Stepping up Cybersecurity as Industrial Electrification and Digitalization Accelerates in Energies and Chemicals Industry

This audio was created using Microsoft Azure Speech Services

The concept of Net Zero dominates today’s news and mindshare of the Energies and Chemicals industry. To decarbonize, Energies and Chemicals companies currently have few options available, including improving energy efficiency, using renewables for industrial electrification, CCUS, Hydrogen, and biofuels.

Energy efficiency and industrial electrification are the low-hanging fruit options that are scalable and potentially generate positive ROI without government incentives. Substantially higher electrical loads and electrical infrastructure unforeseen by oil and gas operations are creating newer safety concerns. Digitalization enabled by IT/OT convergence demands tighter cybersecurity protocols. Cybersecurity strategies should evolve as safety is still the top priority in the oil and gas industry. Cybersecurity is essentially digital safety and a key component to protecting the uptime, security, and safety of critical infrastructure.

Energies and Chemicals companies recognize digitalization as an enabler for achieving business and sustainability objectives and are eager to capture the benefits. For operational efficiency, safety, sustainability, and profitability, digital technologies will be critical for planning, process automation, predictive maintenance, anomaly detection, and energy management in operations.

Digitalization links connected products (e.g., field devices and edge control systems) to apps and analytics, executing data analytics on interconnected systems to deliver value across the entire enterprise supply chain. A value-focused digital transformation leverages connected devices and IIoT to extend the facility’s operational life and, at the same time, reduce both CapEx and OpEx.

Decarbonization by industrial electrification and renewable energy – room for growth

Industrial electrification powered by renewable energy is a major strategy option in decarbonization. Because of the many benefits clean electrification offers over alternatives, electricity demand is projected to increase by 300% by 2050. Compared to other options, electricity delivers considerable advantages, including:

●Greater efficiency (~95% for electric motors and 99% for thermal energy conversion vs. 25 – 40% for fuel-powered systems).

● Better remote control through digitalization.

● Lower maintenance costs with a longer mean time between failures (x10 vs. gas turbine) and shorter mean time to repair (<10% vs. gas turbine).

Industrial electrification remains low in the oil and gas sector, representing only 7% of site energy usage in refineries and 20% in petrochemical facilities.

As IT/OT converges and every asset within the plant/enterprise is becoming autonomous, data are being collected in real-time and are also being controlled remotely. Cybersecurity measures should evolve as digitalization and electrification increase.

OT and IT world’s differences in Energies and Chemicals industry

Schneider Electric can work with clients IT/OT, using our core strength in energy management and industrial automation to add more value to the OT side. The main difference between IT and OT is that IT deals with the cyber world and OT is connecting the cyber world to the physical world.

For example, a control system connects to a motor or a pneumatic-driven valve that controls the flow of combustible petroleum products in tanks and pipelines. Or the control system connects to electrical elements that heat up a steam boiler in a refinery or petrochemical plant. A sensor that sends a pressure or temperature reading back to a control loop. A hacked signal can fool the operator into making dangerous decisions, for example, a hacked signal sent to the operator stating the valve is closed but it is open; not knowing it is leaking hazardous material into the surroundings.

Cybersecurity principles

Schneider Electric’s Cybersecurity strategy is based on the following principles:

  • Permit– Manage access to operations systems and information through the network and physical controls.
  • Protect -Implement specific controls as part of the operations systems for ongoing protection
  • Detect — Monitor the operating environment to detect and communicate threats
  • Respond– Develop procedures and systems to support rapid response to cyber incidents to contain and mitigate attacks.

These strategies address specific challenges and requirements. It is a robust approach to delivering cybersecure solutions. Key benefits include:

  • Protecting critical digital assets in accordance with cybersecurity standards (IEC 62443, NERC/CIP, etc)
  • Ensuring business continuity with adequate security controls
  • Considering Cyber-secure products by design
  • Offering full coverage according to risk assessment through technology partnerships
  • Providing vendor-agnostic services by skilled and certified professionals to help assess the risk, implement cyber-specific solutions, and maintain defenses over time

How to get started? Schneider Electric cybersecurity experts can help clients benchmark and improve their current cybersecurity strategy using the following consulting methodologies:

  1. Assessment. Assesses existing cybersecurity controls being implemented. Appraisal of current cybersecurity position according to IEC 62443 standards.
  2. Design and implementation. Certified cybersecurity experts identify the gaps, risks, and vulnerabilities found during the initial assessment, and then create strategies to fill the gaps, providing layers to protect organizations against vulnerabilities and mitigate risks.
  3. Detection and Monitoring. Monitor the operating environment to detect and communicate threats. Continuous threat detection software improves network resilience. Establishes tools that learn how a network operates under a steady state and flags anomalies as they occur. Schneider Electric’s cybersecurity team can also be responsible for monitoring your cybersecurity infrastructure, being your first level of support.
  4. Maintenance and training. Expert management services are also provided to patch and update solutions made during the detection and monitoring to evolve as hackers find different methods to penetrate a system.

Learn more about cybersecurity here https://www.se.com/ww/en/work/solutions/cybersecurity/virtual-academy.jsp

Tags: , , , , , ,

Add a comment

All fields are required.

This site uses Akismet to reduce spam. Learn how your comment data is processed.