ISA Interchange

Welcome to the official blog of the International Society of Automation (ISA).

This blog covers numerous topics on industrial automation such as operations & management, continuous & batch processing, connectivity, manufacturing & machine control, and Industry 4.0.

The material and information contained on this website is for general information purposes only. ISA blog posts may be authored by ISA staff and guest authors from the automation community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

Navigating the New Frontier: Choosing the Right Path for Remote Operations in Oil and Gas

Oil and gas projects are looking for ways to decrease costs while production and efficiencies increase. This ongoing challenge necessitates innovative solutions beyond traditional thinking. One such innovation is the remote monitoring and control of facilities from an integrated remote center. The driving factors behind implementing new technologies in automation and digital systems have included the need for higher productivity, reducing operating cost, addressing labor shortages and replacing unhealthy, dangerous and repetitive tasks.

Today's emerging technologies have the capability and capacity to enable these solutions. Digital solutions facilitate integrated, intelligent operations, enabling the integration of people and technology to execute remote operations in a knowledgeable environment. Although remote operations are not new for offshore fields, many existing facilities are designed as "normally unmanned." However, fully remote monitoring and control of these facilities remain uncommon in the oil and gas industry. There is a growing global trend toward adopting remote operations to reduce costs and enhance operational safety.

The transition to remote autonomous operation (RAO) represents a paradigm shift from fully manned facilities to a model progressing through various stages of manning — partially, periodically and ultimately aiming for normally unmanned operations. This evolution leverages advanced technologies like digital twins and big data analytics, enhancing operational predictability and safety while reducing logistical and insurance costs.

Horizontal vs. Vertical: Key Decisions for Remote Operations

As industries advance, the shift toward remote operations for brownfield sites presents a critical decision: Should the industrial automation and control system (IACS) be extended vertically or horizontally? Each approach offers unique benefits and challenges, shaping the security, efficiency and resilience of remote operations. This decision impacts the technical architecture, security and operational aspects of the site.

Horizontal Connectivity

The first is "horizontal" connectivity via the extension of control system "zones" whereby the local control network is extended to a remote location. This setup provides identical level 2 control system network access and functionality at the remote location as at the local or operational site. The remote location retains the same security requirements as the IACS on the main site since they are fundamentally in the same security zone. Encryption and access to the process control network are managed through strong authentication and network traffic controls (typically a firewall or intrusion detection and prevention system [IDPS]) before entering the communication link. Security control is maintained by the PCN itself to ensure no third party has authority and access to change the security system.

HorizontalConnectivityFigure 1: Overview of horizontal connectivity

 

Vertical Connectivity

Vertical connectivity connects the control systems to enterprise or external networks through a segregated and controlled zone and conduit architecture. The benefit of vertical connectivity is using shared resources in a more cost-effective solution. However, this opens potential for third parties to gain access to the local system from anywhere. Key security controls include providing encryption, tunneling and access control. Like horizontal connectivity, security control (encryption, access control, etc.) is managed by the process control network (PCN) itself to ensure no third party can change it. Additionally, a demilitarized zone (DMZ) or Level 3.5 is introduced between the PCN and enterprise network to ensure complete segregation. As such, the connection is vertically transmitted but logically horizontal, maintaining the same level at local and remote sites.

VerticalConnectivity

Figure 2: Overview of vertical connectivity

 

Table of Comparison Between Horizontal and Vertical Connectivity

 

Feature

Horizontal Connectivity

Vertical Connectivity

Reliability and availability

Influenced by telecom infrastructure and redundancy

Lower as it uses shared corporate infrastructure

Cost

Higher due to dedicated infrastructure

Lower as it uses shared resources/infrastructure

Application

Suitable for real-time control systems requiring high availability and low latency

Suitable for applications that integrate with enterprise networks and allow for controlled access

Cybersecurity threats

Amplifies threats inherent in a local facility and increases the potential for network-based attacks. The number of access points is increased, making control and visibility of those points more distributed and less visible.

Introduces external access threats due to integration with enterprise networks. Requires strong authentication and network traffic controls to manage these threats.

 

Deciding between horizontal and vertical connectivity for remote operations requires a nuanced understanding of the specific operational and security needs of the facility. Horizontal connectivity reduces external access threats but requires robust infrastructure and management. Vertical connectivity facilitates integration with enterprise systems but necessitates stringent security measures to mitigate external threats.

Ultimately, a hybrid approach, tailored to the facility's unique requirements, often provides the most balanced solution, leveraging the strengths of both horizontal and vertical connectivity while addressing their respective challenges. By carefully planning and implementing these strategies, industries can achieve secure, efficient and resilient remote operations, paving the way for advanced, integrated and remotely managed industrial environments.

*Reference: IOGP Report 627: Selection of system and security architectures for remote control, engineering, maintenance and monitoring.


Interested in reading more articles like this? Subscribe to ISA Interchange and receive occasional emails with links to our latest interviews, news, thought leadership, tips and more from the automation industry.

Isra Abbasi
Isra Abbasi
Isra Abbasi is an executive in remote operation management design at PETRONAS.

Related Posts

Onward and Upward to 2025: Proud of a Great Year

As my year as president of the International Society of Automation (ISA) comes to a close, I wanted to ta...
Prabhu Soundarrajan Dec 20, 2024 10:00:00 AM

How Did Automation Professionals Benefit from ISA in 2024?

The International Society of Automation (ISA) is proud to be the professional home of thousands of member...
Kara Phelps Dec 17, 2024 9:30:00 AM

Ensuring RCM or DCS Redundancy and Its Security in a Complex Industrial Environment

In industrial automation, remote control managers (RCM) or distributed control systems (DCS) are critical...
Ashraf Sainudeen Dec 13, 2024 10:00:00 AM