Search Our Site

Our Newsletter

Our Ramblings

Enhancing Oil,Gas and Power Operations – SCADA via Satellite

Oil and gas operations are located in unforgiving environments, from the blistering cold of the arctic to the scorching heat of the deserts and the storming conditions out on the open sea. To sustain secure operating conditions in these remote areas, reliable communication is as vital to the end-user as the umbilical cord is to an unborn child.

 

Supervisory Control And Data Acquisition

Supervisory control and data acquisition (SCADA) is a unique aspect of oil, gas and power distribution operations in that it does not entail communication between people, but between machines, also known as machine–machine (M2M).

SCADA describes a computer based system that manages mission critical process applications on the ‘factory floor’. These applications are frequently critical for health, safety and the environment.

The term telemetry is often used in combination with SCADA. Telemetry describes the process of collating data and performing remotely controlled actions via a suitable transmission media. In the context of this article, the telemetry media is a satellite communications solution.

SCADA in Oil, Gas and Power Distribution Operations

SCADA is not limited to a particular aspect of these types of operations. In the Oil and Gas industry, SCADA applications can be found in upstream areas such as well monitoring, downstream in areas such as pipeline operations, in trade by managing the fiscal metering/custody transfer operations and logistics in applications such as inventory management of tank storage facilities. SCADA systems in the Power Distribution industry use RTUs and PLCs to perform the majority of on-site control. The RTU or PLC acquires the site data, which includes meter readings, pressure, voltage, or other equipment status, then performs local control and transfers the data to the central SCADA system. However, when comparing and specifying a solution for challenging SCADA environments, RTU and PLC-based systems are not equal.

PLC Systems are Sub-Optimal for Complex SCADA Systems

Originally designed to replace relay logic, PLCs acquire analog and/or digital data through input modules, and execute a program loop while scanning the inputs and taking actions based on these inputs. PLCs perform well in sequential logic control applications with high discrete I/O data counts, but suffer from overly specialized design, which results in limited CPU performance, inadequate communication flexibility, and lack of easy scalability when it comes to adding future requirements other than I/O.
With the rapid expansion of remote site monitoring and control, three critical industry business trends have recently come into focus:

• System performance and intelligence – Process automation improves efficiency, plant safety, and reduces labor costs. However, complex processes like AGA gas flow calculations and high-resolution event capture in electric utility applications require very high performance and system-level intelligence. The reality is that even high-performance PLCs cannot meet all these expectations.

• Communication flexibility – Redundant communication links between remote systems and the central SCADA application form the basis of a reliable, secure, and safe enterprise. Power routing automation in electric applications, water distribution, warning systems, and oil and gas processes all require unique communication mediums including slow dial-up phone lines, medium speed RF, and broadband wired/wireless IP.

• Configurability and reduced costs – Although process monitoring and control are well defined and understood within many industries, the quest for flexibility and reduced Total Cost of Ownership (TCO) remains challenging. In the past, proprietary PLC units customized with third party components filled the niche, but suffered from lack of configurability and higher maintenance costs than fully integrated units. Today, businesses look for complete modular off-the shelf systems that yield high configurability with a significant improvement in TCO.

At the technical level, several requirements currently influence the SCADA specification process:
• Local intelligence and processing – High processing throughput, 64 bit CPUs with expanded memory for user applications and logging with support for highly complex control routines.

• High-speed communication ports – Monitoring large numbers of events requires systems that support multiple RS232/485 connections running at 230/460 kb/s and multiple Ethernet ports with 10/100 Mb/s capability.

• High-density, fast, and highly accurate I/O modules Hardware that implements 12.5 kHz input counters with 16-bit analog inputs and 14-bit analog outputs for improved accuracy.

• Broadband wireless and wired IP communications. Recent innovations in IP devices demands reliable connectivity to local IEDs (Intelligent Electronic Devices) as well as emerging communication network standards.

• Strict adherence to open standard industry protocols including Modbus, DNP3, and DF-1 on serial and TCP/IP ports

• Robust protocols for support of mixed communication environments.

• Protection of critical infrastructure – Enhanced security such as password-protected programming, over the air encryption, authentication, and IP firewall capability.

Selecting a Satellite Communication Solution – Factors to Consider

Security

When selecting a satellite communications solution, there are numerous factors that must be considered. Enterprise applications like e-mail, Internet access, telephony, videoconferencing, etc. frequently tie into public communications infrastructure. Due to security and reliability considerations it is considered best practice to isolate mission critical SCADA communications infrastructure from public networks.

The Rustyice solution is a dedicated satellite communications network solution tailored for the SCADA applications environment. By virtue of system design, our solution offers greater security against hacker attacks and virus infestation which mainly target computers that are connected to the Internet and are running office applications.

Reliability

Due to the critical nature of most SCADA operations, a reliable communication solution is of utmost importance. The satellite communications industry is mature with a proven track record. Satellite transponder availability is typically in the 99.99 percentile range, a number far superior to that of terrestrial networks. To build on this strength, our solution utilises a miniature satellite hub that is deployed at the end-users SCADA control centre. Data to/from the remote terminal units (RTUs) are piped directly into the SCADA system. There is no vulnerable terrestrial back-haul from a communication service providers facility, which can cause the entire network to crash if cut during public works, i.e. digging.

