DCS; Industrial control system
Product
Article
NameDescriptionContent
English 简体中文
NEW CENTER
Current Location:
Home >> journalism >> Cybersecurity Preparedness for Oil, Gas and Petrochemical Operations

Cybersecurity Preparedness for Oil, Gas and Petrochemical Operations

From:automation | Author:H | Time :2024-11-27 | 116 Browse: | Share:



Figure 1: The ISA/IEC 62443 series of standards addresses all entities involved in the protection of operating facilities. Visit ISA.org for the most up-to-date information. Source: ISA

“The series approaches the cybersecurity challenge in a holistic way, bridging the gap between operations and information technology, and between process safety and cybersecurity,” said Ristano.

According to an ISAGCA whitepaper, “Many organizations (especially very large ones) have established policies and procedures governing the IT security in their office environment; many of these are based on ISO/IEC 27001/2 [27001] [27002]. Some have attempted to address their operational technology (OT) infrastructure under the same management system and have leveraged many IT/OT commonalities.

“Although it would be ideal to always select common controls and implementations for both IT and OT, organizations have been confronted with challenges in doing so: the locking of an OT operator screen creating unsafe conditions, antivirus products incompatible with OT equipment, patching practices disrupting production schedules, or network traffic from routine backups blocking safety control messages. The ISA/IEC 62443 Series standards explicitly address issues such as these; this helps an organization to maintain conformance with ISO/IEC 27001 through common approaches wherever feasible, while highlighting differences in IT versus OT approach where needed.”

The whitepaper offers guidance for organizations familiar with ISO/IEC 27001 and interested in protecting the OT infrastructure of their operating facilities based on the ISA/ IEC 62443 series. It describes the relationship between the ISA/IEC 62443 series and ISO/ IEC 27001/2 and how both standards may be effectively used within one organization to protect both IT and OT.



PETRONAS leverages ISA/IEC 62443

PETRONAS, Malaysia’s national oil and gas company, is a dynamic global energy group with presence in more than 100 countries. According to Sharul A. Rashid, PETRONAS GTS head of technical excellence and group technical authority for instrumentation and control, the enterprise-wide cybersecurity program for PETRONAS started in 2018.

“A five-year roadmap toward building an institutionalized capability in OT cybersecurity was crafted and subsequently approved in 2019,” said Rashid. “The institutionalized capability-building program was established mainly to create a culture of cybersecurity and to ensure the ongoing suitability and competence of personnel commensurate with the risk to critical infrastructure. The organizational objectives were: responsibilities; workforce controls; knowledge, skills and abilities; and awareness.

At that time, the task force consisted of Sharul, principal instrument and control (I & C) engineers Azmi Hashim and Michael Ng Chien Han, and senior I & C engineer Ping Yang. All four men helped shape and steer the PETRONAS OT cybersecurity program.

In November 2020, PETRONAS became a founding member of ISAGCA. By February 2021, it started attending ISAGCA Government Relations—Asia Pacific meetings. “We learned that ISAGCA aspired to designate and reference the ISA/IEC 62443 standard in a country’s law and regulatory policy. So, for Malaysia, we started our efforts to support that,” said Rashid.

OT Risk Management for PETRONAS is based on the ISA/IEC 624443-3-2 Standard, said Ng Chien Han. “Cyber risk of an OT system is established by evaluating the business impact of that system, if it is compromised, and the likelihood of that compromise happening. Business impact is evaluated from the lens of how it affects people, environment and assets, as well as the company’s reputation. The likelihood is established via control compliance in addressing threats from a cyber security threat register,” he explained.

In September 2023, “PETRONAS reached a milestone by—for the first time—executing a cybersecurity risk assessment as part of the engineering design stage of a capital project,” Rashid added. “Through the risk assessment, the Security Level Target (SLT) of each OT system of the project was established. This exercise provided the EPCC (Engineering, Procurement, Construction, and Commissioning), OT, and OT vendors with detailed security specifications for the systems being designed. The specifications to be delivered are from the ISA/IEC 62443-3-3 system security requirements and security levels standard in addition to the PETRONAS technical standards,” he explained.

PETRONAS has made good use of the wide range of cybersecurity resources that ISA offers (see sidebar). “Utilizing the ISA/ IEC 62443 standards in engineering design has helped advance cybersecurity discussions with the OT vendors in delivering secured-by-design OT systems. It has also helped PETRONAS as a tool to strengthen the cybersecurity awareness and practices of its partners and collaborators,” said Rashid.

ISA offers multiple levels of OT cybersecurity training courses. Students who complete the courses and associate exams can earn certificates that demonstrate their growing cybersecurity maturity. Source: ISAGCA.

