10 minute read
The value of digital assistance
Figure 1. Siemens Energy has successfully developed a four-step approach to close vulnerability gaps for customers worldwide in recent years (image courtesy of Siemens Energy). industrial controls, its cybersecurity work is aggressively vendor-agnostic both in securing control systems and the tools used to provide that security. In addition, vendor-agnostic solution integrators have the advantage of maintaining many relationships across the industry, which lets them offer the most appropriate tools even as things change at extraordinary speed. Typically, this step will require: n Drafting detailed request for proposals (RFPs) and coordinating subcontractor and vendor communications. n Qualifying, selecting and overseeing a plan’s execution with the chosen third-party providers. n Monitoring the shipping and receipt of hardware and software while filling in any gaps or inconsistencies in their order fulfillment. n Detailed coordination with plant operators during planned plant maintenance and outages when new security system safeguards will be installed and commissioned, and when new network segmentations are done. n Planning and documenting the deployment of new cybersecurity measures, including personnel training, altered management communications, adoption monitoring, and safety hazard assessments where applicable.
Step three – deploy
This phase involves installing and commissioning the designed security controls for each cybersecurity risk mitigation. It should include detailed configuration design and testing either in a laboratory, factory acceptance testing (FAT), or site acceptance testing (SAT). The idea is to identify and resolve compatibility issues as much as possible before onsite installation and commissioning occur. This helps to reduce risk during a planned outage and ensure that the plant can resume operations within the allotted timeframe.
Typically, Siemens Energy’s engineers are onsite to perform integration testing and refine the rollout plans based on the outcome of the laboratory/FAT tests. To further minimise execution time during the deployment, migrations to the new security system will be planned and grouped together based on similarity and the ability to execute within the outage schedule afforded by the customer’s ongoing operations. This keeps onsite changes and the potential for adverse impacts to a minimum. Notably, the proper backup will be executed in collaboration with the customer’s OT/IT teams before significant changes, with detailed rollback plans drafted and ready for use in each case. The following summarises these and other tasks to be performed: n Planning and designing system and network configuration for every cybersecurity safeguard to be deployed (e.g. design of target hardening policies). n Thorough testing with representative equipment with target system configurations. n Creating detailed rollout and rollback plans to augment and include the overall plan. n Coordinating, aligning, planning and monitoring of tasks to be performed by third-party participants in the new security system’s deployment. n Conducting pre-rollout site visits and rehearsing the execution of rollout tasks. n Monitoring the availability of all assets involved in the security system migration (before, during and after changes). n Executing other change-management-related practices (e.g. change requests, communications, monitoring, awareness, etc). n Updating existing documentation or creating new documentation as needed (e.g. updated logical and physical network diagrams, IP numbering standard/procedures) to create a single as-built documentation resource for future consultation and updating as updates and upgrades are made. n Provisioning a rollout service desk with engineers available to address any adverse impacts on operating assets affected by the migration to the new security system.
Step four – operate and transition
In this phase, the customer’s OT/IT teams (and, if applicable, contracted third-party outsourcing providers) will properly operate the newly-deployed security system to its maximum potential. This phase also provides the training that the automation and operations teams will require to learn how to operate the plant in the new security environment, which will likely include new host-based security agents; prohibited and therefore blocked communications that may have been previously considered routine, especially with external parties; and the operation of new security appliances and tools. This will ensure a smooth transition that minimises post-rollout service desk requests related to the change. The following provides a summary of these and other tasks to be performed: n Evaluating operational impacts with the additional security tools, processes and procedures.
n Designing the target operations model, as well as its workload and workforce requirements, to properly sustain the change. n Recommending adjustments in the organisational structure, roles and responsibilities to fit the defined ‘responsible, accountable, consulted and informed’ (RACI) model. n Defining target service-level agreements (SLAs) for deployed security services. n Defining the best sourcing strategy for select services across a customer’s different host countries, if applicable. n Supporting the selection of qualified managed service providers, if needed. n Supporting the transition of service and knowledge transfer to the operations provider.
Conclusion
The four steps described herein can help plant operators make cost-effective step changes to close cybersecurity gaps in their operations. This is true even if they currently have little or no knowledge of the topic or find it overwhelming in the context of their highly complex plant operations.
In many cases, especially in sovereign-owned national plant operations, the local hiring of highly-qualified security talent can be difficult because of its scarcity. To prevent this from becoming a critical path item in developing and enacting more robust cyber safeguards, Siemens Energy usually recommends outsourcing to an OT-managed security services provider for immediate needs, either as a bridge to self-operations or a long-term solution to global cybersecurity staffing shortfalls.
As part of step four, Siemens Energy helps its customers adopt the ‘ADKAR’ approach in order to achieve the needed cultural change. ADKAR – awareness, desire, knowledge, ability and reinforcement – are the five changes that need to happen for a change to be successful. After all, an organisational change can only happen when individuals change, and more robust cybersecurity for downstream oil and gas operations is undoubtedly worth the effort and investment.
Finally, the deployment of a comprehensive, updated cybersecurity system with a mature governance framework must include a high level of OT/IT collaboration, as well as executive management support behind it all – whether the system is deployed across a single plant or multiple plants.