To increase the reliability of the hub, it is frequently deployed in a redundant/load sharing configuration. This ensures that the hub is available more than 100% of the time, making it far from the weakest link in the communication chain.

Types of Connectivity

Contrary to enterprise-related communications which take place randomly, SCADA communication is quite predictable. It is a continuous process, where the SCADA application polls the RTUs at regular intervals. The outgoing poll request is a short datagram (packet) containing as few as 10 bytes. The returned data from the RTUs are also in a datagram format with the message size being from 10 bytes to 250 bytes. One could easily assume that a satellite solution based upon dial-up connectivity such as Inmarsat, Iridium or Globalstar would be ideal for this application environment. Since SCADA is not just data collection, but also entails control (which at times can be of an emergency nature), you simply cannot wait for the system to encounter a busy connection. What is needed is a system that provides an ‘always on’ type of connection, commonly referred to as leased line connectivity.

A Rustyice solution supports both circuit switched (leased line and multi drop) and packet switched (TCP/IP and X.25) applications concurrently.

Contact us today to speak to one of our representatives and examine how a Rustyice Satellite SCADA solution can offer your operations the best of all worlds.

Energy Retrofits and Building Automation Save the Life and Expenses of a Building

The environmental impact buildings have in the UK is at alarming levels — accounting for 40% of the nation’s energy usage and an equal percentage of carbon output, and, when you consider water consumption, waste management and vehicle transportation for waste management as well as employees of the building, it is clear that change is necessary.

Building automation is the leading solution towards streamlining building energy management. Although BREEAM (BRE Environmental Assessment Method) certification is a goal for many new buildings, often the certification covers only the construction and design process. (BREEAM) is a voluntary measurement rating for green buildings that was established in the UK by the Building Research Establishment (BRE). Since its inception it has since grown in scope and geographically, being exported in various guises across the globe. Its equivalents in other regions include LEED North America and Green Star in Australia, and HQE in France. BRE and CSTB (the French Building research centre) have signed a memorandum of understanding committing them to the alignment of BREEAM and HQE. It’s simple when it’s a project being worked on externally by a team. But once the building is occupied and in use, often the building maintenance team poorly manages lighting control, elevator access control, heating / ventilation and air conditioning, the building’s efficiency potential is not met, and the building uses an unnecessary amount of energy.

Not only should the focus be on constructing a sustainable Building Solution, but also on retrofitting old buildings to be greener and more energy efficient. By conserving water and utilising renewable energy, as well as implementing building automation systems, even older buildings can benefit from energy retrofittings.

Most building occupants applaud and welcome the idea of greening a building, but when it comes to behavioural change for the individual, many fail to change their ways, keeping the greening process from reaching its potential. Simple habit changes such as manually turning lights on after a timer has shut them off, or returning cutlery and dishes to the dishwasher instead of tossing out disposable plasticware can be resisted by employees.

Old buildings represent only 4% of BREEAM-certified square footage, but account for a fifth of BREEAM registered square feet. Making existing buildings greener poses a number of challenges, as it is a multi-faceted project to attack and integrate building systems. The coordination of a number of priorities is necessary, and often, they clash. For instance, meeting the requirements of energy efficiency with heating and air conditioning, while meeting the the comfort needs of occupants. Often instead of the greening falling under one large project, it is broken into conflicting pieces where different departments overlook a specific aspect of the building while it clashes with the energy needs of another aspect.

Above all other challenges, the budget for going green is the most difficult for building owners and building management to monitor and control. Most organisations have a long list of budget priorities and constraints, with an aim to increase their bottom line as much as possible. While going green does provide an increased return on investment, it takes some time to create and see the changes.

At Rustyice Solutions, our experience in the design and integration of BMS gives us the edge. We are confident that Rustyice Solutions Smart Building Technologies and information management will help you to competitively differentiate and thus win more business if your building houses tenants or save more money if the building is owned outright. Our unique solution design and sub-contract services will take your building project performance to another level. Call us today on 0800 012 1090 and speak to one of our Building Management Advisors. What have you got to lose except the waste?

Increase Guard Effectiveness with Breakthrough Real-Time Event Detection in Sheet Plants

Sheet plants are sensitive areas that need to be strictly protected. As potential targets for thieves or vandals as well as being extremely dangerous environments, even seemingly benign behavior can have seriously consequences. However, the cost of employing human guards, especially in remote locations and along perimeters, can be exceedingly high, and ineffective at preventing incidents.

