Marine Protocol Guides
Strategic Protocol Intelligence & Security Research
A comprehensive technical guide to legacy and modern maritime communication protocols. Understand the inherent security gaps in NMEA, Modbus, and IEC standards to better implement segmentation and hardening across the vessel's OT infrastructure. Use the button above to access the step-by-step implementation guide.
NMEA 0183 / IEC 61162-1
Architecture
Serial / Text-based
Common Maritime Usage
GPS, Heading, AIS (Serial), Wind sensors, Depth sounders.
The Security Gap
Plain-text communication with no authentication. Data transmitted in ASCII sentences ($GP...) can be spoofed by any device on the line.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
Optical Isolation
Install RS-422 buffers to isolate electrical signals and prevent malicious fault injection.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
NMEA 2000 / IEC 61162-3
Architecture
CAN Bus / Binary
Common Maritime Usage
Modern bridge integration, Engine monitoring, Autopilot systems.
The Security Gap
Broadcast-based protocol. No source verification (Source Address can be claimed by any device), allowing PGN spoofing.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
Backbone Segmentation
Use intelligent gateways to isolate steering and propulsion CAN networks from guest or sensor networks.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
IEC 61162-460 Gateway
Architecture
Secure Maritime Gateway
Common Maritime Usage
The isolation point between Navigation (450) and Admin/WAN networks.
The Security Gap
If absent, the Bridge is often "leaked" to the crew Wi-Fi or Office LAN, exposing critical sensors to internet-borne ransomware.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
Zone Forwarding
Deploy a certified 460-Forwarder to isolate secure (Bridge) and non-secure (Admin) network zones.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
Modbus TCP
Architecture
Ethernet / IP
Common Maritime Usage
Ballast control, Power Management (PMS), Cargo pumps, HVAC.
The Security Gap
No encryption or passwords. Any device on the network can issue "Write Single Register" commands to toggle valves or breakers.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
VLAN Logic
Physically or virtually isolate PLC networks. The Bridge should never reach the PMS without a firewall.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
Modbus RTU
Architecture
Serial (RS-485)
Common Maritime Usage
Generator controllers, Tank gauging, Battery monitoring.
The Security Gap
Relies on physical serial access. Vulnerable to "Man-in-the-Middle" via unsecured serial-to-ethernet gateways.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
Physical Security
Limit physical access to serial lines (RS-485/RS-232), wiring, and terminal devices (PLCs, RTUs).
+5 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
OPC UA
Architecture
Ethernet / M2M Gateway
Common Maritime Usage
Aggregating ship data for Shore-side monitoring and Digital Twins.
The Security Gap
Commonly misconfigured with "SecurityPolicy: None." This transmits sensitive engine telemetry in plain text across the ship.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
X.509 Certificates
Enforce certificate-based authentication for all Client/Server connections to ensure only verified devices connect.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
CANopen
Architecture
Embedded CAN Network
Common Maritime Usage
Deck Machinery, Cranes, Winches, and specialized Steering Gear.
The Security Gap
Simple broadcast protocol with zero built-in security. A local attacker can inject NMT (Network Management) commands to reset nodes.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
Optical Isolation
Use CAN-to-Fiber converters to stop electrical tampering and eliminate grounding noise in deck cables.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
PROFIBUS / PROFINET
Architecture
Industrial Fieldbus / Ethernet
Common Maritime Usage
Main Engine Control, Thrusters, Steering Gear (Siemens/ABB).
The Security Gap
Legacy PROFIBUS lacks any encryption. PROFINET (Ethernet) often operates on "flat" networks where one rogue device can flood the RT channel.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
Security Class 1-3
Implement PROFINET Security Classes to enforce signed/encrypted GSDML configuration data.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
AIS (Automatic Identification System)
Architecture
RF / VHF Protocol
Common Maritime Usage
Vessel tracking, Collision avoidance, Search and Rescue (SART).
