Integrated control systems: What are today’s top concerns?
1 Nov 2011
To some in the process manufacturing industries, the term integrated has become a buzzword – and not in the good sense. writes Scott Hillman of Honeywell Process Solutions:
Like any buzzword, the term ’integrated’ has been tossed around so much that its meaning can oftentimes seem vague, and in some cases, distorted. Most people understand that the general, overriding concept behind integration is that once-disparate subsystems are now working together. Beyond that, though, what does an integrated control system really look like, and why do some companies feel it’s necessary?
The bottom line is that integration is far more than a buzzword, and it can be much more than a way for plant subsystems to work together. At the highest overall level, an integrated system can change the way a company operates and make it more efficient.
One of the key drivers necessitating the move toward integration in most industries – including the oil & gas industry – is a shift toward dispersed operations with centralized control. In other words, fewer companies are building the mammoth production sites that dominated the manufacturing industries landscape for the past few decades. Instead, we’re seeing greater numbers of smaller facilities spread out over widely dispersed geographical areas.
This is especially true in oil & gas, where companies can have thousands of gas wellheads and pipelines spread over wide areas. Consequently, the assets aren’t the only things becoming more widely dispersed – so are the people and their process knowledge and expertise. Further complicating the matter is the fact that multiple dispersed assets often have multiple owners.
In a sense, this has resulted in production and business decisions needing to be made in more locations than the main control or board rooms.
This trend has accelerated the need for companies to tightly intertwine their control systems with elements such as safety, security, fire, manufacturing execution systems and others. It’s also led manufacturers to ask tougher questions of vendors who tout the benefits of integrated control systems. Two of those main questions include:
- How can we achieve a truly seamless integration of all subsystems and communications busses?
- How much cyber security needs to be in place?
The ultimate goal of integration should be for operators to control the process … not the controls. There are two aspects to this:
The first is the operational integration. In other words, the operator shouldn’t necessarily even know if a certain piece of data being displayed is coming from, for example, a wireless transmitter, or digital video input, or a safety system. To the operator, it’s simply coming from “the control system.” As such, one of the key concerns about integrated systems centers on whether they truly present themselves to the operators as a single, coherent system.
The second aspect is the tool suite integration. The best analogy to draw here is everyday software platforms such as Microsoft Office: Data from Office tools such as Word and Excel maybe formatted differently, but it can easily be shared across tools via functionality such as cut and paste.
The same concept should hold true in an integrated control system. The data may come from different tools throughout the plant or enterprise, but it should still be easily usable across various subsystems. How can vendors ensure this type of tool integration is provided?
The lack of a truly seamless integration has led to problems in the past due to the constant churn of technology. As process technology evolves, it hasn’t readily been able to integrate with existing control systems, leading to “integrated systems” that in some cases caused more operational and logistical problems than they solved.
Cyber Security
One of the key things manufacturers have come to realize about integration is that the traditionally thick lines separating layers of control – instrumentation, control, advanced control and MES – have become increasingly blurred. In fact, some would say this model for control is effectively collapsing, with the operators at the controller level having more influence on overall business decisions and outcomes.
When the MES level is pushed into the control layer and organized appropriately, this arrangement can actually streamline operations and make the business more efficient.
However, it also means more interaction between control and IT systems, which further exposes the controls to outside cyber threats. In the traditional process control world, the operator could control the process even if he/she unplugged the internet router. In the new world of integrated systems, that’s not the case.
As the rise of integration has given way to the rise of open systems, manufacturers are realizing they need to be more vigilant than ever in the face of recent threats like the Stuxnet virus.
This brings us back to the original question: What does an integrated control system really look like? For all components to be available on the same interface and create the kind of seamless integration that companies expect, SCADA of course will act as the base skeleton with services running through the nervous system allowing deep product support.
One of the overarching characteristics that companies should look for is a system that can be tightly integrated, but loosely coupled. In other words, companies need “future proof” technology that won’t require extensive upgrades or replacement when newer components – everything from wireless transmitters to MES applications – are introduced further on down the line.
One recent key development that can aid in this regard is the introduction of virtualization capabilities within control systems that allow multiple operating systems to share a single hardware server.
Essentially, the technology allows a single machine to simultaneously run multiple virtual machines and operating systems while ensuring they are totally isolated from one another and the underlying server. This enables manufacturers to lower the quantity of PC hardware required, reduce the frequency and impact of OS and hardware changes, and simplify overall system management.
This is critical to helping companies address the constant churn of technology – lifecycle costs are reduced while technology is kept up to date.
Cyber security, on the other hand, has become a far more complex issue. Due to ever-changing threats, countermeasures must be designed to be regularly updated and periodically reviewed, much the same way in which safety programs are evaluated.
Generally speaking, there are three keys to a successful cybersecurity program for any facility – people, process and technology. Regardless of the level of integration, a defense-in-depth program is the most-recommended and effective method. This means a good cybersecurity system will have multiple layers of defense providing protection for the industrial control system.
For example, there needs to be physical protection layers such as firewalls and switches. These are then coupled with software layers of protection (e.g. virus protection) and supplemented on an ongoing basis with procedures that checks, test, and update the critical protection layers on a periodic basis.
The best way to stay current with new technology is to perform regular, periodic assessments systems, processes, and policies. These reviews will identify areas for improvement, and implementation of those improvements is mandatory in order to keep up with the newest threats.
Of course, there are many other far more-detailed questions that manufacturers will have when considering the value of an integrated system for their individual sites. In every case, however, seamless integration and reliability provided by cyber security measures will be two of the most-critical factors that will determine whether an integrated system functions as more than an industry buzzword.
