This article is about standard project specification of Process Control System Access and Security as per international codes, standards and SAES-Z-001.
Process Control System Access and Security
The use of process control systems (PCS) is becoming increasingly popular in various industries, from manufacturing to energy to healthcare. As a result, it is important to have a comprehensive access and security policy in place to ensure that only authorized personnel are accessing the system and that all confidential information is kept secure. In this article, we’ll discuss the various aspects of process control system access and security and provide an overview of the key components.
What is Process Control System Access and Security?
Process control system access and security refers to the measures taken to ensure the safety and security of information stored in a process control system, as well as the procedures that are put in place to regulate who has access to the system. These measures include access control, user roles, user accounts, and passwords.
Access Control
Access control is the process of limiting access to the process control system to only those individuals with legitimate business requirements. Access to the system should be restricted by means of user IDs and passwords or other suitable technologies for identification and authentication of users. Access to the configuration editor should also be restricted to users with appropriate credentials.
Furthermore, all workstations connected to the PCS should be configured to automatically lock the workstation or switch to a “view-only” user environment after it has been idle for 30 minutes or longer. If locking of the workstation is used, password re-authentication from either the last user or the PCS administrator should be required to unlock the workstation.
Finally, systems capable of displaying a warning banner upon logon should be configured to display a specific message, such as “This Computer is for Company business use only. This system may be monitored as permitted by law. Unauthorized use may result in criminal prosecution, termination or other action.” Alternatively, a printed sticker may be used for operator consoles.
User Roles
In order to ensure that user access privileges are properly assigned, user roles should be created. These roles should be tailored to the specific needs of the facility and should include roles such as Process Operator, Process Area Supervisor, Maintenance Engineer/Technician, Process Control Engineer, PCS Engineer, PCS Administrator, and View Only.
User Accounts
Each user should be assigned a unique user ID, and all guest accounts should be disabled. The user should then be granted access privileges by assigning the user to a user role applicable to their particular job function. The system should be configured to require an individual user ID and password for authentication purposes for all users prior to being allowed access to any station connected to the system. Operator workstations located within operator consoles in the Central Control Room (CCR) are excluded from the individual user account requirement.
User Account Passwords
Every user ID should have an individual password, which should be transmitted and stored in encrypted format. The system should be configured to enforce password uniqueness, complexity, and length. Furthermore, management of passwords, user IDs, and user role privileges should be done via a central server connected to the PCS system. The system should also be configured to require passwords to be reset for all user IDs every six months. Finally, capabilities should be provided to enable any user to automatically retrieve or reset their password by entering or answering user specific authentication questions.
Ensuring Security and Performance of the Process Control System (PCS)
Organizations around the world are increasingly turning to Process Control Systems (PCS) to streamline their operations and eliminate human error. PCS provide a secure and reliable way to monitor and control processes, but they must be properly configured, protected and maintained in order to ensure the system’s security and performance. This article outlines the security and performance requirements that must be met when implementing a PCS.
Password Management
The first step in ensuring the security of a PCS is to implement strong password policies. All passwords used to access the system must be updated on a regular basis and must meet the criteria set forth by the organization. Passwords should be at least eight characters in length and must contain a mix of uppercase and lowercase letters, numbers and special characters. Additionally, users must not be allowed to use the same password for multiple accounts.
In addition to strong password policies, organizations must also implement password aging policies. This means that users must be required to update their passwords at least once every six months. Passwords should also be stored in an encrypted format and must not be shared with other users.
Application and System Accounts and Passwords
Application accounts may require the account name and/or passwords to be hardcoded into startup scripts. Passwords used for application accounts should not be stored in un-encrypted format, and should be excluded from the six month password aging policy. System accounts should also have their default passwords changed prior to commissioning the system. System account passwords should also not be stored in un-encrypted format and should be excluded from the six month password aging policy.
Anti-Virus Protection
Anti-virus software should be installed and configured on all Windows based workstations which are part of the PCS. MacAfee anti-virus software is preferred, however requests to use anti-virus software other than MacAfee must be approved by the General Supervisor, Process Automation Systems Division, Process & Control Systems Department, Saudi Aramco, Dhahran.
The PCS should be supplied with a central anti-virus server which should be configured to deploy updated anti-virus definition files to all workstations and servers in the system on a scheduled basis. If supported by the PCS Vendor, the central anti-virus server should also be configured to download updated anti-virus definition files from Saudi Aramco corporate IT servers.
Operating System Software and Patch Management
The vendor’s recommended procedures should be followed for the upgrade of Operating System (OS) software and OS patch installation. Operating System software and patches and vendor application software and patches should not be installed unless they have been tested and certified by the vendor as being compatible with the PCS System.
