Companies involved in oil and gas exploration, pipeline operations and refining demand safe, secure and reliable communication technologies to help them manage their often hazardous operations in some of the world's most demanding environments.

Imagine a scenario where drilling operations on a major oil explorer's offshore platform are slowing, or at risk of stopping altogether because of abnormal readings from a number of drilling sensors. This has far reaching implications and is precisely the reason why Motorola listens and continues to develop new voice and data products and solutions.

THE TOOLS FOR COLLABORATION

Take our WAVE Work Group Communications solution for example. Developed and refined over ten years and widely deployed throughout the world in military, public safety and commercial worlds, WAVE is the only software platform today that can provide seamless interoperability between disparate radio systems (ASTRO25, TETRA, MOTOTRBO as well as older Motorola systems and those from other vendors). It also extends radio communications over other networks to a multitude of different devices - smartphones, PCs, desk phones and enterprise collaboration applications. Then there's the radio-like push-to-talk (PPT) communications between just smart devices over any 3G/4G LTE network as an over-the-top service.

Delivering instant and secure end-to-end PTT communications capability throughout the enterprise helps drive engagement and team collaboration; both must haves in any industry where efficiency of operations drives bottom line performance. That's why WAVE is already generating so much interest with upstream and midstream operators that see the many operational and safety benefits of connecting workers when needed, regardless of their location or the device they carry.

LET'S SEE COLLABORATION IN PRACTICE

So, going back to my earlier scenario where abnormal readings are causing havoc on operations, let's put WAVE to the test and demonstrate how it brings together multiple systems and works to alleviate the impact.

It's the weekend, but real-time data delivery to the central control centre means managers are already aware of the issues and are talking directly to platform personnel from PCs their equipped with WAVE desktop clients that allow PTT communications on multiple talk groups.

In an adjacent meeting room, a team of supporting staff has gathered to discuss the problems they are seeing and to troubleshoot with the platform team in real-time. A WAVE bridge is allowing everyone in the room to participate in the conference call, which also includes the control room staff at their consoles as well as remote personnel that have been alerted and who have dialed into the call.

The operator of this particular platform has a headquarters building on another continent where it helps its 3,000+ employees communicate and collaborate better with Microsoft Lync, a unified communications platform. Some of these project management and engineering staff have Lync clients that are enhanced with a WAVE plugin that allows them to also participate in real-time, secure PTT with platform workers and others directly from their Lync desktop, thus avoiding the need for a separate PC application. Hundreds of engineering and systems professionals are now working the platform issues, collaborating, communicating and understanding what the problems are and how they can be solved.

An important member of the engineering team is not in the office but has been contacted. He's at a family get together. Fortunately he can use any available PC and brings up a WAVE web browser application to access the same communication channels available to the other operations staff. His contributions are critical and timely. He takes out his iPhone and signs in to this WAVE mobile client. A wireless headset allows him to rejoin the family while discreetly listening into the ongoing troubleshooting. If necessary he can step aside and use his iPhone and push-to-talk again.

Before long, a solution has been agreed by the expanded team. A faulty piece of drilling equipment needs to be replaced and the platform support and maintenance provider has been contacted to see if they can find and deliver the required equipment. This provider uses Microsoft SharePoint to manage its global parts inventory portal and a WAVE plugin for SharePoint allows a dispatcher to work directly with the platform workers and on-shore support teams to correctly identify the needed component and prioritise its collection and shipment to the platform.

Although this is a fictitious scenario, the WAVE use cases are entirely real. With WAVE Work Group Communications, you will never have to worry if your key onshore and offshore personnel are on 'your' network with the right device. WAVE removes barriers to full and complete collaboration and communications interoperability, regardless of network device and user location.

It's just another reason why you can count on Motorola Solutions to listen to what you need and then go on to build it so you can get the job done.

Download our latest whitepaper - Improving Safety and Productivity in Oil and Gas Operations - and discover how a fully integrated communication network with advanced applications boosts productivity.

The future is brighter than ever for the hydrocarbon industry – particularly with the recovery of unconventional resources such as shale oil and gas, and coal bed methane. Yet this also brings with it some controversy, and this is just one reason for the industry’s increased vulnerability to cyber attack.

