Enhancing Cargo Container Security during

Transportation: A Mesh Networking Based

Approach

Su Jin Kim, Guofeng Deng, Sandeep K.S. Gupta

Impact Lab, Department of Computer Science and Engineering

Arizona State University

Tempe, Arizona 85281, USA

http://impact.asu.edu/

Email: {su.kim,guofeng.deng,sandeep.gupta}@asu.edu

Mary Murphy-Hoye

Intel Corp.

Chandler, AZ 85226, USA

Email: mary.c.murphy-hoye@intel.com

Abstract—Cargo containers which transport 90 percent of theworld’s trade transit the countries of the world daily. Despitethe vulnerability of cargo containers, only about 5 percent ofthe over 10 million cargo containers entering the U.S. each yearcan be inspected now. Our primary goal is to develop the smartcontainer security system using RFID and Wireless SensorNetworks in order to enhance the cargo container security. Inaddition, the end-to-end visibility via this networked trackingand sensing capability can bring additional commercial benefitsto supply chain and chain of custody. In this paper, we firstpropose a dynamic mesh container network among neighboringcontainers. Since a group of containers moves together, wecan take advantages of interaction between them via this meshcontainer network instead of focusing an individual container.Second, we introduce the concept of Mobile Edge ComputingDevices (MECD) which is the interface between distributedsensors and the end server in order to reduce processing andbandwidth requirements to the end servers. MECDs can givescalability, flexibility, reliability, and cost-efficiency to our cargocontainer security system.

I. MOTIVATION

With the advent of standardized cargo containers, the

global economy has deployed more than 20 million con-

tainers, and today they are the most commonly used form

of transportation for the world’s trade. With the increased

focus and importance of international security since the

events of 9/11, many government initiatives, regulations

and mandates have introduced new requirements for cargo

security. With cargo containers transporting 90 percent of

the world’s trade, these efforts are focused on addressing the

containers’ inherent vulnerabilities as well as the impracti-

cality and prohibitive cost of 100% manual inspection. To be

viable economically, these necessary security investments for

containers need to also produce new advantages in the global

supply chain and among the participating industry partners.

However, the existing systems which have been developed

for ecosystem players are not yet been sufficient to address

all identified security issues in a robust and cost-effective

manner.

Today, Department of Homeland Security (DHS) research

programs for container security devices focus on detecting

container intrusion (e.g. DHS Advanced Container Security

Device - ACSD [1]) or the tracking of each cargo container

(e.g. DHS Marine Asset Tag Tracking - MATTs [2]). In

order to address the security issues outlined above, and

respond to the myriad government regulations such as ACSD

and MATTs, we propose to take advantage of the fact that

containers are in close physical proximity while in transit or

stacked in container yards or in the port. Instead of focusing

on the security of each individual container in isolation, we

suggest creating a self-configuring container-based dynamic

mesh network which changes with each physical realignment

of the containers. In addition, this approach could also

enhance container network communication to ocean- or land-

based infrastructure which could also be provided in a more

reliable and efficient manner.

The belief is that the security of containers will be en-

hanced by this interaction between neighboring networked

containers. The investment to create mesh container networks

could address the security requirements and provide addi-

tional business benefits.

Security could be enhanced by enabling end-to-end mon-

itoring of containers (anytime, anywhere) and secure hand-

off in the chain of custody addressing many of the DHS

container security concerns. A key approach to attaining rapid

and wide-scale security investment across the supply chain is

to ensure the investment will also create high value business

benefits.

Current global supply chain designs entail multiple hand-

offs (including multiple border crossings) among multiple

parties and cover longer distances, resulting in lengthy ship-

ment cycles. Existing shipments are vulnerable to several

types of product losses, including pilferage, piracy, damage,

and obsolescence.

Shipment location and status are not known during the

conveyance. To offset this uncertainty, firms extend shipment

cycle times, and build in additional inventory which raises

costs and often results in lower service levels. Cycle times

vary making service promises unpredictable.

While the security requirements of DHS are a primary

motivation, these operational issues must be addressed. There

must be additional commercial benefits to enable the business

investments required for scale to occur. These networked

intelligent containers can provide end-to-end visibility from

a supplier to end customers via the networked tracking and

sensing capabilities. This end-to-end visibility can enhance

the operational performance and efficiency as well as the

security of the global supply chain.

