Oil and Gas Innovation
D
Three pillars of cybersecurity Cybersecurity can be broken down into three main pillars: people, processes, and technology. You may have the technology to prevent or detect a compromise, but if you do not have proper processes and procedures in place and your staff – your front-line defence – are not adequately trained to use this technology, you are creating vulnerabilities. Modern facilities in the digital age are critically dependent on computer-based systems to operate and protect equipment and processes. But how often do we stop to consider the following question: How do I safely shut down the facility if I cannot use the computer-based control system to do so?
Get ahead with a digital twin This is where a digital twin may be helpful as a training tool, equipping operators and engineers to recognise symptoms of a control system compromise and respond accordingly. Digital twins are being used to augment the cyber-resilience of facilities by companies using operating training simulators. A digital twin may be used to simulate a security breach and develop decisionmaking and mitigative responses to the
30 energyfocus | www.the-eic.com
30 digital twins innovation_Summer 2021_Energy Focus.indd 30
Digital twins for cybersecurity The six-day Colonial Pipeline shutdown was the most disruptive cyberattack on record. The incident highlighted the vulnerability of the energy industry to such attacks. But what can companies actively do about it? Improve digital safety using virtual twin simulations, says Brad Bonnette at Wood simulated cyberattack. Developers can incorporate several scenarios to test and refine operator recognition of system compromises and their response to secure the process safely. However, while common live attacks and malware with overt symptoms (such as remote access Trojans, CryptoLocker and denial of service Trojans) can be simulated in a digital twin, highly engineered covert attacks such as Stuxnet may not have symptoms apparent to an operator. A digital twin can provide a real-time, responsive environment for simulating various types of control system compromise. It can train and test operators on the diagnostic process for identifying the extent of the compromise and the level of availability and integrity of the control and safety systems, as well as how to take appropriate actions to respond to a loss of control.
A digital twin is a valuable tool in developing decision-making trees to determine the extent of the threat and the appropriate response. This approach mimics the aerospace industry’s use of simulators to simulate systemic failures, enabling the development, evaluation and application of viable troubleshooting and decision-making procedures in real-time virtual environments. The objective is to train front-line operational personnel to recognise indicators of control system compromise, declare an emergency, initiate decision-making criteria to determine the extent of compromise of control, implement actions to shut down, and secure the facility to mitigate the physical (people, environment, asset) consequences of such incidents. By Brad Bonnette, Technical Director for Applied Intelligence, Wood IMAGE: ISTOCK
igitisation can bring its own risks, as converting production on running facilities is complex, and new cybersecurity risks present a real and growing threat. In today’s world of cyber-vulnerable control systems, we need to ask the right questions, including: How can I recognise signs that my control system may have been compromised? How should I respond? In most cases, avoiding catastrophic outcomes has been more good luck rather than the result of actual training and preparedness. In the Ukrainian power facility attack, operators noticed that their control system computers were being manipulated without their input but were unable to mitigate the attack. More recently, in the Oldsmar Florida water treatment attack, an operator noticed that his control system operational display was having setpoint changes made without his input. Fortunately, the water treatment operator was able to mitigate the impact of the changes being made on the control system and prevent water quality from being compromised.
16/08/2021 16:35