News & Articles
Platinum Level Data Security™:
Platinum Level Data Security
to achieve real-time field
compressor data for midstream
gas facilities By: David Wagman
LARAMIE, Wyo. -- Field engineers tasked with making sure compressor equipment essential to midstream natural gas facilities operate at peak levels know the benefits of having real-time data as they assess their machines’ operating health.
After all, downtime due to compressor engine/turbine failure can cost in excess of $100,000 per hour.
But IT departments often raise red flags whenever they hear the words “real-time,” equating Internet access with vulnerability and the threat of damaging breaches of data security systems. As a result, real-time business-critical analytics remains out of reach for most field engineers and fleet asset managers.
To address the problem, LogiLube LLC recently introduced its Platinum Level Data Security™ solution with Waterfall Security Solutions’ stronger-than-firewalls Unidirectional Security Gateways at its core. The approach delivers real-time actionable analytics and provides the best defense for industrial controls, satisfying both the field engineer or fleet asset manager and the IT professional.
“Our Platinum Level Data Security solution represents the intersection of disruptive innovation and cybersecurity,” says Bill Gillette, president, CEO and founder of Wyoming-based LogiLube. “We are supporting the asset managers’ need for real-time condition monitoring and diagnostics without compromising cybersecurity.”
Waterfall’s products reduce the cost and complexity of compliance with NERC-CIP, NRC, NIST, CFATS and other regulations. The products also support leading industrial applications, including the OSIsoft PI™ Historian, the GE Proficy™ iHistorian, Siemens SIMATIC™/Spectrum™ solutions and GE OSM™ remote monitoring platforms, as well as OPC, Modbus, DNP3, ICCP and other industrial protocols.
Waterfall has gained renown in the industrial control space, receiving Frost & Sullivan’s 2014 Global Oil & Gas Infrastructure Security New Product Innovation Leadership Award and its 2015 North American Cybersecurity for Power Generation Customer Value Excellence Through Technology Convergence Award.
“By adopting Waterfall’s solutions, LogiLube can deliver to the midstream natural gas market actionable analytics that are both real-time and secure,” Gillette says. “This represents a game-changing technology for the midstream oil and natural gas industries.”
LogiLube’s data security solution offers multiple layers of data encryption and firewalls as well as a powerfully effective approach to safe network integration. Together with Waterfall’s Unidirectional Security Gateways at the LogiLube data center, a unidirectional system is created that prevents attack propagation—preventing the communication path from being exploited by even the most sophisticated cyber-espionage and cyber-sabotage attacks.
In addition, LogiLube’s data security system protects not only machine data, but also operational and business intelligence data while satisfying ISO 5725-1 requirements for custody transfer.
The security approach works in concert with LogiLube’s SmartOil™ solution, a compressor package-mounted, real-time oil quality condition monitoring system. SmartOil is designed to increase equipment uptime and overall reliability by providing actionable analytics on engine health indicators such as oil temperature, pressure, consumption rate, and viscosity.
SmartOil is optimized for fleets of 1,000 - 5,000 horsepower natural gas-fired engines powering reciprocating compressors. Projects involving fitting SmartOil technology to large 17,000 HP turbine powered compressors used in gas transmission pipeline applications are also underway.
“To an engineer or asset manager hungry for real-time analytics, SmartOil™ seems like a slam-dunk,” says Chas Ogden, chief engineer at LogiLube. After all, it’s in the engineer’s best interest to optimize plant efficiency and achieve maximum uptime. “Uptime equals dollars in the bank,” Ogden says.
But it’s also in the corporate IT department’s interest to provide field operation with best-in-class cybersecurity solutions that minimize risk and protect critical infrastructure from unwanted intrusions. That’s particularly true when it comes to the Internet, where real-time data and analytics may be most vulnerable.
LogiLube’s data security solution offers multiple layers of data encryption and firewalls as well as a powerfully effective laser diode approach to security defense. As a whole, Platinum Level Data Security erases most IT worries through multiple levels of security. The same unidirectional gateway technology has been deployed around the world throughout the energy industry’s most challenging and secure operations, from offshore platforms protecting live well production data to nuclear power generating facilities throughout the USA and with other strategic allies.
