Just gotta say, building a real time piracy database is one the coolest projects I’ve ever seen on here. It’s easy to forget that pirates still exist.

Best of luck to you both!

I didn't know that either until I joined maritime! They are still very much a thing, and Nick could tell you stories forever - in some cases it's a well oiled machine, where the pirates know the insurance negotiators and vice versa.

It's also an unfortunate result of conditions today. If you look at some of our risk maps [1] you'll see that the hotspots are pretty consistent and predictable. Somalia, Nigeria, Malacca Strait, etc.

1 - https://grey-wing.com/intelligence-reporting

What would be the best programming language for this?

R? (pronounced Rrrrrr)

/s

It's all about the C matey!

Some parts are actually in C, but they've all been.. containerized.

I'll see myself out.

I have a bit of an out there question but maybe you know the answer as I see you've done some piracy mapping. Is there any tech that's addressing the piracy issue that you think is just phenomenal (also thinking about unlicensed fishing in poorer countries territorial waters they can't defend but maybe the overlap isn't that great)? My understanding is basically this has been resolved by 1) ships routing through well controlled seas or 2) ships hiring additional private security for staffing on ship or as escorts. Is that correct?

Edited because I have no manners - congratulations on the launch too, I didn't see your pitch but the product sounds really cool and I'm sure shipping is top of mind for everyone right now!

Thanks! Nick can chime in here once he's up - I'm the night owl (we're on SGT) and he's up in a few hours.

But the way I see it, most of the problems around piracy are systemic. I'll skip going into too much detail, but when economies are set up to benefit from a rise in pirate activity in their borders, you've created a loop that removes incentives to find a long-term solution.

The solutions have been exactly what you've suggested. One option for highly trafficked routes (like the Gulf of Aden) is to control a narrow part of the route well, so ships can use it. The IRTC[1] is a good example.

The other option is security. However, security may not always be possible. One reason is price (when we started Greywing, the per day cost of a security vessel sometimes exceed that of the tanker it was guarding!). The other is that security is still a volatile market, especially since suppliers always have to be located in the countries you're closest to. Security companies can pop in and out of existence, and the service is often a far cry from what you pay for.

There has been some work in the technology on the vessels - better training for the crew, better citadels, nonlethal deterrents, etc. However, these can only go so far when you're comparing the resolve of a pirate vessel to that of the crew on a tanker to survive.

From a software standpoint, routing makes a difference, but not as much as you might think. If a vessel needs to call at a port, there are often unavoidable routes that need to be taken. However, some of the early work we were doing focused on making sure that the captains and crew had a good idea of high and low alert days, as well as an idea of the mitigation measures to undertake to prepare for them.

Some of the products that were serving the security market when we started have since gone out of service, and I'm not personally aware of any yet that focus on operators, rather than nation-states and intelligence agencies. There's still open demand for services that focus on establishing trust and reputation around suppliers, aggregating good services, and enforcing due diligence.

This took me down a rabbit hole of our videos, but [2] is an example of what CRY4 looked like in the early days, when it was just piracy!

[1] - https://en.wikipedia.org/wiki/International_Recommended_Tran... [2] - https://vimeo.com/393361342

Ah, that's super interesting. The systemic issues make sense but I do wonder about incursions from foreign powers (e.g. Chinese fishing trawlers in W. Africa) but maybe these belong to a different category of issue.

RE Security & Pricing - that's fascinating. I would have expected this to be a standard business affiliated with the big insurers and run out of the big private contracting companies (e.g. Academi). Most of the tech I've seen is also for close proximity to the boat (e.g. water cannons, slippery mesh, stun grenades), is it because the ships can't engage until the pirates are very obviously going to attack? In my head I'm imagining patrols of swarm drones that drop boat trap nets before the boats can get very close to the ship

But all this is really cool, thanks for the response!

It is a space Academi have never operated in. Control Risks used to be in the maritime security space but assessed it as not having the right level of risk/reward because the prices became so commoditised. Running security for organisations like that in High Risk Areas like Iraq and Afghanistan still generates good margins but they don't experience those returns in the maritime space so they exited the market.

