Security of Digital Industrial Systems
Cyber Security and open communication standards are introducing a new era for industrial systems.
The Digital Oil Field concept
Oil producers have heard of the digital oil field concept for over 20 years. It assumes the synthesis of IT and OT systems for the oil and gas sector to increase the efficiency of the management of this branch of industry. The idea is to facilitate the planning of actions taken in this sector, based on increased efficiency in the flow of information.
However, to be able to implement this concept further, it was necessary to introduce new standards in digital communications. Here, however, a problem arose. Unfortunately, the use of required standards may be associated with increased vulnerability to cyber threats.
Major operating technology providers (OTs) did not take this into account when planning an architecture for future systems. As a consequence, it left operators and integrators to consider seriously. The most important thing was how much to invest in the implementation of firewalls and other solutions to protect currently aging control devices. As a result, many of them gave up the benefits of the Industrial Internet of Things, waiting for a better solution.
However, with the progress of technology, this state of affairs begins to change. Finally, the following trends converged to enable the implementation of solutions such for example, Digital Oil Field. These new trends are:
- Embedding user authentication and transmission encryption technologies in devices working in the OT sector.
- The emergence of new standards for communication and integration software. From now on, it is possible to use advanced authentication and encryption to secure data exchange between field devices.
Systems security begins at OT
The key infrastructure for the mining industry (but not only) includes several classes of devices. These include programmable logic controllers, RTU, and distributed control systems. The main task is to automate control pumps, pneumatic lifts, and valves. In general, they control production devices that use signals from master units.
Violation of any of these components can result in huge losses due to cessation or faulty production. Added to this are issues such as employee security threats or intellectual property theft.
Of course, there are solutions in the world that ensure the security of data transmission over the global Internet. They are widely used in the military, aviation and commercial sectors. Unfortunately, in most cases, these technologies cannot be transferred to typical industrial plants. The reason is that these companies had already invested in technology that was designed before cybersecurity challenges arose.
Currently, however, the implementation of specific key points ensuring the security of industrial systems is increasingly observed. An example is cyber security based on public key infrastructure (PKI) for Digital Oil Field technology.
Securing data exchange
Embedding PKI in automation technology eliminates the possibility of unauthorized access to key information. What’s more, the presence of an external trusted Certification Authority allows secure data exchange on a global scale.
Digitization, Big Data analysis, and the Internet of Things are currently leading topics. The basic premise is that information should always be able to reach where it is needed. For example, there is no need to travel long distances to the borehole site to check some readings. This can be done remotely. Thanks to today’s technology, tools can self-report on production and diagnostic data. What’s more, they can also be controlled from anywhere on earth.
From the point of view of the field staff, this means easier supervision of the production stations subject to it. At the enterprise level, however, dynamic optimization of all resources (e.g. the entire oil field) becomes possible. This is due to the synthesis of measurement data from field devices and key market information in business.
Safety of industrial control systems (ICS) is an increasingly discussed issue. The concept of solutions in the field of Internet of Things, Industry 4.0 or Big Data, forcing integrators to use advanced technologies to secure data flow. Solutions once only present in the IT infrastructure, nowadays are becoming an integral part of the industrial sector (OT) systems.