Quantcast
Channel: Water & Wastewater – Emerson Automation Experts
Viewing all 34 articles
Browse latest View live

Magnetic Flowmeter Calibration Verification and Diagnostics

0
0

Magnetic flowmeters (magmeters) are often used in water and wastewater applications due to the conductivity properties of the water. In a Water & Wastewater Asia magazine article, Better flowmeter management with EDDL, Emerson’s Jonas Berge describes how intelligent magmeters provide:

…accurate and reliable measurement, more reliable empty pipe detection, and low maintenance costs for calibration…

For those not familiar with how a magmeter measures flow, Jonas describes it as being [hyperlink added]:

…based on the principle of Faraday’s Law: A conductor moving through a magnetic field induces a voltage proportional to the velocity of the conductor. In the case of a magnetic flowmeter, two coils located at the top and bottom of the flowtube are driven by the transmitter to generate a pulsed magnetic field of consistent strength. The induced voltage is proportional to the velocity of the conductive liquid passing through the flowtube.

Over time, the calibration of these meters can drift due to temperature, vibration, and electrode coating to name a few causes. The traditional way to re-calibrate the device required:

…the flowmeter to be powered down, and the wiring had to be disconnected before the simulator could be connected. Then electronics needed time to warm-up. The configuration of the transmitter had to be changed for the check, and then returned to operations settings. This process was disruptive and time consuming.

Jonas highlights a second traditional method of calibration using a:

…mobile prover rig and skilled technicians. This procedure is labour intensive and disruptive. The outside contract work is costly, increasing dramatically with line size.

Smart meter verification technology makes it possible to check the calibration while the magnetic flowmeter remains in place. Jonas shares how this technology works:

The current characteristics for magnetic field strength and electrode resistance are compared to the baseline parameter values when the magnetic flowmeter was last fully calibrated. The baseline parameters for coil resistance are captured at installation. Test criteria can be set to the levels necessary to meet compliance requirements for the application. Deviation between the current values and the baseline values that exceed the test criteria indicate full calibration will be needed.

Smart meter verification does not eliminate the need for calibration, but does identify when it needs to occur. Instead of doing these calibration procedures on a time schedule, it alerts operations and maintenance when calibration needs to be performed based on current performance versus baseline performance.

Jonas notes how the combination of digital bus technologies such as Foundation fieldbus, HART, and WirelessHART, combined with Electronic Device Description Language (EDDL) provides a way to perform the smart meter verification process remotely from the control room or maintenance shop. He notes:

EDDL wizards created by the flowmeter manufacturer guide the technician step-by-step; no specialised training is required. Percent completion is displayed throughout the procedure so technicians know how much longer they need to wait. The meter verification wizard makes this a simple pass or fail test.

Give the article a read if you want to find out more about how these diagnostics help spot and alert the maintenance team about electrical noise, grounding issues, empty pipe detection, and issues with the meter and surrounding process.

Related Posts:


Cyber Security for Water and Wastewater Facilities

0
0

At the Water Environment Federation‘s upcoming Technical Exhibition and Conference (WEFTEC 2011), October 15-19 in Los Angeles, Emerson’s Doug Johnson will share his thoughts on water and wastewater infrastructure funding, master automation planning, energy optimization, and cyber security.

Doug will present during the 2011 MCAA [Measurement Control and Automation Association] Industry breakfast at WEFTEC on October 18th.

Water security is a critical topic for water and wastewater facilities. It impacts nearly every part of our society from where we live to our health and wellbeing. Unfortunately, these facilities are targets for cyber attacks. Doug will note that these cyber attacks have already occurred at water and wastewater facilities. I did a quick Google search and saw one example in a post, SCADA Report: Incidents Continue to Grow on the ISS Source blog.

The consequences from these cyber attacks can be severe. Some of these include:

  • Contaminated / poisoned drinking water
  • Interruption of water services
  • Release of chlorine and other dangerous chemicals
  • Raw sewage contamination of rivers and lakes
  • Reduced firefighting capability
  • Hospital and school closures
  • Evacuations of housing for the elderly
  • Government and business interruptions
  • Flooding and other destruction from dams and reservoirs

There is no magic solution to prevent cyber attacks. In an earlier post, Cyber Security Critical Infrastructure Protection Compliance, I highlighted standards specific for electrical power producers in North America. Many of the standards developed serve as best practices for protecting critical infrastructure in other industries including water and wastewater facilities.

Much like process safety programs, a cyber security program requires an ongoing process, which includes technologies, work practices, training, and visibility of the importance of the program from high levels within these organizations.

Doug will share some ways security layers of protection have been added into Ovation control systems, which are found in many water and wastewater facilities. These layers of security measures are organized in the Ovation Security Center security management functions. Some of these functions, referenced in the Ovation System Security document, include user and role management, anti-virus protection, physical workstation hardening and lockdown, firewalls, vulnerability scan and patch management, malware prevention and intrusion detection, and security incident and event management (SIEM).

If you’ll be out at WEFTEC, make sure to sign up for the MCAA breakfast and bring your cyber security-related questions for Doug.

MP3 | iTunes

Download audio file (Cyber-Security-for-Water-and-Wastewater-Facilities.mp3)

Related Posts:

Start with an Integrated Automation Master Plan

0
0

An Emerson Exchange 365 post pointed me to an article, Weathering the perfect storm, written by Emerson’s Doug Johnson for World Water magazine. The article’s synopsis:

Advanced automation technologies can help reduce operational costs, improve efficiency, comply with regulations, and protect against cyber attacks.

Doug highlights the many challenges facing municipalities and investor-owned utilities including aging infrastructure, accelerating workforce retirements, increasing energy costs, security threat possibilities, and evolving regulations. In many water plants, existing islands of automation are increasingly difficult to operate given this set of challenges.

Doug notes that an integrated automation master plan can lay the foundation and provide a path for unifying operations in a phased approach over time. Doug writes:

Replacing existing disparate islands of automation with a common, integrated platform enables municipalities to operate plants more efficiently, reduce costs, and take full advantage of advanced control technologies that facilitate information sharing throughout the organization.

Over the past 30+ years, U.S. federal funding for these types of capital projects has dropped from over 75% to around 3%. From a maintenance perspective:

…there is a projected shortfall of $100 billion dollars in the USA for routine maintenance over the next five years alone.

