Control System Simulator Helps Operators Learn to Fight Hackers

Control System Simulator Helps Operators Learn to Fight Hackers

Simulators are great training tools. It sure beats flying 777s around for your annual pilot recert. Gaming technology has become so good along with many other technologies, that operators of process plants and machinery should be well trained to respond appropriately to any emergency.

Georgia Institute of Technology sent this information about an advancement in simulation for operator training. Good stuff.

A simulator that comes complete with a virtual explosion could help the operators of chemical processing plants – and other industrial facilities – learn to detect attacks by hackers bent on causing mayhem. The simulator will also help students and researchers understand better the security issues of industrial control systems.

This flow chart shows data flows within a simulated chemical processing facility.

 

Facilities such as electric power networks, manufacturing operations and water purification plants are among the potential targets for malicious actors because they use programmable logic controllers (PLCs) to open and close valves, redirect electricity flows and manage large pieces of machinery. Efforts are underway to secure these facilities, and helping operators become more skilled at detecting potential attacks is a key part of improving security.

Screen captures show a simulated explosion in a chemical processing plant precipitated by a cyberattack on the system.

“The goal is to give operators, researchers and students experience with attacking systems, detecting attacks and also seeing the consequences of manipulating the physical processes in these systems,” said Raheem Beyah, the Motorola Foundation Professor in the School of Electrical and Computer Engineering at the Georgia Institute of Technology. “This system allows operators to learn what kinds of things will happen. Our goal is to make sure the good guys get this experience so they can respond appropriately.”

Details of the simulator were presented August 8 at Black Hat USA 2018, and August 13 at the 2018 USENIX Workshop on Advances in Security Education. The simulator was developed in part by Atlanta security startup company Fortiphyd Logic, and supported by the Georgia Research Alliance.

The simulated chemical processing plant, known as the Graphical Realism Framework for Industrial Control Simulations (GRFICS), allows users to play the roles of both attackers and defenders – with separate views provided. The attackers might take control of valves in the plant to build up pressure in a reaction vessel to cause an explosion. The defenders have to watch for signs of attack and make sure security systems remain operational.

Screen capture shows a chemical processing plant in which critical parameters are rising due to false process data and control commands injected by an attacker.

Of great concern is the “man-in-the-middle” attack in which a bad actor breaks into the facility’s control system – and also takes control of the sensors and instruments that provide feedback to the operators. By gaining control of sensors and valve position indicators, the attacker could send false readings that would reassure the operators – while the damage proceeded.

“The pressure and reactant levels could be made to seem normal to the operators, while the pressure is building toward a dangerous point,” Beyah said. Though the readings may appear normal, however, a knowledgeable operator might still detect clues that the system has been attacked. “The more the operators know the process, the harder it will be to fool them,” he said.

The GRFICS system was built using an existing chemical processing plant simulator, as well as a 3D video gaming engine running on Linux virtual machines. At its heart is the software that runs PLCs, which can be changed out to represent different types of controllers appropriate to a range of facilities. The human-machine interface can also be altered as needed to show a realistic operator control panel monitoring reaction parameters and valve controller positions.

“This is a complete virtual network, so you can set up your own entry detection rules and play on the defensive side to see whether or not your defenses are detecting the attacks,” said David Formby, a Georgia Tech postdoctoral researcher who has launched Fortiphyd Logic with Beyah to develop industrial control security products. “We provide access to simulated physical systems that allow students and operators to repeatedly study different parameters and scenarios.”

GRFICS is currently available as an open source, free download for use by classes or individuals. It runs on a laptop, but because of heavy use of graphics, requires considerable processing power and memory. An online version is planned, and future versions will simulate the electric power grid, water and wastewater treatment facilities, manufacturing facilities and other users of PLCs.

Formby hopes GRFICS will expand the number of people who have experience with the security of industrial control systems.

“We want to open this space up to more people,” he said. “It’s very difficult now to find people who have the right experience. We haven’t seen many attacks on these systems yet, but that’s not because they are secure. The barrier for people who want to work in the cyber-physical security space is high right now, and we want to lower that.”

Beyah and Formby have been working for several years to increase awareness of the vulnerabilities inherent in industrial control systems. While the community still has more to do, Beyah is encouraged.

“Several years ago, we talked to a lot of process control engineers as part of the NSF’s I-Corps program,” he said. “It was clear that for many of these folks then, security was not a major concern. But we’ve seen changes, and lots of people are now taking system security seriously.”