In addition, the transportation ecosystem is a disparate

and loosely coupled collection of players, with distinct roles

and responsibilities. Currently, there is no comprehensive

method for understanding and managing the history of the

conveyance from origin to destination available to the Chain

of Custody (CoC). However, using intelligent containers, this

data could be locally recorded and maintained. With trans-

parent visibility to information created through container-

based wireless technologies, access and interaction in the

chain of custody could be simplified Because of these reasons

we believe that intelligent networked containers could bring

collateral benefits to the supply chain and the chain of

custody.

II. INTELLIGENT CONTAINER NETWORKS

The Intelligent Container research project focused on

”networked” security and commercial benefits for the 20

million world-wide ship-based cargo containers.

In this research we explored a new set of business models,

architectures, and emerging technologies that together we

believe create a new level of security. We identified and in-

stantiated a system architecture using emerging technologies

such as RFID and Wireless Sensor Networks to enhance the

security of each cargo container via the creation of ad-hoc

dynamic container networks. We also completed an ”in-situ”

implementation of ”networked containers” to demonstrate

the technology capability and constraints, generated large

volumes of physical environment data as well as dynamic

network interaction data from container, stack, container

yard/port, and en-route ship-board tests.

From our experiments, we believe that our approach can

achieve security goals driven by the government as well as

create new business commercial value for global supply chain

participants.

III. SYSTEM REQUIREMENTS

The characteristics of a container create unique challenges

for instrumentation including:

• Containers make several roundtrips per year,

• have an extended multi-decade lifespan, and

• do not have an entity with umbrella ownership for

maintenance and support

Therefore solutions must be standalone and relatively

maintenance-free, preferably taking advantage of ambient

vibration to harvest power for any embedded devices.

Fig. 1. Mesh Network Characteristics [3]

Smart containers also require several layers of technology

solutions to make networked container visibility a reality.

The layer closest to the container is instrumentation for

sensing (of both identity and state), monitoring, and tracking.

This is achieved through an integrated architecture of RFID

transponders and container-based RFID readers interacting

with internal and external wireless sensor network nodes.

Another layer enables decision making through data pro-

cessing, filtering, and management as well as real-time an-

alytics and presentation capabilities. A foundational layer

includes the edge computing devices that allow local and

distributed interaction with the containers and their informa-

tion and well as the localized data processing necessary to

create meaning from the instrumentation.

For this paper, we will focus on the Intelligent Con-

tainer Instrumentation Layer, its architectural components,

and three scenarios which demonstrate the applicability of

this mesh network approach to cargo container monitoring

and management.

IV. MESH NETWORK CHARACTERISTICS

In order to achieve these distributed dynamic networks

of containers, the solution needed to take advantage of the

key characteristics of wireless mesh sensor networks, which

enable a dynamic self-configuring network topology between

autonomous nodes.

A mesh network is a generic name for a class of networked

embedded systems that establish an ad hoc network and

maintain mesh connectivity [4]. Mesh networking shares

several characteristics: self-configuring, self-healing, multi-

hop, dynamic routing, distributed application architecture and

low power. These characteristics bring advantages to mesh

networks. A mesh network is reliable because of redundant

paths. If one node can no longer operate, all the rest can still

communicate with each other, directly or through one or more

intermediate nodes. Through multi-hop communications, the

same coverage can be achieved with much lower transmission

power. Mesh networking also delivers flexibility, robustness,

and easy network maintenance.

Fig. 2. Networked Container Lifecycle

V. INSTRUMENTATION - THREE SCENARIOS

The Intelligent Container research focused on commu-

nications first and foremost: container to container, intra-

container, container to outside world.

A. Scenario 1: End-to-end Container Lifecycle

With this as a primary driving force, the first set of

instrumentation tests were designed to determine viability

in a cargo container and its environment, addressing its

physical infrastructure limitations (battery powered, limited

maintenance and accessibility, etc) and adaptability to the

dynamics of the container’s lifecycle, from warehouse to

yard, to port, to ship, and through the distribution chain.

In the global supply chain, cargo containers move together

in a ship, truck, or train and are stored in various configu-

rations in a warehouse or container yard. Figure 2 shows

the mesh network characteristics inherent in a global supply

chain. As an instrumented container moves from one location

to the next, its participation in the current mesh network will

occur automatically through the self-configuring nature of

the network. The network is dynamically realigned with new

neighbors throughout the whole process of the supply chain,

and can be between containers within close proximity or

directly between the container and the gateway. This ensures

visibility to the container throughout its lifecycle as well as

providing insight into the paths of its neighboring containers

along the way.

B. Hazardous Material Segregation

Containers which transport hazardous materials are rigor-

ously tracked throughout the supply chain.