The shift of capital and operational spending to the utilities means increased efficiency is paramount. Technology can help [hyperlinks added]:

Incorporating predictive maintenance software applications, intelligent field devices, and asset optimization solutions make it possible for organizations to reduce machinery operations and maintenance costs and to maximize the life of pumps, motors, and other rotating equipment.

For the accelerating loss of expertise these utilities are experiencing:

…automation solutions such as simulation technology, which help shorten the learning curve of new employees and therefore reduce the risk of errors and regulatory violations, are becoming even more important to municipal managers.

As a training tool, simulators teach operators to more safely and effectively operate their facilities. For example, they can try new operating procedures safely without risking an environmental breach.

Doug shares an example where a master plan incorporating an Ovation control system helped to optimize operations:

Previously, 160 operators were needed to manually operate the plant, whereas the automated Blue Plains facility now runs smoothly with 60 operators – a reduction achieved primarily through attrition and reassignment. The new control system also makes it easier to troubleshoot and resolve equipment problems, further boosting personnel and plant efficiency.

Water and wastewater treatment processes are energy intensive. From an energy management standpoint, process optimization solutions in control systems:

…can optimize a utility’s pumping network, determining the most cost-effective mix of available pumping resources at any given time. For example, the model can determine whether it is better economically to start an additional pump during peak demand periods versus incrementally increasing the capacity of pumps already in operation. Reduced energy use makes sense from an economic and environmental perspective, as it helps municipalities reduce carbon emissions.

From a security standpoint, integrated control systems [hyperlink added]:

…enable organizations to proactively address cyber security issues, such as system hacking, and data integrity and verification. Some control system vendors also help customers address security concerns through special services, such as security patch monitoring and deployment and system security assessments.

Doug concludes:

…a planned and integrated approach to automation makes it possible for municipalities and investor-owned utilities to maximize efficiency, reduce costs, and minimize security risks. The first step down this path is developing a long-term master automation plan, which serves as a roadmap for improving district-wide performance over time while also factoring in financial and operational constraints.

Give the article a read if you’re looking for ways to manage the current set of challenges in your water or wastewater treatment facility.

MP3 | iTunes

Download audio file (Start-with-an-Integrated-Automation-Master-Plan.mp3)

Related Posts:

Data Integration, Visualization and Analysis in the Water Industry

0
0

Municipalities feel the squeeze between aging facilities and increasing regulatory requirements. Emerson’s Greg Schirm, a member of the Power & Water Solutions team, highlights ways they are addressing these conditions.

It seems that running a treatment plant or even a municipal water system was much simpler many years ago. Today, municipalities are facing numerous pressures including decaying infrastructure, loss of experienced workforce, and funding/budget reductions; never mind the increased operational, security and regulatory obligations.

How does one navigate these modern day challenges in the face of growing constraints? We are seeing many of our customers implement data integration and visualization strategies in order to maximize the usefulness of the abundant data available in their plants and corresponding systems. And many customers are using Emerson’s EDS solution to do this.

EDS is a client/server application package that acts as a multiple-system, multiple-site process integration and visualization tool. It provides accurate, up-to-date process information for executives, managers, supervisors and engineering analysts. The ability to monitor processes from anywhere within a user’s municipal IT architecture provides additional flexibility for improved operations, and enhanced evaluation and decision support.


To provide some context, we recently had a municipal wastewater customer implement an EDS Enterprise project that is gathering information from seven of the customer’s individual Ovation wastewater treatment plant control systems as well as other plant data sources including the SCADA and master metering systems.

This particular EDS Enterprise system integrates information from each plant EDS, iFix SCADA and MMP systems, and a Telog enterprise server to provide a single interface for viewing plant data from multiple sites. (The provided EDS cluster is scalable in size to accommodate additional systems.) Additionally, five years of OSIsoft PI data was migrated to the new EDS Enterprise system.

Authorized municipal wastewater personnel can now monitor operations at multiple sites from anywhere within the corporate organization. Each site’s EDS server tracks water runoff collected from water meters located throughout the service area. This data can then be viewed and monitored through a variety of predefined process diagrams, trends, alarm screens, and reports from any authorized location within their network.

A customized web-portal was also created for easy navigation to specialized trends, reports, point information, alarms, and user analyst profiles.

In the end, we are seeing more and more municipalities pursue these types of strategies. The ability to access and visualize important information has several intrinsic benefits:

  • More eyes on the process leads to a better understanding of current conditions and to quicker problem identification and resolution
  • Process experts benefit from up-to-date data at their fingertips instead of waiting for delivery of periodic reports
  • Enables remote access to key system information
  • Establishes a platform for energy management strategies, advanced analytics, and diagnostics via pattern recognition applications

Adopting a sound data integration and visualization strategy can help water and wastewater organizations take full advantage of the data available within their operations so that they can not only do more with fewer resources, but also achieve significant operational, environmental and economic efficiencies.

Related Posts:

Pure Drinking Water through Analytical Measurement

0
0

Pure drinking water ranks among our top, global priorities. Emerson’s Ryo Hashimoto, describes the importance of analytical measurements in assuring purity in a Control Engineering Asia article, Pure by Analysis.

Ryo highlights the challenges with drinking water in Asia:

Regionally, Asia faces severe stress on water availability, primarily due to high population density, agriculture and industrial uses. The quality of drinking water is a health concern as water is a medium for disease transmission. In Southeast Asia, as in other developed regions, there can be significant water quality issues. Of these, contamination of drinking water sources by disease causing microorganisms remains the most important.

Based on these needs, mobile water treatment technology has emerged:

Mobile systems can offer a range of treatment options, including clarification, filtration, demineralization, reverse osmosis, membrane separation and/or induced air/ gas flotation. Systems are skid-mounted and may be installed on-site or trailer-mounted. Trailers contain instrumentation and equipment for a fully automatic and monitored operation.

Analytical measurements can be applied across many processes found in water treatment to improve quality, reduce treatment time, and reduce costs:

Commonly used processes include pretreatment, coagulation, flocculation, sedimentation, filtration, and disinfection. Other treatment methods could include ion exchange, reverse osmosis, and adsorption.

