Executive Summary
Oil & Gas operations across the value chain are fraught with challenges in maximizing margins while mitigating risks of owning and operating critical infrastructures and assets. In order to overcome these issues, organizations are increasingly adopting new technologies that help resolve business problems, enhance services delivery, and standardize and rationalize solutions for cost optimization. Process control domains across different entities within the Oil & Gas value chain use various forms of automation system components such as sensor networks, SCADA, distributed control systems, terminal automation systems, etc. to support critical business processes and operational processes. Most organization production & manufacturing units are operated, managed & controlled by local business groups. In this context, global transformation and outsourcing of IT services within the business critical process control domain is gaining importance as industry leaders seek ways to achieve and maintain sustainable business growth.
A key rationale for this transformation is the need and possibility of bringing the best practices of the wider enterprise IT to the process control domain - which includes standardization, centralization, global services delivery, remote monitoring, asset management, etc. A Gartner report on key Information Technology/Operational Technology (IT/OT) integration areas suggests that by 2015, more than 70% of CIOs will oversee the connected performance of all their enterprises' digital assets. This clearly calls for a shared accountability between the business and enterprise IT groups in recognizing and adapting to technological changes, as emerging technologies like the Cloud, Virtualization and OPC- UA continue to evolve dramatically in process control domain. The increased need for integrating real-time systems with applications at levels above is also driving dedicated focus on improving cybersecurity of these systems. From an organizational standpoint, this sums up a transformation - from a small set of business users maintaining business critical systems in silos; to shared ownership between enterprise IT and business wherein they can leverage the maximum potential from interconnected real-time systems and adopt rapidly-evolving technological changes.
Wipro’s Oil & Gas group leverages its key domain and technology capabilities across the process control system hierarchy to help customers traverse this transformational journey. We support customers with our core skills in process control domain gained through key engagements with Energy super-majors in providing different types of IT services within the process control domain and experience of providing globally managed security services, plant network designing and planning services, application migration & support services and other similar services for energy and manufacturing customers.
Introduction
Today's oil and gas industry is faced with volatile oil prices, spiraling production costs, diminishing resources and a growing demand that is fast outstripping supply. Broad regulatory and policy changes related to health, safety and environment in the oil & gas industry, including those related to green gas emissions, are predicted to increase spending by energy companies on a range of technologies and systems. With further industry consolidation expected in the coming years, oil majors are increasingly looking at ways to manage their multiple and dispersed business units across the globe while keeping an eye on costs. The focus is now on transforming the organization to become interconnected, intelligent, risk complaint, and above all, sustainable in a world of constraints.
This paper highlights the need for standardization and transformation of IT services within the process control domain. The paper draws on first- hand experience of Wipro in providing such services to multiple Energy super-majors and capabilities as a system integration partner for key process control system vendors within the Manufacturing domain. This paper further discusses the various types of IT services within the process control domain that Oil & Gas organizations can consider along with suggested approaches to ensure seamless transformation.
This paper addresses several target groups within the customer organization, but there may also be specific IT and business groups within the industrial facility supporting various aspects within the process control and monitoring domain who may find this paper useful.
CIOs: An increasing number of Chief Information Officers (CIOs) within the Oil & Gas and other manufacturing businesses are being asked to oversee the connected performance of their enterprise Information Technology (IT) and Operational Technology (OT). In this context, we believe the information in this paper is a good starting point to look at assessing the organization’s maturity level and initiate site-level and global IT services standardization accordingly within the process control domain.
Business Groups Supporting the Process Control Systems: This group is a very important set of stakeholders that understands the rapid technological changes taking place within this domain and also the importance of service reliability of the underlying critical IT infrastructure within the PCD. This paper will help bring in fresh perspectives and approaches to this group on the why, what and how globally standardized PCD IT services can help overcome some of the critical challenges and bring in efficiency improvements.
