Remote work demands industrial businesses secure critical infrastructure

We’re excited to bring Transform 2022 back to life on July 19th and virtually July 20-28. Join AI and data leaders for sensible conversations and exciting networking opportunities. Register today!

Different sets of complex market forces and challenges have gathered over the last decade, leading to the rapid adoption of new digital solutions in power plants. Increasing use of renewables and digitization of the grid has put competitive pressure on conventional gas-powered power plants to become more competitive.

The primary challenges pushing this change include:

  • Multi-generational workforce – There is a growing shortage of experienced plant operators and managers, which furthers the need for more flexible remote work options and training.
  • Global shift to remote work – The uncertainty and social-distance protocols created by the Covid-19 epidemic have accelerated the urgency of the new remote operational model.

This second trend is, arguably, the most important.

Power generators are beginning to adopt technologies that enable remote or mobile control processes to ensure business continuity and optimal staffing flexibility and efficiency. Due to the growing uncertainties in plant operations, industrial organizations must build their safety stacks with the goal of remotely controlling their critical infrastructure. Plant managers and technicians need the ability to interface with plant assets anytime, anywhere.

Traditionally, power plant operators and technicians can only operate in the control room or other nearby environment to access the plant’s human-machine interface (HMIs). Operators were physically confined to the control room even if they wanted more flexible solutions for remote operations or needed to access systems remotely for technical support. Power plant operators are under increasing pressure to meet key performance indicators (KPIs) through long-term operation and maintenance (O&M) and the epidemic has added to the urgent need for remote flexibility. Developing and implementing contingency plans and changing strategies to reduce the onsite presence of non-essential employees has become an important priority.

There are a number of reasons why such restrictions apply, such as the international cyber requirements that prevent mobile or offsite use of these restrictions. Furthermore, when such situations occur there is often a high degree of manual processing and procedural limitations. Because of this, when remote access becomes necessary at certain times, it is usually done by temporary approaches that can jeopardize complex infrastructure.

A combination of physical security and cyber security measures

Given the division of plant locations and responsibilities today, people in the industry have a better idea of ​​what solutions are needed based on individual roles and responsibilities. However, those requirements do not always align with a particular strategy.

Strategies needed to meet today’s and tomorrow’s business challenges range from occasional remote technical assistance to contingency operations to more complex planning for centralized (remote) management of many assets from the command center.

The combination of both on-site and remote power plant operators will be able to respond more efficiently, increasing operational efficiency and public safety. In addition, remote staff can monitor and control on-site HMI systems while still allowing on-site control room staff ultimate access control. Depending on the characteristics of the plant, the entire remote operation may be possible. Mobile users at the plant or elsewhere benefit from a purpose-built interface that includes security features.

An example of the cost and need for more adaptive remote operations is a midnight call for a local technician who may be several hours away from answering a problem during initial preparation. Time is of the essence, and the speed of response can vary between a failed start, a delayed start, or a missed load ramp or tollgate – resulting in potential loss of thousands of dollars for a single instance. The physical feedback required to call a technician on site also affects the overall productivity of the team, as the person always misses the following tasks. If the technician can provide support remotely instead, it will eliminate many of these problems.

Remote access: re-orientation of cybersecurity strategy

Industrial businesses and enterprises must reconsider their security stack. Instead of building defenses around the office, organizations must enable:

  • Collaborate with remote staff and experts
  • Increase the effectiveness and flexibility of on-site mobile staff
  • Improving employee health and safety
  • Work reliably with fewer staff
  • Centrally monitor plant operation.
  • Diagnose and troubleshoot alarms and problems
  • Instruct, guide and send to on-site staff
  • Operate remotely, startup and / or shutdown control system assets

Most power plants today are equipped with firewall products, which have become standard-problem devices when the network needs to be secured. Today’s next generation firewalls (NGFW) are more powerful and offer multiple functions such as sandboxing, application-level inspection and intrusion prevention. While NGFWs work very well in these functions, they are not designed to access devices remotely, and there are inherent risks for those who have used them for remote access.

Firewalls can encrypt data streams on a virtual private network (VPN) and tunnel important information through unreliable networks such as the Internet. However, with today’s technology and the large amount of tools and information available to dangerous artists, it is possible to hack data communication protocols at the endpoint device where these encrypted data streams end up and potentially carry out malicious activities to access the power plant’s assets.

Additional areas businesses should consider for their remote security include the following:

  • Organizations should identify all of their critical infrastructure. While this may seem intuitive, it is responsible for system interdependence. For example, an IT billing system is important if it is interdependent on operational technology.
  • Encrypted browser-based display (VDI) HMI displays on desktops, laptops and tablets for remote or mobile operators.
  • Multifactor Authentication (MFA) is given. There are many MFA types, but industrial organizations must implement closed-loop, hardware-based token access without cloud access to meet onsite mobile operator and remote access requirements.
  • Controlled secure file transfer Provides either bidirectional or uni-directional file transfer capabilities for each system connection.
  • Application and system Split Ensures systems and applications are logically segmented to limit cybertex’s blast radius.
  • Time-based access controls Limit the time vendors, contractors, and plant technicians interact with critical systems.
  • HMI access sessions by mobile operators and remote users need to be recorded for forensic and training purposes.

As the power industry embraces the changes presented by the changing workforce and the convergence of IT and OT, remote user access will become more necessary.

Bill Moore is the CEO of Xona Systems,


Welcome to the VentureBeat community!

DataDecisionMakers is a place where experts, including tech people working on data, can share data-related insights and innovations.

If you would like to read about the latest ideas and latest information, best practices and the future of data and data tech, join us at DataDecisionMakers.

You might even consider contributing to your own article!

Read more from DataDecisionMakers

Similar Posts

Leave a Reply

Your email address will not be published.