In the pretreatment phase, measuring attributes of the incoming water is important:

Influent monitoring measurements could include pH, conductivity, temperature, turbidity, and dissolved oxygen. Some plants also keep a permanent record of each of these measurements for future reference or for detecting seasonal changes in the source water.

Past the pretreatment phase, primary disinfection comes next to address pathogens such as bacteria, viruses, and parasitic protozoa. Chlorine and ozone are two methods used in disinfection. Ryo notes that ozone sensor for monitoring ozone dosage and residuals during the primary disinfection stage.

The clarification process comes next and:

…is usually a multi-step process for reducing turbidity and suspended solids, and comprises the stages of coagulation, flocculation and sedimentation.

pH measurement for the chemical additions to reduce water mineral content and to reduce turbidity. After clarification, the filtration process comes next:

Larger particles become trapped first and smaller particles such as clay, iron, manganese, microorganisms, organic matter, precipitates from other treatment processes, and silt are also removed resulting in crystal clear water.

The filters used in this process must be periodically backwashed to remove the particles trapped in the filters. An important measurement is turbidity as a measure of the filters’ performance:

Turbidity is the clarity of the sample, and the cloudy appearance is caused by tiny particles in the water. Turbidity measurements also help monitor and improve plant efficiency. High turbidity levels are an indication that the filter is not operating properly, and backwashing is necessary.

The final process steps include secondary disinfection and final treatment. Analytical measurements often included are chlorine measuring systems for the secondary disinfection process.

Even if you’re not in the water treatment industry, the article provides a great overview of the processes and important measurement to help assure pure, safe drinking water.

Related Posts:

Early Detection of Water Quality Issues

0
0

Water supply service providers require many measurements to ensure safe, contaminant-free, and high quality water. Some important measurements include pH, Oxidation-reduction potential (ORP), conductivity, temperature, free chlorine, monochloramine, dissolved oxygen (DO), and turbidity.

Emerson's Ryo HashimotoWater-Wastewater-Asia-Raising-Early-Alarm-BellsEmerson’s Ryo Hashimoto wrote a Water & Wastewater Asia article, Raising early alarm bells, to highlight the importance of these measurements in early detection of problems with the water supply.

Ryo opened describing some of the challenges:

Meeting and reporting the water quality requirements of in-country environmental agencies, coping with infrastructure issues and costs, and dealing with lack of personnel or sufficient training and experience can exacerbate points of vulnerability throughout the water distribution system.

He noted that it’s not possible to test for every possible variable and some contaminants cannot be tested for. There are reasonable precautions that suppliers can take:

The only way utilities can detect a problem in the water is to identify changes in the water composition and understand what various changes could indicate. In order to detect any change, utilities must continuously monitor on-line both the raw and processed water throughout the system to get a baseline for the normal water composition. It’s best to have baseline data for at least a year in order to understand, monitor and detect patterns.

Faced with changes from baseline, operators can:

…make informed judgments when changes beyond the normal patterns emerge that could be cause for concern. This kind of continuous, online, systematised monitoring makes up a critical early warning system that can often detect chemical or microbial risks, indicating to the plant the need for further water quality analysis at a particular point in the water system.

Ryo highlighted some of the low probability but high impact issues that continuous measurements can find:

  • Early warning systems monitor pH to detect changes that impact the potential corrosion of the distribution network.
  • pH is also important as it determines the solubility and biological availability.
  • ORP is continuously measured to determine the level of chemical reactivity.
  • Conductivity provides an indication of the total dissolved solids.
  • Turbidity indicates biological growth in suspended matter.
  • Free chlorine and/or monochloramine are tracked to ensure the maintenance of optimum residual disinfection levels.
  • In addition, dissolved oxygen is an important indicator of whether there is a healthy environment being maintained in the water distribution network.

He shared that it’s important to place the measurements at each area of potential vulnerability in the distribution system. Wireless technologies such as IEC 62591 WirelessHART have made adding these measurements more practical [hyperlink added]:

New device adapters allow wireless to be enabled for any existing HART communications analysers. These adapters, such as the Smart Wireless THUM adapter from Emerson, can be retrofitted onto any two- or four-wire HART device and enables wireless transmission of measurement and diagnostic information.

For many water treatment plants, chlorine must measured at several points including pre-filter, filtration, and effluent water treatment stages for quality assurance requirements. Where wired analyzers are difficult to install, whereas:

…a wireless solution that includes an advanced intelligent analyser, chlorine analysis system and a wireless adaptor is a good solution since it enables the wireless transmission of measurement data and advanced diagnostic information through the WirelessHART protocol.

Ryo noted that each treatment plant is different and no “one-size-fits-all” water quality monitoring solution exists. These measurement devices must be flexible enough to meet the unique challenges of the individual plant.

Ryo concluded:

By monitoring a variety of measurements throughout the water treatment and water distribution system, plants can better understand normal patterns and detect unusual and potentially dangerous changes in the water quality. Continuous, on-line water quality monitoring technologies and processes can greatly reduce the risk that contamination events will be missed, enabling plants of all sizes to better protect the water quality in the communities they serve.

Give the article a read for the full story. To connect with your peers and Emerson water treatment subject matter experts, join the Water and Wastewater and Analytical Instrumentation tracks of the Emerson Exchange 365 community.

Related Posts:

Cybersecurity for Water Utilities

0
0

SCADA-CybersecurityOne only has to do a Google News search on cybersecurity to know it is a key concern for businesses across the globe. In a Water Online article, SCADA Cybersecurity: What Every Water Utility Should Do Now To Prevent An Attack, Emerson’s Doug Johnson shares areas of concern and a path for water utilities to follow in their cybersecurity improvement efforts.

Doug notes that security threats are becoming more difficult to detect.

“Fifteen years ago, cybersecurity breaches of SCADA [supervisory control and data acquisition] systems were not that big of an issue because every SCADA manufacture used different technology. Now there is more similarity across the systems, more people are experts, and wireless technology and the Internet have given hackers the ability to connect with computers halfway around the world.”

Putting together a cybersecurity program takes much work. It starts with creating a comprehensive SCADA cybersecurity plan and by understanding to what the SCADA system is connected.

“Evaluate and manage the elements connected to your SCADA system on a regular basis,” said Johnson. “Things get added on all the time, and even just connecting a thumb drive can cause a huge security risk.”