The cheapest and simplest solutions to piracy are avoidance and armed security. Many non-lethal methods have been trialled over the years but nothing seems to be as cheap and effective as a human with a weapon. The link between unlicensed fishing and piracy is clear. If you take away a persons livelihood they are going to look for alternatives. It would be interesting to look at how organisations like Sea Shepherd could use technology to augment illegal fishing detection and disruption. Right now they sometimes augment local government forces to give them an interdiction capability but it may be in future they provide intelligence, surveillance and reconnaissance using tech and leave host nation forces to interdict illegal operators.

Got it, that makes sense. If you're able to hire private security from developing nations that still have good military programs (e.g. S. Africa, Philippines, Russia) then it's probably not all that expensive (if you can get them). Hmm, when I was thinking about unlicensed fishing I was more thinking about foreign nations taking advantage of poorer ones that can't control their maritime zones but the causal chain of what you described is quite clear.

1) https://chinaafricaproject.com/podcasts/out-of-control-china...

Congrats on the launch! Wondering how much overlap you have with Flexport, which I've followed with great admiration through the years. Definitely seems like a sector in major need of continued modernization.

Thanks! Interesting that you ask that - we have very little (if any) overlap with Flexport. They focus on the cargo and the freight, and we focus on operations. We've definitely helped operate some of their vessels in the past!

There is a future where the two parts come together, as their fates are always linked, but it's outside the scope of complexity for us today, and for Flexport as well I imagine.

Makes sense! Chalk it up to ignorance on the sector in general, when I think "ships and startups" I think Flexport. I bet a lot of VCs will too (which is great - they are absolutely stellar). Best of luck!

Thanks for the comment! I normally tell people that Flexport connects the global economy to shipping, so you can get your stuff from A to B. Greywing connects shipping to the world economy, so whether the ship is at A, B or Z they can get what OPEX they need efficiently.

I find it humbling to hear about how much goes on behind the scenes in different industries that we so often take for granted, I'd bet the average person probably hasn't thought much about the shipping industry until the whole Suez situation over the past week (including myself coming from a family of three generations of sailors haha). Correct me if I'm wrong but given the real-time nature of your data I'm assuming your software is meant to be accessed on board vessels in transit, so are outages/connectivity issues at sea an issue you've encountered? If so, do you have systems/protocols for handling prolonged outages (e.g. due to inclement weather or network interference) and reconciling your operational algorithms with potentially stale data?

I think the data side of this question is for Hrishi. From a platform perspective we primarily serve the Crew and Vessel Managers ashore right now, but in time we expect to push this out to personnel onboard vessels to give them more autonomy over their travel as well as to minimise additional work done by shore side personnel. In the old days a Captain would manage all aspects of a vessels operation, and I think as technology augments their ability to execute that will become true again with less execution shore side.

Nick's right here - as we operate shoreside (we're beginning to work on helping operations onboard vessels), connectivity is less of an issue.

That said, maintaining realtime information for decision making does have to deal with spotty data (AIS for example, may drop out), so all of our sources have fallback and catch safeties that will (depending on the source and the action context) fall back to a best value, or prevent the action entirely if there is not enough confidence.

This looks good! Complex industry with archaic tools so it is great to hear you had done some business already! Can you elaborate how much of the business you generated was more like consulting vs the customer using the packaged solution?

Thanks! Our process has been client-driven from day one: we've got a good amount of technical and maritime expertise on our side, but it pales in comparison to the mountain of operational knowledge that our users have.

What this means is that all of our clients came on for the solution we were offering at the time, but each has had a strong impact on what the tools became, and what modules we've offered since then.

As an example, our first customer came on board for Covid-19 risk reporting (to improve communications with port authorities), fleet tracking and our routing tool. Under their direction, we released our port scanning tools and geofencing-related modules. Our second customer bought this product, and with their help we've been able to release (to name a few) a communications tool for port agents and flight tracking and heuristics.

This has been a good model for us: the benefit to us is an increasing price point for new customers as well as the ability to learn from parts of this process that wouldn't have known about otherwise, and the existing customers aren't charged for new modules and improvements.

This is indeed a great model that works well when the problems one client has can scale to others without a ton of customization.

What has been the most challenging aspects technically and business wise for you so far? What has been the most exciting/rewarding?

The most challenging aspect for us has been getting integrations with client software done and out of the way. Unlike other industries, the existing software around crew, reporting and planning are often in-house and in some disrepair, from a first-wave of digitization. This has pleasantly not been the case sometimes, but often we need to build the pipes ourselves - sometimes on both sides!

