The result of this JIP - DNVGL-RP-G108 Cyber security in the oil and gas industry based on IEC 62443 - can now be downloaded here.
Cyber security is a growing issue in the oil and gas sector since critical network segments in production sites, which used to be kept isolated, are now connected to networks. The trend is towards remote operations, remote maintenance and tighter inter-operability with centralized process data and plant information. Old and outdated installations are at particular risk and require risk mitigation actions.
Develop a Recommended Practice (RP) for protecting oil and gas installations against cyber security threats. The IEC 62443 standard will be used, but will be tailored to the oil and gas industry.
- Reduced risk of cyber-security incidents
- Cost-savings for operators by reducing the resources needed to define requirements and follow up
- Cost-savings for contractors and vendors based on identical requirements from operators
- Simplified audits for authorities and auditors due to common requirements and common conformance claims.
The JIP will have a duration of twelve months.
Currently we are collaborating with Shell, Statoil, Lundin, Siemens, Honeywell, ABB, Emerson and Kongsberg Maritime to develop best practice in addressing this threat. In addition, the Norwegian Petroleum Safety Authority will take part as an observer.