Part of the planning process is to identify gaps and vulnerabilities. Next is to create a defense plan:

…that specifies exactly what to do if a new threat is identified…

AWWA-Security-GuideThe article’s author highlights several resources to assist in this planning process:

Cybersecurity issues can come from within a water utility:

“We think of security breaches as a bad guy with a truck full of explosives driving through the front gate, but security problems can also come from a disgruntled employee, an untrained employee, or a contractor that has access to the system. It can happen pretty close to home,” said Johnson.

As new employees replace those with years of experience, it is important to train them thoroughly on all SCADA security protocols, so that lack of knowledge doesn’t increase cyber threat risk.

Doug explains the importance of focused efforts and responsibility:

“The ones who do it best recognize that it is an ongoing effort, and it takes people making it a big part of their responsibly,” explained Johnson. “A water utility really needs someone whose job is to be responsible for cybersecurity, someone who understands that SCADA has its own security concerns.”

If there isn’t someone qualified or available at a utility to take responsibility for SCADA cybersecurity, utilities should consider turning to outside experts or consultants. More often SCADA security is becoming an outsourced job function, explained Johnson.

Emerson’s Power & Water Solutions team can help you in this process with a Cyber Security Assessment. Read the full article and visit the highlighted resources to advance your cybersecurity defenses and processes.

You can also connect and interact with other utilities professionals in the Water & Wastewater track of the Emerson Exchange 365 community.

Related Posts:

Avoiding Dangerous Malware Infections

0
0

The malware WannaCry/WannaCrypt has been all over the news recently. Since most of the operator and engineering workstations used in distributed control systems (DCSs) and supervisory control and data acquisition systems (SCADA) are PC-based, the question was naturally could these have been/or be impacted by this dangerous malware.

Emerson's Jaime Foose


I caught up with Emerson’s Jaime Foose. She noted that it is important to point out that personal computer users can easily avoid these types of attacks by following some very basic principles. Top of the list is to not rely on unsupported operating systems which are no longer maintained by the supplier. Next is to always keep your PC updated with the latest patches. And, from a user interaction perspective, never click on unknown links or attachments.

Specific to PCs used in control and data acquisition systems, never enable email on these PCs. From an architectural standpoint, do not expose the control system to the corporate local area network and internet, and always block/monitor vulnerable Windows traffic on the network. Also, the control networks and PCs should be hardened to not allow USB sticks and wired or wireless access to the PCs and networks.

By following these practices, systems would have been protected from WannaCry/WannaCrypt and other dangerous malware to date. Jaime also explained that many organizations are stretched very thin with their technical staffs, and lack the time and resources make it extremely difficult to keep pace with the dynamic, complex and serious nature of cybersecurity.

Emerson Power and Water Cybersecurity SuiteSuppliers can help by providing ongoing cybersecurity services to help process manufacturers. For the power generation, water & wastewater industries, the Power and Water Cybersecurity Suite is a platform-independent ICS cybersecurity solution that provides additional layers of protection for control system users with staffing challenges.

Modules in this suite include antivirus detection, application control, configuration management, device control, network intrusion detection, software/firmware patch management, rogue system detection, security incident & event management, system backup & recovery and vulnerability assessments. A Cybersecurity Suite Dashboard helps bring visibility to these elements.

You can connect and interact with other cybersecurity, power, water & wastewater experts in the Process Control – Ovation, Power and Water & Wastewater groups in the Emerson Exchange 365 community.

The post Avoiding Dangerous Malware Infections appeared first on the Emerson Process Experts blog.


Upcoming Ovation Users’ Group Conference

0
0

Two weeks from now, July 23-27 2017, will be Emerson’s Power & Water Solutions business unit’s Ovation Users’ Group conference. This year will mark its 30th year. The Ovation Users’ Group is managed, guided, and run exclusively by its members, with Emerson’s Power & Water Solutions business unit providing financial, personnel, and product support as necessary.

This conference is put together by Ovation and WDPF control system users and Emerson folks to share information and best practices on emerging technologies and control system enhancements to improve overall plant performance. The conference will be held at the Westin Convention Center Hotel in Pittsburgh, Pennsylvania.

I’ve not been to one in the past, but will be at this year’s conference and will try to cover as many workshops and sessions as I can, sharing updates in posts here on the blog as well as in Twitter and LinkedIn. You’ll also be able to follow the action on the @OvationUsers Twitter account.

The schedule begins on Sunday, July 23 and evening welcome reception and the conference kicks off in earnest on Monday morning with the general sessions and industry case studies followed by product demonstrations and an evening reception and networking dinner.

Tuesday through Thursday are filled with workshops and continuing education courses on topics including security, networking/connectivity/SCADA, advanced controls, turbine/generator control, Ovation technical tips, simulation, wireless instrumentation, control system migration and project management, digital bus technology, renewable energy and microgrids.

If you’re in the power generation, water or wastewater industries and use Ovation or WDPF systems, this is definitely a great conference to attend and connect with fellow industry and application experts. The conference is open to all members of the Ovation Users’ Group. If you are an existing owner of an Ovation or WDPF system, but not a member of the Users’ Group, register for membership here.

I look forward to seeing and connecting with you there!

The post Upcoming Ovation Users’ Group Conference appeared first on the Emerson Process Experts blog.

Comprehensive Cybersecurity for Critical Infrastructure

0
0

The electrical power generation and distribution industries, especially here in the U.S., have a long history in working to improve reliability and security. This history goes back to the establishment of the North American Electric Reliability Council (NERC) in the late 1960s as a response to a widespread blackout in the Northeastern U.S.

NERC became the North American Electric Reliability Corporation (also NERC) in 2006 and was designated by the U.S. Department of Energy as electrical sector coordinator for Critical Infrastructure Protection (CIP). They developed the NERC CIP standards. We highlighted how these standards apply to distributed control systems like the Ovation system in an earlier post, Securing Ovation Systems per NERC CIP Standards.

Emerson's Jaime Foose


No matter which supplier’s or suppliers’ control system(s) you use, having a comprehensive cybersecurity strategy and suite of technologies is critical to better secure and comply with the standards over time. This is true whether you’re in the power industry or other critical infrastructure industries like water and wastewater.