Enterprise IT Architects: Most organizations are already starting to realize the benefits of leveraging IT groups and skills within the process control domain and adopting best practices from the office IT domain. This paper provides additional inputs to the IT groups within the customer organizations that are involved in IT services standardization within different business processes, including support of critical IT infrastructure within the process control domain.
Why? – IT Services Transformation in the PCD
There are several reasons why some organizations, particularly industry leaders, have already realized the need for IT services transformation in the PCD and have begun this journey.
Key drivers for PCD IT services transformation:
Move to Open Process Control Systems: Process control systems have, over the years, moved from being proprietary and closed setup to adopting open standards and allowing seamless integration and interoperability of multi-vendor systems. This, in turn, requires increased involvement of personnel with skills that have traditionally remained in IT groups. The move to open and more seamlessly connected systems is a key factor driving the need for this change within the process control domain.
Evolving Technologies: A significant change in the recent years has been the adoption of evolving technologies and platforms within the process control systems, which have long since traditionally remained in the Information Technology (IT) domain. Some relevant examples of these include the adoption of Microsoft operating systems and technologies and, more recently, Virtualization technologies for SCADA and DCS servers, Operator stations, Engineering workstations and other advanced applications at Level 3 in the Purdue model for control system hierarchy. At the lower levels of the hierarchy, wireless technologies particularly wireless mesh-based sensor networks and wireless video are being adopted for monitoring previously un- instrumented and hazardous areas in various industrial applications. Valuable data from these networks are then securely integrated into the control systems and are also securely made available to wireless- enabled applications at different levels. Although its adoption may be currently nascent within the process control domain, Cloud computing is another emerging area that organizations are starting to consider in consuming Business Processes, Software, Infrastructure or Platform as services.
Real-Time Information Integration: Enabling the availability of real-time information for timely decision making is crucial to ensure efficient operations and management of a plant. A typical scenario is the ability to integrate the applications that Planners & Schedulers use with information in the real-time domain to drive production efficiencies and optimize inventories. Most organizations are currently in pursuit of several such smart initiatives. However, with the growing need for integration, an important consequence is that these real-time systems are now more at risk to external threats. A dedicated focus on improving cyber-security of these systems is clearly an important initiative and organizations need to make a concerted effort to comply with stringent regulations and global security standards.
Vendor Rationalization: Most large Oil & Gas and Manufacturing organizations have standardized or consolidated vendors for several key areas in the process control domains. Main Automation Contractors (MAC) for supply of process control and automation systems or large IT hardware vendors providing servers, desktops and other such infrastructure are good examples of such rationalization that have occurred or are ongoing. However, there is still a myriad set of services from various individual vendors that the customer’s local business and IT groups have to deal with. The need of the hour is a globally standardized service integrator that can deliver a standardized set of these services.
Remote Monitoring and Support: Another key driver is the increased need for centralised remote monitoring of all key processes that enable customers to leverage their network of key experts, regardless of where they are. Cost-efficiency drive of the ogranization, combined with several technologies enabling the remote monitoring and management of systems and application, enable organizations to leverage this capability.
Enterprise IT Involvement in PCD: While process control systems have traditionally been managed by smaller sets of business groups in individual sites, it is becoming important for business groups and Enterprise IT to come together to manage and adapt to changes happening within this domain and bring about transformation. CIOs and other stakeholders are increasingly recognizing the need for IT service standardization within the process control domain and are looking for ways to standardize their operations and embark on the transformational journey.
PCD IT Tools Standardization: Organizations require standardized solutions that can be deployed globally in enabling provisioning of IT services with the process control domain. In some cases, providing this software or solutions as service from a central group will result in improved utilization of these resources. There are several IT service tools and enablers for deploying, migrating and maintaining the systems in the process control domain that have huge scope for solution standardization.
Some examples of these tools include:
In the current scenario of fast-evolving automation system and supporting IT infrastructure products, it is important for organizations to migrate quickly to the latest technology platform to stay competitive in a volatile marketplace. Organizations are starting to recognize the need for transformation and are beginning to bring in standardization in a variety of IT services within the process control domain.
