Transforming control systems to improve functionality and security

Control systems technology offers more form factor versatility today than previous generations. New communications buses, diverse chip technology, higher speed networks, and less burdensome equipment have transformed control systems from the limitations of the chassis backplanes to a dedicated component design.

Today’s modular plant design requires these dedicated modules with the ability to right size the automation equipment for the required function. These modules require a secure infrastructure that easily integrates into plant networks and provides data for operations.

Chassis-based products

Older chassis-based control products, adopted widely in the 1970s and 1980s, had to conform to rigid architectures due to the limitations of technology and the high cost of components. In this type of control system, specific racks were fitted with input/output (I/O) cards and had to be sized to fit the rack size and form. Once a rack was installed, operators could only use equipment that was compatible with the existing installation.

DIN rail-type systems

In the early 2000s, vendors began introducing DIN rail-type systems. A DIN rail is a standard metal rail widely used for mounting circuit breakers and industrial control equipment inside cabinets. The DIN rail approach allows a more flexible panel layout. This transition from chassis-based to modular systems was driven by a number of factors, including:

Chip technology:

In the past, plants relied on a few, expensive micro-processors in a centralized rack with only one or two cards. As the cost of processors decreased, this allowed the utilization of processor technology on every I/O module. Each card could have its own processors and each module can have its own communications sub system.

Communication and network technology:

Older networks were centralized and somewhat primitive. The industry acceptance of Ethernet and the lower costs of components, has allowed I/O modules to be decentralized. This makes it easier to configure remote panels with remote I/O and processors as desired. Known as a distributed architecture, this system design means controllers can be stationed closer to devices. While not a new concept, remote I/O became easier to do with the adoption of Ethernet and it minimizes wiring requirements.

Legacy systems like the Mark V have demonstrated superior performance in the field for many years. But there are benefits to be considered in moving to a newer system like Mark Vie, which offers better diagnostics and ease of configuration. Additionally, distributed I/O makes it possible to perform upgrades on a component-by-component basis. Additionally, modern systems are required to improve the security perimeter.

Cyber-attacks

Cyber-attacks on the energy sector are steadily increasing and becoming more aggressive, threatening the U.S.’s critical infrastructure and facilities. An Incident Response report from the US Department of Homeland Security (DHS) revealed that cyber incidents in the energy sector accounted for 53 percent of all those reported between January and May 2013.The report also indicated focused attacks on the control systems of gas compression stations than in previous years.

This rise in incidents creates a demand for a robust cyber security system that protects sensitive information and intellectual property. 

The North American Electricity Reliability Council (NERC) Control Systems Security Working Group developed a list of top security vulnerabilities for control systems in 2013. In particular, lack of authentication in wireless communication, which is more common in older systems.