If supported by the system, the central Anti-virus server should also be used as a central repository for the management and deployment of Operating System and Application software patches. Access privileges for updating of Operating System software and Vendor Application software should be assigned to PCS Administrator only.
All workstations and servers connected to the PCS should be deployed with the latest vendor supported operating system security and operational patches, and should be provided with ‘security hardened’ operating systems. System services, applications, and TCP/IP ports which are not required for the intended functional purpose of the primary process control application should be disabled and/or removed.
Security Monitoring
Security Monitoring Systems should be supplied with and configured to record security management activities. If available, a record of any activity related to System Events, Logon Events, and User Account Management activities should be retained in the system.
All logon events should be monitored and recorded by the system. Login events should be recorded with date and time of login, user account, and location of login. Records of logins should be maintained on the system for a minimum period of three months.
The system should monitor and record all failed login attempts. If available, functionality should be provided to automatically notify the PCS administrator after five (5) consecutive failed login attempts have been attempted by the same user account. Failed login attempts should not initiate an automatic ‘lock-out’ of the user account.
The system should be configured to monitor ‘stale’ user accounts. Stale accounts are user accounts which have not been used on the system for a period of three months or longer. The system should have the capability to produce a report of stale user accounts. The PCS administrator should be responsible for manually disabling stale user accounts.
The PCS should be configured to record all actions taken by any user whom logins using PCS administrator privileges. The record should include the user name, time and date and a description of the actions taken.
Retention and archiving of security management activities logs should be developed in accordance with Saudi Aramco Corporate Data Protection and Retention policy, INT-7. The minimum retention period for security logs should be three (3) months, and the minimum storage capacity for security logs should be 500 GB.
Performance Monitoring
Tools should be provided to enable continuous monitoring of the performance of all workstations in the system. As a minimum, performance statistics for System alarms and failures, CPU utilization, Memory utilization, IO rates (i.e., physical and buffer) and device utilization, File store utilization (e.g., disks, partitions, segments), Databases (e.g., utilization, record locks, indexing, contention), and Network utilization (e.g., transaction rates, error and retry rates) should be monitored on a per station basis.
Tools should be provided to capture, store and retrieve all system related alarms or events. The performance monitoring tools should provide the functionality to record these statistics to a file periodically for review for a period of seven days or more.
Backup and Recovery
Software tools should be provided to enable a complete hard-drive image backup for all workstations and servers which are part of the system. The backup and restore should be capable of being performed to a networked server which has access to removable storage media. This functionality should be provided using standard, commercially available backup and restore software from either Norton, Symantec or Acronis.
The PCS should be configured to automatically perform backup for control database, system configuration, and other vital information to a separate hard-drive from the station where the data resides at a minimum of once per week.
The system should be configured to maintain a minimum of two sets of complete backup and recovery data for each workstation, server and/or controller connected to the PCS. Backup and recovery data should be maintained on a networked storage device connected to the PCS.
A complete system backup should be performed on all new installations of PCS equipment. This includes operating system and configuration files. The backups should be tested and verified during Factory Acceptance Testing.
Two (2) backup copies on electronic media should be provided of all system software, application software, and system configuration post SAT. The format and media of these copies should be such that they can be loaded directly into the system without additional translation or data manipulation.
Miscellaneous
The system should keep track of all configuration changes made to the online database. A record of each change made to the database should be recorded with the user-id of the person who made the change, the time and date the change was made and what was changed. These records should be maintained on the system for a minimum of one year.
Process control equipment that contains data storage should be sanitized in accordance with GI-0299.120 prior to disposal.
Final Words:
Ensuring process control system access and security is essential for any organization that has implemented a PCS. By following the measures outlined in this article, organizations can ensure that only authorized personnel have access to the system, and that all sensitive information is kept secure.
Process Control Systems are a valuable asset to organizations, but they must be properly configured, protected and maintained in order to ensure the system’s security and performance. This article outlines the security and performance requirements that must be met when implementing a PCS. By following these requirements, organizations can ensure their PCS is secure and performing at an optimal level.
Read Articles related to PCS or DCS:
- International Codes and Standards Used in Process Control System.
- Process Control System Segregation in Terms of Risk Areas.
- Spare and Expansion Capabilities of Process Control System.
- Process Control and Equipment Protection.
- Control Console Technical Specification for Industrial Control Projects.
- Operator Graphical Displays for Process Control System.
- Guidelines for Process Alarm Systems: Alarm System Management.
- Distributed Control System (DCS) Historization and Trending.
- Process Control System Integration and Interface with other Disciplines.
- Technical Requirements for System, Network and Server Cabinets – PCS.
- Electrical Wiring and Power Distribution for Distributed Control Systems.
- Process Control Network Cabling Requirements | PDFBAG