What? - IT Services Transformation in the PCD
Having understood the needs and drivers for IT services standardization within the process control domain, organizations can now consider a range of services for standardization and accordingly select a single IT services vendor or an ecosystem of select vendors to deliver these services. A representation of IT processes and types of application software solutions that may be involved within the PCD is shown below.
Different IT processes and solution components within the Process Control Domain
At a broad level, the different types of activities and services that may be considered by an organization for standardization are as follows:
Firewall Management: Most process control system architectures use firewalls between Level 2 and Level 3 of the system hierarchy (Purdue model) and between Level 3 and the office network. With the recent introduction of wireless sensor networks, there may be additional firewalls that can get added between Wireless networks and the control systems. When all the process control domains of an organization are aggregated at a regional or global level, the number of firewalls that would need to be managed can be enormous and can be done in a standardized way.
Patch and Anti-Virus Management: The servers and workstations in the process control domain that run various process control and advanced applications are now based on Windows operating system. All these nodes require regular Microsoft and anti-virus updates to keep the system protected from various threats and vulnerabilities. The complete distribution of patches and updates to these systems globally may be standardized and centrally managed.
Remote Monitoring: Process control systems are becoming increasingly integrated with levels above. Business groups that maintain these systems are under pressure to keep these systems secure, while simultaneously enabling remote access so that different types of technical and process expertise can be leveraged inside and outside the organization. There are specific solutions such as secure access portals that enable such remote monitoring from anywhere and there is a good opportunity for organizations to standardize this for secure access to all their process control domains globally.
Asset and Inventory Management: In the current scenario, small business groups are trying to optimize on software licenses, hardware inventory, etc. to ensure availability and uptime of these systems.
However this is a sub-optimal approach when compared with how the software and hardware assets are managed within the office and IT networks. There is a clear opportunity to globally and optimally manage assets and inventory.
Intrusion Detection: As explained earlier, with improved focus on minimizing risks and threats with enhance cyber-security, most process control domains have already adopted or are currently adopting specific solutions for intrusion detection. These include alerts as well specific actions that can be taken to avert critical incidences from occurring.
Wired and Wireless Network Monitoring and Support: With movement from proprietary control networks to open IP-based networks and the increasing adoption of wireless technologies for sensor networks and video, organizations have an opportunity to standardize these networks. Many of the best practices from such services already provided in the office network may be carried forward with careful consideration of special circumstances and criticality of the process control domain.
Servers, Desktops and Virtualization Services: With increased adoption of the virtual environment by process control system vendors are faced with several challenges of staying ahead of changes in hardware configuration. There is an opportunity for standardization of managing the lifecycle of these servers and desktops.
Remote Application Hosting and Support: Most organizations have some form of local or global standards on how applications in the process control domain are selected, deployed and later supported. With the increased ability to securely access these applications remotely from a central command center and with proven global service delivery models, there is immense potential to centrally manage many of these tasks by leveraging a shared pool of resources.
Secure Access Management: Secure remote access to the process control domain is very important for users outside the domain for making secure file transfers, deploy product and OS patches and be able to perform a variety of activities remotely. Organizations may deploy standard secure access portals or similar products to enable and handle this access management process.
Migration Services: Given the rapid occurrence of new product releases within the PCD, organizations may benefit by standardizing on different applications and then engaging a vendor for standard migration services to complete migration across all the plants globally.
While the above points are some of the critical categories of services that can be potentially investigated for bringing in standardization and improvements within the process control domains, there may be organization or site specific services that can also be studied and standardized.
How? – IT Services Transformation in the PCD
To bring about standardization and transformation, organizations may use various approaches depending on their current level of maturity and focus. Represented below is a maturity model that organizations can use for assessment and initiate programs to move to the next level of maturity.
