Part of the IDENTIFY Playbook ← Return to Hub

Marine Protocol Guides

Requirement: To enforce Conduits (Step 03), you must first understand the “Language” of the assets. This module maps common maritime protocols (NMEA, Modbus, J1939) to their technical ports.

Marine OT environments are a hybrid of standard Ethernet traffic and specialized industrial serial protocols. Identifying these data flows is critical for creating accurate firewall Access Control Lists (ACLs).

NMEA 0183/2000 MODBUS TCP/RTU IEC 61162

1. Common Vessel Protocols

Navigation (Bridge)

Dominated by NMEA 0183 (Serial) and NMEA 2000 (CAN bus). These are often bridged to Ethernet via Gateways.

Machinery (Engine)

Commonly uses Modbus TCP (Port 502) or J1939. These protocols lack built-in encryption.

2. Port & Service Mapping

Protocol Standard Port Security Risk
Modbus TCP502No Auth; vulnerable to injection.
NMEA over IP10110 (Typical)Cleartext data; GPS spoofing risk.
Siemens S7102Proprietary; requires DPI.

Protocols Defined?

Step 1 Complete. Now that you understand the “languages” your systems speak, it is time to capture live data to verify your network map.

Continue to Traffic Baselining →
Scroll to Top