AFPM Summit Cybersecurity and IIoT

by | Oct 14, 2019 | Cybersecurity, Downstream Hydrocarbons, Industrial IoT, Industry | 0 comments

Emerson's Marcio Donnangelo

Marcelo Donnangelo

At the AFPM Operations & Process Technology Summit, Emerson’s Eric Braun and Marcio Donnangelo presented on cybersecurity considerations in implementing Industrial Internet of Things (IIoT)-based architectures.

Marcio opened noting that the opportunity to improve operational performance globally for manufacturers and producers is valued at $1 Trillion USD per year. Easy to install and use Industrial Internet of Things-based sensors enable more data to be collected to improve areas outside of traditional process control. These areas include personnel safety, reliability, energy efficiency and personnel productivity.

These increased sources of data coupled with operational analytics provide information to inform better decisions to made to improve these operational performance areas. Marcio noted that today clipboards for manual data collection is still the predominant work process for the industry.

WirelessHART provides an effective form of sensor communications for low power, low data rate applications. Sensors can monitor safety showers, rotating machinery vibration, sounds for relief valve releases and steam trap leaks, and many more.

Emerson's Eric Braun

Eric Braun

Eric next came up to discuss cybersecurity considerations. The IEC 62591 WirelessHART global communications standard incorporated cybersecurity considerations from its inception. All network communications are encrypted with the AES-128 encryption standard. Digital signatures on firmware updates are imperative to verify that the firmware has not been tampered with.

User management is important with roles defined for the minimum number of things required to perform the tasks for the role. Other layers of defense include login limits, logging and time synchronization to have an accurate picture across nodes.

Functionality and system ports that are not being used should be disabled to prevent unauthorized access. Training is another very important layer of defense to make sure the system is hardened to the level possible and that personnel understand and avoid non-secure practices.

Other layers of defense include systemic & structured threat modeling, penetration testing (ethical hacking), fuzz testing (sending broken packets to system & devices), and automated scanning. Suppliers need to have a robust testing and communications to make sure end users have the latest and most secure revisions.

Visit the AFPM Operations & Process Technology Summit section on Emerson.com for more on some the technologies and solutions for refiners and petrochemical producers.

Popular Posts

Comments

Author

Follow Us

We invite you to follow us on Facebook, LinkedIn, Twitter and YouTube to stay up to date on the latest news, events and innovations that will help you face and solve your toughest challenges.

Do you want to reuse or translate content?

Just post a link to the entry and send us a quick note so we can share your work. Thank you very much.

Our Global Community

Emerson Exchange 365

The opinions expressed here are the personal opinions of the authors. Content published here is not read or approved by Emerson before it is posted and does not necessarily represent the views and opinions of Emerson.

PHP Code Snippets Powered By : XYZScripts.com