Fig. 3. Hazardous Container Communication

“A hazardous material is any solid, liquid, or gas that can

harm people, other living organisms, property, or the environ-

ment. Hazardous materials may be radioactive, flammable,

explosive, toxic, corrosive, biohazardous, an oxidizer, an

asphyxiant, a pathogen, an allergen, or may have other char-

acteristics that render it hazardous in specific circumstances.

Mitigating the risks associated with hazardous materials may

require the application of safety precautions during their

transport...” [5]

In the UN Recommendations on the Transport of Danger-

ous Goods], the following requirements are defined for the

transport segregation of dangerous goods:

“Incompatible goods shall be segregated from one an-

other during transport. For the purposes of segregation, two

substances or articles are considered mutually incompatible

when their stowing together may result in undue hazards

Fig. 4. Network Diffusion

in the case of leakage, spillage, or any other accident. The

extent of the hazard arising from possible reactions between

incompatible dangerous goods may vary and the segregation

arrangements required shall also vary as appropriate. In some

instances such segregation may be obtained by requiring

certain distances between incompatible dangerous goods.”[6]

Through this approach to instrumentation, the container

network can routinely ensure the segregation of incompati-

ble materials through automatic sensing and interchange of

information via the mesh.

Exchanging information about hazardous materials con-

tents with neighboring containers can extend the safety of

the entire network. Expensive chemical or biological sensors

may not be installed in every container. In this case, sensed

data is communicated to not only a container on which the

sensors are mounted, but by taking advantage of the mesh

network characteristics, also to containers in the vicinity.

C. Container Visibility & Location

Each node of a mesh network continuously assesses its

relationship to other nodes and its ability to create reliable

and redundant pathways for its data communication.

Localization-Based Systems (LBS) applying network-

based techniques can use the inter-node signal strength of

the mesh to determine the location of each container in an

environment (e.g. container yard, port, etc).

VI. MOBILE EDGE COMPUTING DEVICES (MECD)

In this section, we will discuss the requirements of the

system for container-based mesh networking. The system first

requires sensing capabilities. Digital or analog sensors (for

humidity, motion, shock, heat, radiation, toxic chemicals, etc)

or RFID reader/antennas can be placed inside a container to

sense the environment or scan a container for tagged items.

Second, the system should have the intelligence to determine

the meaning of the data from a container. Data processing

and decision making based on sensed data are required

here. Third, there must be a distributed dynamic network

Fig. 5. Network-based LBS

which supports self-configuration, low power consumption,

low cost, scalability, reliability, robustness, etc.

In order to support these requirements as well as maximize

performance, the system architecture requires key capabilities

in the devices supporting and managing the mesh. Here, we

introduce the concept of Mobile Edge Computing Devices

(MECD) to handle large scale sensor networks and data, and

demand a highly scalable and efficient approach.

MECD are mobile and low power devices which become

pivotal to the application of wireless sensor networks in

the enterprise. In a hierarchical architecture (see Figure 6)

MECDs interface between various highly distributed wireless

sensors and cooperative high-end servers. On the one side,

MECDs manage various wireless sensor nodes; on the other,

MECDs accept configuration and query commands from

high-end servers. To further improve the scalability and relia-

bility of the system, MECDs may form a distributed network.

After necessary processing by MECDs, raw data collected

from wireless sensors is forwarded to high-end servers on a

pull or push basis, by first dynamically selecting from a range

of protocols for communication based on efficiency and cost.

The advantages of the hierarchical architecture include

the following. It is highly scalable since MECDs manage

wireless sensors in a distributed manner, reducing processing

and bandwidth requirements to the back-end servers. It

reduces the initial system cost by assuming a small number

of expensive high-end servers and a large number of very

low cost wireless sensors that have very limited processing

power. The hierarchical architecture is very flexible in the

sense that MECDs are designed to manage various types of

wireless sensors and may be remotely configurable in order

to accommodate various applications.

Fig. 6. MECD Hierarchical Architecture

VII. SOLUTION ARCHITECTURE

In our previous work [7], we described a system ar-

chitecture using both wireless sensor network (WSN) and

RFID technologies. We also implemented and tested a sys-

tem prototype to demonstrate technological capabilities and

constraints in [7]. In this paper, we will apply the concept of

MECD to our system architecture and describe the configu-

ration in details.

In this design, a CrossBow Stargate device [8] which acts

as a MECD connects the physical sensing wireless sensor

networks to the external hosts (e.g. neighboring Stargate de-

vices, the central server, and PDA) through various networks

(2.4GHz ZigBee, WiFi, Cellular, etc). The CrossBow Stargate

gateway is a low-power mobile computing and communi-

cation device and a powerful single-board embedded Linux

computer designed for sensor signal processing, control, and

wireless sensor networking application [8].

