Skip to main content
  1. Home
  2. Special reports
  3. 13 Mar 24
  4. A necessary culture shift

A necessary culture shift

Published by , Editorial Assistant
Hydrocarbon Engineering,

The evolution of industrial control systems (ICS) is marked by significant technological transformation, starting with the first relay-based systems and evolving into programmable devices like programmable logic controllers (PLC).

Distributed control systems (DCS) have evolved from application-specific single loop controllers to multi-controller distributed systems. Now, the original proprietary networks of these systems have been replaced with open and interconnected architectures, and computers have evolved from proprietary interfaces to open Windows-based systems.

Advanced control and data integration have resulted in unprecedented gains in efficiency because of the convergence of industries and these digital technologies. This increased connectivity, while enhancing operational capabilities, has exposed ICS environments to new cybersecurity risks.

In the past, these risks were thought to be addressed through isolation of the ICS and obscurity of the technology. Without any possible remote access, tampering with these systems was difficult. As these systems were proprietary, knowledge of how they worked was limited to industry insiders. Currently, the typical ICS is highly connected with remote access, technology in the cloud, and widely dispersed users. Commercial off-the-shelf (COTS) technology, open networking and easily accessible information and training has made it easy to understand how an ICS operates.

Events with colourful names such as Stuxnet, Industroyer, and Trisis have illustrated the possibilities for tampering with an ICS. New technologies and ICS architectures are required to secure these systems from malicious actors and software. These changes have not been quickly or easily adopted as industry is limited by resources, funding, and available technology support for existing ICSs that are, in some cases, up to 20 years old.

Challenges

The oil, gas and chemicals industries have unique challenges that add to the complexity of industrial cybersecurity. These processes are controlled by complex and interconnected basic process control systems (BPCS) and critical safety instrumented systems (SIS). A compromise of these systems may result in significant health, safety and environmental (HSE) events.

Upgrading an ICS while in production is risky and downtime in these industries is costly with limited turn-around windows. Adoption of significant ICS architectural changes and system-wide improvements in existing systems is difficult for these reasons.


This article was originally published in the March 2024 issue of Hydrocarbon Engineering magazine. To read the full article, sign in or register for a free subscription.

Written by Tim Gale, 1898 & Co.

Read the article online at: https://www.hydrocarbonengineering.com/special-reports/13032024/a-necessary-culture-shift/

You might also like

 
 

Embed article link: (copy the HTML code below):

 

This article has been tagged under the following:

Downstream news