  • Bently Nevada 2300/20-RU 2300/20-CN Monitoring controller
  • A-B 4100-234-R IMC™ S Class Compact Motion Controllers
  • B&R Power Panel 300/400
  • ADLINK cPCI-3840 Processor module
  • ACQUISITIONLOGICAL81G -2
  • HIMA K1412B PLC Module
  • HIMA K9202B PLC Module
  • IS200VTCCH1CBD GE Speedtronic Turbine Control PCB board
  • TRICONEX 4200 Digital Output Module
  • DEIF SCM-1 PCB CARD Module
  • HIMA F3DIO20802 controller plc F3DIO20802
  • HIMA B5233 PLC Module
  • HIMA B5322 PLC Module
  • HIMA F7105A PLC Module
  • HIMA F7150 PLC Module
  • HIMA Z7308 PLC Module
  • HIMA F60 PS01
  • TRICONEX 4409 PLC Module
  • F8651X HIMA Central module F8651X
  • F3236 DIGITAL INPUT MODULE
  • HIMA-6E-B HIMA-6E-B Large System Controller
  • F8627X HIMA communication module F8627X
  • HIMA P8403 PLC Module
  • F8628X HIMA F8628X communication module
  • F8621A HIMA communication module
  • IS200VRTDH1D GE Mark VI Printed Circuit Board
  • ABB NIACO2 PLC Module
  • ABB NIAMO1 PLC Module
  • HIMAcard F8650X
  • HIMA F8652 98465266 PLC Module
  • F8652X HIMA Central module
  • HIMA 62100
  • HIMA 99-7105233 B5233-1 NSMP
  • ABBSPAD 346 C3-AA
  • ABBREF543KM127BABB
  • ABB 0-63007 M003742626
  • Abb FET3251A0P1B3C0H2M
  • ABB 3HAB8800-1
  • ABB 3AUA266001B166
  • ABB3HNM07686-1
  • ABB PQF4-3 TAS
  • ABBAC500 DI581-SB1
  • Honeywell 30735863-502 - SWITCH
  • Honeywell TK-CCR014 - REDUNDANT NET INTERFACE NEW ORIGINAL FREE EXPEDITED SHIPPING/
  • Honeywell 51403165-400 - new 51403165400/
  • Honeywell318-049-001 quot100 Batteries(Japan Liion2Ah14.8Wh)INTERMEC/ PR2,PR3 P/N
  • Honeywell FC-PSU-UNI2450U - Power Supply
  • Honeywell 965-0676-010 - WARNING COMPUTER SV
  • Honeywell 51403519-160 - Module
  • Honeywell 107843 - HOUSING CARBON FILE P/N NE COND # 11438 (4)
  • Honeywell VR434VA5009-1000 - Brand new in box Condensing boiler valve DHL fast shipping
  • Honeywell SPXCDALMFX - plc new FREE EXPEDITED SHIPPING/
  • Honeywell BCM-PWS - BCM-ETH BCM-MS/TP BCM-MS/TP Network controller setFedEx or DHL
  • Honeywell YSTR12D-22/C/-2J0DFA/BE/400/T/-CM.HO.TG.SB.SM,ZS,F1,LP,/FX/,1C-BT - UNMP
  • Honeywell IWS-1603-HW - 90-250VAC 1.0A UNMP
  • Honeywell 51304386-150 - MEASUREX Factory Packed
  • Honeywell CC-IP0101 - Profibus Gateway Module
  • Honeywell CC-PFB401 - / CCPFB401 (NEW IN BOX)
  • Honeywell 50071726 - St 800 Series Pressure Transmitter Remote Diaphragm 11-42VDC
  • Honeywell 621-2150 - / 6212150 (NEW NO BOX)
  • Honeywell 80360206-001 - USED YAMATAKE CLI BOARD
  • Honeywell BMDX001A-001 - ACCURAY / BOARD BMDX001A001
  • Honeywell XCL8010A - New CPU Controller.
  • Honeywell PGM-7320 - 1PCS NEW Rae Systems MiniRAE 3000 Portable VOC Monitor#XR
  • Honeywell BK-G40 - U65 *FULL INSTALLATION* Gas Meter 3?± Inlet/Outlet Spool NEW UNUSED
  • Honeywell DM106-0-B-00-0-R-1-00000-000-E0 - DPR100 250V NSNP
  • Honeywell KFD840 - PRIMARY FLIGHT DISPLAY CORE PN: 066-01206-0104
  • Honeywell 51401914-100 - 51400996-100
  • Honeywell TK-PRS021 - Module Via FEDEX/DHL
  • Honeywell C7012A1145 - 1PC New UV Flame Detector Expedited Shipping
  • Honeywell OV210 - Baxter Bakery Oven Igition Control. For DRO. 00-616973 NEW
  • Honeywell 51304431-125 - 1PC New /51304431125 1 year warranty#XR
  • Honeywell QPP-0002 - Quad Processor Module / 5 Vdc / Massima 1.2A/24Vdc/max.25mA
  • Honeywell QPP-0002 - Quad Processor Module / 5Vdc / Max. 1.2A/24Vdc/max.25mA
  • Honeywell 8C-PCNT02 - 514543363-275 module
