To date, the National Single Window (NSW) has only distributed administrative data. Operational data, which the port terminals need for planning and operations, is provided in various other ways. This leads to multiple reporting channels, inconsistent data formats, and thus the risk of errors and inconsistencies.
This is set to change with the opening up of NSW to all the other stakeholders involved in the maritime transport chain. These actors have different relationships to each other: they are partners or customers (e.g., ship owners and carriers), but also competitors (e.g., ship owners among themselves). For the future acceptance of the solution and the trust placed in it, the security and added value of the functionally expanded system are therefore of utmost relevance. Only if such security and value are present will the carriers also be willing enter their data into the public system in order to use it.
Up to now, an NSW core system has been responsible for receiving, processing and providing the data subject to reporting requirements, which are transmitted to it through external applications such as port information systems or web-based messaging clients. Authorities can then retrieve the data in the form of messages. This approach was adopted in the development of the NSW-Plus concept, but subdivided into web server, database system, and application programming interface (API) categories. Providers can use the API to develop their own applications for data input and output. To ensure compliance with interface and security standards, certification by the NSW Plus operator is required for new applications.
As early as the design phase of the NSW extension, Fraunhofer FKIE was involved in laying the groundwork for the IT security of the system as a whole. Large parts of the software of the NSW-Plus prototype are proprietary developments created in the course of the project. A detailed rights and roles concept was developed that enables the assignment of rights by the respective data owner. Special attention was given to potential inconsistencies and problems in maintaining the confidentiality of the stored data.
A technical security concept for the NSW Plus prototype was created, which can be used as a basis for an upcoming productive system. Its content is based on the BSI's IT baseline protection, which helps with certification for data suppliers to the NSW-Plus system and facilitates the subsequent integration of potential users in terms of processes and organization. In addition, the so-called reporting classes in the current NSW system were supplemented by NSW-Plus-specific reporting classes. The established principle of a single reporting channel was retained. All information, regardless of the recipient, is always sent to a single destination.
The human-machine interface concept
On the output side, NSW-Plus offers considerably more flexibility than the previous system. Data can be made directly available to other systems for further processing via a data interface (machine to machine, M2M). This data can then be processed for display or evaluation through a front end, web-based or locally installed application, for instance.
As an example of such an application, Fraunhofer FKIE has developed a human-machine interface (HMI) for the Central Command for Maritime Emergencies (CCME) and implemented it in a demonstrator for the pilot application »Integration of cargo data import/export« (for details see the »Use Case« tab). To this end, the process outlined in ISO 9241-210 for the design of user-friendly interactive systems was applied to design an efficient, effective, intuitive and ergonomic system.