Maritime Port Operations Across the National Seaports of the Netherlands Made Secure with Low-Code Platform from Mendix
Mendix, a Siemens business and global leader in low-code application development for the enterprise, today announced that the Port of Amsterdam, in partnership with seven seaports of the Netherlands, is rolling out an expanded, real-time security alert system to notify port authorities nationwide in the event of an incident or threat. The alerting system is an extension of the MOBI digital security platform developed by the Port of Amsterdam.
The MOBI app is the administrative and task-tracking platform that facilitates compliance with security requirements mandated by the United Nations, to earn ISPS (“international ship and port facility security code”) certification. It has been adopted as the national platform for the certification process by the Port of Amsterdam, Port of Rotterdam, North Sea Port, Port of Moerdijk, Den Helder Port, Groningen Seaports, and the Port of Harlingen, and their 415 maritime shipping facilities and cargo terminals.
MOBI, a Dutch acronym for “methodology for an objective security inventory,” was built from scratch with Mendix low-code technology. “Low-code” is a visual development approach to application development that allows developers with different levels of experience to create applications for web and mobile, using drag-and-drop components and model-driven logic through a graphical user interface. For two years in a row, Gartner analysts have positioned Mendix as a visionary leader in its Enterprise Low-Code Application Platforms Magic Quadrant.
Increased security needs in the aftermath of 9/11
The need for comprehensive safety and security measures for the world’s ports and cargo facilities has its roots in the 9/11 terrorist attack, two decades ago on U.S. soil. Programs to protect and ensure uninterrupted trade and transportation were initially focused on airports. By 2004, the World Customs Organization (WCO) and the International Maritime Organization (IMO), operating under the aegis of the United Nations, extended this oversight to maritime operations. In response, the international shipping industry developed the ISPS requirements to evaluate and certify ports and facilities; approved certifications are valid for five years.
The MOBI app identifies 13 security risk scenarios including hijacking, terrorist threats, arms smuggling, human tracking, cyberhacking, and cargo contamination. Preventing these disruptions is a primary focus for the Netherlands’ seaports, which serve as the global gateway to the European market and rank among the world’s key logistics hubs for cargo transportation and storage. The Port of Rotterdam is the world’s third largest port and the Port of Amsterdam is the fourth largest port in Europe. Rotterdam alone handles more than 469 million tons of cargo annually from nearly 30,000 ships and vessels.
One application to deliver a single source of truth
MOBI was developed with low-code specialists from Finaps, a consultancy and Mendix services partner, and product owners originally drawn from the Port of Amsterdam. Together, they digitalized a complex assessment process that previously was conducted manually using various Word and Excel documents.
“We originally thought MOBI would just be a small app for the Port of Amsterdam,” says Peter Alkema, strategic policy advisor and project manager, Port of Amsterdam. Alkema has worked on the Mendix-built platform since 2017, collaborating with Mendix low-code developer Bram Van Der Linden, senior business engineer at Finaps. The first version of MOBI was launched in just eight weeks.
Today, the application supports 800 users throughout the seaports and maritime facilities of the Netherlands as they complete a comprehensive Port Facility Security Plan that is based on a Security Assessment. MOBI enables collaborators to undertake an objective risk analysis by tracking activities, progress, and feedback across five processes: certification, compliance, notifications, changes, and alerting. At the final stage, the port authority (who is often the Harbor Master, who operates under local government mandate) approves the plan and officially certifies the port facility.
Success attracts more users; Mendix makes it easy to iterate
“The success we encountered triggered attention from the other ports,” recalls Alkema. “We considered making separate apps for different ports. But it was easier to iterate on the application in a modular way. Mendix enabled our small team to build a complex application fairly quickly, and reengineered the application for multi-tenant functionality across the Dutch seaports.”
To develop the multi-tenant version of MOBI, Alkema and Van Der Linden held bi-weekly Friday afternoon sprints with project leaders from each of the seaports. Central to their effort was understanding each project owner’s customized approach to tracking and maintaining port security. “We had everyone in one big room,” says Alkema. “When someone said the application was not working correctly for their facility, the Mendix platform made it easy for a developer to quickly change it, test the correction, and get wide-spread adoption.”
Trustworthy data gathering for coordinated actions
Using the MOBI application has reduced the time spent on ISPS certification from a potential eight-month cycle to one that can be completed within two months. “Before this process was digitalized, there was never a single source of truth. There were endless discussions between the IT people and the system auditors,” says Jeffrey de Vlaming, policy advisor at the Port of Rotterdam. “We dedicated one employee to pull information from telephone calls, emails, and Google docs — it took half a month. Now, every discussion takes place within the platform, removing errors and increasing predictable outcomes. Now we can work remotely with these kind of actions and follow-up programmed into the system.”
An additional 21 delegates, drawn from each of the participating ports, make up the current MOBI management group. This team of end-users consult with Alkema, Van Der Linden, and de Vlaming on additional support needs. “This system is way ahead of its time. Few, if any, other ports have such an advanced, digitalized system system as we have in the Netherlands,” says Alkema.
Enterprise-grade low-code that’s ready to combat unforeseen threats
“With their security oversight application, the Dutch seaports have shown the world that enterprise-grade low-code is more than a necessity — it’s a reality,” says Hans de Visser, vice president of product management for Mendix. “Not only are the ports following the highest standards for security oversight, their cloud-based data is safe and secure for use by a remote workforce. That’s because we’ve built a rigorous information security management system into the Mendix platform, providing the highest level of ISO/IEC 27001 certification. We’re proud our best-of-breed platform strikes the right balance between capabilities, flexibility, and ease of use. From a performance viewpoint, this is what enables world-class enterprises such as the Dutch seaports to digitally deliver critical business solutions and scale up with confidence.”