DNV GL said Thursday it has established a Joint Industry Project (JIP) together with Shell, Statoil, Lundin, Siemens, Honeywell, ABB, Emerson and Kongsberg Maritime to produce a guideline for protecting oil and gas installations against cyber-security threats.
The Norwegian Petroleum Safety Authority will take part as an observer.
DNV GL provides classification, technical assurance, software and independent expert advisory services to the maritime, oil & gas and energy industries.
According to NDV GL, the scope of the JIP is to produce cyber-security guidelines to simplify and clarify the use of IEC 62443 for the FEED, projects and operations. Good practice and reusable patterns are to be produced. The IEC 62443 standard will be used, but will be tailored to the oil and gas industry.
The JIP will result in a Recommended Practice (RP) for Industrial Automation and Control Systems in 12 months’ time.
“We see that cyber-security incidents are increasing with attempted attacks on a daily basis. By collaborating with others in the industry, we can ensure that we end up with one globally applicable regulation that is suitable for the oil and gas sector,” said Rune Wærstad, Control & Automation Engineer, Shell.
Cyber security is a growing issue in the oil and gas sector since critical network segments in production sites, which used to be kept isolated, are now connected to networks, said DVN GL.
“The trend is towards remote operations, remote maintenance and tighter inter-operability with centralized process data and plant information. Old and outdated installations are at particular risk and require risk mitigation actions,” the certification body said.