Cybergibbons 🚲🚲🚲 Profile picture
Mar 26 18 tweets 3 min read Read on X
The ship has a full blackout for over a minute before impacting the bridge, followed by a second shorter loss of power.

Just after the lights come back on, you can see heavy soot which would likely be one of the main diesel generators being brought up.
A blackout at this point in time is about a worst case situation. You'd lose the rudder, main engine and bow thrusters, leaving you unable to do anything.

The 440V emergency generator would be first to start, but this would only restore power to the steering gear immediately. Image
The steering gear will run off 440V emergency generator but only one of the two hydraulic pumps (normally port) will be running, hence you have half the displacement.

Regulations generally say the emergency generator must start and be online in under 45s.
I suspect they were on the emergency generator at the end of the first blackout. It's only a small engine - 500kW or less - and generally the exhaust is not out of the main uptake.

The next step is to bring up one of the main diesel generators. This would have been the soot.
The second blackout - which is very brief - could have been the first main diesel generator coming back online.

That could very briefly interrupt power, but normally the emergency switchboard would keep continuous power to the steering gear.
You really need two diesel generators online before considering starting the main engine.

I'm not a deckie, but in this situation you'd probably be making the call between just using the rudder to avoid an incident, and getting the main engine back.
If you have forward speed, the rudder will still be working.

You can also attempt to use the bow thruster(s) but these are normally 2MW+ and need more than one diesel generator running to work.
There is a battery system onboard, but this will generally only power control systems and essential bridge equipment. You don't get any rudder or propulsion from it.
In a situation where you are maneuvering (and they were, as pilots were onboard), you'd normally have at least three of the diesel generators running. If one stops, you should still have enough power to keep everything running.
Why do ships blackout?

There are many reasons. I have to say, it's pretty rare that a full blackout would happen with multiple diesel generators running.
We had one ship that just had a really troublesome power management system (PMS), and it would sometimes make decisions that made no sense - but this only caused issues when we were on one generator (normally the shaft generator, powered by the main engine).
Another trigger, once, was a control air leak. The control air pressure dropped and dropped and then the main engine and all diesel generators stopped within a minute of each other.

But we were in the middle of the ocean - it was no worries.
So just to be clear, recovering from a full blackout is:

1. Start emergency generator (battery start, should be automatic)
2. Start one diesel generator (normally air start, hopefully you have air in the tanks, should be automatic)
3. Start more diesel generators.
4. Start ancillery systems (lube oil system, seawater cooling, low temp cooling, high temp cooling, fans)
5. Start main engine (always air start, hopefully air in the tanks.

A lot to get done!
All of the above is speculative based on a single video. But I doubt it was someone just turning the external lights on and off :(
Another thing that may not be clear to all - there would have been a local pilot onboard who will have been navigating the vessel at this point in time.

There would still have been officers from the ship on the bridge, including the officer of the watch, who had ultimate control
Probably worth a few corrections:
* Deckies have pointed out that the rudder is much less useful without prop wash, to the point of useless.
* At least one anchor was dropped.
And
* The master would have been in control, not the officer of the watch.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Cybergibbons 🚲🚲🚲

Cybergibbons 🚲🚲🚲 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @cybergibbons

May 18
A quick comment thread on the NTSB prelim MV Dali report.

The ship had a pretty typical 6.6kV HV/440V LV power system.
Image
Image
They were operating with the HV bus-tie breaker closed. This is, as far as I know, totally normal on most non-DP (dynamic positioning) vessels. Image
Operating using a single transformer and with the LV bus-tie closed was not something I remembered doing too often.

We'd normally have both transformers running and the LV bus-tie open.

You'd typically have about 2MW of load, and it was good to share it over both transformers
Image
Image
Read 16 tweets
May 3
The UK mains electricity system in houses is a bit unique.

We have what is called a "ring main" where a large number of sockets are connected in a loop. The loop can provide 32A, but each individual plug can only do 13A.

So we have fuses in our plugs to limit current. Image
The idea of these is that they limit the current to each thing you plug into your ring main. The plug/socket can only handle 13A and not 32A, so you need something to limit it.
At the same time, everything you plug into a ring main should be CE certified and have a suitably sized internal fuse. The internal fuse will be smaller than the plug top fuse.

The idea is that the fuse closest to the device with a fault fails.

This is called "discrimination". Image
Read 7 tweets
Apr 28
Found a really quirky route to the OT side of a ship this week.

The corporate machines were on the 10.0.73.0/24 range.

When ARP scanning on this network, I could see a host on 192.168.1.45 - odd.

So I set my IP to 192.168.1.123 and scan 192.168.1.45 - a Windows machine.
It's called CHIEFPC and it's a HP.

Current corp machines are Lenovo. And not named by role.

I head down to the chief's office and find that his old HP machine is being used for the CCTV onboard the vessel - which is on 192.168.1.0/24.
It's just been connected to the nearest socket.

It's logged in and is local admin, I dump SAM and SYSTEM, put on a share and head back to my machine.

Extract accounts/hashes using secretsdump, and crack with john-the-ripper locally.
Read 15 tweets
Apr 9
A thread of the variety of products on ships that allow remote monitoring of critical systems on ships.

Just really want to put to bed the idea that systems are always air gapped.

Kongsberg offer multiple systems allowing remote monitoring of ICMS.
kongsberg.com/globalassets/m…
Image
Wartsila NACOS, another of the very popular ICMS, allows remote maintenance of their systems.

wartsila.com/docs/default-s…
Image
Hyundai as part of the Hi-whatever ICMS allow remote monitoring.

hd-marinesolution.com/eng/CMS/Conten…
Image
Read 5 tweets
Apr 3
I broadly agree with this thread, but there's a few aspects where I think the scale and magnitude of the issues on modern ships is maybe not clear.

The number of modern vessels that have all their critical safety systems air gapped is getting lower and lower.
What do I mean by critical systems?

Steering (which, oddly, depends on the type of vessel)
Propulsion (which can be the same as steering)
Power management system
ECDIS (electronic charts, which may or may not directly impact navigation)
Let's look at a few of the times we've found air gaps eroded on vessels.

This is the console used to control dynamic positioning on an offshore support vessel. This is designed to hold position, with control over propulsion and steering. Image
Read 26 tweets
Mar 30
Ships might be "wide open" to cyber attack, but in my opinion, this shows a lack of nuance around what is being attacked, what the impact would be, and if it would be stopped by the crew.
I would say that IT security - the corporate stuff - in maritime is as bad as it can get.

Getting from IT to OT - operational technology, the actual moving bits - is much harder.

(or just to OT, direct, another topic)
We've ended up in the situation where nearly all ships differ to others.

I think this makes ensuring they're secure hard. We need to check each one.

Conversely, it means that attacking them is hard, as you need to understand each one.
Read 14 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(