Maritime Security
Turqoa's Maritime Security module provides real-time vessel tracking, threat assessment, and automated alerting for port and coastal facilities. It fuses AIS data with radar, camera feeds, and intelligence databases to build a comprehensive maritime situational picture.
Architecture
The maritime security stack ingests data from multiple sources and produces a unified vessel risk picture:
AIS Receivers ─┐
Radar Feeds ───┤
Camera Feeds ──┼──→ Fusion Engine ──→ Risk Scoring ──→ Decision Engine ──→ Alerts
Intel Database ┤
Weather Data ──┘
| Component | Responsibility |
|---|---|
| AIS Ingestion | Receives and decodes AIS messages from terrestrial and satellite receivers |
| Fusion Engine | Correlates vessel tracks across AIS, radar, and camera sources |
| Threat Zone Manager | Defines and monitors geofenced areas with configurable alert rules |
| Risk Scoring Engine | Calculates composite risk scores for every tracked vessel |
| Alert Dispatcher | Routes alerts to Command Center operators based on severity and zone |
| Historical Analytics | Stores vessel tracks and events for pattern analysis and auditing |
AIS Integration
Turqoa ingests AIS data from multiple receiver types:
Supported Sources
| Source | Protocol | Update Frequency |
|---|---|---|
| Terrestrial AIS receivers | TCP/UDP NMEA | 2--10 seconds |
| Satellite AIS | REST API polling | 1--5 minutes |
| AIS aggregation services | WebSocket | Near real-time |
| Radar-to-AIS correlation | Internal | 1 second |
Configuration
ais:
sources:
- name: primary_terrestrial
type: tcp
host: 192.168.10.50
port: 10110
protocol: nmea_0183
priority: 1
- name: satellite_ais
type: api
url: https://ais-provider.example.com/v2/positions
api_key: ${AIS_API_KEY}
poll_interval_seconds: 60
priority: 2
- name: ais_websocket
type: websocket
url: wss://ais-stream.example.com/feed
auth_token: ${AIS_WS_TOKEN}
priority: 1
deduplication:
enabled: true
mmsi_window_seconds: 10
prefer_source: highest_priority
filtering:
bounding_box:
min_lat: 51.40
max_lat: 51.55
min_lng: -0.20
max_lng: 0.10
vessel_types: all # or list: [cargo, tanker, passenger]
Decoded Fields
Turqoa decodes and stores the following AIS fields per vessel:
| Field | Description |
|---|---|
mmsi | Maritime Mobile Service Identity |
imo | IMO ship identification number |
name | Vessel name |
call_sign | Radio call sign |
vessel_type | Ship type code |
position | Latitude/longitude |
cog | Course over ground |
sog | Speed over ground |
heading | True heading |
destination | Reported destination |
eta | Estimated time of arrival |
draught | Current draught |
nav_status | Navigation status (underway, anchored, moored, etc.) |
Threat Zone Management
Threat zones are geofenced areas with associated monitoring rules. When a vessel enters, dwells in, or exits a threat zone, the system evaluates configured rules and may trigger alerts.
Zone Types
| Zone Type | Purpose |
|---|---|
| Exclusion Zone | No vessel entry permitted; immediate alert on breach |
| Restricted Zone | Entry permitted with authorization; alert on unauthorized entry |
| Monitoring Zone | All vessel movements tracked and logged; alerts on anomalies |
| Anchorage Zone | Expected anchorage area; alerts on unexpected departures |
| Approach Channel | Monitored shipping lane; alerts on deviations |
{
"zone": {
"name": "LNG Terminal Exclusion",
"type": "exclusion",
"geometry": {
"type": "Polygon",
"coordinates": [
[[-0.05, 51.48], [-0.04, 51.48], [-0.04, 51.49], [-0.05, 51.49], [-0.05, 51.48]]
]
},
"alert_level": "critical",
"applies_to": {
"vessel_types": "all",
"exceptions": ["port_authority", "pilot_boats"]
}
}
}
See Threat Zones for detailed configuration.
Vessel Risk Scoring
Every tracked vessel receives a composite risk score from 0 (no risk) to 100 (maximum risk). The score is computed from eight weighted factors:
| Factor | Weight | Description |
|---|---|---|
| Flag state | 15% | Vessel registry country risk rating |
| AIS behavior | 15% | Gaps, spoofing indicators, dark periods |
| Vessel type | 10% | Inherent risk by ship category |
| Historical incidents | 15% | Past security events involving this vessel |
| Speed anomaly | 10% | Deviation from expected speed for area |
| Route deviation | 10% | Departure from declared route or channel |
| Watchlist match | 15% | Match against intelligence watchlists |
| Dwell time | 10% | Unusual loitering in sensitive areas |
# Composite risk score calculation
def compute_risk_score(vessel, zone_context):
factors = {
"flag_state": score_flag_state(vessel.flag) * 0.15,
"ais_behavior": score_ais_behavior(vessel.ais_history) * 0.15,
"vessel_type": score_vessel_type(vessel.type_code) * 0.10,
"historical": score_history(vessel.mmsi) * 0.15,
"speed_anomaly": score_speed(vessel.sog, zone_context) * 0.10,
"route_deviation": score_route(vessel.position, vessel.destination) * 0.10,
"watchlist": score_watchlist(vessel.mmsi, vessel.imo) * 0.15,
"dwell_time": score_dwell(vessel.mmsi, zone_context) * 0.10,
}
return round(sum(factors.values()), 1)
See Risk Scoring for the full model documentation.
Alert Thresholds
| Risk Score | Level | Response |
|---|---|---|
| 0--25 | Low | Logged only |
| 26--50 | Medium | Operator notification |
| 51--75 | High | Operator alert + drone dispatch |
| 76--100 | Critical | Immediate escalation + all assets |
Next Steps
- Threat Zones -- geofence configuration and zone monitoring rules
- Risk Scoring -- full risk model and custom weight configuration
- Decision Engine -- automated response rules for maritime events
- API Reference: Events -- subscribe to maritime events via API