Our integrations range from SOAP, REST, FDW as well as push, pull, batch, and almost all combinations of these. Getting them done can also mean cleaning and consolidating the data we receive, so the users have a seamless experience.

Integrations can make a big difference in the UX as it stands, and our work the past few weeks have been focused on building graceful circuit breakers for our modules so that the the experience works as well as it can even without automated data.

Another one is definitely customization, but it's been rewarding for us. We've definitely had to customize the product to better suit the workflows of our customers. Maritime is a pretty heterogeneous place when it comes to details, but I think we're now at a point where most of the requests we get are already built into the product - customization is becoming just a matter of config.

The most rewarding aspect technically has been to watch new solutions emerge as a result of having a clean graph of data with well built relationships. There are a number of zero-to-one problems in maritime tech (routing, ports, events, etc) that I believe prevent new entrants into the space - much like ride-sharing would not be as easy without a good map element, GPS and cellular data.

Once those are solved, it's been rewarding to take unrelated requests from clients (around withholding or corporate tax, for example) and realize that you've got 99% of the tech needed to deliver a good solution.

From a business perspective, it's been a harder journey than we expected to get parts of the industry to open up about data or collaboration. It's significantly easier once you've built momentum, so it's also been rewarding to collaborate across stakeholders - from port agents and crewing unions to marine travel companies - as of late.

I don’t know know your stack so take this with a grain of salt:

It may be very tempting at times to skip normalizing data and to just throw stuff in a document store. The downside will be code complexity and runtime that is less than performant.

I am sure you are familiar but the patterns “adapter” “strategy” and “interpreter” can be very valuable here

I am sure you also use dependency injection as appropriate . I wish you all the best. I will keep an eye on and think good thoughts

We've been using a mutated blend of our own patterns with the ones you mentioned, but you're 100% spot on.

The reason we have a product today with 100% uptime and reasonable tech debt is that we front-loaded the cost of data by making sure we normalize (which is non-trivial in maritime), along with cleaning and consolidation with other sources. We also have our own internal consensus algos that pull multiple sources where possible and pick the most likely.

And hopefully this is an anecdotal data point for anyone, but we've been running a pretty performant system that services 200,000 ports, 50,000 airports, 50,000 crew, 5000 vessels and millions of miles of GeoJSON routes in real-time with Postgres alone. In my experience a well organised relational db can outrun most document stores, in most applications.

The only caveat I'd say (if there is one) is normalization as a hard rule. We denormalize some fields when we need to squeeze performance out of a commonly accessed metric (caching essentially, but through the db which I think makes it denormalization), and it's been quite helpful. Of course you need stronger checks and balances in code to make sure things don't desync, but it can be helpful to speed up large, common queries.

I'll link some of the technical write-ups of how we use Postgres and PostGIS below in [1] and [2], if anyone's interested.

[1] - https://hrishioa.github.io/large-geospatial-queries-and-opti... [2] - https://hrishioa.github.io/subqueries-and-ctes-an-example-of...

Congratulation! Looks like a quite an interesting problem and domain to build software for.

How did you get your first customer? Was it easy because of Nick connections or, did the customer require lot of convincing and value demonstration?

Thanks! It's a mixture of all of these things, to be honest. We had visibility into and in the industry due to our work with maritime security, as well as the benefit of being in an uncontested space (vessel operations intelligence) which was in crisis.

However, our first customers were inbound, from the demos we uploaded explaining how CRY4 could help with security and operations. So it's likely all of these things combined - we've worked to understand what drove initial adoption, but as we become more established we're seeing that these drivers shift into different things. What's driving leads today, I think may not be these things exactly.

Congrats on the launch! Looks like an awesome product

What do you find your customers care about the most? Security, cost savings, UI? It seems like a pretty old-tech industry that you're digitalizing, so I'm curious about what the pull is from their side

It's a mix really: all of them care about the cost savings, but the UI and the opportunity to digitize and connect different parts of the business have also been strong drivers.

First-generation software has been around just long enough in maritime that a lot of organisations are feeling the pain from having multiple solutions that don't connect and are starting to show their age.

It is incredible what you've accomplished already with such a small team! A very interesting problem area too. I've been a little involved with maritime from the perspective of digital security, which is an area that needs more attention, and wonder if/how you can improve that side of things with a modern solution. If you need to get in touch with folks who work on maritime cyber security by all means pop me an email.

Definitely appreciated, thanks!

Did the Suez crisis have any implications for your business?

