Skip to main content

OT/ICS Cybersecurity

The Control System Engineer’s Guide to Improved Safety, Reliability and Productivity – Management of Change (Part 2 of 4)

Management of Change

Processing industries have been focused on improving Mechanical Reliability and Automation for the past 30 to 40 years with the goal of increasing the time between unplanned shutdowns/turnarounds. Some examples of this include Reliability Centered Maintenance, Risk-Based Inspections and Rotating Equipment Improvements (double mechanical seals, oil mist systems, vibration analysis). All these improvements have significantly increased the reliability of the plant by increasing the time between equipment outages by a factor of two or three times. 
 
During that same time, automation systems continued to evolve. Today’s automation systems have become incredibly complex, with thousands of measurements, integrated applications and more interoperability than ever. As a primary mechanism for the continuous improvement of the plant, they undergo changes to their configuration almost constantly. This combination of greater complexity and continual change leaves facilities vulnerable to the effects of undocumented, unauthorized and even malicious changes to system configuration.  
 

The Challenge: Complexity and Interdependency of Automation Systems 

 
Managing complex automation systems is not a trivial task. The interworking of automation systems has been compared to that of the human genome.  The human genome, an automation system is made up of encoded configurations that define the nature and specific function of each information cell. Each control system has a unique and often proprietary internal structure that makes it different from vendor to vendor, from generation to generation. The complexity of a control system is amplified as it interacts with other systems. And unlike the genome of natural organisms, the automation genome is in rapid state of change, as it is the primary platform for continuous process improvement. Frequent changes to a system the system’s complexity and its propensity to configuration errors. Most control systems have limited automatic documentation capabilities, and none documents the important relationships that exist between different systems at a site, for example, the interconnections between the Distributed Control Systems (DCS), the Programmable Logic Controller (PLC) and the historian.  
 
Documentation and proper management of the complex configurations of automation assets is a formidable challenge for companies in every industry.  
 
Traditional Management of Change (MOC) processes defined by OSHA Process Safety Management (PSM) section 1910.119(l).1 are inadequate for properly managing changes to the automation system configuration. This is because the traditional MOC processes are focused on physical changes to the plant and overlook software and configuration changes to automation systems unless the change is made in conjunction with a physical change. Also, the traditional MOC processes are too time-consuming and labor intensive when it comes to soft changes. This is attributed to the ease of soft changes in relation to physical changes. Therefore, the numbers of soft changes are significantly higher than physical changes. 
 
Automation systems are the platform for continuous improvement to the process and operation of a plant. As such daily changes to automation systems are the norm, and changes are often unmanaged and undocumented. Since a high number of the changes go unreported it is almost impossible to determine what authorized or unauthorized changes occurred. Some of these changes could be unconscious errors, which are difficult to validate. 
 
Improper MOC directly increase risks and vulnerabilities of the industrial facilities including: 
    •    Company image 
    •    Configuration errors 
    •    Environmental impact 
    •    Equipment damage 
    •    Information theft 
    •    Lost production 
    •    Malicious attacks new viruses 
    •    Patches and software Updates 
    •    Safety 
    •    Unauthorized changes 
    •    Undocumented changes 
 
Lack of proper MOC of automation systems is a contributing factor to industrial accidents and there is an opportunity to improve this process today. In Part 3 of this series, we will look at the complexity and interdependency of automation systems. 

Read more in this series:


Ready to learn more? Discover What's New in OT/ICS Cybersecurity.

About the Author

Nick Cappi is Vice President, Portfolio Strategy and Enablement for OT Cybersecurity in Hexagon Asset Lifecyle Intelligence division. Nick joined PAS in 1995, which was acquired by Hexagon in 2020. In his role, Nick oversees commercial success of the business, formulates and prioritizes the strategic themes, and works with product owners to set strategic product direction. During his tenure at PAS, Nick has held a variety of positions including Vice President of Product Management and Technical Support, Director of Technical Consulting, Director of Technology, Managing Director for Asia Pacific Region, and Director of Product Management. Nick brings over 26 years of industrial control system and cybersecurity experience within the processing industries.

Profile Photo of Nick Cappi