Issue link: https://fhpublishing.uberflip.com/i/1033088
NETWORK / 23 / OCTOBER 2018 ture as equipment and systems cannot support the most recent versions of Windows. The open source solution Amid this perfect storm of complexity, operational technol- ogy (OT) cyber security is an urgent challenge. But there is an alternative to costly, complex solutions: Open source can help address the problem without the need to replace expensive (and still perfectly serviceable) legacy control systems and equipment. Providing the foundation for the majority of commercially available technologies for over a decade, open source o ers the ability to improve component design on paper. Among the considerable ben- e- ts of open source technology is that it is vendor agnostic, so it can be interfaced readily with existing legacy systems. Open source solutions allow the physical footprint to be more precisely engineered and - t for purpose. Therefore, the actual implementation is very small and keeps disruption to a minimum. In addition, the cost savings can be huge. More broadly, open source communities focus on innova- tion and collaboration. This has changed how the big vendors are thinking, with Google and Microso… already now leading the open source revolution. Caption CASE STUDY: Securing SCADA National Grid owns and operates a fl eet of 25 compressors and terminals, each containing at least one supervisory control and data acquisition (SCADA) system. The various SCADA systems have been designed and engineered independently over an extended period of time resulting in most being bespoke applications. National Grid need to ensure that the SCADA systems across the network are aligned with the latest cyber security requirements. These upgrades need to be able to be deployed rapidly, be cost effective and implemented independently from one another in order to minimise system outages. There was no obvious solution that would not be excessively complex and costly to implement across the sites. With over 10 years' experience working on multiple National Grid compressor station SCADA systems, and an in-depth knowledge of the issues end users face, technical services provider Lagoni offered to solve the problem. The solution was a new approach: A standardised SCADA system using open source technology to remove complexity and reduce costs. Cyber security features are built in, with the ability to monitor vulnerabilities and threats. Funded by an Ofgem innovation project, the fi rst of its kind implementation replaces legacy Windows based SCADA systems with open source technology, also providing cyber security compliance to Internation Standards and the NIS Directive. Among the benefi ts, the SCADA is upgradable and maintainable independently from control systems. Applied to the fi rst site - a UK based gas compressor station - the technology allowed a tailored implementation reducing size, cost and complexity. This can now be applied to other sites. "Because the modular design packages are repeatable across locations, the secure open source SCADA system can be applied across the entirety of National Grid's compressor fl eet," says Thomas Olsen (pictured above), managing director of Lagoni. He added: "The open source solution is not reliant on the existing OEM supply chain, enabling better competition. Owned by National Grid, the resulting platform transforms the entire procurement model." A successful implementation Overall, the project resulted in reduced OPEX and CAPEX. Lagoni found that over 10 years, a single compressor site could reduce spend by £1.3m, potentially saving a fl eet of 25 up to £32m. Launching in October 2017, the development of the Open Source SCADA system took nine months to complete but only one week was needed on site. Lagoni is now looking to move forward with the development of modular solutions which can be rolled out across the wider fl eet. "While Lagoni set out to deliver an OT cyber security and upgrade path for a compressor station, the resulting approach proves cost-effective even for smaller sites in both the gas and electricity sectors, particularly remotely operated sites," says Olsen. This joint innovation project conducted by National Grid and Lagoni has shown two positive outcomes for the industry: It is possible to address OT cyber security compliance on complex legacy assets AND reduce implementation & upgrade costs Smaller sites can implement effective OT cyber security at accessible costs. The NIS Directive requires asset owners to demonstrate areas of compliance when it comes to cyber security. Increased compliance does not always go hand in hand with reducing cost, but Lagoni and National Grid have shown that it's possible.