The Radiflow Security Blog

Securing an Offshore Oil Rig in the North Sea – Challenges and Solutions

Beyond typical BMS functions, hospitals operate a myriad of interdependent critical systems, and are required to operate in preparedness mode in case of a mega-event — so OT network up-time is crucial.

However, many hospital systems, including the one described in this case study, were not designed with cyber-security in mind:

  • No OT-IT segmentation and no visibility into the OT network
  • Lack of segmentation between buildings ,facilities and systems.
  • Separate operational monitoring interfaces for different systems
  • No procedures in place for patching or hardening devices
  • No system for securing and logging maintenance operations

Radiflow’s solution included an instance of the iSID Intrusion Detection System at each rig to provide network visibility, detection of attempted attacks and access violations, management of maintenance activities and monitoring of logic changes on controllers. All instances of iSID are centrally monitored by the iCEN Central Management Solution.

The Offshore Oil Drilling industry still operates under the shadow of the 2010 BP Deep Horizon oil spill and the subsequent ecological disaster, and has been subject to scrutiny over security concerns, both physical and cyber.