In this 3:12 YouTube video, Power and Water Cybersecurity Suite, Emerson’s Jaime Foose explains a platform-independent, ICS cybersecurity solution that helps DCS and SCADA system users in the power generation and water/wastewater industries secure their critical assets without process disruption, and meet regulatory requirements like NERC CIP.

Jaime opens the video highlighting many strategies for defending control systems including implementing application whitelisting, ensuring proper configuration/patch management, reducing attack surface areas, building a defendable environment, managing user authentication, monitoring for and responding to threats, and implementing secure remote access.

Of these, application whitelisting and proper configuration / patch management could have prevented more than 65% of cybersecurity events in 2014 and 2015 per the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

As part of an effective DCS cybersecurity program, it’s important to secure this critical infrastructure and protect against vulnerabilities from malware. Since ongoing vigilance is required, solutions such as the Power and Water Cybersecurity Suite help to automate repetitive security tasks like monthly software patching, weekly antivirus updates and performing regular system backups to name but a few. Using automated tools not only reduces time spent performing these tasks but also creates an electronic record that these actions were taken and generates reports to help satisfy appropriate regulatory bodies.

This suite of cybersecurity modules includes technologies from leading suppliers such as McAfee, Acronis and Tripwire and works with Ovation systems as well as those from other global control system suppliers including GE, Siemens, Alstom, Schneider Electric, ABB, Yokogawa and Honeywell.

If you’ll be join us next week in Pittsburgh at the July 23-27, 2017 Ovation Users Group conference, make sure to catch Jaime’s panel on Cybersecurity which will include an ICS-CERT official, representation from a nonprofit industry consortium and end users from the power industry and water industry.

The post Comprehensive Cybersecurity for Critical Infrastructure appeared first on the Emerson Process Experts blog.

Technology Advancements for Power, Water & Wastewater Industries

0
0

Emerson's Steve SchillerAt the 2017 Ovation Users Group conference, Emerson’s Steve Schilling discussed the rapid changes going on in the power, water and wastewater industries and the changes in technology required to keep up with these changes.

Steve opened highlighting some of the key issues worrying people in these industries—reliability, reliable integration of renewables and distributed energy resources (DER), security, aging infrastructure, aging workforce and business models/regulatory reform.

To address these areas of high concern, Steve discussed some of the ways technology has been developed to help. Scalability is an important area to be able to handle applications from DERs and microgrids to large scale facilities.

The key to the technology strategy for Ovation to be a single platform for an infinite number of solutions—utility scale renewables, remote monitoring and diagnostics, DCS cybersecurity, data analytics, boiler control, turbine control, safety instrumented systems, machinery health, excitation control, simulator/virtual plants, transmission and distribution and DERs.

Feature packs add functionality and are applied like patches without requiring major upgrades. Steve described new and upcoming hardware functionality in Ethernet I/O, remote I/O and hardware-based data encryption.

From a software standpoint, the coming Ovation Object Builder provides a platform for scalable applications. It makes applications more repeatable by replicating proven control strategies across similar equipment.

From a cybersecurity standpoint, some additions coming include secure boot at the chip level, file signing and data encryption. In an earlier post, Comprehensive Cybersecurity for Critical Infrastructure, we highlighted some of the applications and programs that also help improve ongoing security efforts.

From a simulation standpoint, Steve described the use of Cloud services to host the virtual plant models and use additional deep analytics to find ways to improve efficiency and reliability.

The post Technology Advancements for Power, Water & Wastewater Industries appeared first on the Emerson Process Experts blog.

Critical Infrastructure Cybersecurity Trends and Compliance

0
0

Emerson's Jaime Foose


As critical infrastructure, cybersecurity remains a top concern for electrical power, water and wastewater industry companies. At the 2017 Ovation Users Group conference, Emerson’s Jaime Foose led a panel of trends in cybersecurity threats and compliance.

The panel included experts from National Cybersecurity and Communications Integration Center (NCCIC)/ Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), EnergySec, a power producer and water utility.

Jeff Gray, the Unit Chief of Outreach and Training for NCCIC/ICS-CERT opened describing the Industrial Control System connected to the Internet being vast. The worldwide threat assessment has grown dramatically over the past two decades with countries expending resources to develop sophisticated cyber-threats.

Social engineering including spear phishing, phone phishing, baiting, elicitation, tailgating and pre-texting account for more than 60% of the breaches that occurred in 2016. The top sources of infection were spear phishing, weak authentication (passwords) and network scanning. The attack surface increases as more devices (Internet of Things and mobile devices) are connected to the Internet.

Jeff closed his portion the talk saying it’s important to designate someone in the organization to take advantage of the wealth of ICS-CERT resources including training, alerts, site assessments and network architecture reviews and analysis.

Steven Parker from EnergySec next described how NERC CIP standards continue to evolve. Significant work is being done on virtualization environments to allow mixed use in a secure manner. Requirement interpretations are beginning to emerge from the current round of audits. With a change in administration in Washington DC, what’s next is still a guess.

States play a large role in cybersecurity policies and regulations for water and wastewater companies. A few states have passed mandatory requirements and the U.S. Federal Government may look to play a role in developing standards and guidelines. From a power generation perspective, states have some control on intrastate distribution. For independent power producers, costs of cybersecurity can be challenging in low-price markets.

Steven sees that industrial control systems have come into the crosshairs of cyber-threats. There is a significant influx of new products and services for ICS security. Real-world attacks are focusing more attention on critical infrastructure. Over the next few years, there will be a need and desire for stabilization and standardization of cost-effective security approaches. Today it is very difficult to find skilled and experienced security professionals and the need to increase educational efforts is required but will take time to fill the gaps.

A power producer engineering manager described how their system patching procedures changed over time. From doing them all in bulk a few times a year, they now do them monthly and it requires about 80 man-hours of effort for their engineering staff for the 1650MW combined cycle plant. They developed action plans based on a vulnerability assessment they conducted and noted that physical and electronic access control review was a significant part of the action plan and ongoing reassessments.

A process control manager with an East coast water process plant described their ongoing cybersecurity efforts which require considerable resources and contending with continuous change. Establishing governance policies, procedures, focused people and budgets were important in moving to more sustainable efforts.

A question was asked about how we stand today versus 5 to 10 years ago. The panel agreed the levels have increased significantly from improving technology—firewalls, segmented networks, PC I/O hardening, etc. and more policies and practices to do periodic assessments and action plans. Supplier programs such as the Power & Water Cybersecurity Suite provide technologies, services and programs to help with ongoing efforts.