Wipro Maturity Model - IT Services within the PCD
The different approaches that may be taken on this transformational journey are as follows:
Implement/Upgrade PCD IT service enablers: One of the critical items in this transformational journey is for organizations to deploy or migrate to standardized solution components that enable provisioning of standardized PCD IT services. Examples of such solution components may include, but are not limited to, secure access portals, application and infrastructure virtualization solutions, intrusion detection solutions, central patch and anti-virus updates distribution solutions, asset and inventory management solutions and wired and wireless network monitoring applications and solutions.
Leverage Integrated Global Command Centers (GCC): Most of the services described in previous sections do not require an onsite personnel presence and can be delivered through a centrally managed shared pool of resources in a Global Command Center (GCC) with minimal onsite support. This helps an organization leverage proven global service delivery models for a varied range of standardized services for all their process control domains globally.
Managed Security Services: For organizations with special focus on security it is best to leverage a Managed Security Services model delivered through a central Security Operations Center (SOC) and supported by a limited onsite personnel support. At a broad level, these standardized services may include Firewall management, intrusion and threat detection, anti-virus management, Microsoft patch and updates management, vulnerability assessments and others. This enables organizations to get the benefit of standardized security services delivery for all their process control domains, leveraging an optimal mix of central and local resources.
Phased Approach in Standardizing Services in Brownfield Sites: One of the important challenges in this transformational journey is to have the ability to migrate from current service models to the new standardized service model without disrupting business operations. In such a case, a phased approach may be taken. First, a site survey is undertaken to understand various vendors involved and the current service model for each area, following which the standardized service model can be tailored to suit site-specific needs. The transition to the new model may then be carefully planned, deployed and governed.
These are some approaches organizations may take to begin implementation of globally standardized services. However, it is important to note that a key success criteria in making this transformation happen is for the business groups and Enterprise IT groups in the customer organizations to come together as a single team and own shared accountability for success. Potential failure modes are traditional belief by business groups that process control systems and domain does not fall under the purview of Enterprise IT and the Enterprise IT team’s inability to understand the special circumstances and criticality of process control systems. In summary, it is important for the organization’s leadership to recognize the need for transformation in this domain and gear-up these groups towards a common goal.
Wipro’s Value Proposition for PCD IT Services
Wipro’s overall vision for Process Control Domain IT services is to be able to provide comprehensive IT services for everything from Sensor-to- Boardroom (S2B) across different industries leveraging our own rich experience in these domains and by expanding/investing in relationships with key partners in this area. System integrators like Wipro have an important role to play in such initiatives apart from Main Automation Contractors and IT software and hardware vendors.
As a System Integrator, our distinct value propositions for such a transformation initiative are highlighted below:
Thought for the Industry
Transforming IT services within the Process Control Domain to reduce costs and meet business challenges is a key exercise requiring careful management of internal and external stakeholders. At the highest level of maturity, it will require a seamless and collaborative effort of a vendor ecosystem to deliver the end-to-end solution in a robust, reliable and consistent manner. While some of the Energy industry leaders have recognized the need for transformation and are embarking on such initiatives, a large section of the industry is yet to recognize the cost savings and business impact such an initiative can bring. It is time for business and IT leadership in these Energy and Manufacturing organizations to come together and recognize the importance of such an initiative and take their organizations to the next level of process and service maturity.
References
Vasuki Upadhya is a Senior Solution Architect with the Oil & Gas – Energy, Natural Resources & Utilities vertical, Wipro. He has 15 years of experience in the global IT sector, providing consulting, architecture design, architecture assurance, and architecture assessment of solutions in the energy and utilities domain. He works with key customers to create and provide effective IT solutions for complex business challenges. He also works with Wipro’s strategic partners to create joint solutions that focus on common industry needs.
Laxshmivarahan R is a Solution Architect with the Oil & Gas – Energy, Natural Resources & Utilities vertical, Wipro. He has 12 years of industry experience working with different multinationals in the areas of process and industrial automation systems and applications within the Oil & Gas and Manufacturing domain. He works with key customers supporting them in business analysis, early-stage program consulting and solution architecting. He has Bachelors in Electronics & Telecom Engineering and a Post-graduation in Management from Indian Institute of Management Bangalore (IIMB).