being demonstrated. The people being part of the assessment team were not directly involved in developing the respective systems, which provided for a reasonable level of independence. In addition to evaluating the individual systems, an assessment of how the systems could potentially contribute to the larger CONTAIN “system of systems” vision, incorporating more functions and links to real information sources and other users, was also performed.
13 different systems were implemented and demonstrated as part of the three demonstrators, and thereby took part in the assessment. All three core capabilities as defined in the CONTAIN description of work – monitoring, situational awareness, and decision support – were represented by the assessed systems, with the greatest number of systems contributing to monitoring. Although many systems were tested in isolation, the demonstrations have also provided information about how each system fits into a more complex CONTAIN “system of systems” platform.
There were some novel capabilities demonstrated, e.g. the combination of two systems for targeting and inspection of empty containers. In this case, the benefits are both for port security (by countering theft in the port) as well as for customs. Even though it was not demonstrated in that way, the combination of the ConTraffic empty container risk analysis function and a new system for physical inspections showed the potential for these kinds of combinations of solutions.
Based on the assessment work and further stakeholder consultations, a number of recommendations were formulated. Some recommendations are related to quality of data, including data integrity, recommending trade data harmonization requirements to be agreed and reinforced with mutual data exchange agreements among government actors. Regarding situational awareness and monitoring systems, the recommendations are a mix of incentives to promote increased information sharing by logistics operators.
Potential Impact:
The CONTAIN project has developed a European containers surveillance framework that includes enhanced sensing technology, decision support systems for authorities and other stakeholders, and methods for using the security information for improving business procedures. The project results have the potential to lead to enhanced information sharing between stakeholders and authorities, and enable more accurate and timely processing of entry summary declarations as well as customs declarations. The technology devices developed in CONTAIN offer more accurate situational awareness concerning the positions and statuses of containers, thereby enabling more efficient container handling for logistics operators. The implementation of a transport decision support system and an assessment and benchmarking tool provides the possibility to streamline the logistics procedures and improve the efficiency for logistics operators.
In addition to the security and business aspects mentioned above, the CONTAIN solution has been designed to support:
• adaptability in the sense that systems are able to take new technologies into account, and to extend information exchange agreements with regard to differing legal and regulatory constraints and/or international standards for security,
• scalability, i.e. systems are able to grow or shrink dynamically to meet new challenges including variations of container throughput, and
• resilience, i.e. the failure of a single container monitoring system will only to a minor extent affect the surveillance process as a whole.
The CONTAIN project is expected to lead to increased visibility of the supply chain using new and improved sensory and positioning devices and increased situational awareness for logistics operators as well as authorities (including customs) through using new information sharing and decision support systems.
List of Websites:
Project website: http://containproject.com/
Contact details:
Dr. Joel Brynielsson
CONTAIN Project Coordinator
FOI Swedish Defence Research Agency
SE-164 90 Stockholm
Sweden
Telephone: +46 8 555 036 97
Telefax: +46 8 555 037 00
E-mail: joel.brynielsson@foi.se