The post Critical Infrastructure Cybersecurity Trends and Compliance appeared first on the Emerson Process Experts blog.

Applying Threat Intelligence for Industrial Control System Defense

0
0

There are many paths to pursue in improving cyber defenses for industrial control systems (ICS). At the 2017 Ovation Users Group conference, Emerson’s Tom Kizer presented on applying threat intelligence for system defense.

Tom opened by acknowledging that identifying effective threat intelligence is difficult. Threat intelligence is data collected, organized, analyzed and refined about potential or current attacks such as indicators of compromise, zero-day threats, advanced persistent threats (APTs) and exploits. Threat intelligence helps users understand the risks of the most common and severe external threats.

With control system software, the amount of software is limited which helps with the task. External sources such as McAfee has rule sets and policies that are one source of gathering threat intelligence. Tom noted that the SureService program for Ovation users puts out notices on relevant threats which might impact the software loaded on these systems. Other external sources include SANS, Threatstop.com, AlienVault and Anomali STAXX.

Indicators to monitor include accounts: lockouts by asset and user, activity in accounts of former staff, activity on the same asset with different user names in a short time frame, outside of hours’ logins, privilege account changes, repeated unsuccessful logins, and the creation and deletion of assets.

More indicators include configuration changes at the system and application level that no one can explain, external activity on commonly hacked network ports, login and access logs, intrusion detection system (IDS) events and traffic between test and development or live environments.

The tools Tom and team normally use are security information and event management (SIEM) and Intrusion Detection systems.

Once gathered, the learnings from the threat intelligence should be applied to firewalls, IDS, vulnerability management, SIEM, host security systems, application security systems, identity and access management and analytics platforms other than SIEM. These tools provide data but not necessarily the intelligence to make decisions. Intelligence requires analysis by people, perhaps augmented with advanced analytics applied by software.

ICS-CERT is a good source of cyber threat data related to control systems. Tom recommended you aggregate this data from all possible sources and correlate this aggregated data. Developed policies and procedures need to address regular updating of supplier feeds, reviewing and analyzing the data on a regular basis, regular tuning of monitoring rules and incidence response. There is an internal team that regularly monitoring the ICS-CERT, EnergySec and many others and evaluate what should be sent on to Ovation users as an alert.

Tom wrapped his presentation with a discussion of SHODAN, a search engine for the Internet of Things. This search engine targets specific ports—HTTP, HTTPS, SSH, FTP, Telnet, SNMP and RTSP. Performing regular searches for your organization is good practice.

Threat intelligence is about collecting, organizing and analyzing the data and refining your technology and work practices to contend with potential and current cyber threats.

The post Applying Threat Intelligence for Industrial Control System Defense appeared first on the Emerson Process Experts blog.

Suite of Cybersecurity Technologies and Practices

0
0

Emerson’s Adam Boeckmann presented the Power and Water Cybersecurity Suite at the 2017 Ovation Users Group conference. He opened describing the team that formed over the last several years that now supports more than 200 sites in the U.S. alone.

He shared the story of the recent Wannacry/WannaCrypt ransomware cyber-attack. In March of 2017, Microsoft released a patch. A month later, the National Security Agency (NSA) toolkit was leaked. Microsoft released a patch for Windows XP and Windows Server 2003 in May. This ransomware encrypted the files on a PC and demanded payment in Bitcoin to unencrypt.

A Ukraine cyber-attack, crash override, was designed once into a system, established a backdoor, and download a program for activities to happen on the next day. It would modify the control code and ultimately crash the system and render the PCs unable to reboot—basically an inhibit, modify and crash malware program. A solid backup plan with periodic testing to verify that the backup works in one way to recover from these types of attacks.

With NERC CIP, standards exist for low, medium and high risks. Standards organizations help to drive regulations and best practices and processes to help maintain defenses from these types of attacks. The Power and Water Cybersecurity Suite provides technologies and programs to meet the standards and help to apply best practices. Every plant has different requirements based on their expertise and regulatory requirements in the markets in which they operate. The Cybersecurity Suite is modular to be able to provide the modules required.

The suite includes scheduled security services, security assessments, compliance services, network services, incident response services, on-demand consulting and unplanned on-site security services. Technologies in the suite include antivirus protection, patch management, application control, device control, security incident & event management (SIEM), system backup and recovery, vulnerability assessment, network intrusion detection, rogue system detection, and change management.

Adam contrasted blacklisting from whitelisting. Blacklisting is a list that excludes known malware from running. It must be known to be added to the list. On the other hand, whitelisting is putting all the known good applications in a list and preventing anything not in the list from running.

He described rogue detection intrusion where it sniffs out and records all the connected devices and builds and asset inventory of network connections. It looks for changes outside of normal communications to alert users or service providers to users of this software. Tripwire manages changes in configuration files from the integrity of these files, notifies users of file changes and runs autonomously.

Here’s a link to find out more about ICS cybersecurity with the Power and Water Cybersecurity Suite.

The post Suite of Cybersecurity Technologies and Practices appeared first on the Emerson Process Experts blog.

Reducing Control System Hardware Footprint

0
0

Emerson’s Ben Skal presented on reducing the Ovation distributed control system hardware footprint at the 2017 Ovation Users Group conference. Virtualization technology is at the heart of this hardware footprint reduction and having less workstation and server hardware to maintain. Ben’s presentation focused on:

  • What is virtualization & how it works
  • Appropriate uses of virtual machines (VMs)
  • Benefits of VM environments in increased redundancy & reliability, reduced footprint and recovery from equipment failures
  • Requirements to move from traditional workstations & server to VM

Ben opened describing virtualization which separates the operating system from the physical hardware. Multiple virtual machines can run on physical services. Server host clusters have a management console that oversees the cluster of servers on which the VMs run.

Traditionally separate PCs run database servers, historians, engineering stations, operator stations, etc. In a virtual environment, these physical workstations run as VMs in a server cluster with thin clients running remote desktops into the VMs. This configuration is recommended for non-critical applications since the loss of a server cluster would cause a loss of all the VMs running in it.

To avoid this situation, high availability virtualization architecture increases reliability has the data stored in storage area network (SAN) storage devices. If a virtual host is lost, the other virtual hosts automatically reboot on the other virtual hosts.

