Seaport Platform

Seaports are critical for the export and import of raw and finished goods for trade within the United States. More than 90 percent of overseas trade into or out of the United States occurs by ship. Seaports use information technology and operational technology systems for more efficient communication, equipment operation, and cargo tracking. These digital systems can be vulnerable to cyberattacks, which can lead to disruptions to port operations and supply chains. 

Seaport Platform

System Components 

PNNL has designed, engineered, and fabricated multiple models, known as platforms, that represent different critical infrastructure equipped with industrial control systems and supervisory control and data acquisition systems. 

PNNL’s seaport platform contains representative industrial control system equipment commonly found within a typical U.S. seaport, including the following: 

  • Scaled models of physical components: automated cranes, truck assemblies, train assemblies, manual controls, defined container test locations, container stacks, fencing, and kiosks. 
  • Cyber-dependent control surfaces and programmable logic controllers. 

These components are all fully operational and are designed to mimic real-world scenario conditions. These conditions include unauthorized access to internal networks and operational control systems, crane malfunction in which processes are interrupted or delayed, database manipulation, throughput reduction, contraband bypassing customs, industrial control system equipment failure, and unknown exfiltration of sensitive data. 

Impact 

Thanks to the seaport platform, the Cybersecurity and Infrastructure Security Agency is able to conduct red-team/blue-team cyber exercises and training, thereby raising awareness of various cyberattacks that could affect seaport operations. These exercises allow government and industry analysts to search for artifacts of cyber-attacker tactics and actions within realistic infrastructures to practice implementing their tools, processes, and coordination to document the cyberattack timeline and communicate recommended mitigation strategies.

Other use cases for the seaport platform are operational technology capability evaluations, vulnerability assessments, mitigation and analytics research, and dataset generation.