Even then, for it to succeed, operational personnel from the front office to the back office and everywhere in between need to be aware of the changes, know their responsibilities for supporting those changes (e.g. not opening unsolicited emails or attachments), and learn what, if anything, they might have to do differently in their day-to-day jobs. In practice, plant cybersecurity is everyone’s responsibility, just like plant safety.
References
1. CHEN, J., ‘Observing Attacks Against Hundreds of Exposed Services in
Public Clouds’, Palo Alto Networks, (22 November 2021), https://unit42. paloaltonetworks.com/exposed-services-public-clouds/ 2. EATON, C., and VOLZ, D., ‘Colonial Pipeline CEO Tells Why He Paid
Hackers a $4.4 Million Ransom’, The Wall Street Journal, (19 May 2021). 3. BRISTOW, M., ‘A SANS 2021 Survey: OT/ICS Cybersecurity’,
SANS Institute, (August 2021), pp. 5 – 7.
Your Specialist for PRESSURE RELIEF SOLUTIONS
Consulting. Engineering. Products. Service. T +49 2961 7405-0 T +1 704 716 7022
Samuli Bergman, NAPCON, Finland, explains how machine learning can aid operators of oil refineries and petrochemical facilities.
Machine learning has the capacity to be a very efficient tool for oil refinery and petrochemical facility operators, where the requirements of end products can change at short notice, and the quality of feedstock can vary widely. Because information is constantly gathered from different stages of the process, there are millions of process values – historical and ongoing – that can be compiled into a machine learning model that predicts process behaviour and provides accurate operation suggestions to operators.
An oil refinery operates constantly, and though the process is highly-automised, there are many process variables for operators to supervise at the different process steps. This task is particularly challenging, as product quality requirements can vary with short intervals, which in turn requires a lot of changed process parameters.
A human operator is simply not able to carefully watch every monitor and follow all important process variables simultaneously, which means that digital assistance makes it possible to operate a process with increased efficiency. To address this problem, Neste Engineering Solutions began to develop an AI-based solution built on a machine learning model that demonstrates what happens chemically and physically inside reactors, pipes and columns. The model also covers the automation’s effects on the factory.
Making changes
At all chemical processing plants, huge amounts of data are constantly collected regarding flow, temperature, pressure, and other process variables. In addition, there are large amounts of historical data that has been collected over a long period that can be used to teach the machine learning model what a well-functioning process should look like.
The core of machine learning is that the more material that is fed into the system, the more the AI learns about how the factory behaves under different circumstances. When fully trained, the digital assistant can predict how the process will behave during certain hours, for example. Operators can also consult the digital assistant if help with the settings is required. The next development step could be a verbal interface such as Siri, Google Assistant or Alexa, but the fully-developed system is yet to be completed.
Within chemical processes, there are both slowly changing phenomena (such as when the process equipment wears and gets dirty on the inside or when the catalysts in the reactor slowly fade) and fast events (such as when new batches of feedstock are fed into the process, which must be changed accordingly). Process units must adapt to these changes, and it is here that a digital assistant could shine, as it can be used to calculate how the process could be optimised, and instruct operators as to how to reach the goal.
Figure 1. The Advisor and/or Phenomena Indicator create dynamic models of an oil refinery process or a petrochemicals unit to optimise process conditions, meet production objectives, or detect malfunctions.
Figure 2. A digital operator assistant predicts the dynamic behaviour of process variables; creates what-if scenarios to allow operators to test various operative scenarios; and suggests what changes should be made in order to meet operation objectives.
Prolonged service intervals
Because a digital assistant carries out the calculations continuously, the machine learning model is constantly changing and evolving. The advice applies mainly to factors such as temperature and pressure, and the idea is that the operator implements the advice by changing the set points in the process control system.
Of course, it is the operator’s normal job to handle these factors, but by using the digital assistant’s advice, the measures can be scheduled more precisely in difficult situations. It is also more likely that the setting values are correct, as the AI model can sort out enormous amounts of data in a fraction of a second, and apply this wisdom to aid the operator.
AI can also be used to extend the lifetime of the process equipment, which can result in prolonged service intervals and smoother running processes. If, for example, the wrong temperature or pressure is used, the components of the plant wear faster, but for a digital assistant, it is not difficult to always find the optimal value at different stages of the process. This could mean that a production shutdown for service can be postponed, which in turn corresponds to better earnings.
The digital advisor’s situation-specific optimisation also helps to reach the true limits of a plant, whether there is a need to reduce carbon emissions, optimise utilities, or maximise certain yields.
Inside information
Neste is the one of world’s largest producers of renewable diesel, but the company also has a subdivision, Neste Engineering Solutions, which implements Neste’s innovations on an industrial-scale; carries out major industrial investment projects; and helps its customers in the process industry to continuously develop their production and to optimise their processes. One of Neste Engineering’s units, NAPCON, specialises in the development of solutions to help companies in the process industry to streamline their processes. Many of NAPCON’s solutions are tried and tested at Neste’s refinery in Porvoo, Finland, but the company also sells its expertise to third parties that want to have better control over their processes. The digital assistant, NAPCON Advisor, and the soft sensor,