Ovation DCS High Availability Virtualization

All networks and interfaces are fully redundant including the Ovation highway, management network, remote desktop network and each Ovation VM is configured with two virtual network interfaces. The hardware is based on Dell server technology with RAID 6 hard drive redundancy. The virtual environments for the VMs and thin clients are based on VMware. Since the thin clients do not contain local storage, they do not require patch management.

With high availability virtualization lifecycle maintenance is simplified with hardware decoupled from software, faster recovery from workstation failures and extended system life by avoiding hardware obsolescence. Deployment and maintenance are more flexible since applications such as database server can be accessed from multiple locations on the network. Cybersecurity protection is also simplified since the VMs are located together and can be patched and updated together.

The post Reducing Control System Hardware Footprint appeared first on the Emerson Process Experts blog.


Point and Continuous Level Measurement in Water and Wastewater Applications

0
0

Emerson's Lydia Miller


Across many industries, level measurements are critical ones for safe and reliable operations. This is true for the water and wastewater industries. The choice of technologies for these measurements is broad, especially since they fall into two categories point-based (on/off switching) and continuous.

Water Online: Point Versus Continuous Level Measuring TechnologiesIn a Water Online article, Point Versus Continuous Level Measuring Technologies, Emerson’s Lydia Miller provides guidance on the technologies and which ones are best suited for particular applications.

Lydia opens noting that level measurements are not just for determining the height of the liquid in vessels, but also are used to calculate volume, flow rate, and as inputs for pump control.

She describes the range of common level measurement technologies:

Point measurement technologies include float switches, vibrating forks, capacitive, and others. Continuous level technologies include radar, ultrasonic, magnetostrictive, capacitive, float-and-tape, differential pressure, and others.

Point-level measurements are often used because:

They’re simple, comparatively cheap and have been used for years and continuous readings aren’t always necessary. Point level device outputs are simple on/off, so it keeps everything as straightforward as possible.

Technology has advanced where some types of point-level switches, such as vibrating fork switches can have diagnostics as proving capabilities when used in safety instrumented system applications:

Some of the newest vibrating forks have the ability to do remote proof testing and continuous health monitoring. There are switches with HART™ communication that can use frequency monitoring to know if the switch is in oil, water or alcohol. They can detect settled sediment within a liquid and can even detect the presence of foam.

Lydia highlighted advantages continuous level measurement devices had over point level measurement devices. Levels can be set in the control system instead of manually at the device, use of a single device instead of two for high and low level indication/control/alarming/etc. points, changing level setpoint to prevent scum line buildup, use in real-time volume calculations, and more.

Technologies such radar (guided wave & non-contacting) and ultrasonic:

…stay above the liquid and are not wetted at all… Radar and ultrasonic instruments read from the top down, with ultrasonics being non-contact and radars having both a contacting and non-contacting version. Ultrasonic and pulse radar technologies send sound or microwave energy from a transducer toward the liquid, and calculate distance by timing how long it takes for the pulse to be reflected back.

Read the article for more on the advantages of the level measurement technologies and data they can provide in improving operational performance through early problem detection, process flexibility, and increased efficiency.

You can also connect and interact with other level measurement and water & wastewater industry experts in the Level and Water and Wastewater groups in the Emerson Exchange 365 community.

The post Point and Continuous Level Measurement in Water and Wastewater Applications appeared first on the Emerson Process Experts blog.

Cybersecurity for Water Utilities

0
0

SCADA-CybersecurityOne only has to do a Google News search on cybersecurity to know it is a key concern for businesses across the globe. In a Water Online article, SCADA Cybersecurity: What Every Water Utility Should Do Now To Prevent An Attack, Emerson’s Doug Johnson shares areas of concern and a path for water utilities to follow in their cybersecurity improvement efforts.

Doug notes that security threats are becoming more difficult to detect.

“Fifteen years ago, cybersecurity breaches of SCADA [supervisory control and data acquisition] systems were not that big of an issue because every SCADA manufacture used different technology. Now there is more similarity across the systems, more people are experts, and wireless technology and the Internet have given hackers the ability to connect with computers halfway around the world.”

Putting together a cybersecurity program takes much work. It starts with creating a comprehensive SCADA cybersecurity plan and by understanding to what the SCADA system is connected.

“Evaluate and manage the elements connected to your SCADA system on a regular basis,” said Johnson. “Things get added on all the time, and even just connecting a thumb drive can cause a huge security risk.”

Part of the planning process is to identify gaps and vulnerabilities. Next is to create a defense plan:

…that specifies exactly what to do if a new threat is identified…

AWWA-Security-GuideThe article’s author highlights several resources to assist in this planning process:

Cybersecurity issues can come from within a water utility:

“We think of security breaches as a bad guy with a truck full of explosives driving through the front gate, but security problems can also come from a disgruntled employee, an untrained employee, or a contractor that has access to the system. It can happen pretty close to home,” said Johnson.

As new employees replace those with years of experience, it is important to train them thoroughly on all SCADA security protocols, so that lack of knowledge doesn’t increase cyber threat risk.

Doug explains the importance of focused efforts and responsibility:

“The ones who do it best recognize that it is an ongoing effort, and it takes people making it a big part of their responsibly,” explained Johnson. “A water utility really needs someone whose job is to be responsible for cybersecurity, someone who understands that SCADA has its own security concerns.”

If there isn’t someone qualified or available at a utility to take responsibility for SCADA cybersecurity, utilities should consider turning to outside experts or consultants. More often SCADA security is becoming an outsourced job function, explained Johnson.

Emerson’s Power & Water Solutions team can help you in this process with a Cyber Security Assessment. Read the full article and visit the highlighted resources to advance your cybersecurity defenses and processes.

You can also connect and interact with other utilities professionals in the Water & Wastewater track of the Emerson Exchange 365 community.

The post Cybersecurity for Water Utilities appeared first on the Emerson Automation Experts blog.

Avoiding Dangerous Malware Infections

0
0

The malware WannaCry/WannaCrypt has been all over the news recently. Since most of the operator and engineering workstations used in distributed control systems (DCSs) and supervisory control and data acquisition systems (SCADA) are PC-based, the question was naturally could these have been/or be impacted by this dangerous malware.