Rustyice Solutions can help protect sheet plants through:

  • Proactive monitoring of all perimeters and secure entrances: Our IP cameras and encoders increase the effectiveness and efficiency of onsite guards by delivering the market’s leading real-time event detection, notifying onsite security, roaming patrols, and monitoring stations when perimeters and secure areas are breached
  • Immediate event verification and response:  Our IP cameras and encoders enable roaming patrols and central monitoring stations to verify, respond and prevent incidents in real-time by delivering pre and post alarm clips to smart phones and VMS platforms and providing live video plus 2 way audio to cameras.
  • Extended wireless deployments: Our IP cameras and encoders are the best choice for deployment on any wireless network because our recording solutions record all video in a fully integrated, onboard NVR, eliminating the bandwidth used to backhaul video to centralized storage. Therefore, traditional limits on camera density for a network are removed.
  • Minimal infrastructure: Our Industrial Process Control surveillance solutions reduce upfront cost, installation time and ongoing maintenance by archiving all video – even full high definition 1080p/30 fps resolution – in a fully integrated onboard NVR and eliminating the need for external storage servers, dedicated high capacity networks and secure IT facilities to house them.
  • Zero bandwidth recording: By correct network design and encoder choice we consume 90% less bandwidth than traditional IP and high definition cameras by storing video in a fully integrated, onboard NVR and eliminating the bandwidth used to backhaul video to centralized storage. Of course, stored and live video is always available at the click of a mouse.
  • Simple installation: Rustyice’s cameras and encoders are easy to install because the solution eliminates the need to deploy any external servers and our adaptive analytics are 100% self-calibrating, eliminating the need to manually calibrate or tune the analytics in the field.
  • Intelligent logging of all vehicles and personnel:Our solutions accelerate investigations from days to minutes by intelligently profiling and indexing every person and vehicle seen at the site, allowing operators to rapidly search terabytes of stored video at the click of a button for rule violations, and even search for matches for a particular object across all cameras and encoders in the system.

Contact us today to discuss this innovative solution which not only saves you money but helps you to make money.

How to recognise security vulnerabilities in your IT systems

As IT systems continue to extend across multiple environments, IT security threats and vulnerabilities have likewise continued to evolve.

Whether from the growing insider threat of rogue and unauthorised internal sources, or from the ever increasing number of external attacks, organisations are more susceptible than ever to crippling attacks. It’s almost become simply a matter of “when it will happen” rather than “if it will happen.”

For IT resellers, security issues have always persisted as critical to all communications for an organisation’s IT department.

However, with the increase in the levels of access to a company’s network compounded by these maturing threats, it is no longer feasible to merely recognise the existence of more simplistic, perimeter threats.

Resellers must be able to provide customers with a comprehensive risk assessment of the entirety of an organisation’s IT assets to their vulnerabilities–inclusive of both software and hardware.

This risk assessment must incorporate an understanding of external threats and internal vulnerabilities and how the two continue to merge to create increasingly susceptible IT environments.

At the most basic level, organisations and resellers alike must understand the different types of threats. Malware, a generic term for malicious software, such as trojan horses, worms, and viruses, is the most common form of attack that is originated by an external hacker. Malware attacks have persisted for years – from the infamous Morris worm to common spyware attacks – and they remain the easiest and most damaging tactic deployed by malicious hackers.

With enterprises extending to the cloud, and more organisations adopting SaaS-based applications, social media and other Web 2.0 tools, damaging malware attacks and viruses can now originate through simple SPAM messages and emails.

Internally, organisations are typically susceptible to threats from either authorised rogue users who abuse privileged accounts and identities to access sensitive information, or unauthorised users who use their knowledge of administrative credentials to subvert security systems. It is this type of vulnerability – unauthorised internal access – that has continued to emerge as the most volatile and disruptive.

To truly understand the risks involved with these “insider threats”, organisations and resellers need to understand the root of the vulnerabilities.

Most commonly, the risks lie with the use of embedded credentials, most notably hard coded passwords, a practice employed by software developers to provide access to administrators during the development process. The practice occurs frequently since application developers tend to be more focused on the development and release cycle of the application, rather than any security concerns. While it may appear harmless at first glance, it is extremely risky as it can potentially provide unauthorised users with powerful, complete access to IT systems.

To compound the matter, by hardcoding passwords to cover embedded credentials, vendors create a problem that cannot be easily fixed nor assuaged by tools such as Privileged Identity Management systems. Once embedded into an application, the passwords cannot be removed without damaging the system. At the end of the day, the passwords provide malicious outsiders with a bulls eye target – a key vulnerability to leverage to help them gain powerful access and control on a target device, and potentially throughout the entire organisation.

One of the most well known examples is the Stuxnet virus. We’ve all been blown away by the design of Stuxnet, and were surprised by the pathway the virus took in targeting SCADA systems. Reflection shows that the virus used the hard coded password vulnerability to target these systems – which should serve as a lesson for all businesses.

The existence of vulnerabilities embedded within these types of systems is not necessarily new, but the emergence of new threats continues to shed light on the ease with which they can be leveraged for an attack. While malicious outsiders and insiders have focused often on the administrative credentials on typical systems like servers, databases and the like, in reality, IT organisations need to identify every asset that has a microprocessor, memory or an application/process. From copiers to scanners, these devices all have similar embedded credentials that represent significant organisational vulnerabilities.

While steps can be taken to proactively manage embedded credentials without hardcoding them in the first place – Privileged Identity Management tools can help – the onus is on the organisation, and the reseller, to ensure that a holistic view of all vulnerabilities and risks has been taken.