Page 140: of Offshore Engineer Magazine (May/Jun 2015)

139 141

and they used a GPS driven camera, so I can tell the exact location. I know there are devices in use with known vulnerabilities. I know there is a wire- less connection, and I know exactly where it is. It might be a physically se- cure installation with a locked cabinet, but I don’t have to get in there to start tampering. The photos and story gave away far too much information.”

So if a hacker followed Luallen’s scenario, it might indeed be possible to get into the network and cause the

SCADA pack to dump its program and shut down whatever its running. But, that is a long way from creating an

FINDING A SOLUTION explosion or environmental disaster because there are safety systems on The problem is clear: Bad things can the platform to prevent those sorts of happen on a platform and the indi- small disruptions from escalating into viduals out there probably do not have a big incident, right? suffcient training on dealing with a

In theory, yes. A hacker who has cyber incident. Nonetheless, they are gained access to the basic process the ones who will have to deal with an control systems of a platform might incident and they might not be able to be able to change setpoints or other- count on help from the folks on shore wise disrupt normal production, but as quickly as necessary. That sounds the safety instrumented system (SIS) like a pretty awful scenario, but new functionality should be separate and tools have been emerging that could unreachable. It should prevent a dis- make the situation more positive.

ruption from becoming a disaster, but One of the frst steps of creating a cy- the reality might be different. ber defense posture is understanding “Control engineers would never bet your networks and all the assets on the the safety of the equipment under networks. The next step is to charac- control and of their co-workers on terize the kind of communication that engineering and administrative safety should be happening in normal opera- controls designed to mitigate poten- tion. Industrial networks, particularly tial hazards that come from probabi- those on offshore platforms, tend to be listic failures and improper decisions,” static as far as confguration and func-

Assante said. “Losing the integrity of tionality go. When a control system is your production systems to a cyber working well, there is little incentive compromise introduces a diffcult to to modify it beyond maintenance and anticipate and mitigate safety risk as replacing failed devices. Monitoring the intruder can maliciously operate communication should present a pic- the system or modify set points to ture that does not change much from create dangerous conditions. Physical day to day, and any changes that hap- separation of dedicated safety sys- pen should be easy to identify.

tems from the control system provides

New tools have emerged that help a level of protection against antici- establish how networks should be pated accidents and some attacks. A performing and call attention to traf- disturbing trend has been the integra- fc that does not ft the profle. These tion of safety system components and tools allow platform operators to use control systems leveraging common them effectively after a bit of training.

networking infrastructure. A good “There are many ways to do traffc control system anticipates potential profling,” Cornelius said. “You’re look- failures and unsafe conditions, but ing for the destination and source of an adaptive and intelligent threat can traffc, you’re looking for the amount unbound the problem.” of data being transmitted over the oedigital.com 137_OE0515_REVIEW_Safety&Security.indd 142 4/20/15 10:36 PM