Emerson's Jaime Foose


I caught up with Emerson’s Jaime Foose. She noted that it is important to point out that personal computer users can easily avoid these types of attacks by following some very basic principles. Top of the list is to not rely on unsupported operating systems which are no longer maintained by the supplier. Next is to always keep your PC updated with the latest patches. And, from a user interaction perspective, never click on unknown links or attachments.

Specific to PCs used in control and data acquisition systems, never enable email on these PCs. From an architectural standpoint, do not expose the control system to the corporate local area network and internet, and always block/monitor vulnerable Windows traffic on the network. Also, the control networks and PCs should be hardened to not allow USB sticks and wired or wireless access to the PCs and networks.

By following these practices, systems would have been protected from WannaCry/WannaCrypt and other dangerous malware to date. Jaime also explained that many organizations are stretched very thin with their technical staffs, and lack the time and resources make it extremely difficult to keep pace with the dynamic, complex and serious nature of cybersecurity.

Emerson Power and Water Cybersecurity SuiteSuppliers can help by providing ongoing cybersecurity services to help process manufacturers. For the power generation, water & wastewater industries, the Power and Water Cybersecurity Suite is a platform-independent ICS cybersecurity solution that provides additional layers of protection for control system users with staffing challenges.

Modules in this suite include antivirus detection, application control, configuration management, device control, network intrusion detection, software/firmware patch management, rogue system detection, security incident & event management, system backup & recovery and vulnerability assessments. A Cybersecurity Suite Dashboard helps bring visibility to these elements.

You can connect and interact with other cybersecurity, power, water & wastewater experts in the Process Control – Ovation, Power and Water & Wastewater groups in the Emerson Exchange 365 community.

The post Avoiding Dangerous Malware Infections appeared first on the Emerson Automation Experts blog.

Upcoming Ovation Users’ Group Conference

0
0

Two weeks from now, July 23-27 2017, will be Emerson’s Power & Water Solutions business unit’s Ovation Users’ Group conference. This year will mark its 30th year. The Ovation Users’ Group is managed, guided, and run exclusively by its members, with Emerson’s Power & Water Solutions business unit providing financial, personnel, and product support as necessary.

This conference is put together by Ovation and WDPF control system users and Emerson folks to share information and best practices on emerging technologies and control system enhancements to improve overall plant performance. The conference will be held at the Westin Convention Center Hotel in Pittsburgh, Pennsylvania.

I’ve not been to one in the past, but will be at this year’s conference and will try to cover as many workshops and sessions as I can, sharing updates in posts here on the blog as well as in Twitter and LinkedIn. You’ll also be able to follow the action on the @OvationUsers Twitter account.

The schedule begins on Sunday, July 23 and evening welcome reception and the conference kicks off in earnest on Monday morning with the general sessions and industry case studies followed by product demonstrations and an evening reception and networking dinner.

Tuesday through Thursday are filled with workshops and continuing education courses on topics including security, networking/connectivity/SCADA, advanced controls, turbine/generator control, Ovation technical tips, simulation, wireless instrumentation, control system migration and project management, digital bus technology, renewable energy and microgrids.

If you’re in the power generation, water or wastewater industries and use Ovation or WDPF systems, this is definitely a great conference to attend and connect with fellow industry and application experts. The conference is open to all members of the Ovation Users’ Group. If you are an existing owner of an Ovation or WDPF system, but not a member of the Users’ Group, register for membership here.

I look forward to seeing and connecting with you there!

The post Upcoming Ovation Users’ Group Conference appeared first on the Emerson Automation Experts blog.

Comprehensive Cybersecurity for Critical Infrastructure

0
0

The electrical power generation and distribution industries, especially here in the U.S., have a long history in working to improve reliability and security. This history goes back to the establishment of the North American Electric Reliability Council (NERC) in the late 1960s as a response to a widespread blackout in the Northeastern U.S.

NERC became the North American Electric Reliability Corporation (also NERC) in 2006 and was designated by the U.S. Department of Energy as electrical sector coordinator for Critical Infrastructure Protection (CIP). They developed the NERC CIP standards. We highlighted how these standards apply to distributed control systems like the Ovation system in an earlier post, Securing Ovation Systems per NERC CIP Standards.

Emerson's Jaime Foose


No matter which supplier’s or suppliers’ control system(s) you use, having a comprehensive cybersecurity strategy and suite of technologies is critical to better secure and comply with the standards over time. This is true whether you’re in the power industry or other critical infrastructure industries like water and wastewater.

In this 3:12 YouTube video, Power and Water Cybersecurity Suite, Emerson’s Jaime Foose explains a platform-independent, ICS cybersecurity solution that helps DCS and SCADA system users in the power generation and water/wastewater industries secure their critical assets without process disruption, and meet regulatory requirements like NERC CIP.

Jaime opens the video highlighting many strategies for defending control systems including implementing application whitelisting, ensuring proper configuration/patch management, reducing attack surface areas, building a defendable environment, managing user authentication, monitoring for and responding to threats, and implementing secure remote access.

Of these, application whitelisting and proper configuration / patch management could have prevented more than 65% of cybersecurity events in 2014 and 2015 per the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

As part of an effective DCS cybersecurity program, it’s important to secure this critical infrastructure and protect against vulnerabilities from malware. Since ongoing vigilance is required, solutions such as the Power and Water Cybersecurity Suite help to automate repetitive security tasks like monthly software patching, weekly antivirus updates and performing regular system backups to name but a few. Using automated tools not only reduces time spent performing these tasks but also creates an electronic record that these actions were taken and generates reports to help satisfy appropriate regulatory bodies.

This suite of cybersecurity modules includes technologies from leading suppliers such as McAfee, Acronis and Tripwire and works with Ovation systems as well as those from other global control system suppliers including GE, Siemens, Alstom, Schneider Electric, ABB, Yokogawa and Honeywell.

If you’ll be join us next week in Pittsburgh at the July 23-27, 2017 Ovation Users Group conference, make sure to catch Jaime’s panel on Cybersecurity which will include an ICS-CERT official, representation from a nonprofit industry consortium and end users from the power industry and water industry.

The post Comprehensive Cybersecurity for Critical Infrastructure appeared first on the Emerson Automation Experts blog.

Viewing all 34 articles
Browse latest View live




Latest Images