Automation Genome Mapping Software optimizes security.
Press Release Summary:
By monitoring and reporting vital information and vulnerabilities about automation infrastructure, Integrity Recon(TM) manages disparate automation systems and provides visibility into Process Control Network. Users can manage daily changes made to infrastructure and maintain licensing and vendor compliance. To aid Common Operating Environments compliance, program reports on all software installed on PCs as well as device discovery and inventory information for servers, workstations, and computers.
Original Press Release:
New Integrity Recon(TM) Software Improves the Security and Reliability of Automation Systems
Integrity Recon
Today's automation systems collectively impact plant safety, economic throughput, environmental compliance, and equipment protection. Each system contains a unique and complex collection of tags, programs, databases, and user interfaces that are analogous to the information encoded in the DNA of natural organisms. However, unlike natural organisms, automation genomes evolve daily and the DNA of one automation system often propagates to others through integration. The term Automation Genome(TM) describes the collective configurations within and among all automation systems in a plant. For a plant to operate at an optimum level, configurations across automation systems must be easily reconcilable, accessible, and searchable, as well as presented in context and automatically documented.
In addition, accurate interoperability and successful lifecycle management of these automation assets requires strict adherence to a number of factors, including: configuration change management; documentation of internal and external communication (signal genealogy); inventory of system utilization and available spare capacity; and identification of configuration defects.
Integrity(TM) software by PAS aids plants in managing these disparate automation systems by mapping this Automation Genome and aggregating and contextualizing the configuration databases, programs, and user interfaces of automation systems. It also simplifies the visualization of related information within context and exposes new possibilities for transforming the way industrial plants manage automation systems and production knowledge.
However, as vendors have now moved to open platforms, plants face new problems associated with the automation systems, which is the management of an IT infrastructure that simply did not exist with the traditional proprietary automation systems. Every production facility today is comprised of a complex network of automation system hardware, Windows® operating systems, applications, and databases which form their information and communication backbone. To ensure maximum reliability of these typically disparate systems, IT and automation organizations must overcome many challenges, including the fact that IT typically does not have visibility into Process Control Networks (PCNs).
Integrity Recon(TM) from PAS gathers and displays the software, services, hardware, system performance, and other essential information for the servers, work stations, and desktop computers on the PCN. This provides the automation organization with a mechanism to manage PCNs, while also allowing IT to securely view them.
Common Operating Environment Compliance
Production facilities often standardize their automation systems, as well as other assets existing on the Process Control Network (PCN) by implementing Common Operating Environments (COE), which are uniform configurations of hardware and software that enable security, reliability, and facilitate troubleshooting. System and support disparities are reconciled by allowing automation system administrators to define the specifications and members of multiple Common Operating Environments within the facility and periodically auditing the network for compliance.
Integrity Recon efficiently facilitates COE compliance by reporting on:
o All software installed on each PC
o Whether specific hardware subsystems such as com ports and USB ports are enabled or disabled in compliance with established COE rules
o Device discovery and inventory information for servers, workstations, and desktop computers
o Hardware, firmware, and software revisions, as well as serial numbers for servers, workstations, and desktop computers
o Individual change histories for PC software and configuration
Management of Change
Automation systems undergo significant configuration changes daily, which drives the need for rigorous management of change policies. Those policies also apply to the computing infrastructure that underlies the automation system. Integrity Recon provides automated management of change functionality for automation systems and software applications enabling users to know when and where a change took place on PCNs.
Upgrade Planning
Industry regulatory standards and guidelines may require equipment and/or software to be periodically replaced. This requires proper procedures and planning, which, without software assistance, can be time consuming and cumbersome. Integrity Recon provides the means to plan for software and hardware upgrades by easily identifying existing components and verifying prerequisites. It also aids in upgrade preparation by offering a simplified view of software and hardware versions, patches, firmware, and bios versions.
Licensing Compliance
In recent years, software licenses have been distributed with the understanding that companies would use only as many licenses as they purchased. However, since installed licenses can be difficult to track, a company can inadvertently install more licenses than it originally bought. Integrity Recon easily identifies how many licenses are installed for each application.
Vendor Compliance
Automation systems, like other products, are sold with warranties protecting against defects and malfunctions. However, some software installations and updates can inadvertently void the manufacturer's warranty. Integrity Recon verifies that components meet vendor compliance by identifying unauthorized software, hardware, and configurations. It also provides a mechanism to easily display the software and hardware installed on monitored equipment, which reduces the amount of time required for network and system audits.
Security
Security of PCNs is a very high priority at a production facility since it directly impacts the safety, productivity, and reliability of the facility. Active Directories are employed to protect and maintain the integrity of critical production networks. To aid in maintaining security, Integrity Recon verifies that this component is operating correctly.
Accessibility
Production facilities operate twenty-four hours a day, seven days a week. However, personnel who interact with the facility's processes are not always on-site. When critical information often needs to be accessed from outside the facility using your plant's Virtual Private Network (VPN), Integrity's web based deployment provides simple point-and-click access to data and allows instant monitoring of any network device, system, or service from virtually anywhere.
Detection of Additional Variances
In addition to COE compliance, Integrity Recon performs other assessments as well, including:
o Compliance to available drive capacity guidelines
o Disabled and stale user accounts
o Application and operating system services status (ok, failed), start mode (automatic, manual, disabled), and state (started, stopped, paused, resuming)
System Availability
Both man-made and natural disasters threaten critical industrial infrastructure including automation systems and networks for production facilities. These threats range from cyber attacks and computer virus infections to damage caused by hurricanes and floods. While most facilities have rigorous security measures to intercept and defend against them, few do a good job of preparing for recovery if the threat is actually successful.
Since Integrity Recon aids in COE compliance, it also provides additional value in reducing post-disaster downtime by validating system readiness for reload. Additionally, it can be used to audit the system post-startup, whick helps get the plant back to normal operating state faster.
Problem Diagnosis and Notification
Rapid identification of system problems can dramatically improve personnel productivity. Integrity Recon quickly pinpoints the root cause of automation system issues, which equates to fewer troubleshooting and investigation hours.
Since the nature of Integrity Recon is to identify system issues and problems, automatic notification is an essential element of the application. All of the compliance-, MOC-, and integrity-checks performed by Integrity Recon may be configured to provide email notifications to subscribed personnel.
About PAS
PAS (www.pas.com) improves the automation and operational effectiveness of oil and gas, petroleum refining, chemicals, pulp and paper, metals and mining, and power customers worldwide. We provide software and services that ensure safe running operations, maximize situational awareness, and reduce plant vulnerabilities. Our comprehensive portfolio includes solutions for Alarm Management, Automation Genome Mapping, Control Loop Performance Optimization, and High-Performance Human-Machine Interfaces. PAS solutions are installed in over 1000 process industry plants worldwide.
