Cybersecurity is a process control challenge that consistently evolves as new technologies come into use and new threats emerge. Since process control methods are constantly developing, the protective measures need to match the rate of change to ensure adequate levels of protection are in place. Pipelines used in the oil and gas industry, as well as in the transportation of a multitude of liquid and gaseous products, account for more than 2.3 million miles of process piping in the United States. Natural gas pipelines are commonly monitored and controlled by, for example, programmable logic controllers or other microprocessor and communications based systems, responsible for flow regulation and various process conditions. Because of the prevalence of these systems, they are a target of increasing attacks, on both PLCs and other SCADA related devices, such as compressors, remote terminal units, communication networks, and other critical process infrastructure elements.
While developments in technology have provided operating advantages and improvements to the process industries, the more complex and advanced the systems may also increase the exposure to malicious penetration and mischief by unauthorized parties (hackers). Because of this, diligence by industry professionals, while always a strong component of protecting against outside threats, has been augmented via new guidelines meant to better prepare all process operators against more coordinated cyber-attacks.
Basic preventative measures, such as a firewall, are no longer a sufficient bulwark against the increasing threats. Instead, the entire process must be evaluated and monitored so that each individual piece of the network is understood fully. If a part of the system starts behaving in an abnormal way, then an understanding of what that specific PLC or component affects must be immediately known. The most effective protective programs will be able to function without needing any downtime, and will also be able to learn the network easily. Whenever the defense program gets triggered, it needs to not only provide a general alert to the process operator, but must also be able to provide context so that the previous knowledge of how the system works can be applied to mitigate the current problem.
Currently, the oil and gas industry has transitioned to what is being termed a ‘holistic’ approach to cyber defense. In order for the best security possible to be employed, the human element of process control must function in tandem with the autonomous programs. The human component of process operation, where it exists, can be unpredictable and present vulnerabilities that may not be known or anticipated. Everything must be considered.
Industrial process operation involves many areas of risk, with cyber attack being just one. The right kind of planning and response to risk can mitigate the potential impact. Security efforts, technology, and knowledge must keep pace with threats which emerge to process pipeline security.