Process Control

[xyz-ihs snippet=”LeadLander”]

Process Control

The automation of factories, power plants, distribution centres and other production facilities rely on Distributed Control Systems (DCS) and Supervisory Control and Data Acquisition (SCADA) systems to support process control activities 24×7.

Information gathered by DCS and SCADA systems needs to be securely transferred between the plant and the business networks without jeopardising security, safety and reliability of the plant.

Over the last 12 years Owl has worked with suppliers and customers to develop a set of cyber security products that protect networks and support a wide range of data applications and interfaces used in plants. These products are currently protecting hundreds of customer sites globally.

Typical Uses:

Typically our customers use our cyber security platform as a perimeter security device to protect the process control environment. Using a data diode allows information that is essential for effective day-to-day business operations to be transferred from process control environment with the insurance that any outsider threat cannot send data to the

Utilising Owl’s data diodes as the core, 4Secure can integrate a wide range of Owl applications that allow seamless integration of cyber security whilst natively supporting industry relied upon vendors and protocols:

  • OSIsoft®
  • GE Proficy® Historian
  • Rockwell
  • Schneider
  • OPC foundation
  • Modbus
  • Scientech R*Time®
  • Database replication

Owl also supports MODBUS and OPC certified connectors that interface directly to PLCs, RTUs or other SCADA devices to move real-time plant data across network security boundaries.  Owl also provides monitoring applications such as the Owl Virtual ScreenView which supports a nonintrusive monitoring of SCADA HMIs or other plant applications.  In addition, Owl supports the GE OSM system, securely transferring data from the OSM server to remote monitoring centres.

GE Proficy® Historian from GE Intelligent Platforms is a powerful, enterprise-wide data historian that collects, archives and distributes tremendous volumes of real-time production information across the control space.

The Owl software connector transfers database points, historical records — all with minimal startup configuration and administrator access. If the customer selects pre-configuration (supplying Owl with a copy of point records, and a network configuration), the transfer system is truly “plug-and-play.”

Modbus is a communications protocol and de facto standard developed for use with Programmable Logic Controllers (PLCs), SCADA systems and other industrial devices. Owl’s Modbus Transfer Service (MBTS) is a software application that allows real-time data to be collected from industrial control systems within a plant and securely transfer it across the Owl DualDiode to end-users (operations, production, maintenance, etc.) outside the security perimeter of the plant. The DualDiode protects the plant from cyber-attacks while securely transferring data outside of the plant.

MBTS has two components, a “Master” and a “Slave”. The Master runs on the source side of the OPDS platform and interfaces with industrial control systems in the plant, collecting register data from them and transferring it across the DualDiode to the destination side. The Slave runs on the destination side of the OPDS, receiving the register data and providing it to any “Masters” operating outside the security perimeter of the plant. MBTS is a non-intrusive solution working within the existing architecture, becoming an additional Master collecting data and a new Slave to collect register data from.

Created by the OPC Foundation, OPC is the interoperability standard for the secure and reliable exchange of data in the industrial automation space. Owl’s OSTS application provides a mechanism where data (real-time data, monitoring of alarms and events, historical data) can be accessed within an OT network using the OPC standard interface. The Owl OPDS DualDiode Technology then transfers the data across the network security boundary to business users on the IT networks. This provides external users with access to plant data without jeopardizing the cyber security of the OT network.

The Owl OPC Server Transfer Service (OSTS) application operates as an OPC client and retrieves “point” data from one or more OPC servers in the network. The point data is then securely transferred from the source side of the OPDS one-way data diode across to the destination side. On the destination side an OPC server makes the point data available to OPC clients operating on the IT networks. OSTS has received OPC Foundation Laboratory Certification and supports both OPC Data Access (DA) and OPC Alarms and Events (A&E) specifications.

One of the tools critical infrastructure providers are using to improve their cyber security posture is network segmentation coupled with data diodes. The data diodes protect the boundaries of network segments from cyber threats while simultaneously allowing data to securely flow out of them. This is important when end-users outside the plant or facility need access to OSIsoft PI historian data. Owl’s solution is a combination of software and patented DualDiode™ technology which securely transfers data to end users.

OPTS software was developed specifically to securely transfer PI historian data across network boundaries. OPTS interfaces directly with the PI Historian on the source network, replicates the data and utilises the DualDiode™ to securely transfer the data to the destination network. On the destination network, OPTS can either build the historian from scratch or append to an existing one.

OPTS can be configured to either run on off-the-shelf servers or on one of the Owl DualDiode™ appliances (OPDS-100D, OPDS-MP). Server configurations support larger historians and higher throughput requirements while the appliance devices feature a single, all in one box solution.

The OPDS platform for electronic perimeter security natively supports the secure one-way transfer of Curtiss Wright Scientech R*TIME data capture and archival. Scientech R*TIME is a real-time data acquisition, display, and man-machine interface, and control system software program. R*TIME presents real time information that is meaningful and easily accessible. R*TIME provides access to menus and displays of real time and historical data through defined icons and pull down menus. The system provides the user with the ability to construct and use color graphic displays with trends (time, x-y and bar), alarms, logs, message files, and many other tools.