Marcelo Donnangelo
At the AFPM Operations & Process Technology Summit, Emerson’s Eric Braun and Marcio Donnangelo presented on cybersecurity considerations in implementing Industrial Internet of Things (IIoT)-based architectures.
Marcio opened noting that the opportunity to improve operational performance globally for manufacturers and producers is valued at $1 Trillion USD per year. Easy to install and use Industrial Internet of Things-based sensors enable more data to be collected to improve areas outside of traditional process control. These areas include personnel safety, reliability, energy efficiency and personnel productivity.
These increased sources of data coupled with operational analytics provide information to inform better decisions to made to improve these operational performance areas. Marcio noted that today clipboards for manual data collection is still the predominant work process for the industry.
WirelessHART provides an effective form of sensor communications for low power, low data rate applications. Sensors can monitor safety showers, rotating machinery vibration, sounds for relief valve releases and steam trap leaks, and many more.
Eric Braun
Eric next came up to discuss cybersecurity considerations. The IEC 62591 WirelessHART global communications standard incorporated cybersecurity considerations from its inception. All network communications are encrypted with the AES-128 encryption standard. Digital signatures on firmware updates are imperative to verify that the firmware has not been tampered with.
User management is important with roles defined for the minimum number of things required to perform the tasks for the role. Other layers of defense include login limits, logging and time synchronization to have an accurate picture across nodes.
Functionality and system ports that are not being used should be disabled to prevent unauthorized access. Training is another very important layer of defense to make sure the system is hardened to the level possible and that personnel understand and avoid non-secure practices.
Other layers of defense include systemic & structured threat modeling, penetration testing (ethical hacking), fuzz testing (sending broken packets to system & devices), and automated scanning. Suppliers need to have a robust testing and communications to make sure end users have the latest and most secure revisions.
Visit the AFPM Operations & Process Technology Summit section on Emerson.com for more on some the technologies and solutions for refiners and petrochemical producers.