None directly, but we believe improving crew well-being and providing more assistance to ensure vessels operate smoothly will have a long-term impact.

Ships can only function as well as the people on-board, but it's an often overlooked part of the industry.

a very interesting space and solution. I think that it would be beneficial to the entire vessel to give the crew a voice via a feedback loop with something like https://www.15five.com/. You could encourage them to root out potential problems and uncover opportunities to help the crew perform better. A comparison is that a non-obvious thing may come forward once a feedback loop is provided. Having a voice alone will improve moral. It will also provide you with crew support which will then translate to wanting to have your solution onboard the next ship they are on. A bottom up marketing strategy that then can be turned into a benefit that a ship provides as an incentive to join.

I remember that the main, central example in "Domain Driven Design" was basically software like this.

I agree. I forget who I'm quoting (and butchering), but it's become one of my favorite aphorisms that "Data is everything. Once you have the right data structures and relationships, the algorithms are apparent."

Isn't that quote much older and from EWD or Aristotle?

Could be! Sometimes things get stuck up there and over time weather down to something I can no longer Google or remember attribution for :)

Linus Torvalds said something similar.

The domain is also ripe with algorithmically interesting problems.

One issue I have seen though is the mindset of the business user may not be very tolerant of probabilistic results.

Completely agreed - and it's something we've had to work very hard at.

A rule of thumb that's worked for us is that the more information you show, the more tolerant your users are. However, that's also directly in opposition to the fact that the more information you show, the less user-friendly your product becomes.

Our approach has been to pyramid up the information we have. When we integrate a new source of data, we initially run customer engagement and have internal sanity checking algorithms to make sure we have a decent confidence about the data that we present. At this stage however, we give the user more information than less - so a full cost breakdown of a port call, instead of indicative total estimate, for example.

User engagement and testing will then help us understand which pieces are being used the most, and how we can best condense the data down in a way that best helps the user. This also gives us more time to refine our backend so that we have a higher degree of confidence about our methodology and results.

This often results in big changes - a twenty paragraph statement of restrictions may be condensed into a traffic light on whether a certain nationality is accepted into a port, or a fuel table may be condensed into a single estimate of cost based on estimated weight of the ship. This approach has worked well for us, and it might help in similar fields.

Are you familiar with quad keys and quad tiles? If not definitely read up. Could simplify a lot of routing and tracking: https://wiki.openstreetmap.org/wiki/QuadTiles

We've been using PostGIS' internal storage mechanism for routes and tiles so far. We've attempted to build our own indexing (through quadtrees indexed similar to OSM's), but it's never crossed the performance we get by default from PostGIS.

It's not a bottleneck yet, but I'm sure we'll be revisiting this soon. Thanks for the link! I hadn't found this one yet - super helpful.

Congrats on the launch! Saw your demo day pitch and super impressed

Thanks! Demo day seems so long ago.....

Could you tell me in a sentence what the product does?

We take all the information you (a ship manager) have about a vessel (route, plans, crew composition), with all the information externally available (piracy, flights, fuel costs), and tell you where to route your vessel and what the best choices are for the crew, and the purchases you're making.

Does that help? Happy to try again, it's a pretty complex piece of software that simplifies a complex job: unfortunately we're not as good as our software at simplifying the explanation.

> unfortunately we're not as good as our software at simplifying the explanation

You mean the software provides explanations for its outputs and decisions, in the classic AI style? Or did that mean something else?

I meant we're not as good at simplifying the narrative, as we hope Greywing is at simplifying the task of vessel operations :)

We don't currently use any AI - we're yet to exhaust deterministic knowledge-based algorithms, but it might be something we look at in the future.

Classic AI can definitely be deterministic and knowledge-based. It just sounded from that phrasing like you went down the "explainable outputs" route that is sometimes a part of such approaches (see expert systems, for example) and that is commonly missing these days (which may lead to people using outputs of complicated decision-making systems asking questions like "why would we want to do that?").

That sentence is good! I've added it to your blurb above :)

What is the 2fa you offer in the login? The Authenticator TOTP format?

Exactly right - it's a legacy feature we keep not to break some user flows, we're looking to rebuild that pretty soon.

Is there a way to reach out to with suggestions? Like saas pass 2fa.

Cool ideas! Side note to @dang, it's hard to read text blocks like this in HN's light grey font. I copied and pasted it into a notepad window to increase the contrast.