This guest blog post was written by Pierre Dufour, a global product marketing manager at Honeywell Process Solutions. This post was written in conjunction with a co-hosted webinar on cybersecurity threats to natural gas providers, also featuring Steve Mustard, an industrial control system and cybersecurity consultant, and author of the ISA book Mission Critical Operations Primer. Click this link to watch the webinar replay.
In the natural gas market, companies under pressure from many forces in the world. Among these is the multiplicity of computer and communications systems that must be protected from those who would do harm to gas transmission and distribution capabilities.
Natural gas is the foundation fuel for a clean and secure future, providing benefits for the economy, environment and energy security. Alongside the economic and environmental opportunities of natural gas, there comes great responsibility to guard vital distribution assets from cyber attack. In a connected world, with increasingly sophisticated electronic threats, it is unrealistic to assume gas delivery systems are isolated or immune from various forms of electronic compromise.
Relevant operational and business data are available in many places on the gas grid, most of the time. Companies want to be as easy as possible to take this information and make it useful. This includes solutions that regularly pull and store relevant gas meter data in a secure cloud. Gas metering data must also be collected more frequently and in smaller increments. Leading automation suppliers provide advanced gas measurement and data management solutions to the natural gas industry.
These solutions provide seamless connectivity and round-the-clock access to critical data and diagnostics. Companies also employ the capabilities of the Industrial Internet of Things (IIoT) to do automated meter reading. But, they need to do more than just collect reams of data for billing and back office analysis. Gas operators must be able to make decisions and take action at every level of their distribution system, optimizing analytics where it makes sense and enabling multiple applications to run edge devices to solve problems in new ways.
Learn how to improve the overall security of your metering installed base and reduce the chances of vulnerabilities being exploited. Watch the co-hosted webinar recording presented by Pierre Dufour of Honeywell and Steve Mustard, ISA leader and industrial security expert. Click this link to watch the webinar replay.
In any IIoT-based communication system, it is essential to ensure that sensitive information reaches its intended recipient, and that it cannot be intercepted or understood by a malicious individual or device. A cyber attack on devices that control the gas grid could result in disruption of operations or damaged equipment.
Any device or system controlled by network communication that “faces” the Internet is at risk of being hacked. Natural gas firms require a fully integrated, end-to-end technology platform for gas transmission and distribution. This platform should be based on a single design standard and follow strict cybersecurity and information technology data security guidelines uniformly across all components. As such, there will be no weak link to be exploited by cyber criminals.
It is crucial to implement cybersecurity solutions that are specifically intended to protect sensitive gas consumption information at both the data storage and data transfer levels. For example, there are security advantages to deploying an architectural design that ensures integrated, low-power cellular modems operate on the network for the shortest possible time – perhaps only a few minutes per day. This greatly reduces cyber vulnerabilities compared to approaches where modems remain on continuously.
Natural gas providers are seeking to run a better business by implementing smarter, more responsible solutions for the customers they serve. Key to this effort is protecting all critical gas metering and data management assets from cyber threats. There is no substitute for sound, well-engineered cybersecurity processes, which reduce risks, mitigate hazards, and keep sensitive operational and business data safe and secure.
ISA offers standards-based industrial cybersecurity training, certificate programs, conformity assessment programs, and technical resources. Please visit the following ISA links for more information:
- ISA Global Cybersecurity Alliance
- Cybersecurity Resources Portal
- Cybersecurity Training
- IEC 62443 Conformance Certification
- Family of Standards
- ISA/IEC 62443 Cybersecurity Certificate Programs
- Suite of Security Standards
About the Presenter and Author
Pierre Dufour is a global product marketing manager at Honeywell Process Solutions. He has been with Honeywell for over 20 years. He holds an engineering degree in electronics and an MBA. Pierre has worked in multiple departments including Technology, Product Specialization and Marketing. He is based out of the Honeywell Mercury Instruments site in Cincinnati, Ohio.
About the Presenter
Steve Mustard, author of the ISA book, Mission Critical Operations Primer, is an independent automation consultant and subject-matter expert of ISA and its umbrella association, the Automation Federation. He also is an ISA Executive Board member. Backed by nearly 30 years of software development experience, Mustard specializes in the development and management of real-time embedded equipment and automation systems, and the integration of real-time processing, decision-support and other disparate systems to improve business processes. He serves as president of National Automation, Inc. Mustard is a recognized authority on industrial cybersecurity, having developed and delivered cybersecurity management systems, procedures, training and guidance to multiple critical infrastructure organizations. He serves as the chair of the Automation Federation’s Cybersecurity Committee. Mustard is a licensed Professional Engineer, UK registered Chartered Engineer, a European registered Eur Ing, an ISA Certified Automation Professional (CAP) and a certified Global Industrial Cybersecurity Professional (GICSP). He also is a Fellow in the Institution of Engineering and Technology (IET), and a senior member of ISA.