We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. For insightful talks and networking opportunities, join AI and data leaders. Register today!
Complex market forces and various sets of challenges have converged over the last decade, leading to the rapid adoption of new digital solutions in power plants. The growing use of renewables and the digitization of the grid have put competitive pressure on traditional gas-operated power plants to evolve to be more competitive.
The primary obstacles to this change are:
- Multigenerational workforce – the shortage of experienced plant operators and managers is growing, driving a need for more flexible remote work options and training
- Global shift to remote work – uncertainty and social-distancing protocols created by the COVID-19 epidemic hastened the urgency of a new remote operational model.
This second trend is, arguably, the most important.
Power generators have begun to adopt technologies that allow remote or mobile control procedures to maintain business continuity and maximize staff flexibility and efficiency. Industrial organizations need to improve their security infrastructure in order to manage their critical infrastructure remotely due to increasing uncertainties in plant operations. Technicians and plant managers need to be able to connect with their assets from any location at any time.
Traditionally, technicians and power plant operators could only access the HMIs of the plant from a controlled room or another nearby location. Although remote access was possible, or there was a need for flexible solutions, the only place that power plant operators and technicians could work in was the control room. The pressure on power plant operators to meet key performance indicators has been constant. Now, the urgent need for remote flexibility is evident. It is now a priority to develop and implement contingency plans, and to change strategies to minimize the presence of non-essential staff.
There are several reasons such limits have been in place, such as international cyber requirements that prevented mobile or offsite use of these controls. When such conditions exist, there are often procedural and manual limitations as well as a high degree. Remote access can sometimes be necessary, but it is often done using temporary methods that could put critical infrastructure at risk.
Blending physical security and cybersecurity measures
Those in the industry know what solutions are required based on their individual roles and responsibilities when looking at divisions of plant locations and responsibilities. These needs may not always be linked to a single strategy.
The strategies required to meet today’s business challenges range from occasional remote technical support for contingency operations to more comprehensive plans for centralized (remote operation) management of many assets from an command center.
Combining on-site and remote power plants operators will allow for a more efficient response, which will increase operational efficiency and public safety. Remote staff can also monitor and control HMI systems on site, while still allowing staff in the control room to have full access. Remote operations can be performed entirely depending on the plant’s characteristics. A purpose-built interface with safety features is available for mobile users in the plant and elsewhere.
An example of the need for remote operations and the high cost is the late-night call to a technician to resolve an issue that arises during preparation. Timing is crucial. The speed of the response can make all the difference in a successful start, delayed start, or missed load ramp or tolle – potentially resulting in a loss of tens or thousands of dollars. In addition to reducing the productivity of the team, the physical response needed to reach the technician at the site can also impact the team’s productivity as the technician will often miss the next work day. Many of these problems could be avoided if the technician could provide remote support.
Remote access: Re-orienting the cybersecurity strategy
Industrial enterprises and businesses must rethink how they secure their information. Organizations must not build defenses around their offices, but enable
- Collaborate with remote staff and experts
- Increase on-site mobile staff effectiveness and flexibility
- Improve employee health and safety
- Operate reliably with reduced staffing
- Centrally monitor plant operations.
- Diagnose and troubleshoot alarms and issues
- Instruct, guide and dispatch on-site personnel
- Remotely operate, startup and/or shutdown control system assets
Today’s most power plants are equipped with firewall products, which have become standard-issue appliances when needing to secure a network. The next-generation firewalls (NGFWs) provide more functions, including sandboxing and application-level inspection. Although NGFWs are great at their functions, remote access to devices is not possible. There are inherent risks for those who use them.
Firewalls are able to encrypt data streams via a virtual private network and tunnel critical information through untrusted networks, such as the internet. With today’s technology, and the abundance of information and tools available to threat actors it is possible for hackers to hack data communication protocols at an endpoint device. This allows them to terminate encrypted data streams and tunnel critical information through untrusted networks such as the internet. They can also conduct malicious activities that could allow them to gain access to power plant assets.
Additional areas businesses need to consider for remote security are
- Organizations must identify all their critical infrastructure. This may seem intuitive but it is crucial to account for interdependencies between systems. If an IT billing system depends on other operational technology, it’s vital.
- Encrypted browser-based display (VDI) for remote or mobile operator HMI display to desktops, laptops and tablets.
- Multifactor authentication (MFA) is a given. There are many MFA types, but industrial organizations should implement closed-loop, hardware-based token access without cloud access to meet both onsite mobile operator and remote access requirements.
- Moderated secure file transfer provides either bidirectional or uni-directional file transfer capabilities for each system connection.
- Application and system segmentation ensures systems and applications are logically segmented to limit cyberattacks’ blast radius.
- Time-Based access controls limit the time vendors, contractors and plant technicians interact with critical systems.
- HMI access sessions by mobile operators and remote users need to be recorded for forensics and training purposes.
As the power industry adapts to the changes presented by a changing workforce and the convergence of IT and OT, remote user access will become even more essential.
Bill Moore, CEO of Xona Systems .
Welcome To The VentureBeat Community!
DataDecisionMakers is where experts, including the technical people doing data work, can share data-related insights and innovation.
Join DataDecisionMakers to learn about the latest ideas, best practices, and the future data and tech.
You might even consider contributing an article of your own!
Read More From DataDecisionMakers