A single node of the wireless sensor network, e.g. a

”mote”, is a tiny wireless computing platform with a CPU,

memory, storage, I/O, and radio components, optimized for

long life on low power. The MicaZ [9] and TelosB [10]

motes, 2.4GHz, IEEE 802.15.4/ZigBee compliant modules,

and a SkyeTek 915MHz RFID reader connected to a MicaZ

mote were placed inside containers. These motes report

sensed data periodically or by query from the Stargate. Sim-

ilarly, the RFID reader reported sensed data to the Stargate

through the MicaZ mote.

In the system prototype, each container was instrumented

with two networks: an Internal Network, for environmental

sensing and reading RFID tags, and an External Network, for

node-to-node communication between containers. Attached

to the Stargate through a 51-pin connector is a MicaZ mote,

shared by both networks. To avoid contention and collision

between the networks, multiple antennas can be used, and

dynamic channel selection may be employed. To alleviate

collision, an additional circuit, antenna selector, may help.

This particular architecture may not scale in the case of large

networks, since the mote cannot receive packets from the two

networks at the same time, resulting in a degradation of the

Fig. 7. Solution Architecture

overall performance.

A USB-based memory card for data storage, a GPRS

PCMCIA modem, and an 802.11 DF card were also installed

in the Stargate. Due to the limitation of the connectors, an

MTS420 sensor board [11] was used to provide the additional

GPS module and the MicaZ mote with the MTS420 was

placed outside a container.

VIII. CONCLUSION

With cargo containers transporting 90 percent of the

world’s trade, efforts are focused on addressing containers’

inherent vulnerabilities as well as the impracticality and

prohibitive cost of 100% manual inspection to ensure inter-

modal security. Through this research we propose to take

advantage of the fact that containers are in close physical

proximity while in transit or stacked in container yards or

in the port. Instead of focusing on the security of each

individual container in isolation, we suggest creating a self-

configuring container-based dynamic mesh network which

changes with each physical realignment of the containers. In

addition, this approach could also enhance container network

communication to ocean- or land-based infrastructure which

could also be provided in a more reliable and efficient

manner. We’ve reviewed different scenarios in the supply

chain potentially aided by mesh network characteristics, and

discussed insights from the prototype architecture. Research

continues is this area across a variety of supply chain and

transportation applications to ready this technology for wide-

scale deployment.

ACKNOWLEDGMENT

We would like to thank Intel Corp. and Embedded System

Consortium for supporting the research.

REFERENCES

[1] “HSARPA BAA 04-06 Advanced Container Security Device Program,”2004. [Online]. Available: http://www.hsarpabaa.com/Solicitations/AdvContSecDev BAA FINAL 508.pdf

[2] “HSARPA SBIR H-SB04.1-005 Marine Asset Tag TrackingSystem,” 2004. [Online]. Available: http://www.hsarpasbir.com/PastSolicitationDownload.asp#21

[3] “Crossbow moteview user’s manual.” [Online]. Available: http://www.xbow.com/Support/Support pdf files/MoteView Users Manual.pdf

[4] I.F. Akyildiz and X. Wang, “A Survey on Wireless Mesh Networks,”IEEE Communications Magazine, vol. 43, no. 9, 2005.

[5] “Dangerous goods,” 2008. [Online]. Available: http://en.wikipedia.org/w/index.php?title=Dangerous goods&oldid=191950058

[6] “UN Model Regulations, 14th Rev. Ed.” 2008. [Online]. Available:http://www.unece.org/trans/danger/publi/unrec/rev14/14files e.html

[7] Su Jin Kim, Guofeng Deng, Sandeep K. S. Gupta and Mary Murphy-Hoye, “Intelligent Networked Containers for Enhancing Global SupplyChain Security and Enabling New Commercial Value,” in the 3rd Int’l

Conf. on Communication System Software and Middleware (COM-

SWARE’08), 2008.[8] “CrossBow SPB400- Stargate Gateway.” [Online]. Available: http:

//www.xbow.com/Products/productdetails.aspx?sid=229[9] “CrossBow MicaZ 2.4GHz.” [Online]. Available: http://www.xbow.

com/Products/productdetails.aspx?sid=164[10] “Crossbow telosb.” [Online]. Available: http://www.xbow.com/

Products/Product pdf files/Wireless pdf/TelosB Datasheet.pdf[11] “Crossbow mts420 sensor board.” [Online]. Avail-

able: http://www.xbow.com/Products/Product pdf files/Wireless pdf/MTS400-420 Datasheet.pdf