Transcript Monitoring and Controlling the US Natural Gas systems

SCADA
John F. Lipka
USA Security Lead
Encana Oil & Gas (USA) Inc
Acronym - SCADA
• What does SCADA stand for?
Supervisory Control And Data Acquisition
Technologies used to control and collect data from
remote locations.
SCADA in the Natural Gas Industry
• SCADA is used to bring oil and gas production
volumes from the field to the office for
accounting, control, marketing, measurement
and monitoring purposes.
Before SCADA in the Natural Gas Industry
•
•
•
•
•
•
Grease books and notes
Manual entry - Excel
Phone in or radio in information
No monitoring or control ability
More window time
No callouts for any kind of alarms
SCADA - Overview
Corporate Accounting,
Security, Operations
Radio
Flow Computer (RTU)
Control Room
Radio
SCADA Host
Central Location
Equipment
Communications
Equipment
Remote Location
Equipment
Field Site
SCADA - Field Hardware
SCADA Hardware
Remote Location Equipment
• Measure and control the process.
Communications Equipment
Satellite
Weather
Balloon and
Radio
Cell Modem
RADIO
Communications
• Communications is the backbone for SCADA.
SCADA – HMI’s
• Monitor and interact with the data
• CygNet – Human Machine Interface
SCADA - HMI
SCADA – HMI’s
Camera’s
Summary
• Used for monitoring and/or control
Regional ONG Control Centers vs. Remote Access
• Provides faster response and data for timely decision
making
• Better decisions with more information
• Communication is the heart of a SCADA system
900Mhz Radios Spread Spectrum, freq hops w/in a
band based on a algorithm
• Focus is on I &M
• Security Concerns
Consolidation of above ground field assets
upstream and midstream
I&M Technicians “keys to the codes”
Lease Operators aka Pumpers route
Access to Company Intranet via public portal
firewall (firewall attack SOP)
Local Safeguards in Place (limit production will
shut in the well, pipeline)
• Security Concerns
By design- react to high pressure, loss of
production situations implemented locally
There are limitations i.e., “false positive events”
Spread spectrum inherently has more security
built in to it (harder to steal)
ONG movement into CNG, LNG, GTL stations,
terminals, processing
• Cyber Crime, Issues, Threats
Phishing
get an employee to do some thing or a piece of
propriety information (personal or company)
FCI- China
technologies, AP, source code, new plays
Tool to advance criminal activity
counterfeit royalty checks, MF, WF violations
FBI InfraGard
• Questions?