Political espionage, malicious attack for financial gain, disgruntled employees, even human error; all have the potential to significantly disrupt processes at rigs and refineries. With a typical oil pipeline pumping $3m oil per hour, effective digital data management keeps revenues flowing¹. But it’s not just the hydrocarbons – a large refinery produces an average 1TB of data per day².

TRANSITION TO THE DIGITAL OILFIELD
More and more oil and gas companies are experiencing the benefits of transitioning to the Digital Oilfield. By converging IT and operational technology (OT), these companies are realising huge gains from real-time visibility of operations, including - increased productivity, reduced operational costs, improved safety, and regulatory compliance.

But the combination of open standard based IP protocols and integration into back office systems also exposes oil and gas companies to the threat of cyber attacks.

THE RAPID RISE OF CYBER CRIME
So it's hardly surprising that the prevention of control system security incidents is a hot topic, and one that's been heightened by the effect of serious cyber attacks on the energy sector in the Middle East during recent years. Threats are becoming more inventive and more insidious.

The Stuxnet virus, which targeted programmable logic controllers (PLC) and SCADA systems in 2010, was one of the first examples of cyber-sabotage. Typically introduced by infected USB flash drives, it subverted industrial process control systems, collecting system information and causing them to self-destruct³.

These are complex, intelligent viruses: Stuxnet was notable for including code to fake control sensor signals to prevent the precautionary shutdown of an infected system due to detected abnormal behaviour, and also for making itself inert if the specific SCADA software wasn't found on the infected machine.

Even two-way radio systems that are considered "isolated" from the enterprise IT network are vulnerable to attack. Indeed, the source of computer virus that infected the radio dispatch system of an Australian ambulance service in 2011 was thought to have been a compromised USB stick⁴.

Back to the present day, and global security experts are currently investigating the Shellshock bug which appears to primarily target Unix servers⁵. Early indications show that the level of vulnerability has yet to be fully understood but could be uncommonly wide-ranging.

WIDESPREAD VULNERABILITY NEEDS SYSTEMATIC PROTECTION
The IDC Energy Insights whitepaper issued in 2013 highlighted that 40% of the total number of cybersecurity incidents were attacks against the energy sector, costing $19.8m annually⁶. Protection from such threats requires an organisational culture change as well as an enterprise information security architecture: from systems and data, to processes and people. Yet only 50% of oil and gas companies have a robust information security strategy in place.

Successful attacks show that companies often underestimate the vulnerability of digitally enabled technology and devices⁷. 45% of oil and gas companies responding to the IDC security survey were unclear just how many security events happened during the last 12 months, and of that percentage, half didn't know the nature of the breaches⁶.

A CYBER SECURITY FRAMEWORK ALIGNED TO GLOBAL SECURITY STANDARDS
So what should the oil and gas industry be doing to maintain a secure, intelligent and responsive digital oilfield, while mitigating the risk of cyber threats and malware? A 2013 study by the CSIS found that 96% of successful breaches could have been avoided if simple controls were put in place⁸, and as a result the NIST Cybersecurity Framework was established to provide a common mechanism for organisations to improve their security position.

In response to these changing conditions, we've published Protecting Operations in the Energy Sector Against Cyber Attacks. The whitepaper discusses the threats in detail and presents a best practice cybersecurity strategy that is consistent with the NIST Framework. We've also included a handy checklist so you can assess your company's current levels of protection.

If, after reading, you find that your operations are indeed vulnerable to attack then we do offer a cyber assessment service, details of how to arrange the assessment can be found on the back page of the whitepaper.

If you'd like to join the conversation about protecting oil and gas operations from cyber threats, we'd be delighted to welcome you to the Motorola Solutions Community EMEA LinkedIn Group.

¹ Motorola Solutions White Paper “TETRA – Enabling Critical Communications in the Oil and Gas Sector”
² Journal of Petroleum Technology – October 2012 “Data Mining and Analytics, Data Mining Applications in the Oil and Gas Industry”.
³ BBC News Technology Article “Struxnet ‘hit’ Iran nuclear plans”.
⁴ IEEE Spectrum: Virus Hits Australian Ambulance Service.
⁵ BBC News Technology Article “Web attacks build on Shellshock bug”.
⁶ IDC Energy Insights, 2011 “Worldwide Oil and Gas Top Predictions, 2012”.
⁷ Security in Upstream Oil and Gas, Microsoft Corporation, March 2013.
⁸ Center for Strategic and International Studies, 2013 “Raising the Bar for Cyber Security”.