Open-source maritime monitoring

Built to keep eyes on the water when conditions are rough and time is short.

Q: Can Haris integrate with a Security Operations Center or MSOC workflow?

Yes. Haris is designed to support SOC and MSOC style operations by forwarding structured telemetry, logs, and health context into centralized monitoring environments. In practice, it can sit as the vessel-edge collection layer while central systems handle alerting, investigation, correlation, and longer-term analysis.

Haris is a vessel-side intelligence platform for collecting NMEA data, normalizing it onboard, monitoring system health, and securely syncing it to the Maritime Security Operations Center.

Plan a deployment View source

Edge-first processing for unstable links
Signal K, NMEA 0183, and NMEA 2000 aware
Secure transport paths and health visibility

Mission status: active guardian mode

Link resilience Store, sync, recover

Collection stack CAN, serial, Signal K

Ops posture Tamper-aware by design

0 messages per second handled in the ingestion path

0 core layers from vessel sensor to M-SOC delivery

0 hour operational posture with onboard health monitoring

OSS transparent architecture for review, deployment, and audit

Capabilities

More than a landing page. This is the operator story, the technical story, and the deployment story in one place.

Collection

Reads the vessel environment without forcing a brittle cloud-first workflow.

Haris ingests marine telemetry across NMEA 0183, NMEA 2000, and Signal K, then prepares that data locally so the edge node stays useful even when connectivity drops.

Processing

Normalizes and enriches on board.

Signal K services, parser pipelines, and local caching keep raw signals actionable.

Operations

Tracks its own health continuously.

CPU temperature, disk use, VPN state, and service health are monitored as part of the platform.

Security

Designed for controlled transport and tamper awareness.

Encrypted overlays, hardened access patterns, and physical security assumptions shape the deployment model.

Automation

Deploys repeatably with infrastructure as code.

Ansible roles and playbooks reduce setup drift and shorten the path from clean OS to operational node.

Platform view

A proper website should explain how the system actually works, not just say it is secure.

Vessel sensors

NMEA devices, serial feeds, and marine CAN networks.

Edge node

Raspberry Pi based collection, buffering, parsing, and normalization.

Secure uplink

Controlled transport to core systems over protected channels.

M-SOC visibility

Operators receive synchronized telemetry, logs, and operational context.

Onboard stack

Purpose-built for real marine environments.

Raspberry Pi 5, PiCAN-M HAT, fast local storage, and router-based connectivity form a compact edge platform.

Observability

Health is part of the product.

Local monitoring closes the gap between “device is deployed” and “device is trustworthy right now.”

Control plane

Infrastructure is reproducible.

The website now surfaces the delivery workflow as clearly as the technology itself.

Deployment workflow

From hardware bench to sealed vessel install.

Prepare the node

Provision storage, mount the marine interfaces, and establish the connectivity baseline.

Load vessel-specific config

Apply identifiers, credentials, and network assumptions through the automation layer.

Run the playbooks

Install the collection stack, system services, firewall rules, and supporting runtime pieces.

Validate and harden

Confirm data flow, verify health monitoring, and move the device into its sealed operational state.

Trust model

Security posture explained in plain language.

Transport protection

Traffic is expected to cross untrusted networks, so the design assumes encrypted overlays and restricted paths by default.

Resilience under degraded links

The edge node remains useful when the uplink is unstable by continuing to collect, normalize, and hold data locally.

Physical compromise awareness

The operating model includes seals, access control, and deployment assumptions appropriate to maritime field hardware.

deployment.log

$ ansible-playbook playbooks/group_vessel_edge/main.yml

ok provisioning marine interface and health monitor

ok configuring Signal K ingestion

ok validating secure sync service

$ systemctl status harisd

active (running) vessel node ready for verification

A ship in harbor is safe, but that is not what ships are built for.

John A. Shedd

FAQ

Technical, security, and M-SOC integration questions answered.

What exactly does Haris collect and process on the vessel?

Haris is designed to ingest vessel telemetry from NMEA 0183, NMEA 2000, and Signal K compatible sources. It can normalize those inputs on the edge device, monitor local system health, and prepare selected data for controlled transmission toward the operations center.

Why is Haris presented as a secure system?

The security model does not rely on one feature alone. Haris combines encrypted transport, fail-closed firewall assumptions, service isolation, monitored device health, and operational controls around deployment and physical access. The goal is to reduce exposure both on the network side and on the device side.

How does Haris stay useful if the vessel link is unstable or intermittent?

The architecture is edge-first, which means collection and local processing happen on the vessel before any uplink is required. That allows the node to keep ingesting, buffering, and monitoring even when connectivity is degraded, then synchronize when a trusted path becomes available again.

Can Haris integrate with a Security Operations Center or M-SOC workflow?

Yes. Haris is designed to support SOC and M-SOC style operations by forwarding structured telemetry, logs, and health context into centralized monitoring environments. In practice, it can sit as the vessel-edge collection layer while central systems handle alerting, investigation, correlation, and longer-term analysis.

What makes Haris suitable for integration with monitoring and logging stacks?

The platform already reflects an observability-oriented design: structured collection paths, service-based deployment, health monitoring, and support for components such as Signal K, Filebeat, Logstash, Elasticsearch, and Kibana. That makes it easier to connect vessel-side telemetry with dashboards, retention pipelines, and M-SOC-facing workflows.

Is the system only about network security, or does it also consider physical compromise?

It considers both. Haris is meant for deployed maritime hardware, so the security story includes enclosure controls, tamper-aware operating assumptions, restricted services, and careful deployment procedures in addition to encrypted communication and access control.

Why use an edge device instead of sending raw vessel data directly to the core environment?

Running Haris at the edge creates a cleaner trust boundary. It allows local parsing, filtering, normalization, buffering, and health checks before data is exposed to central systems. That reduces dependence on constant connectivity and gives operators a more controlled, auditable ingestion path into the SOC or M-SOC environment.

Next step

Deploy a vessel-edge platform that can feed secure maritime intelligence into the Maritime Security Operations Center (M-SOC).

Haris is designed to sit between vessel systems and central operations, collecting telemetry at the edge, protecting transport paths, and turning raw marine signals into operational context that can be monitored, investigated, and acted on.

Explore Marine_Haris Review Watchtower