The Security Gap
Unauthenticated radio broadcast. Vulnerable to "Ghost Ship" injection via Software Defined Radio (SDR).
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
Cross-Checking
Mandate that bridge officers verify AIS targets against ARPA Radar physical reflections.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
Bridge / VSAT Terminal
Architecture
Admin Interface / Web
Common Maritime Usage
Primary ship-to-shore connectivity (Cobham, Intellian, Thrane).
The Security Gap
The "Front Door." Often left with default admin credentials or unpatched firmware, allowing remote OT network access.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
MFA Implementation
Enable Multi-Factor Authentication for all terminal management and satellite service portals.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
BACnet / IP
Architecture
Building Automation (UDP)
Common Maritime Usage
Massive HVAC systems, Cabin ventilation, and Lighting control on Cruise/Yachts.
The Security Gap
Designed for open communication. Lacks encryption; an attacker can "Command" fans to stop or override temperature setpoints across the vessel.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
BACnet/SC
Migrate to "Secure Connect" which uses TLS 1.3 to encrypt traffic between controllers and workstations.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
EtherNet/IP (CIP)
Architecture
Industrial Ethernet (TCP/UDP)
Common Maritime Usage
Cargo handling systems, Ballast control, and Allen-Bradley/Rockwell PLC loops.
The Security Gap
Implicit messaging is unauthenticated. Malicious packets can "Force" IO points, potentially opening ballast valves unexpectedly.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
CIP Security
Enable CIP Security extensions on supported hardware to provide data integrity and sender authentication.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
DNP3 / IEC 60870-5-104
Architecture
Power Grid / SCADA
Common Maritime Usage
Main Switchboard monitoring, Circuit Breaker control, and Shore-Power syncing.
The Security Gap
Highly sensitive. If exposed, it allows remote "Tripping" of main breakers. Many maritime installs omit the SAv5 security layer.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
DNP3-SAv5
Implement Secure Authentication (version 5) to ensure commands are signed by an authorized controller.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
Tridium Niagara Fox
Architecture
Manager of Managers (TCP)
Common Maritime Usage
Centralized dashboard for Chief Engineer (HVAC, Fire, Power, Lighting).
The Security Gap
Often has a web-based login. Vulnerable to credential brute-forcing and legacy Java-based vulnerabilities in older versions.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
Foxs (Secure)
Switch from the "Fox" protocol (Port 1911) to "Foxs" (Port 4911) to enable SSL/TLS encryption.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
Mitsubishi FINS
Architecture
Proprietary Industrial (TCP/UDP)
Common Maritime Usage
Water purification (Reverse Osmosis), Thruster localized control, HVAC units.
The Security Gap
Simple "Node-to-Node" protocol. By knowing the Network/Node ID, any device can read/write memory addresses in the PLC.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
IP Whitelisting
Configure the PLC "IP Address Table" to only accept FINS packets from a specific HMI address.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
PCWorx / PLCnext
Architecture
Proprietary Automation (TCP)
Common Maritime Usage
Phoenix Contact based propulsion and steering control loops.
The Security Gap
Port 1962/TCP often allows unauthenticated logic uploads/downloads. If the engineering laptop is compromised, the PLC logic can be overwritten.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
User Authentication
Enable User Management on PLCnext controllers to require credentials for project changes.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
CODESYS v3
Architecture
Multi-Platform Runtime (TCP)
Common Maritime Usage
Standard runtime for hundreds of marine PLC brands (WAGO, Eaton, Schneider).
The Security Gap
Communication is often "Cleartext" by default. Attackers can intercept the Gateway-to-PLC traffic to steal project code or passwords.
Hover to View Intelligence
Hardening Strategy
Mitigation & Defense-in-Depth
TLS Encryption
Configure CODESYS to use encrypted communication (Port 11740/1217) instead of the legacy Port 1200.
+2 More Hardening Steps
UPGRADE TO UNLOCK
Standard Reference
IACS E26 / IEC 62443 Framework