  • Honeywell DPCB21010002 - Tata Printed Circuit Board
  • Honeywell DPCB21010002 - Tata Printed Circuit Board Rev: 0
  • Honeywell 001649-M5T028 - Tata Printed Circuit Board Rev: 0
  • Honeywell YSTD924-(J2A)-00000-FF,W3,TP,TG,SS - NSFS
  • Honeywell XF523-A - / XF523A (NEW IN BOX)
  • Honeywell TK-PRS021 - NEW IN STOCK ship by UPS
  • Honeywell 2MLR-AC22 - " 2mlr-dbsf,2mlf-ad4s,2mlf-dc4s,2mlr-ac22 Rack"
  • Honeywell 9436610 - MEASUREX NSMP
  • Honeywell RT10A-L0N-18C12S0E - RT10A.WLAN.IN.6803.CAM.STD.GMS
  • Honeywell 51305896-200 - P:C1 Rev D Nim Modem - FAST SHIP BY Fedex
  • Honeywell TK-FTEB01 - PCL module Brand New Fast Shipping By DHL
  • Honeywell 8694500 - Measurex Control Processor Module
  • Honeywell DR4500 - Truline and DR4300 Circular Chart Recorder
  • Honeywell EC-7850-A-1122 - / EC7850A1122 (NEW IN BOX)
  • Honeywell XNX-UTAI-RNNNN - NEW Universal transmitter DHL Fast delivery
  • Honeywell SPXCDALMFX - plc new One Year Warranty #
  • Honeywell TC-RPFM01 - C200 system card brand new Fast Shipping
  • Honeywell 51196655-100 - NSMP
  • Honeywell XCL8010A - / XCL8010A (USED TESTED CLEANED)
  • Honeywell 51198801-100 - NEW CPU INTERFACE BOARD UPGRADE KIT UPIU 51306154-100
  • Honeywell 84795 - Sputtering Target 5N Al5Cu 7830x11640x13050
  • Honeywell W7704A-1004 - / W7704A1004 (USED TESTED CLEANED)
  • Honeywell RA890G1229 - FOR FSG UV Protectorelay /PL3
  • Honeywell KFS-599B - 071-01576-0101 UHF Communication Control with Mods (28V)
  • Honeywell WPC2000 - WINTRISS 9683001 WINTRISS CLUTCH/BRAKE CONTROL *NO KEYS*
  • Honeywell C7012E1112 - 1PC C7012E 1112 Burner Detector New In Box Expedited Ship #
  • Honeywell 8C-TCNTA1 - C300 system card brand new Fast Shipping
  • Honeywell ANT67A - TCAS Antenna 071-01548-0100 w/ October 2023 Repaired 8130
  • Honeywell CC-PDIS01 - PLC Module Brand New Fast Shipping FedEx or DHL
  • Honeywell R7247C1001 - 2-4SECS NSMP
  • Honeywell ALI-80A - Collins Encoding Altimeter - P/N 622-3975-011 - Tested 8130 -Serviceable
  • Honeywell 001650-M5T028 - Tata Relay Circuit Board
  • Honeywell 51196886-100 - PC BOARDS (126201 - NEW)
  • Honeywell J-HAM10 - NSNP
  • Honeywell TC-IXL062 - 1PCS module New fedex or DHL
  • Honeywell 114M4910-6 - PISTON ASSY PN NS COND 12037
  • Honeywell C7076 - 191002B Sensor Amplifier 220/240v
  • Honeywell 510STR12D21A-B77P - NSNP
  • Honeywell 51304511-200 - Module Nim Modem Via FEDEX/DHL
  • Honeywell IC-600 - Integrated Communication Unit RCZ851E 7510700-806 Removed Working
  • Honeywell TC-IAH161 - 1PC NEW REDUNDANT NET INTERFACE one year warranty#XR
  • Honeywell 2001-100-150-126-280-20-100000 - REMAN
  • Honeywell QPP-0001 - FSC QUAD PROCESSOR PACK QPP MODULE CC V1.4
  • Honeywell 30734558-001 - / 30734558001 (USED TESTED CLEANED)
  • Honeywell STD830-E1HS4AS-1-A-ADB-11C-B-21A0-00-0000 - 4500PSI NSNP
  • Honeywell 900C75-0560 - NEW HC900 Controller module FedEx DHL Fast delivery
  • Honeywell BL870 - Bezel 7014331-921 w/ October 2018 Repaired 8130
  • Honeywell STG77L-E1G000-1-A-CDC-11S-A-20A0-00-0000 - NSMP
  • Honeywell FF-SB14E12K-S2 - / FFSB14E12KS2 (USED TESTED CLEANED)
  • Honeywell 51198685-100 - "Rev. A, 140519-2-LF Power Supply Module 10A 100-240 VAC"
  • Honeywell 942-M96-M - plc new FREE EXPEDITED SHIPPING
  • Honeywell TK-IAH161 - 1PC New ANALOG INPUT TKIAH161 Expedited Shipping
  • Honeywell C7061F2001 - 1PC UV Flame Detector New In Box #