First, between the engines themselves and LogiLube’s data centers, raw data is protected via authorization tokens, SSL and VPN. Should a hacker gain access, the data would be all but meaningless because it consists merely of long strings of numbers. “Data from the field is pretty meaningless without context,” Ogden explains.
That context is added at the LogiLube data center, where firewalls—a second level of data security—rival those used by credit card companies to ensure the integrity of online transactions. Once inside the firewall, the raw data is organized and packaged for delivery to the client site. It’s also here where the laser diode security from Waterfall comes into force.
In a third level of security, the actionable data created within the LogiLube data center is scrambled, encrypted and processed into binary code that is sent via laser light beam to the receiving side of the device. In an innovative approach by Waterfall, both the transmitting device and the receiving devices are unidirectional. That means that data can only be sent in one direction. As a result, secure faces are turned to the outside world and the streaming data itself is kept secure by this unidirectional system.
How it works
Here’s how the unidirectional gateway security innovation works in more detail:
A Waterfall Unidirectional Security Gateway is in place at the LogiLube data center, which is part of the sending network. The gateway interacts with applications (such as OSIsoft PI™ or GE Proficy™) and protocols (such as OPC or Modbus) on the network, receives the relevant information and then mediates the connection with the sending network. Data is passed in real-time from the transmitting unidirectional gateway to what’s known as an appliance pair.
The unidirectional system is created that prevents attack propagation while preventing the communication path from being exploited by even the most sophisticated cyber-espionage and cyber-sabotage attacks.
This unidirectional system offers multiple benefits:
No data backflow – The hardware-based appliance core of the Waterfall One-Way enforces unidirectional data flow at the physical layer. This ensures unidirectional communication will be preserved at all higher layers of the protocol stack, regardless of the communication protocol chosen and the applications being used. The bottom line is that there will be no data backflow.
Non-Routable Protocols – Waterfall One-Way is a non-routable communication system, as referred to in the relevant NERC-CIP definitions. This means that the communication path cannot be exploited to route messages or information to undesired or unplanned destinations.
Integral Application Whitelisting – Waterfall One-Way enables only allowed application’s data and protocols to pass via the unidirectional gateway. Any other protocol not set up at the gateway is not supported and cannot pass.
Waterfall One-Way provides customers with electronic security that is enforced by hardware, software and the very basic laws of physics. The technology and architecture help ensure that compliance with NERC-CIP-005 requirements is fully reached, while providing cybersecurity to all critical assets and cyber assets that are within the Waterfall defined electronic security perimeter.
LogiLube, LLC is a technology company developing SmartEngine™ data analytic solutions for the natural gas compression industry. A suite of products are in various phases of design and implementation, and the initial product is SmartOil™, which is a compressor package-mounted, real-time oil condition monitoring system designed to increase valuable equipment uptime and overall reliability. The target market is fleets of 1,000 - 5,000 HP natural gas-fired engines powering reciprocating compressors.
About Waterfall Security Solutions
Waterfall® Security Solutions Ltd. is the leading provider of strong network security products that protect the safety and the reliability of control system networks. Waterfall Security Solutions’ mission is to eliminate the use of firewalls in critical infrastructure control systems. The company develops products that provide stronger-than-firewall protections for industrial control networks. Waterfall’s products are deployed in utilities and critical national infrastructures throughout North America, Europe, Asia and the Middle East. For more information, visit Waterfall-Security.com.
Image 1 – Modern threats to protected networks are greater than ever before
Image 2 – Platinum Level Data Security™ Connection to Secured Client Network
Image 3 – Conventional Connection to Secured Client Network
Image 4 – WaterFall Security
About the Author: David Wagman
David Wagman is a Denver-based analyst and journalist who has covered most aspects of the electric power and oil-and-gas industries, and has written broadly on topics that range from international trade to commercial real estate to homeland protection in a career that spans more than 20 years.