Control System Simulator Helps Operators Learn to Fight Hackers

Emerson Completes Acquisition of ProSys

Acquisitions are a big reason explaining growth and innovation in big companies. Not that long ago Emerson acquired partner Mynah Technologies. Today I see that it acquired ProSys. These are both good acquisitions. Emerson has a better than average success with acquisitions. ProSys is a good fit. Congratulations.

Emerson announced it has acquired ProSys Inc., a global supplier of software and services that increase production and safety for the chemical, oil and gas, pulp and paper, and refining industries. By building intuitive processes for plant operators, these solutions make everything from everyday operations to responding during abnormal situations easier.

“Adding ProSys’ differentiated technologies and expertise allows us to help our customers improve plant performance, safety and profitability by optimizing their human and automation resources,” said Mike Train, executive president, Emerson Automation Solutions. “With ProSys, we can provide innovative control and operator performance capabilities to make control room operators far more effective.”

ProSys’ portfolio includes solutions that help operators manage alarms critical to plant production and safety, and efficiently handle changing plant states. In addition, ProSys provides modern, high performance and intuitive graphics for better operator communications.

ProSys complements Emerson’s May 2017 acquisition of MYNAH Technologies, which provides dynamic simulation and operator training software. Together, these technologies embed expertise to help operators navigate plant systems safely and efficiently, and prepare customers to accommodate the changing state and age of the industrial workforce.

“Our specialization in software and services that increase operator performance builds on Emerson’s market leadership in automation control systems,” said Dustin Beebe, president and CEO at ProSys. “By working together as one, we can provide even more operational and financial value to customers.”

Beebe will join Emerson Automation Solutions as vice president, control and operator performance.

The ProSys software portfolio supports Emerson’s Operational Certainty program designed to help industrial companies achieve Top Quartile performance in areas of safety, reliability, and production.

Terms of the acquisition were not disclosed.

Control System Simulator Helps Operators Learn to Fight Hackers

Advanced Tools Help Train Industrial Process Workforce

UniSim® 3D Connect - UniSim Operations simulator integration and connectivity to 3D virtual environment; provides credible and realistic experiences for field operatorThe ARC Forum, held annually in Orlando, drew approximately 700 total attendees including perhaps 60 members of the media for the 19th iteration—Industry in Transition. Media members devote Monday afternoon each year to meeting with a parade of companies presenting new products and ideas.

First up this year in my writing agenda is an update to industrial process workforce training tools. I’m seeing increasing sophistication in companies combining ideas and technologies from computer gaming with simulation of process plants to train the current and future workforce—especially the new people who grew up with gaming technology.

Honeywell Process Solutions (HPS) managers announced its new UniSim Competency Suite, which improves operator competency and helps prepare them faster through realistic training experiences for console and field operators in the process industries.

Leveraging more than 30 years of experience in process simulation and operator training, Honeywell’s new suite of simulation software offers an integrated, robust training experience that will help industrial facilities address a growing shortage of trained operators.

“In the near future, many operators at industrial plants in developed countries will retire, while process industries in emerging economies will continue to face the challenge of critical skill shortages,” said Ali Raza, vice president and general manager for Honeywell Process Solutions’ Advanced Solutions business. “The expanded UniSim Competency Suite helps our customers train its workforce faster in a more realistic environment to drive safe, incident-free, efficient startups and ongoing operations.”

The UniSim Competency suite features proven simulation models as well as new technologies including:

  • UniSim Operations: Operator Training Simulator (OTS), a dynamic plant simulation system that allows users to accelerate knowledge transfer by consolidating an entire lifetime of experience into a concise process training curriculum; features realistic process, control and safety systems modeling
  • UniSim Curriculum: Customizable competency model that aligns and assists in improving critical requisite skills and behaviors; tracks operator progress; built from Abnormal Situation Management Consortium’s research into operator competency to help businesses define, deploy and manage a structured competency program
  • UniSim Tutor: Knowledge capture and propagation tool; provides a repository for domain knowledge and experiences; teaches and evaluates “what if” reflexes and diagnostic abilities
  • UniSim Field View: Interactive, navigable, panoramic view for realistic field operator training; uses actual facility photographs and extends UniSim Operations simulator training to include field operators
  • UniSim 3D Connect: UniSim Operations simulator integration and connectivity to 3D virtual environment; provides credible and realistic experiences for field operator

“Industrial plant owners and operators around the world recognize how simulation technology can help them achieve a significant competitive advantage in today’s demanding global environment,” said John Roffel, Operator Competency product director for HPS. “This suite provides our customers with the confidence and tools needed for operator competency management.”